Software License Agreement – PointCross Life Sciences

POINTCROSS – SAAS TERMS AND CONDITIONS

 This End User License Agreement (“Agreement”) is made between PointCross, Inc., a Delaware corporation with its principal place of business at 1291 East Hillsdale Blvd., Suite 304, Foster City, CA, 94404, USA the licensor, hereinafter referred as “PointCross”, and the Authorized User or the Company authorizing the User hereinafter referred to as “Customer”, by the click- through action signifying acceptance of the terms included herein.

 Provider and Customer agree as follows:

1. Solutions.1.1 Rights. Subject to the terms and conditions of this Agreement, PointCross provides Company with a limited, non-transferable, non-exclusive and non-sublicensable right, during the term of this Agreement, right to use the applications and services described on the Cover Page (collectively, the “Solutions”) solely for Company’s internal business purposes.1.2 Upon PointCross’ receipt of the Subscription Fees (as defined below), (a)Company will receive an auto generated email sent to “Authorized Users” with the login credentials to access the Solutions for use in accordance with the terms of this Agreement (collectively, the “Authorized Users” and each, an “Authorized User”), (b) each of the Authorized Users with log-in credentials to access and use the Solutions, (c) Company with log-in credentials to use the Solutions and access data resulting from Authorized Users’ use of the Solution, and (d) subject to restrictions enumerated in Section 10 including but not limited to the need for Client subscription of certain third party dictionaries.
2. Security2.1 Security. PointCross will use commercially reasonable efforts to meet the security requirements set forth in Exhibit A (the “Security Standards”).
3. Fees and Payment Terms.3.1 Fees. In exchange for the Solutions, Company will pay the fees set forth in the AWS Market Place (“Subscription Fees”) on a monthly basis.3.2 Acknowledgment. Company’s subscription is ongoing and Company will be billed until Company cancels its subscription. Recurring charges for Company’s subscription will be billed to the payment method Company provided. If Company chooses to cancel its subscription, it must do so prior to the next-scheduled subscription renewal to avoid being charged for its next Subscription Period in accordance with Section 9 “Effect of Termination.”
4. Confidentiality4.1 Definition. “Confidential Information” means all information disclosed (whether in oral, written, or other tangible or intangible form) by one party (the “Disclosing Party”) to the other party (the “Receiving Party”) concerning or related to this Agreement or the Disclosing Party (whether before, on or after the Effective Date) that is marked “Confidential” or “Proprietary” or with similar designation by the Disclosing Party, at the time of initial disclosure to the Receiving Party or, if the Disclosing Party makes an oral disclosure, the Disclosing Party, within 10 days of such oral disclosure, notifies the Receiving Party in writing that the information disclosed by the Disclosing Party should be treated as confidential/proprietary to the Disclosing Party. Confidential Information includes, but is not limited to, the Solutions, the components of the business plans, financial plans, know-how, customer information, strategies, and other similar information.
   4.2 Obligations. The Receiving Party will maintain in confidence the Confidential Information during the term of this Agreement and for the two-year period commencing upon the effective date of termination of this Agreement, and will not use such Confidential Information except as expressly permitted in this Agreement. The Receiving Party will use the same degree of care in protecting the Confidential Information as the Receiving Party uses to protect its own confidential and proprietary information from unauthorized use or disclosure, but in no event less than reasonable care. Confidential Information will be used by the Receiving Party solely for the purpose of carrying out the Receiving Party’s obligations under this Agreement. In addition, the Receiving Party will only disclose Confidential Information to its directors, officers, employees and/or contractors who have a need to know such Confidential Information in order to perform their duties under this Agreement, and if such directors, officers, employees and/or contractors have executed a non-disclosure agreement with the Receiving Party with terms no less restrictive than the non-disclosure obligations contained in this Section 4.2. Each party agrees that the terms and conditions of this Agreement will be treated as Confidential Information of both parties and will not be disclosed to any third party; provided, however, that each party may disclose the terms and conditions of this Agreement (a) to such party’s legal counsel, accountants, banks, financing sources and their advisors, (b) in connection with the enforcement of this Agreement or rights under this Agreement, or (c) in connection with an actual or proposed merger, acquisition, or similar transaction. Notwithstanding any terms to the contrary in this Agreement, any suggestions, comments or other feedback provided by Company to PointCross with respect to PointCross or the Solutions (collectively, “Feedback”) will constitute Confidential Information of PointCross. Further, PointCross will be free to use, disclose, reproduce, license and otherwise distribute and exploit the Feedback provided to it as it sees fit, entirely without obligation or restriction of any kind on account of Intellectual Property Rights or otherwise.4.3 Exceptions. Confidential Information will not include information that: (a) is in or enters the public domain without breach of this Agreement through no fault of the Receiving Party; (b) the Receiving Party can reasonably demonstrate was in its possession prior to first receiving it from the Disclosing Party; (c) the Receiving Party can demonstrate was developed by the Receiving Party independently, and without use of or reference to, the Confidential Information; or (d) the Receiving Party receives from a third party without restriction on disclosure and without breach of a nondisclosure obligation. In addition, the Receiving Party may disclose Confidential Information that is required to be disclosed by law or by a subpoena or order issued by a court of competent jurisdiction (each, an “Order”), but solely on the conditions that the Receiving Party: (i) gives the Disclosing Party written notice of the Order within 24 hours after receiving it; and (ii) cooperates fully with the Disclosing Party before disclosure to provide the Disclosing Party with the opportunity to interpose any objections it may have to the disclosure of the information required by the Order and seek a protective order or other appropriate relief. In the event of any dispute between the parties as to whether specific information is within one or more of the exceptions set forth in this Section 4.3, the Receiving Party will bear the burden of proof, by clear and convincing evidence, that such information is within the claimed exception(s).4.4 Remedies. The Receiving Party acknowledges that any unauthorized disclosure of Confidential Information will result in irreparable injury to the Disclosing Party, which injury could not be adequately compensated by the payment of money damages. In addition to any other legal and equitable remedies that may be available, the Disclosing Party will be entitled to seek and obtain injunctive relief against any breach or threatened breach by the Receiving Party of the confidentiality obligations hereunder, from any court of competent jurisdiction, without being required to show any actual damage or irreparable harm, prove the inadequacy of its legal remedies, or post any bond or other security.
5. Privacy and Data.
   5.1 PointCross will comply with all applicable laws and regulations in its handling of Company Data (as defined below). If PointCross uses the Solutions to process personal data from data subjects in the European Union, for purposes of such Company Data, PointCross will act as a data processor, and Company will act as a data controller. Company will process Company Data from data subjects in the European Union or Switzerland in accordance with terms set forth in Exhibit B (the “European Union Data Processing Addendum”).5.2 Company grants to PointCross the right to (a) collect Company’s and Authorized Users’ (as defined below) text, comments, content, data, other information, and any personal data, including any names, email addresses, cookie identifiers, IP addresses, or other information that reasonably identifies an individual or device (collectively “Company Data”) in order to perform the Solutions, (b) transfer the Company Data to PointCross’ servers for processing, analysis, retention, and visualization, and (c) host and store the Company Data on PointCross’ servers. Company represents, warrants, and covenants that Company will (i) post an appropriate privacy policy that provides notice of the use of cookies and similar technologies, (ii) use the Solutions only in compliance with such privacy policy and all applicable laws and regulations, including but not limited to laws and regulations governing the privacy of Authorized Users’ websites and online services, (iii) use commercially reasonable efforts to ensure that visitors to its websites and applications that integrate the Solutions are provided with clear and comprehensive information about, and consents to, the storing and accessing of cookies or other information on such visitors’ devices where such activity occurs in connection with the Solutions and where providing such information and obtaining such consent is required by law, (iv) not pass to PointCross, nor enable PointCross to collect any Company Data unless it has obtained any consents necessary to provide such Company Data to PointCross and has otherwise ensured the legality of such data collection or transfer.
