Outreach SAAS Terms of Service

Last Updated: 11/05/2024

OUTREACH TECHNOLOGY AND LEARNING SOLUTIONS LLC. AND/OR ITS AFFILIATES (“Outreach”) IS WILLING TO GRANT ACCESS TO THE SAAS PRODUCTS TO YOU AS THE COMPANY OR THE LEGAL ENTITY THAT WILL BE UTILIZING THE SAAS PRODUCTS (REFERENCED BELOW AS “CUSTOMER”) ON THE CONDITION THAT YOU ACCEPT ALL OF THE TERMS OF THIS AGREEMENT (AS DEFINED BELOW). BY ENTERING INTO THIS AGREEMENT ON BEHALF OF THE CUSTOMER, YOU REPRESENT THAT YOU HAVE THE LEGAL AUTHORITY TO BIND THE CUSTOMER TO THIS AGREEMENT. CUSTOMER AND OUTREACH MAY EACH ALSO BE REFERRED TO AS A “PARTY” AND TOGETHER, THE “PARTIES”.

PLEASE READ THIS AGREEMENT CAREFULLY BEFORE USING THE SAAS PRODUCTS. THIS SAAS TERMS OF SERVICE (“AGREEMENT”) CONSTITUTES A LEGAL AND ENFORCEABLE CONTRACT BETWEEN CUSTOMER AND OUTREACH. BY INDICATING CONSENT ELECTRONICALLY, OR ACCESSING OR OTHERWISE USING THE SAAS PRODUCTS, CUSTOMER AGREES TO THE TERMS AND CONDITIONS OF THIS AGREEMENT. IF CUSTOMER DOES NOT AGREE TO THIS AGREEMENT, DO NOT INDICATE CONSENT ELECTRONICALLY AND MAKE NO FURTHER USE OF THE SAAS PRODUCTS.

1. Access and Use
   
   
   

1.1. Access and Use. Subject to payment of all applicable fees set forth in the applicable Statement of Work (“SOW”) or payment in accordance with an Indirect Order through a Channel Partner (as appropriate) and the terms and conditions of this Agreement, Outreach grants Customer, during the Subscription Term, a non-exclusive, non-transferable right to access and use (and permit Authorized Users to access and use) the SaaS Products and applicable Documentation solely for Customer’s and its Affiliates’ internal business purposes in accordance with the Documentation and in the quantity specified in the applicable SOW. Outreach may update the SaaS Products from time-to-time in its sole discretion but shall not remove a primary function of the SaaS Products without providing prior notice to Customer.

1.2. Access and Use Restrictions. Customer shall not (directly or indirectly): (a) copy or reproduce the SaaS Products or the Documentation except as permitted under this Agreement; (b) exceed the subscribed quantities, users or other entitlement measures of the SaaS Products as set forth in the applicable SOW; (c) remove or destroy any copyright, trademark or other proprietary marking or legends placed on or contained in the SaaS Products, Documentation or Outreach Intellectual Property; (d) assign, sell, resell, sublicense, rent, lease, time-share, distribute or otherwise transfer the rights granted to Customer under this Agreement to any third party except as expressly set forth herein; (e) modify, reverse engineer or disassemble the SaaS Products; (f) except to the limited extent applicable laws specifically prohibit such restriction, decompile, attempt to derive the source code or underlying ideas or algorithms of any part of the SaaS Products, attempt to recreate the SaaS Products or use the SaaS Products for any competitive or benchmark purposes; (g) create, translate or otherwise prepare derivative works based upon the SaaS Products, Documentation or Outreach Intellectual Property; (h) interfere with or disrupt the integrity or performance of the SaaS Products; (i) attempt to gain unauthorized access to the SaaS Products or its related systems or networks, or perform unauthorized penetrating testing on the SaaS Products; or (j) use the SaaS Products in a manner that infringes on the Intellectual Property rights, publicity rights, or privacy rights of any third party, or to store or transfer defamatory, trade libelous or otherwise unlawful data. If Customer uses the SaaS Products outside of these Terms and Conditions or any applicable Documentation, Outreach shall have the right, but not the obligation, to consider such actions a material breach and terminate Customer’s access to the SaaS Products. Outreach shall also be entitled to any fees earned through the date of such termination and any other available remedies at law or in equity.

1.3. Login Access to the SaaS Products. Customer is solely responsible for ensuring that only appropriate Authorized Users have access to the SaaS Products. Outreach reserves the right to refuse registration of, or to cancel, login IDs that it reasonably believes to violate the terms and conditions set forth in this Agreement, in which case Outreach will promptly inform Customer in writing of such refusal or cancellation.

1.4. Support. As part of its provision of the SaaS Products, Outreach shall make available technical support to Customer in accordance with the Support Services terms on the applicable SOW. Upon notification from Outreach, Customer shall promptly update any Agents on Customer systems that interact with the SaaS Products. Customer acknowledges and agrees that its failure to timely install such an update may result in disruptions to or failures of the SaaS Products, security risks or suspension of Customer’s access to the SaaS Products, without any liability on the part of Outreach to Customer. As used herein, “Agents” means Outreach’s proprietary software, systems and locally installed software agents and connectors that interact with the SaaS Products as may be provided by Outreach in connection with the SaaS Products.

1.5. Third Party Risk Assessment. If Customer requires Outreach to undergo a third park risk assessment. Customer shall select vendor and pay any and all associated fees. Upon notice, Outreach shall comply with all reasonable vendor requirements associated with the risk assessment in a timely manner.

