These Terms of Service (“ToS”) are made and entered into by and between One Safe Place Media Corp. (“Provider” or “OSP”) and the business entity agreeing to these terms (“Customer” or “you”). The OSP Terms of Service are located at https://go.onesafeplace.com/tos. OSP and Customer may each be referred to as Party and collectively as Parties.

This Agreement is effective as of the date Customer clicks to accept the Agreement (the “Effective Date”). If you are accepting on behalf of Customer, you represent and warrant that: (i) you have full legal authority to bind Customer or you personally to this Agreement; (ii) you have read and understand this Agreement; and (iii) you agree, on behalf of Customer, to this Agreement. If you do not have the legal authority to bind Customer, please do not click to accept. This Agreement governs Customer’s access to and use of the Provider’s Services, and in the event there is any conflict between the ToS and any Purchase Order for Goods and Services, then the terms of the ToS prevail.

1. Provision of the Services.

1.1 Services Use. Subject to this Agreement, during the Term, Customer may: (a) use the Services, (b) integrate the Services into any Application and provide the Services, solely as integrated into the Application, to End Users, and (c) use any Software provided by Provider as part of the Services. But Customer may not sublicense or transfer these rights except as permitted under the Assignment section of the Agreement. Before OSP will provide Services under this ToS, Customer must agree to a Purchase Order which specific the price, volume, and related timing.

1.1.1 Hybrid BackUp & Recovery (www.datto.com). Cloud. At Customer’s sole discretion, Customer shall schedule Data Backup to the Provider’s Cloud, and Customer has the obligation to verify that each Data Backup successfully completed. On a monthly basis, OSP may rent customers a Local Device for Customer Data Backup and related third party software so that Customer may manage Data Backup to the Local Device. Customer agrees to be solely responsible for performing and testing restores of Data Backup to the Provider’s Cloud. Local Device. In the event that Provider delivers a Local Device for Customer Data Backup then at Customer’s sole discretion Customer shall schedule Data Backup to the Local Device, and Customer has the obligation to verify that each Data Backup successfully completed. On a monthly basis, OSP may rent Customer a Local Device for Customer Data Backup and related third party software so that Customer may manage Data Backup to the Local Device. Customer agrees to be solely responsible for performing and testing restores of Data Backup to the Local Device. All deliveries from Customer to Provider shall be FOB (“Free On Board”) Destination and Customer assumes all liability while in transit to Provider’s offices, and all deliveries from Provider to Customer shall be FOB Origin and Customer assumes all liability while in transit to Customer’s offices. Upon termination of Services under this ToS, the Customer shall return the Local Device within 10 business days, or pay OSP the current price of the Local Device. Data Retention Schedules. The Hybrid BackUp & Recovery Service Plan options are:

  1. 1-Year Cloud Retention- The 1-Year Cloud Retention (also known as 1 Year Time Based Retention) plan is not limited to a pre-defined amount of Datto Cloud storage. Rather, incremental data backups are maintained for one year on a rolling basis, with the oldest incremental backups deleted first after one year. Automatic consolidation of incremental backup recovery points is applied on a rolling basis as shown below.
  2. Infinite Cloud Retention- The Infinite Cloud Retention service plan uses a set retention schedule for the storage of cloud data. The plan is not limited to a pre-defined amount of Datto Cloud storage. Instead, incremental backups are retained for an indefinite period of time for as long as the Infinite Cloud Retention Service Plan Service Subscription for the Product is current. Automatic consolidation of incremental backup recovery points is applied on a rolling basis as shown below. Pruning of Incremental Backups: With respect to Infinite Cloud Retention, 1-Year Cloud Retention, or any previously offered multi-year time-based Service Plan, we use the following schedule for consolidating incremental backups, stored in the Provider’s Cloud. For Products under a previously offered multi-year time-based Service Plan, monthly backups are deleted oldest first after the retention period selected (i.e., 2-10 years).
Intra-dalies 7 Days
Dailies 2 Weeks
Weeklies 45 Days
Monthlies Depends upon service plan

Note: We reserve the right to limit Hybrid Backup & Recovery Cloud usage under all Service Plans if we determine there is activity or usage in a manner that: (i) adversely impacts OSP; (ii) results in excessive bandwidth or storage usage; or (iii) harms, disrupts, or otherwise diminishes the OSP brand, services, network, or any computer system.

1.1.2 Cloud Server BackUp. At Customer’s sole discretion Customer shall schedule Data Backup to the Provider’s Cloud, and Customer has the obligation to verify that each Data Backup is successfully completed. On a monthly basis, OSP may rent Customer a Local Device for Customer Data Backup and related third party software so that the Customer may manage Data Backup to the Local Device. Customer agrees to be solely responsible for performing and testing restores of Data Backup to the Provider’s Cloud. Customer shall responsible for encryption of all Data, and solely responsible to maintain and protect encryption keys.

1.1.3. Stratus Endpoint Cloud BackUp. Based on an agreed policy Customer shall provide OSP a schedule of devices, and Customer shall provide OSP access to Customer’s Mobile Devices including laptops, tablets, smartphones, and desktop personal computers to permit backup access to OSP’s Cloud Servers and encryption based on the specific levels requested by Customer. Authorized Customer representatives shall make written request to access to backup data from and to remotely wipe Mobile Devices based on the appropriate fee schedule. Customer may choose a global deduplication option based on the fee schedule for such services.

