SaaS Agreement (Enterprise) - Nevada

ENTERPRISE SOFTWARE AS A SERVICE AGREEMENT

STATE OF NEVADA

AGREEMENT INFORMATION

PARTIES

PROVIDER:

CUSTOMER:

RECITALS

WHEREAS, Provider is in the business of providing cloud-based software as a service solutions and related services;

WHEREAS, Customer desires to obtain access to and use of Provider's software as a service platform for Customer's internal business operations;

WHEREAS, Provider desires to provide Customer with access to such platform subject to the terms and conditions set forth herein;

WHEREAS, the parties intend for this Agreement to comply with all applicable Nevada laws, including without limitation the Nevada Uniform Electronic Transactions Act (NRS Chapter 719), Nevada Consumer Privacy laws (NRS 603A.300 et seq.), and Nevada data security requirements (NRS 603A);

NOW, THEREFORE, in consideration of the mutual covenants, terms, and conditions set forth herein, and for other good and valuable consideration, the receipt and sufficiency of which are hereby acknowledged, the parties agree as follows:

ARTICLE 1: DEFINITIONS

1.1 "Affiliate" means any entity that directly or indirectly controls, is controlled by, or is under common control with a party, where "control" means ownership of more than fifty percent (50%) of the voting securities or equivalent voting interests.

1.2 "Authorized User" means any employee, contractor, or agent of Customer or its Affiliates who is authorized by Customer to access and use the Services under the rights granted to Customer pursuant to this Agreement.

1.3 "Confidential Information" means all non-public information disclosed by one party to the other, whether orally, in writing, or by other means, that is designated as confidential or that reasonably should be understood to be confidential given the nature of the information and circumstances of disclosure, including but not limited to trade secrets as defined under the Nevada Uniform Trade Secrets Act (NRS Chapter 600A).

1.4 "Customer Data" means all data, information, content, and materials that Customer or its Authorized Users submit, upload, transmit, or otherwise provide to or through the Services, including Personal Information.

1.5 "Documentation" means Provider's standard user guides, online help files, technical specifications, and other documentation relating to the Services made available by Provider.

1.6 "Effective Date" means the date first written above or the date of last signature, whichever is later.

1.7 "Fees" means the fees payable by Customer for the Services as set forth in the applicable Order Form.

1.8 "Intellectual Property Rights" means all patents, copyrights, trademarks, trade secrets, and other intellectual property rights recognized under applicable law.

1.9 "Nevada Consumer Privacy Law" means NRS 603A.300 et seq. (enacted via SB 220), as amended from time to time.

1.10 "Nevada Data Breach Notification Law" means NRS 603A.010 through 603A.290, as amended from time to time.

1.11 "Order Form" means an ordering document executed by both parties specifying the Services, Fees, and other commercial terms, substantially in the form attached as Schedule A.

1.12 "Personal Information" has the meaning set forth in NRS 603A.040, including any information concerning an identified or identifiable natural person.

1.13 "Provider IP" means the Services, Documentation, and any and all intellectual property provided or made available by Provider in connection with this Agreement, including any modifications, improvements, or derivative works thereof.

1.14 "Security Incident" means any unauthorized access to, acquisition of, or disclosure of Customer Data, including any "breach of the security of the data system" as defined in NRS 603A.020.

1.15 "Services" means Provider's proprietary software as a service platform identified in the applicable Order Form, including all updates and upgrades thereto.

1.16 "Service Level Agreement" or "SLA" means the service level commitments set forth in Schedule B.

1.17 "Subscription Term" means the period during which Customer is authorized to access and use the Services, as specified in the applicable Order Form.

1.18 "Third-Party Components" means any third-party software, applications, or services integrated with or accessible through the Services.

ARTICLE 2: LICENSE GRANT AND RESTRICTIONS

2.1 License Grant

Subject to Customer's compliance with this Agreement and payment of all applicable Fees, Provider hereby grants to Customer a non-exclusive, non-transferable, non-sublicensable (except to Affiliates and Authorized Users) license during the Subscription Term to:

(a) Access and use the Services for Customer's internal business purposes in accordance with this Agreement and the Documentation;

(b) Permit Authorized Users to access and use the Services, subject to the user limitations set forth in the applicable Order Form;

(c) Use the Documentation solely in support of Customer's authorized use of the Services; and

(d) Make a reasonable number of copies of the Documentation for internal use only.

