Enterprise Software as a Service Agreement - Minnesota
ENTERPRISE SOFTWARE AS A SERVICE AGREEMENT
STATE OF MINNESOTA
AGREEMENT INFORMATION
| Field | Information |
|---|---|
| Agreement Date | [__/__/____] |
| Agreement Number | [________________________________] |
| Effective Date | [__/__/____] |
PARTIES TO THIS AGREEMENT
PROVIDER:
| Field | Information |
|---|---|
| Legal Entity Name | [________________________________] |
| State of Formation | [________________________________] |
| Principal Address | [________________________________] |
| City, State, ZIP | [________________________________] |
| Federal Tax ID (EIN) | [________________________________] |
| Primary Contact Name | [________________________________] |
| Contact Email | [________________________________] |
| Contact Phone | [________________________________] |
CUSTOMER:
| Field | Information |
|---|---|
| Legal Entity Name | [________________________________] |
| State of Formation | [________________________________] |
| Principal Address | [________________________________] |
| City, State, ZIP | [________________________________] |
| Federal Tax ID (EIN) | [________________________________] |
| Primary Contact Name | [________________________________] |
| Contact Email | [________________________________] |
| Contact Phone | [________________________________] |
RECITALS
WHEREAS, Provider is engaged in the business of providing cloud-based software as a service solutions and related professional services;
WHEREAS, Customer desires to obtain access to and use of Provider's software platform and services for Customer's enterprise business operations;
WHEREAS, the parties wish to establish the terms and conditions under which Provider will make its services available to Customer in compliance with the laws of the State of Minnesota, including the Minnesota Consumer Data Privacy Act (Minn. Stat. §§ 325M.10–325M.21) and all applicable data protection requirements;
WHEREAS, the parties acknowledge the importance of protecting consumer data and trade secrets in accordance with Minnesota law;
NOW, THEREFORE, in consideration of the mutual covenants and agreements hereinafter set forth and for other good and valuable consideration, the receipt and sufficiency of which are hereby acknowledged, the parties agree as follows:
ARTICLE 1: DEFINITIONS
1.1 "Affiliate" means any entity that directly or indirectly controls, is controlled by, or is under common control with a party, where "control" means ownership of more than fifty percent (50%) of the voting securities or equivalent ownership interest.
1.2 "Authorized Users" means Customer's employees, contractors, consultants, and agents who are authorized by Customer to access and use the Services under the rights granted pursuant to this Agreement.
1.3 "Confidential Information" means all non-public information disclosed by one party to the other, whether orally, in writing, or by inspection, that is designated as confidential or that reasonably should be understood to be confidential given the nature of the information and circumstances of disclosure.
1.4 "Consumer Data" has the meaning set forth in Minn. Stat. § 325M.12, including personal data that identifies, relates to, or describes an identified or identifiable consumer.
1.5 "Customer Data" means all electronic data, information, content, records, and files that Customer or Authorized Users upload, submit, store, transmit, or process through the Services, including any Consumer Data or Personal Information therein.
1.6 "Documentation" means Provider's standard user guides, online help files, technical specifications, and other documentation related to the Services as updated from time to time.
1.7 "Downtime" means any period during which the Services are unavailable or materially impaired, excluding Scheduled Maintenance and Excused Downtime.
1.8 "Effective Date" means the date first written above or the date both parties have executed this Agreement, whichever is later.
1.9 "Excused Downtime" means unavailability caused by: (a) Customer's acts or omissions; (b) failures of Customer's equipment, software, or network connections; (c) third-party services outside Provider's control; (d) force majeure events; or (e) suspension pursuant to Section 6.4.
1.10 "Fees" means all amounts payable by Customer to Provider as set forth in this Agreement and any applicable Order Form.
1.11 "Initial Term" means the initial subscription period specified in the Order Form.
1.12 "Intellectual Property Rights" means all patents, copyrights, trademarks, trade secrets, and other intellectual property rights recognized under the laws of any jurisdiction worldwide.
1.13 "Malicious Code" means viruses, worms, Trojan horses, ransomware, spyware, adware, or other harmful or malicious code, files, scripts, agents, or programs.
1.14 "MCDPA" means the Minnesota Consumer Data Privacy Act, codified at Minn. Stat. §§ 325M.10–325M.21, effective July 31, 2025.
1.15 "Monthly Uptime Percentage" means the total minutes in a calendar month minus minutes of Downtime, divided by total minutes in the month, expressed as a percentage.
1.16 "Order Form" means an ordering document specifying the Services, subscription levels, Fees, and other commercial terms, executed by both parties and incorporated herein.
1.17 "Personal Information" means information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked with a particular individual or household, as contemplated by Minn. Stat. § 325E.61.
1.18 "Professional Services" means implementation, configuration, customization, training, integration, and consulting services provided by Provider as specified in an Order Form or Statement of Work.
1.19 "Renewal Term" means each successive subscription period following the Initial Term.
1.20 "Scheduled Maintenance" means planned maintenance of the Services performed during designated maintenance windows with advance notice to Customer.
1.21 "Security Incident" means any unauthorized access to, acquisition of, or disclosure of Customer Data, or any breach or potential breach of Provider's security measures.
1.22 "Services" means Provider's proprietary cloud-based software platform and related services described in the applicable Order Form, including all updates, enhancements, and new features made generally available.
1.23 "Service Level Agreement" or "SLA" means the service level commitments set forth in Article 4.
1.24 "Statement of Work" or "SOW" means a document describing Professional Services, deliverables, timelines, and associated fees.
1.25 "Subscription Term" means collectively the Initial Term and all Renewal Terms.
1.26 "Third-Party Components" means software, data, services, or content provided by third parties that are incorporated into or used in connection with the Services.
1.27 "Trade Secret" has the meaning set forth in Minn. Stat. § 325C.01, subd. 5, including information that derives independent economic value from not being generally known and is the subject of reasonable efforts to maintain its secrecy.
1.28 "User Account" means the unique login credentials and account established for each Authorized User.
1.29 "Data Protection Assessment" means an assessment conducted pursuant to the MCDPA evaluating the risks of processing Consumer Data to consumer rights and the safeguards employed to mitigate such risks.
1.30 "Controller" has the meaning set forth in the MCDPA, generally referring to a person that, alone or jointly with others, determines the purpose and means of processing Consumer Data.
1.31 "Processor" has the meaning set forth in the MCDPA, generally referring to a person that processes Consumer Data on behalf of a Controller.
ARTICLE 2: SAAS SERVICES AND ACCESS RIGHTS
2.1 Grant of Rights
Subject to Customer's compliance with this Agreement and payment of all Fees, Provider hereby grants to Customer a non-exclusive, non-transferable, non-sublicensable right during the Subscription Term to:
(a) Access and use the Services for Customer's internal business operations;
(b) Permit Authorized Users to access and use the Services in accordance with this Agreement;
(c) Access, use, and reproduce the Documentation in connection with permitted use of the Services; and
(d) Store, process, and retrieve Customer Data through the Services.
