Subscription Agreement

PLEASE READ THIS SUBSCRIPTION AGREEMENT (THE “AGREEMENT”) CAREFULLY BEFORE YOU ACCESS, TEST OR USE ANY SERVICES OFFERED BY RyteBox, LLC (THE “COMPANY”, “we”, or “ours”), INCLUDING THE PLATFORM (AS DEFINED BELOW).

This Agreement is between the Company and Client (as defined below), and represents a legal and binding agreement between Client and the Company pertaining to Client’s access to and use of the Platform, the Company’s obligations to Client, and the terms and conditions applicable to Client’s access to, and use of the Platform, and will constitute a binding contract between Client and the Company. “Client” means in the case of an individual accepting this Agreement on his or her own behalf, such individual, or in the case of an individual accepting this Agreement on behalf of a company or other legal entity, the company or other legal entity for which such individual is accepting this Agreement. Client may sometimes be referred to herein as “you” (and we may also use the terms “your” and “yours” and other similar identifiers).

IF YOU ARE ACCEPTING THIS AGREEMENT ON BEHALF OF A LEGAL ENTITY, BY CLICKING ON THE “YES” OR “I ACCEPT” BUTTON, OR BY ACCESSING, TESTING OR USING OUR SOFTWARE AVAILABLE THROUGH THE USE OF THE PLATFORM, IN WHOLE OR IN PART, YOU REPRESENT AND WARRANT THAT YOU HAVE THE LEGAL AUTHORITY TO BIND CLIENT TO THE TERMS, CONDITIONS AND OBLIGATIONS SET FORTH HEREUNDER, AND IF YOU DO NOT HAVE THE LEGAL AUTHORITY TO BIND CLIENT, THEN YOU MUST NOT ACCESS OR USE THE PLATFORM. IF YOU ARE NOT ACCEPTING THIS AGREEMENT ON BEHALF OF A LEGAL ENTITY, THEN YOU REPRESENT AND WARRANT THAT YOU HAVE THE LEGAL AUTHORITY AND RIGHT TO EXECUTE AGREEMENTS AND YOU AGREE THAT YOU ARE BOUND BY THE TERMS OF THIS AGREEMENT YOURSELF.

1.              DEFINITIONS

In addition to those capitalized terms defined throughout this Agreement, the following terms shall have the following meanings:

1.1           “Affiliate” means any person that directly or indirectly, through one or more intermediaries, controls, is controlled by, or is under common control with, such person.

1.2           “AUP” means the acceptable use policy set forth as Exhibit A hereto.

1.3           “Authorized User” means any person authorized by Client to use the Platform and access the Documentation, and to whom is issued login credentials by Client or Company, as applicable, to use the Platform consistent with the terms of this Agreement.

1.4           “Business Day” means Monday through Friday, excluding U.S. federal holidays.

1.5           “Client Data” means all data in any form that Client or its Authorized Users upload to, or process or transmit to or through the Platform, including information added to template forms which the Platform made available.

1.6           “Company Data” means any data made available on or through the Platform by the Company for Client or any Authorized User’s use including any work product developed by the Company hereunder, including any metadata tags.

1.7           “Documentation” means those materials, including any manuals, made available by the Company to Client either on the Platform or otherwise, which describe the functional, operational and performance capabilities of the Platform. 

1.8           “execute” or “executed” means a human signature manually applied or any electronic signature valid under applicable Law.

1.9            “Intellectual Property Rights” means copyrights, patents, trademarks and the goodwill associated therewith, service marks, trade secrets, and all applications and rights to apply for registration or protection of such rights.

1.10         “Law” means any statute, law, ordinance, regulation, rule, code, order, constitution, treaty, common law, judgment, decree, other requirement or rule of law of any federal, state, local or foreign government or political subdivision thereof, or any arbitrator, court or tribunal of competent jurisdiction.

1.11         “Order Form” means an order specifying the Services to be provided hereunder or thereunder, including any schedules and supplements thereto, that is agreed to by Client and the Company whether manually, electronically or by other valid means.

1.12         “Personal Information” means all data pertaining to any natural person with respect to which the use, collection, storage, processing or transmission by the Company is subject to the provisions of any applicable Privacy Law.

1.13         “Platform” means the online platform made available to Client and its Authorized Users by or on behalf of the Company to be utilized by Client and its Authorized Users to track, exploit and administer music rights and royalties, manage contracts and catalogs, manage accounts and personal information of rights holders and royalty recipients, process revenue receipt and generate royalty statements and which is available at https://rytebox.net.  

1.14         “Privacy Laws” mean any Laws that relate to and/or address privacy, security, data use, consumer tracking, consumer targeting, data protection and destruction, data breach notification or data transfer issues, including the California Consumer Privacy Act, the New York Stock Hacks and Improve Electronic Data Security Act, Gramm-Leach-Bliley Act, the CAN-SPAM Act, the Telephone Consumer Protection Act, and all current and former implementing Laws, rules, regulations, applicable industry regulations and guidelines, and any applicable foreign laws, regulations or guidelines including laws, regulations and/or guidance implementing the Data Protection Act 2018 and the General Data Protection Regulation (Regulation (EU) 2016/679 of the European Parliament).

1.15         “Services” means the provision of the Platform, any maintenance and support services offered by Company therefor, and such other products and services specified in an SOW, by the Company, either directly or through its subcontractors, third party partners and service providers, to Client and its Authorized Users.

1.16         “writing” or “written” means any worded or numbered expression on or in any medium that can be read, reproduced, and later communicated for human access and interpretation, and includes electronically transmitted and stored information.

