Master Subscription Agreement

This Master Subscription Agreement, including the applicable Exhibit A governs Customer’s access to and use of HYPR products and services.  By accepting this Agreement, which includes the Supplemental Terms selected, or by executing an Order Form that references this Agreement, Customer agrees to the terms and conditions herein. Each person executing this Agreement on behalf of a company or other legal entity represents that they have the authority to bind such entity to these terms and conditions. Each Party agrees that this Agreement, INCLUDING the Supplemental Terms selected and any mutually executed Order Forms and Statements of Work, states the Parties’ entire agreement on this subject matter, and neither Party’s representatives have authority to enter into side agreements or promises not expressly contained herein.

HYPR Corp Master Subscription Agreement

1.     Definitions.

1.1 “Affiliate” means, when used with respect to a Party, any legal entity controlled by, controlling, or under common control with that Party, where “control” (and its derivatives) means: (a) the possession, directly or indirectly, of the power to direct or cause the direction of the management and policies of a corporation, person, or other entity through the ownership of voting securities; or (b) direct or indirect ownership in the aggregate of fifty percent (50%) or more of any class of voting or equity interests in the other corporation, person, or entity.

1.2 “Agreement” means, collectively, this Master Subscription Agreement, applicable Supplemental Terms, Order Forms and SOWs as mutually executed by the Parties, and any amendments to the foregoing executed by authorized representatives of the Parties. No provisions of either Party’s pre-printed purchase orders, acknowledgements, or click-through terms may modify this Agreement, and such other or additional terms or conditions are void and of no effect. In the event of a conflict between other provisions of this Agreement and any Supplemental Terms, Order Form or SOW, the provisions of the Supplemental Terms, Order Form or SOW will govern and control, but only with respect to the Software or Services provided under the applicable Supplemental Terms, Order Form or SOW, as the case may be.

1.3 “Confidential Information” means with respect to either Party, any information disclosed by such Party (the “Disclosing Party”) to the other Party (the “Receiving Party”) in connection with this Agreement, which is either marked as confidential (or words of similar import) or is of a nature or disclosed in such a manner as would put a reasonable person on notice as to the confidential or proprietary nature of the information. Without limiting the generality of the foregoing, Customer acknowledges that the Software and Documentation shall be deemed the Confidential Information of HYPR. 

1.4 Configuration Services” means the professional services, if any, as further described in a mutually executed SOW by which HYPR will provide support, training, or other assistance in Customer’s configuration and integration of HYPR solutions to Customer’s systems and requirements. For the avoidance of doubt, Configuration Services do not include custom development work or newly created deliverables which, if required by Customer and agreed to by HYPR, will be the subject of a separate agreement for professional services between the parties.

1.5 “Documentation” means the generally available technical documentation accompanying Software or Services, as may be further defined in the Supplemental Terms.

1.6 “Fees” means collectively, the fees for Software and Services.

1.7 “Intellectual Property Rights” means collectively all patent, trade secret, trademark, copyright (including any moral rights or statutory termination rights), and similar rights for the protection of inventions, works of authorship, recordings, mask works, and identification of source or sponsorship for goods or services in commerce.

1.8 “Master Subscription Agreement” means the terms and conditions contained in Sections 1 through 11 of this document, but excluding any Supplemental Terms, Order Forms or Statements of Work.

1.9 “Order Form” means the mutually executed document(s) for placing orders for Software or Services under this Agreement that are entered into between Customer and HYPR, including referenced attachments or supplements included with or incorporated into the Order Form.

1.10 “Party” means either HYPR or Customer, individually as the context indicates; and “Parties” means HYPR and Customer, collectively.

1.11 "Personal Data means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

1.12 “SaaS Platform” means the online, Software-as-a-Service applications and platform made available by HYPR under this Agreement via https://www.hypr.com/passwordless-authentication/ as the same may be updated from time-to-time (such updates referred to collectively as “Revisions”).

1.13 Services means access to the SaaS Platform, and any Support Services, Configuration Services, or other services provided by or for HYPR under this Agreement.

1.14 “Software” means the HYPR software specified in an Order Form, provided to Customer and described in the Documentation.

1.15 “Statement of Work” or “SOW” means a statement of work or professional services supplemental terms executed by HYPR and Customer pursuant to this Agreement, which describes, among other things, certain Configuration Services to be provided by HYPR to Customer. Upon execution by both Parties, each Statement of Work will be deemed to be a part of this Agreement.

1.16 “Supplemental Terms” mean the supplemental terms to this Master Subscription Agreement executed by the Parties or attached hereto, and containing additional terms and conditions that govern the acquisition of Software or Services.

1.     Ordering Procedure.  The Parties agree that the Agreement governs transactions whereby Customer may procure Software and/or Services from HYPR by submitting an Order Form to HYPR.  Each purchase of Configuration Services shall also be evidenced by a SOW. 

2.     Invoicing, Payment Terms, and Taxes. 

2.1.    Invoicing and Payment.  HYPR shall invoice Customer as provided in the applicable Order Form.  Unless otherwise stated in the Order Form, invoiced charges are due net thirty (30) days from the invoice date. Customer shall pay to HYPR all Fees or other costs due hereunder in U.S. dollars.  All Fees are non-refundable.  With respect to any amount due to HYPR which is not paid within thirty (30) days following the date of Customer’s receipt of HYPR’s invoice, HYPR may apply interest at the rate of one and one-half percent (1½%) per month, or such lesser amount required by law, assessed from the due date through the date of payment.

