PE Primer Subscription Agreement

PE Primer, LLC

Learning Management Platform

Subscription Agreement

Last Revised: March 04, 2024

CAREFULLY READ THIS SUBSCRIPTION AGREEMENT. BY EXECUTING AN ORDER FORM FOR THE SERVICES DESCRIBED HEREIN, BY CLICKING THE “I ACCEPT” OR “ACCEPT” BUTTON, OR BY OTHERWISE ACCESSING OR USING THE SERVICES DESCRIBED HEREIN, YOU HEREBY ACCEPT AND AGREE TO BE BOUND BY THIS SUBSCRIPTION AGREEMENT AND REPRESENT THAT YOU ARE DULY AUTHORIZED TO ACCEPT THIS SUBSCRIPTION AGREEMENT ON BEHALF OF YOURSELF AND YORU ORGANIZATION. IF YOU DO NOT AGREE TO THIS SUBSCRIPTION AGREEMENT, DO NOT CLICK THE “I ACCEPT” BUTTON OR OTHERWISE ACCESS OR USE THE SERVICES. THIS SUBSCRIPTION AGREEMENT GOVERNS YORU USE OF THE SERVICES, HOWEVER SUCH SERVICES ARE ACQUIRED, INCLUDING IF ACQUIRED VIA A DISTRIBUTOR. THIS SUBSCRIPTION AGREEMENT SPECIFICALLY ALLOWS FOR PE PRIMER TO ENGAGE IN ARBITRATION TO SETTLE DISPUTES.

This Subscription Agreement (“Agreement”) is between PE Primer, LLC, 1317 Edgewater Dr, #2407, Orlando, FL 32804 (“PE Primer”) and the individual or legal entity that subscribes to, or otherwise accesses and uses, the services and products described herein (“Customer” or “you”). For the purposes of this Agreement, PE Primer and Customer may be referred to individually as a “party” and collectively as the “parties.”

NOW, THEREFORE, in consideration of the premises and the mutual covenants contained herein and other good and valuable consideration, the receipt and sufficiency of which are hereby acknowledged, the parties agree as follows:

1        Definitions. As used in this Agreement:

1.1.           “Affiliate” means any entity which directly or indirectly controls, is controlled by, or is under common control with a party to this Agreement. For purposes of this definition, control means direct or indirect ownership or control of more than fifty percent (50%) of the voting interests of the subject entity.

1.2.           “Authorized User” means Customer and/or Customer’s employees, consultants, contractors, agents, students, apprentices, or similar individuals who are authorized by Customer to access and use the Services under the rights granted to Customer pursuant to this Agreement and for whom access to the Services has been purchased hereunder.

1.3.           “Confidential Information” means all proprietary or confidential information disclosed by a party (“Disclosing Party”) to the other party (“Receiving Party”), whether orally or in writing, and includes all information concerning the following: the Disclosing Party’s customers and potential customers, past, present or proposed products, marketing plans, engineering and other designs, technical data, business plans, business opportunities, finances, research, development, costs and pricing of the Services, and the terms and conditions of this Agreement. For the avoidance of doubt, PE Primer IP shall be considered the Confidential Information of PE Primer. Confidential Information does not include any information that (i) is or becomes generally known to the public without breach of any obligation owed to the Disclosing Party, (ii) was known to the Receiving Party prior to its disclosure by the Disclosing Party without breach of any obligation owed to the Disclosing Party, (iii) is received from a third party without breach of any obligation owed to the Disclosing Party, or (iv) was independently developed by the Receiving Party.

1.4.           “Customer Data” means information, data, and other content, in any form or medium, that is submitted, posted, or otherwise transmitted by or on behalf of Customer or any Authorized User through the Services. For the avoidance of doubt, Documentation, PE Primer IP, and Usage Data are not considered Customer Data.

1.5.           “Distributor” means a third party approved and authorized by PE Primer to offer Customer the Services on a subscription basis.

1.6.           “Documentation” means the user guides, assistance, instructions, technical or operational notes provided or otherwise made available by PE Primer to Customer regarding the access to, or use, security, or performance of, the Services.

1.7.           “PE Primer Intellectual Property (IP)” means the Site, Services, Documentation, Training Materials, Usage Data, and all trademarks, copyrights, logos, and other intellectual property rights embedded therein as the same may be made available to Customer and its Authorized Users during the Term.

1.8.           “Malicious Code” means any “back door,” “drop dead device,” “time bomb,” “Trojan horse,” “virus,” “worm,” “spyware” or “adware” (as such terms are commonly understood in the software industry) or any other code or program designed or intended to have, or be capable of performing or facilitating, any of the following consequences: (i) disrupting, disabling, harming or otherwise impeding in any manner the operation of, or providing unauthorized access to, a computer system or network or other device on which such code or program is stored or installed or (ii) compromising the privacy or data security of the information or data on a computer system or network or other device on which such code or program is stored or installed.

1.9.           “Order Form” means an invoice, an order form, a statement of work, a written agreement (including a service agreement), an online acceptance screen, or similar documentation lawfully and duly executed or accepted between Customer and PE Primer, or between Customer and a Distributor, that sets forth Customer’s subscription terms to access and use the Services including, but not limited to, the permitted numbers of Authorized Users, pricing, and any other terms or restrictions.

1.10.        “Personal Data” shall be ascribed the meaning set forth in the Data Processing Addendum.

1.11.        “Services” means PE Primer’s online, web-based platform, software applications, tools, and features available on the Site that are designed to provide Authorized Users with professional development and training, including any and all Training Materials thereon.

1.12.        “Site” means all websites and any mobile application owned, licensed, or operated by PE Primer from where Customer can access and use the Services, including but not limited to https://pe-primer.com and https://learn.pe-primer.com.

1.13.        “Subscription Fees” means the amount Customer pays, or is required to pay, for the Services during the Term, as set forth in the Order Form or as otherwise agreed to by Customer and PE Primer, or by Customer and Distributor.

1.14.        “Term” shall be ascribed the meaning set forth in Section 5.1. of this Agreement.

1.15.        “Training Materials” means, regardless of the source, all materials, including (regardless of form or format) any and all materials, content, information, articles, opinions, directories, guides, graphics, photographs, images, video and audio clips, advertising and promotional materials, data, software, compilations, designs, and graphical interfaces made available, from time to time, on the Services or Site.

1.16.        “Usage Data” shall be ascribed the meaning set forth in Section 4.2 of this Agreement.

2        Services

2.1.        Provision of Services. During the Term, and subject to and conditioned upon Customer’s payment of the Subscription Fees and its compliance with the terms and conditions of this Agreement, PE Primer agrees to make the Services and Documentation available to Customer on a subscription basis for Customer’s internal business purposes only (e.g., no commercial resale or commercial redistribution of the Services). Customer agrees that its subscription to the Services is limited to the features and functions described in the Order Form and is neither contingent upon the delivery of any future functionality or features, nor dependent upon any oral or written public comments made by PE Primer or a Distributor with respect to future functionality or features. The Services are available subject to the usage limitations and restrictions set forth in the Order Form or Documentation. Other than as expressly set forth in this Agreement, no license or other rights in or to the Services or PE Primer IP are granted to Customer, and all such licenses and rights are hereby expressly reserved to PE Primer. PE Primer reserves the right, at any time and without notice to Customer, to modify, add, suspend, delete, or discontinue, temporarily or permanently, any of the Services (including the Training Materials), or any portion thereof, in its sole discretion, and Customer acknowledges and agrees that PE Primer will not be liable for any of the foregoing.

2.2.        Authorized Users; Monitoring. Customer shall, and shall cause each Authorized User to, abide by the terms of this Agreement. Any action or omission of an Authorized User shall constitute an act or omission of Customer. Customer is only permitted to make the Services available to the total number of Authorized Users set forth in the Order Form, and Customer agrees that access to the Services is limited to Authorized Users on an individual basis. For the avoidance of doubt, Customer shall not, and shall not allow Authorized Users to, transfer account credentials to any other party, including other Authorized Users or employees, agents, or contractors of Customer. Customer shall immediately (and in any event within seventy-two (72) hours) provide written notice to PE Primer if an Authorized User is no longer an employee, contractor, or agent of Customer. Customer shall, at all times, monitor its own use of the Services and report any use of the Services that exceeds the standards or limits set forth in the Order Form and this Agreement, including the unauthorized transfer of account credentials. Customer’s breach of this clause shall be considered a material breach of this Agreement. Without prejudice to other rights and remedies available to PE Primer, Customer shall reimburse PE Primer for any unauthorized use of the Services. Customer represents to PE Primer that each Authorized User shall be at least eighteen (18) years of age. PE Primer may continuously monitor the Services and any other services it provides, including monitoring to verify Customer’s compliance with the terms of this Agreement and the Order Form. PE Primer may terminate or suspend any Customer or Authorized User’s access to the Services for any breach of this Agreement or Order Form without notice.

