Download this document
Read this agreement if you are a service provider or prospective service provider.
SOPHOS MANAGED SERVICE PROVIDER LICENCE AGREEMENT
for Sophos Mobile Control
DATED [month/____/year]
BETWEEN
(1) SOPHOS LIMITED, (Company Number: 02096520), incorporated in England and Wales whose registered office is at The Pentagon, Abingdon Science Park, Abingdon, Oxon OX14 3YP, United Kingdom (“Sophos” as further defined below); and
(2) [ ], (Company number: [ ]), incorporated in [ ] whose registered office is at [ ] (“MSP” as further defined below) [to be completed]
1. DEFINITIONS
‘Agreement’ means this Sophos Managed Service Provider License Agreement and the Schedule and Appendices.
‘Appliance’ means the Sophos product described in the Schedule, which consists of the Hardware together with the Licensed Product(s) and included third party software.
‘Beneficiary’ means the third party organisation for whom MSP is providing managed services in accordance with an agreement and such organisation shall consist of not more than the number of Users specified in the Schedule.
‘Beneficiary’s Internal Business Purpose’ means the internal business purpose of a Beneficiary relating specifically to the integrity of the systems, networks, documents, emails and other data of such Beneficiary.
‘Computer’ means where the Licensed Product is deployed, including non-persistent deployments using web agent technology, such as ActiveX: (i) on or called by an email server, computers that are capable of receiving mail from that server; (ii) on or called by an internet proxy or other gateway device, computers that are capable of connecting to that proxy; (iii) on a database, computers that are capable of retrieving data from that database; (iv) in any other manner to scan data, computers, workstations or other electronic devices that are capable of retrieving that data; (v) on or called by a virtual machine running an operating system, each concurrently operating virtual machine, and (vi) on or called by a computer other than a Server, a computer.
‘Credentials’ means a system to restrict access including usernames and passwords containing as a minimum 6 characters and a mixture of numbers and letters.
‘Expiry Date’ means such date as may be set out in the Schedule.
‘Fee’ means the Licensed Products Fee, the Hardware Fee and the Support Fee (if applicable).
‘Hardware’ means the Sophos Appliance hardware itself, together with any related components (including but not limited to FRU, ship kits and rack mount kits).
‘Hardware Fee’ means the sums payable by MSP in consideration of the transfer to MSP of title to the Hardware in accordance with the terms and conditions set forth herein.
‘Licence Term’ means the licence term set out in Clause 3.2 of this Managed Service Provider Licence Agreement.
‘Licensed Products’ means all or each (as the context so allows) of those software programs which are listed on the Schedule, or if so no such programs are listed on the Schedule, all software programs which are installed on the Hardware, together with the Documentation and any of the Upgrades and Updates to those programs.
‘Licensed Products Fee’ means the sums payable by MSP in respect of a licence to use the Licensed Products for the Licence Term as set out in Appendix 1.
‘Maintenance’ means collectively Upgrades and/or Updates (where applicable to the Product), and standard technical support or enhanced technical support for MSP if MSP has paid a Support Fee.
‘Maintenance Term’ means the Maintenance term set out in Clause 4 of this Agreement.
‘RMA’ means return material authorisation, in relation to the Appliance and/or Hardware, as more fully described in Clause 5.3 of this Agreement.
‘Media’ means objects on which data can be stored including without limitation CD-ROMs, tapes and floppy disks or other media containing the Software provided to MSP by Sophos.
‘MSP’ means the organisation listed above which provides managed services to Beneficiaries.
‘Product’ means the Licensed Products and Media and/or Hardware as applicable.
‘Schedule’ means the licence schedule(s) provided to MSP by Sophos from time to time which set out certain details in relation to MSP and Beneficiary’s use of the Products and which forms part of this Managed Service Provider Licence Agreement.
‘Server’ means a Computer upon which the Licensed Product is installed AND from which other Computers receive or retrieve data PROVIDED THAT a Computer is not a Server where it is a single Computer from which other Computers receive or retrieve data AND such data is solely generated by the Licensed Product.
‘Server Licence’ means the maximum number of Server processors (if any) that are permitted under the Schedule to run the Licensed Product at any time.
‘Software’ means any program or data file supplied to MSP by Sophos or its resellers, distributors or dealers, including any Upgrades, and Updates supplied to MSP.
‘Sophos’ means Sophos Limited and its subsidiaries, or, as the context so applies, any of them.
‘Start Date’ means such date as may be set out in the Schedule.
‘Suggestions’ has the definition set out in Clause 6.2.
‘Support Fee’ means the sums payable by MSP in consideration of the provision by Sophos of enhanced support services as set out in Appendix 1, if applicable.
‘Update’ means an update to the library of rules and/or identities made available to MSP by Sophos; and/or other updates to the software filters, including but not limited to an update to the IP address reputation libraries made available to MSP by Sophos.
‘Upgrade’ means any enhancement or improvement to the functionality of the Product (excluding Updates) made available to MSP by Sophos at its sole discretion from time to time but excluding any software and/or updates marketed and licensed by Sophos as a new product or bundle where such new product or bundle is provided to Sophos’s customers generally for a separate Fee.
‘User’ means an employee, consultant or other individual who uses a Computer which benefits from the Product licensed to MSP for the Beneficiary’s Internal Business Purpose whether engaged by MSP, the Beneficiary or otherwise and ‘Users’ shall be construed accordingly.