2.2.    Taxes.  Customer shall, in addition to the other amounts payable under this Agreement, bear and pay all sales and other taxes, federal, state or otherwise, however designated that are levied or imposed by reason of the transactions contemplated hereunder, but excluding taxes on HYPR’s income.  Without limiting the foregoing, if any such taxes are imposed upon and paid by HYPR, Customer shall reimburse HYPR within thirty (30) days of receipt of an invoice from HYPR for such amount.  If, at any time, Customer claims that its purchase of Software or Services hereunder is exempt from any taxes, it shall be Customer’s responsibility to provide HYPR with the appropriate tax exemption certificate(s).  In the absence of valid proof of exemption, HYPR reserves the right to charge Customer for, and Customer agrees to pay, the applicable taxes.

2.3 Suspension of Service. If any undisputed amount owing by Customer under this or any other agreement is thirty (30) or more days overdue,  HYPR may, without limiting its other rights and remedies, suspend Services to Customer and, if applicable, Customer’s access to the SaaS Platform until such amounts are paid in full. HYPR will give Customer at least seven (7) days’ prior written notice that Customer’s account is overdue before suspending the Services to Customer and, if applicable, Customer’s access to the SaaS Platform.

3.     Warranty Disclaimer.  HYPR DOES NOT WARRANT THAT ANY INFORMATION, COMPUTER PROGRAM, HYPR’S EFFORTS OR ANY SOFTWARE OR SERVICES PROVIDED BY HYPR WILL FULFILL ANY OF CUSTOMER’S PARTICULAR PURPOSES OR NEEDS, NOR DOES HYPR WARRANT THAT THE OPERATION OF THE SOFTWARE OR ACCESS TO OR USE OF  THE SERVICES WILL BE UNINTERRUPTED OR ERROR-FREE.  EXCEPT AS EXPRESSLY STATED IN ANY SUPPLEMENTAL TERMS, NO WARRANTIES, EXPRESS OR IMPLIED, ARE MADE BY HYPR TO CUSTOMER, INCLUDING ANY IMPLIED WARRANTIES OF TITLE, MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT, WHICH ARE SPECIFICALLY EXCLUDED.

4.     Confidential Information.

4.1 Confidentiality. The Receiving Party shall keep the Disclosing Party’s Confidential Information confidential and secure and shall use at least the same standard of care to protect the Disclosing Party’s Confidential Information as the Receiving Party employs for the protection of its own proprietary information of a similar nature, but in no event less than a reasonable standard of care.  The Receiving Party will not disclose the Disclosing Party’s Confidential Information to any third party, except to those of its and its Affiliates’ employees, contractors and agents who need such access for purposes consistent with this Agreement and who have signed confidentiality agreements with the Receiving Party containing protections no less stringent than those herein. Receiving Party shall not use or reproduce in any form the Disclosing Party’s Confidential Information, except as required to exercise its rights and discharge its responsibilities set forth in this Agreement.  The Receiving Party shall promptly notify the Disclosing Party in writing of any actual or suspected loss or unauthorized use, disclosure, or access of the Disclosing Party’s Confidential Information of which it becomes aware, and take all steps necessary to limit, stop, or otherwise prevent such loss or unauthorized use, disclosure, or access.

4.2 Exclusions. The term “Confidential Information” does not include any information as to which the Receiving Party is able to demonstrate: (a) is, or after the date of disclosure under this Agreement becomes, generally available to the public other than as a result of any actions or omissions of the Receiving Party; (b) was already known by the Receiving Party prior to the time of disclosure under this Agreement; (c) was disclosed to the Receiving Party on a non-confidential basis by a third party that did not owe an obligation of confidentiality to the Disclosing Party; or (d) is developed by the Receiving Party, independently without use of or reference to the Disclosing Party’s Confidential Information.

4.3 Representatives. The Receiving Party will restrict the possession, knowledge, and use of the Disclosing Party’s Confidential Information to its and its Affiliates’ officers, directors, employees, professional advisors, or subcontractors (collectively, “Representatives”) who have a need to know such Confidential Information for purposes directly related to the exercise of its rights and discharge of its responsibilities as set forth in this Agreement, and who are bound, in writing or by enforceable professional obligation, to obligations of confidentiality no less restrictive than those set forth herein.  Without limiting the effect of the foregoing, the Receiving Party shall take reasonable actions, legal or otherwise, necessary to cause its Representatives to comply with the provisions of this Section 5 and to prevent any unauthorized disclosure of the Disclosing Party’s Confidential Information by any of them.  The Receiving Party shall be responsible for the acts and omissions of its Representatives with respect to the Disclosing Party’s Confidential Information.

4.4 Certain Information. The Parties hereby agree to comply with all applicable national and international laws, regulations, notices, and guidelines relating to data privacy (collectively, “Data Privacy Laws”) provided, however, that Customer hereby represents, warrants, and covenants that: (i) it shall not use the Software or Services to store, reproduce, process, or transmit any Personal Data without HYPR’s prior written consent, which may be withheld by HYPR at its sole discretion; and (ii) prior to any approved transfer to HYPR of any Personal Data or other data protected by Data Privacy Laws, it will comply with such Data Privacy Laws (including, if applicable, with respect to the obtaining of specific written consent from such individual) prior to such transfer.

