IRIS SOLUTIONS, LLC

GENERAL TERMS AND CONDITIONS OF SERVICE

These General Terms and Conditions of Service (these “Terms”) govern all services performed by IRIS Solutions, LLC, a Delaware limited liability company with offices located at 8700 Red Oak Boulevard, Suite H, Charlotte, North Carolina 28217 (“us”, “our”, “we” or “IRIS”), to any customer or client (“Client” or “you”) as set forth in the Services Agreement between IRIS and Client (the “Services Agreement”).  Capitalized terms used but not defined in these Terms shall have the meanings set forth in the Services Agreement.

• Subject to these Terms, IRIS shall provide Client with the specific services (the “Services”) identified in the Services Agreement.  All Services will be performed on a schedule, and in a prioritized manner, as determined by IRIS.  IRIS shall have no obligation to provide Client with any services other than the Services, unless expressly agreed in writing by IRIS.
• FEES; PAYMENT.
  1. In consideration of the Services provided to Client by IRIS, Client agrees to compensate IRIS in accordance with the fee schedule set forth in the Services Agreement.  Unless otherwise agreed in writing, any services performed by IRIS which are not included in the Services shall be billed to Client at IRIS’ standard hourly rates as in effect from time to time.  The standard hourly rates as of the date hereof are set forth on Exhibit A attached hereto.
  2. Schedule.  All undisputed fees will be due and payable in electronic form in advance of the provision of the Services.  Payments made by ACH or credit card will be deducted from your designated account on the first business day of the month in which the Services are to be provided.
  3. Nonpayment. Fees that remain unpaid for more than fifteen (15) days after the date on the invoice will be subject to interest on the unpaid amount(s) until and including the date payment is received, at the lower of either 5.0% per month or the maximum allowable rate of interest permitted by applicable law.  We reserve the right, but not the obligation, to suspend part or all of the Services without prior notice to you in the event that any portion of undisputed fees are not timely received by us.  Notice of disputes related to fees must be received by us within sixty (60) days after the applicable Service is rendered or the date on which you pay an invoice, whichever is later; otherwise, you waive your right to dispute the fee thereafter. A re-connect fee may be charged to you if we suspend the Services due to your nonpayment.  Time is of the essence in the performance of all payment obligations by you. You agree that IRIS may recover all fees owed under the terms of the Services Agreement, and any reasonable collection expenses, including but not limited to reasonable attorney fees.

Notwithstanding anything in the Services Agreement to the contrary, the Services Agreement may be terminated prior to its expiration as follows:

1. Termination Without Cause. If IRIS decides to cease providing a service to all of its customers generally, then IRIS may terminate the Services Agreement without cause by providing no less than one hundred and twenty (120) days prior written notice to you.
3. Termination For Cause. In the event that one party (a “Defaulting Party”) commits a material breach under the Services Agreement (including these Terms), the non-Defaulting Party will have the right, but not the obligation, to terminate immediately the Services Agreement (a “For Cause” termination) provided that (i) the non-Defaulting Party has notified the Defaulting Party of the specific details of the breach in writing, and (ii) the Defaulting Party has not cured the default within twenty (20) days (ten (10) days for non-payment by Client) following receipt of written notice of breach from the non-Defaulting Party.  If IRIS terminates the Services Agreement For Cause, then IRIS shall be entitled to receive, and you hereby agree to pay to us, (i) all amounts that would have been paid to IRIS had the Services Agreement remained in effect until the expiration of the Initial Term or the then-current Renewal Term, as applicable, (ii) all expenses incurred by us in our preparation and provision of the Services to you, g., licensing fees incurred by IRIS, non-mitigatable hard costs, etc., and (iii) all expenses incurred by us in our attempt to collect amounts owed, including any attorney fees.  If you terminate the Services Agreement For Cause, then you will be responsible for paying only for those Services that were properly delivered and accepted by you up to the effective date of termination.
5. Client Activity As A Basis for Termination. In the event that (i) any Client-supplied equipment, hardware or software, or any action undertaken by you, causes the System or any part of the System to malfunction consequently requiring remediation by IRIS on three (3) occasions or more (“System Malfunction”), and if under those circumstances, you fail to remedy, repair or replace the System Malfunction as directed by us (or you fail to cease the activity causing the System Malfunction, as applicable), or (ii) you or any of your staff, personnel, contractors, or representatives engage in any unacceptable act or behavior that renders it impracticable, imprudent, or unreasonable to provide the Services to you, then IRIS will have the right, upon ten (10) days prior written notice to you, to terminate the Services Agreement For Cause or, at our discretion and if applicable, amend the Services Agreement to eliminate from coverage any System Malfunction or any equipment or software causing the System Malfunction.
6. You and we may mutually consent, in writing, to terminate the Services Agreement at any time.
8. Equipment / Software Removal. Upon termination of the Services Agreement for any reason, you will provide us with access, during normal business hours, to your premises or any other locations at which IRIS-owned equipment or software (collectively, “IRIS Equipment”) is located to enable us to remove all IRIS Equipment from the premises.  If you fail or refuse to grant IRIS access as described herein, or if any of the IRIS Equipment is missing, broken or damaged (normal wear and tear excepted) or any IRIS-supplied software is missing, we will have the right to invoice you for, and you hereby agree to pay immediately, the full replacement value of any and all missing or damaged items.

Transition; Deletion of Data. In the event that you request IRIS’ assistance to transition away from our services, we will provide such assistance if (i) all fees due and owing to us are paid to us in full prior to IRIS providing its assistance to you, and (ii) you agree to pay our then-current hourly rate for such assistance, with up-front amounts to be paid to us as we may require. For the purposes of clarity, it is understood and agreed that the retrieval and provision of passwords, log files, administrative server information, or conversion of data are transition services, and are subject to the preceding requirements. Unless otherwise expressly agreed by IRIS in writing, we will have no obligation to store or maintain any Client data in our possession or control beyond fifteen (15) calendar days following the termination of the Services Agreement.  We will be held harmless for, and indemnified by you against, any and all claims, costs, fees, or expenses incurred by either party that arise from, or are related to, our deletion of your data beyond the time frames described in this Section 3(f).