6. Representations, Warranties and Remedies.
   6.1 General Representations and Warranties. Each party represents and warrants that (a) it is validly existing and in good standing under the laws of the place of its establishment or incorporation, (b) it has full corporate power and authority to execute, deliver and perform its obligations under this Agreement, (c) the person signing this Agreement on its behalf has been duly authorized and empowered to enter into this Agreement, and (d) this Agreement is valid, binding and enforceable against it in accordance with its terms.6.2 Specific Representations and Warranties. PointCross represents and warrants that (a) the Solutions will conform, in all material respects, to the applicable specifications set forth in the Cover Page, and (b) it will perform the Professional Services, if any, in a professional and workmanlike manner.6.3 Disclaimer. EXCEPT FOR THE REPRESENTATIONS AND WARRANTIES SET FORTH IN SECTIONS 6.1 AND 6.2, POINTCROSS DISCLAIMS ANY AND ALL REPRESENTATIONS OR WARRANTIES (EXPRESS OR IMPLIED, ORAL OR WRITTEN) WITH RESPECT TO THIS AGREEMENT, THE SOLUTIONS AND ANY THIRD-PARTY SOFTWARE/SERVICE, WHETHER ALLEGED TO ARISE BY OPERATION OF LAW, BY REASON OF CUSTOM OR USAGE IN THE TRADE, BY COURSE OF DEALING OR OTHERWISE, INCLUDING ANY AND ALL: (A) WARRANTIES OF MERCHANTABILITY; (B) WARRANTIES OF FITNESS OR SUITABILITY FOR ANY PURPOSE (WHETHER OR NOT POINTCROSS KNOWS, HAS REASON TO KNOW, HAS BEEN ADVISED, OR IS OTHERWISE AWARE OF ANY SUCH PURPOSE); OR (C) WARRANTIES OF NONINFRINGEMENT OR CONDITION OF TITLE. NOTWITHSTANDING ANY TERMS TO THE CONTRARY IN THIS AGREEMENT, COMPANY ACKNOWLEDGES AND AGREES THAT POINTCROSS MAY MODIFY THE FEATURES OF THE SOLUTIONS FROM TIME-TO-TIME AT POINTCROSS’ SOLE DISCRETION.
7. Indemnification Obligations.7.1 Infringement Indemnity. PointCross, at its sole expense, will defend Company from and against any and all third party claims, suits, actions or proceedings (each a “Claim”), and indemnify Company from any related damages, payments, deficiencies, fines, judgments, settlements, liabilities, losses, costs and expenses (including, but not limited to, reasonable attorneys’ fees, costs, penalties, interest and disbursements) that are awarded by a court of competent jurisdiction or included in a settlement approved, in advance and in writing, by PointCross resulting from or arising in connection with the use of the Solutions by Company in accordance with the terms and conditions of this Agreement infringing any Intellectual Property Rights of any third party. In the event of a Claim pursuant to this Section 7.1, PointCross may, at PointCross’ option and at PointCross’ expense (a) obtain for Company the right to continue to exercise the rights granted to Company under this Agreement; (b) substitute the allegedly infringing component for an equivalent non-infringing component; or (c) modify the Solutions to make them non-infringing. If (a), (b), or (c) is not obtainable on commercially reasonable terms, PointCross may terminate this Agreement, effective immediately, by written notice to Company. Upon a termination of this Agreement pursuant to this Section 7.1, Company must cease using the Solutions. PointCross’ indemnification obligations do not extend to Claims arising from or relating to: (i) any negligent or willful misconduct of Company or any of Company’s employees, contractors and/or service providers (collectively, the “Company Indemnitees”) or any third party; (ii) any combination of the Solutions (or any portion thereof) by any of the Company Indemnitees or any third party in combination with any equipment, software, data or any other materials; (iii) any modification to the Solutions by any of the Company Indemnitees or any third party; (iv) the use of the Solutions by any of the Company Indemnitees or any third party in a manner contrary to the terms of this Agreement where the infringement would not have occurred but for such use; (v) the continued use of the Solutions after PointCross has provided substantially equivalent non-infringing software or service; (vi) any Company services or products; or (vii) any act or omission of any of the Company Indemnitees.
   7.2 Company Indemnity. Company, at its sole expense, will defend PointCross from and against any Claims and indemnify PointCross from any related damages, payments, deficiencies, fines, judgments, settlements, liabilities, losses, costs and expenses (including, but not limited to, reasonable attorneys’ fees, costs, penalties, interest and disbursements) arising from or relating to (a) any Company products or services, (b) any negligence or willful misconduct by Company or a party acting on its behalf, or (c) any alleged or actual breach of Company’s obligations under this Agreement (including, but not limited to, any alleged or actual breach of any of Company’s representations or warranties).7.3 Procedures. The indemnifying party’s indemnification obligations under this Section 7 are conditioned upon the indemnified party: (a) giving prompt written notice of the Claim to the indemnifying party once the indemnified party becomes aware of the Claim (provided that failure to provide prompt written notice to the indemnifying party will not alleviate an indemnifying party’s obligations under Section 7 to the extent any associated delay does not materially prejudice or impair the defense of the related Claims); (b) granting the indemnifying party the option to take sole control of the defense (including granting the indemnifying party the right to select and use counsel of its own choosing) and settlement of the Claim (except that the indemnified party’s prior written approval will be required for any settlement that reasonably can be expected to require an affirmative obligation of the indemnified party); and (c) providing reasonable cooperation to the indemnifying party and, at the indemnifying party’s request and expense, assistance in the defense or settlement of the Claim.
8. Limitation of Liability.
   8.1 Consequential Damages Waiver. EXCEPT FOR (A) EACH PARTY’S BREACH OF ITS CONFIDENTIALITY OBLIGATIONS AS SET FORTH IN SECTION 4, (B) INFRINGEMENT, MISAPPROPRIATION OR VIOLATION OF ANY INTELLECTUAL PROPERTY RIGHT OF A PARTY, OR (C) EACH PARTY’S INDEMNIFICATION OBLIGATIONS AS SET FORTH IN SECTION 7, NEITHER PARTY WILL BE LIABLE FOR ANY LOSS OF PROFITS OR ANY INDIRECT, SPECIAL, INCIDENTAL, RELIANCE OR CONSEQUENTIAL DAMAGES OF ANY KIND, REGARDLESS OF THE FORM OF ACTION, WHETHER IN CONTRACT, TORT (INCLUDING NEGLIGENCE), STRICT LIABILITY OR OTHERWISE, EVEN IF INFORMED OF THE POSSIBILITY OF SUCH DAMAGES IN ADVANCE.8.2 Liability Cap. EXCEPT FOR (A) EACH PARTY’S BREACH OF ITS CONFIDENTIALITY OBLIGATIONS AS SET FORTH IN SECTION 4, (B) INFRINGEMENT, MISAPPROPRIATION OR VIOLATION OF ANY INTELLECTUAL PROPERTY RIGHT OF A PARTY, OR (C) EACH PARTY’S INDEMNIFICATION OBLIGATIONS AS SET FORTH IN SECTION 7, EACH PARTY’S ENTIRE LIABILITY TO THE OTHER PARTY WILL NOT EXCEED THE SUBSCRIPTION FEES ACTUALLY PAID BY COMPANY TO POINTCROSS DURING THE SUBSCRIPTION PERIOD WITHIN WHICH THE DAMAGES OCCURRED. FURTHER, NOTWITHSTANDING ANY TERMS TO THE CONTRARY IN THIS AGREEMENT, (A) THE SOLE AND EXCLUSIVE REMEDY FOR ANY FAILURE OF ANY SERVICE LEVEL STANDARDS ARE THE CREDITS PROVIDED UNDER THIS AGREEMENT UNLESS SUCH FAILURE IS DUE TO POINTCROSS’ WILLFUL MISCONDUCT, AND (B) POINTCROSS WILL NOT BE LIABLE FOR ANY DISCLOSURE OF, UNAUTHORIZED USE OF AND/OR UNAUTHORIZED ACCESS TO ANY COMPANY DATA OR OTHER DATA UNLESS SUCH DISCLOSURE, UNAUTHORIZED USE OF AND/OR UNAUTHORIZED ACCESS SOLELY AND DIRECTLY RESULTS FROM POINTCROSS’ FAILURE TO MEET THE SECURITY STANDARDS.8.3 Failure of Essential Purpose. MULTIPLE CLAIMS WILL NOT EXPAND THIS LIMITATION. THIS SECTION 8 WILL BE GIVEN FULL EFFECT EVEN IF ANY REMEDY SPECIFIED IN THIS AGREEMENT IS DEEMED TO HAVE FAILED OF ITS ESSENTIAL PURPOSE.
9. Effect of Termination.9.1 Effect of Termination. Upon termination of this Agreement (a) all rights and licenses granted to Company under this Agreement will immediately cease, (b) each party will promptly destroy all copies of Confidential Information of such other party, at such other party’s sole discretion and direction. Notwithstanding any terms to the contrary in this Agreement, this sentence and Sections 3, 4, 6.3, 7, 8, 10, and 11 will survive any termination of this Agreement.
10. Restrictions.

