This Cloud Services Agreement (the “Agreement”) is an agreement between the Company (as defined below, or “We,” “Us,” “Our”) and you, whether individually or on behalf of an entity, as applicable and identified in the Grant Letter (“Customer,” “You,” “Your,” or “Yourself”). Company and Customer may each be referred to in this Agreement as a “Party” or together as the “Parties.”
By accessing or using the Cloud Services, You agree to this Agreement on behalf of You and Users and You represent and warrant that You have full authority to bind You and Users to this Agreement. If You do not agree to this Agreement, You may not access or use the Cloud Services, and You must immediately notify Us to cancel the Cloud Services identified in the Grant Letter without accessing or using the Cloud Services. In the event You purchase from an Authorized Partner, the terms of this Agreement apply to Your use of the Cloud Services and prevail over any inconsistent provisions in Your agreement with such Authorized Partner.
If You are accepting this Agreement on behalf of another person or other legal entity, You represent and warrant that You have full authority to bind that person or legal entity to this Agreement. If You have not paid for a subscription to the Cloud Services, such services are deemed an Evaluation Product under Section 12.
Capitalized terms used in this Agreement have the meaning assigned to them in Section 15 or elsewhere in this Agreement. The interpretation clause in Section 16 sets out the rules of interpretation for this Agreement.
1.1 Right to Access and Use. Subject to the terms of this Agreement, We grant You a limited, revocable, nonexclusive, nontransferable, non-assignable, non-sublicensable worldwide right to access and use the Cloud Services described in the Grant Letter during the applicable Subscription Period solely for Your internal business purposes in accordance with the Agreement and the entitlements set out in the Grant Letter(s). Use of the Cloud Services depend on the types of subscriptions purchased (e.g., Users) and are subject to the Product Entitlement definitions on the applicable date of Your Grant Letter. You must have an active subscription to the Cloud Services in order to continue to receive access to the Cloud Services. User-based subscriptions may not be shared or used by more than one individual User but may be reassigned to new Users who are replacing former Users that have been terminated or otherwise no longer use the Cloud Services.
1.2 Affiliates. You may permit Affiliates to use the Cloud Services in accordance with this Agreement, provided that You are responsible and fully liable for each Affiliate’s compliance with this Agreement.
1.3 Access Software. If We provide Software to You to access the Cloud Services, You must access the Cloud Services with that Software. Such Software is provided to You subject to the EULA, which applies with respect to any Software. Such Software may include, without limitation, APIs, cloud connectors, key agents, integrators, and extensions that may be used to access or integrate with the Cloud Services. Any conflict or inconsistency between the EULA and this Agreement will be resolved in favor of the EULA if it relates to Software, and this Agreement as it relates to Cloud Services or other matters.
1.4 Developer Portal APIs Provided as a Service. You may use any APIs and instructions that We may make available through Our developer portal in accordance with this Agreement for integration of Our Cloud Services with non-Company applications for Your internal, non-commercial, non-production network environment use only, except as otherwise mutually agreed in writing. We have no responsibility, and You are wholly responsible for any API integration by You with non-Company applications or for any third parties processing of data sent via API at Your direction. APIs ARE PROVIDED "AS IS" WITH NO WARRANTY WHATSOEVER, EXPRESS, OR IMPLIED, INCLUDING THE IMPLIED WARRANTIES OF NONINFRINGEMENT, MERCHANTABILITY, AND FITNESS FOR A PARTICULAR PURPOSE, WHICH ARE HEREBY EXPRESSLY DISCLAIMED.
1.5 Managing Parties. If You enter into a contract for a third-party to manage Your information technology resources (“Managing Party”), You may authorize the Managing Party to use the Cloud Services on Your behalf, provided that:
1.6 Restrictions. You will not, and will not allow Users or any third parties to:
1.7 Right to Use Customer Data.
2.1 Access. You are responsible for all activity occurring under Your Cloud Services and Support accounts. You will provide Us with all information and assistance required to supply the Cloud Services or enable Your use of the Cloud Services. You will immediately notify Us of any unauthorized account use or other suspected security breach, or unauthorized use, copying or distribution of Cloud Services, Documentation or Customer Data.
2.2 System Administrator. As needed, You will provide Us contact information for Your system administrator, who is authorized to provide the information required to configure and manage the Cloud Services (“System Administrator”). Depending on the Cloud Services purchased, We may provide You with a confidential access code to the administration tool, which may only be accessed by the System Administrator.
2.3 Updated Information. You must provide current and complete Users’ information as necessary for Us to manage Your account.
We will provide Support to You in accordance with the applicable Service Schedule. The Support and/or any Support terms may be updated from time to time; however, provided that the updates do not materially reduce the level of performance, functionality, or availability of the Support during the Subscription Period.
4.1 Each Party must comply with applicable laws governing the collection, use and disclosure
of Personal Data and must obtain consents required with respect to the handling of Personal Data. Unless a separate written agreement has been executed between the Parties, Your use of the Cloud Services shall be deemed to be Your agreement to the Data Processing Agreement (“DPA”) as set out in full on Our website, available at https://www.trellix.com/en-us/assets/docs/legal/customer-data-processing-agreement.pdf. In the event of any conflict between the terms of the DPA and the Agreement, the terms of the DPA will take precedence.4.2 You grant Us a non-exclusive, irrevocable, worldwide, perpetual right and license to use,
reproduce and disclose Threat Data and deidentified material for improvement of products and services; research to enhance understanding of Malware, threats, and vulnerabilities; and to improve overall security. This includes without limitation compiling statistical and performance information and making such information publicly available. We retain all rights in Threat Data and aggregated and anonymized data.4.3 You agree that Company Products, Services, Software, hardware, appliances, or Support may
employ applications and tools to collect Customer Data. You agree that such collection of Customer Data may be necessary to provide You and End Users with the relevant functionalities. You may be required to uninstall, disable, or cease use of the above to stop further Customer Data collection, including under the circumstances described in Section 5 below. Your use of Company Products and Services is further subject to our Company Privacy Notice.4.4 You represent and warrant that You:
4.5 You have sole responsibility for the accuracy, quality, integrity, legality, reliability, and appropriateness of all Customer Data. The Cloud Services rely on Customer Data supplied by You, and We are not liable for the content of Customer Data. Except as required under applicable law, We do not assume any duty or obligation to correct or modify Customer Data. Except as provided in this Agreement, You retain all right, title, and interest in and to Customer Data.
4.6 Without prejudice to Sections 4.1 to 4.5 above, You are responsible and liable for: (a) any security vulnerabilities, and the consequences of such vulnerabilities, arising from Customer Data, including any Malware contained in the Customer Data; and (b) You and Users’ use of any Company Product in a manner that is inconsistent with this Agreement.
4.7 To the extent You disclose or transmit Customer Data to a third-party, We are no longer responsible for the security, integrity, or confidentiality of such content outside of Our control.
5.1 Term. This Agreement will continue until terminated in accordance with this Agreement. If any Subscription is in effect when the Term of this Agreement terminates or expires, this Agreement will remain in effect solely for the purposes of the Subscription until the Subscription expires or terminates.
5.2 Termination for Cause. Either Party may terminate this Agreement immediately for cause if:
5.3 End-of-Life. Your right to access and use the Cloud Services, and any features of the Cloud Services, are subject to the End-of-Life Policy located at https://trellix.com/en-us/assets/docs/legal/support-policy-product-support-eol.pdf. Upon the End-of-Life date of a Cloud Service or any feature of a Cloud Service (as described in the End- of-Life Policy), Your right to access and use the applicable Cloud Service or feature will terminate.
