terms and conditions for pegasystems …€™ products include its pega platform for business...

immixTechnology, Inc. reformatted 9.15.2015

All references to Pegasystems, Inc (“Pegasystems”) in these Terms and Conditions should be read as “Contractor

(immixTechnology, Inc.), acting by and through its supplier, Pegasystems.”

TERMS AND CONDITIONS FOR PEGASYSTEMS PRODUCTS AND SERVICES

MASTER SOFTWARE LICENSE, MAINTENANCE & PROFESSIONAL SERVICES AGREEMENT

Pegasystems’ products include its Pega Platform for business process management, and strategic applications and

technology components that provide purpose-specific or industry-specific functionality that enable customers to

efficiently deploy the Pega Platform for specific solutions. These products are comprised of Pegasystems’ provided

RuleSets that Customer may use to develop Customer Applications comprising one or more new RuleSets for

processing and automation of its business, as described in a License Schedule to this Agreement. Customer may

integrate these Customer Applications to its other systems through Service and Connector facilities. Customer may

also obtain professional services and training under a Work Order.

Licenses

1. License Grant.

(a) Pegasystems grants to Customer or its applicable Affiliate a non-exclusive license to use the Software, in

object code and/or RuleSet form, for the Scope of Use specified in the applicable License Schedule. This license is

non-transferable, except as provided in Paragraphs 15(b) and (c). Pegasystems retains all rights not expressly granted

to Customer in this Agreement.

(b) Customer may use the Software on any Technology Platform that is then generally supported by

Pegasystems, and may switch from one generally supported Technology Platform to another (e.g., from a Windows

environment to a Linux environment) at no additional charge.

(c) Unless specifically authorized by law, Customer may not reverse engineer, decompile, disassemble or

otherwise attempt to determine source code or protocols from the Software. Customer agrees not to lease or

sublicense the Software to any third party or otherwise use it except as permitted under this Agreement or the

applicable Schedule.

(d) In each License Schedule, Customer will commit to purchase licenses for production use of each Customer

Application at the time that development of the Customer Application begins. Customer will not use shared User

IDs, or aggregating technologies such as concentrators, multiplexers, gateways or edge servers, to avoid or reduce

the counting of individuals that use the Software.

(e) Pegasystems retains all right, title and interest to the Software and Background Materials. The Software will

contain Pegasystems’ copyright notice, and Customer will reproduce such notice in any permitted copy made by

Customer.

2. Reserved.

Maintenance

3. Maintenance. In a License Schedule, Customer may purchase maintenance services as described in the

applicable Maintenance Schedule. The following terms and conditions will apply to maintenance services:


(a) If Customer elects not to renew maintenance, the election must be for all of the Software licensed under the

applicable License Schedule. In addition, if Customer cancels maintenance under any License Schedule, it agrees

that it cannot use maintenance services that remain in effect under another License Schedule for the benefit of any

Customer Application that is covered by the License Schedule for which maintenance was cancelled.

(b) Reserved.

(c) In the event that Customer elects not to renew maintenance, and then later elects to purchase maintenance,

any reinstatement of maintenance services will be subject to the mutual agreement of the parties and Customer’s

payment of all fees that would have been payable from the time that Customer discontinued maintenance to the time

of its reinstatement.

Services and Training

4. Performance of Services; Deliverables.

(a) Pegasystems may provide Services to Customer under a mutually–agreed Work Order.

(b) All Deliverables that Pegasystems creates during the course of Services for Customer under this Agreement

will be a “work made for hire” and will become, effective upon payment by Customer in full, the exclusive property

of Customer. Customer will also retain all right, title and interest in any new RuleSets that Customer develops for

itself using the Software. So long as Pegasystems has not used any Customer Confidential Information, Customer

agrees not to challenge or make claims against Pegasystems’ ability to provide its products and services to other

customers.

(c) Pegasystems may use its Background Materials in the course of providing Services to the Customer.

Background Materials will at all times remain the property of Pegasystems, and Customer will receive a non-

exclusive, fully-paid license to use the Background Materials that are provided under a Statement of Work solely in

connection with the Deliverables with which they were provided under the terms of the applicable License Schedule.

General Terms and Conditions

5. Reserved.

6. Reserved.

7. Reserved.

8. Representations and Warranties.

(a) Each party represents and warrants that entering into and carrying out the terms and conditions of this

Agreement will not violate any obligation binding upon it; that each party will comply with all applicable laws in

connection with its performance under this Agreement; and that the executing persons have the authority to bind

their respective parties.

(b) Pegasystems warrants that for a period of 90 days from the initial delivery of the Software:

(i) The Software will operate substantially in accordance with its Documentation; and

(ii) No disruptive or corrupting software that would damage, disable or compromise the security of a Customer

Application will be introduced into the Software by Pegasystems or its employees. Customer will conduct virus-

checking procedures before allowing installation or using the Software, and for each new version, upgrade or service

pack.

Pegasystems will, at its election, promptly repair the Software to resolve any failure of these warranties, which can

be replicated or verified, or replace the Software with alternative software that provides substantially the same


functionality. These remedies will be Customer’s remedy for any failures of these warranties. In order for Customer

to invoke these remedies, Customer must provide written notice to Pegasystems within the warranty period,

expressly outlining the nature of the alleged failure or breach.

(c) The foregoing warranties will be void to the extent that any failure of such warranties is caused by (i) anyone

other than a Pegasystems employee modifying the Software (unless Pegasystems authorizes the specific change in

writing), or (ii) non-Pegasystems’ software or hardware.

(d) Pegasystems warrants that all services provided under this Agreement will be performed in a good and

workmanlike manner, consistent with industry standards.

(e) EXCEPT AS EXPRESSLY STATED IN THIS SECTION 8, PEGASYSTEMS MAKES NO

WARRANTIES, EXPRESS OR IMPLIED, INCLUDING, WITHOUT LIMITATION, IMPLIED WARRANTIES

OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE OR NON-INFRINGEMENT.