2.2 Use Restrictions

Customer shall not, and shall not permit any third party to:

(a) License, sublicense, sell, resell, transfer, assign, distribute, or otherwise commercially exploit or make available to any third party the Services except as expressly permitted herein;

(b) Modify, copy, or make derivative works based upon the Services or any portion thereof;

(c) Reverse engineer, disassemble, decompile, or otherwise attempt to derive the source code, algorithms, or data structures of the Services, except to the extent expressly permitted by applicable law notwithstanding this restriction;

(d) Access the Services to build a competitive product or service or to benchmark or compare the Services with competing services;

(e) Use the Services to store or transmit any malicious code, viruses, or harmful data;

(f) Interfere with or disrupt the integrity or performance of the Services or third-party data contained therein;

(g) Attempt to gain unauthorized access to the Services or related systems or networks;

(h) Use the Services in violation of any applicable law, including without limitation Nevada Consumer Privacy Law (NRS 603A.300 et seq.) and Nevada Data Breach Notification Law (NRS 603A);

(i) Remove, alter, or obscure any proprietary notices on the Services; or

(j) Use the Services to transmit unsolicited commercial messages in violation of applicable law.

2.3 Reservation of Rights

Provider reserves all rights not expressly granted to Customer in this Agreement. The Services are licensed, not sold.

2.4 Customer Affiliates

Customer's Affiliates may use the Services subject to the terms of this Agreement, provided that Customer remains responsible for its Affiliates' compliance with this Agreement.

ARTICLE 3: ACCESS AND USE RIGHTS

3.1 Provisioning of Access

Upon execution of an Order Form and payment of applicable Fees, Provider shall provision Customer's access to the Services and provide Customer with login credentials for the initial administrator account.

3.2 Authorized Users

(a) Customer shall be responsible for all acts and omissions of its Authorized Users in connection with this Agreement.

(b) Customer shall ensure that Authorized Users comply with all applicable terms of this Agreement.

(c) Customer shall maintain the security of login credentials and promptly notify Provider of any unauthorized use or suspected Security Incident.

3.3 Usage Limits

Customer's use of the Services is subject to any usage limits specified in the applicable Order Form, including without limitation limits on Authorized Users, storage capacity, API calls, and transaction volumes.

3.4 Overages

If Customer exceeds the usage limits specified in the Order Form, Provider may (a) charge Customer for such excess usage at Provider's then-current rates, or (b) upon notice, require Customer to execute an additional Order Form for the excess usage.

3.5 Third-Party Components

The Services may include or integrate with Third-Party Components. Customer's use of Third-Party Components is subject to the applicable third-party terms, and Customer agrees to comply with such terms.

ARTICLE 4: FEES AND PAYMENT

4.1 Fees

Customer shall pay Provider the Fees set forth in the applicable Order Form. Unless otherwise specified in the Order Form:

(a) Fees are quoted and payable in United States Dollars (USD);

(b) Fees are due and payable annually in advance; and

(c) All Fees are non-refundable except as expressly set forth herein.

4.2 Invoicing and Payment

Provider shall invoice Customer for all Fees in accordance with the billing frequency set forth in the Order Form. Customer shall pay all undisputed invoices within thirty (30) days of the invoice date.

4.3 Late Payments

Any amounts not paid when due shall bear interest at the rate specified in NRS 99.040 (the prime rate at the largest bank in Nevada plus two percent (2%)) per annum, or the maximum rate permitted by applicable law, whichever is less, calculated from the date such payment was due until the date paid.

4.4 Taxes

All Fees are exclusive of applicable taxes. Customer shall be responsible for all sales, use, and excise taxes, and any other similar taxes, duties, and charges of any kind imposed by any federal, state, or local governmental entity on any amounts payable by Customer hereunder, other than any taxes imposed on Provider's income.

4.5 Fee Increases

Provider may increase the Fees for any Renewal Term by providing written notice to Customer at least sixty (60) days prior to the commencement of such Renewal Term. Any fee increase shall not exceed the greater of (a) five percent (5%) of the prior year's Fees, or (b) the percentage increase in the Consumer Price Index for All Urban Consumers (CPI-U) published by the U.S. Bureau of Labor Statistics for the twelve-month period ending three months prior to the renewal date.

4.6 Payment Disputes

If Customer disputes any invoice or portion thereof in good faith, Customer shall (a) pay the undisputed portion when due, (b) provide written notice of the dispute within fifteen (15) days of receipt of the invoice, and (c) cooperate with Provider to resolve the dispute promptly.

ARTICLE 5: DATA RIGHTS AND PRIVACY

5.1 Ownership of Customer Data

As between the parties, Customer retains all right, title, and interest in and to Customer Data. Provider acquires no rights in Customer Data except the limited license granted herein.