2.2 Subscription Tiers
Customer's subscription shall be as specified in the Order Form:
☐ Standard Enterprise - Up to [____] Authorized Users
☐ Professional Enterprise - Up to [____] Authorized Users
☐ Premium Enterprise - Up to [____] Authorized Users
☐ Unlimited Enterprise - Unlimited Authorized Users
☐ Custom Configuration - As specified: [________________________________]
2.3 User Account Administration
(a) Customer shall designate at least one (1) administrator to manage User Accounts and access permissions.
(b) Customer is responsible for maintaining the confidentiality of all User Account credentials.
(c) Customer shall promptly notify Provider of any unauthorized access or security breach involving User Accounts.
(d) User Accounts are for designated individuals only and may not be shared among multiple persons.
2.4 Authorized User Categories
☐ Named Users - Identified individuals assigned specific User Accounts
☐ Concurrent Users - Maximum simultaneous users: [____]
☐ Site License - All employees at specified locations
☐ Enterprise-Wide - All employees and authorized contractors
☐ Other: [________________________________]
2.5 Affiliate Usage
☐ Customer's Affiliates are authorized to use the Services under this Agreement
☐ Customer's Affiliates must execute separate Order Forms
☐ Affiliate usage is not permitted
If Affiliate usage is permitted:
(a) Customer shall ensure Affiliate compliance with all Agreement terms;
(b) Customer remains liable for Affiliate acts and omissions;
(c) Affiliate usage counts toward Customer's licensed capacity.
2.6 Professional Services and Support
Provider shall provide implementation and support services as specified in the applicable Order Form or Statement of Work. Support tiers, response time targets, and escalation procedures shall be as set forth in Exhibit C.
2.7 Training Services
☐ Provider shall provide the following training:
| Training Type | Format | Duration | Participants |
|---|---|---|---|
| Administrator Training | [________________________________] | [____] hours | [____] |
| End User Training | [________________________________] | [____] hours | [____] |
| Advanced Feature Training | [________________________________] | [____] hours | [____] |
| Custom Training | [________________________________] | [____] hours | [____] |
ARTICLE 3: ACCEPTABLE USE AND RESTRICTIONS
3.1 Acceptable Use Policy
Customer and Authorized Users shall:
(a) Use the Services only for lawful purposes and in compliance with all applicable laws, including Minnesota law;
(b) Comply with all Documentation and Provider's reasonable usage policies;
(c) Maintain the security and confidentiality of User Account credentials;
(d) Promptly report any suspected security breaches or unauthorized access.
3.2 Prohibited Activities
Customer and Authorized Users shall not:
(a) License, sublicense, sell, resell, rent, lease, transfer, assign, or distribute the Services to third parties;
(b) Modify, copy, or create derivative works based on the Services or Documentation;
(c) Reverse engineer, disassemble, decompile, or otherwise attempt to derive source code from the Services;
(d) Access the Services to build a competitive product or service;
(e) Use the Services to store or transmit Malicious Code;
(f) Interfere with or disrupt the integrity or performance of the Services;
(g) Attempt to gain unauthorized access to the Services or related systems;
(h) Use the Services to transmit unlawful, harassing, defamatory, or fraudulent content;
(i) Use the Services in violation of any third party's intellectual property or privacy rights;
(j) Exceed licensed usage limits or circumvent usage restrictions;
(k) Remove, alter, or obscure any proprietary notices on the Services.
3.3 Usage Monitoring
(a) Provider may monitor usage to ensure compliance with this Agreement;
(b) Provider shall notify Customer of any significant usage anomalies;
(c) If usage exceeds licensed capacity, Customer shall promptly pay additional Fees or reduce usage.
3.4 Suspension
Provider may suspend Customer's access to the Services:
(a) If Customer's use poses a security threat to Provider or other customers;
(b) If Customer is in material breach of this Agreement and fails to cure within [____] days after notice;
(c) If required by law or governmental authority;
(d) For non-payment of undisputed Fees more than [____] days past due.
Provider shall provide advance notice of suspension when practicable and shall restore access promptly when the grounds for suspension are resolved.
ARTICLE 4: SERVICE LEVEL AGREEMENT
4.1 Uptime Commitment
Provider commits to the following Monthly Uptime Percentage during each calendar month:
☐ 99.5% Monthly Uptime
☐ 99.9% Monthly Uptime
☐ 99.95% Monthly Uptime
☐ 99.99% Monthly Uptime
☐ Other: [____]%
4.2 Uptime Calculation
Monthly Uptime Percentage = ((Total Minutes in Month - Downtime Minutes) / Total Minutes in Month) × 100
Downtime is measured from when Provider confirms a system-wide outage or when automated monitoring detects unavailability, whichever is earlier.
4.3 Scheduled Maintenance Windows
(a) Standard Maintenance Window: [________________________________]
(b) Provider shall provide at least [____] hours advance notice for scheduled maintenance.
(c) Provider shall use commercially reasonable efforts to perform maintenance during low-usage periods.
(d) Emergency maintenance may be performed without advance notice when necessary to address critical security issues or prevent imminent harm.
4.4 Service Credits
If Provider fails to meet the Monthly Uptime Percentage commitment, Customer shall be entitled to Service Credits as follows:
| Monthly Uptime Percentage | Service Credit (% of Monthly Fee) |
|---|---|
| 99.0% - Below Commitment | 10% |
| 98.0% - 98.99% | 25% |
| 95.0% - 97.99% | 50% |
| Below 95.0% | 100% |
4.5 Service Credit Limitations
(a) Service Credits are Customer's sole and exclusive remedy for Provider's failure to meet the SLA.
(b) Service Credits shall not exceed 100% of the monthly Fees for the affected month.
(c) Service Credits are applied against future invoices and are not redeemable for cash.
(d) Customer must request Service Credits within thirty (30) days of the end of the affected month.
4.6 Service Credit Request Process
To request Service Credits, Customer shall:
(a) Submit a written request to Provider's support team;
(b) Include the date(s) and time(s) of Downtime;
(c) Describe the impact on Customer's operations;
(d) Provide any relevant logs or documentation.
4.7 Performance Monitoring
(a) Provider shall maintain real-time monitoring of Services availability.
(b) Provider shall make uptime statistics available to Customer through [________________________________].
(c) Provider shall notify Customer of any material service disruption within [____] minutes of detection.
4.8 Chronic Failure
If Provider fails to meet the Monthly Uptime Percentage commitment for [____] consecutive months or [____] months in any twelve (12) month period, Customer may terminate this Agreement upon thirty (30) days written notice without penalty and receive a pro-rata refund of prepaid Fees.
ARTICLE 5: CUSTOMER DATA AND DATA PROTECTION
5.1 Customer Data Ownership
(a) As between the parties, Customer retains all right, title, and interest in and to Customer Data.
(b) Provider acquires no rights to Customer Data except the limited license to process Customer Data as necessary to provide the Services.
(c) Customer represents that it has all necessary rights to provide Customer Data to Provider for processing.
5.2 Data Processing
Provider shall:
(a) Process Customer Data only as necessary to provide the Services and as instructed by Customer;
(b) Not access, use, or disclose Customer Data except as required for Service delivery, security, or as compelled by law;
(c) Implement reasonable access controls limiting personnel access to Customer Data on a need-to-know basis;
(d) Ensure personnel with access to Customer Data are bound by confidentiality obligations.