9. Reserved.

10. Reserved.

11. Inspection/Acceptance. The Contractor (immixTechnology, Inc.) can only, and shall only tender for

acceptance those items that substantially conform to the software manufacturer’s (“Pegasystems”) published

specifications. Therefore, items delivered shall be considered accepted upon delivery. The Government reserves the

right to inspect or test any supplies or services that have been delivered. The Government may require repair or

replacement of nonconforming supplies or re-performance of nonconforming services at no increase in contract

price. If repair/replacement or re-performance will not correct the defects or is not possible, the Government may

seek an equitable price reduction or adequate consideration for acceptance of nonconforming supplies or services.

The Government must exercise its post-acceptance rights-

(1) Within the warranty period; and

(2) Before any substantial change occurs in the condition of the item, unless the change is due to the defect in the

item..

12. Outsourcing. Customer will be permitted to allow a third party service provider to use the Software as part

of a technology outsourcing arrangement or to assist Customer in the development of a Customer Application,

provided that: (a) such use is solely for the benefit of Customer and subject to the terms and conditions of this

Agreement; and (b) Customer informs Pegasystems in writing and provides reasonable assurances that the

requirements of this Section have been satisfied.

13. Reserved.

14. Insurance. During the term of this Agreement and for so long as any Schedule has not been terminated or

expired, Pegasystems will maintain insurance coverage with limits no less than those set forth below.

Property/Casualty/Fire Insurance - To cover Lease Requirements & Inventory Replacement Basis

Commercial General Liability $1 Million

Workers Compensation Statutory

Employers Liability $1 Million

Automobile Liability $1 Million

Professional Liability (Errors & Omissions) $1 Million


Umbrella/Excess Liability $5 Million

Fidelity Bond $1 Million

The insurance companies used must be rated at least A- by A.M. Best's Rating Service or equivalent. Upon written

request by the Customer, Pegasystems will provide a Certificate of Insurance evidencing the required insurance or

Customer may obtain such certificate directly from:

http://www.marsh.com/MarshPortal/PortalMain?PID=AppMoiFAQ-Terms&CLIENT=900114580.

15. Additional Terms and Conditions.

(a) Reserved.

(b) Reserved.

(c) Customer Combinations. In the event that Customer should merge with, acquire, or be acquired by another

entity (collectively, a “Combination”), the resulting combined entity may only use the Software within the scope of

the Customer’s operations at the time of the Combination. (d) Anti-Corruption. Pegasystems and Customer each

represent and warrant to the other: (i) that it is aware of all anti-corruption legislation that applies to this Agreement

and in particular the US Foreign Corrupt Practices Act 1977; (ii) it has implemented rules and procedures that enable

it to comply with this legislation and adapt to any future amendments thereto; (iii) it has implemented appropriate

rules, systems, procedures and controls for preventing the commission of Corrupt Acts, either by itself or its staff,

and for ensuring that any evidence or suspicion of the commission of a Corrupt Act will be thoroughly investigated

and unless prohibited by confidentiality or law, reported to the other party; (iv) its records relating to its business,

including accounting documents, are maintained and kept so as to ensure their accuracy and integrity; and (v) it has

not made or offered or received or been offered any illegal or improper bribe, kickback, payment, gift, or thing of

value from any of the other party’s employees or agents in connection with this Agreement (reasonable gifts and

entertainment provided in the ordinary course of business do not violate the above restriction). If a party learns of

any violation of the above restriction, it will use reasonable efforts to promptly notify the other party at the address

for notices above.

(e) Reserved.

(f) Export Compliance. The export and re-export of the Software and any Pegasystems technology is subject to

export controls under the laws and regulations of the United States, and may also be subject to export and import

controls under the laws and regulations of other countries. Customer agrees, at all times, to comply fully with these

controls, laws and regulations.

(g) U.S. Government Contracts. This subsection applies when any Software is acquired directly or indirectly by

or on behalf of the United States Government: The Software is a commercial product, licensed on the open market;

developed entirely at private expense; and without the use of any U.S. Government funds. Use, duplication or

disclosure by the U.S. Government is subject to restrictions as set forth in subparagraph (c) of the Commercial

Computer Software Restricted Rights clause at FAR 52.227-19. Use, duplication and disclosure by DOD agencies is

subject solely to the terms of this Agreement as stated in DFARS 227.7202.

(h) Cooperation; Usage Validation. Subject to Customer’s security policies and procedures, Pegasystems and

Customer agree that each will execute and deliver documents, including confirmations to Pegasystems auditors, and

take such other actions as may reasonably be requested to effect the transactions contemplated by this Agreement.

Pegasystems reserves the right, upon reasonable prior notice, to validate Customer’s usage of the Software and its

compliance under this Agreement. Customer will provide usage logs generated by the Software in connection with

this usage validation.

(i) Reserved.

(j) Reserved.


(k) Reserved.

(l) Reserved.

(m) Reserved.

(n) Reserved.

Exhibit A

Definitions

For the purposes of the Agreement and any Schedule, the following definitions will apply, unless otherwise

expressly stated:

“Affiliates” are those entities that control, are controlled by, or are under common control with a party to the

Agreement. Affiliates may be entitled, subject to the terms of this Agreement and the applicable Schedule, to license

Software, use Software licensed by Customer, or purchase maintenance or professional services. For the purpose of

any Schedule to which an Affiliate is a party, the Affiliate will be additionally considered the Customer for purposes

of the Agreement and such Schedule.

“Background Materials” means processes, methods, software (including but not limited to the Software), related

documentation, designs and know-how which Pegasystems creates independently of the services for Customer.

Background Materials also include all tangible and intangible materials created by Pegasystems that apply to other

Pegasystems customers and which do not include any Customer Confidential Information.

“Connector” means an integration facility that permits the Software to call applications for data or processing.

“Corrupt Act” shall mean any act of seeking, authorizing, offering, promising or granting a financial or other benefit

(including a payment, loan, gift or transfer of anything of value) for the purpose of inducing a private person or

public official to perform his or her duties dishonestly or in breach of his or her professional, legal or contractual

obligations and/or to obtain or retain business for Pegasystems and or Customer in an undue or dishonest manner.

“Customer Application” means a unique collection of rules and processes as part of one or more new RuleSets that

are created using the Software and that provide specific business function for the Customer.

“Deliverable” means RuleSets, documents and other tangible work product that are produced by Pegasystems for

Customer during the course of the performance of Services under a Work Order, excluding any Background

Materials.

