ZUORA MASTER SUBSCRIPTION AGREEMENT

1. CONTRACT STRUCTURE & ORDER-OF-PRECEDENCE
This Zuora Master Subscription Agreement (“MSA” or “Master Terms“) is entered into between Zuora, Inc. (“Zuora“) and customer (“Customer“) identified on the corresponding mutually executed order document between Customer and Zuora that references this MSA (“Order Form“) as of the latest date set forth on the signature page of the MSA (“Effective Date“). If Customer purchases Professional Services from Zuora for implementation of the Service, the Parties must enter into a statement of work (“SOW“) describing those Services. This MSA, all Order Forms and SOWs (collectively, the “Agreement“) govern Customer’s access to and use of Zuora’s Service. In the event of any conflicts between this MSA, any Order Form, and any SOW, the following order-of-precedence applies: SOW takes precedence and prevails over its associated Order Form solely with respect to its subject matter; and an Order Form takes precedence and prevails over this MSA solely with respect to its subject matter. Customer and Zuora may be referred to in the Agreement individually as a “Party” and collectively as the “Parties.”

THIS IS A LEGAL AND ENFORCEABLE CONTRACT BETWEEN ZUORA AND CUSTOMER. CUSTOMER IS RESPONSIBLE FOR CAREFULLY READING ALL TERMS AND CONDITIONS OF THIS AGREEMENT BEFORE SIGNING AN ORDER FORM, CLICKING “ACCEPT,”OR ACCESSING OR USING ANY ZUORA SERVICE. BY SIGNING AN ORDER FORM, OR ACCESSING OR USING ANY ZUORA SERVICE, CUSTOMER CONFIRMS THAT CUSTOMER HAS READ AND ACCEPTS THIS AGREEMENT IN ITS ENTIRETY. NOTWITHSTANDING ANY DIFFERENT OR ADDITIONAL TERMS CUSTOMER MAY REFERENCE OR PROVIDE, ZUORA’S OFFER OR ACCEPTANCE TO ENTER INTO AN AGREEMENT WITH CUSTOMER WITH RESPECT TO ANY ZUORA SERVICE IS EXPRESSLY LIMITED TO THE TERMS OF THIS AGREEMENT AND CONDITIONED ON CUSTOMER’S CONSENT TO THIS AGREEMENT.

2. OWNERSHIP OF SERVICE & CUSTOMER DATA
2.1 Ownership of the Service. The Service and Zuora Technology are the property of Zuora and its licensors, and is protected by copyright, patent, trade secret and other intellectual property laws. Zuora and its licensors retain any and all rights, title and interest in and to the Service and Zuora Technology (including all intellectual property rights), including all copies, modifications, extensions and derivative works thereof. Customer’s right to use the Service and Zuora Technology is limited to the rights expressly granted in this MSA and the applicable Order Forms. All rights not expressly granted to Customer are reserved and retained by Zuora and its licensors.

2.2 Ownership & Use of Customer Data. As between Customer and Zuora all Customer Data is the property of Customer. Zuora may store, access and process Customer Data as necessary to provide the Service, including monitoring use of the Service, improving or enhancing the Service and other Zuora offerings, and otherwise meeting Zuora’s obligations under the Agreement. Any use of Customer Personal Data will not enable identification of Customer or any individual person to any third party.

3. GRANT OF ACCESS
Subject to the terms and conditions of this MSA, Zuora hereby grants to Customer the non-exclusive, non-transferable (except as specified in Section 16.2 (Assignment)) right to access and use the Service and Zuora Technology during the Service Term in accordance with the limitations in this MSA and the terms of all applicable Order Form(s) and SOWs (e.g., any usage volume terms and limitations to particular Customer legal entities, business units, projects, brands, products or services set forth therein). Unless otherwise set forth in an applicable Order Form, the number and type of Tenant(s) and other usage allotments (e.g., tasks, subscribers and entities) to which Customer is entitled will correspond to the platform or edition of the Service to which Customer then subscribes, as further detailed in the Knowledge Center.

If Customer’s use of the Service exceeds the entitlements applicable to its then-current subscription, Zuora may (i) require Customer to upgrade to a different platform or edition of the Service and pay any Fees associated therewith; or (ii) terminate all applicable Order Forms for cause in accordance with Section 6.2(b) (Termination of Order Form or SOW).

4. CUSTOMER RESPONSIBILITIES
4.1 Customer Responsible for User Accounts. Customer is responsible for all activity occurring under Customer’s User accounts (except to the extent any such activity is caused by Zuora) and for complying with all laws and regulations applicable to Customer’s use of the Service and Zuora Technology. Customer also must (a) notify Zuora promptly upon becoming aware of any unauthorized use of any Customer password or account (or any other breach of security of the Service ) and (b) notify Zuora promptly upon becoming aware of, and make a reasonable effort to stop, any unauthorized copying, distribution or other misuse of any aspect of the Service.

4.2 Use Restrictions. Customer must not, without Zuora’s prior written consent, cause or permit the: (a) use, copying, modification, rental, lease, sublease, sublicense, operation of a service bureau, transfer or other commercial exploitation of, or other third party access to, any element of the Service or Zuora Technology, except to the extent expressly permitted by the Agreement; (b) creation of any modifications or derivative works of the Service or Zuora Technology; (c) reverse engineering of the Service or Zuora Technology; (d) gaining of unauthorized access to the Service, Zuora Technology or its related systems or networks; (e) interference with or disruption of the integrity or performance of the Service, Zuora Technology or the data contained therein (for example, via unauthorized benchmark testing or penetration testing); (f) sending, storing or use of any Customer Data in connection with the Service or Zuora Technology for which Customer lacks sufficient ownership or other rights; or (g) sending, storing or use of any infringing, obscene, threatening, libelous or otherwise unlawful or tortious material in connection with the Service or Zuora Technology. Customer also must use reasonable security measures to access the Service and Zuora Technology, and must not knowingly send, store or use any material containing any viruses, worms, Trojan horses or other malicious or harmful computer code, files, scripts, agents or programs in connection with the Service or Zuora Technology. Zuora also reserves the right to take all steps reasonably necessary to protect the security, integrity or availability of the Service or Zuora Technology (e.g., by temporarily suspending access by anyone who introduces malicious code or attempts to do so), notwithstanding anything to the contrary in the Agreement.

