Welcome to Surgeship. We’re glad you’re here, and we hope you enjoy everything we have to offer.

Please read these Terms carefully because they are a binding agreement between You and Surgeship and its parent company Surge Analytics Inc., (“Surgeship” or “SAI” or “We”).

These Terms govern your use of the websites that link to these Terms. In these Terms, the word “Sites” refers to each of these websites and the services offered on those Sites. You automatically agree to these Terms and to our Privacy Statement simply by using or logging into the Sites.

Please note that we offer many services. Your use of Surgeship products or services are provided by Surgeship pursuant to a separate manually or digitally-executed agreement. Those additional terms become part of your agreement with us, if you use the services or log into the Sites.

1. Your Accounts

You may be required to create an account and specify a password in order to use certain services or features on the Sites. To create an account, you must be at least 18 years old and you must provide truthful and accurate information about yourself. Don’t try to impersonate anyone else when you create your account. If your information changes at any time, please update your account to reflect those changes.

In some cases, an account may be assigned to you by an administrator, such as your employer or educational institution. If you are using or logging into an account assigned to you by an administrator, additional terms may apply to your use of the Sites. Moreover, your administrator may be able to access or disable your account without our involvement.

You may not share your account with anyone else. Please keep your password confidential, and try not to use it on other websites. If you believe that your account has been compromised at any time, please notify your system administrator.

2. SurgeHelp

Please note that if you register for the Help & Training portal or Partner Community on our Sites and don’t already have a SurgeHelp Account, we will automatically create a SurgeHelp Account for you. The personal information (such as name, company information, photos etc.) that may be collected during the course of registering for SurgeHelp, logging into the Help & Training portal, or Partner Community sites may be used or shared with our group companies or our agents for the purpose of improving quality of our services. If you request information about or access those partners’ products or services on the AppExchange you agree to have your personal information shared with Surgeship partners for marketing purposes. The SurgeHelp is a free site created for Surgeship customers, partners, prospects, and attendees of certain events.

Your first name and last name may be displayed on your SurgeHelp account, which is visible to other members of the SurgeHelp. Your SurgeHelp account is for your use only and cannot be shared or used by anyone else. You are solely responsible for maintaining the confidentiality of your SurgeHelp username and password, and are entirely responsible for any and all activities under your SurgeHelp account. You agree to notify Surgeship immediately of any unauthorized use or any other breach of security involving your username and password or account. Surgeship will not be liable for any loss incurred as a result of an unauthorized use of a username/password or account.

You acknowledge and agree that the SurgeHelp and other similar forums are public spaces and that your participation in such communities creates no expectation of privacy. Further, you acknowledge that any Content you communicate in a community may be seen and used by others. You understand that our staff, outside contributors, or other users connected with us may participate in communities or other aspects of the Sites and may employ anonymous user names when doing so. IF YOU CHOOSE TO MAKE ANY OF YOUR PERSONAL INFORMATION OR OTHER CONTENT PUBLICLY AVAILABLE IN A COMMUNITY OR OTHERWISE ON OR THROUGH THE SITES, YOU DO SO AT YOUR OWN RISK.

3. Modifications and Termination

We reserve the right to modify our Sites at any time, with or without notice to you. For example, we may add or remove functionality or features, and we may suspend or stop a particular feature altogether. We also reserve the right to charge a fee for any of our features at any time. If you don’t like any changes, you can stop using our Sites at any time.

4. Content You Post

We may provide opportunities for you to post text, photographs, videos, or other content (collectively, “Content”) on the Sites. You can only post Content if you own all the rights to that Content, or if another rights holder has given you permission.

You do not transfer ownership of your Content simply by posting it. However, by posting Content, you grant us, our agents, licensees, and assigns an irrevocable, perpetual (non-exclusive) right and permission to reproduce, encode, store, copy, transmit, publish, post, broadcast, display, publicly perform, adapt, modify, create derivative works of, exhibit, and otherwise use your Content. Without those rights, we couldn’t offer our Services. Please note that this license continues even if you stop using our Sites.

You agree to indemnify, release, and hold us harmless from any all liability, claims, actions, loss, harm, damage, injury, cost or expense arising out of any Content you post.

Keep in mind that if you send us any information, ideas, suggestions, or other communications to us, those communications will not be confidential. Moreover, unless we tell you otherwise, we reserve the right to reproduce, use, disclose, and distribute such communications without any obligation to you.

5. Content Posted by Others

We are not responsible for, and do not endorse, Content posted by any other person. Accordingly, we may not be held liable, directly or indirectly, for any loss or damage caused to you in connection with any Content posted by another member.

6. Your Use of the Sites

Please do not use the Sites in a way that violates any laws, infringes on anyone’s rights, is offensive, or interferes with the Sites or any features on the Sites (including any technological measures we employ to enforce these Terms).

It should be common sense, so we won’t bore you with a list of things you shouldn’t do. But if we (in our sole discretion) determine that you have acted inappropriately, we reserve the right to take down Content, terminate your account, prohibit you from using the Sites, and take appropriate legal actions.

Using our Site does not give you ownership of any intellectual property rights to the content you access. You may not use content from our Sites unless you obtain permission from us or its owner, or unless you are otherwise permitted by law.

When you use a Site or send communications to us through a Site, you are communicating with us electronically. You consent to receive electronically any communications related to your use of a Site. We may communicate with you by email or by posting notices on the Site. You agree that all agreements, notices, disclosures and other communications that are provided to you electronically satisfy any legal requirement that such communications be in writing. All notices from us intended for receipt by you shall be deemed delivered and effective when sent to the email address you provide to us. Please note that by submitting Content, creating a user account or otherwise providing us with your email address, postal address or phone number, you are agreeing that we or our agents may contact you at that address or number in a manner consistent with our Privacy Statement.

7. Intellectual Property

If you believe any Content on the Services infringes your copyrights, you may request that remove the Content from the Services (or disable access to that Content) by emailing us your concern at help@surgeanalytics.ca.

You are prohibited from using our Trademark or Copyrighted Work unless granted explicit consent by Surge Analytics Inc., in writing.

8. Social Networks

The Service may include features that operate in conjunction with certain third party social networking websites that you visit such as Facebook, Instagram, YouTube, Vimeo, and Twitter (“Social Network Features”). While your use of the Social Network Features is governed by these Terms, your access and use of third party social networking sites and the services provided through the Services is governed by the terms of service and other agreements posted on these sites. You are responsible for ensuring that your use of those sites complies with any applicable terms of service or other agreements.

9. Our Warranties and Disclaimers

We provide our Services using a commercially reasonable level of care and promise to do our best to make sure you enjoy the Services. But there are certain things that we don’t promise about our Services.

OTHER THAN AS EXPRESSLY SET OUT IN THESE TERMS OF SERVICE, NEITHER SURGESHIP.COM, INC. NOR ITS AGENTS OR SERVICE PROVIDERS (THE “SERVICES ENTITIES”) MAKE ANY SPECIFIC PROMISES ABOUT THE SITES. FOR EXAMPLE, WE DON’T MAKE ANY COMMITMENTS ABOUT THE CONTENT WITHIN THE SITES, THE SPECIFIC FUNCTION OF THE SITES, OR THEIR RELIABILITY, AVAILABILITY, OR ABILITY TO MEET YOUR NEEDS. WE PROVIDE THE SITES “AS IS”.

SOME JURISDICTIONS PROVIDE FOR CERTAIN WARRANTIES, LIKE THE IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT. TO THE EXTENT PERMITTED BY LAW, WE EXCLUDE ALL WARRANTIES.

10. Liability for our Services

EXCEPT WHERE PROHIBITED, THE SERVICES ENTITIES SHALL NOT BE LIABLE FOR ANY INDIRECT, SPECIAL, INCIDENTAL, CONSEQUENTIAL, OR EXEMPLARY DAMAGES ARISING FROM YOUR USE OF THE SITES OR ANY THIRD PARTY’S USE OF THE SITES. THESE EXCLUSIONS INCLUDE, WITHOUT LIMITATION, DAMAGES FOR LOST PROFITS, LOST DATA, COMPUTER FAILURE, OR THE VIOLATION OF YOUR RIGHTS BY ANY THIRD PARTY, EVEN IF THE SERVICES ENTITIES HAVE BEEN ADVISED OF THE POSSIBILITY THEREOF AND REGARDLESS OF THE LEGAL OR EQUITABLE THEORY UPON WHICH THE CLAIM IS BASED.

11. Additional Details

We may modify these Terms at any time so be sure to check back regularly. By continuing to use or log in to a Site after these Terms have changed, you indicate your agreement to the revised Terms. If you do not agree to the changes, you should stop using or logging in to the Sites.

The Sites may contain links to third-party websites. That doesn’t mean that we control or endorse those websites, or any goods or services sold on those websites. Similarly, the Sites may contain ads from third-parties. We do not control or endorse any products being advertised.

If you do not comply with these Terms, and we don’t take action right away, this doesn’t mean we’re OK with what you did, or we are giving up any rights that we may have (such as taking action in the future).

These Terms are governed by and construed in accordance with the laws of California, without regard to its conflict of laws rules. You expressly agree that the exclusive jurisdiction for any claim or dispute under these Terms and or your use of the Services resides in the courts located in San Francisco, California, and you further expressly agree to submit to the personal jurisdiction of such courts for the purpose of litigating any such claim or action. If it turns out that a particular provision in these Terms is not enforceable, that will not affect any other provision.

Surgeship accepts and responds to any requests such as disclosure, correction, addition, or deletion and veto of use or provision of personal information (the “Disclosure Requests”) from the person who provided his/her personal information. For detailed procedures of disclosure request, please refer to the Surgeship’s Basic Personal Information Protection Policy (link).

These terms were last updated on August 1, 2021.

Last updated on March 1, 2021.

SAI believes in the importance of thoughtfully handling personal information and is committed to privacy practices that are transparent and compliant. This Privacy Statement sets out how SAI uses the personal information we collect and receive about you.