• GENERAL CLIENT REQUIREMENTS.
• The terms of the Services Agreement, including the Services to be performed by IRIS thereunder and the Fees payable by Client for such Services, are based upon the assumptions and minimum requirements set forth on Exhibit B.  In addition, in order for IRIS to provide the Services, Client acknowledges and agrees to each of the following:

1. For the purposes of these Terms, “System” means, collectively, any computer network, computer system, peripheral or device installed, maintained, monitored, or operated by IRIS pursuant to the Services Agreement.  To avoid a delay or negative impact on our provision of the Services, during the term of the Services Agreement you agree to refrain from modifying or moving the System, or installing software on the System, unless we expressly authorize such activity.
3. Requirements. At all times, all software on the System must be genuine and licensed, and you agree to provide us with proof of such licensing upon our request.  If we require you to implement certain minimum hardware or software requirements pursuant to the Services Agreement (“Minimum Requirements”), you agree to do so as an ongoing requirement of us providing our Services to you.
5. Maintenance; Updates. If patches and other software-related maintenance updates (“Updates”) are provided under the Services Agreement, we will install the Updates only if we have determined, in our reasonable discretion, that the Updates will be compatible with the configuration of the System and materially beneficial to the features or functionality of the affected software or hardware.  We will not be responsible for any downtime or losses arising from or related to the installation or use of any Update, provided that the Update was installed in accordance with the manufacturer’s or applicable vendor’s instructions.
7. Third Party Support. If, in IRIS’ discretion, a hardware or software issue requires vendor or OEM support, we may contact the vendor or OEM (as applicable) on your behalf and pass through to you, without markup, all fees and costs incurred in that process.  If such fees or costs are anticipated in advance or exceed $100, we will obtain your permission before incurring such expenses on your behalf unless exigent circumstances require otherwise.
9. Advice; Instructions. From time to time, we may provide you with specific advice and directions related to our provision of the Services or the maintenance or administration of the System.  (For example, our advice or directions may include increasing the System’s server or hard drive capacity or replacing obsolete equipment.) You agree to promptly follow and implement any directions we provide to you related to the Services which, depending on the situation, may require you to make additional purchases or investments in the System or the environment in which the System is maintained, at your sole cost.  We will not be responsible for any problems or issues (such as System downtime or security-related issues) caused by your failure to promptly follow our advice or directions.  If your failure to follow or implement our advice renders part or all of the Services economically or technically unreasonable to provide in our discretion, then we may terminate the Services Agreement for cause by providing notice of termination to you.  Unless specifically and expressly stated in these Terms, any services required to remediate issues caused by your failure to follow IRIS’ advice or directions, or your unauthorized modification of the System, as well as any services required to bring the System up to or maintain the Minimum Requirements, are not covered under the Services Agreement or these Terms and will be out-of-scope.

• Insurance. If you are supplied with IRIS Equipment, you agree to acquire and maintain, at your sole cost, insurance for the full replacement value of that equipment.  IRIS must be listed as an additional insured on any policy acquired and maintained by you under these Terms, and the policy will not be canceled or modified during the term of the Services Agreement without prior notification to IRIS.  Upon IRIS’ request, you agree to provide proof of insurance to IRIS, including proof of payment of any applicable premiums or other amounts due under the insurance policy.

• ACCESS; SERVICE LEVELS.
  1. Access. You hereby grant to IRIS the right to monitor, diagnose, manipulate, communicate with, retrieve information from, and otherwise access the System, on a 24x7x365 basis, for the purpose of enabling us to provide the Services.  It is your responsibility to secure, at your own cost and prior to the commencement of any Services, any necessary rights of entry, licenses (including software licenses), permits or other permissions necessary for IRIS to provide Services to the System and, if applicable, at your designated premises, both physically and virtually.  Proper and safe environmental conditions must be provided and assured by you at all times. IRIS shall not be required to engage in any activity or provide any Services under conditions that pose or may pose a safety or health concern to any personnel, or that would require extraordinary or non-industry standard efforts to achieve.
  2. Service Levels. Monitoring will occur on a 24x7x365 basis.  Repair and remediation Services, if applicable, will be provided only during business hours unless otherwise expressly set forth in the Services Agreement or these Terms.  IRIS will respond to problems, errors or interruptions in the provision of the Services in the timeframe(s) described on Exhibit C.  Severity levels will be determined by IRIS in its reasonable discretion.  All remediation Services will initially be attempted remotely; IRIS will provide onsite service only if remote remediation is ineffective and, under all circumstances, only if covered under the Service plan selected by Client.

• LIMITED WARRANTIES; LIMITATIONS OF LIABILITY.
  1. Hardware / Software Purchased Through IRIS. All hardware, software, peripherals or accessories purchased through IRIS (“Third Party Products”) are nonrefundable once the applicable purchase order is placed in IRIS’ queue for delivery.  We will use reasonable efforts to assign, transfer and facilitate all warranties (if any) and service level commitments (if any) for the Third Party Products to you, but will have no liability whatsoever for the quality, functionality or operability of any Third Party Products, and we will not be held liable as an insurer or guarantor of the performance, uptime or usefulness of any Third Party Products.  All Third-Party Products are pro­vided “as is” and without any warranty whatsoever as between IRIS and you (including but not limited to implied warranties).
  2. Warranty Application. Notwithstanding any provision to the contrary in these Terms, any warranty offered and provided directly by IRIS for any product shall be deemed null and void if the applicable product is (i) altered, modified or repaired by persons other than IRIS, including, without limitation, the installation of any attachments, features, or devices not supplied or approved  by  IRIS; (ii) misused, abused, or not operated in accordance with the specifications of IRIS or the applicable manufacturer or creator of the hardware or product, or, (iii) subjected to improper site preparation or maintenance by persons other than IRIS or persons approved or designated by IRIS.
  3. Liability Limitations. This paragraph limits the liabilities arising under the Services Agreement (including these Terms) and is a bargained-for and material part of the Services Agreement.  You acknowledge and agree that IRIS would not enter into the Services Agreement unless it could rely on the limitations described in this paragraph. In no event shall either party be liable for any indirect, special, exemplary, consequential, or punitive damages, such as lost revenue, loss of profits (except for fees due and owing to IRIS), savings, or other indirect or contingent event-based economic loss arising out of or in connection with the Services Agreement (including these Terms) or the Services, or for any loss or interruption of data, technology or services, or for any breach hereof or for any damages caused by any delay in furnishing Services under the Services Agreement, even if a party has been advised of the possibility of such damages; however, reasonable attorneys’ fees awarded to a prevailing party (as described below) shall not be limited by the foregoing limitation. Except for your payment obligations and your indemnification obligations described in the Services Agreement (including these Terms), a responsible party’s (“Responsible Party’s”) aggregate liability to the other party (“Aggrieved Party”) for damages from any and all claims or causes whatsoever, and regardless of the form of any such action(s), that arise from or relate to the Services Agreement (including these Terms) (collectively, “Claims”), whether in contract, tort, indemnification, or negligence, shall be limited solely to the amount of the Aggrieved Party’s actual and direct damages, not to exceed the amount of fees paid by you to IRIS for the specific Service upon which the applicable claim(s) is/are based during the six (6) month period immediately prior to the date on which the cause of action accrued.  The foregoing limitations shall not apply to the extent that the Claims are caused by a Responsible Party’s willful or intentional misconduct, or gross negligence.  Similarly, a Responsible Party’s liability obligation shall be reduced to the extent that a Claim is caused by, or the result of, the Aggrieved Party’s willful or intentional misconduct, or gross negligence.