“Documentation” consists of user manuals for the Software, which are provided to Customer in electronic form at

the time of delivery of the Software.

“License Schedule”, “Maintenance Schedule” or “Work Order” means, respectively, a signed agreement to license

products, purchase maintenance or purchase professional services from Pegasystems. License Schedules,

Maintenance Schedules and Work Orders are referred to collectively as “Schedules”. Each Schedule will be non-


cancelable and non-refundable, except to the extent expressly provided in this Agreement or such Schedule or under

applicable law.

A “RuleSet” is a named collection of configuration records created using the Software. For Pegasystems’ provided

RuleSets, the RuleSet names usually begin with “Pega” or the “&,” “@” or “)” symbol.

“Scope of Use” means the licensed purpose, licensed metric and licensed volume of use for the Software specified in

the applicable License Schedule.

“Service” means an integration facility that permits applications to call the Software for data or processing.

“Services” means professional services provided by Pegasystems pursuant to a Work Order for consulting,

installation support, and access to training courses. Services do not include maintenance.

“Software” will mean the software listed in the applicable License Schedule which is made available to Customer in

machine readable, object code form, including any enhancements, updates, upgrades, modifications or other releases

provided to Customer pursuant to a paid maintenance agreement. The Software includes Pegasystems’ provided

RuleSets.

“Technology Platform” will mean hardware, operating system, database, web browser, application server or other

software on which Customer utilizes the Software.

A “User” is a person who uses the Software in a particular month.

1. “A “Sporadic User” is a person that uses the Software during less than 10 hourly periods in a calendar

month.

2. An “Occasional User” is a person that uses the Software during between 10 and 50 hourly periods in a

calendar month.

3. Any person other than a Sporadic User or Occasional User that uses the Software in a calendar month, or that

has the privilege to modify rules or processes, is a “Regular User”.

Regular Users, Occasional Users and Sporadic Users will be the unit of measurement for work done by customer

staff. The number of Regular Users, Occasional Users and Sporadic Users will be measured each calendar month

based on their actual usage of the Software in that month. The Software tracks only actual use, so a person who has

a User ID but does not use the Software in a month will not be counted as a User for that month. Also, for the

avoidance of doubt, merely being “logged in” is not counted as actual use during inactive hours.

PREMIUM MAINTENANCE SCHEDULE Subject to Customer purchase of such maintenance services, Pegasystems will provide Customer maintenance services

comprising Problem Resolution, Software Updates, Upgrades and access to the Pega Discovery Network (together,

“Support”). Pegasystems will provide Support in accordance with the procedures described in Support @ Pega, the

Pegasystems customer support handbook, as updated from time to time. Pegasystems may not update the Support @

Pega document in a manner that would materially and adversely affect the rights of Customer to Support under this

Maintenance Schedule.


Problem Resolution

Pegasystems will repair errors or problems with the Software so that the Software operates in substantial accordance with

its Documentation. Problem Resolution includes:

Support: Issues may be reported by Customer’s Designated Contacts via Pegasystems’ support portal or via

telephone. Pegasystems will work with the Customer to provide relief and/or a permanent solution to all Support

Requests (SRs).

Designated Contacts: Customer will provide Pegasystems with designated people who may contract Pegasystems’

support. Customer may change these contacts upon written notice to Pegasystems, and it is the responsibility of

Customer to update the contacts (e.g., if one of the designated contacts is no longer employed by Customer or

authorized by Customer to contact Pegasystems’ support).

Access: Access to Customer’s systems shall be controlled at all times by the Customer. Access shall be provided to

Pegasystems on an as needed basis, as approved by Customer. Customer agrees to allow Pegasystems to use a

software tool to view Customer’s desktop environment using a secure, encrypted connection in order to allow

Pegasystems to provide real time response, access and resolution of issues or to promptly apply critical Software

repairs. During any Support session in which Pegasystems has electronic access to Customer’s systems, access to

such systems must include persistent connectivity with reasonable throughput and bandwidth available to perform all

necessary functions. All changes by Customer to electronic access should be communicated to Pegasystems in a

timely manner.

The scope of Problem Resolution is as described in Table A and Table B below:

Support Table A

Problem Resolution Coverage Premium

Coverage For Severity 1 (Down Production Emergencies): 24 X 7

For all other Severity Levels: 9AM – 5PM standard business

days, if: in the US, US ET; in Europe, GMT; in Asia Pacific, Australian ET

Number of Calls Unlimited

Telephone support within coverage hours Included

Secure access to Knowledge Base FTP site Included

Severity 1 Initial Target Response Time 15 minutes **

Severity 2 Initial Target Response Time 1 hour *

Severity 3 Initial Target Response Time 4 hours *

Severity 4 Initial Target Response Time 8 hours *

* Initial response during standard business days

** Initial response, 24x7

Support Table B

Severity Level Severity Level Description

1

Severity 1 is used in instances in which the Pegasystems production system is down or the Software is otherwise unusable

resulting in massive disruption of production use. Pegasystems’ goal for providing initial relief (such as an alternative

method to restore system operations) for Severity 1 cases is within 4 hours. The timeframe for providing a permanent

resolution for Severity 1 issues is dependent upon the specific situation, and is typically jointly determined by Customer and Pegasystems’ support manager. Severity 1 cases are eligible for continuous effort by Pegasystems support personnel,


provided that Customer’s resources are made similarly available, until relief is provided.

2

Severity 2 problems involve disruption of a major feature or function of the Software due to a defect and have a significant

impact on production (but do not result in extended downtime), or severely impair development efforts. The time frame for

providing a permanent resolution for Severity 2 issues is dependent on the specific situation, and is typically jointly determined by the Customer and Pegasystems’ support manager.

3

Severity 3 is Pegasystems' default severity, and is always used for new cases unless otherwise requested by Customer.

Severity 3 problems include those that involve the failure of a feature or function which results in the Software not working

as described in the Documentation.

4

Severity 4 problems include general questions about Software usage/functionality that do not involve errors. Non-Software

issues such as requests for support network web site access, problems using the support network, or other issues that do not

impact usability of the Software also fall into this category.