‘User Licences’ means the maximum number of Users, or Computers (if applicable in accordance with the licence exception set forth in Clause 3.3.1), as specified in the Schedule that are permitted to benefit from the Products.
2. COPYRIGHT AND OWNERSHIP
2.1 Hardware. Sophos retains title to the Hardware until such time as any evaluation period described in Clause 3.1 (if applicable) expires and MSP pay the Hardware Fee. Unless and until MSP has paid the Hardware Fee, MSP agrees to keep the Hardware free and clear of all claims, liens, and encumbrances except those of Sophos, and any act by MSP, either voluntary or involuntary, purporting to create a claim, lien or encumbrance on the Appliance shall be void. Once MSP has paid the Hardware Fee, title to the Hardware shall pass to MSP. Risk of loss passes to MSP upon shipment of the Appliance to MSP. Insurance, if any, covering the Appliance shall be MSP’s responsibility.
2.1.2 Sophos and any third party suppliers shall retain any and all intellectual property rights in the Hardware.
2.1.3 MSP acknowledges that the Appliance is sold hereunder solely as the medium for delivery and operation of the Licensed Products and, unless otherwise agreed by the parties in writing, Sophos at its option may provide Hardware that is either new or refurbished.
2.2 Software. In accordance with Section 2.1, MSP owns only the Hardware on which the Software is installed. MSP does not own the Software itself. The Software is the exclusive property of Sophos and its licensors. The Software and the Documentation including all know-how, concepts, logic and specifications are proprietary products of Sophos and its licensors and are protected throughout the world by copyright and other intellectual property rights.
2.3 Modifications. MSP hereby acknowledges and agrees that the right, title and interest in any modifications made by MSP to the Software or Documentation, as provided for below, is retained by Sophos.
2.4 Logos and Trademarks. No licence, right or interest in Sophos’s logos, or trademarks is granted to MSP under this Agreement and MSP hereby agrees not to remove any product identification or notices of proprietary restrictions.
3. RIGHTS AND RESTRICTIONS
3.1 Evaluation. Where agreed in writing by Sophos or an authorised representative, MSP may use the Software for evaluation purposes only in a test environment without payment of a fee for a maximum of 30 days or such other duration as is specified by Sophos at its sole discretion. The Software is provided “AS IS” during such evaluation period and Clauses 3.3 and 5 below do not apply to such evaluation.
3.2 Licence Term. [This Agreement is effective from the Start Date and shall remain in force either until the Expiry Date specified in the Schedule or, upon renewal of MSP’s licence, (and if no such date is specified, this Agreement shall continue in perpetuity although MSP’s right to use the Products is dependant upon Sophos’s receipt of the Licensed Products Fee) or until terminated as provided in Clause 10 below, whichever is the sooner. If MSP wants to renew MSP’s licence MSP should contact Sophos or MSP’s reseller, distributor or dealer, as applicable] or [The term of this Agreement shall begin on the Start Date and continue for an initial period of one (1) year, unless terminated earlier pursuant to the terms of this Agreement. Thereafter this Agreement shall automatically renew for additional periods of one (1) year, unless and until either party terminates Agreement on no less than ninety (90) days written notice, such notice to expire on an anniversary of the Start Date.] [delete option as applicable – amend initial period as applicable] MSP’s obligations under this Agreement in respect of the intellectual property and confidential information of Sophos shall survive any expiry or termination of this Licence Agreement.
3.3 Rights. In consideration of the payment of the Fee by MSP and MSP meeting the obligations set forth in Section 12.1, Sophos hereby grants to MSP a non-exclusive right solely to sub-licence use of the Products to Beneficiaries, to use the Products solely as part of MSP’s provision of managed services to Beneficiaries in the Territory and to receive the Maintenance for the Licence Term subject to the terms and conditions contained within this Agreement. MSP is permitted to:
3.3.1 use the Products for the Beneficiary’s Internal Business Purpose. The number of Users for which MSP and Beneficiaries may use the Products for Beneficiary’s Internal Business Purpose must not exceed the number of User Licences.
NOTWITHSTANDING THE FOREGOING, IF THE BENEFICIARY IS AN EDUCATIONAL, HEALTH OR GOVERNMENT ENTITY, THE RESTRICTION ON THE NUMBER OF USERS DOES NOT APPLY. INSTEAD, THE FOLLOWING RESTRICTION SHALL APPLY: THE NUMBER OF COMPUTERS WHICH BENEFIT FROM THE PRODUCTS FOR THAT SPECIFIC BENEFICIARY’S INTERNAL BUSINESS PURPOSE MUST NOT EXCEED THE NUMBER OF USER LICENCES.
MSP is wholly responsible for the compliance by the Beneficiary and Users with this Agreement and shall ensure that MSP’s contract with the Beneficiary provides not less than a reasonable level of protection to Sophos and the Software. It is expressly acknowledged that the MSP may transfer licences between Beneficiaries provided that Sophos is notified in the MSP’s report of any such transfer;
[3.3.2 for software-only Licensed Products, allow each of the Beneficiary’s employees to use the Licensed Products at home on a single workstation provided that MSP shall be responsible for all support associated with those licenses and the distribution of Upgrades and Updates. The number of the Beneficiary’s employees MSP may allow to use the Licensed Products at home must not exceed the number of User Licences (NOTE: CLAUSE NOT APPLICABLE TO MSP IN RELATION TO THE SOPHOS CLIENT FIREWALL OR A LICENSED PRODUCT WHICH FORMS PART OF THE SOPHOS SMALL BUSINESS SOLUTIONS PRODUCT SET);][can remove locally – update section numbers highlighted below if removed]
3.3.4 for software-only Licensed Products, except as provided in Clause 3.3.5 below, which relates only to the Documentation, make one copy of the Licensed Products or any part thereof for backup purposes provided that MSP reproduces Sophos’s proprietary notices on any such backup copy of the Licensed Products. Such restriction shall not prevent MSP or Beneficiary from backing up or archiving Beneficiary’s data;
3.3.5 use, copy, reproduce in whole or in part, adapt and modify the Documentation for Beneficiary’s Internal Business Purpose only.
