Introduction to Resiliate™ 2.0

Welcome to Resiliate, a AI-driven data resiliency software solution designed to mitigate the effects of ransomware and other malicious activities that lead to data loss. Resiliate is an advanced filesystem that aims to prevent data loss, provide quick recovery options, and achieve short Recovery Point Objectives (RPO) and Recovery Time Objectives (RTO).

What's new in Resiliate™ 2.0?

Resiliate introduces several new features allowing greater flexibility and customization for a wide range of enterprise needs, including a unified interface, the Cybernetic Engram engine, plugins, back-end stores, and statistical and AI models.

Plugin-Driven System: Resiliate™ 2.0 is plugin-driven, allowing for greater flexibility and extensibility.
Support for Multiple Filesystems: Resiliate™ 2.0 is designed to work with multiple filesystems, providing users with more options and flexibility.
Improved Transparency: The internal state of the system is exposed via the Control Plane filesystem, providing insights into its decision-making process.
Easier Deployment and Data Import: Resiliate™ 2.0 simplifies both deployment and data import, making it easier for users to get started with the system.
Enhanced Auditing Capabilities: Deep auditing of filesystem operations is introduced using Cybernetic Engrams (CEs).

Key Features of Resiliate™ 2.0

Cybernetic Engram (CE) Engine: The CE engine evaluates and performs inferences based on the state of the data, system, users, groups, processes, and history, resulting in security recommendations for file operations.
Plugins: Plugins are dynamic libraries that implement the CePlugin trait. They can evaluate filesystem operations and provide recommendations on what should happen next.
Control Plane: The Control Plane provides a unified interface for interacting with the CE engine, plugins, back-end stores, and the statistical and AI models.

Resiliate™ Package

Resiliate™ is the overall package that bundles AiFS, utilities, CellFS kernel DKMS module, and various other add-on packages. It is supported on various platforms, including x86_64 and IBM System Z.

mindmap
  root((Resiliate))
    AiFS["AiFS"]
      IntegratedWith["Integrated with CellFS"]
    ControlPlane["Control Plane"]
      UnifiedInterface["Unified Interface"]
        CEEngine["CE Engine"]
          Plugins["Plugins"]
    Includes["Includes"]
      MetricsSystem["Metrics System"]
      AiFSFuseInterface["AiFS Fuse Interface"]
      CommandLineTool["Command-line Tool"]
      SecurityPlugins["Security Plugins"]
    FutureEnhancement["Future Enhancement"]
      AiKV["AiKV"]
        KVStore["KV Store"]

Future Enhancements

Advanced Security Plugins: Enhanced security plugins are planned for AiFS, which will provide mandatory access control, mandatory integrity controls, and augmentation of Fuzzy Multi-level Security using user-behavior and data-behavior inferences driven both by statistical models and possibly AI.
AiKV: AiKV is a planned Key-Value (KV) store that will provide SQL or S3 bucket semantics.
3rd-party Audit and Monitoring helper-tools: Helper tools such as docker configs are planned to make it easier to get going with system monitoring and statistics collection.

Getting started

In this section you will learn how to get started using Resiliate on your system!

Native windows support is coming soon, meanwhile you can use Samba to export Resiliate protected partition to your Windows Network. Since all the protection is built into the file system you don't need any agents on your Microsoft Windows® end-points, and still get protection of any data stored on the Resiliate partition.

Installation

Ubuntu 22.04 LTS Server

Import the GPG key: Start by importing the GPG key for the saf.ai repository. Execute the following command:
```
curl -fsSL https://get.saf.ai/gpg | sudo gpg --dearmor -o /usr/share/keyrings/saf.ai.gpg
```
This command downloads the GPG key, dearmors it, and saves it to your system's list of trusted keys.
Add the repository: Now, add the saf.ai repository to your system's list of software sources. Use the following command:
```
curl -fsSL https://get.saf.ai/apt/ubuntu/list | sudo tee /etc/apt/sources.list.d/saf.ai.list
```
This command downloads the repository's list file and saves it in the /etc/apt/sources.list.d directory.
Create the auth.conf file: The auth.conf file stores HTTP Basic authentication credentials for private repositories.

Create it using the following command:
```
sudo nano /etc/apt/auth.conf
```
This command opens the auth.conf file in the nano text editor. If the file doesn't exist, it will be created.
Add the credentials: In the auth.conf file, add the following lines:
```
machine get.saf.ai
login demo
password <password>
```
Replace <password> with the actual password provided to by saf.ai.

Save and close the file by pressing Ctrl+X, then Y, then Enter.
Set the permissions: The auth.conf file should be owned by root and should have 0600 permissions to keep the credentials secure. Set these permissions with the following command:
```
sudo chmod 600 /etc/apt/auth.conf
```
Update your package lists: After setting up the auth.conf file, update your package lists to include the new packages from the saf.ai repository:
```
sudo apt update
```
Install Resiliate: Finally, install Resiliate with the following command:
```
sudo apt install resiliate
```

Remember to run these commands in a terminal window. If you encounter any issues, make sure you have the necessary permissions to execute these commands.

Initialization

Initialize a store on a new partition and mount this store to a location for the file system to run on.

export AIFS_PARTITION=/dev/sdb1 AIFS_MOUNTDIR=/srv/aifs
sudo aifs mkfs ${AIFS_PARTITION}
sudo mkdir -p ${AIFS_MOUNTDIR}
sudo aifs mount ${AIFS_PARTITION} ${AIFS_MOUNTDIR}

You can now use /srv/aifs for your storage needs.

Your new Resiliate filesystem is now ready to test.

Now let's create, destroy, rectify, and analyze!

Prerequisites

Hardware OR Virtual Machine	Recommendation
CPU	2.0GHz Dual Core x86_64
RAM	16GB (32 GB Recommended)
DISK	Minimum 40GB for root and 100 GB for data

Administration access: You should be able to run commands with sudo or be logged in as root.
Internet access.
Resiliate beta software access credentials.
One of the supported Linux systems:
- Ubuntu Server 22.04 LTS (x86_64, 64-bit)

Installation

Ubuntu 22.04 LTS Server

Import the GPG key: Start by importing the GPG key for the saf.ai repository. Execute the following command:
```
curl -fsSL https://get.saf.ai/gpg | sudo gpg --dearmor -o /usr/share/keyrings/saf.ai.gpg
```
This command downloads the GPG key, dearmors it, and saves it to your system's list of trusted keys.
Add the repository: Now, add the saf.ai repository to your system's list of software sources. Use the following command:
```
curl -fsSL https://get.saf.ai/apt/ubuntu/list | sudo tee /etc/apt/sources.list.d/saf.ai.list
```
This command downloads the repository's list file and saves it in the /etc/apt/sources.list.d directory.
Create the auth.conf file: The auth.conf file stores HTTP Basic authentication credentials for private repositories.

Create it using the following command:
```
sudo nano /etc/apt/auth.conf
```
This command opens the auth.conf file in the nano text editor. If the file doesn't exist, it will be created.
Add the credentials: In the auth.conf file, add the following lines:
```
machine get.saf.ai
login demo
password <password>
```
Replace <password> with the actual password provided to by saf.ai.

Save and close the file by pressing Ctrl+X, then Y, then Enter.
Set the permissions: The auth.conf file should be owned by root and should have 0600 permissions to keep the credentials secure. Set these permissions with the following command:
```
sudo chmod 600 /etc/apt/auth.conf
```
Update your package lists: After setting up the auth.conf file, update your package lists to include the new packages from the saf.ai repository:
```
sudo apt update
```
Install Resiliate: Finally, install Resiliate with the following command:
```
sudo apt install resiliate
```

Remember to run these commands in a terminal window. If you encounter any issues, make sure you have the necessary permissions to execute these commands.

Initialization

Initialize a store on a new partition and mount this store to a location for the file system to run on.

export AIFS_PARTITION=/dev/sdb1 AIFS_MOUNTDIR=/srv/aifs
sudo aifs mkfs ${AIFS_PARTITION}
sudo mkdir -p ${AIFS_MOUNTDIR}
sudo aifs mount ${AIFS_PARTITION} ${AIFS_MOUNTDIR}

You can now use /srv/aifs for your storage needs.

Your new Resiliate filesystem is now ready to test.

Now let's create, destroy, rectify, and analyze!

Test Instructions

In this section you will learn how to test your Resiliate file system.

Create some data on your system
Destroy your data
Rectify your precious data
Analyze your data and Resiliate instance

Create

Let's create some data!

On client side, navigate to Resiliate directory.
```
cd ${AIFS_MOUNTDIR}
```
Copy or extract the test data in the directory. For example, if you grabbed 200.zip from https://get.saf.ai/downloads/beta/test-data, you can unzip it in the Resiliate directory.
```
unzip 200.zip
```
Once your data is finished copying over, look at your Resiliate server and list your recovery points using the below command:
```
aifs rectify ${AIFS_MOUNTDIR} show
```

This should look something like the following:

aifs rectify show

You will notice that as the data copies in, Resiliate will automatically create various points of interest and identify them as sāf or dirty points. These recovery points can be made into backups or permanent recovery points by manually recovering them.

Destroy

Let's destroy your data!

Method 1

Manually delete your files
```
rm -rf 200/
```
Verify files are not available
```
ls -lah 200/
```

Method 2

Install ransomware of choice. Or download and install from: https://github.com/safai-labs/Python-Ransomware

Procuring ransomware can be dangerous, only use trusted sources!
Verify that your files are no longer accessible.

Rectify

Let's rectify your data!

To rescue your data from peril, you simply command Resiliate to rectify your mounted directory and your data will be recovered. There is also manual access if a more granular approach is necessary.

Run a rectify in dry run mode to see what will be rectified from what point:
```
aifs rectify ${AIFS_MOUNTDIR} now --dry-run -v
```
Run the rectify command in one of the following methods:
1. Automatically and immediately rectify your data:
```
aifs rectify ${AIFS_MOUNTDIR} now
```
2. Alternately, manually set up sāf points and rectify from them:
```
aifs rectify ${AIFS_MOUNTDIR} memory ${RECOVERY_ID}
aifs rectify ${AIFS_MOUNTDIR} from
```
Your clean data is now available in the mounted directory!

This should look something like the following:

Notice that, not only has your data been restored but also your permissions and settings.

Analyze

Let's analyze your data!

You may go into your created recovery point files and analyze how your data looks at a certain point in time.
You may also compare the differences between pre and post attacked data to determine what files were being targeted.
You will notice that the restored data has no traces of the payload. Restoring your data with Resiliate is like turning back the clock. It does not fix the damaged data it simply removes it from production and gives you back your healthy data.

Command Line Tool

The aifs command-line tool is a fast and scalable data safeguard solution that includes commands to provide streamlined use for both high-level operations and low-level access to backend stores and mount points. Your application data transparently becomes self-healing and self-defending.

The following Sections provide in-depth information on the commands available.

rectify - Manage recovery points.
filesystem - Configure Resiliate filesystem.
config - Configure Resiliate software and services.
storage - Configure Resiliate back-end storage.

Resiliate Config

NAME

aifs config - The self configurer

DESCRIPTION

Resiliate Config commands allow you to configure Resiliate software and services itself.

USAGE

cefs config {COMMAND} [OPTIONS] {ARGS}

SYNOPSIS

COMMAND	SUMMARY
`aifs config [ -h` \| `--help ]`	Prints this help message.
`aifs config [ -V` \| `--version ]`	Prints current version.
`aifs config upgrade`	Upgrade Resiliate software.
`aifs config upgradeable`	Check for Resiliate update.
`aifs config kernel`	Configure kernel module(s).
`aifs config license`	Configure license key(s).
`aifs config build-info`	Show Build Information.

OPTIONS

`upgrade`

Upgrade Resiliate software.

`-c, --channel <channel>`

Channel determines which build of Resiliate to download, configure, and update.

`upgradeable`

Check for Resiliate update.

`-c, --channel <channel>`

Channel determines which build of Resiliate to download, configure, and update.

`kernel`

Configure kernel module(s).

`-k, --kernel-version <kernel-version>`

Kernel version to compile for. (default: current version)

`license`

Configure license key(s).

`-i, --info <seed-info>`

Information used to build license seed.

`build-info`

Show Build Information.

Resiliate Filesystem

NAME

aifs filesystem - The filesystem manager

DESCRIPTION

Resiliate Filesystem commands allow you to manage the organization of Resiliate file systems.

USAGE

aifs {COMMAND} [OPTIONS] {ARGS}

SYNOPSIS

COMMAND	SUMMARY
`aifs mount <src> <mp>`	Mount a filesystem.
`aifs umount <mp>`	Unmount a filesystem.
`aifs mkfs <target>`	Create a Resiliate filesystem.

OPTIONS

`mount <source> <mount-point>`

Mount Resiliate filesystem.

Verify usage of unstable features.

`-o <MOUNT-OPTIONS>`

Storage driver options.

MOUNT-OPTIONS is one of:

control-plane=<path> Path to where the control-plane directory.

enforcement[=on|off] Enable or disable enforcement

lib-dir=<path> Path to the directory containing the plugins.

`--thread <NUMBER>`

Number of threads to use for the AiFs filesystem

[default: 4]

Back-end storage driver.

`umount <mount-point>`

Unmount a Resiliate filesystem.

`mkfs <target>`

Initialize (create) a new Resiliate filesystem.

`-D, --driver <backend>`

Backend-store determines what type of storage you want to use Resiliate on. (default: logfs) [possible values: flat-file, key-value]

`-s, --source <source>`

Source directory or block device, used to populate the data. If not specified, no data is populated.

Resiliate Storage

NAME

aifs storage - The storage controller

DESCRIPTION

Resiliate Storage commands allow you to control the backend storage. There are several storage-drivers that provide circumstantial benefits for contingent operational situations.

USAGE

aifs storage {COMMAND} [OPTIONS] {ARGS}

SYNOPSIS

COMMAND	SUMMARY
`aifs storage [ -v` \| `--verbose]`	Prints verbose progress reports.
`aifs storage [ -h` \| `--help ]`	Prints this help message.
`aifs storage [ -V` \| `--version ]`	Prints current version.
`aifs storage init <dev>`	Initialize a new back-end storage.
`aifs storage bind <dev> <mnt>`	Export back-end storage to front-end.

OPTIONS

`init <device>`

Initialize a new storage back-end.

`-f, --from <source>`

Source directory or block device, used to populate the data. If not specified, no data is populated.

`bind <device> <mount>`

Export back-end storage to front-end storage.

`-B, --backend <backend>`

Backend-storage determines what type of storage you want to use Resiliate on. [possible values: flat-file, key-value]

`-o <options>`

Advanced options. (see documentation for details)

Resiliate Rectify

NAME

aifs rectify - The sāf search and rescue tool

DESCRIPTION

Resiliate Rectify commands allow you to search and rescue recovery options. All deleted files and directories bring themselves back. All damaged files and directories self-repair to their last known good state across all memoirs.

USAGE

aifs rectify {PATH} [OPTIONS] {COMMAND} {ARGS}

SYNOPSIS

COMMAND	Summary
`aifs rectify [ -a` \| `--all ]`	Show all points.
`aifs rectify [ -l` \| `--long ]`	Show sāf points in long format.
`aifs rectify [ -v` \| `--verbose ]`	Show sāf points in verbose format.
`aifs rectify [ -h` \| `--help ]`	Prints this help message.
`aifs rectify [ -V` \| `--version ]`	Prints current version.
`aifs rectify <path> now`	Rescue a filesystem immediately.
`aifs rectify <path> from`	Provide ranged list of times or memory-blocks.
`aifs rectify <path> stores`	Show recoverable stores.
`aifs rectify <path> show`	Show recovery points.
`aifs rectify <path> memory <ID>`	Optionally, provide a transient engram ID.
`aifs rectify <path> mark-pristine`	Mark the current state as pristine.

OPTIONS

`<path> now`

Rescue a filesystem immediately.

`-n, --dry-run`

Prints recovery information without rescue.

`-d, --depth <depth>`

Prints recovery information without rescue.

`<path> from`

Provide ranged list of times or memory-blocks.

`<path> stores`

Show recoverable storages.

`--porcelain`

Show stores in porcelain format.

`<path> show`

Show recovery points.

`<path> memory <engram-id#>`

Optionally, provide a transient engram ID.

`<path> mark-pristine`

Mark the current state as pristine.

CE (Cybernetic Engram Control Engine)

The CE is a dynamic and extensible system designed to enhance threat detection and response capabilities. It achieves this by leveraging a range of plugins, each tailored to specific threat detection methodologies. The configuration of CE and its plugins is managed through a TOML file.

Each filesystem has its own control plane, which is used to interact with the CE and its plugins. The control plane is located at /var/lib/resiliate/${mount_dir_flattened}.

You can find more information about the control plane in the Control Plane

Configuration

Let's go over a sample configuration file for the CE:

# Main configuration for the Cybernetic Engram Control Engine (CE)
[ce]
# Directory where the compiled plugins are stored.
# Default: The directory where CE is installed.
plugins-dir = "target/debug"

# Directory for the CE control plane.
# Default: /var/lib/resiliate/${mount_dir_flattened}
control-plane-dir = "/tmp/ce"

# Enable or disable enforcement mode
# on | off | auto
enforcement = auto

# Configuration for the 'core' plugin, based on the 'naive' detection methodology.
[core]
# Path to the compiled plugin. This remains constant even if the section name changes.
plugin = "libce_naive.so"

# Directory containing the necessary models for the plugin.
# Default: Directory where the CE is installed.
models-dir = "/usr/share/resiliate/lib"

# Note: The same plugin can be configured multiple times if it supports multiple instances.
# For example, another instance of the 'naive' plugin can be added as:
# [core2]
# plugin = "libce_naive.so"
# models-dir = "/usr/share/resiliate/lib2"

The central configuration of the CE is defined under the [ce] section:

control-plane-dir: This directory serves as the control plane for the CE. By default, the mount point for the CE control plane is /var/lib/resiliate/${mount_dir_flattened}, but it can be overridden as shown in the example with /tmp/ce.
enforcement: Whether or not the system will obey enforcement suggestions by CE. In enforcement mode, the CE provides mandatory accerss control (MAC) over files, and grants or revokes access to processes, users, and groups. The access control based on what the evaluations of the plugins.
plugins-dir: This is the directory where the compiled plugins are stored. In the provided example, this is set to /usr/lib/resiliate/plugins.

Plugin Configuration

The CE supports multiple plugins, each defined in its section within the TOML file. The section name determines the control plane subdirectory name for that plugin. For instance:

[core]: This section configures the core plugin, which is based on the libce_naive.so library.
- plugin: Specifies the path to the compiled plugin. In the example, this is set to libce_naive.so.
- models-dir: This directory contains the necessary models for the plugin. In the example, it's set to /usr/share/resiliate/lib.

The control plane subdirectory name is derived from the section name. So, for the core plugin, the corresponding directory in the control plane would be /core.

It's worth noting that if a plugin supports it, it can be configured multiple times. This allows for diverse configurations for different use cases. The naive plugin, for instance, supports this feature.

Interacting with CE and Its Plugins

Accessing the Control Plane: Navigate to the control plane root as specified in the control-plane-dir setting. By default, this would be /var/lib/resiliate/${mount_dir_flattened}.
Viewing CE Metrics: Access the /status file within the control plane root to view the current state and metrics of the CE. Given its fixed length, you may need to re-read this file periodically for updated information.
Monitoring Threats: The /threats file within the control plane root provides real-time threat detection from all configured plugins. Like the /status file, it has a fixed length, so you'll need to re-read it to get the latest threat data.
Plugin-specific Interaction: To interact with a specific plugin, navigate to its corresponding subdirectory in the control plane. For example, for the core plugin, you would go to /core.

Examples

To view the current metrics of the CE:

cat /var/lib/resiliate/${mount_dir_flattened}/status

To check the latest threats detected by all plugins:

cat /var/lib/resiliate/${mount_dir_flattened}/threats

CONTROL PLANE

NAME

control-plane - Unified interface for Resiliate to mitigate ransomware effects and data loss.

SYNOPSIS

The control plane provides an interface between the Cybernetic Engram (CE) and its plugins, facilitating real-time interaction and data exchange.

DESCRIPTION

Welcome to Resiliate, an AI-driven data resiliency software solution designed to mitigate the effects of ransomware and other malicious activities that lead to data loss. Resiliate is an advanced filesystem that aims to prevent data loss, provide quick recovery options, and achieve short Recovery Point Objectives (RPO) and Recovery Time Objectives (RTO). The control plane acts as a unified interface for interacting with the CE engine, plugins, back-end stores, and the statistical and AI models.

The Resiliate control plane is a powerful tool for sysadmins and secadmins, offering a detailed view into the activities, threats, and health of the Resiliate filesystem. By leveraging the insights from the control plane, administrators can proactively address potential threats, ensuring data integrity and mitigating the effects of ransomware and other malicious activities.

The Resiliate control plane serves as a dedicated interface for each Resiliate filesystem, providing real-time insights and interactions with the Cybernetic Engram (CE) and its associated plugins. This interface is crucial for understanding the health, threats, and activities within the Resiliate filesystem, thereby aiding in proactive cybersecurity measures. Control Plane Structure

Control Plane Structure

For every Resiliate filesystem, a unique control plane is generated. The naming convention for the control plane mirrors the mount point of the filesystem.

For instance, a filesystem mounted at /mnt/fs1 would have its control plane located at /var/run/resiliate/mnt_fs1. Names with spaces, underscores, or other special characters get replaced by underscores _. For example for '/mnt/Home Directories', would become /var/run/resiliate/Home_Directories

Key Directories and Files

/: This is the root of the control plane. It serves as the primary entry point for accessing all control plane functionalities and associated plugins.
/status: This file provides a comprehensive overview of the current state of the Resiliate filesystem. It includes metrics from the CE, detailing damaged files, potential exfiltrations, user interactions, and specific recommendations based on detected threats or anomalies. The recommendations can range from auditing to quarantining, based on the severity and nature of the detected activity.

See resiliate-cp-status for more information.

`/threats` File Components

This file lists potential threats detected by the CE. It categorizes threats based on their nature, such as 'Wiper Detected' or 'Ransomware type encryption detected'. These threats are often detected by the underlying plugins, which then relay this information to the CE.

Plugin Integration

Each directory present in the root of the control plane (e.g., /naive) represents an instance of a specific plugin. These plugins are responsible for gathering granular data and insights, which are then processed by the CE. The CE, in turn, updates its internal state, making it accessible through the /status file.

For example, the naive directory represents an instance of the naive plugin. The internal state and metrics of this plugin can be accessed through files within the /naive directory. This structure allows for modular and scalable integration of multiple plugins, each contributing to the overall cybersecurity posture of the Resiliate filesystem.

Core plugin

The core plugin provides the basic set of metrics and functionalities for the Resiliate filesystem.

CONFIGURATION

Control plane is configured through the corresponding ce configuration file. See Cybernetic Engram Control Engine for more information.

USAGE

Ensure that only authorized users have access to the control plane. Regularly update the control plane and its plugins to patch any known vulnerabilities.

BUGS

No known issues as of the current version. Please report any bugs to the Resiliate development team.

AUTHOR

Resiliate Development Team. For more information, contact support@saf.ai.

Resiliate - control-plane - /status file

Description - /status File Components

Let's consider the following example of the /status file:

CE Metrics:
Damaged Files:          5 (242402s)
Exfiltrations:          0 (242402s)
Users: 2
Groups: 2
Processes: 4
u:      1000 recommendation: Audit, Quarantine, reason: source: all, attack: Damage, score: 0.5625, sigma: 1.2500, cosine: 0.0000, description: , rv: Displayed extension pdf is inconsistent with predicted extensions ???          2 (228936s)          0 (228936s)
u:         0 recommendation: Stop, Audit, Quarantine, reason: source: all, attack: Damage, Malicious, score: 0.7661, sigma: 3.0000, cosine: 0.0000, description: , rv: Displayed extension pdf is inconsistent with predicted extensions ["???"]       8509 (228936s)          0 (241366s)
g:         0 recommendation: Stop, Audit, Quarantine, reason: source: all, attack: Damage, Malicious, score: 0.7661, sigma: 3.0000, cosine: 0.0000, description: , rv: Displayed extension pdf is inconsistent with predicted extensions ["???"]       8509 (228936s)          0 (241366s)
g:      1000 recommendation: Audit, Quarantine, reason: source: all, attack: Damage, score: 0.5625, sigma: 1.2500, cosine: 0.0000, description: , rv: Displayed extension pdf is inconsistent with predicted extensions ???          2 (228936s)          0 (228936s)
p:         0 recommendation: Stop, Audit, Quarantine, reason: source: all, attack: Damage, Malicious, score: 0.7500, sigma: 3.0000, cosine: 0.0000, description: , rv: Displayed extension pdf is inconsistent with predicted extensions ["???"]        824 (228936s)          0 (241366s)
p:   1923090 recommendation: Audit, Quarantine, reason: source: all, attack: Damage, score: 0.5625, sigma: 1.2500, cosine: 0.0000, description: , rv: Displayed extension pdf is inconsistent with predicted extensions ???          2 (228936s)          0 (228936s)
p:   1908076 recommendation: Stop, Audit, Quarantine, reason: source: all, attack: Damage, score: 0.1328, sigma: 3.0000, cosine: 0.0000, description: , rv: File type changed from text/plain to image/gif       7685 (241322s)          0 (241366s)
p:   1922934 recommendation: Continue, reason: source: all, attack: None, score: 0.0000, sigma: 0.0000, cosine: 0.0000, description: , rv: None          0 (228961s)          0 (228961s)

CE Metrics: This section provides an overview of the metrics gathered by the Cybernetic Engram (CE) for the Resiliate filesystem.

Damaged Files: Represents the number of files that have been detected as damaged. The value in parentheses (242402s) indicates the time (in seconds) since this metric was last updated.

Exfiltrations: Represents the number of unauthorized data exfiltrations detected. Similar to the damaged files metric, the value in parentheses indicates the time since the last update.

Users: The total number of unique user IDs (UIDs) that have interacted with the filesystem.

Groups: The total number of unique group IDs (GIDs) that have been associated with the filesystem.

Processes: The total number of unique process IDs (PIDs) that have interacted with the filesystem.

Detailed Metrics:

Each subsequent line provides detailed metrics for specific UIDs, GIDs, or PIDs. The prefixes u:, g:, and p: are used to denote user IDs, group IDs, and process IDs respectively. These prefixes are designed for easy filtering using utilities like grep, sed, and awk.

For each UID, GID, or PID, the following information is provided:

Recommendation: Suggested actions based on the detected activities. Examples include Audit, Quarantine, and Stop.

Reason: A breakdown of the reasons behind the recommendation. This includes:

Source: The source of the detected activity, e.g., all.

Attack: The type of malicious activity detected, e.g., Damage, Malicious.

Score: A numerical score representing the severity of the detected activity.

Sigma: A statistical measure related to the detected activity.

Cosine: Another statistical measure.

Description: A textual description providing more context about the detected activity.

rv (Reasoning Vector): Provides specific details about the detected anomaly. For instance, Displayed extension pdf is inconsistent with predicted extensions indicates a potential file type mismatch.

Exfiltrations Detected: The number before the first set of parentheses indicates the number of exfiltrations detected for that specific UID, GID, or PID. The value in parentheses represents the time since the last update.

Damage Detected: The number after the first set of parentheses indicates the number of damages detected. The value in the subsequent parentheses represents the time since the last update.

Example Use Cases

1. User Behavior Analysis

Problem: A sysadmin wants to monitor user behavior to detect any unusual activities that might indicate compromised accounts or insider threats.

Solution: By analyzing the /status file, the sysadmin can track activities of specific users (using the u: prefix). For instance, a sudden spike in damaged files or exfiltrations for a particular user might indicate suspicious behavior.

Example:

grep "^u:" /status | awk '$3 > 10 {print $0}'

This command filters out users with more than 10 damaged files, which can then be further investigated.

2. Real-time Threat Detection

Problem: A security admin wants to set up real-time alerts for potential threats.

Solution: The /threats file can be monitored for changes. Any new entries can trigger an alert. Additionally, the score and sigma values in the /status file can be used to set thresholds for alerts.

Example:

tail -f /threats | grep "Ransomware"

This command monitors the threats file in real-time for any ransomware-related entries.

3. Data Labeling for Machine Learning

Problem: A data scientist wants to train a machine learning model to predict malicious activities and needs labeled data.

Solution: The /status file provides labeled data with reason, attack, and score fields. This data can be extracted and used as training data for the model.

Example:

awk -F" " '{print $4, $6, $8}' /status > training_data.csv

This command extracts the reason, attack, and score fields for machine learning training.

4. Impact Detection Post-Incident

Problem: After a security incident, a secadmin wants to assess the impact, specifically which processes were involved and the extent of the damage.

Solution: The p: entries in the /status file can be analyzed to see which processes were active during the incident and how many files they damaged or exfiltrated.

Example:

grep "^p:" /status | awk '$3 > 0 || $5 > 0 {print $0}'

This command lists processes that have damaged or exfiltrated files.

5. Forensic Analysis

Problem: After a data breach, forensic experts want to trace back the activities of a particular group or user to understand the breach's origin.