2.              SERVICES; LICENSES

2.1           Services.

a.     The Company will provide the Services and make or cause to be made the Platform available for use to Client and its Authorized Users as described in this Agreement.  Support Services offering by the Company with respect to the Platform shall be described at www.rytebox.com  and/or described in the Order Form.  The Company will also make any relevant Documentation reasonably available to Client and its Authorized Users via electronic means.

b.     The Company may offer the Platform for use by Client as a whole (including all functionality described in the Documentation) or in only in part, and Client may have the ability to select what portions of the Platform (which specific functionality) it wishes to use.  Such options are described on the Company’s website at www.rytebox.com and/or described in the Order Form.

c.     Certain functionality of the Platform, or portions thereof, may be offered to Client in a co-branded fashion, whereby both Client’s trademark and The Company’s trademark or corporate name are used and visible to Authorized Users.  Certain functionality of the Platform, or portions thereof, may be offered to Client on a white-labeled basis, such that the Company’s logos and corporate name are not visible.

d.     The Company may, in its sole discretion, make any changes to the Platform that it deems necessary or useful to (i) maintain or enhance (A) the quality or delivery of the Company’s products or services to its customers, (B) the competitive strength of, or market for, the Company’s products or services, (C) the Platform’s cost efficiency or performance, or (ii) comply with applicable Law. The Company may implement or have implemented updates, bug fixes, modifications and enhancements (collectively, “Enhancements”) to the Platform from time to time, and will make such changes available to Client, at the same time that the Company makes such Enhancements available to its other customers who use the Platform.

e.     Unless the parties otherwise agree in writing, and subject to Section 2.2 below, the Platform shall be made available to Client and its Authorized Users from a location or locations in the U.S.

f.      Client acknowledges and agrees that the Company has the right, at its expense, to use the services of subcontractors for the provision of the Services.

g.     Client Data shall remain the sole and exclusive property of Client; provided, however, that the Company may collect and use certain Client Data obtained from Authorized Users’ use of the Platform to detect Data Breaches and to detect and attempt to detect fraudulent or illegal activity; provided that such data is not retained in a format that permits identification of a particular natural person after the activity ceases.  During any period of time during which such data is retained, such data shall be subject to the confidentiality obligations set forth herein.  The Company may also create de-identified and anonymized data sets which are aggregated and which do not permit the identification of any natural person derived from Authorized Users’ use of the Platform (“Aggregated Usage Data”).  The Company may use such Aggregated Usage Data to analyze the Platform and its usage, and for improving the Platform and its services.  

2.2           Client acknowledges and agrees that the Platform will be hosted by Amazon Web Services, Inc. (“AWS”), and is a multi-tenant platform. Client specifically acknowledges and agrees to this hosting arrangement, which may include the storage, processing or transmission of data outside of the United States, and accepts and acknowledges that the Company has no control over the acts of AWS. In the event the Company changes hosting providers, such that AWS is no longer its hosting partner for the Platform, the Company acknowledges that any such new hosting provider used by the Company to make the Platform available to Client shall not be materially less capable of providing the necessary hosting services, nor materially less able of complying with Laws applicable to the Company in its provision of Services. Client acknowledges that the Company has no authority to direct the operations of AWS, nor to cause AWS to submit to audits or individual evaluations of any portion of its services, networks or systems.

2.3           Client agrees and acknowledges that the Company may, as mutually agreed in a separate writing referencing this Agreement (each an “SOW” and collectively “SOWs”), (a) scrub or import Client Data to the Platform, including through the use of third party tools, (b) create metadata tags for content included in Client Data and uploaded to the Platform, or (c) perform other professional services for Client. All SOWs will, upon their execution by both parties, be automatically incorporated in and made part of this Agreement by this reference.

2.4           Licenses.

a.     The Company hereby grants to Client a limited, non-sublicensable, non-exclusive, revocable, non-transferrable (except as specifically set forth herein) license throughout the Term to use the Platform, and allow its Authorized Users to use the Platform, subject to the terms and conditions contained hereunder, and limited to the number of user accounts Client has subscribed to under an SOW. The Company also grants Client a royalty-free, worldwide, irrevocable, perpetual license to the metadata tags the Company may create for or on behalf of Client pursuant to Section 2.3 above. Client shall remain responsible for compliance by each of its Authorized User with all of the terms and conditions of this Agreement, and any such use of the Platform and Services shall be for the internal commercial purposes of Client.

b.     Client hereby grants to the Company a limited, royalty free, fully paid up right and license to copy, store, display, transmit, host or have hosted, and to process and have processed all Client Data, and provide the Services as contemplated hereunder throughout the Term, and for any other purpose mutually agreed to between the parties under an SOW.  Client hereby also grants to the Company a limited, royalty free, fully paid up right and license to copy, store, display, publish and transmit any trademarks, logos, or other indicia of ownership, including Client’s corporate name or fictitious entity names as Client may provide to the Company for co-branding or white labeling purposes as described in Section 2.1(c) above.

c.     The Company shall have a royalty-free, worldwide, irrevocable, perpetual license to use and incorporate into the Platform any suggestions, enhancement requests, recommendations or other feedback provided by Client or its Authorized Users relating to the operation of the Platform.

d.     The Company Data, the Platform and all underlying software and technology shall, as between Client and the Company, be and remain exclusively the Company’s sole and exclusive property. If the Company creates, develops, reduces to practice or conceives of any additional documents, work product, ideas, concepts, know-how, methodologies or other materials (collectively, the “Company Materials”) not set forth in this Agreement, then absent a separate writing amending this provision, all such materials shall be the sole and exclusive property of the Company or its licensors. 

e.     Each party hereby reserves all rights not specifically granted herein. 