3.4 Restrictions. MSP is NOT permitted to:
3.4.1 use the Products for the provision of any service for the benefit of third parties other than Beneficiaries;
3.4.2 modify or translate the Products except (i) as necessary to configure the Licensed Products using the menus, options and tools provided for such purposes and contained in the Software; (ii) as necessary to develop custom filters using the Application Programming Interfaces (APIs) where contained in the Software or provided directly by Sophos for such purposes; and, (iii) in relation to the Documentation, except as necessary to produce and adapt manuals and/or other documentation for any Beneficiary’s Internal Business Purpose;
3.4.3 reverse engineer, disassemble or decompile the Products or any portion thereof or otherwise attempt to derive or determine the source code or the logic therein except to the extent and for the express purposes authorised by applicable law;
3.4.4. install and/or run on the Appliance any software applications other than the Licensed Products;
3.4.5 transmit or provide access to the Products save as provided in this Agreement;
3.4.6 use or sub-licence Sophos Software for which MSP has not paid the applicable Fees;
3.4.7 sub-license, rent, sell, lease, distribute or otherwise transfer the Products save as provided under this Agreement unless MSP obtains a separate licence from Sophos for such purposes (for example, MSP may not embed the Licensed Products into another application and then distribute such to third parties unless MSP first acquires an OEM licence from Sophos);
3.4.8 use or allow use of the Products in or in association with safety critical applications such as, without limitation, medical systems, transport management systems, vehicle and power generation applications including but not limited to nuclear power applications; and/or
3.4.9 use or allow use of the Products for the purposes of competing with Sophos, including without limitation competitive intelligence.
4. MAINTENANCE
4.1 This Agreement entitles MSP to receive Maintenance for the Licence Term.
4.2 MSP acknowledges and agrees that the Products and Sophos may directly and remotely communicate for the purposes of, without limitation, verifying MSP’s credentials, issuing reports and alerts such as automated support requests and alert messages, and to provide Maintenance.
5. WARRANTIES AND INDEMNITY
5.1.1 For a period of ninety (90) days from the execution date of the license agreement between the MSP and Sophos (the “Licensed Products Warranty Period”): (i) the Licensed Products will perform substantially in accordance with the Documentation provided that they are operated in accordance with the Documentation on the designated operating system(s) and (ii) the Documentation adequately describes the operation of the Licensed Products in all material respects; and
5.1.2 For a period of three (3) years from the date of purchase, or such other period as may be specifically agreed between the parties, as applicable, (the “Hardware Warranty Period”) and provided always that MSP have a valid, fully paid up, unexpired licence for a Licensed Product, Sophos warrants that the Hardware shall be free of defects in materials and workmanship under normal use and service and substantially conform to the Documentation.
5.2 If Sophos is notified in writing of a breach of the warranty for the Licensed Products described in Clause 5.1.1 or the warranty for the Hardware described in Clause 5.1.2 during the applicable Warranty Period, Sophos’s entire liability and MSP’s sole remedy shall be (at Sophos’s option) to correct, repair or replace the Hardware, Licensed Products and/or Documentation, as applicable, within a reasonable time or provide or authorise a refund of the Fee following the return of the Appliance accompanied by proof of purchase. Any items provided as replacement under the terms of this warranty will be warranted for the remainder of the original Warranty Period.
5.3 If MSP has purchased an Appliance which includes an advance replacement warranty, upon discovery of any failure of the Hardware, or any component of the Hardware, to conform with the warranty described in Clause 5.1.2 during the Hardware Warranty Period, MSP is required to contact Sophos and seek an RMA number. Sophos will promptly issue the requested RMA as long as Sophos determines that this is a valid warranty claim in accordance with the terms of this Agreement. Upon confirmation of MSP’s eligibility for the warranty rights described herein and Sophos’s provision to MSP of an RMA (which RMA may be provided, at Sophos’s sole discretion, in response to Sophos’s receipt of an automated notification from the Appliance), Sophos will ship MSP replacement Hardware (“Advance Replacement Hardware”). Such Advance Replacement Hardware may, at Sophos’s sole discretion, be new or refurbished. Upon receipt of the replacement Hardware (and in any event within 15 days from the date the RMA was issued), MSP will return the allegedly defective Hardware or component part(s) of the Hardware to the return location indicated by Sophos, securely and properly packaged in the packaging provided with the Advance Replacement Hardware (if supplied), carriage (and insurance at MSP’s option) prepaid with the RMA number prominently displayed on the exterior of the packaging.