Pegasystems is not responsible for errors caused by (a) non-Pegasystems’ software or hardware, (b) unauthorized

modifications to the Software, or (c) failure to follow the operating procedures described in the Software documentation,

or those errors that Customer cannot reproduce under test conditions.

Software Updates

Software Updates support the evolution of the Software. They periodically consist of:

Maintenance Level Updates: sets of modifications for published generally available Software releases primarily

designed to address functional defects only.

Documentation Updates: reflect changes to Software, documentation and help files.

Upgrades

Upgrades provide new functionality and enhancements to the Software within the functional domain of the licensed

components.

Installation of Software Updates and Upgrades by Pegasystems’ personnel can be provided at Pegasystems’ then-current

hourly professional services fees, plus applicable expenses subject to Customer issuing an ordering document for such

services.

Pega Discovery Network

The Pega Discovery Network (“PDN”) is the primary technical resource for Customer’s Software developers and system

administrators. The PDN contains a broad range of technical articles including troubleshooting and "How-To"

information, a comprehensive and searchable knowledgebase to help developers speed their application development, and

a library of shared component examples, and copies of formal product documentation and PRPC Help systems. The PDN

also enables members to access Pegasystems’ on-line support resources in order to submit defect reports and enhancement

suggestions, and to review all issues associated with the user's PDN account.

Escalation Process

The Customer may request escalation for a Support Request (SR) when there is a concern about progress, or about the

fitness or quality of the response. The details of the escalation process are documented in Support @ Pega, the customer

support handbook.


MASTER PEGA CLOUD SUBSCRIPTION AGREEMENT

Pegasystems’ products include its Pega Platform for business process management, and strategic applications and

technology components that provide purpose-specific or industry-specific functionality that enable customers to

efficiently deploy the Pega Platform for specific solutions. These products are comprised of Pegasystems’ provided

RuleSets that Customer may use to develop Customer Applications comprising one or more new RuleSets for processing

and automation of its business. Customer may integrate these Customer Applications to its other systems through Service

and Connector facilities and deploy them on the Pega Cloud. Customer may also obtain professional services and training

under a Work Order. Definitions are stated on Exhibit 1 hereto.

Subscription Services1. Subscription Rights and Responsibilities.

(a) Pursuant to the applicable Schedule and subject to the terms and conditions of this Cloud Agreement,

Pegasystems will provide Customer a non-transferable, non-exclusive subscription to the Pega Cloud, inclusive

of the Software, for the number of Users, Scope of Use and during the Term specified in the Schedule (the

“Subscription”), to develop, test and deploy Customer Applications into production. As part of making the Pega

Cloud available to the Customer, Pegasystems (i) will provide the applicable Subscription services described in

Exhibit 2 at the licensed capacity; (ii) provide the Subscription Support and Service Levels described in Exhibit

3; and (iii) adhere to the security practices described in Exhibit 4.

(b) During the Term of the Subscription, Customer will:

(i) Be responsible for the accuracy, integrity and legality of the content and data;

(ii) Be responsible for configuring a Guardrail Compliant Customer Application and for the performance of

such Customer Applications. Customer may engage Pegasystems for performance-tuning services of such

Customer Applications pursuant to a separate Work Order;

(iii) Use the Subscription only in accordance with the Subscription Documentation, Acceptable Use Policy

and applicable laws and regulations;

(iv) Prevent unauthorized access to or use of the Subscription and notify Pegasystems promptly of any such

unauthorized access, use, or suspected breach;

(v) Only use de-identified customer data in the Standard Sandbox;

(vi) Inform Pegasystems if actual customer data in the Large Sandbox or Production Environment will include

personal health information (PHI);

(vii) Not include any confidential or sensitive data captured in the Customer Application log files;

(viii) Appropriately protect confidential or proprietary information related to Customer’s use of the

Subscription, including its security credentials; and


(ix) Appropriately protect and be responsible for the data that the Customer integrates and flows through the

Subscription.

(c) During the Term of the Subscription, Customer grants to Pegasystems a worldwide, limited-term license: (i) to

host, copy, execute, transmit and display Customer’s data and any Customer Applications (including non-

Pegasystems’ applications), as necessary for Pegasystems to provide the Subscription; and (ii) to use any

information concerning Customer’s Subscription experience in an anonymized form to help upgrade and

improve the Pega Cloud services and to support general marketing efforts regarding them. Subject to the limited

licenses granted here, Pegasystems will not acquire any right, title or interest from Customer in or to

Customer’s data or any third-party applications.

(d) Customer acknowledges that its access to and use of the Subscription may be temporarily suspended during

scheduled times on weekends or weekdays between 11:00pm and 5:00am Customer’s local time zone to permit

Pegasystems to perform maintenance on or make modifications to the Subscription. Pegasystems will use

reasonable efforts not to undertake scheduled maintenance for more than 40 hours during a Subscription Month.

Pegasystems will provide the Customer with at least five days prior notice of scheduled maintenance; provided

that Pegasystems may provide less notice to address modifications mandated by AWS or known security

vulnerabilities.

(e) Customer further acknowledges that its access to and use of the Subscription may be temporarily suspended at

any time in the event of a denial of service attack, or other event that Pegasystems reasonably determines may

create a risk to the Subscription. Pegasystems may also suspend the Subscription for legal or regulatory reasons.

During such times Pegasystems will use reasonable efforts to give Customer prompt email notice of the

suspension and updates regarding resumption of service. Pegasystems will have no liability for any damage,

liabilities, or other losses that Customer may incur as a result of any suspension of access to the Subscription.

(f) Upon Customer’s written request made no later than fifteen days after the termination or expiration of the

Customer’s Subscription, Pegasystems will make Customer’s data in its possession available to Customer by

means of a backup file of the database that is running in the Production Environment and that is encrypted to

customary standards, unless otherwise agreed in writing. Upon providing the Customer data to Customer, or the

lapse of the time period for Customer to request its data, Pegasystems will have no obligation to maintain or

provide Customer’s data in its possession or control and may delete such Customer data, unless legally

prohibited.

(g) Customer may only use the Subscription in accordance with the terms of this Cloud Agreement. Customer

agrees not to sell, resell, rent, outsource, timeshare, lease or sublicense the Subscription or the Software to any

third party or otherwise use it except as permitted under this Cloud Agreement and the applicable Schedule.