2.5           Client Obligations.

a.     Client may only allow such number of Authorized Users as is indicated on an SOW to use the Platform on behalf of Client.

b.     Each Authorized User shall be assigned their own unique login credentials to use the Platform either by Client or by the Company. Once issued, Client will not permit any person to use the login credentials of a different Authorized User. Client shall ensure that Authorized Users maintain the confidentiality of each of their respective unique user names and passwords. Client and none of its Authorized Users shall provide any false identify information to gain access to the Platform or use the Services. If Client has any reason to believe that the security or confidentiality of any user name or password has been compromised, Client shall promptly notify the Company, and, if applicable, the Company will reissue or cause to be reissued credentials to the affected user. The Company shall not be responsible for any losses, damages, costs, expenses or claims that result from stolen or lost credentials, or use of any credentials in breach of this Agreement, the AUP or the Documentation or in a manner not authorized in writing by the Company.

c.     Client agrees that it and its Authorized Users will use the Platform in accordance with the terms of this Agreement, including the Exhibits, Schedules, SOWs, and other documents incorporated herein by reference (including any which may be online), and the Documentation, and comply with all applicable Laws, including Privacy Laws.  To this end, Client will obtain all consents, permissions, authorizations and provide all notices required to Authorized Users pursuant to applicable Laws with respect to their Personal Information and its processing by the Company and its service providers and third party partners hereunder, including providing to the Company compliant privacy policies or notices for posting on any portions of the Platform visible to such users.

d.     Client shall be solely responsible for all acts, omissions and activities of its Authorized Users, including their compliance with the terms of this Agreement. The Company shall not be liable for any loss of data or functionality caused directly or indirectly by Client or its Authorized Users.

e.     Client is solely responsible for collecting, inputting and updating all Client Data stored on the Platform and for ensuring (a) that Client Data does not include anything that actually or potentially infringes or misappropriates any Intellectual Property Rights of any third party or contain anything that is obscene, defamatory, harassing, offensive or malicious, and (b) that Client has collected and handled all Client Data in compliance with all applicable Laws. 

f.      Client shall provide to the Company all reasonable information, documentation and assistance as the Company may require to perform the Services hereunder. Any delay or failure in providing same may affect the Company’s performance hereunder and the parties agree that the Company shall not be responsible or liable in any such event to the extent the delay by or failure of Client caused such failure to perform.

g.     Client must, and is responsible for, reviewing the accuracy, reliability, legality, quality, integrity and propriety of Client Data, and is also responsible for its uploading to the Platform, unless the parties have otherwise agreed in writing. Client acknowledges and agrees that the Company is not responsible for and does not guarantee the accuracy, legality or completeness of any information and/or data transmitted, stored, accessed, viewed or otherwise exchanged via the Platform. Further, the Company does not represent that the Platform is or will be considered “accessible” pursuant to, nor does it comply with, criteria published by the Worldwide Web Consortium under its Web Content Accessibility Guidelines. Client agrees that this is acceptable and hereby releases the Company from any and all liability arising as a result thereof.

2.6           Maintenance and Availability. The Company shall use commercially reasonable efforts to ensure the Platform is Available for use by Authorized Users as set forth in its support promise located at www.rytebox.com and/or described in the Order Form.  “Available” means the percentage of time in a month, measured in minutes, during which the hosting service does not experience a latency of more than thirty (30) milliseconds between the initiation of the transmission of a data packet to the Platform from Client or an Authorized User, from the exit point of Client or its Authorized User’s IP service provider, to the receipt of the hosting server’s response at the Company’s IP service provider in a sixty (60) second period, provided, however, “Available” shall exclude the time during which the Platform is unavailable due Excluded Monthly Time. “Excluded Monthly Time” means unavailability that: (a) is caused by factors outside of the Company’s or its service providers’ reasonable control; (b) results from any actions or inactions of Client or any third party (except for the Company’s agents and subcontractors); (c) arising as a result of or in connection with any hardware or software used by Client that is not provided by or made available by the Company hereunder; (d) occurs during scheduled maintenance windows; or (e) occurs for reasons of emergency maintenance (i.e., maintenance that is not planned but is necessary for purposes of maintaining the integrity, security or operation of the Platform). The Company reserves the right to change its scheduled maintenance windows and support promise at any time by updating the support promise on its website.

 

3.              TERM AND TERMINATION

3.1           The term of this Agreement shall begin on the date on which Client first accepts this Agreement and shall continue until terminated by either party as outlined in this Section (the “Term”).

3.2           The Company may suspend Client’s or any Authorized Users’ access to, or use of, the Services if the Company believes that (a) there is a significant threat to the functionality, security, integrity, or availability of the Services including the Platform, or (b) there is a violation of the AUP. When reasonably practicable and lawfully permitted, the Company will provide Client with advance notice of any such suspension. The Company will use reasonable efforts to re-establish the Services promptly after the Company determines that the issue causing the suspension has been resolved. During any suspension period. Any suspension under this Section shall not excuse Client from Client’s obligation to make payments under this Agreement.

3.3           If either party breaches a material term of this Agreement or any SOW and fails to correct the breach within thirty (30) days of receiving a written specification of the breach from the non-breaching party, the non-breaching party reserves the right to terminate (a) in the case of breach of any SOW, the applicable SOW under which the breach occurred; or (b) in the case of breach of the Agreement, the Agreement and all SOWs that have been placed under the Agreement. If the Company terminates any SOW or this Agreement as specified in the preceding sentence, Client must pay within thirty (30) days all amounts that have accrued prior to such termination, as well as all sums remaining unpaid for the Services under such SOWs plus related taxes and expenses.

3.4           Client agrees that the Company shall not be liable to Client or to any third party for any liabilities, claims or expenses arising from or relating to suspension or termination of Services as set forth under this Section 3. Upon termination or expiration of this Agreement, the Company shall immediately cease providing the Services and all rights and licenses granted under this Agreement shall terminate. Termination or expiration of this Agreement will result in the automatic termination of any then current SOW.