Each party (an “Indemnifying Party”) agrees to indemnify, defend and hold the other party (an “Indemnified Party”) harmless from and against any and all losses, damages, costs, expenses or liabilities, including reasonable attorneys’ fees, (collectively, “Damages”) that arise from, or are related to, the Indemnifying Party’s breach of the Services Agreement (including these Terms).  The Indemnified Party will have the right, but not the obligation, to control the intake, defense and disposition of any claim or cause of action for which indemnity may be sought under this section.  The Indemnifying Party shall be permitted to have counsel of its choosing participate in the defense of the applicable claim(s); however, (i) such counsel shall be retained at the Indemnifying Party’s sole cost, and (ii) the Indemnified Party’s counsel shall be the ultimate determiner of the strategy and defense of the claim(s) for which indemnity is provided.  No claim for which indemnity is sought by an Indemnified Party will be settled without the Indemnifying Party’s prior written consent, which shall not be unreasonably delayed or withheld.

• RESPONSE; REPORTING.
  1. Response. We warrant and represent that we will provide the Services, and respond to any notification received by us of any error, outage, alarm or alert pertaining to the System, in the manner and within the time period(s) designated in these Terms (“Response Time”), except for (i) those periods of time covered under the Onboarding Exception (defined below), or (ii) periods of delay caused by Client-Side Downtime (defined below) or Vendor-Side Downtime (defined below) or (iii) periods in which we are required to suspend the Services to protect the security or integrity of your System or our equipment or network, or (iv) delays caused by a force majeure event.
     1. Scheduled Downtime. For the purposes of these Terms, Scheduled Downtime will mean those hours, as determined by us but which will not occur between the hours of 9:00 AM and 5:00 PM CST (or CDT, as applicable), Monday through Friday without your authorization or unless exigent circumstances exist, during which time we will perform scheduled maintenance or adjustments to its network.  We will use our commercially reasonable efforts to provide you with at least twenty-four (24) hours of notice prior to scheduling Scheduled Downtime.
     2. Client-Side Downtime. We will not be responsible under any circumstances for any delays or deficiencies in the provision of, or access to, the Services to the extent that such delays or deficiencies are caused by your actions or omissions (“Client-Side Downtime”).

• Vendor-Side Downtime. We will not be responsible under any circumstances for any delays or deficiencies in the provision of, or access to, the Services to the extent that such delays or deficiencies are caused by third party service providers, third party licensors, or “upstream” service or product vendors.

1. Remedies; Limitations. Except for the Onboarding Exception, if we fail to meet our service level commitment in a given calendar month and if, under such circumstances, our failure is not due to your activities, omissions, or inactivity, then upon receiving your written request for credit, we will issue you a pro-rated credit in an amount equal to the period of time of the outage and/or service failure.  All requests for credit must be made by you no later than forty-five (45) days after you either (i) report the outage or service failure to us, or (ii) if applicable, receive a monthly report showing the outage and/or failure.  The remedies contained in this paragraph are in lieu of (and are to the exclusion of) any and all other remedies that might otherwise be available to you for our failure to meet any service level commitment during the term of the Services Agreement.
2. Onboarding Exception. You acknowledge and agree that for the first thirty (30) days following the Effective Date, the Response Time commitments described in these Terms will not apply to us, it being understood that there may be unanticipated downtime or delays due to our initial startup activities with you (the “Onboarding Exception”).

• CONFIDENTIALITY.
  1. For the purposes of these Terms, Confidential Information means any and all non-public information provided to us by you, including but not limited to your customer data, customer lists, internal documents, and related information.  Confidential Information will not include information that: (i) has become part of the public domain through no act or omission of IRIS, (ii) was developed independently by us, or (iii) is or was lawfully and independently provided to us prior to disclosure by you, from a third party who is not and was not subject to an obligation of confidentiality or otherwise prohibited from transmitting such information.
  2. We will keep your Confidential Information confidential, and will not use or disclose such information to any third party for any purpose except (i) as expressly authorized by you in writing, or (ii) as needed to fulfill our obligations under the Services Agreement (including these Terms).  If we are required to disclose the Confidential Information to any third party as described in part (ii) of the preceding sentence, then we will ensure that such third party is required, by written agreement, to keep the information confidential under terms that are at least as restrictive as those stated in this Section 9.
  3. Due Care. We will exercise the same degree of care with respect to the Confidential Information we receive from you as we normally take to safeguard and preserve our own confidential and proprietary information, which in all cases will be at least a commercially reasonable level of care.
  4. Compelled Disclosure. If we are legally compelled (whether by deposition, interrogatory, request for documents, subpoena, civil investigation, demand or similar process) to disclose any of the Confidential Information, we will immediately notify you in writing of such requirement so that you may seek a protective order or other appropriate remedy and/or waive our compliance with the provisions of this Section 9.  We will use our commercially reasonable efforts, at your expense, to obtain or assist you in obtaining any such protective order.  Failing the entry of a protective order or the receipt of a waiver hereunder, we may disclose, without liability hereunder, that portion (and only that portion) of the Confidential Information that we have been advised, by written opinion from our counsel, that we are legally compelled to disclose.