5.4 Suspension or Termination of Cloud Service by the Company. Notwithstanding any provision to the contrary contained herein, We may suspend or terminate the Cloud Services:
Suspension or Termination of Cloud Services by Us will be without prejudice to any rights or liabilities accruing before or during the suspension, including Your obligation to pay fees.
5.5 Termination Obligations. After termination of a Subscription Period for a particular Cloud Service, You agree that We have no obligation to retain Customer Data for that Cloud Service, which may be permanently deleted as part of Our record and information management practices and in accordance with applicable laws. If any Customer Data is stored by the Cloud Service, You are solely responsible for retrieving that Customer Data.
6.1 Payments. Unless You are purchasing the Cloud Services through an Authorized Partner, in which case payment obligations will be exclusively between the Authorized Partner and You, You will pay Us the fees for the Company Products within thirty (30) days of the invoice date without any deduction, setoff, or withholding, and except as otherwise specified by Us or Our Authorized Partners in writing, all fees are quoted and payable in United States dollars. Late payments are subject to interest of one and one-half percent (1.5%) per month or the highest rate permitted by law, whichever is lower. All payment obligations are non-cancelable, and all fees are non-refundable except to the extent expressly provided for in this Agreement. Any ongoing or recurring fees or rates by reference to which such fees are calculated may be increased on an annual basis upon at least 30 days’ written notice before any periodic renewal of the Cloud Services. If You believe in good faith that an invoice is incorrect, You must contact Us in writing within thirty (30) days of the date of invoice to request an adjustment or credit. Notwithstanding the foregoing, if You fail to notify us of any disputed amounts and/or otherwise fail to satisfy any undisputed payments within thirty (30) days of the due date, then We may, without any prior notice, suspend and/or revoke the rights granted herein and stop providing the Cloud Services to You and Users.
6.2 Transaction Taxes. If You purchase the Cloud Services directly from Us for use or resale, You will pay all applicable transaction taxes, including sales and use taxes, value added taxes, duties, customs, tariffs, and other government-imposed transactional charges however designated (and any related interest or penalty) on amounts payable by You under this Agreement (“Transaction Taxes”). We will separately state on an invoice the Transaction Taxes that We are required to collect from You under applicable law. You will provide proof of any exemption from Transaction Taxes to Us at least fifteen (15) Business Days before the due date for paying an invoice. If We do not collect the required Transaction Taxes from You but we are subsequently required to remit the Transaction Taxes to any taxing authority, You will promptly reimburse Us for the Transaction Taxes, including any accrued penalty or interest charges if the failure to timely collect and remit was not due to Our fault.
6.3 Withholding Taxes. All payments due from You will be made free and clear and without deduction for any present and future taxes imposed by any taxing authority. If You are required by applicable law to deduct or withhold income taxes from amounts payable to Us under this Agreement (“Withholding Taxes”), You will remit, and provide Us with evidence that You have remitted, the Withholding Taxes to the appropriate taxing authority and pay to Us the remaining net amount. You will provide written notice to Us of the intent to withhold (including details of the amounts and legal basis for Withholding Taxes) at least fifteen (15) Business Days before the due date for any payments under this Agreement and will cooperate with Us to reduce any Withholding Taxes. If We provide You with valid and official documentation issued by the relevant taxing authority for a lower rate of Withholding Taxes, then You will apply the lower rate.
6.4 If You purchase the Cloud Services through an Authorized Partner, the obligations regarding Transaction Taxes or Withholding Taxes will be the exclusive responsibility of the Authorized Partner or You, and the rules in Section 6.2 and 6.3 do not apply as between the Parties.
6.5 Income Taxes. Each Party is responsible for its own income taxes or taxes based on gross revenues or gross receipts.
6.6 Compliance Validation. We may request, and You must provide within thirty (30) days from the request date, a system-generated report verifying Your access to and use of the Cloud Services (“System Report”). You acknowledge that the System Report is based on technological features in the Cloud Services to verify access and use verification (including User counts). If the Cloud Services do not contain technological features that provide system-generated use verification, You will take reasonable steps to maintain complete and accurate records of Your use of the Cloud Services sufficient to verify compliance with this Agreement, and within thirty (30) days of Our request, You will provide to Us an accurate Cloud Services access and use verification report for the Cloud Services. We will only request the System Report (or Your prepared Cloud Services access and use verification report) once per year (or earlier if there is a good faith belief by Us that there may be noncompliance) and will not unreasonably interfere with the conduct of Your business. If a System Report or Your prepared Cloud Services access and use verification report identifies that You are out of compliance with this Agreement, You will be required to purchase the additional subscriptions and pay the reasonable costs of the audit and any fees associated with the subscriptions and/or Support. We may also charge an out-of-compliance fee.
7.1 Each Party acknowledges that it may have access to Confidential Information of the other Party in connection with this Agreement, and that each party's Confidential Information is of substantial value to the Disclosing Party, which could be impaired if it were improperly disclosed to third parties or used in violation of this Agreement.
7.2 Confidential Information as used in this Agreement means any information (regardless of the form of disclosure or the medium used to store or represent it) of a Party (“Disclosing Party”), including trade secrets and technical, financial, or business information, data, ideas, concepts, or know-how, that:
However, Confidential Information does not include any information that:
7.3 Each Recipient of Confidential Information under this Agreement must:
7.4 Notwithstanding the restrictions in Section 7.2, if the Recipient is required to disclose any of the Disclosing Party's Confidential Information by law, such as in response to a subpoena or requirement of any court, arbitral, administrative, or legislative body, the Recipient must:
7.5 You will immediately notify Us if Confidential Information is used or disclosed in breach of this Agreement. As monetary damages may not be sufficient relief if anyone violates or threaten to violate the terms of this section, We are immediately entitled to enforce Our rights by specific performance or injunction proceedings, in addition to any other rights or remedies it may have.
7.6 Upon the Disclosing Party's request and upon termination of this Agreement (unless agreed otherwise by the Parties at the time), each Party will return, destroy, or delete permanently (at the Disclosing Party's election) the other Party's Confidential Information.
7.7 On termination of this Agreement, the Recipient must continue to keep the Disclosing Party's Confidential Information confidential for five (5) years in accordance with this section.
7.8 Feedback. We welcome any comments, suggestions for improvements, and feedback regarding the Cloud Services and other products and services of Us and our Affiliates (“Feedback”). You hereby agree that We own all right, title, and interest in and to the Feedback, including any and all associated Intellectual Property Rights, and that We may use, copy, modify, create Derivative Works based upon, and otherwise exploit the Feedback for any purpose, without notice or attribution to, payment to or consent from You, and You acknowledge that such Feedback will be the Confidential Information of Us, and not You.
Ownership. Our Company Products, Documentation and the software underlying the Cloud Services are considered Confidential Information. We (or Our licensors) own exclusively and reserve all right, title and interest in and to Company Products, Documentation and the software underlying the Cloud Services, including all related Intellectual Property Rights as well as any Derivative Works. You agree, on behalf of Yourself and any Affiliates, that You and Your Affiliates will take no action inconsistent with Our Intellectual Property Rights.
