Enterprise Software as a Service Agreement - North Carolina
ENTERPRISE SOFTWARE AS A SERVICE AGREEMENT
STATE OF NORTH CAROLINA
AGREEMENT INFORMATION
| Field | Information |
|---|---|
| Agreement Date | [__/__/____] |
| Agreement Number | [________________________________] |
| Effective Date | [__/__/____] |
PARTIES TO THIS AGREEMENT
PROVIDER:
| Field | Information |
|---|---|
| Legal Entity Name | [________________________________] |
| State of Formation | [________________________________] |
| Principal Address | [________________________________] |
| City, State, ZIP | [________________________________] |
| Federal Tax ID (EIN) | [________________________________] |
| Primary Contact Name | [________________________________] |
| Contact Email | [________________________________] |
| Contact Phone | [________________________________] |
CUSTOMER:
| Field | Information |
|---|---|
| Legal Entity Name | [________________________________] |
| State of Formation | [________________________________] |
| Principal Address | [________________________________] |
| City, State, ZIP | [________________________________] |
| Federal Tax ID (EIN) | [________________________________] |
| Primary Contact Name | [________________________________] |
| Contact Email | [________________________________] |
| Contact Phone | [________________________________] |
RECITALS
WHEREAS, Provider is engaged in the business of providing cloud-based software as a service solutions and related professional services;
WHEREAS, Customer desires to obtain access to and use of Provider's software platform and services for Customer's enterprise business operations;
WHEREAS, the parties wish to establish the terms and conditions under which Provider will make its services available to Customer in compliance with the laws of the State of North Carolina, including the North Carolina Identity Theft Protection Act (N.C. Gen. Stat. §§ 75-61 through 75-66), the Trade Secrets Protection Act (N.C. Gen. Stat. §§ 66-152 through 66-157), and the Unfair and Deceptive Trade Practices Act (N.C. Gen. Stat. § 75-1.1);
WHEREAS, the parties acknowledge that pursuant to N.C. Gen. Stat. § 22B-10, jury trial waivers are per se unenforceable in North Carolina, and the parties have structured the dispute resolution provisions of this Agreement accordingly;
NOW, THEREFORE, in consideration of the mutual covenants and agreements hereinafter set forth and for other good and valuable consideration, the receipt and sufficiency of which are hereby acknowledged, the parties agree as follows:
ARTICLE 1: DEFINITIONS
1.1 "Affiliate" means any entity that directly or indirectly controls, is controlled by, or is under common control with a party, where "control" means ownership of more than fifty percent (50%) of the voting securities or equivalent ownership interest.
1.2 "Authorized Users" means Customer's employees, contractors, consultants, and agents who are authorized by Customer to access and use the Services under the rights granted pursuant to this Agreement.
1.3 "Confidential Information" means all non-public information disclosed by one party to the other, whether orally, in writing, or by inspection, that is designated as confidential or that reasonably should be understood to be confidential given the nature of the information and circumstances of disclosure.
1.4 "Customer Data" means all electronic data, information, content, records, and files that Customer or Authorized Users upload, submit, store, transmit, or process through the Services, including any Personal Information therein.
1.5 "Documentation" means Provider's standard user guides, online help files, technical specifications, and other documentation related to the Services as updated from time to time.
1.6 "Downtime" means any period during which the Services are unavailable or materially impaired, excluding Scheduled Maintenance and Excused Downtime.
1.7 "Effective Date" means the date first written above or the date both parties have executed this Agreement, whichever is later.
1.8 "Excused Downtime" means unavailability caused by: (a) Customer's acts or omissions; (b) failures of Customer's equipment, software, or network connections; (c) third-party services outside Provider's control; (d) force majeure events; or (e) suspension pursuant to Section 3.4.
1.9 "Fees" means all amounts payable by Customer to Provider as set forth in this Agreement and any applicable Order Form.
1.10 "Initial Term" means the initial subscription period specified in the Order Form.
1.11 "Intellectual Property Rights" means all patents, copyrights, trademarks, trade secrets, and other intellectual property rights recognized under the laws of any jurisdiction worldwide.
1.12 "Malicious Code" means viruses, worms, Trojan horses, ransomware, spyware, adware, or other harmful or malicious code, files, scripts, agents, or programs.
1.13 "Monthly Uptime Percentage" means the total minutes in a calendar month minus minutes of Downtime, divided by total minutes in the month, expressed as a percentage.
1.14 "Order Form" means an ordering document specifying the Services, subscription levels, Fees, and other commercial terms, executed by both parties and incorporated herein.
1.15 "Personal Information" has the meaning set forth in the North Carolina Identity Theft Protection Act (N.C. Gen. Stat. § 75-61), including an individual's first name or first initial and last name in combination with identifying information such as Social Security number, driver's license number, financial account numbers, or other data elements as specified by statute.
1.16 "Professional Services" means implementation, configuration, customization, training, integration, and consulting services provided by Provider as specified in an Order Form or Statement of Work.
1.17 "Renewal Term" means each successive subscription period following the Initial Term.
1.18 "Scheduled Maintenance" means planned maintenance of the Services performed during designated maintenance windows with advance notice to Customer.
1.19 "Security Incident" means any unauthorized access to, acquisition of, or disclosure of Customer Data, or any breach or potential breach of Provider's security measures.
1.20 "Services" means Provider's proprietary cloud-based software platform and related services described in the applicable Order Form, including all updates, enhancements, and new features made generally available.
1.21 "Service Level Agreement" or "SLA" means the service level commitments set forth in Article 4.
1.22 "Statement of Work" or "SOW" means a document describing Professional Services, deliverables, timelines, and associated fees.
1.23 "Subscription Term" means collectively the Initial Term and all Renewal Terms.
1.24 "Third-Party Components" means software, data, services, or content provided by third parties that are incorporated into or used in connection with the Services.
1.25 "Trade Secret" has the meaning set forth in N.C. Gen. Stat. § 66-152(3), including business or technical information that derives independent actual or potential commercial value from not being generally known and is the subject of reasonable efforts to maintain its secrecy.
1.26 "UDTP" means the North Carolina Unfair and Deceptive Trade Practices Act, N.C. Gen. Stat. § 75-1.1 et seq.
1.27 "User Account" means the unique login credentials and account established for each Authorized User.
1.28 "Security Breach" has the meaning contemplated by N.C. Gen. Stat. § 75-61(14), meaning an incident of unauthorized access to and acquisition of unencrypted and unredacted records or data containing Personal Information.
1.29 "Misappropriation" has the meaning set forth in N.C. Gen. Stat. § 66-152(1), meaning acquisition, disclosure, or use of a Trade Secret without express or implied authority or consent.