2. Payment and Taxes
   
   
   

2.1. Payment Terms. Customer shall pay all invoices within thirty (30) days of date of invoice, without any deduction or set-off (except for any amount disputed promptly and in writing by Customer in good faith), and payment will be sent to the address specified by Outreach. Any amounts arising in relation to this Agreement not paid when due will be subject to a late charge of one and one-half percent (1 ½ %) per month on the unpaid balance or the maximum rate allowed by law, whichever is less. Without prejudice to Customer’s rights set out elsewhere in this Agreement, all SaaS Products fees are non-refundable and payable in advance. Outreach may invoice for purchases of SaaS Products upon delivery.

2.2. Taxes. The fees and charges covered by this Agreement are exclusive of any Indirect Taxes imposed or levied, currently or in the future based on applicable legislation, on the SaaS Products. Unless otherwise agreed between the Parties, Customer will be liable for compliance with reporting and payment of such Indirect Taxes in its tax jurisdiction. Outreach shall include the Indirect Taxes on its invoice to Customer and remit such Indirect Taxes collected to the relevant authority if required by applicable law. Outreach will be responsible for direct taxes imposed on Outreach’s net income or gross receipts in its tax jurisdiction. Notwithstanding the forgoing, all payments made under this Agreement shall be in cleared funds, without any deduction or set-off, and free and clear of and without deduction from any Indirect Taxes or other withholdings of any nature.

3. Rights in Intellectual Property

3.1. Intellectual Property. Except for the rights granted in this Agreement, all rights, title, and interest in and to the SaaS Products, Documentation, and Outreach Intellectual Property are hereby reserved by Outreach. Except as provided for herein, all rights, title, and interest in and to Customer Intellectual Property are hereby reserved by Customer. Nothing in this Agreement shall transfer ownership of any Intellectual Property rights from one Party to the other.

3.2. Customer Data. Customer owns all right, title and interest in all Customer Data. Nothing in this Agreement shall be construed to grant Outreach any rights in Customer Data beyond those expressly provided herein. Customer grants Outreach and its Affiliates the limited, non-exclusive, worldwide license to view and use the Customer Data for the purpose of providing the SaaS Products and for Outreach internal purposes.

3.3. Usage Data and Suggestions. Outreach shall be permitted to collect and use the Usage Data for its reasonable business purposes. In the event Outreach wishes to disclose the Usage Data or any part thereof to third parties (either during the Subscription Term or thereafter), such data shall be deidentified and/or presented in the aggregate so that it will not identify Customer or its Authorized Users. The foregoing shall not limit in any way Outreach’s confidentiality obligations pursuant to section 4 below. To the extent that Customer provides Outreach with Suggestions, such Suggestions shall be free from any confidentiality restrictions that might otherwise be imposed upon Outreach pursuant to this Agreement, and may be implemented by Outreach in its sole discretion. Customer acknowledges that any Outreach products or materials incorporating any such Suggestions shall be the sole and exclusive property of Outreach.

4. Confidentiality

4.1. Confidential Information. The Parties acknowledge that each may disclose certain valuable confidential and proprietary information to the other Party. The receiving Party may only use the disclosing Party’s Confidential Information to fulfil the purposes of this Agreement and in accordance with the terms of this Agreement. The receiving Party will protect the disclosing Party’s Confidential Information by using at least the same degree of care as the receiving Party uses to protect its own Confidential Information of a like nature (but no less than a reasonable degree of care) to prevent the unauthorized use, dissemination, disclosure or publication of such Confidential Information. Notwithstanding the foregoing, the receiving Party may disclose Confidential Information to its (and its Affiliates) employees, advisors, consultants, and agents on a need-to-know basis and provided that such party is bound by obligations of confidentiality substantially similar to those contained herein. This section 4 supersedes any and all prior or contemporaneous understandings and agreements, whether written or oral, between the Parties with respect to Confidential Information and is a complete and exclusive statement thereof.

4.2. Exceptions. Information will not be deemed Confidential Information if it: (i) is known to the receiving Party prior to receipt from the disclosing Party directly or indirectly from a source other than one having an obligation of confidentiality to the disclosing Party; (ii) becomes known (independently of disclosure by the disclosing Party) to the receiving Party directly or indirectly from a source other than one having an obligation of confidentiality to the disclosing Party; (iii) becomes publicly known or otherwise ceases to be secret or confidential, except through a breach of this Agreement by the receiving Party; or (iv) is independently developed by the receiving Party without use of or reliance upon the disclosing Party’s Confidential Information, and the receiving Party can provide evidence to that effect. The receiving Party may disclose Confidential Information pursuant to the requirements of a court, governmental agency or by operation of law but shall (to the extent permissible by law) limit such disclosure to only the information requested and give the disclosing Party prior written notice sufficient to permit the disclosing Party to contest such disclosure.

4.3. Advertising and Publicity. Neither Party shall make or permit to be made any public announcement concerning the existence, subject matter or terms of this Agreement or relationship between the Parties without the prior written consent of the other Party except as expressly permitted in this section. Customer grants Outreach and its Affiliates during the term of the Agreement the right to use Customer's trade names, logos, and symbols (“Customer Marks”) in its public promotional materials and communications for the sole purpose of identifying Customer as a Outreach customer. Outreach shall not modify the Customer Marks, or display the Customer Marks any larger or more prominent on its promotional materials than the names, logos, or symbols of other Outreach customers. The foregoing promotional materials and communications may be created, displayed, and reproduced without Customer’s review, provided that they are in compliance with this section and any Customer Marks usage guidelines provided by Customer to Outreach in writing.