2.3.        Upgrades. PE Primer shall provide all necessary bug fixes, patches, corrections or other updates to the Services (“Updates”) to keep the Services operating in accordance with the Documentation. PE Primer may also provide new releases (“Upgrades”) to the Services in its sole discretion. All such Updates or Upgrades shall be considered part of the Services and shall be subject to the terms and conditions of this Agreement. To the extent necessary, Customer shall install, download, run, or otherwise employ all such Updates or Upgrades as soon as practicable upon its receipt or notification of the availability of such Updates or Upgrades.

2.4.        Support and Maintenance. Except to the extent agreed upon in an Order Form, PE Primer may, in its sole discretion, provide Customer with technical support services related to the Services (“Support Services”). In providing the Support Services described herein, PE Primer may be required to access, perform operations on and/or in, and transmit information and data to, Customer’s information technology networks, assets, and environment, and Customer (i) acknowledges and consents to PE Primer undertaking, in PE Primer’s sole and reasonable discretion, all of the foregoing to perform the Support Services, (ii) represents and warrants to PE Primer that it has the legal authority to consent with the same, and (iii) has procured the consent from any other applicable third party to allow PE Primer to perform the Support Services.

3        Customer Obligations

3.1.        Customer Responsibilities. Customer is responsible for all activities conducted by itself and its Authorized Users. Except for PE Primer’s obligations described in Section 8 (Confidentiality), Customer shall have sole responsibility for (i) the accuracy, security quality, and legality of the Customer Data and the means by which Customer acquired the Customer Data and the right to provide the Customer Data to PE Primer or the Services for the purposes of this Agreement (including ensuring the receipt of all permissions from individuals and other third parties as may be necessary in order to provide the Customer Data for the purposes contemplated in this Agreement), (ii) the security and confidentiality of account usernames, passwords, and similar information related to the access and use of the Services by Customer or an Authorized User (“Account Credentials”), (iii) maintaining a backup of all Customer Data, and (iv) preventing unauthorized access to, or use of, the Services. Customer will notify PE Primer promptly (and in any event within twenty-four (24) hours) of any unauthorized access or use of the Services or Account Credentials. Customer shall not, under any condition, transmit, input, upload, or otherwise provide any Malicious Code to the Site or Services.

3.2.        Compliance with Laws. Customer shall comply with all applicable federal, state, and local laws, rules, and regulations in connection with (i) its use of the Services, (ii) the collection, disclosure, and other processing of all Customer Data, and (iii) its performance under this Agreement. Customer acknowledges that PE Primer exercises no control over the Customer Data transmitted by Customer or Authorized Users to or through the Services. PE Primer may impose limits on the use or access to the Site or Services to protect or improve the functionality, operability, or availability of the Site or Services.

3.3.        Restrictions. Customer and its Authorized Users shall not, and shall not permit any third party to do any of the following except to the extent expressly authorized by this Agreement: (i) copy or republish the Services or Documentation, (ii) make the Services available to any person other than an Authorized User, (iii) rent, lend, sell, sublicense, or use the Site or Services to provide service bureau, timesharing or other services to third parties, (iv) upload, input, send or store in the Site or Services any sensitive Personal Data, (v) connect to the Site or Services in any country that has data residency or data transmission restrictions, including, but not limited to, the Russian Federation and the People’s Republic of China, (vi) send or store infringing, offensive, harassing or otherwise unlawful material in connection with the Site or Services, (vii) modify or create derivative works based upon the Site, Services or Documentation, (viii) remove, modify, or obscure any copyright, trademark, or other proprietary notices contained in the Site, Services or Documentation, (ix) reverse engineer, decompile, disassemble, or otherwise attempt to derive the source code used or embodied in the Site or Services, which for the avoidance of doubt includes the related algorithms, methods, and techniques, (x) access or use the Site, Services, Training Materials, or Documentation in order to build a similar or competitive product, (xi) install, upload, or transmit Malicious Code to the Site or Services, or (xii) exploit the Site, Services, Training Materials, or Documentation in any unauthorized way whatsoever, including by trespassing or burdening network capacity. In addition, Customer is strictly prohibited from using any information, content, or materials on, or otherwise derived from, the Site, Services, Training Materials, or Documentation in connection with artificial intelligence technologies, including without limitation, training such technologies to generate text, images, audio, or other content in any style, form, or manner. For the avoidance of doubt, Customer does not have the right to, and Customer cannot sublicense others to, reproduce and/or otherwise use any information, content, or materials on or otherwise derived from the Site, Services, Training Materials, or Documentation in any manner in connection with artificial intelligence technologies, including but not limited to training artificial intelligence technologies. If for some reason these restrictions are prohibited by applicable laws or by an agreement PE Primer has with one of its licensors, then the activities are permitted only to the extent required to comply with such laws or agreement.

3.4.        Access and Equipment. Customer acknowledges and agrees that access to, and use of, the Site and Services requires equipment and ancillary services, including modems, hardware, servers, software, operating systems, networking, web servers, internet connectivity, and the like (collectively, “Equipment”). Customer is solely responsible for maintaining Equipment, including any and all payment of third-party fees associated with said Equipment (e.g., internet service provider fees). Customer acknowledges and agrees that Equipment (including internet connectivity) in relation to accessing the Services is provided by third parties over which PE Primer has no control, and is governed by the respective terms of such third parties. The provision, quality, availability and security of Equipment, especially internet connectivity, is the responsibility of Customer and any applicable third party and may impact the functionality and operability of the Services.

3.5.        Third-Party Products. Customer acknowledges that use of certain Services may require the installation of certain software components owned or licensed by PE Primer from a third party (collectively “Third Party Software”) or that are subject to an open source license agreement, including components available under the GNU Affero General Public License (AGPL), GNU General Public License (GPL), GNU Lesser General Public License (LGPL), Mozilla Public License (MPL), Apache License, BSD licenses, or any other license that is approved by the Open Source Initiative (“Open Source Software” and collectively with Third Party Software, the “Third Party Products”). Any use of Third Party Products by Customer shall be solely governed by the terms and conditions of the applicable Third Party Software license or Open Source Software license and not by the terms of this Agreement. Any such Third Party Products license terms shall be set forth in the readme or about files of the Services or otherwise made available by PE Primer. Customer hereby agrees to comply with any additional terms and conditions applicable to Third Party Products.

3.6.        Video Player Terms. Without prejudice to Section 3.5 of this Agreement, Customer acknowledges and agrees that the Services may include videos and similar media (each a “Video Player”) provided by PE Primer or a third party. By using the Services, Customer further acknowledges and agrees that they (i) may be redirected to a third party’s website to access or play the Video Player, and/or (ii) a Video Player’s operability or functionality may be supported by a third party’s website or technology, such as a third-party’s application programming interface. By accessing the Services, Customer hereby acknowledges and agrees that it is subject to any and all terms of service, privacy policies and statements, and cookie and online tracking policies related to the third-party provider of any Video Player, including the legal terms governing YouTube and Vimeo, which are hereby incorporated into and form an integral part of this Agreement. Any breach of the terms and conditions related to Third-Party Products, Video Players, or any other similar product shall be considered a material breach of this Agreement.

3.7.        Enabling Software. The Services may require the use of such enabling software provided by PE Primer that Customer downloads to Customer systems to facilitate use of the Services. Customer may use such enabling software only in connection with use of the Services and in accordance with this Agreement. Such enabling software is provided “AS-IS” and without any warranty of any kind. Additional terms and conditions may apply to such enabling software.

4        Intellectual Property

4.1.        Ownership and Reservation of Rights. As between PE Primer and Customer, PE Primer and its Affiliates retain all right, title, and interest in and to the Site, Services, and PE Primer IP. Customer acknowledges and agrees that all PE Primer IP is and remains the sole and exclusive intellectual property of PE Primer and that Customer is granted a limited, non-exclusive, non-transferable, revocable right to access and use the Services and PE Primer IP during the Term as set forth herein.

4.2.        Rights in Customer Data; Usage Data. As between PE Primer and Customer, Customer owns the Customer Data. Customer hereby grants to PE Primer and its Affiliates a worldwide, nonexclusive, transferable, sublicensable, royalty-free license to host, copy, transmit, display, and process the Customer Data as reasonably necessary to (i) provide the Services and Support Services, (ii) monitor, modify, and improve the Services, and (iii) enforce and defend its rights and obligations set forth in this Agreement. Customer further grants PE Primer the right to use anonymized and aggregated Customer Data to improve the Services and to develop new products and services. PE Primer may collect, retain, and use, during and after the Term for purposes of PE Primer’s business, data that is derived from the operation of the Services, including patterns identified through the use of the Services and algorithms, log data, and data regarding the performance and availability of the Services (“Usage Data”). PE Primer may use Usage Data for its own business purposes, provided that if PE Primer provides Usage Data to any third party, such Usage Data shall be aggregated and anonymized so as not to disclose Customer’s or any Authorized User’s identity.