• ADDITIONAL TERMS; THIRD PARTY SERVICES.
  1. EULAs. Portions of the Services may require you to accept the terms of one or more third party end user license agreements (“EULAs”).  If the acceptance of a EULA is required in order to provide the Services to you, then you hereby grant us permission to accept the EULA on your behalf.  EULAs may contain service levels, warranties and/or liability limitations that are different than those contained in these Terms.  You agree to be bound by the terms of such EULAs, and will look only to the applicable third-party provider for the enforcement of the terms of such EULAs. If, while providing the Services, we are required to comply with a third-party EULA and the third-party EULA is modified or amended, we reserve the right to modify or amend the Services Agreement to ensure our continued compliance with the terms of the third-party EULA.
  2. Third Party Services. Portions of the Services may be acquired from, or rely upon the services of, third party manufacturers or providers, such as data hosting services, domain registration services, and data backup/recovery services (“Third Party Service”).  Not all Third Party Services may be expressly identified as such herein, and at all times we reserve the right to utilize the services of any third party provider or to change third party providers in our sole discretion as long as the change does not materially diminish the Services to be provided to you under the Services Agreement.  We will not be responsible, and will be held harmless by you, for the failure of any third-party provider or manufacturer to provide Third Party Services to IRIS or to you.
  3. Data Loss. Under no circumstances will we be responsible for any data lost, corrupted or rendered unreadable due to (i) communication and/or transmissions errors or related failures, (ii) equipment failures (including but not limited to silent hardware corruption-related issues), or (iii) our failure to backup or secure data from portions of the System that were not expressly designated in the Services Agreement or these Terms as requiring backup or recovery services. Unless expressly stated in these Terms, we do not warrant or guarantee that any maintained storage device or functionality, data backup device or functionality, or load balancing functionality will operate in an error-free manner.
  4. BYOD. You hereby represent and warrant that we are authorized to access all devices, peripherals and/or computer processing units, including mobile devices (such as notebook computers, smart phones and tablet computers) that are connected to the System, regardless of whether such device(s) are owned, leased or otherwise controlled by you.  IRIS will not be obligated to provide the Services to any mobile device or temporarily-connected device unless that obligation is specifically stated in the Services Agreement.  Further, unless otherwise expressly stated in the Services Agreement, devices will not receive or benefit from the Services while the devices are detached from, or unconnected to, the System.
  5. Additional Terms. Additional terms are attached hereto as Exhibit D.

• OWNERSHIP OF INTELLECTUAL PROPERTY.
  1. IRIS Intellectual Property. The parties acknowledge and agree that IRIS owns and shall retain sole ownership of (including all intellectual property rights in and to) IRIS’ concepts, ideas, models, know-how, software, methodologies, technologies, techniques and/or other intellectual property owned or licensed by IRIS that existed prior to and during or after the term of the Services Agreement (collectively, “IRIS IP”).  Client shall not have any interest or any license in any such IRIS IP, except to the extent specifically required in order for Client to receive the Services.
  2. Client Intellectual Property. The parties acknowledge and agree that Client owns and shall retain sole ownership of (including all intellectual property rights in and to) Client’s concepts, ideas, models, know-how, software, methodologies, technologies, techniques and/or other intellectual property owned or licensed by Client that existed prior to or during or after the term of the Services Agreement (collectively, “Client IP”).  IRIS shall not have any interest or any license in any such Client IP, except to the extent specifically required in order for IRIS To perform the Services.

Any dispute, claim or controversy arising from or related to the Services Agreement (including these Terms), including the determination of the scope or applicability of this agreement to arbitrate, shall be determined by arbitration before one arbitrator to be mutually agreed upon by the parties. The arbitration shall be administered and conducted by JAMS pursuant to its Streamlined Arbitration Rules and Procedures (the “Rules”).  In the event of any inconsistency between the Rules and the procedures set forth below, the procedures set forth below will control.  The arbitrator will be experienced in contract, intellectual property and information technology transactions.  If the parties cannot agree on an arbitrator within fifteen (15) days after a demand for arbitration is filed, JAMS shall select the arbitrator.  The arbitration shall take place in the venue described in Section 14(l), below. The arbitrator shall determine the scope of discovery in the matter, however, it is the intent of the parties that any discovery proceedings be limited to the specific issues in the applicable matter, and that discovery be tailored to fulfill that intent.  The cost of the arbitration shall be split evenly between the parties; however, the party prevailing in the arbitration shall be entitled to an award of its reasonable attorneys’ fees and costs.

• GENERAL RELATIONSHIP OF THE PARTIES.

IRIS, when providing the Services, is acting independently, as an independent contractor.  Any employee or other personnel that IRIS uses to perform the Services shall be deemed, at all times and for all purposes, employees or other personnel of IRIS and shall not be, and shall not be deemed to be, employees or other personnel of Client for any purpose.  Nothing in the Services Agreement (including these Terms) is intended to constitute, and nothing in the Services Agreement (including these Terms) shall be deemed to constitute, a partnership, agency, franchise or joint venture relationship between the parties.

