Automated Website Security Testing Pentest Blog

End User License Agreement

PLEASE CAREFULLY READ ALL THE TERMS AND CONDITIONS CONTAINED IN THIS END USER LICENSE AGREEMENT (”the Agreement“). BY CLICKING ”I Accept“ OR OTHERWISE PROCEEDING TO ACCESS OR USE THE AUTOMATED VULNERABILITY SCANNING SERVICE PROVIDED BY Ridge Security Technology Inc. (”Ridge Security“) AND/OR ITS RELATED SOFTWARE, DOCUMENTATIONS, MANUALS, REPORTS, AND/OR OTHER MATERIALS (COLLECTIVELY, the “PurpleRidge SecuritySM Service Platform”), YOU REPRESENT, GUARANTEE, PROMISE AND COVENANT THAT YOU ARE OR ARE ACTING ON BEHALF OF A “Permissible User” AS DEFINED BELOW IN THIS AGREEMENT, THAT YOU HAVE THE CAPACITY AND AUTHORITY TO BIND SUCH PERMISSIBLE USER TO THE TERMS AND CONDITIONS OF THIS AGREEMENT, THAT YOU HAVE READ, UNDERSTOOD AND ACCEPTED THIS WHOLE AGREEMENT ON BEHALF OF THE PERMISSIBLE USER, AND THAT THE PERMISSIBLE USER WILL BE BOUND BY THE TERMS AND CONDITIONS OF THIS AGREEMENT. IF YOU CANNOT OR WILL NOT MAKE THE ABOVE REPRESENTATION, GUARANTEE, PROMISE OR COVENANT, YOU MAY NOT CLICK “I Accept” AND MAY NOT OTHERWISE PROCEED TO ACCESS OR USE THE PURPLERIDGE SECURITYSM SERVICE PLATFORM. THIS AGREEMENT BECOMES EFFECTIVE BETWEEN RIDGE SECURITY AND THE PERMISSIBLE USER AS SOON AS YOU CLICK “I Accept” OR OTHERWISE PROCEED TO ACCESS OR USE THE PURPLERIDGE SECURITYSM SERVICE PLATFORM.

For the purposes of this Agreement, the Permissible User entering into this Agreement (the “Client”) and Ridge Security shall each herein be referred to as a “Party” and together as the “Parties.”

1. INTRODUCTION

Ridge Security developed the PurpleRidge SecuritySM Service Platform. Ridge Security owns all the rights in and to the PurpleRidge SecuritySM Service Platform. Ridge Security possesses intellectual property rights, including but not limited to copyrights (including neighboring rights), trademark rights and trade secret rights relating to the PurpleRidge SecuritySM Service Platform. The Client wishes to access and use the PurpleRidge SecuritySM Service Platform to carry out Covered Services (as defined below) on and against certain Designated Hosts (as defined below) subject to Service Parameters (as defined below), and both Parties wish to set forth their respective rights, duties, and obligations in connection therewith.

2. DEFINITIONS

For the purposes of this Agreement:

A “Covered User” is either (i) an individual who, at the effective time of this Agreement, is domiciled in one of the Covered Countries, has reached the age of twenty-one (21), and possesses the legal capacity to enter into binding contracts; (ii) a commercial establishment organized under the laws of one of the Covered Countries and operating exclusively from business locations inside the Covered Countries; (iii) an organization organized under the laws of the United States of America and operating exclusively from locations inside the Covered Countries and exempt from federal income taxes under Section 501(c)(3) of the Internal Revenue Code of the United States of America; or (iv) a charity organized under the laws of Canada and operating exclusively from locations inside the Covered Countries and registered with the Canada Revenue Agency.

“Covered Countries” mean: (i) the United States of America (including the U.S. Territories) and (ii) Canada.

“Covered Services” means simulated attacks on and against certain computer systems with the objective of discovering potential vulnerabilities present in such computer systems, where such simulated attacks may take the forms of, inter alia, bypassing security mechanisms present in such computer systems, disabling security mechanisms present in such computer systems, and accessing parts of such computer systems normally inaccessible to unauthorized persons.