4.3.        Feedback. To the extent Customer or any of Authorized User provides any suggestions for modification or improvement or other comments, code, information, know-how, or other feedback (whether in oral or written form) relating to the Site, Services, or PE Primer (“Feedback”), Customer hereby acknowledges, agrees and covenants that any and all such Feedback is the sole and exclusive property of PE Primer. To the extent the ownership of the Feedback cannot, by law, transfer to PE Primer, then Customer hereby assigns to PE Primer any and all of Customer’s right, title, and interest in, to and under any and all Feedback and all proprietary rights relating thereto. In the event any such assignment fails or is declared void for any Feedback, Customer hereby grants an irrevocable, perpetual, world-wide, royalty-free, transferable license to any such Feedback. Upon PE Primer’s request and without further compensation therefor, and whether during the Term of this Agreement or thereafter, Customer will do all lawful acts, including, but not limited to, the execution of such papers, the making of such lawful oaths and the giving of such testimony as, in the reasonable opinion of PE Primer, may be necessary or desirable to obtain, sustain, reissue, extend and enforce any proprietary rights related to any Feedback and to perfect, affirm and record PE Primer’s complete ownership and title thereto, and Customer will otherwise cooperate in all proceedings and matters relating thereto.

5        Order and Payment

5.1.        Orders. Customer shall procure the Services by executing or entering into a legally binding Order Form with PE Primer or a Distributor. Customer’s subscription term to access and use the Services shall be set forth in the Order Form (the “Term”). All Services are governed exclusively by this Agreement and the applicable Order Form. In the event of a conflict between this Agreement and the Order Form, the terms and conditions of an Order Form executed between Customer and PE Primer shall supersede and control. For purposes of clarification, Customer and Distributor cannot agree to amend the terms of this Agreement in any manner, whether in an Order Form or otherwise, including to (i) require the Services to be performed in a manner inconsistent with this Agreement, and/or (ii) bind PE Primer to any terms and conditions that are contrary to, or otherwise in conflict with, this Agreement. Any attempt by Customer and Distributor to modify the terms of this Agreement shall be void and of no force and effect.

5.2.        Subscription Fees; Price Increase. All Subscription Fees will remain fixed during the initial Term, unless Customer upgrades to receive additional or enhanced Services (e.g., upgrades, increased access). PE Primer does not guarantee the Subscription Fees for any current Term will be transferrable or available for future use of the Services, and PE Primer may increase the costs associated with future use of the Services in its sole discretion at the end of each Term.

5.3.        Payment. Unless otherwise set forth in the Order Form, Customer shall pay all Subscription Fees upfront and in advance of access and use of the Services. Customer hereby authorizes, as applicable, PE Primer or the Distributor to charge Customer’s credit card or bank account for all Subscription Fees payable during the Term, and to use a third party to process payments, and Customer consents to the disclosure of Customer’s payment information to such third party. Customer will keep Customer’s contact information, billing information and credit card information (where applicable) up to date. Except as otherwise provided herein, Subscription Fees are non-refundable, non-cancellable and not subject to set-off. All Subscription Fees shall be paid by the Customer in U.S. dollars ($). If any Subscription Fees (except with respect to charges then under reasonable and good faith dispute) remain unpaid by their due date, in addition to any other rights or remedies it may have under this Agreement or by matter of law, then (i) PE Primer reserves the right to suspend the Services upon ten (10) days written notice to Customer until such amounts are paid in full, and (ii) any such unpaid Subscription Fees may accrue interest at the rate of the lesser of two (2%) percent of the outstanding balance per month or the maximum rate permitted by law from the date such Subscription Fees were due until the date paid. Further, Customer shall be responsible for all costs and expenses associated with PE Primer or the Distributor’s collection of such Subscription Fees, including reasonable attorneys’ fees. Suspension of the Services under this section shall not release Customer of its payment obligations under this Agreement.

5.4.        Taxes. Customer is responsible for payment of all sales and use taxes, value added taxes (VAT), or similar charges relating to Customer’s purchase and use of the Services, excluding those taxes based on PE Primer’s net income. Applicable taxes shall be computed based on Customer’s address listed in the Order Form and invoiced to and paid by Customer, which amounts are in addition to the Subscription Fees payable for the Services, unless Customer provides a valid tax exemption certificate authorized by the appropriate taxing authority.

6        Term and Termination

6.1.        Term. The Term of this Agreement shall continue for so long as Customer subscribes to the Services and in accordance with the timeframe set forth in the Order Form. Customer may, at any time, terminate its subscription by furnishing PE Primer written notice of its intent to terminate this Agreement, provided that PE Primer will not provide any refunds of prepaid fees or unused Subscription Fees, and Customer shall promptly pay all unpaid fees due through the end of the Term. Termination notices shall be sent to PE Primer via email with the subject line “Termination” and sent to sales@pe-primer.com.

6.2.        Termination for Material Breach. Either party may terminate this Agreement if the other party fails to cure any material breach within thirty (30) days after receipt of written notice of such breach. Upon any termination of this Agreement by Customer for a material breach by PE Primer pursuant to this Section 6.2, PE Primer will refund Customer a pro-rata portion of any prepaid Subscription Fees paid by Customer to PE Primer that cover the remainder of the Term after the effective date of termination and a pro-rata portion of any prepaid Subscription Fees paid by Customer for the Services that address the Services that have not been delivered as of the effective date of termination.

6.3.        Suspension. PE Primer reserves the right to suspend delivery of the Services if PE Primer reasonably concludes that Customer or an Authorized User’s use of the Services is causing immediate and ongoing harm to PE Primer or the security, integrity, or availability of the Site or Services. In the extraordinary case that PE Primer must suspend delivery of the Services in such circumstances, PE Primer shall promptly notify Customer of the suspension and the parties shall diligently attempt to resolve the issue. PE Primer shall not be liable to Customer or to any third party for any liabilities, claims or expenses arising from or relating to any suspension of the Services in accordance with this Section 6.3. Nothing in this Section 6.3 will limit PE Primer’s other rights under this Agreement.

6.4.        Effect of Termination. Upon expiration or termination of this Agreement, all licenses and access to the Documentation and the Services granted to Customer under this Agreement and all Order Forms placed hereunder shall immediately terminate and Customer will cease using the Services and PE Primer Confidential Information. Expiration or termination of this Agreement for any reason other than termination by Customer for a material breach by PE Primer pursuant to Section 6.2 (Termination for Material Breach) shall not relieve Customer of the obligation to pay all future amounts due under all Order Forms. Sections 3.3 (Restrictions), 4 (Intellectual Property), 5 (Order and Payment), 6.4 (Effect of Termination), 7 (Representations and Warranties), 8 (Confidentiality), 10 (Indemnification), 11 (Limitations of Liability) and 12 (Miscellaneous) shall survive the expiration or termination of this Agreement for any reason.

7        Representations and Warranties

7.1.        Warranties. Each party represents and warrants that it has the legal power and authority to enter into and perform under this Agreement and shall comply with all laws applicable to it under this Agreement. Additionally, Customer warrants that (i) Customer owns or has a license to use, and has obtained all necessary consents and approvals for the provision and use of, Customer Data that is placed on, transmitted via, or recorded by the Services, and (ii) the provision and use of Customer Data as contemplated by this Agreement does not and shall not violate Customer’s privacy policy, terms of use, or other agreement to which Customer is a party or any law or regulation to which Customer is subject. PE Primer warrants to Customer that PE Primer will undertake commercially reasonable measures designed to enable the Services to operate in accordance with their function and purpose.