5. Security and Processing of Personal Data

5.1. Customer Data Content. As between Outreach and Customer, Customer is solely responsible for: (i) the content, quality and accuracy of Customer Data as made available by Customer and by Authorized Users; (ii) providing notice to Authorized Users with regards to how Customer Data will be collected and used for the purpose of the SaaS Products; (iii) ensuring Customer has a valid legal basis for processing Customer Data and for sharing Customer Data with Outreach (to the extent applicable); and (iv) ensuring that the Customer Data as made available by Customer complies with applicable laws and regulations including Applicable Data Protection Laws.

5.2. Data Protection Laws. The Parties shall comply with their respective obligations under the Applicable Data Protection Laws.

5.3. Security of Customer Data. Outreach shall: (i) ensure that is has in place appropriate administrative, physical and technical measures designed to protect the security and confidentiality of Customer Data against any accidental or illicit destruction, alteration or unauthorized access or disclosure to third parties; and (ii) access and use the Customer Data solely to perform its obligations in accordance with the terms of this Agreement, and as otherwise expressly permitted in this Agreement. Outreach shall not materially diminish its security controls with respect to Customer Data during a particular SaaS Products term.

5.4 Processing of Customer Data: Outreach shall process Customer Data only as necessary to perform its obligations under this Agreement and in accordance with Customer’s documented instructions unless required by law. Outreach shall not process, access, or use Customer Data for any purpose other than providing the SaaS Products and fulfilling its obligations under this Agreement. Customer Data will be retained only for as long as necessary to fulfil contractual obligations.

5.5 Protection of Personally Identifiable Information (PII)

5.5.1 Compliance with Laws. Each party shall comply with all applicable federal and state laws and regulations governing the collection, use, disclosure, and protection of Personally Identifiable Information (PII). This includes, without limitation, the Family Educational Rights and Privacy Act (FERPA), the Health Insurance Portability and Accountability Act (HIPAA) (to the extent applicable), and Louisiana laws such as Act 837 and Act 677 (codified at La. R.S. 17:3913–3914) and the Louisiana Database Breach Notification Law (Act 499).

Customer represents that it qualifies as a “school official” with a legitimate educational interest under FERPA, and both Outreach and Customer agree to perform their respective obligations in full compliance with FERPA and any other applicable student privacy statutes.

If Customer is subject to HIPAA and provides any protected health information (PHI) via the Service, the parties shall comply with HIPAA requirements, including entering into a Business Associate Agreement as needed, and Outreach shall apply HIPAA-equivalent safeguards to such data. All PII will be handled in accordance with these laws and the higher standard of any applicable law or this Agreement, whichever affords greater protection to the data subject.

5.5.2 Authorized Access and Authentication. Outreach shall ensure that PII is accessible only to individuals expressly authorized under this Agreement or by Customer to access such information. Access to PII in the Service is role-based and restricted to Customer’s designated users who have a legitimate need to know the information (e.g. school counselors, principals, school resource officers, or other officials or partners approved by Customer). No student, parent, or other individual who is not so authorized by Customer will be given access to the Service or any PII stored in it. Outreach utilizes strong user authentication measures, including unique user IDs and secure passwords (and supports single sign-on integration with Customer’s identity management system), to verify the identity of each user and to prevent unauthorized logins. Outreach shall not permit any individual or entity to access PII without proper authentication and authorization, and no “anonymous” or shared accounts will be allowed for access to sensitive data. Appropriate measures (such as multi-factor authentication or security questions) will be implemented commensurate with the sensitivity of the data to further ensure that only authorized persons can request or obtain access. Customer is responsible for vetting and assigning user accounts to its personnel and partners, and shall ensure that only trustworthy, authorized individuals are given access credentials. Both parties shall guard against unauthorized access to PII through access control practices and timely revocation of access when a user no longer requires it.

5.5.3 Data Collection and Use by Customer. Customer has exclusive control over which PII is collected and submitted into the Service. The Service provides a custom form-building functionality, and Customer (through its authorized staff) will design and input the forms and questions used to collect PII as needed for Customer’s purposes. Outreach does not supply any default questionnaires or mandate the collection of any particular data – the types of PII collected are determined solely by Customer’s use of the platform. Customer is responsible for ensuring that it has all necessary rights, permissions, and, if required, consents (for example, parental consent under FERPA or other laws) to collect and submit the PII that it chooses to gather via the Service. Customer shall not use the Service to collect any PII that it is not legally authorized to collect, and Customer bears responsibility for the accuracy, quality, and legality of the personal data that its users input into the Service. Outreach assumes no responsibility for reviewing the content or accuracy of PII submitted by Customer or its users.

