Contracts
- Main Legal Center Landing Page
- SaaS Security Attachment
- Professional Services Schedule
- Support Prioritization Attachment
- Acceptable Use Policy Attachment - AUP
- HxP Acceptable Use Policy
- HxP and Sharebase Privacy Policy
- Hyland Experience Technical Support
- Hyland Experience Security
- Hyland Experience Service Levels
- Data Processing Addendum - Brazil
- Data Processing Addendum - GDPR
- Hyland Anti-Bribery/Anti-Corruption Policy and Guide - English
- Hyland Anti-Bribery and Anti-Corruption Policy and Guide - Portuguese
- Hyland Anti-Bribery and Anti-Corruption Policy and Guide - Spanish
- Hyland Anti-Bribery and Anti-Corruption Policy and Guide - German
- HIPAA Subcontractor Addendum
- Hyland Purchase Order Terms and Conditions
- Hyland Poland Sp. zoo Purchase Order Terms and Conditions
- Software-as-a-Service Schedule
- Software License and Maintenance Schedule - Subscription
- SaaS Agreement - AWS
- Hyland's Compliance and Due Diligence Form
- Supplement to Hyland's Compliance and Due Diligence Form
- Contractor Use Agreement - SF V1
- Global Data Processing Addendum
- Customer GDPR DPA
- Service Class Manual
- Healthcare Service Class Manual
- Healthcare Schedule - SaaS
- Healthcare Schedule
- Global Customer Data Processing Schedule
- GDPR Partner Data Processing Schedule
- Service Class Manual - Partner Contracts with Customer
- Amendment for Customer Repository Access (Maven)
- Amendment for Partner Repository Acces (Maven)
- Professional Services Terms for Services Proposals
- Managed Services Schedule
- General Terms Schedule
- Global Services
- Executable Add-On Subscription Amendment
- Support Prioritization Attachment - Portuguese - Hyland Cloud Services
- SaaS Security Attachment - Portuguese
- Nuxeo Subscription Terms
- Under Construction
- Support Prioritization Attachment - Subscription Licenses
- Support Prioritization Attachment - Hyland Cloud Services
- Add-On Subscription Terms
- YouTube Integration Schedule
- Hyland Content Portal Terms of Use
- Subscription Terms - Full Conversion to Subscription Licenses
- Agenda Media Schedule
- Pacsgear Equipment Schedule
- Enterprise License Schedule
- Professional Services Terms and Conditions
- PaaS Security Attachment
- Platform-as-a-Service Schedule
- Nuxeo Cloud Services Specification
- Software Maintenance and Support Terms
- Resource as a Service (RaaS) Schedule
- Hyland Office Broker Terms
- Hyland Experience Guide
- Hyland Offerings
- IMR Solution Version Information
- Hyland Experience Schedule
- Success Paths Schedule
- IAConnect AP Base Requirements Document
- VPConnect Base Solution Requirements Document
- Managed GovCloud Platform Schedule
- Hyland Care for Employee File Management Solution Requirements
- Hyland Care AP for New D4D Customer Schedule
- Hyland Care for Employee File Management
- Hyland Insight Pilot Program
- Google Cloud Marketplace License Agreement (Nuxeo)
- Success Paths Manual
- Global Travel and Expense Policy
- RPA Software Schedule (Add-On to Hyland Cloud Service)
Main Legal Center Landing Page
Effective July 16th 2021
DownloadTable of Contents
Hyland Direct Customers Contracts and policies for Hyland direct customers  | Hyland Partners Contracts and policies for Hyland partners  | Hyland Vendors Contracts and policies and Hyland vendors  |
Effective May 4th 2021 to July 16th 2021
DownloadTable of Contents
Hyland direct customers contracts and policies for Hyland direct customers | Hyland resellers contracts and policies for Hyland resellers | Hyland vendors contracts and policies and Hyland vendors |
Effective May 4th 2021 to May 4th 2021
DownloadTable of Contents
Hyland direct customers contracts and policies for Hyland direct customers | Hyland resellers contracts and policies for Hyland resellers | Hyland vendors contracts and policies and Hyland vendors |
SaaS Security Attachment
Effective June 17th 2023
DownloadTable of Contents
- Risk Management.
- Conducting an annual risk assessment designed to identify threats and vulnerabilities in the administrative, physical, legal, regulatory, and technical safeguards used to protect the Hyland Cloud Service.
- Maintaining a documented risk remediation process to assign ownership of identified risks, establish remediation plans and timeframes, and provide for periodic monitoring of progress.
- Information Security Program.
- Maintaining a documented comprehensive Hyland Cloud Service information security program. This program will include policies and procedures based on industry standard practices, which may include ISO 27001/27002, or other equivalent standards.
- Such information security program shall include, as applicable: (i) adequate physical and cyber security where Customer Data will be processed and/or stored; and (ii) reasonable precautions taken with respect to Hyland personnel employment.
- These policies will be reviewed and updated by Hyland management annually.
- Organization of Information Security. Assigning security responsibilities to appropriate Hyland individuals or groups to facilitate protection of the Hyland Cloud Service and associated assets.
- Human Resources Security.
- Hyland employees undergo comprehensive screening during the hiring process. Background checks and reference validation will be performed to determine whether candidate qualifications are appropriate for the proposed position. Subject to any restrictions imposed by applicable law and based on jurisdiction, these background checks include criminal background checks, employment validation, and education verification as applicable.
- Ensuring all Hyland employees are subject to confidentiality and non-disclosure commitments before access is provisioned to the Hyland Cloud Service or Customer Data.
- Ensuring applicable Hyland employees receive security awareness training designed to provide such employees with information security knowledge to provide for the security, availability, and confidentiality of Customer Data.
- Upon Hyland employee separation or change in roles, Hyland shall ensure any Hyland employee access to the Hyland Cloud Service is revoked in a timely manner and all applicable Hyland assets, both information and physical, are returned.
- Asset Management.
- Maintaining asset and information management policies and procedures. This includes ownership of assets, an inventory of assets, classification guidelines, and handling standards pertaining to Hyland assets.
- Maintaining media handling procedures to ensure media containing Customer Data as part of the Hyland Cloud Service is encrypted and stored in a secure location subject to strict physical access controls.
- When a Hyland Cloud Service storage device has reached the end of its useful life, procedures include a decommissioning process that is designed to prevent Customer Data from being exposed to unauthorized individuals using the techniques recommended by NIST to destroy data as part of the decommissioning process.
- If a Hyland storage device is unable to be decommissioned using these procedures, the device will be virtually shredded, degaussed, purged/wiped, or physically destroyed in accordance with industry-standard practices.
- Access Controls.
- Maintaining a logical access policy and corresponding procedures. The logical access procedures will define the request, approval and access provisioning process for Hyland personnel. The logical access process will restrict Hyland user (local and remote) access based on Hyland user job function (role/profile based, appropriate access) for applications and databases. Hyland user access recertification to determine access and privileges will be performed periodically. Procedures for onboarding and offboarding Hyland personnel users in a timely manner will be documented. Procedures for Hyland personnel user inactivity threshold leading to account suspension and removal threshold will be documented.
- Limiting Hyland’s access to Customer Data to its personnel who have a need to access Customer Data as a condition to Hyland’s performance of the services under this Agreement. Hyland shall utilize the principle of “least privilege” and the concept of “minimum necessary” when determining the level of access for all Hyland users to Customer Data. Hyland shall require strong passwords subject to complexity requirements and periodic rotation and the use of multi-factor authentication.
- Ensuring strict access controls are in place for Customer Data access by Hyland. Customer administrators control its user access, user permissions, and Customer Data retention to the extent such controls are available to Customer with respect to the Hyland Cloud Service.
- System Boundaries.
- Hyland is not responsible for any system components that are not within the Hyland Cloud Platform, including network devices, network connectivity, workstations, servers, and software owned and operated by the Customer or other third parties. Hyland may provide support for these components at its reasonable discretion.
- The processes executed within the Hyland Cloud Platform are limited to those that are executed by a Hyland employee (or Hyland authorized third party) or processes that are executed within Hyland’s established system boundaries, in whole. This includes, but is not limited to, hardware installation, software installation, data replication, data security, and authentication processes.
- Certain business processes may cross these boundaries, meaning one or more tasks are executed outside of Hyland’s established system boundaries for the Hyland Cloud Platform, one or more tasks are executed by individuals who are not Hyland personnel (or authorized third-parties), or one or more tasks are executed based on written requests placed by Customer. In such event, Hyland will provide support for such processes to the extent they occur within Hyland’s established system boundaries, but Hyland is not responsible for providing support for such processes to the extent they occur outside of such established system boundaries. At its reasonable discretion, Hyland may provide limited support for processes that occur outside such established system boundaries for the Hyland Cloud Platform. Examples of business processes that cross these boundaries include, but are not limited to, Hyland Cloud Service configuration changes, processing that occurs within the Hyland Cloud Service, user authorization, and file transfers.
- Encryption.
- Customer Data shall only be uploaded to the Hyland Cloud Services in an encrypted format such as via SFTP, TLS/SSL, or other equivalent method.
- Customer Data shall be encrypted at rest.
- Where use of encryption functionality may be controlled or modified by Customer, in the event Customer elects to modify the use of or turn off any encryption functionality, Customer does so at its own risk.
- Physical and Environment Security.
- The Hyland Cloud Platform uses data centers or third party service providers who have demonstrated compliance with one or more of the following standards (or a reasonable equivalent): International Organization for Standardization (“ISO”) 27001 and/or American Institute of Certified Public Accountants (“AICPA”) Service Organization Controls (“SOC”) Reports for Services Organizations. These providers provide Internet connectivity, physical security, power, and environmental systems and other services for the Hyland Cloud Platform.
- Hyland uses architecture and technologies designed to promote both security and high availability.
- Operations Security.
- Maintaining documented Hyland cloud operating procedures.
- Maintaining change management controls to ensure changes to Hyland Cloud Service production systems made by Hyland are properly authorized and reviewed prior to implementation. Customer is responsible for testing all configuration changes, authentication changes and upgrades implemented by Customer or implemented by Hyland at the request of Customer prior to production use of the Hyland Cloud Service. In cases where the Customer relies upon Hyland to implement changes on its behalf, a written request describing the change must be submitted (e.g. an e-mail, or another method provided by Hyland) by Customer’s designated Customer Security Administrators (“CSAs”) or set forth in a Services Proposal. Hyland will make scheduled configuration changes that are expected to impact Customer access to their Hyland Cloud Service during a planned maintenance window. Hyland may make configuration changes that are not expected to impact Customer during normal business hours.
- Monitoring usage and capacity levels within the Hyland Cloud Platform to adequately and proactively plan for future growth.
- Utilizing virus and malware protection technologies, which are configured to meet common industry standards designed to protect the Customer Data and equipment located within the Hyland Cloud Platform from virus infections or similar malicious payloads.
- Implementing disaster recovery and business continuity procedures. These will include replication of Customer Data to a secondary location.
- Maintaining a system and security logging process to capture system logs deemed critical by Hyland. These logs shall be maintained for at least six months and reviewed on a periodic basis.
- Maintaining system hardening requirements and configuration standards for components deployed within the Hyland Cloud Platform. Ensuring servers, operating systems, and supporting software used in the Hyland Cloud Platform receive all Critical and High security patches within a timely manner, but in no event more than 90 days after release, subject to the next sentence. In the event any such security patch would materially adversely affect the Hyland Cloud Service, then Hyland will use reasonable efforts to implement compensating controls until a security patch is available that would not materially adversely affect the Hyland Cloud Service.
- Conducting Hyland Cloud Platform vulnerability scans or analysis on at least a quarterly basis and remediate all critical and high vulnerabilities identified in accordance with its patch management procedures.
- Conducting Hyland Cloud Platform penetration tests at least annually.
- Communications Security
- Implementing Hyland Cloud Platform security controls to protect information resources within the Hyland Cloud Platform.
- When supported, upon implementation and once annually thereafter, Customer may request Hyland limit access to Customer’s Hyland Cloud Service to a list of pre-defined IP addresses at no additional cost.
- Supplier Relationships. Maintaining a Vendor Management Program for its critical vendors. This program will ensure critical vendors are evaluated on an annual basis.
- Security Incident.
- Employing incident response standards that are based upon applicable industry standards, such as ISO 27001:2013 and National Institute for Standards and Technology (“NIST”), to maintain the information security components of the Hyland Cloud Service environment.
- Responses to these incidents follow the Hyland documented incident response sequence. This sequence includes the incident trigger phase, evaluation phase, escalation phase, response phase, recovery phase, de-escalation phase, and post-incident review phase.
- If Hyland has determined Customer’s Hyland Cloud Service has been negatively impacted by a security incident, Hyland will deliver a root cause analysis summary. Such notice will not be unreasonably delayed, but will occur after initial corrective actions have been taken to contain the security threat or stabilize the Hyland Cloud Service.
- The root cause analysis will include the duration of the event, resolution, technical summary, outstanding issues, and follow-up, including steps Customer needs to take in order to prevent further issues. Hyland Cloud Service information including data elements that require additional confidentiality and security measures (including that of other customers impacted in the event) will not be publicly disclosed. If Customer needs additional details of an incident, a request to the Hyland GCS Support team must be submitted and handled on a case by case basis. The release of information process may require an on-site review to protect the confidentiality and security of the requested information.
- Hyland will notify Customer of a Security Incident within 48 hours. A “Security Incident” means a determination by Hyland of an actual disclosure of unencrypted Customer Data to an unauthorized person or entity that compromises the security, confidentiality, or integrity of the Customer Data.
- Information Security Aspects of Business Continuity Management.
- Maintaining a business continuity and disaster recovery plan.
- Reviewing and testing this plan annually.
- Aggregated Data.
- Hyland owns all Customer and User registration and billing data collected and used by Hyland that is required for user set-up, use and billing for the Hyland Cloud Service (“Account Information”) and all aggregated, anonymized and statistical data derived from the use and operation of the Hyland Cloud Service, including without limitation, the number of records in the Hyland Cloud Service, the number and types of transactions, configurations, and reports processed as part of the Hyland Cloud Service and the performance results of the Hyland Cloud Service (the “Aggregated Data”).
- Hyland may utilize the Account Information and Aggregated Data for purposes of operating Hyland’s business. For clarity, Account Information and Aggregated Data does not include Customer Data.
- Security Inquiries.
