Master Subscription Agreement (MSA)

"Affiliate" means any company controlling, controlled by or under common control with the subject entity, directly or indirectly, with an ownership interest of at least 50%.

"Customer" means the company, organization, other entity, or individual on behalf of which this Agreement is accepted, as described above.

"Applications” means the SaaS Services and the Software.

"Customer Data" means data uploaded or submitted to the SaaS Services by or for Customer.

"Documentation" means, for Applications, the technical documentation including administrator and user guides, and for Support, the customer support policy, in each case available in the Support section of www.ownbackup.com or other web pages designated by OwnBackup.

"Order Form" means an ordering document for Applications and/or Support entered into between Customer and OwnBackup or its Affiliate under this Agreement, including any addenda and supplements thereto.

“SaaS Services” means the OwnBackup software-as-a-service applications specified in an Order Form hereunder, as described in the Documentation.

"Security Measures" means the security measures described in Section 6.4 (Data Security) below.

“Software” means the OwnBackup software programs provided for installation in Third-Party Cloud Service environments, that are specified in an Order Form hereunder, as described in the Documentation.

"Support" means customer support for the Applications, as described in the Documentation.

“Third-Party Cloud Services” means third-party cloud-based services to which Customer subscribes separately and with which the Applications are designed to interoperate.

3.1. Provision of Applications and Support. OwnBackup will (a) provide the Applications to Customer pursuant to this Agreement, Order Forms and the Documentation, (b) provide standard Support for the Applications to Customer at no additional charge, and/or upgraded Support if purchased, and (c) provide the SaaS Services in accordance with the Service Level Addendum at https://www.ownbackup.com/SLA.

3.2. Affiliates and Contractors. Customer and its Affiliates may enter into Order Forms with OwnBackup and its Affiliates. An Affiliate entering into an Order Form adopts and agrees to be bound by this Agreement. Customer may allow its Affiliates and contractors to use Applications, provided Customer is responsible for their compliance with this Agreement and use by contractors is solely for Customer’s benefit.

3.3. Customer Responsibilities. Customer (a) will keep its Application passwords confidential; (b) is primarily responsible for activity in its Application accounts when accessed using Customer’s login credentials; (c) will notify OwnBackup promptly of any unauthorized access to its Application accounts of which Customer becomes aware; (d) will use the Applications only in accordance with the Documentation and applicable law; and (e) is responsible for the content and configuration of Customer Data, as uploaded or submitted to the SaaS Services.

4.1. Warranties. OwnBackup warrants to Customer that: (a) the Applications and Support will materially perform the functions described in the Documentation, and (b) the Application functionality, Support and Security Measures will not materially decrease during any paid term hereunder.

4.2. Exclusive Remedy. For any warranty breach, Customer’s exclusive remedy and OwnBackup’s sole obligation shall be: (a) OwnBackup’s cure of the breach within a reasonable period after Customer’s notice to OwnBackup specifying the breach, or (b) if OwnBackup does not cure the breach within such period, termination of this Agreement with immediate effect upon notice to OwnBackup, along with the remedies for termination for breach described in Section 8.5 (Effect of Termination) below.

4.3. Disclaimer. OwnBackup disclaims all implied warranties, including, without limitation, any implied warranties of merchantability, fitness for a particular purpose, and satisfactory quality. OwnBackup provides no warranty, and disclaims all implied warranties, during any free trial, evaluation, or proof-of-concept period. OwnBackup does not guarantee that Applications will be uninterrupted, error-free or invulnerable. OwnBackup is not responsible for the effectiveness of encryption keys generated by Customer without using an OwnBackup sample script, or generated, stored or transmitted by Customer using a compromised system or network not managed by OwnBackup.

5.1 Fees and Payment. Fees are due and payable net 30 days from the invoice date. Except as provided herein or in an Order Form, payment obligations are noncancelable, fees paid are nonrefundable, and quantities cannot be decreased during a paid term. Customer is responsible for payment of all sales, use, VAT, withholding (without reducing the amounts payable to OwnBackup under invoices) and similar taxes.

5.2 Nonpayment. Invoiced amounts not received by OwnBackup by the due date may accrue interest at the lower of 1.5% per month or the maximum rate allowed by law. If an invoiced amount is 30 days or more past due, OwnBackup may suspend provision of the Applications and Support until the amount is paid in full, provided OwnBackup has given Customer at least 30 days’ prior written notice that its account is past due. OwnBackup will not exercise its rights under this paragraph to the extent Customer is disputing the applicable charges reasonably and in good faith and is cooperating diligently to resolve the dispute.