Solution: The /status file can be analyzed to track the activities of specific groups (using the g: prefix) or users over time.

Example:

grep "^g:1000" /status

This command retrieves all activities associated with group ID 1000.

These scenarios highlight the versatility of the Resiliate filesystem's /status and /threats files in addressing various system and security administration challenges. By leveraging this data, professionals can proactively manage, monitor, and mitigate potential risks.

/status use-cases

Here are some scenarios where the information from the /status file of the Resiliate filesystem can be invaluable:

1. User Behavior Analysis

Problem: A sysadmin wants to monitor user behavior to detect any unusual activities that might indicate compromised accounts or insider threats.

Example:

grep "^u:" /status | awk '$3 > 10 {print $0}'

This command filters out users with more than 10 damaged files, which can then be further investigated.

2. Real-time Threat Detection

Problem: A security admin wants to set up real-time alerts for potential threats.

Example:

tail -f /threats | grep "Ransomware"

This command monitors the threats file in real-time for any ransomware-related entries.

3. Data Labeling for Machine Learning

Problem: A data scientist wants to train a machine learning model to predict malicious activities and needs labeled data.

Solution: The /status file provides labeled data with reason, attack, and score fields. This data can be extracted and used as training data for the model.

Example:

awk -F" " '{print $4, $6, $8}' /status > training_data.csv

This command extracts the reason, attack, and score fields for machine learning training.

4. Impact Detection Post-Incident

Problem: After a security incident, a secadmin wants to assess the impact, specifically which processes were involved and the extent of the damage.

Solution: The p: entries in the /status file can be analyzed to see which processes were active during the incident and how many files they damaged or exfiltrated.

Example:

grep "^p:" /status | awk '$3 > 0 || $5 > 0 {print $0}'

This command lists processes that have damaged or exfiltrated files.

5. Forensic Analysis

Problem: After a data breach, forensic experts want to trace back the activities of a particular group or user to understand the breach's origin.

Solution: The /status file can be analyzed to track the activities of specific groups (using the g: prefix) or users over time.

Example:

grep "^g:1000" /status

This command retrieves all activities associated with group ID 1000.

CE Plugins

CE plugins dynamically loadable modules.

DESCRIPTION

The CE plugins are dynamic libraries that implement the CePlugin trait. They can evaluate filesystem operations and provide recommendations on what should happen next.

PLUGIN CONFIGURATION

The configuration for each plugin is defined in the /etc/resiliate/ce.toml file. The specific configuration for each plugin is defined in the documentation for that plugin.

configuring the control plane

Control plane is configured via the CE configuration file. Please refer to the CE Configuration section for more information.

Troubleshooting

Fixing Broken Installation of Resiliate on Ubuntu 22.04 LTS Server

Introduction

This guide aims to help you troubleshoot and fix a broken installation of Resiliate on Ubuntu 22.04 LTS Server. Follow the steps below to uninstall and reinstall Resiliate effectively.

Uninstalling Resiliate

Step 1: Remove Resiliate Package

To remove the Resiliate package, run the following command:

sudo apt remove resiliate-ce-engine \
    resiliate-ce-naive \
    resiliate-drivers-cellfs-api \
    resiliate-cellfs-driver cellfs-tools \
    cellfs-kmod-dkms resiliate-aifs \
    resiliate-ce-noop resiliate-ce-audit

Please Note the Following Steps

clean up

You should see:

clean up

Step 2: Remove Configuration Files

If you want to remove all configuration and database files, use the purge command:

sudo apt purge resiliate-ce-engine \
    resiliate-ce-naive \
    resiliate-drivers-cellfs-api \
    resiliate-cellfs-driver cellfs-tools \
    cellfs-kmod-dkms resiliate-aifs \
    resiliate-ce-noop resiliate-ce-audit

You should see the following:

clean up

Step 3: Update Package Lists

Update your package lists to reflect the removal:

sudo apt update

Reinstalling Resiliate

Step 1: Update Package Lists

Before reinstalling, update your package lists:

sudo apt update

Step 2: Install Resiliate

Run the following command to install Resiliate:

sudo apt install resiliate

install

Common Issues and Fixes

Issue: GPG Key Errors

Fix: Re-import the GPG key by running:

curl -fsSL https://get.saf.ai/gpg | sudo gpg --dearmor -o /usr/share/keyrings/saf.ai.gpg

Issue: Repository Errors

Fix: Re-add the repository:

curl -fsSL https://get.saf.ai/apt/ubuntu/list | sudo tee /etc/apt/sources.list.d/saf.ai.list

Integrating with Microsoft Windows

Prerequisites

Please go through the Installation process and configure a Resiliate file-server before continuing.

It is recommended that you install Samba on the Linux server using:

apt install samba

You can use Resiliate with Windows in a variety of ways. There are many configurations here, please choose the one that works for your particular use-case.

Windows Workgroup

The easiest way to integrate with Microsoft Windows networks is to simply configure a samba service on your Resiliate file-server with a selected number of common shares.

This method is also good for creating an environment that will integrate with LDAP or RADIUS based authentications.

Please make sure that a share drive is available over NFS or Samba.

Windows Active Directory

If it's your first time working with Resiliate, please consider deploying it on a standalone environment before integrating it with Active Directory.

When connecting Resiliate server via SMB or NFSv4, please make sure that Resiliate server is configured to be a domain member.

Prerequisites

Ensure that you have a fully operational CEPH cluster. If you do not already have a CEPH cluster set up, follow the instructions in the official CEPH documentation to get started.

Configuration

Configure CEPH Block Storage (RBD):

Resiliate will interact with the CEPH cluster using the RADOS Block Device (RBD) interface. To set up an RBD in your CEPH cluster, follow the RBD configuration instructions provided by CEPH.
Map the CEPH Block Device to your system:

After setting up the RBD, map it to a block device on your system using the following command:
```
sudo rbd map poolname/devicename --name client.admin
```
Ensure that you replace poolname and devicename with the appropriate names for your configuration.
Initialize and Mount the Store:

Now initialize the CEPH-backed store with Resiliate filesystem and mount it at your preferred location. For example:
```
export AIFS_PARTITION=/dev/rbd/poolname/devicename AIFS_MOUNTDIR=/srv/cefs
sudo aifs storage init ${AIFS_PARTITION}
sudo mkdir -p ${AIFS_MOUNTDIR}
sudo aifs filesystem mount ${AIFS_PARTITION} ${AIFS_MOUNTDIR}
```
Your CEPH-backed Resiliate filesystem is now ready to use. Any data written to /srv/cefs will now be stored on your CEPH cluster.

Note: This assumes that you have installed the necessary CEPH client utilities on the same machine where you're running these commands.

Remember to always test this setup with non-critical data first, until you are confident that everything is functioning as expected.

Lastly, the performance of the Resiliate system when backed by CEPH will depend heavily on the performance and configuration of your CEPH cluster. So, ensure your CEPH cluster is well-optimized for your workload.

Minimal CEPH Cluster Setup Guide (alpha)

Here's a guide to setting up a minimal CEPH cluster for testing purposes. It assumes you're using Ubuntu 22.04, and will install a one-node CEPH cluster. This guide also assumes you're familiar with virtual machines and have one set up already.

IMPORTANT NOTE: Alpha Support for CEPH in Resiliate

Please be aware that, as of this writing, support for CEPH storage in Resiliate is in an alpha stage. This means that while basic functionalities have been implemented and tested, comprehensive support and full stability are not yet guaranteed.

Alpha-level software is usually not feature complete and might contain bugs. These versions are released for users to test and provide feedback, helping developers identify issues, understand user experience, and receive suggestions for improvements.

While using Resiliate with CEPH, you may encounter unexpected behavior, bugs, or other issues. We strongly encourage users to report any issues they encounter, which will be invaluable in improving the support for CEPH.

In light of the alpha status of CEPH support, we recommend using Resiliate with CEPH for testing, development, and non-critical applications. For production environments and applications that require high reliability and stability, it may be best to wait until CEPH support has reached a more mature stage in its development cycle.

We appreciate your understanding and patience as we work on providing robust and reliable support for CEPH in Resiliate. Your feedback and contributions during this period are greatly appreciated.

1. Pre-requisites

A Virtual Machine with Ubuntu 22.04 installed.
Sudo or root privileges on the VM.
Stable Internet connection for downloading packages.

2. Installing CEPH

First, update the system and install NTP:

sudo apt-get update
sudo apt-get install ntp -y

Install CEPH:

wget -q -O- 'https://download.ceph.com/keys/release.asc' | sudo apt-key add -
echo deb https://download.ceph.com/debian-octopus/ $(lsb_release -sc) main | sudo tee /etc/apt/sources.list.d/ceph.list
sudo apt-get update
sudo apt-get install ceph-deploy -y

3. Creating the CEPH Cluster

Create a new directory for configuration:

mkdir ~/ceph-cluster
cd ~/ceph-cluster

Create a new cluster:

ceph-deploy new {your-node}

Replace {your-node} with your node's hostname.

4. Configuring the CEPH Cluster

Update your Ceph configuration file, found in your ceph-cluster directory, with the following lines to the [global] section:

echo "osd pool default size = 1" >> ceph.conf
echo "osd crush chooseleaf type = 0" >> ceph.conf

5. Installing CEPH

ceph-deploy install {your-node}

Replace {your-node} with your node's hostname.

6. Creating the Monitor Daemon

ceph-deploy mon create-initial

7. Creating the OSD

This guide uses a directory for the OSD for simplicity, which is not suitable for production environments.

Create a directory for the OSD:

sudo mkdir /srv/osd
sudo chown ceph:ceph /srv/osd

Prepare and activate the OSD:

ceph-deploy osd prepare {your-node}:/srv/osd
ceph-deploy osd activate {your-node}:/srv/osd

Replace {your-node} with your node's hostname.

8. Checking the Cluster

ceph status

The cluster should be active and clean.

9. Setting up CEPH Client

To access the cluster, you'll need to set up a CEPH client:

sudo apt get install -y ceph-fuse python-ceph python-rados python-rbd \
    python-cephfs librados2 librbd1 libcephfs1 libradosstriper1 python-rgw

If the CEPH installation and setup were successful, you should be able to create, mount and use RADOS block devices on your VM to store Resiliate data.

This is a minimal, non-redundant setup. In a production environment, you'd want multiple OSDs and monitors for redundancy and performance. Also, don't use directories as OSDs in production.

Make sure to replace {your-node} with your hostname where applicable in the above commands.

For a more comprehensive guide to setting up CEPH, see the official CEPH documentation.

Important Note

This setup can provide a functional testing environment for Resiliate, but it's important to note that this is a minimal setup designed for getting started and testing out the basic functionality. The CEPH setup described here is a single-node cluster with non-redundant storage, which means that it lacks the redundancy and fault tolerance that a full, production-grade CEPH cluster would provide.

Before starting to test Resiliate, make sure the CEPH cluster is functioning as expected. The command ceph status can be used to check the health of the cluster. If the cluster status is HEALTH_OK, then you can proceed with setting up Resiliate.

When setting up Resiliate on this system, ensure that it is properly configured to use the CEPH storage. The details of this will depend on the specific requirements and options provided by Resiliate.

Moreover, the CEPH setup in this guide doesn't have any safeguards against data corruption that could be caused by hardware failures, software bugs, or other problems. Given that Resiliate includes features to protect against data corruption, this minimal environment could be used to test these features under controlled conditions. However, a real-world production setup would include more comprehensive data protection measures at both the CEPH level and the filesystem level.

Please refer to the Resiliate and CEPH documentation or consult with a qualified system administrator to ensure your testing setup meets your specific needs.

CEPH Storage Gateway

(Coming soon)

Policies

Terms of Use

Agreements and Policies

sāf.ai, Inc. General Terms of Use

These are general site terms, relevant when browsing the saf.ai website.

Effective: August 19, 2019

This website saf.ai is operated by sāf.ai, Inc. (we, our, or us). It is available at: https://saf.ai and may be available through other addresses or channels.

Consent. By accessing and/or using our Site, you agree to these terms of use and our Privacy Policy ("Terms"). Please read these Terms carefully and immediately cease using our Site if you do not agree with them.
Variations. We may, at any time and at our discretion, vary these Terms by publishing the varied terms on our Site. We recommend you check our Site regularly to ensure you are aware of our current terms. Materials and information on this Site (Content) are subject to change without notice. We do not undertake to keep our Site up-to-date, and we are not liable if any Content is inaccurate or out-of-date.
License to use our Site. We grant you a non-exclusive, royalty-free, revocable, worldwide, non-transferable license to use our Site in accordance with these Terms. All other uses are prohibited without our prior written consent.
Prohibited conduct. You must not do or attempt to do anything: that is unlawful; prohibited by any laws applicable to our Site; which we would consider inappropriate; or which may bring us or our Site into disrepute, including (without limitation):
1. anything that would constitute a breach of an individual's privacy (including uploading private or personal information without an individual's consent) or any other legal rights;
2. using our Site to defame, harass, threaten, menace, or offend any person. interfering with any user using our Site;
3. tampering with or modifying our Site, knowingly transmitting viruses or other disabling features, or damaging or interfering with our Site, including (without limitation) using trojan horses, viruses or piracy or ¡programming routines that may damage or interfere with our Site;
4. using our Site to send unsolicited messages; or
5. facilitating or assisting a third party to do any of the above acts.
Exclusion of competitors. You are prohibited from using our Site, including the Content, in any way that competes with our business.
Information. The Content is not comprehensive and is for general information purposes only. It does not take into account your specific needs, objectives or circumstances, and it is not advice. While we use reasonable attempts to ensure the accuracy and completeness of the Content, we make no representation or warranty in relation to it, to the maximum extent permitted by law.
Intellectual Property rights. Unless otherwise indicated, we own or license all rights, title and interest (including intellectual property rights) in our Site and all of the Content. Your use of our Site and your use of and access to any Content does not grant or transfer to you any rights, title or interest in relation to our Site or the Content. You must not:
1. copy or use, in whole or in part, any Content;
2. reproduce, retransmit, distribute, disseminate, sell, publish, broadcast or circulate any Content to any third party; or
3. breach any intellectual property rights connected with our Site or the Content, including (without limitation) altering or modifying any of the Content, causing any of the Content to be framed or embedded in another website or platform, or creating derivative works from the Content.
User Content. You may be permitted to post, upload, publish, submit or transmit relevant information and content (User Content) on our Site. We claim no ownership of the intellectual property rights in User Content you provide to the Site. Your profile and content uploaded remain yours. However, by submitting User Content on or through our Site, you agree to allow others to view and share your User Content and you grant to us a worldwide, irrevocable, perpetual, non-exclusive, transferable, royalty-free license to use the User Content, with the right to use, view, copy, adapt, modify, communicate, publicly display, publicly perform, transmit, stream, broadcast, access such User Content on, through or by means of our Site. You agree that you are solely responsible for all User Content that you make available on or through our Site. You represent and warrant that:

a. you are either the sole and exclusive owner of all User Content or you have all rights, licenses, consents and releases that are necessary to grant to us the rights in such User Content (as contemplated by these Terms); and

b. neither the User Content nor the posting, uploading, publication, submission or transmission of the User Content or our use of the User Content on, through or by means of our Site will infringe, misappropriate or violate a third party's intellectual property rights, or rights of publicity or privacy, or result in the violation of any applicable law or regulation.

We do not endorse or approve, and are not responsible for, any User Content. We may, at any time (at our sole discretion), remove any User Content.
Third party sites. Our Site may contain links to websites operated by third parties. Unless expressly stated otherwise, we do not control, endorse or approve, and are not responsible for, the content on those websites. You should make your own investigations with respect to the suitability of those websites.
Discontinuance. We may, at any time and without notice to you, discontinue our Site, in whole or in part. We may also exclude any person from using our Site, at any time and at our sole discretion. We are not responsible for any Liability you may suffer arising from or in connection with any such discontinuance or exclusion.
Warranties and disclaimers. To the maximum extent permitted by law, we make no representations or warranties about our Site or the Content, including (without limitation) that: they are complete, accurate, reliable, up-to-date and suitable for any particular purpose; access will be uninterrupted, error-free or harm-free; or access to our Site will be secure.

You read, use, and act on our Site and the Content at your own risk.
Limitation of liability. To the maximum extent permitted by law, we are not responsible for any loss, damage or expense, howsoever arising, whether direct or indirect and/or whether present, unascertained, future or contingent (Liability) suffered by you or any third party, arising from or in connection with your use of our Site and/or the Content and/or any inaccessibility of, interruption to or outage of our Site and/or any loss or corruption of data and/or the fact that the Content is incorrect, incomplete or out-of-date.
Indemnity. To the maximum extent permitted by law, you must indemnify us, and hold us harmless, against any Liability suffered or incurred by us arising from or in connection with your use of our Site or any breach of these Terms or any applicable laws by you. This indemnity is a continuing obligation, independent from the other obligations under these Terms, and continues after these Terms end. It is not necessary for us to suffer or incur any Liability before enforcing a right of indemnity under these Terms.
Termination. These Terms are effective until terminated by us, which we may do at any time and without notice to you. In the event of termination, all restrictions imposed on you by these Terms and limitations of liability set out in these Terms will survive.
Disputes. In the event of any dispute arising from, or in connection with these Terms (Dispute), the party claiming there is a Dispute must give written notice to the other party setting out the details of the Dispute and proposing a resolution. Within 7 days after receiving the notice, the parties must, by their senior executives or senior managers (who have the authority to reach a resolution on behalf of the party), meet at least once to attempt to resolve the Dispute or agree on the method of resolving the Dispute by other means, in good faith. All aspects of every such conference, except the fact of the occurrence of the conference, will be privileged. If the parties do not resolve the Dispute, or (if the Dispute is not resolved) agree on an alternate method to resolve the Dispute, within 21 days after receipt of the notice, the Dispute may be referred by either party (by notice in writing to the other party) to litigation.
Severance. If a provision of these Terms is held to be void, invalid, illegal or unenforceable, that provision must be read down as narrowly as necessary to allow it to be valid or enforceable. If it is not possible to read down a provision (in whole or in part), that provision (or that part of that provision) is severed from these Terms without affecting the validity or enforceability of the remainder of that provision or the other provisions in these Terms.
Jurisdiction. Your use of our Site and these Terms are governed by the laws of Maryland, USA. You irrevocably and unconditionally submit to the exclusive jurisdiction of the courts operating in Maryland and any courts entitled to hear appeals from those courts and waive any right to object to proceedings being brought in those courts. Our Site may be accessed throughout the USA and overseas. We make no representation that our site complies with the laws (including intellectual property laws) of any country outside the USA. If you access our Site from outside the USA, you do so at your own risk and are responsible for complying with the laws of the jurisdiction where you access our Site.

For any questions and notices, please contact us at: Sāf.ai, Inc., 7200 Wisconsin Avenue, Bethesda, MD 20814, USA

Email: support@saf.ai

Last update: July, 2020.

sāf.ai --- Privacy Policy

sāf.ai's second founding principle is that data privacy is a fundamental right. This privacy policy is a part of our commitment to data privacy. This policy outlines the nature of the data that we collect, what we do with that data, and how we protect that data for our website: https://saf.ai, our social media sites, and social networking sites.

What data do we collect?

sāf.ai collects Non-Personally Identifying Information (Non-PII) and possibly Personally Identifying Information (PII) depending on the nature of your interaction.

Non-PII is data is anonymous, in that, it cannot be used to distinguish or trace any specific individual's identity. This information is automatically collected when visiting our website and includes the IP address, date, time, page(s) accessed, browser type and the referring page (if applicable).

As a general rule, saf.ai does not collect PII when you visit our website, unless you choose to provide such information to us. PII may include your name, email, address, phone number, or other information that identifies you personally. If you choose to provide us with PII, by completing a web form or sending us an email, we will use that information to help provide you the information or service you have requested or to respond to your message.

How do we use this information?

We may use this information in the following ways:

To improve and deliver the type of content and product offerings which would most interest and serve you.
To allow us to better respond to your requests and inquiries.
To administer a contect, promotion, survey, or other site feature.
To send periodic emails regarding your requests, inquiries, or other products and services.

What about "cookies"?

Cookies are small files that a site or its service provider transfers to your computer's hard drive through your web browser (if you allow it). This enables the site or service provider to recognize your browser and capture and remember certain information. They also help us understand your preferences based on previous or current site activity, which enables us to provide you with improved services. We also use cookies to help us compile aggregate data about site traffic and site interaction so that we can offer better site experiences in the future.

You can choose to have your computer warn you each time a cookie is being sent, or you can choose to turn off all cookies. Should you choose to disable cookies, some features that make the site more efficient will also be disabled and may limit the functionality of the site for you. We may also use trusted third party services that track this information on our behalf.

Who has access?

We do not and will never rent, sell, or trade Non-PII or PII. Only our employees and third parties (who we trust and have agreed to keep this information confidential) that are directly responsible for or assist us in operating our website, conducting our business, or servicing you will have access to your information. Their access gives them the ability to process it on sāf.ai's behalf or to provide services available at sāf.ai's website. We will only release your information when we believe release is appropriate to comply with the law, enforce our site policies, or to protect ours and others' rights, property and safety.

How do we protect it?

sāf.ai protects your data by empowering your data to protect itself. We use sāf.ai patented technology to ensure that your data is protected at all times. For more information on how we do this please visit https://saf.ai.

Please remember that no method of transmission over the Internet is 100% secure.

sāf.ai -- Cybernetic Engram Filesystem

END USER LICENSE AGREEMENT

NOTICE: BY CLICKING "I AGREE", ACCESSING, DOWNLOADING, INSTALLING, OR USING THE SOFTWARE (AS DEFINED BELOW), YOU AGREE TO THE TERMS AND CONDITIONS OF THIS LICENSE AGREEMENT ("AGREEMENT") WITH SĀF.AI, INC. ("SĀF.AI"). IF YOU HAVE SPECIFIED IN CONNECTION WITH THE REGISTRATION PROCESS FOR THE SOFTWARE THAT YOU ARE ACTING ON BEHALF OF A COMPANY OR OTHER ORGANIZATION, YOU REPRESENT THAT YOU ARE AUTHORIZED TO LEGALLY BIND SUCH ORGANIZATION AND THAT YOU CONCLUDE THE AGREEMENT ON BEHALF OF SUCH ORGANIZATION. AS USED HEREIN, THE TERMS "YOU" AND "LICENSEE" SHALL REFER, JOINTLY AND SEVERALLY, TO YOU INDIVIDUALLY AND ANY ORGANIZATION ON WHOSE BEHALF YOU ACT.

IF YOU DO NOT AGREE TO THE TERMS AND CONDITIONS OF THIS LICENSE AGREEMENT, CLICK THE "CANCEL", "NO", "CLOSE WINDOW" BUTTON, OR THE BUTTON WITH EQUIVALENT FUNCTIONALITY, AND MAKE NO FURTHER USE OF THE SOFTWARE.

DEFINITIONS
1. "Base Version" shall mean a version of the Software that is subject to the Trial Period and to a per-usage cost after the end of the Trial Period.
2. "AIFS" shall mean sāf.ai Cybernetic Engram File System.
3. "Community Edition" shall mean a version of the Software that is free to use up to a specified data limit.
4. "Software" shall mean collectively the Community Edition and the Base Version of sāf.ai's software and the media and Documentation provided by sāf.ai to Licensee. The Software will be provided in object form only.
5. "Documentation" shall mean the printed or online written reference material furnished to Licensee in conjunction with the Software, including, without limitation, instructions, and end user guides.
6. "Intellectual Property Rights" shall mean all intellectual property rights, including, without limitation, patent, copyright, trademark, and trade secret, recognized in any jurisdiction worldwide, whether perfected or not, and any similar and other proprietary rights.
7. "Open Source Software" means code that is provided with the Software and identified as open source code or otherwise as being subject to open source license terms.
8. "Updates" shall mean a modification, error correction, bug fix, new release, or other update to or for the Software.
9. "Trial Period" shall mean a 30-day period from the date that Licensee installs a Base Version of the Software. Licensee may register and provide payment information for the Base Version at any time during the Trial Period, which action will end the Trial Period.
LICENSE GRANT, USE AND OWNERSHIP
1. License. Subject to the terms and conditions of this Agreement, sāf ai grants to Licensee a non-exclusive, royalty-free, non-transferable, non-assignable license (without the right to sublicense) to use the Software in accordance with the Documentation
  
  i. solely for personal use if Licensee is an individual, or
  
  ii. solely for internal business purposes if Licensee is a company or some other type of organization.
2. Updates. sāf.ai may provide Updates to the software from time to time. Any Updates installed by Licensee are subject to the terms and conditions of this License.
3. Restrictions. Licensee shall not disclose, provide, or disseminate in any manner the Software (including the Documentation) or Confidential Information to any third party, including but not limited to its partners, affiliates or subsidiaries. Except to the extent contrary to any applicable laws, Licensee will not, and will not permit any third party to, sublicense, rent, copy, modify, create derivative works of, translate, reverse engineer, decompile, disassemble, or otherwise reduce to human perceivable form any portion of the Software or accompanying Documentation
4. Ownership. This Agreement is not an agreement of sale, and sāf.ai shall own and retain all right, title and interest in and to the Intellectual Property Rights in the Software and Documentation and any derivative works thereof, subject only to the license expressly set forth in Section 2(a) hereof. Except as expressly granted in the License, Licensee does not acquire any other rights, express or implied, in the Software, and ALL RIGHTS NOT EXPRESSLY GRANTED HEREUNDER ARE RESERVED TO SĀF.AI.
5. No Support Services. sāf.ai is under no obligation to support the Software in any manner or to provide any Updates to Licensee. In the event sāf.ai, in its sole discretion, supplies any Update to Licensee, the Update shall be deemed Software under this Agreement and shall be subject to the terms and conditions of this Agreement.
6. Third-Party Software. The Software may enable a computer to run multiple instances of third-party guest operating systems AND application programs. Licensee acknowledges that Licensee is responsible for obtaining any licenses necessary to operate any third-party software, including guest operating systems and application programs.
7. Open Source Software. Except Sections 6, 7, and 8, the terms and conditions of this Agreement shall not apply to any Open Source Software accompanying the Software. Any such Open Source Software is provided under the terms of the applicable open source license agreement or copyright notice accompanying such Open Source Software or included in the open source licenses file accompanying the Software. sāf.ai neither enlarges nor curtails Licensee's rights or obligations defined by any applicable open source license.
USAGE FEES AND PAYMENT.

The Community Edition is free to use up to the data limit specified in the Documentation or during the registration process.

The Base Version is free to use during the Trial Period. After the expiration of the Trial Period, or if Licensee registers for payment for the Base Version at any time during the Trial Period, the Base Version is subject to a usage fee-per-unit-data as indicated during the registration process. sāf.ai reserves the right to change the usage fee upon notice to you, and you may accept such changed usage fee or you may cease use of the Software at your discretion.

Licensee agrees to pay sāf.ai any fees for use of the Software as agreed to by Licensee during the registration process.
TERM AND TERMINATION.

Licensee's rights to use the Software shall continue until terminated in accordance with the terms and conditions of this Agreement. For the avoidance of doubt, Licensee's use of the Software shall at all times be subject to the Usage Fees and Payment terms set forth in Section 3.

Without prejudice to Licensee's payment obligations, Licensee may terminate Licensee's license at any time by uninstalling the Software.

sāf.ai may terminate Licensee's license if Licensee materially breaches this Agreement and Licensee fails to cure the breach within thirty (30) days of receiving sāf.ai's notice of the breach.

Upon any expiration or termination of this Agreement, the rights and licenses granted to Licensee under this Agreement shall immediately terminate, and Licensee shall immediately cease using, and will destroy or render practically inaccessible, the Software, Documentation, and all other tangible items in Licensee's possession or control that contain Confidential Information. The rights and obligations of the parties set forth in Sections 2, 3, 5, 6, 7 and 8 shall survive termination or expiration of this Agreement for any reason.
CONFIDENTIALITY.

"Confidential Information" shall mean the Software, all information regarding the Software (including any trade secrets, know-how, inventions, techniques, processes, and algorithms embodied in the Software), Documentation, any Updates, sāf.ai products, product road-maps, and other technical, business, financial and product development plans, forecasts and strategies, and other information provided by sāf.ai to Licensee under this Agreement, whether disclosed orally, in writing, or by examination or inspection, other than information that Licensee can demonstrate:

i. was already known to Licensee, other than under an obligation of confidentiality, at the time of disclosure;

ii. was generally available in the public domain at the time of disclosure to Licensee;

iii. became generally available in the public domain after disclosure other than through any act or omission of Licensee;

iv. was subsequently lawfully disclosed to Licensee by a third party without any obligation of confidentiality; or (v) was independently developed by Licensee without use of or reference to any information or materials disclosed by sāf.ai or its suppliers.

Licensee shall not disclose any Confidential Information to any third party except as expressly provided in this Agreement, and shall use at least the same degree of care that it uses to prevent the disclosure of its own confidential information of like importance, but in no event less than reasonable care, to prevent the disclosure of Confidential Information.

If Licensee wishes to disclose to sāf.ai any information under the Agreement that Licensee considers proprietary or confidential to Licensee ("Licensee Information"), then Licensee agrees such disclosure will be governed by a separate non-disclosure agreement ("NDA") by and between the parties.