7.2.         DISCLAIMERS. CUSTOMER ACKNOWLEDGES AND AGREES THAT, EXCEPT AS OTHERWISE PROVIDED FOR IN SECTION 7.1 OF THIS AGREEMENT, THE SITE, SERVICES, SUPPORT SERVICES, TRAINING MATERIALS, AND PE PRIMER IP (COLLECTIVELY, THE “PE PRIMER ONLINE SERVICES”) ARE PROVIDED ON AN “AS IS,” “AS AVAILABLE” BASIS AND WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING BUT (NOT LIMITED TO) ANY WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE, WHICH WARRANTIES ARE HEREBY DISCLAIMED. CUSTOMER FURTHER ACKNOWLEDGES AND AGREES THAT THE PE PRIMER ONLINE SERVICES MAY NOT MEET CUSTOMER’S REQUIREMENTS, MAY NOT BE COMPATIBLE WITH ANY PARTICULAR INFORMATION SYSTEM, AND MAY NOT RESULT IN ANY ACTUAL BUSINESS OPPORTUNITIES, REVENUE OR SAVINGS. Customer FURTHER ACKNOWLEDGES AND AGREES THAT THE PE PRIMER ONLINE SERVICES MAY NOT BE CONTINUOUSLY AVAILABLE AND MAY CONTAIN ERRORS, BUGS, AND OTHER GLITCHES THAT MAY NOT BE CORRECTED, AND THE TRAINING MATERIALS MAY NOT BE ACCURATE, TIMELY OR COMPLETE. THE PE PRIMER ONLINE SERVICES MAY BE SUBJECT TO LIMITATIONS, DELAYS, AND OTHER PROBLEMS INHERENT IN THE USE OF THE INTERNET AND ELECTRONIC COMMUNICATIONS, AND PE PRIMER IS NOT RESPONSIBLE FOR ANY DELAYS, DELIVERY FAILURES, VIRUSES, LOSS OR COMPROMISE OF CUSTOMER DATA, OR OTHER DAMAGE RESULTING FROM SUCH PROBLEMS. THE ENTIRE RISK AS TO THE USE OF THE PE PRIMER ONLINE SERVICES IS ASSUMED BY CUSTOMER. EXCEPT AS EXPRESSLY PROVIDED FOR OTHERWISE IN SECTION 7.1, AND THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAWS, PE PRIMER MAKES NO WARRANTIES OF ANY KIND, WHETHER EXPRESS, IMPLIED, STATUTORY, OR OTHERWISE, AND SPECIFICALLY DISCLAIMS ALL WARRANTIES OF FITNESS FOR A PARTICULAR PURPOSE, MERCHANTABILITY, ACCURACY OF INFORMATIONAL CONTENT, SYSTEMS INTEGRATION, NON-INFRINGEMENT, NON-INTERFERENCE WITH ENJOYMENT OR OTHERWISE.

8        Confidentiality

8.1.        Right to Confidential Information. The Disclosing Party retains its entire right, title, and interest, including all intellectual property rights, in and to its Confidential Information, and nothing herein shall be construed as an assignment, grant, option, license, or any other transfer of such right, title, or interest whatsoever to the Receiving Party, and the Receiving Party is only entitled to use the Disclosing Party’s Confidential Information as permitted in this Agreement.

8.2.         Obligations of Confidentiality. The Receiving Party hereby agrees to safeguard the Disclosing Party’s Confidential Information from unauthorized disclosure or access with at least the same degree of care as the Receiving Party would protect its own proprietary or confidential information, but in no event with less than a commercially reasonable degree of care. The Receiving Party may, to the limited extent necessary to satisfy its obligations or enforce its rights under this Agreement, share or provide the Disclosing Party’s Confidential Information to its employees, subsidiaries, affiliates, parent organizations, advisors, consultants and subcontractors (“Representatives”), provided any such Representative is bound in writing to retain the confidentiality of the Disclosing Party’s Confidential Information to the same extent, and in the same manner, as required by the Receiving Party under this Agreement. The Receiving Party is liable and responsible for any breach of this Agreement by its Representatives. For the avoidance of doubt, Customer Data (as defined in the Data Processing Addendum) shall be subject to Section 9 (Data Protection) and not this Section 8.

8.3.        Legal Compliance. Notwithstanding any other provision of this Agreement to the contrary, in the event that the Receiving Party is required under an applicable law or a valid order issued by a court or governmental agency of competent jurisdiction to disclose the Disclosing Party’s Confidential Information (a “Legal Order”), it shall make such a disclosure in accordance with the following: unless legally prohibited, the Receiving Party will provide the Disclosing Party with (i) prompt written notice of the Legal Order so that the Disclosing Party may seek, at its sole cost and expense, a protective order or other remedy; and (ii) reasonable assistance, at the Disclosing Party’s sole cost and expense, in opposing, or seeking a protective order or other limitations on, the Legal Order. If, after providing such notice and assistance, the Receiving Party remains subject to a Legal Order to disclose any of the Disclosing Party’s Confidential Information, the Receiving Party shall disclose no more than that portion of the Confidential Information which such Legal Order specifically requires the Receiving Party to disclose and shall use commercially reasonable efforts to obtain assurances from the applicable government agency or court that such Confidential Information will be afforded confidential treatment and protection.

8.4.         Breaches of Confidentiality. The Receiving Party acknowledges that breach of its confidentiality obligation set forth in this Agreement may cause irreparable harm to the Disclosing Party for which the Disclosing Party may not be fully or adequately compensated by recovery of monetary damages. Accordingly, in the event of any violation, or threatened violation, by the Receiving Party of its confidentiality obligations, the Disclosing Party shall be entitled to seek injunctive relief from a court of competent jurisdiction in addition to any other remedy that may be available at law or in equity, without the necessity of posting bond or proving actual damages. Customer shall immediately (and in any event within twenty-four (24) hours) provide PE Primer with written notice in the event it discovers, or otherwise suspects, the unauthorized access, use, or disclosure of PE Primer’s Confidential Information.

9        Data Protection

9.1.        Data Privacy. Customer, and each Authorized User, acknowledges and agrees that in order to use the Services, Customer and each Authorized User may have to provide PE Primer, or input into the Services, certain Personal Data. Each party agrees that such Personal Data will be subject to the Data Processing Addendum attached hereto, and which is hereby incorporated into, and forms an integral part of, this Agreement. If Customer and/or Authorized User do not agree to, or do not comply with, the Data Processing Addendum, Customer and Authorized User may not access or use the Services. Customer shall not provide or otherwise input into the Services any Personal Data that requires, or is otherwise afforded, special or enhanced legal protection pursuant to a data protection law, statute, or regulation, such as a social security number, driver’s license number, passport number or any other similar government identification number or card, or other “special categories” or “sensitive” data as such terms are used pursuant to applicable data privacy laws, statutes, or regulations. Any violation by Customer of this Section 9.1 and/or the Data Processing Addendum shall be considered a material breach of this Agreement. To the extent that PE Primer collects and processes business contact data or similar Personal Data for the purposes of account administration, troubleshooting, or similar business activities, then PE Primer will collect and process such business contact data or similar Personal Data in accordance with its website privacy statement [https://pe-primer.com/privacy-policy/] (the “Website Privacy Statement”) and not the Data Processing Addendum. To the extent that Customer is acting in an individual, personal capacity when using the Services (i.e., is not an employee, contractor, or agent of another party who is a Customer), then any and all Personal Data collected from such individual Customer shall be collected and processed in accordance with the Website Privacy Statement and not the Data Processing Addendum.

10        Indemnification

10.1.        Rights and Responsibilities. Customer shall indemnify, defend and hold harmless PE Primer and its Affiliates and Distributors, employees, agents, officers, directors, shareholders, representatives, successors and assigns (the “PE Primer Parties”) from and against any loss, liability, cause of action, cost or expense (including reasonable attorneys’ fees) arising from, in connection with, or related to (i) a breach of this Agreement by Customer, or any employee or agent of Customer, or an Authorized User, (ii) any and all acts and omissions of Customer, and its employees and agents, and each Authorized User, in connection with its use of the Services, (iii) PE Primer’s processing or storage of Personal Data, or any other Customer Data, or (iv) the violation, infringement or misappropriation by Customer, any employee, agent or Authorized User of Customer, of PE Primer IP.

11        Limitations of Liability; Disclaimers

11.1.        LIABILITY LIMITS; EXCEPTIONS. TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, IN NO EVENT SHALL THE AGGREGATE LIABILITY OF THE PE PRIMER PARTIES ARISING OUT OF OR RELATING TO THIS AGREEMENT OR THE PROVISION OF THE PE PRIMER ONLINE SERVICES, EXCEED THE AMOUNT OF SUBSCRIPTION FEES PAID OR PAYABLE BY CUSTOMER UNDER THE ORDER FORM GIVING RISE TO THE CLAIM IN THE SIX (6) MONTHS PRECEDING THE EVENT GIVING RISE TO THE CLAIM. THE FOREGOING LIMITATION SHALL APPLY WHETHER AN ACTION IS IN CONTRACT, TORT, OR OTHERWISE AND REGARDLESS OF THE THEORY OF LIABILITY. IN NO EVENT SHALL THE PE PRIMER PARTIES BE LIABLE FOR ANY INDIRECT, PUNITIVE, SPECIAL, EXEMPLARY, INCIDENTAL, OR CONSEQUENTIAL DAMAGES, INCLUDING (BY WAY OF EXAMPLE AND NOT AN EXHAUSTIVE LIST), LOSS OF PROFITS, LOSS OF DATA, BUSINESS INTERRUPTION, LOSS OF USE, OR OTHER COMMERCIAL DAMAGES OR LOSSES ARISING OUT OF OR IN ANY WAY CONNECTED WITH THIS AGREEMENT OR THE PE PRIMER ONLINE SERVICES, HOWEVER CAUSED AND WHETHER IN CONTRACT, TORT, OR OTHERWISE AND REGARDLESS OF THE THEORY OF LIABILITY. THE PE PRIMER PARTIES SPECIFICALLY DISCLAIM ANY AND ALL LIABILITY REGARDING ANY THIRD PARTY PRODUCTS. THE FOREGOING LIMITATIONS ON LIABILITY SHALL NOT APPLY TO THE LIABILITY OF THE PE PRIMER PARTIES ARISING FROM THEIR GROSS NEGLIGENCE THAT RESULTS IN BODILY INJURY, DEATH, OR DAMAGE TO TANGIBLE PROPERTY OF CUSTOMER OR ITS AUTHORIZED USERS.