• MISCELLANEOUS.
  1. You warrant and represent that you know of no law or regulation governing your business that would impede or restrict our provision of the Services, or that would require us to register with, or report our provision of the Services (or the results thereof), to any government or regulatory authority.  Similarly, you represent that your business is not subject to the provisions of the Federal Acquisition Regulation (FAR), or any similar regulatory acquisition process or procedure.  You agree to promptly notify us if you become subject to any of the foregoing which, in our discretion, may require a modification to the scope or pricing of the Services.
  2. The Services Agreement may not be assigned or transferred by a party without the prior written consent of the other party.  The Services Agreement (including these Terms) will be binding upon and inure to the benefit of the parties hereto, their legal representatives, and permitted successors and assigns. Notwithstanding the foregoing, we may assign our rights and obligations hereunder to a successor in ownership in connection with any merger, consolidation, or sale of substantially all of the assets of our business, or any other transaction in which ownership of more than fifty percent (50%) of our voting securities are transferred; provided, however, that such assignee expressly assumes our obligations hereunder.
  3. Amendment. Unless otherwise expressly permitted under these Terms, no amendment or modification of the Services Agreement or these Terms will be valid or binding upon the parties unless such amendment or modification is originated in writing by IRIS, specifically refers to the Services Agreement and/or these Terms, and is accepted in writing by one of your Authorized Contacts.
  4. Time Limitations. The parties mutually agree that, unless otherwise prohibited by law, any action for any matter arising out of the Services Agreement or these Terms (except for issues of nonpayment by Client) must be commenced within six (6) months after the cause of action accrues or the action is forever barred.
  5. Severability. If any provision of the Services Agreement or these Terms is declared invalid by a court of competent jurisdiction, such provision will be ineffective only to the extent of such invalidity, illegibility or unenforceability so that the remainder of that provision and all remaining provisions of the Services Agreement and these Terms will be valid and enforceable to the fullest extent permitted by applicable law.
  6. No Waiver. The failure of either party to enforce or insist upon compliance with any of the terms and conditions of the Services Agreement (including these Terms), the temporary or recurring waiver of any term or condition of the Services Agreement (including these Terms), or the granting of an extension of the time for performance, will not constitute a waiver of such terms with respect to any other occurrences.
  7. These Terms, together with the Services Agreement, sets forth the entire understanding of the parties and supersedes any and all prior agreements, arrangements or understandings related to the Services, and no representation, promise, inducement or statement of intention has been made by either party which is not embodied herein.  Any document that is not expressly and specifically incorporated into the Services Agreement or these Terms will act only to provide illustrations or descriptions of Services to be provided and will not modify the Services Agreement or these Terms or provide binding contractual language between the parties.  We will not be bound by any of our agents’ or employees’ representations, promises or inducements if they are not explicitly set forth in the Services Agreement or these Terms.
  8. Force Majeure. IRIS will not be liable for delays or failures to perform its obligations under the Services Agreement (including these Terms) because of circumstances beyond its control.  Such circumstances include, but will not be limited to, any intentional or negligent act committed by you, or any acts or omissions of any governmental authority, natural disaster, act of a public enemy, acts of terrorism, riot, sabotage, disputes or differences with workmen, power failure, communications delays/outages, delays in transportation or deliveries of supplies or materials, cyberwarfare, cyberterrorism, or hacking, malware or virus-related incidents that circumvent then-current anti-virus or anti-malware software, acts of God and any pandemic, epidemic or public health crisis (including any quarantine, “stay at home” or other similar law, order, directive, guideline or recommendation of any governmental entity in connection with any such pandemic, epidemic or public health crisis).
  9. Non-Solicitation. You acknowledge and agree that during the term of the Services Agreement and for a period of one (1) year following the termination of the Services Agreement, you will not, individually or in conjunction with others, directly or indirectly solicit, induce or influence any of IRIS’ employees or subcontractors to discontinue or reduce the scope of their business relationship with IRIS, or recruit, solicit or otherwise influence any employee or agent of IRIS to discontinue such employment or agency relationship with IRIS. In the event that you violate the terms of the restrictive covenants in this Section 14(i), you acknowledge and agree that the damages to IRIS would be difficult or impracticable to determine, and you agree that in such event you will pay IRIS as liquidated damages and not as a penalty an amount equal to one hundred percent (100%) percent of that employee or subcontractor’s first year of base salary with you (including any signing bonus).  In addition to and without limitation of the foregoing, any solicitation or attempted solicitation for employment directed to any of our employees by you will be deemed to be a material breach of the Services Agreement and these Terms, in which event we shall have the right, but not the obligation, to terminate the Services Agreement immediately For Cause.
  10. The provisions contained in the Services Agreement and these Terms that by their context are intended to survive termination or expiration of the Services Agreement will survive.  If any provision in the Services Agreement or these Terms is deemed unenforceable by operation of law, then that provision shall be excised from the Services Agreement or these Terms, as applicable, and the balance of the Services Agreement and these Terms shall be enforced in full.
  11. IRIS and you will each maintain, at each party’s own expense, all insurance reasonably required in connection with the Services Agreement, including but not limited to, workers compensation and general liability.  We agree to maintain a general liability policy with a limit not less than $1,000,000 per occurrence.  All of the insurance policies described herein will not be canceled, materially changed or renewal refused until at least thirty (30) calendar days written notice has been given to the other party by certified mail.
  12. Governing Law; Venue. The Services Agreement (including these Terms) will be governed by, and construed according to, the laws of the state of North Carolina.  You hereby irrevocably consent to the exclusive jurisdiction and venue of the state courts in Mecklenburg County, North Carolina, for any and all claims and causes of action arising from or related to the Services Agreement (including these Terms).
  13. No Third-Party Beneficiaries. The Parties have entered into the Services Agreement solely for their own benefit.  They intend no third party to be able to rely upon or enforce the Services Agreement or any part of the Services Agreement (including these Terms).
  14. Usage in Trade. It is understood and agreed that no usage of trade or other regular practice or method of dealing between the Parties to the Services Agreement will be used to modify, interpret, supplement, or alter in any manner the terms of the Services Agreement or these Terms.
  15. Business Day. If any time period set forth in the Services Agreement or these Terms expires on a day other than a business day in Mecklenburg County, North Carolina, such period will be extended to and through the next succeeding business day in Mecklenburg County, North Carolina.
  16. Notices; Writing Requirement. Where notice is required to be provided to a party under the Services Agreement, such notice may be sent by U.S. mail, overnight courier, fax or email as follows: notice will be deemed delivered three (3) business days after being deposited in the United States Mail, first class mail, certified or return receipt requested, postage prepaid, or one (1) day following delivery when sent by FedEx or other overnight courier, or one (1) day after notice is delivered by fax or email.  Notice sent by email will be sufficient only if (i) the sender emails the notice to the last known email address of the recipient, and (ii) the sender includes itself in the “cc” portion of the email and preserves the email until such time that it is acknowledged by the recipient.  Notwithstanding the foregoing, any notice from you to IRIS regarding (a) any alleged breach of the Services Agreement or these Terms by IRIS, or (b) any request for indemnification, or (c) any notice of termination of the Services Agreement, must be delivered to IRIS either by U.S. mail or fax, unless such requirement is expressly and specifically waived by IRIS.  All electronic documents and communications between the parties will satisfy any “writing” requirement under the Services Agreement and these Terms.
  17. Generally, we do not utilize subcontractors; however, should we elect to subcontract a portion of the Services, we will guarantee all work performed by any IRIS-designated subcontractor as if we performed the subcontracted work ourselves.
  18. Data Access/Storage. Depending on the Service provided, a portion of your data may occasionally be accessed or stored on secure servers located outside of the United States.  You agree to notify us if your company requires us to modify our standard access or storage procedures.