4.5 Compelled Disclosure. Notwithstanding anything to the contrary contained herein, the Receiving Party may disclose Confidential Information of the Disclosing Party pursuant to an order made pursuant to applicable law, regulation or legal process, provided that (a) to the extent permitted, the Receiving Party gives the Disclosing Party prompt written notice of such order so that the Disclosing Party has an opportunity to seek a protective order, confidential treatment, or other appropriate remedy to such order; (b) the Receiving Party provides the Disclosing Party with all reasonable assistance, at the Disclosing Party’s expense, in opposing such required disclosure or seeking a protective order or confidential treatment for all or part of such Confidential Information; and (c) the Receiving Party discloses only such portion of the Confidential Information as is either permitted by the Disclosing Party or required by the court, tribunal, governmental agency or other authority, subject to any protective order or confidential treatment obtained by the Disclosing Party.

4.6 Injunctive Relief. Each Party acknowledges that the unauthorized disclosure or use of the Disclosing Party’s Confidential Information by the Receiving Party may irreparably damage the Disclosing Party in such a way that adequate compensation could not be obtained from monetary damages alone in an action at law.  Accordingly, the actual or threatened unauthorized disclosure or use of any Confidential Information shall give the Disclosing Party the right to seek injunctive relief restraining such unauthorized disclosure or use, without the necessity of proving actual damages, in addition to any other remedy otherwise available to the Disclosing Party.

4.7  Feedback.  HYPR shall have a royalty-free, worldwide, perpetual license to use or incorporate into the Software and/or Services any suggestions, ideas, enhancement requests, feedback, recommendations or other information provided by or on behalf of Customer, solely as such information relates to the Software and/or Services, and expressly excluding any Customer Confidential Information.

6.     Indemnification.  

6.1 Obligation. HYPR shall defend Customer against any claim, demand, suit, or proceeding made or brought against Customer by a third party alleging that the Software or the Services, or Customer’s use of the Software or Services as permitted hereunder  infringes or misappropriates the Intellectual Property Rights of a third party (each a “Third Party Claim”), and shall indemnify Customer for any out-of-pocket damages, attorney fees, costs, judgments, and approved settlement payments, incurred in defending such Third Party Claim (collectively, “Losses”).

6.2 Exclusions. The foregoing indemnity shall not apply if the infringement arises out of: (a) specifications or designs furnished by Customer and implemented by HYPR at Customer’s request; (b) the Software or Service being modified by, combined with, added to, interconnected with or used with any equipment, apparatus, device, data, software or service not supplied or approved by HYPR in writing (including in the applicable Documentation); (c) the modification to Software or a Service by any person or entity other than HYPR; or (d) use of Software or a Service other than in accordance with its Documentation.

6.3 Remedies. If a Third Party Claim for which Customer is entitled to be indemnified under Section 7.1 above has occurred, or in HYPR’s opinion is likely to occur, HYPR shall, at HYPR’s expense, do one of the following: (a) procure for Customer the right to continue using the affected Software or Service; (b) replace with non-infringing alternates or modify the relevant Software or Service so that it becomes non-infringing, but its functionality after modification is substantially equivalent; (c) accept the return of the affected Software, and refund to Customer the pro-rata portion of Fees that Customer actually paid to HYPR for the affected Software corresponding to periods following such termination; or (d) cease providing the Service and refund any prepaid Fees applicable to the period after the Service has ceased.  The collective obligations of HYPR pursuant to Section 7.1 and this Section 7.2 are the sole and exclusive liability of HYPR, and Customer’s sole and exclusive remedy, with respect to intellectual property infringement or misappropriation. 

6.4 Process. Promptly after Customer obtains knowledge of the existence or commencement of a Third Party Claim for which it is entitled to be indemnified under Section 7.1 above, Customer will notify HYPR of such Third Party Claim in writing, provided, however, that any failure to give such notice will not waive any rights of Customer except to the extent that the rights of HYPR are actually prejudiced or liability increased by such failure.  HYPR will have exclusive control of the defense and settlement of such Third Party Claim; provided, however, that Customer may join in the defense and settlement of such Third Party Claim and employ counsel at its own expense, subject to HYPR’s ultimate control of the defense and settlement of such Third Party Claim.  HYPR may settle any Third Party Claim without Customer’s written consent unless such settlement: (a) does not include a release of all covered claims pending against Customer; or (b) imposes any obligations upon Customer other than an obligation to cease using any infringing items.

7.     Limitation of Liability. 

7.1 Limitations. SUBJECT TO SECTION 8.2 BELOW, IN NO EVENT WILL EITHER PARTY BE LIABLE TO THE OTHER PARTY FOR: (a) ANY INDIRECT, INCIDENTAL, CONSEQUENTIAL, SPECIAL, PUNITIVE OR EXEMPLARY DAMAGES OR LOSSES, INCLUDING LOSS OF USE, LOSS OF OR DAMAGE TO RECORDS OR DATA, COST OF PROCUREMENT OF SUBSTITUTE GOODS, SERVICES OR TECHNOLOGY, LOST REVENUE AND/OR PROFITS, SUSTAINED OR INCURRED REGARDLESS OF THE FORM OF ACTION, WHETHER IN CONTRACT, TORT OR OTHERWISE, INCLUDING NEGLIGENCE, STRICT LIABILITY, INDEMNITY (EXCEPT AS EXPRESSLY PROVIDED IN THE AGREEMENT) OR OTHERWISE, AND WHETHER OR NOT SUCH DAMAGES WERE FORESEEN OR UNFORESEEN AND REGARDLESS OF WHETHER SUCH PARTY HAD RECEIVED NOTICE OR HAD BEEN ADVISED, OR KNEW OR SHOULD HAVE KNOWN, OF THE POSSIBILITY OF SUCH DAMAGES OR LOSSES; OR (b) DIRECT DAMAGES IN EXCESS OF THE AMOUNT PAID BY CUSTOMER UNDER THE APPLICABLE ORDER FORM OR SOW OVER THE TWELVE (12) MONTHS PRECEDING THE FIRST INCIDENT OUT OF WHICH LIABILITY AROSE. MULTIPLE CLAIMS SHALL NOT EXPAND THIS LIMITATION.