5.3 Data Location
☐ Customer Data shall be stored and processed within the United States
☐ Customer Data shall be stored and processed within: [________________________________]
☐ Customer Data may be stored and processed in any Provider data center location
☐ Customer Data location restrictions: [________________________________]
5.4 Minnesota Consumer Data Privacy Act (MCDPA) Compliance
(a) To the extent Provider acts as a Processor of Consumer Data on behalf of Customer as a Controller under the MCDPA (Minn. Stat. §§ 325M.10–325M.21, effective July 31, 2025), Provider shall:
(i) Process Consumer Data only pursuant to Customer's documented instructions;
(ii) Assist Customer in meeting its obligations to respond to consumer rights requests, including the right to access, correct, delete, and obtain a copy of Consumer Data;
(iii) Provide information necessary for Customer to conduct and document Data Protection Assessments as required by the MCDPA;
(iv) Ensure that each person processing Consumer Data is subject to a duty of confidentiality;
(v) Upon Customer's request, delete or return all Consumer Data at the end of the provision of Services, unless retention is required by law;
(vi) Make available to Customer all information necessary to demonstrate compliance with obligations under the MCDPA.
(b) Provider shall not sell Consumer Data or use Consumer Data for targeted advertising except as expressly authorized by Customer in writing.
(c) Provider shall not combine Consumer Data obtained from different Controllers unless expressly instructed by Customer.
5.5 Information Security Program
Provider shall implement and maintain a comprehensive written information security program that includes:
(a) Risk Assessment: Regular identification and assessment of reasonably foreseeable internal and external threats to Customer Data security;
(b) Safeguards: Implementation of safeguards to control identified risks, including:
- Encryption of Customer Data in transit and at rest using industry-standard protocols
- Multi-factor authentication for administrative access
- Network security controls including firewalls, intrusion detection, and prevention systems
- Regular vulnerability scanning and penetration testing
- Secure software development practices
(c) Access Controls: Role-based access controls and principle of least privilege;
(d) Employee Training: Regular security awareness training for all personnel with access to Customer Data;
(e) Incident Response: Written incident response plan addressing detection, containment, investigation, and notification procedures;
(f) Business Continuity: Disaster recovery and business continuity procedures.
5.6 Security Certifications and Audits
Provider maintains or shall obtain the following certifications:
☐ SOC 2 Type II
☐ ISO 27001
☐ ISO 27017
☐ ISO 27018
☐ HITRUST CSF
☐ FedRAMP (Authorization Level: [____])
☐ PCI DSS (if processing payment data)
☐ Other: [________________________________]
(a) Provider shall maintain such certifications throughout the Subscription Term.
(b) Upon Customer's reasonable written request (no more than once annually), Provider shall provide copies of current audit reports and certifications.
(c) Customer may conduct or commission a security assessment of Provider's facilities and practices upon reasonable advance notice and at Customer's expense, subject to Provider's reasonable security and confidentiality requirements.
5.7 Security Incident Response
(a) Provider shall notify Customer of any Security Incident affecting Customer Data within [____] hours of discovery.
(b) Notification shall include:
- Description of the incident
- Types of data potentially affected
- Measures taken to contain and remediate
- Contact information for further inquiries
- Recommended protective actions for Customer
(c) Provider shall cooperate with Customer in investigating and responding to Security Incidents.
(d) Provider shall preserve evidence related to Security Incidents for forensic investigation.
5.8 Data Breach Notification Under Minnesota Law
In the event of a breach of security requiring notification under Minn. Stat. § 325E.61:
(a) Provider shall notify Customer immediately and in no event later than [____] hours after determining a breach has occurred;
(b) If the breach affects more than 500 Minnesota residents, Provider shall cooperate with Customer in notifying all consumer reporting agencies within forty-eight (48) hours, as required by Minn. Stat. § 325E.61;
(c) Provider shall cooperate with Customer in fulfilling notification obligations to affected individuals and the Minnesota Attorney General;
(d) Provider shall bear the costs of notification and credit monitoring services if the breach results from Provider's negligence or failure to comply with this Agreement.
5.9 Subprocessors
(a) Provider may engage subprocessors to assist in providing the Services, provided:
- Subprocessors are bound by data protection obligations no less protective than this Agreement
- Provider remains liable for subprocessor compliance
- Provider maintains an updated list of subprocessors
(b) Provider shall notify Customer of any material changes to subprocessors at least [____] days in advance.
(c) Customer may object to new subprocessors; if Provider proceeds over Customer's objection, Customer may terminate without penalty.
5.10 Data Backup and Recovery
(a) Provider shall perform [________________________________] backups of Customer Data.
(b) Backups shall be retained for [____] days.
(c) Provider shall maintain the capability to restore Customer Data from backup within [____] hours of a request.
(d) Provider shall test backup restoration procedures at least [________________________________].
ARTICLE 6: FEES, PAYMENT, AND TAXES
6.1 Subscription Fees
Customer shall pay the following subscription Fees:
| Description | Amount | Billing Frequency |
|---|---|---|
| Base Subscription Fee | $[________________________________] | ☐ Monthly ☐ Quarterly ☐ Annually |
| Per User Fee | $[________________________________] per user | ☐ Monthly ☐ Quarterly ☐ Annually |
| Data Storage (above included amount) | $[________________________________] per GB | ☐ Monthly ☐ Quarterly ☐ Annually |
| API Calls (above included amount) | $[________________________________] per 1,000 calls | ☐ Monthly ☐ Quarterly ☐ Annually |
| Additional Modules/Features | $[________________________________] | ☐ Monthly ☐ Quarterly ☐ Annually |
6.2 Professional Services Fees
| Service | Rate/Fee | Estimate |
|---|---|---|
| Implementation Services | $[________________________________] | [________________________________] |
| Training Services | $[________________________________] per hour/day | [________________________________] |
| Custom Development | $[________________________________] per hour | [________________________________] |
| Consulting Services | $[________________________________] per hour | [________________________________] |
| On-Site Services | $[________________________________] per day plus expenses | [________________________________] |
6.3 Payment Terms
(a) Invoicing: Provider shall invoice Customer:
☐ In advance for each billing period
☐ Upon execution of this Agreement for the first year
☐ According to payment milestones in the Order Form
☐ Other: [________________________________]
(b) Payment Due: All invoices are due and payable within [____] days of invoice date.
(c) Payment Method:
☐ ACH/Wire Transfer
☐ Credit Card (subject to processing fees of [____]%)
☐ Check
☐ Other: [________________________________]
6.4 Taxes — Minnesota SaaS Tax Treatment
(a) All Fees are exclusive of taxes unless otherwise stated.
(b) Minnesota SaaS Tax Status: As of the date of this Agreement, remotely accessed software (SaaS) is generally not subject to Minnesota sales tax under Minn. Stat. § 297A.61, which taxes prewritten computer software but does not extend to subscriptions for online hosted software that is not delivered via tangible medium or download. However, prewritten software delivered electronically for download is taxable at the state rate of 6.875%. The parties acknowledge that Minnesota tax treatment of SaaS may change, and Customer should consult with a tax advisor regarding current applicability.
(c) Customer is responsible for all applicable sales, use, value-added, and similar taxes arising from the transactions contemplated herein.
(d) Customer shall provide valid exemption certificates if applicable.
(e) Provider is responsible for taxes based on Provider's income.