- Monitoring its compliance with its information security program. This includes periodic internal reviews. Results are shared with Hyland leadership and deviations tracked through to remediation.
- Maintaining a periodic external audit program. Completed attestations, such as available SOC 2 reports, are provided to Customer upon written request.
- Customer may conduct audits (which includes assessments, questionnaires, guided reviews or other requests to validate Hyland’s security controls) (each a “Security Inquiry”) of Hyland’s operations that participate in the ongoing delivery and support of the Hyland Cloud Service purchased by Customer on an annual basis (but no more than once during any 12-month period); provided, that Customer provides Hyland with advance written notice of its desire to conduct such Security Inquiry and the proposed Security Inquiry does not overlap with, or otherwise cover the same or similar information as, or scope of: (1) any controls already provided for by an external audit or assessment already performed by Hyland, such as a SOC 2 report, ISO 27001 or other similar audit or assessment that is made available to Customer upon Customer’s request; or (2) any content already provided by Hyland through its completed SIG, CAIQ or similar questionnaire that is made available to Customer upon request. For each Security Inquiry, (1) Hyland and Customer must mutually agree upon the timing, scope, and criteria of such Security Inquiry, which, subject to the foregoing, may include the completion of questionnaires supplied by Customer; (2) confidential and restricted documentation, such as Hyland internal policies, practices, and procedures, including any documentation requested by Customer that cannot be removed from Hyland’s premises as a result of physical limitations or policy restrictions will not be provided externally or removed from Hyland’s premises and such reviews must be conducted onsite at Hyland’s corporate headquarters in Ohio or through a secure screenshare which may be arranged by Hyland to prohibit any type of copying or screen shots; (3) Customer understands and agrees that Hyland will not permit access to internal systems or devices used to host or support Hyland’s offerings; (4) to the extent Customer desires to engage a third party to perform such Security Inquiry, Hyland must approve of such third party in writing in advance, Customer shall cause such third party to enter into a Non-Disclosure Agreement with Hyland and agree to abide by Hyland’s security standards, and Customer shall manage the engagement with the third party, ensuring the third party understands the scope of the Security Inquiry as mutually agreed upon between Hyland and Customer and how Customer utilizes the Hyland Cloud Service; and (5) Customer shall pay Hyland fees (at Hyland’s standard rates) for the Professional Services (including any out-of-pocket costs and expenses) that are required or requested of Hyland in connection with such Security Inquiry. Where necessary, Hyland will provide private and reasonable accommodation at Hyland’s corporate headquarters in Ohio for data analysis and meetings. Upon reasonable advance written request, Hyland and Customer may mutually agree to make necessary employees or contractors available for interviews in person or on the phone during such Security Inquiry at Customer’s cost and expense. Customer is prohibited, , and Customer shall prohibit each third party Security Inquiry from distributing or publishing the results of such Security Inquiry to any third party without Hyland’s prior written approval. Notwithstanding anything to the contrary within this Agreement, nothing in this Agreement (including this section) will require Hyland or any of its affiliates to disclose information that is subject to attorney-client privilege.
Effective June 17th 2023
DownloadSAAS-SICHERHEITSANHANG
Einleitung: Hyland unterhält und verwaltet ein umfassendes schriftliches Sicherheitsprogramm, das den Hyland Cloud-Dienst abdeckt und zum Schutz: (a) der Sicherheit und Integrität der Kundendaten; (b) vor Bedrohungen und Gefahren, die sich negativ auf die Kundendaten auswirken können; und (c) vor unbefugtem Zugriff auf die Kundendaten, dient. Dieses Programm umfasst Folgendes :
- Risikomanagement.
- Durchführung einer jährlichen Risikobewertung um Bedrohungen und Schwachstellen in den administrativen, physischen, rechtlichen, behördlichen und technischen Sicherheitsvorkehrungen zu identifizieren, die zum Schutz des Hyland Cloud-Dienstes eingesetzt werden.
- Aufrechterhaltung eines dokumentierten Risikosanierungsprozesses, um die Verantwortung für identifizierte Risiken zuzuweisen, Sanierungspläne und Zeitrahmen festzulegen und eine regelmäßige Überwachung des Fortschritts zu gewährleisten.
- Informationssicherheitsprogramm.
- Aufrechterhaltung eines dokumentierten, umfassenden Informationssicherheitsprogramms für den Hyland Cloud-Dienst. Dieses Programm umfasst Richtlinien und Verfahren, die auf Industriestandards basieren, wie z. B. ISO 27001/27002 oder anderen gleichwertige Standards.
- Ein solches Informationssicherheitsprogramm muss, gegebenenfalls, Folgendes umfassen: (i) angemessene physische Sicherheit und Cybersicherheit an den Orten, an denen Kundendaten verarbeitet und/oder gespeichert werden; und (ii) angemessene Vorsichtsmaßnahmen in Bezug auf die Beschäftigung von Hyland-Mitarbeitern.
- Diese Richtlinien werden jährlich vom Hyland-Management überprüft und aktualisiert.
- Organisation der Informationssicherheit. Zuweisung von Sicherheitsverantwortlichkeiten an geeignete Hyland-Einzelpersonen oder -Gruppen, um den Schutz des Hyland Cloud-Dienstes und der damit verbundenen Vermögenswerte zu erleichtern.
- Sicherheit im Personalwesen.
- Hyland-Mitarbeiter werden während des Einstellungsprozesses einer umfassenden Prüfung unterzogen. Es werden Hintergrundüberprüfungen und Referenzvalidierungen durchgeführt, um festzustellen, ob die Qualifikationen des Kandidaten für die vorgeschlagene Position geeignet sind. Vorbehaltlich jeglicher Einschränkungen, die durch geltendes Recht auferlegt werden und auf der Grundlage der Rechtsprechung, umfassen diese Hintergrundüberprüfungen gegebenenfalls eine strafrechtliche Hintergrundüberprüfung, eine überprüfung der vorhergehender Beschäftigungen und der Ausbildung.
- Sicherstellung, dass alle Hyland-Mitarbeiter einer Vertraulichkeits- und Geheimhaltungsverpflichtung unterliegen, bevor der Zugriff auf den Hyland Cloud-Dienst oder die Kundendaten bereitgestellt wird.
- Sicherstellung, dass alle Hyland-Mitarbeiter eine Sicherheitsbewusstseinsschulung erhalten, welche diesen Mitarbeitern Kenntnisse zur Informationssicherheit vermittelt, um die Sicherheit, Verfügbarkeit und Vertraulichkeit der Kundendaten zu gewährleisten.
- Nach dem Ausscheiden eines Hyland-Mitarbeiters oder einem Rollenwechsel stellt Hyland sicher, dass der Zugriff eines Hyland-Mitarbeiters auf den Hyland Cloud-Dienst zeitnah widerrufen wird und alle anwendbaren Hyland-Vermögenswerte, sowohl Informationen als auch physische Werte, zurückgegeben werden.
- Vermögensverwaltung.
- Aufrechterhaltung von Richtlinien und Verfahren zur Verwaltung von Vermögenswerten und Informationen. Dies umfasst Eigentumsrechte an Vermögenswerten, eine Bestandsaufnahme von Vermögenswerten, Klassifizierungsrichtlinien und Handhabungsstandards für Hyland-Vermögenswerte.
- Aufrechterhaltung von Verfahren zur Handhabung von Medien, um sicherzustellen, dass Medien, die Kundendaten als Teil des Hyland Cloud-Dienstes enthalten, verschlüsselt und an einem sicheren Ort aufbewahrt werden, der strengen physischen Zugangskontrollen unterliegt.
- Wenn ein Hyland Cloud-Dienst-Speichergerät das Ende seiner Nutzungsdauer erreicht hat, beinhalten die Verfahren einen Stilllegungsprozess, der verhindern soll, dass Kundendaten unbefugten Personen zugänglich gemacht werden, in dem die von NIST empfohlenen Techniken zur Datenvernichtung als Teil des Stilllegungsprozesses angewendet werden.
- Wenn ein Hyland-Speichergerät mit diesen Verfahren außer Betrieb genommen werden kann, wird das Gerät virtuell geschreddert, entmagnetisiert, bereinigt/gelöscht oder physisch zerstört, in Übereinstimmung mit branchenüblichen Verfahren.
- Zugriffskontrollen.
- Aufrechterhaltung einer logischen Zugriffsrichtlinie und entsprechender Verfahren. Die Verfahren für den logischen Zugriff definieren den Antrags-, Genehmigungs- und Zugriffsprozess für Hyland-Mitarbeiter. Der logische Zugriffsprozess beschränkt den Zugriff von Hyland-Benutzern (lokal und remote) basierend auf der Arbeitsfunktion des Hyland-Benutzers (rollen-/profilbasiert, angemessener Zugriff) für Anwendungen und Datenbanken. Der Zugriff der Hyland-Benutz wird in regelmäßigen Abständen rezertifiziert, um Zugriffe und Privilegien zu bestimmen. Die Verfahren für den Einstellungs- und Kündigungsprozess von Hyland-Mitarbeitern in einer zeitgemässen Weise werden dokumentiert. Die Verfahren für die Inaktivitätsschwelle des Hyland-Mitarbeiters, welche zu einer Kontosperrung und -entfernung führt, werden dokumentiert.
- Beschränkung des Zugriffs von Hyland-Mitarbeitern auf Kundendaten, die den Zugriff auf die Kundendaten als Voraussetzung für die Erbringung der Leistungen von Hyland im Rahmen dieser Vereinbarung benötigen. Hyland wendet das Prinzip des „geringsten Privilegs“ und das Konzept des „minimal Notwendigen“ an, um den Grad des Zugriffs aller Hyland-Benutzer auf Kundendaten zu bestimmen. Hyland verlangt sichere Passwörter, die den Komplexitätsanforderungen und der regelmäßigen Rotation unterliegen, sowie die Verwendung der Multi-Faktor-Authentifizierung.
- Sicherstellung, dass strenge Zugriffskontrollen für den Zugriff auf Kundendaten durch Hyland vorhanden sind. Die Administratoren des Kunden kontrollieren den Benutzerzugriff, die Benutzerberechtigungen und die Aufbewahrung der Kundendaten in dem Umfang, in dem solche Kontrollen für den Kunden in Bezug auf den Hyland Cloud-Dienst zur Verfügung stehen.
- Systemgrenzen.
- Hyland ist nicht verantwortlich für Systemkomponenten, die sich nicht innerhalb der Hyland Cloud Plattform befinden, einschließlich Netzwerkgeräte, Netzwerkverbindungen, Workstations, Server und Software, die im Besitz des Kunden oder Dritter sind und von diesen betrieben werden. Hyland kann nach eigenem Ermessen Unterstützung für diese Komponenten anbieten.
- Die innerhalb der Hyland Cloud Plattform ausgeführten Prozesse beschränken sich auf diejenigen, die von einem Hyland-Mitarbeiter (oder einem von Hyland autorisierten Dritten) ausgeführt werden, oder auf Prozesse, die in ihrer Gesamtheit innerhalb der etablierten Systemgrenzen von Hyland ausgeführt werden. Dies beinhaltet, ist aber nicht beschränkt auf, Hardware-Installation, Software-Installation, Datenreplikation, Datensicherheit und Authentifizierungsprozesse.
- Bestimmte Geschäftsprozesse können diese Grenzen überschreiten, d.h. eine oder mehrere Aufgaben werden außerhalb der von Hyland festgelegten Systemgrenzen für die Hyland Cloud Plattform ausgeführt, eine oder mehrere Aufgaben werden von Personen ausgeführt, die keine Hyland-Mitarbeiter (oder autorisierte Dritte) sind, oder einer oder mehrere Aufgaben werden auf der Grundlage schriftlicher Anfragen des Kunden ausgeführt. In einem solchen Fall wird Hyland Unterstützung für solche Prozesse leisten, soweit sie innerhalb der von Hyland festgelegten Systemgrenzen auftreten. Hyland ist jedoch nicht dafür verantwortlich, solche Prozesse zu leisten, sofern sie außerhalb dieser festgelegten Systemgrenzen auftreten. Hyland kann nach eigenem Ermessen begrenzte Unterstützung für solche Prozesse bereitstellen, die außerhalb dieser festgelegten Systemgrenzen für die Hyland Cloud Plattform auftreten. Beispiele für Geschäftsprozesse, die diese Grenzen überschreiten, sind unter anderem Konfigurationsänderungen des Hyland Cloud-Dienstes, Verarbeitungen, die innerhalb des Hyland Cloud-Dienstes stattfinden, Benutzerautorisierung und Dateiübertragungen.
- Verschlüsselung.
- Kundendaten dürfen nur in einem verschlüsselten Format, wie z. B. SFTP, TLS / SSL oder einer anderen gleichwertigen Methode im Hyland Cloud-Dienst hochgeladen werden.
- Die Kundendaten werden im Ruhezustand verschlüsselt.
- Wenn die Verwendung der Verschlüsselungsfunktionalität vom Kunden kontrolliert oder geändert werden kann und der Kunde die Verwendung der Verschlüsselungsfunktionalität ändern oder deaktivieren möchte, geschieht dies beim Kunden auf eigenes Risiko.
- Physische Sicherheit und Umgebungssicherheit.
- Die Hyland Cloud Plattform verwendet Rechenzentren oder Drittanbieter, die die Einhaltung eines oder mehrerer der folgenden Standards (oder eines angemessenen Äquivalents) nachgewiesen haben: International Organization for Standardization („ISO“) 27001 und/oder des American Institute of Certified Public Accountants („AICPA“), Service Organization Controls („SOC“) Berichte für Serviceorganisationen. Diese Anbieter stellen Internetverbindungen, physische Sicherheit, Strom- und Umgebungssysteme sowie andere Dienste für die Hyland Cloud Plattform bereit.
- Hyland verwendet Architektur und Technologien, welche darauf ausgelegt sind, sowohl Sicherheit als auch hohe Verfügbarkeit zu fördern.
- Betriebssicherheit.
- Aufrechterhaltung der dokumentierten Hyland Cloud-Betriebsverfahren.