End of General Terms and Conditions of Service

Exhibit A

Out-of-Scope Labor Rates; Excluded Services

Work Type
Fractional CIO Consulting – Director Level of Higher	$200/hr.
Advanced IT Consulting – Manager Level Technician	$185/hr.
Standard IT Consulting – Senior Technician	$150/hr.
After-Hours work & Holiday Rate (If covered asset, rate is in excess of Service Agreement.  If non-covered asset or out-of-scope work, amount is in addition to standard billing rates above.)	$50/hr.

The following services are not included within the Services and will be subject to the hourly rates descried on this Exhibit A:

1. Customization of third-party applications.
2. Support for operating systems, applications, or hardware this is out of warranty and/or no longer supported by the manufacturer.
3. Data/voice wiring or cabling services of any kind.
4. Equipment relocation.
5. The cost to bring the System up to the Minimum Requirements.
6. The cost of repairs to hardware or any supported equipment or software, or the costs to acquire parts or equipment, or shipping charges of any kind.
7. Failure due to acts of God, building modifications, power failures, acts of terror, sabotage (intentional or otherwise), or other adverse environmental conditions or factors.
8. Service and repair made necessary by the alteration or modification of equipment other than that authorized by IRIS, including alterations, software installations or modifications of equipment made by Client’s employees or anyone other than IRIS.
9. Maintenance of application software packages, whether acquired from IRIS or any other source.
10. Training services of any kind, except those explicitly requested by Client by selecting one of IRIS’ training subscription service add-ons.
11. Consumables such as printer maintenance kits, toner, ink, batteries, paper, etc. are not included or covered under the Services Agreement and will be invoiced separately.
12. Implementation of new technologies, relocations, website updates, and application development.
13. IMACS (installations, moves, adds and changes) initiated by Client to include change of ISP for phones and/or internet, new hardware or software packages not initially included during on boarding. These would be considered Client made changes that may include billable time.

The foregoing list is illustrative only and is not intended to be a complete list of out-of-scope services.

Exhibit B

Assumptions / Minimum Requirements

The scheduling, fees and provision of the Services are based upon the following assumptions and minimum requirements:

1. All Servers with Microsoft Windows Operating Systems must be running versions currently supported by Microsoft, and have all of the latest Microsoft Service Packs and Critical Updates installed.
2. All Desktop PC’s and Notebooks/Laptops with Microsoft Windows Operating Systems must be running Windows 10 or later, and have all of the latest Microsoft Service Packs and Critical Updates installed.
3. All Server and Desktop Software must be Genuine, Licensed and Vendor-Supported.
4. The environment must have a currently licensed, up-to-date Antivirus Solution protecting all Servers, Desktops, Notebooks/Laptops, and Email
5. The environment must have a currently licensed backup solution that can be monitored, and send notifications on job failures and successes that is in line with IRIS Solutions’ standards.
6. The environment must have a hardware firewall between the Internal Network and the Internet that is in line with IRIS Solutions’ standards.
7. Client must not affix or install any accessory, addition, upgrade, equipment or device on to the firewall or NAS appliances (other than electronic data) unless expressly approved in writing by us.
8. A current and correct list of user passwords to provide to us.
9. Client must provide us with exclusive administrative privileges on the firewall and NAS appliances.
10. Client agrees to maintain “high speed Internet” with a static IP address and a minimum of 10 megabytes per second (“Mbps”) download and 2 Mbps upload. If client does not maintain minimum bandwidth, IRIS Solutions will not be able to manage client network and cannot be held responsible for service.

Exhibit C

Service Levels

Trouble / Severity	Managed Service Plan*	A La Carte / Services not Covered by a Plan
Priority 1 – Critical problem:  Service not available (all users and functions unavailable)	Response within fifteen (15) minutes after notification	Best efforts
Priority 2 – Significant degradation of service (large number of users or business critical functions affected)	Response within one (1) hour after notification	Best efforts
Priority 3 – Limited degradation of service (limited number of users or functions affected, business process can continue)	Response within two (2) business hours after notification	Best efforts

 

*All time frames are calculated as of the time that IRIS is notified of the applicable issue / problem by Client through IRIS’ designated support portal, help desk email at support@www.irissol.com, or by telephone at 704-523-3877 during our standard business hours of 7:30am-5:00pm, Monday- Friday. Notifications received in any manner other than described herein may result in a delay in the provision of remediation efforts.

Exhibit D

Additional Terms

Remediation.

Unless otherwise expressly provided in the Services Agreement, remediation services will be provided in accordance with the recommended practices of the managed services industry.  Client understands and agrees that remediation services are not intended to be, and will not be, a warranty or guarantee of the functionality of any particular device, or a service plan for the repair of any particular managed hardware or software.

Monitoring Services; Alert Services.

Unless otherwise expressly indicated in the Services Agreement, all monitoring and alert-type services are limited to detection and notification functionalities only.  These functionalities are guided by Client-designated policies, which may be modified by Client as necessary or desired from time to time.  Initially, the policies will be set to a baseline standard as determined by IRIS; however, Client is advised to establish and/or modify the policies that correspond to Client’s specific monitoring and notification needs. Client shall not modify these policies without sending a 72-hour advanced written notification to IRIS.

Modification of System.

The Services rely upon physical and virtual configurations of the System as known to, and (if applicable) determined by, IRIS. Changes made to the System without our prior authorization or knowledge may have a substantial, negative impact on the provision and effectiveness of the Services. Client agrees to refrain from moving, modifying, or otherwise altering any portion of the System without our prior knowledge and consent.  For the purposes of illustration, Client shall not add or remove hardware from the System, install applications on the System, or modify the configuration or log files of the System without IRIS’ prior knowledge and, on each occasion, written consent.

Anti-Virus; Anti-Malware.

IRIS’ anti-virus / anti-malware solution will generally protect the Client’s system from becoming infected with new viruses and malware (“Viruses”); however, Viruses that exist on the Client’s system at the time that the security solution is implemented may not be capable of being removed without additional services, for which a charge may be incurred.