6.1. Confidential Information Definition. "Confidential Information" means non-public information disclosed orally or in writing by a party or its Affiliate (Discloser) to the other party or its Affiliate (Recipient) about (without limitation) its business, finances, customers, operations, products, technology, plans, or pricing, that is designated as confidential or reasonably should be considered confidential given the nature of the information and the circumstances of its disclosure. Customer’s Confidential Information includes, without limitation, the Customer Data. OwnBackup’s Confidential Information includes, without limitation, the Applications.

6.2. Protection of Confidential Information. Recipient will use the same degree of care that it uses to protect the confidentiality of its own information of a like nature, but in no event less than reasonable care, (a) not to use Discloser’s Confidential Information for a purpose inconsistent with the activities contemplated under this Agreement, and (b) to limit access to Discloser’s Confidential Information to those of Recipient’s and its Affiliates’ employees, directors, contractors, advisors and auditors who need such access for activities contemplated under this Agreement and who are legally or contractually bound to protect the Confidential Information as provided in this section. Confidential Information excludes information that: (i) is or becomes generally known to the public without breach of a duty owed to Discloser, (ii) was known to Recipient before its disclosure hereunder without breach of a duty owed to Discloser, (iii) is received from a third party without breach of a duty owed to Discloser, or (iv) is independently developed by Recipient without use of Discloser’s Confidential Information.

6.3. Requests for Confidential Information. If Recipient receives a government or other third-party request for Discloser’s Confidential Information (including but not limited to Customer Data), Recipient will direct the requestor to, and promptly so notify, Discloser if legally permitted to do so. Recipient will comply with such a third-party request only if so required by law; in such event, Recipient will seek to limit the disclosure to that Confidential Information which it is required by law to disclose.

6.4 Data Security. OwnBackup will maintain the following minimum Security Measures, as further detailed at https://www.ownbackup.com/company/security-controls: (a) appropriate technical, physical, administrative and organizational controls designed to maintain the confidentiality, security and integrity of Customer’s Confidential Information, including Customer Data, (b) systems and procedures for detecting, preventing and responding to attacks, intrusions, and system failures, and regular testing and monitoring of the effectiveness of such systems and procedures, including, without limitation, through vulnerability scans and penetration testing, (c) a team of employees dedicated to implementation and maintenance of security controls, and (d) annual assessment of risks that could result in unauthorized disclosure, misuse, alteration, destruction or other compromise of Customer’s Confidential Information, including Customer Data, and of the sufficiency of systems and procedures in place to mitigate those risks. On request, OwnBackup will provide to Customer its SOC 2 type 2 independent audit report, ISO 27001 and 27701 certifications, Standardized Information Gathering (SIG) and Cloud Security Alliance Consensus Assessment Initiative (CSA CAIQ) questionnaires, and summary penetration test reports, which shall be considered responsive to Customer requests for OwnBackup security information.

6.5. Data Privacy. OwnBackup shall protect the privacy of Customer Data in accordance with the Data Processing Addendum at https://www.ownbackup.com/company/dpa, which is hereby incorporated into this Agreement by reference, except as otherwise agreed by the parties in writing.

6.6. Data Breach. If OwnBackup becomes aware of an unauthorized access to or disclosure, loss or alteration of Customer Data, OwnBackup will promptly notify Customer, seek to mitigate the breach and preserve forensic evidence, and provide information to Customer about the nature and scope of the breach.

7.1. Licenses. OwnBackup grants Customer a worldwide right and license under all applicable intellectual property rights to use the Applications in accordance with and subject to the relevant Order Form(s) and the terms of this Agreement. Customer grants OwnBackup the right to use the Customer Data solely to perform its obligations under this Agreement.

7.2 Ownership. As between the parties, Customer solely owns the Customer Data, including all intellectual property rights therein, and reserves all rights not expressly granted to OwnBackup. As between the parties, OwnBackup and its licensors solely own the Applications, including their underlying software, interfaces and architecture, and all intellectual property rights therein, and reserve all rights not expressly granted to Customer.