4.3 Customer PCI Responsibilities. If Customer or its third party service provider processes any credit card information using the Service, Customer will (and will ensure that its service provider, if any): (a) comply with the Payment Card Industry Data Security Standard (“PCI DSS”); (b) implement and maintain reasonable security measures to protect all cardholder data in their possession or control; and (c) not take any action in connection with using the Service that places Zuora in non-compliance with the PCI DSS (for example, storing any cardholder data in any custom fields of the Service).

5. DATA PRIVACY & SECURITY
5.1 Privacy.

  1. Zuora will treat Customer Personal Data as Confidential Information and will process Customer Personal Data in accordance with Privacy Laws. Customer will, in its use of the Service, process Customer Personal Data in accordance with the requirements of Privacy Law, including any applicable requirement to provide notice to data subjects of the use of Zuora as processor. Customer’s instructions for the processing of Customer Personal Data shall comply with Privacy Laws. Customer is solely responsible for the accuracy, quality, and legality of Customer Personal Data and the means by which Customer acquired the data. Zuora will not sell Customer Personal Data and agrees to refrain from any use or transfer of Customer Personal Data (including to or from a subprocessor or other third party) that qualifies as “selling” as such term is defined under Privacy Laws. To the extent Customer provides Zuora with Customer Personal Data of European Economic Area data subjects, Customer is deemed the data controller (as defined in the GDPR and Privacy Laws). Zuora may store, access and process Customer Data as necessary to provide the Service, including monitoring use of the Service, improving or enhancing the Service, other Zuora offerings, and otherwise meeting Zuora’s obligations under the Agreement, and as otherwise instructed by the controller of such Customer Personal Data.
  2. Customer’s Tenant(s) will be hosted in US and/or European Union data center(s) owned and controlled by Zuora or owned and controlled by a third party subcontractor of Zuora. Customer’s Tenant(s) may be accessed remotely for support and technical operations purposes from outside of the US and EU. Zuora has no obligation to provide a data center in any location outside of the US and European Union.
  3. Notwithstanding anything to the contrary in this MSA, if complying with any Privacy Laws enacted after the Effective Date would materially change Zuora’s costs or risks in providing the Service, then the Parties’respective legal counsel will promptly meet to discuss alternative options. If the Parties are unable to reach an amicable resolution within thirty (30) days, then each Party will have the right to terminate the Agreement (including all Order Forms and SOW) –in which case the termination will be effective thirty (30) days thereafter. In the event of such a termination, Customer’s sole right and Zuora’s sole obligation (except to the extent otherwise expressly stated in this MSA) will be for Zuora to promptly refund to Customer, on a pro rata basis, any Fees paid under all Order Forms and SOW then in effect that are unused as of the termination effective date.

5.2 Security.

  1. (a) Zuora shall maintain technical and organizational measures for the protection of the security, confidentiality and integrity of all Customer Data. Zuora regularly monitors compliance with these measures and will ensure that it maintains a level of security for the Service that is appropriate to the risk of processing of Customer Personal Data. Zuora will not materially decrease the overall security of the Service as long as Customer Data is in Zuora’s possession or control. Zuora’s data security measures for the Service will: (a) include reasonable administrative, physical, technical, organizational and other security measures to protect against accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, Customer Personal Data processed or stored by the Service; (b) comply with the PCI DSS (or prevailing successor industry standard, if replaced); and (c) include reasonable and appropriate controls pursuant to Zuora’s Service Organization Control (or SOC) 1 &2 audit (or other name if replaced), ISO 27001, and ISO 27018. Notwithstanding anything contained in this MSA to the contrary, subsection (b) above is not applicable to, and specifically excludes, Revenue.
  2. Zuora shall notify Customer without undue delay (but no longer than 48 hours) following confirmation of the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, Customer Personal Data (an “Incident“). Zuora will provide Customer with information, to the extent known, about the Incident and otherwise comply with its obligations under Privacy Law. Zuora will investigate the Incident, and as appropriate, take measures to remedy and prevent the recurrence thereof. Zuora’s notice is for the sole purpose of supplying information and support to Customer, and is not an automatic admission of fault or liability by Zuora.

5.3 Export & Deletion of Financial Account Data & Other Customer Data. The Service allows Customer to export and back-up Customer Data (other than Financial Account Data) at its discretion, and Zuora encourages Customer to do so regularly. In order for Zuora to adhere to its PCI DSS obligations, Zuora must conduct the export of any Financial Account Data. Zuora will provide Financial Account Data only to recipients that have the required certifications and qualifications (e.g., certification to receive information that is subject to the PCI DSS). Any export or transfer of Financial Account Data (i) must occur during the Service Term or no more than thirty (30) days after expiration or termination of the Agreement, (ii) will require Customer to first pay all amounts owed Zuora, (iii) will require the Parties to sign a separate written agreement, and (iv) will be subject to Zuora’s then-prevailing Professional Services rates. Notwithstanding the foregoing subsection (iv), Zuora will assist with one extraction of Financial Account Data free of charge. Zuora’s obligations in this Section

5.3 do not apply to Revenue, which does not process Financial Account Data. Zuora is not obligated to convert any Customer Data to a format different from that in which it resides in the data centers associated with the Service.