11.2.        ACKNOWLEDGMENT OF RISK. THE LIMITATIONS OF LIABILITY AND EXCLUSION OF CERTAIN DAMAGES STATED HEREIN WILL APPLY REGARDLESS OF THE FAILURE OF ESSENTIAL PURPOSE OF ANY REMEDY. BOTH PARTIES HEREUNDER SPECIFICALLY ACKNOWLEDGE THAT THE LIMITATIONS OF LIABILITY AND EXCLUSION OF CERTAIN DAMAGES STATED HEREIN ARE REFLECTED IN THE PRICING OF THE SERVICES AND AGREED UPON BY CUSTOMER AND ARE AN ESSENTIAL ELEMENT OF THE BASIS OF THE BARGAINING BETWEEN THE PARTIES.

11.3.        Data Services. PE Primer is not responsible for any backup, recovery or other steps required to ensure that Personal Data and other Customer Data are recoverable in the case of data loss. Customer is solely responsible for backing up Personal Data and other Customer Data on a regular basis and taking appropriate steps to safeguard and ensure the integrity of Personal Data and other Customer Data.

12        Miscellaneous

12.1.        Assignment. Neither party may assign this Agreement or otherwise transfer any right or obligation under this Agreement, without the prior written consent of the other party. Notwithstanding the foregoing, either party may assign this Agreement in its entirety to an acquirer of all or substantially all of the assets or equity of such party to which this Agreement relates, whether by merger, asset sale, or otherwise so long, in the event of an assignment by Customer, as all Subscription Fees then due and payable to PE Primer have been paid. Any attempt by a party to assign or transfer its rights or obligations under this Agreement other than as permitted by this Section 12.1 shall be void and of no effect. Subject to the foregoing, this Agreement shall be binding upon and inure to the benefit of the parties’ successors and permitted assigns. PE Primer may employ subcontractors in performing its duties under this Agreement.

12.2.        Notices. Except as otherwise expressly permitted in this Agreement, notices under this Agreement shall be in writing and shall be deemed to have been given to the other party (i) when personally delivered, (ii) five (5) business days after mailing if sent by registered or certified U.S. mail, or (iii) one (1) business day after deposit for overnight delivery with a recognized courier for U.S. deliveries (or three (3) business days for international deliveries). Except as otherwise set forth in this Agreement, Customer may furnish any and all notices in connection with this Agreement to PE Primer at PE Primer, LLC, Attn: Legal Department, 1317 Edgewater Dr, #2407, Orlando, FL 32804. PE Primer may furnish any and all notices in connection with this Agreement to Customer at the mailing address identified on an Order Form. Notwithstanding the forgoing, PE Primer may also furnish any and all notices in connection with this Agreement to Customer via electronic communication (e.g., email), and such electronic communication shall be deemed to have been given one (1) minute after being sent from PE Primer to Customer. PE Primer may also provide notice of any updates to the terms of this Agreement or to any Documentation or updated subscription pricing by posting the same to the Site.

12.3.        Force Majeure Event. If the performance of this Agreement or any obligation hereunder (other than obligations of payment) is prevented, delayed or restricted by reasons beyond the reasonable control of a party, including acts of God, pandemic, labor disputes or other industrial disturbances, fire, explosion, electrical or power outages, utilities or other telecommunications failures, earthquake, flood, storms or other elements of nature, blockages, embargoes, riots, acts or orders of government, acts of terrorism (including cyber terrorism), war, computer related attacks or hacking, acts or omissions of internet traffic carriers, epidemics, and acts of regulatory or governmental bodies (including the passage of laws or regulations or other acts of government that impact the provision of the Services), the party so affected shall be excused from such performance and liability to the extent of such prevention, delay or restriction.

12.4.        Equitable Relief. The parties agree that a material breach by Customer of Section 8 (Confidentiality) or Section 3.3 (Restrictions) would cause irreparable injury to PE Primer for which monetary damages alone would not be an adequate remedy, and therefore PE Primer shall be entitled to equitable relief in addition to any other remedies it may have hereunder or at law, without the requirement of posting bond or proving actual damages.

12.5.        Changes to These Terms. PE Primer reserves the right to change or modify the terms of this Agreement, in whole or in part, at any time in its sole discretion upon notice to Customer by electronic means, including by the posting of the updated Agreement to the Site. Any changes or modifications to this Agreement will be effective immediately upon the posting of the revisions to the Site and Customer waives any right to receive specific written notice of such changes. Customer’s continued use of the Services following the posting of revised terms and conditions constitutes its acceptance of the changes. Notwithstanding the foregoing, Customer may terminate this Agreement by providing written notice to PE Primer at any time within ninety (90) days of the effective date of the change if it does not agree with any changes. In such event, Customer will receive a pro rata refund of any unused Subscription Fees for the then-current Term.

12.6.        Entire Agreement. This Agreement, together with the Order Form and any documents incorporated herein by reference, contains the entire agreement of the parties with respect to the subject matter hereof and supersedes all previous oral and written communications, representation, understandings, and agreements by the parties concerning the subject matter of this Agreement. No terms, provisions or conditions contained in any purchase order, sales confirmation, or other business form that Customer may use in connection with the transactions contemplated by this Agreement will have any effect on the rights or obligations of the parties or will otherwise modify this Agreement. In the event of a conflict between the Order Form and the Agreement, the terms and conditions set forth in the Order Form shall supersede and control.

12.7.        Publicity; Communications. During the Term of this Agreement (and for a reasonable time thereafter), PE Primer may include Customer’s name and logo in its customer lists, marketing materials, and Site. To the extent Customer provides standard trademark usage guidelines, PE Primer shall use Customer’s name and logo in accordance with such guidelines. Customer hereby acknowledges and agrees that PE Primer may contact Customer, including any Authorized User, via email or telephone (including SMS/text messaging) to market similar products or services to Customer and Customer expressly represents and warrants that it has the rights, consent, and authority to permit such marketing.

12.8.        Export Control. Customer hereby represents and warrants to PE Primer that (i) it is not named on any U.S. government list of persons or entities with which U.S. persons are prohibited from transacting and (ii) it is not nor owned or controlled by or acting on behalf of any such persons or entities, and Customer will not permit any Authorized User to access or use the Services in any manner that would cause any party to violate any U.S. or international embargo, export control law, or prohibition. Without limiting the foregoing, Customer hereby represents to PE Primer that Customer and each Authorized User is not (i) the subject or the target of any U.S. sanctions administered by the Office of Foreign Assets Control of the U.S. Department of the Treasury or the U.S. Department of State, the United Nations Security Council, the European Union, Her Majesty’s Treasury of the United Kingdom, or other relevant sanctions authority (collectively, “Sanctions”), or (ii) located, organized or resident in a country or territory that is the subject or target of Sanctions, including, without limitation, Crimea, Cuba, Iran, North Korea, and Syria. Since its inception, Customer has not knowingly engaged in and is not now knowingly engaged in any activities, dealings, or transactions (i) with any person that at the time of the activity, dealing, or transaction is or was the subject or the target of Sanctions or (ii) with any sanctioned country.

12.9.        Government End User. Customer represents and warrants to PE Primer that Customer is not a U.S. government entity and that this Agreement shall not be subject, under any condition, to the U.S. Federal Acquisition Regulations.

12.10.        Independent Contractors, No Third-Party Beneficiaries. The parties have the status of independent contractors, and nothing in this Agreement nor the conduct of the parties will be deemed to place the parties in any other relationship. Except as provided in this Agreement, neither party shall be responsible for the acts or omissions of the other party or the other party’s personnel. This Agreement shall not create any rights or benefits to parties other than PE Primer and Customer. No third party shall have the right to rely on the Services.