6.5 Late Payment
(a) Late payments shall bear interest at the rate of six percent (6%) per annum as provided by Minn. Stat. § 334.01, or such other rate as the parties may agree to in writing, not to exceed eight percent (8%) per annum under Minn. Stat. § 334.01.
(b) Customer shall reimburse Provider's reasonable collection costs, including attorneys' fees.
(c) Provider may suspend Services for undisputed amounts more than [____] days past due.
MINNESOTA PRACTITIONER NOTE: Minn. Stat. § 334.01 sets the legal rate of interest at 6% per annum. Parties may agree in writing to a rate up to 8%. Charging interest in excess of 8% without a statutory exemption (e.g., for certain business or agricultural loans under Minn. Stat. § 334.011) may constitute usury and result in forfeiture of the entire interest.
6.6 Fee Disputes
(a) Customer shall notify Provider of any disputed charges within [____] days of invoice date.
(b) Customer shall pay all undisputed amounts by the due date.
(c) The parties shall work in good faith to resolve disputes within [____] days.
(d) Provider shall not suspend Services for amounts subject to a bona fide dispute.
6.7 Price Increases
(a) Fees are fixed for the Initial Term.
(b) Provider may increase Fees for Renewal Terms by providing written notice at least [____] days before the Renewal Term.
(c) Fee increases shall not exceed [____]% annually unless Provider's costs increase substantially.
ARTICLE 7: INTELLECTUAL PROPERTY RIGHTS
7.1 Provider Intellectual Property
(a) Provider retains all right, title, and interest in and to the Services, Documentation, and all related intellectual property, including:
- Software code, architecture, and design
- Algorithms, processes, and methodologies
- User interfaces and user experience designs
- Trade Secrets as defined under Minn. Stat. § 325C.01, subd. 5
- All improvements, modifications, and derivative works
(b) No license or right is granted except as expressly set forth herein.
(c) Customer shall not acquire any ownership interest in the Services by virtue of this Agreement.
7.2 Customer Intellectual Property
(a) Customer retains all right, title, and interest in and to Customer Data and Customer's pre-existing intellectual property.
(b) Customer grants Provider a limited, non-exclusive license to use Customer Data solely as necessary to provide the Services.
7.3 Feedback
(a) If Customer provides suggestions, ideas, or feedback regarding the Services ("Feedback"), Provider may use such Feedback without restriction or compensation.
(b) Customer hereby assigns to Provider all rights in any Feedback.
7.4 Aggregated Data
(a) Provider may collect and analyze aggregated, anonymized data derived from Customer's use of the Services that does not identify Customer or any individual ("Aggregated Data").
(b) Provider may use Aggregated Data to improve the Services, develop new products, and for other lawful business purposes.
(c) Provider owns all right, title, and interest in Aggregated Data.
(d) MCDPA Compliance: Provider shall ensure that Aggregated Data is fully de-identified in accordance with MCDPA requirements and that Provider does not attempt to re-identify such data.
7.5 Custom Development
For any custom development performed under this Agreement:
☐ Provider Ownership: Provider owns all custom developments; Customer receives a license to use
☐ Customer Ownership: Customer owns all custom developments; Provider receives a license to incorporate into Services
☐ Joint Ownership: Parties jointly own custom developments
☐ Work Made for Hire: Custom developments are works made for hire owned by Customer
☐ As Specified: Ownership determined per individual Statement of Work
ARTICLE 8: CONFIDENTIALITY
8.1 Confidentiality Obligations
Each party agrees to:
(a) Maintain the confidentiality of the other party's Confidential Information using at least the same degree of care it uses to protect its own confidential information, but no less than reasonable care;
(b) Not disclose Confidential Information to any third party except as expressly permitted herein;
(c) Use Confidential Information only for purposes of performing obligations or exercising rights under this Agreement;
(d) Limit access to Confidential Information to employees, contractors, and agents with a need to know who are bound by confidentiality obligations.
8.2 Exclusions
Confidential Information does not include information that:
(a) Is or becomes publicly available through no fault of the receiving party;
(b) Was rightfully known to the receiving party without restriction before disclosure;
(c) Is rightfully obtained from a third party without breach of confidentiality;
(d) Is independently developed without use of Confidential Information.
8.3 Permitted Disclosures
A party may disclose Confidential Information:
(a) To its professional advisors bound by professional confidentiality obligations;
(b) As required by law, regulation, or court order, provided the disclosing party gives prompt notice (if legally permitted) to allow the other party to seek protective measures;
(c) In connection with a merger, acquisition, or financing, subject to confidentiality agreements.
8.4 Trade Secret Protection Under Minnesota Law
(a) The parties acknowledge that certain Confidential Information may constitute Trade Secrets under the Minnesota Uniform Trade Secrets Act (Minn. Stat. §§ 325C.01–325C.08).
(b) Each party agrees to maintain reasonable measures to preserve the secrecy of Trade Secrets as required by Minn. Stat. § 325C.01, subd. 5.
(c) The parties acknowledge that misappropriation of Trade Secrets may give rise to injunctive relief under Minn. Stat. § 325C.02 and damages (including exemplary damages for willful misappropriation) under Minn. Stat. § 325C.03.
(d) The statute of limitations for trade secret misappropriation claims under Minnesota law is three (3) years from discovery (Minn. Stat. § 325C.06).
8.5 Duration
Confidentiality obligations shall survive termination of this Agreement for a period of [____] years, except that obligations regarding Trade Secrets shall continue for as long as the information qualifies as a Trade Secret under applicable law.
8.6 Return or Destruction
Upon termination or upon request, each party shall return or destroy the other party's Confidential Information and certify such return or destruction in writing.
ARTICLE 9: REPRESENTATIONS AND WARRANTIES
9.1 Provider Warranties
Provider warrants that:
(a) Performance Warranty: The Services will perform materially in accordance with the Documentation during the Subscription Term;
(b) Authority: Provider has full power and authority to enter into this Agreement and grant the rights herein;
(c) Non-Infringement: To Provider's knowledge, the Services do not infringe any third party's intellectual property rights;
(d) Malicious Code: The Services will not contain Malicious Code introduced by Provider;
(e) Compliance: Provider will comply with all laws applicable to Provider's provision of the Services, including the MCDPA to the extent applicable;
(f) Personnel: Provider's personnel performing Professional Services will have the necessary skills and qualifications;
(g) Security: Provider will maintain the security program described in Article 5.
9.2 Customer Warranties
Customer warrants that:
(a) Customer has full power and authority to enter into this Agreement;
(b) Customer owns or has the right to provide Customer Data to Provider;
(c) Customer Data does not violate third-party rights or applicable law;
(d) Customer will use the Services in compliance with this Agreement and applicable law.
9.3 Warranty Remedies
For breach of Provider's Performance Warranty:
(a) Customer shall notify Provider of any warranty claim within [____] days of discovery;
(b) Provider shall use commercially reasonable efforts to correct the non-conformity;
(c) If Provider cannot correct the non-conformity within [____] days, Customer may terminate the affected Services and receive a pro-rata refund.