1.1.4 Managed Backup and Recovery On a monthly basis OSP may rent Customer a Local Device for Customer Data Backup and related third party software so that Customer may manage Data Backup to the Local Device. Upon termination of Services under this ToS, the Customer shall return the Local Device within 10 business days, or pay OSP the current price of the Local Device. OSP will conduct a daily review of all Customer Data Backup, and in the event that OSP identifies an issue with a daily Customer Data Backup, then OSP shall review the Local Device, software, and Customer Data and initiate steps to remediate each issue. In the event that OSP identifies a problem its remediation efforts, OSP will further escalate to resolve the issue as expeditiously as is reasonable in the circumstances. Customer shall be responsible to promptly notify OSP immediately of all circumstances that occur in the Customer’s Data Backup environment that may impact backup and recovery of Customer Data Backup, including, without limitation, adding servers, removing servers, internal connectivity, and the like. OSP passes through to Customer all third party warranties and indemnities for software used in conjunction with the Local Devices. The manufacturer of the Local Device warranty does not cover Local Devices that have defects or failures resulting from 1) accident, neglect or abuse; 2) improper installation or maintenance; or 3) modifications, repairs, improvements, or any other changes to any software or hardware component of the Local Devices that have not been authorized in writing by OSP. THE SOLE AND EXCLUSIVE REMEDY FOR BREACH OF THIS WARRANTY WILL BE TO REPAIR, REPLACE, OR ISSUE A CREDIT FOR A DEFECTIVE LOCAL DEVICE AT OSP’S OPTION. THIS WARRANTY IS THE SOLE AND EXCLUSIVE WARRANTY GIVEN BY OSP AND IS IN LIEU OF ALL OTHER WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO IMPLIED WARRANTIES OF MERCHANTABILITY, TITLE, NON-INFRINGEMENT OR FITNESS FOR A PARTICULAR PURPOSE, EACH OF WHICH IS HEREBY EXPRESSLY DISCLAIMED TO THE FULLEST EXTENT PERMITTED BY APPLICABLE LAW.

1.1.5 Offsite Tape Vaulting.

OSP agrees to provide to Customer storage of Customer’s magnetically recorded computer tapes, cartridges, diskettes, disk packs, Microfiche, and computer film (all of such items herein collectively called the “BackUp Tapes”) within OSP’s climate controlled premises. Also Provider may provide courier services to retrieve from and deliver to Customer the BackUp Tapes to be stored by OSP. OSP shall track all BackUp Tapes with a unique UPC (“Universal Product Code”) identifier. All deliveries from Customer to Provider shall be FOB Destination and Customer assumes all liability while in transit to Provider’s offices, and all deliveries from Provider to Customer shall be FOB Origin and Customer assumes all liability while in transit to Customer’s offices. OSP will accept requests for deposits and withdrawals of BackUp Tapes for storage only from those individuals authorized by the Customer on a written form provided by the OSP. The Customer must provide notice in writing on a form provided by OSP in the event that Customer desires to revoke the deposit or withdrawal authority of any officer or agent of Customer. OSP will have no liability to Customer or anyone else as a result of any action of any agent prior to OSP’s receipt of written notice of the revocation of such agent’s authority. Customer will be the sole owner of all BackUp Tapes tendered for storage and will not tender any illegal or dangerous materials. Customer shall not have access to the BackUp Tapes while stored with OSP, and OSP will accept requests for deposits and withdrawals of BackUp Tapes for storage only from those individuals authorized by the Customer on a written form provided by the OSP. The Customer must provide notice in writing on a form provided by OSP in the event that Customer desires to revoke the deposit or withdrawal authority of any officer or agent of Customer. OSP will have no liability to Customer or anyone else as a result of any action of any agent prior to OSP’s receipt of written notice of the revocation of such agent’s authority. Customer will be the sole owner of all BackUp Tapes tendered for storage and will not tender any illegal or dangerous materials.

1.1.6 Video Tape & Film Archiving. OSP agrees to provide to Customer archiving and storing Customer’s magnetically recorded Video Tape and Films within OSP’s climate controlled premises. Also Provider may provide courier services to retrieve from, and deliver to, Customer the Video Tape and Films to be stored by OSP. OSP shall track all Video Tape and Films with a unique UPC identifier. All deliveries from Customer to Provider shall be FOB Destination and Customer assumes all liability while in transit to Provider’s offices, and all deliveries from Provider to Customer shall be FOB Origin and Customer assumes all liability while in transit to Customer’s offices.

1.1.7 Data Destruction. Based on an agreed Schedule of devices, OSP will destroy and provide written certification of the destruction of any magnetic devices including, without limitation, computer hard drive, SSD (“Solid State Disk”), Tape, CD, Cell Phone, or any media type.

1.1.8 Colocation Services.

OSP shall provide the following: Generator. OSP shall provide one (1) 100KV 480v Diesel Generator sized to support the entire space and associated systems or equipment at 100% of total load for 24 hours at full load. A minimum output of 400kw must be available for the A/C systems. All engine fluids and fuels will be maintained at optimum operating levels including a 24-hour fuel supply. Air Conditioning. The initial system should provide a minimum of 20 tons of cooling. Temperature within the Site shall be maintained at 67-75 degrees F. Relative Humidity within the Site shall be maintained at 50% +/- 5%. Fire Protection. FM-200 or Halon-1401 suppressant system. Raised Floor. Site to be built on a 6” raised floor capable of supporting a minimum of 200 pounds (“lbs”) per square foot static load. Security. Site will be physically secured and centrally monitored on a 7 X 24 X 365 basis. OSP will provide positive security systems using cameras and badge readers for the Premises to authenticate, grant access and monitor the full facility and all personnel requiring access to the Customer Site including all critical supporting systems and equipment rooms. Identification, access approval and monitoring, either in person or by electronic systems, will be provided by OSP or an appropriate contractor selected at OSP’ sole discretion. A written list of approved personnel, requiring access to the Customer Site, will be provided to OSP and timely updated as necessary by the Customer. Connection. OSP will allow the Customer access to its carriers located in each of the Facilities. Any charges, including one-time installation and recurring power charges will be borne by the carriers or Customers. Water Detection. Under floor water detection, will be part of the facilities monitoring infrastructure provided by OSP. Premises Maintenance. Preventive and emergency maintenance and repair on Premises HVAC, Generators, UPS, Batteries and Fire Suppression – on a daily/weekly/monthly/quarterly basis as required. Installation Charges. Customer shall pay to OSP, for connection of the Equipment to the distribution points of the UPS and to other electrical receptacles, which may not originate at the foregoing distribution points, and for all other services requested by Customer, which OSP contracts to others, a fee equal to the time and materials of OSP contractors and subcontractors, plus 20%. Customer shall pay such fee within 30 days of invoicing by OSP. Smart Hands. With the written agreement of OSP, on a fee basis Customer may specifically request that OSP provide OSP staff to perform functions within the Colocation, including, without limitation, reset switches, restarting Customer equipment, removal of backup tapes, loading new backup tapes, and report of observations of Customer equipment. Other Available Services. Other services provided by OSP shall be available to Customer on a fee basis, which shall be quoted separately upon receipt of written request from Customer and shall further subject to final mutual written approval. Such services include but are not limited to:

