THIS MASTER SUBSCRIPTION AGREEMENT (the “Agreement”), dated effective as of Customer’s Activation Date, between Metropolitan Risk Services, Inc., a New York corporation (“Metropolitan”), and the customer whose name and contact information is set forth on the Customer Subscription Page (“Customer”).
BY EXECUTING THE CUSTOMER SIGNATURE PAGE, CUSTOMER AND CUSTOMER’S AUTHORIZED USERS AGREE TO THE TERMS OF THIS AGREEMENT. THE INDIVIDUAL ENTERING INTO THIS AGREEMENT ON BEHALF OF THE CUSTOMER REPRESENTS THAT SUCH INDIVIDUAL HAS THE AUTHORITY TO BIND THE CUSTOMER, CUSTOMER’S AFFILIATES AND CUSTOMER’S AUTHORIZED USERS TO THE TERMS AND CONDITIONS OF THIS AGREEMENT.
In consideration of the mutual covenants and agreements contained herein, Customer , and Customer’s Authorized Users, agree as follows:
1.1. Affiliate” means any entity that directly or indirectly controls, is controlled by, or is under common control with the Customer. “Control” for purposes of this definition, means direct or indirect ownership or control of more than 50% of the voting interests of the subject entity.
1.2. “Activation Date” means the date that Metropolitan countersigns the Customer Invoice Subscription Page.
1.3. “Add-on Products” means separately priced, optional add-on software, Software features, products or services, including Risk Rocket and Comp Care Advisory Services, that are offered as part of the Metropolitan Service.
1.4. “Administrator User” means Customer’s primary contact person with Metropolitan identified on Appendix A, who has full access to the Software and has the right and ability to control access for all other Authorized Users (i.e., can grant or restrict Software access for other Authorized Users).
1.5. “Authorized User” means any person that Customer allows to have access to the Software and Customer’s account, including Customer’s employees and staff and any third parties that Customer allows to view or use the Metropolitan Service.
1.6. “Confidential Information” means all proprietary and confidential information exchanged by the parties or to which access is provided by one Party to the other, including the Software, trade secrets; the substantive terms of this Agreement; a party’s non-public business and financial information, including without limitation Customer Data; any written materials marked as confidential and any other information, including visual or oral information, which reasonably should be understood to be confidential. Confidential Information does not include information that the receiving party can prove: (a) is now or later becomes generally available to the public without fault of the receiving party; (b) was rightfully in the receiving party’s possession prior to its disclosure by the disclosing party; (c) is independently developed by the receiving party without the use of any Confidential Information of the disclosing party; or (d) is obtained by the receiving party without obligation of confidentiality from a third party who has the right to disclose it. The receiving party may disclose Confidential Information to the extent required under a judicial or legislative order or proceeding; provided that the receiving party gives the disclosing party, if feasible, prior notice and an opportunity to respond or object to such disclosure.
1.7. “Customer “ means only the entity listed on the Customer Subscription Page. Should additional entities need to be contemplated by this agreement they can be added by specific written request as an addendum to the “Master Subscription Agreement”
1.7.1 “Customer Data” means all information and data input by Customer and its Authorized Users into the Software, including all data associated with and/or provided by Customer and its Customers.
1.8. “Data Import” means use of the Software’s data import tool; specifically, use of the Metropolitan system to import data.
1.9. “Documentation” means the user instructions and/or user manual for the Metropolitan Service, which are in electronic format and shall be made available to Customer during the term of this Agreement.
1.10. “Hosted Website” means a website that allows Customer’s Customers to login online and manage their Accounts.
1.11. “Malicious Code” means code, files, script, agents or programs intended to harm, including, for example, viruses, worms, time bombs and Trojan horses.
1.12. “Metropolitan Service” means Metropolitan’s O.O.D.A. Risk System and any Add-on Products added by Customer at any time during the term of this Agreement. The specific Add-on Products to be provided to Customer as part of the Metropolitan Service shall be specified in customer subscription forming a part of this Agreement.
1.13. “Modifications” means bug fixes, updates, upgrades, enhancements, new versions, and other modifications to the Software and Metropolitan Service that are provided by Metropolitan to Metropolitan’s Customer base.
1.14. “Software” means Metropolitan’s computer software that Customer is licensed to access and use as part of the Metropolitan Service, including all systems, modules, web pages, websites, databases, software code, technology, etc., provided by Metropolitan or pursuant to licenses granted to Metropolitan. “Software” includes all Modifications to such Software, and all Documentation and updates thereof.