5.4 Data Retention. Regardless of the basis for expiration or termination of the Agreement, Zuora is not obligated to retain any Customer Data for longer than thirty (30) days after any such expiration or termination, unless otherwise agreed in advance by the Parties in writing. After such date, Customer authorizes Zuora to permanently delete all Customer Data that remains in Zuora’s possession or control.

5.5 Business Continuity & Disaster Recovery. Zuora will implement and maintain throughout the term of the Agreement reasonable business continuity and disaster recovery plans to help ensure availability of the Customer Data following any significant interruption or failure of critical business processes or systems affecting the Service. Zuora will provide copies of such plans to Customer annually upon request.

5.6 Support &Service Level Agreement. Zuora will provide technical support for the Service and maintain the Service Level Agreements as further detailed in the Knowledge Center for as long as Customer is entitled to receive support under the applicable Order Form and this MSA.

6. TERM, TERMINATION & EFFECT OF TERMINATION
6.1 Term.

  1. Term of MSA. This MSA will begin on the Effective Date and continue in effect until all Order Forms and SOWs, if any, expire or are terminated in accordance with this MSA.
  2. Term of Order Forms. The initial term of each Order Form will start on the Start Date and end on the End Date as each is identified on the Order Form (the “Initial Service Term”), and shall renew automatically as set forth below.

Unless otherwise set forth in the applicable Order Form, or unless the Order Form is terminated in accordance with Section 6.2(b), upon expiration of the Initial Service Term, the relevant Order Form will automatically renew on an annual basis for subsequent renewal terms of twelve (12) months (each a” Renewal Service Term”), unless either Party notifies the other Party in writing, at least thirty (30) days (subject to Section 7.2 ) prior to the end of the then-current Service Term, that it chooses not to renew. The Initial Service Term and all Renewal Service Terms (if any) are referred to in the Agreement collectively as the “Service Term.”

6.2 Termination.

  1. Termination of Agreement. Neither Party will have the right to terminate the Agreement without legally valid cause (no termination “for convenience”). This MSA will automatically terminate upon the date that all Order Forms and all SOWs, if any, have expired or been terminated in accordance with the terms set forth herein. Upon permitted termination of this MSA, all Order Forms and SOWs governed by it will also be terminated automatically.
  2. Termination of Order Form or SOW. Either Party may terminate an Order Form or SOW in accordance with their respective terms. Either Party may terminate an Order Form or SOW for cause upon written notice if the other Party fails to cure any material breach thereof, or any material breach of this MSA, within thirty (30) days after receiving reasonably detailed written notice from the other Party alleging the breach.

6.3 Effect of Termination.

  1. Effect of Expiration or Termination of MSA. Sections 1, 2, 4, 5.3, 5.4, 6, 8, 10, 11, 12.3, 13, 14, 15, 16 and 17 of this MSA will survive any expiration or termination of this MSA. An Order Form or SOW may identify additional terms that will survive any expiration or termination of the applicable Order Form or SOW.
  2. Effect of Termination of MSA, Order Form or SOW. Subject to the exclusive remedy provisions in this MSA: (a) if Customer terminates an Order Form, SOW or this MSA for uncured material breach in accordance with this MSA, Customer will be entitled to a refund, on a pro rata basis, of any prepaid Fees that are unused as of the termination effective date; and (b) if Zuora terminates an Order Form, SOW or this MSA for uncured material breach in accordance with Section 6.2, all amounts owed by Customer thereunder will become due and payable

7. ORDER PROCESS
Customer orders the Service via one or more Order Forms, and Customer orders Zuora’s Professional Services via one or more SOW. Customer’s Affiliates are also permitted to sign Order Forms and SOWs with Zuora that are governed by this MSA, in which case all references to “Customer” in this MSA shall be interpreted to refer to the relevant Customer Affiliate for purposes of interpreting such Affiliate Order Forms and SOW; provided, however, that Zuora’s maximum liability under Section 14 to Customer and all of its Affiliates who sign Order Forms or SOWs under this MSA shall not exceed, in the aggregate, the limits stated in Section 14.

7.1 Purchase Orders. If Customer requires that a purchase order (“PO“) be issued before making payment under an Order Form or SOW, Customer must provide to Zuora such valid PO conforming to the applicable Order Form or SOW in time for Customer to meet its payment obligations. The terms and conditions of any PO (or of any other unilateral Customer document not agreed in writing by authorized representatives of both Parties) will have no effect on the rights or obligations of the Parties, regardless of any failure to object to such terms and conditions.

7.2. Modification of Fees Upon Renewal. Zuora reserves the right to modify the Fees for its Service under one or more Order Forms, effective upon commencement of the next Renewal Service Term of the relevant Order Form(s), by notifying Customer in writing at least thirty (30) days before the end of the then-current Service Term. Unless Customer notifies Zuora in writing at least twenty (20) days prior to the end of the then-current Service Term that Customer chooses not to renew such Order Form(s), the modified Fees shall take effect under the relevant Order Form(s) upon commencement of the next Renewal Service Term.

8. FEES & PAYMENT

8.1 Payment Details. Customer must pay all fees and charges in accordance with this MSA and each mutually executed Order Form and SOW (“Fees“). Except to the extent otherwise expressly stated in this MSA, or in an Order Form or SOW:

  1. all obligations to pay Fees are non-cancelable and non-refundable;
  2. Customer must make all payments without setoffs, withholdings or deductions of any kind;
  3. Customer must pay all Fees due under all Order Forms and SOW within thirty (30) days after Customer receives each invoice (invoices are deemed received when Zuora emails them to Customer’s designated billing contact); and
  4. all Fees must be paid in U.S. Dollars.

In accordance with each Order Form: (i) Zuora charges and collects in advance the annual Fees for use of the Service based on the edition or platform of the Service subscribed to by Customer, and Customer’s contracted usage volume(s) using the Service (after the Initial Service Term, Zuora will invoice Customer for such annual Fees at least thirty (30) days prior to the start of each Renewal Service Term); and (ii) if Customer’s use of the Service exceeds the contracted usage volume(s) specified in the applicable Order Form, Customer will pay the additional usage-based Fees, as described in such Order Form.