5.2 License to Customer Data

Customer grants Provider a non-exclusive, worldwide, royalty-free license to use, copy, store, transmit, display, and process Customer Data solely to the extent necessary to provide the Services and fulfill Provider's obligations under this Agreement.

5.3 Nevada Consumer Privacy Compliance

(a) Provider acknowledges that Customer Data may include "covered information" as defined in NRS 603A.320.

(b) If Provider receives a verified request from a Nevada consumer to opt out of the sale of their covered information pursuant to NRS 603A.345, Provider shall promptly notify Customer and cooperate with Customer in responding to such request.

(c) Provider shall not sell Customer Data unless expressly authorized by Customer in writing and in compliance with NRS 603A.300 et seq.

5.4 Data Processing Addendum

The parties agree to comply with the Data Processing Addendum attached hereto as Schedule C, which is incorporated by reference.

5.5 Aggregated and De-identified Data

Notwithstanding the foregoing, Provider may collect, use, and disclose aggregated or de-identified data derived from Customer Data for Provider's business purposes, including product improvement, benchmarking, and analytics, provided that such data does not identify Customer or any individual.

ARTICLE 6: SECURITY OBLIGATIONS

6.1 Security Program

Provider shall maintain a comprehensive information security program designed to protect Customer Data against unauthorized access, use, disclosure, alteration, or destruction. Such program shall include:

(a) Administrative, technical, and physical safeguards appropriate to the nature and scope of the Services;

(b) Regular security assessments and penetration testing;

(c) Employee security awareness training;

(d) Incident response procedures; and

(e) Business continuity and disaster recovery capabilities.

6.2 Security Standards

Provider represents and warrants that its security program complies with:

(a) Industry-standard security frameworks such as SOC 2 Type II or ISO 27001;

(b) Nevada data security requirements under NRS 603A.210; and

(c) Applicable data protection laws and regulations.

6.3 Security Addendum

The parties agree to comply with the Security Addendum attached hereto as Schedule D, which is incorporated by reference and sets forth Provider's detailed security commitments.

6.4 Security Incident Response

(a) Provider shall notify Customer of any Security Incident without unreasonable delay and in no event later than seventy-two (72) hours after discovery.

(b) Notification shall include, to the extent known: (i) a description of the incident; (ii) the categories and approximate number of records affected; (iii) the likely consequences of the incident; and (iv) measures taken or proposed to address the incident.

(c) Provider shall cooperate with Customer in investigating and mitigating any Security Incident and shall comply with all applicable breach notification requirements under NRS 603A.220.

6.5 Audits

Upon Customer's reasonable written request (not more than once per calendar year unless a Security Incident has occurred), Provider shall permit Customer or its designated third-party auditor to audit Provider's compliance with its security obligations under this Agreement, subject to reasonable confidentiality requirements and advance scheduling.

ARTICLE 7: SERVICE LEVELS

7.1 Availability Commitment

Provider shall use commercially reasonable efforts to make the Services available in accordance with the Service Level Agreement attached as Schedule B.

7.2 Service Credits

If Provider fails to meet the availability commitments set forth in the SLA, Customer shall be entitled to service credits as specified in Schedule B.

7.3 Maintenance Windows

Provider may perform scheduled maintenance during designated maintenance windows as specified in the SLA. Provider shall provide reasonable advance notice of scheduled maintenance that may affect Service availability.

7.4 Support Services

Provider shall provide support services to Customer in accordance with the support terms set forth in the applicable Order Form or SLA.

7.5 Exclusions

The SLA commitments shall not apply to unavailability caused by: (a) factors outside Provider's reasonable control; (b) Customer's equipment, software, or network connections; (c) Customer's breach of this Agreement; or (d) scheduled maintenance.

ARTICLE 8: WARRANTIES AND DISCLAIMERS

8.1 Mutual Representations and Warranties

Each party represents and warrants to the other that:

(a) It is duly organized, validly existing, and in good standing under the laws of its jurisdiction of organization;

(b) It has full power and authority to enter into this Agreement and perform its obligations hereunder;

(c) The execution and performance of this Agreement does not violate any other agreement to which it is a party; and

(d) This Agreement constitutes a valid and binding obligation enforceable in accordance with its terms.

8.2 Provider Warranties

Provider represents and warrants that:

(a) The Services will perform materially in accordance with the Documentation during the Subscription Term;

(b) Provider will provide the Services in a professional and workmanlike manner consistent with industry standards;

(c) Provider has and will maintain all rights necessary to grant the licenses and perform its obligations hereunder;

(d) The Services, as provided by Provider, will not infringe, misappropriate, or violate any third party's Intellectual Property Rights; and

(e) Provider will comply with all applicable laws in providing the Services, including without limitation Nevada Consumer Privacy Law and Nevada Data Breach Notification Law.