7.2 Exclusions. The limitations in Section 8.1 above shall not apply to: (a) damages occasioned by the breach by either Party, including by their Representatives, of its obligations of confidentiality under Section 5 above; (b) Losses payable by HYPR in accordance with its indemnification obligations pursuant to Section 7 above; (c) either Party’s indemnification obligations as may be set forth in any Supplemental Terms or SoW; (e) a Party’s gross negligence or willful misconduct; or (f) Customer’s payment obligations.

8. Term and Termination.

8.1 Term of Master Subscription Agreement. Subject to the terms and conditions of this Agreement, the term of this Master Subscription Agreement shall commence on the Effective Date and continue until terminated in accordance with this Section 9 (the “Master Subscription Agreement Term”). Unless otherwise provided herein or in the Supplemental Terms, the termination of this Master Subscription Agreement will not operate to terminate any existing Order Forms or SOWs, and the terms of this Master Subscription Agreement shall continue to govern such Order Forms and SOWs until completion or the earlier termination of such Order Forms and SOWs in accordance with this Agreement.

8.2 Term of Software License or SaaS Platform Subscriptions. Software licenses and SaaS Platform subscriptions commence on the start date specified in the applicable Order Form and continue for the term specified therein, including renewal terms, if any, as provided in the Order Form or the Supplemental Terms (the “Subscription Term”). If no initial term is specified in the Order Form, the initial term shall be for one (1) year.

8.3 Termination. Either Party may terminate this Agreement, any Order Form or SOW for cause upon thirty (30) days written notice to the other party of a material breach if such breach remains uncured at the expiration of such period; and  or if either Party becomes the subject of a petition in bankruptcy or any other proceeding relating to insolvency, receivership, liquidation or assignment for the benefit of creditors.

8.4 Return of Materials. Upon the written request of the Disclosing Party, the Receiving Party shall: (a) promptly return to the Disclosing Party such of its Confidential Information (and all copies thereof) as the Disclosing Party may request, or upon written request from the Disclosing Party, destroy such Confidential Information and provide the Disclosing Party with written certification of such destruction; and (b) cease all further use of such Confidential Information.

8.5 Survival. Any provision of this Master Subscription Agreement, any Supplemental Terms, SOW or Order Form containing proprietary rights, confidentiality obligations, disclaimers, limitations of liability and/or indemnity terms, or that contemplates performance or observance subsequent to a termination of the Supplemental Terms, SOW or Order Form, and any other provision that by its nature may reasonably be presumed to survive any termination of this Master Subscription Agreement, any Supplemental Terms, SOW or Order Form shall survive its termination.

9. Notice

9.1 General. Notices under this Agreement shall be sent to a party at the address listed on the cover page of these terms and conditions, as may be updated by a party from time-to-time by written notice.

9.2 Manner of Giving Notice. Except as otherwise specified in this Agreement, all notices, permissions and approvals hereunder shall be in writing and shall be deemed to have been given upon: (i) personal delivery, (ii) the fifth business day after mailing, (iii) the next business day after sending by confirmed facsimile, or (iv) the first business day after sending by email (provided email shall not be sufficient for notices of termination or an indemnifiable claim). Billing-related notices to Customer shall be addressed to the relevant billing contact designated by Customer in the Order Form.

10. General Provisions.

10.1 Independent Parties/Third Party Beneficiaries. Customer and HYPR are independent parties. Nothing in this Agreement will be construed to make either Party an agent, employee, franchisee, joint venturer or legal representative of the other Party.  Neither Party will either have, or represent itself to have, any authority to bind the other Party or act on its behalf.  Nothing in this Agreement is intended or shall be construed as a third party beneficiary agreement, nor shall this Agreement confer, convey or be deemed to accord any rights to any third party.

10.2 Force Majeure. Neither Party shall be deemed to be in default of any provision of this Agreement, or for failure in performance of its obligations hereunder (excluding payment obligations), resulting from acts or events beyond the reasonable control of such Party, including acts of God, civil or military authority, acts or threats of terrorism, civil disturbance, war, riot, pandemic, strike or labor dispute (not related to either Party’s workforce), fires, floods, or act of government (each a “Force Majeure Event”). Such Force Majeure Event, to the extent it prevents a Party’s performance or any other undertaking under this Agreement, will extend the time for performance for as many days beyond the applicable performance date as is required to correct the effects of such Force Majeure Event.

10.3 Assignment. Neither Party may assign or otherwise transfer this Agreement or any of its rights hereunder without the other Party’s prior written approval, which will not be unreasonably withheld, provided, however, that each Party may assign this Agreement, in its entirety and upon prior written notice to the other Party, in connection with a (i) transaction involving a change in control or (ii) sale or other disposition of all or substantially all of the assets, business or operations of the assigning Party. Any assignment or attempt to do so other than as provided in this Section 11.3 will be void. Subject to the foregoing, this Agreement shall bind and inure to the benefit of the parties, their respective successors and permitted assigns.