1.30 "Blue Pencil Doctrine" means the strict blue pencil approach followed by North Carolina courts, under which a court may strike unreasonable provisions from a restrictive covenant but may not rewrite or modify them.
ARTICLE 2: SAAS SERVICES AND ACCESS RIGHTS
2.1 Grant of Rights
Subject to Customer's compliance with this Agreement and payment of all Fees, Provider hereby grants to Customer a non-exclusive, non-transferable, non-sublicensable right during the Subscription Term to:
(a) Access and use the Services for Customer's internal business operations;
(b) Permit Authorized Users to access and use the Services in accordance with this Agreement;
(c) Access, use, and reproduce the Documentation in connection with permitted use of the Services; and
(d) Store, process, and retrieve Customer Data through the Services.
2.2 Subscription Tiers
Customer's subscription shall be as specified in the Order Form:
☐ Standard Enterprise - Up to [____] Authorized Users
☐ Professional Enterprise - Up to [____] Authorized Users
☐ Premium Enterprise - Up to [____] Authorized Users
☐ Unlimited Enterprise - Unlimited Authorized Users
☐ Custom Configuration - As specified: [________________________________]
2.3 User Account Administration
(a) Customer shall designate at least one (1) administrator to manage User Accounts and access permissions.
(b) Customer is responsible for maintaining the confidentiality of all User Account credentials.
(c) Customer shall promptly notify Provider of any unauthorized access or security breach involving User Accounts.
(d) User Accounts are for designated individuals only and may not be shared among multiple persons.
2.4 Authorized User Categories
☐ Named Users - Identified individuals assigned specific User Accounts
☐ Concurrent Users - Maximum simultaneous users: [____]
☐ Site License - All employees at specified locations
☐ Enterprise-Wide - All employees and authorized contractors
☐ Other: [________________________________]
2.5 Affiliate Usage
☐ Customer's Affiliates are authorized to use the Services under this Agreement
☐ Customer's Affiliates must execute separate Order Forms
☐ Affiliate usage is not permitted
If Affiliate usage is permitted:
(a) Customer shall ensure Affiliate compliance with all Agreement terms;
(b) Customer remains liable for Affiliate acts and omissions;
(c) Affiliate usage counts toward Customer's licensed capacity.
2.6 Professional Services and Support
Provider shall provide implementation and support services as specified in the applicable Order Form or Statement of Work. Support tiers, response time targets, and escalation procedures shall be as set forth in Exhibit B.
2.7 Training Services
☐ Provider shall provide the following training:
| Training Type | Format | Duration | Participants |
|---|---|---|---|
| Administrator Training | [________________________________] | [____] hours | [____] |
| End User Training | [________________________________] | [____] hours | [____] |
| Advanced Feature Training | [________________________________] | [____] hours | [____] |
| Custom Training | [________________________________] | [____] hours | [____] |
ARTICLE 3: ACCEPTABLE USE AND RESTRICTIONS
3.1 Acceptable Use Policy
Customer and Authorized Users shall:
(a) Use the Services only for lawful purposes and in compliance with all applicable laws, including North Carolina law;
(b) Comply with all Documentation and Provider's reasonable usage policies;
(c) Maintain the security and confidentiality of User Account credentials;
(d) Promptly report any suspected security breaches or unauthorized access.
3.2 Prohibited Activities
Customer and Authorized Users shall not:
(a) License, sublicense, sell, resell, rent, lease, transfer, assign, or distribute the Services to third parties;
(b) Modify, copy, or create derivative works based on the Services or Documentation;
(c) Reverse engineer, disassemble, decompile, or otherwise attempt to derive source code from the Services;
(d) Access the Services to build a competitive product or service;
(e) Use the Services to store or transmit Malicious Code;
(f) Interfere with or disrupt the integrity or performance of the Services;
(g) Attempt to gain unauthorized access to the Services or related systems;
(h) Use the Services to transmit unlawful, harassing, defamatory, or fraudulent content;
(i) Use the Services in violation of any third party's intellectual property or privacy rights;
(j) Exceed licensed usage limits or circumvent usage restrictions;
(k) Remove, alter, or obscure any proprietary notices on the Services;
(l) Use the Services in any manner that constitutes an unfair or deceptive trade practice under N.C. Gen. Stat. § 75-1.1.
3.3 Usage Monitoring
(a) Provider may monitor usage to ensure compliance with this Agreement;
(b) Provider shall notify Customer of any significant usage anomalies;
(c) If usage exceeds licensed capacity, Customer shall promptly pay additional Fees or reduce usage.
3.4 Suspension
Provider may suspend Customer's access to the Services:
(a) If Customer's use poses a security threat to Provider or other customers;
(b) If Customer is in material breach of this Agreement and fails to cure within [____] days after notice;
(c) If required by law or governmental authority;
(d) For non-payment of undisputed Fees more than [____] days past due.
Provider shall provide advance notice of suspension when practicable and shall restore access promptly when the grounds for suspension are resolved.
ARTICLE 4: SERVICE LEVEL AGREEMENT
4.1 Uptime Commitment
Provider commits to the following Monthly Uptime Percentage during each calendar month:
☐ 99.5% Monthly Uptime
☐ 99.9% Monthly Uptime
☐ 99.95% Monthly Uptime
☐ 99.99% Monthly Uptime
☐ Other: [____]%
4.2 Uptime Calculation
Monthly Uptime Percentage = ((Total Minutes in Month - Downtime Minutes) / Total Minutes in Month) × 100
4.3 Scheduled Maintenance Windows
(a) Standard Maintenance Window: [________________________________]
(b) Provider shall provide at least [____] hours advance notice for scheduled maintenance.
(c) Provider shall use commercially reasonable efforts to perform maintenance during low-usage periods.
(d) Emergency maintenance may be performed without advance notice when necessary to address critical security issues.
4.4 Service Credits
If Provider fails to meet the Monthly Uptime Percentage commitment, Customer shall be entitled to Service Credits as follows:
| Monthly Uptime Percentage | Service Credit (% of Monthly Fee) |
|---|---|
| 99.0% - Below Commitment | 10% |
| 98.0% - 98.99% | 25% |
| 95.0% - 97.99% | 50% |
| Below 95.0% | 100% |
4.5 Service Credit Limitations
(a) Service Credits are Customer's sole and exclusive remedy for Provider's failure to meet the SLA.
(b) Service Credits shall not exceed 100% of the monthly Fees for the affected month.
(c) Service Credits are applied against future invoices and are not redeemable for cash.
(d) Customer must request Service Credits within thirty (30) days of the end of the affected month.