3.5           Termination by either party hereunder will be without prejudice to any other remedy otherwise available to the terminating party under this Agreement, at law or in equity.

3.6           In the event of expiration or termination of this Agreement, upon the request of Client, the Company agrees to reasonably assist Client, at no additional cost, in obtaining a copy of its Client Data hosted on the Platform. In no event shall this assistance be provided for longer than thirty (30) calendar days from the effective date of termination unless the parties otherwise agree in writing. The Company may, at any time thereafter, delete all Client Data from the Platform.

3.7           Sections 1 and 2.1(g), 2.4(c), 2.4(d), 2.4(e), 3.7, this Section 3.7, and Sections, 4, 6, 7, 8, 9, and 10 shall all survive the expiration or termination of this Agreement for any reason.

4.              PRICING/FEES/PAYMENT/TAXES

4.1           Fees payable for the Services shall be set forth in associated Order Form.

4.2           Payments will be due net thirty (30) days from date of invoice.

4.3           Fees payable to the Company hereunder do not include any local, state, federal or foreign taxes, levies, duties or imposts, excluding taxes based on or measured by the Company’s net income (collectively “Taxes”), all of which are the responsibility of Client. Where obligated to pay such Taxes directly applicable, Client shall pay, and the Company shall bill, collect and remit same to the appropriate authorities. To the extent the Company is not obligated to collect and remit such Taxes, Client agrees to self-remit such Taxes.

 

5.              DATA SECURITY

5.1           The Company has and will maintain security controls and procedures designed to reasonably protect Client Data from unauthorized access or disclosure.

5.2           Upon request, the Company shall provide to Client from time to time, as such audits are performed, copies of its internal security audits (e.g., SOC 2, SSAE18 reports) that may be conducted of the Company’s systems, controls or networks, if any. If any critical deficiencies are identified in such reports, the Company shall use commercially reasonable efforts to mitigate the effects of and correct such deficiencies. Client acknowledges that the Company does not itself conduct, or have the authority to require AWS or other independent contractors to conduct, security audits of such person’s own information technology networks and systems.

5.3           To the extent Client uses the Platform to store or process credit card data or bank account information, Client agrees to comply with applicable Payment Card Industry Data Security Standards (“PCI DSS”) requirements.

5.4           Data Breach Notification. If there is any theft, loss, loss of control over, access or discovery by or disclosure to a third party, or other event that results in an unauthorized person obtaining access to, viewing, copying, transferring, transmitting, displaying, preventing authorized access to, or coming to control any of Client Data (each such event, a “Data Breach”), and if such Data Breach occurs as a result of any action or inaction of the Company, or if such Data Breach occurs as a result of a vulnerability in the Platform, then except to the extent the Company has been instructed to withhold information relating to such Data Breach by any governmental or law enforcement authority, the Company will use commercially reasonable efforts to (a) give Client prompt written of such Data Breach; (b) give Client available information pertaining to Client Data that was lost, stolen, accessed, discovered, rendered inaccessible or disclosed; (c) perform reasonable forensic investigations and audits reasonably required to identify the root cause of the Data Breach; (d) attempt to mitigate the effects of the Data Breach as promptly as is commercially feasible; and (e) take any reasonable corrective actions necessary and feasible to prevent the Data Breach from re-occurring.

5.5           The parties acknowledge and agree that the Company’s performance of this Agreement may require the Company to process Personal Information of natural persons, which may include Personal Information of Client’s customers, employees, end users, contractors, affiliates, partners, representatives and others. In relation to all Personal Information provided by or through Client to the Company under this Agreement or uploaded to the Platform, Client will at all times remain the data controller and will be responsible for compliance with all applicable Privacy Laws. To the extent that the Company processes Personal Information in the course of providing Services under this Agreement, it will do so only as a data processor acting on behalf of Client and in accordance with the requirements of this Agreement. In so doing the Company may act in accordance with any direction that is received from Client as evidenced by any written communication or any electronic communication reasonably determined by the Company to have issued from Client, including Client’s account, under its passwords or account number. Client shall use reasonable best efforts to prevent the unauthorized use of Client’s account credentials and shall promptly notify the Company of any loss or unauthorized use of, or access to, any such credentials.

5.6           If your Client Data includes Personal Information of California residents (a) the provisions of the data processing addendum set forth in Exhibit B shall apply, and (b) Exhibit B is hereby incorporated into this Agreement by this reference. If Client Data does not include Personal Information of California residents, the provisions of Exhibit B shall not apply.

5.7           If your Client Data includes Personal Information of EU residents (a) the provisions of the data processing addendum set forth in Exhibit C shall apply, and (b) Exhibit C is hereby incorporated into this Agreement by this reference. If Client Data does not include Personal Information of EU residents, the provisions of Exhibit C shall not apply.  

6.  REPRESENTATIONS AND WARRANTIES

6.1           The Company represents and warrants that it (a) has validly entered in this Agreement and has the legal authority to do so; and (b) will provide the Services in a professional manner consistent with general industry standards and that the Services will perform substantially in accordance with the Documentation. For any material breach of a warranty, Client agrees and acknowledges that its exclusive remedy shall be the Company’s reasonable efforts to repair any non-conformity reported by Client.

6.2           Client represents and warrants that (a) it has validly entered into this Agreement and has the legal authority to do so; (b) it owns or has a license to use and has obtained all consents and approvals necessary to grant the licenses and rights granted herein, and to collect, process and use Client Data and for the Company and its service providers to do the same, as contemplated herein; (c) it has accessed and reviewed any terms of use or other policies relating to a Platform provided by the Company, understands the requirements thereof, and agrees to comply therewith; and (d) the provision, upload, processing and use of Client Data as contemplated by this Agreement does not and shall not violate any of Client’s privacy policies or notices, terms of use or other agreement to which Client is a party, or any Law to which Client is subject. Client agrees that these representations and warranties are intended to be effective throughout the Term.

