Yubico Support Services Agreement

1.1 Scope. This Support Services Agreement shall govern Yubico’s provisioning of Support Services as specifically set forth in the exhibit(s) as attached. The purchase and licensing of Yubico products (“Products”) shall be governed by the YubiEnterprise Subscription License Agreement, Yubico Sale and License Agreement or other written purchase agreement separately agreed upon by the parties (“Purchase Agreement”) and not this Support Services Agreement.

1.2 Performance of Services. Subject to Customer’s payment of the applicable Support Services fees, Yubico will perform the Support Services specified in the Yubico sales order form (“Order Form”) in accordance with the terms and conditions of this Support Services Agreement, and as further specified in the Support Services Exhibit, attached.

1.3 Discretionary Support. If Customer has purchased Support Services pursuant to an Order Form, then this Section is not applicable. If Customer has not purchased Support Services pursuant to an Order Form, then Yubico will have no obligation to provide Support Services to Customer. If Yubico, in its sole discretion elects to provide support to Customer, it shall not be subject to this Support Services Agreement and is provided on an “as is” basis without any warranties, service levels or obligations; similarly, in no event shall Yubico be liable for any damage arising from providing such discretionary support.

1.4 Designated Contacts. Each party will designate one or more individuals who will serve as the point(s) of contact between the parties for all matters relating to Support Services to be performed thereunder. A party may designate new contacts by written notice to the other party.

1.5 Relationship of the Parties. Yubico is performing Support Services as an independent contractor and nothing in this Support Services Agreement will be construed as establishing an employment, agency, partnership or joint venture relationship between Customer and Yubico or any Yubico personnel.

2.1 Fees. For Yubico’s performance of the Support Services, Customer will pay Yubico fees as specified in the Order Form.

2.2 Interest. All past due amounts will incur interest at a rate of 1.5% per month or the maximum rate permitted by law, whichever is greater. Customer will reimburse Yubico for all reasonable costs and expenses incurred (including reasonable attorneys’ fees) in collecting any overdue amounts.

2.3 Payment Terms and Taxes. Fees for Support Services will be invoiced upfront and Customer will pay such invoice no later than 30 days from the invoice date, provided that Yubico reserves the right to require prepayment if Customer has exhibited questionable credit worthiness or has failed to adhere to payment terms for prior Yubico purchases. Customer will pay all amounts due under this Support Services Agreement in U.S. currency. All fees, expenses and other amounts payable to Yubico hereunder are net amounts and are payable in full, and do not include any sales, use, withholding, value added or other applicable taxes, tariffs, duties, or out-of-pocket expenses, payment of which will be the sole responsibility of Customer (excluding any taxes based on Yubico’s net income). Customer will promptly reimburse Yubico for any such amounts that Yubico pays on Customer’s behalf.

3.1 Definition. “Confidential Information” means but is not limited to: (a) all aspects of the Product and Services; (b) all documentation marked “Do Not Copy” or “Yubico Confidential;” (c) any business or technical information of Yubico or Customer that, if disclosed in writing, is marked “confidential” or “proprietary” at the time of disclosure, or, if disclosed orally, is identified as “confidential” or “proprietary” at the time of disclosure, and is summarized in a writing sent by the disclosing party to the other party within 30 days of such disclosure; (d) the specific terms and pricing set forth in this Support Services Agreement and any corresponding Statements of Work; (e) customer materials and Yubico materials; and (f) any information that, due to its nature or under the circumstances of its disclosure, the receiving party knows or has reason to know should be treated as confidential or proprietary.

3.2 Exclusions. Confidential Information does not include information that: (a) is or becomes generally known to the public through no fault of or breach of this Support Services Agreement by the receiving party; (b) is rightfully known by the receiving party at the time of disclosure without an obligation of confidentiality; (c) is independently developed by the receiving party without use of the disclosing party’s Confidential Information; or (d) the receiving party rightfully obtains from a third party without restriction on use or disclosure.