- Aufrechterhaltung von Change Management Kontrollen, um sicherzustellen, dass von Hyland vorgenommene Änderungen an den Hyland Cloud-Dienst Produktionssystemen vor der Implementierung ordnungsgemäss autorisiert und überprüft werden. Der Kunde ist dafür verantwortlich, alle Konfigurationsänderungen, Authentifizierungsänderungen und Upgrades, die vom Kunden oder von Hyland auf Anfrage des Kunden implementiert werden, vor der Produktionsnutzung des Hyland Cloud-Dienstes zu testen. In Fällen, in denen sich der Kunde darauf verlässt, dass Hyland Änderungen in seinem Namen vornimmt, muss eine schriftliche Anfrage, die die Änderung beschreibt (z. B. eine E-Mail oder eine andere von Hyland bereitgestellte Methode), von den vom Kunden benannten Customer Security Administrators („CSAs“) eingereicht oder in einem Dienstleistungsangebot dargelegt werden. Hyland wird während eines geplanten Wartungsfensters Konfigurationsänderungen vornehmen, die sich voraussichtlich auf den Zugriff des Kunden auf seinen Hyland Cloud-Dienst auswirken werden. Hyland darf Konfigurationsänderungen, bei denen keine Auswirkungen auf den Kunden zu erwarten sind, während der normalen Geschäftszeiten vornehmen.
- Überwachung der Nutzung und des Kapazitätsniveaus innerhalb der Hyland Cloud Plattform, um zukünftiges Wachstum angemessen und proaktiv zu planen.
- Verwendung von Viren- und Malware-Schutztechnologien, die so konfiguriert sind, dass sie den gängigen Industriestandards entsprechen, um die Kundendaten und Geräte in der Hyland Cloud Plattform vor Virusinfektionen oder ähnlichen Malicious Payloads zu schützen.
- Implementierung von Disaster Recovery- und Business Continuity-Verfahren. Dazu gehört die Replikation von Kundendaten an einen sekundären Speicherort.
- Aufrechterhaltung eines System- und Sicherheitsprotokollierungsprozesses zur Erfassung von Systemprotokollen, die von Hyland als kritisch eingestuft werden. Diese Protokolle müssen mindestens sechs Monate lang aufbewahrt und regelmäßig überprüft werden.
- Aufrechterhaltung von Systemhärtungsanforderungen und Konfigurationsstandards für Komponenten, die in der Hyland Cloud Plattform bereitgestellt werden. Sicherstellen, dass Server, Betriebssysteme und unterstützende Software, die in der Hyland Cloud Plattform verwendet werden, alle kritischen und Hochsicherheitspatches rechtzeitig erhalten, jedoch in keinem Fall mehr als 90 Tage nach der Veröffentlichung, vorbehaltlich des nächsten Satzes. Für den Fall, dass ein solcher Sicherheitspatch den Hyland Cloud-Dienst erheblich beeinträchtigen würde, wird Hyland angemessene Anstrengungen unternehmen, um Ausgleichskontrollen zu implementieren, bis ein Sicherheitspatch verfügbar ist, der den Hyland Cloud-Dienst nicht wesentlich beeinträchtigt.
- Mindestens vierteljährliche Durchführung von Schwachstellen-Scans oder -Analysen der Hyland Cloud Plattform und Behebung aller identifizierten kritischen und hochgradigen Schwachstellen, in Übereinstimmung mit seinen Patch-Management-Verfahren.
- Mindestens jährliche Durchführung von Penetrationstests der Hyland Cloud Plattform.
- Kommunikationssicherheit
- Implementierung von Sicherheitskontrollen für die Hyland Cloud Plattform zum Schutz von Informationsressourcen innerhalb der Hyland Cloud Plattform.
- Wenn unterstützt, kann der Kunde bei der Implementierung und danach einmal jährlich verlangen, dass Hyland den Zugriff auf den Hyland Cloud-Dienst des Kunden ohne zusätzliche Kosten auf eine Liste von vordefinierter IP-Adressen beschränkt.
- Lieferantenbeziehungen. Aufrechterhaltung eines Lieferantenverwaltungsprogramms für seine kritischen Lieferanten. Dieses Programm stellt sicher, dass kritische Lieferanten auf jährlicher Basis bewertet werden.
- Sicherheitsvorfall.
- Anwendung von Standards zur Reaktion auf Vorfälle, die auf anwendbaren Industriestandards basieren, wie z.B. ISO 27001:2013 und dem Nationalen Institut for Standards and Technology („NIST“), um die Informationssicherheitskomponenten der Hyland Cloud-Dienst-Umgebung aufrechtzuerhalten.
- Die Reaktionen auf solche Vorfälle folgen der von Hyland dokumentierten Reaktionssequenz auf Vorfälle. Diese Sequenz umfasst die Auslösephase des Vorfalls, die Bewertungsphase, die Eskalationsphase, die Reaktionsphase, die Wiederherstellungsphase, die Deeskalationsphase und die Überprüfungsphase nach dem Vorfall.
- Wenn Hyland festgestellt, dass der Hyland Cloud-Dienst des Kunden durch einen Sicherheitsvorfall negativ beeinflusst wurde, wird Hyland eine Zusammenfassung der Ursachenanalyse liefern. Eine solche Benachrichtigung wird nicht unangemessen verzögert, sondern erfolgt, nachdem erste Korrekturmaßnahmen ergriffen wurden, um die Sicherheitsbedrohung einzudämmen oder den Hyland Cloud-Dienst zu stabilisieren.
- Die Ursachenanalyse umfasst die Dauer des Ereignisses, die Lösung, die technische Zusammenfassung, ausstehende Probleme und Folgemassnahmen, einschließlich der Schritte, die der Kunde unternehmen muss, um weitere Probleme zu vermeiden. Die Informationen des Hyland Cloud-Dienstes, einschließlich der Datenelemente, die zusätzliche Vertraulichkeits- und Sicherheitsmaßnahmen erfordern (einschließlich derjenigen anderer Kunden, die von dem Ereignis betroffen sind), werden nicht öffentlich bekannt gegeben. Wenn der Kunde zusätzliche Details zu einem Vorfall benötigt, muss eine Anfrage an das Hyland GCS-Support-Team gestellt werden, die von Fall zu Fall bearbeitet wird. Der Prozess der Informationsfreigabe kann eine Überprüfung vor Ort erfordern, um die Vertraulichkeit und Sicherheit der angeforderten Informationen zu schützen.
- Hyland benachrichtigt den Kunden innerhalb von 48 Stunden über einen Sicherheitsvorfall. Ein „Sicherheitsvorfall“ bedeutet, dass Hyland eine tatsächliche Offenlegung von unverschlüsselten Kundendaten gegenüber einer nicht autorisierten Person oder Organisation feststellt, welche die Sicherheit, Vertraulichkeit oder Integrität der Kundendaten gefährdet.
- Informationssicherheitsaspekte des Business Continuity Managements.
- Aufrechterhaltung eines Business Continuity- und Disaster Recovery-Plans.
- Jährliche Überprüfung und Testung dieses Plans.
- Aggregierte Daten.
- Hyland ist Eigentümer aller von Hyland gesammelten und verwendeten Kunden- und Benutzerregistrierungs- und Abrechnungsdaten, welche für die Einrichtung, Nutzung und Abrechnung des Hyland Cloud-Dienstes erforderlich sind („Kontoinformationen“), sowie aller aggregierten, anonymisierten und statistischen Daten, die aus der Nutzung und dem Betrieb des Hyland Cloud-Dienstes abgeleitet werden, insbesondere die Anzahl der Datensätze im Hyland Cloud-Dienst, die Anzahl und Art der Transaktionen, Konfigurationen und Berichte, die im Rahmen des Hyland Cloud-Dienstes verarbeitet werden, sowie die Leistungsergebnisse des Hyland Cloud-Dienstes (die "Aggregierten Daten").
- Hyland kann die Kontoinformationen und Aggregierten Daten für den Betrieb von Hyland verwenden. Zur Klarstellung: Kontoinformationen und Aggregierte Daten umfassen keine Kundendaten.
- Sicherheitsanfrage.
- Die Überwachung der Einhaltung des Informationssicherheitsprogramms. Dies beinhaltet regelmäßige interne Überprüfungen. Die Ergebnisse werden mit dem Hyland-Management geteilt und Abweichungen werden bis zur Behebung verfolgt.
- Aufrechterhaltung eines regelmäßigen externen Prüfungsprogramms. Abgeschlossene Bescheinigungen, wie z. B. verfügbare SOC 2-Berichte, werden dem Kunden auf schriftliche Anfrage zur Verfügung gestellt.
- Der Kunde ist berechtigt, jährlich (jedoch nicht öfter als einmal innerhalb eines Zeitraums von 12 Monaten) Audits (einschließlich Bewertungen, Fragebögen, geführte Überprüfungen oder anderer Anfragen zur Validierung der Sicherheitskontrollen von Hyland; jeweils eine "Sicherheitsanfrage") der Hyland-Tätigkeiten durchzuführen, die an der laufenden Bereitstellung und Unterstützung des vom Kunden erworbenen Hyland Cloud-Dienstes beteiligt sind. Dies setzt voraus, dass der Kunde Hyland schriftlich vorab mitteilt, dass er eine solche Prüfung durchführen möchte und dass diese Sicherheitsanfrage sich nicht mit den gleichen oder ähnlichen Informationen oder dem Umfang von: (1) Kontrollen, die bereits in einer von Hyland durchgeführten externen Prüfung oder Bewertung vorgesehen sind (wie z. B. einem SOC 2-Bericht, ISO 27001 oder einer anderen ähnlichen Prüfung oder Bewertung), die dem Kunden auf Anfrage zur Verfügung gestellt wird, oder (2) Inhalten, die bereits von Hyland durch den ausgefüllten SIG-, CAIQ- oder ähnlichen Fragebogen dem Kunden auf Anfrage zur Verfügung gestellt werden, überschneidet. Für jede Sicherheitsanfrage gilt Folgendes: (1) Hyland und der Kunde vereinbaren einvernehmlich den Zeitpunkt, den Umfang und die Kriterien einer solchen Sicherheitsanfrage(dies kann unter den oben genannten Voraussetzungen das Ausfüllen der vom Kunden bereitgestellten Fragebögen beinhalten); (2) Dokumentation, die vertraulich oder zugangsbeschränkt ist (wie z. B. interne Richtlinien, Praktiken und Verfahren von Hyland, einschließlich der vom Kunden angeforderten Dokumentation, die aufgrund von physischen Einschränkungen oder Richtlinienbeschränkungen nicht aus den Räumlichkeiten von Hyland entfernt werden kann), wird nicht zur externen Ansicht zur Verfügung gestellt oder aus den Räumlichkeiten von Hyland entfernt; derartige Überprüfungen müssen vor Ort in der Unternehmenszentrale von Hyland in Ohio oder über eine sichere Bildschirmfreigabe durchgeführt werden, die von Hyland so eingerichtet werden kann, dass jede Art von Kopieren oder Screenshots verboten ist; (3) der Kunde nimmt zur Kenntnis und erklärt sich damit einverstanden, dass Hyland keinen Zugriff auf interne Systeme oder Geräte gestattet, die zum Hosten oder Unterstützen der Hyland-Angebote verwendet werden; (4) sofern der Kunde einen Dritten mit der Durchführung einer solchen Sicherheitsanfrage beauftragen möchte, muss Hyland den Einsatz dieses Dritten im Voraus schriftlich genehmigen; der Kunde muss diesen Dritten zudem dazu veranlassen, eine Geheimhaltungsvereinbarung mit Hyland abzuschließen und sich zur Einhaltung der Sicherheitsstandards von Hyland zu verpflichten; die Verwaltung der Zusammenarbeit mit diesem Dritten obliegt dem Kunden; der Kunde muss insbesondere sicherstellen, dass dem Dritte der zwischen Hyland und dem Kunden vereinbarte Umfang der Sicherheitsanfrage und die Nutzung der Hyland-Dienste durch den Kunden bekannt sind; und (5) der Kunde ist verpflichtet, Hyland Gebühren (zu Hyland‘s Standardtarifen) für die Dienstleistungen (einschließlich aller Auslagen und Kosten) zu zahlen , die von Hyland im Zusammenhang mit einer solchen Sicherheitsanfrage in Rechnung gestellt werden. Bei Bedarf wird Hyland in der Unternehmenszentrale von Hyland in Ohio private und angemessene Unterkünfte für Datenanalysen und Besprechungen bereitstellen. Hyland und der Kunde können nach angemessener Ankündigung einvernehmlich vereinbaren, die erforderlichen Mitarbeiter oder Auftragnehmer für persönliche oder telefonische Interviews während einer solchen Sicherheitsanfrage auf Kosten des Kunden zur Verfügung zu stellen. Dem Kunden ist es untersagt, die Ergebnisse dieser Sicherheitsanfrage ohne vorherige schriftliche Genehmigung von Hyland an Dritte weiterzugeben oder zu veröffentlichen. Der Kunde ist verpflichtet, diese Verpflichtung jeder Drittpartei, die an der Sicherheitsanfrage beteiligt ist, aufzuerlegen. Ungeachtet gegenteiliger Bestimmungen in dieser Vereinbarung verpflichtet nichts in dieser Vereinbarung (einschließlich dieses Abschnitts) Hyland oder eines seiner verbundenen Unternehmen zur Offenlegung von Informationen, die unter das Anwaltsgeheimnis fallen.
Effective June 17th 2023
DownloadADJUNTO DE SEGURIDAD DE SAAS
Introducción: Hyland mantiene y gestiona un programa de seguridad integral por escrito que cubre el Servicio en la Nube de Hyland diseñado para proteger: (a) la seguridad e integridad de los Datos del Cliente; (b) contra amenazas y peligros que puedan impactar negativamente los Datos del Cliente, y (c) contra el acceso no autorizado a los Datos del Cliente, y dicho programa incluye lo siguiente:
Effective June 17th 2023
DownloadSOUS-ANNEXE SECURITE SAAS
Introduction : Hyland maintient et gère un programme de sécurité complet, écrit, couvrant le Service Cloud Hyland et conçu pour protéger : (a) la sécurité et l'intégrité des Données Client ; (b) contre les menaces et les dangers pouvant avoir un impact négatif sur les Données Client ; et (c) contre les accès non autorisés aux Données Client. Le programme de sécurité comprend les éléments suivants :
I. Gestion des Risques.
a. Réalisation d'une évaluation annuelle des risques, conçue pour identifier les menaces et les vulnérabilités des mesures de protection administratives, physiques, légales, réglementaires et techniques utilisées pour protéger le Service Cloud Hyland.
b. Maintien d’un process documenté de remédiation des risques, afin d'attribuer la responsabilité des risques identifiés, d'établir les plans et délais de remédiation, et de prévoir un suivi périodique de l’avancement.