    Third-party licenses required for certain terminology and semantic enrichment that require subscriptions shall be the sole responsibility of the Company of the Authorized Users. An example of such a subscription is for the Medical dictionary License, MedDRA, needed for Clinical data. The software may not be used without a valid subscription in such cases. Except as expressly authorized by this Agreement, Company may not (a) modify, disclose, alter, translate or create derivative works of the Solutions (or any components thereof), (b) license, sublicense, resell, distribute, lease, rent, lend, transfer, assign or otherwise dispose of the Solutions (or any components thereof), (c) use the Solutions to store or transmit any viruses, software routines or other code designed to permit unauthorized access, to disable, erase or otherwise harm software, hardware or data, or to perform any other harmful actions, (d) copy, frame or mirror any part or content of the Solutions, (e) build a competitive product or service, or copy any features or functions of the Solutions, (f) interfere with or disrupt the integrity or performance of the Solutions, (g) attempt to gain unauthorized access to the Solutions or their related systems or networks, (h) disclose to any third party any performance information or analysis relating to the Solutions, (i) use the software components of the Solutions, or allow the transfer, transmission, export or re-export of such software components or any portion thereof in violation of any export control laws or regulations administered by the U.S. Commerce Department, OFAC, or any other government agency, (j) remove, alter or obscure any proprietary notices in or on the Solutions including copyright notices, (k) disclose or make available Passwords that PointCross has provided to Company or the Authorized Users or that are generated in connection with Company’s or Authorized Users’ use of the Solutions, other than to Company or the Authorized Users, or (l) cause or permit any Authorized User or third party to do any of the foregoing. Company will use best efforts to prevent unauthorized access to, and use of, the Passwords and the Solutions, and will immediately notify PointCross in writing of any unauthorized use of the Solutions that comes to Company’s attention.