8.2 Reserved Rights. You may not exercise any right, title, and interest in and to any Company Products, Documentation, the software underlying the Cloud Services or any related Intellectual Property Rights, except for the limited access and usage rights granted to You in this Agreement. This Agreement is not an agreement of sale, and this Agreement does not transfer any title, Intellectual Property Rights or ownership rights to any Company Products, Documentation, or the software underlying the Cloud Services. You acknowledge and agree that the Company Products, Documentation, and the software underlying the Cloud Services, and all ideas, methods, algorithms, formulae, processes, and concepts used in developing or incorporated into the foregoing, and all other improvements, revisions, corrections, modifications, enhancements, releases, detection definition files (or DATs, also referred to as signature files, being the code anti-malware software uses to detect and repair viruses, Trojan horses and potentially unwanted programs), signature sets, content, and other updates in, of, or to the Cloud Services or the software underlying the Cloud Services, all Derivative Works based on any of the foregoing, and all copies of the foregoing are trade secrets and reserved to and proprietary property of Us, having great commercial value to Us.
9.1 Warranty. We warrant that during the Subscription Period, the Cloud Services will perform substantially in accordance with the associated Documentation. Your sole and exclusive remedy for a breach of the foregoing warranty is, at Our option, the repair or replacement of the Cloud Service, or for Us to cause a refund in the form of a credit on a pro-rata basis for the period in which the Cloud Service did not materially comply. This warranty is conditioned upon You providing Us prompt written notice of the Cloud Services’ non-conformance and using the Cloud Service as provided in this Agreement and the Documentation.
9.2 Disclaimer of Warranties. EXCEPT AS EXPRESSLY STATED IN THIS SECTION, TO THE EXTENT ALLOWED BY APPLICABLE LAW, WE EXPRESSLY DISCLAIM ALL WARRANTIES AND CONDITIONS OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING WITHOUT LIMITATION ANY WARRANTY, CONDITION OR OTHER IMPLIED TERM AS TO MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT AND ANY WARRANTY ARISING BY STATUTE, OPERATION OF LAW, COURSE OF DEALING OR PERFORMANCE, OR USAGE OF TRADE. WE MAKE NO, AND SPECIFICALLY DISCLAIM ANY, WARRANTY OR REPRESENTATION THAT THE CLOUD SERVICE: (A) WILL BE UNINTERRUPTED, COMPLETELY SECURE, ERROR-FREE, FAIL SAFE OR FREE OF VIRUSES; (B) WILL MEET YOUR BUSINESS REQUIREMENTS OR OPERATE WITH YOUR CURRENT SYSTEMS; (C) WILL COMPLY WITH ANY PARTICULAR LAW; OR (D) WILL BE FREE OF VULNERABILITY TO INTRUSION OR ATTACK OR OTHERWISE PROVIDE COMPLETE PROTECTION AGAINST ANY SECURITY THREATS VULNERABILITIES. YOU WILL NOT MAKE ANY REPRESENTATION OR OTHER STATEMENT OR UNDERTAKE ANY ACT OR OMISSION INCONSISTENT WITH THIS SECTION. YOU ASSUME TOTAL RESPONSIBILITY FOR THE SELECTION OF THE CLOUD SERVICES TO ACHIEVE YOUR INTENDED RESULTS AND FOR YOUR USE OF THE RESULTS OBTAINED FROM THE CLOUD SERVICES. WE DO NOT WARRANT THAT THE CLOUD SERVICES WILL MEET YOUR REQUIREMENTS. IF APPLICABLE LAW DOES NOT ALLOW THE EXCLUSION OF SOME OR ALL OF THE ABOVE IMPLIED WARRANTIES, THE ABOVE EXCLUSIONS WILL APPLY TO THE FULLEST EXTENT PERMITTED BY APPLICABLE LAW.
9.3 No Guarantee. NO DATA TRANSMISSION OVER THE INTERNET CAN BE GUARANTEED TO BE SECURE. CUSTOMER ACKNOWLEDGES THAT WE ARE NOT RESPONSIBLE FOR ANY INTERCEPTION OR INTERRUPTION OF ANY COMMUNICATIONS THROUGH THE INTERNET, NETWORKS, OR SYSTEMS OUTSIDE OUR CONTROL AND THAT THE CLOUD SERVICES MAY BE SUBJECT TO LIMITATIONS, DELAYS, AND OTHER PROBLEMS INHERENT IN THE USE OF THE INTERNET AND ELECTRONIC COMMUNICATIONS. YOU AGREE THAT YOU ARE RESPONSIBLE FOR MAINTAINING THE SECURITY OF YOUR NETWORKS, SERVERS, APPLICATIONS AND ACCESS CODES. WE ARE NOT RESPONSIBLE FOR ANY DELAYS, DELIVERY FAILURES, LOSS OF CUSTOMER DATA OR DAMAGES RESULTING FROM THOSE PROBLEMS.
9.4 High-Risk Systems Terms. OUR PRODUCTS MAY FAIL AND ARE NOT DESIGNED, DEVELOPED, TESTED, OR INTENDED TO BE RELIABLE IN THE CONTEXT OF HIGH-RISK SYSTEMS. WE HAVE NO RESPONSIBILITY FOR, AND YOU WILL INDEMNIFY, DEFEND AND HOLD HARMLESS US, OUR AFFILIATES AND REPRESENTATIVES FROM ALL CLAIMS, SUITS, DEMANDS, AND PROCEEDINGS ALLEGING, CLAIMING, SEEKING, OR ASSERTING, ANY LIABILITY, LOSS, OBLIGATION, RISK, COST, DAMAGE, AWARD, PENALTY, SETTLEMENT, JUDGMENT, FINE OR EXPENSES (INCLUDING ATTORNEYS’ FEES) ARISING FROM OR IN CONNECTION WITH YOUR USE OF OUR PRODUCTS ON OR IN A HIGH-RISK SYSTEM, INCLUDING THOSE THAT COULD HAVE BEEN PREVENTED BY DEPLOYMENT OF FAIL-SAFE OR FAULT- TOLERANT FEATURES TO THE HIGH-RISK SYSTEM, OR ARE BASED ON A CLAIM, ALLEGATION, OR ASSERTION THAT THE FUNCTIONING OF THE HIGH-RISK SYSTEM DEPENDS OR DEPENDED ON THE FUNCTIONING OF THE CLOUD SERVICES, OR THAT THE FAILURE OF ANY OF OUR PRODUCTS CAUSED A HIGH-RISK SYSTEM TO FAIL.
9.5 Third Parties. Company Products may contain or otherwise interface with certain third-party products, services or applications and rely on such third-party products, services, or applications to enable or perform certain functionality of the Company Products, including Malware definitions or URL filters and algorithms. We make no warranty as to the operation of any third-party products or the accuracy of any third-party information.
10.1 NO CONSEQUENTIAL DAMAGES. SUBJECT TO SUBSECTION 10.3 BELOW, UNDER NO CIRCUMSTANCES WILL EITHER PARTY BE LIABLE TO THE OTHER PARTY FOR ANY INDIRECT, SPECIAL, INCIDENTAL, PUNITIVE, EXEMPLARY, CONSEQUENTIAL, OR EXTRA-CONTRACTUAL DAMAGES OF ANY KIND OR FOR LOSS OF PROFITS, LOSS OF GOODWILL, LOSS OF PERSONNEL SALARIES, COSTS OF OBTAINING SUBSTITUTE PRODUCTS OR SERVICES, BUSINESS OR SYSTEM INTERRUPTION, DENIAL OF ACCESS OR DOWNTIME, ANY LOST OR DAMAGED DATA OR SYSTEMS OR ASSOCIATED RESTORATION COSTS, NOR WILL WE BE LIABLE FOR ANY DAMAGES RELATING TO CLAIMS THAT THE PRODUCTS DID NOT OPERATE INTERRUPTION- OR ERROR-FREE, OR DID NOT PROTECT AGAINST ALL THREATS, IN ALL CASES REGARDLESS OF LEGAL THEORY AND WHETHER OR NOT FORESEEABLE, EVEN IF THE EXCLUSIVE REMEDIES PROVIDED BY THIS AGREEMENT FAIL OF THEIR ESSENTIAL PURPOSE AND EVEN IF EITHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OR PROBABILITY OF SUCH DAMAGES.