12.11.        No Expert or Specialized Advice or Counsel. All Training Materials are provided with the understanding that PE Primer is not engaged in rendering, and the Services are not intended to render, legal, accounting, financial, tax, or other professional advice. Because individual situations may be fact-dependent and laws, regulations, and market terms and trends change frequently, if expert advice is required, the services of a competent professional should be sought. Before acting on the suitability of the Training Materials for Customer’s personal and/or business situation, please consult a lawyer, accountant, tax advisor, financial advisor, or other knowledgeable professional. References to specific companies or situations in the Training Materials are “for example only” and such information may have been previously disseminated in another format. PE Primer is not affiliated with any of the specific companies used as examples in the Training Materials and use of any trademarks is for purposes of factually identifying the specific companies. You are responsible for consulting with a professional legal, accounting, financial, tax, and other professional advisors concerning the specific circumstances for Customer’s business. PE Primer disclaims any responsibility for the accuracy or adequacy of any positions taken by Customer. If Customer has questions regarding issues specifically related to its industry or business circumstances, Customer should consult with a professional legal, tax, and/or financial advisors. By using the Services, attending any PE Primer event or workshop, or reviewing any Training Materials, Customer assumes all responsibility and risk for use of the same. Customer agrees to indemnify, defend, and hold harmless PE Primer, its directors, officers, members, employees, agents, contractors, and representatives from and against all losses, expenses, damages, and costs, including reasonable attorney fees, arising out of or relating to use of the Services, including the Training Materials.

12.12.        Governing Law, Attorneys’ Fees, and Severability. This Agreement is governed by the laws of the State of Ohio, USA, excluding any of its conflict of law principles that would apply laws of another jurisdiction, and the exclusive venue for any dispute relating to this Agreement shall be the federal or state courts located in Cuyahoga County, Ohio, USA. In any court action at law or equity, which is brought by one of the parties to enforce or interpret the provisions of this Agreement, the prevailing party will be entitled to reasonable attorneys’ fees, in addition to any other relief to which that party may be entitled. The United Nations Convention on Contracts for the International Sale of Goods does not apply. If any term of this Agreement is held to be invalid or unenforceable, that term shall be reformed.

12.13.        Interpretation. For purposes of interpreting this Agreement, (i) unless the context otherwise requires, the singular includes the plural, and the plural includes the singular, (ii) unless otherwise specifically stated, the words “herein,” “hereof,” and “hereunder” and other words of similar import refer to this Agreement as a whole and not to any particular section or paragraph, (iii) the words “include” and “including” will not be construed as terms of limitation, and will therefore mean “including but not limited to” and “including without limitation,” (iv) unless otherwise specifically stated, the words “writing” or “written” mean preserved or presented in retrievable or reproducible form, whether electronic (including email but excluding voice mail) or hard copy, and (v) the captions and section and paragraph headings used in this Agreement are inserted for convenience only and will not affect the meaning or interpretation of this Agreement.

* * * * * * * * * * * * * * *

Data Processing Addendum

This Data Processing Addendum (“DPA”) applies to the extent that PE Primer Processes Customer Personal Data for, or on the behalf of, Customer. In the event of a conflict between this DPA and the Agreement, the terms and conditions set forth in this DPA shall supersede and control with respect to the conflict. For the avoidance of doubt, the terms or conditions set forth in the Agreement that are not otherwise addressed herein shall remain in full force and effect. All capitalized terms that are used, but not defined in this DPA, shall be ascribed the meaning set forth in the Agreement.

1.              Definitions. For purposes of this DPA, the following terms shall apply:

2.        Data Protection

2.1.        General Obligations. As between the parties, Customer shall, at any and all times, retain all rights, title, and interest in Customer Personal Data. Customer hereby appoints PE Primer to Process Customer Personal Data on Customer’s behalf and grants PE Primer a limited, revocable, nonexclusive right to Process Customer Personal Data in accordance with the Documented Instructions. PE Primer acknowledges and agrees that it shall only Process Customer Personal Data in accordance with the Documented Instructions and applicable Data Protection Law, and to the minimal extent necessary to provide the Services. In the event PE Primer is compelled by law to Process Customer Personal Data beyond, or in conflict with, the Documented Instructions, PE Primer shall notify Customer of the same prior to such Processing, unless such prior notification is expressly prohibited by law. PE Primer shall, promptly and without delay, notify Customer if, in PE Primer’s reasonable judgment, the Documented Instructions infringe upon any applicable Data Protection Law.

2.2.        Customer Obligations. Customer and Authorized User may not access or use the Services. Customer acknowledges and agrees that Customer will be solely responsible for the following: (i) the accuracy, quality, and legality of Customer Personal Data submitted and transmitted to the Services, or otherwise provided to PE Primer, (ii) complying with all necessary transparency and lawfulness requirements for the collection and use of the Customer Personal Data, including obtaining any necessary consents and authorizations, and (iii) ensuring Customer and each Authorized User has the right to transfer Customer Personal Data to PE Primer or submit or input Customer Personal Data into the Site or Services.

2.3.        CCPA/CPRA Disclaimer. Each party acknowledges and agrees that the disclosure of Customer Personal Data to the other does not constitute, and is not the intent of either party for such disclosure to constitute, a Sale or Sharing of Customer Personal Data, and if valuable consideration, monetary or otherwise, is being provided by either party, such valuable consideration, monetary or otherwise, is being provided for the rendering of Services and not for the disclosure of Customer Personal Data. PE Primer (i) shall not collect, retain, use, or disclose Customer Personal Data for any purpose (including for any commercial purpose) other than for the specific purpose of performing the Services, unless otherwise required by law, (ii) shall not Sell or Share Customer Personal Data, except as necessary to satisfy its obligations under the Agreement, (iii) shall not collect, retain, use, or disclose Customer Personal Data outside the direct business relationship between PE Primer and Customer, unless expressly permitted by law, (iv) shall not combine the Customer Personal Data that PE Primer receives from, or on behalf of, Customer with Personal Data that PE Primer receives from, or on behalf of, another party, or collects from its own interaction with a Data Subject, except to the extent reasonably necessary to provide the Services and as expressly permitted by law, and (v) shall, at Customer’s reasonable request, cease any unauthorized Processing of Customer Personal Data and grant Customer authorization to assess and remediate any such unauthorized Processing. This DPA is PE Primer’s certification, to the extent the CCPA or any other applicable Data Protection Law requires such a certification, that PE Primer understands and will comply with the Processing limitations with respect to Customer Personal Data that are set forth in the Documented Instructions. The parties acknowledge and agree that PE Primer shall Process Customer Personal Data only for the specific “business purpose” of performing the Services. Notwithstanding the foregoing, Customer acknowledges and agrees that PE Primer may provide information (including via email or text message) to Customer and each Authorized Use of similar Services available to them by PE Primer.

3.        Confidentiality and Information Security

3.1.        Confidentiality. PE Primer shall implement commercially reasonable measures designed to (i) maintain the confidentiality of Customer Personal Data, (ii) ensure that all individuals who are authorized to Process Customer Personal Data on its behalf have committed themselves to confidentiality, and (iii) limit access to Customer Personal Data to only those individuals who have a business need for such access.

3.2.        Information Security. PE Primer shall implement and maintain commercially reasonable technical, physical, and administrative security controls to protect and safeguard Customer Personal Data, including written policies that describe such security controls and set forth responsibilities and obligations applicable to individuals who have access to an Information System (“Information Security Program”). Without limiting the generality of the foregoing, PE Primer shall designate a senior employee to be responsible for the overall management of PE Primer’s Information Security Program. PE Primer may update, amend, or otherwise alter its Information Security Program at any time and without notice to Customer, provided that any such update, amendment, or alteration does not degrade the operability or functionality of the Services, increase the likelihood of a Security Event, or cause the Information Security Program to not meet the minimum standards set forth herein. PE Primer shall periodically conduct a risk assessment to identify reasonably foreseeable vulnerabilities, threats and risks to Customer Personal Data in its custody or control and undertake commercially reasonable measures to mitigate any material or significant vulnerabilities, threats and risks identified therein.

4.        Cooperation and Assistance; Return of Customer Personal Data

4.1.        General Assistance. PE Primer shall provide reasonable assistance to Customer to enable Customer to (i) comply with its obligations and responsibilities under any applicable Data Protection Law, including with respect to Data Subjects exercising their rights and privileges under applicable Data Protection Laws, (ii) undertake data protection impact assessments, and (iii) comply with requests or demands from supervisory authorities.

4.2.        Data Notice and Response. PE Primer shall, immediately and without delay, refer to Customer any correspondence, inquiry, complaint, request, or demand (collectively or individually, a “Data Notice”) concerning the Processing of Customer Personal Data and shall not respond to any such Data Notice unless otherwise required by law. Notwithstanding the foregoing, in response to any such Data Notice, PE Primer may furnish Customer’s email contact information and request the Data Notice be submitted directly to Customer. Upon written request from Customer, PE Primer shall promptly provide access to, amend, correct, delete, or cease Processing, Customer Personal Data in its custody or control, except to the extent the Services provide features or functionality to enable Customer to undertake the same.