Categories of Personal Information Collected

SAI collects personal information in support of its mission to help people see and understand their data. This personal information is collected through a variety of ways. You provide some information directly to us; we receive some information when you visit our website or use our products and services; and we receive some information from third parties. The categories of information we collect will depend on your interactions with SAI:

Contact information. Name, employer, title, email address, physical address, phone number, and similar contact info, user names and passwords.

Payment and financial information. Credit card number, banking information and billing address.

Demographic Information. Employment status, occupation, region. If you participate in a SAI research focus group, then you will have the option to provide further information, such as gender, race, and age.

Inferred and derived information. Data such as propensities and attributes that SAI generates to help us understand you and your preferences.

Transaction and registration information. Information which is generated in the course of your transaction with SAI, including account information, logins, passwords, and purchase history. Product registration information, product interest information, transaction information, and in some cases, student verification information. We may also collect registration information related to your attendance at SAI events, including travel information, scheduling information, food preferences or allergies, and accessibility requests.

Website data. When you visit a SAI website, we may collect online and technical information from your computer or mobile device, (such as your browser type; your Internet Protocol (IP) address and geographic areas derived from your IP address); time-stamped logs regarding access times and duration of visits; the web pages you visited before coming to SAI websites (referring URL); and other usage data relating to your activities on our Sites, including the pages you request.

Product-related data. When you use a SAI product or service, we collect certain information related to your use of our products and services. SAI products may collect two types of usage-related data (“Usage Data”) depending on your configuration:

Basic Product Data: “Basic Product Data” refers to technical information about your computer or mobile device (such as device type, operating system type and version, and SAI-assigned identifiers that help us recognize your device and validate that you are a licensed user), and details about which of our products and product versions you are using.

Product Usage Data: “Product Usage Data” refers to whether or how you use specific features within our products and services, such as the types of data sources you query, the types of visualizations you build, the number of steps in a flow, the type of flow operations you use, and the queries you submit (including natural language queries), as well as hardware properties such as CPU type and amount of RAM.

We may link this information to the personal information we have collected about you and use it for the purposes described in this Privacy Statement, and we may deliver targeted marketing and product information back to you based on this data.

Third party data. We may receive your personal information from third party suppliers or partners. If you connect with SAI accounts on third party sites, we may receive information about your social networking accounts, for example, your name, user name or display name, public profile, and email address. We may combine information you provide with data we collect automatically and with data we receive from third parties.

Images, video and recordings. Pictures, videos or audio recordings may be collected by SAI. For example, if you attend a SAI event, your image may be captured in a photo or video. If you call SAI customer support, your call may be recorded.

If you decline to provide your personal information or ask us to delete it, we may be unable to continue to provide or support our products or services.

Ways We Use Personal Information

We use the personal information we collect for the purposes described in this Privacy Statement, as covered in any agreement that incorporates this Privacy Statement, or as disclosed to you in connection with our websites. For example, we will use your information to:

• Provide and deliver products or services, including software updates;
• Operate and improve our operations, systems, products, and services;
• Understand you and your preferences to enhance your experience;
• Respond to your comments and questions and provide customer service;
• Provide service and support, such as sending confirmations, invoices, technical notices, updates, security alerts, and administrative messages and providing customer support and troubleshooting;
• Communicate with you and your referrals about promotions, upcoming events, and news about products and services offered by SAI and our selected partners;
• Link or combine information about you with other personal information we get from third parties, to help understand your needs and provide you with better and more personalized service;
• Enforce our terms and conditions or protect our business, partners, or users;
• Protect against, investigate, and deter fraudulent, unauthorized, or illegal activity; and
• Keep our products, facilities, and services secure.

Reasons for Using Your Information

• When we process your personal information we will only do so where at least one of the following applies:
• We need to use your personal information to perform our responsibilities under our contract with you and to provide you with tools and services.
• We have a legitimate reason to collect and use your personal information. For example, it is in our legitimate interests to use usage data including your personal information to improve our products and services; to tell you about changes to this Privacy Statement and other policies; to tell you about new products, services and events or changes to our products, services or websites; for business reasons (for example to develop and expand our business); and to tell you about offers or promotions we are running.
• You have given consent to use your personal information. You may withdraw consent by opting out where we give you the opportunity to do so, or by contacting us using the contact details below.
• If it is necessary for us to use your personal information in order to comply with a legal obligation.
• You have chosen to make the information public. You should not share any personal information which you wish to keep confidential or private.

Sharing of Personal Information

• SAI works to keep your personal information confidential and secure. In some circumstances SAI may share your information with third parties, for example:
• We may share your personal information when we have your permission, including when you choose to share information using SAI services or post to our third-party websites;
• We provide personal information to trusted partners who work on behalf of or with SAI to provide us with services. For example, we may share contact information with our training and certification partners, our reseller and service partners, our data storage, customer support and marketing vendors, and with our software providers. These companies may use your personal information to perform services and to help SAI communicate with you, including making offers from SAI and our partners. SAI maintains contracts with these companies restricting their access, use and disclosure of personal information in compliance with this Privacy Statement and any legal obligations;
• If you connect to your third party accounts through our products, we will use that information to authenticate you, enumerate the data sources available to you, download any data you request us to, and download and refresh authentication tokens or persist authentication information such as user names and passwords as necessary to continue to connect to these data;
• We may share your contact and transactional information with our current or future affiliates, which may include parent and subsidiary companies, joint ventures, or other companies under common control, in which case we will require our affiliates to honor this Privacy Statement;
• We will disclose your personal information to comply with legal requirements, such as in response to a court order or a subpoena. We also may disclose your personal information in response to a law enforcement agency’s request, or where we believe it is necessary to investigate, verify, prevent, enforce compliance with, or take action regarding illegal or suspected illegal activities; suspected fraud; situations involving potential threats to the physical safety of any person; protection of the rights and property of SAI, our agents, customers, or others; violations or suspected violations of our agreements and policies; or as otherwise required or permitted by law or consistent with legal requirements;
• We transfer or disclose your personal information for corporate reasons. For example, to third parties in connection with or during negotiation of any merger, financing, acquisition, bankruptcy or similar transaction. We may also share personal information with our auditors, attorneys or other advisors in the connection with corporate functions; and
• Finally, we also share aggregated, anonymized or statistical information about you, including demographics data, with others for a variety of purposes, for example, for improving products and services for SAI and others.

We may facilitate third party services or ways to share data through third parties, including social media platforms, websites, applications, and services through plug-ins, widgets, buttons, and other third party features on and connected with our websites, communications or products. Third parties whose services you use in connection with SAI, such as third parties whose websites we link to, may have information practices that are different from ours. This Privacy Statement does not apply to the activities of third parties when they are collecting or using data for their own purpose or on behalf of others. We are not responsible for the activities of these third parties. We encourage you to review their privacy policies to understand how they use your information.

Storage and Security of Your Personal Information

We have reasonable and appropriate physical, electronic, and managerial procedures in place to help safeguard your personal information. However, you should know that no company, including SAI, can fully eliminate security risks associated with personal information. To help protect yourself, use a strong password, do not use the same passwords to access your SAI accounts that you use with other accounts or services, and protect your user names and passwords to help prevent others from accessing your accounts and services. For more information about SAI security practices, see our SPARC document.

Information collected by SAI or on our behalf may be stored on your computers, on your mobile devices, or on our servers, and may be transferred to, accessed from, or stored and processed in, the United States and Canada, and any other country where SAI or its service providers maintain facilities or support centers.

In certain circumstances we may retain your personal information after you have closed your account or are no longer actively engaged with SAI. For example:

• We may retain your personal information after you have closed your account so that we can send you information about products, services and publications we think you may be interested in. You can “unsubscribe” from receiving such messages or tell us you are no longer interested;
• We may retain your personal information in order to protect our legal rights, or those of third parties, or to comply with the law;
• We may retain personal information about how you have used our products and services in order to improve and develop our business;
• If you purchase products or services from us, we may retain your personal information for as long as we need to in order to provide you with customer service, or for compliance purposes, for example, in order to comply with our record keeping requirements;
• SAI may also use and share aggregated, non-personally identifiable data for system improvements, research, external training and marketing purposes.

Controlling your Personal Information

Our marketing emails permit you to opt-out of receiving further marketing emails. You may also contact us at help@surgeanalytics.ca any time to let us know that you no longer wish to receive marketing emails. If you opt out but are a current customer, we will still send you transactional emails. Transactional emails are necessary communications about your accounts and our business dealings with you, such as renewals and updates, and, as allowed by applicable law, requests for your participation in surveys. When you use our websites, you can choose to set your browser to remove cookies and to reject cookies from our servers. If you choose to remove or reject cookies, this could affect certain features or services of our websites. For information about how to remove or manage cookies please read our cookie policy. You have certain rights in your personal information, subject to local data protection laws.

Cookies and Web Beacons

Our websites use various software technologies including cookies, web beacons and pixel tags. Cookies are small text files that we and others may place in visitors’ computer browsers to store their preferences. We use web beacons or pixel tags – small pieces of code placed on a web page or within the body of an email – to monitor the behavior and collect data about the visitors viewing a web page or viewing or opening an email. Web beacons can be used to count the users who visit a web page or to deliver a cookie to the browser of a visitor viewing that page, and we use them from time to time for this and advertising purposes. We partner with third parties, including analytics companies, advertisers, and ad networks, who may place cookies on your browser when you visit our websites, may send their own cookies to your cookie file, and may use those cookies to track and collect information about you and your online activities over time and across different websites, devices, and applications and to provide targeted advertising based on your interests and previous browsing history. Third party ad networks may automatically collect information about your visits to our websites and other websites, such as your IP address, your Internet service provider, and the browser you use to visit our websites. They do this using cookies, web beacons or other technologies. You can learn more about practices of many of these third parties by visiting the Digital Advertising Alliance (http://www.aboutads.info/choices) in the USA, Digital Advertising Alliance of Canada (http://youradchoices.ca) in Canada. This Privacy Statement does not apply to, and we are not responsible for, cookies or web beacons and other technologies in third party advertising.