5.4 If MSP has purchased an Appliance which does not include an advance replacement warranty, upon discovery of any failure of the Hardware, or any component of the Hardware, to conform with the warranty described in Clause 5.1.2 during the Hardware Warranty Period, MSP is required to return the Appliance to the return location indicated by Sophos securely and properly packaged, carriage (and insurance at MSP’s option) prepaid. Upon receipt of a valid warranty claim in accordance with Clause 5.2 and receipt of the Appliance at the return location indicated by Sophos, Sophos will ship MSP a replacement Appliance. Such replacement Appliance may, at Sophos’s sole discretion, be new or refurbished and may be the returned Appliance repaired by or on behalf of Sophos.
5.5 Title to the allegedly defective Hardware or component part shall pass to Sophos upon receipt by MSP of the Advance Replacement Hardware, if applicable, or on shipment by MSP of the Appliance to the return location indicated by Sophos, whichever is the sooner. Should the Hardware or component part(s) of the Hardware returned by MSP: (i) be deemed not to be defective or ‘no fault found’ (NFF); or (ii) should a returned Appliance be missing any Hardware, Sophos will invoice MSP and MSP agrees to pay the cost of the Hardware or component part of the Hardware, as applicable. If MSP fails to return allegedly defective Hardware or any component part(s) of the Hardware to the return location indicated by Sophos within the referenced time limit, MSP will be responsible for the cost of returning such item to the return location and Sophos will be entitled to enter MSP’s premises to repossess such item(s) at MSP’s sole cost. SOPHOS SHALL NOT BE RESPONSIBLE FOR MAINTAINING OR PROTECTING ANY CONFIGURATION SETTINGS OR DATA FOUND ON THE RETURNED APPLIANCE OR COMPONENT PART OF THE APPLIANCE. Title to the Advanced Replacement Hardware or any replacement Hardware provided to MSP in accordance with Clauses 5.3 and 5.4 respectively shall pass to MSP on shipping or payment of the Hardware Fee, whichever is the later. Risk of loss in relation to the Advanced Replacement Hardware or any replacement Hardware provided to MSP in accordance with Clauses 5.3 and 5.4 respectively passes to MSP upon shipment of such Appliance to MSP. MSP shall be responsible for any insurance for the replacement Hardware.
5.6 The warranties contained in this Agreement do not apply to repair or replacement caused or necessitated by: (i) accident; unusual physical, electrical or electromagnetic stress; neglect; misuse; fluctuations in electrical power beyond those set out in the specifications; failure of air conditioning or humidity control; improper maintenance, or any other misuse, abuse or mishandling; (ii) force majeure including without limitation natural disasters such as fire, flood, wind, earthquake, lightning or similar disaster; (iii) governmental actions or inactions; (iv) strikes or work stoppages; (v) MSP’s failure to follow applicable use or operations instructions or manuals; (vi) MSP’s failure to implement, or to allow Sophos or its agents to implement, any corrections or modifications to the Appliance made available to MSP by Sophos; or (vii) such other events outside Sophos’s reasonable control.
5.7 THE ABOVE WARRANTIES ARE NULL AND VOID IF ANY WARRANTY STICKERS ARE TAMPERED WITH OR ARE MISSING, OR, EXCLUDING THE REPLACEMENT OF FRU, IF THE APPLIANCE WAS REPAIRED OR ALTERED BY PERSONNEL OTHER THAN THOSE AUTHORISED BY SOPHOS.
5.8 MSP warrants and agrees that it shall:
5.8.1 ensure that all Beneficiaries are bound by a contract for MSP’s managed services, the terms of which are no less protective of Sophos than these terms and in particular comply with Clause 3, and ensure that no Beneficiaries receive credentials other than in accordance with a valid contract for the supply of managed services with MSP;
5.8.2 not distribute any Credentials provided by Sophos to Beneficiaries or any other third parties;
5.8.3 ensure that all Beneficiaries have separate and different Credentials for use of the Products and ensure that such use by Beneficiaries shall terminate if they no longer have a valid agreement with the MSP for the supply of managed services;
5.8.4 be responsible for ensuring that Beneficiary’s receive Updates and Upgrades promptly and in any event within 24 hours following Sophos making such Updates and Upgrades available;
5.8.5 provide all first line technical support to Beneficiaries and ensure that Beneficiaries do not contact Sophos direct. Where customers do contact Sophos directly, Sophos shall be entitled to receive additional payments from MSP equal to the amount of the monthly License Fee for a single User for each and every such occurrence. In the event of ongoing Beneficiary contact with Sophos support, Sophos reserves the right to amend the terms of this Agreement, including without limitation, increasing the Fees;
5.8.6 provide to Sophos a monthly report with the information required as set out in Appendix 3;
5.8.7 ensure that all sub-licences granted to Beneficiaries expire at the end of the Licence Term;
5.8.8 ensure that MSP’s and each Beneficiary’s use of the Licensed Products is and will continue to be in accordance with all applicable laws and regulations;
5.8.9 not remove any Sophos branding on the Products;
5.8.10 ensure that the term of any Beneficiary’s right to use the Products shall be no longer than the Licence Term and ensure that Beneficiaries do not use the Products beyond the Licence Term (including any extension or renewal agreed in writing between the parties);
5.9 Other than arising out of Sophos’s warranties in Clause 5.1, MSP shall at MSP’s own expense hold harmless, defend and fully and effectively indemnify Sophos against any claims, proceedings, damages, costs, expenses or other liability whatsoever arising out of, resulting from or relating to MSP’s and each Beneficiary’s use of the Products (including without limitation breach of MSP’s warranties in Clause 5.8) and/or any Suggestions.