  1. On-site management
  2. Alternative lines
  3. In-house technical support
  4. Shared PBX
  5. Project management support

1.1.9 Hosted Syslog Backup. (www.manageengine.com)

At Customer’s sole discretion, based on the fee schedule provided to Customer, Customer shall configure devices to send syslog data to the Provider’s hosted log aggregation and backup service. Customer has the obligation to verify that each device is configured correctly to communicate with the Providers cloud infrastructure and is sending syslog data to Provider. Customer agrees to be solely responsible for testing recovery of syslog data sent to the Provider’s cloud infrastructure. Customer is solely responsible for monitoring data being logged and Provider has no responsibility to monitor logs for errors, security alerts, debug information, or any other events transmitted to the Provider under this service. Customer agrees that the device count for the syslog service includes devices, which may no longer be in service, if Customer wishes to maintain data that was logged prior to retiring the device. For computer systems running native syslog services, no additional software is provided or necessary to provide the service For computer systems running Microsoft Windows based operating systems, Provider will license to Customer software capable of transmitting Microsoft Windows event logs to Provider’s cloud infrastructure.

1.1.10 G Suite Backup and Office 365 Backup (www.backupify.com).

Customer agrees to the terms of the Datto’s Backupify Terms of Use (“Terms”) found at https://www.backupify.com/backupify-terms-of-use for Backupify’s Backup Products for G Suite and Office 365 and your Backedup Data, means the data and content that Customer designates for copying, backup and use with Backupify’s Product. You represent and warrant that You are acting as an agent of the Customer and You have the full authority to agree to Backupify’s Terms of Use with respect to access, use and support of the Backupify Product and Backedup Data. You agree to obtain Customer’s authorization and comply with Customer’s instructions at all times with respect to use of the Backupify Product and access to and management of Backedup Data, transition of Backupify Product or Backedup Data to a different Administrator, and transition assistance and cooperation upon termination or expiration of any relationship between or among an Administrator, Customer and us. Additional Data Processing Terms. A Product may be configured to designate the geographic region where Backedup Data associated with the Backupify Product is stored. Backupify’s European Data Processing Addendum (“DPA”) (https://www.backupify.com/european-data-processing-addendum) is incorporated into Backupify’s Terms of Use if a Backupify Product is configured to store Backedup Data in the European Economic Area. Customer, for itself and its Users, authorizes us to access and interact with the Backedup Site to retrieve Backedup Data and grants us a limited, royalty-free, non-exclusive, assignable license to use, copy, reformat, display, disclose and distribute the Backedup Data solely for providing the Backupify Product as described in Backupify’s Terms of Use, including as authorized by an Administrator for support, and as described in Backupify’s Privacy Policy (https://www.datto.com/legal/privacy-policy). Customer acknowledges and agrees that Datto Affiliates may be retained as Subprocessors and that Datto and its Affiliates respectively may engage third party Subprocessors as needed to provide a Product. Customer hereby consents to the use of Subprocessors as described in this section. A current list of Subprocessors for the Product will be available at www.datto.com/subprocessors. Datto will provide prior notification, by updating the list of Subprocessors and/or providing notice in the applicable Product management portal, of a new Subprocessor before authorizing such new Subprocessor to have access to Customer’s Personal Data in connection with the provision of the applicable Product.

1.2 Console. As part of receiving the Services of the Provider, Customer will have access to the Admin Console, through which Customer may administer the Services.

1.3 Facilities and Data Transfer. All facilities used to store and process an Application and Customer Data will adhere to reasonable security standards no less protective than the security standards at facilities where Provider processes and stores its own information of a similar type. Provider has implemented at least industry standard systems and procedures to ensure the security and confidentiality of an Application and Customer Data, protect against anticipated threats or hazards to the security or integrity of an Application and Customer Data, and protect against unauthorized access to or use of an Application and Customer Data. Except as set forth in the Service Specific Terms, Provider may process and store an Application and Customer Data in the United States (“U.S.”) or any other country in which Provider or its agents maintain facilities. By using the Services, Customer consents to this processing and storage of an Application and Customer Data. Under this Agreement, Provider is merely a data processor.

1.4 Accounts. Customer must have an Account to use the Services, and is responsible for the information it provides to create the Account, the security of its passwords for the Account, and for any use of its Account. If Customer becomes aware of any unauthorized use of its password, its Account, Customer will notify Provider as promptly as possible.

1.5 New Applications and Services. Provider may: (i) make new applications, tools, features or functionality available from time to time through the Services and (ii) add new services to the “Services” definition from time to time (by adding them at the URL set forth under that definition), the use of which may be contingent upon Customer’s agreement to additional terms.

1.6 Modifications.

  1. To the Services. Subject to Section 8.4, Provider may make commercially reasonable Updates to the Services from time to time. If Provider makes a material change to the Services, Provider will inform Customer, provided that Customer has subscribed with Provider to be informed about such change.
  2. To the Agreement. Provider may make changes to this Agreement, including pricing (and any linked documents) from time to time. Unless otherwise noted by Provider, material changes to the Agreement will become effective 30 days after they are posted, except if the changes apply to new functionality in which case they will be effective immediately. If Customer does not agree to the revised Agreement, please stop using the Services. Provider will post any modification to this Agreement to its website.

2. Payment Term

2.1. Service Fees. Provider calculates and bill fees and charges monthly. Provider may bill you more frequently for fees accrued if Provider suspects that your account is fraudulent or at risk of non-payment. You will pay us the applicable fees and charges for use of the Service Offerings as described on the Provider Site using a credit card Provider supports. All amounts payable under this Agreement will be made without setoff or counterclaim, and without any deduction or withholding. Fees and charges for any new Service or new feature of a Service will be effective when Provider posts updated fees and charges on the Provider Site unless Provider expressly states otherwise in a notice. Provider may increase or add new fees and charges for any existing Services by giving you at least 30 days’ advance notice. Provider may charge you interest at the rate of 1.5% per month (or the highest rate permitted by law, if less) on all late payments.