PIPEDA

Surge Analytics Inc. is compliant with PIPEDA requirements and ensures appropriate safeguards are in place. For more information a PIPEDA https://www.priv.gc.ca/en/privacy-topics/privacy-laws-in-canada/the-personal-information-protection-and-electronic-documents-act-pipeda/pipeda_brief/.

Updates

From time to time, we will update this Privacy Statement. In the event there are material changes to our information practices, we will note those changes on SAI’s Privacy Statement webpage (www.surgeanalytics.ca/legal-privacy) and in some cases send a notification of changes via email.

Published: January 8, 2021

Surge Analytics’ Corporate Trust Commitment

Surge Analytics is committed to achieving and maintaining the trust of our customers. Integral to this mission is providing a robust security and privacy program that carefully considers data protection matters across our suite of services, including protection of Customer Data as defined in Surge Analytics’ Master Subscription Agreement.

Services Covered

This documentation describes the architecture of, the security- and privacy-related audits and certifications received for, and the administrative, technical, and physical controls applicable to the services provided by Surge Analytics that are branded as Tableau Online and licensed under Surge Analytics’ Master Subscription Agreement (the “Covered Services”).

Architecture and Data Segregation

The Covered Services are operated in a multitenant architecture that is designed to segregate and restrict Customer Data access based on business needs. The architecture provides an effective logical data separation for different customers via a customer-specific unique identifier and allows the use of customer and user role-based access privileges. The specific infrastructure used to host and process Customer Data is described in the SPARC document.

Control of Processing

Surge Analytics has implemented procedures designed to ensure that Customer Data is only processed as instructed by the customer, throughout the entire chain of processing activities by Surge Analytics and its sub- processors. In particular, Surge Analytics and its affiliates have entered into agreements with their sub-processors containing privacy, data protection and data security obligations that provide a level of protection appropriate to the processing activities provided by them. Compliance with such obligations, as well as the technical and organizational data security measures implemented by Surge Analytics and its sub- processors, are subject to regular audits. The “Infrastructure and Sub-processors” documentation linked to above describes the sub-processors and certain other entities material to Surge Analytics’ provision of the Covered Services.

Third-Party Functionality

Unless customer customizes authentication as explained below (“User Authentication”), the Covered Services use Asymmetrical 256B Encryption to store and processes certain Registration Data (e.g., email, first name, last name and password) used to authenticate users.

Certifications & Adherence

The following security-and privacy-related certifications are applicable to one or more of the Covered Services, as described below:

ISO 27001

ISO 22301

ISO 20000-1:2011

ISO 27701:2019

PCI DSS

CIS Benchmark

NIST CSF

GDPR

SOC I-II Type 2

CSA STAR Level 1

Additionally, the Covered Services undergo security assessments by internal personnel and third parties, which may include infrastructure vulnerability, production environment and/or application security assessments.

As further described in the SPARC document, Surge Analytics uses infrastructure provided by a third party, including Microsoft (“MS”) and OVH to host and process Customer Data submitted to the Covered Services. Information about security and privacy-related audits and certifications received by MS and OVH, including information on ISO 27001 certification and System and Organization Controls (SOC) reports are available from the Microsoft and OVH websites.

Security Controls

The Covered Services include a variety of configurable security controls. These controls may include:

• Unique user identifiers (user IDs);
• Password complexity and length requirements and controls;
• Controls to throttle access after a number of consecutive failed login attempts;
• Support for Two-Factor Authentication via a customer-provided, third-party-identity provider
• Required use of TLS certificates to secure site URL access;
• Controls to terminate a user session after a period of inactivity; and
• Configurable access controls, including to enable or disable accounts.
• Security Policies and Procedures
• The Covered Services maintain security policies and procedures, which may include the following administrative and technical safeguards:
• User passwords are stored using a salted hash format in the event customer chooses to use Surge Analytics for authentication to the Covered Services;
• Passwords are not transmitted to or from the Covered Services unencrypted
• Passwords are not logged;
• No temporary password is set when a site is created;
• OAuth tokens are encrypted and not transmitted unencrypted;
• Client-server communication logs are maintained temporarily to facilitate debugging and system monitoring.

Security and related measures as part of the Services include:

Intrusion Detection

Surge Analytics, or an authorized third party, monitors for unauthorized intrusions using network-based and/or host-based intrusion detection mechanisms. Surge Analytics may analyze data collected by users’ web browsers (e.g., device type, screen resolution, time zone, operating system version, browser type and version, system fonts, installed browser plug-ins, enabled MIME types, etc.) for security purposes, including to detect compromised browsers, to prevent fraudulent authentications, and to ensure that the Covered Services function properly.

Security Logs

All Surge Analytics systems used in the provision of the Covered Services log information to their respective system log facilities or a centralized logging service (for network systems) to enable security reviews and analysis.

Incident Management

Surge Analytics maintains security incident management policies and procedures. Surge Analytics notifies impacted customers without undue delay of any unauthorized disclosure of their respective Customer Data by Surge Analytics or its agents of which Surge Analytics becomes aware to the extent permitted by law.

User Authentication

Access to the Covered Services requires a valid authentication credential (e.g., valid email address and password combination or an API key/secret). Customers can choose to authenticate via a Non-SAI Application third-party SSO and/or authentication provider. Any transmission of authentication credentials to or from the Covered Services is encrypted while in transmission. Following a successful authentication, a random session ID is generated and stored in the user’s browser to preserve and track session state.

Physical Security

Production data centers used to provide the Covered Services have access control systems. These systems permit only authorized personnel to have access to secure areas. These facilities are designed to withstand adverse weather and other reasonably predictable natural conditions, are secured by around- the-clock guards, two-factor access screening, and escort-controlled access, and are also supported by on- site back-up generators in the event of a power failure. Datacentre locations are not published or searchable.

Reliability and Backup

All networking components, network accelerators, load balancers, Web servers and application servers are configured in a redundant configuration. Customer Data submitted to the Covered Services is stored on a primary database server and file servers that are clustered with a backup database server and file server for higher availability. All Customer Data submitted to the Covered Services is backed up regularly.

Disaster Recovery

MS data centers are designed to mitigate the risk of single points of failure and provide a resilient environment to support service continuity and performance. Surge Analytics has disaster recovery procedures in place which provide for backup of critical data and services. A system of recovery processes exists to bring business-critical systems for Covered Services back online if needed.

Viruses

The Covered Services do not scan for viruses that could be included in attachments or other data uploaded into the services by customers.

Data Encryption

The Covered Services use industry-accepted encryption products to protect Customer Data and communications during transmissions between a customer’s network and the Covered Services, including TLS 1.2 or newer.

Return of Customer Data

During the subscription period, customers may export a copy of any Customer Data through the Covered Services at any time. Customers are given a 14-day grace period following the expiration of their subscription period, during which they can continue to access the Covered Services and export their data. At the end of the 14-day grace period, Customer access to the Covered Services is suspended. During the 76-day period immediately following the grace period, a Customer may request export of Customer Data by contacting customer support.

Deletion of Customer Data

After termination of the Covered Services and expiration of the 90-day period described above, Customer Data submitted to the Covered Services will be deleted within 60 days. This process is subject to applicable legal requirements.

Sensitive Data

Important: The following types of sensitive personal data may not be submitted or copied to the Covered Services: payment card data; government-issued identification numbers; and financial information (such as credit or debit card numbers, bank account numbers and any related security codes or passwords).

For clarity, the foregoing restrictions do not apply to financial information provided to Surge Analytics for the purposes of checking the financial qualifications of, and collecting payments from, its customers, the processing of which is governed by the website privacy statement for the applicable Covered Service.

In addition, the following types of sensitive personal data may not be submitted or copied to the Covered Services: personal health information, where Customer is a health care provider, health care clearinghouse, health plan, or an entity performing functions on behalf of such entities, except in limited circumstances where, subject to restrictions, Surge Analytics has expressly permitted such submission contractually. If Customer does submit personal health information or other sensitive or regulated data to the Covered Services, then Customer is responsible for ensuring that its use of such Covered Services to process that information complies with all applicable regulations.

Registration Data

To access or use the Covered Services, customers must provide information about Users or system administrators (“Registration Data”). Registration Data consists of username, name, email, organization, department, job role, postal code, and phone number. Surge Analytics processes Registration Data, or derived information thereof, and usage data as a data controller, including for communications, internal administration, to enforce terms and conditions, and to secure, support, deliver, and provide improvements to the Covered Services. Surge Analytics provides appropriate protections for Registration Data and usage data and treats it consistently with the Surge Analytics Privacy Statement.

Analytics

Surge Analytics may track and analyze the usage of the Covered Services for the purposes of security and helping Surge Analytics improve both the Covered Services and the user experience in using the Covered Services, including by tracking, using, and storing usage data for such purposes. For example, we may use this information to understand and analyze trends or track which of our features are used most often to improve product functionality. For the Covered Services, usage data may include natural language and other search queries, Registration Data, or data identifying or naming a file, Viz, folder, instance, Workbook, Worksheet, field name, filter name, label, or similar data object, including labeling provided directly by the Customer.

Surge Analytics may share usage data with Surge Analytics’s service providers for the purpose of helping Surge Analytics in such tracking, analysis, and improvements. Additionally, Surge Analytics may share such usage data on an aggregate basis in the normal course of operating our business, for example, we may share information publicly to show trends about the general use of our services.

Interoperation with Other Services

The Covered Services may interoperate or integrate with other services provided by Surge Analytics or third parties. Security, Privacy and Architecture documentation (“SPARC”) for services provided by Surge Analytics is available on our website. Surge Analytics also provides a variety of platforms and features that allow Surge Analytics users to learn about Surge Analytics products, participate in communities, connect third- party applications, and participate in pilots, testing and assessments, which are outside the scope of this documentation. Surge Analytics may communicate with users that participate in such platforms and features in a manner consistent with our Privacy Statement. Additionally, Surge Analytics may communicate with customers and their users for transactional or informational purposes; for instance, through the Adoption Manager program or through system-generated messages, such as Chatter notifications. Surge Analytics may offer customers and users the ability to deactivate or opt out of receiving such messages.