7.3 Restrictions. Customer may not (a) make an Application available to, or use an Application for the benefit of, anyone other than Customer, (b) sell, resell, license, sublicense, distribute, rent or lease any Application, or include any Application in a service bureau or outsourcing offering, (c) copy an Application, except Software copies automatically made in the course of a Third-Party Cloud Service’s disaster recovery operations, (d) make a derivative work based on an Application, (e) use an Application to store or transmit material in violation of privacy or intellectual property rights or applicable law, (f) use an Application to store or transmit malware, (g) interfere with or disrupt the integrity or performance of an Application, (h) attempt to gain unauthorized access to an Application, its related systems or networks, or third-party data contained therein, (i) reverse engineer or decompile an Application (to the extent such restriction is permitted by law), or (j) access an Application to build a competitive service or product, or copy any feature, function or graphic for competitive purposes. OwnBackup may suspend provision of an Application if it believes in good faith that it is necessary to do so to mitigate an imminent threat to the security, availability or integrity of the Application or data processed by it. OwnBackup will work with Customer to avoid such suspension to the extent practicable, and in the event of such suspension will work with Customer to restore provision of the Application as quickly as possible.

7.4 Third-Party Cloud Services. OwnBackup’s Applications depend on the continuing availability of, and access to, the Third-Party Cloud Services, including application programming interfaces. If a Third-Party Cloud Service for which Customer has purchased an Application ceases to be available on reasonable terms for interoperation with OwnBackup’s Applications (other than due to a temporary issue or Customer’s act or omission), then Customer may terminate the affected Order Forms and OwnBackup will refund to Customer any prepaid and unused fees on a pro rata basis. OwnBackup’s SaaS Services copy Customer Data from the Third-Party Cloud Services to the OwnBackup SaaS Services. Third-Party Cloud Service providers are not responsible for the privacy, security or integrity of such copies of Customer Data in OwnBackup’s SaaS Services instead, those copies of Customer Data are covered by the protections in this Agreement. OwnBackup’s Applications may automatically query Customer’s Third-Party Cloud Service accounts for the sole purpose of validating the purchased quantity of OwnBackup’s Applications.

8.1. Term of this Agreement. This Agreement continues until the 30th day after all Order Forms have expired, unless earlier terminated as provided below.

8.2. Term of Order Forms. Each Order Form shall specify an order term. Except as provided in an Order Form, (a) a party may cancel the Order Form at the end of the order term (the “Renewal Date”) by so notifying the other party 30 or more days before the Renewal Date, (b) if no such notice is given, then on the Renewal Date the Order Form and all subscriptions under it will renew for an additional year, (c) in any such renewal, the Order Form terms will remain unchanged from the prior term except for any pricing increase of which OwnBackup has notified Customer 60 or more days before the Renewal Date, which increase will not exceed 7% over the per-unit pricing in the prior term unless the prior pricing was clearly designated in the Order Form as promotional or one-time, and (d) the Order Form will continue to renew until canceled in accordance with this section.

8.3. Termination for Material Breach. If either party is in material breach of this Agreement, the other party may terminate this Agreement, together with all Order Forms, at the end of a written 30-day notice and cure period, if the breach has not been cured.

8.4. Return of Customer Data. Within 15 days after termination of SaaS Services, upon written request OwnBackup will make the SaaS Services available for Customer to export Customer Data at no additional charge. After such 15-day period, OwnBackup will have no obligation to maintain the Customer Data and will destroy the Customer Data unless otherwise required by law.

8.5. Effect of Termination. If this Agreement is terminated for OwnBackup’s breach, OwnBackup will refund fees prepaid by Customer, prorated for the remaining term of outstanding Order Forms after the termination date. If this Agreement is terminated for Customer’s breach, Customer will pay any unpaid fees for the term of all Order Forms. Upon request following any termination of this Agreement, each party will destroy or return all copies of the other party’s Confidential Information that it holds, subject to its regular backup retention processes and Section 8.4 (Return of Customer Data) above.

8.6. Survival of Terms. Any terms that by their nature survive termination of this Agreement for a party to assert its rights and receive the protections of this Agreement, will survive (including, without limitation, the confidentiality and ownership terms in this Agreement).

9.1. No Indirect Damages. Neither party or its Affiliates will be liable for any indirect, special, incidental or consequential damages or losses arising out of or related to this Agreement (including, without limitation, lost profits, lost revenue, lost savings, or costs of delay).

9.2. Liability Limit. Each party’s and its Affiliates’ total, aggregate liability arising out of or related to this Agreement will not exceed the amount paid by Customer within the 12 months before the first incident out of which the liability arose.

9.3. Increased OwnBackup Liability Limit if Customer Uses Security Features. Notwithstanding the above, Section 9.2 (Liability Limit) will not apply to any breach by OwnBackup of its security, confidentiality or privacy obligations regarding Customer Data while the Advanced Security Features are enabled and in use in Customer’s applicable SaaS Service instance(s), provided in no event will OwnBackup's and its Affiliates’ total, aggregate liability for such breaches related to any incident or series of connected incidents exceed two times the amount paid by Customer within the 12 months before the first such incident. “Advanced Security Features" means Advanced Key Management, IP range restrictions, and either multi-factor authentication or single sign-on, in each case to the extent available from OwnBackup for the applicable SaaS Services.