5.5.4 Use of PII by Outreach (Limitation of Purpose). Outreach shall use PII only for the purpose of providing the Services to Customer and for no other purpose. All data obtained from Customer or its users is and shall remain the property of Customer (or the individuals to whom it pertains); no ownership or license rights are granted to Outreach except as necessary to perform its obligations. Outreach shall not sell, rent, or trade any PII, nor use any PII for targeted advertising, marketing, data mining, or any other commercial purposes beyond the scope of the Services. Outreach further agrees that PII will not be disclosed, shared, or repurposed across any other applications or business units of Outreach, except as expressly permitted by this Agreement or required by law. In particular, and without limitation, Outreach shall not reveal or transmit PII to any third party except to authorized subcontractors or agents of Outreach as permitted below, or to other recipients expressly authorized by Customer through the Service’s sharing functionality (see Section 5.5.5), and always subject to the restrictions herein. Outreach’s use and handling of PII shall at all times comply with applicable federal and state privacy laws as stated in Section 5.5.1.

5.5.5 Data Sharing and Disclosure. Outreach does not and will not automatically share any PII with any third party without Customer’s direction or consent. The Service is configured such that Customer maintains control over who is granted access to PII. Customer’s authorized users may, at their discretion, use the Service’s features to share or grant access to certain PII or completed forms to specific partners or outside agencies (for example, to a law enforcement officer, healthcare provider, or other entity working with the Customer on student safety or welfare matters), provided that such sharing is consistent with FERPA’s exceptions and any other applicable law. Any external party who is not already a registered user under Customer’s account must be explicitly invited by a Customer administrator and must register for their own credentials; Customer will then approve their access before they can view any shared PII. This two-step approval process ensures that Customer retains ultimate control over who may receive PII through the Service, and no data will be accessible to an outside party unless and until Customer has vetted and authorized that party’s access. Outreach shall facilitate such sharing only as directed by Customer through the Service’s access controls, and Outreach will never independently grant any third party access to PII.

Outreach may disclose PII to its own employees, agents, affiliates, or subcontractors (“Outreach Personnel”) on a strictly need-to-know basis, but solely for purposes of fulfilling Outreach’s obligations to provide and support the Service. Outreach shall ensure that all Outreach Personnel with access to PII are bound by written confidentiality obligations at least as stringent as those herein. Outreach is responsible for training and supervising its Personnel to maintain the privacy and security of PII, and Outreach shall remain liable for any unauthorized disclosures by its Personnel. Upon Customer’s request, Outreach will provide a list of Outreach Personnel (by role or job title) who have or have had access to Customer’s PII. Except as described in this Section and elsewhere in this Agreement, Outreach shall not disclose PII to any other individual, entity, or party without the prior written authorization of Customer. Any permitted disclosures shall comply with the minimum necessary or least privileged access principle and all applicable law.

5.5.6 Data Security and Storage. Outreach shall implement and maintain appropriate technical and organizational security measures to protect the confidentiality, integrity, and availability of PII. Such measures shall include, at minimum: network and application security controls consistent with industry standards; encryption of PII in transit (e.g., via TLS/SSL) and encryption of PII at rest in Outreach’s systems to the extent reasonably practicable; regular vulnerability testing and prompt installation of security patches and updates; and administrative security practices such as employee background checks and training in data privacy. Outreach’s network and systems will maintain a high level of electronic protection to ensure the integrity of sensitive information and to prevent unauthorized access. Outreach agrees to perform regular reviews of its security measures and conduct system auditing and monitoring to maintain ongoing protection of its systems and data. Outreach will keep all servers and software up-to-date with the latest security updates and appropriate configurations to mitigate risks.

All PII shall be stored and processed solely on secure servers or other equipment that are owned or controlled by Outreach (or its subcontractors approved by Customer) and that are physically located in the United States, unless otherwise expressly agreed in writing by Customer. Outreach will not store, process, or transfer any of Customer’s PII on portable or removable media or on any laptop, mobile device, or portable computer, except to the extent such device is used as part of an established secure backup and disaster recovery plan, or the data on such medium is encrypted to industry standards. Backup copies of PII shall be stored securely with protections consistent with those of primary data. Outreach shall segregate Customer’s data from other clients’ data (logically or physically) to prevent any data leakage or unauthorized cross-access between customers. Outreach will also employ appropriate physical security measures at data center locations and ensure that any cloud infrastructure used complies with robust security certifications or standards (such as SOC 2, ISO 27001, etc.).

5.5.7 Audit Logs and Monitoring. Outreach shall implement comprehensive audit logging to track access to and activities performed on PII within the Service. Outreach will, at a minimum, log all user access to student records or other sensitive PII, including the identity of the user accessing the data, the date/time, and the action performed. Audit logs and records shall be stored in a secure manner and on a system separate from the primary production systems that generate the audit data. Access to audit logs will be restricted to authorized personnel on a need-to-know basis, and logs shall be protected from tampering or alteration. Outreach shall routinely monitor these logs for signs of unauthorized access or unusual activity and shall maintain the capability to audit system and security events as required by law or upon Customer’s request. The retention period for audit logs shall be determined in consultation with Customer’s operational, risk management, and legal requirements, and in compliance with applicable regulations. At a minimum, Outreach shall retain audit logs of access to PII for the duration of the Agreement and for such further period as may be required by law or contract. Customer (and/or its designated auditors, including state or federal officials with jurisdiction) reserves the right to request an audit of Outreach’s data privacy and security practices related to Customer’s PII. Outreach agrees to cooperate with such audits and provide relevant records and information during normal business hours, consistent with applicable law. Any deficiencies identified in an audit will be promptly addressed by Outreach at its expense.