THIS MASTER SUBSCRIPTION AGREEMENT GOVERNS CUSTOMER’S ACQUISITION AND USE OF SURGE ANALYTICS INC. (“SAI”) SERVICES, INCLUDING BUT NOT LIMITED TO SURGESHIP. CAPITALIZED TERMS HAVE THE DEFINITIONS SET FORTH HEREIN.
IF CUSTOMER REGISTERS FOR A FREE TRIAL OF SAI SERVICES OR FOR FREE SERVICES, THE APPLICABLE PROVISIONS OF THIS AGREEMENT WILL ALSO GOVERN THAT FREE TRIAL OR THOSE FREE SERVICES.

BY ACCEPTING THIS AGREEMENT, BY (1) CLICKING A BOX INDICATING ACCEPTANCE, (2) EXECUTING A SERVICE AGREEMENT THAT REFERENCES THIS AGREEMENT, OR (3) USING FREE SERVICES, CUSTOMER AGREES TO THE TERMS OF THIS AGREEMENT. IF THE INDIVIDUAL ACCEPTING THIS AGREEMENT IS ACCEPTING ON BEHALF OF A COMPANY OR OTHER LEGAL ENTITY, SUCH INDIVIDUAL REPRESENTS THAT THEY HAVE THE AUTHORITY TO BIND SUCH ENTITY AND ITS AFFILIATES TO THESE TERMS AND CONDITIONS, IN WHICH CASE THE TERM “CUSTOMER” SHALL REFER TO SUCH ENTITY AND ITS AFFILIATES. IF THE INDIVIDUAL ACCEPTING THIS AGREEMENT DOES NOT HAVE SUCH AUTHORITY, OR DOES NOT AGREE WITH THESE TERMS AND CONDITIONS, SUCH INDIVIDUAL MUST NOT ACCEPT THIS AGREEMENT AND MAY NOT USE THE SERVICES.

The Services may not be accessed for purposes of monitoring their availability, performance or functionality, or for any other benchmarking or competitive purposes. SAI’s direct competitors are prohibited from accessing the Services, except with SAI’s prior written consent.

This Agreement was last updated on March 3rd, 2021. It is effective between Customer and SAI as of the date of Customer’s accepting this Agreement.

1. DEFINITIONS
“Affiliate” means any entity that directly or indirectly controls, is controlled by, or is under common control with the subject entity. “Control,” for purposes of this definition, means direct or indirect ownership or control of more than 50% of the voting interests of the subject entity.

“Agreement” means this Master Subscription Agreement.

“Beta Services” means SAI services or functionality that may be made available to Customer to try at its option at no additional charge which is clearly designated as beta, pilot, limited release, developer preview, non-production, evaluation, or by a similar description.

“Content” means information obtained by SAI from publicly available sources or its third party content providers and made available to Customer through the Services, Beta Services or pursuant to a Service Agreement, as more fully described in the Documentation.

“Customer” means in the case of an individual accepting this Agreement on his or her own behalf, such individual, or in the case of an individual accepting this Agreement on behalf of a company or other legal entity, the company or other legal entity for which such individual is accepting this Agreement, and Affiliates of that company or entity (for so long as they remain Affiliates) which have entered into Service Agreements.

“Customer Data” means electronic data and information submitted by or for Customer to the Services, excluding Content and Non-SAI Applications.

“Documentation” means the applicable Service’s Security, Privacy and Architecture documentation (“SPARC”) and SAI’s Privacy Statement as updated from time to time, accessible via https://help.surgeanalytics.com or upon request.

“Downtime” means the time in which any service is not capable of being accessed or used by the Customer, as monitored by Service Provider.

“Free Services” means Services that SAI makes available to Customer free of charge. Free Services exclude Services offered as a free trial and Purchased Services.

“Malicious Code” means code, files, scripts, agents or programs intended to do harm, including, for example, viruses, worms, time bombs and Trojan horses.

“Marketplace” means an online directory, catalog or marketplace of applications that interoperate with the Services.

“Monthly Uptime Percentage” means the total number of minutes in a calendar month minus the number of minutes of Downtime suffered in a calendar month, divided by the total number of minutes in a calendar month multiplied by 100.

“Non-SAI Application” means a Web-based, mobile, offline or other software application functionality that interoperates with a Service, that is provided by Customer or a third party and/or listed on a Marketplace. Non-SAI Applications, other than those obtained or provided by Customer, will be identifiable as such.

“Ancillary Service” means additional services which may be provided by SAI, at the Customer’s request, and for a fee, such as; FTP hosting, VPN hosting, Remote Assistance Tools, and others which will be identifiable as such.

“Service Agreement” means an ordering document or online order specifying the Services to be provided hereunder that is entered into between Customer and SAI or any of their Affiliates, including any addenda and supplements thereto. By entering into a Service Agreement hereunder, an Affiliate agrees to be bound by the terms of this Agreement as if it were an original party hereto.

“Purchased Services” means Services that Customer or Customer’s Affiliate purchases under a Service Agreement or online purchasing portal, as distinguished from Free Services or those provided pursuant to a free trial.

“Services” means the products and services that are ordered by Customer under a Service Agreement or online purchasing portal, or provided to Customer free of charge (as applicable) or under a free trial, and made available online by SAI, including associated SAI offline or mobile components, as described in the Documentation. “Services” exclude Content and Non-SAI Applications.

“SAI” means the surgeanalytics.com company described in the “SAI Contracting Entity, Notices, Governing Law, and Venue” section below.

“User” means, in the case of an individual accepting these terms on his or her own behalf, such individual, or, in the case of an individual accepting this Agreement on behalf of a company or other legal entity, an individual who is authorized by Customer to use a Service, for whom Customer has purchased a subscription (or in the case of any Services provided by SAI without charge, for whom a Service has been provisioned), and to whom Customer (or, when applicable, SAI at Customer’s request) has supplied a user identification and password (for Services utilizing authentication).

Users may include, for example, employees, consultants, contractors and agents of Customer, and third parties with which Customer transacts business.

2. SAI RESPONSIBILITIES

2.1. Service Provider SLA. During the term of the applicable Service Agreement between Customer and SAI for the Services specified on the Service Agreement, SAI will use reasonable efforts to achieve a Monthly Uptime Percentage of at least 99.5% for any calendar month (the “Service Provider SLA”). If SAI does not meet the Service Provider SLA, and so long as Customer’s account with SAI is current, Customer will be eligible to receive the credits described below. These credits are Customer’s exclusive remedy (and Service Provider’s sole liability) with respect to SAI’s inability to meet the Service Provider SLA requirements. SAI explicitly disclaims all other remedies, whether in law or equity.

2.2. Provision of Purchased Services. SAI will (a) make the Services and Content available to Customer pursuant to this Agreement, and the applicable Service Agreements and Documentation, (b) provide applicable SAI standard support for the Purchased Services to Customer at no additional charge, and/or upgraded support if purchased, (c) use commercially reasonable efforts to make the online Purchased Services available 24 hours a day, 7 days a week, except for: (i) planned downtime (of which SAI shall give advance electronic notice), and (ii) any unavailability caused by circumstances beyond SAI’s reasonable control, including, for example, an act of God, force majeure, act of government, flood, fire, earthquake, civil unrest, act of terror, strike or other labor problem (other than one involving SAI employees), Internet service provider failure or delay, Non-SAI Application, or denial of service attack, and (d) provide the Services in accordance with laws and government regulations applicable to SAI’s provision of its Services to its customers generally (i.e., without regard for Customer’s particular use of the Services), and subject to Customer’s use of the Services in accordance with this Agreement, the Documentation and the applicable Service Agreement.

Service Credits. Service Credits are issued as a financial reimbursement if SAI does not meet the Service Provider SLA for a particular billing period of the Subscription term specified in the Service Agreement. Service Credit will be calculated based on the Monthly Uptime Percentage. The Monthly Uptime Percentage for the service is calculated using the following formula:
Maximum Available Minutes – Downtime x 100

Maximum Available Minutes x 100

Upon approval of a claim SAI will provide the applicable remedy set forth below:

Billing Period Uptime Percentage Service Credit
<99.5% but >= 99.2% 5% of the fees due for the billing period
<99.2% but >= 99.0% 10% of the fees due for the billing period
<99.0% but >= 98.7% 15% of the fees due for the billing period
<98.7% 20% of the fees due for the billing period

2.3. Maximum Credit. The maximum credit available to Customer if SAI is unable to meet the Service Provider SLA is up to twenty percent (20%) of the monthly fees for the month of the occurrence. Any credit will be applied to fees due from Customer for the service and will not be paid to Customer as a refund. All claims for credit are subject to review and verification by Service Provider, and all credits will be based on Service Provider’s measurement of its performance of the service and will be final.

2.4. Claim Procedure. To receive a service credit for SAI’s failure to meet the Service Provider SLA in a particular calendar month, Customer must submit a claim via the Customer support portal within thirty (30) days of the end of the month during which SAI did not meet the Service Provider SLA, and include the following information:

• Customer name and account number; and
• the name of the service to which the claim relates; and
• the name, email address, and telephone number of the Customer’s designated contact; and
• information supporting each claim of Downtime, including date, time, and a description of the incident and affected service, all of which must fall within the calendar month for which the claim is being submitted.

2.5. Service Level Exceptions: This SLA does not apply when the inability to read or write any area of the Portal is caused by any failure of third party software, equipment, or services that are not controlled by Surge Analytics, or Surge Analytics software that is not being run by Surge Analytics itself as part of the Service.

2.6. Protection of Customer Data. SAI will maintain appropriate administrative, physical, and technical safeguards for protection of the security, confidentiality and integrity of Customer Data, as described in the Documentation. Those safeguards will include, but will not be limited to, measures designed to prevent unauthorized access to or disclosure of Customer Data (other than by Customer or Users). For the purposes of the Standard Contractual Clauses, Customer and its applicable Affiliates are each the data exporter, and Customer’s acceptance of this Agreement, and an applicable Affiliate’s execution of a Service Agreement, shall be treated as its execution of the Standard Contractual Clauses and Appendices. Upon request by Customer made within 30 days after the effective date of termination or expiration of this Agreement, SAI will make Customer Data available to Customer for export or download as provided in the Documentation. After such 30-day period, SAI will have no obligation to maintain or provide any Customer Data, and as provided in the Documentation will thereafter delete or destroy all copies of Customer Data in its systems or otherwise in its possession or control, unless legally prohibited.