The “Designated Hosts” by a Permissible User for an instance of Covered Services are such computer systems, each sufficiently identified by one or more domain names and/or one or more IP addresses, that the Permissible User has identified, prior to entering into this Agreement, to Ridge Security as the only and exclusive hosts on and against which such instance of Covered Services is to be carried out.

A “Disqualified Host” is (i) a computer system that is identifiable with a domain name having a Disqualifying Top-Level Domain, (ii) a computer system that is identifiable with multiple domain names where at least one such host name has a Disqualifying Top-Level Domain, or (iii) a computer system at least a part of which is physically located outside the Covered Countries.

A “Disqualifying Top-Level Domain” is any one of the following generic top-level domains: edu, gov, mil.

A “Forbidden Person” is a Person that (i) is designated under any sanction program, including but not limited to sanction programs administered by the Office of Foreign Asset Control of the Treasury Department of the United States of America, such that a U.S. person would be prohibited to have any dealing with, or is controlled by any one or more of such designated persons; or (ii) is listed on the Entity List, Denied Persons List, or Unverified List maintained by the Bureau of Industry and Security of the Department of Commerce of the United States of America.

An “Interested Third Party” with regards to any Designated Host is any Person that (i) is not affiliated with the Permissible User identifying such Designated Host; and (ii) has a cognizable property interest in such Designated Host (including any physical item that is directly or indirectly attached to such Designated Host) or in software accessible from such Designated Host. By way of example, if a Permissible User obtains access to the computer hardware underlying a Designated Host through a “cloud transaction” within the meaning of Proposed Treasury Regulation &mdash 1.861-19(b), 84 FR 40317 (August 14, 2019), then the provider of such computer hardware would be an “Interested Third Party” with regards to such Designated Host. The example in the immediately preceding sentence is intended as one specific example only and is not intended to cover all the possible situations where Interested Third Parties may exist with regards to a Designated Host.

An “Other Restricted Person” is (i) a governmental official, or a close relative of a governmental official; (ii) a military personnel; (iii) an intelligence personnel; (iv) a governmental organization, or a branch thereof; or (v) a military or intelligence organization, or a branch thereof.

A “Permissible User” is a Covered User that has submitted to Ridge Security a satisfactory (as determined by Ridge Security in its sole and absolute discretion) Proof of Technical Responsibility regarding the Designated Hosts.

A “Person” is either a natural person, a business entity, or a not-for-profit entity.

A “Proof of Technical Responsibility” for certain Designated Hosts is such collection of records (physical or electronic) submitted by a Covered User to Ridge Security as reasonably evidencing that the Covered User is responsible for the technical maintenance of the Designated Hosts at the time when the Covered Services are to take place on and against such Designated Hosts.

The “Service Parameters” for an instance of Covered Services on and against certain Designated Hosts mean a set of parameters, including but not limited to service scheduling, service duration, simulated attack intensity, penetration level, specific limitations on service (such as ports and/or directories explicitly excluded from service), etc., that the Permissible User has communicated to Ridge Security with sufficient details and clarity so as to put Ridge Security on actual notice that such instance of Covered Services is to be carried out subject to such set of parameters.

3. CLIENT GUARANTEES

3.1 The Client, by entering into this Agreement, represents, warrants and guarantees to Ridge Security:

(a) that it has the legal capacity to enter into this Agreement and there is no agreement or contract of any kind that would prevent it from entering into or performing under this Agreement;

(b) that it is not a Forbidden Person or an Other Restricted Person;

(c) that it understands that the Covered Services, if conducted without proper authorization, may constitute acts punishable under, inter alia, Computer Fraud and Abuse Act, 18 U.S.C. &mdash1030 et seq., Section 502(c) of California Penal Code, and/or Section 430 of Criminal Code of Canada;

(d) that it further understands that the Covered Services, even when conducted properly with full professional care, may cause temporary and/or permanent damages to the Designated Hosts, with severity ranging from imperceptible deterioration of performance to complete loss of functionality or even more;