2. LICENSE OF METROPOLITAN SERVICE AND SOFTWARE.
2.1. Metropolitan Service. Metropolitan grants Customer the non-exclusive right and license to access and use the Metropolitan Service, including the Software, subject to the terms and conditions of this Agreement. Metropolitan will make the Metropolitan Service available for Customer to access during the term of this Agreement, subject to the terms and limitations set forth herein. The Metropolitan Service may be hosted on Metropolitan’s servers or, at Metropolitan’s option, on the servers of a third party that is in the business of hosting web-based applications. Metropolitan hereby grants to Customer, for the internal use of Customer only, a personal, non-transferable and non-exclusive license to use the Documentation provided hereunder to support its authorized use of the Metropolitan Service. During the term of this Agreement, Customer may add available additional products or services to the Metropolitan Service by issuing an Order Form for the available additional products or services.
2.2. Access and URL. During the term of this Agreement, provided that Customer has paid all fees due and owing and is in compliance with the terms of this Agreement, Customer and its Authorized Users shall have the right to and will be able to access the Metropolitan Service and use the Software.
2.3. Authorized Users. Authorized Users are hereby granted a nonexclusive, non-transferable right to access and use the Metropolitan Service and Software pursuant to the license rights granted to the Customer under this Agreement. However, Metropolitan’s commitments, representations, and indemnities set forth in this Agreement apply only to Customer. The Software is made available to Authorized Users on an “AS IS” basis, and Metropolitan disclaims any and all liability to Authorized Users. An Authorized User’s right and license to use the Metropolitan Service and Software will terminate automatically (i) if this Agreement terminates for any reason, or (ii) if the Authorized User’s employment or engagement with Customer terminates for any reason. Customer or Metropolitan may also terminate an Authorized User’s rights under this Agreement at any time if the Authorized User breaches the terms of this Agreement.
2.4. Restrictions. Customer and its Authorized Users will comply with the following restrictions and limitations:
(a) not copy the content on the Metropolitan Service website or the Documentation, other than Customer Data;
(b) not modify, alter, create derivative works of, reverse engineer, decompile or disassemble the Software, or modify the Documentation;
(c) not sublicense, distribute or sell the Metropolitan Service or Software or its license thereto, or allow any third parties to use or access the Metropolitan Service or Software in a “service bureau” mode;
(d) comply with all applicable federal, state and local laws in connection with this Agreement and its use of the Metropolitan Service; and
(e) take all reasonable precautions to prevent Customer’s employees and consultants from making unauthorized copies of the Software or misusing the Software in any way that would constitute a breach of this Agreement.
If Customer discovers any such problems, it will promptly notify Metropolitan and take commercially reasonable actions to resolve the problem, including any actions reasonably requested by Metropolitan, as soon as reasonably possible.
2.5. Administrative User. Customer will assign one Authorized User to be its Administrative User. An authorized representative of Customer will notify Metropolitan of the name and contact information for the Administrative User, and any changes to such information. The Administrative User is given administrative access to Customer’s account on the Software and can grant or restrict Software access for other Authorized Users. The Administrative User is also the primary contact person for Customer with Metropolitan, and such person’s instructions and requests to Metropolitan will have priority over the instructions or requests of any other employee or representative of Customer.
3.1. Metropolitan Rights. Metropolitan retains all right, title and interest, including without limitation all patents and patent rights, trademarks, service marks, copyrights, trade secrets and other proprietary rights, in and to the Metropolitan Service, including the Software, Documentation and all content provided by Metropolitan as part of the Metropolitan Service, including any derivative works, subject to the licenses set forth in this Agreement. Metropolitan specifically reserves all rights not expressly granted to Customer in this Agreement.
3.2. Reservation of Rights. Subject to the limited rights expressly granted to Customer under this Agreement, Metropolitan and its licensors and content providers reserve all of Metropolitan’s and Metropolitan’s licensors’ right, title and interest in and to the Services and content, including all of Metropolitan’s and Metropolitan’s licensors’ related intellectual property rights. No rights are granted to Customer under this Agreement other than as expressly set forth in this Agreement.