2.7. SAI Personnel. SAI will be responsible for the performance of its personnel (including its employees and contractors) and their compliance with SAI’s obligations under this Agreement, except as otherwise specified in this Agreement.

2.8. Beta Services. From time to time, SAI may make Beta Services available to Customer at no charge. Customer may choose to try such Beta Services or not in its sole discretion. Any use of Beta Services is subject to the Beta Services terms.

2.9. Free Trial. If Customer registers on SAI’s or an Affiliate’s website for a free trial, SAI will make the applicable Service(s) available to Customer on a trial basis free of charge until the earlier of (a) the end of the free trial period for which Customer registered to use the applicable Service(s), or (b) the start date of any Purchased Service subscriptions ordered by Customer for such Service(s), or (c) termination by SAI in its sole discretion. Additional trial terms and conditions may appear on the trial registration web page. Any such additional terms and conditions are incorporated into this Agreement by reference and are legally binding.

ANY DATA CUSTOMER ENTERS INTO THE SERVICES, AND ANY CUSTOMIZATIONS MADE TO THE SERVICES BY OR FOR CUSTOMER, DURING CUSTOMER’S FREE TRIAL WILL BE PERMANENTLY LOST UNLESS CUSTOMER PURCHASES A SUBSCRIPTION TO THE SAME SERVICES AS THOSE COVERED BY THE TRIAL, PURCHASES APPLICABLE UPGRADED SERVICES, OR EXPORTS SUCH DATA, BEFORE THE END OF THE TRIAL PERIOD. CUSTOMER CANNOT TRANSFER DATA ENTERED OR CUSTOMIZATIONS MADE DURING THE FREE TRIAL TO A SERVICE THAT WOULD BE A DOWNGRADE FROM THAT COVERED BY THE TRIAL (E.G., FROM ENTERPRISE EDITION TO PROFESSIONAL EDITION); THEREFORE, IF CUSTOMER PURCHASES A SERVICE THAT WOULD BE A DOWNGRADE FROM THAT COVERED BY THE TRIAL, CUSTOMER MUST EXPORT CUSTOMER DATA BEFORE THE END OF THE TRIAL PERIOD OR CUSTOMER DATA WILL BE PERMANENTLY LOST.

NOTWITHSTANDING THE “REPRESENTATIONS, WARRANTIES, EXCLUSIVE REMEDIES AND DISCLAIMERS” SECTION AND “INDEMNIFICATION BY SAI” SECTION BELOW, DURING THE FREE TRIAL THE SERVICES ARE PROVIDED “AS-IS” WITHOUT ANY W ARRANTY AND SAI SHALL HAVE NO INDEMNIFICATION OBLIGATIONS NOR LIABILITY OF ANY TYPE WITH RESPECT TO THE SERVICES FOR THE FREE TRIAL PERIOD UNLESS SUCH EXCLUSION OF LIABILITY IS NOT ENFORCEABLE UNDER APPLICABLE LAW IN WHICH CASE SAI’S LIABILITY WITH RESPECT TO THE SERVICES PROVIDED DURING THE FREE TRIAL SHALL NOT EXCEED $100.00. WITHOUT LIMITING THE FOREGOING, SAI AND ITS AFFILIATES AND ITS LICENSORS DO NOT REPRESENT OR WARRANT TO CUSTOMER THAT: (A) CUSTOMER’S USE OF THE SERVICES DURING THE FREE TRIAL PERIOD WILL MEET CUSTOMER’S REQUIREMENTS, (B) CUSTOMER’S USE OF THE SERVICES DURING THE FREE TRIAL PERIOD WILL BE UNINTERRUPTED, TIMELY, SECURE OR FREE FROM ERROR, AND (C) USAGE DATA PROVIDED DURING THE FREE TRIAL PERIOD WILL BE ACCURATE. NOTWITHSTANDING ANYTHING TO THE CONTRARY IN THE “LIMITATION OF LIABILITY” SECTION BELOW, CUSTOMER SHALL BE FULLY LIABLE UNDER THIS AGREEMENT TO SAI AND ITS AFFILIATES FOR ANY DAMAGES ARISING OUT OF CUSTOMER’S USE OF THE SERVICES DURING THE FREE TRIAL PERIOD, ANY BREACH BY CUSTOMER OF THIS AGREEMENT AND ANY OF CUSTOMER’S INDEMNIFICATION OBLIGATIONS HEREUNDER.
CUSTOMER SHALL REVIEW THE APPLICABLE SERVICE’S DOCUMENTATION DURING THE TRIAL PERIOD TO BECOME FAMILIAR WITH THE FEATURES AND FUNCTIONS OF THE SERVICES BEFORE MAKING A PURCHASE.

2.10. Free Services. SAI may make Free Services available to Customer. Use of Free Services is subject to the terms and conditions of this Agreement. In the event of a conflict between this section and any other portion of this Agreement, this section shall control. Free Services are provided to Customer without charge up to certain limits as described in the Documentation. Usage over these limits requires Customer’s purchase of additional resources or services. Customer agrees that SAI, in its sole discretion and for any or no reason, may terminate Customer’s access to the Free Services or any part thereof. Customer agrees that any termination of Customer’s access to the Free Services may be without prior notice, and Customer agrees that SAI will not be liable to Customer or any third party for such termination. Customer is solely responsible for exporting Customer Data from the Free Services prior to termination of Customer’s access to the Free Services for any reason, provided that if SAI terminates Customer’s account, except as required by law SAI will provide Customer a reasonable opportunity to retrieve its Customer Data.

NOTWITHSTANDING THE “REPRESENTATIONS, WARRANTIES, EXCLUSIVE REMEDIES AND DISCLAIMERS” SECTION AND “INDEMNIFICATION BY SAI” SECTION BELOW, THE FREE SERVICES ARE PROVIDED “AS-IS” WITHOUT ANY WARRANTY AND SAI SHALL HAVE NO INDEMNIFICATION OBLIGATIONS NOR LIABILITY OF ANY TYPE WITH RESPECT TO THE FREE SERVICES UNLESS SUCH EXCLUSION OF LIABILITY IS NOT ENFORCEABLE UNDER APPLICABLE LAW IN WHICH CASE SAI’S LIABILITY WITH RESPECT TO THE FREE SERVICES SHALL NOT EXCEED $100.00. WITHOUT LIMITING THE FOREGOING, SAI AND ITS AFFILIATES AND ITS LICENSORS DO NOT REPRESENT OR WARRANT TO CUSTOMER THAT: (A) CUSTOMER’S USE OF THE FREE SERVICES WILL MEET CUSTOMER’S REQUIREMENTS, (B) CUSTOMER’S USE OF THE FREE SERVICES WILL BE UNINTERRUPTED, TIMELY, SECURE OR FREE FROM ERROR, AND (C) USAGE DATA PROVIDED THROUGH THE FREE SERVICES WILL BE ACCURATE. NOTWITHSTANDING ANYTHING TO THE CONTRARY IN THE “LIMITATION OF LIABILITY” SECTION BELOW, CUSTOMER SHALL BE FULLY LIABLE UNDER THIS AGREEMENT TO SAI AND ITS AFFILIATES FOR ANY DAMAGES ARISING OUT OF CUSTOMER’S USE OF THE FREE SERVICES, ANY BREACH BY CUSTOMER OF THIS AGREEMENT AND ANY OF CUSTOMER’S INDEMNIFICATION OBLIGATIONS HEREUNDER.

3. USE OF SERVICES AND CONTENT

3.1. Subscriptions. Unless otherwise provided in the applicable Service Agreement or Documentation, (a) Purchased Services and access to Content are purchased as subscriptions for the term stated in the applicable Service Agreement or in the applicable online purchasing portal, (b) subscriptions for Purchased Services may be added during a subscription term at the same pricing as the underlying subscription pricing, prorated for the portion of that subscription term remaining at the time the subscriptions are added, and (c) any added subscriptions will terminate on the same date as the underlying subscriptions. Customer agrees that its purchases are not contingent on the delivery of any future functionality or features, or dependent on any oral or written public comments made by SAI regarding future functionality or features.

3.2. Usage Limits. Services and Content are subject to usage limits specified in Service Agreements and Documentation. If Customer exceeds a contractual usage limit, SAI may work with Customer to seek to reduce Customer’s usage so that it conforms to that limit. If, notwithstanding SAI’s efforts, Customer is unable or unwilling to abide by a contractual usage limit, Customer will execute a Service Agreement for additional quantities of the applicable Services or Content promptly upon SAI’s request, and/or pay any invoice for excess usage in accordance with the “Invoicing and Payment” section below.

3.3. Customer Responsibilities. Customer will (a) be responsible for Users’ compliance with this Agreement, Documentation and Service Agreements, (b) be responsible for the accuracy, quality and legality of Customer Data, the means by which Customer acquired Customer Data, Customer’s use of Customer Data with the Services, and the interoperation of any Non-SAI Applications with which Customer uses Services or Content, (c) use commercially reasonable efforts to prevent unauthorized access to or use of Services and Content, and notify SAI promptly of any such unauthorized access or use, (d) use Services and Content only in accordance with this Agreement, Documentation, Service Agreements and applicable laws and government regulations, and (e) comply with terms of service of any Non-SAI Applications with which Customer uses Services or Content. Any use of the Services in breach of the foregoing by Customer or Users that in SAI’s judgment threatens the security, integrity or availability of SAI’s services, may result in SAI’s immediate suspension of the Services, however SAI will use commercially reasonable efforts under the circumstances to provide Customer with notice and an opportunity to remedy such violation or threat prior to any such suspension.