4.6 Performance Monitoring
(a) Provider shall maintain real-time monitoring of Services availability.
(b) Provider shall make uptime statistics available to Customer through [________________________________].
(c) Provider shall notify Customer of any material service disruption within [____] minutes of detection.
4.7 Chronic Failure
If Provider fails to meet the Monthly Uptime Percentage commitment for [____] consecutive months or [____] months in any twelve (12) month period, Customer may terminate this Agreement upon thirty (30) days written notice without penalty and receive a pro-rata refund of prepaid Fees.
ARTICLE 5: CUSTOMER DATA AND DATA PROTECTION
5.1 Customer Data Ownership
(a) As between the parties, Customer retains all right, title, and interest in and to Customer Data.
(b) Provider acquires no rights to Customer Data except the limited license to process Customer Data as necessary to provide the Services.
(c) Customer represents that it has all necessary rights to provide Customer Data to Provider for processing.
5.2 Data Processing
Provider shall:
(a) Process Customer Data only as necessary to provide the Services and as instructed by Customer;
(b) Not access, use, or disclose Customer Data except as required for Service delivery, security, or as compelled by law;
(c) Implement reasonable access controls limiting personnel access to Customer Data on a need-to-know basis;
(d) Ensure personnel with access to Customer Data are bound by confidentiality obligations.
5.3 Data Location
☐ Customer Data shall be stored and processed within the United States
☐ Customer Data shall be stored and processed within: [________________________________]
☐ Customer Data may be stored and processed in any Provider data center location
☐ Customer Data location restrictions: [________________________________]
5.4 Information Security Program
Provider shall implement and maintain a comprehensive written information security program that includes:
(a) Risk Assessment: Regular identification and assessment of reasonably foreseeable internal and external threats to Customer Data security;
(b) Safeguards: Implementation of safeguards to control identified risks, including:
- Encryption of Customer Data in transit and at rest using industry-standard protocols
- Multi-factor authentication for administrative access
- Network security controls including firewalls, intrusion detection, and prevention systems
- Regular vulnerability scanning and penetration testing
- Secure software development practices
(c) Access Controls: Role-based access controls and principle of least privilege;
(d) Employee Training: Regular security awareness training for all personnel with access to Customer Data;
(e) Incident Response: Written incident response plan addressing detection, containment, investigation, and notification procedures;
(f) Business Continuity: Disaster recovery and business continuity procedures.
5.5 Security Certifications and Audits
Provider maintains or shall obtain the following certifications:
☐ SOC 2 Type II
☐ ISO 27001
☐ ISO 27017
☐ ISO 27018
☐ HITRUST CSF
☐ FedRAMP (Authorization Level: [____])
☐ PCI DSS (if processing payment data)
☐ Other: [________________________________]
(a) Provider shall maintain such certifications throughout the Subscription Term.
(b) Upon Customer's reasonable written request (no more than once annually), Provider shall provide copies of current audit reports and certifications.
(c) Customer may conduct or commission a security assessment upon reasonable advance notice and at Customer's expense.
5.6 Security Incident Response
(a) Provider shall notify Customer of any Security Incident affecting Customer Data within [____] hours of discovery.
(b) Notification shall include:
- Description of the incident
- Types of data potentially affected
- Measures taken to contain and remediate
- Contact information for further inquiries
- Recommended protective actions for Customer
(c) Provider shall cooperate with Customer in investigating and responding to Security Incidents.
(d) Provider shall preserve evidence related to Security Incidents for forensic investigation.
5.7 Data Breach Notification Under North Carolina Law
In the event of a Security Breach requiring notification under the North Carolina Identity Theft Protection Act (N.C. Gen. Stat. §§ 75-61 through 75-66):
(a) Provider shall notify Customer immediately and in no event later than [____] hours after determining a breach has occurred;
(b) Provider shall cooperate with Customer in fulfilling notification obligations to affected North Carolina residents without unreasonable delay, as required by N.C. Gen. Stat. § 75-65;
(c) Required notifications must include, at minimum:
- A description of the general acts of the business to protect the Personal Information from further unauthorized access
- A telephone number for further information and assistance
- Advice to remain vigilant by reviewing account statements and monitoring free credit reports
- Toll-free numbers and addresses for the major consumer reporting agencies
- Toll-free numbers, addresses, and website addresses for the Federal Trade Commission and the North Carolina Attorney General's Office
- A statement that the individual can obtain information from these sources about preventing identity theft
(d) Provider shall bear the costs of notification and credit monitoring services if the breach results from Provider's negligence or failure to comply with this Agreement;
(e) The parties acknowledge that the North Carolina Attorney General has enforcement authority under the Identity Theft Protection Act, including authority to impose civil penalties.
NORTH CAROLINA PRACTITIONER NOTE: North Carolina's Identity Theft Protection Act (N.C. Gen. Stat. §§ 75-61 through 75-66) has among the most detailed notification content requirements of any state. The required notice must include specific information about the FTC and NC AG's Office. Practitioners should create template notification letters in advance and ensure compliance with all content requirements.
5.8 Subprocessors
(a) Provider may engage subprocessors to assist in providing the Services, provided:
- Subprocessors are bound by data protection obligations no less protective than this Agreement
- Provider remains liable for subprocessor compliance
- Provider maintains an updated list of subprocessors
(b) Provider shall notify Customer of any material changes to subprocessors at least [____] days in advance.
(c) Customer may object to new subprocessors; if Provider proceeds over Customer's objection, Customer may terminate without penalty.
5.9 Data Backup and Recovery
(a) Provider shall perform [________________________________] backups of Customer Data.
(b) Backups shall be retained for [____] days.
(c) Provider shall maintain the capability to restore Customer Data from backup within [____] hours of a request.
(d) Provider shall test backup restoration procedures at least [________________________________].
ARTICLE 6: FEES, PAYMENT, AND TAXES
6.1 Subscription Fees
Customer shall pay the following subscription Fees:
| Description | Amount | Billing Frequency |
|---|---|---|
| Base Subscription Fee | $[________________________________] | ☐ Monthly ☐ Quarterly ☐ Annually |
| Per User Fee | $[________________________________] per user | ☐ Monthly ☐ Quarterly ☐ Annually |
| Data Storage (above included amount) | $[________________________________] per GB | ☐ Monthly ☐ Quarterly ☐ Annually |
| API Calls (above included amount) | $[________________________________] per 1,000 calls | ☐ Monthly ☐ Quarterly ☐ Annually |
| Additional Modules/Features | $[________________________________] | ☐ Monthly ☐ Quarterly ☐ Annually |
6.2 Professional Services Fees
| Service | Rate/Fee | Estimate |
|---|---|---|
| Implementation Services | $[________________________________] | [________________________________] |
| Training Services | $[________________________________] per hour/day | [________________________________] |
| Custom Development | $[________________________________] per hour | [________________________________] |
| Consulting Services | $[________________________________] per hour | [________________________________] |
| On-Site Services | $[________________________________] per day plus expenses | [________________________________] |
6.3 Payment Terms
(a) Invoicing: Provider shall invoice Customer:
☐ In advance for each billing period
☐ Upon execution of this Agreement for the first year
☐ According to payment milestones in the Order Form
☐ Other: [________________________________]
(b) Payment Due: All invoices are due and payable within [____] days of invoice date.