(h) In each Schedule, Customer will commit to purchase licenses for production use of each Customer Application

at the time that development of the Customer Application begins. Customer will not use shared User IDs, or

aggregating technologies such as concentrators, multiplexers, gateways or edge servers, to avoid or reduce the

counting of individuals that use the Software.

2. Restrictions.


(a) Customer may only use the Subscription in accordance with the terms of this Cloud Agreement. Customer

may use the Software in object code and/or RuleSet form, for the Scope of Use specified in the applicable

Schedule.

(b) Unless specifically authorized by law, Customer may not reverse engineer, decompile, disassemble or otherwise

attempt to determine source code or protocols from the Software. Customer agrees not to sell, resell, rent,

outsource, timeshare, lease or sublicense the Subscription or the Software to any third party or otherwise use it

except as permitted under this Cloud Agreement or the applicable Schedule.

(c) Pegasystems retains all right, title and interest to the Subscription, Software and Background Materials. The

Software will contain Pegasystems’ copyright notice, and Customer will reproduce such notice in any permitted

copy made by Customer.

3. Reserved.

Professional Services and Training

4. Performance of Services; Deliverables.

(a) Pegasystems may provide Services to Customer under a mutually–agreed Work Order.

(b) All Deliverables that Pegasystems creates during the course of Services for Customer under this Agreement will

be a “work made for hire” and will become, effective upon payment by Customer in full, the exclusive property

of Customer. Customer will also retain all right, title and interest in any new RuleSets that Customer develops

for itself using the Software. So long as Pegasystems has not used any Customer Confidential Information,

Customer agrees not to challenge or make claims against Pegasystems’ ability to provide its products and

services to other customers.

(c) Pegasystems may use its Background Materials in the course of providing Services to the Customer.

Background Materials will at all times remain the property of Pegasystems, and Customer will receive a non-

exclusive, fully-paid license to use the Background Materials that are provided under a Statement of Work

solely in connection with the Deliverables with which they were provided under the terms of the applicable

Schedule.

General Terms and Conditions

5. Reserved.

6. Reserved.

7. Reserved.

8. Representations and Warranties.

(a) Each party represents and warrants that entering into and carrying out the terms and conditions of this

Agreement will not violate any obligation binding upon it; that each party will comply with all applicable laws

in connection with its performance under this Agreement; and that the executing persons have the authority to

bind their respective parties.

(b) Pegasystems warrants that for a period of 90 days from the initial delivery of the Software:


(i) The Software will operate substantially in accordance with the Software Documentation; and

(ii) No disruptive or corrupting software that would damage, disable or compromise the security of a

Customer Application will be introduced into the Software by Pegasystems or its employees. Customer

will conduct virus-checking procedures before allowing installation or using the Software, and for each

new version, upgrade or service pack.

Pegasystems will, at its election, promptly repair the Software to resolve any failure of these warranties, which

can be replicated or verified, or replace the Software with alternative software that provides substantially the

same functionality. These remedies will be Customer’s remedy for any failures of these warranties. In order

for Customer to invoke these remedies, Customer must provide written notice to Pegasystems within the

warranty period, expressly outlining the nature of the alleged failure or breach.

(c) The foregoing warranties will be void to the extent that any failure of such warranties is caused by (i) anyone

other than a Pegasystems employee modifying the Software (unless Pegasystems authorizes the specific change

in writing), or (ii) non-Pegasystems’ software or hardware.

(d) Pegasystems warrants that all services provided under this Agreement will be performed in a good and

workmanlike manner, consistent with industry standards.

(e) EXCEPT AS EXPRESSLY STATED IN THIS SECTION 8, PEGASYSTEMS MAKES NO WARRANTIES,

EXPRESS OR IMPLIED, INCLUDING, WITHOUT LIMITATION, IMPLIED WARRANTIES OF

MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE OR NON-INFRINGEMENT.

9. Reserved.

10. Reserved.

11. Reserved.

12. Reserved.

13. Insurance. During the term of this Agreement and for so long as any Schedule has not been terminated or expired,

Pegasystems will maintain insurance coverage with limits no less than those set forth below.

Property/Casualty/Fire Insurance - To cover Lease Requirements & Inventory Replacement Basis

Commercial General Liability $1 Million

Workers Compensation Statutory

Employers Liability $1 Million

Automobile Liability $1 Million

Professional Liability (Errors & Omissions) $1 Million

Umbrella/Excess Liability $5 Million

Fidelity Bond $1 Million

Information Technology and Internet Liability $5 Million

System Security and Privacy Liability $5 Million

The insurance companies used must be rated at least A- by A.M. Best's Rating Service or equivalent. Upon written

request by the Customer, Pegasystems will provide a Certificate of Insurance evidencing the required insurance. Or


Customer may obtain such certificate directly from:

http://www.marsh.com/MarshPortal/PortalMain?PID=AppMoiFAQ-Terms&CLIENT=900114580

14. Additional Terms and Conditions.

(a) Reserved.

(b) Reserved.

(c) Customer Combinations. In the event that Customer should merge with, acquire, or be acquired by another

entity (collectively, a “Combination”), the resulting combined entity may only use the Software within the

scope of the Customer’s operations at the time of the Combination. In addition, the parties will negotiate in

good faith a proportionate adjustment to the fees due under the applicable Schedule as a result of the

Combination.

(d) Reserved.

(e) Export Compliance. The export and re-export of the Software and any Pegasystems technology is subject to

export controls under the laws and regulations of the United States, and may also be subject to export and

import controls under the laws and regulations of other countries. Customer agrees, at all times, to comply fully

with these controls, laws and regulations.