(e) that it either has the proper authority to authorize the Covered Services (as subject to the Service Parameters) on and against the Designated Hosts and does knowingly and explicitly authorize so, or has obtained proper authorization from all necessary parties for the Covered Services (as subject to the Service Parameters) to legally take place on and against the Designated Hosts;

(f) that either there is no Interested Third Party with regards to the Designated Hosts, or, if there are such Interested Third Parties, it has properly notified each and every one of the Interested Third Parties in sufficient detail about the Covered Services (as subject to the Service Parameters) about to take place on and against the Designated Hosts, and has further obtained all proper authorization, consent and/or waiver, as appropriate, from each and every one of the Interested Third Parties so as to allow the Covered Services (as subject to the Service Parameters) to legally take place on and against the Designated Hosts;

(g) that it knowingly and explicitly assumes all risks in the Covered Services on and against the Designated Hosts, even if such risk may be reasonably foreseeable by Ridge Security at the time of the Covered Services;

(h) that there is no Disqualified Host in the Designated Hosts; and

(i) that the Proof of Technical Responsibility and the Service Parameters that it has furnished to Ridge Security prior to entering into this Agreement are accurate, truthful and complete.

3.2 Ridge Security is entering into this Agreement with the Client in reliance on the above representations, warranties and guarantees made by the Client. Any error, omission or inaccuracy in the above representations, warranties and guarantees made by the Client, regardless of scienter, is a material breach of this Agreement by the Client.

3.3 Ridge Security reserves the right, at any time before, during or within one (1) calendar year next from any instance of the Covered Services, to request the Client to submit documentation evidencing the truthfulness and/or comprehensiveness of the representations, warranties and guarantees made by the Client in Section 3.1 supra. In particular and without limitation to Ridge Security‘s rights under this Section 3.3 or elsewhere under this Agreement or applicable laws, Ridge Security may request the Client to submit proofs of authorizations from Interested Third Parties.

4. SERVICES

4.1 Ridge Security hereby grants the Client a personal, nonsublicensable, nonexclusive, nontransferable, limited license, solely during the scheduled service time(s) as specified in the Service Parameters, to access and use the PurpleRidge SecuritySM Service Platform over the internet, solely for the Client’s internal business purposes, and solely to carry out an instance of the Covered Services (as subject to the Service Parameters) on and against the Designated Hosts.

4.2 If Ridge Security knows or reasonably believes that certain Designated Hosts are or have become Disqualified Hosts, Ridge Security may, without derogation or limitation on its rights and remedies under this Agreement and under Applicable Laws, at any time before the actual end time of the instance of the Covered Services, place such limitations on the Client’s access and use of the PurpleRidge SecuritySM Service Platform so as to exclude such Disqualified Hosts from the instance of the Covered Services.

4.3 If Ridge Security knows or reasonably believes that any representation, warranty, or guarantee contained in Section 3.1 above is or has become erroneous, incomplete or inaccurate, Ridge Security may, without derogation or limitation on its rights and remedies under this Agreement and under Applicable Laws, immediately disable and deny the Client’s access and use of the PurpleRidge SecuritySM Service Platform.

4.4 The Client shall, by its own personnel and without active involvement from Ridge Security, through the access and use of the PurpleRidge SecuritySM Service Platform granted under Section 4.1 above, conduct the instance of the Covered Services (as subject to the Service Parameters) on and against the Designated Hosts.

4.5 Upon the end of the instance of the Covered Services, the license granted under Section 4.1 shall immediately and automatically expire and the Client shall no longer have access and use the PurpleRidge SecuritySM Service Platform under this Agreement.

4.6 Upon the end of the instance of the Covered Services, Ridge Security shall, at no cost to the Client, make available to the Client a copy of a preliminary report associated with the instance of the Covered Services. Such preliminary report shall contain sufficient information to associate itself with the instance of the Covered Services but is not required to contain any more information beyond that. Ridge Security grants to the Client a perpetual, personal, nonsublicensable, nonexclusive, nontransferable, limited license, to access, use, replicate, and distribute such preliminary report, solely for the Client’s internal business purposes.