8.3 Customer Warranties

Customer represents and warrants that:

(a) Customer has the right to provide Customer Data to Provider and to grant the licenses set forth herein;

(b) Customer's use of the Services will comply with all applicable laws and regulations; and

(c) Customer will not use the Services in any manner that infringes, misappropriates, or violates any third party's rights.

8.4 Disclaimer of Warranties

EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, PROVIDER MAKES NO WARRANTIES, EXPRESS OR IMPLIED, INCLUDING WITHOUT LIMITATION ANY IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE, OR NON-INFRINGEMENT. PROVIDER DOES NOT WARRANT THAT THE SERVICES WILL BE UNINTERRUPTED, ERROR-FREE, OR COMPLETELY SECURE. CUSTOMER ACKNOWLEDGES THAT THE SERVICES ARE PROVIDED "AS IS" TO THE EXTENT NOT INCONSISTENT WITH THE EXPRESS WARRANTIES HEREIN.

ARTICLE 9: INDEMNIFICATION

9.1 Indemnification by Provider

Provider shall defend, indemnify, and hold harmless Customer and its officers, directors, employees, agents, successors, and assigns from and against any and all claims, damages, losses, liabilities, costs, and expenses (including reasonable attorneys' fees) arising out of or relating to any third-party claim alleging that:

(a) The Services, as provided by Provider, infringe, misappropriate, or violate any third party's Intellectual Property Rights; or

(b) Provider's breach of its security obligations under this Agreement or applicable law, including NRS 603A.

9.2 Provider's Options

If the Services are, or in Provider's reasonable opinion are likely to become, subject to an infringement claim, Provider may, at its sole option and expense: (a) obtain the right for Customer to continue using the Services; (b) modify the Services to make them non-infringing without materially reducing functionality; or (c) replace the Services with a non-infringing alternative. If none of the foregoing options is commercially practicable, Provider may terminate this Agreement upon written notice and refund to Customer any prepaid Fees for the period following termination.

9.3 Indemnification by Customer

Customer shall defend, indemnify, and hold harmless Provider and its officers, directors, employees, agents, successors, and assigns from and against any and all claims, damages, losses, liabilities, costs, and expenses (including reasonable attorneys' fees) arising out of or relating to any third-party claim alleging that:

(a) Customer Data or Customer's use of the Services infringes, misappropriates, or violates any third party's rights, including Intellectual Property Rights and privacy rights; or

(b) Customer's breach of this Agreement or violation of applicable law.

9.4 Indemnification Procedures

The indemnified party shall: (a) provide prompt written notice of any claim; (b) grant the indemnifying party sole control of the defense and settlement; and (c) provide reasonable cooperation at the indemnifying party's expense. The indemnified party may participate in the defense at its own expense.

ARTICLE 10: LIMITATION OF LIABILITY

10.1 Exclusion of Consequential Damages

TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, IN NO EVENT SHALL EITHER PARTY BE LIABLE TO THE OTHER PARTY FOR ANY INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, PUNITIVE, OR EXEMPLARY DAMAGES, INCLUDING WITHOUT LIMITATION DAMAGES FOR LOSS OF PROFITS, GOODWILL, USE, DATA, OR OTHER INTANGIBLE LOSSES, EVEN IF SUCH PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES AND REGARDLESS OF THE THEORY OF LIABILITY.

10.2 Cap on Liability

EXCEPT FOR THE EXCLUDED CLAIMS SET FORTH BELOW, EACH PARTY'S TOTAL CUMULATIVE LIABILITY UNDER THIS AGREEMENT SHALL NOT EXCEED THE TOTAL FEES PAID OR PAYABLE BY CUSTOMER TO PROVIDER DURING THE TWELVE (12) MONTH PERIOD IMMEDIATELY PRECEDING THE CLAIM.

10.3 Excluded Claims

The limitations set forth in Sections 10.1 and 10.2 shall not apply to:

(a) Either party's indemnification obligations under Article 9;

(b) Either party's breach of its confidentiality obligations under Article 15;

(c) Customer's payment obligations under this Agreement;

(d) Claims arising from a party's gross negligence or willful misconduct;

(e) Provider's breach of its security obligations resulting in a Security Incident; or

(f) Claims that cannot be limited under applicable law.