8.2 Taxes. Zuora’s Fees are exclusive of all taxes, levies, withholdings, deductions or duties imposed by taxing authorities in connection with any Order Forms or SOW. Customer is responsible for paying all such taxes, levies, withholdings, deductions or duties except any taxes based solely on Zuora’s income or which do not arise from any Order Form or SOW. If Zuora has the legal obligation to pay or collect taxes for which Customer is responsible, that additional amount will be invoiced to, and paid by Customer, unless Customer provides Zuora a valid tax exemption certificate authorized by the appropriate taxing authority. If Customer has the legal obligation to withhold or deduct any amount from the Fees, the sum payable by Customer (in respect of which such deduction or withholding is required to be made) shall be increased to the extent necessary to ensure that Zuora receives a sum net of any withholding or deduction equal to the sum which it would have received had no such deduction or withholding been made or required to be made. Unless prohibited by the applicable taxing jurisdiction, the tax situs will be Customer’s admin user address as set forth in the applicable Order Form. Customer may update such address by providing written notice to Zuora and taxes will be updated on a prospective basis.

8.3 Customer Contact Information. Customer agrees to provide Zuora accurate billing and other contact information for each Order Form and SOW at all times during the Service Term, including the name of Customer’s applicable legal entity, and the street address, e-mail address, name and telephone number of an authorized billing contact. Customer shall update this information within thirty (30) days after any changes, via email to Zuora’s Accounts Receivable team at ar@zuora.com for billing contact information.

8.4 Consequences of Non-Payment. Subject to Section 8.2, if Customer fails to make any payments required under any Order Forms or SOW, then in addition to any other rights Zuora may have under this MSA or applicable law:

  1. Customer will owe Zuora an interest penalty of one and one-half percent (1.5%) per month on any outstanding balance under each delinquent invoice, or the maximum permitted by law (whichever is less);
  2. Zuora will be entitled to recover its reasonable costs of collection;
  3. Zuora may suspend the start of any Renewal Service Term, or subsequent Service Term agreed in an Order Form between the Parties; and
  4. If Customer’s account remains delinquent (with respect to payment of a valid invoice) for thirty (30) days after receipt of a delinquency notice from Zuora, which may be provided via email to Customer’s designated billing contact, Zuora may temporarily suspend Customer’s access to the Service for up to ninety (90) days to pursue good faith negotiations before pursuing termination in accordance with Section 6. Customer will continue to incur and owe all applicable Fees irrespective of any such Service suspension based on such Customer delinquency
9. NON-PRODUCTION USAGE From time to time, to the extent applicable, Customer may use the Service for evaluation, internal demonstration, testing or other purposes where such use is outside a Production Tenant (e.g., by using a Sandbox or another non-production service environment). By using the Service on such a non-production basis, Customer accepts the Service on an “as is” basis and acknowledges Zuora provides no express or implied warranties, indemnities or security commitments, and will have no liability, in connection with such use, notwithstanding anything to the contrary in this MSA. For the avoidance of doubt, no Personal Data or Financial Account Data may be used in a Sandbox or any other non-production service environment. Additionally, the terms of this MSA do not apply to any “beta” products, services, features or functionality made available by Zuora and any use thereof by Customer will be subject to a separate agreement by and between the Parties.
10. THIRD PARTY INTERACTIONS To the extent Customer’s use of the Service requires use of any third party products, packages or services not made available by Zuora (e.g., Oracle Java, Adobe Acrobat, Salesforce CRM, Amazon Web Services or a Web browser), Customer may be required to separately purchase or license such products, packages or services directly from the applicable third party. In addition, in connection with using the Service, Customer may choose to purchase or license certain other third party products, packages or services identified by Zuora. Any third party products, packages and services and any terms associated therewith are between Customer and the relevant third parties. Zuora does not license, support, control, endorse or otherwise make any representations or warranties regarding any third party products or services under this section, and in no event will Zuora have any liability whatsoever in connection therewith, even if Customer has directed Zuora to implement or configure the third party products, packages or services.

11. PROFESSIONAL SERVICES
If Customer wishes to purchase any training, implementation or other professional services from Zuora relating to the Service (“Professional Services“), the Parties will mutually execute one or more separate SOW containing the relevant description of services. Zuora Professional Services are separate and apart from the Service, and neither Party’s obligations in connection with the Service are dependent in any way on any Professional Services. Zuora retains all ownership rights in and to all copyrightable works, deliverables, designs, inventions, know-how, software, techniques, trade secrets, work product and other materials created by or for Zuora (either alone or jointly with Customer or others) and provided to Customer under the SOW, and any derivative works thereof, excluding any Customer Confidential Information. Zuora grants Customer a non-exclusive, non-transferable, royalty-free right to access and use the materials Zuora provides with the Professional Services internally in connection with the Service during the Term of this Agreement. Customer may not create derivative works of any materials Zuora provides with the Professional Services.

Nothing in this MSA will prohibit, restrict or limit (i) Zuora from performing the same or similar Professional Services for or providing the same or similar work product to any third party, or (ii) Customer from hiring a third party to perform professional services related to the Services.

12. WARRANTIES & DISCLAIMERS

12.1 Mutual Warranties. Each Party represents and warrants to the other that it has the legal power and authority to enter into this MSA, and that: (a) this MSA has been duly authorized, executed and delivered and constitutes a valid and binding agreement enforceable against such Party in accordance with its terms; (b) to the best of its knowledge, no authorization or approval from any third party is required in connection with such Party’s execution, delivery or performance of this MSA; and (c) to the best of its knowledge, the execution, delivery and performance of this MSA does not violate the terms or conditions of any other legally binding agreement.