3.3. Customer Data. Customer owns and shall retain all right, title and interest in and to Customer Data, subject to Metropolitan’s rights as set forth below. Metropolitan will use commercially reasonable efforts to safeguard the security, confidentiality and integrity of Customer Data. Customer grants Metropolitan the right to use, reproduce, modify and distribute Customer Data as necessary or appropriate to transmit, store, encrypt, calculate, and analyze the Customer Data, create and distribute reports, and to provide, modify and improve the Metropolitan Service and Software. To the extent permitted by applicable law, Customer also grants Metropolitan the right to share Customer Data with third parties in connection with Metropolitan’s general activities of conducting business, including providing Customer with possible solutions to their business needs, and developing and providing third party integrations with the Software. Metropolitan also has the right to collect, aggregate and remove all personally identifiable information from Customer Data, and to retain, use and disclose such de-identified data (the “De-Identified Data”) for benchmarking, product and service development, development of best practices, and for research and statistical purposes without reimbursement or notification to, or consent or authorization from, Customer. Metropolitan shall own only such De-Identified Data, including any calculations, functions, features, or other modifications of the Customer Data, excluding the Customer Data in its raw form.
Metropolitan shall exercise commercially reasonable care for the protection of personally identifiable information included in Customer Data processed by or stored pursuant to the Services and shall maintain reasonable data integrity safeguards against the deletion or alteration of such data, all in accordance with the safeguards and procedures identified in the Contract Documents. In the event that any such data is compromised, released, lost or destroyed, or there is any unauthorized intrusion into systems operated by Metropolitan adversely affecting Customer Data, then Metropolitan shall notify Customer within twenty-four (24) hours after Metropolitan’s discovery thereof and use commercially reasonable efforts to correct the matter. The parties acknowledge that such initial notice may be limited to the fact that a breach has occurred. Metropolitan will reasonably investigate any security breaches and keep Customer informed as material facts are discovered.
4. CUSTOMER OBLIGATIONS.
4.1. Obligations. Customer will:
(a) be responsible for its Authorized Users’ compliance with this Agreement;
(b) be responsible for the accuracy, quality and legality of Customer Data and of the means by which Customer acquired such data;
(c) use commercially reasonable efforts to prevent unauthorized access to or use of the Metropolitan Service, and notify Company promptly of any such unauthorized access or use;
(d) use the Metropolitan Service only in accordance with its Documentation and applicable laws and government regulations;
(e) not make the Metropolitan Service available to anyone other than Authorized Users,
(f) not use the Metropolitan Service to store or transmit infringing, libelous, or otherwise unlawful or tortious material, or to store or transmit material in violation of third-party privacy rights,
(g) not use the Metropolitan Service to store or transmit any Malicious Code,
(h) not interfere with or disrupt the integrity or performance of the Metropolitan Service or third party data contained therein,
(i) not attempt to gain unauthorized access to the Metropolitan Service or its related systems or networks,
(j) not permit direct or indirect access to or use of any Metropolitan Services in a way that circumvents usage limitations or use any Metropolitan intellectual property except as permitted under this Agreement;
(k) not copy a Metropolitan Service or any part, feature, function or user interface;
(l) not reverse engineer any Metropolitan Service or content to build a competitive product or service; and
(m) conduct itself, and require that its employees conduct themselves, in a professional manner during interactions with all Metropolitan personnel.
4.2. Usage Limitations. Metropolitan Services and content are subject to usage limits, including, for example, the quantities specified in Order Forms and Documentation. Unless otherwise specified, (a) a quantity in an Order Form refers to Authorized Users, and the Service or Content may not be accessed by more than that number of Authorized Users, (b) an Authorized User’s password may not be shared with any other individual, and (c) except as set forth in an Order Form, an Authorized User identification may only be reassigned to a new individual replacing one who will no longer use the Service or Content. If You exceed a contractual usage limit, Customer will execute an Order Form for additional quantities of the applicable Services or Content promptly upon Metropolitan’s request, and/or pay any invoice for excess usage in accordance with Section 6.2 (Invoicing and Payment).
4.3. Customer Security Requirements. Customer is solely responsible for the security of data residing on server(s) owned or operated by Customer or a third party designated by Customer (e.g., a web hosting company, processor, or other service provider), including being responsible for the security of all data residing outside of the Metropolitan Service, as well as keeping confidential all usernames and passwords of Authorized Users in order to avoid unauthorized access to the Metropolitan Service.
4.4. Metropolitan Security Requirements. Metropolitan will use commercially reasonable efforts to safeguard the security of the Metropolitan Service, including processes of encryption of data, data security breach and incident management policies, data backup policies and other procedures to ensure both the safety and security of the data residing in the Metropolitan Service. In compliance with PCI-DSS, Metropolitan is responsible for the security of cardholder data that resides on the Metropolitan Service. This includes securing cardholder data that is stored, processed, or transmitted on behalf of the Customer, to ensure the security of cardholder data and its environment.