2.2 Taxes. All fees and charges payable by you are exclusive of applicable taxes and duties, including VAT and applicable sales tax. You will provide us any information Provider reasonably requests to determine whether we are obligated to collect VAT from you, including your VAT identification number. If you are legally entitled to an exemption from any sales, use, or similar transaction tax, you are responsible for providing us with legally-sufficient tax exemption certificates for each taxing jurisdiction. Provider will apply the tax exemption certificates to charges under your account occurring after the date Provider receives the tax exemption certificates. If any deduction or withholding is required by law, you will notify us and will pay us any additional amounts necessary to ensure that the net amount that Provider receives, after any deduction and withholding, equals the amount Provider would have received if no deduction or withholding had been required. Additionally, you will provide Provider with documentation showing that the withheld and deducted amounts have been paid to the relevant taxing authority.

2.3 Invoice Disputes & Refunds. To the fullest extent permitted by law, Customer waives all claims relating to Fees unless claimed within 60 days after charged (this does not affect any Customer rights with its credit card issuer). Refunds (if any) are at the discretion of Provider and will only be in the form of credit for the Services. Nothing in this Agreement obligates Provider to extend credit to any Party.

2.4 Delinquent Payments. Late payments may bear interest at the rate of 1.5% per month (or the highest rate permitted by law, if less). Provider reserves the right to suspend Customer’s Account, for any late payments.

3. Customer Obligations.

3.1 Compliance. Customer is solely responsible for its Applications, Projects, and Customer Data and for making sure its Applications, Projects, and Customer Data comply with the AUP. Provider reserves the right to review the Application, Project, and Customer Data to ensure Customer’s compliance with the AUP. Customer is responsible for ensuring all End Users comply with Customer’s obligations under the AUP, the Service Specific Terms, and the restrictions in Sections 3.3 and 3.5 below.

3.2 Privacy. Customer will protect the privacy and legal rights of its End Users under all applicable laws and regulations, which includes a legally adequate privacy notice communicated from Customer. Customer may have the ability to access, monitor, use, or disclose Customer Data submitted by End Users through the Services. Customer will obtain and maintain any required consents from End Users to allow Customer’s access, monitoring, use and disclosure of Customer Data. Further, Customer will notify its End Users that any Customer Data provided as part of the Services will be made available to a third party as part of Provider providing the Services.

3.3 Restrictions. Customer will not, and will not allow third parties under its control to: (a) distribute bulk email, unsolicited commercial email, or any form of spam or phishing emails; (b) copy, modify, create a derivative work of, reverse engineer, decompile, translate, disassemble, or otherwise attempt to extract any or all of the source code of the Services (subject to Section 3.4 below and except to the extent such restriction is expressly prohibited by applicable law); (c) use the Services for High Risk Activities; (d) sublicense, resell, or distribute any or all of the Services separate from any integrated Application; (e) create multiple Applications, Accounts, or Projects to simulate or act as a single Application, Account, or Project (respectively) or otherwise access the Services in a manner intended to avoid incurring Fees; (f) unless otherwise set forth in the Service Specific Terms, use the Services to operate or enable any telecommunications service or in connection with any Application that allows End Users to place calls or to receive calls from any public switched telephone network; or (g) process or store any Customer Data that is subject to the International Traffic in Arms Regulations maintained by the Department of State. Unless otherwise specified in writing by Provider, Provider does not intend uses of the Services to create obligations under HIPAA, and makes no representations that the Services satisfy HIPAA requirements. If Customer is (or becomes) a Covered Entity or Business Associate, as defined in HIPAA, Customer will encrypt all Customer Protected Health Information (as defined in HIPAA) in transit and at rest and Provider shall have no obligation to verify Customer's compliance with its of encryption of Customer's Protected Health Information.

3.4 Third Party Components. Third party components (which may include open source software) of the Services may be subject to separate license agreements. To the limited extent a third party license expressly supersedes this Agreement, that third party license instead governs Customer’s agreement with Provider for the specific included third party components of the Services, or use of the Services (as may be applicable).

3.5 Documentation. Provider may provide Documentation for Customer’s use of the Services. The Documentation may specify restrictions (e.g. attribution or HTML restrictions) on how the Applications may be built or the Services may be used and Customer will comply with any such restrictions specified.

3.6 Digital Millennium Copyright Act (“DMCA”) Policy. Provider provides information to help copyright holders manage their intellectual property online, but Provider cannot determine whether something is being used legally or not without their input. Provider responds to notices of alleged copyright infringement and terminates accounts of repeat infringers according to the process set out in the U.S. DMCA. If Customer thinks somebody is violating Customer’s or its End Users’ copyrights and wants to notify Provider, Customer can email Provider at support@Onesafeplace.com and provide all pertinent information.

3.7 Application and No Multiple Accounts, Bills. Any Application must have material value independent from the Services. Provider has no obligation to provide multiple bills, or Accounts to Customer under the Agreement.

4. Suspension and Removals.

4.1 Suspension/Removals. If Customer becomes aware that any Application, Project (including an End User’s use of a Project), or Customer Data violates the AUP, Customer will immediately suspend the Application or Project (if applicable), remove the applicable Customer Data or suspend access to an End User (as may be applicable). If Customer fails to suspend or remove as noted in the prior sentence, Provider may specifically request that Customer do so. If Customer fails to comply with Provider’s request to do so within 24 hours, then Provider may suspend Provider accounts of the applicable End Users, disable the Project or Application, and/or disable the Account (as may be applicable) until such violation is corrected.

4.2 Emergency Security Issues. Despite the foregoing, if there is an Emergency Security Issue, then Provider may automatically suspend the offending, Application, Project, or End User Account. Suspension will be to the minimum extent required, and of the minimum duration, to prevent or terminate the Emergency Security Issue. If Provider suspends an End User account, Application, Project, or the Customer Account, for any reason, without prior notice to Customer, at Customer’s request, Provider will provide Customer the reason for the suspension as soon as is reasonably possible.