3.3 Use and Disclosure Restrictions. Each party will not use the other party’s Confidential Information except as necessary for the performance of this Support Services Agreement and will not disclose such Confidential Information to any third party except to those of its employees and subcontractors that need to know such Confidential Information for the purpose of performing this Support Services Agreement, provided that each such employee and subcontractor is subject to a written agreement that includes binding use and disclosure restrictions that are at least as protective as those set forth herein. Each party will use all reasonable efforts to maintain the confidentiality of all such Confidential Information in its possession or control, but in no event less than the efforts that such party uses with respect to its own proprietary information of similar nature and importance.

3.4 Compelled Disclosures. The foregoing obligations will not restrict either party from disclosing Confidential Information of the other party: (a) pursuant to the order or requirement of a court, administrative agency, or other governmental body, provided that the party required to make such a disclosure, to the extent permissible under applicable law, gives reasonable notice to the other party to contest such order or requirement; and (b) on a confidential basis to its legal or financial advisors. In addition, each party may disclose the terms and conditions of this Support Services Agreement: (x) as required under applicable securities regulations; and (y) on a confidential basis to present or future providers of venture capital and/or potential private investors in or acquirers of such party.

EXCEPT FOR THE LIMITED WARRANTIES AS SET FORTH IN THIS SUPPORT SERVICES AGREEMENT, YUBICO DISCLAIMS ALL OTHER WARRANTIES, REPRESENTATIONS OR CONDITIONS, EXPRESS OR IMPLIED, INCLUDING ANY IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. NO ADVICE OR INFORMATION, WHETHER ORAL OR WRITTEN, OBTAINED FROM YUBICO OR ELSEWHERE WILL CREATE ANY WARRANTY NOT EXPRESSLY STATED IN THIS SUPPORT SERVICES AGREEMENT.

IN NO EVENT WILL YUBICO BE LIABLE TO CUSTOMER OR TO ANY THIRD PARTY FOR ANY SPECIAL, INCIDENTAL, PUNITIVE, EXEMPLARY OR CONSEQUENTIAL DAMAGES (INCLUDING LOSS OF USE, DATA, BUSINESS OR PROFITS) OR FOR COSTS OF PROCURING SUBSTITUTE SUPPORT SERVICES, ARISING OUT OF OR IN CONNECTION WITH THIS SUPPORT SERVICES AGREEMENT OR THE SUPPORT SERVICES, OR THE USE OR PERFORMANCE OF THE SUPPORT SERVICES, HOWEVER CAUSED A/ND REGARDLESS OF THE THEORY OF LIABILITY, EVEN IF YUBICO HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. YUBICO’S TOTAL LIABILITY TO CUSTOMER, FROM ALL CAUSES OF ACTION AND ALL THEORIES OF LIABILITY, WILL BE LIMITED TO AND WILL NOT EXCEED THE AMOUNTS PAID TO YUBICO BY CUSTOMER UNDER THE STATEMENT OF WORK GIVING RISE TO ANY LIABILITY HEREUNDER.

6.1 Term. This Support Services Agreement will commence on the Effective Date (which is the date of the last signature date on the corresponding Order Form) and, unless terminated earlier in accordance with the terms of this Support Services Agreement, will remain in force and effect for as long as Yubico is performing Support Services pursuant to any Order Form and/or Statement of Work.

6.2 Termination. Either party may terminate this Support Services Agreement (including all related Support Services subscriptions in Order Forms) if the other party breaches any material term of this Support Services Agreement and fails to cure such breach within 30 days after receipt of written notice of such breach. Termination of the Purchase Agreement will terminate this Support Services Agreement and related Support Services subscriptions in Order Forms.