5. TERMS OF PAYMENT.
5.1. Fees and Costs: All pricing and transactions between Metropolitan and Customer will be in U.S. Dollars. Customer is responsible for any and all fees incurred, in accordance with the Pricing Table and payment terms set forth in customer subscription page Metropolitan charges a separate price for Add-on Products. If Customer has selected one or more Add-on Products, the Pricing Table sets forth the fees for such Add-on Products. After the first anniversary of the Activation Date, the Pricing Table is subject to modification by Metropolitan from time to time, effective upon no less than thirty (30) days written notice to Customer, unless Customer and Metropolitan agree to lock in this Agreement and pricing for an additional set term as set forth in customer subscription page. All fees are non-refundable.
5.2. Billing Method. Customer will provide Metropolitan with valid and updated credit card information. Customer authorizes Metropolitan to charge such credit card for all Metropolitan Services listed in the customer subscription page. Such charges shall be made in advance, either annually or in accordance with any different billing frequency stated in the customer subscription page. If Metropolitan agrees to a payment method other than a credit card, Metropolitan will invoice Customer in advance and otherwise in accordance with the terms set forth in customer subscription page. Unless otherwise stated in “Customer Subscription Page”., invoiced charges are due net 30 days from the invoice date. Customer is responsible for providing complete and accurate billing and contact information to Metropolitan and notifying Metropolitan of any changes to such information.
5.3. Late Fees. If Customer’s account holds a balance due for a period of thirty days (30) days after the due date (which is the 1st day of each month), Customer’s account will be assessed a five percent (5%) late fee on the total outstanding balance on the account, with a minimum of $30.
5.4. Remedies for Nonpayment: If Customer’s account is not current then Metropolitan has the option and right to require payment on the account by partially or fully suspending and blocking Customer’s and its Authorized Users’ access to the Software until all past-due amounts are paid. Customer’s account may be assessed additional fees for blocking or unblocking the account due to late payment.
5.5. Payment Disputes. Metropolitan will not exercise its rights under Section 5.3 (Late Fees) or Section 5.4 (Remedies for Nonpayment) if Customer is disputing the applicable charges reasonably and in good faith and is cooperating diligently to resolve the dispute.
5.6. Taxes. Customer is responsible for all applicable taxes on the fees paid by Customer to Metropolitan, including, without limitation, any and all sales, use, value-added and personal property taxes, (excluding taxes on Metropolitan’s net income).
6. CONFIDENTIAL INFORMATION.
6.1. Except as otherwise expressly provided in this Agreement, Metropolitan and Customer each agrees that all Confidential Information communicated to it by the other, whether before or after the date hereof, will be and will be deemed to have been received in confidence and will be used only for purposes of each Party’s (i) carrying out the terms of this Agreement, (ii) in Customer’s case, using, managing, maintaining or replacing the System as its internal needs dictate, and (iii) as otherwise permitted by the Agreement.
6.2. Each of Metropolitan and Customer agrees to use the same means as it uses to protect its own confidential information, but in no event less than reasonable means, to prevent the unauthorized use or disclosure and to protect the confidentiality thereof. Except as otherwise permitted by the Agreement, no such information will be disclosed by the recipient party without the prior written consent of the other party; provided, however, that each party may disclose the other party’s confidential information to those of the recipient party’s employees, contractors, agents, attorneys, auditors, and insurers (if applicable) who have a need to have access to such information in connection with their employment (or engagement, if applicable) by the recipient party. The recipient party takes reasonable steps to require such individuals and entities to be bound confidentiality obligations no less restrictive than those required hereunder.
7. WARRANTIES AND LIMITATION OF LIABILITIES.
7.1. Customer Warranties. Customer represents and warrants that:
(a) Customer has the necessary right, power and authority to execute this Agreement and to perform Customer’s obligations herein;
(b) no authorization or approval from any third party is required in connection with Customer’s execution, delivery or performance of this Agreement;
(c) this Agreement constitutes a legal, valid and binding obligation of Customer, enforceable against Customer in accordance with its terms;
(d) Customer’s obligations under this Agreement do not violate any law or breach any other agreement to which Customer is bound;
(e) all representations and statements made by Customer in this Agreement, or in any other document relating hereto by Customer or on Customer’s behalf, are true, accurate and complete in all material respects; and
(f) Customer will comply, at its sole expense, with all laws, policies, guidelines, regulations, ordinances or rules applicable to Customer and this Agreement.