5. Intellectual Property Rights; Use of Customer Data; Feedback.

5.1 Intellectual Property Rights. Except as expressly set forth in this Agreement, this Agreement does not grant either Party any rights, implied or otherwise, to the other’s content or any of the other’s intellectual property. As between the Parties, Customer owns all Intellectual Property Rights in Customer Data and the Application or Project (if applicable), and Provider owns all Intellectual Property Rights in the Services and Software.

5.2 Use of Customer Data. Provider may use Customer Data and Applications only to provide the Services to Customer and its End Users and to help secure and improve the Services. For instance, this may include identifying and fixing problems in the Services, enhancing the Services to better protect against attacks and abuse, and making suggestions aimed at improving performance or reducing cost.

5.3 Customer Feedback. If Customer provides Provider feedback or suggestions about the Services, then Provider may use that information without obligation to Customer, and Customer hereby irrevocably assigns to Provider all right, title, and interest in that feedback or those suggestions.

6. Technical Support Services.

6.1 By Customer. Customer is responsible for technical support of its Applications and Projects.

6.2 By Provider. Subject to payment of applicable support Fees, Provider will provide Technical Support Services (“TSS”) to Customer during the Term as described below. Certain TSS levels include a minimum recurring Fee as described in the “Fees” definition below. If Customer downgrades its TSS level during any calendar month, Provider may continue to provide TSS at the same level and TSS Fees before the downgrade for the remainder of that month.

6.2.1 Support Request Submission. Customer Efforts to Fix Errors. Prior to making a request to Provider, Customer will use reasonable efforts to fix any error, bug, and malfunction or network connectivity defect without escalation to Provider. Thereafter, a Customer Contact may submit a written request for technical support through the Provider for Work Support Center. Characterization of Requests. Customer designates priority upon submission of Requests. Upon receiving a request, Provider will determine whether the request is a “Service Unusable,” “Standard Request” or a “Feature Request.” Any such determination made by Provider is final and binding on Customer. Provider reserves the right to change Customer’s priority designation if Provider believes that Customer’s designation is incorrect and will inform Customer of any such change in its response to the support Request. Customer may appeal any such reclassification to Provider’s Support management for review through any available support channel. Procedures for Acknowledgement and Resolution of Requests. When making a Request, Customer will provide all requested diagnostic information and assist Provider Support Personnel as may be required to resolve a Request. Request Acknowledgement. Provider may respond to a Request by acknowledging receipt of the Request. Customer acknowledges and understands that Provider may be unable to provide answers to, or resolve all, Requests. Feature Requests. If Provider deems a Request to be a Feature Request, Provider will log such Request for consideration to add to a future update or release of the Services and will consider the matter closed. Provider is under no obligation to respond to or resolve any Feature Request or to include any such Feature Request in any future update or release. Building Applications. For clarity, Provider will not have any obligation to write or build any Applications or write code to facilitate Applications.

6.2.2. Accessing Support Designated Support Contacts. Customer will provide first-level support to End Users. Provider will provide second-level support to Customer only. If Customer wishes to change its Designated Contacts, it will notify Provider via the Provider for Work Support Center at least five Business Days prior to the change. If on the date these updated Guidelines were first posted Customer has more Designated Contacts than are set forth under the applicable Support level under Section 4 below, the current Contacts will continue to be allowed until the expiration of the current license term for the applicable Services under the Agreement. Support Hours and Target Initial Response Times. Provider will process Requests during the Hours of Operation, unless otherwise indicated in these Guidelines. Any Requests received outside of the Hours of Operation will be logged and processed at the beginning of the next Business Day. Target initial response times are based on the subscribed support level.

6.2.3. Maintenance. To ensure optimal performance of the Services, Provider performs periodic Maintenance. In most cases, Maintenance will have limited or no negative impact on the availability and functionality of the Services. If Provider expects planned Maintenance to negatively affect the availability or functionality of the Services, Provider will use commercially reasonable efforts to provide at least seven days advance notice of the Maintenance. In addition, Provider may perform emergency unscheduled Maintenance at any time. If Provider expects such emergency unscheduled Maintenance to negatively affect the availability or functionality of the Services, Provider will use commercially reasonable efforts to provide advance notice of such Maintenance. Maintenance notices noted above will be provided via the Provider for Work Support Center.

6.3 Technical Support shall be provided by OSP to Customer upon Customer’s request at $50.00/hour 8a-5p, Monday through Friday and $100.00/hour during all other times. To the extent Customer’s need for such technical support arises primarily as the result of OSP failure to perform the Services, such technical support shall be supplied by OSP at no charge to Customer.

6.4 Data Deletion Request. Customer may give Provider specific written authorization to delete specific Customer's data stored on Provider's systems by agreeing to the terms posted at go.onesafeplace.com/deletionterms

7. Confidential Information. The recipient will not disclose the Confidential Information, except to Affiliates, employees, agents or professional advisors who need to know it and who have agreed in writing (or in the case of professional advisors are otherwise bound) to keep it confidential. The recipient will ensure that those people and entities use the received Confidential Information only to exercise rights and fulfill obligations under this Agreement, while using reasonable care to keep it confidential. Notwithstanding any provision to the contrary in this Agreement, the recipient may also disclose Confidential Information to the extent required by applicable Legal Process; provided that the recipient uses commercially reasonable efforts to: (i) promptly notify the other Party of such disclosure before disclosing; and (ii) comply with the other Party’s reasonable requests regarding its efforts to oppose the disclosure. Notwithstanding the foregoing, subsections (i) and (ii) above will not apply if the recipient determines that complying with (i) and (ii) could: (a) result in a violation of Legal Process; (b) obstruct a governmental investigation; and/or (c) lead to death or serious physical harm to an individual. As between the Parties, Customer is responsible for responding to all third party requests concerning its use and its End Users’ use of the Services.

8. Term and Termination.

8.1 Agreement Term. The “Term” of this Agreement will begin on the Effective Date for the initial term (“Initial Term”) as specified in the Purchase Order, and unless otherwise specified in a Purchase Order this Agreement shall renew for terms of 12 month thereafter (“Renewal Term”) unless a notice of termination is provided 30 days before the end of the Initial Term or Renewal Term, or the Agreement is terminated as set forth in Section 8 of this Agreement.