5.10 Sophos shall indemnify and keep MSP fully and effectively indemnified on demand from and against any and all losses, claims, damages, costs, charges, expenses and liabilities which arise from any claim or proceeding alleging that MSP’s use, possession or distribution of the Licensed Products in the country where MSP’s head office is located (provided that such country is a party to the World Intellectual Property Organization (WIPO) treaties on patents, trademarks and copyrights) in accordance with the terms of this Agreement infringes any third party patent, trademark or copyright in the country where MSP’S head office is located. MSP shall not be entitled to the benefit of this indemnity if:-
5.10.1 MSP fails to notify Sophos in writing within ten (10) days of any claim being made or proceedings being issued against MSP; or
5.10.2 MSP does not at the written request of Sophos forthwith cease to use or distribute the Product on any such claim being made; or
5.10.3 MSP shall have, without the prior written consent of Sophos, acknowledged the validity of the claim or proceedings of such third party or taken any action which would or might impair the ability of Sophos to contest the claim or proceedings of the third party if it so elects and in any such case Sophos shall be entitled to terminate this Agreement forthwith by notice to MSP.
5.11 Sophos shall have no liability under clause 5.5 or otherwise if the alleged infringement arises due to:-
5.11.1 modification of the Product by anyone other than Sophos; or
5.11.2 use of the Licensed Product with any hardware, software or other component not provided by Sophos in circumstances where use of the Licensed Product without such other hardware, software or component would not have led to liability under Clause 5.10; or
5.11.3 use of the Product other than in accordance with the Documentation.
5.12 If any such claim referred to in Clause 5.10 is made against MSP, then Sophos shall have:
5.12.1 the absolute discretion to decide whether to defend or settle any proceedings in relation to such third party’s claims or to initiate counter-proceedings;
5.12.2 the right to require, if it considers it necessary or desirable, MSP to join in any such proceedings at Sophos’ cost;
5.12.3 the right to require MSP’s full co-operation (at Sophos’s expense) with Sophos in defending the claim;
5.12.4 the right to procure a license so that MSP’s use, possession and distribution of the Licensed Products in accordance with the terms of this Agreement does not infringe any third party patents, trademarks or copyrights;
5.12.5 the right to modify the Licensed Products so that they no longer infringe a third party’s patents, trademarks or copyrights; and
5.12.6 the right to terminate this Agreement forthwith by notice to MSP if Sophos cannot obtain a license or modify the Licensed Products in the manner referred to in Clauses 5.12.4 and 5.12.5 in a manner which Sophos considers commercially feasible and refund any applicable fees paid to Sophos by MSP;
and MSP will in any event mitigate MSP’S losses as far as possible. CLAUSES 5.10, 5.11 AND 5.12 SET OUT MSP’S SOLE REMEDY AND THE WHOLE LIABILITY OF SOPHOS IN THE EVENT THAT THE PRODUCTS INFRINGE THE PATENTS, TRADEMARKS OR COPYRIGHTS OR OTHER INTELLECTUAL PROPERTY RIGHTS OF ANY THIRD PARTY.
6. DISCLAIMER OF WARRANTIES
6.1 EXCEPT FOR THE EXPRESS WARRANTIES CONTAINED IN CLAUSE 5.1 ABOVE, SOPHOS AND ANY OF ITS THIRD-PARTY LICENSORS AND SUPPLIERS AND THE CONTRIBUTORS OF CERTAIN INCLUDED SOFTWARE MAKE NO WARRANTIES, CONDITIONS, UNDERTAKINGS OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED, STATUTORY OR OTHERWISE IN RELATION TO THE PRODUCT INCLUDING WITHOUT LIMITATION ANY IMPLIED WARRANTIES OR CONDITIONS OF MERCHANTABILITY, SATISFACTORY QUALITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT OR ARISING FROM COURSE OF DEALING, USAGE OR TRADE. SOME STATES/JURISDICTIONS DO NOT ALLOW THE EXCLUSION OF IMPLIED WARRANTIES, SO THE ABOVE EXCLUSION MAY NOT APPLY TO MSP AND MSP MAY HAVE OTHER LEGAL RIGHTS THAT VARY FROM STATE TO STATE OR BY JURISDICTIONS.
WITHOUT LIMITATION TO THE FOREGOING, SOPHOS DOES NOT WARRANT THAT THE PRODUCT WILL MEET MSP’S OR BENEFICIARIES’ REQUIREMENTS OR THAT THE OPERATION OF THE PRODUCT WILL BE ERROR FREE OR UNINTERRUPTED OR THAT DEFECTS IN THE PRODUCT WILL BE CORRECTED. SOPHOS DOES NOT WARRANT THAT THE PRODUCTS WILL DETECT AND/OR CORRECTLY IDENTIFY AND/OR DISINFECT ALL THREATS, APPLICATIONS (WHETHER MALICIOUS OR OTHERWISE) OR OTHER COMPONENTS.
6.2 SOPHOS DOES NOT WARRANT OR REPRESENT THAT MSP OR ANY BENEFICIARY IS ENTITLED TO BLOCK ANY THIRD PARTY APPLICATIONS OR DEVICES AND EXPRESSLY DISCLAIMS LIABILITY FOR ANY SUGGESTIONS MADE BY SOPHOS (INCLUDING WITHOUT LIMITATION BY ITS EMPLOYEES, CONSULTANTS AND SUB-CONTRACTORS) IN CONNECTION WITH MSP’S OR ANY BENEFICIARY’S USE OF THE LICENSED PRODUCT (“SUGGESTIONS”).