9.4. Conditions. The exclusions and limits in this “Limitation of Liability” section reflect the parties’ allocation of risk and will apply under any legal theory (including, without limitation, contract or tort), even where a party was aware of the possibility of such damages, the damages were foreseeable, and/or any remedies hereunder fail of their essential purpose. Such exclusions and limits will not limit Customer’s payment obligations under Order Forms or either party’s liability for infringement of the other party’s intellectual property rights. Such exclusions and limits will not apply to the extent they are prohibited by law.

OwnBackup will defend Customer against any claim, demand, suit or proceeding against Customer alleging that use of an Application in accordance with this Agreement infringes or misappropriates a third party’s intellectual property rights (a “Claim”), and will indemnify and hold harmless Customer from and against any damages, attorney fees and costs awarded against Customer as a result of, or for amounts paid by Customer in settlement of, a Claim, provided Customer (a) promptly notifies OwnBackup of the Claim, (b) gives OwnBackup sole control of the defense and settlement of the Claim (except OwnBackup may not settle a Claim unless Customer is unconditionally released of all liability), and (c) gives OwnBackup all reasonable assistance at OwnBackup’s expense. If Customer’s use of the Application is enjoined, OwnBackup shall (or if OwnBackup receives information about a potential or actual Claim, OwnBackup may), at no cost to Customer (i) modify the Application without breaching OwnBackup’s warranties above, (ii) obtain a license for Customer’s continued use of the Application in accordance with this Agreement, or if options (i) and (ii) are not reasonably available to OwnBackup, (iii) terminate the applicable Order Forms and refund Customer all fees prepaid for the remainder of the term of such Order Forms after the termination date. OwnBackup’s obligations in this section do not apply if (1) the allegation does not specify that the Application is the basis of the Claim, or (2) a Claim arises from the use or combination of an Application or any part thereof with software, hardware or processes not provided by OwnBackup, if the Application or use thereof would not infringe without such combination. For purposes of this section, “Customer” includes its Affiliates. This section states OwnBackup’s sole liability and Customer’s exclusive remedy for infringement. This section does not apply to claims arising during any free trial, evaluation, or proof-of-concept period.

11.1. General. Who Customer is contracting with under this Agreement, what law will apply in disputes arising in connection with this Agreement, and where and such disputes will be resolved, depend on where Customer is domiciled.

11.2. Arbitration for Customers Domiciled in Countries Other Than Israel. If Customer is domiciled in a country for which arbitration is designated in Section 11.1 (General) above as the exclusive forum for dispute resolution, then any dispute or claim arising out of or relating to this Agreement, including the scope or applicability of this arbitration clause, will be determined by confidential and binding arbitration in Newark, New Jersey, United States, before a single arbitrator. The arbitration will be administered by JAMS pursuant to its Comprehensive Arbitration Rules and Procedures or its International Rules and Procedures, as provided in Section 11.1 above, in either case in accordance with the Expedited Procedures in those Rules. Judgment on the arbitrator’s award may be entered in any court having jurisdiction. The parties will treat all disputes arising under this Agreement, including arbitration proceedings and awards, as Confidential Information of both parties, except as necessary in connection with a judicial challenge to or enforcement of an award or otherwise required by law or judicial decision. Notwithstanding the above, either party may seek injunctive relief in a court of competent jurisdiction, and issues of patent or copyright ownership or infringement may be decided only by a federal court in Newark, New Jersey and not by arbitration. The prevailing party in any action arising from or relating to this Agreement shall be entitled to recover its reasonable attorneys’ fees and costs including, without limitation, arbitration and expert fees.

11.3. Agreement to Governing Law and Jurisdiction. Each party agrees to the applicable governing law above without regard to choice or conflicts of law rules, and to mandatory, binding arbitration and/or the exclusive jurisdiction of the courts above, as applicable.

12.1. Terms Applicable to all Australian Customers. OwnBackup will protect Customer Data in accordance with the Privacy Act 1988 (Cth)).