6.3 Effect of termination; Survival. Upon termination of this Support Services Agreement: (a) Customer will promptly (i) return to Yubico the applicable portions of the Support Services not owned by Customer and all related copies and portions; and (ii) return or destroy all Confidential Information of Yubico to Yubico;; and (iii) Customer will, within 30 days after receipt of Yubico’s invoice, pay all accrued and unpaid fees and expenses and (b) Yubico will promptly (i) return to Customer all customer materials, and (ii) return or destroy all Confidential Information of Customer to Customer. The rights and obligations of the parties contained in Sections 2, 3, 4, 5, 6, 7.2 and 7.3 will survive the expiration or termination of this Agreement or any Statement of Work.

7.1 Assignment. Neither party may assign this Support Services Agreement, in whole or in part, without the other party’s express prior written consent, such consent not to be unreasonably withheld, except that either party may assign this Support Services Agreement in connection with a merger with or into a third party or to an acquirer of all or substantially all of its stock, business or assets to which this Support Services Agreement pertains. Any attempt to assign this Support Services Agreement, without such consent, will be null and of no effect. Subject to the foregoing, this Support Services Agreement will bind and inure to the benefit of each party’s successors and permitted assigns.

7.2 Governing Law and Jurisdiction. This Agreement shall be deemed to have been made in, and shall be construed pursuant to the laws of: (i) the State of California, U.S.A. if you obtained the Support Services from Yubico, Inc.; and (ii) Sweden if you obtained the Support Services from Yubico AB. In either event, the choice of law shall be without regard to the conflict of laws provisions thereof. Furthermore, both parties consent to the exclusive jurisdiction of the courts located in the State of California when California law applies and the courts located in Sweden when the laws of Sweden apply.

7.3 Severability and Waiver. If any provision of this Agreement is held invalid or unenforceable by a court of competent jurisdiction, then such provision shall be deemed severed from this Support Services Agreement and shall not affect the other remaining provisions. The failure by either party to enforce any provision of this Support Services Agreement will not constitute a waiver of future enforcement of that or any other provision.

7.4 Notices. All notices required or permitted under this Support Services Agreement will be in writing and delivered by courier or overnight delivery services, by email, or by certified mail, and in each instance will be deemed given upon receipt. All communications will be sent to the addresses set forth above or to such other address as may be specified.

7.5 Entire Agreement. This Support Services Agreement, together with all Order Forms, constitutes the complete agreement and understanding of the parties with respect to its subject matter and supersedes all prior understandings and agreements, whether written or oral, with respect to its subject matter. No term of any Order Form will be deemed to amend the terms of this Support Services Agreement unless the Order Form references a specific provision in this Support Services Agreement and provides that the Order Form is amending only that specific provision of this Support Services Agreement and only with respect to the Services performed pursuant to such Order Form. Any waiver, modification or amendment of any provision of this Support Services Agreement will be effective only if in writing and signed by the parties.

7.6 Force Majeure. Neither party will be responsible for any failure or delay in its performance under this Support Services Agreement (except for any payment obligations) due to causes beyond its reasonable control, including, but not limited to, labor disputes, strikes, lockouts, shortages of or inability to obtain labor, energy, raw materials or supplies, war, acts of terror, riot, acts of God or governmental action.

4.1 “Customer Support Contact(s)” means individuals designated by Customer who are trained on the use of the Product and authorized by Yubico to report Problems and make Priority Support inquiries to Yubico Support Contacts.

4.2 “Error” means that the Products (or any part thereof) when used in the operating environment and otherwise according to the instructions of Yubico, do not operate as defined in published specifications in a material respect. Defects or non-conformities causing minor and trivial deviations therefrom are not considered as Errors.

4.3 “Error Corrections” means patches and bug fixes developed by Yubico to correct Errors.

4.4 “Problem” means a problem or error encountered in the reasonable and authorized use of the Software or Product that (i) degrades the performance of the Software or Product as compared to the published specifications applicable to such Software or Product, or (ii) renders one or more features of the Software or Product wholly or partly inoperable.

4.5 “Problem Report” means a reasonable description of a Problem encountered by Customer or its users, including: the User who encountered the Problem, the date and time the Problem was encountered, the operating environment the problem occurred in, the functions the User was attempting, the steps taken by the Customer Support Contact to resolve the problem prior to submitting a Problem Report and a reproducible test case.