9.4 Disclaimer of Warranties
EXCEPT FOR THE EXPRESS WARRANTIES IN THIS ARTICLE, TO THE MAXIMUM EXTENT PERMITTED BY MINN. STAT. § 336.2-316:
(a) PROVIDER MAKES NO OTHER WARRANTIES, EXPRESS OR IMPLIED, INCLUDING IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE, AND NON-INFRINGEMENT;
(b) PROVIDER DOES NOT WARRANT THAT THE SERVICES WILL BE UNINTERRUPTED, ERROR-FREE, OR COMPLETELY SECURE;
(c) PROVIDER DOES NOT WARRANT THAT THE SERVICES WILL MEET CUSTOMER'S SPECIFIC REQUIREMENTS;
(d) ANY THIRD-PARTY COMPONENTS ARE PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND.
MINNESOTA UCC NOTE: Under Minn. Stat. § 336.2-316, to exclude or modify the implied warranty of merchantability, the disclaimer must mention "merchantability" and, if in writing, must be conspicuous. To exclude or modify any implied warranty of fitness, the exclusion must be in writing and conspicuous. This disclaimer is presented in conspicuous uppercase text to satisfy these requirements.
ARTICLE 10: INDEMNIFICATION
10.1 Provider Indemnification
Provider shall defend, indemnify, and hold harmless Customer, its Affiliates, and their respective officers, directors, employees, and agents from and against any third-party claims, damages, losses, liabilities, and expenses (including reasonable attorneys' fees) arising from:
(a) Allegations that the Services infringe any United States patent, copyright, trademark, or misappropriate any trade secret;
(b) Provider's gross negligence or willful misconduct;
(c) Provider's material breach of its data security obligations under Article 5;
(d) Provider's violation of applicable law in its provision of the Services, including violations of the MCDPA.
10.2 IP Indemnification Exclusions
Provider's indemnification obligations do not apply to claims arising from:
(a) Modifications to the Services made by Customer without Provider's authorization;
(b) Combination of the Services with products, services, or data not provided by Provider;
(c) Customer's use of the Services after Provider notifies Customer of allegedly infringing activity;
(d) Customer Data or Customer's specifications that caused the alleged infringement;
(e) Use of a non-current version of the Services if infringement would have been avoided by using the current version.
10.3 IP Infringement Remedies
If the Services become, or in Provider's reasonable judgment are likely to become, subject to an infringement claim, Provider may at its option:
(a) Obtain the right for Customer to continue using the Services;
(b) Modify the Services to make them non-infringing while maintaining material functionality; or
(c) If (a) and (b) are not commercially reasonable, terminate the affected Services and refund prepaid Fees for the unused portion of the Subscription Term.
10.4 Customer Indemnification
Customer shall defend, indemnify, and hold harmless Provider, its Affiliates, and their respective officers, directors, employees, and agents from and against any third-party claims, damages, losses, liabilities, and expenses (including reasonable attorneys' fees) arising from:
(a) Customer Data, including claims that Customer Data infringes or violates third-party rights;
(b) Customer's breach of the Acceptable Use Policy;
(c) Customer's gross negligence or willful misconduct;
(d) Customer's violation of applicable law in its use of the Services.
10.5 Indemnification Procedures
The indemnified party shall:
(a) Provide prompt written notice of any claim (failure to provide prompt notice shall not relieve the indemnifying party except to the extent materially prejudiced);
(b) Grant the indemnifying party sole control of the defense and settlement;
(c) Provide reasonable cooperation at the indemnifying party's expense;
(d) Not settle any claim without the indemnifying party's prior written consent.
10.6 Minnesota Indemnification Standards
In accordance with Minnesota law:
(a) Indemnification provisions seeking to indemnify a party for its own negligence must be clear and unequivocal;
(b) This Agreement does not purport to require either party to indemnify the other for claims arising from the indemnified party's sole negligence;
(c) Each party's indemnification obligations are limited to claims arising from the matters expressly described in this Article.
ARTICLE 11: LIMITATION OF LIABILITY
11.1 Exclusion of Consequential Damages
TO THE MAXIMUM EXTENT PERMITTED BY MINN. STAT. § 336.2-719 AND APPLICABLE MINNESOTA LAW, NEITHER PARTY SHALL BE LIABLE TO THE OTHER FOR ANY INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, PUNITIVE, OR EXEMPLARY DAMAGES, INCLUDING DAMAGES FOR LOST PROFITS, LOST REVENUES, LOST DATA, LOSS OF GOODWILL, BUSINESS INTERRUPTION, OR COST OF PROCUREMENT OF SUBSTITUTE SERVICES, ARISING OUT OF OR RELATED TO THIS AGREEMENT, REGARDLESS OF THE THEORY OF LIABILITY (CONTRACT, TORT, STRICT LIABILITY, OR OTHERWISE) AND EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
11.2 Liability Cap
EXCEPT AS PROVIDED IN SECTION 11.3, EACH PARTY'S TOTAL CUMULATIVE LIABILITY ARISING OUT OF OR RELATED TO THIS AGREEMENT, WHETHER IN CONTRACT, TORT, OR OTHERWISE, SHALL NOT EXCEED:
☐ The total Fees paid or payable by Customer during the twelve (12) months preceding the claim
☐ The total Fees paid or payable by Customer during the twenty-four (24) months preceding the claim
☐ $[________________________________]
☐ Other: [________________________________]
11.3 Exceptions to Limitations
The limitations in Sections 11.1 and 11.2 shall not apply to:
(a) Either party's indemnification obligations under Article 10;
(b) Either party's breach of confidentiality obligations under Article 8;
(c) Customer's payment obligations;
(d) Claims arising from a party's gross negligence or willful misconduct;
(e) Claims arising from Provider's breach of its data security obligations resulting in unauthorized disclosure of Customer Data;
(f) Claims arising from Provider's unauthorized use or disclosure of Customer Data beyond the scope permitted by this Agreement.
11.4 Enhanced Liability Cap for Certain Claims
For claims described in Section 11.3(b) and (e), each party's liability shall not exceed:
☐ Two (2) times the general liability cap
☐ Three (3) times the general liability cap
☐ $[________________________________]
☐ No enhanced cap (unlimited liability)
11.5 Minnesota Enforceability Standards
(a) The parties acknowledge that under Minnesota law, limitation of liability provisions are enforceable between experienced business parties in negotiated agreements, provided such provisions are conspicuous, clear, and unambiguous, and are not unconscionable or contrary to public policy.
(b) The limitations in this Article are presented in conspicuous uppercase text and reflect a reasonable allocation of risk between sophisticated commercial parties.
11.6 Essential Purpose
THE PARTIES AGREE THAT THE LIMITATIONS AND EXCLUSIONS OF LIABILITY AND DISCLAIMERS SPECIFIED IN THIS AGREEMENT WILL SURVIVE AND APPLY EVEN IF FOUND TO HAVE FAILED OF THEIR ESSENTIAL PURPOSE.
ARTICLE 12: TERM, RENEWAL, AND TERMINATION
12.1 Initial Term
This Agreement shall commence on the Effective Date and continue for an Initial Term of:
☐ One (1) year
☐ Two (2) years
☐ Three (3) years
☐ Other: [________________________________]
12.2 Renewal
(a) This Agreement shall automatically renew for successive Renewal Terms of [________________________________] unless either party provides written notice of non-renewal at least [____] days before the end of the then-current term.