5.5.8 Data Breach Notification and Response. Outreach shall maintain a clear, written data breach response plan that outlines the policies and procedures for addressing a potential security breach involving PII. In the event of any actual or suspected unauthorized access to or release of PII, or any other security incident requiring notification under applicable law (each a “Data Breach”), Outreach shall immediately (and in no case later than 48 hours after discovery) notify Customer of the breach, including the nature of the incident, the PII affected, and any steps taken to mitigate the impact. Outreach will promptly investigate the breach and take all necessary measures to contain and remedy the incident. Outreach’s breach response plan shall include prompt procedures for preventing further data loss, assessing the scope of the breach, and restoring the integrity of the Service. Outreach will provide Customer with regular updates on the incident response and fully cooperate with Customer’s own investigative or remedial steps. “Data Breach” for purposes of this section means any instance in which there is an unauthorized or unlawful access to, or disclosure or acquisition of, PII that is not permitted by this Agreement or by law. Outreach’s obligations under this section are in addition to any other remedies Customer may have under this Agreement or at law for data breaches.

5.5.9 Return and Deletion of Data. All PII and other Customer data in Outreach’s possession or control shall be returned and/or destroyed upon the termination or expiration of the Agreement, or earlier upon Customer’s written request, in accordance with the following procedures. Upon termination of the Services for any reason, Outreach will, as directed by Customer: (a) export and return to Customer all PII and any other data provided by or collected on behalf of Customer, in a commercially standard and machine-readable electronic format readily usable by Customer, within a reasonable time not to exceed thirty (30) days; and (b) thereafter securely erase, destroy, and render unrecoverable all of Customer’s PII from Outreach’s systems, facilities, backups, and media (except to the limited extent that retention of certain data is required by law or strict necessity for Outreach’s archival legal compliance purposes, in which case Outreach shall continue to protect such data under these terms and destroy it as soon as legally permissible). Such data destruction shall be performed using methods that prevent its reconstruction or recovery through ordinary means (e.g. secure wiping/erasure), and Outreach shall, upon Customer’s request, certify in writing that all such data has been returned and purged within 30 days after termination (or, if instructed by Customer, within seven (7) days of Customer’s request for early deletion), whichever is earlier. These obligations shall apply equally to PII that may be held by Outreach’s subcontractors or agents. Outreach may retain an archival copy of Customer data if and only if required for legal compliance (for example, regulatory record-keeping), but never for operational re-use, and any retained data shall remain subject to all confidentiality and security obligations herein until destroyed. The parties agree that timely return and destruction of PII is a critical part of this Agreement, and Outreach’s failure to comply with this provision shall be deemed a material breach.

5.5.10 Accuracy, Liability, and Indemnity. Customer bears sole responsibility for the content, quality, and accuracy of the PII it inputs into the Service. Outreach is not responsible for reviewing PII for accuracy or errors, and Customer acknowledges that the utility of the Service depends on the accuracy and legality of the data Customer provides. Customer shall ensure that its use of the Service to collect, share, or otherwise process PII complies with all applicable laws (including obtaining any required consents or authorizations), and Customer agrees that it – not Outreach – is responsible for determining the legality of any disclosure of PII that Customer initiates through the Service. Customer shall defend, indemnify, and hold Outreach harmless from any third-party claims or regulatory penalties arising from Customer’s improper collection or sharing of PII or any failure by Customer to comply with its legal obligations regarding PII, except to the extent such claims result from Outreach’s breach of this Agreement or its negligence in handling PII. Conversely, Outreach shall defend, indemnify, and hold Customer harmless from any third-party claims or government fines arising from Outreach’s failure to adhere to its obligations in this Section 5.5 or violations of data protection laws, including any Data Breach caused by Outreach’s acts or omissions. Except as expressly provided in this Section 5.5 (or prohibited by law), the parties’ liability for claims related to PII is subject to the limitations of liability set forth in Section 8 of the Agreement. Neither party limits or excludes its liability for unauthorized use or disclosure of PII to the extent such limitation is not permitted by applicable law. Each party is responsible for its own employees’ and agents’ compliance with the confidentiality and data protection obligations of this Agreement. Outreach makes no warranty regarding the completeness or legality of Customer’s chosen data collection fields; that responsibility lies with Customer.

6. Warranties

6.1. Limited SaaS Products Warranty. During the applicable Subscription Term, Outreach warrants that: (a) the SaaS Products will perform in substantial conformity with the Documentation; and (b) Outreach will use industry standard measures designed to detect viruses, worms, Trojan horses or other unintended malicious or destructive code in the SaaS Products. The foregoing warranties are void if the failure of the SaaS Products has resulted from negligence, error, or misuse of the SaaS Products (including use not in accordance with the Documentation) by Customer, the Authorized User or by anyone other than Outreach. Customer shall be required to report any breach of warranty to Outreach within a period of thirty (30) days of the date on which the incident giving rise to the claim occurred. Outreach’s sole and exclusive liability, and Customer’s sole and exclusive remedy, for breach of these warranties will be for Outreach, at its expense, to use reasonable commercial efforts to correct such nonconformity within thirty (30) days of the date that notice of the breach was provided; and, if Outreach fails to correct the breach within such cure period, Customer may terminate the affected SOW and, in such event, Outreach shall provide Customer with a pro-rata refund of any unused pre-paid fees paid for the period following termination as calculated on a monthly basis for the affected SaaS Products. Without derogating from Outreach’s obligations under this Agreement, Customer warrants that it shall take and maintain appropriate steps within its control to protect the confidentiality, integrity, and security of its Confidential Information and Customer Data, including: (i) operating the SaaS Products in accordance with the Documentation and applicable law and; and (ii) dedicating reasonably adequate personnel and resources to implement and maintain the security controls set forth in the Documentation. Customer will be responsible for the acts and omissions of its Authorized Users.