(c) Payment Method:
☐ ACH/Wire Transfer
☐ Credit Card (subject to processing fees of [____]%)
☐ Check
☐ Other: [________________________________]
6.4 Taxes — North Carolina SaaS Tax Treatment
(a) All Fees are exclusive of taxes unless otherwise stated.
(b) North Carolina SaaS Tax Status: As of the date of this Agreement, SaaS is generally not subject to North Carolina sales tax. The North Carolina Department of Revenue (NCDOR), through Bulletin 19-3, has formally determined that SaaS is not taxable, consistent with the exemption framework of N.C. Gen. Stat. § 105-164.13(43). However, important exceptions exist: (i) if the SaaS offering is bundled with tangible personal property, the entire transaction may be taxable; (ii) if the SaaS provides access to a database that would otherwise be taxable in tangible form, it may be taxable; and (iii) certain digital goods (music, video, e-books) are taxable regardless of delivery method. The parties should verify current tax treatment with the NCDOR.
(c) Customer is responsible for all applicable sales, use, value-added, and similar taxes arising from the transactions contemplated herein.
(d) Customer shall provide valid exemption certificates if applicable.
(e) Provider is responsible for taxes based on Provider's income.
6.5 Late Payment
(a) Late payments shall bear interest at the rate of eight percent (8%) per annum as provided by N.C. Gen. Stat. § 24-1, which establishes the legal rate of interest.
(b) Customer shall reimburse Provider's reasonable collection costs, including attorneys' fees.
(c) Provider may suspend Services for undisputed amounts more than [____] days past due.
NORTH CAROLINA PRACTITIONER NOTE: N.C. Gen. Stat. § 24-1 sets the legal rate of interest at 8% per annum. For contracts where the principal exceeds $25,000, parties may agree in writing to any rate. For amounts of $25,000 or less, the maximum rate is set by the Commissioner of Banks but cannot exceed 16%. Charging usurious interest may result in forfeiture of all interest and a claim by the borrower for twice the amount of interest paid.
6.6 Fee Disputes
(a) Customer shall notify Provider of any disputed charges within [____] days of invoice date.
(b) Customer shall pay all undisputed amounts by the due date.
(c) The parties shall work in good faith to resolve disputes within [____] days.
(d) Provider shall not suspend Services for amounts subject to a bona fide dispute.
6.7 Price Increases
(a) Fees are fixed for the Initial Term.
(b) Provider may increase Fees for Renewal Terms by providing written notice at least [____] days before the Renewal Term.
(c) Fee increases shall not exceed [____]% annually unless Provider's costs increase substantially.
ARTICLE 7: INTELLECTUAL PROPERTY RIGHTS
7.1 Provider Intellectual Property
(a) Provider retains all right, title, and interest in and to the Services, Documentation, and all related intellectual property, including:
- Software code, architecture, and design
- Algorithms, processes, and methodologies
- User interfaces and user experience designs
- Trade Secrets as defined under N.C. Gen. Stat. § 66-152(3)
- All improvements, modifications, and derivative works
(b) No license or right is granted except as expressly set forth herein.
(c) Customer shall not acquire any ownership interest in the Services by virtue of this Agreement.
7.2 Customer Intellectual Property
(a) Customer retains all right, title, and interest in and to Customer Data and Customer's pre-existing intellectual property.
(b) Customer grants Provider a limited, non-exclusive license to use Customer Data solely as necessary to provide the Services.
7.3 Feedback
(a) If Customer provides suggestions, ideas, or feedback regarding the Services ("Feedback"), Provider may use such Feedback without restriction or compensation.
(b) Customer hereby assigns to Provider all rights in any Feedback.
7.4 Aggregated Data
(a) Provider may collect and analyze aggregated, anonymized data derived from Customer's use of the Services that does not identify Customer or any individual ("Aggregated Data").
(b) Provider may use Aggregated Data to improve the Services, develop new products, and for other lawful business purposes.
(c) Provider owns all right, title, and interest in Aggregated Data.
7.5 Custom Development
For any custom development performed under this Agreement:
☐ Provider Ownership: Provider owns all custom developments; Customer receives a license to use
☐ Customer Ownership: Customer owns all custom developments; Provider receives a license to incorporate into Services
☐ Joint Ownership: Parties jointly own custom developments
☐ Work Made for Hire: Custom developments are works made for hire owned by Customer
☐ As Specified: Ownership determined per individual Statement of Work
ARTICLE 8: CONFIDENTIALITY
8.1 Confidentiality Obligations
Each party agrees to:
(a) Maintain the confidentiality of the other party's Confidential Information using at least the same degree of care it uses to protect its own confidential information, but no less than reasonable care;
(b) Not disclose Confidential Information to any third party except as expressly permitted herein;
(c) Use Confidential Information only for purposes of performing obligations or exercising rights under this Agreement;
(d) Limit access to Confidential Information to employees, contractors, and agents with a need to know who are bound by confidentiality obligations.
8.2 Exclusions
Confidential Information does not include information that:
(a) Is or becomes publicly available through no fault of the receiving party;
(b) Was rightfully known to the receiving party without restriction before disclosure;
(c) Is rightfully obtained from a third party without breach of confidentiality;
(d) Is independently developed without use of Confidential Information, including through reverse engineering.
8.3 Permitted Disclosures
A party may disclose Confidential Information:
(a) To its professional advisors bound by professional confidentiality obligations;
(b) As required by law, regulation, or court order, provided the disclosing party gives prompt notice (if legally permitted);
(c) In connection with a merger, acquisition, or financing, subject to confidentiality agreements.
8.4 Trade Secret Protection Under North Carolina Law
(a) The parties acknowledge that certain Confidential Information may constitute Trade Secrets under the North Carolina Trade Secrets Protection Act (N.C. Gen. Stat. §§ 66-152 through 66-157).
(b) Under N.C. Gen. Stat. § 66-152(3), a "trade secret" means business or technical information that derives independent actual or potential commercial value from not being generally known or readily ascertainable through independent development or reverse engineering by persons who can obtain economic value from its disclosure or use.