10.4 Waiver, Modification, Severability, Cumulative Remedies.

10.4.1 Waiver, Modification. No modification, amendment, or waiver of any provision of this Agreement shall be effective unless in writing and either signed or accepted electronically by the party against whom the modification, amendment or waiver is to be asserted. No other course of conduct shall operate to waive, amend or modify this Agreement.  The waiver by either Party of any of its rights or remedies in a particular instance will not be construed as a waiver of the same or different right or remedy in subsequent instances.

10.4.2 Severability. All provisions of this Agreement are severable, and the unenforceability or invalidity of any of the provisions of this Agreement shall not affect the validity or enforceability of the remaining provisions of this Agreement.

10.4.3 Cumulative Remedies. Except as expressly provided to the contrary herein, all remedies set forth in this Agreement are cumulative and not exclusive of any other remedies at law or in equity, statutory or otherwise.

10.5 Legal Compliance. Each Party shall perform its obligations in a manner that complies with all applicable laws and regulations, compliance with which is required of such Party or for which such Party is responsible hereunder. HYPR and Customer agree that they will individually obtain any export licenses that may be required under applicable U.S. laws prior to any export or re-export of Software or Services or information provided under this Agreement. Customer represents and warrants that Customer and Customer’s Affiliates are not included in the U.S. Department of the Treasury, Office of Foreign Asset Control (OFAC) list of Specially Designated Nationals and Blocked Persons, US Department of Commerce, Bureau of Industry and Security (BIS) Denied Persons List, BIS Entity List, or BIS Unverified List and will promptly inform HYPR if Customer is included on any of the above-referenced lists.

10.6 Publicity. Following the execution of this Master Subscription Agreement by both Parties, HYPR shall have the right to issue a press release regarding its relationship with Customer (the “Press Release”). Customer agrees to contribute a quote from a Customer employee involved with the relationship with HYPR to be used in the Press Release.  HYPR shall provide a draft of the Press Release to Customer for its review and, within five (5) business days following its receipt of the draft, Customer shall provide HYPR with any proposed changes to the Press Release.  Customer agrees to allow HYPR full use of Customer logo as a reference customer on HYPR’s website and marketing properties. Notwithstanding anything to the contrary contained herein, HYPR agrees that it will not make, issue, or release any public statement (including the Press Release), announcement, or acknowledgement of the existence of, or reveal the status of, the Agreement or the terms or transactions provided for herein, without first obtaining the written consent of Customer.

10.7 Governing Law. This Agreement will be governed by and interpreted in accordance with the laws of the State of New York, U.S.A., excluding its conflicts of laws principles. Any controversy or claim arising out of or relating to this Agreement or the existence, validity, breach or termination thereof, whether during or after the Term, will be brought in the federal or state courts having jurisdiction over New York County, New York, to whose exclusive jurisdiction the Parties hereby irrevocably submit for such purposes.  Both Parties hereby exclude the application of the Uniform Computer Information Transactions Act (“UCITA”), the United Nations Convention on the International Sale of Goods (“CISG”) and any law of any jurisdiction that would apply UCITA or CISG or terms equivalent to UCITA or CISG to this Agreement.

10.8 Entire Agreement. This Agreement, mutually executed Supplemental Terms, Order Forms and SOWs, and any schedules, exhibits and other incorporated attachments, constitute the complete and entire statement of all terms, conditions and representations of the agreement between HYPR and Customer with respect to its subject matter and supersede all prior agreements, writings or understandings, whether oral or in writing. No terms or conditions stated in a Customer Order or in any other Customer order documentation shall be incorporated into, or form any part of, this Agreement, and all such terms or conditions shall be null and void. 

Exhibit A

HYPR SaaS Platform Supplemental Terms

1.     Additional Definitions

1.1 “Application Software” means certain software licensed by HYPR that Customer may distribute as part of a Customer Application in order to enable access to the SaaS Platform for the Permitted Use.

1.2 “Authorized End Users” means Customer’s own end-user licensees, each of whom is authorized to use the SaaS Platform as part of the Customer Application for the Permitted Use. The number of Authorized End Users shall be limited to the number specified in an Order Form. Authorized End Users may include, for example, Customer’s employees, consultants, clients, external users, contractors, agents, and third parties with which Customer does business.

1.3 “Customer Application” means the software solution developed by Customer in which the Application Software is integrated. “Customer’s Application” as defined herein, is limited to those software solutions which: (i) are accessed by Authorized End Users; (ii) add substantial functionality beyond the functionality provided by the incorporated components of the Application Software; and (iii) are not commercial alternatives for, or competitive in the marketplace with, the Application Software or any components of the Application Software.

1.4 “Customer Data” means all electronic data or information submitted by or on behalf of Customer to the SaaS Platform pursuant to this Agreement. For the avoidance of doubt, Customer Data does not include machine learning, know-how, statistics, or artificial intelligence developed by HYPR in and as part of the SaaS Platform during its normal operation (“AI”), provided that such AI is completely anonymized and cannot be traced back to Customer Data or to Customer in any manner.

1.5 “Customer Systems” means the networks, systems, IP addresses, assets, and/or hardware owned, licensed, accessed or controlled by Customer and accessed by Authorized End Users.

1.6 “Data Security Policy” means HYPR’s Data Security Policy posted at https://www.hypr.com/datasec-policy/, and incorporated herein by reference.

1.7 “Documentation” means the technical documentation applicable to the SaaS Platform as posted by HYPR at https://docs.hypr.com/hypr and updated from time to time, and as made available within the SaaS Platform.

1.8 “Malicious Code” means viruses, worms, Trojan horses and other code, files, scripts, agents, or programs designed for a harmful or malicious purpose.