6.3           THE WARRANTIES CONTAINED IN THIS AGREEMENT ARE IN LIEU OF ALL OTHER WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THOSE OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. EACH PARTY HEREBY EXPRESSLY DISCLAIMS ALL OTHER WARRANTIES NOT SPECIFICALLY SET FORTH HEREIN.

6.4           THE COMPANY DOES NOT GUARANTEE THAT THE PLATFORM WILL BE AVAILABLE OR SERVICES WILL BE PERFORMED ERROR-FREE OR UNINTERRUPTED, OR THAT THE COMPANY WILL CORRECT ALL SERVICE ERRORS. CLIENT ACKNOWLEDGES THAT THE COMPANY DOES NOT CONTROL THE TRANSFER OF DATA OVER COMMUNICATIONS FACILITIES, INCLUDING THE INTERNET, AND THAT THE PLATFORM MAY BE SUBJECT TO LIMITATIONS, DELAYS, AND OTHER PROBLEMS INHERENT IN THE USE OF SUCH COMMUNICATIONS FACILITIES. THE COMPANY DOES NOT WARRANT OR GUARANTEE THAT THE OPERATION OF THE PLATFORM WILL BE UNINTERRUPTED, VIRUS-FREE OR ERROR-FREE, AND THE COMPANY SHALL NOT BE LIABLE FOR UNAUTHORIZED ALTERATION, THEFT OR DESTRUCTION OF CLIENT’S OR ANY AUTHORIZED USER’S DATA, FILES OR PROGRAMS.

7.              CONFIDENTIALITY

7.1           The term “Confidential Information” shall mean all confidential, proprietary and/or trade secret information of the disclosing party (the “Disclosing Party”), whether marked as such when made available or given to the receiving party (the “Receiving Party”) hereunder or whether such information should reasonably be considered non-public, confidential or proprietary given its nature or the circumstances of such disclosure. Confidential Information of Client includes Client Data. The Company’s Confidential Information includes the Platform and all computer enabling the Platform to function, and all information pertaining thereto, including information about its functionality, requirements and other technical data, the Documentation, all aspects of the manner in which the Company performs the Services hereunder, and Personal Information of the Company’s employees and subcontractors.

7.2           Subject to the exceptions below, the Receiving Party hereby agrees that it will not disclose Confidential Information of the Disclosing Party, during or after the Term of this Agreement, other than on a “need to know” basis and then only to the Receiving Party’s employees, officers or directors; to the Receiving Party’s subcontractors, independent contractors, agents, advisors, consultants, accountants and insurers, provided that all such persons are subject to a written confidentiality agreement no less restrictive than the provisions of this Section.

7.3           Upon (a) expiration or termination of this Agreement for any reason or (b) any time at the written request of the Disclosing Party, the Receiving Party shall promptly return or destroy, at the Disclosing Party’s election, all Confidential Information of the Disclosing Party in the possession of the Receiving Party, subject to and in accordance with the terms and provisions of this Agreement. Notwithstanding anything herein to the contrary, the Receiving Party may retain one (1) copy of the Confidential Information of the Disclosing Party as required by or in accordance with applicable Law, or automatic security or disaster recovery information archival procedures; provided that the confidentiality obligations contained herein shall apply to all such information for so long as it is retained.

7.4           The obligations of confidentiality in this Section shall not apply to any information that (a) Receiving Party rightfully has in its possession when disclosed to it, free of obligation to Disclosing Party to maintain its confidentiality; (b) Receiving Party independently develops without access to Disclosing Party’s Confidential Information; (c) is or becomes known to the public other than by breach of this Section; or (d) is rightfully received by Receiving Party from a third party without the obligation of confidentiality.

7.5           Notwithstanding the foregoing, this confidentiality provision does not prevent Receiving Party from providing information in response to valid and enforceable subpoenas or otherwise required by Law, provided the Receiving Party, unless prohibited by law, has given the Disclosing Party advance notice thereof and has cooperated with any efforts of the Receiving Party to terminate, limit, or suspend such subpoena.

8.              INDEMNITY

8.1           The Company shall indemnify, defend, and hold harmless Client and its employees, officers and directors, and Client’s successors and permitted assigns, from and against any and all claims or legal actions that are made or threatened in writing by any third party, and all related losses, expenses, damages, costs and liabilities, including reasonable attorneys’ fees and expenses incurred in investigation, defense or settlement (collectively, “Damages”), which arise out of, are alleged to arise out of, or relate to, infringement or misappropriation of any Intellectual Property Rights arising in the United States of the third party as a result of Client’s or any of its Authorized User’s use of the Platform in accordance with the Documentation and the terms of this Agreement. Further, if a third party makes a claim against Client alleging infringement of such third party’s Intellectual Property Rights, or if the Company has reason to believe that such a claim is possible or threatened, then the Company may, at its sole option, cost and expense, either (a) procure for Client the right to continue using the Platform; (b) modify the Platform so that it becomes non-infringing; or (c) terminate this Agreement in whole or in part and refund to Client any unused portion of pre-paid fees. Notwithstanding the foregoing, the Company shall have no obligation to defend, indemnify or hold harmless Client or any other party under this Section 8.1 if (x) the claim or Damages arise in connection with or as a result of any Client Data; (y) the alleged infringement or misappropriation arises from (i) the integration or combination of the Platform with other hardware or software that was not provided by the Company or set forth in the Documentation, (ii) modifications made to the Platform by anyone other than the Company, or (iii) the use of the Platform other than as directed by the Documentation; or (z) if Client is in breach of the terms of this Agreement.