(b) Provider shall provide Customer with written notice of automatic renewal not less than thirty (30) days nor more than sixty (60) days before the renewal deadline, clearly disclosing:
- That the Agreement will automatically renew unless cancelled
- The renewal Fees that will be charged
- Methods to obtain renewal details and cancellation procedures
(c) Customer may terminate at any time for convenience by providing [____] days written notice, subject to payment of:
☐ All Fees through the end of the then-current term
☐ Early termination fee of [________________________________]
☐ No early termination fee
☐ Other: [________________________________]
12.3 Termination for Cause
Either party may terminate this Agreement immediately upon written notice if:
(a) The other party materially breaches this Agreement and fails to cure within [____] days after written notice;
(b) The other party becomes insolvent, files for bankruptcy, or makes an assignment for the benefit of creditors;
(c) The other party ceases to conduct business in the normal course.
12.4 Provider Termination Rights
Provider may terminate this Agreement:
(a) Immediately if Customer's use of the Services violates applicable law or poses a threat to Provider's systems or other customers;
(b) If Customer fails to pay undisputed Fees within [____] days after a second written notice;
(c) If Customer repeatedly breaches the Acceptable Use Policy.
12.5 Customer Termination Rights
Customer may terminate this Agreement:
(a) If Provider fails to meet the SLA for [____] consecutive months pursuant to Section 4.8;
(b) If Provider experiences a Security Incident materially affecting Customer Data and fails to remediate within a reasonable time;
(c) If Provider materially changes the Services in a way that significantly reduces functionality.
12.6 Refund Upon Termination
(a) If Customer terminates for cause, Provider shall refund prepaid Fees for the unused portion of the Subscription Term.
(b) If Provider terminates for cause, no refund shall be due.
(c) If either party terminates for convenience, refund shall be as specified in Section 12.2(c).
12.7 Effect of Expiration or Termination
Upon expiration or termination of this Agreement:
(a) All rights and licenses granted to Customer shall immediately terminate;
(b) Customer shall immediately cease all use of the Services;
(c) Customer shall pay all outstanding Fees for Services rendered through the termination date;
(d) Each party shall return or destroy Confidential Information as directed by the disclosing party;
(e) Provisions that by their nature should survive shall continue in effect.
ARTICLE 13: DATA PORTABILITY AND TRANSITION SERVICES
13.1 Data Export During Subscription
During the Subscription Term, Customer may export Customer Data at any time through:
☐ Self-service export functionality within the Services
☐ API access for programmatic data retrieval
☐ Provider-assisted export upon request
☐ Other: [________________________________]
13.2 Data Export Format
Customer Data shall be made available in the following formats:
☐ CSV (Comma-Separated Values)
☐ JSON (JavaScript Object Notation)
☐ XML (Extensible Markup Language)
☐ Native application format
☐ Database dump (SQL format)
☐ Other: [________________________________]
13.3 Transition Assistance
Upon expiration or termination, Provider shall:
(a) Provide Customer access to export Customer Data for a period of [____] days following the termination effective date;
(b) Provide reasonable assistance with data migration at Provider's then-current Professional Services rates;
(c) Continue to maintain Customer Data security during the transition period.
13.4 Data Deletion
(a) Upon Customer's written request following the transition period, or upon expiration of the transition period without a request for extension, Provider shall:
- Delete all Customer Data from production systems within [____] days
- Delete Customer Data from backup systems within [____] days or upon normal backup rotation
(b) Provider shall provide written certification of deletion upon Customer's request.
(c) Provider may retain Customer Data as required by law or for legitimate legal purposes, subject to continued confidentiality obligations.
13.5 Survival of Data Obligations
Provider's obligations regarding Customer Data confidentiality and security shall survive termination until all Customer Data has been deleted or returned.
ARTICLE 14: INSURANCE REQUIREMENTS
14.1 Required Insurance
Provider shall maintain the following insurance coverages during the Subscription Term and for [____] years thereafter:
| Coverage Type | Minimum Limit | Requirements |
|---|---|---|
| Commercial General Liability | $[________________________________] per occurrence / $[________________________________] aggregate | Including products/completed operations |
| Professional Liability/E&O | $[________________________________] per claim / $[________________________________] aggregate | Covering technology professional services |
| Cyber Liability/Data Breach | $[________________________________] per incident / $[________________________________] aggregate | Including network security, privacy liability, breach response |
| Workers' Compensation | Statutory limits | As required by Minnesota law |
| Employer's Liability | $[________________________________] | Per accident and disease |
| Umbrella/Excess Liability | $[________________________________] | Excess of primary coverages |
14.2 Insurance Requirements
(a) All insurance shall be provided by carriers with an A.M. Best rating of A- or better;
(b) Provider shall provide certificates of insurance upon Customer's request;
(c) Policies shall be primary and non-contributory with respect to Customer's insurance;
(d) Provider shall provide at least thirty (30) days advance notice of cancellation or material change;
(e) Commercial General Liability and Umbrella policies shall name Customer as an additional insured;
(f) Professional Liability and Cyber Liability policies shall include coverage for Provider's subcontractors.
14.3 Self-Insurance
☐ Provider may self-insure for: [________________________________]
☐ Self-insurance is not permitted
ARTICLE 15: DISPUTE RESOLUTION
15.1 Governing Law
This Agreement shall be governed by and construed in accordance with the laws of the State of Minnesota, without regard to its conflict of laws principles.
15.2 Venue and Jurisdiction
The parties consent to the exclusive jurisdiction and venue of the state and federal courts located in:
☐ Hennepin County, Minnesota
☐ Ramsey County, Minnesota
☐ [________________________________] County, Minnesota
Each party waives any objection to such jurisdiction and venue, including inconvenient forum.
15.3 Dispute Resolution Process
Before initiating litigation, the parties agree to the following escalation process:
Step 1 - Informal Resolution: Representatives shall attempt to resolve disputes informally within [____] business days.
Step 2 - Executive Escalation: If unresolved, disputes shall be escalated to each party's executive officer (or designee) for resolution within [____] business days.
Step 3 - Mediation: If still unresolved, the parties shall participate in mediation administered by [________________________________] before commencing litigation. Mediation costs shall be shared equally.
☐ Step 4 - Arbitration (Optional):
If mediation is unsuccessful, disputes shall be resolved by binding arbitration administered by [________________________________] in accordance with its Commercial Arbitration Rules. The arbitration shall be conducted in [________________________________], Minnesota. Judgment on the award may be entered in any court of competent jurisdiction.
15.4 Jury Trial Waiver
TO THE FULLEST EXTENT PERMITTED BY MINNESOTA LAW, EACH PARTY HEREBY WAIVES ITS RIGHT TO A JURY TRIAL IN ANY ACTION, PROCEEDING, OR COUNTERCLAIM ARISING OUT OF OR RELATING TO THIS AGREEMENT OR THE TRANSACTIONS CONTEMPLATED HEREBY.
MINNESOTA PRACTITIONER NOTE: Jury trial waivers are generally enforceable in Minnesota in commercial contracts between sophisticated business parties, provided the waiver is knowing, voluntary, and conspicuous. Minnesota courts examine the equal bargaining power of the parties and business sophistication. This waiver is presented in conspicuous uppercase text and is mutual to enhance enforceability.