If Licensee is required to disclose Confidential Information by applicable law or court order, Licensee shall notify sāf.ai of the required disclosure promptly in writing and shall cooperate with sāf.ai in any lawful action to contest or limit the scope of the required disclosure. Licensee shall not use any Confidential Information for any purpose other than as expressly authorized under this Agreement. In no event shall Licensee use the Software or any Confidential Information to develop, manufacture, market, sell, or distribute any product or service, including any sāf.ai products except as expressly set forth in this Agreement.

Licensee acknowledges that damages due to Licensee's improper disclosure of Confidential Information may cause irreparable harm and that monetary damages would be inadequate to compensate sāf.ai for any breach of this Agreement. The parties agree that sāf.ai shall be entitled to relief both at law and in equity, including injunctive relief and specific performance, in the event of any non-permitted disclosure or threatened non-permitted disclosure without proof of any actual or special damages and without the requirement that sāf.ai post a bond or other surety in connection with any such injunctive relief. Licensee acknowledges and agrees that any breach or threatened breach of the confidentiality provisions of this Agreement would be a material breach of this Agreement.
LIMITED WARRANTY AND DISCLAIMER. sāf.ai warrants that for a period of ninety (90) days from installation the Software will perform substantially in accordance with the Documentation ("Warranty"). Licensee's exclusive remedy and sāf.ai's entire obligation liability for any breach of the Warrantee is to repair or replace the software or refund to Licensee the price Licensee paid for the Software if a repair or replacement of the Software would, in sāf.ai's opinion, be unreasonable. The Warranty is conditioned upon Licensee providing sāf.ai with prompt written notice of the failure of the Software to perform substantially in accordance with the Documentation.

The Warranty shall not apply if (i) the Software is not used in accordance with the Documentation or this Agreement; (ii) any part of the Software has been modified by any entity other than sāf.ai; or (iii) a malfunction in the Software has been caused by any equipment or software not supplied by sāf.ai.

EXCEPT FOR THE WARRANTY, THE SOFTWARE IS PROVIDED "AS IS" AND WITH ALL FAULTS. TO THE EXTENT PERMITTED BY LAW, SĀF.AI MAKES NO OTHER REPRESENTATIONS OR WARRANTIES OF ANY KIND REGARDING THE SOFTWARE AND DISCLAIMS ALL OTHER OBLIGATIONS AND LIABILITIES, OR EXPRESS OR IMPLIED WARRANTIES REGARDING THE SOFTWARE, INCLUDING the IMPLIED WARRANTIES OF MERCHANTABILITY, QUALITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE, NON-INFRINGEMENT, OR SYSTEMS INTEGRATION. SĀF.AI MAKES NO WARRANTY, REPRESENTATION OR GUARANTEE AS TO THE SOFTWARE'S USE OR PERFORMANCE, OR THAT THE OPERATION OF THE SOFTWARE WILL BE FAIL-SAFE, UNINTERRUPTED OR FREE FROM ERRORS OR DEFECTS.

THE SOFTWARE MAY FAIL AND IS NOT DESIGNED, DEVELOPED, TESTED, OR INTENDED FOR USE IN OR WITH HIGH-RISK SYSTEMS REQUIRING FAILSAFE PERFORMANCE, SUCH AS THE OPERATION OF NUCLEAR FACILITIES, VEHICLE NAVIGATION OR COMMUNICATION SYSTEMS, LIFE-SUPPORT SYSTEMS, OR OTHER SYSTEMS IN WHICH THE FAILURE OF THE SOFTWARE COULD LEAD DIRECTLY TO DEATH, PERSONAL INJURY, OR SEVERE PHYSICAL OR ENVIRONMENTAL DAMAGE. SĀF.AI HAS NO RESPONSIBILITY FOR, AND LICENSEE SHALL INDEMNIFY AND HOLD HARMLESS SĀF.AI FROM, ALL CLAIMS, SUITS, DEMANDS, AND PROCEEDINGS ALLEGING, CLAIMING, SEEKING, OR ASSERTING ANY LIABILITY, LOSS, OBLIGATION, RISK, COST, DAMAGE, AWARD, PENALTY, SETTLEMENT, JUDGMENT, FINE, OR EXPENSES (INCLUDING ATTORNEYS FEES) ARISING FROM OR IN CONNECTION WITH LICENSEE'S USE OF THE SOFTWARE ON OR IN A HIGH-RISK SYSTEM.

LIMITATION OF LIABILITY. FOR THE BASE VERSION, EACH PARTY'S ENTIRE AGGREGATE LIABILITY TO THE OTHER PARTY FOR CLAIMS UNDER OR RELATED TO THE SUBJECT MATTER OF THIS AGREEMENT WILL NOT EXCEED THE TOTAL PAYMENTS PAID OR PAYABLE BY LICENSEE TO SĀF.AI IN THE SIX (6) MONTHS PRIOR TO THE CLAIM. FOR THE COMMUNITY EDITION, EACH PARTY'S ENTIRE AGGREGATE LIABILITY TO THE OTHER PARTY FOR CLAIMS UNDER OR RELATED TO THE SUBJECT MATTER OF THIS AGREEMENT WILL NOT EXCEED ONE HUNDRED DOLLARS ($100 USD). TO THE FULLEST EXTENT PERMITTED BY LAW, IN NO EVENT SHALL LICENSEE OR SĀF.AI OR ITS LICENSORS HAVE LIABILITY FOR ANY INCIDENTAL, SPECIAL, CONSEQUENTIAL OR OTHER INDIRECT DAMAGES OR DAMAGES FOR LOSS OF PROFITS, LOSS OF USE, BUSINESS INTERRUPTION, OR LOSS OF BUSINESS INFORMATION, HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY (INCLUDING WITHOUT LIMITATION, TORT, STATUTE, CONTRACT OR OTHER), EVEN IF SĀF.AI AND ITS LICENSORS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. THESE LIMITATIONS SHALL APPLY NOTWITHSTANDING ANY FAILURE OF ESSENTIAL PURPOSE OF ANY LIMITED REMEDY. THE PARTIES ACKNOWLEDGE THAT THE VARIOUS CONSIDERATIONS DUE TO SĀF.AI IN ACCORDANCE WITH THE TERMS OF THIS AGREEMENT WERE TAKEN INTO ACCOUNT IN DETERMINING THE LIMITATION OF LIABILITY SET FORTH IN THIS SECTION 6. LICENSEE ACKNOWLEDGES AND AGREES THIS LIMITATION IS AN ESSENTIAL ELEMENT OF THIS AGREEMENT AND THAT SĀF.AI WOULD NOT ENTER INTO THIS AGREEMENT WITHOUT THESE LIMITATIONS ON ITS LIABILITY.
INDEMNIFICATION

Licensee shall indemnify and defend sāf.ai and its officers, directors, employees, contractors, agents, and affiliates against all claims, liabilities, and expenses, including court costs and reasonable attorney fees, as a result of or in connection with

i) Licensee's failure to obtain any consent, authorization, or license required for sāf.ai's use or handling of data, software, materials, systems, networks, or the technology provided by Licensee;

ii) Licensee's use of the Software in a manner not expressly permitted by this Agreement including any manner inconsistent with the Documentation;

iii) any violation by Licensee of applicable laws; and

iv) any reasonable costs and attorney fees required for sāf.ai to respond to a subpoena, court order, or other official government inquiry regarding Licensee's use of the Software.

sāf.ai shall indemnify and defend Licensee against third party claims asserted against Licensee in a suit or action for direct patent infringement, direct copyright infringement, or direct trade secret misappropriation.

Notwithstanding anything to the contrary in this Agreement, sāf.ai shall not indemnify or defend Licensee for claims asserted, in whole or in part, against

i) technology, designs, or requirements given by Licensee to sāf.ai, or

ii) any modification to the Software made by anyone other than sāf.ai.

sāf.ai may, at its sole discretion and at its own expense, with respect to any Software that is subject to a claim

i) procure Licensee with the right to continue using the Software;

ii) replace the Software with a non-infringing version of the Software; or

iii) modify the Software so that it becomes non-infringing.

Promptly upon learning of any claim for which indemnification is sought from the indemnifying party, the indemnified party shall notify the indemnifying party of such claim and shall furnish to the indemnifying party all information known and reasonably available to the indemnified party related to such claim; provided that any failure to comply with the provisions of this clause shall not relieve the indemnifying party of its indemnification obligations except to the extent such failure shall have adversely prejudiced the indemnifying party. Through counsel of its own choosing, the indemnified party has the right to participate in (but not control the defense of) any proceeding in which it is being indemnified under this Agreement, but in such event the indemnified party will be solely responsible for paying the legal fees and expenses for its own counsel. The indemnifying party will, however, continue to be solely responsible for all other expenses relating to the action, including legal fees and expenses of the counsel it selects to defend the claims. The indemnifying party shall not take any action, which unreasonably exposes the indemnified party to a risk of damages, which would not be covered by such indemnity, and may not settle any matter without the prior written consent of the indemnified party, which shall not be unreasonably withheld, conditioned or delayed.
OTHER PROVISIONS
1. Governing Law, Injunctive Relief and Legal Costs.
  1. Choice of Law; Choice of Forum. This Agreement and any dispute arising out of or related to this Agreement or the Software ("Dispute") will be governed by the laws of the State of Maryland, without regard to its choice of law principles. The United Nations Convention for the International Sale of Goods shall not apply. Any legal action or proceeding with respect to this Agreement shall be brought in the state or federal courts of the State of Maryland.
  2. Injunctive Relief. Either party may, at its sole discretion, seek preliminary judicial relief in any court of competent jurisdiction (including, but not limited to, preliminary injunctive relief). Also, the provisions of this Section 9(a) may be enforced by any court of competent jurisdiction.
  3. Export Regulations. The Software is of United States origin and is provided subject to the U.S. Export Administration Regulations. Diversion contrary to U.S. law is prohibited. Without limiting the foregoing, you represent and warrant that i) you are not, and are not acting on behalf of, any person who is a citizen, national, or resident of, or who is controlled by the government of, Cuba, Iran, North Korea, Sudan, or Syria, or any other country to which the United States has prohibited export transactions; ii) you are not, and are not acting on behalf of, any person or entity listed on the U.S. Treasury Department list of Specially Designated Nationals and Blocked Persons, or the U.S. Commerce Department Denied Persons List or Entity List; and iii) you will not use the Software for, and will not permit the Software to be used for, any purposes prohibited by law, including, without limitation, for any prohibited development, design, manufacture or production of missiles or nuclear, chemical or biological weapons. U.S. Export Control Classification Numbers (ECCN's) may be found at sāf.ai documents page: https://www.saf.ai/docs/export-control.
2. Modification Waiver. This is the entire agreement between the parties relating to the subject matter hereof and to the fullest extent permitted by law, all other terms, representations, negotiations, arrangements or understandings are rejected. This Agreement supersedes and replaces any other agreements, representations, negotiations, arrangements or understandings between the parties and Licensee hereby waives any form requirements that may be contained in previous agreements and agrees that this Agreement shall take precedent with respect to its subject matter. No party has entered into this Agreement relying on any representations made by or on behalf of the other, other than those expressly made in this Agreement. No waiver or modification of this Agreement shall be valid unless in writing signed by each party specifying the provision to be waived. A party's failure or delay in enforcing any provision of this Agreement will not operate as a waiver of the right to enforce that provision or any other provision of this Agreement at any time.
3. Language of Contract. The parties have required that this Agreement and all documents relating thereto be drawn up in English, and that notwithstanding the existence of a translation of this Agreement into any other language, the English language version of this Agreement shall control.
4. Severability. If any provision of this Agreement is held to be illegal, invalid or unenforceable, the provision will be enforced to the maximum extent permissible so as to effect the intent of the parties, and the remaining provisions of this Agreement will remain in full force and effect.
5. Waivers. Any waiver of these terms must be in writing and signed by the waiving party to be effective.
6. Force Majeure. Neither party shall be liable for any delay or failure in performance arising out of acts or events beyond its reasonable control, including natural disasters, labor disputes, embargoes, requirements imposed by Government regulation, civil or military authorities, judicial decisions, acts of God or by the public enemy.
7. Data Collection and Privacy; Consent for Collection and Use of Technical Data. By entering into this Agreement, or using the Software, you agree to the saf.ai privacy policy available at https://docs.saf.ai/policies/privacy-policy.html, and that sāf.ai may periodically collect, process and store technical and related information about your device, system, application, peripherals and your use of the Software, including without limitation: internet protocol address, hardware identification, operating system, application software, peripheral hardware, number of active plugins and software development kits, the successful installation and launch of Software, and Software usage statistics (collectively, "Technical Data"). The collection of Technical Data may be necessary to provide Licensee with Software, Updates, and relevant support. sāf.ai may use Technical Data for internal statistical and analytical purposes to facilitate support, invoicing or online services, the provisioning of updates, and the development of sāf.ai products and services. sāf.ai may transfer Technical Data to other companies affiliated or employed by sāf.ai from time to time.
8. Log Files. You acknowledge that correspondence and log files generated in conjunction with a request for support services may contain sensitive, confidential or personal information. You are solely responsible for taking the steps necessary to protect such data, including obfuscating the logs or otherwise guarding such information prior to sending it to sāf.ai.
9. Independent Parties. The parties are independent contractors, and nothing in this Agreement shall be construed to create a partnership, joint venture, contractor, employment, or agency relationship between the parties. This Agreement is not intended to create third-party beneficiary of any kind.
10. Notices. Any notice given under or in relation to this Agreement must be in writing, signed by or on behalf of the party giving it, and addressed to the saf.ai Head-Quarters address as specified on our website at https://saf.ai/contact-us; or to Licensee, at the contact information Licensee provided when registering for the Software. Notices will be considered delivered when received if delivered by hand with receipt; the next business day after sending it by pre-paid, nationally-recognized, overnight air courier with tracking capabilities; or five (5) business days after being sent by registered or certified airmail, return receipt required, postage prepaid, to the address mentioned above.
11. Assignment. Licensee shall not and cannot assign this Agreement or any rights or obligations hereunder, directly or indirectly, by operation of law, merger, acquisition of stock or assets, or otherwise without the prior written consent of sāf.ai. Any attempted assignment or transfer in violation of the foregoing will be null and void. Subject to the foregoing, this Agreement shall inure to the benefit of and be binding upon the parties and their respective successors and permitted assigns.

CONTACT INFORMATION

If you have any questions about this Agreement, please direct all correspondence to: sāf.ai, Inc. 7200 Wisconsin Avenue, Suite 302, Bethesda, MD 20814, United States of America.

Last Updated: July 2020.

sāf.ai -- Cybernetic Engram Filesystem

BETA END USER LICENSE AGREEMENT

NOTE: BY CLICKING "I AGREE," ACCESSING, DOWNLOADING, INSTALLING, UPLOADING, COPYING OR USING THE BETA SOFTWARE, YOU CONCLUDE AND AGREE TO THIS BETA LICENSE AGREEMENT ("AGREEMENT") IN A LEGALLY BINDING MANNER WITH SĀF.AI, INC. ("sāf.ai"). IF YOU HAVE SPECIFIED IN CONNECTION WITH THE REGISTRATION PROCESS FOR THIS SOFTWARE BETA TEST PROGRAM THAT YOU ARE ACTING ON BEHALF OF A COMPANY OR OTHER ORGANIZATION, YOU REPRESENT THAT YOU ARE AUTHORIZED TO LEGALLY BIND SUCH ORGANIZATION AND THAT YOU CONCLUDE THE AGREEMENT ON BEHALF OF SUCH ORGANIZATION. IN THE FOLLOWING, THE TERMS "YOU" AND "LICENSEE" SHALL REFER, JOINTLY AND SEVERALLY, TO YOU INDIVIDUALLY AND ANY ORGANIZATION ON WHOSE BEHALF YOU ACT.

If you do not agree to the terms of this beta license Agreement, then do not click "I AGREE," access, download, install, upload, copy or use the Beta Software.

DEFINITIONS.
1. "Beta Software" shall mean the beta version of sāf.ai's software and the media and Documentation provided by sāf.ai to Licensee and for which Licensee is granted a use license pursuant to this Agreement. The Beta Software will be provided in object form only.
2. "Documentation" shall mean the printed or online written reference material furnished to Licensee in conjunction with the Beta Software, including, without limitation, instructions, beta testing guidelines, and end user guides.
3. "Intellectual Property Rights" shall mean all intellectual property rights, including, without limitation, patent, copyright, trademark, and trade secret, recognized in any jurisdiction worldwide, whether perfected or not, and any similar and other proprietary rights.
4. "Open Source Software" means code that is provided with the Beta Software and identified as open source code or otherwise as being subject to open source license terms.
5. "Updates" shall mean a modification, error correction, bug fix, new release, or other update to or for the Beta Software.
LICENSE GRANT, USE AND OWNERSHIP.
1. Limited License. Subject to the terms and conditions of this Agreement, sāf.ai grants to Licensee a non-exclusive, revocable (at any time and for any reason, at sāf.ai's sole discretion), royalty-free, non-transferable, non-assignable license (without the right to sublicense):
  
  i. to use the Beta Software in accordance with the Documentation solely for purposes of internal testing and evaluation to determine whether or not to license generally available commercial versions of the Beta Software if such versions ever become available,
  
  ii. to use the Documentation provided with the Beta Software in support of Licensee's authorized use of the Beta Software; and
  
  iii. to copy Beta Software for Licensee's archival or backup purposes, provided that all titles and trademarks, copyright, and restricted rights notices are reproduced on such copies.
2. Evaluation Feedback. The purpose of this limited license is the testing and evaluation of the Beta Software and Documentation. In furtherance of this purpose, Licensee shall provide feedback to sāf.ai concerning the functionality and performance of the Beta Software from time to time as reasonably requested by sāf.ai, including, without limitation, identifying potential errors and improvements (collectively, the "Feedback"). Licensee will provide Feedback in a manner that is mutually agreeable to the parties. sāf.ai may use Feedback, without restriction in any manner now known or in the future conceived, to improve or enhance its products and, accordingly, and you hereby grant to sāf.ai a non-exclusive, perpetual, irrevocable, royalty-free, transferable, worldwide right and license, with the right to sublicense
  
  i. to use, reproduce, disclose, distribute, modify, prepare derivative works of and otherwise exploit the Feedback and other information you provide to sāf.ai under this Agreement, and
  
  ii. to make, use, sell, offer to sell, import and export any product or service that incorporates the Feedback and other information you provide to sāf.ai under this Agreement.
3. Restrictions. Licensee shall not disclose, provide, or disseminate in any manner the Beta Software (including the Documentation) or Confidential Information to any third party, including but not limited to its partners, affiliates or subsidiaries. Except to the extent contrary to any applicable laws, Licensee will not, and will not permit any third party to, sublicense, rent, copy, modify, create derivative works of, translate, reverse engineer, decompile, disassemble, or otherwise reduce to human perceivable form any portion of the Beta Software or accompanying Documentation. Without limiting the generality of the foregoing, Licensee shall not use the Beta Software for Licensee's product development or any other commercial purpose, including, but not limited to sales or marketing activities, except as expressly permitted in this Agreement. The Beta Software and all performance data and test results, including without limitation, benchmark test results (collectively "Performance Data"), relating to the Beta Software are the Confidential Information of sāf.ai, and will be treated in accordance with the terms of Section 4 of this Agreement. Accordingly, Licensee shall not publish or disclose to any third party any Performance Data relating to the Beta Software.
4. Ownership. sāf.ai shall own and retain all right, title and interest in and to the Intellectual Property Rights in the Beta Software and any derivative works thereof, subject only to the limited license expressly set forth in Section 2(a) hereof. Licensee does not acquire any other rights, express or implied, in the Beta Software. ALL RIGHTS NOT EXPRESSLY GRANTED HEREUNDER ARE RESERVED TO SĀF.AI.
5. No Support Services. sāf.ai is under no obligation to support the Beta Software in any manner or to provide any Updates to Licensee. In the event sāf.ai, in its sole discretion, supplies any Update to Licensee, the Update shall be deemed Beta Software under this Agreement and shall be subject to the terms and conditions of this Agreement.
6. Third-Party Software. The Beta Software may enable a computer to run multiple instances of third-party guest operating systems and application programs. Licensee acknowledges that Licensee is responsible for obtaining any licenses necessary to operate any third-party software, including guest operating systems and application programs.
7. Open Source Software. Except Sections 5, 6, and 7, the terms and conditions of this Agreement shall not apply to any Open Source Software accompanying the Beta Software. Any such Open Source Software is provided under the terms of the applicable open source license agreement or copyright notice accompanying such Open Source Software or included in the open source licenses file accompanying the Beta Software.
TERM AND TERMINATION. Unless otherwise terminated as specified under this Agreement, Licensee's rights with respect to the Beta Software will terminate upon the earlier of (i) the date on which Licensee breaches any of the terms of this Beta Agreement, or (ii) 45 day automatic expiration of the Beta Software License based on the system date. Either party may terminate this Agreement at any time for any reason or no reason by providing the other party advance written notice thereof. Licensee agrees that this Agreement will automatically terminate without notice in the event Licensee discloses the Beta Software in breach of Section 4 (Confidentiality) below. Upon any expiration or termination of this Agreement, the rights and licenses granted to Licensee under this Agreement shall immediately terminate, and Licensee shall immediately cease using, and will destroy or render practically inaccessible the Beta Software, Documentation, and all other tangible items in Licensee's possession or control that contain Confidential Information. The rights and obligations of the parties set forth in Sections 2.2, 2.3, 2.4, 2.5, 2.6, 2.7, 3, 4, 5, 6, 7 and 8 survive termination or expiration of this Agreement for any reason.
CONFIDENTIALITY.
1. "Confidential Information" shall mean the Beta Software, all information regarding the Beta Software (including any trade secrets, know-how, inventions, techniques, processes, and algorithms embodied in the Beta Software), Documentation, Performance Data, any Updates, sāf.ai products, product roadmaps, and other technical, business, financial and product development plans, forecasts and strategies, and other information provided by sāf.ai to Licensee under this Agreement, whether disclosed orally, in writing, or by examination or inspection, other than information that Licensee can demonstrate:
  
  (i) was already known to Licensee, other than under an obligation of confidentiality, at the time of disclosure;
  
  (ii) was generally available in the public domain at the time of disclosure to Licensee;
  
  (iii) became generally available in the public domain after disclosure other than through any act or omission of Licensee;
  
  (iv) was subsequently lawfully disclosed to Licensee by a third party without any obligation of confidentiality; or
  
  (v) was independently developed by Licensee without use of or reference to any information or materials disclosed by sāf.ai or its suppliers.
  
  If Licensee wishes to disclose to sāf.ai any information under this Agreement that Licensee considers proprietary or confidential to Licensee ("Licensee Information"), then Licensee agrees such disclosure will be governed by a separate non-disclosure agreement ("NDA") by and between the parties.
  
  If Licensee is required to disclose Confidential Information by applicable law or court order, Licensee shall notify sāf.ai of the required disclosure promptly in writing and shall cooperate with sāf.ai in any lawful action to contest or limit the scope of the required disclosure. Licensee shall not use any Confidential Information for any purpose other than as expressly authorized under this Agreement. In no event shall Licensee use the Beta Software or any Confidential Information to develop, manufacture, market, sell, or distribute any product or service, including any sāf.ai products except as expressly set forth in this Agreement. Licensee shall not disclose any Confidential Information to any third party. Without limiting the foregoing, Licensee shall use at least the same degree of care that it uses to prevent the disclosure of its own confidential information of like importance, but in no event less than reasonable care, to prevent the disclosure of such Confidential Information.
2. Additional Confidentiality Restrictions for Highly Confidential Beta Software. For certain Beta Software designated by sāf.ai in writing as highly confidential ("Highly Confidential Beta Software"), Licensee agrees that the following, additional confidentiality obligations and restrictions will apply:
  
  i. Licensee shall limit dissemination of Highly Confidential Beta Software and related information concerning product features, future technologies and roadmaps only to Information Technology teams and/or software/solutions development teams of Licensee approved in writing by sāf.ai, and only to individuals on such teams on a need-to-know basis and solely for purposes expressly authorized under this Agreement. For clarity and without limiting the generality of the foregoing, Licensee shall not disseminate any Highly Confidential Beta Software to Licensee's sales and marketing field organizations. Licensee will assign an employee who will be primarily responsible for ensuring Licensee's full compliance with the terms described in this Section 4(b) herein.
  
  ii. Improper Disclosure of Highly Confidential Beta Software. Licensee acknowledges that damages due to Licensee's improper disclosure of Highly Confidential Beta Software or related information concerning product features, future technologies and roadmaps may be irreparable and that monetary damages would be inadequate to compensate sāf.ai for any breach of this Agreement. In the event that sāf.ai reasonably believes that Licensee has disseminated Highly Confidential Beta Software or related information concerning product features, future technologies and roadmaps to an unauthorized party, Licensee will be immediately removed from sāf.ai's Beta Software program and will not be permitted to participate in any sāf.ai Beta Software program in the future. Additionally, all rights and licenses granted to Licensee under this Agreement shall immediately terminate in accordance with Section 3 herein (Term and Termination), and (b) in addition to all other remedies available in law or otherwise, sāf.ai is entitled to seek equitable relief, including injunction and preliminary injunction against the threatened breach of this Agreement or the continuation of any such breach.
LIMITATION OF LIABILITY

IT IS UNDERSTOOD THAT THE BETA SOFTWARE IS PROVIDED WITHOUT CHARGE FOR THE PURPOSES EXPRESSLY PERMITTED UNDER THIS AGREEMENT. ACCORDINGLY, TO THE FULLEST EXTENT PERMITTED BY LAW, BUT SUBJECT ALWAYS TO THIS SECTION 5, THE TOTAL LIABILITY OF SĀF.AI AND ITS LICENSORS ARISING OUT OF OR RELATED TO THIS AGREEMENT SHALL NOT EXCEED $1.00. TO THE FULLEST EXTENT PERMITTED BY LAW, IN NO EVENT SHALL SĀF.AI OR ITS LICENSORS HAVE LIABILITY FOR ANY INDIRECT, INCIDENTAL, SPECIAL, OR CONSEQUENTIAL DAMAGES OR DAMAGES FOR LOSS OF BUSINESS PROFITS, BUSINESS INTERRUPTION, OR LOSS OF BUSINESS INFORMATION, HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY (INCLUDING WITHOUT LIMITATION, TORT, STATUTE, CONTRACT OR OTHER), EVEN IF sāf.ai AND ITS LICENSORS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. THESE LIMITATIONS SHALL APPLY NOTWITHSTANDING ANY FAILURE OF ESSENTIAL PURPOSE OF ANY LIMITED REMEDY. THE PARTIES ACKNOWLEDGE THAT THE VARIOUS CONSIDERATIONS DUE TO SĀF.AI IN ACCORDANCE WITH THE TERMS OF THIS AGREEMENT WERE TAKEN INTO ACCOUNT IN DETERMINING THE LIMITATION OF LIABILITY SET FORTH IN THIS SECTION 5. LICENSEE ACKNOWLEDGES AND AGREES THIS LIMITATION IS AN ESSENTIAL ELEMENT OF THIS AGREEMENT AND THAT SĀF.AI WOULD NOT ENTER INTO THIS AGREEMENT WITHOUT THESE LIMITATIONS ON ITS LIABILITY.
WARRANTY DISCLAIMER

IT IS UNDERSTOOD THAT THE BETA SOFTWARE, OPEN SOURCE SOFTWARE, DOCUMENTATION, AND ANY UPDATES MAY CONTAIN ERRORS AND ARE PROVIDED FOR THE PURPOSES EXPRESSLY PERMITTED UNDER THIS AGREEMENT. TO THE FULLEST EXTENT PERMITTED BY LAW, AND SUBJECT TO SECTION 5, THE BETA SOFTWARE, THE OPEN SOURCE SOFTWARE, THE DOCUMENTATION, AND ANY UPDATES ARE PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND, WHETHER EXPRESS, IMPLIED, STATUTORY, OR OTHERWISE. TO THE FULLEST EXTENT PERMITTED BY LAW, AND SUBJECT TO SECTION 5, SĀF.AI AND ITS LICENSORS SPECIFICALLY DISCLAIM ALL IMPLIED WARRANTIES OF MERCHANTABILITY, NONINFRINGEMENT, AND FITNESS FOR A PARTICULAR PURPOSE. Licensee acknowledges that sāf.ai may not publicly announced the availability of the Beta Software, that such Beta Software may contain features currently under development, that sāf.ai has not promised or guaranteed to Licensee that such Beta Software will be announced or made available to anyone in the future, that sāf.ai has no express or implied obligation to Licensee to announce or introduce the Beta Software, that sāf.ai may not introduce a product similar to or compatible with the Beta Software, and that any version number (if any) referenced is subject to change and does not in any way represent sāf.ai's commitment to release any product in the future. Accordingly, Licensee acknowledges that any research or development that it performs regarding the Beta Software or any product associated with the Beta Software is done entirely at Licensee's own risk. Specifically, the Beta Software may contain features, functionality or modules that may not be included in the generally available commercial version of the Beta Software, if released, or that will be marketed separately for additional fees.
OTHER PROVISIONS
1. Governing Law, Injunctive Relief and Legal Costs.
  
  i. Choice of Law. This Agreement and any dispute arising out of or related to this Agreement or the Beta Software ("Dispute") will be governed by Maryland law, without regard to its choice of law principles. The United Nations Convention for the International Sale of Goods shall not apply.
  
  ii. Injunctive Relief. Either party may, at its sole discretion, seek preliminary judicial relief in any court of competent jurisdiction (including, but not limited to, preliminary injunctive relief). Also, the provisions of this Section 7(a) may be enforced by any court of competent jurisdiction.
2. Export Regulations. The Beta Software is of United States origin and is provided subject to the U.S. Export Administration Regulations. Diversion contrary to U.S. law is prohibited. Without limiting the foregoing, you agree that (1) you are not, and are not acting on behalf of, any person who is a citizen, national, or resident of, or who is controlled by the government of, Cuba, Iran, North Korea, Sudan, or Syria, or any other country to which the United States has prohibited export transactions; (2) you are not, and are not acting on behalf of, any person or entity listed on the U.S. Treasury Department list of Specially Designated Nationals and Blocked Persons, or the U.S. Commerce Department Denied Persons List or Entity List; and (3) you will not use the Beta Software for, and will not permit the Beta Software to be used for, any purposes prohibited by law, including, without limitation, for any prohibited development, design, manufacture or production of missiles or nuclear, chemical or biological weapons. U.S. Export Control Classification Numbers (ECCN's) may be found at sāf.ai documents page: https://docs.saf.ai/export-control.
3. Modification. This is the entire agreement between the parties relating to the subject matter hereof and to the fullest extent permitted by law, all other terms, representations, negotiations, arrangements or understandings are rejected. This Agreement supersedes and replaces any other agreements, representations, negotiations, arrangements or understandings between the parties and Licensee hereby waives any form requirements that may be contained in previous agreements and agrees that this Agreement shall take precedent with respect to its subject matter. No party has entered into this Agreement relying on any representations made by or on behalf of the other, other than those expressly made in this Agreement. No waiver or modification of this Agreement shall be valid unless in writing signed by each party.
4. Language of Contract. The parties have required that this Agreement and all documents relating thereto be drawn up in English.
5. Severability. If any provision of this Agreement is held to be illegal, invalid or unenforceable, the provision will be enforced to the maximum extent permissible so as to effect the intent of the parties, and the remaining provisions of this Agreement will remain in full force and effect.
6. Waivers. Any waiver of these terms must be in writing and signed by the waiving party to be effective.
7. Data Collection and Privacy.
  
  i. Consent for Collection and Use of Technical Data. You agree that sāf.ai may periodically collect, process and store technical and related information about your device, system, application, peripherals and your use of the Beta Software, including without limitation: internet protocol address, hardware identification, operating system, application software, peripheral hardware, number of active plugins and software development kits, the successful installation and launch of Beta Software, and Beta Software usage statistics (collectively, "Technical Data"). sāf.ai will use Technical Data for internal statistical and analytical purposes to facilitate support, invoicing or online services, the provisioning of updates, and the development of sāf.ai products and services. sāf.ai may transfer Technical Data to other companies in affiliated or employed by sāf.ai from time to time.
  
  ii. Log Files. You acknowledge that correspondence and log files generated in conjunction with a request for support services may contain sensitive, confidential or personal information. You are solely responsible for taking the steps necessary to protect such data, including obfuscating the logs or otherwise guarding such information prior to sending it to sāf.ai.
8. Independent Parties. The parties are independent. Nothing in this Agreement shall be construed to create a partnership, joint venture, contractor, or agency relationship between the parties.
ASSIGNMENT.