4.3.        Return or Destruction of Customer Personal Data. Upon termination of the Services, PE Primer shall, within a maximum period of sixty (60) calendar days and at Customer’s choice: (i) return to Customer all Customer Personal Data and all copies thereof by secure file transfer in such a format as required by Customer, or (ii) destroy, and certify the destruction of, all other copies of Customer Personal Data, unless storage of such data is required by law. Notwithstanding the foregoing, PE Primer may destroy Customer Personal Data that is stored in a back-up or archived format in accordance with its normal retention schedule, provided such Customer Personal Data is otherwise retained in accordance with this DPA.

5.        Security Event Procedures . PE Primer shall implement and maintain an incident response plan setting forth the controls and measures with respect to how PE Primer shall identify and respond to a Security Event. PE Primer shall, when required by Data Protection Law, promptly (and in accordance with the timeframes set forth in Data Protection Law) provide written notice to Customer of any Security Event after becoming aware of, or otherwise discovering, the Security Event, and this written notification shall, to the greatest extent possible, include a description of (i) the nature of the Security Event, (ii) the categories of Customer Personal Data affected by the Security Event, (iii) the approximate number of individuals affected by the Security Event, (iv) any potential legal or regulatory consequences that may arise from the Security Event, and (v) the measures taken or proposed to be taken to address the Security Event. In the event of a Security Event, PE Primer shall designate a senior employee to serve as PE Primer’s single point of contact from whom Customer can obtain more information about the Security Event. PE Primer shall provide reasonable assistance to Customer to investigate or otherwise respond to a Security Event, and enable Customer to meet any legal obligation it may have to give notice of the Security Event to any affected Data Subject, a governmental or regulatory authority, or any other individual or entity.

6.        Audits. PE Primer shall (i) upon request (but not more frequently than annually) respond to questionnaires and similar requests for information provided by Customer to demonstrate PE Primer’s compliance with PE Primer’s obligations under this DPA, and (ii) periodically use independent external auditors to verify the adequacy of its written Information Security Program. If the information and reports described in the foregoing (i) and (ii) do not demonstrate PE Primer’s compliance with its obligations and responsibilities set forth in this DPA, Customer may conduct an inspection or audit of PE Primer’s business operations, or have the same conducted by a qualified third party subject to a nondisclosure agreement, provided (i) Customer furnishes PE Primer at least thirty (30) days’ advanced written notice, (ii) the inspection or audit is conducted during PE Primer’s regular business hours and does not involve penetration testing, vulnerability scanning, or other technical security testing, and (iii) the inspection or audit is conducted in a manner that does not materially interrupt PE Primer’s business operations. Customer shall be solely responsible for all reasonable costs and fees associated with the inspection or audit described herein, unless the results demonstrate PE Primer’s non-compliance with this DPA. Customer shall immediately provide the results or conclusions of any inspection, test, or audit conducted to PE Primer, and PE Primer shall promptly remediate or resolve any significant or material vulnerability or deficiency identified therein.

7.        Subprocessing

7.1.        Subprocessors Authorization. Subject to the restrictions set forth in the Agreement, Customer agrees that PE Primer may authorize the Subprocessors (i) identified in Annex III, (ii) agreed upon in writing between the parties (e.g., SOW or email), and (iii) as otherwise authorized by Customer in accordance with Section 7.2, to Process Customer Personal Data, provided that in the event any of the foregoing (i), (ii), or (iii) apply, PE Primer executes a written agreement with any such Subprocessor that contains terms and conditions that are substantially the same as (and in any event no less stringent than) the terms and conditions set forth in this DPA. PE Primer shall undertake all reasonable efforts to ensure that any such Subprocessor can comply, and is in compliance, with the terms and conditions set forth in this DPA, and PE Primer shall, at any and all times, remain liable to Customer for any and all acts or omissions of a Subprocessor.

7.2.        Subprocessor Changes. PE Primer shall inform Customer of any intended changes concerning the addition or replacement of a Subprocessor, thereby giving Customer the opportunity to object to such changes, provided Customer may only object to such new Subprocessors if there are reasonable grounds to believe that the Subprocessor will be unable to comply with the terms of the Agreement (including this DPA). If Customer objects to PE Primer’s use of a new Subprocessor, Customer shall notify PE Primer in writing within ten (10) business days after receiving notification regarding the proposed use of the Subprocessor. Customer’s failure to object in writing within such time period shall constitute approval to use the new Subprocessor. Customer acknowledges and accepts that the refusal to permit the use of a particular new Subprocessor may result in PE Primer’s inability to satisfy, in full or in part, the terms and conditions of the Agreement, and in such circumstances, Customer may terminate the Agreement in accordance with the termination provisions of the Agreement, and such termination shall not constitute termination for breach of the Agreement.

8.        Cross-Border Data Transfers.

8.1.        EU Standard Contractual Clauses. To the extent Customer Personal Data originates in the European Economic Area (EEA) and PE Primer is not established in a country which the European Commission has granted an adequacy status, the parties undertake to apply the provisions of the EU Standard Contractual Clauses to the transfer and Processing of such Customer Personal Data. If the EU Standard Contractual Clauses are applicable between the parties pursuant to this Section 8.1, their provisions will be deemed incorporated by reference into this DPA. To the extent required by law, the parties shall enter into and execute the EU Standard Contractual Clauses as a separate document. If the parties apply and incorporate the EU Standard Contractual Clauses pursuant to this Section 8.1 of this DPA, then the following shall apply:

• The EU Standard Contractual Clauses shall be governed by the Module Two clauses (Transfer controller to processor) in all applicable instances, and Customer shall be the data exporter and PE Primer shall be the data importer.
• Each party acknowledges and agrees that Clause 7 (Optional – Docking Clause) of the EU Standard Contractual Clauses shall be deemed incorporated therein and applicable to the parties and third parties.
• For purposes of Clause 9(a) (Use of sub-processors) of the EU Standard Contractual Clauses, the parties agree that Option 2 (General Written Authorization) shall apply to the parties, and shall be enforced in accordance with Section 7 and Annex III of this DPA.
• For purposes of Clause 11 (Redress) of the EU Standard Contractual Clauses, the parties agree that the optional wording shall not be incorporated therein and therefore shall not be applicable to the parties.
• For purposes of Clause 17 (Governing law) of the EU Standard Contractual Clauses, the parties agree that the EU Standard Contractual Clauses shall be governed by the law of Ireland and select Clause 17, “Option 1” to this effect.
• For purposes of Clause 18 (Choice of forum and jurisdiction) of the EU Standard Contractual Clauses, the parties agree that any dispute arising from the EU Standard Contractual Clauses shall be resolved by the Courts of Ireland.
• Annex I of the EU Standard Contractual Clauses shall be deemed completed with the information set forth in Annex I to this DPA.
• Annex II of the EU Standard Contractual Clauses shall be deemed completed with the information set forth in Annex II to this DPA.
• Annex III of the EU Standard Contractual Clauses shall be deemed completed with the information set forth in Annex III to this DPA, and replacement Subprocessors shall be agreed upon in accordance with Section 7 of this DPA.

PE Primer shall not transfer Customer Personal Data received under the EU Standard Contractual Clauses (nor permit such Customer Personal Data to be transferred) to a Subprocessor outside the EEA, unless the Subprocessor is established in a country which the European Commission has granted an adequacy status, or PE Primer has obtained Customer’s prior written consent with respect to such transfer and PE Primer implements and maintains such measures as necessary to ensure the transfer is in compliance with Data Protection Law, and such measures may include (without limitation) executing the EU Standard Contractual Clauses, Module 3 (processor to processor).

8.2.        UK Addendum. To the extent Customer Personal Data originates in the UK, and PE Primer is not established in the UK, or a country which the UK authorities granted an adequacy status, the parties undertake to apply the provisions of the EU Standard Contractual Clauses, as updated and amended by the UK Addendum, to the transfer and Processing of such Customer Personal Data and hereby incorporate the UK Addendum by reference into this DPA, provided the UK Addendum shall be supplemented and completed, as appropriate, with the descriptions and party responsibilities, clause options, and similar criteria set forth in Section 8 of this DPA and the Annexes attached hereto. For the avoidance of doubt, with respect to UK data transfers, in the event of a conflict between the EU Standard Contractual Clauses and the UK Addendum, the terms and hierarchy set forth in the UK Addendum shall supersede and control with respect to such UK data transfers only. PE Primer shall not transfer any Customer Personal Data received under the UK Addendum (nor permit such Customer Personal Data to be transferred) to a Subprocessor outside the UK, unless the Subprocessor is established in a country which the UK authorities have granted an adequacy status, or PE Primer has obtained Customer’s prior written consent with respect to such transfer and PE Primer implements and maintains such measures as necessary to ensure the transfer is in compliance with Data Protection Law, and such measures may include (without limitation) executing the EU Standard Contractual Clauses, Module 3 (Transfer processor to processor) and the UK Addendum thereto.