7. LIMITATION OF LIABILITY
7.1 MSP AND EACH BENEFICIARY USES THE PRODUCT AT MSP’S AND SUCH BENEFICIARY’S OWN RISK. TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, IN NO EVENT SHALL SOPHOS OR ANY OF ITS THIRD-PARTY LICENSORS AND SUPPLIERS OR THE CONTRIBUTORS OF CERTAIN INCLUDED SOFTWARE BE LIABLE TO MSP OR BENEFICIARIES FOR OR TO THOSE CLAIMING THROUGH MSP FOR ANY DIRECT, INDIRECT, CONSEQUENTIAL, INCIDENTAL OR SPECIAL DAMAGE OR LOSS OF ANY KIND INCLUDING, BUT NOT LIMITED TO, LOSS OF PROFITS, LOSS OF CONTRACTS, BUSINESS INTERRUPTIONS, LOSS OF OR CORRUPTION OF DATA HOWEVER CAUSED AND WHETHER ARISING UNDER CONTRACT OR TORT, INCLUDING NEGLIGENCE, EVEN IF SOPHOS HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
7.2 IF ANY LIMITATION, EXCLUSION, DISCLAIMER OR OTHER PROVISION CONTAINED IN THIS AGREEMENT IS HELD TO BE INVALID FOR ANY REASON BY A COURT OF COMPETENT JURISDICTION AND SOPHOS BECOMES LIABLE THEREBY FOR LOSS OR DAMAGE THAT MAY LAWFULLY BE LIMITED, SUCH LIABILITY WHETHER IN CONTRACT, TORT OR OTHERWISE, WILL NOT EXCEED THE GREATER OF THE FEES PAID BY MSP FOR ANY 12 MONTH PERIOD OR £10,000 [10,000 Euros][$10,000] [delete as applicable].
8. OPTIONAL DATA SHARING
8.1 If MSP does not choose to allow: (i) sharing of data with Sophos in order to improve protection and/or application control; or (ii) remote assistance, this Clause 8 does not apply to MSP.
8.2 If MSP chooses to allow sharing of such supplementary data with Sophos or authorise Sophos to provide remote assistance, MSP has agreed to implement optional functions which allow the Products to provide Sophos with various data. While Sophos does not intend that such data include proprietary, confidential or user-identifiable data of MSP or any Beneficiary, by enabling this option MSP acknowledges that it may be possible for such data to include proprietary, confidential or user-identifiable data and MSP represent to Sophos that MSP has obtained all necessary permissions to share such data with Sophos.
9. EXPORT CONTROL REQUIREMENTS
9.1 MSP hereby agrees that MSP will use, disclose and/or transport the Product in accordance with any applicable export control laws and regulations and will not re-export or re-transfer the Appliance to any destination subject to restrictive sanctions measures or trade embargoes implemented at a national, regional or international level without the appropriate authorization and that MSP is solely responsible for fulfilling any applicable governmental requirements in connection with MSP’s and any Beneficiary’s use, disclosure and/or transport of the Product and relating to any transfer under Clause 3.4.6 above. In addition to the foregoing, MSP acknowledges that the Appliance is classified as an encryption item under the United States Export Administration Regulations (“EAR”).
9.2 Export of the Appliance is controlled by the United States EAR and may also be controlled by other national regulations and that MSP is solely responsible for fulfilling any applicable governmental requirements, including without limitation those that relate to the EC Directive on Waste Electrical and Electronic Equipment (2002/96/EC) (“WEEE”) and The Restriction of the Use of Certain Hazardous Substances in Electrical and Electronic Equipment Regulations (2002/95/EC) (“RoHS”) (as amended), in connection with MSP’s and any Beneficiary’s use, disclosure, transfer, and/or transport and/or disposal by MSP of the Appliance. MSP agrees to indemnify and hold Sophos harmless from and against any claim, loss, liability or damage suffered or incurred by Sophos resulting from or related to MSP’s violation of this paragraph.
9.3 MSP warrants and represents that in entering into this Agreement neither the MSP nor any of its officers, employees, agents, representatives, contractors, intermediaries or any other person or entity acting on behalf of the MSP will take any action, directly or indirectly, that would constitute an offence under:
9.3.1 the Bribery Act 2010; or
9.3.2 any other applicable anti-bribery laws or regulations anywhere in the world;
AND ANY BREACH OR SUSPECTED BREACH OF THIS CLAUSE 9.3 SHALL BE A MATERIAL BREACH INCAPABLE OF REMEDY THERBY ENTITLING SOPHOS TO TERMINATE THIS AGREEMENT FORTHWITH.
10. TERMINATION
10.1 Automatic Termination. This Agreement and MSP’s rights under it will terminate immediately if: (i) MSP fails to pay the Fee (or any applicable part of it) in accordance with the agreed payment terms; or (ii) MSP fails to comply with any of the terms and conditions of this Agreement; or (iii) if MSP takes or suffers any action on account of debt or are insolvent. All fees paid or payable are non-refundable. In the event that MSP fail to pay the Fee as set out in subsection (i) above, MSP is required, with respect to Appliances, to return the Appliance to the return location indicated by Sophos, securely and properly packaged, with carriage (and insurance at MSP’s option) prepaid, and, with respect to software-only Licensed Products, MSP must destroy the Software and all copies of it including those of all Beneficiaries. Within one month after the date of termination of this Managed Service Provider Licence Agreement, MSP must supply written certification to Sophos of the destruction by MSP of the software-only Licensed Product and all copies of all or any part of it. With respect Appliances, if, upon termination, MSP fails to promptly return the Appliance to the location indicated by Sophos, Sophos will be entitled to enter MSP’s premises to repossess such Appliance. Notwithstanding any provision of this Clause 10, MSP’s right to use, and MSP’s access to, the Products will automatically terminate on expiry of the License Term unless and until MSP renew MSP’s licence for the Products.