Licensee shall not and cannot assign this Agreement or any rights or obligations hereunder, directly or indirectly, by operation of law, merger, acquisition of stock or assets, or otherwise without the prior written consent of sāf.ai. Any attempted assignment or transfer in violation of the foregoing will be null and void. Subject to the foregoing, this Agreement shall inure to the benefit of and be binding upon the parties and their respective successors and permitted assigns.
CONTACT INFORMATION.

If you have any questions about this Agreement, please direct all correspondence to: sāf.ai, Inc. 7200 Wisconsin Avenue, Suite 302, Bethesda, MD 20814, United States of America.

Code of Conduct

saf.ai's Commitment to Our Employees, Consumers & Business Partners

A message from leadership

Hi Friends,

Reflecting on the journey that we are starting, there will be many achievements and milestones along our way. We may be able to recall and recount them in the future, however we won't be able to pin down the date we earn the trust of our consumers and those that we do business with, because it doesn't happen in a day.

It happens over the course of years, and will grow as users derive more and more value from our products.

Being in cybersecurity, trust is our core asset. And it's one of the most fragile. One incident, one news story, one careless comment, and the trust we work so hard to earn can be lost. That's why the way we conduct our business is as important as the products we sell. Our Code of Conduct provides us with the resources and the information we need to operate our business responsibly, to make ethical decisions ... to maintain trust.

I encourage you to read our Code and use it to guide your actions.

Strive to do good in all that you do and remain true to the vision we are building together. Speak up if you have a concern or see something wrong, and seek guidance anytime you are unsure about the right thing to do.

We are proud of all that we have accomplished together and humbled to lead this great company. We know that, together, we'll continue to make a positive difference.

Ahmed Masud

President,

Begin Here

Our Code reflects who we are and what's important to us.

It provides an overview of the laws, regulations and company policies that apply to us and the work we do, but it does more than that. It builds upon our shared values. That's why we count on every employee and Board member to follow our Code and make decisions that will preserve the trust that others have placed in us. We expect nothing less from our business partners, including our consultants, distributors, technology partners and suppliers, as well as our subsidiaries and joint venture partners.

We understand the responsibility we have to communicate with them about our high standards of integrity and cannot ask them to violate any of our values and operating principles. Our Code is a great resource, but it doesn't cover every situation you may face on the job, so it's important to use good judgment in everything you do and to ask for help if you're ever unsure about the right course of action.

KNOW YOUR RESPONSIBILITIES

Our good name is in your hands.

No matter what position you're in, what your job function is, or or where you do it, you are sāf.ai.

Think about that as you watch over every business relationship, every transaction and every product, and make sure your actions always reflect our values.

Follow our Code and policies as well as the laws and regulations of the country (or countries) where you work, and protect what we've built. And, complete your assigned training---it's the best way to stay up-to-date on what's expected of you.

If you see or suspect anything illegal or unethical, it may seem easier to look the other way or let someone else take the lead, but misconduct affects all of us. No concern is too minor to report. Share your concerns promptly and cooperate fully and honestly in any internal investigation. Be aware that anyone who violates our Code may face corrective action, up to and including termination of employment with sāf.ai.

If you manage people, you have an even greater responsibility. Lead by example, making sure your team members know the Code is a resource for them and that there is no difference between what you do and what you expect from others. Create the kind of workplace where employees feel comfortable coming forward with questions and concerns, and support them when they raise issues. Never retaliate against employees for sharing concerns in good faith, and prevent retaliation by others.

SPEAK UP WITHOUT FEAR

What if?

I suspect---but am not certain---that someone is violating our Code, should I keep my concerns to myself?

No. If you suspect a violation, say something. It's better to raise a potential problem than to wait and risk harm to others or to the company. Reporting "in good faith" means you are coming forward honestly with information that you believe to be true, even if, after investigation, it turns out that you were mistaken.

Culturally, it's not common to report a concern about someone that is in a leadership position. What should I do?

It's important to say something about your concerns. saf.ai respects its diverse workforce, considers various cultural norms when looking into concerns and takes all appropriate actions to protect the identity of the person who is sharing the information, as well as the information that's being shared.

We don't tolerate retaliation.

As a company we know it takes courage to come forward and share your concerns. We won't retaliate or permit retaliation against anyone who raises questions or concerns about corporate activities. We won't retaliate or permit retaliation against anyone who makes a good faith report about possible misconduct or legal violations to us or a government authority or assists in an investigation of misconduct or legal violation.

Regardless of who you contact, you can be confident that you're doing the right thing and that your concern will be handled promptly and appropriately. We investigate reports of misconduct thoroughly, disclosing information only to those who need it to resolve the issue.

KNOW WHERE TO GO FOR HELP

There are people ready to support you.

Have a question, problem or a concern? In most cases, your manager should be your first point of contact. They are likely in the best position to understand your concern and take the appropriate action. If you're uncomfortable speaking with your manager, or if you have already shared a concern and feel it's not being addressed appropriately, reach out to HR or another member of management or one of the following:

The CEO of the company.
One of the members of the saf.ai Board of Directors.

Nothing in the Code prohibits you from communicating with government agencies about possible violations of federal, state, or local laws or otherwise providing information to government agencies, filing a complaint with government agencies, or participating in government agency investigations or proceedings, and the Code does not require you to notify the Company of any such communications.

RESPECT OTHERS

We'll only be successful because of our amazing people.

We're one team, but we represent many ideas, experiences and backgrounds. We value each other's contributions and believe that everyone should have an equal chance to succeed---this is essential to advancing our goals and initiatives. Do your part to keep the saf.ai workplace a diverse, inclusive and respectful by driving a positive environment, and recognize the many strengths and talents our diverse colleagues bring to the workplace.

PROMOTE A SAFE SĀF.AI

We value the safety and security of every employee. We look out for each other. We follow our safety procedures and promote a culture of safety, because our people are our greatest asset.

Every employee is empowered to take immediate action for people safety regardless of role, title or responsibility. If you see a situation that could put others at risk, take action, and at all times and in all places, work to keep yourself and your coworkers injury-free.

Observe a zero-tolerance policy when it comes to acts or threats of violence. Be alert to what is going on around you, observe good security practices and speak up about any threats of potential violence.

Having, using or distributing alcohol or illegal drugs is also prohibited by our policies because substance abuse can impair your judgment, your performance and the safety of those who work with you. There may be instances where drinking alcoholic beverages while conducting company business is permitted, but make sure you comply with all laws and company policies and principles, and always exercise both moderation and good judgment.

UPHOLD HUMAN RIGHTS

What can you do?

Follow the employment laws where you work, be alert to abuses and speak up if you see or suspect possible labor law or human rights violations.

We are committed to fair employment practices everywhere we operate.

As a company, we respect the rights of every individual and abide by the employment laws in the markets where we operate. We support the principles established under the United Nations Universal Declaration of Human Rights and do not knowingly conduct business with any individual or company that participates in the exploitation of children (including child labor), physical punishment, forced or prison labor or human trafficking.

We expect our suppliers and partners to share our commitment to the same high standards.

See our statement on sāf.ai Statement Against Modern Slavery and Child Labor

KEEP PRIVATE INFORMATION PRIVATE

Good Practices.

It is important to practice good cyber-hygiene.

Know what kind of information is considered personal.
Follow the privacy laws and regulation of the country or countries where you work.

For details see our Cyber Security Policy

People trust us to protect their personal information.

We respect the privacy of our consumers, our customers, our coworkers and others with whom we conduct business, and we handle their personal information with care. "Personal information" is any information that could be used to identify someone, either directly or indirectly, such as a name, employee ID, email address or phone number. There are data privacy laws that prescribe how to responsibly collect, store, use, share, transfer and dispose of personal information, and we strive to comply with those laws everywhere we operate.

Follow our policies and protect any personal information that is entrusted to you. Use it only in the way it's meant to be used and don't share it with anyone inside or outside of the company in an unauthorized manner.

Practice good cybersecurity, too. Make sure you follow the processes and practices we have in place to protect our networks, computers, programs and data from attack, damage or unauthorized access.

Partners and suppliers may also be required to abide by the terms of Cyber Security Requirements for Partner Program as part of our partner program agreement(s).

NEVER BRIBE

What if?

A government official asked if I can help their daughter get an internship at our company. They say that they can make it worth my while.

Don't do it. "Worth your while" suggests that the government official may be planning to do something improper in exchange for the favor. You can provide the government employee information about an internship and allow his daughter to apply as all other candidates do. Doing anything more than that could be viewed as a bribe.

We compete for business based on the merit of our products.

That was the principle on which our very first sale was made, and it's the way we continue to do business today. Work honestly and with integrity. Don't offer bribes, accept bribes or let others bribe for you. And do everything you can to prevent bribery by others who conduct business on our behalf---as a company, we're not only responsible for your actions, but also the actions of any third-party who represents us.

Remember, a bribe can be something other than cash. A gift, a favor, even an offer of a loan or a job could be considered a bribe if it's offered in exchange for a decision. Before offering anything of value, check our policies and ask questions about what's okay, and what's not. The laws in some countries impose bigger penalties for bribing government officials, but for us, it's simple: bribery---of anyone, at any organization, at any level---is always wrong.

KNOW THE RULES ABOUT GIFTS AND ENTERTAINMENT

We don't give or receive anything that is inappropriate.

An occasional gift or offer of entertainment is often viewed as a normal part of doing business. But sometimes even a well-intentioned gift or offer can cross the line. And any gift that creates a sense of obligation or compromises your professional judgment is always inappropriate. That's why we have guidelines in place---to identify the circumstances under which an offer is okay---and when it's not.

Make sure you follow the rules, and be aware of any special restrictions. For example, giving anything of value to a government official can be problematic. Always ask for help from the Law Department if the right thing to do is unclear.

FOLLOW IMPORT, EXPORT AND TRADE COMPLIANCE RULES

We comply with the laws that govern global trade of our products.

As a United States-based company conducting business around the world, it's critical that we know and follow the international trade laws that regulate the import and export of our products.

If you are involved in the movement of products, services, information or technology across international borders, make sure you know and comply with the requirements associated with the countries in which you do business.

Be aware that the laws of more than one country may apply.

We must carefully evaluate business opportunities within countries that are subject to U.S. trade embargoes or economic sanctions and strive to ensure that the strict regulations governing these markets are evaluated. And we don't participate in or promote boycotts that the United States does not support.

PROTECT OUR ASSETS

We're good stewards of our physical, electronic and information assets.

Our assets include everything that our company owns or uses to conduct business. Each of us is entrusted with the care of these assets, so be proactive in safeguarding them from loss, damage, theft, waste and improper use.

Physical and electronic assets such as equipment, tools, inventory, computer hardware and software are provided in order for you to do your job.

Occasional personal use of assets such as phones, computers, email and the Internet is permitted, but make sure your use doesn't interfere with work (yours or anyone else's) and doesn't violate our policies or the law.

Be aware that anything you write, send, download or store on our systems is company property, and we may monitor your use---you shouldn't have any expectation of personal privacy when using our systems.

Information is also a critical asset. Confidential information and intellectual property represent the outcome of significant company investment and years of hard work. Trade secrets, patents, copyrights, trademarks, business plans, engineering ideas, databases, customer lists---when you help protect these assets, you help protect our competitive advantage.

sāf.ai Future

We are creating our future. As a young company it is up to us to decide what that will mean for us in the next decade and for our successors. At the end of the day it's up to us to hold firm to our principles and to hold each other accountable to the highest standards of integrity.

If you have any questions about this Code, please contact Ahmed Masud (President).

Bibliography and References

[1] Hershey Corporation, "Code of Conduct", 2018. [Online].

[2] Microsoft Corporation GitHub Code of Conduct.

[3] US Department of Defense Code of Conduct

sāf.ai Terms of Service

Terms of Service

These Terms of Service (the "Terms") and any accompanying or future Order Form you enter into with sāf.ai, Inc. ("sāf.ai" or "we") issued under these Terms (together with these Terms, the "Agreement") govern your access to and use of the services provided to you by sāf.ai (the "sāf.ai Services"). As set forth in an Order Form or as otherwise agreed to by sāf.ai, the sāf.ai Services may include one or more of the following: (a) subscription software data processing services (the "Platform Services"), (b) subscription support services ("Support Services"), (c) training services (the "Training Services"), (d) professional services (the "Professional Services"), or (e) any other services the parties agree in an Order Form that sāf.ai will provide. If you are acting on behalf of an entity, you represent and warrant that you are authorized to bind that entity to these Terms, in which case "Customer," "you," or "your" shall refer to that entity (otherwise, such terms refer to you as an individual). By accepting these Terms, either by executing these Terms separately or by executing an initial Order Form that indicates your acceptance of these Terms (an "Initial Order Form"), whether by signature or by clicking an "I Accept" button or checkbox, you agree in full to these Terms. If you do not have authority to bind your entity or do not agree with these Terms, you must not accept these Terms and may not use the sāf.ai Services. The "Effective Date" of these Terms is the earliest to occur of the effective date of the Initial Order Form, the date you execute these Terms, or the date you first access or use the sāf.ai Services.

In the event of conflict or inconsistency among the following documents, the order of precedence is as follows: (1) the Order Form; (2) a statement of work mutually agreed by by both parties, as applicable ("SOW"); (3) this Terms of Services agreement.

Certain Definitions. Certain terms not defined elsewhere in the Agreement are defined below in this Section. Capitalized terms used but not defined in an Order Form shall have the meaning assigned to them, if any, within these Terms.
1. "Acceptable Use Policy" means the acceptable use policy governing the Platform Services, made available at https://docs.saf.ai/policies/aup (or such other location as sāf.ai may provide, and as may be updated from time to time).
2. "Affiliate" of a party means an entity that Controls, is Controlled by, or is under common Control with such party.
3. "Applicable Data Protection Laws" means all world-wide data protection and privacy Laws applicable to the processing of the Personal Data in question, including without limitation to the extent applicable, those of the United States, the European Economic Area (including the European Union and their member states, Switzerland, and the United Kingdom) ("EEA"), Canada, Australia, Japan, and Singapore.
4. "Authorized User" means employees or agents of Customer (or other individuals solely to the extent explicitly permitted in an Order Form) selected by Customer to access and use the Subscription Services. "BAA" means a business associate agreement as defined by HIPAA (or substantively similar agreement if you are not in the United States and/or are not regulated by HIPAA), governing the parties' respective obligations with respect to any PHI that may be contained within Customer Content.
5. "Beta Service" means any sāf.ai Service (or feature of a sāf.ai Service) that is clearly designated as "beta", "experimental", "preview" or similar, that is provided prior to general commercial release, and that sāf.ai at its sole discretion offers to Customer, and Customer at its sole discretion elects to use.
6. "Cloud Provider" means, unless specified otherwise in an Order Form, Google Cloud Platform ("GCP").
7. "Confidential Information" means any business or technical information disclosed by either party to the other that is designated as confidential at the time of disclosure or that, under the circumstances, a person exercising reasonable business judgment would understand to be confidential or proprietary. Without limiting the foregoing, all Customer Content is considered to be Customer's Confidential Information, all non-public elements of the sāf.ai Services and any Beta Services are considered to be sāf.ai's Confidential Information, and the terms of this Agreement, any information that either party derives relating to the conduct or performance of the other party's personnel, services or Systems, and any information that either party conveys to the other party concerning data security measures, incidents, or findings constitute Confidential Information of both parties. Confidential Information shall not include information that the receiving party can demonstrate (a) is or becomes publicly known through no fault of the receiving party; (b) is, when it is supplied, already known to whoever it is disclosed to in circumstances in which they are not prevented from disclosing it to others; (c) is independently obtained by whoever it is disclosed to in circumstances in which they are not prevented from disclosing it to others; or (d) was independently developed by the receiving party without use of or reference to the Confidential Information.
8. "Control," "Controlled" or "Controlling" means, whether direct or indirect: (a) the beneficial ownership of more than fifty percent (50%) of the voting equity securities, or the substantively equivalent voting interests, of an entity; or (b) the ability to determine the strategic direction or operating decisions of an entity.
9. "Customer Cloud Environment" means the cloud environment provided by the Cloud Provider into which sāf.ai deploys the Customer Data Plane.
10. "Customer Content" means all Customer Data, Customer Instructional Input, and Customer Results.
11. "Customer Data" means the data, other than Customer Instructional Input, made available by Customer and its Authorized Users for processing by, or use within, the Subscription Services.
12. "Customer Data Plane" means the elements of the Platform Services deployed into the Customer Cloud Environment; the primary processing of Customer Data by the Platform Services occurs within the Customer Data Plane and this activity results in fees being charged to Customer by Cloud Provider (e.g., for EC2 compute resources in the Customer Cloud Environment). For the avoidance of doubt, the term Customer Data Plane does not include Customer-controlled storage, including but not limited to Customer's AWS S3 bucket (and for which Customer may incur separate charges).
13. "Customer Instructional Input" means information other than Customer Data that Customer inputs into the Platform Services to direct how the Platform Services process Customer Data, including without limitation the code and any libraries (including third party libraries) Customer utilizes within the Platform Services.
14. "Customer Results" means any output Customer or its Authorized Users generate from their use of the Platform Services.
15. "sāf.ai Control Plane" means the elements of the Platform Services residing within sāf.ai's Cloud Provider account, including without limitation the user interface of the Platform Services.
16. "Documentation" means the documentation related to the Platform Services located at https://docs.saf.ai/ (or such other location as sāf.ai may provide, and as may be updated from time to time).
17. "DPA" means the sāf.ai Data Processing Addendum applicable to sāf.ai Customers, available on the Effective date at https://docs.saf.ai/dpa.
18. "Excluded Claims" means claims arising from (a) personal injury or death caused by the negligence of a party, its employees or agents; (b) fraud or fraudulent misrepresentation; (c) sāf.ai's indemnification obligations for an IP Claim; or (d) Customer's indemnification obligations.
19. "Fees" means all amounts payable for sāf.ai Services under an applicable Order Form.
20. "HIPAA" means the Health Insurance Portability and Accountability Act of 1996, as amended and supplemented from time-to-time.
21. "Intellectual Property Rights" means all worldwide intellectual property rights available under applicable law including without limitation rights with respect to patents, copyrights, moral rights, trademarks, trade secrets, know-how, and databases.
22. "IP Claim" shall have the meaning assigned to such term in Section 8.1.
23. "Laws"means any international, federal, state, provincial or other local laws, rules, regulations, ordinances or judicial decisions enacted or issued by a court or other governmental authority of any country, state, province, county, city or other municipality, and any self-regulatory regimes applicable to Customer's use of the sāf.ai Services.
24. "Monthly PAYG Service" means the Platform Services provided on a month-to-month basis with payment based only on Customer's usage of the Platform Services during the billing month.
25. "Order Form" means an order form, online order (including click-thru setup of the Platform Services) or similar agreement, including any exhibits or attachments thereto, for the provision of sāf.ai Services, entered into by the parties, incorporated by reference into, and governed by, the Agreement.
26. "PCI-DSS" means the Payment Card Industry Data Security Standard.
27. "Personal Data" shall have the meaning given to such term (or substantively equivalent term) under the Applicable Data Protection Laws.
28. "PHI" means health information regulated by HIPAA or by any similar privacy Law governing the use of or access to health information.
29. "Subscription Services" means the Platform Services and Support Services.
30. "System" means any application, computing or storage device, or network.
sāf.ai Services.
1. Order Forms.
  
  a) Minimum Terms. Order Forms for sāf.ai Services shall identify: (i) specific sāf.ai Services to be provided, (ii) any limitations on permitted use that may differ from those set forth in these Terms, (iii) the service term or other timing considerations, (iv) Fees, (v) any applicable limitations on number or type of Authorized Users, and (vi) any other applicable terms and conditions ("Minimum Order Terms").
  
  b) Direct Orders; Reseller Orders. Customer may submit Order Forms directly through sāf.ai (each, a "Direct Order") or through a sāf.ai-authorized reseller ("Authorized Reseller", and such Order Form, a "Reseller Order"). Reseller Orders shall be agreed upon between the Authorized Reseller and Customer, and shall, unless otherwise agreed in writing by sāf.ai, include at least the Minimum Order Terms. Notwithstanding the foregoing, Customer acknowledges that any Reseller Order is subject to sāf.ai's prior approval and agrees that no term in any Reseller Order will be deemed to modify the Agreement unless pre-authorized in writing by sāf.ai.
2. Subscription Services.
  
  a) Authorized Users.
  
  i) Selecting Authorized Users. If we have agreed to provide you with Subscription Services, you may select Authorized Users to access and use the Subscription Services, subject to the restrictions set forth below and to any numeric or other limits established in an Order Form or as otherwise agreed to by the parties. You must obtain separate credentials (user IDs and passwords) via the Subscription Services for each Authorized User.
  
  ii) Your Responsibilities Regarding Authorized Users. You shall at all times be responsible for and expressly assume the risks associated with all use of the Subscription Services under an Authorized User's account (including for the payment of Fees related to such use), whether such action was taken by an Authorized User or by another party, and whether or not such action was authorized by an Authorized User, provided that such action was not (1) taken by sāf.ai or by a party acting under the direction of sāf.ai or (2) an action by a third party that sāf.ai should reasonably have prevented. This responsibility includes the security of each Authorized User's credentials, and you shall not share (and shall instruct each Authorized User not to share) such credentials with any other person or entity, or otherwise permit any other person or entity to access or use the Subscription Services, except to the extent permitted in an Order Form.
  
  b) Provision of the Subscription Services. Subject to your, and your Authorized Users', compliance with the terms and conditions of this Agreement (including payment of any Fees as due under Section 5 (Payment)), sāf.ai will provide you with the Subscription Services, and you and your Authorized Users may access and use the Subscription Services solely for your internal business purposes, unless any other permitted use is set forth in an applicable Order Form. sāf.ai reserves the right to improve or otherwise modify its internal System architecture at any time subject to maintaining appropriate industry standards of practice relating to the provision and security of the Subscription Services, and provided that any such modification does not materially diminish the core functionality of the Subscription Services. As between the parties, you retain all ownership rights in Customer Data, Customer Results and, subject to sāf.ai rights in Usage Data (as defined in Section 3.3(a)), Customer Instructional Input, and any other information or materials you provide to sāf.ai to enable sāf.ai to perform any of the sāf.ai Services. Additionally, to the extent Customer utilizes third party open source libraries within the Customer Instructional Input, the foregoing shall not be read to imply ownership by Customer in such libraries.
  
  c) Shared Responsibility Deployment.
  
  i) Generally. You acknowledge that the Platform Services are implemented in a manner that divides the Platform Services between the Customer Cloud Environment and the sāf.ai Control Plane, and that accordingly each party must undertake certain technical and organizational measures in order to protect the Platform Services and the Customer Content. Without limiting the foregoing, Customer acknowledges and agrees that (1) in order to utilize the Platform Services, Customer must have an account with the Cloud Provider; (2) sāf.ai does not host the Customer Cloud Environment into which the Platform Services are deployed or the Systems in which your Customer Data may be stored (e.g., an AWS S3 bucket); (3) while certain Customer Data may occasionally be present within the Platform Services (e.g., within the Customer Results), the Platform Services are not designed to archive or permanently retain Customer Data, but merely to provide an environment to facilitate Customer's processing of Customer Data within the Customer Cloud Environment by permitting Customer to generate and execute Customer Instructional Input and view Customer Results; and (4) sāf.ai and the Platform Services do not provide backup services or disaster recovery to enable recovery of Customer Data. Accordingly, and without limiting the foregoing, but subject to Section 9.1, sāf.ai is not responsible for any loss, destruction, alteration, or corruption of Customer Content, except to the extent caused by the gross negligence or willful misconduct of sāf.ai or to the extent caused by any third party that sāf.ai should reasonably have prevented from having access.
  
  ii) Customer Responsibilities. Customer acknowledges and agrees that Customer is responsible for (1) protecting the security of all Customer credentials used to access the Subscription Services (with sāf.ai also responsible for taking adequate steps to protect Customer credentials to the extent such credentials are within the control of sāf.ai); (2) securing the Customer Cloud Environment and any Customer System (with such steps to include without limitation the regular rotation of access keys and other industry standard steps to preclude unauthorized access); (3) backing up Customer Instructional Input (e.g., via Github or other third party system); (4) backing up and securing Customer Data under Customer's control within the Customer Cloud Environment or other Customer controlled System (e.g., by turning on versioning and encryption within AWS S3); and (5) any security or other issues resulting from any Customer Instructional Input, and Customer expressly assumes the risks associated with the foregoing responsibilities.
  
  iii) sāf.ai Responsibilities. sāf.ai acknowledges and agrees that, as between the parties and except to the extent caused by the action or intentional or negligent inaction of Customer or Customer's Authorized Users, including without limitation any customizations or configurations of the Platform Services by Customer or anything specified to be Customer's responsibility in (ii), above, sāf.ai is primarily responsible for (1) the operation (excluding to the extent such operation is directed by the Customer Instructional Content) of the sāf.ai Control Plane (including the user interface of the Platform Services and the portion of the Platform Services within the sāf.ai Control Plane in which the Customer Instructional Input and Customer Results are held until deleted by Customer) and the sāf.ai software that operates the computing resources in the Customer Data Plane; and (2) implementing reasonable technical and organizational measures designed in accordance with the ISMS Standard (defined below) to protect the security of the foregoing. Additionally, while it is Customer's responsibility to back up Customer Instructional Input, sāf.ai will, at Customer's reasonable request, provide commercially reasonable assistance with recovery efforts where reasonably possible.
3. Training Services.
  