8. Metropolitan Warranties. Metropolitan represents and warrants that:
(a) Metropolitan has the necessary right, power and authority to execute this Agreement, to grant the rights herein granted to Customer and to perform Metropolitan’s obligations herein;
(b) no authorization or approval from any third party is required in connection with Metropolitan’s execution, delivery or performance of this Agreement;
(c) this Agreement constitutes a legal, valid and binding obligation of Metropolitan, enforceable against Metropolitan in accordance with its terms; and
(d) the Services shall be provided in a good workmanlike manner.
(e) the Services including the Software does not and will not contain any Malicious Code.
8.1. Limitation of Warranties; Disclaimers. Metropolitan uses diligent efforts to ensure that the Software and the Metropolitan Service are available, uninterrupted, and provide timely and secure functionality. However, Metropolitan does not warrant or guarantee that the Software or the Metropolitan Service will be uninterrupted, error-free, or free from any potential or actual security threats. Except as expressly set forth above in this Section and in any Add-on Products Addenda annexed to this Agreement, the Metropolitan Service and Software, and other services of Metropolitan, are provided to Customer and its Authorized Users on an “AS IS, AS AVAILABLE” basis. METROPOLITAN AND ITS LICENSORS SPECIFICALLY DISCLAIM ALL OTHER WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, INCLUDING WITH RESPECT TO MERCHANTABILITY, TITLE, NON-INFRINGEMENT OR FITNESS OF THE METROPOLITAN SERVICE OR SOFTWARE FOR ANY PARTICULAR PURPOSE OR INTENDED USE. METROPOLITAN MAKES NO WARRANTIES WHATSOEVER AND IS NOT LIABLE FOR ANY LOSS OR DAMAGE THAT MAY BE INCURRED BY CUSTOMER AS A RESULT OF USING ANY THIRD PARTY SERVICE OR SOFTWARE, EVEN IF LINKED TO OR INTEGRATED IN THE METROPOLITAN SERVICE OR SOFTWARE. Metropolitan is not responsible or liable for damage, malfunction, or performance failures resulting from misuse, physical abuse, improper operation, the environment or other causes beyond Metropolitan’s exclusive control. No employee of Metropolitan or any third party has the right to make any representation or warranty regarding the Metropolitan Service, except as expressly set forth in this Agreement.
Without limiting the foregoing, Metropolitan does not make any representation, warranty or guarantee as to the results that may be obtained from Customer’s use of the Metropolitan Service or Software or as to the accuracy or reliability of any information therein, or recommendations or information offered by any Metropolitan personnel. Customer expressly acknowledges and agrees that Customer’s use of the Metropolitan Service does not in any way guarantee the security or reliability of Customer’s website. Customer understands and agrees that Metropolitan shall bear no risk with respect to Customer’s sale, products or services, including without limitation, any risk associated with the security of Customer’s website, credit card fraud or chargebacks, or any risk associated with Customer’s failure to register with the appropriate governmental agencies or obtaining the appropriate licenses to conduct business, including charging interest, and finance charges, or any other regulatory requirements.
If Customer has selected Comp Care Risk Services as an Add-on Product, Metropolitan expressly disclaims (i) any warranties concerning the accuracy or collectability of the coverages identified in the certificates of insurance, policies or endorsements managed by Metropolitan under this Agreement, (ii) any liability due coverage gaps, uninsured claims, or any damages that may be incurred by Customer due to inadequate or uncollectible insurance for any reason; (iii) the accuracy and sufficiency of any information and data content provided to Metropolitan for or on behalf of Customer, and (iv) any liability for loss of Customer data as a result of any unauthorized use or access to the Risk Management System.
If Customer has selected Risk Rocket Services as an Add-on Product, Metropolitan expressly disclaims (i) any warranties concerning the accuracy or collectability of the coverage’s , reviewed, identified in the certificates of insurance, policies or endorsements managed by Metropolitan under this Agreement, (ii) any liability due coverage gaps, uninsured claims, or any damages that may be incurred by Customer due to inadequate or uncollectible insurance for any reason; (iii) the accuracy and sufficiency of any information and data content provided to Metropolitan for or on behalf of Customer, and (iv) any liability for loss of Customer data as a result of any unauthorized use or access to the Risk Management System.
Customer expressly agrees that Metropolitan shall not be liable for any loss or damages whatsoever arising from or caused by (i) Customer’s failure to properly download, activate, integrate or manage the Software; (ii) any fraudulent transactions processed through Customer’s payment gateway account(s); (iii) disruption of the Metropolitan Service; (iv) actions or inactions of any third party, including without limitation, merchant service providers, payment processors, bank URL support, email systems; or (v) any person’s unauthorized access to Customer Data (including credit card number and other personally identifiable information), transaction data or personal information.