11. General Provisions.11.1 Independent Contractors. Neither party will, for any purpose, be deemed to be an agent, franchisor, franchise, employee, representative, owner or partner of the other party, and the relationship between the parties will only be that of independent contractors. Neither party will have any right or authority to assume or create any obligations or to make any representations or warranties on behalf of any other party, whether express or implied, or to bind the other party in any respect whatsoever.
    11.2 Governing Law and Venue. This Agreement will be governed by and construed in accordance with the laws of the State of California applicable to agreements made and to be entirely performed within the State of California, without resort to its conflict of law provisions. The state or federal court in Santa Clara County, California will be the jurisdiction in which any suits should be filed if they relate to this Agreement. Prior to the filing or initiation of any action or proceeding relating to this Agreement, the parties must participate in good faith mediation in San Francisco County, California. If a party initiates any proceeding regarding this Agreement, the prevailing party to such proceeding is entitled to reasonable attorneys’ fees and costs for claims arising out of this Agreement.11.3 Third-Party Software/Services. Company acknowledges and agrees that PointCross uses third party software and hosting infrastructures in connection with the Solutions (“Third-Party Software/Services”), and PointCross disclaims any liability with respect to the Third-Party Software/Services.11.4 Assignment. Neither this Agreement nor any right or duty under this Agreement may be transferred, assigned or delegated by Company, by operation of law or otherwise, without the prior written consent of PointCross, and any attempted transfer, assignment or delegation without such consent will be void and without effect. PointCross may freely transfer, assign or delegate this Agreement or its rights and duties under this Agreement. Subject to the foregoing, this Agreement will be binding upon, will inure to the benefit of the parties and their respective representatives, heirs, administrators, successors and permitted assigns.