II. Programme de Sécurité de l'Information.
a. Maintien d’un programme de sécurité de l’information pour le Service Cloud Hyland, complet et documenté. Ce programme comprend des politiques et procédures établies à partir des pratiques standard de l'industrie, lesquelles peuvent inclure des normes ISO 27001/27002 ou équivalentes.
b. Ce programme de sécurité de l’information comprend, selon le cas : (i) la mise en œuvre de moyens de sécurité physique et de cyber-sécurité adéquats, là où les Données Client sont traitées et/ou stockées ; et (ii) la prise de précautions raisonnables en ce qui concerne les employés de Hyland.
c. Ces politiques seront revues et mises à jour chaque année par la direction d'Hyland.
III. Organisation de la Sécurité de l'Information. Attribution des responsabilités en matière de sécurité aux individus ou groupes Hyland appropriés afin de faciliter la protection du Service Cloud Hyland et des actifs associés.
IV. Sécurité des Ressources Humaines.
a. Les salariés de Hyland font l’objet d’un examen approfondi durant le process d'embauche. Des vérifications des antécédents et la validation des références sont effectuées afin de déterminer si les qualifications du candidat sont appropriées pour le poste proposé. Sous réserve de toute restriction imposée par la loi applicable et en fonction de la juridiction, ces vérifications d'antécédents comprennent la vérification du casier judiciaire, la validation des expériences professionnelles et la vérification des diplômes et formations, le cas échéant.
b. Hyland s'assure que tous ses salariés sont soumis à des engagements de confidentialité et de non-divulgation avant tout accès au Service Cloud Hyland ou aux Données Client.
c. Hyland s'assurer que tous les salariés concernés bénéficient d’une formation de sensibilisation à la sécurité dont l’objectif est de leur fournir les connaissances en matière de sécurité de l'information leur permettant d'assurer la sécurité, la disponibilité et la confidentialité des Données Client.
d. Lors du départ d'un salarié de Hyland ou d'un changement de poste, Hyland s'assure que tout accès salarié au Service Cloud d'Hyland est révoqué en temps utile et que tous les actifs de Hyland concernés, tant les informations que les équipements, lui sont restitués.
V. Gestion des Actifs.
a. Maintien des politiques et procédures de gestion des actifs et des informations, en ce compris la propriété des actifs, leur inventaire, les lignes directrices pour leur classification et les normes de traitement relatives aux actifs Hyland.
b. Maintien des procédures de traitement des supports afin de garantir que les supports contenant des Données Client, dans le cadre du Service Cloud Hyland, sont cryptés et stockés dans un emplacement sécurisé soumis à des contrôles d'accès physiques stricts.
c. Lorsqu'un dispositif de stockage du Service Cloud Hyland a atteint la fin de sa durée de vie utile, les procédures visées par cet article comprennent un processus de mise hors service, appliquant les techniques recommandées par le National Institute of Standards and technology (le « NIST »), afin de détruire les données dans le cadre de process de mise hors service, conçu pour empêcher que les Données Client soient exposées à des personnes non autorisées.
d. Dans le cas où un dispositif de stockage Hyland ne pourrait pas être mis hors service par le biais des procédures visées ci-avant, ce dispositif est alors virtuellement déchiqueté, démagnétisé, purgé/essuyé ou physiquement détruit conformément aux pratiques courantes de l'industrie.
VI. Contrôles d'Accès.
a. Maintien d’une politique d'accès logique et de procédures correspondantes. Les procédures d'accès logique définissent le process de demande, d'approbation et de fourniture d'accès pour le personnel Hyland. Le process d'accès logique limite l'accès des utilisateurs Hyland (locaux et distants) selon leur fonction (basée sur le rôle/profil, accès approprié) pour les applications et les bases de données. La recertification de l'accès des utilisateurs Hyland afin de déterminer leurs accès et privilèges est effectuée périodiquement. Les procédures d’onboarding et d’offboarding, en temps utile, des utilisateurs du personnel Hyland seront documentées, de même que les procédures relatives au seuil d'inactivité des utilisateurs parmi le personnel de Hyland menant à la suspension et à la suppression de leur compte.
b. Limitation de l'accès de Hyland aux Données Client, à son personnel ayant à en connaître pour l'exécution des services fournis par Hyland en vertu du Contrat. Hyland a recours au principe du « moindre privilège » et au concept du « minimum nécessaire » afin de déterminer le niveau d'accès de ses utilisateurs aux Données Client. Hyland exige des mots de passe forts soumis à des exigences de complexité et à une rotation périodique, ainsi que l'utilisation d'une authentification multifactorielle.
c. Hyland s'assure que des contrôles d'accès stricts sont en place pour l'accès aux Données Client par Hyland. Les administrateurs du Client contrôlent l'accès de ses propres utilisateurs, leurs autorisations et la rétention des Données Client dans la mesure où de tels contrôles sont disponibles pour le Client en ce qui concerne le Service Cloud Hyland.
VII. Limites du Système.
a. Hyland n’encourt aucune responsabilité du fait des composants du système qui ne font pas partie de la Plateforme Cloud Hyland, en ce compris, les périphériques réseau, la connectivité réseau, les postes de travail, les serveurs et les logiciels détenus et exploités par le Client ou tiers. Hyland peut – à sa discrétion - fournir un support pour ces composants.
b. Les procédés auxquels il est fait recours au sein de la Plateforme Cloud Hyland sont limités à ceux qui sont exécutés par un salarié de Hyland (ou un tiers autorisé par Hyland) ou ceux qui sont exécutés dans les limites du système établi de Hyland, dans leur ensemble. Cela comprend, sans que cette liste soit exhaustive, l'installation de matériel(s), l'installation de logiciel(s), la réplication de données, la sécurité des données et les procédés d'authentification.
c. Nonobstant ce qui précède, certains procédés commerciaux peuvent s’affranchir de ces limites, dans la mesure où une ou plusieurs tâches sont exécutées hors des limites du système établi par Hyland pour la Plateforme Cloud Hyland, qu’elles soient réalisées par des individus n’étant pas des salariés de Hyland (ou des tiers autorisés par Hyland), ou qu’elles le soient sur le fondement de demandes écrites du Client. Dans un tel cas, Hyland fournit un support pour de tels procédés sous réserve qu’ils soient exécutés dans les limites du système établi de Hyland ; Hyland n’ayant aucune obligation de fournir un tel support dans le cas où les procédés sont exécutés en dehors des limites du système mis en place par Hyland. Hyland se réserve toutefois le droit, à sa discrétion, de fournir un support limité pour les procédés exécutés en dehors des limites de système établies pour la Plateforme Cloud Hyland. Les process commerciaux s’affranchissant des limites susvisées sont notamment, et sans que cette liste soit exhaustive, des changements de configuration du Service Cloud Hyland, des traitements réalisés dans le Service Cloud Hyland, l'autorisation de l'utilisateur et les transferts de fichiers.
VIII. Cryptage.
a. Les Données Client ne doivent être versées au Service Cloud Hyland que dans un format crypté, par exemple, de type SFTP, TLS/SSL, ou toute autre méthode équivalente.
b. Les Données Client doivent être cryptées durant leur stockage.
c. Lorsque l'utilisation de la fonctionnalité de cryptage est contrôlée ou modifiée par le Client, celui-ci en assume seul les risques associés.
IX. Sécurité Physique et de l'Environnement.
a. La Plateforme Cloud Hyland utilise des data centers ou des fournisseurs de services tiers qui ont démontré leur conformité avec une ou plusieurs des normes suivantes (ou objectivement similaires) : Organisation internationale de normalisation (« ISO ») 27001 et/ou rapports de l'American Institute of Certified Public Accountants (« AICPA ») sur les contrôles des organisations de services (« SOC »). Ces fournisseurs fournissent la connexion Internet, la sécurité physique, l'alimentation et les systèmes environnementaux ainsi que d'autres services pour la Plateforme Cloud Hyland.
b. Hyland utilise une architecture et des technologies conçues pour promouvoir à la fois la sécurité et une haute disponibilité.
X. Sécurité des Opérations.
a. Maintien de procédures d'exploitation documentées du cloud Hyland.
b. Maintien de contrôles de gestion des changements visant à s'assurer que les changements apportés aux systèmes de production du Service Cloud Hyland par Hyland sont correctement autorisés et examinés avant leur mise en œuvre. Le Client est seul responsable – avant toute utilisation du Service Cloud Hyland en mode production – de l’évaluation de tous changements de configuration, changements d’authentification et mises à niveau qu’il met en œuvre ou que Hyland met en œuvre à sa demande. Le Client peut, sous réserve d’une demande écrite (par exemple, par e-mail ou tout autre moyen de communication fourni par Hyland) adressée par l’un des Administrateurs de Sécurité du Client (un « ASC », tel que désigné par le Client ou au sein d’une Proposition de Services) et décrivant le(s) changement(s) attendu(s), solliciter Hyland afin qu’elle mette en œuvre celui/ceux-ci en son nom. Dans le cas où ceux-ci sont susceptibles d’impacter l’accès du Client au Service Cloud Hyland, Hyland effectue ces changements de configuration programmés pendant une fenêtre de maintenance planifiée. Dans les autres cas, Hyland se réserve le droit d’effectuer ces changements de configuration pendant les heures normales de travail.
c. Surveillance des niveaux d'utilisation et de capacité au sein de la Plateforme Cloud Hyland afin de planifier de manière adéquate et proactive une augmentation future.
d. Utilisation de technologies de protection contre les virus et les logiciels malveillants, configurées pour répondre aux normes communes reconnues par l’industrie conçues pour protéger les Données Client et les équipements situés dans la Plateforme Cloud Hyland contre les attaques par virus ou tout autre charge associée à des programmes malveillants.
e. Mise en œuvre de plans de continuité et de reprise de l’activité après sinistre. Ceux-ci comprendront la réplication des Données Client sur un site secondaire.
f. Maintien d’un process de journalisation du système et de la sécurité afin de capturer les registres du système jugés critiques par Hyland. Ces registres sont conservés pendant au moins six (6) mois et examinés sur une base périodique.
g. Maintien des exigences de renforcement du système et des normes de configuration pour les composants déployés au sein de la Plateforme Cloud Hyland. Hyland s'assure que les serveurs, les systèmes d'exploitation et les logiciels de support utilisés dans la Plateforme Cloud Hyland reçoivent tous les correctifs de sécurité critiques et élevés en temps opportun, mais en aucun cas plus de quatre-vingt-dix (90) jours après leur publication, sous réserve de ce qui suit. Dans le cas où un correctif de sécurité, tel que susvisé, affecterait le Service Cloud Hyland de manière substantielle, Hyland s’efforce de mettre en œuvre des contrôles compensatoires dans l’attente de la disponibilité d’un correctif de sécurité n'affectant pas de manière substantielle le Service Cloud Hyland.
h. Réalisation de scans ou analyses de vulnérabilité de la Plateforme Cloud Hyland, a minima une (1) fois par trimestre, et réalisation d’opérations visant à remédier à toutes les vulnérabilités critiques et élevées identifiées conformément aux procédures de gestion des correctifs.
i. Réalisation de tests de pénétration de la Plateforme Hyland Cloud, a minima annuellement.
XI. Sécurité des Communications
a. Mise en œuvre de contrôles de sécurité de la Plateforme Hyland Cloud afin de protéger les ressources documentaires au sein de la Plateforme Hyland Cloud.
b. Lorsque cela est pris en charge, et lors de la mise en œuvre du Service Cloud Hyland, puis une (1) fois par période annuelle, le Client peut demander à Hyland de limiter l'accès au Service Cloud Hyland à une liste d'adresses IP prédéfinies, et ce sans frais supplémentaires.
XII. Relations Avec les Fournisseurs. Maintien d’un Programme de Gestion des Fournisseurs pour les fournisseurs critiques de Hyland. Ce programme garantit que les fournisseurs critiques sont évalués annuellement.
XIII. Incident de Sécurité.
a. Emploi des normes de réponse aux incidents basées sur les normes industrielles applicables, telles que ISO 27001:2013 et « National Institute for Standards and Technology » (“NIST »), afin de maintenir les composants de sécurité de l’information de l'environnement du Service Cloud Hyland.
b. Les réponses aux incidents susvisés suivent la procédure de réponse aux incidents documentée par Hyland, laquelle comprend la phase de déclenchement de l'incident, la phase d'évaluation, la phase d'escalade, la phase de réponse, la phase de récupération, la phase de désescalade et la phase d'examen post-incident.
c. Lorsque Hyland détermine que le Service Cloud Hyland du Client a été négativement impacté par un incident de sécurité, Hyland fournit un résumé de l'analyse des causes profondes de l’incident. La notification de ce résumé ne sera pas retardée de manière déraisonnable, mais n’interviendra qu’après la mise en place des actions correctives initiales visant à contenir la menace de sécurité ou stabiliser le Service Cloud Hyland.
d. L'analyse des causes profondes de l’incident comprend la durée de l'événement, sa résolution, le résumé technique, les problèmes en suspens et le suivi, y compris les mesures que le Client doit prendre afin d'éviter d'autres problèmes. Les informations contenues dans le Service Cloud Hyland, en ce compris les données nécessitant des mesures de confidentialité et de sécurité additionnelles (en ce compris celles d’autres clients touchés par l’incident), ne sont pas divulguées publiquement. Le Client peut, s’il nécessite des détails supplémentaires sur un incident, en faire la demande à l’équipe de support Hyland GCS, laquelle est traitée au cas par cas. La procédure de divulgation d'informations peut nécessiter une évaluation sur site, afin de protéger la confidentialité et la sécurité des informations demandées.
e. Hyland notifie le Client d'un Incident de Sécurité dans les quarante-huit (48) heures. Un « Incident de Sécurité » désigne le cas où Hyland identifie une divulgation réelle de Données Client, non cryptées, à une personne ou entité non autorisée, et qui compromet la sécurité, la confidentialité ou l'intégrité des Données Client.
XIV. Aspects de la Gestion de la Continuité des Activités liés à la Sécurité de l'Information.
a. Maintien d’un plan de continuité de l’activité et de reprise après sinistre.
b. Révision et évaluation annuelle du plan susvisé.