8.2           Client shall indemnify, defend, and hold harmless the Company and its employees, officers and directors, successors and permitted assigns, from and against any and all Damages which arise out of, are alleged to arise out of, or relate to (a) any Client Data as provided to the Company or input to the Platform; (b) any breach of Client’s specific representations and warranties hereunder; or (c) any use of the Platform other than such use for which the Company has expressly agreed in Section 8.1 above to provide indemnity to Client.

8.3           The indemnified party hereunder shall give the indemnifying party notice of, and the parties shall cooperate in, the defense of any such claim, suit or proceeding, including appeals, negotiations and any settlement or compromise thereof, at the expense of the indemnified party. The indemnified party must approve the terms of any settlement or compromise that may impose any non-monetary requirements or restrictions on the indemnified party, or that requires any admission of wrongdoing or liability by the indemnified party. Notwithstanding the foregoing, there may be instances in which the Company’s insurance carriers or policies may require for the Company to control the defense or prosecution of a claim. In those circumstances, even though Client is required to indemnify and defend hereunder, the Company will have the option, upon notice to Client, to undertake the prosecution or defense of such a claim, and Client agrees to provide all cooperation and assistance to the Company in such endeavors.

9.              LIMITATION OF LIABILITY

IN NO EVENT SHALL (A) EITHER PARTY’S LIABILITY ARISING OUT OF OR RELATED TO THIS AGREEMENT, WHETHER IN CONTRACT, TORT OR UNDER ANY OTHER THEORY OF LIABILITY EXCEED IN THE AGGREGATE THE TOTAL FEES PAID OR OWED BY CLIENT HEREUNDER DURING THE TWELVE (12) MONTHS IMMEDIATELY PRECEDING THE DATE OF THE EVENT GIVING RISE TO THE CLAIM (SUCH AMOUNT BEING INTENDED AS A CUMULATIVE CAP AND NOT PER INCIDENT), AND (B) EITHER PARTY HAVE ANY LIABILITY TO THE OTHER FOR ANY LOST PROFITS OR REVENUES OR FOR ANY INDIRECT, INCIDENTAL, CONSEQUENTIAL, COVER, SPECIAL, EXEMPLARY OR PUNITIVE DAMAGES, HOWEVER CAUSED, WHETHER IN CONTRACT, TORT OR UNDER ANY OTHER THEORY OF LIABILITY, AND WHETHER OR NOT THE PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. THE FOREGOING LIMITATIONS AND DISCLAIMERS SHALL NOT APPLY TO THE EXTENT PROHIBITED BY APPLICABLE LAW.

10.           MISCELLANEOUS

10.1         The parties agree that this Agreement do not establish an exclusive relationship. Client retains the right to utilize other vendors in the provision of similar services and the Company retains the right to make the Platform available and provide services to other parties.

10.2         This Agreement shall be governed by the laws of the State of New York. Each party hereby submits to the exclusive jurisdiction of the state and federal courts located in the city, county and state of New York, and waives any objection to the laying of such venue.

10.3         Neither party may assign this Agreement or any of the rights hereunder or delegate any of its obligations under this Agreement, without the prior written consent of the other party, and any such attempted assignment shall be void, except that either party may assign or transfer this Agreement as a whole to any Affiliate, the surviving corporation with or into which such party may merge or consolidate or an entity to which such party transfers all, or substantially all of its business, voting securities or assets.

10.4         The Company is not responsible nor liable for any delays or failures in performance from any cause beyond its reasonable control, including, but not limited to acts of God, changes to law or regulations, embargoes, war, terrorist acts, acts or omissions of third party service providers or other third parties, riots, fires, earthquakes, floods, power blackouts, strikes, pandemics, weather conditions or acts or omissions of Client or any Authorized User.

10.5         Client agrees that the Company may identify Client as a customer and use Client’s logo and trademark in the Company’s promotional materials.

10.6         The parties are independent contractors. Nothing in this Agreement shall be deemed to create an agency, partnership, employment or joint venture relationship between the parties.

10.7         Section headings are included for convenience only and are not intended to define or limit the scope of any provision of this Agreement.

10.8         No delay, failure or waiver of either party’s exercise or partial exercise of any right or remedy under this Agreement shall operate to limit, impair, preclude, cancel, waive or otherwise affect such right or remedy. Any waiver by either party of any provision of this Agreement shall not imply a subsequent waiver of that or any other provision of this Agreement.

10.9         If any provision of this Agreement is held invalid, illegal or unenforceable, the validity, legality or enforceability of the remaining provisions shall in no way be affected or impaired thereby.

10.10      Except as explicitly provided hereunder, and with respect to information posted to Company’s website referenced herein (which can be amended by the Company from time to time without the need to obtain any consent from Client) no amendments of any provision of this Agreement shall be valid unless in writing and executed by both parties.

10.11      In the event of a conflict between the terms of this Agreement or those of an SOW, the terms of this Agreement shall control unless such SOW expressly provides to the specific terms of this Agreement meant to be superseded or altered.

10.12      This Agreement may be executed by the parties in one or more counterparts which may be shared electronically, and each such counterpart shall be an original but all such counterparts shall constitute one and the same instrument. The parties agree to accept a digital image of this Agreement, as executed, as a true and correct original and admissible as best evidence to the extent permitted by a court with proper jurisdiction.

10.13      To the maximum extent permitted by the governing law, this Agreement and the transactions called for herein shall not be governed or affected by any version of the Uniform Computer Information Transactions Act enacted in any jurisdiction.