8.2 Termination for Breach. Either Party may terminate this Agreement for breach if: (i) the other Party is in material breach of the Agreement and fails to cure that breach within 30 days after receipt of written notice; (ii) the other Party ceases its business operations or becomes subject to insolvency proceedings and the proceedings are not dismissed within 90 days; or (iii) the other Party is in material breach of this Agreement more than two times notwithstanding any cure of such breaches. In addition, Provider may terminate any, all, or any portion of the Services or Projects, if Customer meets any of the conditions in Section 8.2(i), (ii), and/or (iii).

8.3 Termination for Inactivity. Provider reserves the right to terminate without notice to Customer the Services for inactivity, if, for a period exceeding 180 days, Customer: (a) has failed to access the Admin Console; (b) a Project has no active virtual machine or storage resources or an Application has not served any requests; (c) no electronic bills are being generated; or (d) payment for BackUp Tapes.

8.4 Effect of Termination. If the Agreement is terminated, then: (i) the rights granted by one Party to the other will immediately cease; (ii) all Fees (including Taxes) owed by Customer to Provider are immediately due upon receipt of the final electronic bill; (iii) Customer will delete the Software, any Application, Instance, Project, and any Customer Data; and (iv) upon request, each Party will use commercially reasonable efforts to return or destroy all Confidential Information of the other Party.

8.5 Data Deletion after Termination. Following termination of this Agreement, and following all payments by Customer, Customer may give Provider specific written authorization to delete Customer's data stored on Provider's systems based on the terms of go.onesafeplace.com/deletionterms Notwithstanding any provisions to the contrary, if Customer is at least 90 days delinquent in paying any fees under these ToS, following written notice by Provider to Customer, then Provider may delete all of Customer's Data and Provider has no liability for any Customer Data following the written notice whatsoever.

9. Publicity. With the prior written approval of Provider, Customer is permitted to state publicly that it is a customer of the Services. If Customer wants to display Provider Brand Features in connection with its use of the Services, Customer must obtain written permission from Provider. Provider may include Customer’s name or Brand Features in a list of customers, online or in promotional materials. Provider may also verbally reference Customer as a customer of the Provider products or services that are the subject of this Agreement. Neither Party needs approval if it is repeating a public statement that is substantially similar to a previously-approved public statement. Any use of a Party’s Brand Features will inure to the benefit of the Party holding Intellectual Property Rights to those Brand Features. A Party may revoke the other Party’s right to use its Brand Features under this Section with written notice to the other Party and a reasonable period to stop the use.

10. Representations.

10.1 Each Party represents and warrants that: (a) it has full power and authority to enter into the Agreement; and (b) it will comply with all laws and regulations applicable to its provision, or use, of the Services, as applicable. Provider warrants that it will provide the Services in accordance with the applicable SLA (if any).

10.2 Payment Card Industry (“PCI”) Compliance. OSP has been approved by a PCI Qualified Security Assessor (“QSA”) to be complaint with the PCI Data Security Standards (“DSS”). However, Customer is totally responsible for all software it uses for Customer's Credit Card data including all account numbers, PIN numbers, addresses, and all related Personal Identifiable Information.

10.3 Personal Health Information (“PHI”). Customer shall not store any PHI on any of Services, unless Customer has notified OSP at least thirty (30) days in advance of PHI upload and Customer has signed OSP’s Business Associate Agreement (“BAA”) which shall then apply to such PHI. All Customer PHI shall be encrypted while stored by Customer.


12. Limitation of Liability.




12.3 Exceptions to Limitations. These limitations of liability do not apply to breaches of confidentiality obligations, violations of a Party’s Intellectual Property Rights by the other Party, or indemnification obligations.

13. Indemnification.

13.1 By Customer. Unless prohibited by applicable law, Customer will defend and indemnify Provider and its Affiliates against Indemnified Liabilities in any Third-Party Legal Proceeding to the extent arising from: (i) any Application, Project, Instance, Customer Data or Customer Brand Features; or (ii) Customer’s, or its End Users’, use of the Services in violation of the AUP.

13.2 By Provider. Provider will defend and indemnify Customer and its Affiliates against Indemnified Liabilities in any Third-Party Legal Proceeding to the extent arising solely from an Allegation that use of (a) Provider’s technology used to provide the Services (excluding any open source software) or (b) any Provider Brand Feature infringes or misappropriates the third party’s patent, copyright, trade secret, or trademark.

13.3 Exclusions. This Section 13 will not apply to the extent the underlying Allegation arises from:

  1. the Indemnified Party’s breach of this Agreement;
  2. modifications to the Indemnifying Party’s technology or Brand Features by anyone other than the Indemnifying Party;
  3. combination of the Indemnifying Party’s technology or Brand Features with materials not provided by the Indemnifying Party; or
  4. use of non-current or unsupported versions of the Services or Brand Features;

13.4 Conditions. Sections 13.1 and 13.2 will apply only to the extent:

  1. The Indemnified Party has promptly notified the Indemnifying Party in writing of any Allegation(s) that preceded the Third-Party Legal Proceeding and cooperates reasonably with the Indemnifying Party to resolve the Allegation(s) and Third-Party Legal Proceeding. If breach of this Section 13.4(a) prejudices the defense of the Third-Party Legal Proceeding, the Indemnifying Party’s obligations under Section 13.1 or 13.2 (as applicable) will be reduced in proportion to the prejudice.
  2. The Indemnified Party tenders sole control of the indemnified portion of the Third-Party Legal Proceeding to the Indemnifying Party, subject to the following: (i) the Indemnified Party may appoint its own non-controlling counsel, at its own expense; and (ii) any settlement requiring the Indemnified Party to admit liability, pay money, or take (or refrain from taking) any action, will require the Indemnified Party’s prior written consent, not to be unreasonably withheld, conditioned, or delayed.

13.5 Remedies.

  1. If Provider reasonably believes the Services might infringe a third party’s Intellectual Property Rights, then Provider may, at its sole option and expense: (a) procure the right for Customer to continue using the Services; (b) modify the Services to make them non-infringing without materially reducing their functionality; or (c) replace the Services with a non-infringing, functionally equivalent alternative.
  2. If Provider does not believe the remedies in Section 13.5(a) are commercially reasonable, then Provider may suspend or terminate Customer’s use of the impacted Services.