(f) Anti-Corruption. Pegasystems and Customer each represent and warrant to the other: (i) that it is aware of all

anti-corruption legislation that applies to this Agreement and in particular the US Foreign Corrupt Practices Act

1977; (ii) it has implemented rules and procedures that enable it to comply with this legislation and adapt to any

future amendments thereto; (iii) it has implemented appropriate rules, systems, procedures and controls for

preventing the commission of Corrupt Acts, either by itself or its staff, and for ensuring that any evidence or

suspicion of the commission of a Corrupt Act will be thoroughly investigated and unless prohibited by

confidentiality or law, reported to the other party; (iv) its records relating to its business, including accounting

documents, are maintained and kept so as to ensure their accuracy and integrity; and (v) it has not made or

offered or received or been offered any illegal or improper bribe, kickback, payment, gift, or thing of value from

any of the other party’s employees or agents in connection with this Agreement (reasonable gifts and

entertainment provided in the ordinary course of business do not violate the above restriction). If a party learns

of any violation of the above restriction, it will use reasonable efforts to promptly notify the other party at the

address for notices above.

(g) Cooperation; Usage Validation. Subject to Customer’s security policies and procedures, Pegasystems and

Customer agree that each will execute and deliver documents, including confirmations to Pegasystems auditors,

and take such other actions as may reasonably be requested to effect the transactions contemplated by this

Agreement. Pegasystems reserves the right, upon reasonable prior notice, to validate Customer’s usage of the

Software and its compliance under this Agreement. Customer will provide usage logs generated by the

Software in connection with this usage validation.

(h) Reserved.

(i) Reserved.

(j) Reserved.

(k) Reserved.

(l) Reserved.

(m) Reserved.

http://www.marsh.com/MarshPortal/PortalMain?PID=AppMoiFAQ-Terms&CLIENT=900114580


EXHIBIT 1

DEFINITIONS

For the purposes of the Agreement and any Schedule, the following definitions will apply, unless otherwise expressly

stated:

“Acceptable Use Policy” means the then current policy as published from time to time at www.pega.com/cloud-aup, for

informational purposes only.

“Affiliates” are those entities that control, are controlled by, or are under common control with a party to the Agreement.

Affiliates may be entitled, subject to the terms of this Agreement and the applicable Schedule, to license

Software, use Software licensed by Customer, or purchase maintenance or professional services. For the purpose

of any Schedule to which an Affiliate is a party, the Affiliate will be additionally considered the Customer for

purposes of the Agreement and such Schedule.

“Background Materials” means processes, methods, software (including but not limited to the Software), related

documentation, designs and know-how which Pegasystems creates independently of the services for Customer.

Background Materials also include all tangible and intangible materials created by Pegasystems that apply to

other Pegasystems customers and which do not include any Customer Confidential Information.

“Connector” means an integration facility that permits the Software to call applications for data or processing.

“Corrupt Act” shall mean any act of seeking, authorizing, offering, promising or granting a financial or other benefit

(including a payment, loan, gift or transfer of anything of value) for the purpose of inducing a private person or

public official to perform his or her duties dishonestly or in breach of his or her professional, legal or contractual

obligations and/or to obtain or retain business for Pegasystems and or Customer in an undue or dishonest manner.

“Customer Application” means a unique collection of rules and processes as part of one or more new RuleSets that are

created using the Software and that provide specific business function for the Customer.

“Deliverable” means RuleSets, documents and other tangible work product that are produced by Pegasystems for

Customer during the course of the performance of Services under a Work Order, excluding any Background

Materials.

“Environment” means a Customer-accessible system(s) operated by Pegasystems. The following types of Environments

are available:

“Standard Sandbox” means a service that is intended to be used for research and development,

functional/unit testing, UAT testing of Customer Applications and training. It is not intended to be used for

load or benchmark testing nor real-time data processing.

“Large Sandbox” means a service that is intended to support pre-production, staging and testing of the

Customer Applications. It is not intended to be used for load or benchmark testing nor real-time data

processing.

“Production Environment” means an Environment that is designed, built and scaled to accommodate

Customer Applications in order to process live and/or real-time data in connection with Customer’s ongoing

business operations and is deployed within a single geographic region.

“Production Mirror” means an exact replica of the scaled Production Environment that can be used for

staging, scaled benchmark testing and load performance testing. It is not intended to be used as an alternative

http://www.pega.com/cloud-aup


Production Environment to process live and/or real-time data in connection with Customer’s ongoing

business operations.

“Guardrail Compliant” means a Customer Application with no severe warnings flagged by the Software and with a

guardrail weighted score generated by the Software that is within the range deemed compliant as specified in the

Subscription Documentation.

“Pega Cloud” means fully managed operational services for the Customer Applications. These services are provided

within a single-tenant virtual private cloud (VPC) deployment and are operated on a 24x7 basis.

“Production Storage” is calculated based on the aggregate of work objects, history entries, attachments and any

customer data or files stored by the Customer within its Production Environment, with the amount specified on

the applicable Schedule.

A “RuleSet” is a named collection of configuration records created using the Software. For Pegasystems’ provided

RuleSets, the RuleSet names usually begin with “Pega” or the “&,” “@” or “)” symbol.

“Scope of Use” means the licensed purpose, licensed metric and licensed volume of use for the Software specified in the

applicable Schedule.

“Service” means an integration facility that permits applications to call the Software for data or processing.

“Services” means professional services provided by Pegasystems pursuant to a Work Order for consulting, installation

support, and access to training courses.

“Schedule” or “Work Order” means, respectively, a signed agreement to receive a Subscription or purchase professional

services from Pegasystems. Schedules and Work Orders are referred to collectively as “Schedules”. Each

Schedule will be non-cancelable and non-refundable, except to the extent expressly provided in this Agreement or

such Schedule or under applicable law.

“Software” will mean the software listed in the applicable License Schedule which is made available to Customer in

machine readable, object code form, including any enhancements, updates, upgrades, modifications or other

releases provided to Customer pursuant to a paid maintenance agreement. The Software includes Pegasystems’

provided RuleSets.

“Software Documentation” consists of user manuals for the Software, which are provided to Customer in electronic

form at the time of delivery of the Software.

“Subscription Documentation” means the product help files, operating guides and support articles associated with the

Subscription service posted on the Pega Discovery Network (PDN).

“Subscription Month” means each applicable calendar month, or partial calendar month, in which the Subscription is

contracted to be provided during the Term set forth in the applicable Schedule.

“Term” is as defined in the applicable Schedule.

A “User” is a person who uses the Software in a particular month.

1. “A “Sporadic User” is a person that uses the Software during less than 10 hourly periods in a calendar

month.