(c) The parties acknowledge that Misappropriation of Trade Secrets may give rise to:
- Injunctive relief under N.C. Gen. Stat. § 66-154
- Actual damages (measured by economic loss or unjust enrichment, whichever is greater) under N.C. Gen. Stat. § 66-154
- Punitive damages for willful and malicious misappropriation
- Attorneys' fees under N.C. Gen. Stat. § 66-154(d)
(d) The statute of limitations for trade secret misappropriation claims under North Carolina law is three (3) years.
8.5 Duration
Confidentiality obligations shall survive termination of this Agreement for a period of [____] years, except that obligations regarding Trade Secrets shall continue for as long as the information qualifies as a Trade Secret under applicable law.
8.6 Return or Destruction
Upon termination or upon request, each party shall return or destroy the other party's Confidential Information and certify such return or destruction in writing.
ARTICLE 9: REPRESENTATIONS AND WARRANTIES
9.1 Provider Warranties
Provider warrants that:
(a) Performance Warranty: The Services will perform materially in accordance with the Documentation during the Subscription Term;
(b) Authority: Provider has full power and authority to enter into this Agreement and grant the rights herein;
(c) Non-Infringement: To Provider's knowledge, the Services do not infringe any third party's intellectual property rights;
(d) Malicious Code: The Services will not contain Malicious Code introduced by Provider;
(e) Compliance: Provider will comply with all laws applicable to Provider's provision of the Services;
(f) Personnel: Provider's personnel performing Professional Services will have the necessary skills and qualifications;
(g) Security: Provider will maintain the security program described in Article 5;
(h) UDTP Compliance: Provider shall not engage in unfair or deceptive acts or practices in connection with the provision of Services, as prohibited by N.C. Gen. Stat. § 75-1.1.
9.2 Customer Warranties
Customer warrants that:
(a) Customer has full power and authority to enter into this Agreement;
(b) Customer owns or has the right to provide Customer Data to Provider;
(c) Customer Data does not violate third-party rights or applicable law;
(d) Customer will use the Services in compliance with this Agreement and applicable law.
9.3 Warranty Remedies
For breach of Provider's Performance Warranty:
(a) Customer shall notify Provider of any warranty claim within [____] days of discovery;
(b) Provider shall use commercially reasonable efforts to correct the non-conformity;
(c) If Provider cannot correct the non-conformity within [____] days, Customer may terminate the affected Services and receive a pro-rata refund.
9.4 Disclaimer of Warranties
EXCEPT FOR THE EXPRESS WARRANTIES IN THIS ARTICLE, TO THE MAXIMUM EXTENT PERMITTED BY N.C. GEN. STAT. § 25-2-316:
(a) PROVIDER MAKES NO OTHER WARRANTIES, EXPRESS OR IMPLIED, INCLUDING IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE, AND NON-INFRINGEMENT;
(b) PROVIDER DOES NOT WARRANT THAT THE SERVICES WILL BE UNINTERRUPTED, ERROR-FREE, OR COMPLETELY SECURE;
(c) PROVIDER DOES NOT WARRANT THAT THE SERVICES WILL MEET CUSTOMER'S SPECIFIC REQUIREMENTS;
(d) ANY THIRD-PARTY COMPONENTS ARE PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND.
ARTICLE 10: INDEMNIFICATION
10.1 Provider Indemnification
Provider shall defend, indemnify, and hold harmless Customer, its Affiliates, and their respective officers, directors, employees, and agents from and against any third-party claims, damages, losses, liabilities, and expenses (including reasonable attorneys' fees) arising from:
(a) Allegations that the Services infringe any United States patent, copyright, trademark, or misappropriate any trade secret;
(b) Provider's gross negligence or willful misconduct;
(c) Provider's material breach of its data security obligations under Article 5;
(d) Provider's violation of applicable law in its provision of the Services;
(e) Provider's violation of the UDTP (N.C. Gen. Stat. § 75-1.1), including any treble damages awarded thereunder.
10.2 IP Indemnification Exclusions
Provider's indemnification obligations do not apply to claims arising from:
(a) Modifications to the Services made by Customer without Provider's authorization;
(b) Combination of the Services with products, services, or data not provided by Provider;
(c) Customer's use of the Services after Provider notifies Customer of allegedly infringing activity;
(d) Customer Data or Customer's specifications that caused the alleged infringement;
(e) Use of a non-current version of the Services if infringement would have been avoided by using the current version.
10.3 Customer Indemnification
Customer shall defend, indemnify, and hold harmless Provider, its Affiliates, and their respective officers, directors, employees, and agents from and against any third-party claims, damages, losses, liabilities, and expenses (including reasonable attorneys' fees) arising from:
(a) Customer Data, including claims that Customer Data infringes or violates third-party rights;
(b) Customer's breach of the Acceptable Use Policy;
(c) Customer's gross negligence or willful misconduct;
(d) Customer's violation of applicable law in its use of the Services.
10.4 Indemnification Procedures
The indemnified party shall:
(a) Provide prompt written notice of any claim;
(b) Grant the indemnifying party sole control of the defense and settlement;
(c) Provide reasonable cooperation at the indemnifying party's expense;
(d) Not settle any claim without the indemnifying party's prior written consent.
10.5 UDTP Treble Damages Risk
THE PARTIES ACKNOWLEDGE THAT UNDER N.C. GEN. STAT. § 75-16, IF A VIOLATION OF THE UNFAIR AND DECEPTIVE TRADE PRACTICES ACT (N.C. GEN. STAT. § 75-1.1) IS FOUND, THE COURT SHALL AWARD TREBLE (THREE TIMES) THE ACTUAL DAMAGES FOUND BY THE JURY OR COURT. THIS TREBLE DAMAGES AWARD IS MANDATORY, NOT DISCRETIONARY. ADDITIONALLY, UNDER N.C. GEN. STAT. § 75-16.1, THE COURT MAY AWARD ATTORNEYS' FEES TO THE PREVAILING PARTY. THE PARTIES SHOULD ENSURE THEIR CONDUCT UNDER THIS AGREEMENT COMPLIES WITH THE UDTP AT ALL TIMES.