13.6 Sole Rights and Obligations. Without affecting either Party’s termination rights, this Section 13 states the Parties’ only rights and obligations under this Agreement for Intellectual Property Rights-related Allegations and Third-Party Legal Proceedings.

14. U.S. Federal Agency Users. The Services were developed solely at private expense and are commercial computer software and related documentation within the meaning of the applicable Federal Acquisition Regulation and agency supplements thereto.

15. Lien in Favor of OSP. OSP shall be entitled to all of the rights, benefits and privileges provided by and under Section 7.209 of the Uniform Commercial Code of the State of Texas. OSP shall not be required to release and return to Customer any BackUp Tapes in OSP’s possession until all amounts due OSP by Customer have been paid in full.

16. Miscellaneous.

16.1 Notices. All notices must be in writing and addressed to the other Party’s legal department and primary point of contact. The notice to OSP should be sent to: legal@Onesafeplace.com or 1550 West Walnut Hill Lane, Irving, Texas 75038. Notice will be treated as given on receipt as verified by written or automated receipt or by electronic log (as applicable).

16.2 Assignment. Customer may not assign any part of this Agreement without the written consent of Provider, which will not be unreasonably withheld. If Provider agrees to an assignment only when: (a) the assignee has agreed in writing to be bound by the terms of this Agreement; (b) the assigning Party remains liable for obligations under the Agreement if the assignee defaults on them; and (c) the assigning Party has notified the other Party of the assignment. Any other attempt to assign is void.

16.3 Force Majeure. Neither Party will be liable for failure or delay in performance to the extent caused by circumstances beyond its reasonable control. Provider shall not be liable to Customer for anything beyond Provider’s reasonable control, including, without limitation, acts of any governmental body, war, insurrection, sabotage, armed conflict, embargo, fire, flood, strike or other labor disturbance, interruption of or delay in transportation, unavailability of or interruption or delay in telecommunications or third party services, virus attacks or hackers, cyber intrusions which may cause malware, ransomware, or related problems, failure of third party software (including, without limitation, e-commerce software, payment gateways, chat, statistics or free scripts) or inability to obtain raw materials, supplies, or power used in or equipment needed for provision of this Agreement.

16.4 No Agency. This Agreement does not create any agency, partnership or joint venture between the Parties.

16.5 No Waiver. Neither Party will be treated as having waived any rights by not exercising (or delaying the exercise of) any rights under this Agreement.

16.6 Severability. If any term (or part of a term) of this Agreement is invalid, illegal, or unenforceable, the rest of the Agreement will remain in effect.

16.7 No Third-Party Beneficiaries. This Agreement does not confer any benefits on any third party unless it expressly states that it does.

16.9 Equitable Relief. Nothing in this Agreement will limit either Party’s ability to seek equitable relief.

16.10 Governing Law. All claims arising out of or relating to this agreement or the services will be governed by Texas law, excluding that state’s conflict of laws rules, and will be resolved by arbitration in Dallas County, Texas under the Commercial Rules of the American Arbitration Association (“AAA”) by one arbitrator who shall be selected by agreement of the Parties. If the Parties cannot agree on the arbitrator the AAA shall select the arbitrator. The arbitration shall be held within six (6) months after the appointment of the arbitrator, during discovery each Party may take no more than twenty (20) hours of depositions, and the arbitration hearing shall last no more than one (1) day. The arbitration award may be submitted a federal or State courts of Dallas County, Texas for enforcement.

16.11 Amendments. Except as set forth in Section 1.7(b), any amendment must be in writing, signed by both Parties, and expressly state that it is amending this Agreement.

16.12 Survival. The following Sections will survive expiration or termination of this Agreement: 5, 7, 8.5, 12, 13, 15, and 16.

16.13 Entire Agreement. This Agreement sets out all terms agreed between the Parties and supersedes all other agreements between the Parties relating to its subject matter. In entering into this Agreement, neither Party has relied on, and neither Party will have any right or remedy based on, any statement, representation or warranty (whether made negligently or innocently), except those expressly set out in this Agreement. The terms located at a URL referenced in this Agreement and the Documentation are incorporated by reference into the Agreement. After the Effective Date, Provider may provide an updated URL in place of any URL in this Agreement.

16.14 Conflicting Terms. If there is a conflict between the documents that make up this Agreement, the documents will control in the following order: the Agreement, and the terms at any URL.

16.15 Insurance – OSP maintains insurance coverage as follows:

16.15.1 Business Automobile – commercial automobile liability insurance with a limit of liability of $1 million per occurrence and in the aggregate.

16.15.2 Commercial General Liability – commercial general liability, including products and completed operations, personal and advertising liability and property damage to property of others, with a limit of $1 million per occurrence, $2 million in the aggregate. This insurance is endorsed to add Customer as a Blanket Additional Insured, and to state that this policy is primary and non-contributory as to Customer’s insurance, if any.

16.15.3 Commercial Property – business personal property, including personal property of others and electronic data processing and media, at replacement cost value, subject to applicable deductibles. This policy also covers personal property in transit with a limit of liability of $500,000.

16.15.4 Cyber Liability – network and information security liability, as well as technology errors and omissions liability, with a limit of liability of $3 million dollars. This insurance adds Customer as a Blanket Additional Insured.

16.16 Blanket Additional Insured – Customer requests that in both the Cyber Liability and Commercial General Liability policies, OSP add it as a Blanket Additional Insured, subject to the terms and conditions of that coverage as set forth in each respective policy.

17. Definitions.

17.1 “Account” means Customer’s Provider account.

17.2 “Admin Console” means the online console(s) and/or tool(s) provided by Provider to Customer for administering the Services.

17.3 “Affiliate” means any entity that directly or indirectly Controls, is Controlled by, or is under common Control with a Party.

17.4 “Allegation” means an unaffiliated third Party’s allegation.

17.5 “Application(s)” means any web or other application Customer creates using the Services, including any source code written by Customer to be used with the Services, or hosted in an Instance.