10.4 Basis of the Bargain

THE PARTIES ACKNOWLEDGE THAT THE LIMITATIONS OF LIABILITY IN THIS ARTICLE 10 ARE AN ESSENTIAL ELEMENT OF THE BARGAIN BETWEEN THE PARTIES AND REFLECT A REASONABLE ALLOCATION OF RISK. THE PARTIES WOULD NOT HAVE ENTERED INTO THIS AGREEMENT WITHOUT SUCH LIMITATIONS.

ARTICLE 11: TERM AND TERMINATION

11.1 Term

This Agreement commences on the Effective Date and continues for the Initial Term specified in the Order Form, unless earlier terminated in accordance with this Article 11.

11.2 Renewal

Unless either party provides written notice of non-renewal at least sixty (60) days prior to the end of the then-current term, this Agreement shall automatically renew for successive periods equal to the Initial Term (each, a "Renewal Term").

11.3 Termination for Cause

Either party may terminate this Agreement:

(a) Upon thirty (30) days' written notice if the other party materially breaches this Agreement and fails to cure such breach within such notice period; or

(b) Immediately upon written notice if the other party: (i) becomes insolvent or admits inability to pay debts as they become due; (ii) files or has filed against it a petition in bankruptcy or for reorganization; (iii) makes an assignment for the benefit of creditors; or (iv) has a receiver appointed for a substantial portion of its assets.

11.4 Termination for Convenience

Customer may terminate this Agreement for convenience upon ninety (90) days' prior written notice, provided that Customer shall remain liable for all Fees due through the end of the then-current Subscription Term.

11.5 Effect of Termination

Upon termination or expiration of this Agreement:

(a) All rights and licenses granted to Customer shall immediately terminate;

(b) Customer shall immediately cease all use of the Services;

(c) Each party shall return or destroy all Confidential Information of the other party in its possession;

(d) Provider shall comply with the data return and deletion provisions of Article 12; and

(e) Provisions that by their nature should survive termination shall survive, including Articles 1, 5.1, 9, 10, 12, 15, 16, and 17.

11.6 No Refunds

Except as expressly set forth in this Agreement, termination shall not relieve Customer of its obligation to pay Fees due, and no refunds shall be provided for prepaid Fees.

ARTICLE 12: DATA RETURN AND DELETION

12.1 Data Export

During the Subscription Term and for a period of thirty (30) days following termination or expiration (the "Retrieval Period"), Customer may export Customer Data using the export functionality provided within the Services.

12.2 Data Return Assistance

Upon Customer's written request made during the Retrieval Period, Provider shall, at Customer's expense, provide reasonable assistance to export Customer Data in a standard, portable format.

12.3 Data Deletion

Following the Retrieval Period, Provider shall delete or destroy all Customer Data in Provider's possession or control within sixty (60) days, except:

(a) To the extent required to be retained by applicable law or regulation;

(b) Data stored in backup systems, which shall be deleted in accordance with Provider's standard backup retention schedule (not to exceed ninety (90) days); or

(c) Aggregated or de-identified data that does not identify Customer or any individual.

12.4 Certification

Upon Customer's written request, Provider shall certify in writing that it has complied with the data deletion requirements of this Article 12.

ARTICLE 13: CONFIDENTIALITY

13.1 Confidentiality Obligations

Each party agrees to: (a) hold the other party's Confidential Information in strict confidence; (b) use the other party's Confidential Information solely for the purposes of this Agreement; (c) not disclose Confidential Information to any third party except as expressly permitted herein; and (d) protect Confidential Information using at least the same degree of care it uses to protect its own confidential information, but in no event less than reasonable care.

13.2 Permitted Disclosures

A party may disclose Confidential Information to its employees, contractors, and agents who have a need to know such information for the purposes of this Agreement and who are bound by confidentiality obligations at least as protective as those set forth herein.

13.3 Compelled Disclosure

If a party is compelled by law, regulation, or legal process to disclose Confidential Information, such party shall: (a) provide prompt notice to the other party (to the extent legally permitted); (b) reasonably cooperate with the other party's efforts to obtain protective treatment; and (c) disclose only the minimum Confidential Information required.

13.4 Trade Secrets

The parties acknowledge that certain Confidential Information may constitute trade secrets under the Nevada Uniform Trade Secrets Act (NRS Chapter 600A). The receiving party shall not use any improper means (as defined in NRS 600A.030) to acquire, disclose, or use any trade secrets of the disclosing party.

13.5 Exclusions

Confidential Information does not include information that: (a) is or becomes publicly available through no fault of the receiving party; (b) was rightfully in the receiving party's possession prior to disclosure; (c) is rightfully obtained from a third party without restriction; or (d) is independently developed without use of the disclosing party's Confidential Information.