3.4. Usage Restrictions. Customer will not (a) make any Service or Content available to anyone other than Customer or Users, or use any Service or Content for the benefit of anyone other than Customer or its Affiliates, unless expressly stated otherwise in a Service Agreement or the Documentation, (b) sell, resell, license, sublicense, distribute, make available, rent or lease any Service or Content, or include any Service or Content in a service bureau or outsourcing offering, (c) use a Service or Non-SAI Application to store or transmit infringing, libelous, or otherwise unlawful or tortious material, or to store or transmit material in violation of third-party privacy rights, (d) use a Service or Non-SAI Application to store or transmit Malicious Code, (e) interfere with or disrupt the integrity or performance of any Service or third-party data contained therein, (f) attempt to gain unauthorized access to any Service or Content or its related systems or networks, (g) permit direct or indirect access to or use of any Services or Content in a way that circumvents a contractual usage limit, or use any Services to access or use any of SAI intellectual property except as permitted under this Agreement, a Service Agreement, or the Documentation, (h) modify, copy, or create derivative works based on a Service or any part, feature, function or user interface thereof, (i) copy Content except as permitted herein or in a Service Agreement or the Documentation, (j) frame or mirror any part of any Service or Content, other than framing on Customer’s own intranets or otherwise for its own internal business purposes or as permitted in the Documentation, (k) except to the extent permitted by applicable law, disassemble, reverse engineer, or decompile a Service or Content or access it to (1) build a competitive product or service, (2) build a product or service using similar ideas, features, functions or graphics of the Service, (3) copy any ideas, features, functions or graphics of the Service, or (4) determine whether the Services are within the scope of any patent.

3.5. Removal of Content and Non-SAI Applications. If Customer receives notice that Content or a Non-SAI Application must be removed, modified and/or disabled to avoid violating applicable law, third-party rights, or the Acceptable Use and External Facing Services Policy, Customer will promptly do so. If Customer does not take required action in accordance with the above, or if in SAI’s judgment continued violation is likely to reoccur, SAI may disable the applicable Content, Service and/or Non-SAI Application. If requested by SAI, Customer shall confirm such deletion and discontinuance of use in writing and SAI shall be authorized to provide a copy of such confirmation to any such third party claimant or governmental authority, as applicable. In addition, if SAI is required by any third party rights holder to remove Content, or receives information that Content provided to Customer may violate applicable law or third-party rights, SAI may discontinue Customer’s access to Content through the Services.

4. NON-SAI PRODUCTS AND SERVICES

4.1. Non-SAI Products and Services. SAI or third parties may make available (for example, through a Marketplace or otherwise) third-party products or services, including, for example, Non-SAI Applications and implementation and other consulting services. Any acquisition by Customer of such products or services, and any exchange of data between Customer and any Non-SAI provider, product or service is solely between Customer and the applicable Non-SAI provider. SAI does not warrant or support Non-SAI Applications or other Non-SAI products or services, whether or not they are designated by SAI as “certified” or otherwise, unless expressly provided otherwise in a Service Agreement. SAI is not responsible for any disclosure, modification or deletion of Customer Data resulting from access by such Non-SAI Application or its provider.

4.2. Integration with Non-SAI Applications. The Services may contain features designed to interoperate with Non-SAI Applications. SAI cannot guarantee the continued availability of such Service features, and may cease providing them without entitling Customer to any refund, credit, or other compensation, if for example and without limitation, the provider of a Non-SAI Application ceases to make the Non-SAI Application available for interoperation with the corresponding Service features in a manner acceptable to SAI.

5. FEES AND PAYMENT

5.1. Fees. Customer will pay all fees specified in Service Agreements. Except as otherwise specified herein or in a Service Agreement, (i) fees are based on Services and Content subscriptions purchased and not actual usage, (ii) payment obligations are non-cancelable and fees paid are non-refundable, and (iii) quantities purchased cannot be decreased during the relevant subscription term.

5.2. Invoicing and Payment. Customer will provide SAI with valid and updated credit card information, or with a valid purchase order or alternative document reasonably acceptable to SAI. If Customer provides credit card information to SAI, Customer authorizes SAI to charge such credit card for all Purchased Services listed in the Service Agreement for the initial subscription term and any renewal subscription term(s) as set forth in the “Term of Purchased Subscriptions” section below. Such charges shall be made in advance, either annually or in accordance with any different billing frequency stated in the applicable Service Agreement. If the Service Agreement specifies that payment will be by a method other than a credit card, SAI will invoice Customer in advance and otherwise in accordance with the relevant Service Agreement. Unless otherwise stated in the Service Agreement, invoiced fees are due net 30 days from the invoice date. Customer is responsible for providing complete and accurate billing and contact information to SAI and notifying SAI of any changes to such information.

5.3. Overdue Charges. If any invoiced amount is not received by SAI by the due date, then without limiting SAI’s rights or remedies, (a) those charges may accrue late interest at the rate of 1.5% of the outstanding balance per month, or the maximum rate permitted by law, whichever is lower, and/or (b) SAI may condition future subscription renewals and Service Agreements on payment terms shorter than those specified in the “Invoicing and Payment” section above.

5.4. Suspension of Service and Acceleration. If any charge owing by Customer under this or any other agreement for services is 30 days or more overdue, (or 10 or more days overdue in the case of amounts Customer has authorized SAI to charge to Customer’s credit card), SAI may, without limiting its other rights and remedies, accelerate Customer’s unpaid fee obligations under such agreements so that all such obligations become immediately due and payable, and suspend Services until such amounts are paid in full, provided that, other than for customers paying by credit card or direct debit whose payment has been declined, SAI will give Customer at least 10 days’ prior notice that its account is overdue, in accordance with the “Manner of Giving Notice” section below for billing notices, before suspending services to Customer.

5.5. Payment Disputes. SAI will not exercise its rights under the “Overdue Charges” or “Suspension of Service and Acceleration” section above if Customer is disputing the applicable charges reasonably and in good faith and is cooperating diligently to resolve the dispute.

5.6. Taxes. SAI’s fees do not include any taxes, levies, duties or similar governmental assessments of any nature, including, for example, value-added, sales, use or withholding taxes, assessable by any jurisdiction whatsoever (collectively, “Taxes”). Customer is responsible for paying all Taxes associated with its purchases hereunder. If SAI has the legal obligation to pay or collect Taxes for which Customer is responsible under this section, SAI will invoice Customer and Customer will pay that amount unless Customer provides SAI with a valid tax exemption certificate authorized by the appropriate taxing authority. For clarity, SAI is solely responsible for taxes assessable against it based on its income, property and employees.

6. PROPRIETARY RIGHTS AND LICENSES

6.1. Reservation of Rights. Subject to the limited rights expressly granted hereunder, SAI, its Affiliates, its licensors and Content Providers reserve all of their right, title and interest in and to the Services and Content, including all of their related intellectual property rights. No rights are granted to Customer hereunder other than as expressly set forth herein.

6.2. Access to and Use of Content. Customer has the right to access and use applicable Content subject to the terms of applicable Service Agreements, this Agreement and the Documentation.

6.3. License by Customer to SAI. Customer grants SAI, its Affiliates and applicable contractors a worldwide, limited-term license to host, copy, use, transmit, and display any Non-SAI Applications and program code created by or for Customer using a Service or for use by Customer with the Services, and Customer Data, each as appropriate for SAI to provide and ensure proper operation of the Services and associated systems in accordance with this Agreement. If Customer chooses to use a Non-SAI Application with a Service, Customer grants SAI permission to allow the Non-SAI Application and its provider to access Customer Data and information about Customer’s usage of the Non-SAI Application as appropriate for the interoperation of that Non-SAI Application with the Service. Subject to the limited licenses granted herein, SAI acquires no right, title or interest from Customer or its licensors under this Agreement in or to any Customer Data, Non-SAI Application or such program code.

6.4. License by Customer to Use Feedback. Customer grants to SAI and its Affiliates a worldwide, perpetual, irrevocable, royalty-free license to use and incorporate into its services any suggestion, enhancement request, recommendation, correction or other feedback provided by Customer or Users relating to the operation of SAI’s or its Affiliates’ services.

7. CONFIDENTIALITY

7.1. Definition of Confidential Information. “Confidential Information” means all information disclosed by a party (“Disclosing Party”) to the other party (“Receiving Party”), whether orally or in writing, that is designated as confidential or that reasonably should be understood to be confidential given the nature of the information and the circumstances of disclosure. Confidential Information of Customer includes Customer Data; Confidential Information of SAI includes the Services and Content, and the terms and conditions of this Agreement and all Service Agreements (including pricing). Confidential Information of each party includes business and marketing plans, technology and technical information, product plans and designs, and business processes disclosed by such party. However, Confidential Information does not include any information that (i) is or becomes generally known to the public without breach of any obligation owed to the Disclosing Party, (ii) was known to the Receiving Party prior to its disclosure by the Disclosing Party without breach of any obligation owed to the Disclosing Party, (iii) is received from a third party without breach of any obligation owed to the Disclosing Party, or (iv) was independently developed by the Receiving Party. For the avoidance of doubt, the non-disclosure obligations set forth in this “Confidentiality” section apply to Confidential Information exchanged between the parties in connection with the evaluation of additional SAI services.

7.2. Protection of Confidential Information. As between the parties, each party retains all ownership rights in and to its Confidential Information. The Receiving Party will use the same degree of care that it uses to protect the confidentiality of its own confidential information of like kind (but not less than reasonable care) to (i) not use any Confidential Information of the Disclosing Party for any purpose outside the scope of this Agreement and (ii) except as otherwise authorized by the Disclosing Party in writing, limit access to Confidential Information of the Disclosing Party to those of its and its Affiliates’ employees and contractors who need that access for purposes consistent with this Agreement and who have signed confidentiality agreements with the Receiving Party containing protections not materially less protective of the Confidential Information than those herein. Neither party will disclose the terms of this Agreement or any Service Agreement to any third party other than its Affiliates, legal counsel and accountants without the other party’s prior written consent, provided that a party that makes any such disclosure to its Affiliate, legal counsel or accountants will remain responsible for such Affiliate’s, legal counsel’s or accountant’s compliance with this “Confidentiality” section. Notwithstanding the foregoing, SAI may disclose the terms of this Agreement and any applicable Service Agreement to a subcontractor or Non-SAI Application Provider to the extent necessary to perform SAI’s obligations under this Agreement, under terms of confidentiality materially as protective as set forth herein.