XV. Données Agrégées.
a. Hyland est propriétaire de toutes les données d'enregistrement et de facturation du Client et de l'Utilisateur collectées et utilisées par Hyland, requises pour la configuration, l'utilisation du Service Cloud Hyland, ainsi que pour la facturation relative à ce dernier (les « Informations de Compte ») et de toutes les données agrégées, anonymisées et statistiques dérivées de l'utilisation et du fonctionnement du Service Cloud Hyland, en ce compris, mais sans s’y limiter, le nombre d'enregistrements dans le Service Cloud Hyland, le nombre et le type de transactions, les configurations , les rapports traités dans le cadre du Service Cloud Hyland, ainsi que les résultats de performance du Service Cloud Hyland (les « Données Agrégées »).
b. Hyland se réserve le droit d’utiliser les Informations de Compte et les Données Agrégées à des fins commerciales. Afin de lever toute ambiguïté, il est précisé que les Informations de Compte et les Données Agrégées ne comprennent pas les Données Client.
XVI. Enquêtes de Sécurité.
a. Contrôle de la conformité avec le programme de sécurité de l'information, constitué par des évaluations internes périodiques. Les résultats sont partagés avec la direction de Hyland et tout écart est suivi jusqu'à sa remédiation.
b. Maintien d’un programme d'audit externe périodique. Les attestations complètes, telles que les rapports SOC 2 disponibles, sont fournies - sur demande écrite – au Client.
c. Dans la limite d’une (1) fois par an (mais pas plus d'une fois au cours d'une période de 12 mois), le Client peut réaliser un audit (qui comprend des évaluations, des questionnaires, des revues guidées ou d'autres demandes de validation des contrôles de sécurité de Hyland) (chacun une « Enquête de Sécurité ») des opérations de Hyland dans le cadre de la fourniture et du support du Service Cloud Hyland auquel il a souscrit, sous réserve d’une notification préalable écrite à Hyland et des critères suivants à condition que le Client informe à l'avance Hyland de son désir de mener une telle Enquête de Sécurité et que l'Enquête de Sécurité proposée ne chevauche pas, ou couvrir autrement les mêmes informations ou des informations similaires que, ou portée de: (1) tout contrôle déjà prévu par un audit ou une évaluation externe déjà effectué par Hyland, tel qu'un rapport SOC 2, ISO 27001 ou tout autre audit ou évaluation similaire mis à la disposition du Client à la demande du Client; ou ( 2 ) tout contenu déjà fourni par Hyland via son SIG, CAIQ ou un questionnaire similaire rempli qui est mis à la disposition du Client sur demande: (1) Hyland et le Client doivent s'entendre mutuellement sur le calendrier, la portée et les critères de cette Enquête de Sécurité, qui, sous réserve de ce qui précède, peut inclure l'achèvement des questionnaires fournis par le Client; (2) la documentation confidentielle et restreinte, telle que les politiques, pratiques et procédures internes de Hyland, y compris toute documentation demandée par le client qui ne peut pas être retirée des locaux de Hyland en raison de limitations physiques ou de restrictions de politique ne sera pas fournie à l'extérieur ou retirée des locaux de Hyland et de tels examens doit être effectuée sur place au siège social de Hyland dans l'Ohio ou par le biais d'une capture d'écran sécurisée qui peut être organisée par Hyland pour interdire tout type de copie ou de capture d'écran; ( 3 ) Le client comprend et accepte que Hyland ne permettra pas l'accès aux systèmes ou appareils internes utilisés pour héberger ou prendre en charge les offres de Hyland; ( 4 ) dans la mesure où le client souhaite engager un tiers pour effectuer une telle Enquête de Sécurité, Hyland doit approuver ce tiers par écrit à l'avance, Le client doit amener ce tiers à conclure un accord de non-divulgation avec Hyland et à accepter de respecter les normes de sécurité de Hyland, et le client doit gérer l'engagement avec le tiers, s'assurer que le tiers comprend la portée de l'Enquête de Sécurité comme convenu d'un commun accord entre Hyland et le client et comment le client utilise le service Hyland Cloud, et, et (b) le Client paiera à Hyland les montants requis par Hyland en lien avec les Prestations de Services (y compris les frais et dépenses remboursables ) fournies dans le cadre d’ Enquête de Sécurité (aux tarifs publics de Hyland alors en vigueur). Le cas échéant, Hyland fournit dans une mesure raisonnable un accès privé au siège social de Hyland, Ohio, U.S., pour analyser des données et des réunions. Sous réserve d’un demande écrite préalable raisonnable, les parties peut conviennent de rendre disponible les salariés ou prestataires dont l’intervention est nécessaire en vue d’entretiens dans le cadre de réunions physiques ou par téléphone, pendant la durée de l’Enquête de Sécurité, ce, aux seuls frais du Client. Le Client s’interdit, et le client interdira chaque tiers Enquête de Sécurité de distribuer ou de publier les résultats de l’ Enquête de Sécurité à tout tiers, sans le consentement préalable écrit de Hyland. Nonobstant toute disposition contraire de la présente entente, rien dans la présente entente (, y compris cette section ), n'obligera Hyland ou l'une de ses sociétés affiliées à divulguer des informations soumises au privilège avocat-client.
Effective June 17th 2023
DownloadAPÊNDICE DE SEGURANÇA DE SAAS
Introdução: A Hyland mantém e gerencia um programa abrangente de segurança por escrito para cobertura do Serviço de Nuvem da Hyland projetado para proteger: (a) a segurança e integridade dos Dados do Cliente; (b) contra ameaças e perigos que possam afetar negativamente os Dados do Cliente; e (c) contra acesso não autorizado aos Dados do Cliente, cujo programa inclui o seguinte:
Effective December 7th 2022 to June 17th 2023
DownloadTable of Contents
- Risk Management.
- Conducting an annual risk assessment designed to identify threats and vulnerabilities in the administrative, physical, legal, regulatory, and technical safeguards used to protect the Hyland Cloud Service.
- Maintaining a documented risk remediation process to assign ownership of identified risks, establish remediation plans and timeframes, and provide for periodic monitoring of progress.
- Information Security Program.
- Maintaining a documented comprehensive Hyland Cloud Service information security program. This program will include policies and procedures based on industry standard practices, which may include ISO 27001/27002, or other equivalent standards.
- Such information security program shall include, as applicable: (i) adequate physical and cyber security where Customer Data will be processed and/or stored; and (ii) reasonable precautions taken with respect to Hyland personnel employment.
- These policies will be reviewed and updated by Hyland management annually.
- Organization of Information Security. Assigning security responsibilities to appropriate Hyland individuals or groups to facilitate protection of the Hyland Cloud Service and associated assets.
- Human Resources Security.
- Hyland employees undergo comprehensive screening during the hiring process. Background checks and reference validation will be performed to determine whether candidate qualifications are appropriate for the proposed position. Subject to any restrictions imposed by applicable law and based on jurisdiction, these background checks include criminal background checks, employment validation, and education verification as applicable.
- Ensuring all Hyland employees are subject to confidentiality and non-disclosure commitments before access is provisioned to the Hyland Cloud Service or Customer Data.
- Ensuring applicable Hyland employees receive security awareness training designed to provide such employees with information security knowledge to provide for the security, availability, and confidentiality of Customer Data.
- Upon Hyland employee separation or change in roles, Hyland shall ensure any Hyland employee access to the Hyland Cloud Service is revoked in a timely manner and all applicable Hyland assets, both information and physical, are returned.
- Asset Management.
- Maintaining asset and information management policies and procedures. This includes ownership of assets, an inventory of assets, classification guidelines, and handling standards pertaining to Hyland assets.
- Maintaining media handling procedures to ensure media containing Customer Data as part of the Hyland Cloud Service is encrypted and stored in a secure location subject to strict physical access controls.
- When a Hyland Cloud Service storage device has reached the end of its useful life, procedures include a decommissioning process that is designed to prevent Customer Data from being exposed to unauthorized individuals using the techniques recommended by NIST to destroy data as part of the decommissioning process.
- If a Hyland storage device is unable to be decommissioned using these procedures, the device will be virtually shredded, degaussed, purged/wiped, or physically destroyed in accordance with industry-standard practices.
- Access Controls.
- Maintaining a logical access policy and corresponding procedures. The logical access procedures will define the request, approval and access provisioning process for Hyland personnel. The logical access process will restrict Hyland user (local and remote) access based on Hyland user job function (role/profile based, appropriate access) for applications and databases. Hyland user access recertification to determine access and privileges will be performed periodically. Procedures for onboarding and offboarding Hyland personnel users in a timely manner will be documented. Procedures for Hyland personnel user inactivity threshold leading to account suspension and removal threshold will be documented.
- Limiting Hyland’s access to Customer Data to its personnel who have a need to access Customer Data as a condition to Hyland’s performance of the services under this Agreement. Hyland shall utilize the principle of “least privilege” and the concept of “minimum necessary” when determining the level of access for all Hyland users to Customer Data. Hyland shall require strong passwords subject to complexity requirements and periodic rotation and the use of multi-factor authentication.
- Ensuring strict access controls are in place for Customer Data access by Hyland. Customer administrators control its user access, user permissions, and Customer Data retention to the extent such controls are available to Customer with respect to the Hyland Cloud Service.
- System Boundaries.
- Hyland is not responsible for any system components that are not within the Hyland Cloud Platform, including network devices, network connectivity, workstations, servers, and software owned and operated by the Customer or other third parties. Hyland may provide support for these components at its reasonable discretion.
- The processes executed within the Hyland Cloud Platform are limited to those that are executed by a Hyland employee (or Hyland authorized third party) or processes that are executed within Hyland’s established system boundaries, in whole. This includes, but is not limited to, hardware installation, software installation, data replication, data security, and authentication processes.
- Certain business processes may cross these boundaries, meaning one or more tasks are executed outside of Hyland’s established system boundaries for the Hyland Cloud Platform, one or more tasks are executed by individuals who are not Hyland personnel (or authorized third-parties), or one or more tasks are executed based on written requests placed by Customer. In such event, Hyland will provide support for such processes to the extent they occur within Hyland’s established system boundaries, but Hyland is not responsible for providing support for such processes to the extent they occur outside of such established system boundaries. At its reasonable discretion, Hyland may provide limited support for processes that occur outside such established system boundaries for the Hyland Cloud Platform. Examples of business processes that cross these boundaries include, but are not limited to, Hyland Cloud Service configuration changes, processing that occurs within the Hyland Cloud Service, user authorization, and file transfers.
- Encryption.
- Customer Data shall only be uploaded to the Hyland Cloud Services in an encrypted format such as via SFTP, TLS/SSL, or other equivalent method.
- Customer Data shall be encrypted at rest.
- Where use of encryption functionality may be controlled or modified by Customer, in the event Customer elects to modify the use of or turn off any encryption functionality, Customer does so at its own risk.
- Physical and Environment Security.
- The Hyland Cloud Platform uses data centers or third party service providers who have demonstrated compliance with one or more of the following standards (or a reasonable equivalent): International Organization for Standardization (“ISO”) 27001 and/or American Institute of Certified Public Accountants (“AICPA”) Service Organization Controls (“SOC”) Reports for Services Organizations. These providers provide Internet connectivity, physical security, power, and environmental systems and other services for the Hyland Cloud Platform.
- Hyland uses architecture and technologies designed to promote both security and high availability.
- Operations Security.
- Maintaining documented Hyland cloud operating procedures.
- Maintaining change management controls to ensure changes to Hyland Cloud Service production systems made by Hyland are properly authorized and reviewed prior to implementation. Customer is responsible for testing all configuration changes, authentication changes and upgrades implemented by Customer or implemented by Hyland at the request of Customer prior to production use of the Hyland Cloud Service. In cases where the Customer relies upon Hyland to implement changes on its behalf, a written request describing the change must be submitted (e.g. an e-mail, or another method provided by Hyland) by Customer’s designated Customer Security Administrators (“CSAs”) or set forth in a Services Proposal. Hyland will make scheduled configuration changes that are expected to impact Customer access to their Hyland Cloud Service during a planned maintenance window. Hyland may make configuration changes that are not expected to impact Customer during normal business hours.
- Monitoring usage and capacity levels within the Hyland Cloud Platform to adequately and proactively plan for future growth.
- Utilizing virus and malware protection technologies, which are configured to meet common industry standards designed to protect the Customer Data and equipment located within the Hyland Cloud Platform from virus infections or similar malicious payloads.
- Implementing disaster recovery and business continuity procedures. These will include replication of Customer Data to a secondary location.
- Maintaining a system and security logging process to capture system logs deemed critical by Hyland. These logs shall be maintained for at least six months and reviewed on a periodic basis.
- Maintaining system hardening requirements and configuration standards for components deployed within the Hyland Cloud Platform. Ensuring servers, operating systems, and supporting software used in the Hyland Cloud Platform receive all Critical and High security patches within a timely manner, but in no event more than 90 days after release, subject to the next sentence. In the event any such security patch would materially adversely affect the Hyland Cloud Service, then Hyland will use reasonable efforts to implement compensating controls until a security patch is available that would not materially adversely affect the Hyland Cloud Service.
- Conducting Hyland Cloud Platform vulnerability scans or analysis on at least a quarterly basis and remediate all critical and high vulnerabilities identified in accordance with its patch management procedures.
- Conducting Hyland Cloud Platform penetration tests at least annually.
- Communications Security
- Implementing Hyland Cloud Platform security controls to protect information resources within the Hyland Cloud Platform.
- When supported, upon implementation and once annually thereafter, Customer may request Hyland limit access to Customer’s Hyland Cloud Service to a list of pre-defined IP addresses at no additional cost.
- Supplier Relationships. Maintaining a Vendor Management Program for its critical vendors. This program will ensure critical vendors are evaluated on an annual basis.
- Security Incident.
- Employing incident response standards that are based upon applicable industry standards, such as ISO 27001:2013 and National Institute for Standards and Technology (“NIST”), to maintain the information security components of the Hyland Cloud Service environment.
- Responses to these incidents follow the Hyland documented incident response sequence. This sequence includes the incident trigger phase, evaluation phase, escalation phase, response phase, recovery phase, de-escalation phase, and post-incident review phase.
- If Hyland has determined Customer’s Hyland Cloud Service has been negatively impacted by a security incident, Hyland will deliver a root cause analysis summary. Such notice will not be unreasonably delayed, but will occur after initial corrective actions have been taken to contain the security threat or stabilize the Hyland Cloud Service.
- The root cause analysis will include the duration of the event, resolution, technical summary, outstanding issues, and follow-up, including steps Customer needs to take in order to prevent further issues. Hyland Cloud Service information including data elements that require additional confidentiality and security measures (including that of other customers impacted in the event) will not be publicly disclosed. If Customer needs additional details of an incident, a request to the Hyland GCS Support team must be submitted and handled on a case by case basis. The release of information process may require an on-site review to protect the confidentiality and security of the requested information.