  a. Generally. sāf.ai may provide, as set forth in an Order Form, certain Training Services, delivered (i) by instructors ("Instructor-led Training Services"), either in person or online-only; or (ii) as a self-paced online training course ("Self-Paced Training Services"). If we have agreed to provide you with Training Services, we will provide qualified training personnel and/or suitable training materials. You shall make available to sāf.ai any materials sāf.ai reasonably requires to perform the Training Services, but unless agreed between the parties in writing, shall not provide sāf.ai any Customer Data for use with the Training Services.
  
  b. Instructor-led Training Services. If we have agreed to provide you with Instructor-led Training Services, except as otherwise mutually agreed upon by the parties, you shall, as reasonably applicable: (i) provide qualified personnel to assist in coordinating and implementing the Instructor-led Training Services; (ii) provide sāf.ai with access to your sites and facilities (or temporary off-site facilities) during normal business hours and as otherwise reasonably required by sāf.ai to perform the Instructor-led Training Services; (iii) provide sāf.ai with such working space and office support (including access to telephones, photocopying equipment, and the like) as sāf.ai may reasonably request; and (iv) perform your duties and tasks as may be reasonably required to permit sāf.ai to perform the Instructor-led Training Services, including any such duties and tasks that may be set forth in an Order Form.
  
  c. Self-Paced Training Services. sāf.ai may make available certain Self-Paced Training Services. Unless otherwise set forth in an Order Form or when signing up for a Self-Paced Training Service, the Self-Paced Training Services shall expire 12 months from the earlier of purchase or activation and are licensed on a per-user basis.
4. Professional Services. Terms regarding the delivery of Professional Services, if applicable, shall be set forth in an Order Form.
  
  a. Generally. Subject to the Order Form, sāf.ai will provide Professional Services designed to initiate and/or facilitate your ability to effectively utilize saf.ai platform. Unless otherwise agreed by the parties, Professional Services will expire 1 year after the Start Date indicated on the Order Form and will be booked on the basis of 7.5-hour service days.
  
  b. Expenses. You agree to reimburse sāf.ai for reasonable travel and lodging expenses actually incurred by sāf.ai
  
  c. Intellectual Property.
  
  i. sāf.ai, upon your payment of all fees and charges accruing under the Order Form, grants you a non-exclusive, perpetual, fully paid-up, royalty-free license to use, copy, modify, or create derivative works based on any Professional Services work product delivered hereunder by sāf.ai to you, as may be further described in an SOW (the "Deliverables"). If and to the extent sāf.ai incorporates any sāf.ai Materials (as defined below) into the Deliverables, sāf.ai grants to you a non-exclusive, perpetual, fully paid-up, royalty-free license to use, copy, modify or create derivative works based on such sāf.ai Materials, solely as incorporated into the Deliverables and solely for your internal or external business use as reasonably necessary to use the Deliverables for their intended purposes. For the avoidance of doubt, no part of the Platform Services shall be deemed to be incorporated into the Deliverables.
  
  ii. Subject to your rights in your Confidential Information, sāf.ai will exclusively own all rights, title and interest in and to: (i) the Deliverables; and (ii) any software programs, tools, utilities, processes, inventions, devices, methodologies, specifications, documentation, techniques, training materials, and other materials of any kind used or developed by sāf.ai or its personnel in connection with performing the Professional Services, or any other sāf.ai Services (collectively "sāf.ai Materials"), including all Intellectual Property Rights in any of the foregoing.
  
  iii. Unless otherwise set forth in the Order Form or an SOW, the Deliverables are not subject to any maintenance, support or updates after the termination of the Order Form.
  
  d. Change Order. From time to time, you and sāf.ai may be required to adjust the Professional Services based on technical developments, schedules, fees, or other requirements. Any material changes to an SOW or the Order Form will require a change order executed by both parties prior to the implementation of such changes ("Change Order"). Each Change Order must include the change(s) to the Professional Services and the impact on the time of performance and Fees. Once executed, a Change Order will become part of the SOW and/or Order Form, as applicable.
  
  e. Customer Obligations. You acknowledge that successful delivery of the Professional Services depends on your full and timely cooperation. You agree to make available any reasonably requested personnel and/or information in a timely manner to allow sāf.ai to perform such services.
  
  f. Additional Warranty. sāf.ai warrants that it will perform the Professional Services in a professional and workmanlike manner by qualified personnel and in accordance with generally accepted industry standards. sāf.ai makes no guarantee as to whether the Professional Services will be completed within any specific time frame.
  
  g. Requirements; Limitations. sāf.ai will provide the Professional Services at a mutually agreed location and substantially on a mutually agreed time schedule. sāf.ai will adhere while on Customer's premises with reasonable policies provided by Customer to sāf.ai in writing in advance.
  
  h. Business Relationship. saf.ai's relationship with Customer is that of an independent contractor, and nothing in this Agreement will be construed to create a partnership, agency, joint venture, employment or similar relationship. Neither saf.ai nor any of saf.ai's personnel will be considered Customer's employee or agent under this Agreement or otherwise. Neither Party will have any right to act for, represent or otherwise bind the other Party in any manner, except as expressly authorized by such other Party.
5. Downloadable Services. sāf.ai may make available to you certain sāf.ai Services as software from time to time in a downloadable manner ("Downloadable Services"). Unless expressly stated otherwise at the time of download or as otherwise agreed by sāf.ai, Downloadable Services may only be used as a part of the sāf.ai Services. You are granted a non-exclusive, royalty-free right and license to use and copy during the term of this Agreement the Downloadable Services solely as necessary to enable your use of the sāf.ai Services.
6. Beta Services. If you elect to receive any Beta Services offered by sāf.ai, you agree that, in addition to adhering to all other restrictions generally applicable to your use of the Subscription Services under this Agreement and any requirements set forth by sāf.ai in writing regarding the particular Beta Services, you shall not use such Beta Services for production workloads or for any mission critical work, and that you shall not use sensitive data (e.g., PHI or Cardholder Data) in conjunction with such Beta Services unless explicitly permitted in an Order Form.
7. Feedback. You are under no duty to provide any suggestions, enhancement requests, or other feedback regarding the sāf.ai Services ("Feedback"). If you choose to offer Feedback to sāf.ai, you hereby grant sāf.ai a perpetual, irrevocable, non-exclusive, worldwide, fully-paid, sub-licensable, assignable license to incorporate into the sāf.ai Services or otherwise use any Feedback sāf.ai receives from you. You also irrevocably waive in favor of sāf.ai any moral rights which you may have in such Feedback pursuant to applicable copyright law.
8. Ownership of the sāf.ai Services. Except as expressly set forth in this Agreement, sāf.ai retains all Intellectual Property Rights and all other proprietary rights related to the sāf.ai Services. You shall not delete or alter the copyright, trademark, or other proprietary rights notices or markings appearing within the sāf.ai Services as delivered to you. You agree that the sāf.ai Services are provided on a non-exclusive basis and that no transfer of ownership of Intellectual Property Rights shall occur. You further acknowledge and agree that portions of the sāf.ai Services, including but not limited to the source code and the specific design and structure of individual modules or programs, constitute or contain trade secrets and other Intellectual Property Rights of sāf.ai and its licensors.
9. Compliance with Customer Onsite Access Policies. If in the course of providing Training Services or any other sāf.ai Services, sāf.ai personnel go onsite at Customer's premises, sāf.ai shall require such personnel to comply with Customer's commercially reasonable onsite access policies that have been provided by Customer to such personnel reasonably in advance.
Customer Obligations; Customer Data.
1. Customer Responsibilities. In addition to the responsibilities set forth in Section 2.2(c), Customer is responsible for ensuring that sāf.ai at all times has updated and accurate contact information for the appropriate person for sāf.ai to notify regarding data security issues relating to the sāf.ai Services, with such contact information to be updated in each Order Form and any subsequent changes to be provided by email to customercontact@saf.ai (with "Contact Detail Change" in the subject).
2. Restrictions on Use. You shall not (and shall not permit your Authorized Users to):
  
  a. violate the Acceptable Use Policy;
  
  b. copy, modify, disassemble, decompile, reverse engineer, or attempt to view or discover the source code of the sāf.ai Services, in whole or in part, or permit or authorize a third party to do so, except to the extent such activities are expressly permitted by this Agreement or by law notwithstanding this prohibition;
  
  c. sell, resell, license, sublicense, distribute, rent, lease, or otherwise provide access to the sāf.ai Services to any third party except to the extent explicitly authorized in writing by sāf.ai;
  
  d. use the sāf.ai Services to develop or offer a service made available to any third party that could reasonably be seen to serve as a substitute for such third party's possible subscription to any sāf.ai product or service;
  
  e. transfer or assign any of your rights hereunder except as permitted under Section 12.5; or
  
  f. during any free trial period granted by sāf.ai, including during the use of any Beta Service, use the sāf.ai Services for any purpose other than to evaluate the desirability of entering into a paid subscription to the sāf.ai Services (in which case sāf.ai reserves the right to charge you for such use at sāf.ai's standard rates without foregoing any other available remedies).
3. Customer Data and Customer Instructional Input.
  
  a. Ownership; Usage Data. As between you and sāf.ai, you retain all ownership rights in Customer Content. Notwithstanding the foregoing, you acknowledge and agree that sāf.ai may collect usage data and telemetry regarding your Authorized Users' use of the Subscription Services and that such usage data may occasionally contain Customer Instructional Input (e.g., it may contain the queries entered by an Authorized User) but will not contain Customer Data or Customer Results ("Usage Data"). sāf.ai will not share or publicly make available any Usage Data that identifies Customer, or any of its Authorized Users, other data subjects, or customers, nor use any Usage Data in a manner that derives its value from the unique aspects of your Customer Instructional Input.
  
  b. PHI Data under HIPAA. You agree that you may not include in Customer Data or Customer Instructional Input, or generate any Customer Results that include, any PHI unless you have entered into (i) an Order Form that explicitly permits you to process PHI within the Platform Services, and then only with respect to the workspace(s) identified in such Order Form (the "PHI Permitted Workspaces"); and (ii) a BAA with sāf.ai which, upon mutual execution, shall be incorporated by reference into and subject to this Agreement. If you have not entered into a BAA with sāf.ai or if you provide PHI to sāf.ai other than through the PHI Permitted Workspaces, sāf.ai will have no liability under this Agreement relating to PHI, notwithstanding anything in this Agreement or in HIPAA or any similar Laws to the contrary.
  
  c. Cardholder Data Under PCI-DSS. You agree that you may not include in Customer Data or Customer Instructional Input, or generate any Customer Results that include, any cardholder data as defined under PCI-DSS ("Cardholder Data") unless you have entered into an Order Form that (i) specifies sāf.ai then-current certification status under PCI-DSS; and (ii) explicitly permits you to process Cardholder Data within the Platform Services (including specifying the types and quantities of such data) and, and then only with respect to the workspace(s) identified in such Order Form (the "PCI Permitted Workspaces"). If you have not entered into such mutually executed Order Form with sāf.ai, or if you provide Cardholder Data to sāf.ai other than through the PCI Permitted Workspaces, sāf.ai will have no liability under this Agreement relating to Cardholder Data, notwithstanding anything in this Agreement or in PCI-DSS or any similar regulations to the contrary.
  
  d. Additional Limitations. You represent and warrant to sāf.ai that your use of sāf.ai Services shall comply with all applicable Laws, including without limitation any Applicable Data Protection Laws, and that, without limiting the foregoing, Customer Data and Customer Instructional Input shall not contain:
  
  i. any data for which you do not have all rights, power and authority necessary for its collection, use and processing as contemplated by this Agreement;
  
  ii. any data with respect to which your use and provision to sāf. ai pursuant to this Agreement would breach any agreement between you and any third party; or
  
  iii. any data with respect to which its usage as contemplated herein would violate any applicable Laws, including without limitation any Applicable Data Protection Laws.
Term.
1. Term of Agreement. This Agreement shall become effective on the Effective Date and shall continue in full force and effect until terminated by either party pursuant to this Section 4. The Agreement may be terminated by either party without cause on thirty (30) days' prior written notice if (a) there are no operative Order Forms outstanding or (b) the other party is in material breach of the Agreement and the breaching party fails to cure the breach prior to the end of the notice period. If the Agreement terminates pursuant to the prior sentence due to sāf.ai's material breach, sāf.ai will refund to you that portion of any prepayments related to sāf.ai Services not yet provided. Either party can immediately terminate the Agreement if the other becomes insolvent, makes an assignment for the benefit of its creditors, has a receiver, examiner, or administrator of its undertaking or the whole or a substantial part of its assets appointed, or an order is made, or an effective resolution is passed, for its administration, examinership, receivership, liquidation, winding-up or other similar process, or has any distress, execution or other process levied or enforced against the whole or a substantial part of its assets (which is not discharged, paid out, withdrawn or removed within 30 days), or is subject to any proceedings which are equivalent or substantially similar to any of the foregoing under any applicable jurisdiction, or ceases to conduct business or threatens to do so.
2. Term of Order Forms. The Term of an Order Form shall be as specified in the Order Form.
3. Monthly PAYG Services. Notwithstanding anything in this Agreement to the contrary, sāf.ai may suspend or terminate any Monthly PAYG Services account, and delete any Customer Content relating to such account that may be stored within the Subscription Services or other sāf.ai's Systems, upon thirty (30) day's prior written notice (email sufficient) if sāf.ai reasonably determines the account is inactive as set forth in the Acceptable Use Policy.
4. Suspension; Termination. sāf.ai may temporarily suspend or terminate the sāf.ai Services at any time (a) immediately without notice if sāf.ai reasonably suspects that you have violated Section 3 or your responsibilities set forth in Section 2.2(c) in a manner that may cause material harm or material risk of harm to sāf.ai or to any other party, (b) upon ten (10) business days' notice if sāf.ai reasonably suspects that you have committed any other violation of Section 3 or your responsibilities set forth in Section 2.2(c) or (c) if you or your Responsible Customer (as defined below) fail to pay undisputed Fees after receiving notice that you are more than thirty (30) days delinquent in payment.
5. Effects of Termination. Upon termination for any reason, you shall purge all stored elements of the sāf.ai Services from your Systems, sāf.ai will, upon your written request, purge all your Confidential Information from its Systems, and each party, upon request by the other party, shall provide certification of such action. All provisions of the Agreement that by their nature should survive termination shall so survive, including without limitation each party's confidentiality obligations under Section 6.
Payment. Unless Customer's usage of the sāf.ai Services is being paid for by a third party under contract with sāf.ai (such third party, the "Responsible Customer"), Customer shall pay all Fees specified in the applicable Order Form. With respect to Direct Orders, except as otherwise specified therein: (a) all Fees owed to sāf.ai shall be paid in U.S. Dollars; (b) invoiced payments shall be due within 30 days of the date of your receipt of each invoice; and (c) Fees for all sāf.ai Services shall be invoiced in full upon execution of the applicable Order Form. With respect to a Reseller Order, payment terms shall be specified on such Reseller Order, provided that should Customer fail to pay Fees when due to an Authorized Reseller, sāf.ai may seek payment directly from Customer. All past due payments, except to the extent reasonably disputed, shall accrue interest at the highest rate allowed under applicable law but in no event more than one and one-half percent (1.5%) per month. You shall be solely responsible for payment of any applicable sales, value added or use taxes, or similar government fees or taxes.
Confidentiality; Data Protection.
1. Confidentiality. A receiving party will not use the disclosing party's Confidential Information except as permitted under this Agreement or to enforce its rights under this Agreement and will not disclose such Confidential Information to any third party except to those of its employees and/or subcontractors who have a bona fide need to know such Confidential Information for the performance or enforcement of this Agreement; provided that each such employee and/or subcontractor is bound by a written agreement that contains use and disclosure restrictions consistent with the terms set forth in this Section 6.1. Each receiving party will protect the disclosing party's Confidential Information from unauthorized use and disclosure using efforts equivalent to the efforts that the receiving party ordinarily uses with respect to its own Confidential Information of similar nature and in no event using less than a reasonable standard of care; provided, however, that a party may disclose such Confidential Information as required by applicable law, regulation, court order or action by applicable regulatory authority, subject to the party required to make such disclosure giving reasonable notice to the other party to enable it to contest such order or requirement or limit the scope of such request. The provisions of this Section 6.1 shall supersede any non-disclosure agreement by and between the parties (whether entered into before, on or after the Effective Date) that would purport to address the confidentiality and security of Customer Data and such agreement shall have no further force or effect with respect to Customer Data.
2. Data Protection. sāf.ai is certified as ISO/IEC 27001:2013 compliant as of the Effective Date and shall remain certified to this or an equivalent or greater standard (the "ISMS Standard") throughout the term of this Agreement. sāf.ai will maintain appropriate administrative, physical, and technical safeguards according to the ISMS Standard for protection of the security and confidentiality of Customer Data under sāf.ai's control. Those safeguards will include, but will not be limited to, measures designed to prevent unauthorized access to or disclosure of Customer Data under sāf.ai's control. Without limiting the foregoing, sāf.ai acknowledges that it may receive or have access to Personal Data provided by your Authorized Users during the term of this Agreement. Except with respect to a free trial, the terms of the DPA are hereby incorporated by reference and shall apply to the extent Customer Data includes Personal Data, as defined in the DPA. To the extent Personal Data from the European Economic Area (EEA), the United Kingdom and Switzerland are processed by sāf.ai, the EU-US and/or Swiss-US Privacy Shield, and/or the Standard Contractual Clauses shall apply, as further set forth in the DPA. Where the Standard Contractual Clauses are applicable according to the DPA, Customer and its applicable Affiliates are each the data exporter, and Customer's acceptance of this Agreement, and Customer's or an applicable Affiliate's execution of an Order Form, shall be treated as its execution of the Standard Contractual Clauses and Appendices.
Warranties; Disclaimer.
1. Warranties. sāf.ai warrants that, during the term of the Agreement, it will employ appropriate industry standards of practice designed to: (a) ensure that its provision of the sāf.ai Services under this Agreement will not infringe any third party Intellectual Property Rights or other proprietary rights; (b) prevent the transmission of malware or malicious code via the sāf.ai Services; (c) meet its performance, confidentiality and other obligations under this Agreement; (d) prevent unauthorized access to or disclosure of Customer Content; and (e) ensure that the Platform Services operate during the applicable Order Form term(s) substantially in accordance with the Documentation.
2. Disclaimer. THE WARRANTIES IN SECTION 7.1 ARE EXCLUSIVE AND IN LIEU OF ALL OTHER WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, REGARDING SĀF.AI AND SĀF.AI'S SERVICES PROVIDED HEREUNDER. SUBJECT TO SECTION 9.1, SĀF.AI SPECIFICALLY DISCLAIMS ALL IMPLIED WARRANTIES, CONDITIONS AND OTHER TERMS, INCLUDING, WITHOUT LIMITATION, IMPLIED WARRANTIES OF MERCHANTABILITY, SATISFACTORY QUALITY OR FITNESS FOR A PARTICULAR PURPOSE. NOTWITHSTANDING ANYTHING TO THE CONTRARY HEREIN (BUT SUBJECT ALWAYS TO SECTION 9.1): (a) BETA SERVICES AND ANY SERVICES PROVIDED UNDER ANY FREE TRIAL PERIOD ARE PROVIDED "AS-IS" AND WITHOUT WARRANTY OF ANY KIND BY SĀF.AI; (b) WITHOUT LIMITATION, SĀF.AI DOES NOT MAKE ANY WARRANTY OF ACCURACY, COMPLETENESS, TIMELINESS, OR UNINTERRUPTABILITY, OF THE SĀF.AI SERVICES; (c) SĀF.AI IS NOT RESPONSIBLE FOR RESULTS OBTAINED FROM THE USE OF THE SĀF.AI SERVICES OR FOR CONCLUSIONS DRAWN FROM SUCH USE; AND (d) SĀF.AI'S EFFORTS TO RESTORE LOST OR CORRUPTED CUSTOMER INSTRUCTIONAL INPUT PURSUANT TO SECTION 2.2(c)(iii) SHALL CONSTITUTE SĀF.AI'S SOLE LIABILITY AND YOUR SOLE AND EXCLUSIVE REMEDY IN THE EVENT OF ANY LOSS OR CORRUPTION OF CUSTOMER CONTENT IN CONNECTION WITH THE SĀF.AI SERVICES.
Indemnification.
1. Indemnification by sāf.ai. Subject to Section 8.5, sāf.ai will defend Customer against any claim, demand, suit or proceeding made or brought against Customer by a third party (a "Claim Against Customer") alleging that the sāf.ai Services as provided to Customer by sāf.ai or Customer's use of the sāf.ai Services in accordance with the Documentation and this Agreement infringes or misappropriates such party's Intellectual Property Rights (an "IP Claim"), and will indemnify Customer from and against any damages, attorney fees and costs finally awarded against Customer as a result of, or for amounts paid by Customer under a settlement approved by sāf.ai in writing of, a Claim Against Customer. Notwithstanding the foregoing, sāf.ai will have no liability for any infringement or misappropriation claim of any kind if such claim arises from: (a) any public open source version of any sāf.ai software (located at github.com/safai-labs), if the claim of infringement or misappropriation does not allege with specificity that the infringement or misappropriation arises from the Platform Services (as opposed to saf.ai AIFS or CENC software); (b) the combination, operation or use of the sāf.ai Services with equipment, devices, software or data (including without limitation your Confidential Information) not supplied by sāf.ai, if a claim would not have occurred but for such combination, operation or use; or (c) your or an Authorized User's use of the sāf.ai Services other than in accordance with the Documentation and this Agreement.
2. Injunction. If sāf.ai receives information about an infringement or misappropriation claim related to a sāf.ai Service, then sāf.ai may at its sole option and expense: (a) replace or modify the applicable sāf.ai Services to make them non-infringing and of equivalent functionality; (b) procure for you the right to continue using the sāf.ai Services under the terms of this Agreement; or (c) if sāf.ai is unable to accomplish either (a) or (b) despite using its reasonable efforts, terminate your rights and sāf.ai's obligation under this Agreement with respect to such sāf.ai Services and refund to you any Fees prepaid by you for sāf.ai Services not yet provided.
3. Indemnification by Customer. Subject to Section 8.5, Customer shall defend sāf.ai and its Affiliates and its and each of their officers, employees, directors, and agents (each, a "sāf.ai Indemnitee") against any claim, demand, suit or proceeding made or brought against a sāf.ai Indemnitee by a third party (a "Claim Against sāf.ai") (a) alleging that any Customer Content or its use with the sāf.ai Services infringes or misappropriates such party's Intellectual Property Rights; or (b) arising from or related to Customer's use of the sāf.ai Services in violation of any Law or this Agreement, and shall indemnify each sāf.ai Indemnitee from and against any damages, attorney fees and costs finally awarded against a sāf.ai Indemnitee as a result of, or for amounts paid by a sāf.ai Indemnitee under a settlement approved by Customer in writing of, a Claim Against sāf.ai. Sole Remedy for Infringement of Intellectual Property Rights. SUBJECT TO SECTION 8.5 BELOW, THE FOREGOING SECTIONS 8.1 and 8.2 STATE THE ENTIRE OBLIGATION OF SĀF.AI AND ITS LICENSORS WITH RESPECT TO ANY ALLEGED OR ACTUAL INFRINGEMENT OR MISAPPROPRIATION OF INTELLECTUAL PROPERTY RIGHTS BY THE SĀF.AI SERVICES.
4. Conditions of Indemnification. As a condition to an indemnifying party's (each, an "Indemnitor") obligations under this Section 8, a party seeking indemnification (each, an "Indemnitee") will: (a) promptly notify the Indemnitor of the claim for which the Indemnitee is seeking indemnification (but late notice will only relieve Indemnitor of its obligation to indemnify to the extent that it has been prejudiced by the delay); (b) grant the Indemnitor sole control of the defense (including selection of counsel) and settlement of the claim; (c) provide the Indemnitor, at the Indemnitor's expense, with all assistance, information and authority reasonably required for the defense and settlement of the claim; (d) preserve and will not waive legal, professional or any other privilege attaching to any of the records, documents, or other information in relation to such claim without prior notification of consent by the Indemnitor. The Indemnitor will not settle any claim in a manner that does not fully discharge the claim against an Indemnitee or that imposes any obligation on, or restricts any right of, an Indemnitee without the Indemnitee's prior written consent, which may not be unreasonably withheld or delayed. An Indemnitee has the right to retain counsel, at the Indemnitee's expense, to participate in the defense or settlement of any claim. The Indemnitor will not be liable for any settlement or compromise that an Indemnitee enters into without the Indemnitor's prior written consent.
Limitation of Liability.
1. Nothing in this Agreement shall limit either party's liability for the Excluded Claims; or any other liability that cannot be excluded or limited by applicable Laws.
2. Subject to Section 9.1, neither party nor its Affiliates shall be liable for any:
  
  a. loss of profits or revenue;
  
  b. loss from damage to business or goodwill;
  
  c. loss arising from inaccurate or unexpected results of algorithms submitted by the other party to the sāf.ai Services; or
  
  d. other indirect, incidental, special, punitive, or consequential loss or damages; even if a party has been advised of the possibility of such losses or damages arising
3. SUBJECT TO SECTION 9.1, IN NO EVENT SHALL THE AGGREGATE LIABILITY OF EACH PARTY TOGETHER WITH ALL OF ITS AFFILIATES ARISING OUT OF OR RELATED TO THIS AGREEMENT EXCEED THE TOTAL AMOUNT PAID BY CUSTOMER AND ITS AFFILIATES HEREUNDER FOR THE SĀF.AI SERVICES GIVING RISE TO THE LIABILITY IN THE TWELVE (12) MONTHS PRECEDING THE FIRST INCIDENT OUT OF WHICH THE LIABILITY AROSE. THE FOREGOING LIMITATION SHALL APPLY WHETHER AN ACTION IS IN CONTRACT OR TORT AND REGARDLESS OF THE THEORY OF LIABILITY, BUT WILL NOT LIMIT CUSTOMER'S AND ITS AFFILIATES' PAYMENT OBLIGATIONS UNDER THE "FEES AND PAYMENT" SECTION ABOVE.
4. Notwithstanding the previous paragraph, but subject to Section 9.1, any liability relating to sāf.ai Services provided free of charge, including any Beta Services or sāf.ai Services provided during a free trial period, shall be limited to five thousand US dollars (USD $5,000).
Export. The sāf.ai Services, and/or derivatives thereof, may be subject to export Laws of the United States and other jurisdictions. Each party represents that it is not named on any U.S. government denied-party list. You shall not permit your users to access or use any sāf.ai Services in a U.S. embargoed country (as of the Effective Date, Cuba, Iran, North Korea, Sudan, Syria or Crimea) or in violation of any U.S. export Law.
Equitable Relief. Each party acknowledges and agrees that the other party may be irreparably harmed in the event that such party breaches Section 6 (Confidentiality), and that monetary damages alone cannot fully compensate the non-breaching party for such harm. Accordingly, each party hereto hereby agrees that the non-breaching party shall be entitled to injunctive relief to prevent or stop such breach, and to obtain specific enforcement thereof. Any such equitable remedies obtained shall be in addition to, and not foreclose, any other remedies that may be available.
General.
1. Governing Law and Venue. The governing law and exclusive venue applicable to any lawsuit or other dispute arising in connection with this Agreement shall be determined by the location of Customer's principal place of business ("Domicile"), as follows:
  
  | Customer's Domicile | Governing Law | Venue (courts width exclusive jurisdiction | |:--------------------:|:-------------:|:------------------------------------------:| | North America | Maryland | Maryland (state and U.S. federal courts) | | Europe; South America; Middle East; Africa | | Delaware (state and U.S. federal courts) |
  
  The parties hereby irrevocably consent to the personal jurisdiction and venue of the courts in the venues shown above. In all cases, the application of law shall be without regard to, or application of, conflict of law rules or principles, and the United Nations Convention on Contracts for the International Sale of Goods shall not apply.
2. U.S. Government Users. If Customer is a U.S. government entity, or this Agreement otherwise becomes subject to the Federal Acquisition Regulation (FAR), Customer acknowledges that the Platform Services constitute software and documentation provided as "Commercial Items" under 48 C.F.R. 2.101 and developed solely at private expense, and are being licensed and made accessible to U.S. government users as commercial computer software subject to the restricted rights described in 48 C.F.R. 12.212.
3. Insurance Coverage. sāf.ai will maintain commercially appropriate insurance coverage given the nature of the sāf.ai Services and sāf.ai's obligations under this Agreement. Such insurance will be in an industry standard form with admitted insurance carriers with A.M. ratings of AM-IX or better, and shall include commercially appropriate cyber liability insurance coverage. Upon Customer's request, sāf.ai will provide to Customer proof evidencing sāf.ai's insurance coverage.
4. Entire Agreement, Construction, Amendment and Execution. This Agreement (including all Order Forms) is the complete and exclusive understanding and agreement between the parties regarding its subject matter. Nothing in the preceding sentence shall limit or exclude any liability for fraud or fraudulent misrepresentation. To the extent any provision in an Order Form clearly conflicts with a provision of these Terms or a provision of an earlier Order Form, the provision in the new Order Form shall be binding and the conflicting provision in these Terms or in the earlier Order Form shall be deemed modified solely to the extent reasonably necessary to eliminate the conflict and solely with respect to the new Order Form (unless expressly intended to permanently amend the Agreement). If any provision of this Agreement is held to be unenforceable or invalid, that provision shall be enforced to the maximum extent possible, and the other provisions shall remain in full force and effect. The headings in this Agreement are solely for convenience, and shall not be taken into consideration in interpretation of the Agreement. Each party acknowledges and agrees that it has adequate sophistication, including legal representation, to fully review and understand this Agreement; therefore, in interpretation of the Agreement with respect to any drafting ambiguities that may be identified or alleged, no presumption shall be given in favor of the non-drafting party. This Agreement may not be modified or amended except by mutual written agreement of the parties. Without limiting the foregoing, no Customer purchase order shall be deemed to modify an Order Form or this Agreement unless expressly pre-authorized in writing by sāf.ai. This Agreement (including all Order Forms) may be executed in two or more counterparts, each of which shall be deemed an original and all of which, taken together, shall constitute one and the same instrument. A party's electronic signature or transmission of any document by electronic means shall be deemed to bind such party as if signed and transmitted in physical form.
5. Assignment. No assignment, novation or transfer of a party's rights and obligations under this Agreement ("Assignment") is permitted except with the prior written approval of the other party, which shall not be unreasonably withheld; provided, however, that either party may freely make an Assignment to a successor in interest upon a change of Control.
6. Notice. Any required notice under this Agreement shall be deemed given when received by letter delivered by nationally recognized overnight delivery service or recorded prepaid mail. Unless notified in writing of a change of address, you shall send any required notice to sāf.ai, Inc., 7200 Wisconsin Ave. Suite 302, Bethesda, MD 20854, USA, attention: Legal Department, and sāf.ai shall send any required notice to you directed to the most recent address you have provided to sāf.ai for such notice. Notwithstanding the foregoing, notice as required under Section 4.4 may be provided by email sent to a person the party providing notice reasonably believes to have responsibility for the other party's activities under this Agreement.
7. Force Majeure. Notwithstanding anything herein to the contrary, Customer understands and agrees that its use of the sāf.ai Services may be interrupted by circumstances beyond sāf.ai's reasonable control, including without limitation acts of God, acts of government, changes in law or regulations, acts or omissions of third parties, flood, fire, earthquakes, civil unrest, wars, acts of terror, strikes or other actions taken by labor organizations, computer, telecommunications, the Internet, Internet service provider or hosting facility failures or delays involving hardware, software or power systems not within sāf.ai's possession or reasonable control, and network intrusions or denial of service attacks, or any other cause, whether similar or dissimilar to any of the foregoing that is beyond sāf.ai's reasonable control (individually or collectively as applicable, "Force Majeure"). sāf.ai shall not be responsible or otherwise liable for any Force Majeure or any consequences thereof.