12.2. Terms Applicable to Australian Customers with Contracted Fees of AUD 100,000 or Less. If Customer is domiciled in Australia and the total fees payable by Customer to OwnBackup are AUD 100,000 or less, then OwnBackup products and services come with guarantees that cannot be excluded under the Australian Consumer Law, and the following terms apply:

a. To the extent OwnBackup is liable under a statutory guarantee that cannot be excluded under the Australian Consumer Law with respect to OwnBackup products and services, OwnBackup’s liability is limited to, at OwnBackup’s election, any one or more of the following:

i. in the case of OwnBackup products, (A) replacement of the goods or the supply of equivalent goods, (B) repair of the goods; (C) payment of the cost of replacing the goods or of acquiring equivalent goods; or (D) payment of the cost of having the goods repaired; and

ii. in the case of OwnBackup services, (A) supplying of the services again; or (B) payment of the cost of having the services supplied again.

b. The following provisions apply only to the extent permitted by applicable law, and are subject to Customer’s rights under applicable guarantees that cannot be excluded under the Australian Consumer Law: Section 4.2 (Exclusive Remedies), Section 4.3 (Disclaimer), the second sentence of Section 5.1 (Fees and Payment), the second sentence of Section 8.2 (Term of Order Forms), the second sentence of Section 8.5 (Effect of Termination), and Article 11 (Who Customer is Contracting With, Governing Law, Jurisdiction and Arbitration).

13.1. Entire Agreement and Amendment. This Agreement and the Order Forms constitute the entire agreement of the parties and supersede all prior and contemporaneous discussions and agreements, oral and written, related to this Agreement’s subject matter. Neither party is relying on any representation not expressly included in this Agreement concerning the subject matter hereof. No representation, promise or inducement not included in this Agreement or an Order Form is binding. Any amendment or modification of this Agreement or an Order Form requires both parties’ signatures. In the event of any inconsistency among the following documents, the order of precedence shall be: (1) Order Forms, (2) this Agreement and (3) the Documentation. OwnBackup rejects any term or condition in any Customer-form purchasing document (excluding Order Forms).

13.2. No Assignment. Neither party may assign or transfer this Agreement or an Order Form to a third party, except that this Agreement with all Order Forms may be assigned, without the consent of the other party, as part of a merger, or sale of substantially all a party’s assets, business, or stock not involving a competitor of the other party, or at any time to an Affiliate.

13.3. Export Compliance. The Applications and Confidential Information may be subject to export laws and regulations of the United States and other jurisdictions. Each party represents that it is not named on any U.S. government denied-party list. Neither party will permit its personnel or representatives to access any Application in a U.S.-embargoed country or in violation of any applicable export law or regulation.

13.4. Anti-Corruption. The parties shall comply with all applicable laws relating to anti-bribery and anti-corruption. Each party represents that it has not received or been offered any illegal or improper bribe, kickback, payment, gift, or thing of value from an employee or agent of the other party in connection with this Agreement.

13.5. Corporate Responsibility. OwnBackup is committed to ethical and responsible business practices. For more information please see OwnBackup’s Business Conduct Principles at https://www.ownbackup.com/legal/.

13.6. Notices. Notices under this Agreement will be written and be effective on (i) the second business day after mailing, (ii) confirmed delivery by courier service, or (iii), except for notices of breach or an indemnifiable claim (Legal Notices), the day sent by email. Notices to OwnBackup will be addressed to its VP Customer Success, with a copy to its General Counsel, at the address first listed above, and to success@ownbackup.com with a copy to legal@ownbackup.com. Billing notices to Customer will be addressed to the relevant billing contact designated by Customer, and Legal Notices to Customer will be addressed to Customer and be clearly marked as Legal Notices. Other notices to Customer will be addressed to the account contact designated by Customer.

13.7. Independent Contractors. The parties are independent contractors with respect to each other.

13.8. Waiver and Enforceability. Any waiver of a right under this Agreement requires the waiving party’s signature. If any term of this Agreement is invalid or unenforceable, the other terms remain in effect.

13.9. Money Damages Insufficient. A party’s breach of its confidentiality obligations under this Agreement or violation of the other party’s intellectual property rights could cause the other party irreparable harm. The other party may seek a court order to stop or prevent any such breach or violation.

13.10. Feedback. If Customer provides feedback or suggestions about the Applications, then OwnBackup (and those it allows to use its technology) may use such information without obligation to Customer.

13.11. Reference. OwnBackup may include Customer’s name and logo in sales and marketing materials, in accordance with any branding guidelines provided by Customer.

13.12. No Third-Party Beneficiaries. There are no third-party beneficiaries under this Agreement.

13.13. Purchases Through Resellers. To the extent this Agreement governs Customer’s use of Applications purchased through an OwnBackup authorized reseller, terms agreed between Customer and the reseller concerning fees, payment, support and renewal will take precedence over those in Sections 3.1 (Provision of Applications and Support) and 8.2 (Term of Order Forms) and Article 5 (Payment) above.