10.2 SUBJECT TO SUBSECTION 10.3 BELOW, EACH PARTY'S ENTIRE AGGREGATE LIABILITY TO THE OTHER PARTY FOR CLAIMS UNDER OR RELATED TO THE SUBJECT-MATTER OF THIS AGREEMENT WILL NOT EXCEED THE TOTAL FEES RECEIVED BY COMPANY FOR THE APPLICABLE PRODUCTS PURCHASED UNDER THE TERMS OF THIS AGREEMENT AND ATTRIBUTABLE TO THE TWELVE (12) MONTH PERIOD IMMEDIATELY PRECEDING THE FIRST EVENT GIVING RISE TO SUCH LIABILITY.
10.3 THE LIMITATIONS IN SECTIONS 10.1 AND 10.2 ABOVE DO NOT APPLY TO LIABILITY ARISING FROM (A) YOUR FAILURE TO PAY ALL AMOUNTS DUE, OR (B) YOUR BREACH OF YOUR CLOUD SERVICES ACCESS RIGHTS GRANTED HEREIN, SECTION 13.2 AND 13.3 (EXPORT), OR SECTION 8.1 (INTELLECTUAL PROPERTY RIGHTS). THESE LIMITATIONS OF LIABILITY APPLY WHETHER SUCH CLAIMS ARISE UNDER CONTRACT, TORT (INCLUDING NEGLIGENCE), EQUITY, INFRINGEMENT, STATUTE OR OTHERWISE. NOTHING IN THIS AGREEMENT LIMITS OR EXCLUDES ANY LIABILITY THAT CANNOT BE LIMITED OR EXCLUDED UNDER APPLICABLE LAW. THESE LIMITATIONS OF LIABILTY ARE CUMULATIVE AND NOT PER INCIDENT AND THEY SURVIVE ANY TERMINATION OR EXPIRATION OF THIS AGREEMENT.
11.1 Customer Indemnification Obligations. You will unconditionally indemnify, defend, and hold Us, Our Affiliates, and their officers, directors, employees, contractors, and agents (each an Indemnified Party) harmless against any claims, liabilities, and expenses (including court costs and reasonable attorneys' fees) that an Indemnified Party incurs as a result of or in connection with:
THIS SECTION SETS FORTH YOUR SOLE AND EXCLUSIVE REMEDY AND OUR SOLE LIABILITY AND OBLIGATION FOR ANY ACTUAL, THREATENED OR ALLEGED CLAIMS THAT THE CLOUD SERVICES OR ANY SUBJECT MATTER OF THIS AGREEMENT INFRINGES, MISAPPROPRIATES OR OTHERWISE VIOLATES ANY INTELLECTUAL PROPERTY RIGHTS OF ANY THIRD-PARTY.
11.3 Indemnification Procedure. The foregoing indemnification obligations are conditioned upon: (i) the Party entitled to indemnification (“Indemnified Party”) providing the Party required to indemnify (the “Indemnifying Party”), prompt written notice of a claim (an “Indemnified Claim”), (ii) the Indemnified Party must give the indemnifying Party the sole right to control and conduct the defense, and any settlement, of the Indemnified Claim; and (iii) the Indemnified Party provides full and timely cooperation to the Indemnifying Party at the Indemnifying Party’s expense all reasonably requested information and assistance. The Indemnified Party may retain its own counsel to monitor the defense of an Indemnified Claim at its own expense. The indemnifying Party will keep the Indemnified Party reasonably advised of the status of each Indemnified Claim.
11.4 Personal and Exclusive Indemnity. The foregoing indemnities are personal to the parties and may not be transferred to anyone.
12.1 Generally. If You request or We otherwise provide You with a limited trial or evaluation access to the Cloud Services (“Evaluation Product”) or Free Services, the provisions of this Section will apply and prevail over any other conflicting terms of this Agreement. Your use of an Evaluation Product is limited to thirty (30) days (“Evaluation Period”) unless agreed otherwise in writing by Us. During the Evaluation Period, You may access and use the Evaluation Products solely for Your internal evaluation in accordance with the use guidelines and restrictions set forth in Section 1.6 above to decide whether to purchase the right to use the Evaluation Products. At the end of the Evaluation Period, Your right to use the Evaluation Product automatically expires, and You agree to discontinue all use, and destroy any copies, of the Evaluation Product, as applicable.
12.2 No Support Obligation. We have no obligation to provide any Support for Evaluation Products or Free Services, and We may change or discontinue any Evaluation Products or Free Services at any time without notice. You acknowledge that the Evaluation Products and Free Services may not have been tested or debugged and may contain errors, defects or other problems that could cause system or other failures, security breaches, interruptions, and data loss.
12.3 Disclaimer of Warranties.
12.4 Free Services.
13.1 Each Party will comply with all applicable national, state, and local laws and regulations with respect to its rights and obligations under this Agreement, including applicable privacy and export control laws and regulations, the U.S. Foreign Corrupt Practices Act, and any other applicable anti-corruption laws.
13.2 You will not, directly or indirectly, export, re-export, transmit, transfer, permit access to or use any Cloud Services or technical data (or any part of Cloud Services or technical data), any system or service incorporating any Cloud Services, or any other regulated item or information to or in any country to which export, transmission or access is restricted by regulation, statute, or other law, without first complying with all export control laws and regulations that may be imposed by the U.S. government and/or any country or organization of nations within whose jurisdiction You operate or do business and obtaining the authorization, if required, of the Bureau of Industry and Security of the U.S. Department of Commerce or any other governmental entity that may have jurisdiction over export or transmission. In addition to the foregoing, You agree that you will not export, transfer, or import the Cloud Services to any person or entity on any of the U.S. Government’s Lists of Parties of Concern (http://www.bis.doc.gov/index.php/policy-guidance/lists-of-parties-of-concern) or applicable international specially designated parties or economic sanctions programs. You hereby certify that You will not use, transfer, or access any Cloud Services, and that such Cloud Services will not otherwise be purposed, re-exported, or retransferred, for end use relating to any nuclear, chemical, or biological weapons, or missile technology unless authorized by the U.S. Government by regulation or specific license or to Cuba, Iran, North Korea, Sudan, or Syria for any reason whatsoever.
13.3 You acknowledge and agree that certain Company Products containing encryption may require authorization from the U.S. and other applicable authorities including the European Union, prior to export. You also acknowledge and agree that certain Company Products containing encryption may be subject to import or use restrictions in other countries. Additional information regarding exporting and importing Company Products may be found on Company’s “Export Compliance” webpage located at https://www.trellix.com/en-us/about/export-compliance.html, as updated from time to time.
13.4 If We receive notice that You are or become identified as a sanctioned or restricted Party under applicable law, We will not be obligated to perform any of Our obligations under this Agreement if such performance would result in violation of the sanctions or restrictions.
14.1 Relationship. The Parties are independent contractors under this Agreement and expressly disclaim any partnership, franchise, joint venture, agency, employer/employee, fiduciary, or other special relationship. Neither Party intends this Agreement to benefit or create any right or cause of action in or on behalf of, any person or entity other than the Parties and listed Affiliates. The Agreement is not intended to create a third-party beneficiary of any kind. You must not represent to any third-party that You have any right to bind Us in any manner and You will not to make any representations or warranties on Our behalf.