4.7 Upon the end of the instance of the Covered Services, Ridge Security shall preserve one or more detailed reports associated with the instance of the Covered Services for a time period of no shorter than one (1) calendar month and furnish the Client with a schedule of order prices and a means to order such detailed reports during such time period. If the Client chooses to order one or more of such detailed reports, upon receipt of the corresponding order payment Ridge Security shall make such ordered reports available to the Client, and grant to the Client a perpetual, personal, nonsublicensable, nonexclusive, nontransferable, limited license, to access, use, replicate, and distribute such ordered reports, solely for the Client’s internal business purposes.

4.8 If the Client wishes to modify the list of Designated Hosts or change the Service Parameters before the actual start time of the instance of the Covered Services, the Client shall timely make a request to Ridge Security, and Ridge Security may, at its sole and absolute discretion, (i) reject such request and withdraw the license granted under Section 4.1 above, (ii) reject such request and notify the Client that the instance of the Covered Services shall be limited to the original Designated Hosts and subject to the original Service Parameters, or (iii) adjust the list of Designated Hosts and/or the Service Parameters with considerations taken of the Client’s request but without deference to such request, and notify the Client of the adjusted Designated Hosts and/or the adjusted Service Parameters. Furthermore, any such request actually received by Ridge Security after the actual start time of the instance of the Covered Services shall be null and void.

5. PAYMENTS

5.1 Ridge Security is not requiring any monetary payment for the grant of the license described in Section 4.1 above, the Parties agree that the mutual promises, representations, warranties, guarantees and covenants exchanged are sufficient consideration for this Agreement.

5.2 Any payments made by the Client for the reports described in Section 4.7 above shall be made in accordance with the terms and conditions set forth in the corresponding order forms made available to the Client by Ridge Security.

6. INTELLECTUAL PROPERTY

6.1 This Agreement does not constitute and is not intended to constitute any transfer or licensing of any intellectual property, including but not limited to copyrights, neighboring rights, patent rights, rights in trademarks, service marks, trade dresses, signs, names, and designs, and trade secret rights, from Ridge Security to Client.

6.2 To the extent necessary for performing the Covered Services, Client grants Ridge Security a non-exclusive, non-transferable, non-sublicensable right, for the duration of the instance of the Covered Services, to access such system, data and records owned and/or controlled by Client as necessarily required to enable the performance of the instance of the Covered Services.

6.3 The intellectual property rights embodied in any and all data and/or reports generated as the result of the PurpleRidge SecuritySM Services shall vest solely and absolutely in Ridge Security ab initio.

7. TERMINATION

7.1. If either Party (the “non-breaching party”) believes the other Party (the “breaching party”) is in material breach of any obligations hereunder, the non-breaching party shall have the right to terminate this Agreement by providing the breaching party with written notice specifying the material breach(es) and indicating clearly its intention to terminate the Agreement after the breaching party receives such notice. If the breaching party cures such breach within calendar days (the “cure period”), the non-breaching party’s notice shall be void. If the breaching party does not cure such breach within such cure period, the Agreement shall terminate at the end of such cure period.

7.2. This Agreement may also be terminated as elsewhere expressly stipulated in this Agreement.

7.3. This Agreement shall, if not otherwise terminated earlier, expire at the time when Ridge Security no longer preserves the detailed reports associated with the instance of the Covered Services.

7.4. Unless otherwise provided specifically in (a) this Agreement or (b) a separate written document signed by both parties, upon termination or expiration of this Agreement, the Parties shall each be released from their obligations hereunder, and this Agreement shall have no further force or effect; provided, however, that Sections 6, 8, 9, and 10 shall survive termination and/or expiration of this Agreement.