- Hyland will notify Customer of a Security Incident within 48 hours. A “Security Incident” means a determination by Hyland of an actual disclosure of unencrypted Customer Data to an unauthorized person or entity that compromises the security, confidentiality, or integrity of the Customer Data.
- Information Security Aspects of Business Continuity Management.
- Maintaining a business continuity and disaster recovery plan.
- Reviewing and testing this plan annually.
- Aggregated Data.
- Hyland owns all Customer and User registration and billing data collected and used by Hyland that is required for user set-up, use and billing for the Hyland Cloud Service (“Account Information”) and all aggregated, anonymized and statistical data derived from the use and operation of the Hyland Cloud Service, including without limitation, the number of records in the Hyland Cloud Service, the number and types of transactions, configurations, and reports processed as part of the Hyland Cloud Service and the performance results of the Hyland Cloud Service (the “Aggregated Data”).
- Hyland may utilize the Account Information and Aggregated Data for purposes of operating Hyland’s business. For clarity, Account Information and Aggregated Data does not include Customer Data.
- Security Inquiries.
- Monitoring its compliance with its information security program. This includes periodic internal reviews. Results are shared with Hyland leadership and deviations tracked through to remediation.
- Maintaining a periodic external audit program. Completed attestations, such as available SOC 2 reports, are provided to Customer upon written request.
- Customer may conduct audits (which includes assessments, questionnaires, guided reviews or other requests to validate Hyland’s security controls) (each a “Security Inquiry”) of Hyland’s operations that participate in the ongoing delivery and support of the Hyland Cloud Service purchased by Customer on an annual basis (but no more than once during any 12-month period); provided, that Customer provides Hyland with advance written notice of its desire to conduct such Security Inquiry and the proposed Security Inquiry does not overlap with, or otherwise cover the same or similar information as, or scope of: (1) any controls already provided for by an external audit or assessment already performed by Hyland, such as a SOC 2 report, ISO 27001 or other similar audit or assessment that is made available to Customer upon Customer’s request; or (2) any content already provided by Hyland through its completed SIG, CAIQ or similar questionnaire that is made available to Customer upon request. For each Security Inquiry, (1) Hyland and Customer must mutually agree upon the timing, scope, and criteria of such Security Inquiry, which, subject to the foregoing, may include the completion of questionnaires supplied by Customer; (2) confidential and restricted documentation, such as Hyland internal policies, practices, and procedures, including any documentation requested by Customer that cannot be removed from Hyland’s premises as a result of physical limitations or policy restrictions will not be provided externally or removed from Hyland’s premises and such reviews must be conducted onsite at Hyland’s corporate headquarters in Ohio or through a secure screenshare which may be arranged by Hyland to prohibit any type of copying or screen shots; (3) Customer understands and agrees that Hyland will not permit access to internal systems or devices used to host or support Hyland’s offerings; (4) to the extent Customer desires to engage a third party to perform such Security Inquiry, Hyland must approve of such third party in writing in advance, Customer shall cause such third party to enter into a Non-Disclosure Agreement with Hyland and agree to abide by Hyland’s security standards, and Customer shall manage the engagement with the third party, ensuring the third party understands the scope of the Security Inquiry as mutually agreed upon between Hyland and Customer and how Customer utilizes the Hyland Cloud Service; and (5) Customer shall pay Hyland fees (at Hyland’s standard rates) for the Professional Services (including any out-of-pocket costs and expenses) that are required or requested of Hyland in connection with such Security Inquiry. Where necessary, Hyland will provide private and reasonable accommodation at Hyland’s corporate headquarters in Ohio for data analysis and meetings. Upon reasonable advance written request, Hyland and Customer may mutually agree to make necessary employees or contractors available for interviews in person or on the phone during such Security Inquiry at Customer’s cost and expense. Customer is prohibited, , and Customer shall prohibit each third party Security Inquiry from distributing or publishing the results of such Security Inquiry to any third party without Hyland’s prior written approval. Notwithstanding anything to the contrary within this Agreement, nothing in this Agreement (including this section) will require Hyland or any of its affiliates to disclose information that is subject to attorney-client privilege.
Effective November 30th 2022 to December 7th 2022
DownloadTable of Contents
- Risk Management.
- Conducting an annual risk assessment designed to identify threats and vulnerabilities in the administrative, physical, legal, regulatory, and technical safeguards used to protect the Hyland Cloud Service.
- Maintaining a documented risk remediation process to assign ownership of identified risks, establish remediation plans and timeframes, and provide for periodic monitoring of progress.
- Information Security Program.
- Maintaining a documented comprehensive Hyland Cloud Service information security program. This program will include policies and procedures based on industry standard practices, which may include ISO 27001/27002, or other equivalent standards.
- Such information security program shall include, as applicable: (i) adequate physical and cyber security where Customer Data will be processed and/or stored; and (ii) reasonable precautions taken with respect to Hyland personnel employment.
- These policies will be reviewed and updated by Hyland management annually.
- Organization of Information Security. Assigning security responsibilities to appropriate Hyland individuals or groups to facilitate protection of the Hyland Cloud Service and associated assets.
- Human Resources Security.
- Hyland employees undergo comprehensive screening during the hiring process. Background checks and reference validation will be performed to determine whether candidate qualifications are appropriate for the proposed position. Subject to any restrictions imposed by applicable law and based on jurisdiction, these background checks include criminal background checks, employment validation, and education verification as applicable.
- Ensuring all Hyland employees are subject to confidentiality and non-disclosure commitments before access is provisioned to the Hyland Cloud Service or Customer Data.
- Ensuring applicable Hyland employees receive security awareness training designed to provide such employees with information security knowledge to provide for the security, availability, and confidentiality of Customer Data.
- Upon Hyland employee separation or change in roles, Hyland shall ensure any Hyland employee access to the Hyland Cloud Service is revoked in a timely manner and all applicable Hyland assets, both information and physical, are returned.
- Asset Management.
- Maintaining asset and information management policies and procedures. This includes ownership of assets, an inventory of assets, classification guidelines, and handling standards pertaining to Hyland assets.
- Maintaining media handling procedures to ensure media containing Customer Data as part of the Hyland Cloud Service is encrypted and stored in a secure location subject to strict physical access controls.
- When a Hyland Cloud Service storage device has reached the end of its useful life, procedures include a decommissioning process that is designed to prevent Customer Data from being exposed to unauthorized individuals using the techniques recommended by NIST to destroy data as part of the decommissioning process.
- If a Hyland storage device is unable to be decommissioned using these procedures, the device will be virtually shredded, degaussed, purged/wiped, or physically destroyed in accordance with industry-standard practices.
- Access Controls.
- Maintaining a logical access policy and corresponding procedures. The logical access procedures will define the request, approval and access provisioning process for Hyland personnel. The logical access process will restrict Hyland user (local and remote) access based on Hyland user job function (role/profile based, appropriate access) for applications and databases. Hyland user access recertification to determine access and privileges will be performed periodically. Procedures for onboarding and offboarding Hyland personnel users in a timely manner will be documented. Procedures for Hyland personnel user inactivity threshold leading to account suspension and removal threshold will be documented.
- Limiting Hyland’s access to Customer Data to its personnel who have a need to access Customer Data as a condition to Hyland’s performance of the services under this Agreement. Hyland shall utilize the principle of “least privilege” and the concept of “minimum necessary” when determining the level of access for all Hyland users to Customer Data. Hyland shall require strong passwords subject to complexity requirements and periodic rotation and the use of multi-factor authentication.
- Ensuring strict access controls are in place for Customer Data access by Hyland. Customer administrators control its user access, user permissions, and Customer Data retention to the extent such controls are available to Customer with respect to the Hyland Cloud Service.
- System Boundaries.
- Hyland is not responsible for any system components that are not within the Hyland Cloud Platform, including network devices, network connectivity, workstations, servers, and software owned and operated by the Customer or other third parties. Hyland may provide support for these components at its reasonable discretion.
- The processes executed within the Hyland Cloud Platform are limited to those that are executed by a Hyland employee (or Hyland authorized third party) or processes that are executed within Hyland’s established system boundaries, in whole. This includes, but is not limited to, hardware installation, software installation, data replication, data security, and authentication processes.
- Certain business processes may cross these boundaries, meaning one or more tasks are executed outside of Hyland’s established system boundaries for the Hyland Cloud Platform, one or more tasks are executed by individuals who are not Hyland personnel (or authorized third-parties), or one or more tasks are executed based on written requests placed by Customer. In such event, Hyland will provide support for such processes to the extent they occur within Hyland’s established system boundaries, but Hyland is not responsible for providing support for such processes to the extent they occur outside of such established system boundaries. At its reasonable discretion, Hyland may provide limited support for processes that occur outside such established system boundaries for the Hyland Cloud Platform. Examples of business processes that cross these boundaries include, but are not limited to, Hyland Cloud Service configuration changes, processing that occurs within the Hyland Cloud Service, user authorization, and file transfers.
- Encryption.
- Customer Data shall only be uploaded to the Hyland Cloud Services in an encrypted format such as via SFTP, TLS/SSL, or other equivalent method.
- Customer Data shall be encrypted at rest.
- Where use of encryption functionality may be controlled or modified by Customer, in the event Customer elects to modify the use of or turn off any encryption functionality, Customer does so at its own risk.
- Physical and Environment Security.
- The Hyland Cloud Platform uses data centers or third party service providers who have demonstrated compliance with one or more of the following standards (or a reasonable equivalent): International Organization for Standardization (“ISO”) 27001 and/or American Institute of Certified Public Accountants (“AICPA”) Service Organization Controls (“SOC”) Reports for Services Organizations. These providers provide Internet connectivity, physical security, power, and environmental systems and other services for the Hyland Cloud Platform.
- Hyland uses architecture and technologies designed to promote both security and high availability.
- Operations Security.
- Maintaining documented Hyland cloud operating procedures.
- Maintaining change management controls to ensure changes to Hyland Cloud Service production systems made by Hyland are properly authorized and reviewed prior to implementation. Customer is responsible for testing all configuration changes, authentication changes and upgrades implemented by Customer or implemented by Hyland at the request of Customer prior to production use of the Hyland Cloud Service. In cases where the Customer relies upon Hyland to implement changes on its behalf, a written request describing the change must be submitted (e.g. an e-mail, or another method provided by Hyland) by Customer’s designated Customer Security Administrators (“CSAs”) or set forth in a Services Proposal. Hyland will make scheduled configuration changes that are expected to impact Customer access to their Hyland Cloud Service during a planned maintenance window. Hyland may make configuration changes that are not expected to impact Customer during normal business hours.
- Monitoring usage and capacity levels within the Hyland Cloud Platform to adequately and proactively plan for future growth.
- Utilizing virus and malware protection technologies, which are configured to meet common industry standards designed to protect the Customer Data and equipment located within the Hyland Cloud Platform from virus infections or similar malicious payloads.
- Implementing disaster recovery and business continuity procedures. These will include replication of Customer Data to a secondary location.
- Maintaining a system and security logging process to capture system logs deemed critical by Hyland. These logs shall be maintained for at least six months and reviewed on a periodic basis.
- Maintaining system hardening requirements and configuration standards for components deployed within the Hyland Cloud Platform. Ensuring servers, operating systems, and supporting software used in the Hyland Cloud Platform receive all Critical and High security patches within a timely manner, but in no event more than 90 days after release, subject to the next sentence. In the event any such security patch would materially adversely affect the Hyland Cloud Service, then Hyland will use reasonable efforts to implement compensating controls until a security patch is available that would not materially adversely affect the Hyland Cloud Service.
- Conducting Hyland Cloud Platform vulnerability scans or analysis on at least a quarterly basis and remediate all critical and high vulnerabilities identified in accordance with its patch management procedures.
- Conducting Hyland Cloud Platform penetration tests at least annually.
- Communications Security
- Implementing Hyland Cloud Platform security controls to protect information resources within the Hyland Cloud Platform.
- When supported, upon implementation and once annually thereafter, Customer may request Hyland limit access to Customer’s Hyland Cloud Service to a list of pre-defined IP addresses at no additional cost.
- Supplier Relationships. Maintaining a Vendor Management Program for its critical vendors. This program will ensure critical vendors are evaluated on an annual basis.
- Security Incident.
- Employing incident response standards that are based upon applicable industry standards, such as ISO 27001:2013 and National Institute for Standards and Technology (“NIST”), to maintain the information security components of the Hyland Cloud Service environment.
- Responses to these incidents follow the Hyland documented incident response sequence. This sequence includes the incident trigger phase, evaluation phase, escalation phase, response phase, recovery phase, de-escalation phase, and post-incident review phase.
- If Hyland has determined Customer’s Hyland Cloud Service has been negatively impacted by a security incident, Hyland will deliver a root cause analysis summary. Such notice will not be unreasonably delayed, but will occur after initial corrective actions have been taken to contain the security threat or stabilize the Hyland Cloud Service.
- The root cause analysis will include the duration of the event, resolution, technical summary, outstanding issues, and follow-up, including steps Customer needs to take in order to prevent further issues. Hyland Cloud Service information including data elements that require additional confidentiality and security measures (including that of other customers impacted in the event) will not be publicly disclosed. If Customer needs additional details of an incident, a request to the Hyland GCS Support team must be submitted and handled on a case by case basis. The release of information process may require an on-site review to protect the confidentiality and security of the requested information.
- Hyland will notify Customer of a Security Incident within 48 hours. A “Security Incident” means a determination by Hyland of an actual disclosure of unencrypted Customer Data to an unauthorized person or entity that compromises the security, confidentiality, or integrity of the Customer Data.
- Information Security Aspects of Business Continuity Management.
- Maintaining a business continuity and disaster recovery plan.
- Reviewing and testing this plan annually.
- Aggregated Data.
- Hyland owns all Customer and User registration and billing data collected and used by Hyland that is required for user set-up, use and billing for the Hyland Cloud Service (“Account Information”) and all aggregated, anonymized and statistical data derived from the use and operation of the Hyland Cloud Service, including without limitation, the number of records in the Hyland Cloud Service, the number and types of transactions, configurations, and reports processed as part of the Hyland Cloud Service and the performance results of the Hyland Cloud Service (the “Aggregated Data”).