14.2 Severability. If a court holds that any provision of this Agreement is invalid or unenforceable under applicable law, the court will modify the provision to the minimum extent necessary to make it valid and enforceable or, if it cannot be made valid and enforceable, the court will sever and delete the provision from this Agreement. The change will affect neither the validity of the amended provision nor the validity of any other provision of this Agreement, which will continue in full force and effect.
14.3 No Waiver; Remedies Cumulative. A Party’s failure or delay in enforcing any provision of this Agreement will not operate as a waiver of the right to enforce that provision or any other provision of this Agreement at any time. A waiver of any provision of this Agreement must be in writing, specify the provision to be waived and signed by the Party agreeing to the waiver. Notwithstanding any provision of this Agreement to the contrary, We shall have all the rights and remedies provided by law in addition to the rights and remedies set forth in this Agreement and in any other agreement or writing between the Parties. All Our rights and remedies are cumulative and may be exercised from time to time. Our pursuit of one right or remedy shall not constitute an exclusive election or otherwise preclude or limit its pursuit of any other or additional right or remedy.
14.4 Force Majeure; Other Excusable Failures or Delays in Performance.
14.5 Governing Law. All disputes arising out of or relating to this Agreement, or its subject matter will be governed by the following substantive laws, excluding rules relating to conflict of laws:
14.6 Jurisdiction. The following courts will each have exclusive jurisdiction over all disputes arising out of or relating to this Agreement or its subject-matter:
14.7 Entire Agreement; Order of Precedence; and Amendments.
14.8 Notices. Any notice given under or in relation to this Agreement must be in writing, signed by or on behalf of the Party giving it, and addressed to Us, “Attention Legal Department”, to the applicable address listed in Section 15. We will contact You at the contact information You provide when purchasing or registering for the Cloud Services. Notices will be considered delivered when received if delivered by hand with receipt, the next Business Day after sending it by pre-paid, nationally recognized, overnight air courier with tracking capabilities; or five (5) Business Days after being sent by registered or certified airmail, return receipt required, postage prepaid, to the address mentioned above.
14.9 Additional Documents and References. References to linked terms in this Agreement are references to the terms or content linked (or the replacement link as We may identify from time to time) as amended from time to time. You acknowledge that the terms or content in the link are incorporated in this Agreement by reference and that it is Your responsibility to review the terms or content in the links referenced in this Agreement.
14.10 Assignment. You may not sublicense, assign, or transfer Your rights under this Agreement without Our prior written consent. Any attempt by You to sublicense, assign or transfer any of Your rights, duties, or obligations under this Agreement, whether directly, or indirectly by merger or acquisition, will be null and void.
14.11 Notice to U.S. Government Users. The Cloud Services are considered "commercial computer software" and "commercial computer software documentation," under DFAR Section 227.7202 and FAR Section 12.212, as applicable. Any use, modification, reproduction, release, performance, display, or disclosure of the Cloud Services by the United States Government will be governed solely by this Agreement and is prohibited except to the extent expressly permitted by this Agreement.
14.12 Community Forum. You, Users, and other Customers may exchange ideas and technical insight regarding Company Products on community support pages We may make available from time to time. We do not endorse, warrant, or guarantee any information posted on this site and any use of the information is taken at Your sole risk.
14.13 Survival. The following sections, together with any other terms necessary for the interpretation or enforcement of this Agreement, will survive termination of this Agreement: 4.2privacy (Privacy and Use of Data), 5.5 (Termination Obligations), 7 (Confidentiality), 8 (Intellectual Property Rights), 9 (Warranties; Exclusions: Disclaimers), 10 (Limitation of Liability), 11 (Indemnification), 14.5 (Governing Law), 14.6 (Jurisdiction), 15 (Definitions and Interpretation) and this Section 14.13 (Survival).
In this Agreement:
Affiliate means any entity that Controls, is Controlled by, is under common Control with a Party, or is Controlled by the same parent entity as a Party, where “Control” or “Controlled” means direct or indirect ownership, through one or more intermediaries of more than 50% of an entity’s voting capital or other voting rights.
Authorized Partner means any of Our Distributors, Resellers, or other business partners. For the avoidance of doubt, Authorized Partners have no authority to modify any of the terms of this Agreement, and any Company Products purchased through Authorized Partners shall remain governed by and subject to the terms of this Agreement.
Business Day means any day other than a Saturday, Sunday, statutory or public holiday in the place where Company Products are provided, or the Professional Services are performed.
Cloud Services means the Cloud Services that We provide to You as specified in one or more Grant Letters and that are subject to the applicable Service Schedule. Our Service Schedule 1 references Our Skyhigh Security cloud offerings, and Our Service Schedule 2 references Our Skyhigh Security and Company cloud offerings.
Company means:
Company Privacy Notice refers to Our Privacy Notice, available at https://www.trellix.com/en-us/about/legal/privacy.html.
Company Products means any Cloud Services or Support.
Covered Country means any country that is a member of the Berne Convention where the Company (as defined in Section 15) is incorporated.
Customer Data means Your Personal Data, sensitive data or other information about You and Users (including Users’ name, address, e-mail address and payment details), their computers, files stored on their computers, or their computers’ interactions with other computers, including information regarding network, licenses used, hardware type, model, hard disk size, CPU type, disk type, RAM size, 32 or 64 bit architecture, operating system types, versions, locale, BIOS version, BIOS model, total scanners deployed, database size, system telemetry, device ID, IP address, location, content, products installed, components, processes and services information, frequency and details of update of Our components, information about third-party products installed, extracts of logs created by Us, usage patterns of Our products and specific features, etc.
Derivative Work means a work that is based on one or more preexisting works (such as a revision, translation, dramatization, motion picture version, abridgment, condensation, enhancement, modification, or any other form in which preexisting work may be recast, transformed, or adapted) which, if created without the authorization of the copyright owner of the preexisting work, would constitute copyright infringement.
Documentation means any explanatory materials, such as user manuals, training materials, user guides, product descriptions, regarding the implementation and use of the Cloud Services and that are provided by Us with the Cloud Services or otherwise made generally available by Us in printed, electronic, or online form.
End User License Agreement or EULA means the standard End User License Agreement available at https://www.trellix.com/en-us/assets/docs/legal/Musarubra-EULA.pdf, which governs Your use of any Software.
Force Majeure Event means any event that arises after the commencement of this Agreement that is beyond a Party’s reasonable control and that, by its nature, could not have been foreseen or, if it could have been foreseen, was unavoidable, including strikes, lock-outs or other industrial disputes (whether involving its own workforce or a third-party’s), acts of God, war, riot, embargoes, acts of civil or military authorities, acts of terrorism or sabotage, shortage of supply or delay in delivery or other default by Our vendors, fire, flood, earthquake, accident, radiation, inability to secure transportation, failure of communications or energy sources, malicious damage, breakdown of plant or machinery, epidemics, pandemics, any global, national, or local public health emergency or disease outbreak.
Free Services means any features or functionality included in a paid subscription for which We no longer charge or which We offer to You at no charge, in Our sole discretion, or other features or functionality that We make available to You without charge, that is labeled as “Pre-Release,” “Limited Release,” “Beta” or otherwise identified by Us as experimental, untested, or not fully functional, and which is not a time-limited trial for Your evaluation purposes.
Grant Letter means any written (electronic or otherwise) confirmation notice that We issue to You confirming the Company Products purchased and applicable Product Entitlement. The Grant Letter identifies the SKU number, quantity, Subscription Period or Support Period, and any other access and use details.