15.5 Injunctive Relief
Notwithstanding any dispute resolution procedures, either party may seek injunctive or other equitable relief from any court of competent jurisdiction to prevent irreparable harm pending resolution of disputes.
15.6 Prevailing Party
In any legal proceeding arising out of this Agreement, the prevailing party shall be entitled to recover its reasonable attorneys' fees and costs from the non-prevailing party.
ARTICLE 16: GENERAL PROVISIONS
16.1 Entire Agreement
This Agreement, including all Order Forms, Statements of Work, and exhibits, constitutes the entire agreement between the parties regarding its subject matter and supersedes all prior and contemporaneous agreements, proposals, and representations, whether written or oral.
16.2 Amendments
No amendment to this Agreement shall be effective unless in writing and signed by authorized representatives of both parties.
16.3 Order of Precedence
In the event of conflict, the following order of precedence applies: (1) Order Forms; (2) Statements of Work; (3) this Agreement; (4) Documentation.
16.4 Assignment
Neither party may assign this Agreement without the other party's prior written consent, except that either party may assign to an Affiliate or in connection with a merger, acquisition, or sale of substantially all assets. Any purported assignment in violation of this Section is void.
16.5 Non-Compete Restriction Prohibition
The parties acknowledge that under Minn. Stat. § 181.988, effective July 1, 2023, covenants not to compete with employees and independent contractors are generally void and unenforceable in Minnesota. Nothing in this Agreement shall be construed as a covenant not to compete with any employee or independent contractor of either party. This Section does not affect the enforceability of non-disclosure agreements protecting Trade Secrets or Confidential Information, or non-solicitation agreements, which are permissible under Minnesota law.
16.6 Notices
Notices shall be in writing and delivered by certified mail, overnight courier, or email with confirmation, to the addresses set forth herein or as updated by notice.
| Party | Notice Address |
|---|---|
| Provider | [________________________________] |
| [________________________________] | |
| Email: [________________________________] | |
| Customer | [________________________________] |
| [________________________________] | |
| Email: [________________________________] |
16.7 Force Majeure
Neither party shall be liable for failure or delay in performance due to causes beyond its reasonable control, including acts of God, natural disasters, war, terrorism, riots, government actions, pandemics, or failures of telecommunications or power. The affected party shall provide prompt notice and use reasonable efforts to mitigate. If force majeure continues for more than [____] days, either party may terminate affected Services without liability.
16.8 Waiver
No waiver of any right or remedy shall be effective unless in writing. No waiver shall constitute a waiver of any other or subsequent right or remedy.
16.9 Severability
If any provision of this Agreement is held invalid or unenforceable, the remaining provisions shall continue in effect. The parties shall negotiate in good faith to replace the invalid provision with a valid provision that achieves the original intent.
16.10 Independent Contractors
The parties are independent contractors. This Agreement does not create a partnership, joint venture, agency, or employment relationship.
16.11 Third-Party Beneficiaries
This Agreement is for the benefit of the parties and their permitted successors and assigns. There are no third-party beneficiaries except as expressly provided regarding indemnification.
16.12 Compliance with Laws
Each party shall comply with all applicable laws, regulations, and ordinances in the performance of its obligations under this Agreement, including the Minnesota Consumer Data Privacy Act, the Minnesota Consumer Fraud Act, and all applicable data protection laws.
16.13 Export Compliance
Customer shall comply with all applicable export control laws and regulations, including the U.S. Export Administration Regulations, and shall not export, re-export, or transfer the Services to prohibited destinations, entities, or individuals.
16.14 Government Customers
If Customer is a government entity, additional terms may apply per the Order Form. The Services are "commercial items" as defined at 48 C.F.R. § 2.101.
16.15 Electronic Signatures
In accordance with the Minnesota Uniform Electronic Transactions Act (Minn. Stat. Chapter 325L):
(a) This Agreement may be executed electronically;
(b) Electronic signatures have the same legal effect as original signatures;
(c) Electronic records satisfy any requirement that records be in writing.
16.16 Counterparts
This Agreement may be executed in counterparts, each of which shall be deemed an original and all of which together shall constitute one instrument.
16.17 Publicity
Neither party shall issue press releases or public announcements regarding this Agreement without the other party's prior written consent, except as required by law.
16.18 Construction
This Agreement shall be construed without regard to any presumption against the party that drafted it. Headings are for convenience only and do not affect interpretation.
ARTICLE 17: EXECUTION
By signing below, the parties acknowledge that they have read, understand, and agree to be bound by all terms and conditions of this Agreement.
PRE-EXECUTION CHECKLIST
Provider Verification:
☐ All Order Forms completed and attached
☐ Pricing confirmed and documented
☐ Service level commitments confirmed
☐ Security certifications current
☐ Insurance certificates available
☐ Implementation timeline established
☐ MCDPA compliance verified (if applicable)
☐ Legal review completed
☐ Authority to sign verified
Customer Verification:
☐ Business requirements documented
☐ Technical requirements reviewed
☐ Security requirements addressed
☐ MCDPA compliance requirements satisfied (if applicable)
☐ Budget approval obtained
☐ Internal stakeholder approval obtained
☐ Legal review completed
☐ Authority to sign verified
SIGNATURE PAGE
PROVIDER
[________________________________]
| Field | Information |
|---|---|
| Signature | ________________________________________________ |
| Printed Name | [________________________________] |
| Title | [________________________________] |
| Date | [__/__/____] |
CUSTOMER
[________________________________]
| Field | Information |
|---|---|
| Signature | ________________________________________________ |
| Printed Name | [________________________________] |
| Title | [________________________________] |
| Date | [__/__/____] |
EXHIBIT A: ORDER FORM
Order Form Number: [________________________________]
Order Form Effective Date: [__/__/____]
Services Ordered
| Service/Module | Description | Quantity | Unit Price | Total |
|---|---|---|---|---|
| [________________________________] | [________________________________] | [____] | $[________] | $[________] |
| [________________________________] | [________________________________] | [____] | $[________] | $[________] |
| [________________________________] | [________________________________] | [____] | $[________] | $[________] |
| [________________________________] | [________________________________] | [____] | $[________] | $[________] |
Subscription Details
| Field | Value |
|---|---|
| Initial Term | [________________________________] |
| Renewal Term | [________________________________] |
| Billing Frequency | ☐ Monthly ☐ Quarterly ☐ Annually |
| Payment Terms | Net [____] days |
| Support Tier | ☐ Standard ☐ Premium ☐ Enterprise |
| Uptime Commitment | [____]% |
Pricing Summary
| Category | Amount |
|---|---|
| Annual Subscription Fees | $[________________________________] |
| One-Time Implementation Fees | $[________________________________] |
| Annual Support Fees (if separate) | $[________________________________] |
| Total First Year Investment | $[________________________________] |
Special Terms
[________________________________]
[________________________________]
PROVIDER: ___________________________ Date: [__/__/____]
CUSTOMER: ___________________________ Date: [__/__/____]
EXHIBIT B: SERVICE LEVEL AGREEMENT DETAILS
B.1 Availability Measurement
Provider measures availability using [________________________________].