- Hyland may utilize the Account Information and Aggregated Data for purposes of operating Hyland’s business. For clarity, Account Information and Aggregated Data does not include Customer Data.
- Audit and Security Testing.
- Monitoring its compliance with its information security program. This includes periodic internal reviews. Results are shared with Hyland leadership and deviations tracked through to remediation.
- Maintaining a periodic external audit program. Completed attestations, such as available SOC 2 reports, are provided to Customer upon written request.
- Customer may conduct audits (which includes assessments, questionnaires, guided reviews or other requests to validate Hyland’s security controls) (each a “Security Inquiry”) of Hyland’s operations that participate in the ongoing delivery and support of the Hyland Cloud Service purchased by Customer on an annual basis (but no more than once during any 12-month period); provided, that Customer provides Hyland with advance written notice of its desire to conduct such Security Inquiry and the proposed Security Inquiry does not overlap with, or otherwise cover the same or similar information as, or scope of: (1) any controls already provided for by an external audit or assessment already performed by Hyland, such as a SOC 2 report, ISO 27001 or other similar audit or assessment that is made available to Customer upon Customer’s request; or (2) any content already provided by Hyland through its completed SIG, CAIQ or similar questionnaire that is made available to Customer upon request. For each Security Inquiry, (1) Hyland and Customer must mutually agree upon the timing, scope, and criteria of such Security Inquiry, which, subject to the foregoing, may include the completion of questionnaires supplied by Customer; (2) confidential and restricted documentation, such as Hyland internal policies, practices, and procedures, including any documentation requested by Customer that cannot be removed from Hyland’s premises as a result of physical limitations or policy restrictions will not be provided externally or removed from Hyland’s premises and such reviews must be conducted onsite at Hyland’s corporate headquarters in Ohio or through a secure screenshare which may be arranged by Hyland to prohibit any type of copying or screen shots; (3) Customer understands and agrees that Hyland will not permit access to internal systems or devices used to host or support Hyland’s offerings; (4) to the extent Customer desires to engage a third party to perform such Security Inquiry, Hyland must approve of such third party in writing in advance, Customer shall cause such third party to enter into a Non-Disclosure Agreement with Hyland and agree to abide by Hyland’s security standards, and Customer shall manage the engagement with the third party, ensuring the third party understands the scope of the Security Inquiry as mutually agreed upon between Hyland and Customer and how Customer utilizes the Hyland Cloud Service; and (5) Customer shall pay Hyland fees (at Hyland’s standard rates) for the Professional Services (including any out-of-pocket costs and expenses) that are required or requested of Hyland in connection with such Security Inquiry. Where necessary, Hyland will provide private and reasonable accommodation at Hyland’s corporate headquarters in Ohio for data analysis and meetings. Upon reasonable advance written request, Hyland and Customer may mutually agree to make necessary employees or contractors available for interviews in person or on the phone during such Security Inquiry at Customer’s cost and expense. Customer is prohibited, , and Customer shall prohibit each third party Security Inquiry from distributing or publishing the results of such Security Inquiry to any third party without Hyland’s prior written approval. Notwithstanding anything to the contrary within this Agreement, nothing in this Agreement (including this section) will require Hyland or any of its affiliates to disclose information that is subject to attorney-client privilege.
Effective February 2nd 2022 to November 30th 2022
DownloadTable of Contents
- Risk Management.
- Conducting an annual risk assessment designed to identify threats and vulnerabilities in the administrative, physical, legal, regulatory, and technical safeguards used to protect the Hyland Cloud Service.
- Maintaining a documented risk remediation process to assign ownership of identified risks, establish remediation plans and timeframes, and provide for periodic monitoring of progress.
- Information Security Program.
- Maintaining a documented comprehensive Hyland Cloud Service information security program. This program will include policies and procedures based on industry standard practices, which may include ISO 27001/27002, or other equivalent standards.
- Such information security program shall include, as applicable: (i) adequate physical and cyber security where Customer Data will be processed and/or stored; and (ii) reasonable precautions taken with respect to Hyland personnel employment.
- These policies will be reviewed and updated by Hyland management annually.
- Organization of Information Security. Assigning security responsibilities to appropriate Hyland individuals or groups to facilitate protection of the Hyland Cloud Service and associated assets.
- Human Resources Security.
- Hyland employees undergo comprehensive screening during the hiring process. Background checks and reference validation will be performed to determine whether candidate qualifications are appropriate for the proposed position. Subject to any restrictions imposed by applicable law and based on jurisdiction, these background checks include criminal background checks, employment validation, and education verification as applicable.
- Ensuring all Hyland employees are subject to confidentiality and non-disclosure commitments before access is provisioned to the Hyland Cloud Service or Customer Data.
- Ensuring applicable Hyland employees receive security awareness training designed to provide such employees with information security knowledge to provide for the security, availability, and confidentiality of Customer Data.
- Upon Hyland employee separation or change in roles, Hyland shall ensure any Hyland employee access to the Hyland Cloud Service is revoked in a timely manner and all applicable Hyland assets, both information and physical, are returned.
- Asset Management.
- Maintaining asset and information management policies and procedures. This includes ownership of assets, an inventory of assets, classification guidelines, and handling standards pertaining to Hyland assets.
- Maintaining media handling procedures to ensure media containing Customer Data as part of the Hyland Cloud Service is encrypted and stored in a secure location subject to strict physical access controls.
- When a Hyland Cloud Service storage device has reached the end of its useful life, procedures include a decommissioning process that is designed to prevent Customer Data from being exposed to unauthorized individuals using the techniques recommended by NIST to destroy data as part of the decommissioning process.
- If a Hyland storage device is unable to be decommissioned using these procedures, the device will be virtually shredded, degaussed, purged/wiped, or physically destroyed in accordance with industry-standard practices.
- Access Controls.
- Maintaining a logical access policy and corresponding procedures. The logical access procedures will define the request, approval and access provisioning process for Hyland personnel. The logical access process will restrict Hyland user (local and remote) access based on Hyland user job function (role/profile based, appropriate access) for applications and databases. Hyland user access recertification to determine access and privileges will be performed periodically. Procedures for onboarding and offboarding Hyland personnel users in a timely manner will be documented. Procedures for Hyland personnel user inactivity threshold leading to account suspension and removal threshold will be documented.
- Limiting Hyland’s access to Customer Data to its personnel who have a need to access Customer Data as a condition to Hyland’s performance of the services under this Agreement. Hyland shall utilize the principle of “least privilege” and the concept of “minimum necessary” when determining the level of access for all Hyland users to Customer Data. Hyland shall require strong passwords subject to complexity requirements and periodic rotation and the use of multi-factor authentication.
- Ensuring strict access controls are in place for Customer Data access by Hyland. Customer administrators control its user access, user permissions, and Customer Data retention to the extent such controls are available to Customer with respect to the Hyland Cloud Service.
- System Boundaries.
- Hyland is not responsible for any system components that are not within the Hyland Cloud Platform, including network devices, network connectivity, workstations, servers, and software owned and operated by the Customer or other third parties. Hyland may provide support for these components at its reasonable discretion.
- The processes executed within the Hyland Cloud Platform are limited to those that are executed by a Hyland employee (or Hyland authorized third party) or processes that are executed within Hyland’s established system boundaries, in whole. This includes, but is not limited to, hardware installation, software installation, data replication, data security, and authentication processes.
- Certain business processes may cross these boundaries, meaning one or more tasks are executed outside of Hyland’s established system boundaries for the Hyland Cloud Platform, one or more tasks are executed by individuals who are not Hyland personnel (or authorized third-parties), or one or more tasks are executed based on written requests placed by Customer. In such event, Hyland will provide support for such processes to the extent they occur within Hyland’s established system boundaries, but Hyland is not responsible for providing support for such processes to the extent they occur outside of such established system boundaries. At its reasonable discretion, Hyland may provide limited support for processes that occur outside such established system boundaries for the Hyland Cloud Platform. Examples of business processes that cross these boundaries include, but are not limited to, Hyland Cloud Service configuration changes, processing that occurs within the Hyland Cloud Service, user authorization, and file transfers.
- Encryption.
- Customer Data shall only be uploaded to the Hyland Cloud Services in an encrypted format such as via SFTP, TLS/SSL, or other equivalent method.
- Customer Data shall be encrypted at rest.
- Where use of encryption functionality may be controlled or modified by Customer, in the event Customer elects to modify the use of or turn off any encryption functionality, Customer does so at its own risk.
- Physical and Environment Security.
- The Hyland Cloud Platform uses data centers or third party service providers who have demonstrated compliance with one or more of the following standards (or a reasonable equivalent): International Organization for Standardization (“ISO”) 27001 and/or American Institute of Certified Public Accountants (“AICPA”) Service Organization Controls (“SOC”) Reports for Services Organizations. These providers provide Internet connectivity, physical security, power, and environmental systems and other services for the Hyland Cloud Platform.
- Hyland uses architecture and technologies designed to promote both security and high availability.
- Operations Security.
- Maintaining documented Hyland cloud operating procedures.
- Maintaining change management controls to ensure changes to Hyland Cloud Service production systems made by Hyland are properly authorized and reviewed prior to implementation. Customer is responsible for testing all configuration changes, authentication changes and upgrades implemented by Customer or implemented by Hyland at the request of Customer prior to production use of the Hyland Cloud Service. In cases where the Customer relies upon Hyland to implement changes on its behalf, a written request describing the change must be submitted (e.g. an e-mail, or another method provided by Hyland) by Customer’s designated Customer Security Administrators (“CSAs”) or set forth in a Services Proposal. Hyland will make scheduled configuration changes that are expected to impact Customer access to their Hyland Cloud Service during a planned maintenance window. Hyland may make configuration changes that are not expected to impact Customer during normal business hours.
- Monitoring usage and capacity levels within the Hyland Cloud Platform to adequately and proactively plan for future growth.
- Utilizing virus and malware protection technologies, which are configured to meet common industry standards designed to protect the Customer Data and equipment located within the Hyland Cloud Platform from virus infections or similar malicious payloads.
- Implementing disaster recovery and business continuity procedures. These will include replication of Customer Data to a secondary location.
- Maintaining a system and security logging process to capture system logs deemed critical by Hyland. These logs shall be maintained for at least six months and reviewed on a periodic basis.
- Maintaining system hardening requirements and configuration standards for components deployed within the Hyland Cloud Platform. Ensuring servers, operating systems, and supporting software used in the Hyland Cloud Platform receive all Critical and High security patches within a timely manner, but in no event more than 90 days after release, subject to the next sentence. In the event any such security patch would materially adversely affect the Hyland Cloud Service, then Hyland will use reasonable efforts to implement compensating controls until a security patch is available that would not materially adversely affect the Hyland Cloud Service.
- Conducting Hyland Cloud Platform vulnerability scans or analysis on at least a quarterly basis and remediate all critical and high vulnerabilities identified in accordance with its patch management procedures.
- Conducting Hyland Cloud Platform penetration tests at least annually.
- Communications Security
- Implementing Hyland Cloud Platform security controls to protect information resources within the Hyland Cloud Platform.
- When supported, upon implementation and once annually thereafter, Customer may request Hyland limit access to Customer’s Hyland Cloud Service to a list of pre-defined IP addresses at no additional cost.
- Supplier Relationships. Maintaining a Vendor Management Program for its critical vendors. This program will ensure critical vendors are evaluated on an annual basis.
- Security Incident.
- Employing incident response standards that are based upon applicable industry standards, such as ISO 27001:2013 and National Institute for Standards and Technology (“NIST”), to maintain the information security components of the Hyland Cloud Service environment.
- Responses to these incidents follow the Hyland documented incident response sequence. This sequence includes the incident trigger phase, evaluation phase, escalation phase, response phase, recovery phase, de-escalation phase, and post-incident review phase.
- If Hyland has determined Customer’s Hyland Cloud Service has been negatively impacted by a security incident, Hyland will deliver a root cause analysis summary. Such notice will not be unreasonably delayed, but will occur after initial corrective actions have been taken to contain the security threat or stabilize the Hyland Cloud Service.
- The root cause analysis will include the duration of the event, resolution, technical summary, outstanding issues, and follow-up, including steps Customer needs to take in order to prevent further issues. Hyland Cloud Service information including data elements that require additional confidentiality and security measures (including that of other customers impacted in the event) will not be publicly disclosed. If Customer needs additional details of an incident, a request to the Hyland GCS Support team must be submitted and handled on a case by case basis. The release of information process may require an on-site review to protect the confidentiality and security of the requested information.
- Hyland will notify Customer of a Security Incident within 48 hours. A “Security Incident” means a determination by Hyland of an actual disclosure of unencrypted Customer Data to an unauthorized person or entity that compromises the security, confidentiality, or integrity of the Customer Data.
- Information Security Aspects of Business Continuity Management.
- Maintaining a business continuity and disaster recovery plan.
- Reviewing and testing this plan annually.
- Aggregated Data.
- Hyland owns all Customer and User registration and billing data collected and used by Hyland that is required for user set-up, use and billing for the Hyland Cloud Service (“Account Information”) and all aggregated, anonymized and statistical data derived from the use and operation of the Hyland Cloud Service, including without limitation, the number of records in the Hyland Cloud Service, the number and types of transactions, configurations, and reports processed as part of the Hyland Cloud Service and the performance results of the Hyland Cloud Service (the “Aggregated Data”).
- Hyland may utilize the Account Information and Aggregated Data for purposes of operating Hyland’s business. For clarity, Account Information and Aggregated Data does not include Customer Data.
- Audit and Security Testing.
- Monitoring its compliance with its information security program. This includes periodic internal reviews. Results are shared with Hyland leadership and deviations tracked through to remediation.
- Maintaining a periodic external audit program. Completed attestations, such as available SOC 2 reports, are provided to Customer upon written request.
- Customer may conduct audits of Hyland’s operations that participate in the ongoing delivery and support of the Hyland Cloud Service purchased by Customer on an annual basis; provided Customer provides Hyland written notice of its desire to conduct such audit and the following criteria are met: (a) Hyland and Customer mutually agree upon the timing, scope, and criteria of such audit, which may include the completion of questionnaires supplied by Customer and guided review of policies, practices, procedures, Hyland Cloud Service configurations, invoices, or application logs, and (b) Customer agrees to pay Hyland fees (at Hyland’s standard rates) for the Professional Services that are required or requested of Hyland in connection with such audit. Prior to any such audit, any third party engaged by Customer to assist with such audit, must be cleared by Hyland and enter into a Non-Disclosure Agreement directly with Hyland. If any documentation requested by Customer cannot be removed from Hyland’s facilities as a result of physical limitations or policy restrictions, Hyland will allow Customer’s auditors access to such documentation at Hyland’s corporate headquarters in Ohio and may prohibit any type of copying or the taking of screen shots. Where necessary, Hyland will provide private and reasonable accommodation at Hyland’s corporate headquarters in Ohio for data analysis and meetings. Upon reasonable notice, Hyland and Customer mutually agree to make necessary employees or contractors available for interviews in person or on the phone during such audit at Customer’s cost and expense. Customer is prohibited from distributing or publishing the results of such audit to any third party without Hyland’s prior written approval.