[signature page follows]

By signing below, each party acknowledges that it has read and understood the terms of these Terms of Service and agrees to be bound by them.

saf.ai - Data Processing Addendum ("DPA")

This Data Processing Addendum ("DPA") forms a part of the sāf.ai Terms of Service found at https://docs.saf.ai/policies/saf.ai-tos, unless you ("Customer" aka "Subscriber") has entered into a superseding written master subscription agreement with sāf.ai, Inc. ("sāf.ai"), in which case, it forms a part of such written agreement (in either case, the "Agreement").

By signing the DPA or executing an Agreement that explicitly states that the DPA is incorporated by reference, Customer enters into this DPA on behalf of itself and, to the extent required under Applicable Data Protection Laws, in the name and on behalf of any Affiliates (defined below) who are authorized to use the sāf.ai Services. If you are entering into this DPA on behalf of a company (such as your employer) or other legal entity, you represent and warrant that you have the authority to bind that company or legal entity to this DPA. In that case, "Customer" or "Subscriber" will refer to that company or other legal entity. All capitalized terms not defined herein shall have the meaning set forth in the Agreement.

In the course of providing the sāf.ai Services under the Agreement, sāf.ai may process certain Customer Personal Data (such terms defined below) on behalf of Customer and where sāf.ai processes such Customer Personal Data on behalf of Customer the parties agree to comply with the terms and conditions in this DPA in connection with such Customer Personal Data.

HOW TO EXECUTE THIS DPA

If you are an Azure sāf.ai user, please STOP and reach out to us at privacy@saf.ai.
This DPA consists of two parts: the main body of the DPA, and Annexes A, B and C (including Appendices 1, 2 and 3 to Annex C).
This DPA has been pre-signed on behalf of sāf.ai. The Standard Contractual Clauses in Annex C have been pre-signed by sāf.ai, Inc. as the data importer. This DPA will be null and void if any changes are made to it beyond filling out the sections described in 5, below.
If you execute an Agreement that explicitly states that this DPA is incorporated, you do not need to take any further action to execute this DPA; your execution of the Agreement constitutes execution of the DPA.
If you have not executed an Agreement that explicitly states this DPA is incorporated, to complete this DPA, Customer must:

a. Complete the information and sign the main DPA [signature box]_.

b. Complete the information as the data exporter in [Annex A]_.

c. Complete the information and sign the [Appendix 1]_ and [Annex C]_.
Send the completed and signed DPA to sāf.ai by email, directed to dpa@saf.ai.

Upon the earlier of (i) the execution of an Agreement that explicitly states that the DPA is incorporated into the Agreement by reference; and (ii) receipt of the validly completed DPA by sāf.ai at the above email address, this DPA will become legally binding.

HOW THIS DPA APPLIES TO CUSTOMER AND ITS AFFILIATES

If the Customer entity signing this DPA is a party to the Agreement, this DPA is an addendum to and forms part of the Agreement. In such case, the sāf.ai entity that is party to the Agreement is party to this DPA. If the Customer entity signing this DPA has executed an Order Form with sāf.ai pursuant to the Agreement, but is not itself a party to the Agreement, this DPA is an addendum to that Order Form and applicable renewal Order Forms, and the sāf.ai entity that is party to such Order Form is party to this DPA. If the Customer entity signing this DPA is neither a party to an Order Form nor the Agreement, this DPA is not valid and is not legally binding. Such entity should request that the Customer entity who is a party to the Agreement executes this DPA.

DEFINITIONS
1. "Affiliate" means, with respect to the identified party, any entity that is directly or indirectly controlled by, controlling or under common control with such party.
2. "Applicable Data Protection Laws" means all worldwide data protection and privacy laws and regulations applicable to Customer Personal Data in question, including, where applicable and without limitation, EU Data Protection Law and the California Consumer Privacy Act of 2018.
3. "Authorized Person(s)" means any person who processes Customer Personal Data on sāf.ai's behalf, including sāf.ai's employees, officers, partners, principals, contractors and Subprocessors.
4. "California Consumer Privacy Act of 2018" or "CCPA" means Cal. Civ. Code §1798.100, et seq., as amended.
5. "Cloud Provider" means, unless specified otherwise in an Order Form or the Agreement, Google Cloud Environment.
6. "Customer Cloud Environment" has the meaning given to it in the Agreement, or if not therein defined, means the cloud environment provided by the Cloud Provider into which sāf.ai deploys the Customer Data Plane.
7. "Customer Content" has the meaning given to it in the Agreement, or if not therein defined, means all Customer Data, Customer Instructional Input, and Customer Results.
8. "Customer Data" means the data, other than Customer Instructional Input, made available by Customer and its Authorized Users for processing by, or use within, the Subscription Services, including without limitation Personal Data to the extent therein contained.
9. "Customer Data Plane" has the meaning given to it in the Agreement, or if not therein defined, means the elements of the Platform Services deployed into the Customer Cloud Environment; the primary processing of Customer Data by the Platform Services occurs within the Customer Data Plane and this activity results in fees being charged to Customer by Cloud Provider (e.g., for EC2 compute resources in the Customer Cloud Environment). For the avoidance of doubt, the term Customer Data Plane does not include Customer-controlled storage, including but not limited to Customer's Google Cloud Storage, Big Query tables, (and for which Customer may incur separate charges).
10. "Customer Instructional Input" has the meaning given to it in the Agreement, or if not therein defined, means information other than Customer Data that Customer inputs into the Platform Services to direct how the Platform Services process Customer Data, including without limitation the code and any libraries (including third party libraries) Customer utilizes within the Platform Services.
11. "Customer Personal Data" means any Customer Content that is Personal Data.
12. "Customer Results" has the meaning given to it in the Agreement, or if not therein defined, means any output Customer or its Authorized Users generate from their use of the Platform Services. For the avoidance of doubt, the term Customer Results does not include Usage Data.
13. "Data Subject" means the identified or identifiable natural person to whom the Customer Personal Data relates, including 'consumers' (as defined in the CCPA) where applicable.
14. "sāf.ai Control Plane" has the meaning given to it in the Agreement, or if not therein defined, means the elements of the Platform Services residing within sāf.ai's Cloud Provider account, including without limitation the user interface of the Platform Services.
15. "sāf.ai Group" means sāf.ai, Inc. and its Affiliates.
16. "sāf.ai Services" means the Subscription Services and other services sāf.ai provides under an Agreement.
17. "EEA" means, for the purposes of this DPA, the European Economic Area and its member states, including the United Kingdom (regardless of whether the United Kingdom leaves the EU or the EEA), and Switzerland.
18. "EU Data Protection Law" means Regulation 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of Personal Data and on the free movement of such data (General Data Protection Regulation) ("GDPR").
19. "Model Clauses" means the Standard Contractual Clauses (controller to processor) promulgated by the EU Commission Decision 2010/87/EU attached as Annex C.
20. "Personal Data" means information relating to an identified or identifiable Data Subject; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to their physical, physiological, genetic, mental, economic, cultural or social identity. For the avoidance of doubt, Personal Data includes, where applicable, personally identifiable information and personal information (as defined in the CCPA).
21. "Platform Services" has the meaning given to it in the Agreement, or if not therein defined, means the subscription software data processing services to which Customer is subscribed.
22. "Privacy Shield" means the EU-US Privacy Shield self-certification program operated by the U.S. Department of Commerce and approved by the European Commission pursuant to Decision C(2016)4176 dated July 12, 2016 (as may be amended, superseded, or replaced).
23. "Privacy Shield Principles" means the Privacy Shield Framework Principles (as supplemented by the Supplemental Principles) contained in Annex II to the European Commission Decision of 12 July 2016 pursuant to the Directive, details of which can be found at www.privacyshield.gov/eu-us-framework.
24. "Security Breach" means a breach of security leading to any accidental, unauthorized or unlawful loss, disclosure, destruction, alteration, or access to Customer Personal Data.
25. "Sensitive Data" means any unencrypted (i) bank, credit card or other financial account numbers or login credentials, (ii) social security, tax, driver's license or other government-issued identification numbers, (iii) health information identifiable to a particular individual; (iv) information that could reasonably be used to determine the physical location of a particular individual or (v) any "special" or "sensitive" categories of data as those terms are defined according to EU Data Protection Law or any similar category under other Applicable Data Protection Laws. For the purposes of the prior sentence, "unencrypted" means a failure to utilize industry standard encryption methods to prevent sāf.ai, the Platform Services and sāf.ai's personnel, including any subcontractors, from accessing the relevant data in unencrypted form.
26. "Subprocessor" means any third party (including any sāf.ai Affiliate) engaged by sāf.ai to process any Customer Personal Data on behalf of Customer or who may receive Customer Personal Data provided by Customer through the Subscription Services pursuant to the terms of the Agreement.
27. "Subscription Services" has the meaning given to it in the Agreement. Subscription Services includes the Platform Services and subscription support services set forth in an Order Form.
28. "Usage Data" means usage data and telemetry collected by sāf.ai relating to the use of the Subscription Services by Customer. Usage Data may occasionally contain Customer Instructional Input (e.g., it may contain the queries entered by an Authorized User) but will not contain Customer Data or Customer Results.
29. The terms "Controller", "Processor," "process," and "processing," have the meanings given to them in Applicable Data Protection Laws. The term Controller also includes 'businesses' (as defined in the CCPA) and the term Processor includes 'service providers' (as defined in the CCPA) to the extent the rights and obligations described herein apply under the CCPA. If and to the extent that Applicable Data Protection Laws do not define such terms, then the definitions given in EU Data Protection Law will apply.
SHARED RESPONSIBILITY DEPLOYMENT
1. Customer acknowledges that the Platform Services are implemented in a manner that divides the Platform Services between the Customer Cloud Environment and the sāf.ai Control Plane, and that accordingly each party must undertake certain technical and organizational measures in order to protect the Platform Services and the Customer Content.
2. Without limiting the foregoing, and except to the extent otherwise set forth in the Agreement, Customer acknowledges and agrees that (1) in order to utilize the Platform Services, Customer must have an account with the Cloud Provider; (2) sāf.ai does not host the Customer Cloud Environment into which the Platform Services are deployed or the systems in which your Customer Data may be stored (e.g., an AWS S3 bucket); (3) while certain Customer Data may occasionally be present within the Platform Services (e.g., within the Customer Results), the Platform Services are not designed to archive or permanently retain Customer Data, but merely to provide an environment to facilitate Customer's processing of Customer Data within the Customer Cloud Environment by permitting Customer to generate and execute Customer Instructional Input and view Customer Results; (4) sāf.ai and the Platform Services do not provide backup services or disaster recovery to enable recovery of Customer Data; and (5) subject to any limitations under the DPA or the Agreement regarding what Customer Data may contain, the choice of which Customer Data you process within sāf.ai and manner in which you choose to process it are under the control of Customer and that accordingly sāf.ai will generally be unaware of the types of or details regarding the Customer Personal Data you may process within the Subscription Services.
3. Customer acknowledges that the Subscription Services are data-type agnostic, and that sāf.ai does not have any knowledge of the actual data or types of data contained in the Customer Data. Accordingly, Customer shall notify sāf.ai prior to providing any Sensitive Data. Additionally, if reasonably required by Customer, sāf.ai shall enter into a Business Associate Agreement to enable Customer to comply with its obligations under HIPAA/HITECH ACT ("BAA"). sāf.ai may impose additional requirements on Customer prior to the use of the Subscription Services by Customer to process any Sensitive Data, which may include additional fees.
PURPOSE; SCOPE; OWNERSHIP OF DATA
1. Customer and sāf.ai have entered into the Agreement pursuant to which Customer is being provided sāf.ai Services, including the Subscription Services. In using the Subscription Services, Customer may submit through the Subscription Services or otherwise provide access to sāf.ai certain Customer Data. This DPA applies where and only to the extent that sāf.ai processes Customer Personal Data on behalf of Customer as a Processor in the course of providing sāf.ai Services pursuant to the Agreement. Additionally, Sections 4.3, 4.4, 4.5, 5.1, and 9 shall only apply to Customer Personal Data within the scope of the DPA to the extent such rights are set forth in or required by Applicable Data Protection Laws.
2. As between the parties, Customer is either the Controller of Customer Personal Data or, if Customer is acting on behalf of a third-party Controller, then a Processor. All Customer Data (including all Customer Personal Data) processed under the terms of this DPA and the Agreement shall remain, as between the parties, the property of Customer.
3. Accordingly, sāf.ai shall process Customer Personal Data (i) submitted to sāf.ai by Customer through the Subscription Services only as a Processor acting on behalf of Customer (whether as Controller or itself a Processor on behalf of third party Controllers); and (ii) in accordance with Customer's documented instructions as set forth in this DPA, the Agreement(s) or as otherwise necessary to provide the Subscription Services; provided that sāf.ai shall inform Customer if, in its opinion, Customer's processing instructions infringe any law or regulation; in such event, sāf.ai is entitled to refuse processing of Personal Data that it believes to be in violation of any law or regulation. Without limiting the foregoing, sāf.ai will not 'sell' Customer Personal Data (as such term is defined in the CCPA).
4. Additionally, when using the Subscription Services, sāf.ai will collect Usage Data. Where Usage Data contains Customer Personal Data (e.g., within Customer Instructional Input), sāf.ai shall act as Customer's Processor under Applicable Data Protection Laws and such Usage Data will be subject to the applicable terms and conditions of this DPA. Otherwise, to the extent any Usage Data is considered Personal Data under Applicable Data Protection Laws, sāf.ai is the Controller of such Usage Data and shall process such Usage Data in accordance with the Agreement and Applicable Data Protection Laws. sāf.ai will not share (other than with Subprocessors or third parties providing services to sāf.ai who agree to terms at least as restrictive regarding the processing of Usage Data as those set forth herein) or publicly make available any Usage Data that identifies Customer, or any of its Authorized Users, other data subjects, or customers, nor use any Usage Data in a manner that derives its value from the unique aspects of your Customer Instructional Input. Without limiting the foregoing, sāf.ai will not 'sell' any Usage Data (as such term is defined in the CCPA) that contains any Personal Data subject to the CCPA.
SUBPROCESSING
1. Customer agrees that sāf.ai may appoint Subprocessors to assist it in providing the sāf.ai Services by processing Customer Personal Data solely for the purpose of providing the sāf.ai Services, provided that such Subprocessors:
  
  (a) agree to act only on sāf.ai's instructions when processing the Customer Personal Data (which instructions shall be consistent with Customer's processing instructions to sāf.ai); and
  
  (b) agree to protect the Customer Personal Data to a standard consistent with the requirements of this DPA, including by implementing and maintaining appropriate technical and organizational measures to protect the Customer Personal Data they process consistent with the Security Standards described in Annex B.
2. sāf.ai remains fully liable for any breach of this DPA or the Agreement that is caused by an act, error or omission of such Subprocessor to the extent sāf.ai would have been liable for such act, error or omission had it been caused by sāf.ai.
3. sāf.ai shall maintain an up-to-date list at saf.ai/subprocessors (also available upon request to privacy@saf.ai) of all Subprocessors used in the provision of the sāf.ai Services who may have access to or process Customer Personal Data received by sāf.ai from Customer through the Subscription Services under the Agreement ("Subprocessor List").
4. Prior to the addition or change of any Subprocessors, sāf.ai shall provide notice to Customer, which may include by updating the Subprocessor List on the website listed above, not less than 30 days prior to the date on which the Subprocessor shall commence processing Customer Personal Data. sāf.ai will make available a means by which Customer may subscribe to receive notifications of changes to the Subprocessor List (which may include without limitation the provision of an RSS feed). It is Customer's responsibility to check this website for changes.
5. In the event that Customer objects to the processing of Customer Personal Data by any newly appointed Subprocessor as described in Section 4.4, it shall inform sāf.ai in writing within 10 calendar days after notice has been provided by sāf.ai. In the event that Customer timely objects on reasonable grounds relating to the protection of Customer Personal Data sāf.ai will either, at sāf.ai option (a) work with Customer to address Customer's reasonable objections and thereafter proceed to use the Subprocessor to perform such processing; (b) instruct the Subprocessor to not process Customer Personal Data, which Customer acknowledges and agrees may result in new or improved Subscription Services features enabled by the Subprocessor not being available to Customer; or (c) allow Customer to terminate this DPA and the Agreement with sāf.ai immediately on notice and upon receipt of such notice provide Customer with a pro rata reimbursement of any sums Customer may have paid in advance for Subscription Services to be provided but not yet received by Customer. :::
6. Customer acknowledges that any third party services that may be linked to or used within the sāf.ai Services (e.g., Customer may use GitHub to backup Customer's notebooks) ("Non-sāf.ai Services") are governed solely by the terms and conditions and privacy policies of such Non-sāf.ai Services, and sāf.ai does not endorse, is not responsible or liable for, and makes no representations as to any aspect of such Non-sāf.ai Services, including, without limitation, their content or the manner in which they handle your Customer Data (including Customer Personal Data) or any interaction between Customer and the provider of such Non-sāf.ai Services. sāf.ai is not liable for any damage or loss caused or alleged to be caused by or in connection with Customer's enablement, access or use of any such Non-sāf.ai Services, or Customer's reliance on the privacy practices, data security processes or other policies of such Non-sāf.ai Services. The providers of Non-sāf.ai Services shall not be deemed Subprocessors for any purpose under this DPA.
COOPERATION
1. Customer acknowledges that the Subscription Services provide Customer with a number of controls that Customer may use to retrieve, correct, delete or restrict Customer Data, which Customer may use to assist it in connection with its obligations under Applicable Data Protection Laws, including its obligations relating to responding to requests from data subjects or applicable data protection authorities. To the extent that Customer is required to respond to a DSR (as defined below) under Applicable Data Protection Laws and is unable to access the relevant Customer Data within the Subscription Services using such controls or otherwise, sāf.ai shall reasonably cooperate with Customer (at Customer's request and expense) to enable Customer (or its third party Controller) to respond to any requests, complaints or other communications from Data Subjects and regulatory or judicial bodies relating to the processing of Customer Personal Data under the Agreement(s), including requests from Data Subjects seeking to exercise their rights under Applicable Data Protection Laws (a 'data subject request' or "DSR") insofar as this is possible In the event that any such DSR, complaint or communication is made directly to sāf.ai, sāf.ai shall promptly pass such communication on to Customer and shall not respond to such communication without Customer' express authorization. For the avoidance of doubt, the foregoing shall not prohibit sāf.ai from communicating with a Data Subject if it is not reasonably apparent on the face of the communication to which customer of sāf.ai the DSR relates.
2. If sāf.ai receives a subpoena, court order, warrant or other legal demand from a third party (including law enforcement or other public or judicial authorities) seeking the disclosure of Customer Personal Data, sāf.ai shall not disclose any information but shall, to the extent permitted by applicable laws, promptly notify Customer in writing of such request and reasonably cooperate with Customer if it wishes to limit, challenge or protect against such disclosure.
3. To the extent required under Applicable Data Protection Laws, sāf.ai will assist Customer (or its third party Controller), at Customer's request and expense, to conduct a data protection impact assessment and, where legally required, consult with applicable data protection authorities in respect of any proposed processing activity that presents a high risk to Data Subjects. Because the need for a data protection impact assessment, if any, will arise from the choices made by Customer regarding what Customer Data is to be processed and the processing activities performed, Customer shall be responsible for any costs arising from sāf.ai's provision of such assistance.
4. At Customer's written request, sāf.ai will make reasonable efforts to provide Customer with all information necessary to demonstrate its compliance with Applicable Data Protection Laws.
5. Customer acknowledges that sāf.ai may be required under Applicable Data Protection Laws to: (a) collect and maintain records of certain information, including the name and contact details of each Processor and/or Controller on behalf of which sāf.ai is acting and, where applicable, of such Processor's or Controller's local representative and data protection officer; and (b) make such information available to the applicable data protection authorities. Accordingly, Customer will, where requested, provide such information to sāf.ai via the Services or other means provided by sāf.ai, and will ensure that all information provided is kept accurate and up-to-date.
6. If the Applicable Data Protection Laws and corresponding obligations related to the processing of Personal Data change, the parties shall discuss in good faith any necessary amendments.
DATA ACCESS & SECURITY MEASURES
1. sāf.ai shall ensure that any Authorized Person is subject to a duty of confidentiality (whether a contractual or statutory duty) and that they process Customer Personal Data only for the purpose of delivering the sāf.ai Services under the Agreement(s) to Customer.
2. sāf.ai will implement and maintain appropriate technical and organizational security measures to protect against Security Breaches and to preserve the security, availability, integrity and confidentiality of Customer Personal Data ("Security Measures") and will review such Security Measures on at least an annual basis. Such measures shall have regard to the state of the art, the costs of implementation and the nature, scope, context and purposes of processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons.
3. Because Customer rather than sāf.ai chooses what Customer Personal Data may be processed within the sāf.ai Services, Customer acknowledges its obligation to review the Security Measures prior to providing sāf.ai with access to such Customer Personal Data and represents, as of the date of this DPA, in light of the Customer Personal Data that Customer intends to process through the sāf.ai Services, that it has no reason to believe, provided the Security Measures identified at Annex B have been properly implemented by sāf.ai, that such Security Measures are insufficient to adequately protect the Customer Personal Data according to Applicable Data Protection Laws.
SECURITY INCIDENTS
1. In the event of a Security Breach, sāf.ai shall inform Customer without undue delay and provide written details of the Security Breach, including the type of data affected and the identity of affected person(s) as soon as such information becomes known or available to sāf.ai.
2. Furthermore, in the event of a Security Breach, sāf.ai shall:
  
  (a) provide timely information and cooperation as Customer may reasonably require to fulfill Customer's data breach reporting obligations under Applicable Data Protection Laws; and
  
  (b) take such measures and actions as are appropriate to remedy or mitigate the effects of the Security Breach and shall keep Customer up-to-date about all developments in connection with the Security Breach.
3. The decision whether to provide notification, public/regulatory communication or a press release (each, a "Notification") concerning the Security Breach shall be solely at Customer's discretion, but the content of any Notification that names sāf.ai or from which sāf.ai's identity could reasonably be determined shall be subject to the prior approval of sāf.ai, which approval shall not be unreasonably withheld, conditioned or delayed, except as otherwise required by applicable laws and provided that conditioning of the Notification on sāf.ai's approval shall not prevent Customer from complying with Applicable Data Protection Laws.
SECURITY REPORTS & INSPECTIONS; AUDITS
1. The parties acknowledge that sāf.ai uses internal auditors to verify the adequacy of its Security Measures. This audit:
  
  (a) will be performed at least annually;
  
  (b) will be performed according to ISO 27001 standards or such other alternative standards that are substantially equivalent to ISO 27001;
2. At Customer's written request, sāf.ai will provide Customer with copies of its Report so that Customer can reasonably verify sāf.ai's compliance with the security and audit obligations under this Agreement. The Report and any summaries thereof will constitute sāf.ai's Confidential Information under the confidentiality provisions of the Agreement.
3. sāf.ai will respond in a commercially reasonable time-frame to any requests for additional information or clarification from Customer related to such Report.
DATA TRANSPORT
1. Customer acknowledges that sāf.ai and its Subprocessors may maintain data processing operations in countries that are outside of the country in which the Platform Services are deployed. As such, both sāf.ai and its Subprocessors may process Customer Personal Data in non-EEA and non-Swiss countries. This will apply even where Customer has agreed with sāf.ai to use cloud instances of the Subscription Services located in the EEA if such non-EEA processing is necessary to provide support-related or other services requested by Customer.
2. To the extent that sāf.ai processes any Customer Personal Data subject to EU Data Protection Law ("EEA Data") on behalf of Customer, the parties agree that sāf.ai makes available the transfer mechanisms listed below for any transfers of EEA Data from the EEA to sāf.ai located in a country which does not ensure an adequate level of protection (within the meaning of Applicable Data Protection Laws) and to the extent such transfers are subject to such EU Data Protection Law:
  
  (a) (i) sāf.ai will be deemed to provide adequate protection (within the meaning of EU Data Protection Law) for EEA Data by virtue of having self-certified its compliance with the Privacy Shield; (ii) sāf.ai agrees to process EEA Data in compliance with the Privacy Shield Principles; (iii) if sāf.ai is unable to comply with its obligations under this sub-Section, sāf.ai will inform the Customer; and (iv) sāf.ai will promptly cease (and cause its Subprocessors to promptly cease) processing such EEA Data if in Customer's sole discretion, Customer determines that sāf.ai has not or cannot correct any non-compliance with this sub-Section in accordance with the Privacy Shield Principles within a reasonable time frame.
  
  (b) To the extent the transfer mechanism identified in Section 9.2(a) does not apply to the transfer, is invalidated and/or sāf.ai is no longer self-certified to the Privacy Shield, sāf.ai agrees to abide by and process EEA Data in compliance with the Model Clauses attached as Annex C, including the appendices attached thereto, and subject to the interpretations set forth in Appendix 3, and for these purposes sāf.ai agrees that it is a "data importer" and Customer and/or its Affiliates, as applicable is/are the "data exporter" under the Model Clauses (notwithstanding that Customer and/or its Affiliates may be an entity or entities located outside of the EEA).
OBLIGATIONS OF CUSTOMER

Customer acknowledges that sāf.ai does not provide data backup services, and that it is Customer's obligation to backup any Customer Data that Customer may process through the Subscription Services. As part of Customer receiving the sāf.ai Services under the Agreement, Customer agrees and declares as follows:

(i) that the processing of Personal Data by Customer, including instructing processing by sāf.ai in accordance with this Agreement, is and shall continue to be in accordance with all the relevant provisions of the Applicable Data Protection Laws, particularly with respect to the security, protection and disclosure of Personal Data;

(ii) if Customer is itself a Processor acting on behalf of a third-party Controller, Customer warrants to sāf.ai that Customer's instructions and actions with respect to that Personal Data, including its appointment of sāf.ai as another Processor, have been authorized by the relevant Controller;

(iii) that if processing by Customer involves any Sensitive Data, Customer has collected such Sensitive Data in accordance with Applicable Data Protection Laws;

(iv) that Customer will inform its Data Subjects as legally required:

(a) about its use of Processors to process their Personal Data, including sāf.ai; and

(b) that their Personal Data may be processed outside of the European Economic Area;

(v) that it shall respond in reasonable time and to the extent reasonably practicable to enquiries by Data Subjects regarding the processing of their Personal Data by Customer, and to give appropriate instructions to sāf.ai in a timely manner; and

(vi) that it shall respond in a reasonable time to enquiries from an applicable data protection authority regarding the processing of relevant Personal Data by Customer.
DELETION & RETURN.