B.2 Excluded Events
The following are excluded from availability calculations:
☐ Scheduled maintenance within designated windows
☐ Emergency maintenance for security issues
☐ Customer-caused issues
☐ Third-party service failures
☐ Force majeure events
☐ Network issues outside Provider's control
B.3 Maintenance Schedule
| Maintenance Type | Window | Frequency | Notice Required |
|---|---|---|---|
| Standard Maintenance | [________________________________] | [________] | [____] hours |
| Major Updates | [________________________________] | [________] | [____] days |
| Emergency Maintenance | As needed | As needed | Best efforts |
B.4 Monitoring and Reporting
Provider shall:
(a) Monitor Services availability 24/7/365;
(b) Provide real-time status at: [________________________________];
(c) Provide monthly availability reports upon request;
(d) Alert Customer of outages within [____] minutes.
B.5 Support Tiers and Response Times
| Severity Level | Description | Standard Support | Premium Support | Enterprise Support |
|---|---|---|---|---|
| Critical (S1) | Complete system outage; all users affected | 4 hours | 2 hours | 30 minutes |
| High (S2) | Major functionality impaired; significant user impact | 8 hours | 4 hours | 1 hour |
| Medium (S3) | Partial functionality affected; workaround available | 24 hours | 12 hours | 4 hours |
| Low (S4) | Minor issues; questions; enhancement requests | 72 hours | 48 hours | 24 hours |
EXHIBIT C: DATA PROCESSING ADDENDUM
C.1 Scope
This Data Processing Addendum ("DPA") supplements the Agreement with respect to Provider's processing of Personal Information and Consumer Data on behalf of Customer, including processing subject to the MCDPA.
C.2 Definitions
Terms not defined herein have the meanings set forth in the Agreement.
C.3 Customer Responsibilities
Customer shall:
(a) Ensure a lawful basis exists for processing Personal Information and Consumer Data;
(b) Provide clear and accurate instructions to Provider;
(c) Comply with applicable data protection laws, including the MCDPA.
C.4 Provider Responsibilities
Provider shall:
(a) Process Personal Information and Consumer Data only as instructed by Customer;
(b) Ensure personnel are bound by confidentiality obligations;
(c) Implement appropriate technical and organizational security measures;
(d) Assist Customer with data subject and consumer rights requests under the MCDPA;
(e) Delete or return Personal Information and Consumer Data upon termination;
(f) Make available information necessary to demonstrate compliance.
C.5 Subprocessors
(a) Customer authorizes Provider to engage subprocessors listed at: [________________________________]
(b) Provider shall notify Customer of subprocessor changes [____] days in advance.
C.6 Data Transfers
If Personal Information is transferred outside the United States, Provider shall ensure appropriate safeguards are in place.
C.7 Data Protection Assessments
Provider shall cooperate with Customer in conducting Data Protection Assessments required by the MCDPA for processing activities that present a heightened risk of harm to consumers.
C.8 Audit Rights
Upon reasonable notice, Customer may audit Provider's compliance with this DPA, subject to confidentiality obligations.
EXHIBIT D: ACCEPTABLE USE POLICY
D.1 Purpose
This Acceptable Use Policy ("AUP") governs Customer's and Authorized Users' use of the Services and is incorporated into and made part of the Agreement.
D.2 Prohibited Uses
In addition to the restrictions set forth in Article 3 of the Agreement, Customer and Authorized Users shall not use the Services to:
(a) Violate any applicable federal, state (including Minnesota), or local law or regulation;
(b) Store, transmit, or process content that infringes intellectual property rights;
(c) Distribute spam, phishing attempts, or other unsolicited communications;
(d) Interfere with other customers' use of the Services;
(e) Attempt to probe, scan, or test vulnerabilities of the Services without authorization;
(f) Use the Services in violation of the MCDPA or other data privacy laws.
D.3 Enforcement
Provider may enforce this AUP through the measures described in Section 3.4 of the Agreement.
PRACTITIONER NOTES FOR MINNESOTA
Key Minnesota-Specific Considerations
-
Minnesota Consumer Data Privacy Act (MCDPA): Effective July 31, 2025 (Minn. Stat. §§ 325M.10–325M.21). This comprehensive privacy law grants consumers rights to access, correct, delete, and obtain copies of their data, and imposes obligations on controllers and processors. SaaS providers processing consumer data must comply with MCDPA requirements, including data protection assessments and limitations on data sales and targeted advertising.
-
Non-Compete Ban: Under Minn. Stat. § 181.988 (effective July 1, 2023), non-compete agreements with employees and independent contractors are void and unenforceable in Minnesota. This does not affect non-disclosure or non-solicitation agreements. Practitioners should ensure SaaS agreements do not inadvertently include impermissible non-compete provisions.
-
Interest Rate: The legal default rate of interest in Minnesota is 6% per annum (Minn. Stat. § 334.01). Parties may agree in writing to a maximum of 8% per annum. Exceeding these limits without a statutory exemption constitutes usury and may result in forfeiture of all interest.
-
SaaS Tax Treatment: Remotely accessed SaaS is generally not subject to Minnesota sales tax. However, prewritten computer software delivered electronically for download is taxable at the 6.875% state rate under Minn. Stat. § 297A.61. Verify current treatment with the Minnesota Department of Revenue.
-
Data Breach Notification: Minn. Stat. § 325E.61 requires notification without unreasonable delay. If more than 500 persons are affected, consumer reporting agencies must be notified within 48 hours.
-
Trade Secrets: The Minnesota Uniform Trade Secrets Act (Minn. Stat. §§ 325C.01–325C.08) provides for injunctive relief and damages (including exemplary damages for willful misappropriation). The statute of limitations is three years from discovery.
-
Jury Trial Waivers: Generally enforceable in Minnesota in commercial contracts between sophisticated parties, provided they are knowing, voluntary, and conspicuous. Courts consider the relative bargaining power and business sophistication of the parties.
-
Limitation of Liability: Enforceable between experienced business parties where provisions are conspicuous, clear, and unambiguous, and not unconscionable or contrary to public policy. Limitations that purport to limit liability for greater-than-ordinary negligence in consumer contexts may be void.
-
UCC Warranty Disclaimers: Must mention "merchantability" by name and be conspicuous if in writing (Minn. Stat. § 336.2-316). Fitness disclaimers must be in writing and conspicuous.
-
Consumer Fraud Act: The Minnesota Prevention of Consumer Fraud Act (Minn. Stat. § 325F.69) prohibits deceptive trade practices. Practitioners should ensure SaaS agreements and marketing materials do not contain misleading representations.
This Enterprise Software as a Service Agreement template is designed for use in Minnesota and incorporates applicable Minnesota statutory requirements, including the Minnesota Consumer Data Privacy Act (MCDPA), data breach notification requirements, and the state's non-compete ban. Legal counsel should review this Agreement before execution to ensure compliance with current law and suitability for specific business needs.
About This Template
A contract is a written record of what two or more parties agreed to and what happens if someone does not follow through. Clear language, defined terms, and clean signature blocks keep disputes small and enforceable. The most common mistakes in contracts come from vague promises, missing details about timing or payment, and skipping standard protective clauses like governing law and dispute resolution.
Important Notice
This template is provided for informational purposes. It is not legal advice. We recommend having an attorney review any legal document before signing, especially for high-value or complex matters.
Last updated: March 2026