12.2 Additional Zuora Commitments. Zuora further represents and warrants that:

  1. It will use reasonable technical means to screen for and detect disabling devices, viruses, trojan horses, trap doors, back doors, time bombs, cancelbots and other computer programming routines designed to damage or detrimentally interfere with software or data;
  2. The Service will perform substantially in accordance with the relevant documentation and the Service description found in the Knowledge Center, or such other location(s) as Zuora shall, from time to time, advise Customer, under normal use and circumstances;
  3. It will make reasonable efforts to notify Customer, at least thirty (30) days in advance via Zuora’s Normal Communication Channels, of any scheduled changes Zuora believes are likely to have a material, adverse impact on Customer’s use of the Service (“Material Changes“). (As a multi-Tenant SaaS vendor, Zuora reserves the right to make enhancements and other changes to the Service, including occasional deprecation and removal of certain features and functionality, subject to the Service warranty in Section 12.2(b) ); and
  4. Professional Services provided by Zuora under a SOW will be performed in a professional and workmanlike manner.

If Zuora breaches any warranties in this Section 12.2, Customer’s exclusive remedy and Zuora’s sole obligation will be for Zuora to make reasonable efforts to correct the non-conformity or, if Zuora is unable to correct the non-conformity within sixty (60) days after receipt of Customer’s written notice, for Customer to terminate the applicable Order Form(s) and receive a refund, on a pro rata basis, of any Fees prepaid under such Order Form(s) that are unused as of the termination effective date.

12.3 Warranty Disclaimers. EXCEPT TO THE EXTENT EXPRESSLY STATED IN THIS MSA: (A) ZUORA AND ITS LICENSORS MAKE NO REPRESENTATIONS OR WARRANTIES OF ANY KIND, WHETHER EXPRESS, STATUTORY OR IMPLIED (IN FACT OR BY OPERATION OF LAW), REGARDING THE SERVICE, PROFESSIONAL SERVICES, OR ANY MATTER WHATSOEVER; AND (B) ZUORA AND ITS LICENSORS DO NOT WARRANT THAT THE SERVICE OR ANY PROFESSIONAL SERVICES ARE OR WILL BE ERROR-FREE, MEET CUSTOMER’S REQUIREMENTS, ACHIEVE ANY PARTICULAR RESULTS, OR BE TIMELY OR SECURE. ZUORA AND ITS LICENSORS EXPRESSLY DISCLAIM ALL IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT WITH RESPECT TO THE SERVICE AND ANY PROFESSIONAL SERVICES, AND CUSTOMER HAS NO RIGHT TO MAKE OR PASS ON TO ANY THIRD PARTY ANY REPRESENTATION OR WARRANTY BY ZUORA.

THE SERVICE MAY BE SUBJECT TO LIMITATIONS, DELAYS, AND OTHER PROBLEMS INHERENT IN THE USE OF THE INTERNET OR ELECTRONIC COMMUNICATIONS. ZUORA IS NOT RESPONSIBLE FOR DELAYS, DELIVERY FAILURES, OR OTHER DAMAGE, LOSS OR LIABILITY RESULTING FROM SUCH PROBLEMS NOT CAUSED BY ZUORA.

CUSTOMER AGREES THAT ITS SUBSCRIPTION TO THE SERVICE AND FEES DUE OR PAID UNDER THIS MSA ARE NEITHER CONTINGENT ON THE DELIVERY OF ANY FUTURE FUNCTIONALITY OR FEATURES, NOR BASED ON ANY ORAL OR WRITTEN COMMENTS REGARDING ANY FUTURE FUNCTIONALITY OR FEATURES. MORE GENERALLY, IN ENTERING INTO THIS MSA, NEITHER PARTY IS RELYING ON ANY OTHER COMMITMENTS, STATEMENTS OR OTHER MATTERS NOT EXPRESSLY ADDRESSED IN THIS MSA, AN ORDER FORM OR AN SOW.

13. INDEMNIFICATION

13.1 By Zuora. Zuora will defend Customer, its Affiliates, officers, directors and employees from and against any claims asserted by a third party based on an allegation that use of the Service in accordance with this MSA and the applicable Order Form(s) infringes a copyright in any country or a patent of the U.S.A., United Kingdom, a member state of the European Union, Canada or Australia (collectively, “Claims“). Zuora will also indemnify Customer and its Affiliates, officers, directors and employees by paying all damages, costs and expenses (including reasonable legal fees and costs) finally awarded by a court of competent jurisdiction or agreed in a written settlement agreement signed by Zuora, arising out of such Claims.

If (a) any aspect of the Service is found by a court or, in Zuora’s reasonable opinion is likely to be found by a court, to infringe upon a third party intellectual property right, or (b) the continued use of the Service is enjoined, Zuora will promptly and at its own expense: (i) obtain for Customer the right to continue using the Service in accordance with this MSA and the applicable Order Form(s); (ii) modify the item(s) in question to no longer be infringing; or (iii) replace such item(s) with a non-infringing functional equivalent. If, after reasonable efforts, Zuora determines in good faith that options (i), (ii) and (iii) are not feasible, Zuora will remove the infringing item(s) from the Service and refund to Customer on a pro rata basis any Fees paid by Customer for such infringing element(s) that are unused as of the removal date.

Zuora will have no obligation to indemnify nor liability for any Claim under this section to the extent arising from: (x) the combination, operation or use of the Service with any product, device, software or service not supplied or authorized in writing by Zuora to the extent the combination creates the infringement; (y) the unauthorized alteration or modification by Customer of the Service, or (z) Zuora’s compliance with Customer’s designs, specifications, requests, or instructions in providing Professional Services to the extent the Claim is based on such compliance.