ARTICLE 11: LIMITATION OF LIABILITY
11.1 Exclusion of Consequential Damages
TO THE MAXIMUM EXTENT PERMITTED BY N.C. GEN. STAT. § 25-2-719 AND APPLICABLE NORTH CAROLINA LAW, NEITHER PARTY SHALL BE LIABLE TO THE OTHER FOR ANY INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, PUNITIVE, OR EXEMPLARY DAMAGES, INCLUDING DAMAGES FOR LOST PROFITS, LOST REVENUES, LOST DATA, LOSS OF GOODWILL, BUSINESS INTERRUPTION, OR COST OF PROCUREMENT OF SUBSTITUTE SERVICES, ARISING OUT OF OR RELATED TO THIS AGREEMENT, REGARDLESS OF THE THEORY OF LIABILITY AND EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
11.2 Liability Cap
EXCEPT AS PROVIDED IN SECTION 11.3, EACH PARTY'S TOTAL CUMULATIVE LIABILITY SHALL NOT EXCEED:
☐ The total Fees paid or payable by Customer during the twelve (12) months preceding the claim
☐ The total Fees paid or payable by Customer during the twenty-four (24) months preceding the claim
☐ $[________________________________]
☐ Other: [________________________________]
11.3 Exceptions to Limitations
The limitations in Sections 11.1 and 11.2 shall not apply to:
(a) Either party's indemnification obligations under Article 10;
(b) Either party's breach of confidentiality obligations under Article 8;
(c) Customer's payment obligations;
(d) Claims arising from a party's gross negligence or willful misconduct;
(e) Claims arising from Provider's breach of its data security obligations resulting in unauthorized disclosure of Customer Data;
(f) Claims arising from Provider's unauthorized use or disclosure of Customer Data;
(g) UDTP Claims: Claims arising under the North Carolina Unfair and Deceptive Trade Practices Act (N.C. Gen. Stat. § 75-1.1), including mandatory treble damages under N.C. Gen. Stat. § 75-16.
11.4 Enhanced Liability Cap for Certain Claims
For claims described in Section 11.3(b) and (e), each party's liability shall not exceed:
☐ Two (2) times the general liability cap
☐ Three (3) times the general liability cap
☐ $[________________________________]
☐ No enhanced cap (unlimited liability)
11.5 North Carolina Enforceability
The North Carolina Supreme Court has held that parties may contractually limit their liability for consequential damages, recognizing that "People should be entitled to contract on their own terms without the indulgence of paternalism by courts." The limitations in this Article reflect a negotiated allocation of risk between sophisticated commercial parties.
11.6 Blue Pencil Doctrine
The parties acknowledge that North Carolina follows the strict blue pencil doctrine, under which a court may strike unreasonable provisions but may not rewrite or modify them. Each provision of this limitation of liability article is intended to be severable, so that if any provision is found unenforceable, the remaining provisions will continue in full force and effect.
11.7 Essential Purpose
THE PARTIES AGREE THAT THE LIMITATIONS AND EXCLUSIONS OF LIABILITY SPECIFIED IN THIS AGREEMENT WILL SURVIVE AND APPLY EVEN IF FOUND TO HAVE FAILED OF THEIR ESSENTIAL PURPOSE.
ARTICLE 12: TERM, RENEWAL, AND TERMINATION
12.1 Initial Term
This Agreement shall commence on the Effective Date and continue for an Initial Term of:
☐ One (1) year
☐ Two (2) years
☐ Three (3) years
☐ Other: [________________________________]
12.2 Renewal
(a) This Agreement shall automatically renew for successive Renewal Terms of [________________________________] unless either party provides written notice of non-renewal at least [____] days before the end of the then-current term.
(b) Provider shall provide Customer with written notice of automatic renewal not less than thirty (30) days before the renewal deadline.
(c) Customer may terminate at any time for convenience by providing [____] days written notice, subject to payment of:
☐ All Fees through the end of the then-current term
☐ Early termination fee of [________________________________]
☐ No early termination fee
☐ Other: [________________________________]
12.3 Termination for Cause
Either party may terminate this Agreement immediately upon written notice if:
(a) The other party materially breaches this Agreement and fails to cure within [____] days after written notice;
(b) The other party becomes insolvent, files for bankruptcy, or makes an assignment for the benefit of creditors;
(c) The other party ceases to conduct business in the normal course.
12.4 Refund Upon Termination
(a) If Customer terminates for cause, Provider shall refund prepaid Fees for the unused portion of the Subscription Term.
(b) If Provider terminates for cause, no refund shall be due.
12.5 Effect of Expiration or Termination
Upon expiration or termination:
(a) All rights and licenses granted to Customer shall immediately terminate;
(b) Customer shall pay all outstanding Fees through the termination date;
(c) Each party shall return or destroy Confidential Information;
(d) Provisions that by their nature should survive shall continue in effect.
ARTICLE 13: DATA PORTABILITY AND TRANSITION SERVICES
13.1 Data Export
During the Subscription Term, Customer may export Customer Data through:
☐ Self-service export functionality
☐ API access for programmatic data retrieval
☐ Provider-assisted export upon request
☐ Other: [________________________________]
13.2 Data Export Format
☐ CSV ☐ JSON ☐ XML ☐ Native format ☐ SQL dump ☐ Other: [________________________________]
13.3 Transition Assistance
Upon expiration or termination, Provider shall provide Customer access to export Customer Data for [____] days and provide reasonable migration assistance at then-current Professional Services rates.
13.4 Data Deletion
Provider shall delete all Customer Data from production systems within [____] days and from backup systems within [____] days, and provide written certification of deletion upon request.
ARTICLE 14: INSURANCE REQUIREMENTS
14.1 Required Insurance
Provider shall maintain the following insurance coverages:
| Coverage Type | Minimum Limit | Requirements |
|---|---|---|
| Commercial General Liability | $[________________________________] per occurrence / $[________________________________] aggregate | Including products/completed operations |
| Professional Liability/E&O | $[________________________________] per claim / $[________________________________] aggregate | Covering technology professional services |
| Cyber Liability/Data Breach | $[________________________________] per incident / $[________________________________] aggregate | Including network security, privacy liability |
| Workers' Compensation | Statutory limits | As required by North Carolina law |
| Employer's Liability | $[________________________________] | Per accident and disease |
| Umbrella/Excess Liability | $[________________________________] | Excess of primary coverages |
ARTICLE 15: DISPUTE RESOLUTION
CRITICAL NORTH CAROLINA NOTE: N.C. Gen. Stat. § 22B-10 provides that "any provision in a contract requiring a party to the contract to waive his right to a jury trial is unconscionable as a matter of law and the provision shall be unenforceable." Accordingly, this Agreement DOES NOT contain a jury trial waiver. The parties are instead encouraged to select binding arbitration as the preferred dispute resolution mechanism.
15.1 Governing Law
This Agreement shall be governed by and construed in accordance with the laws of the State of North Carolina, without regard to its conflict of laws principles.