High-Risk System means a device or system that requires extra safety functionalities such as fail-safe or fault-tolerant performance features to maintain a safe state where it is reasonably foreseeable that failure of the device or system could lead directly to death, personal injury, or catastrophic property damage. A device or system with a fail-safe feature in the event of failure may revert to a safe condition rather than break down, may include a secondary system that comes into operation to prevent a malfunction, or may operate as a backup in the event of a malfunction. A device or system with a fault-tolerant feature in the event of failure may continue its intended operation, possibly at a reduced level, rather than failing completely. Without limitation, High-Risk Systems may be required in critical infrastructure, industrial plants, manufacturing facilities, direct life support devices, aircraft, train, boat or vehicle navigation or communication systems, air traffic control, weapons systems, nuclear facilities, power plants, medical systems and facilities, and transportation facilities.
Intellectual Property Rights means all intellectual property or other proprietary rights throughout the world, whether existing under statute, at common law or in equity, now existing or created in the future, including:
Malware means applications, executable code, or malicious content that We consider be harmful.
Personal Data means any information relating directly or indirectly to an identified or identifiable individual.
Product Entitlement means the license or subscription types set forth in the Grant Letter and defined at https://www.trellix.com/en-us/assets/docs/legal/trellix-product-entitlement-definitions.pdf.
Representatives means a Party’s Affiliates, permitted resellers, subcontractors, employees, or authorized agents.
Service Schedules mean the applicable Cloud Services terms and conditions in Service Schedule 1 at https://trellix.com/en-us/assets/docs/legal/cloud-services.pdf (Service Level Agreement), and Service Schedule 2 at https://trellix.com/en-us/assets/docs/legal/cloud-services-skyhigh.pdf, which are incorporated by reference herein, as amended from time to time.
Software means any software program(s) identified in the Grant Letter or otherwise made available to You and owned or licensed by Us, as the context requires, in object code format, provided by the Parties which may be required for You to access the Cloud Services.
Skyhigh Security means cloud-native security platform that converges a set of security solutions (SWG, CASB, ZTNA, DLP, RBI), providing visibility and control over Your data from a unified console.
Standard means a technology specification created by a government sponsored group, an industry sponsored group, or any similar group or entity that creates technology specifications to be used by others. Examples of Standards include GSM, LTE, 5G, Wi-Fi, CDMA, MPEG, and HTML. Examples of groups that create Standards include IEEE, ITU, 3GPP and ETSI.
Subscription Period means the period for which You have purchased the right to receive the Cloud Services or the time-period for which You have purchased the right to receive Support, as applicable.
Support means thtechnicalSupportServicese Technical Support services that We provide for the support and maintenance of the Cloud Services, as specified in the applicable Service Schedule.
Support Period means the period for which You are entitled to Support, as specified in a Grant Letter.
Technical Support Terms means the technical and support terms and conditions available at https://www.trellix.com/en-us/assets/docs/legal/technical-support-and-maintenance-terms-and-conditions.pdf.
Threat Data means non-personally identifying and non-Customer identifying information about Malware, threats, actual or attempted security events, including but not limited to their frequency, source, associated code, general identifiers, attacked sectors and geographies.
Trellix provides an industry-leading device-to-cloud security across multicloud and on-premises environments. Our solutions protect data, defend against threats, and provide actionable insights through an open platform and the largest threat telemetry network.
User means a unique individual whom You have authorized to use the Cloud Services pursuant to Your access rights under this Agreement, including Your employees, Your Affiliates, subcontractors, authorized agents, and Managed Parties.
In this Agreement, unless a contrary intention appears:
Availability means the percentage of time a Service’s specified functionality is generally available as described in the applicable and current documentation. Services achieving Availability, as calculated, and described in Section 3, have met the prescribed service level.
Beta Services When a Customer is evaluating a Service for free that is a pilot and/or not yet in production by Company.
Company means
Customer means the entity with current and valid contracts for one or more Service.
End-of-Life (EOL Policy) means Our policy regarding the support lifecycle of Our Cloud Services, Software and Technical Support, available at: https://trellix.com/en-us/assets/docs/legal/support-policy-product-support-eol.pdf
Force Majeure, please refer to the definition within the Cloud Service Agreement locate at https://www.trellix.com/en-us/about/legal/cloud-terms-of-service.html.
Inline (block) means the web proxy doing inline block of traffic per policy.
Inline Traffic Data Path means the duration of filtering in the Service after the last byte received from the server.
Management Access means access to the product’s cloud-based UI – ePO Cloud for WGCS and Skyhigh Security Cloud for SSE. Refer to Service Schedule 2 for the Skyhigh Security located at https://trellix.com/en-us/assets/docs/legal/cloud-services-skyhigh.pdf, which ais incorporated by reference herein.
Service means the Cloud Service offerings as defined in the Cloud Services Agreement, including Skyhigh Security (previously known as UCE or Web Gateway cloud service) that have been assigned specific service levels within this SLA.
Service Credit means the number of days of the relevant Service that will be added to the end of the Customer’s current contract term following Our approval of a claim that We missed an applicable Service Level.
SKUs means A Stock Keeping Unit is a unique identifier for each distinct product and service that can be ordered from Us.
Software means any software program owned or licensed by Us, as the context requires, in object code format, provided by Us to the Customer which may be required for it to access the Cloud Services.
Sole Remedies means that a Customer’s receipt of a Service Credit is the sole remedy for Our failure to achieve and maintain an applicable Service Level.
User means a unique individual person within a company, organization, or other entity that is a Customer.
Skyhigh Security Latency incorporates the following set of terms:
Average Latency means the average time it takes for the web protection service to scan, process and apply the Customer policy to the web content data, assuming a 100KB web page, as measured by the monthly average among samples taken by Us in a given month using industry standard monitoring tools/software. “Customer policy” means the Customer’s configuration set within the product. Average Latency does not include: (a) traffic not related to streaming applications; (b) traffic not subject to bandwidth management rules (QoS enforcement); or (c) the time required to download the web page from the origin content server (OCS) to the Web Protection Service. The processing of content is measured from when the Web Protection Service proxy receives the content to the point when the Web Protection Service proxy attempts to transmit the content.
Latency means the web page load time attributable to the Skyhigh Security service.
Latency Commitment means the commitment We will deliver the web protection service with an Average Latency of 100 milliseconds or less for scanned transactions and 50 milliseconds for unscanned transactions. The Latency Commitment is only applicable to reasonable number of transactions/data packets per User (based on Our cloud-wide average).
The Services Availability is defined as follows:
Skyhigh Security
Inline Traffic Data Path-Availability
99.999%
Web Gateway Cloud Service
Inline Traffic Data Path-Availability
99.999%
Management Access
99.900%
Availability Calculation. Availability will be calculated per calendar month and shall be measured using industry standard monitoring tools/software. Availability will be calculated as follows:
Total Min. - NonExcused - Excused Outages
Total Min. – Excused Outages
x 100 ≥ (99.999% general availability)
August has 31 days, or 44,640 minutes, of potential availability (Total Min.) one hour of scheduled maintenance was performed (Excused Outage).
44,640 min. – 60 min. = 44,580 min.
(This is the denominator and represents total potential availability for August).
One minute of service interruption was experienced (unexcused outage).
44,580 – 1 = 44,579 min.
(This is the numerator and represents the total availability for August.)
Availability = (44,640 – 1 – 60) / (44,640 – 60) * 100 = 99.997%
Partial Subscription Months. For any partial calendar month during which the Customer subscribes to the Service, Availability will be calculated based on the entire calendar month, not just the portion for which Customer subscribed.