6.2. Compliance with Law. Each Party shall comply with all applicable, laws and regulations in connection with the performance of its obligations and the exercise of its rights under this Agreement.

6.3. Disclaimer. Any and all warranties, expressed, incorporated or implied, are limited to the extent and period mentioned in this Agreement. To the maximum extent allowed by applicable law, Outreach disclaims all other warranties, conditions and other terms, whether express or implied or incorporated into this Agreement by statute, common law or otherwise, including the implied conditions and warranties of merchantability and fitness for a particular purpose. Outreach will have no liability for delays, failures or losses attributable or related in any way to the use or implementation of third-party software or services not provided by Outreach.

7. Indemnification

7.1. Infringement Indemnity. Outreach shall defend and indemnify Customer and/or its Affiliates and their officers, directors and employees against all third-party claims, suits and proceedings resulting from the violation, misappropriation, or infringement of such third party’s patent, copyright, trademark or trade secret caused by Customer’s use of the SaaS Products in accordance with this Agreement and the Documentation, and all directly related losses, liabilities, damages, costs and expenses (including reasonable attorneys’ fees).

7.2. Customer Data and Use Indemnity. Customer shall defend and indemnify Outreach and/or its Affiliates and their officers, directors and employees against any third-party claims, suits and proceedings (including those brought by a government entity), and all directly related losses, liabilities, damages, costs and expenses (including reasonable attorneys’ fees) resulting from: (i) an alleged infringement or violation by the Customer Data of such third-party’s patent, copyright, trademark, trade secret; or (ii) OUTREACH’s use of the Customer Data violating applicable law, provided that such use is in accordance with the terms of this Agreement.

7.3. Process. Each Party’s defense and indemnification obligations herein will become effective upon, and are subject to: (a) the indemnified Party’s prompt notification to the indemnifying Party of any claims in writing; and (b) the indemnified Party providing the indemnifying Party with full and complete control, authority and information for the defense of the claim, provided that the indemnifying Party will have no authority to enter into any settlement or admission of the indemnified Party’s wrongdoing on behalf of the indemnified Party without the indemnified Party’s prior written consent (not to be unreasonably withheld). At the indemnifying Party’s request, the indemnified Party shall reasonably cooperate with the indemnifying Party in defending or settling any claim.

7.4. Exclusions. The above Outreach obligations to defend and indemnify will not apply in the event that a claim arises from or relates to: (a) use of the SaaS Products not in accordance with the Documentation and this Agreement; (b) Customer’s use of the SaaS Products in violation of applicable laws; (c) any modification, alteration or conversion of the SaaS Products not created or approved in writing by Outreach; (d) any combination or use of the SaaS Products with any computer, hardware, software, data or service not required by the Documentation; (e) Outreach’s compliance with specifications, requirements or requests of Customer; or (f) Customer’s gross negligence or willful misconduct.

7.5. Remedies. If the SaaS Products becomes, or Outreach reasonably determines that the SaaS Products is likely to become, subject to a claim of infringement for which Outreach must indemnify Customer as described above, Outreach may at its option and expense: (a) procure for Customer the right to continue to access and use the SaaS Products, (b) replace or modify the SaaS Products so that it becomes non-infringing without causing a material adverse effect on the functionality provided by the infringing SaaS Products, or (c) if neither of the foregoing options are available in a timely manner on commercially reasonable terms, terminate the affected SOW and provide Customer with a pro-rata refund of any unused pre-paid fees paid for the period following termination as calculated on a monthly basis for the affected SaaS Product. This section titled “Indemnification” states the sole liability of Outreach and the exclusive remedy of Customer with respect to any indemnification claims arising out of or related to this Agreement.

8. Limitation of Liability

8.1. Maximum Liability. Except for liability caused by Outreach’s intellectual property infringement indemnification obligations in section 7.1, in no event will Outreach’s maximum aggregate liability arising out of or related to this Agreement, regardless of the cause of action and whether in contract, tort (including negligence), warranty, indemnity or any other legal theory, exceed the total amount paid or payable to Outreach under this Agreement during the twelve (12) month period preceding the date of initial claim.

8.2. No Consequential Damages. Neither Party will have any liability to the other Party for any loss of profits or revenues, loss of goodwill, or for any indirect, special, incidental, consequential or punitive damages arising out of, or in connection with this Agreement, however caused, whether in contract, tort (including negligence), warranty, indemnity or any other legal theory, and whether or not the Party has been advised of the possibility of such damages.

8.3. Construction. This Agreement is not intended to and will not be construed as excluding or limiting any liability which cannot be limited or excluded by applicable law, including liability for (a) death or bodily injury caused by a Party’s negligence; or (b) gross negligence, willful misconduct, or fraud.

9. Assignment. Neither Party may assign any of its rights or obligations under this Agreement without the other Party’s prior written consent, which will not be unreasonably withheld. Notwithstanding the foregoing, either Party may assign any and all of its rights and obligations under this Agreement to a successor in interest in the event of a merger or acquisition or to an Affiliate, upon written notice to the other Party.
   