10.2 Voluntary Termination. MSP may terminate this Agreement at any time on providing thirty (30) days’ written notice to Sophos, and shall forthwith destroy the Software and all copies of it. All fees paid or payable are non-refundable to the extent allowed by applicable law.
11. CONFIDENTIALITY
11.1 The Software may include confidential information that is secret and valuable to Sophos and its licensors. MSP and each Beneficiary are not entitled to use or disclose that confidential information other than strictly in accordance with the terms of this Agreement. Sophos reserves the right to disclose details of the Agreement to third parties for publicity and promotional purposes and:-
11.1.1 MSP expressly gives Sophos permission to include and publish MSP’s name and logo on lists of Sophos’s partners for the Products; and
11.1.2 MSP agrees that Sophos may send emails to MSP to provide information and goods and services to MSP and to let MSP know about other goods and services in which MSP may be interested.
11.2 The Products may provide Sophos with information from time to time regarding MSP and/or Beneficiaries’ use of the Products. It is intended that any such information provided to Sophos by the Licensed Products be non-user-identifiable data. However, if MSP selects the Optional Data Sharing as set out in Clause 8 above, the Licensed Products will provide Sophos with various data or communications, which may contain user-identifiable data, for use by Sophos for its business purposes.
11.3 MSP acknowledges and agrees that Sophos may contact Beneficiaries in the event that (i) MSP has not renewed a Beneficiary’s license, (ii) this Agreement has been terminated, or (iii) MSP has failed to pay the Fees for such Beneficiary’s use of the Products and may at its discretion decide to either itself or through a third party continue to support Beneficiaries and allow them to use Products where MSP has been unable to do so for reasons of insolvency or otherwise.[can delete sub-clause locally]
12. GENERAL
12.1 During the term of this Agreement, the MSP shall at all times observe and perform the terms of this Agreement and, in particular, the MSP shall: -
12.1.1 be enrolled in the Sophos Partner Program;
12.1.2 have at least two (2) employees which hold Sophos technical certifications at the Advanced Sales Engineer level for each Licensed Product, at least one of whom is available to Beneficiaries at any time during the service hours;
12.1.3 maintain minimum infrastructure and monitoring capabilities as required by Sophos in Appendix 2.
12.2 Any reseller, distributor or dealer from whom MSP may have purchased the Product is not appointed or authorised by Sophos as its servant or agent. No such person has any authority, either express or implied, to enter into any contract or provide MSP with any representation, warranty or guarantee with or to MSP or to translate or modify this Agreement in any way on behalf of Sophos or otherwise to bind Sophos in any way whatsoever.
12.3 MSP agrees that Sophos may use any technical information provided by MSP, including without limitation information provided under the terms of the Optional Data Sharing in Clause 8, for its business purposes, including without limitation for product support and development.
12.4 MSP agrees to pay the Fee in accordance with Appendix 1, or to an authorised reseller, distributor, or dealer, if applicable. Unless otherwise stated, the Fee is exclusive of any federal, state, municipal or other governmental taxes, duties, licences, fees, excises or tariffs. MSP agrees to pay such taxes or, in lieu thereof, to provide an exemption certificate acceptable to Sophos and the applicable authority. Invoices may provide for interest to be paid on any sums not remitted by the due date.
12.5 MSP shall permit Sophos or an independent certified accountant appointed by Sophos access on written notice to MSP’s premises and MSP’s books of account and records at any time during normal business hours for the purpose of inspecting, auditing, verifying or monitoring the manner and performance of MSP’s obligations under this Agreement including without limitation the payment of all applicable licence fees. Sophos shall not be able to exercise this right more than once in each calendar year. If an audit reveals that MSP has underpaid fees to Sophos, MSP shall be invoiced for and shall pay to Sophos within 30 days of the date of invoice an amount equal to the shortfall between the fees due and those paid by MSP. If the amount of the underpayment exceeds 5% of the fees due or the audit reveals a violation of any licence restrictions pursuant to this Agreement then, without prejudice to Sophos’s other rights and remedies, MSP shall also pay Sophos’s reasonable costs of conducting the audit.
12.6 Sophos may at its sole discretion subcontract any of its rights or obligations hereunder to any of its subsidiaries, resellers, distributors or dealers, as applicable.
12.7 The parties may vary or amend the terms and conditions of this Agreement by mutual agreement in writing from time to time. Sophos may change the Fees from time to time by reasonable notice to MSP. In the event that Sophos changes the Fees, then MSP has 30 days from the date of such notice to terminate this Agreement in writing by notice to Sophos and if no notice is received shall be deemed to accept such revised Fees.
12.8 Failure by Sophos to enforce any particular term of this Agreement shall not be construed as a waiver of any of its rights under it.
12.9 The illegality, invalidity or unenforceability of any part of this Agreement will not affect the legality, validity or enforceability of the remainder.