13.2 By Customer. Customer will defend Zuora, its Affiliates, officers, directors and employees from and against any claims asserted by a third party based on a breach by Customer of Section 4 (Customer Responsibilities) of this MSA. Customer will also indemnify Zuora and its Affiliates, officers, directors and employees by paying all damages, costs and expenses (including reasonable legal fees and costs) finally awarded by a court of competent jurisdiction or agreed in a written settlement agreement signed by Customer, arising out of the third party claims described in this section.

13.3 Requirements for Indemnification. Each Party’s respective defense and indemnity obligations under Sections 13.1 and 13.2 are contingent upon the indemnified Party: (a) promptly giving notice of the third party claim to the defending or indemnifying Party once the claim is known; (b) giving the defending or indemnifying Party sole control of the defense and settlement of the claim and not compromising or settling the claim without the defending or indemnifying Party’s approval (though the defending or indemnifying Party must not settle such claim unless the settlement unconditionally releases the other Party of all liability and does not adversely affect the other Party’s business or service in a material manner); and (c) providing appropriate information and reasonable cooperation to the defending or indemnifying Party in connection with the claim.

THE FOREGOING ARE THE DEFENDING OR INDEMNIFYING PARTY’S SOLE OBLIGATIONS, AND THE INDEMNIFIED PARTY’S EXCLUSIVE REMEDIES WITH RESPECT TO INDEMNIFICATION AND THE MATTERS ADDRESSED IN THIS SECTION 13.

14. LIMITATION OF LIABILITY
NOTWITHSTANDING ANYTHING TO THE CONTRARY IN THIS MSA, BUT ONLY TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW:

14.1 EXCEPT FOR (A) FEES DUE TO ZUORA UNDER APPLICABLE ORDER FORMS AND SOWS, (B) CUSTOMER’S OBLIGATIONS UNDER SECTIONS 4.2 AND 4.3 (USE RESTRICTIONS AND PCI OBLIGATIONS), AND SECTION 13.2 (INDEMNIFICATION BY CUSTOMER), NEITHER PARTY’S TOTAL AGGREGATE LIABILITY ARISING FROM OR RELATING TO THE AGREEMENT WILL EXCEED THE FEES ACTUALLY PAID BY AND DUE FROM CUSTOMER IN THE 12-MONTH PERIOD IMMEDIATELY PRECEDING THE EVENT GIVING RISE TO SUCH LIABILITY;

14.2 EXCEPT WITH RESPECT TO CUSTOMER’S OBLIGATIONS AND CUSTOMER’S LIABILITY UNDER SECTIONS 4.2 AND 4.3 (USE RESTRICTIONS AND PCI OBLIGATIONS), AND SECTION 13.2 (INDEMNIFICATION BY CUSTOMER), IN NO EVENT WILL EITHER PARTY OR ITS AFFILIATES, OWNERS, OFFICERS, DIRECTORS, EMPLOYEES OR LICENSORS BE LIABLE OR OTHERWISE OBLIGATED TO THE OTHER PARTY OR ANYONE ELSE FOR ANY LOSS OF PROFITS, REVENUE, OPPORTUNITIES, ECONOMIC ADVANTAGE, GOODWILL, DATA OR USE, OR FOR ANY INDIRECT, CONSEQUENTIAL, HYBRID, INCIDENTAL, SPECIAL OR PUNITIVE DAMAGES OF ANY KIND, ARISING OUT OF OR IN ANY WAY RELATED TO THE AGREEMENT, REGARDLESS OF CAUSE, EVEN IF THE PARTY FROM WHICH DAMAGES ARE BEING SOUGHT OR SUCH PARTY’S AFFILIATES OR LICENSORS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES, AND EVEN IF A REMAINING AVAILABLE REMEDY FAILS ITS ESSENTIAL PURPOSE; AND

14.3 THE TERMS OF SECTION 14 APPLY REGARDLESS OF THE FORM OF ACTION, WHETHER THE ASSERTED LIABILITY, CLAIM OR DAMAGES ARE BASED ON CONTRACT (INCLUDING BREACH OF WARRANTY), TORT (INCLUDING NEGLIGENCE), STATUTE, OR ANY OTHER LEGAL OR EQUITABLE THEORY.

THE PROVISIONS OF THIS SECTION 14 ALLOCATE RISKS UNDER THE AGREEMENT BETWEEN CUSTOMER AND ZUORA, AND THE FEES CHARGED FOR THE SERVICE ARE BASED ON THIS ALLOCATION OF RISKS AND THESE LIMITATIONS OF LIABILITY.

15. CONFIDENTIALITY
15.1 Definition. As used in this MSA, “Confidential Information” means information and materials provided by or on behalf of the disclosing Party or its Affiliate(s) (“Discloser“) to the Party or its Affiliate(s) receiving such information or materials (“Recipient” ) that (a) are identified as confidential at the time of disclosure, or (b) a reasonable person in the relevant industries should understand to be confidential based on the nature of the information and materials and all other relevant factors. For the avoidance of doubt, Customer’s Confidential Information includes Customer Data and Customer’s non-public business plans, and Zuora’s Confidential Information includes pricing terms offered under any Order Form, Zuora’s non-public business plans, all non-public aspects of the Zuora Technology, and the results of any evaluation of the Service performed by or on behalf of Customer for purposes of monitoring its availability, performance or functionality, or for any other benchmarking or competitive purposes.

15.2 Permitted Disclosures & Obligations. Recipient must not use any of Discloser’s Confidential Information for any purpose other than carrying out Recipient’s obligations or exercising its rights under the Agreement. For the avoidance of doubt, use of Confidential Information in an aggregated and anonymized manner that eliminates or does not include Personal Data is not prohibited. Recipient also must not disclose to any third party any Confidential Information, other than to Recipient’s Affiliates, contractors and consultants who (a) need to know such information, and (b) are bound by confidentiality obligations substantially similar to Recipient’s under this MSA (each Party is fully responsible for its respective Affiliates’, contractors’ and consultants’ compliance with this MSA). Recipient must treat all Discloser Confidential Information with the same degree of care Recipient gives to its own Confidential Information, but not less than reasonable care. Recipient and its Affiliates, contractors and consultants who receive Confidential Information hereunder must: (i) not use any such Confidential Information to compete with Discloser or in any other way except as reasonably necessary; (ii) (ii) promptly notify Discloser of any unauthorized use or disclosure of its Confidential Information of which Recipient becomes aware; and (iv) reasonably assist Discloser in remedying any such unauthorized use or disclosure. For the avoidance of doubt, a security breach involving Customer Data will be governed by Section 5.2, and not Section 15.