   

10. Term and Termination

10.1. Term. This Agreement will be effective upon the date listed on the applicable SOW and shall remain in force during the applicable Subscription Term of the SaaS Product or throughout Customer’s continued use of the SaaS Product, as applicable.

10.2. Termination. Either Party may terminate this Agreement immediately upon notice to the other Party if the other Party: (i) materially breaches this Agreement and fails to remedy such breach within thirty (30) days after receiving written notice of the breach from the other Party; or (ii) commences bankruptcy or dissolution proceedings, has a receiver appointed for a substantial part of its assets or ceases to operate in the ordinary course of business. In addition, a Party may terminate this Agreement, a SOW, or an Order , in whole or in part, or cease provision of the SaaS Products if required to comply with applicable law or regulation, and such termination will not constitute a breach of this Agreement by the terminating Party. Outreach reserves the right to suspend Customer’s access to the applicable SaaS Products upon 30 days’ written notice to Customer if: (a) an invoice is more than sixty (60) days past due; or (b) if there is an uncured material breach of this Agreement. Outreach will promptly reinstate Customer’s access and use of the SaaS Products/provision of the Professional Services once the issue has been resolved. Upon termination or expiration of the Agreement or an Order, (x) any accrued rights and obligations will survive; (y) all outstanding fees and other charges under the Agreement or Order (as applicable) will become immediately due and payable, and (z) Customer will have no further right to access or use the applicable SaaS Products or professional services. If Customer is converting its perpetual self-hosted software licenses to a SaaS Product, the applicable previously licensed perpetual self-hosted software licenses will be terminated, along with any associated support services, in accordance with the terms of the applicable Order.

10.3. Effects of Termination/Expiration. Upon termination or expiration of an applicable Subscription Term, Outreach may immediately deactivate Customer’s account, and: (i) Customer will have no further right to access or use the SaaS Products; and (ii) each Party shall return or destroy any tangible Confidential Information of the other Party within its possession or control that is not contained on the SaaS Products promptly upon receiving written request from the other Party. Any Customer Data contained on the SaaS Products will be deleted within sixty (60) days of termination/expiration of Customer’s Subscription Term. Customer acknowledges that it is responsible for exporting any Customer Data to which Customer desires continued access after termination/expiration, and Outreach shall have no liability for any failure of Customer to retrieve such Customer Data and no obligation to store or retain any such Customer Data beyond 40 days following termination or expiration of the Customer’s Subscription Term. Any Customer Data contained on the SaaS Products will be deleted within 60 days of termination or expiration of Customer’s Subscription Term.

11. Miscellaneous

11.1. Independent Contractors. Nothing in this Agreement will be construed to imply a joint venture, partnership or principal-agent relationship between Outreach and Customer, and neither Party will have the right, power or authority to obligate or bind the other in any manner whatsoever.

11.2. Notices. All Notices will be in writing and will be deemed to have been duly given: (a) when delivered by hand; (b) three (3) days after being sent by registered or certified mail, return receipt requested and postage prepaid; (c) one (1) day after deposit with a nationally recognized overnight delivery or express courier service; or (d) when provided via email when the sender has received a delivery/read receipt. Notices for Outreach should be sent to the following address:

Outreach Technology and Learning Solutions LLC
Attn: Accounts
5415 W. Higgins Avenue
Chicago, Illinois 60630
Email: accounts@outreachtls.com
Phone: (866) 304-5459

Customer agrees to accept all notices to Customer at the legal contact (“Legal Contact”) information listed on the most recent signed proposal between Customer and Outreach.

11.3. Force Majeure. With the exception of Customer’s payment obligations herein, neither Party will be liable to the other Party for any delay or failure to perform which is due to fire, pandemic, virus, epidemic, travel advisories as to health, security and/or terrorism, flood, lockout, transportation delay, war, acts of God, governmental rule or order, strikes or other labor difficulties, or other causes beyond its reasonable control. However, in such event, both Parties will resume performance promptly after the cause of such delay or failure has been removed.

11.4. Governing Law and Jurisdiction. This Agreement shall be construed and interpreted according to the internal laws of the State of Illinois, excluding any choice of law rules, and the Parties agree to submit to the exclusive jurisdiction of the State of Illinois with respect to any dispute, claim, action, suit or proceeding (including non-contractual disputes or claims) arising out of or in connection with this Agreement, or its subject matter or formation. To the extent not prohibited by applicable law, each of the Parties hereby irrevocably waives any and all right to trial by jury in any legal proceeding arising out of or related to this Agreement.

11.5. Entire Agreement, Execution, and Modification. This Agreement supersedes all prior agreements and representations between the Parties regarding the subject matter of this Agreement. The terms and conditions contained in any Order issued by Customer will be of no force or effect, even if the Order is accepted by Outreach. Outreach may make changes to these Terms of Service from time to time. If Outreach makes a material change to any of the foregoing, Outreach will inform Customer by e-mail to the e-mail address(es) noted on the Order (or subsequently designated by Customer in writing as a contact for notifications from Outreach), or through a banner or other prominent notice within the SaaS Products, or through the Outreach support platform. If Customer does not agree to the change, Customer must so notify Outreach by e-mail to accounts@outreachtls.com within thirty (30) days after Outreach’s notice. If Customer so notifies Outreach, then Customer will remain governed by the most recent terms of service applicable to Customer until the end of the then-current year of the Subscription Term and the updated terms shall apply upon the commencement of the subsequent Subscription Term.