    11.5 Severability. If any provision of this Agreement is invalid, illegal, or incapable of being enforced by any rule of law or public policy, all other provisions of this Agreement will nonetheless remain in full force and effect so long as the economic and legal substance of the transactions contemplated by this Agreement is not affected in any manner adverse to any party. Upon such determination that any provision is invalid, illegal, or incapable of being enforced, the parties will negotiate in good faith to modify this Agreement so as to effect the original intent of the parties as closely as possible in an acceptable manner to the end that the transactions contemplated hereby are fulfilled.

    11.6 Force Majeure. Except for payments due under this Agreement, neither party will be responsible for any failure to perform or delay attributable in whole or in part to any cause beyond its reasonable control including, but not limited to, acts of God (fire, storm, floods, earthquakes, etc.), acts of terrorism, civil disturbances, disruption of telecommunications, disruption of power or other essential services, interruption or termination of any services provided by any service providers used by PointCross, labor disturbances, vandalism, cable cut, computer viruses or other similar occurrences, or any malicious or unlawful acts of any third party (a “Force Majeure Event”).

EXHIBIT A SECURITY STANDARDS

PointCross Operations and Development center is ISO 27001:2013 (Information Security Management System) & 9001:2015 certified organization. , the Information Security is governed by Information security procedures ensuring Confidentiality, Integrity and Availability of data.

ISO certification ensures that Information Security is monitored and undergoes continual improvements and each of our employees signs the Non-Disclosure Agreement and the Intellectual Property Rights Agreement.

PointCross Network is protected with Intrusion Detection and Prevention system (IDS/IPS) and our Network is protected with Firewall from the public network.

PointCross authorized devices alone are allowed to be connected to PointCross Network and the access privileges are restricted to designated project members

EXHIBIT B EUROPEAN UNION DATA ADDENDUM

PointCross is committed to adhere to EU GDPR. We are a certified ISO/IEC 27001:2013 (Information Security Management System) organization driven by data security practices enabling Confidentiality, Integrity and Availability of data. We have a standardized logical and physical controls in place as a part of our governance structure. The other procedural practices as a part of our governance mechanism ensures that our employees are provided with ongoing trainings on data security and privacy, Incident management procedure that handles any security or privacy incident, access to data only through authorized user accounts and our GxP products/solutions complying with regulatory requirements.