10.14      All notices or other communications required to be given under this Agreement shall be given to the parties in writing, solely in physical form, as follows: (a) by first class, registered or certified United States mail, return receipt requested and postage prepaid, (b) overnight express courier or (c) by personal delivery. Such notices shall be deemed to have been duly given (i) five (5) Business Days after the date of mailing as described above, (ii) one (1) Business Day after being received by an express courier during business hours, or (iii) the same day if by hand delivery. Nothing in the this paragraph shall prevent a party from sending other or general communications in relation to this Agreement or the Services by electronic means, provided in no event shall such communication itself constitute written notice if so required hereby. The parties may modify their address for written notices by sending written notice in accordance with the provisions of this paragraph.

If to the Company:

Name: RyteBox, LLC
Attention: Scott T. Powell
Address: 1440 Broadway 4TH Floor, New York, NY 10018
Email Address: scott.powell@RyteBox.com

If to Client: All notices shall be sent to Client at the address specified under an SOW.

10.15      Except as otherwise provided in the Agreement and subject to the foregoing, the parties do not intend the benefits of this Agreement to inure to any third party, and nothing contained herein shall be construed as creating any right, claim or cause of action in favor of any such other third party, against either of the parties hereto.

10.16      THE PARTIES HEREBY WAIVE TRIAL BY JURY IN ANY ACTION, PROCEEDING OR COUNTERCLAIM BROUGHT BY EITHER OF THE PARTIES AGAINST THE OTHER ON ANY MATTERS WHATSOEVER ARISING OUT OF OR IN ANY WAY CONNECTED WITH THE INTERPRETATION, PERFORMANCE, ENFORCEMENT AND OTHER ASPECTS OF, AND OPERATIONS UNDER, THIS AGREEMENT, THE SERVICES, THE RELATIONSHIP OF THE PARTIES WITH RESPECT TO THIS AGREEMENT OR ANY CLAIM OF INJURY OR DAMAGE ARISING OUT OF UNDER OR RELATING TO THIS AGREEMENT.

10.17      Any legal action or proceeding asserting a claim against the Company arising out of or relating to this Agreement shall be asserted within one (1) year from the date upon which the cause of action accrues.

10.18      This Agreement, including the Exhibits, Schedules, SOWs, and other documents incorporated herein by reference, is the final, full and exclusive expression of the agreement of the parties and supersedes all prior agreements, understandings, writings, proposals, representations and communications, oral or written, of either party with respect to the subject matter hereof and the transactions contemplated hereby.


EXHIBIT A

ACCEPTABLE USE POLICY

  1. In its use of the Platform, Client shall not, and shall not permit its Authorized Users to:
  • Knowingly transmit any content or information, or store, post or access any materials that are unlawful, fraudulent, threatening, abusive, libelous, defamatory, obscene or otherwise objectionable to a reasonable person;
  • Use the Platform for the benefit of any third party (except for Client customers);
  • Attempt to gain unauthorized access to, or attempt to interfere with or compromise the normal functioning, operation, working, or security of any portion of the Platform including through denial of service, fuzzing or similar attacks;
  • Upload, post, reproduce or process any information, software or other material through the Platform that are protected by any Intellectual Property Right without first obtaining the permission of the owner of such rights;
  • Infringe on the Company’s or any third party’s Intellectual Property Rights;
  • Knowingly transmit any information or software that contains a virus, worm, time bomb, Trojan horse or other harmful or disruptive component;
  • Upload to the Platform, store or transmit any material in violation of any third-party privacy or data protection rights, any protected health information or other regulated data or information in violation of any applicable Law;
  • Use the Platform for any unlawful purposes, including transmitting, distributing, retrieving, or storing any information, data, or other material in violation of any applicable Law; and
  • Use any robot, spider, site search/retrieval application, or other manual or automatic device or process to retrieve, index, “data mine,” or in any way reproduce or circumvent the navigational structure or presentation of the Platform or the data contained thereon.
  • Client will not use the Platform except as expressly provided for in the Agreement and the Documentation, and specifically, but without limitation, will not (i) copy, replicate, modify, translate, decompile, enhance, disassemble or reverse engineer the Platform or any portion thereof; (ii) create derivative works of the Platform or any portion thereof; (iii) distribute software that covertly gathers information about a user or covertly transmits information about the user; (iv) circumvent or attempt to circumvent any security measure contained or used in connection with the Platform, or make any unauthorized attempt to probe, scan or test the vulnerability of the Platform; (v) modify, remove or obstruct any proprietary notices or labels; (vi) exceed or attempt to exceed Client’s authorized access to the Platform including using the Platform to operate any timesharing, service bureau or similar business, or otherwise share, lease, or rent out access to the Platform or any portion thereof; (vii) use the Platform in any manner to assist or take part in the development, marketing or sale of a product potentially competitive with such Platform.; (viii) use the Platform to commit fraud; or (ix) attempt to do any of the foregoing or permit any third party from doing or attempting any of the foregoing.

EXHIBIT B

CALIFORNIA CONSUMER PROTECTION ACT ADDENDUM

This Data Processing Addendum (“Addendum”) is entered into as of the date the parties enter into the Agreement (“Effective Date”) by and between Client (“Business”) and RyteBox, LLC (“RyteBox” or “Service Provider”), and by this reference is an exhibit to and made a part of the Subscription Agreement entered into between the parties (collectively, the “Agreement”). Capitalized terms used but not defined herein shall have the meanings given to such terms in the Subscription Agreement entered into between the parties.

If any conflict arises between the provisions of this Addendum and those contained in the Subscription Agreement, the provisions of this Addendum shall control.

1.     Definitions. The following definitions and rules of interpretation apply to this Addendum:

1.1.     “Authorized Persons” means the sole persons with whom Service Provider is authorized by Business to share any personal information collected by or on behalf of Business, provided that any such sharing of personal information shall be subject to the terms of this Addendum.