11.6. Severability and Waiver. This Agreement shall be deemed severable, and the invalidity or unenforceability of any term or provision hereof shall not affect the validity or enforceability of this Agreement or of any other term or provision hereof. Should any term or provision of this Agreement be declared void or unenforceable by any court of competent jurisdiction, the Parties intend that a substitute provision will be added to this Agreement that, to the greatest extent possible, achieves the intended commercial result of the original provision. The failure of either Party to enforce any rights granted to it hereunder or to take action against the other Party in the event of any breach hereunder will not be deemed a waiver by that Party as to subsequent enforcement of rights or subsequent actions in the event of future breaches.

11.7. Definitions and Interpretation. The following definitions and rules of interpretation apply in this Agreement:

“Affiliate” means a company controlling, controlled by, or under common control with a Party (an entity will be deemed to have control if it owns over 50% of another entity).

“Agents” means Outreach’s proprietary software, systems and locally-installed software agents and connectors that interact with the SaaS Products as may be provided by Outreach in connection with the SaaS Products.

“Applicable Data Protection Laws” means all applicable privacy and data protection laws, their implementing regulations, regulatory guidance and secondary legislations, each as updated or replaced from time to time, including: (a) the General Data Protection Regulation (EU 2016/679) (the “GDPR”) and any applicable national implementing laws; (b) the UK General Data Protection Regulation (“UK GDPR”) and the UK Data Protection Act 2018; (c) the Privacy and Electronic Communications Directive (2002/ 58/ EC) and any applicable implementing laws, including the Privacy and Electronic Communications Regulations 2003 (SI 2003/ 2426) (“EC Directive”); (d) the Canadian Personal Information Protection and Electronic Documents Act (“PIPEDA”); (e) U.S. legislation (e.g. the California Consumer Privacy Act (“CCPA”) and the California Privacy Rights Act (“CPRA”); and (f) any other laws that may be applicable.

“Authorized Users” means employees, agents, consultants, contractors, or vendors authorized by Customer to use the SaaS Products solely for the internal use of Customer and its Affiliates, subject to the terms and conditions of this Agreement.

“Channel Partner” means a third-party business entity or individual that Outreach has appointed as an approved partner to as applicable, distribute, re-sell and support the SaaS Products.

“Confidential Information” means all information provided by the disclosing Party to the receiving Party concerning the disclosing Party or its Affiliates’ business, products or services that is not generally known to the public, including information relating to customers, vendors, trade secrets, prices, products, services, computer programs and other intellectual property and any other information which a Party should reasonably understand to be considered Confidential Information whether or not such information is marked “Confidential” or contains such similar legend by the disclosing Party at the time of disclosure.

“Customer Data” means all data and/or content uploaded to the SaaS Products by Customer (including where applicable Authorized Users), and in all data derived from it. For the avoidance of doubt, Customer Data does not include Usage Data.

“Documentation” means the user guides, installation documents, and specifications for the SaaS Products that are made available from time to time by Outreach in electronic or tangible form, but excluding any sales or marketing materials.

“Indirect Order” means an Order for the Software or Services from a Channel Partner of Customer’s choosing pursuant to an independent commercial agreement.

“Indirect Taxes” means excise, sales, use, gross-turnover, value added, goods and services tax or other similar types of indirect taxes on turnover and/or revenues, duties, customs or tariffs (however designated, levied or based and whether foreign or domestic, federal, state or province).

“Intellectual Property” means a Party’s proprietary material, technology, or processes (excluding the SaaS Products and Documentation), including services, software tools, proprietary framework and methodology, hardware designs, algorithms, objects and documentation (both printed and electronic), network designs, know-how, trade secrets and any related intellectual property rights throughout the world (whether owned or licensed by a third party) and any derivatives, improvements, enhancements or extensions of such Intellectual Property conceived, reduced to practice, or developed.

“Notice” means any notice or other communication required or permitted under this Agreement.

“Order” means Outreach’s quote accepted by Customer via Customer’s purchase order or other ordering document received by Outreach (directly or indirectly through a Channel Partner) to order Outreach’s SaaS Products, which references the SaaS Products, pricing, payment terms, quantities, expiration date and other applicable terms set forth in an applicable Outreach quote or ordering document.

“SaaS Products” means the software-as-a-service products specified in the Order as further described in the Documentation (including any updates and upgrades to the SaaS Products provided by Outreach in its sole discretion, and any software, systems and locally-installed software agents and connectors that interact with the SaaS Products as may be provided by Outreach in connection with the SaaS Products).

“Subscription Term” means the period of time during which Customer is subscribed to the SaaS Products, as specified in an Order and which shall begin upon delivery of the SaaS Products.

“Suggestions” means, any ideas or suggestions for improvements, new features, functionalities, corrections, enhancements or changes to the SaaS Products suggested by Customer to Outreach, excluding any Customer Data and Customer Intellectual Property.

“Support Services” means the maintenance and technical support services for the SaaS Products provided by Outreach to Customer as part of an active SaaS Products subscription.

“Third-Party Materials” means open source software programs that are made available by third parties.

“Usage Data” means data generated in connection with Customer’s access, use and configuration of the SaaS Products and data derived from it (e.g., types of applications or accounts utilized or interacting with the SaaS Products).