You understand and agree that no security solution is one hundred percent effective, and any security paradigm may be circumvented and/or rendered ineffective by certain Viruses or malware, such as ransomware or rootkits, that were previously unknown to the manufacturers of the software solution, and/or which are purposely or intentionally downloaded or installed onto your System.  You are strongly advised to refrain from downloading files that are sent by unknown users, and/or users or files whose origination cannot be verified.  IRIS does not warrant or guarantee that all Viruses and malware will be capable of being avoided or removed, or that all forms of Viruses and malware will be timely detected or removed, or that any data corrupted or encrypted by Viruses or malware will be recoverable.

In order to improve security awareness, you agree that IRIS or its designated third-party affiliate may transfer information about the results of processed files, information used for URL reputation determination, security risk tracking, and statistics for protection against spam and malware. Any information obtained in this manner does not and will not contain any personal or confidential information.

Hosted Exchange / Email.

Client is solely responsible for the security, confidentiality and integrity of all email, and the content of all email, received, transmitted or stored through the hosted email service (“Hosted Email”).

Client shall not upload, post, transmit or distribute (or permit any of its authorized users of the Hosted Email to upload, post, transmit or distribute) any prohibited content, which is generally content that (i) is obscene, illegal, or intended to advocate or induce the violation of any law, rule or regulation, or (ii) violates the intellectual property rights or privacy rights of any third party, or (iii) mischaracterizes you, and/or is intended to create a false identity or to otherwise attempt to mislead any person as to the identity or origin of any communication, or (iv)  interferes or disrupts the services provided by IRIS or the services of any third party, or (v) contains Viruses, trojan horses or any other malicious code or programs.

In addition, Client shall not use the Hosted Email for the purpose of sending unsolicited commercial electronic messages (“SPAM”) in violation of any federal or state law.

IRIS reserves the right, but not the obligation, to suspend Client’s access to the Hosted Email and/or all transactions occurring under Client’s Hosted Email account if IRIS believes, in its discretion, that Client’s email account is being used in an improper or illegal manner.

SPAM / Junk Mail Filtering.

IRIS’ service provides email scanning for incoming unsolicited commercial email.  Using proprietary algorithms and other technologies, the service scans incoming email for designated keywords, attachments and known blacklisted sites, and filters the email accordingly.  From time to time the service may filter email that is not SPAM or junk mail, or may block email from legitimate sources.  Client is advised to periodically search the filtered email folder to ensure that relevant emails are not being filtered improperly, and will notify IRIS in the event that the SPAM filter settings require adjustment.

VoIP / Phone System.

The VoIP Service (“VoIP Service”) does not support traditional 911 or E911 access to emergency services in all locations.  The 911 dialing feature of the VoIP Service is not automatic; Client must take affirmative steps to register the address where the VoIP Service will be used in order to activate the 911 Dialing feature.  Client understands that Client must inform any users of the VoIP Service of the non-availability of traditional 911 or E911.

When a VoIP calling device is registered in a particular location, it cannot be moved without re-registering the device in the new location.  Client agrees that it will not move any VoIP calling device without IRIS’ written consent.  Client shall hold IRIS harmless for any and all claims or causes of action arising from or related to Client’s inability to use traditional 911 or E911 services.

When an emergency call is made, one or more third parties use the address of Client’s registered location to determine the nearest emergency response location, and then the call is forwarded to a general number at that location. When the emergency location receives Client’s call, the operator will not have Client’s address and may not have Client’s phone number. Client understands and agrees that users of the VoIP System must provide their address and phone number in order to get help. Client hereby authorizes IRIS to disclose Client’s name and address to third-party service providers, including, without limitation, call routers, call centers and public service answering points, for the purpose of dispatching emergency services personnel to Client’s registered location.

Client understands and agrees that 911 dialing does not and will not function in the event of a power failure or disruption.  Similarly, the hosted VoIP Services will not operate (i) during service outages or suspensions or terminations of service by Client’s broadband provider or ISP, or (ii) during periods of time in which Client’s ISP or broadband provider blocks the ports over which the VoIP Services are provided.  Client further understands and agrees that 911 Dialing will not function if Client changes its telephone number, or if Client adds or ports new telephone numbers to Client’s account, unless and until Client successfully register its location of use for each changed, newly added or newly ported telephone number.

Patch Management.

IRIS shall keep all managed equipment and software current with critical patches and updates (“Patches”) as such Patches are released generally by the manufacturers of the applicable hardware or software.  Patches and updates are developed by third-party vendors and, on rare occasions, may make the System, or portions of the System, unstable, or cause the managed equipment or software to fail to operate properly even when the Patches are installed correctly.  IRIS shall not be responsible for any downtime or losses arising from or related to the installation or use of any Patch.  IRIS reserves the right, but not the obligation, to refrain from installing a Patch if IRIS is aware of technical problems caused by a Patch, or believes that a Patch may render the System, or any portion of the System, unstable.

Backup (BDR) Services.

IRIS’ backup and disaster recovery (“BDR”) solution uses industry-recognized products and software to help ensure the security and integrity of Client’s data.  However, Client understands and agrees that all data transmitted over the Internet may be subject to malware and computer contaminants such as viruses, worms and trojan horses, as well as attempts by unauthorized users, such as hackers, to access or damage Client’s data.  Neither IRIS nor its designated affiliates will be responsible for the outcome or results of such activities. Data backup and recovery time will depend on the speed and reliability of Client’s Internet connection.

BDR services require a reliable, always-connected Internet solution.  Internet and telecommunications outages will prevent the BDR services from operating correctly.  In addition, all computer hardware is prone to failure due to equipment malfunction, telecommunication-related issues, etc., for which IRIS shall be held harmless.  Client is strongly advised to use data verification functionality (if available) to ensure the integrity of Client’s stored data.  Client is further advised to take all verification errors seriously, and agrees to contact IRIS immediately if verification errors are repetitive and/or cannot be remedied.

Due to technology limitations, all computer hardware, including communications equipment, network servers and related equipment, has an error transaction rate that can be minimized, but not eliminated.  As such, Client understands and agrees that any data sent to or stored by IRIS may become corrupted or lost due to communication or hardware-related failures.  IRIS cannot and does not warrant that such data corruption or loss will be avoided, and Client agrees that IRIS shall be held harmless if such data corruption or loss occurs.

Unless otherwise expressly stated in the Services Agreement, BDR services do not permit archiving or retrieval of prior document or file versions; only the latest version of a stored document or file is recoverable.