Upon Customer's request upon termination or expiry of the Agreement, sāf.ai shall destroy all Customer Data (including Customer Personal Data) in its possession or control. This requirement shall not apply to the extent that sāf.ai is required by any applicable law to retain some or all of the Customer Data (including Customer Personal Data), in which event sāf.ai shall isolate and protect such data from any further processing except to the extent required by such law.
GENERAL.
1. The parties agree that this DPA shall replace any existing DPA (including the Model Clauses (as applicable)) the parties may have previously entered into in connection with the sāf.ai Services.
2. This DPA shall be effective on the date of the last signature set forth below. The obligations placed upon sāf.ai under this DPA shall survive so long as sāf.ai and/or its Subprocessors processes Customer Personal Data on behalf of Customer.
3. This DPA may not be modified except by a subsequent written instrument signed by both parties.
4. If any part of this DPA is held unenforceable, the validity of all remaining parts will not be affected.
5. In the event of any conflict between this DPA and any data privacy provisions set out in any Agreements the parties agree that the terms of this DPA shall prevail. Notwithstanding the foregoing, if there is any conflict between this DPA and a BAA applicable to any patient, medical or other protected health information regulated by HIPAA or any similar U.S. federal or state laws, rules or regulations applicable to health information, then the BAA shall prevail to the extent the conflict relates to such data.
6. Notwithstanding anything to the contrary in the Agreement or this DPA, each party's and all of its affiliates' liability, taken together in the aggregate, arising out of or related to this DPA, any Order or the Agreement, whether in contract, tort or under any other theory of liability, shall remain subject to the 'Limitation of Liability' section of the Agreement, and any reference in such section to the liability of a party means the aggregate liability of that party and all of its affiliates under the Agreement and this DPA, including all Annexes hereto. Without limiting either of the parties' obligations under the Agreement, Customer agrees that any regulatory penalties incurred by sāf.ai in relation to the Customer Personal Data that arise as a result of, or in connection with, Customer's failure to comply with its obligations under this DPA or any Applicable Data Protection Laws shall count toward and reduce sāf.ai's liability under the Agreement as if such penalties were liabilities to the Customer under the Agreement.
7. This DPA will be governed by and construed in accordance with the governing law and jurisdiction provisions in the Agreement, unless required otherwise by Applicable Data Protection Laws.
8. This DPA and the Model Clauses will terminate simultaneously and automatically with the termination or expiry of the Agreement.

[signature page follows]

By signing below, each party acknowledges that it has read and understood the terms of this DPA and agrees to be bound by them.

ANNEXES and APPENDICES

DPA Annex A

Data Processing Agreement - Annex A

sāf.ai Acceptable Use Policy

For the paid (including trial) version(s) of sāf.ai software or services

This sāf.ai acceptable use policy ("AUP") sets forth certain restrictions relating to the access to, and use of, the sāf.ai Services by you or someone on your behalf under your agreement with sāf.ai applicable to the sāf.ai Services ("Agreement"). The restrictions set forth in this AUP are not exhaustive. Any capitalized terms used but not defined herein shall have the meaning set forth in the Agreement. This AUP may be updated by sāf.ai from time-to-time upon reasonable notice, which may be provided through the sāf.ai Services or by posting an updated version of this AUP. Updates of the AUP become binding, including on existing users, on the later of the date specified in the updated AUP or thirty (30) days after posting. Any modification to the AUP within an update will relate solely to restrictions on use of, and access to, the sāf.ai Services. Any violation of this AUP may result in the suspension or termination of your access to and use of the sāf.ai Services.
You shall not (and shall not permit your Authorized Users to):

a. attempt to access, search, or create accounts for any of our services by any means other than our publicly supported interfaces or as otherwise authorized by us;

b. create multiple accounts for the purpose of extending your free trial;

c. interfere with or disrupt (or attempt to interfere with or disrupt) the sāf.ai Services, or gain (or attempt to gain) access to any Systems that connect thereto (except as required to appropriately access and use the sāf.ai Services);

d. use the sāf.ai Services to violate the security or integrity of, or otherwise abuse, any System of any party (including without limitation the Subscription Services), including but not limited to gaining unauthorized access to any System (including attempting to probe, scan, monitor, or test the vulnerability of a System), forging any headers or other parts of any message describing its origin or routing, interfering with the proper functioning of any System (including any deliberate attempt by any means to overload a System), implementing denial-of-service attacks, operating non-permissioned network services (including open proxies, mail relays or recursive domain name servers), using any means to bypass System usage limitations, or storing, transmitting or installing malicious code;

e. use the sāf.ai Services to distribute or facilitate the sending of unsolicited or unlawful (i) email or other messages, or (ii) promotions of any kind;

f. use the sāf.ai Services to engage in or promote any other fraudulent, deceptive or illegal activities;

g. use the sāf.ai Services to process, store or transmit material, including any Customer Data, in violation of any Law or any third party rights, including without limitation privacy rights;

h. disclose to any third party the results of any testing or benchmarking of the sāf.ai Services that you might conduct unless preapproved by sāf.ai in writing (except to a contractor bound to maintain the confidentiality of such information and solely for the purposes of supporting your use of the sāf.ai Services); or

i. use the sāf.ai Services in any circumstances where failure could lead to death, personal injury or environmental damage, and you further acknowledge that the sāf.ai Services are not designed or intended for such use.

Inactive Monthly Pay as you go (PAYG) accounts:

If an account for which sāf.ai is providing Monthly PAYG Services is found to be inactive, the account may be suspended or terminated by sāf.ai, and any Customer Content relating to such account that is stored within the Subscription Services or other sāf.ai Systems may be deleted. sāf.ai will provide at least 30 days' notice (in accordance with the Agreement) prior to permanently deleting your account, unless we deem it reasonably necessary to suspend or terminate your account without notice. For the avoidance of doubt, if we determine that the email associated with your account is invalid (e.g., because it bounces upon our notification of inactivity), we may terminate your account without further notice.

An account may be considered inactive if:

No Customer Authorized User has logged into the account for at least six months;
No Customer Instructional Input was ever created within or input into the account and at least three months has passed since the account was established; or
If your account is set up to be paid by credit card, you (i) did not provide a valid credit card number or (ii) you failed to update an expired or invalid credit card number and at least three months has passed without a valid credit card number being on file, provided that for the avoidance of doubt this provision does not limit sāf.ai's right to terminate your account for non-payment relating to actual usage.

sāf.ai Statement Against Modern Slavery and Child Labor

2022 statement

According to the International Labour Organization (ILO), 40 million people were victims of modern slavery and 152 million children were subject to child labor globally in 2016.

As the ILO reports:

1 in 4 victims of modern slavery are children.
Out of the 24.9 million people trapped in forced labour, 16 million people are exploited in the private sector such as domestic work, construction or agriculture; 4.8 million persons in forced sexual exploitation, and 4 million persons in forced labour imposed by state authorities.
Women and girls are disproportionately affected by forced labour, accounting for 99% of victims in the commercial sex industry, and 58% in other sectors.

sāf.ai deplores the presence and persistence of modern slavery and child labor, and takes seriously its responsibility to ensure that neither modern slavery nor child labor takes place in its supply-chain or in any part of its business. ("Modern slavery" in this statement refers to slavery, forced or compulsory labor, trafficking, servitude, and workers who are imprisoned, indentured, or bonded. "Child labor" refers to work performed by someone under 16 years of age, or under 14 for light work, provided it is not confined to periods that interfere with the child's schooling and not in conditions that interfere with the child's health or well-being.)

In accordance with the UK Modern Slavery Act, and in alignment with the ILO 2014 Protocol to its Forced Labour Convention, ILO Declaration on Fundamental Principles and Rights at Work, and United Nations Sustainable Development Goals target 8.7, this 2022 Statement Against Modern Slavery and Child Labor ("the Statement") describes the steps saf.ai has taken to prevent modern slavery and child labor from occurring in its business or supply chain.

Policies in relation to modern slavery and child labor

Modern slavery and child labor

sāf.ai's Code of Ethics prohibits knowingly using, participating in, supporting, or tolerating modern slavery (slavery, forced or compulsory labor, trafficking, servitude, or workers who are imprisoned, indentured, or bonded) or child labor in its business operations. Any sāf.ai employee or contractor who violates this prohibition will be subject to termination of employment or business relationship.

sāf.ai's Standards of Conduct prohibit unsafe and illegal conduct, including knowingly using, participating in, supporting, or tolerating modern slavery (slavery, forced or compulsory labor, trafficking, servitude, or workers who are imprisoned, indentured, or bonded) or child labor.

sāf.ai complies with laws prohibiting trafficking and child labor in the jurisdictions in which it operates, including U.S. Federal Acquisition Regulation 22.17 on combatting human trafficking.

In addition, sāf.ai is now exploring a partnership with the FairHotel Program, which means sāf.ai encourages its employees to choose FairHotel endorsed hotels-where workers have fair wages, adequate benefits, and a voice on the job. Being a FairHotel partner will also signify that sāf.ai provides business to hotels as a fair employer.

Going forward, sāf.ai will communicate this Statement to all employees, contractors, and suppliers, including recruiters and employment agencies. In addition, sāf.ai is developing training for all sāf.ai employees on modern slavery and child labor. sāf.ai posts its Statement Against Modern Slavery and Child Labor publicly.

sāf.ai has a non-retaliation policy for reporting workplace-related concerns. Consistent with this Statement, sāf.ai allows employees and contractors to report issues regarding modern slavery and child labor without fear of retaliation.

sāf.ai - Partnership Program

These Partner Program Terms and Conditions ("Terms"), any accompanying or future Addendum (as defined below) or similar agreement you enter into with sāf.ai, Inc. ("sāf.ai") issued under this PPA, and the Program Policies (as defined below) govern your participation in the Partner Program (the Terms, the applicable Addenda, and the Program Policies are collectively the "PPA"). You represent and warrant that you are acting on behalf of an entity, and you are authorized to bind that entity to this PPA (such entity, the "Partner"). By accepting this PPA, either by executing this PPA separately or by executing an Addendum (as defined below) that indicates Partner's acceptance of this PPA, whether by signature or by clicking an "I Accept" button or checkbox, Partner agrees in full to this PPA. If you do not have authority to bind the Partner or do not agree with this PPA, you must not accept this PPA and may not access the Partner Portal. The "Effective Date" of this PPA is the earliest to occur of the effective date of the initial Addendum, the date you execute this PPA, or the date you first access or use the Partner Portal.

By signing or otherwise accepting this PPA, the parties hereby agree as follows:

Definitions

As used in this PPA, the following terms, whether used in the singular or plural, shall have the following meanings:
1. "Addendum" means any addendum identified on the cover page or later entered into between the parties relating to a Program Type.
2. "Affiliate" means a company controlled by, controlling, or under common control, directly or indirectly, through one or more intermediaries, one of the parties to this PPA or a third party, according to context.
3. "API Terms of Service" means the terms of service governing the use of sāf.ai application programming interfaces (the "sāf.ai APIs") available (a) as of the Effective Date, in the applicable Addendum, and (b) after notice by sāf.ai, at https://docs.saf.ai/policies/terms-of-service, as updated by sāf.ai from time to time.
4. "Applicable Data Protection Law" means all worldwide data protection and privacy laws and regulations applicable to the Personal Data in question, including, where applicable, EU Data Protection Law.
5. "Authorized Locations" means, unless specified otherwise in an Addendum, the world, other than those countries to which export of software is restricted by applicable law (as of the Effective Date, Crimea Region of Ukraine, Cuba, Iran, North Korea, Syria).
6. "Close Family Member" means a spouse, an individual's and a spouse's grandparents, parents, siblings, children, nieces, nephews, aunts, uncles, first cousins, the spouse of any of these people, or any other individuals who share the same household.
7. "Contact Data" means any Personal Data regarding the personnel of Partner or Partner's Customers.
8. "Customer" means the end customer of Partner or sāf.ai, according to context.
9. "Customer Data" means, (a) with respect to the sāf.ai Platform Services, data and information input or submitted by Partner, Customer or either's users into the sāf.ai Platform Services or otherwise made accessible to sāf.ai by Partner or Customer under the sāf.ai Terms of Service; or (b) with respect to sāf.ai Software, any data or information processed by Customer using the sāf.ai Software on saf.ai or on Partner-controlled systems; and (c) in each case, any data provided by Customer to Partner support personnel for the purposes of trouble shooting or other customer support.
10. "sāf.ai Beta Offerings" means sāf.ai Offerings or functionality that may be made available to Customer or Partner to try at its option at no additional charge which is clearly designated as beta, pilot, limited release, developer preview, non-production, evaluation, release candidate, or by a similar description.
11. "sāf.ai Brand Guidelines" means the sāf.ai brand guidelines governing the use of sāf.ai Marks available on the Partner Portal or as otherwise communicated to Partner by sāf.ai, as updated by sāf.ai from time to time.
12. "sāf.ai EULA" means the end user license agreement for sāf.ai Software communicated to Partner by sāf.ai, as updated by sāf.ai from time to time.
13. "sāf.ai Marks" means the sāf.ai trademarks, trade names, service marks, logos, service names and other distinctive brand features relating to the sāf.ai products and services.
14. "sāf.ai Materials" means any materials sāf.ai makes available to Partner to aide Partner in carrying out its obligations or in exercising its rights under the PPA, including without limitation any materials made available by sāf.ai on the Partner Portal, excluding for the avoidance of doubt any Partner Materials.
15. "sāf.ai Platform Services" means the sāf.ai-managed software-as-a-service offering.
16. "sāf.ai Privacy Policy" means the sāf.ai privacy policy available at https://docs.saf.ai/policies/privacy, as updated by sāf.ai from time to time.
17. "sāf.ai Services" means the sāf.ai APIs, the sāf.ai Platform Services, and the sāf.ai Support Services.
18. "sāf.ai Software" means the object code version of any sāf.ai products or services that are used by Partner other than in a sāf.ai-managed SaaS environment (e.g., sāf.ai Cloud File Services), excluding for the avoidance of doubt sāf.ai Platform Services
19. "saf.ai Offerings" means the sāf.ai Platform Services, the sāf.ai Software, and the sāf.ai Support Services.
20. "sāf.ai Terms of Service" means the term service for the sāf.ai Platform Services (i) available at https://docs.saf.ai/policies/terms-of-service, as updated by sāf.ai from time to time; or (ii) if Partner has negotiated a written subscription agreement and applicable Order Form executed by Partner and sāf.ai governing the use of such sāf.ai Platform Services, the terms set forth in in such written subscription agreement, which shall apply solely with respect to Partner's direct usage of the sāf.ai Platform Services.
21. "Documentation" means the technical documentation describing the sāf.ai Offerings, located at docs.saf.ai or such other location(s) as communicated to Partner by sāf.ai, as updated by sāf.ai from time to time.
22. "Estimate" means the estimate for the sāf.ai Offerings, as communicated to Partner by sāf.ai, as updated by sāf.ai from time to time.
23. "EU Data Protection Law" means from 25 May 2018, Regulation 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the Processing of Personal Data and on the free movement of such data (General Data Protection Regulation) ("GDPR").
24. "Fees" means, collectively, the License Fees, the Program Fees, Services Fees and Referral Fees.
25. "Government Official" shall mean anyone that is or that works for, or on the behalf of, a: (i) national, regional, municipal, or local government; (ii) department, agency, subsidiary, or branch of a national, regional, municipal, or local government; (iii) government-owned or government-controlled company (for example, a state-owned oil company, bank, airline, hospital, university, etc.); (iv) subsidiary of a government-owned or government-controlled company; (v) public international organization (for example, the International Monetary Fund, the United Nations, the World Bank, the World Trade Organization, etc.); (vi) member of a royal family; or (vii) political party, political party official, or candidate for political office.
26. "Intellectual Property" or "Intellectual Property Rights" means any and all registered or unregistered, past, present, and future rights of the following types, which may exist or be created under the laws of any jurisdiction in the world: (a) rights associated with works of authorship, including exclusive exploitation rights, copyrights, moral rights, semiconductor topography rights and mask works; (b) trademark and trade name rights and similar rights; (c) trade secret rights; (d) patent and industrial property rights; (e) domain names, URLs and websites; (f) any and all other proprietary rights in software, software code (in any form, including source code and executable or object code), user interfaces, and other forms of technology (whether or not embodied in any tangible form); and (g) rights in or relating to registrations, renewals, extensions, combinations, divisions, continuations, continuations in part, reexaminations, continued prosecution applications, requests for continued examination, and reissues of, and applications for, any of the rights referred to in clauses (a) through (f) above.
27. "License Fees" means the fees payable by Partner to sāf.ai for the Licenses granted to Partner by sāf.ai.
28. "Order Form" means, depending on the context in which it is used herein, (i) the cover page attached to these Terms; (ii) the ordering documents that are entered into between Partner and sāf.ai from time to time to effect Partner's payment of Program Fees associated with its participation in the Partner Program or receipt of certain additional Program Benefits, including any addenda to such ordering documents; Order Forms submitted by Partner shall be deemed incorporated herein by reference; or ordering documents or online order specifying the sāf.ai Offerings to be provided to a Customer and associated with a Customer's purchase of any sāf.ai Offerings from sāf.ai.
29. "Participation Requirements" means the participation requirements for Partner to participate in a particular Program Type.
30. "Partner Application" means an application owned by or licensed to Partner, whether distributed or available as a SaaS offering, that communicates or interfaces with the sāf.ai Offerings via the sāf.ai APIs, if permitted in an Addendum.
31. "Partner Platform Account" means Partner's sāf.ai Platform Services account, whether provided subject to this PPA, the sāf.ai Terms of Service or other written agreement between the parties.
32. "Partner Program" means, collectively, the partner program described in this PPA and any applicable Addendum, including without limitation the Program Benefits and rights and obligations of Partner and sāf.ai that are associated with the Program Types described in the Program Policies.
33. "Partner Portal" means the web portal containing resources for Partner available at https://partners.saf.ai/.
34. "Partner Tiers" mean Partner's level in certain Program Types. Partner Tiers are described more fully in the Program Policies.
35. "Personal Data" means information relating to an identified or identifiable natural person ("data subject"); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to their physical, physiological, genetic, mental, economic, cultural or social identity. For the avoidance of doubt, Personal Data includes 'personally identifiable information'.
36. "Professional Services" mean consulting or other professional services.
37. "Program Benefits" means the various benefits specified in the Program Policies or otherwise provided to Partner (e.g., as an attachment to this PPA or Addendum) related to a Program Type and any Partner Tier.
38. "Program Fees" means collectively, any fees that Partner must pay sāf.ai for participation in a Program Type, or for Program Benefits, as further described in the Program Policies or Program Benefits. Program Fees do not include "Services Fees."
39. "Program Policies" means the terms describing the Partner Program, Program Types, Partner Tiers, Program Benefits, and other policies governing Partner's participation in the Partner Program, as set forth in this Partner PPA, on the Partner Portal, and or as otherwise provided to Partner, including by reference to a web URL provided to Partner.
40. "Program Type" means any of (a) Technology Partner, (b) Independent Software Vendor (ISV); (c) Original Equipment Manufacturer (OEM); (d) Systems Integrator; (e)Referral; or (f) any other program type added by sāf.ai. sāf.ai may change Program Types at any time in its sole discretion with or without notice.
41. "Quote" means, an outstanding saf.ai firm written quotation, for saf.ai Offerings to be provided by saf.ai to, depending upon the context, (a) the Partner, or (b) an End User, hereunder.
42. "Referral Consideration" has the meaning specified in the applicable Addendum.
43. "Report" shall have the meaning ascribed to it in any Addendum.
44. "Fees", "Offering Fees" means, collectively, any fees that Partner must pay sāf.ai for its or its Customers' use of sāf.ai Offerings.
45. "Support" shall mean the support services according to the levels set forth in the Support Definitions provided either by sāf.ai or by Partner as further described in the applicable Addendum.
46. "Support Definitions" shall mean the definitions ascribed to L1, L2 and L3 Support, as provided to Partner by sāf.ai (including by making such definitions available in the Partner Portal), as updated from time to time.
47. "Training" shall mean training services provided by sāf.ai or Partner, which services shall be governed by the Authorized Partner Program Agreement (and for the avoidance of doubt not this PPA).
48. "Taxes" means any present or future tax imposed by the laws in each territory and the countries in which the parties and their Affiliates are located and shall include (but shall not be limited to) value added tax, sales tax, customs duties, governmental charges, withholding, taxes incurred on transactions between a party and its Affiliates or third party contractors, and any other similar levies that are required to be collected, withheld or paid with respect to such collected amounts including (but not limited to) back-end taxes, social contributions, and/or taxes imposed on the international remittance of money (except taxes on net income).
49. "Term" shall have the meaning ascribed to it in Section 11.1.
50. "Terms of Service" (also "TOS") shall mean the terms and conditions set forth in the sāf.ai Terms of Service, as amended from time to time, as further described in the applicable Addendum.
51. "Third Party Services" means any services provided by a third party, whether provided by sāf.ai or otherwise, that are integrated with the sāf.ai Offerings.
52. "Third Party Software" means any software or other software, including any updates, upgrades, modifications, extensions, enhancements, or other modifications, that is provided by a third party, whether provided by sāf.ai or otherwise, that is integrated with the sāf.ai Offerings.
53. "Third Party Software License" means the terms of any license agreement between Partner and a third party that is integrated with the sāf.ai Offerings.
54. "Third Party Software License Agreement" means the terms of any license agreement between Partner and a third party that is integrated with the sāf.ai Offerings.
55. "Third Party Software Vendor" means any third party that provides third party software, including any updates, upgrades, modifications, extensions, enhancements, or other modifications, that is integrated with the sāf.ai Offerings.
56. "Third Party Software Vendor Account" means the sāf.ai account associated with a third party software vendor, whether provided subject to this PPA, the sāf.ai Terms of Service or other written agreement between the parties.
57. "Third Party Software Vendor Platform Account" means the sāf.ai Platform Services account, whether provided subject to this PPA, the sāf.ai Terms of Service or other written agreement between the parties, that is associated with a third party software vendor.
58. "Third Party Software Vendor Platforms Account" means the sāf.ai Platform Services accounts, whether provided subject to this PPA, the sāf.ai Terms of Service or other written agreement between the parties, that are associated with third party software vendors.
59. "Third Party Software Vendor Platforms Accounts" means the sāf.ai Platform Services accounts, whether provided
Partner Program
1. Enrollment. To participate in the Partner Program, Partner must be enrolled in at least one Program Type at all times. In order to enroll in a Program Type, Partner must meet any applicable Participation Requirements. Partner may only change its participation with the written agreement of sāf.ai or by such other means as sāf.ai makes available in its sole discretion.
2. Program Types. In addition to these Terms, each party shall have the responsibilities and obligations set forth in the applicable Program Type Addendum.
3. Program Benefits and Partner Tiers. Certain Program Types provide certain benefits to the Partner, as set forth in the applicable Program Type and Partner Tier documentation.
4. Fees.
  
  a. Program Fees. Participation in the Partner Program, including access to specific Partner Tiers and Partner Benefits may be subject to the payment of Program Fees, as described in an applicable Addendum. Except for as set forth in Section 11.3, payment obligations and non-cancelable and Program Fees paid are non-refundable.
  
  b. Services Fees. Services Fees, if any, are described in the applicable Addendum. Unless otherwise provided in an Order Form or an applicable Addendum, payment obligations are non-cancelable and Services Fees paid are non-refundable.
  
  c. Referral Fees. Referral Fees, if any, are described in the applicable Addendum.
Partner Portal
1. Partner Portal. sāf.ai may provide Partner with access to the Partner Portal. Should sāf.ai provide such access, Partner's right to access and use the Partner Portal shall be subject to the terms of this PPA.
2. Users. Partner may select individuals (Partner employees or agents) to access and use the Partner Portal and will obtain separate credentials (user IDs and passwords) for such individuals (each a "Portal User"). Subject to these limitations, Portal Users may be changed through the Partner Portal (or, if not, at Partner's request). Partner will at all times be responsible for all actions taken under a Portal User's account by Portal User, by anyone to whom Portal User provided such Portal User's credentials, or by anyone who obtained Portal User's credentials due to Portal User's negligence or misconduct. Partner is responsible for the security of each Portal User's credentials and will not share (and will instruct each Portal User not to share) such credentials with any other person or entity or otherwise permit any other person or entity to access or use the Partner Portal.
3. Marketing; Data Collection. By agreeing to this PPA, Partner consents to receive sāf.ai marketing communications on its behalf and on behalf of any users it adds to its account through the Partner Portal. Partner represents to sāf.ai that is has any necessary consents to provide the information it provides to sāf.ai through the Partner Portal. sāf.ai may, subject to the sāf.ai Privacy Policy, collect and use certain information relating to such marketing or Partner's use of the Partner Portal or sāf.ai Offerings.
4. Lead Sharing. Partner represents and warrants, with respect to any Contact Data that it enters into the Partner Portal or otherwise makes available to sāf.ai that has all necessary consents or sufficient legal basis in order to provide such information to sāf.ai for the purposes of (i) with respect to Partner's Customer Contact Data, enabling sāf.ai to send marketing communications to such Customer relating to the sāf.ai Offerings, and (ii) with respect to Partner's personnel Contact Data, enabling sāf.ai to communicate with such personnel regarding the arrangement contemplated by this PPA.
Provisions Applicable to all Addenda
1. Use of sāf.ai Offerings. Unless specified in an applicable Addendum or Order Form, this PPA does not grant Partner the right to use sāf.ai Offerings. Partner acknowledges and agrees that any use of the sāf.ai Offerings by Partner in connection with Partner's activities hereunder is governed by the sāf.ai Terms of Service. Partner agrees that, unless specified otherwise or agreed with sāf.ai in writing, Partner is not authorized to permit any Customer to access the sāf.ai Offerings directly. Partner is responsible for all activities that occur in Partner Platform Accounts, and for its and any of its Partner Platform Account users' compliance with this PPA, the TOS, and the Documentation.
2. Order of Precedence. If there is any conflict between the terms and conditions of any documents relating to the Partner Program, to the extent their terms cannot be reconciled, any conflict will be resolved in the following order of precedence: (a) an Order Form, solely with respect to the matters covered by such Order Form, unless the Order Form provision is drafted to expressly override another provision and survive beyond the term of such Order Form; (b) the applicable Addendum, solely with respect to the matters to which it relates; (c) the Program Policies, solely with respect to the matters to which they relate; and (d) the PPA.
3. Intellectual Property.
  1. No Joint Development. The parties do not intend to jointly develop or jointly create Intellectual Property under this PPA.
  2. Ownership. Subject to the limited licenses and rights set forth in this PPA, nothing in this PPA grants either Party any interest in or to any of the other Party's Intellectual Property Rights or other proprietary rights. For the avoidance of doubt, this PPA does not transfer or assign any Intellectual Property Rights or ownership from one party to the other, and no 'work product' will be created under this PPA. The Intellectual Property Rights in sāf.ai's technology, products and services, including without limitation the sāf.ai Offerings, sāf.ai Materials and the sāf.ai Marks, are defined herein as "sāf.ai IP." Partner will not alter, remove or obscure, the Intellectual Property Rights notices of sāf.ai and its licensors that may appear on or within the sāf.ai Offerings as made available to Partner
  3. sāf.ai Materials License. Partner shall have the rights in the sāf.ai Materials set forth in the applicable Addendum.
  4. sāf.ai Trademark License. Subject to Partner's compliance with the terms and conditions of this PPA, the sāf.ai Brand Guidelines, the applicable Addendum, and the Program Policies, sāf.ai hereby grants to Partner a royalty-free, non-exclusive, non-transferable, non-sublicensable, non-assignable license, during the Term, to use the sāf.ai Marks in the Authorized Locations solely as authorized in the Applicable Addendum. Partner shall provide sāf.ai with samples of each use of sāf.ai Marks prior to such use and shall refrain from all uses that sāf.ai informs Partner are detrimental to sāf.ai's interests. Partner understands that any use of sāf.ai trademarks (e.g., 'sāf.ai AIFS™') is subject to sāf.ai's applicable policies, available through the Partner Portal, and Partner agrees to strictly adhere to such policies. Any use of a sāf.ai Mark by Partner must correctly attribute ownership of such mark to sāf.ai and must be in accordance with applicable law and sāf.ai's then-current trademark usage guidelines that have been provided or made available to Partner. Partner acknowledges and agrees that sāf.ai owns the sāf.ai Marks and that any and all goodwill and other proprietary rights that are created by or that result from Partner's use of a sāf.ai Mark hereunder inure solely to the benefit of sāf.ai. Partner will at no time contest or aid in contesting the validity or ownership of any sāf.ai Mark or take any action in derogation of sāf.ai's rights therein, including, without limitation, applying to register any trademark, trade name or other designation that is confusingly similar to any sāf.ai Mark. sāf.ai may withdraw its approval of any use of sāf.ai Marks at any time in its sole discretion upon written notice to Partner, which withdrawal shall be effective promptly, provided that no such withdrawal will require the recall of any previously published or distributed materials that cannot reasonably be recalled.
  5. Partner Trademark License. Partner grants sāf.ai a royalty-free, non-exclusive, non-transferable, non-sublicensable, non-assignable license during the Term to use, solely for the purpose of identifying and promoting Partner's participation in the Partner Program or as the parties otherwise agree in writing and in connection with sāf.ai's rights, duties and obligations under this PPA, Partner's marks including Partner's company name, and, if applicable, any logos uploaded by Partner to the Partner Portal or otherwise provided to sāf.ai by Partner ("Partner Marks"). Partner may withdraw its approval of any use of Partner Marks at any time in its sole discretion upon written notice to sāf.ai, which withdrawal shall be effective promptly but in no case more than thirty (30) days from the date of Partner's notice sent in accordance with Section 12.5 (Notice) below, provided that no such withdrawal will require the recall of any previously published or distributed materials.
  6. Additional Restrictions. Without affecting any other restrictions set forth in the sāf.ai Terms of Service and this PPA, Partner's use of any Program Benefits, including sāf.ai IP provided to Partner hereunder, is subject to the additional restrictions set forth below. Partner may not, unless expressly authorized in an Addendum:
    