8. CONFIDENTIALITY

8.1. Client acknowledges and agrees that the PurpleRidge SecuritySM Service Platform was developed at considerable time and expense by Ridge Security and contains valuable trade secrets and confidential information of Ridge Security. Accordingly, Client agrees to maintain the confidentiality of any proprietary information received by Client during, or prior to entering into, this Agreement, including, without limitation, the PurpleRidge SecuritySM Service Platform and any know-how disclosed by Ridge Security, trade secrets and other proprietary information, that Client should know is confidential or proprietary based on the circumstances surrounding the disclosure, including, without limitation, non-public technical and business information and all other information obtained during the course of this Agreement as permitted hereunder (“Confidential Information”). The restriction herein shall not apply to the extent that such information is in the public domain or hereafter falls into the public domain through no fault of Client. Client agrees not to use said Confidential Information for any purpose except as necessary to fulfill the Client obligations and exercise Client’s rights under this Agreement. Client shall protect the secrecy of and avoid disclosure and unauthorized use of Ridge Security’s Confidential Information to the same degree that it takes to protect Client’s own confidential information and in no event less than reasonable care. The confidentiality obligation of Client shall survive the termination of this Agreement and shall last, with regards to any piece of Confidential Information, until such piece of Confidential Information falls into the public domain through no fault of Client.

8.2 Client acknowledges that disclosure of Confidential Information in violation of the confidentiality obligations under this Agreement will cause irreparable damage to Ridge Security and that remedies at law may be inadequate to address such damage, and therefore Ridge Security may, without derogation or impairment to its other rights under this Agreement and/or under Applicable Laws, seek injunctive and/or other equitable remedies against such disclosure.

8.3 Client may not conduct any publicity event with regards to the Covered Services without prior written approval from Ridge Security. Ridge Security may identify or otherwise refer to Client as a user of the PurpleRidge SecuritySM Service Platform and the Covered Services in its advertising materials unless Client expressly requests Ridge Security not to make such identification of or reference to Client in such materials.

9. DISCLAIMER AND LIMITATION ON LIABILITY

9.1 WITHOUT DEROGATING FROM ANY OF ITS RIGHTS AND REMEDIES UNDER THIS AGREEMENT AND UNDER APPLICABLE LAWS, RIDGE SECURITY DISCLAIMS ANY AND ALL WARRANTIES, REPRESENTATIONS, AND CONDITIONS RELATING TO THE PURPLERIDGE SECURITYSM SERVICE PLATFORM OR TO THE COVERED SERVICES, WHETHER EXPRESS, IMPLIED OR ARISING BY CUSTOM OR TRADE USAGE, OR FROM A COURSE OF DEALING INCLUDING, BUT NOT LIMITED TO, ANY REPRESENTATION, WARRANTY, OR CONDITION OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NON-INFRINGEMENT. NO INFORMATION OR ADVICE GIVEN BY RIDGE SECURITY OR ITS AGENTS, EMPLOYEES, OR REPRESENTATIVES, WHETHER ORAL OR WRITTEN, SHALL CREATE ANY REPRESENTATION OR WARRANTY.

9.2 Client understands that the Covered Services do not constitute any guarantee or assurance that security of Client’s systems, networks and assets cannot be breached or are not at risk. Client understands that performance of the Covered Services only constitutes an assessment, as of a particular date.

9.3 Client agrees to defend, indemnify and hold Ridge Security, its affiliates, and its officers, directors, employees, members, agents, successors and assigns harmless from any and all claims asserted against Ridge Security by a third party to the extent that such claim or claims result from or arise out of the Covered Services. Notwithstanding the foregoing, this indemnification and hold harmless provision shall not apply to the extent that any claim asserted against Ridge Security is based upon any willfully wrong act or omission of Ridge Security, its employees, or agents that is the direct cause of the claim.