1.9 “Non-GA Services” has the meaning as described in Section 4 (“Non-GA Services”).

1.10 “Permitted Use” means the use by Authorized End Users solely for authentication purposes to enable access to the Customer Systems.

1.11 “Usage Limitations” means those limitations on Customer’s use of the SaaS Platform as stated in the applicable Order Form or in the Documentation, including the number of permitted Authorized End Users.

1.12 “Website” means HYPR’s website available at https://www.hypr.com/.

 

2. Subscription to SaaS Platform

2.1 Provision of SaaS Platform. HYPR shall make the SaaS Platform available to Customer pursuant to this Agreement and all Order Forms during the Subscription Term, and grants to Customer a limited, non-sublicensable, non-exclusive, non-transferable right during the Subscription Term to allow its Authorized End Users to access and use the SaaS Platform in accordance with the Documentation, solely for the Permitted Use. Customer acknowledges and agrees that subscription(s) ordered hereunder are neither contingent on the delivery of any future functions or features, nor ordered in reliance on any oral or written public comments made by HYPR regarding future functions or features.

2.2 Restrictions. Customer shall not, nor permit it Authorized End Users or anyone under its control to: (i) allow any third party who is not a User to access the SaaS Platform; (ii) decompile, reverse engineer, disassemble or otherwise attempt to reconstruct or discover the source code of the SaaS Platform or any part of it; (iii) create unauthorized copies of any portion of the SaaS Platform or make any unauthorized modifications to the SaaS Platform; (iv) conduct benchmark or performance tests, or disclose the results of any such tests; (v) access the SaaS Platform or its output for the purpose of developing a competitive product or service; (vi) use the SaaS Platform to store or transmit infringing, libelous, obscene, or otherwise illegal content including viruses or other malicious code; or (vii) attempt to gain access by unauthorized means to the SaaS Platform or related systems or networks (including Customer attempts to conduct penetration testing against HYPR systems without HYPR’s prior written consent).

2.3 Usage Limitations. The SaaS Platform is subject to other limitations as stated in the Order Form, including limits on the number of Authorized End Users.

2.4.    Application Software License. In order to enable access to the SaaS Platform by Authorized End Users, during the Subscription Term, Customer may distribute the Application Software in object code form as embedded in the Customer Applications for the Permitted Use. For purposes of this Section, the term “distribute” also means deployment of the Customer Applications for Authorized End Users to access over the Internet. Such distribution must be pursuant to an end-user license that meets the requirements of this Section. Customer is not permitted to distribute the Application Software: as a standalone product; or as a part of any product other than Customer’s Application. Customer’s end-user license agreement must impose the following limitations on Customer’s Authorized End Users; prohibit distribution of the Application Software by Authorized End Users; limit the liability of Customer’s licensors or suppliers to the maximum extent permitted by applicable law; and prohibit any attempt to disassemble the code, or attempt in any manner to reconstruct, discover, reuse or modify any source code or underlying algorithms of the Application Software, except to the limited extent as is permitted by law notwithstanding contractual prohibition. Notwithstanding the foregoing, Customer may distribute the Customer Application to Customer employees without an end user license agreement. Customer shall be solely liable and responsible for Authorized End Users’ compliance with the end user license requirements set forth in this section.

2.5 Customer Responsibilities.

2.5.1 Customer shall: (i) be responsible for its Authorized End Users’ compliance with this Agreement; (ii) be responsible for the accuracy and integrity of Customer Data and possessing the legal rights to provide the Customer Data to HYPR for HYPR to use, reproduce, store, transmit, and process in accordance with this Agreement; (iii) prohibit the sharing or disclosing of encryption keys, or otherwise allowing unauthorized access to the SaaS Platform; (iv) use the SaaS Platform only in accordance with the Documentation and applicable law.

2.5.2 Except as otherwise permitted by this Agreement, Customer will not, and will not permit any third party to access, sublicense, rent, copy, modify or create derivative works of the Application Software without the prior written consent of HYPR. Except as permitted under these Supplemental Terms, Customer will not, and will not permit any third party to use the Application Software on a time-sharing, remote job entry or other multiple user arrangement. Nothing in this Agreement will entitle Customer to receive the source code to the Application Software, in whole or in part, unless otherwise agreed.

2.5.3 In addition to the limitations provided for in the Master Subscription Agreement, Customer shall not use the SaaS Platform to store, reproduce, process, or transmit: (i) any protected health data, as defined in the Health Insurance Portability and Accountability Act of 1996 (“HIPPA”) as amended and supplemented; (ii) customer information protected under the Gramm-Leach-Bliley Act (“GLB Act”); (iii) cardholder data that is subject to Payment Card Industry Data Security Standards (“PCI-DSS”); (iv) data governed by the European Union General Data Protection Regulation (“GDPR”); or (v) any information that may not lawfully be transferred to, stored, reproduced, or processed by HYPR under this Agreement.

3.     Support Services and SLA

3.1 Support Services. HYPR offers support services in accordance with HYPR support plans described at https://www.hypr.com/support/. HYPR shall provide Customer with Support Services at the Standard Plan level unless otherwise specified in the Order Form.