    a. Remove or modify any program markings or any notice of sāf.ai or sāf.ai's licensors' proprietary rights;
    
    b. Use sāf.ai IP in a manner that misrepresents Partner's relationship with sāf.ai or is otherwise misleading or that reflects negatively on sāf.ai;
    
    c. Modify in any way any sāf.ai Offerings or sāf.ai Marks (e.g., by inserting Partner's company or brand name inside sāf.ai logo or otherwise white-labeling or co-branding sāf.ai Offerings); or
    
    d. Use or duplicate sāf.ai IP provided to Partner for any purpose other than as specified in this PPA or make sāf.ai IP available to unauthorized third parties.
  7. Feedback. Partner is under no duty to provide any suggestions, enhancement requests, or other feedback regarding the sāf.ai Offerings ("Feedback"). If Partner offers Feedback to sāf.ai, Partner hereby grants sāf.ai a perpetual, irrevocable, non-exclusive, worldwide, fully-paid, sub-licensable, assignable license to incorporate into the sāf.ai Offerings or otherwise use any Feedback sāf.ai receives from Partner.
  8. Prohibition on Competitive Use. Notwithstanding anything to the contrary in this PPA or any Addendum, Partner may not use any of the sāf.ai Offerings to develop, offer or make available a product or service to any third party that could reasonably be seen to serve as a substitute for such third party's possible subscription to any sāf.ai product or service, provided that the foregoing shall not be deemed to prevent Partner from offering a product or service that (a) requires a customer to have an account with sāf.ai for the use of sāf.ai Offerings; or (b) utilizes sāf.ai Offerings and for which Partner compensates sāf.ai under this PPA.
4. Security and Safety Policies. Partner's personnel must at all times observe the security and safety policies of sāf.ai when on sāf.ai property and/or any security and safety policies of sāf.ai's customers that sāf.ai provides from time to time, when and if Partner is on such customers' property.
5. Compliance with Applicable Laws. Each party shall comply, and shall procure that any third parties performing activities on party's behalf related to this PPA (including without limitation sales and referral activities) comply, with all applicable foreign and domestic laws, governmental regulations, ordinances, and judicial administrative orders, including, but not limited to, trademark and copyright laws, ICANN policies and procedures governing domain names, the EU General Data Protection Regulation 2016/679 (the "GDPR"), the United States Foreign Corrupt Practices Act, 15 U.S.C. § 78dd-1, et seq. (the "FCPA"), the United Kingdom Bribery Act 2010 (the "UK Bribery Act"), and applicable export control laws or regulations (collectively "Applicable Laws") and shall not engage in any deceptive, misleading, illegal or unethical marketing activities. Partner shall promptly inform sāf.ai in writing upon becoming aware of any violations of Applicable Laws in connection with this PPA. In the event that sāf.ai reasonably believes that Partner has breached its obligations set forth in this Section 4.5, sāf.ai, in its sole discretion, may, upon reasonable prior notice and during normal business hours, inspect and make copies of Partner's books, records, and accounts reasonably relevant to the potential breach, which shall be deemed to be Partner's Confidential Information under this Agreement. Such inspection may include interviews of relevant Partner personnel.
6. No Affiliation with Government Officials. Partner represents and warrants that no director, employee, direct or indirect owner, representative, consultant or agent who is or will be involved in Partner's activities under this PPA, is a Government Official.
7. Periodic Anti-Bribery Certification. Partner agrees that Partner will periodically, but no more frequently than once per year unless sāf.ai has a reasonable suspicion that Partner has violated Section 4.5 or 4.6, at sāf.ai's request, complete reasonable due diligence questionnaires and/or certify in writing to sāf.ai that Partner has not, and to Partner's knowledge no other person affiliated with Partner, including but not limited to any owner, director, employee, representative and agent of Partner has made, offered to make, agreed to make, or authorized any payment, loan, donation or gift of money or anything else of value, directly or indirectly, to or for the benefit of any Government Official, to obtain or retain business, or secure any improper advantage.
8. No Guarantees or Representations. Partner shall not make any warranties or guarantees concerning the sāf.ai Offerings, or any indemnities on behalf of sāf.ai or on its own behalf relating to the provision of the sāf.ai Offerings, and any representations made relating to the Services must be entirely consistent with the content of the sāf.ai Materials. Partner will not represent that it has been authorized by sāf.ai to assume or create any express or implied obligation on behalf of sāf.ai or indicate in any way that sāf.ai is responsible, in contract or otherwise, for any obligation beyond those obligations specifically undertaken by sāf.ai in a subscription agreement between sāf.ai and a Customer.
9. Non-Exclusive Arrangement. For the avoidance of doubt, and notwithstanding anything else in this PPA or any Addendum, this PPA is a non-exclusive arrangement, and neither party shall be prevented from pursuing other work or opportunities, including competitive opportunities during or after the Term, so long as such party does not breach any term of this PPA (including without limitation provisions governing confidentiality and intellectual property) in pursuing such opportunity.
Partner Obligations; Support; Training; Other Services
1. Generally. Partner's personnel who are involved in Partner's activities under this PPA must be generally knowledgeable about sāf.ai and the sāf.ai Offerings and their functionality prior to engaging with any Customer in the activities contemplated hereunder.
2. Marketing. Each party shall have the marketing obligations, if any, set forth in an applicable Addendum.
3. Support. The parties shall each be obligated to perform the Support services specified in an applicable Addendum.
4. Partner Identification. Subject to compliance with the terms of this PPA, Partner may refer to itself as a "sāf.ai Partner" (or in such other manner as described in an Addendum) solely with respect to the products or services, if any, set forth in an applicable Addendum, subject to any requirements sāf.ai communicates to Partner on the use of such identifier. For the avoidance of doubt, Partner may not, unless otherwise agreed in writing by sāf.ai, refer to itself as "Authorized"; or "Certified" or any similar term related to its relationship with sāf.ai that might imply sāf.ai stands behind or provides a warranty for the workmanship of Partner products or services. sāf.ai additionally may, in its sole discretion, offer certain courses that may permit Partner to refer to certain of its personnel as "accredited", "certified"; or other term following the successful completion of such course, subject to any requirements set forth in such course.
5. Training by sāf.ai. sāf.ai may, in its sole discretion offer Training for Partner personnel on the use of sāf.ai Offerings. Whether Training is offered for free, at a discount, or at full price depends on Partner Tier and Partner Benefits.
6. Business Practices. Partner will: (i) conduct business in a manner that reflects favorably at all times on the sāf.ai Offerings and the good name, goodwill and reputation of sāf.ai; (ii) make no false or misleading representations with regard to sāf.ai or the sāf.ai Offerings; and (iii) make no representations, warranties or guarantees with respect to the specifications, features or functionality of the sāf.ai Offerings that are inconsistent with the literature distributed by sāf.ai.
Payment; Reporting
1. Currency. All payments under this PPA shall be made in United States Dollars (US$).
2. Wire Transfer Fees. Partner may request Referral Fees under the PPA be made by wire transfer if it and its bank accounts are located outside of the United States. Any wire transfer fees owed by the party receiving a wire transfer shall be borne by the receiving party; any wire transfer fees owed by the party sending a wire transfer shall be borne by the sending party.
3. Exchange Rates. If any fees under an applicable Addendum are calculated on the basis of revenue that is paid other than in US Dollars ($US), the amounts owed shall be calculated on the basis of the exchange rates published on http://www.x-rates.com/historical/ on the last day of the engagement (or the last day of the month, for ongoing engagements paid on a monthly basis) ("Exchange Rate").
4. Expenses. Each party shall cover their own expenses unless otherwise specified in an Addendum in which case any such expenses shall be appropriately documented.
5. Taxes. Partner acknowledges and agrees that it is Partner's sole responsibility to pay all applicable Taxes owed, including with respect to any Taxes owed to Partner's personnel. Partner will indemnify sāf.ai and hold sāf.ai harmless to the extent of any obligation imposed by law on sāf.ai to pay any such amounts in connection with any payments made by sāf.ai to Partner under this PPA on account of Partner's or Partner's agents or employees.
6. Audit; Reporting. No more than once in any 12-month period during the Term, and once following the date of termination or expiration of this PPA, sāf.ai at its own expense may audit the Partner's records for the sole purpose of (i) confirming the Partner's compliance with the Program Policies, Section 5.6 and Section 4.5; (ii) reviewing the use by Partner of any sāf.ai IP and any communications made by Partner to a Customer or publicly regarding the sāf.ai Offerings; and (iii) any additional purposes described in an applicable Addendum. Partner, at its own expense during the Term and for two (2) years thereafter, will maintain complete and accurate records supporting its provision of any Services, the calculation fees, and any Reports it submits pursuant to this PPA. Any such audit will be conducted during regular business hours at the Partner's offices and facilities and shall not interfere unreasonably with the Partner's business activities. The audit will be conducted at sāf.ai's expense, except that if the audit discloses overpayments by sāf.ai or underpayments by Partner in excess of 10% or $2,000 (whichever is greater) over the period under review, then Partner (in addition to such other remedies as may be available at law and equity) shall reimburse sāf.ai for the reasonable, documented cost of such audit up to $10,000, and the over-compensated party shall compensate the undercompensated party within 30 days of receiving the results of the audit.
Indemnification
1. By Partner. Subject to 7.5, Partner (as "Indemnitor") shall defend and indemnify sāf.ai and its officers, employees, directors, agents and Affiliates (each as an "Indemnitee") from and against any and all claims, losses, damages, judgments, costs, and expenses (including reasonable attorneys' fees) which sāf.ai may suffer or incur arising out of or in connection with (a) any action by a third party against sāf.ai that is based on a claim that any Partner Application or Customers' use thereof, infringe or misappropriate such third party's Intellectual Property Rights; (b) any action by a third party (including a Customer) against sāf.ai relating to (i) a representation or warranty made by Partner to such third party (unless such representation or warranty was authorized in writing by sāf.ai) or (ii) any claim of unfair or deceptive business practices not arising directly from a statement expressly authorized by sāf.ai; (c) a breach of Partner's representations or warranties in this PPA or any applicable Addendum; or (d) any claim specified to subject to indemnity in an applicable Addendum.
2. By sāf.ai. Subject to 7.5, sāf.ai (as "Indemnitor") shall defend and indemnify Partner and its officers, employees, directors, agents and Affiliates (each as an "Indemnitee") from and against any and all claims, losses, damages, judgments, costs, and expenses (including reasonable attorneys' fees) which Partner may suffer or incur arising out of or in connection with any action by a third party against Partner arising directly from a claim by such third party that the sāf.ai Offerings or the sāf.ai Portal infringe or misappropriate such third party's Intellectual Property Right. The foregoing defense and indemnification obligations do not apply to the extent any infringement or misappropriation claim of any kind arises from: (i) the combination, operation or use of the sāf.ai Offerings with equipment, devices, software (including a Partner Application) or data (including without limitation your Confidential Information) not supplied by sāf.ai, if a claim would not have occurred but for such combination, operation use; or (ii) use of the sāf.ai Products or Services other than in accordance with this PPA and the TOS.
3. Injunction. If your use of the sāf.ai Offerings is, or in sāf.ai's opinion is likely to be, enjoined due to the type of claim specified in Section 7.2(ii), then sāf.ai may at its sole option and expense: (i) replace or modify the sāf.ai Offerings to make them non-infringing and of equivalent functionality; (ii) procure for you the right to continue using the sāf.ai Offerings under the terms of this PPA; or (iii) if sāf.ai is unable to accomplish either (i) or (ii) despite using its reasonable efforts, terminate your rights and sāf.ai's obligation under this PPA with respect to such sāf.ai Offerings and refund to you any Program Fees relating to a period after the termination to the extent your rights under the applicable Addendum would not be able to be effected but for the use of the sāf.ai Offerings.
4. Sole Remedy. SUBJECT TO SECTION 9.1 BELOW, THE FOREGOING SECTIONS 7.2 and 7.3 STATE THE ENTIRE OBLIGATION OF SAF.AI AND ITS LICENSORS WITH RESPECT TO ANY ALLEGED OR ACTUAL INFRINGEMENT OR MISAPPROPRIATION OF INTELLECTUAL PROPERTY RIGHTS BY THE sāf.ai Offerings.
5. Conditions of Indemnification. As a condition to an Indemnitor's obligations under this Section 7, an Indemnitee will: (i) promptly notify the Indemnitor of the claim for which the Indemnitee is seeking indemnification; (ii) grant the Indemnitor sole control of the defense and settlement of the claim; (iii) provide the Indemnitor, at the Indemnitor's expense, with all assistance, information and authority reasonably required for the defense and settlement of the claim; (iv) preserve and will not waive legal, professional or any other privilege attaching to any of the records, documents, or other information in relation to such claim without prior notification of consent by the Indemnitor. The Indemnitor will not settle any claim that involves a remedy other than payment without the Indemnitee's prior written consent, which may not be unreasonably withheld or delayed. An Indemnitee has the right to retain counsel, at the Indemnitee's expense, to participate in the defense or settlement of any claim. The Indemnitor will not be liable for any settlement or compromise that an Indemnitee enters into without the Indemnitor's prior written consent.
Warranties; Disclaimer
1. Validity. Each party represents and warrants that this PPA has been duly and validly executed and delivered by such party;
2. No Pre-existing Obligations. Each party represents and warrants that it has no pre-existing obligations or commitments (and will not assume or otherwise undertake any obligations or commitments) that would be in conflict or inconsistent with or that would hinder such party's performance of its obligations under this PPA.
3. Non-infringement. Partner represents and warrants that, to its knowledge, no Partner Application will infringe, misappropriate or violate the rights of any third party, including, without limitation, any Intellectual Property Rights or any rights of privacy or rights of publicity.
4. Non-Violation of Laws. Each party represents and warrants that it shall comply at all times with Section 4.5.
5. Disclaimer. ANY WARRANTIES THAT MAY BE MADE REGARDING THE SĀF.AI SERVICES ARE MADE ONLY TO THIRD PARTIES WHO ACQUIRE SUBSCRIPTION LICENSES FOR THEIR OWN COMMERCIAL END USE PURSUANT TO THE SĀF.AI TERMS OF SERVICE; NOTWITHSTANDING ANYTHING TO THE CONTRARY IN THIS PPA OR THE SĀF.AI TERMS OF SERVICE, NO WARRANTY IS EXTENDED TO PARTNER UNLESS PARTNER ENTERS INTO A SEPARATE PAID AGREEMENT FOR THE USE OF THE SĀF.AI OFFERINGS THAT EXPRESSLY REFERENCES THIS PPA. THE WARRANTIES IN THIS SECTION 8 ARE EXCLUSIVE AND IN LIEU OF ALL OTHER WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, REGARDING THIS AGREEMENT. SUBJECT TO SECTION 9.1, EACH PARTY SPECIFICALLY DISCLAIMS ALL IMPLIED WARRANTIES, CONDITIONS AND OTHER TERMS INCLUDING, WITHOUT LIMITATION, IMPLIED WARRANTIES, CONDITIONS AND OTHER TERMS OF MERCHANTABILITY, SATISFACTORY QUALITY OR FITNESS FOR A PARTICULAR PURPOSE WITH RESPECT TO ANY OF THE FOREGOING. NOTWITHSTANDING ANYTHING TO THE CONTRARY HEREIN (BUT SUBJECT ALWAYS TO SECTION 9.1): WITHOUT LIMITATION, (i) SĀF.AI DOES NOT MAKE ANY WARRANTY OF ACCURACY, COMPLETENESS, TIMELINESS, OR UNINTERRUPTABILITY, OF THE SĀF.AI OFFERINGS; (ii) SĀF.AI IS NOT RESPONSIBLE FOR RESULTS OBTAINED FROM THE USE OF THE SĀF.AI OFFERINGS OR FOR CONCLUSIONS DRAWN FROM SUCH USE; AND (iii) SĀF.AI MAKES NO REPRESENTATION WITH REGARD TO THE AMOUNT OF REVENUE THAT PARTNER MAY EARN AS A RESULT OF ITS ACTIONS UNDER THIS PPA.
LIMITATION OF LIABILITY
1. Neither party's liability (i) for unpaid Fees, (ii) for death or personal injury caused by its negligence or the negligence of its employees or agents, (iii) for fraud or fraudulent misrepresentation, (iv) under the indemnities set forth in Section 7; (v) a breach by Partner of Section 4.3(h) (vi) for its grossly negligent conduct; or (vii) for any other liability that cannot be excluded or limited by law, is excluded or limited by this PPA.
2. Subject to Section 9.1 above, neither party shall be liable under or in connection with this PPA to the other (whether for breach of contract, tort (including negligence), breach of statutory duty or otherwise) for (i) loss of profit or revenue, (ii) loss from damage to business or goodwill, (iii) loss of contracts, (iv) loss of customers, (v) device failure or malfunction, or (vi) any other indirect, incidental, consequential, or special loss, even if a party has been advised of the possibility of such losses occurring.
3. Subject to Sections 9.1 and 9.2 above, the aggregate liability of either party, its employees and its and each of their Affiliates' to the other party arising out of or in connection with this PPA (and whether such liability arises as a result of breach of contract, tort (including negligence), breach of statutory duty or otherwise) shall be limited in the aggregate in relation to all claims arising from, or in connection with, this PPA, to the Fees paid or payable under the applicable Addendum or Program Type in relation to which a dispute arises in respect of the relevant Contract Year (defined below), or, if no such Fees were payable, five thousand dollars ($5,000). For the purpose of this Section 9.3, (i) if more than one claim arises from the same event or series of events, then all such claims shall be treated as one, which will be treated as having arisen on the date on which the first relevant claim arose and (ii) "Contract Year" means the relevant period of twelve months starting on the start date of the applicable Addendum or an anniversary thereof (as appropriate).
4. Neither party may bring a claim or action against the other party, whether based in contract, tort (including negligence), breach of statutory duty, under an indemnity or otherwise, arising out of, or in connection with, this PPA more than one (1) year after the party knows, or should reasonably have known, of any event giving rise to the claim or cause of action.
5. Each party shall take all reasonable steps to mitigate any loss and damage it incurs in relation to any claim or action (whether based on an action or claim in contract, tort (including negligence), breach of statutory duty, under an indemnity or otherwise) which it brings against the other.
6. THE PARTIES AGREE THAT THE LIMITATIONS AND EXCLUSIONS SET OUT IN THIS SECTION 9 ARE REASONABLE, HAVING REGARD TO ALL THE RELEVANT CIRCUMSTANCES AND THE LEVELS OF RISK ASSOCIATED WITH EACH PARTY'S OBLIGATIONS UNDER THIS AGREEMENT.
Confidential Information.
1. Definition. "Confidential Information" means: any business or technical information disclosed by either party ("Disclosing Party") to the other ("Receiving Party") that is designated as confidential at the time of disclosure or that, under the circumstances, a person exercising reasonable business judgment would understand to be confidential or proprietary, including but not limited to: (i) any (a) business, commercial, operational, management or financial information, customer lists, price lists, data, processes, models, personnel data and any other data or know how; and any (b) analyses, compilations and other material prepared by the Receiving Party which contain, reflect or are generated from the information described in (b) above; (ii) any information that either party derives relating to the conduct or performance of the other party's personnel, services or systems, and any information that either party conveys to the other party concerning data security measures, incidents, or findings; (iii) the specific terms set forth in this PPA; and (iv) (m) all elements of the sāf.ai Offerings, including any non-public roadmap, (n) any sāf.ai Materials, and (o) the Fees, as well as any related discounts (each of which are considered to be sāf.ai's Confidential Information). Unless sāf.ai Materials are explicitly marked 'for distribution to Customers' or as otherwise agreed by sāf.ai, sāf.ai Materials should be treated as Confidential Information not intended to be made public or shared with third parties.
2. Exclusions. The obligations in Section 10.3 will not apply to the extent any information: (i) is or becomes generally known to the public through no fault of or breach of this PPA by the receiving party; (ii) is rightfully known by the receiving party at the time of disclosure without an obligation of confidentiality; (iii) is independently developed by the receiving party without use of the disclosing party's Confidential Information; or (iv) is rightfully obtained by the receiving party from a third party without restriction on use or disclosure.
3. Use and Disclosure Restrictions. The Receiving Party will not use the Disclosing Party's Confidential Information except as necessary for the performance or enforcement of this PPA and will not disclose such Confidential Information to any third party except to those of its employees and subcontractors who have a bona fide need to know such Confidential Information for the performance or enforcement of this PPA; provided that each such employee and subcontractor is bound by a written agreement that contains use and disclosure restrictions consistent with the terms set forth in this Section. Each receiving party will protect the disclosing party's Confidential Information from unauthorized use and disclosure using efforts equivalent to the efforts that the receiving party ordinarily uses with respect to its own Confidential Information and in no event less than a reasonable standard of care. The foregoing obligations will not restrict either party from disclosing the other party's Confidential Information or the terms and conditions of this PPA: (i) pursuant to the order or requirement of a court, administrative agency, or other governmental body, provided that the party required to make such a disclosure gives reasonable prior notice to the other party to enable it to contest such order or requirement unless legally prohibited; (ii) on a confidential basis to its legal or professional financial advisors; (iii) as required under applicable securities regulations, provided that the party required to make such a disclosure gives reasonable prior notice to the other party unless legally prohibited; or (iv) on a confidential basis to present or future providers of venture capital and/or potential private investors in or acquirers of such party, provided that any such persons are bound by a written agreement that contains use and disclosure restrictions consistent with the terms set forth in this Section.
4. Remedies. Any use or disclosure of the Disclosing Party's Confidential Information in a manner inconsistent with the provisions of this Agreement may cause the Disclosing Party irreparable damage for which remedies other than injunctive relief may be inadequate, and both parties agree that the Disclosing Party may request injunctive or other equitable relief seeking to restrain such use or disclosure.
Term and Termination.
1. Term. This PPA will begin on the Effective Date and shall remain in effect until the later of one year from the Effective Date or the date upon which no Addendum remains outstanding between the parties, unless earlier terminated under this Agreement.
2. Termination for Convenience.
  
  By sāf.ai. sāf.ai may terminate an Addendum or this PPA (i) for any reason or no reason upon at least thirty (30) days prior written notice; or (b) in case sāf.ai determines in its sole discretion that continuing to permit Partner to remain in a Partner Program would be detrimental to sāf.ai's brand, immediately on notice. For clarity, sāf.ai may terminate all Addenda and this PPA simultaneously in accordance with this paragraph.
  
  By Partner. Partner may terminate an Addendum or this PPA for any reason or no reason upon at least thirty (30) days prior written notice. For clarity, Partner may terminate all Addenda and this PPA simultaneously in accordance with this paragraph.
3. Termination for Change of Control. sāf.ai may terminate this PPA upon notice to Partner if Partner undergoes a Change of Control (defined herein). For purposes of this PPA, "Change of Control" means a transaction or a series of related transactions: (i) in which one or more related parties that did not previously own or control at least a fifty percent (50%) equity interest in Partner obtains ownership or control of at least a fifty percent (50%) equity interest in Partner; (ii) in which Partner sells all or substantially all of its assets; or (iii) as a result of which one or more related parties that did not previously have the right or power to exercise a controlling influence over the management or policies of Partner acquires such a right or power, including, without limitation, the ability to elect a majority of Partner's board of directors or a similar governing body.
4. Termination for Material Breach. In the event either party fails to cure a material breach of this PPA within thirty (30) days or such other period as agreed to in writing after receiving written notice thereof, then the non-breaching party may terminate this PPA upon written notice.
5. Effect of Termination. Upon any termination of the PPA, except as described in an Addendum: (i) all licenses granted to Partner by sāf.ai hereunder will automatically cease; (ii) Partner will promptly return, or at sāf.ai's option, destroy all sāf.ai Materials, and all related documentation, except to the extent and only for so long as Partner continues to provide maintenance and support to Customers, as specified in an Addendum; (iii) Partner will immediately stop using the sāf.ai Marks and discontinue all representations that it is authorized to provide any services that Integrate with the sāf.ai Offerings; and (iv) each party will promptly return to the other all of the other party's Confidential Information within its possession or control, and will certify in writing that it has complied with its obligations to return all such Confidential Information. Except for a termination by sāf.ai for Partner's material breach (for which sāf.ai shall owe no further compensation), termination shall not affect any amounts owed to Partner that were owed and outstanding prior to termination. In addition, upon any termination of this PPA, the payment dates of all amounts due sāf.ai will automatically be accelerated so that they will become due and payable on the effective date of termination, even if longer terms had been provided previously.
6. Survival. Notwithstanding any termination of any Addendum or this PPA, the provisions of SECTIONS 1, 4.2, 4.8, 6.6, 7, 8.5, 9, 10, 11, and 12,inclusive along with all provisions of any Addendum that by their terms are intended to survive, shall survive.
Miscellaneous
1. Relationship of Parties. Nothing contained in this PPA, nor in the relationship created thereby, shall be interpreted to evidence a joint venture, partnership, principal-agent relationship, or employer-employee relationship between Partner and sāf.ai. Neither party shall have any right or authority to act on behalf of, or incur any obligation for, the other party. Partner reserves the right to determine the manner, method and means by which services will be performed as well as set the hours of work and schedule that will be followed by Partner. Partner shall have sole responsibility for any and all U.S. and foreign national, state and local income taxes, unemployment insurance tax, social security tax, self-employment tax and other taxes and tax payment obligations with respect to payments made by sāf.ai pursuant to this PPA. Partner shall jointly and severally indemnify and hold sāf.ai harmless from any and all losses or liability (including reasonable attorneys' fees) arising from Partner's failure to report as income payments received by it under this PPA and Partner's failure to withhold for national, state and local tax purposes amounts paid to Partner's approved employees, agents, contractors and other persons performing services pursuant to this PPA.
2. Assignment. The rights and liabilities of the parties hereto shall bind and inure to the benefit of their respective successors, heirs, executors and administrators, as the case may be; provided that Partner may not assign or delegate Partner's obligations under this PPA either in whole or in part without sāf.ai's prior written consent.
3. Governing Law; Severability. This PPA shall be governed by and construed in accordance with the laws of the State of Delaware, excluding that body of law applicable to choice of law. If any provision of this PPA is for any reason found by a court of competent jurisdiction to be unenforceable, the remainder of this PPA, or the Agreement that it is a part of, shall continue in full force and effect.
4. Complete Understanding; Modification. This PPA (including all applicable Addenda) constitutes the entire agreement between the parties. It supersedes and replaces all prior or contemporaneous understandings or agreements, written or oral, regarding such subject matter, and prevails over any conflicting terms or conditions contained on printed forms submitted with purchase orders, sales acknowledgments or quotations. This PPA may not be modified or waived, in whole or part, except in writing and signed by an officer or duly authorized representative of both parties, provided that sāf.ai may provide an updated version of this Agreement or any applicable Addendum at any time on notice (each, an "Updated Agreement"), which Updated Agreements shall be effective 30 days from the date sāf.ai makes it available to Partner (unless the notice specifies a longer period of time) (the "Update Effective Date"), and shall be deemed to be binding on Partner as of the Update Effective Date unless Partner sends a notice of termination prior to such date (which termination shall be effective as of such date).
5. Notices. Any notices required or permitted hereunder shall be given to the appropriate party at the address specified on the first page hereof or at such other address as the party shall specify in writing, which may include email. Additionally, sāf.ai may provide any notices under this PPA by posting such notice in the Partner Portal. Such notice shall be deemed given (i) in the case of a posting in the Partner Portal, upon Partner's next log-in to the Partner Portal; (ii) in the case of email, upon delivery of the email provided that no error message is returned within 24 hours; or (iii) in the case of physical mail, upon personal delivery to the appropriate address or sent by certified or registered mail, three days after the date of mailing provided that notice of change of address shall be deemed effective only upon receipt.
6. Headings. The titles and headings of the various sections and paragraphs in this PPA are intended solely for convenience of reference and are not intended to explain, modify or place any construction or limitation upon any of the provisions of this PPA.
7. Publicity. No public statement of any kind may be made by Partner without prior express written approval from sāf.ai.

Last updated: July 5, 2022

By signing below, each party acknowledges that it has read and understood the terms of these Terms of Service and agrees to be bound by them.

Addenda

Contributors

Here is a list of the contributors who have helped improve this book. Big shout-out to them!

Ahmed Masud (ahmed.masud)
Joseph Phan (joey.phan)

sāf.ai Resiliate 2.0 Administrator's Guide