4.6 “Update” means Error Corrections, minor enhancements and patches and other minor changes to the Software that are generally made available by Yubico to its Customers at no additional cost pursuant to the Priority Support. Updates do not include enhancements to or new versions of Software that provide substantial new, enhanced or different features, functions or performance.

4.7 “Upgrade” means any new functional releases of the Products (including new or additional functionality) provided pursuant to the Priority Support. Upgrades will not include any release, options or future Products to which Yubico generally grants licenses separately from a license to the Products (such as new YubiKeys).

4.8 “Updated Hardware” means a replacement Product (that is Hardware) designed to correct an identified critical security issue in an existing Product (that is Hardware).

4.9 “Yubico Support Contacts” are those individuals designated by Yubico to assist Customer with Problems. Customer Support Contacts shall communicate with Yubico Support Contacts in order to report and resolve a Problem and respond to inquiries.

4.10 “Workaround” means a change in the procedures followed or data supplied by Customer to avoid an Error without substantially impairing Customer’s use of the Products.

5.1 Web support: Access to Yubico’s online resources, offering the Customer the ability, on a 24×7 basis (24 hours a day, seven days a week), to download documentation, available patches and known bug fixes, incompatibilities, Updates and Workarounds for the Products licensed to Customer.

5.2 Email access to Helpdesk: Email support for general questions related to the use of the Products.

6.1 Scope of Support Services  for Hardware. Subject to the terms in this Priority Support Exhibit and the Services Agreement, Yubico will make available to Customer Updated Hardware when Yubico has become aware of a critical security vulnerability with a previous version of a Product (that is Hardware) that could materially adversely affect the security of Customer’s data. The determination of whether a critical security vulnerability exists that could materially adversely affect a Customer’s data shall be made by Yubico in its sole discretion.

6.2 Prompt Replacement of Existing Products. Customer agrees to use commercially reasonable efforts to promptly replace the compromised existing Products (that is Hardware) with the Upgraded Hardware and provide evidence of the destruction of the compromised Products (that is Hardware) to Yubico if requested.

7.1 Scope of Support Services.  Yubico will provide the following Priority Support with respect to the Software:

(a) Make available Updates as such Updates become generally available; and

(b) Yubico will work to correct Problems with the Software by email.

7.2 Updates. As permanent solutions are developed for known Errors in the Software, they will be incorporated from time to time in planned Updates. Yubico will make available to Customer, free of additional charge, with such Updates as they are released. Yubico will make available documentation that Yubico considers reasonably necessary to assist in a smooth transition for mitigating the errors.

7.3 Installation of Updates. All Updates will be made available to Customer electronically via secure download from Yubico’s designated site. Customer agrees to use commercially reasonable efforts to promptly download and install all Updates supplied hereunder in order to maintain the Software at the most current revision level. Yubico will only be obligated to provide Priority Support for the Software only (i) for the current revision level of the Software, and (ii) for the pre-updated version of the Software for six months following the release of an Update. Customer is solely responsible for all costs of installation of Updates. Notwithstanding anything to the contrary in this Agreement, Yubico disclaims any and all warranties in the Software to the extent Customer does not install any Updates made available by Yubico.

7.4 Problem Reporting. Prior to submitting a Problem Report, Customer shall make all reasonable efforts to resolve the Problem without assistance from Yubico. Customer Support Contacts shall attempt to reproduce any problems reported to them by Customer’s users and only report reproducible Problems to Yubico. For Problems that Customer is unable to resolve itself, Customer Support Contacts shall report the Problem to Yubico. All communications concerning Problem identification and resolution shall occur between Customer Support Contacts and Yubico Support Contacts. Valid Problem Reports must be submitted to Yubico in English.