2. An “Occasional User” is a person that uses the Software during between 10 and 50 hourly periods in a

calendar month.

3. Any person other than a Sporadic User or Occasional User that uses the Software in a calendar month, or

that has the privilege to modify rules or processes, is a “Regular User”.

Regular Users, Occasional Users and Sporadic Users will be the unit of measurement for work done by customer

staff. The number of Regular Users, Occasional Users and Sporadic Users will be measured each calendar month

based on their actual usage of the Software in that month. The Software tracks only actual use, so a person who

has a User ID but does not use the Software in a month will not be counted as a User for that month. Also, for the

avoidance of doubt, merely being “logged in” is not counted as actual use during inactive hours.


EXHIBIT 2

SUBSCRIPTION SERVICES

Pegasystems will provide the following Subscription services according to the licensed Environment(s) and Subscription

Documentation.

Pega Cloud Subscription Services

Service Standard Sandbox Large Sandbox Production Environment/

Production Mirror

Back-up D

aily Incremental

back Ups

W

eekly Full Backups

4

weeks retention

D

aily Incremental back Ups

W

eekly Full Backups

4 weeks retention

D

aily Incremental back ups

W

eekly Full Backups

4 weeks retention

N

ear-time data replication to

backup database*

Data Refresh M

ovement of data sets

between systems.

Includes uploading

sample data files for

population into

target systems.

M

ovement of data sets between

systems. Includes uploading


population into target systems.

M

ovement of data sets between

systems. Includes uploading


population into target systems.

Database

Management Assist in executing

DDL’s to create

custom tables and

indices

Client has read/write

access to database

Assist in executing DDL’s to

create custom tables and

indices

Provide database performance

statistics

Identify and implement

performance tuning changes

Assist in executing DDL’s to

create custom tables and

indices

Provide database performance

statistics

Identify and implement

performance tuning changes

Configuration

Management

C

lient owned

Moving Customer

Application configuration

between systems

Moving Customer Application

configuration between systems

Network Access Secure VPN IPSec

tunnel between the

Environment and

Client endpoint

HTTPS/HTTP

Secure VPN IPSec tunnel

between the Environment and

Client endpoint

HTTPS/HTTP Internet

gateway access

Secure VPN IPSec tunnel

between the Environment and

Client endpoint

HTTPS/HTTP Internet

gateway access


Internet gateway

access

Environment

Monitoring

Yes Yes Yes

Application

Monitoring

None Yes Yes

Load Balancing None Yes Yes

Host Virus

Protection

No Yes Yes

Access Controls Yes Yes Yes

Disk Encryption None Yes Yes

Firewall

Management

Yes Yes Yes

Vulnerability

Management

Yes Yes Yes

Server Timezone GMT GMT GMT

User Capacity 15 45 As licensed

Storage Capacity 50 GB 100 GB As licensed

* not included in Production Mirror Environment

EXHIBIT 3

SUBSCRIPTION SUPPORT AND SERVICE LEVELS

1. Subscription Support

Pegasystems will provide Customer Subscription support comprising problem resolution, updates, and Pega Discovery

Network access for the Subscription (together, “Pega Cloud Support”).

2. Pega Cloud Support

Subscription Support Services

Coverage 24x7x365

Service Desk

Support

Provide a single point of contact service desk for support of

the Subscription that may be contacted by contacting the

Service desk at:

Country Phone Number (Toll Free)


US +1 877-311-3244

Germany 800-187-3660

India 000-800-100-7124

Netherlands 800-023-2787

Spain 900-808562

Thailand 001-800-852-8376

United Kingdom 808-189-0002

Updated numbers can be found at: https://pdn.pega.com/pega-

cloud/pega-cloud-support.

Customer can also complete a webform at

https://pdn.pega.com/pega-cloud-support-desk

Pega Cloud Support

Pegasystems will repair errors or problems with the Subscription so that the Subscription operates in substantial

accordance with the Subscription Documentation. Pega Cloud Support includes:

Customer’s Designated Contacts: Customer will provide Pegasystems with up to 10 designated people who

may contract Pegasystems’ support (“Designated Contacts”). Customer may change these contacts upon written

notice to Pegasystems, and it is the responsibility of Customer to update the contacts (e.g., if one the designated

contact is no longer employed by Customer or authorized by Customer to contact Pegasystems’ support).

Telephone or Self-service Support: Pegasystems will accept service requests via telephone or webform notice

from the Designated Contacts only and will work with the Designated Contacts to provide relief and/or a

permanent solution to problems as well as to provide Pega Cloud Support as described in the table below.

Problem Resolution: Pegasystems will work to perform problem resolution as described in Table A and Table

B below:

Support Table A

Severity

Level

Severity Level Description

1

Severity 1 is used when the Subscription is down or otherwise unusable resulting

in massive disruption of use.

Pegasystems’ goal for providing initial relief (such as an alternative method to

restore system operations) for Severity 1 cases is within 4 hours. The timeframe

for providing a permanent resolution for Severity 1 issues is dependent upon the

specific situation, and is typically jointly determined by Customer and

Pegasystems’ support manager. Severity 1 cases are eligible for continuous effort

https://pdn.pega.com/pega-cloud-support-desk


by Pegasystems support personnel, provided that Customer’s resources are made

similarly available, until relief is provided.

2

Severity 2 is used with a moderate business exposure that prevents users from

performing work or significant portions of their work.

The time frame for providing a permanent resolution for Severity 2 issues is

dependent on the specific situation, and is typically jointly determined by the

Customer and Pegasystems’ support manager.

3

Severity 3 problems include those that involve the failure of a feature or function

which results in the Subscription not working as documented, creates low business

exposure and/or prevents or delays users from performing some tasks.

Severity 3 is Pegasystems' default severity, and is always used for new cases

unless otherwise requested by Customer.

4

Severity 4 problems create minimal business exposure with mild impact on users

performing tasks.

Severity 4 also covers general questions about Subscription usage/functionality,

and non-Subscription issues such as requests for support network web site access,

problems using the support network, or other issues that do not impact usability of

the Subscription.