Availability Restrictions. This Availability SLA does not apply if: (a) Customer fails to correctly configure the Service in accordance with Company policies or instructions; (b) failures in Customer equipment or third-party computer hardware, Software, or network infrastructure not within Our sole control; (c) failure of Customer’s network to forward traffic to the Service; (d) the unavailability of a specific third-party web page or data center outage outside of Our networks or data centers; (e) failure of an intermediate internet service provider (ISP) (other than Our direct ISP(s)) to deliver traffic to Us; (f) unavailability of one or more specific features, functions, or equipment hosting locations within the Service, while other key features remain available; (g) actions or inactions of Customer (unless undertaken at Our express direction) or third parties beyond Our control; or (h) Customer requests for additional configuration or system changes that require downtime to complete.
The service levels are based upon a Customer’s use of a configuration that is at least as protective as Service default settings. For clarity, We are not responsible, and this SLA does not apply, if the Customer configuration does not meet or exceed the protections provided by the default settings.
The Service does not include the Customer’s internet access connections or hardware on the Customer’s side to access the internet or the Service. This SLA does not cover any issues arising from the compatibility of the Customer’s hardware or the software used to connect to the Service.
For hybrid SKUs (include entitlement to both Cloud Services and Software licenses ((including virtual) form factors), this SLA only applies to the Cloud Service component within the hybrid SKU and does not apply to any other product or service.
SLA, and the services it covers, is subject to the Company EOL Policy process.
Unless specifically stated herein, this document does not replace, modify, or in any way restrict other terms and conditions that may apply, including the Technical Support and Maintenance Terms and Conditions or the Cloud Service Agreement, both referenced herein.
The Customer is required to use, configure, deploy, and manage the Service in accordance with the Cloud Services Agreement, and according to the documentation, including knowledge-based articles and other online content on public community.
The Customer is responsible for failures of the equipment or Software used to access the Service.
The Customer commits to using the Service based on the published individual proxy name per the documented terms and conditions. The customer will use IP addresses in their configuration to access the proxy unless explicitly documented.
The number of days which may be awarded as a Service Credit are set forth below. The Service Credits shall be Your Sole Remedies for any performance or availability issues for any Service under this SLA.
>= 99.999%
<t100ms
>= 99.9%
Meets Goals
None
<t99.999% but >=99.99%
>100ms but<t= 200ms
<t99.9% but >= 99%
Tolerable
8 days
<t99.99% but >=99%
>200ms but <t= 300ms
<t99% but >= 98%
Less Tolerable
16 days
<t99%
>300 ms
<t98%
Unacceptable
31 days
To initiate a Service Credit claim, the Customer must contact Technical Support through the Service Portal at:
https://supportm.trellix.com/webcenter/portal/supportportal/pages_home and provide the following information: Grant Number, date and time of the service interruption, and a brief description of the event. Claims must be received within ten (10) business days of an event. If confirmed by Us, the Service Credit will be applied against Your contract term. Service Credits will not be convertible to cash or applied against any current billing charges.
System Availability. We shall make commercially reasonable efforts to provide 24 hours, 7 days a week availability and access to the Service and will continuously and proactively monitor the Cloud Services and its related environment. Under exceptional circumstances, We may experience the need for emergency maintenance, during which time, the Cloud Services will be unavailable to Customer (“Service Outage”). We will use reasonable efforts to notify Customer a minimum of fifteen (15) minutes prior to a Service Outage. Customer will notify Us of service interruptions or delays that may be known to Customer. We will provide access to Our designated contacts to assist Us with correcting any Service Outage problems in a timely manner. We will also provide updates to Customer until the Service Outage has been corrected. Upon learning of any Service Outage, We will correct the Service Outage and restore Services availability. We shall make commercially reasonable efforts to provide 99.5 percent (99.5%) availability of the Cloud Services, as measured monthly.
This Service Schedule 2 – Cloud Services Additional Terms applies to the Cloud Services provided by Trellix and Skyhigh Security (respectively) (the “Company,” “We,” “Us,” “Our”) based on the SKU purchased by the Customer (“You” or “Your”). All capitalized terms not defined herein shall have the meaning provided in your underlying cloud services agreement.
Business Day means any day other than a Saturday, Sunday, statutory or public holiday in the place where Company Products are provided, or the Professional Services are performed.
Cloud Services means the Cloud Services that We provide to You as specified in one or more Grant Letters and that are subject to the applicable Service Schedule.
Company means:
Customer means the entity which has purchased Products and to which We provide Support.
Grant Letter means any written (electronic or otherwise) confirmation notice that We issue to You confirming the Products purchased and applicable Product Entitlement. The Grant Letter identifies the SKU number, quantity, Subscription Period or Support Period, and any other access and use details.
Product Entitlement means the license or subscription types set forth in the Grant Letter and defined at https://trellix.com/en-us/assets/docs/legal/trellix-product-entitlement-definitions.pdf.
Data means Your Personal Data, sensitive data or other information about You and Users (including Users’ name, address, e-mail address and payment details), their computers, files stored on their computers, or their computers’ interactions with other computers (including information regarding network, licenses used, hardware type, model, hard disk size, CPU type, disk type, RAM size, 32 or 64 bit architecture, operating system types, versions, locale, BIOS version, BIOS model, total scanners deployed, database size, system telemetry, device ID, IP address, location, content, products installed, components, processes and services information, frequency and details of update of Our components, information about third-party products installed, extracts of logs created by Us, usage patterns of Our products and specific features, etc.
SKUs means A Stock Keeping Unit is a unique identifier for each distinct product and service that can be ordered from Us.
Subscription Period means the period for which You have purchased the right to receive the Cloud Services or the time-period for which You have purchased the right to receive Support, as applicable.
Support means the technical support services that We provide for the support and maintenance of the Cloud Services, as specified in the applicable Service Schedule.
Support Period means the period for which You are entitled to Support, as specified in a Grant Letter.
User means a unique individual whom You have authorized to use the Cloud Services pursuant to Your access rights under this Agreement, including Your employees, Your Affiliates, subcontractors, authorized agents, and Managed Parties.
The Trellix Response Service Level Goals (SLG) will provide Support for the Cloud Services in accordance with the following:
Severity Assessment Questions
Through a series of questions, We will determine the business impact of your issue. The impact assessment questions are simplified to allow you to quickly answer and move towards getting resolution to your issue. Select the answer that most closely aligns with the reported issue.
This question will help set the type of Service Request being opened. The options under this question are:
A severity code is associated with Service Requests to indicate the impact and the urgency of the request.
Severity 1: Severe Issue or Business Wide Impact
This would be a very serious issue or business wide impact with the issue. Example: Our ePolicy Orchestrator is down, Web Gateway is blocking all customer traffic. There is no viable workaround.
Severity 2: Major Issues or Large Impact
This is a major issue or where a large number of Users are impacted. Example: Regional office not in a secured posture due to Our ePolicy Orchestrator is not functioning, Data Loss Prevention policy is causing the Executive Staff to be not able to use USB drives. There is no viable workaround.
Severity 3: Minor Issue or Small Impact
This is a minor issue or small number of Users impacted. Example: Few Users unable to authenticate to Drive Encryption, Data Loss Prevention rule requiring justification for a few Users but not stopping business activities.
Severity 4: General Questions
This is a question without impact on business operations. This may be around documentation or Knowledge Base entries. Example: Looking for Best Practices, Reference Configurations, clarification on entries in KB or Product Guide. Product Enhancements Requests
Support Requests (SR) are assigned a SR number to manage the resolution of the issue. We attempt to resolve every issue on the first interaction. Unresolved customer issues are evaluated based on severity and priority of the reported issue. Based on this information, We assign each SR an impact level value.