15.2 Venue and Jurisdiction
The parties consent to the exclusive jurisdiction and venue of the state and federal courts located in:
☐ Wake County, North Carolina (Raleigh)
☐ Mecklenburg County, North Carolina (Charlotte)
☐ Guilford County, North Carolina (Greensboro)
☐ Durham County, North Carolina
☐ [________________________________] County, North Carolina
Each party waives any objection to such jurisdiction and venue, including inconvenient forum.
15.3 Dispute Resolution Process
Before initiating litigation or arbitration, the parties agree to the following escalation process:
Step 1 - Informal Resolution: Representatives shall attempt to resolve disputes informally within [____] business days.
Step 2 - Executive Escalation: If unresolved, disputes shall be escalated to each party's executive officer (or designee) for resolution within [____] business days.
Step 3 - Mediation: If still unresolved, the parties shall participate in mediation administered by [________________________________] before commencing litigation or arbitration. Mediation costs shall be shared equally.
15.4 Binding Arbitration (Strongly Recommended)
☐ BINDING ARBITRATION ELECTED: If mediation is unsuccessful, all disputes arising out of or relating to this Agreement shall be resolved by binding arbitration administered by [________________________________] in accordance with its Commercial Arbitration Rules. The arbitration shall be conducted in [________________________________], North Carolina. The arbitration shall be conducted by [____] arbitrator(s). Judgment on the award may be entered in any court of competent jurisdiction.
NORTH CAROLINA PRACTITIONER NOTE — ARBITRATION STRONGLY RECOMMENDED: Because N.C. Gen. Stat. § 22B-10 renders jury trial waivers per se unenforceable in North Carolina, binding arbitration is the most effective mechanism for ensuring predictable dispute resolution and avoiding jury trials. N.C. Gen. Stat. § 22B-10 expressly states that it "does not prohibit parties from entering into agreements to arbitrate or engage in other forms of alternative dispute resolution." Practitioners should strongly recommend that the parties elect binding arbitration by checking the box above.
15.5 Litigation (If Arbitration Not Elected)
If the parties do not elect binding arbitration under Section 15.4, disputes shall be resolved through litigation in the courts specified in Section 15.2. THE PARTIES ACKNOWLEDGE THAT IN NORTH CAROLINA, JURY TRIAL WAIVERS ARE UNENFORCEABLE UNDER N.C. GEN. STAT. § 22B-10, AND EITHER PARTY MAY DEMAND A JURY TRIAL IN ANY LITIGATION.
15.6 Injunctive Relief
Notwithstanding any dispute resolution procedures, either party may seek injunctive or other equitable relief from any court of competent jurisdiction to prevent irreparable harm pending resolution of disputes.
15.7 Prevailing Party
In any legal proceeding arising out of this Agreement, the prevailing party shall be entitled to recover its reasonable attorneys' fees and costs from the non-prevailing party.
ARTICLE 16: GENERAL PROVISIONS
16.1 Entire Agreement
This Agreement constitutes the entire agreement between the parties regarding its subject matter.
16.2 Amendments
No amendment shall be effective unless in writing and signed by both parties.
16.3 Order of Precedence
In the event of conflict: (1) Order Forms; (2) Statements of Work; (3) this Agreement; (4) Documentation.
16.4 Assignment
Neither party may assign this Agreement without prior written consent, except to an Affiliate or in connection with a merger or acquisition.
16.5 Blue Pencil Doctrine — Restrictive Covenants
The parties acknowledge that North Carolina follows the strict blue pencil doctrine for restrictive covenants. A court may strike unreasonable provisions but cannot rewrite or modify them. All restrictive provisions in this Agreement (including confidentiality and non-solicitation provisions) are drafted to be individually severable so that if any provision is stricken, the remaining provisions survive. The parties should ensure all restrictive covenants contain reasonable scope, duration, and geographic limitations.
16.6 Notices
Notices shall be in writing and delivered by certified mail, overnight courier, or email with confirmation.
| Party | Notice Address |
|---|---|
| Provider | [________________________________] |
| [________________________________] | |
| Email: [________________________________] | |
| Customer | [________________________________] |
| [________________________________] | |
| Email: [________________________________] |
16.7 Force Majeure
Neither party shall be liable for failure or delay due to causes beyond its reasonable control. If force majeure continues for more than [____] days, either party may terminate without liability.
16.8 Waiver
No waiver shall be effective unless in writing.
16.9 Severability
If any provision is held invalid or unenforceable, the remaining provisions shall continue in effect. Consistent with North Carolina's strict blue pencil doctrine, a court may strike but not rewrite invalid provisions.
16.10 Independent Contractors
The parties are independent contractors.
16.11 Compliance with Laws
Each party shall comply with all applicable laws, including the North Carolina UDTP Act, the Identity Theft Protection Act, and all applicable data protection laws.
16.12 Electronic Signatures
In accordance with the North Carolina Uniform Electronic Transactions Act (N.C. Gen. Stat. Chapter 66, Article 40), this Agreement may be executed electronically.
16.13 Counterparts
This Agreement may be executed in counterparts.
ARTICLE 17: EXECUTION
PRE-EXECUTION CHECKLIST
Provider Verification:
☐ All Order Forms completed and attached
☐ Pricing confirmed and documented
☐ Service level commitments confirmed
☐ Security certifications current
☐ Insurance certificates available
☐ Arbitration election confirmed (Section 15.4)
☐ UDTP compliance verified
☐ Legal review completed
☐ Authority to sign verified
Customer Verification:
☐ Business requirements documented
☐ Technical requirements reviewed
☐ Security requirements addressed
☐ Arbitration election confirmed (Section 15.4)
☐ Budget approval obtained
☐ Legal review completed
☐ Authority to sign verified
SIGNATURE PAGE
PROVIDER
[________________________________]
| Field | Information |
|---|---|
| Signature | ________________________________________________ |
| Printed Name | [________________________________] |
| Title | [________________________________] |
| Date | [__/__/____] |
CUSTOMER
[________________________________]
| Field | Information |
|---|---|
| Signature | ________________________________________________ |
| Printed Name | [________________________________] |
| Title | [________________________________] |
| Date | [__/__/____] |
EXHIBIT A: ORDER FORM
Order Form Number: [________________________________]
Order Form Effective Date: [__/__/____]
Services Ordered
| Service/Module | Description | Quantity | Unit Price | Total |
|---|---|---|---|---|
| [________________________________] | [________________________________] | [____] | $[________] | $[________] |
| [________________________________] | [________________________________] | [____] | $[________] | $[________] |
| [________________________________] | [________________________________] | [____] | $[________] | $[________] |
Subscription Details
| Field | Value |
|---|---|
| Initial Term | [________________________________] |
| Renewal Term | [________________________________] |
| Billing Frequency | ☐ Monthly ☐ Quarterly ☐ Annually |
| Payment Terms | Net [____] days |
| Support Tier | ☐ Standard ☐ Premium ☐ Enterprise |
| Uptime Commitment | [____]% |
PROVIDER: ___________________________ Date: [__/__/____]
CUSTOMER: ___________________________ Date: [__/__/____]
EXHIBIT B: SERVICE LEVEL AGREEMENT DETAILS
B.1 Support Tiers and Response Times
| Severity Level | Description | Standard Support | Premium Support | Enterprise Support |
|---|---|---|---|---|
| Critical (S1) | Complete system outage | 4 hours | 2 hours | 30 minutes |
| High (S2) | Major functionality impaired | 8 hours | 4 hours | 1 hour |
| Medium (S3) | Partial functionality affected | 24 hours | 12 hours | 4 hours |
| Low (S4) | Minor issues; questions | 72 hours | 48 hours | 24 hours |
EXHIBIT C: DATA PROCESSING ADDENDUM
C.1 Scope
This DPA supplements the Agreement with respect to Provider's processing of Personal Information on behalf of Customer.