13.6 Return of Confidential Information

Upon termination of this Agreement or upon request, each party shall promptly return or destroy all Confidential Information of the other party, except as required to be retained by law or as otherwise permitted herein.

ARTICLE 14: DISPUTE RESOLUTION

14.1 Governing Law

This Agreement shall be governed by and construed in accordance with the laws of the State of Nevada, without regard to its conflict of laws principles.

14.2 Exclusive Jurisdiction and Venue

The parties irrevocably submit to the exclusive jurisdiction of the state and federal courts located in [Clark County / Washoe County], Nevada, for any dispute arising out of or relating to this Agreement. Each party waives any objection to venue in such courts.

14.3 Waiver of Jury Trial

TO THE FULLEST EXTENT PERMITTED BY NEVADA LAW, EACH PARTY HEREBY IRREVOCABLY WAIVES ANY AND ALL RIGHT TO A TRIAL BY JURY IN ANY LEGAL PROCEEDING ARISING OUT OF OR RELATING TO THIS AGREEMENT OR THE TRANSACTIONS CONTEMPLATED HEREBY.

14.4 Informal Resolution

Before initiating any formal dispute resolution proceeding, the parties shall attempt in good faith to resolve any dispute through informal negotiation. A party wishing to initiate informal dispute resolution shall provide written notice to the other party describing the dispute. The parties shall meet (in person or via video conference) within thirty (30) days of such notice to attempt to resolve the dispute.

14.5 Optional Arbitration

If the parties are unable to resolve a dispute through informal negotiation within sixty (60) days, either party may elect to submit the dispute to binding arbitration administered by the American Arbitration Association (AAA) under its Commercial Arbitration Rules. Any such arbitration shall:

(a) Be conducted by a single arbitrator mutually selected by the parties;

(b) Take place in Las Vegas, Nevada (or Reno, Nevada, if agreed by the parties);

(c) Be conducted in the English language; and

(d) Result in a written decision including findings of fact and conclusions of law.

The arbitrator's decision shall be final and binding, and judgment on the award may be entered in any court of competent jurisdiction.

14.6 Injunctive Relief

Notwithstanding the foregoing, either party may seek injunctive or other equitable relief from any court of competent jurisdiction to prevent irreparable harm, including enforcement of confidentiality obligations or protection of Intellectual Property Rights.

14.7 Prevailing Party

In any action or proceeding to enforce this Agreement, the prevailing party shall be entitled to recover its reasonable attorneys' fees and costs from the non-prevailing party.

ARTICLE 15: GENERAL PROVISIONS

15.1 Entire Agreement

This Agreement, including all Schedules and Order Forms, constitutes the entire agreement between the parties with respect to the subject matter hereof and supersedes all prior and contemporaneous agreements, proposals, or representations, written or oral, concerning its subject matter.

15.2 Amendments

This Agreement may only be amended or modified by a written instrument signed by both parties.

15.3 Waiver

No waiver of any provision of this Agreement shall be effective unless in writing and signed by the waiving party. No failure or delay in exercising any right shall constitute a waiver thereof.

15.4 Severability

If any provision of this Agreement is held to be invalid or unenforceable, such provision shall be modified to the minimum extent necessary to make it valid and enforceable, and the remaining provisions shall continue in full force and effect.

15.5 Assignment

Neither party may assign this Agreement without the prior written consent of the other party, except that either party may assign this Agreement to an Affiliate or in connection with a merger, acquisition, or sale of all or substantially all of its assets. Any purported assignment in violation of this section shall be void.

15.6 Notices

All notices under this Agreement shall be in writing and shall be deemed given when: (a) delivered personally; (b) sent by confirmed email; (c) one (1) business day after deposit with a nationally recognized overnight courier; or (d) three (3) business days after being sent by registered or certified mail, return receipt requested, to the addresses set forth above or such other address as a party may designate in writing.

15.7 Force Majeure

Neither party shall be liable for any failure or delay in performance due to causes beyond its reasonable control, including acts of God, natural disasters, war, terrorism, riots, epidemics, government actions, or failures of third-party telecommunications or power supply. This section shall not excuse Customer's payment obligations.

15.8 Independent Contractors

The parties are independent contractors. Nothing in this Agreement shall be construed to create a partnership, joint venture, agency, or employment relationship between the parties.

15.9 No Third-Party Beneficiaries

This Agreement is for the sole benefit of the parties and their permitted successors and assigns. Nothing herein shall create or be deemed to create any rights in any third party.