Support Table B

Severity Definition Initial Response Time Target

Severity 1 15 minutes

Severity 2 1 hour

Severity 3 4 hours

Severity 4 8 hours

Pegasystems will not be responsible for resolving problems or errors caused by (a) Customer-provided software or

hardware outside of the underlying architecture and supporting systems of the Subscription, (b) unauthorized

modifications to the Subscription, (c) Customer Applications that are not Guardrail Compliant, or (d) Customer’s

failure to follow the operating procedures and development guardrails described in the Subscription Documentation. It

is out of scope of this agreement for Pegasystems to provide services that resolve or remediate problems, errors or

issues that cannot be reproduced under test conditions. Pegasystems may periodically notify Customer about technical

or performance issues in the Customer Application. Customer shall be responsible for adjusting the configuration of

the Customer Application to address such issues.

Subscription Updates


Subscription Updates support the evolution of the Software and Environments that support the Subscription.

They provide new functionality and enhancements within the functional domain of the Subscription. Updates

periodically consist of:

Software Updates: sets of modifications for published generally available Software releases.

Subscription Updates: updates to the underlying architecture and supporting systems of the Subscription.

Subscription Documentation Updates: reflect changes to the Subscription policies and documentation.

Critical Subscription Updates will be implemented by Pegasystems. Pegasystems will notify Customer of

the availability of non-critical Subscription Updates and Software Updates. These will be implemented

upon request of Customer.

Pega Discovery Network (“PDN”)

The PDN is the primary technical resource for Customer’s Software developers and system administrators. The

PDN contains a broad range of technical articles including troubleshooting and "How-To" information, a

comprehensive and searchable knowledgebase to help developers and system administrators speed their

application development, and a library of shared component examples, and copies of Subscription Documentation

and Help systems. The PDN also enables members to access Pegasystems’ on-line support resources in order to

submit defect reports and enhancement suggestions, and to review all issues associated with the user's PDN

account.

Service Level Agreement

Pegasystems will use commercially reasonable efforts to make the Subscription available with a Monthly Uptime

Percentage of 99.95% (the “SLA”), as calculated below. For the sake of clarification, the SLA applies to the

Production Environment only and does not apply to the Sandboxes nor to the Production Mirror Environment.

Scheduled Availability -- Unavailability x 100 = Monthly Uptime Percentage

Scheduled Availability

Where, “Scheduled Availability” means total number of such five-minute periods in the Subscription

Month during which the Production Environment was scheduled to be available, subject to sections 1(d)

and (e) of this Agreement. If the Production Environment was scheduled to be available for less than a

full calendar month, then the Subscription Month is still the preceding calendar month but any days in

such month prior to the commencement of available usage of the Production Environment will be deemed

to have been available, and

“Unavailability” means that the Production Environment was unresponsive during a five minute period,

and Pegasystems was unable to provide Customer access to a replacement Production Environment.

In the event the Monthly Uptime Percentage does not meet the SLA during a Subscription Month, Customer will

be eligible to receive a credit equal to 10% of the Subscription fees for such Subscription Month. Pegasystems

will apply any SLA credits against Subscription fees due under the applicable Schedule in future months. SLA

credits will not entitle Customer to any refund of fees paid for the Subscription nor for any credit against fees due


for any other software or services provided by Pegasystems. Customer’s sole and exclusive remedy for the

Subscription not meeting the SLA is the receipt of a SLA credit as described in this paragraph. Any

Unavailability that is the basis for a SLA credit cannot be the basis for a future claim. To receive a SLA credit,

Customer must submit a written request to Pegasystems that includes the dates and times of each incident of

Unavailability, within 30 days of the end of the Subscription Month in which the alleged Unavailability occurred.

If the Monthly Uptime Percentage is confirmed by Pegasystems not to have met the SLA, then Pegasystems will

issue the SLA credit to Customer within one billing cycle following the month in which the request is received.

EXHIBIT 4

SECURITY

Pegasystems will adhere to the following security practices, to the extent permitted by applicable law:

a. Access Control: Maintain access control measures restricting access to applications, data, and software to only

those entities that have a documented, current business need. Access to the controlled systems are locked down by

subnet, port, protocol, server, role, and User to allow only the access required for the business function.

b. Audit Controls: Implement audit control mechanisms to record, monitor, and examine system activity, including

data access activities.

c. Authorization Control: Implement a mechanism for controlling the authorization of individuals, organizations,

and roles to access applications, data, and software. Assure supervision of personnel performing technical

systems maintenance activities by authorized, knowledgeable persons. Work to train Users, including technical

maintenance personnel, in system security.

d. Data Authentication: Create audit trail providing corroboration that data has not been altered or destroyed in an

unauthorized manner at the infrastructure layer. The Customer is responsible for this at the application layer.

e. Entity Authentication for Instances provisioned: Implement entity authentication technologies, including

automatic logout and unique User identification through a password or equivalent system. Passwords or other

user tokens shall be required to follow robust, documented policy requirements including:

a. Periodic reset/renewal every 90 days or less (Password ageing)

b. Complexity and length requirements in the case of passwords

i. No dictionary words

ii. No dates

iii. Mixed character types (at least three of lowercase, uppercase, numerals, and punctuation)

c. Lockouts after six unsuccessful authentication attempts

f. Encryption at Rest: Encrypt sensitive data whenever stored on disk using 256-bit AES encryption (except in a

Development/Test Environment).


g. Encryption in Flight: Encrypt communications over a network containing sensitive data through TLS or a VPN

IPsec tunnel to client endpoint.

h. Audits and Policy Compliance: Upon written request, supply to the Customer documentation regarding the

following policy components:

a. Pega Cloud Services Written Information Security Program (WISP)

b. Pega Cloud Services Disaster Recovery & Business Continuity Plan

c. Customer’s Environment logs that are currently available

d. Executive summary of the security, data backup, and monitoring events for the Customer’s

Environment(s) that are currently available

i. Assigned Security Responsibility: Assign and document the assignment of security responsibility to a specific

individual or role within the service provider organization. This responsibility would include the management and

supervision of the use of security measures and the conduct of personnel.

Physical Security: Implement and document physical access controls (limited access) governing the service provider's

location(s) that are used to access the Customer Applications, data, and software.

terms and conditions for pegasystems …€™ products include its pega platform for business...

Documents