15.3 Exclusions. Recipient’s obligations under Section 15 do not apply to Discloser Confidential Information that Recipient can prove: (a) is or becomes part of the public domain through no fault of Recipient; (b) is rightfully in Recipient’s possession free of any confidentiality obligation; or (c) was independently developed by Recipient without using any Discloser Confidential Information. Disclosure by Recipient of Confidential Information (i) in response to a valid order or other legal process issued by a court or other governmental body having jurisdiction, (ii) as otherwise required by law, or (iii) necessary to establish the rights of either Party will not be a breach of this MSA if, to the extent legally permitted, Recipient gives prompt notice and reasonable cooperation so Discloser may seek to prevent or limit such disclosure. Except to the extent permitted by a separate written agreement, the Parties will not disclose any information requiring an authorization to be exported outside of the United States.

15.4 Ownership & Destruction of Confidential Information. As between Discloser and Recipient, all Discloser Confidential Information is the property of Discloser, and no license or other rights are granted or implied hereby. Promptly after any request by Discloser, Recipient will destroy or return to Discloser all Confidential Information and materials in Recipient’s possession or control. However, Recipient may retain electronic copies of any computer records or electronic files containing any Discloser Confidential Information that have been created pursuant to Recipient’s standard, reasonable archiving and backup practices.

15.5 Confidentiality Period. Recipient’s obligations with respect to Discloser’s Confidential Information under Section 15 will remain in effect for the term of the Agreement and for three (3) years after any expiration or termination of the Agreement. Notwithstanding the foregoing, Recipient’s obligations under the Agreement will continue to apply to Confidential Information that qualifies as a trade secret or Personal Data under applicable law for as long as it so qualifies.

16. GENERAL
16.1 Governing Law & Dispute Resolution. The Agreement is governed by Delaware law and controlling United States federal law, without regard to conflicts of law provisions of any jurisdiction. The Service is a service, not a good, and is not subject to the Uniform Commercial Code, the Uniform Computer Information Transactions Act, or the United Nations Convention on the International Sale of Goods. Any disputes, actions, claims or causes of action arising out of or relating to the Agreement or the Service will be subject to the exclusive jurisdiction of the state and federal courts located in Santa Clara County, California, USA. However, other than with respect to seeking injunctive relief in connection with matters that qualify for such an extraordinary remedy under applicable law, neither Party may initiate any litigation against the other Party until after providing clear written notice of its intention to do so and first making a good faith effort to resolve the dispute informally through escalation to an appropriate level of executive management of both Parties for at least thirty (30) days after providing such notice.

16.2 Assignment & Other Transfers. Neither Party may assign, sublicense or otherwise transfer (by operation of law or otherwise) the Agreement, or any of a Party’s rights or obligations under the Agreement, to any third party without the other Party’s prior written consent, which consent must not be unreasonably withheld, delayed or conditioned; provided, however, that either Party may assign or otherwise transfer this MSA, along with all associated Order Forms and SOW (and all its rights and obligations thereunder), (a) to a successor-in-interest in connection with a merger, acquisition, reorganization, a sale of most or all of its assets, or other change of control, or (b) to its Affiliate.

Notwithstanding anything to the contrary in this section, however: (i) in the event of any permitted transfer by Customer under this section to a direct competitor of Zuora, Zuora will have the right to terminate this MSA, including all associated Order Forms and SOW, for cause under Section 6.2 (in the event of such a termination, Zuora will promptly refund to Customer, on a pro rata basis, all Fees prepaid by Customer under all Order Forms and SOW then in effect that are unused as of the termination effective date); and (ii) Customer is not allowed to transfer to a successor-in-interest or Affiliate a subscription to a particular version of the Service if in Zuora’s sole determination such successor-in-interest or Affiliate would not otherwise be eligible to subscribe to that version.

In the event of a transfer by Customer that is permitted under this section, the rights granted under this MSA shall continue to be subject to the same usage limitations that applied under applicable Order Forms prior to the transfer (e.g., any transaction volume terms and limitations to particular Customer legal entities, business units, projects, brands, products or services set forth therein). Any purported assignment or other transfer in violation of this section is void. Subject to the terms of this section, this MSA and all Order Forms and SOWs hereunder will bind and inure to the benefit of the Parties and their respective permitted successors and transferees.

16.3 Force Majeure. If either Party is prevented from performing, or is unable to perform, any of its obligations under this MSA due to any cause beyond its reasonable control, e.g., war, riots, labor unrest, fire, earthquake, flood, hurricane, other natural disasters and acts of God, Internet service failures or delays, and denial of service attacks (collectively, “Force Majeure“), the affected Party’s performance will be excused for the resulting period of delay or inability to perform. The affected Party must, however, (a) give the other Party prompt written notice of the nature and expected duration of such Force Majeure, (b) use commercially reasonable efforts to mitigate the delay and other effects, (c) periodically notify the other Party of significant changes in the status of the Force Majeure, and (d) notify the other Party promptly when the Force Majeure ends.

16.4 Marketing. Zuora may: (i) identify Customer as a Zuora customer; (ii) issue a mutually agreed press release announcing that Customer has selected Zuora as a vendor; and (iii) during the Initial Service Term, make available a senior member of the Customer marketing department to participate in virtual meeting with Zuora’s customer advocacy team to discuss other potential marketing and communication opportunities regarding Customer’s use of the Service.