17.6 “AUP” means the acceptable use policy set forth here for the Services: Acceptable Use Policy

17.7 “BackUp Tapes” mean Customer owned magnetic tapes used by Customer that each have a unique identifier code for storage and retrieval.

17.8 “Brand Features” means the trade names, trademarks, service marks, logos, domain names, and other distinctive brand features of each Party, respectively, as secured by such Party from time to time.

17.9 “Cloud Server BackUp” means a backup environment using Evault licensed technology to an OSP Cloud environment.

17.10 “Colocation Services” means the Customer uses Customer’s servers, disks, and related hardware and Provider provides under this Agreement power, connectivity, and limited support to rebooting hardware only.

17.11 “Committed Purchase(s)” have the meaning set forth in the Service Specific Terms.

17.12 “Confidential Information” means information that one Party (or an Affiliate) discloses to the other Party under this Agreement, and which is marked as confidential or would normally under the circumstances be considered confidential information. It does not include information that is independently developed by the recipient, is rightfully given to the recipient by a third party without confidentiality obligations, or becomes public through no fault of the recipient. Customer Data is considered Customer’s Confidential Information.

17.13 “Control” means control of greater than fifty percent of the voting rights or equity interests of a Party. 17.14 “Customer” means a company, business, or individual who enters into this Agreement.

17.14 “Customer” means the party that is contracting with Provider and may be a Managed Service Provider.

17.15 “Customer Data” means content provided, transmitted, or displayed via the Services by Customer or its End Users; but excluding any data provided when Customer creates its general Provider account (under an email address provided under the “Provider Apps” product line).

17.16 “Data Destruction” means OSP services that the process of destroying hard drives, backup tape, credit card readers, CDs, DVDs, video tape, file, and mobile devices, and providing certification of Data Destruction.

17.17 “Documentation” means the Provider documentation (as may be updated from time to time) in the form generally made available by Provider to its customers for use.

17.18 “Endpoint Cloud BackUp” means data protection and encryption services for Customer’s mobile devices including cell, tablets, laptops, and desktop PCs.

17.19 “Emergency Security Issue” means either: (a) Customer’s or its End User’s use of the Services in violation of the AUP, which could disrupt: (i) the Services; (ii) other Customers’ or its End Users’ use of the Services; or (iii) the Provider network or servers used to provide the Services; or (b) unauthorized third party access to the Services.

17.20 “End Users” means the individuals that Customer permits to use the Services, Application, or Project. 17.21 “Fees” means the applicable fees for each Service and any applicable Taxes.

17.21 “G Suite” means the Google’s services which include Gmail, documents, spreadsheets, slides, and other Google products

17.22 “High Risk Activities” means uses such as the operation of nuclear facilities, air traffic control, or life support systems, where the use or failure of the Services could lead to death, personal injury, or environmental damage.

17.23 “HIPAA” means the Health Insurance Portability and Accountability Act of 1996 as it may be amended from time to time, and any regulations issued thereunder.

17.24 “Hybrid BackUp & Recovery” means data backup on a variety of media including cloud, disk, and tape so that a data recovery plan can be tailored to the needs of a Customer.

17.25 “Indemnified Liabilities” means any (i) settlement amounts approved by the Indemnifying Party; and (ii) damages and costs finally awarded against the Indemnified Party and its Affiliates by a court of competent jurisdiction.

17.26 “Instance” means a virtual machine instance, configured and managed by Customer, which runs on the Services. Instances are more fully described in the Documentation.

17.27 “Intellectual Property Rights” means current and future worldwide rights under patent, copyright, trade secret, trademark, and moral rights laws, and other similar rights.

17.28 “Legal Process” means a data disclosure request made under law, governmental regulation, court order, subpoena, warrant, governmental regulatory or agency request, or other valid legal authority, legal procedure, or similar process.

17.29 “Managed Service Provider” means a company which provides outsourcing services to Third Parties which have no contractual relationship to Provider.

17.30 “Office 365” means the Microsoft services which include Outlook, OneDrive, Word, Excel, PowerPoint, and other Microsoft products.

17.31 “Offsite Tape Vaulting” means OSP services to manage backup data tapes, logging unique tapes into a database, and related selection for retrieval by Customer when required.

17.32 “Package Purchase” has the meaning set forth in the Service Specific Terms.

17.33 “Purchase Order” means any written agreement between Customer and Provider for specific Services under the ToS that may include volume, pricing, and specific requirements.

17.34 “Project” means a grouping of computing, storage, and API resources for Customer, and via which Customer may use the Services. Projects are more fully described in the Documentation.

17.35 “Services” means the, services provided by Provider, which may include, Colocation Services, Virtual Private Servers, and Dedicated Servers.

17.36 “Service Specific Terms” means the terms specific to one or more Services set forth here:

17.37 “SLA” means the Service Level Agreement go.onesafeplace.com/sla.

17.38 “Software” means any downloadable tools, software development kits or other such proprietary computer software provided by Provider in connection with the Services, which may be downloaded by Customer, and any updates Provider may make to such Software from time to time.

17.39 “Subprocessor” means a company that has a role in performing services on behalf of Datto with respect to Datto’s provision of Backupify Product, which may have logical access to Personal Data covered by the Backupify DPA.

17.40 “Syslog” means a standard of computer system message logging. Syslog sent to Provider may consist of any severity level.

17.41 “Taxes” means any duties, customs fees, or taxes (other than Provider’s income tax) associated with the purchase of the Services, including any related penalties or interest.

17.42 “Term” has the meaning set forth in Section 8 of this Agreement.

17.43 “Third Party” means a company or organization which may have a contractual relationship with the Provider or Customer.

17.44 “Third-Party Legal Proceeding” means any formal legal proceeding filed by an unaffiliated Third Party before a court or government tribunal (including any appellate proceeding).

17.45 “Updates” means the periodic software updates provided by Provider to Customer from time to time. Updates are designed to improve, enhance and further develop the Services and may take the form of bug fixes, enhanced functions, new software modules and completely new versions.

17.46 “Video Tape & Film Archiving” means OSP archiving and tracking in climate controlled facilities for television and movie production.

These Terms were last modified on January 14, 2021.