9.4 IN NO EVENT SHALL RIDGE SECURITY OR ANYONE ON ITS BEHALF BE LIABLE FOR ANY INDIRECT, CONSEQUENTIAL, INCIDENTAL, SPECIAL OR PUNITIVE DAMAGES OF ANY KIND, INCLUDING WITHOUT LIMITATION DAMAGES FOR LOSS OF BUSINESS OR PROFITS, BUSINESS INTERRUPTION, LOSS OF BUSINESS INFORMATION OR LOSS OR DAMAGES TO GOODWILL, IN CONNECTION WITH THIS AGREEMENT REGARDLESS OF THE CAUSE AND WHETHER ARISING IN CONTRACT (INCLUDING FUNDAMENTAL BREACH), TORT (INCLUDING NEGLIGENCE), OR OTHERWISE, EVEN IF RIDGE SECURITY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES OR LOSS. NOTWITHSTANDING ANYTHING TO THE CONTRARY HEREIN, UNDER NO CIRCUMSTANCES WILL RIDGE SECURITY’S TOTAL AND AGGREGATE LIABILITY TO CLIENT FROM ALL CAUSES OF ACTION OF ANY KIND, INCLUDING WITHOUT LIMITATION CONTRACT, TORT, NEGLIGENCE, STRICT LIABILITY, BREACH OF WARRANTY, OR OTHERWISE, ARISING OUT OF OR RELATED TO THIS AGREEMENT, EXCEED THE TOTAL COMPENSATION AMOUNT, AS CHANGED IF APPLICABLE, UNDER THIS AGREEMENT.

10. DATA CONFIDENTIALITY

10.1 Ridge Security treats all data that (i) the Client submits to Ridge Security prior to the start of, during the course of and/or after the instance of the Covered Services as required under this Agreement to establish such instance of the Covered Services, including but not limited to the Proof of Technical Responsibility, the Service Parameters, and/or the documentations referred to in Section 3.3 supra, (ii) the PurpleRidge SecuritySM Service Platform collects during from the Designated Hosts during the course of the instance of the Covered Services; and (iii) the PurpleRidge SecuritySM Service Platform generates in connection with the instance of the Covered Services (collectively, the “Client Data”, and individually, “Category 1 Client Data”, “Category 2 Client Data”, and “Category 3 Client Data”) as confidential data, and uses the same care that Ridge Security will treat its own sensitive business data to handle the Client Data.

10.2 Ridge Security promises, warrants and covenants not to disclose any Client Data to any third party without prior written instruction from the Client, except:

(a) to Ridge Security’s principals, officers, employees, contractors, agents, affiliates, attorneys, accountants and/or other associated personnel for the purposes of (and to the necessary extent required by) carrying out its obligations under this Agreement and/or asserting or defending its rights under this Agreement; or

(b) when required by applicable law or regulation, provided that Ridge Security will first make a reasonable effort to notify the Client of the request and to limit the disclosure to the minimum extent required by the law or regulation.

10.3 Ridge Security will preserve the Category 2 and 3 Client Data associated with any instance of Covered Services for at least the same time period as specified in Section 4.7 supra, unless the Client requested the deletion of such data earlier in accordance with the provisions of Section 10.4 infra.

10.4 The Client may at any time request Ridge Security to delete the Category 2 and 3 Client Data associated with any instance of Covered Services through written communication to Ridge Security reasonably identifying such instance. Upon receipt of the request, unless the data has already been deleted, Ridge Security will, within two (2) weeks, reach out to the Client to verify the request, and upon such verification, Ridge Security will, within three (3) calendar days, delete such data. If the data has already been deleted at the time of Ridge Security’s receipt of the request, Ridge Security will, within two (2) weeks, reach out to the Client to verify the request, and upon such verification, notify the Client of the deletion.

10.5 Ridge Security will preserve the Category 1 Client Data associated with any instance of Covered Services for at least five (5) years next from such instance, and the Client may not request Ridge Security to delete such Category 1 Client Data.

10.6 In the case of any data breach affecting any Client Data, Ridge Security will, within three (3) calendar days of the discovery of such breach, notify the affected Clients of the occurrence and the extent of the breach.

10.7 The submission of any data other than Client Data from any person associated with the Client to Ridge Security through the web site (including but not limited to the payment data for the payment specified in Section 4.7 supra) and the collection, use, and retention of such data by Ridge Security, are governed by the Privacy Policy posted at http://purpleridge.ai/privacy-policy.

11. GENERAL

11.1 No agency, partnership, joint venture or employment relationship is or shall be created by virtue of this Agreement. Ridge Security is enabling the Client’s performance of the Covered Services as an independent contractor, and not as an employee, agent, partner of, or joint venture with Client. Neither Party has any authority to bind or act on behalf of the other except as specifically stated herein.