15.10 Electronic Signatures

This Agreement may be executed electronically in accordance with the Nevada Uniform Electronic Transactions Act (NRS Chapter 719). Electronic signatures shall have the same legal effect as original signatures.

15.11 Counterparts

This Agreement may be executed in counterparts, each of which shall be deemed an original, and all of which together shall constitute one and the same instrument.

15.12 Export Compliance

Customer shall comply with all applicable export control laws and regulations in connection with its use of the Services.

15.13 Government Rights

If Customer is a government entity, Provider provides the Services as "commercial items" as defined in 48 C.F.R. 2.101, consisting of "commercial computer software" and "commercial computer software documentation." Government rights are limited to those rights customarily provided to the public.

15.14 Construction

This Agreement shall be construed without regard to any presumption against the party causing it to be drafted. Headings are for convenience only and shall not affect interpretation.

ARTICLE 16: NEVADA-SPECIFIC PROVISIONS

16.1 Compliance with Nevada Law

The parties agree to comply with all applicable Nevada statutes and regulations, including without limitation:

(a) Nevada Consumer Privacy (NRS 603A.300 et seq./SB 220): Provider shall maintain reasonable measures to comply with Nevada's consumer privacy requirements regarding the sale of covered information and consumer opt-out rights.

(b) Nevada Data Breach Notification (NRS 603A.010-290): In the event of a Security Incident involving Personal Information of Nevada residents, the parties shall cooperate to comply with the notification requirements of NRS 603A.220, including notification to affected individuals and, where applicable, to the Nevada Attorney General.

(c) Nevada Uniform Trade Secrets Act (NRS Chapter 600A): The parties acknowledge their obligations under Nevada's trade secret protections and agree not to engage in misappropriation of trade secrets.

(d) Nevada Deceptive Trade Practices (NRS Chapter 598): Each party represents that it will not engage in deceptive trade practices in connection with this Agreement.

(e) Nevada Uniform Electronic Transactions Act (NRS Chapter 719): The parties acknowledge that electronic records and signatures used in connection with this Agreement satisfy any requirement for a writing or signature under Nevada law.

16.2 Interest on Late Payments

In accordance with NRS 99.040, interest on late payments shall accrue at the prime rate at the largest bank in Nevada plus two percent (2%) per annum, calculated from the date payment was due until the date paid.

16.3 Consumer Protection

Nothing in this Agreement shall be construed to limit any rights or remedies available to consumers under the Nevada Deceptive Trade Practices Act (NRS Chapter 598) or other applicable consumer protection laws.

EXECUTION

IN WITNESS WHEREOF, the parties have executed this Enterprise Software as a Service Agreement as of the Effective Date.

PROVIDER:

[PROVIDER-LEGAL-NAME]

CUSTOMER:

[CUSTOMER-LEGAL-NAME]

SCHEDULE A: ORDER FORM

Order Form Number: [ORDER-NUMBER]

Effective Date: [ORDER-EFFECTIVE-DATE]

1. Services Ordered

2. Subscription Details

3. Fees

4. Payment Terms

• Billing Frequency: [MONTHLY/QUARTERLY/ANNUALLY]
• Payment Due: Net [30/45/60] days from invoice date
• Payment Method: [ACH/WIRE/CHECK/CREDIT CARD]

5. Special Terms

[ANY SPECIAL TERMS OR CONDITIONS SPECIFIC TO THIS ORDER]

6. Order Form Signatures

SCHEDULE B: SERVICE LEVEL AGREEMENT (SLA)

1. Definitions

"Downtime" means a period during which the Services are unavailable or materially impaired, excluding Scheduled Maintenance and Excused Downtime.

"Monthly Uptime Percentage" means (Total Minutes in Month - Downtime Minutes) / Total Minutes in Month x 100.

"Scheduled Maintenance" means planned maintenance for which Provider provides at least 48 hours' advance notice.

"Excused Downtime" means unavailability due to factors outside Provider's reasonable control.

2. Service Availability

Customer's Service Level: [PLATINUM/GOLD/SILVER]

3. Service Credits

If Provider fails to meet the applicable Monthly Uptime Percentage, Customer shall be entitled to service credits as follows:

4. Service Credit Requests

Customer must request service credits in writing within thirty (30) days following the month in which the Downtime occurred. Service credits shall be applied to the next invoice and shall not exceed fifty percent (50%) of the monthly Fees.

5. Support Response Times

6. Maintenance Windows

• Standard Maintenance: Sundays 2:00 AM - 6:00 AM Pacific Time
• Emergency Maintenance: As required with reasonable notice

SCHEDULE C: DATA PROCESSING ADDENDUM (DPA)

1. Scope and Purpose

This Data Processing Addendum ("DPA") supplements the Agreement and governs Provider's processing of Personal Information on behalf of Customer.