7.3. Compelled Disclosure. The Receiving Party may disclose Confidential Information of the Disclosing Party to the extent compelled by law to do so, provided the Receiving Party gives the Disclosing Party prior notice of the compelled disclosure (to the extent legally permitted) and reasonable assistance, at the Disclosing Party’s cost, if the Disclosing Party wishes to contest the disclosure. If the Receiving Party is compelled by law to disclose the Disclosing Party’s Confidential Information as part of a civil proceeding to which the Disclosing Party is a party, and the Disclosing Party is not contesting the disclosure, the Disclosing Party will reimburse the Receiving Party for its reasonable cost of compiling and providing secure access to that Confidential Information.

8. REPRESENTATIONS, WARRANTIES, EXCLUSIVE REMEDIES AND DISCLAIMERS

8.1. Representations. Each party represents that it has validly entered into this Agreement and has the legal power to do so.

8.2. SAI Warranties. SAI warrants that during an applicable subscription term (a) this Agreement, the Service Agreements and the Documentation will accurately describe the applicable administrative, physical, and technical safeguards for protection of the security, confidentiality and integrity of Customer Data, (b) SAI will not materially decrease the overall security of the Services, (c) the Services will perform materially in accordance with the applicable Documentation, and (d) subject to the “Integration with Non-SAI Applications” section above, SAI will not materially decrease the overall functionality of the Services. For any breach of a warranty above, Customer’s exclusive remedies are those described in the “Termination” and “Refund or Payment upon Termination” sections below.

8.3. Disclaimers. EXCEPT AS EXPRESSLY PROVIDED HEREIN, NEITHER PARTY MAKES ANY WARRANTY OF ANY KIND, WHETHER EXPRESS, IMPLIED, STATUTORY OR OTHERWISE, AND EACH PARTY SPECIFICALLY DISCLAIMS ALL IMPLIED WARRANTIES, INCLUDING ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT, TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW. CONTENT AND BETA SERVICES ARE PROVIDED “AS IS,” AND AS AVAILABLE EXCLUSIVE OF ANY WARRANTY WHATSOEVER.

9. MUTUAL INDEMNIFICATION

9.1. Indemnification by SAI. SAI will defend Customer against any claim, demand, suit or proceeding made or brought against Customer by a third party alleging that any Purchased Service infringes or misappropriates such third party’s intellectual property rights (a “Claim Against Customer”), and will indemnify Customer from any damages, attorney fees and costs finally awarded against Customer as a result of, or for amounts paid by Customer under a settlement approved by SAI in writing of, a Claim Against Customer, provided Customer (a) promptly gives SAI written notice of the Claim Against Customer, (b) gives SAI sole control of the defense and settlement of the Claim Against Customer (except that SAI may not settle any Claim Against Customer unless it unconditionally releases Customer of all liability), and (c) gives SAI all reasonable assistance, at SAI’s expense. If SAI receives information about an infringement or misappropriation claim related to a Service, SAI may in its discretion and at no cost to Customer (i) modify the Services so that they are no longer claimed to infringe or misappropriate, without breaching SAI’s warranties under “SAI Warranties” above, (ii) obtain a license for Customer’s continued use of that Service in accordance with this Agreement, or (iii) terminate Customer’s subscriptions for that Service upon 30 days’ written notice and refund Customer any prepaid fees covering the remainder of the term of the terminated subscriptions. The above defense and indemnification obligations do not apply if (1) the allegation does not state with specificity that the Services are the basis of the Claim Against Customer; (2) a Claim Against Customer arises from the use or combination of the Services or any part thereof with software, hardware, data, or processes not provided by SAI, if the Services or use thereof would not infringe without such combination; (3) a Claim Against Customer arises from Services under a Service Agreement for which there is no charge; or (4) a Claim against Customer arises from Content, a Non-SAI Application or Customer’s breach of this Agreement, the Documentation or applicable Service Agreements.

9.2. Indemnification by Customer. Customer will defend SAI and its Affiliates against any claim, demand, suit or proceeding made or brought against SAI by a third party alleging (a) that any Customer Data or Customer’s use of Customer Data with the Services, (b) a Non-SAI Application provided by Customer, or (c) the combination of a Non-SAI Application provided by Customer and used with the Services, infringes or misappropriates such third party’s intellectual property rights, or arising from Customer’s use of the Services or Content in an unlawful manner or in violation of the Agreement, the Documentation, or Service Agreement (each a “Claim Against SAI”), and will indemnify SAI from any damages, attorney fees and costs finally awarded against SAI as a result of, or for any amounts paid by SAI under a settlement approved by Customer in writing of, a Claim Against SAI, provided SAI (a) promptly gives Customer written notice of the Claim Against SAI, (b) gives Customer sole control of the defense and settlement of the Claim Against SAI (except that Customer may not settle any Claim Against SAI unless it unconditionally releases SAI of all liability), and (c) gives Customer all reasonable assistance, at Customer’s expense. The above defense and indemnification obligations do not apply if a Claim Against SAI arises from SAI’s breach of this Agreement, the Documentation or applicable Service Agreements.

9.3. Exclusive Remedy. This “Mutual Indemnification” section states the indemnifying party’s sole liability to, and the indemnified party’s exclusive remedy against, the other party for any third party claim described in this section.

10. LIMITATION OF LIABILITY

10.1. Limitation of Liability. IN NO EVENT WILL SAI BE LIABLE TO ANY PARTY FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY OR CONSEQUENTIAL DAMAGES OF ANY TYPE WHATSOEVER RELATED TO OR ARISING FROM SAI SERVICES, OR OF ANY SITE OR RESOURCE LINKED TO, REFERENCED, OR ACCESSED THROUGH ITS SERVICES, OR FOR THE USE OR DOWNLOADING OF, OR ACCESS TO, ANY MATERIALS, INFORMATION, PRODUCTS, OR SERVICES, INCLUDING, WITHOUT LIMITATION, ANY LOST PROFITS, BUSINESS INTERRUPTION, LOST SAVINGS OR LOSS OF PROGRAMS OR OTHER DATA, EVEN IF SAI IS EXPRESSLY ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. THIS EXCLUSION AND WAIVER OF LIABILITY APPLIES TO ALL CAUSES OF ACTION, WHETHER BASED ON CONTRACT, WARRANTY, TORT, OR ANY OTHER LEGAL THEORIES. SAI’S MAXIMUM AGGREGATE LIABILITY HEREUNDER (WHETHER IN TORT, CONTRACT OR ANY OTHER FORM OF LIABILITY) FOR DAMAGES OR LOSS, HOWSOEVER ARISING OR CAUSED, WHETHER OR NOT ARISING FROM COMPANY’S NEGLIGENCE, SHALL IN NO EVENT BE GREATER THAN 100% OF THE FEES RECEIVED BY SAI FROM YOU FOR YOUR USE OF THE SERVICE THAT IS THE SUBJECT OF SUCH LIABILITY IN THE SIX (6) MONTH PERIOD IMMEDIATELY PRECEDING THE CLAIM FOR SUCH LIABILITY. To the fullest extent permitted by applicable law, except for actions for nonpayment and violations of SAI’s intellectual property rights, no claim, suit, action or proceeding relating to these Terms of Use may be brought more than six (6) months after the cause of action has accrued.

10.2. IN THE SIX MONTHS PRECEDING THE FIRST INCIDENT OUT OF WHICH THE LIABILITY AROSE. THE FOREGOING LIMITATION WILL APPLY WHETHER AN ACTION IS IN CONTRACT OR TORT AND REGARDLESS OF THE THEORY OF LIABILITY, BUT WILL NOT LIMIT CUSTOMER’S AND ITS AFFILIATES’ PAYMENT OBLIGATIONS UNDER THE “FEES AND PAYMENT” SECTION ABOVE.

10.3. Indemnification
You agree to indemnify, defend, and hold SAI and its employees, officers, directors, contractors, agents, successors, and assigns harmless (including costs and attorneys’ fees) from any demand or claim made by a third party arising out of your violation of this Agreement or related Documentation, Service Agreement, or Appendices.

11. TERM AND TERMINATION

11.1. Term of Agreement. This Agreement commences on the date Customer first accepts it and continues until all subscriptions hereunder have expired or have been terminated.

11.2. Term of Purchased Subscriptions. The term of each subscription shall be as specified in the applicable Service Agreement. Except as otherwise specified in a Service Agreement, subscriptions will automatically renew for additional periods equal to the expiring subscription term or one year (whichever is shorter), and may be subject to a 4% fee increase per annum unless either party gives the other written notice (email acceptable) at least 30 days before the end of the relevant subscription term. Except as expressly provided in the applicable Service Agreement, renewal of promotional or one-time priced subscriptions will be at SAI’s applicable list price in effect at the time of the applicable renewal. Notwithstanding anything to the contrary, any renewal in which subscription volume or subscription length for any Services has decreased from the prior term will result in re-pricing at renewal without regard to the prior term’s per-unit pricing.

11.3. Termination. A party may terminate this Agreement for cause (i) upon 30 days written notice to the other party of a material breach if such breach remains uncured at the expiration of such period, or (ii) if the other party becomes the subject of a petition in bankruptcy or any other proceeding relating to insolvency, receivership, liquidation or assignment for the benefit of creditors.

11.4. Refund or Payment upon Termination. If this Agreement is terminated by Customer in accordance with the “Termination” section above, SAI will refund Customer any prepaid fees covering the remainder of the term of all Service Agreements after the effective date of termination. If this Agreement is terminated by SAI in accordance with the “Termination” section above, Customer will pay any unpaid fees covering the remainder of the term of all Service Agreements to the extent permitted by applicable law. In no event will termination relieve Customer of its obligation to pay any fees payable to SAI for the period prior to the effective date of termination.