11.2 Ridge Security may perform all obligations to be performed under this Agreement directly or may have some or all obligations performed by its affiliates, contractors or subcontractors.

11.3 This Agreement is personal to Client and Client may not assign any of its rights and/or obligations to any third party without Ridge Security’s prior written agreement.

11.4 Each of the Parties represents and warrants to the other Party that it will comply with all laws, rules and regulations applicable to this Agreement (“Applicable Laws”), including, but not limited to, applicable privacy and security regulations. Failure by either Party to comply with any Applicable Laws shall be considered a material breach of this Agreement.

11.5 It is understood and agreed by the Parties that Ridge Security shall not enable the performance of the Covered Services such that the performance of the Covered Services will constitute a violation of export control and/or sanction programs administrated by the United States. In the event that Ridge Security becomes aware that the performance of the Covered Services will constitute such a violation, Ridge Security may terminate this Agreement immediately without any liability to Client.

11.6 The failure of either Party to exercise or enforce any right conferred upon it hereunder shall not be a waiver of any such right and shall not prevent the exercise or performance thereof at any time or times thereafter; nor shall a waiver of any right hereunder at any given time, including rights to any payments, be deemed a waiver thereof for any other time.

11.7 No Party to this Agreement shall be liable for failure to perform any duty or obligation that such Party may have under this Agreement where such failure has been occasioned by any act of God, fire, strike, inevitable accident, war or any cause outside the reasonable control of the Party who had the duty to perform; provided, however, that the non- performing Party shall give prompt notice to the other Party of the reason for its non- performance and its reasonable best estimate of when performance would begin again. The non-performing Party shall promptly begin to perform again after the intervening event has concluded.

11.8 If any provision of this Agreement is held to be illegal, invalid, or unenforceable by a court of competent jurisdiction, the Parties shall, if possible, agree on a legal, valid and enforceable substitute provision which is as similar in effect to the deleted provision as possible. The remaining portion of this Agreement not declared illegal, invalid or unenforceable shall, in any event, remain valid and effective for the term remaining unless the provision found illegal, invalid or unenforceable goes to the essence of this Agreement.

11.9 This Agreement shall be governed by, interpreted and enforced in accordance with the laws of the State of California, without regard to its conflict of law principles. All actions, suits or proceedings under or related to this Agreement shall be adjudicated in the courts of Santa Clara, California, and the Parties hereby irrevocably consent to the exclusive jurisdiction and venue of such courts.

11.10 Both Parties hereby irrevocably waive, to the fullest extent permitted by law, all right to trial by jury in any action, proceeding or counterclaim (whether in contract, statute, tort (including negligence) or otherwise) relating to or arising from this Agreement.

11.11 All notices permitted or required hereunder shall be in writing and shall be sent by facsimile, or personal delivery at the facsimile number, or address as either Party may specify. Notices sent to Ridge Security shall be addressed to Ridge Security Inc. 1601 McCarthy Blvd, Milpitas, CA and to Client’s address as provided by it, or to the address otherwise designated from time to time in writing by the Parties. Any notices provided will be deemed as being received on the date of transmission of facsimile, e-mail, or personal delivery unless given outside normal business hours in which case such notice shall be deemed as being given on the next business day, provided that if any such notice fails to reach Client because the information provided by it or on its behalf to Ridge Security is not accurate or up to date, notice shall be deemed sufficiently delivered on the date it was sent.

11.12 This Agreement contains the entire understanding between the Parties hereto with respect to the subject matter hereof and supersedes any and all prior agreements, understandings and arrangements between the Parties relating to the subject matter hereof. No amendment, change, modification or alteration of the terms and conditions hereof shall be binding unless set forth in written form and signed by all the Parties hereto.

Should Client have any questions concerning this Agreement, or if Client desires to contact Ridge Security for any reason, please direct all correspondence to PurpleRidge Support (support@purpleridge.ai).



Advance to Registration