3.2 Service Level Agreement. HYPR’s SLA will apply to the operation of the SaaS Platform under this Agreement.

4. Protection of Customer Data

4.1 HYPR Protection of Customer Data. HYPR shall maintain administrative, physical, and technical safeguards for protection of the security, confidentiality and integrity of Customer Data as stated in the Data Security Policy. HYPR shall not (i) modify Customer Data except as part of the normal processing of data by the SaaS Platform to perform Customer’s requested functions; (ii) voluntarily disclose Customer Data except as set forth in Section 4.2 (“Permitted Disclosures”), or (ii) access Customer Data except to provide the SaaS Platform or other Services under this Agreement. HYPR reserves the right to modify the Data Security Policy from time-to-time as it deems necessary to update, maintain, and improve security based on industry norms and best practices. Customer will take and maintain appropriate security, protection and backup actions with respect to Customer Data and Authorized End Users’ access to the SaaS Platform. HYPR is not responsible for any data loss or unauthorized access caused by Customer’s failure to follow appropriate security standards.

4.2 Permitted Disclosures. Customer agrees that HYPR may disclose Customer Data as follows: (i) when compelled by law in accordance with Section 5 of the Master Subscription Agreement (“Compelled Disclosure”); (ii) to third party service providers that HYPR retains to provide Services or the SaaS Platform to Customer hereunder, provided that HYPR has executed a written agreement with such third-party providers requiring them to maintain the confidentiality of Customer Data to the same extent as HYPR does under the Master Subscription Agreement and these Supplemental Terms; (iii) as expressly permitted in writing by Customer; and (iv) to HYPR Affiliates or to any third party to whom HYPR transfers all or substantially all of its assets or equity, provided that HYPR has executed a written agreement with such parties to maintain the confidentiality of Customer Data to same extent as HYPR does under this Agreement.

5.     Third-Party Applications

5.1 Acquisition of Third-Party Products and Services. HYPR may from time-to-time make available optional third-party products or services. Such products and services shall be designated by provider name in the applicable Order Form or SOW. Any acquisition by Customer of such third-party products and services, and any exchange of data between Customer and any third-party provider, is solely between Customer and the applicable third-party provider. HYPR does not provide, maintain, warrant, guarantee, indemnify for, or support products or services not provided by HYPR. If a product or service has been designated by HYPR as “Certified,” that indicates only that the interoperability of that product or service as previously provided to HYPR was tested and verified as interoperable at the time. No testing or assessment of any other features or functions of Third-Party Applications is performed as part of certification.

6.     Proprietary Rights

6.1 Reservation of Rights. Subject to the limited rights expressly granted hereunder, HYPR reserves all rights, title and interest in and to the SaaS Platform, the Application Software and any Services provided by or for HYPR, including all related Intellectual Property Rights. No rights are granted to Customer hereunder other than as expressly set forth herein.

6.2 Customer Applications and Code. If Customer, a third party acting on Customer’s behalf, or a User creates applications or program code for use with the SaaS Platform (the “Customer Applications”), Customer authorizes HYPR to host, copy, transmit, display and adapt such applications and program code, solely as necessary for HYPR to provide the SaaS Platform to Customer in accordance with this Agreement. Subject to the above, HYPR acquires no right, title or interest from Customer or its licensors under this Agreement in or to such applications or program code, including any Intellectual Property Rights therein.

6.3 Customer Data. Customer hereby grants HYPR the non-exclusive worldwide, royalty-free right to use, reproduce, store, transmit, perform, adapt, or display Customer Data solely to the extent required for HYPR’s provision of the SaaS Platform and Services under this Agreement. Subject to the limited rights granted by Customer hereunder, HYPR acquires no right, title or interest from Customer or its licensors under this Agreement in or to Customer Data, including any Intellectual Property Rights therein.

7.     Warranties and Disclaimers

7.1 HYPR Warranties. Subject to Section 7.2 (“Exclusion from Warranties”), HYPR warrants that (i) HYPR has validly entered into this Agreement and has the legal power to do so, (ii) the SaaS Platform shall perform materially in accordance with the Documentation, this Agreement and any specifications or descriptions set forth in the applicable Order Form, (iii) the functionality of the SaaS Platform will not be materially decreased during a subscription term, and (iv) HYPR will use industry standard measures to not transmit Malicious Code to Customer, provided it is not a breach of this subpart if Customer or a User uploads a file containing Malicious Code into the SaaS Platform and later downloads the same file, unmodified by HYPR, containing Malicious Code. For any breach of a warranty above, Customer’s exclusive remedy shall be termination for cause provided in Section 8.3 (“Termination”) and HYPR shall promptly refund Customer any prepaid fees covering the remainder of the Subscription Term of all terminated subscriptions after the effective date of termination.

7.2 Exclusion from Warranties. The warranties in Sections 7.1(ii) and (iii) are void to the extent any failure to perform in accordance with the Documentation or any decrease in functionality is the result of (i) the SaaS Platform not being used in accordance with the applicable Documentation or this Agreement, (iii) the SaaS Platform having been modified or altered by Customer without HYPR’s knowledge and written permission, or (iv) Internet or network connections, streaming services, computers, equipment or devices not supplied by HYPR. Further, HYPR makes no warranties of any sort applicable to Non-GA Services, which are made available by HYPR “AS IS”.

7.3 Customer Warranties. Customer warrants that (i) Customer has validly entered into this Agreement and has the legal power to do so, (ii) that HYPR’s use of Customer Data will not infringe or violate the Intellectual Property Rights of any third party; and (iii) Customer’s entry into this Agreement and performance of its obligations hereunder will not violate or conflict with any other agreement or obligations to which Customer is bound.