Procurement.

Equipment and software procured by IRIS on Client’s behalf (“Procured Equipment”) may be covered by one or more manufacturer warranties, which will be passed through to Client to the greatest extent possible.  By procuring equipment or software for Client, IRIS does not make any warranties or representations regarding the quality, integrity or usefulness of the Procured Equipment.  Certain equipment or software, once purchased, may be not be returnable or, in certain cases, may be subject to third party return policies and/or re-stocking fees, all of which shall be Client’s responsibility in the event that a return of the Procured Equipment is requested.

IRIS is not a warranty service or repair center.  IRIS will facilitate the return or warranty repair of Procured Equipment; however, Client understands and agrees that the return or warranty repair of Procured Equipment is governed by the terms of the warranties (if any) governing the applicable Procured Equipment, for which IRIS shall be held harmless.

Technology Business Review; IT Strategic Planning.

Suggestions and advice rendered to Client are provided in accordance with relevant industry practices, based on Client’s specific needs.  By suggesting a particular service or solution, IRIS is not endorsing any particular manufacturer or service provider.  IRIS is not a warranty service or repair center, and does not warrant or guaranty the performance of any third-party service or solution.

Virtual CTO or CIO Services.

The advice and suggestions provided by the VCIO will be for Client’s informational and/or educational purposes only.  The VCIO will not hold an actual director or officer position with Client, and the VCIO will neither hold nor maintain any fiduciary realtionship or position with Client.  Under no circumstances shall Client list or place the VCIO on Client’s corporate records or accounts.  At all times the VCIO will be an independent contractor of Client.

Diagnostic / Auditing Services.

Any diagnostic or auditing services performed by IRIS may require IRIS to install a small amount of code (“Diagnostic Code”) on one or more of the devices attached to the System.  The Diagnostic Code is deleted in its entirety after the testing process concludes.  Although our diagnostic tools may have access to, and report on the existence of, personal information and/or personal data on the diagnosed System, IRIS does not review or copied such information at any time during the testing process. No files will be erased, modified, opened, reviewed or copied at any time during the testing process.  The Diagnostic Code will not install or create any disabling device, or any backdoor or hidden entryway into the System.  The results of the diagnostic testing will be kept confidential by IRIS.

You grant IRIS permission to access the System for the purpose of conducting the diagnostic testing, and agree to hold IRIS harmless from and against any and all incidents or damages that  may occur during or as a result of the testing process, regardless of the cause of such damages including but not limited to data loss due to events beyond IRIS’ reasonable control, network or communication outages, and deficiencies or errors in any of hardware or equipment that may interrupt or terminate the diagnostic testing process.

The testing process is for diagnostic purposes only.  The process is not intended, and will not be used, to correct any problem or error in the System.  IRIS does not warrant or represent that the testing process will result in any particular outcome, or that any particular issue, hardware or software configuration will be correctly detected or identified.

Sample Policies, Procedures.

From time to time, IRIS may provide Client with sample (i.e., template) policies and procedures for use in connection with Client’s business (“Sample Policies”).  The Sample Policies are for Client’s informational use only, and do not constitute or comprise legal or professional advice.  The Sample Policies are not intended to be a substitute for the advice of competent counsel.  Client should seek the advice of competent legal counsel prior to using the Sample Policies, in part or in whole, in any transaction.  IRIS does not warrant or guarantee that the Sample Policies are complete, accurate, or suitable for Client’s specific needs, or that Client will reduce or avoid liability by utilizing the Sample Policies in its business operations.

Penetration Testing; Vulnerability Assessment.

Client understands and agrees that security devices, alarms or other security measures, both physical and virtual, may be tripped or activated during the penetration testing process, despite IRIS’ efforts to avoid such occurrences.  Client shall be responsible for notifying any monitoring company and all law enforcement authorities of the potential for “false alarms” due to the provision of the penetration testing services, and shall take all steps necessary to ensure that false alarms are not reported or treated as “real alarms” or credible threats against any person, place or property.  Some alarms and advanced security measures, when activated, may cause the partial or complete shutdown of the Client’s System, causing substantial downtime and/or delay to Client’s business activities.  IRIS shall not be responsible for, and shall be held harmless and indemnified by Client against, any claims, costs, fees or expenses incurred by Client that arise or result from (i) any response to the penetration testing services by any monitoring company or law enforcement authorities, or (ii) the partial or complete shutdown of Client’s System by any alarm or security monitoring device.

Client shall use all IRIS-hosted equipment and hardware (collectively, “Infrastructure”) for Client’s internal business purposes only.  Client shall not sublease, sublicense, rent or otherwise make the Infrastructure available to any third party without IRIS’ prior written consent.  Client agrees to refrain from using the Infrastructure in a manner that unreasonably or materially interferes with IRIS’ other hosted equipment or hardware, or in a manner that disrupts or which is likely to disrupt the services that IRIS provides to its other clientele.  Notwithstanding any provision to the contrary, IRIS reserves the right to throttle or suspend Client’s access and/or use of the Infrastructure if IRIS believes, in its sole but reasonable judgment, that Client’s use of the Infrastructure is violating, or is likely to violate, the foregoing terms or any other provision of the Services Agreement or these Terms.

Data Replication.

The rate by which the data at your primary site can be transferred to our designated cloud-based servers will vary depending on the amount and type of data, constraints inherent in your network, and fluctuations in bandwidth availability.  Therefore, at any given time, the secondary site may not be completely up to date.  In the event of a failover to the secondary site, the data that has not yet completed the transfer from the primary site will be lost.  IRIS may provide Client with some guidelines on latency times based on its understanding of Client’s data and system constraints, but these guidelines are not guarantees.

Unsupported Configuration Elements or Services.

If Client requests a configuration element (hardware or software) or hosting service in a manner that is not customary at IRIS, or that is in “end of life” or “end of support” status, IRIS may designate the element or service as “unsupported,” “non-standard,” “best efforts,” “reasonable endeavor,” “one-off,” “EOL,”  “end of support,” or with like term in the service description (an “Unsupported Service”).    IRIS makes no representation or warranty whatsoever regarding any Unsupported Service, and Client agrees that IRIS will not be liable to Client for any loss or damage arising from the provision of an Unsupported Service.  Deployment and service level guarantees shall not apply to any Unsupported Service.