12.10 This Agreement and the Schedules and Appendices thereto constitute the entire agreement between the parties in relation to the Product and its licensing and supersede any other oral or written communications, agreements or representations with respect to the Product, save for any oral or written communications, agreements or representations made fraudulently.
12.11 If MSP is an agency or other part of the U.S. Government, the Software and the Documentation are commercial computer software and commercial computer software documentation and their use, duplication and disclosure are subject to the terms of this Agreement per FAR 12.212 or DFARS 227.7202-3, as amended.[can delete for European MSPs]
12.12 A person who is not a party to this Agreement has no right to enforce any term of this Agreement under applicable legislation and the parties to this Agreement do not intend that any third party rights are created by this Agreement.
12.13 In the event the Sophos subsidiary entity from which MSP has purchased the licenses is located in:
THE UNITED STATES OF AMERICA, CANADA, LATIN AMERICA this Agreement shall be governed by and construed in accordance with the laws of the Commonwealth of Massachusetts and the courts of the Commonwealth of Massachusetts shall have non-exclusive jurisdiction to determine any disputes, which may arise out of, under, or in connection with this Agreement; and
ALL OTHER COUNTRIES this Agreement shall be governed by and construed in accordance with the laws of England and Wales and the courts of England and Wales shall have non-exclusive jurisdiction to determine any disputes, which may arise out of, under, or in connection with this Agreement.
Any notices required to be given in writing to Sophos or any questions concerning this Agreement should be addressed to The Company Secretary, Sophos Limited, The Pentagon, Abingdon, OX14 3YP, United Kingdom.
Executed by the Parties:
SOPHOS LIMITED
Signature: ____________________
Name: ____________________
Title: ____________________
Date: ____________________
MSP
Signature: ____________________
Name: ____________________
Title: ____________________
Date: ____________________
LICENCE SCHEDULE
MSP Information
Name:
Address:
Licence Number:
Start Date:
Expiry Date (if applicable):
Licensed Product Information
Licensed Products: Sophos Mobile Control
Number of Computer Licenses:
Territory: [worldwide] [or specify]
Security
Username Password
EM Library Databank:
Website Download:
APPENDIX 1
FEES & PAYMENT TERMS
MSP will pay Fees in the following manner: monthly reporting with monthly billing in arrears
Per Computer Sophos License Price
<$2.00> or <€2.00> or <equivalent to €2.00 in local currency>
Per Computer SMS cost Flat Fee
€0.30 <or equivalent in local currency>
MSP shall provide to Sophos or to Sophos’s authorised partner or representative within 10 working days of the beginning of each calendar month complete and accurate records containing the number of Users at the end of the calendar month, name, address and number of Users for each of the Beneficiaries, the applicable state(s) or country(ies) of the Beneficiaries for each sale and accurately calculating the fees payable by MSP in accordance with Appendix 1. In addition to the foregoing, MSP will forward to Sophos at the end of each calendar month an electronic copy the license report generated by Licensed Product.
All payments shall be made in [state currency] to Sophos or to Sophos’s authorised partner or representative as notified to MSP by Sophos from time to time. Payment of the Fees shall be due within 30 days of the end of the period for which the fees are due. Delays in submission of reports will not lead to an extension of this period. For the avoidance of doubt, such Fees are payable whether or not MSP collects monies from any Beneficiary and whether or not any refunds are given by MSP to the Beneficiary and in no event shall MSP be entitled to any reimbursement or refund of Fees.
Interest – If any sum payable under this Agreement is not paid when due or is delayed by MSP’s failure to properly report the number of Users then, without prejudice to Sophos’s other rights under this Agreement, that sum will bear interest from the due date until the date when payment is received by Sophos or Sophos’s authorised partner or representative, both before and after any judgement at the rate of 1.5% per calendar month.
Taxes - All payments, fees and other charges payable by MSP to Sophos or to Sophos’s authorised partner or representative under this Agreement are exclusive of all taxes, levies and assessments of any jurisdiction. MSP agrees to bear and be responsible for the payment of all such taxes, levies and assessments imposed on MSP or Sophos or to Sophos’s authorised partner or representative arising out of this Agreement, excluding any tax based on Sophos’s net income. If MSP is required to pay Sophos or Sophos’s authorised partner or representative as notified to MSP by Sophos from time to time a lower amount under this Agreement because of any withholding or tax, MSP shall pay to Sophos or Sophos’s authorised partner or representative such grossed-up amount as would be necessary to provide Sophos or Sophos’s authorised partner or representative the full amount of the Fees absent any withholding tax imposed on amounts payable hereunder.
APPENDIX 2
Minimum Infrastructure Requirements
1. A secure method of accessing the Beneficiary’s network (e.g., VPN)
2. A method of collecting data from the deployed Products, reporting on such data, and an ability to send alerts to Beneficiaries
3. Appropriate staffing levels to continuously meet the services offered for all Products (e.g., 5 staff members 24x7x365 managed services are offered)
4. Keep Beneficiary data collected via the Products segregated, secure, and in compliance with all applicable regulatory requirements
APPENDIX 3
Report Requirements (sample report below)
Invoice Number
Invoice Date
Beneficiary
Beneficiary Location (country and/or state)
Beneficiary Zip code / Postal code
Beneficiary Customer Number / Unique ID
Number of Users
12345
01/01/2001
Enterprise
France
12345
a454s789
1,340
67890
02/02/2002
Education
Belgium
67890
13494483
600
V08Nov2011