16.5 Independent Contractors. The Parties are independent contracting parties. Neither Party has, or will hold itself out as having, any right or authority to incur any obligation on behalf of the other Party. The Parties’ relationship in connection with the Agreement will not be construed as a joint venture, partnership, franchise, employment, or agency relationship, or as imposing any liability upon either Party that otherwise might result from such a relationship.

16.6 Notices. All legal notices (e.g., notice of termination of this MSA or an Order Form based on an alleged material breach) required under this MSA must be delivered to the other Party in writing (a) in person, (b) by nationally recognized overnight delivery service, or (c) by certified U.S. mail (requiring signature) to the other Party’s corporate headquarters, Attention: Legal Department. With respect to all other notices, Customer may email Zuora at notices@zuora.com, and Zuora may email Customer’s billing contact identified on the applicable Order Form(s) or SOW. Either Party may change its notice address by giving written notice to the other Party.

16.7 Anti-Corruption. Each Party acknowledges it has not received or been offered any illegal or otherwise improper bribe, kickback, payment, gift or other thing of value by any employee, representative or agent of the other Party in connection with the Agreement. Each Party will use reasonable efforts to promptly notify the other Party if it becomes aware of any circumstances that are contrary to this acknowledgment.

16.8 Export. Each Party agrees to comply with all applicable laws, regulations, orders and sanctions relating to prohibitions or limitations on relationships or transactions with prohibited countries or individuals (e.g., those administered by the U.S. Commerce or Treasury Departments). Customer shall not make the Service available to any individual or entity that is (i) located in a country that is subject to a United States government embargo, or (ii) is listed on any United States government list of prohibited or restricted parties.

16.9 Execution. This MSA may be signed electronically and in counterparts, in which case each signed copy will be deemed an original as though both signatures appeared on the same document.

16.10 Entire Agreement. This MSA, together with any applicable Order Forms and SOWs (including any other terms referenced in any of those documents), comprises the entire agreement between Customer and Zuora regarding the subject matter of the Agreement, and supersedes all prior or contemporaneous negotiations, discussions or agreements (including any non-disclosure or other agreement governing the sharing of confidential information by and between Zuora and Customer), whether written or oral, between the Parties regarding such subject matter, and may only be modified by a document signed by authorized representatives of both Parties. Each term and provision of the Agreement is valid and enforceable to the fullest extent permitted by law, and any invalid, illegal or unenforceable term or provision shall be deemed replaced by a term or provision that is valid and enforceable and that most effectively accomplishes the Parties’ shared goals and intent, determined from the perspective of an objective, reasonable person.

17. DEFINITIONS
As used in this Agreement:

Affiliate” means a company, corporation, individual, partnership or other legal entity that directly or indirectly controls, is controlled by, or is under common control with a Party to the Agreement. For purposes of this definition, “control” means direct or indirect ownership or control of more than fifty percent (50%) of the voting interests of the subject entity;

Content” means the audio and visual information, documentation and services contained in or made available via the Service, other than Customer Data and Customer Confidential Information;

Customer Data” means any data, information or material processed by the Service (including Personal Data and Financial Account Data) in the course of Customer or Users’ use of the Service ;

Customer Personal Data” means that portion of Customer Data that is Personal Data or Financial Account Data received from Customer or Users in the course of accessing or using the Services pursuant to the Agreement.

Financial Account Data” means credit card account information or other Customer Data that is subject to the PCI DSS or other financial industry rules or regulations regarding account information;

including” (and its variants) means including without limitation.

Knowledge Center” means Zuora’s online customer portal that includes feature and functionality descriptions of the Service, Support Services and Service Level Agreements, accessible at https://knowledgecenter.zuora.com/.

Normal Communication Channels” means the online channels through which Zuora normally communicates important information to its customers, e.g., Zuora’s online Knowledge Center and community site, and the email address(es) provided by Customer (Customer must opt-into Zuora’s online community site to receive certain important information regarding such changes and to take other required action relating to use of the Service);

Personal Data” means any information relating to an identified or identifiable natural person as such term or its equivalent (e.g., personally identifiable information or personal information) is defined by Privacy Laws;

Privacy Laws” means all laws and regulations regarding data privacy and transmission of Personal Data that apply to Zuora’s provision of the Service to Customer or Customer’s or Users’ use of the Service, as applicable, including the General Data Protection Regulation (EU) 2016/679 (GDPR) and the California Consumer Privacy Act (CCPA), as amended or superseded;

Sandbox” means a Non-Production Tenant identified as a “Sandbox” (or its equivalent, if renamed) on the applicable Order Form. “Non-Production Tenant” means a Tenant the use of which is restricted to processing non-production data solely for evaluation testing. “Tenant” means a single, discrete operational environment within Zuora’s SaaS environment in which Customer may use the Service. “Production Tenant” means a Tenant that Customer is permitted to use to process live Customer Data for production use in accordance with the applicable Order Form;

Service” means Zuora’s SaaS offerings ordered by Customer on an Order Form (including all related Content), as described on the Knowledge Center;

Service Level Agreement” means the service level agreement for the Services as set forth in the Knowledge Center.

SOW” means Statement(s) of Work, Work Authorization(s) or other contract(s) under which Zuora provides its Professional Services;

User(s)” means Customer’s Affiliates, customers, employees, representatives, consultants, contractors and agents who have been authorized by Customer to use Customer’s Tenant(s); and

Zuora Technology” means all of Zuora’s and its licensors’ proprietary technology that Zuora makes available to Customer as part of or in connection with Customer’s subscription to the Service (including any and all software, software packages, hardware, products, processes, APIs, algorithms, user interfaces, trade secrets, know-how, techniques, designs and other tangible or intangible technical material or information).