7.5 Problem Resolution. Yubico shall address reported Problems in accordance with the severity level assigned to such Problem by Yubico. Yubico shall exert good faith, commercially reasonable efforts to achieve the response times set forth in the Severity Level table, above. However, Customer acknowledges and agrees that Yubico may not be able to achieve such response times at all times and under all circumstances.

8.1 Customer Errors. Yubico will have no obligation of any kind to provide Priority Support of any kind for problems in the operation or performance of Products or Software to the extent caused by any of the following (each, a “Customer-Generated Error”):

(a) non-Yubico software or hardware Products or use of the Software or Product in conjunction therewith;

(b) modifications to the Software or Product made by any party other than Yubico;

(c) Customer’s use of the Software or Product other than in a reasonable manner and as authorized by Yubico; and

(d) Customer’s use of other than the most current Product and the most current version of the Software or any Error Corrections or Updates made available by Yubico (or pre-updated version of the Software for six months following the release of an Update).

8.2 Excluded Products. The Priority Support applies only to the Products licensed to Customer as further listed above in Section 1 (Support Plans Offered) and any applicable Updates and Upgrades, but not to any new Products of the same Product family or other Products from Yubico. The granting of rights of use and the delivery of the relevant license files for all Updates and Upgrades will be limited to the number and type of Products, as well as the terms of use thereof, for which this Agreement has been concluded. 

8.3 Integration/Implementation Services. Priority Support does not include support of Product implementation and/or integration with third-party software platforms and programs, such as Certificate Management Systems (CMS), Identity Providers (IdP) and Identity and Access Management (IAM) systems, applies only to Yubico hardware plugged directly into devices (or connecting via NFC), and does not extend to support for passthrough scenarios including but not limited to virtual machines.

9.1 Updated Hardware Warranty. Unless as provided otherwise, the warranty for any Updated Hardware shall persist for (i) in the case of perpetually-licensed YubiKeys, the longer of the remaining period of the original one-year Product warranty as described in the Purchase Agreement or 90 days from the date Yubico ships the Updated Hardware to Customer, or (ii)  in the case of a YubiEnterprise Subscription, through the remainder of the then-current subscription term as described in the Purchase Agreement, as applicable.

9.2 Priority Support Warranty. Yubico warrants that the Priority Support will be performed in a workmanlike manner by qualified personnel familiar with the Software and Hardware and its operations. This warranty will be in effect for a period of 30 days from completion of Yubico’s performance of the affected Priority Support.

9.3 Sole Remedy. Except solely as set forth in this Section, Fees for Priority Support are non-refundable. As Customer’s sole and exclusive remedy and Yubico’s entire liability for any breach of the warranty set forth in Section 9.2 regarding Yubico’s provision of Software Support Services, Yubico will, at its option: (a) promptly re-perform the Priority Support in an attempt to correct any Errors; (b) provide Customer with a reasonable procedure to circumvent the nonconformity; or (c) refund to Customer an equitable portion of the fees paid if the Problem cannot be resolved.

9.4 Disclaimer. Yubico does not warrant that the Updated Products, Updates, Error Corrections, Workarounds and Priority Support provided or made available pursuant to this Services Agreement will meet Customer’s requirements, or that the Updated Products, Updates, Error Corrections and Workarounds will work in the combinations that Customer may select, or that the operation of the Updated Products, Updates, Error Corrections, Workarounds and Priority Support will be error-free or that all errors in the Products and/or Software will be corrected. Yubico will have no obligation or liability for any Customer-Generated Errors. EXCEPT AS EXPRESSLY SET FORTH HEREIN, (I) ALL UPDATED HARDWARE ARE SUBJECT TO THE SAME TERMS AND CONDITIONS THE PARTIES AGREED TO WITH RESPECT TO THE ORIGINAL PRODUCTS THAT ARE REPLACED BY THE UPDATED HARDWARE, AND (II) ALL UPDATES ARE SUBJECT TO THE SAME TERMS AND CONDITIONS THE PARTIES AGREED TO WITH RESPECT TO THE SOFTWARE MODIFIED OR REPLACED BY THE UPDATES