C.2 Provider Responsibilities
Provider shall:
(a) Process Personal Information only as instructed by Customer;
(b) Ensure personnel are bound by confidentiality obligations;
(c) Implement appropriate security measures;
(d) Assist Customer with data subject requests;
(e) Delete or return Personal Information upon termination;
(f) Make available information necessary to demonstrate compliance.
C.3 Subprocessors
Provider shall notify Customer of subprocessor changes [____] days in advance.
C.4 Audit Rights
Upon reasonable notice, Customer may audit Provider's compliance with this DPA.
EXHIBIT D: ACCEPTABLE USE POLICY
D.1 Purpose
This AUP governs Customer's and Authorized Users' use of the Services.
D.2 Prohibited Uses
Customer and Authorized Users shall not use the Services to:
(a) Violate any applicable law, including the North Carolina UDTP Act;
(b) Store, transmit, or process content that infringes intellectual property rights;
(c) Distribute spam, phishing attempts, or other unsolicited communications;
(d) Interfere with other customers' use of the Services;
(e) Attempt to probe or test vulnerabilities without authorization.
PRACTITIONER NOTES FOR NORTH CAROLINA
Key North Carolina-Specific Considerations
-
JURY TRIAL WAIVERS ARE PER SE UNENFORCEABLE: N.C. Gen. Stat. § 22B-10 provides that "any provision in a contract requiring a party to the contract to waive his right to a jury trial is unconscionable as a matter of law and the provision shall be unenforceable." This is a statutory prohibition, not merely a judicial trend. The statute expressly does NOT prohibit arbitration agreements. Practitioners MUST NOT include jury trial waivers in North Carolina-governed agreements. The recommended approach is to elect binding arbitration under Section 15.4.
-
Treble Damages Under UDTP: The North Carolina Unfair and Deceptive Trade Practices Act (N.C. Gen. Stat. § 75-1.1) is extremely powerful. If a UDTP violation is found, N.C. Gen. Stat. § 75-16 mandates treble damages (three times actual damages). This is mandatory, not discretionary. Attorneys' fees may also be awarded (N.C. Gen. Stat. § 75-16.1). This creates significant exposure for any party whose conduct constitutes an unfair or deceptive trade practice. Practitioners should ensure SaaS agreements and business practices do not give rise to UDTP claims.
-
Interest Rate: The legal rate is 8% per annum under N.C. Gen. Stat. § 24-1. For contracts exceeding $25,000 in principal, parties may agree to any rate in writing. For amounts of $25,000 or less, the maximum rate is set by the Commissioner of Banks but cannot exceed 16%. Usurious interest charges result in forfeiture of all interest and potential recovery by the borrower of twice the amount paid.
-
SaaS Tax Treatment: SaaS is generally not subject to North Carolina sales tax per NCDOR Bulletin 19-3 and the exemption framework of N.C. Gen. Stat. § 105-164.13(43). Exceptions apply for bundled tangible products, taxable database access, and certain digital goods.
-
No Comprehensive Consumer Privacy Law: North Carolina does not currently have a comprehensive consumer data privacy statute comparable to CCPA or VCDPA. The Identity Theft Protection Act (N.C. Gen. Stat. §§ 75-61 through 75-66) governs data breach notification with among the most detailed content requirements in the nation.
-
Blue Pencil Doctrine (Strict): North Carolina follows the strict blue pencil doctrine, meaning courts can strike unreasonable provisions from restrictive covenants but cannot rewrite or modify them. If a non-compete or other restrictive covenant is overbroad, the entire provision may be voided rather than reformed. Draft all restrictive covenants with precision and reasonable limitations.
-
Trade Secrets Protection Act: N.C. Gen. Stat. §§ 66-152 through 66-157. Provides for injunctive relief, actual damages (economic loss or unjust enrichment, whichever is greater), punitive damages for willful and malicious misappropriation, and attorneys' fees. Three-year statute of limitations.
-
Data Breach Notification: N.C. Gen. Stat. § 75-65 requires notification without unreasonable delay. Notice must include detailed content: description of protective acts, contact information, advice about credit reports, FTC and NC AG contact information, and identity theft prevention resources.
-
Limitation of Liability: Generally enforceable in North Carolina. The NC Supreme Court has recognized that parties may contractually limit consequential damages. Exception: limitations may not apply to UDTP claims where treble damages are mandatory.
-
UCC Warranty Disclaimers: Standard UCC requirements apply under N.C. Gen. Stat. § 25-2-316. Disclaimers of merchantability must mention "merchantability" and be conspicuous. Fitness disclaimers must be in writing and conspicuous.
This Enterprise Software as a Service Agreement template is designed for use in North Carolina and specifically accounts for the prohibition on jury trial waivers under N.C. Gen. Stat. § 22B-10, the treble damages exposure under the UDTP Act (N.C. Gen. Stat. §§ 75-1.1, 75-16), the strict blue pencil doctrine, and applicable data breach notification requirements. Legal counsel should review this Agreement before execution to ensure compliance with current law and suitability for specific business needs.
About This Template
A contract is a written record of what two or more parties agreed to and what happens if someone does not follow through. Clear language, defined terms, and clean signature blocks keep disputes small and enforceable. The most common mistakes in contracts come from vague promises, missing details about timing or payment, and skipping standard protective clauses like governing law and dispute resolution.
Important Notice
This template is provided for informational purposes. It is not legal advice. We recommend having an attorney review any legal document before signing, especially for high-value or complex matters.
Last updated: March 2026