11.5. Surviving Provisions. The sections titled “Free Services,” “Fees and Payment,” “Proprietary Rights and Licenses,” “Confidentiality,” “Disclaimers,” “Mutual Indemnification,” “Limitation of Liability,” “Refund or Payment upon Termination,” “Removal of Content and Non-SAI Applications,” “Surviving Provisions” and “General Provisions” will survive any termination or expiration of this Agreement, and the section titled “Protection of Customer Data” will survive any termination or expiration of this Agreement for so long as SAI retains possession of Customer Data.

12. GENERAL PROVISIONS

12.1. Export Compliance. The Services, Content, other SAI technology, and derivatives thereof may be subject to export laws and regulations of the United States and other jurisdictions. SAI and Customer each represents that it is not named on any U.S. government denied-party list. Customer will not permit any User to access or use any Service or Content in a U.S.-embargoed country or region (currently Cuba, Iran, North Korea, Sudan, Syria or Crimea) or in violation of any U.S. export law or regulation.

12.2. Anti-Corruption. Neither party has received or been offered any illegal or improper bribe, kickback, payment, gift, or thing of value from an employee or agent of the other party in connection with this Agreement. Reasonable gifts and entertainment provided in the ordinary course of business do not violate the above restriction.

12.3. Entire Agreement and Order of Precedence. This Agreement is the entire agreement between SAI and Customer regarding Customer’s use of Services and Content and supersedes all prior and contemporaneous agreements, proposals or representations, written or oral, concerning its subject matter. The parties agree that any term or condition stated in a Customer purchase order or in any other Customer order documentation (excluding Service Agreements) is void. In the event of any conflict or inconsistency among the following documents, the order of precedence shall be: (1) the applicable Service Agreement, (2) this Agreement, and (3) the Documentation. Titles and headings of sections of this Agreement are for convenience only and shall not affect the construction of any provision of this Agreement.

12.4. Relationship of the Parties. The parties are independent contractors. This Agreement does not create a partnership, franchise, joint venture, agency, fiduciary or employment relationship between the parties. Each party will be solely responsible for payment of all compensation owed to its employees, as well as all employment-related taxes.

12.5. Third-Party Beneficiaries. There are no third-party beneficiaries under this Agreement.

12.6. Waiver. No failure or delay by either party in exercising any right under this Agreement will constitute a waiver of that right.

12.7. Severability. If any provision of this Agreement is held by a court of competent jurisdiction to be contrary to law, the provision will be deemed null and void, and the remaining provisions of this Agreement will remain in effect.

12.8. Assignment. Neither party may assign any of its rights or obligations hereunder, whether by operation of law or otherwise, without the other party’s prior written consent (not to be unreasonably withheld); provided, however, either party may assign this Agreement in its entirety (including all Service Agreements), without the other party’s consent to its Affiliate or in connection with a merger, acquisition, corporate reorganization, or sale of all or substantially all of its assets. Notwithstanding the foregoing, if a party is acquired by, sells substantially all of its assets to, or undergoes a change of control in favor of, a direct competitor of the other party, then such other party may terminate this Agreement upon written notice. In the event of such a termination, SAI will refund Customer any prepaid fees covering the remainder of the term of all subscriptions for the period after the effective date of such termination. Subject to the foregoing, this Agreement will bind and inure to the benefit of the parties, their respective successors and permitted assigns.

12.9. Notices. Any notice required under this Agreement or related Service Agreement shall be given in writing and will be deemed effective upon delivery to the party to whom addressed. All notices shall be sent to the applicable address specified in this Agreement or to such other address as the parties may designate in writing. Any notice of material breach will clearly define the breach including the specific contractual obligation that has been breached.

12.10. Manner of Giving Notice. Except as otherwise specified in this Agreement, all notices related to this Agreement will be in writing and will be effective upon (a) personal delivery, (b) the second business day after mailing, or (c), except for notices of termination or an indemnifiable claim (“Legal Notices”), which shall clearly be identifiable as Legal Notices, the day of sending by email. Billing-related notices to Customer will be addressed to the relevant billing contact designated by Customer. All other notices to Customer will be addressed to the relevant Services system administrator designated by Customer.

12.11. Agreement to Governing Law and Jurisdiction. Each party agrees to the applicable governing law above without regard to choice or conflicts of law rules, and to the exclusive jurisdiction of the applicable courts above.

12.12. Entire Agreement. This Agreement together with the Service Agreement and Documentation constitute the entire agreement between the parties regarding the subject matter hereof and supersedes all proposals and prior discussions and writings between the parties with respect to the subject matter contained herein. Any signed copy of this Agreement made by reliable means will be considered an original.

About this Document

This Service Level Agreement for Surgeship (this “SLA”) is a part of your Master Subscription Agreement (the “Agreement”). Capitalized terms used but not defined in this SLA will have the meaning assigned to them in the Agreement. This SLA applies to the Surge Online Services listed herein (a “Service” or the “Services”), but does not apply to separately branded services made available with or connected to the Services or to any on-premise software that is part of any Service.

If we do not achieve and maintain the Service Levels for each Service as described in this SLA, then you may be eligible for a credit towards a portion of your monthly service fees. We will not modify the terms of your SLA during the initial term of your subscription; however, if you renew your subscription, the version of this SLA that is current at the time of renewal will apply throughout your renewal term. We will provide at least 90 days’ notice for adverse material changes to this SLA. Reference the Master Subscription Agreement for uptime guarantee and associated service credits.

Support Overview

Service Relationship

All contact with Surge Analytics regarding services described in this SLA will be through the Surge Analytics Support Portal. This is to ensure all issues are logged and can be reported on for performance reporting purposes and the agreed escalation and service levels can be instigated and managed.

Surge Analytics provides access to support via Email, Portal and Telephone during the core business hours of:

• 8:30am – 5:30pm Monday to Friday EST

Surge Analytics also provides after-hours support access:

• Monday to Friday 5:31pm – 8:29am
• Friday 5:31pm – Monday 8:29am for emergency or critical requests

All services described in this SLA are available and fully supported during core business support hours. Any support outside of core business hours will be supported at the “after hours” rate outlined in your Service Agreement.

Note: Support hours exclude statutory holidays as defined by the Government of Canada. For a complete list of holidays please visit http://www.canada.gc.ca.

Surge Analytics will supply proactive and reactive technology support services and is backed up by external service providers through support maintenance agreements.

Surge Analytics is committed to helping customers achieve their objective using appropriate technologies. To achieve this, Surge Analytics has adopted a partnering approach to its customer relationships. This is based on:

• An open and constructive communication style
• A commitment to, and promotion of, a customer service ethos
• A proactive and shared approach to problem solving
• Ensuring each partner understands their roles and responsibilities in relation to this agreement

Contacting Support

Telephone Support Requests  +1 (416) 361-1908
Email Support Requests  help@surgeanalytics.ca	Support Portal Requests   http://help.surgeanalytics.ca will be available for the creation and monitoring of Support Ticket(s). The Solutions section of this site will also provide “quick” reference information.

Service Escalation

All enquiries or issues for services supported by Surge Analytics are logged via the Support Portal. The following table outlines the escalation path for all clients of Surge Analytics related incidents or services which are not resolved within agreed service levels.

Escalation Point	Description
IT Services Escalation  Email – escalataions@surgeanalytics.ca	1st point of escalation for incidents related to client services and service delivery issues

Priority Levels 

Priority	Description
Severity 1 – Critical	Outage affecting a large group of users (>25%), Majority of users are unable to perform a portal function. Typically deemed an emergency request.
Severity 2 – High	Customer cannot perform normal business function due to problem and no work-around is possible.
Severity 3 – Support Request	Customer requests support as it relates to a bug, portal function not executing as expected, or to clarify an operation.

Limitations

This SLA and any applicable Service Levels do not apply to any performance or availability issues:

1. Due to factors outside our reasonable control (for example, natural disaster, war, acts of terrorism, riots, government action, or a network or device failure external to our data centers, including at your site or between your site and our data center);
2. That result from the use of services, hardware, or software not provided by us, including, but not limited to, issues resulting from inadequate bandwidth or related to third-party software or services;
3. That results from failures in a single Surge Analytics Datacenter location, when your network connectivity is explicitly dependent on that location in a non-geo-resilient manner;
4. Caused by your use of a Service after we advised you to modify your use of the Service, if you did not modify your use as advised;
5. During or with respect to preview, pre-release, beta or trial versions of a Service, feature or software (as determined by us) or to purchases made using Surge Analytics subscription credits;
6. That result from your unauthorized action or lack of action when required, or from your employees, agents, contractors, or vendors, or anyone gaining access to our network by means of your passwords or equipment, or otherwise resulting from your failure to follow appropriate security practices;
7. That result from your failure to adhere to any required configurations, use supported platforms, follow any policies for acceptable use, or your use of the Service in a manner inconsistent with the features and functionality of the Service (for example, attempts to perform operations that are not supported) or inconsistent with our published guidance;
8. That result from faulty input, instructions, or arguments (for example, requests to access files that do not exist);
9. That result from your attempts to perform operations that exceed prescribed quotas or that resulted from our throttling of suspected abusive behavior;
10. Due to your use of Service features that are outside of associated Support Windows; or
11. For licenses reserved, but not paid for, at the time of the Incident.

The following service outages do not constitute Failures under this SLA:

1. Scheduled maintenance or emergency maintenance periods;
2. Outages caused by acts or omissions of the User, including User-installed software or server misconfigurations;
3. Outages caused by hackers, sabotage, viruses, worms, or other third-party wrongful actions;
4. DNS issues outside of Surge Analytics control; outages resulting from Internet anomalies outside of Surge Analytics control;
5. Outages resulting from fire, explosion, or force majeure;
6. 3rd party service outages which are beyond the control of Surge Analytics Inc., such as ERP systems, visualization tools, connectors, and repositories.

Services purchased through entities other than Surge Analytics directly are not eligible for Service Credits. This includes any transfer of license through mergers, acquisitions, sale of business assets or shares or through any other transfer of license ownership.

Surge Service(s) licenses are non-transferrable unless otherwise specified and authorized by Surge Analytics under an extend or new SaaS Licensing Agreement.