The frequency You should be contacted about the status of a Service Request will be agreed between You and the Technical Support Engineer during initial contact and at each communication interval. This will be discussed and agreed based on the individual needs and availability of the Customer, as well as the time it is likely to take to complete the next action.
Based on the Plan purchased by the Customer, either the Business Plan or Premier Success Plans, Enhanced Success Plans and Essential Success Plans, the following response level targets are provided. The response times are target estimates and are not guaranteed.
Initial Response
30 Minutes
60 Minutes
8 Hours
1 Business Day
Update Frequency
At least once per hour unless agreed otherwise with the customer
At least twice per day unless agreed otherwise with the customer
Negotiated with the customer
Negotiated with the customer
Initial Response
15 Minutes
30 Minutes
4 Hours
1 Business Day
Update Frequency
At least once per hour unless agreed otherwise with the customer
At least twice per day unless agreed otherwise with the customer
Negotiated with the customer
Negotiated with the customer
The following chart provides a description of the applicable plans for Trellix.
Customer Success Plans
(Add-on Services)
Features & Offerings
Business Support (Standard)
Essential Success Plan
Enhanced Success Plan
Premier Success Plan
Daily product updates (.DATs, engines, etc.)
Product upgrades
24/7/365 Support Web and Phone with Remote Desktop Control
Trellix Labs Malware analysis service and alerts with remediation analysis
Online Experience - KnowledgeBase, Downloads, Case Mgt, Diagnostic & Remediation Tools
Best practice videos and guides
Proactive Notification Service via Support Notification Service (SNS)
Direct Access to Enterprise Level Technical Experts
Service Request Prioritization
Designated Contacts
Account Management
Designated Customer Success Manager (CSM) for Value Realization (1)
Assigned Technical Contact (ATC) for Situation and Escalation Management
Assigned Cloud ATC (C-ATC) for CASB Support
Documented Success Planning with the Customer Success Management (CSM)
Quarterly Business Reviews
Solution and/or Strategic Advisory Services
Professional Services Remote Health Watch Analysis
Educational Services Vouchers for Trellix Product education
eLearning Subscriptions
(1) Resident Customer Success Manager option available.
* Subject to Terms & Conditions. Regional variations may apply.
To Contact Us, please reach out using the Quick Reference call provided by your Support Account Manager or Customer Support Manager or through Our Support Service Portal at https://www.trellix.com/en-us/support.html.
We will provide Support for the Cloud Services in accordance with the following:
Phone
1-866-727-8383
Skyhigh Security Web Link
Phone & Web
Available 24/7
Office hours (critical and non-critical issues)
Available 24/7
Availability for critical issues
Available 24/7
Response time
(See below)
Upgrade notifications
Yes, SNS notification will be provided
Remote diagnostics
Yes, we have the capability to connect to your network
Documentation
The Parties will jointly use the severity levels below to document and respond to errors or deficiencies that may exist. If You believe that an error or deficiency exists in the programs supported by the subscription fees under this Agreement, You will provide written notification to Us of such error or deficiency, along with supporting data and programs that document such error or deficiency. We will respond in accordance with the following severity levels.
24x7x365 Support
Yes
Yes
Yes
Technical Account Manager
In region
Remote
N/A
Customer Success Manager
Dedicated In-region
Dedicated Remote
Non-Dedicated Remote
On-Site Visit per Year
2-4
1
N/A
Consulting Days
40
20
5
eLearning
Yes
Yes
Yes
Health checks
Yes
Yes
N/A
Webinars
Yes
Yes
N/A
Operational Service Review
Weekly
Every 2 Weeks
N/A
Monthly Operations Review
Yes
Yes
Digital Report
Executive Business Review
Quarterly
Semi-Annual
N/A
Severity 1 Response
30 min
1 hour
2-4 hours
Severity 2 Response
1 hour
2 hours
4-8 hours
Initial Response
PREMIUM-CARE
30 mins
1 hour
4 hours
1 business day
ENTERPRISE-CARE
1 hour
2 hours
4-8 hours
1 business day
BASIC-CARE
2 hours
4 hours
1 business day
2 business days
Update Frequency
PREMIUM-CARE
At least once per hour unless agreed otherwise with the customer
At least twice per day unless agreed otherwise with the customer
ENTERPRISE-CARE
BASIC-CARE
At least once every two hours unless agreed otherwise with the customer
At least once per day unless agreed otherwise with the customer
Negotiated with the customer
Negotiated with the customer
All Customer care Plans provide direct access to Technical Support Engineers for technical issue resolution.
Skyhigh Security Premier Care Plan –The Premier Care plan will entitle You to elevated support response times, including a maximum 30-minute response for Severity 1 SRs and a 1-hour response for Severity 2 SRs.
Skyhigh Security Enterprise Care Plan The Enterprise Care plan will entitle you to elevated support response times, including a maximum 1-hour response for Severity 1 SRs and a 2-hour response for Severity 2 SRs.
Skyhigh Security Basic Care Plan includes five (5) days of professional services to get the product fully deployed and operational. A non-dedicated remote CSM is assigned to work with the customer as part of this offering. This offering also includes e-learning plus access to webinars.
Severity Level 1
30 min response
1-hour response
Standard
Severity Level 2
1-hour response
2-hour response
Standard
Critical - Severity 1 Error:
A “Severity 1 Error” will mean that the Cloud Services is non-operational, and no Users can access the system, or the functionality is significantly decreased, or back-up or other security of data can no longer be performed. The defect affects mission-critical systems or information in the production environment. This may include any defect related to You or personal safety, system availability, overall data integrity or ability to serve You.
“Severity 1 Error” events will require immediate resolution. We must start the correction of “Severity 1 Errors no later than thirty (30) minutes following notification from You. We will work to correct Severity 1 Errors on a 24x7 basis until resolution. Our Support personnel as well as Your personnel may be required to sustain a twenty-four (24) hour per day effort to determine the root cause of the problem or until circumvention or resolution is provided. We will provide regular updates informing You of the progress to remedy the reported problem. For Severity 1 Errors only, telephone support is available to report irregularities twenty-four (24) hours per day seven (7) days per week.
High - Severity 2 Error:
A “Severity 2 Error” will mean that the Cloud Services is operational with functional limitations or restrictions but there is minimal business impact. The error has a large impact on the functionality of the application but does not require immediate release into the production environment.
We must start the correction of “Severity 2 Error” no later than one (1) hour following notification by You. We will work to correct Severity 2 Errors during normal business hours and will provide regular updates informing You of the progress to remedy the reported problem.
Medium - Severity 3 Error:
A “Severity 3 Error” will mean these Cloud Service is operational with functional limitations or restrictions that are not critical to the overall system operation. The error has a moderate impact on the functionality of the application. However, the Service remains usable by all groups.
We will work to correct Severity 3 Errors during normal business hours. We will use reasonable efforts to correct such errors within thirty (30) business days.
Low - Severity 4 Error:
A “Severity 4 Error” will mean the Cloud Service is operational with problems or errors, which have little impact on system operations. Severity 4 Errors will include documentation errors. The error has a minor impact on the functionality of the application.
“Severity 4 Error” events are normally corrected in the next maintenance release of the Cloud Service.
To Contact Us, please reach out to Your Customer Support Manager or through the Skyhigh Support Service Portal at https://www.skyhighsecurity.com/en-us/support.html.