1.2.     “Business” means a legal entity as defined in Section 1798.140 (c) of the CCPA, and herein specifically refers to the entity defined as the Business in Section 1 above.

1.3.     “CCPA” means the California Consumer Privacy Act of 2018, California Civil Code sections 1798.100 through 1798.199, as amended from time to time, and all related regulations and guidance promulgated by the California Attorney General or any other governmental authority with respect thereto.

1.4.     “Contracted Business Purposes” means the performance of services by Service Provider to the Business as described in the Agreement, and included in the definition at Section 1798.140(d) of the CCPA.

1.5.     “Personal Information” as used in this Addendum means “personal information” as defined in Section 1798.140 (o) of the CCPA, which the Service Provider has access to, collects, stores, uses, retains, discloses, acquires or otherwise “processes” (defined below) as part of its performance of services to the Business pursuant to the terms of the Agreement.

1.6.     “Process,” “processes,” or “processing” means any operation(s) performed on Personal Information as these terms are defined in Section 1798.140 (q) of the CCPA.

1.7.     “Sell,” “selling,” “sale,” or “sold,” means selling, renting, releasing, disclosing, disseminating, making available, transferring, or otherwise communicating orally, in writing, or by electronic or other means, a consumer’s personal information by the business to another business or a third party for monetary or other valuable consideration, as set forth in Section 1798.140(t) of the CCPA.

1.8.     “Service Provider” means a legal entity as defined in Section 1798.140 (v) of the CCPA, and herein specifically refers to RyteBox.

2.     Service Provider’s CCPA Obligations.

2.1.     Service Provider will only collect, use, retain, or disclose relevant Personal Information listed in the CCPA for the Contracted Business Purposes. As for disclosures, Service Provider shall only disclose such Personal Information to Authorized Persons.

2.2.     Service Provider shall not sell any Personal Information.

2.3.     Service Provider will not collect, use, retain, or disclose Personal Information or otherwise make any Personal Information available to any other person (i) for Service Provider’s own commercial purposes; (ii) in violation of the CCPA; (iii) for any purpose other than the performance of the Agreement, outside of the Contracted Business Purposes, or outside of the parties’ direct business relationship; or (iv) in violation of this Addendum.

2.4.     If any applicable law requires that Service Provider disclose Personal Information that is the subject of this Addendum, the Service Provider must immediately notify Business of such legal requirement so that the Business has an opportunity to object to, move to quash, or seek to limit such disclosure or otherwise challenge the requirement, unless a valid court order issued by a court of competent jurisdiction or other such legal process prohibits such notice, and Service Provider shall cooperate with the Business in its efforts to limit, quash or otherwise challenge such disclosure.

2.5.     Service Provider will limit its collection, processing, use, retention, and disclosure of Personal Information to activities necessary and proportionate to achieve the Contracted Business Purposes, and in any case always in compliance with the terms of this Addendum and the CCPA.

2.6.     Service Provider must promptly comply with any Business request or instruction requiring the Service Provider to provide, amend, transfer, or delete the Personal Information in its possession or under its control (or that of the Authorized Persons), or to stop, mitigate, or remedy any unauthorized processing.

3.     Assistance with the Business’ CCPA Obligations.

3.1.     Service Provider will reasonably cooperate and assist the Business with meeting the Business’ CCPA compliance obligations and responding to CCPA-related inquiries, including responding to “verifiable consumer requests” (as defined in Section 1798.140 (y) of the CCPA), whether the information required for such compliance is stored or processed by the Service Provider or an Authorized Person.

3.2.     Service Provider must notify the Business immediately if it receives any complaint, notice, or communication that directly or indirectly relates to either party’s or any Authorized Person’s compliance with the CCPA. Specifically, the Service Provider must notify the Business within two (2) Business Days if it receives a “verifiable consumer request” pertaining to Personal Information.

4.     Subcontracting.

4.1.     Solely for fulfilling Contracted Business Purpose(s), Service Provider may only use subcontractors who are service providers, as defined under Section 1798.140 (v) of the CCPA, and who are Authorized Persons. Service Provider shall ensure it has written agreements in place with each such subcontractor, which must contain provisions no less restrictive than those set forth in this Addendum. Service Provider shall not make any disclosures to a subcontractor or allow any subcontractor to obtain access to any Personal Information that the CCPA would treat as a “sale”.

4.2.     Upon the request of the Business, Service Provider will provide the Business a list (and update such list as needed to maintain it up to date) disclosing the following for each subcontractor used:

(a)            The subcontractor’s name, address, and contact information.

(b)            The type of services provided by the subcontractor.

(c)            The Personal Information categories disclosed to the subcontractor in the preceding twelve (12) months

4.3.     Service Provider shall be liable for all subcontractors’ acts and omissions.

4.4.     Upon the Business’ written request, Service Provider will audit subcontractors’ compliance with its obligations with respect to Personal Information under the CCPA and this Addendum, and will provide the Business with the audit results pertaining to same. If any subcontractor fails to comply with the requirements of this Addendum, or the CCPA, then such a subcontractor shall immediately cease to be an Authorized Person, and Service Provider shall immediately cease using such subcontractor for the processing of Personal Information. If the Service Provider’s business does not permit it to eliminate the affected subcontractor, then it shall immediately notify the Business, and the Business may terminate the Agreement with immediate effect.

5.     Warranties and Certification.

5.1.     Service Provider shall comply with all applicable requirements of the CCPA when collecting, using, retaining, processing and disclosing Personal Information.

5.2.     Service Provider hereby certifies that it understands and shall comply with this Addendum’s and the CCPA’s restrictions and prohibitions with respect to selling Personal Information, and retaining, using, processing or disclosing Personal Information outside of the provisions of the Agreement and this Addendum, which governs the parties’ direct business relationship.