2. Definitions

"Data Subject" means an identified or identifiable natural person to whom Personal Information relates.

"Processing" means any operation performed on Personal Information, including collection, storage, use, disclosure, or deletion.

3. Processing Instructions

Provider shall process Personal Information only in accordance with Customer's documented instructions, unless required by applicable law.

4. Security Measures

Provider shall implement appropriate technical and organizational measures to protect Personal Information, including:

(a) Encryption of Personal Information in transit and at rest;
(b) Access controls and authentication mechanisms;
(c) Regular security testing and vulnerability assessments;
(d) Employee confidentiality obligations and training; and
(e) Incident response procedures.

5. Sub-processors

(a) Customer authorizes Provider to engage sub-processors for the processing of Personal Information.

(b) Provider shall maintain a list of sub-processors and notify Customer of any changes.

(c) Provider shall ensure sub-processors are bound by data protection obligations at least as protective as those in this DPA.

6. Data Subject Rights

Provider shall assist Customer in responding to requests from Data Subjects to exercise their rights under applicable law.

7. Nevada Consumer Privacy (NRS 603A.300 et seq.)

(a) Provider acknowledges its obligations as an "operator" or "data broker" under Nevada law.

(b) Provider shall comply with verified consumer requests to opt out of the sale of covered information.

(c) Provider shall not sell Personal Information unless expressly authorized by Customer.

8. Data Breach Response

In the event of a Security Incident involving Personal Information, Provider shall:

(a) Notify Customer within seventy-two (72) hours;
(b) Provide information necessary for Customer to comply with breach notification requirements under NRS 603A.220;
(c) Cooperate with Customer's investigation; and
(d) Take reasonable steps to mitigate harm.

9. Data Return and Deletion

Upon termination, Provider shall return or delete Personal Information in accordance with Article 12 of the Agreement.

10. Audit Rights

Customer may audit Provider's compliance with this DPA in accordance with Article 6.5 of the Agreement.

SCHEDULE D: SECURITY ADDENDUM

1. Security Program Overview

Provider maintains a comprehensive information security program that includes:

(a) Written information security policies and procedures;
(b) Designated security personnel responsible for program administration;
(c) Risk assessment and management processes;
(d) Technical security controls;
(e) Physical security measures;
(f) Employee security awareness training; and
(g) Third-party security assessments.

2. Technical Security Controls

3. Physical Security

Provider's data centers maintain:

(a) 24/7 on-site security personnel;
(b) Biometric access controls;
(c) Video surveillance;
(d) Environmental controls (HVAC, fire suppression, flood detection); and
(e) Redundant power and connectivity.

4. Personnel Security

(a) Background checks for employees with access to Customer Data;
(b) Confidentiality agreements;
(c) Security awareness training upon hire and annually;
(d) Prompt access revocation upon termination.

5. Third-Party Assessments

Provider maintains the following certifications and assessments:

• [ ] SOC 2 Type II Report (available upon request under NDA)
• [ ] ISO 27001 Certification
• [ ] Annual Penetration Testing
• [ ] Quarterly Vulnerability Assessments

6. Business Continuity and Disaster Recovery

(a) Recovery Time Objective (RTO): [X] hours
(b) Recovery Point Objective (RPO): [X] hours
(c) Annual testing of disaster recovery procedures
(d) Geographically redundant data storage

7. Incident Response

Provider maintains an incident response plan that includes:

(a) Incident detection and analysis;
(b) Containment, eradication, and recovery procedures;
(c) Notification procedures in compliance with NRS 603A.220;
(d) Post-incident review and lessons learned; and
(e) Documentation and evidence preservation.

8. Compliance

Provider certifies compliance with:

(a) NRS 603A (Nevada Security and Privacy of Personal Information);
(b) NRS 603A.300 et seq. (Nevada Consumer Privacy);
(c) Applicable industry-specific requirements (e.g., HIPAA, PCI-DSS) as specified in the Order Form.

ACKNOWLEDGMENT OF SCHEDULES

By signing the Agreement, the parties acknowledge receipt and acceptance of the following Schedules:

• [ ] Schedule A: Order Form
• [ ] Schedule B: Service Level Agreement (SLA)
• [ ] Schedule C: Data Processing Addendum (DPA)
• [ ] Schedule D: Security Addendum

This template is provided for informational purposes only and does not constitute legal advice. Consult with a licensed Nevada attorney before use. Last updated: January 2026.