7.4 Non-GA Services. From time-to-time HYPR may invite Customer to try, at no charge, HYPR products or services that are not generally available to HYPR customers (“Non-GA Services”). Customer may accept or decline any such trial in its sole discretion. Any Non-GA Service will be clearly designated as beta, pilot, limited release, developer preview, nonproduction or by a description of similar import. Non-GA Services are provided for evaluation purposes and not for production use, are not supported, may contain bugs or errors, and may be subject to additional terms. NON-GA SERVICES ARE NOT PART OF THE “SAAS PLATFORM” OR “SERVICES” HEREUNDER AND ARE PROVIDED “AS IS” WITH NO EXPRESS OR IMPLIED WARRANTIES OF ANY KIND. HYPR may discontinue Non-GA Services at any time in its sole discretion and may choose to never make them generally available.

8.     Indemnification

8.1 Customer shall defend HYPR, its Affiliates, and its permitted contractors and sub-processors (collectively “HYPR Indemnified Parties”) against any Third Party Claims (i) alleging that a Customer Application, or HYPR’s use of the Customer Application as permitted hereunder, infringes or misappropriates a third party’s Intellectual Property Rights, (ii) arising from a dispute between Customer and an Authorized End User (ii) arising from Customer’s breach of the requirements of Section 2.5 (“Customer Responsibilities”) of these Supplemental Terms, or (iii) arising out of the provision of Configuration Services to the specifications or at the direction of Customer (each a “Claim Against HYPR”), and shall indemnify HYPR Indemnified Parties for any Losses incurred in defending such a Claim Against HYPR; provided that HYPR: (a) promptly gives Customer written notice of the Claim Against HYPR (provided that any failure or delay in doing so shall only mitigate Customer’s obligations under this Section to the extent it actually prejudices Customer’s ability to defend the applicable Claim Against HYPR); (b) gives Customer sole control of the defense and settlement of the Claim Against HYPR (provided that Customer may not settle any Claim Against HYPR unless the settlement unconditionally releases HYPR of all liability); and (c) provide to Customer all reasonable assistance, at Customer’s expense. The indemnification obligations hereunder shall not apply to claims to the extent HYPR is to provide indemnification under Section 7 (“Indemnification by HYPR”) of the Master Subscription Agreement.

8.2 Exclusive Remedy. This Section 8 (“Indemnification”) states the Customer’s sole liability to the for, and the HYPR Indemnified Parties exclusive remedy for, Claims Against HYPR. 

9. Limitation of Liability. NOTWITHSTANDING ANY PROVISION TO THE CONTRARY IN SECTION 8.2 (EXCLUSIONS) OF THE MASTER SUBSCRIPTION AGREEMENT, IN NO EVENT SHALL THE AGGREGATE LIABILITY OF HYPR ARISING OUT OF OR RELATED TO OR BASED ON UNAUTHORIZED ACCESS TO OR USE OF CUSTOMER DATA CAUSED BY HYPR’S BREACH OF ITS OBLIGATIONS UNDER THE MASTER SUBSCRIPTION AGREEMENT OR THESE SUPPLEMENTAL TERMS, WHETHER IN CONTRACT, NEGLIGENCE, OTHER TORT, OR UNDER ANY OTHER THEORY OF LIABILITY EXCEED THE TOTAL AMOUNT PAID BY CUSTOMER HEREUNDER FOR THE SUBSCRIPTION TO THE SAAS PLATFORM IN THE TWENTY FOUR (24) MONTHS PRECEDING THE FIRST INCIDENT OUT OF WHICH LIABILITY AROSE.

10.   Suspension of Service. Customer agrees that HYPR may suspend Customer’s access to the SaaS Platform upon notice (which may be made by email or telephone) if HYPR reasonably concludes that Customer is using the SaaS Platform to engage in illegal or unauthorized activity, and/or Customer’s use of the SaaS Platform is causing immediate, material and ongoing harm to others. In the event that HYPR suspends Customer’s access to the SaaS Platform, HYPR will use commercially reasonable efforts to work with Customer to resolve the issues requiring the suspension of SaaS Platform

11.   Term and Termination

11.1 Subscription Term; Renewal. These SaaS Platform Supplemental Terms shall continue in effect throughout the applicable Subscription Term, unless earlier terminated in accordance with these Software Supplemental Terms or the Master Subscription Agreement. Notwithstanding anything to the contrary contained herein, HYPR shall be under no obligation to authorize use of the SaaS Platform by Customer unless and until the associated Fees are paid by Customer. Except as otherwise set forth in the applicable Order Form, Customer’s subscription for the SaaS Platform shall automatically renew upon the expiration of the then-current Subscription Term, for the same subscription term, unless a party notifies the other party in writing at least sixty (60) days prior to the expiration of the then-current Subscription Term that it does not desire to so renew.

11.2 Effect of Termination and Return of Customer Data. Upon the effective date of expiration or termination of the Agreement, these SaaS Supplemental Terms or any applicable Subscription Term, Customer shall immediately cease any further use of the SaaS Platform. Unless otherwise agreed by the parties in writing, after such 30-day period HYPR shall have no obligation to maintain or provide any of Customer Data and shall thereafter, unless legally prohibited, delete all Customer Data in HYPR systems or otherwise in HYPR’s possession or under HYPR’s control.Upon termination of these SaaS Platform Supplemental Terms by HYPR pursuant to Section 9.2 of the Master Subscription Agreement, Customer shall pay to HYPR all unpaid license Fees which have not become due (including any applicable taxes) under any active Order Form for the then-current Order Form Subscription Term(s), which shall automatically accelerate to the date of HYPR’s termination of these Software Supplemental Terms. Any such payment shall be deemed liquidated damages, and not a penalty.