8.3.        Switzerland. To the extent Customer Personal Data originates in Switzerland and PE Primer is not established in a country which Switzerland or, as applicable, the European Commission, has granted an adequacy status, the parties undertake to apply the provisions of the EU Standard Contractual Clauses, as set forth in Section 8.1 of this DPA, to the transfer and Processing of such Customer Personal Data. If the EU Standard Contractual Clauses are applicable between the parties pursuant to this Section 8.3, their provisions will be deemed incorporated by reference into this DPA. If the parties apply and incorporate the EU Standard Contractual Clauses (as set forth in Section 8.1 of this DPA) pursuant to this Section 8.3, then the following shall apply, where required by the Swiss Federal Act on Data Protection (FADP): (i) references to the GDPR in the EU Standard Contractual Clauses are to be understood as references to the FADP insofar as the data transfers are subject exclusively to the FADP and not the GDPR; (ii) the term “member state” in the EU Standard Contractual Clauses shall not be interpreted in such a manner as to exclude Data Subjects in Switzerland from enforcing their rights in Switzerland in accordance with Clause 18(c) of the EU Standard Contractual Clauses, provided Switzerland is their habitual residence, and (iii) for purposes of Annex I(C) of the EU Standard Contractual Clauses, (a) where the data transfers is subject exclusively to the Swiss FADP (and not the GDPR), the supervisory authority is the Swiss Federal Data Protection and Information Commissioner; and (b) where the transfer is subject to both the FADP and the GDPR, the supervisory authority is the Swiss Federal Data Protection and Information Commissioner insofar as the transfer is governed by the Swiss FADP, and the supervisory authority set forth in Annex I of this DPA insofar as the transfer is governed by the GDPR.

8.4.        Other Transfers. To the extent Customer Personal Data originates outside of the EEA, Switzerland, or the UK, and the parties seek to transfer and Process such Customer Personal Data across national borders, the parties shall also undertake to apply, as appropriate, the provisions of the EU Standard Contractual Clauses or the UK Addendum to such transfer and Processing, provided that the EU Standard Contractual Clauses or UK Addendum are legally required and sufficient to meet the requirements of the applicable Data Protection Law for the transfer and Processing of Customer Personal Data across national borders.

9.        Miscellaneous. The DPA shall become effective upon execution of the Agreement, and the obligations set forth herein shall survive for the duration of the Agreement. This DPA will be governed by and construed in accordance with the governing law, venue, and jurisdictional provisions set forth in the Agreement, except as otherwise set forth herein. References in this DPA to “writing” or “written” include e-mail communications and certified mail.

* * * * * * * * * * * * * * * * * *

Annex I

Data Processing Activities

A. List of parties:

B. Description of Transfer: Unless otherwise set forth in a statement of work, order form, or similar documentation, the description of the data transferred is as follows:

(i) Categories of Data Subjects: Customer and/or Customer’s employees, consultants, contractors, agents, students, apprentices, or similar individuals who are authorized by Customer to access and use the Services.

(ii) Categories of Personal Data transferred: The data transferred is the Personal Data provided by the data exporter (Customer) to the data importer (PE Primer) in connection with its use of the Services, which may include: personal identifiers (name, alias, address, email address, account name, telephone number); registration data (usernames, passwords); online identifiers (IP address, device/browser characteristics); usage data (learning activity, bookmarks, notes, quiz results, assessment results); communications (synchronous and asynchronous messages between and among students within the platform Services).

(iii) Sensitive data transferred: None.

(iv) The frequency of transfer: For the duration of the Services.

(v) Nature of Processing: Collection, storage, transfer, retention, transfer, organization, dissemination/displaying, disposal.

(vi) Purpose of the data transfer and further processing: To facilitate the delivery and use of the PE Primer’s web-based learning management software and resource library.

(vii) The period for which Personal Data will be retained: For the duration specified in the Order Form and for the termination and transition period, thereafter, as set forth in the Order Form.

(viii) Subprocessor transfers: The relevant information as set forth in Section 7 and Annex III of this DPA.

C. Competent Supervisory Authority: The competent supervisory authority in accordance with Clause 13 of the EU Standard Contractual Clauses is the supervisory authority of Ireland.

* * * * * * * * * * * * * * * * * *

Annex II

Technical and Organizational Measures

In accordance with Section 3.2 of the DPA, PE Primer’s Information Security Program shall meet or exceed the requirements, standards, and criteria set forth below. Please note that PE Primer leverages LearnWorlds for its learning management platform infrastructure and LearnWorlds’s security controls are available here: https://www.learnworlds.com/data-security/.

1. Asset Management; Printed Materials. PE Primer shall maintain an inventory of all media on which Customer Personal Data is retained or transmitted and shall classify Customer Personal Data within its custody and control. PE Primer shall implement and maintain policies and procedures governing the conditions and circumstances in which PE Primer personnel may store Customer Personal Data on portable devices, remotely access Customer Personal Data, and process Customer Personal Data outside the facilities, premises, or offices owned, leased, or operated by PE Primer.

2. Training. PE Primer shall inform and train PE Primer personnel about relevant security rules and procedures and their respective roles related thereto, and about possible consequences for breaching the security rules and procedures. PE Primer shall not use Customer Personal Data in any training environment or exercise.

3. Physical Security. PE Primer shall establish, implement, and maintain appropriate physical security measures designed to protect its physical computer systems, networks, servers, and other devices that retain or transmit Customer Personal Data.

4. Communications and Operations Management. PE Primer shall establish, implement, and maintain a program to protect the security of its physical infrastructure from all reasonably foreseeable hazards, and a written business continuity plan to ensure the confidentiality, integrity, and availability of Customer Personal Data during a time of emergency or disaster (a “Business Continuity Event”).

5. Malicious Software Prevention. PE Primer shall implement and maintain commercially reasonable anti-malware and antivirus software controls designed to prevent malicious software from gaining unauthorized access to Customer Personal Data, including malicious software originating from external networks. PE Primer shall log access and use of its information systems retaining or transmitting Customer Personal Data.

6. Access Controls. PE Primer shall (i) maintain a record of security privileges of PE Primer personnel who have access to Customer Personal Data and/or who have access to PE Primer’s information systems that retain or transmit Customer Personal Data, (ii) deactivate authentication credentials with respect to information systems that retain or transmit Customer Personal Data that have not been used for a period of time not to exceed six (6) months, (iii) maintain a record of PE Primer employees who may grant, alter or cancel authorized access to Customer Personal Data, and (iv) ensure that PE Primer personnel have separate identifiers/log-ins to PE Primer’s information systems that retain or transmit Customer Personal Data. PE Primer shall implement and maintain controls to prevent PE Primer personnel from gaining access to Customer Personal Data they are not authorized to access, including preventing them from assuming access rights they have not been assigned.

7. Authentication Controls; Passwords. PE Primer shall use commercially reasonable measures to identify and authenticate users who attempt to access information systems that retain or transmit Customer Personal Data, provided that, when authentication mechanisms are based on passwords, PE Primer shall ensure that de-activated or expired identifiers or passwords previously used to access information systems that retain or transmit Customer Personal Data are not granted to other individuals. PE Primer shall monitor any repeated attempts to use an invalid identifier or password to gain access to information systems that retain or transmit Customer Personal Data and respond as appropriate to such attempts. PE Primer shall maintain procedures to deactivate identifiers or passwords to information systems that retain or transmit Customer Personal Data that have been corrupted, compromised, or inadvertently disclosed. PE Primer shall, promptly and without delay, reset any manufacturer-supplied password with respect to any device or asset that is used by PE Primer to retain or transmit Customer Personal Data.

8. System Maintenance. PE Primer shall perform timely and periodic maintenance and patching on its information networks, systems, and devices used to retain or transmit Customer Personal Data.

9. Encryption. PE Primer shall implement and maintain commercially reasonable measures (i) to restrict access to Customer Personal Data within its custody or control, (ii) only allow encrypted connections to information systems used to retain or transmit Customer Personal Data, and (iii) encrypt Customer Personal Data transmitted over public or wireless networks.

10. Security Testing. PE Primer shall periodically undertake internal and external security testing to assess any vulnerabilities to the networks or systems used to retain or transmit Customer Personal Data. Such scanning and testing shall be conducted by PE Primer, or (at PE Primer’s expense) by any external qualified and credentialed organization. PE Primer shall remedy vulnerabilities identified during any such scans and testing in a commercially reasonable manner and timeframe based on severity.

* * * * * * * * * * * * * * * * * *

Annex III

Approved Subprocessors