- Customer may conduct penetration testing against the public URL used to access the Hyland Cloud Service on an annual basis; provided Customer provides Hyland with written notice of its desire to conduct such testing and the following criteria are met: (a) Hyland and Customer mutually agree upon the timing, scope, and criteria of such testing, which may include common social engineering, application, and network testing techniques used to identify or exploit common vulnerabilities including buffer overflows, cross site scripting, SQL injection, and man in the middle attacks, and (b) such testing is at Customer’s cost and expense and Customer pays to Hyland fees (at Hyland’s standard rates) for the Professional Services that are required or requested of Hyland in connection with such testing. Prior to any such testing, any third party engaged by Customer to assist with such testing, must be cleared by Hyland and enter into a Non-Disclosure Agreement directly with Hyland. Customer acknowledges and agrees that any such testing performed without mutual agreement regarding timing, scope, and criteria may be considered a hostile attack, which may trigger automated and manual responses, including reporting the activity to local and federal law enforcement agencies as well as immediate suspension of Customer’s access to or use of the Hyland Cloud Service. Customer is prohibited from distributing or publishing the results of such penetration testing to any third party without Hyland’s prior written approval.
Effective March 30th 2021 to February 2nd 2022
DownloadTable of Contents
- Risk Management.
- Conducting an annual risk assessment designed to identify threats and vulnerabilities in the administrative, physical, legal, regulatory, and technical safeguards used to protect the Hyland Cloud Service.
- Maintaining a documented risk remediation process to assign ownership of identified risks, establish remediation plans and timeframes, and provide for periodic monitoring of progress.
- Information Security Program.
- Maintaining a documented comprehensive Hyland Cloud Service information security program. This program will include policies and procedures based on industry standard practices, which may include ISO 27001/27002, or other equivalent standards.
- Such information security program shall include, as applicable: (i) adequate physical and cyber security where Customer Data will be processed and/or stored; and (ii) reasonable precautions taken with respect to Hyland personnel employment.
- These policies will be reviewed and updated by Hyland management annually.
- Organization of Information Security. Assigning security responsibilities to appropriate Hyland individuals or groups to facilitate protection of the Hyland Cloud Service and associated assets.
- Human Resources Security.
- Hyland employees undergo comprehensive screening during the hiring process. Background checks and reference validation will be performed to determine whether candidate qualifications are appropriate for the proposed position. Subject to any restrictions imposed by applicable law and based on jurisdiction, these background checks include criminal background checks, employment validation, and education verification as applicable.
- Ensuring all Hyland employees are subject to confidentiality and non-disclosure commitments before access is provisioned to the Hyland Cloud Service or Customer Data.
- Ensuring applicable Hyland employees receive security awareness training designed to provide such employees with information security knowledge to provide for the security, availability, and confidentiality of Customer Data.
- Upon Hyland employee separation or change in roles, Hyland shall ensure any Hyland employee access to the Hyland Cloud Service is revoked in a timely manner and all applicable Hyland assets, both information and physical, are returned.
- Asset Management.
- Maintaining asset and information management policies and procedures. This includes ownership of assets, an inventory of assets, classification guidelines, and handling standards pertaining to Hyland assets.
- Maintaining media handling procedures to ensure media containing Customer Data as part of the Hyland Cloud Service is encrypted and stored in a secure location subject to strict physical access controls.
- When a Hyland Cloud Service storage device has reached the end of its useful life, procedures include a decommissioning process that is designed to prevent Customer Data from being exposed to unauthorized individuals using the techniques recommended by NIST to destroy data as part of the decommissioning process.
- If a Hyland storage device is unable to be decommissioned using these procedures, the device will be virtually shredded, degaussed, purged/wiped, or physically destroyed in accordance with industry-standard practices.
- Access Controls.
- Maintaining a logical access policy and corresponding procedures. The logical access procedures will define the request, approval and access provisioning process for Hyland personnel. The logical access process will restrict Hyland user (local and remote) access based on Hyland user job function (role/profile based, appropriate access) for applications and databases. Hyland user access recertification to determine access and privileges will be performed periodically. Procedures for onboarding and offboarding Hyland personnel users in a timely manner will be documented. Procedures for Hyland personnel user inactivity threshold leading to account suspension and removal threshold will be documented.
- Limiting Hyland’s access to Customer Data to its personnel who have a need to access Customer Data as a condition to Hyland’s performance of the services under this Agreement. Hyland shall utilize the principle of “least privilege” and the concept of “minimum necessary” when determining the level of access for all Hyland users to Customer Data. Hyland shall require strong passwords subject to complexity requirements and periodic rotation and the use of multi-factor authentication.
- Ensuring strict access controls are in place for Customer Data access by Hyland. Customer administrators control its user access, user permissions, and Customer Data retention to the extent such controls are available to Customer with respect to the Hyland Cloud Service.
- System Boundaries.
- Hyland is not responsible for any system components that are not within the Hyland Cloud Platform, including network devices, network connectivity, workstations, servers, and software owned and operated by the Customer or other third parties. Hyland may provide support for these components at its reasonable discretion.
- The processes executed within the Hyland Cloud Platform are limited to those that are executed by a Hyland employee (or Hyland authorized third party) or processes that are executed within Hyland’s established system boundaries, in whole. This includes, but is not limited to, hardware installation, software installation, data replication, data security, and authentication processes.
- Certain business processes may cross these boundaries, meaning one or more tasks are executed outside of Hyland’s established system boundaries for the Hyland Cloud Platform, one or more tasks are executed by individuals who are not Hyland personnel (or authorized third-parties), or one or more tasks are executed based on written requests placed by Customer. In such event, Hyland will provide support for such processes to the extent they occur within Hyland’s established system boundaries, but Hyland is not responsible for providing support for such processes to the extent they occur outside of such established system boundaries. At its reasonable discretion, Hyland may provide limited support for processes that occur outside such established system boundaries for the Hyland Cloud Platform. Examples of business processes that cross these boundaries include, but are not limited to, Hyland Cloud Service configuration changes, processing that occurs within the Hyland Cloud Service, user authorization, and file transfers.
- Encryption.
- Customer Data shall only be uploaded to the Hyland Cloud Services in an encrypted format such as via SFTP, TLS/SSL, or other equivalent method.
- If Customer purchases the applicable encryption service, applicable Customer Data shall be encrypted at rest.
- Where use of encryption functionality may be controlled or modified by Customer, in the event Customer elects to modify the use of or turn off any encryption functionality, Customer does so at its own risk.
- Physical and Environment Security.
- The Hyland Cloud Platform uses data centers or third party service providers who have demonstrated compliance with one or more of the following standards (or a reasonable equivalent): International Organization for Standardization (“ISO”) 27001 and/or American Institute of Certified Public Accountants (“AICPA”) Service Organization Controls (“SOC”) Reports for Services Organizations. These providers provide Internet connectivity, physical security, power, and environmental systems and other services for the Hyland Cloud Platform.
- Hyland uses architecture and technologies designed to promote both security and high availability.
- Operations Security.
- Maintaining documented Hyland cloud operating procedures.
- Maintaining change management controls to ensure changes to Hyland Cloud Service production systems made by Hyland are properly authorized and reviewed prior to implementation. Customer is responsible for testing all configuration changes, authentication changes and upgrades implemented by Customer or implemented by Hyland at the request of Customer prior to production use of the Hyland Cloud Service. In cases where the Customer relies upon Hyland to implement changes on its behalf, a written request describing the change must be submitted (e.g. an e-mail, or another method provided by Hyland) by Customer’s designated Customer Security Administrators (“CSAs”) or set forth in a Services Proposal. Hyland will make scheduled configuration changes that are expected to impact Customer access to their Hyland Cloud Service during a planned maintenance window. Hyland may make configuration changes that are not expected to impact Customer during normal business hours.
- Monitoring usage and capacity levels within the Hyland Cloud Platform to adequately and proactively plan for future growth.
- Utilizing virus and malware protection technologies, which are configured to meet common industry standards designed to protect the Customer Data and equipment located within the Hyland Cloud Platform from virus infections or similar malicious payloads.
- Implementing disaster recovery and business continuity procedures. These will include replication of Customer Data to a secondary location.
- Maintaining a system and security logging process to capture system logs deemed critical by Hyland. These logs shall be maintained for at least six months and reviewed on a periodic basis.
- Maintaining system hardening requirements and configuration standards for components deployed within the Hyland Cloud Platform. Ensuring servers, operating systems, and supporting software used in the Hyland Cloud Platform receive all Critical and High security patches within a timely manner, but in no event more than 90 days after release, subject to the next sentence. In the event any such security patch would materially adversely affect the Hyland Cloud Service, then Hyland will use reasonable efforts to implement compensating controls until a security patch is available that would not materially adversely affect the Hyland Cloud Service.
- Conducting Hyland Cloud Platform vulnerability scans or analysis on at least a quarterly basis and remediate all critical and high vulnerabilities identified in accordance with its patch management procedures.
- Conducting Hyland Cloud Platform penetration tests at least annually.
- Communications Security
- Implementing Hyland Cloud Platform security controls to protect information resources within the Hyland Cloud Platform.
- When supported, upon implementation and once annually thereafter, Customer may request Hyland limit access to Customer’s Hyland Cloud Service to a list of pre-defined IP addresses at no additional cost.
- Supplier Relationships. Maintaining a Vendor Management Program for its critical vendors. This program will ensure critical vendors are evaluated on an annual basis.
- Security Incident.
- Employing incident response standards that are based upon applicable industry standards, such as ISO 27001:2013 and National Institute for Standards and Technology (“NIST”), to maintain the information security components of the Hyland Cloud Service environment.
- Responses to these incidents follow the Hyland documented incident response sequence. This sequence includes the incident trigger phase, evaluation phase, escalation phase, response phase, recovery phase, de-escalation phase, and post-incident review phase.
- If Hyland has determined Customer’s Hyland Cloud Service has been negatively impacted by a security incident, Hyland will deliver a root cause analysis summary. Such notice will not be unreasonably delayed, but will occur after initial corrective actions have been taken to contain the security threat or stabilize the Hyland Cloud Service.
- The root cause analysis will include the duration of the event, resolution, technical summary, outstanding issues, and follow-up, including steps Customer needs to take in order to prevent further issues. Hyland Cloud Service information including data elements that require additional confidentiality and security measures (including that of other customers impacted in the event) will not be publicly disclosed. If Customer needs additional details of an incident, a request to the Hyland GCS Support team must be submitted and handled on a case by case basis. The release of information process may require an on-site review to protect the confidentiality and security of the requested information.
- Hyland will notify Customer of a Security Incident within 48 hours. A “Security Incident” means a determination by Hyland of an actual disclosure of unencrypted Customer Data to an unauthorized person or entity that compromises the security, confidentiality, or integrity of the Customer Data.
- Information Security Aspects of Business Continuity Management.
- Maintaining a business continuity and disaster recovery plan.
- Reviewing and testing this plan annually.
- Aggregated Data.
- Hyland owns all Customer and User registration and billing data collected and used by Hyland that is required for user set-up, use and billing for the Hyland Cloud Service (“Account Information”) and all aggregated, anonymized and statistical data derived from the use and operation of the Hyland Cloud Service, including without limitation, the number of records in the Hyland Cloud Service, the number and types of transactions, configurations, and reports processed as part of the Hyland Cloud Service and the performance results of the Hyland Cloud Service (the “Aggregated Data”).
- Hyland may utilize the Account Information and Aggregated Data for purposes of operating Hyland’s business. For clarity, Account Information and Aggregated Data does not include Customer Data.
- Audit and Security Testing.
- Monitoring its compliance with its information security program. This includes periodic internal reviews. Results are shared with Hyland leadership and deviations tracked through to remediation.
- Maintaining a periodic external audit program. Completed attestations, such as available SOC 2 reports, are provided to Customer upon written request.
- Customer may conduct audits of Hyland’s operations that participate in the ongoing delivery and support of the Hyland Cloud Service purchased by Customer on an annual basis; provided Customer provides Hyland written notice of its desire to conduct such audit and the following criteria are met: (a) Hyland and Customer mutually agree upon the timing, scope, and criteria of such audit, which may include the completion of questionnaires supplied by Customer and guided review of policies, practices, procedures, Hyland Cloud Service configurations, invoices, or application logs, and (b) Customer agrees to pay Hyland fees (at Hyland’s standard rates) for the Professional Services that are required or requested of Hyland in connection with such audit. Prior to any such audit, any third party engaged by Customer to assist with such audit, must be cleared by Hyland and enter into a Non-Disclosure Agreement directly with Hyland. If any documentation requested by Customer cannot be removed from Hyland’s facilities as a result of physical limitations or policy restrictions, Hyland will allow Customer’s auditors access to such documentation at Hyland’s corporate headquarters in Ohio and may prohibit any type of copying or the taking of screen shots. Where necessary, Hyland will provide private and reasonable accommodation at Hyland’s corporate headquarters in Ohio for data analysis and meetings. Upon reasonable notice, Hyland and Customer mutually agree to make necessary employees or contractors available for interviews in person or on the phone during such audit at Customer’s cost and expense. Customer is prohibited from distributing or publishing the results of such audit to any third party without Hyland’s prior written approval.
- Customer may conduct penetration testing against the public URL used to access the Hyland Cloud Service on an annual basis; provided Customer provides Hyland with written notice of its desire to conduct such testing and the following criteria are met: (a) Hyland and Customer mutually agree upon the timing, scope, and criteria of such testing, which may include common social engineering, application, and network testing techniques used to identify or exploit common vulnerabilities including buffer overflows, cross site scripting, SQL injection, and man in the middle attacks, and (b) such testing is at Customer’s cost and expense and Customer pays to Hyland fees (at Hyland’s standard rates) for the Professional Services that are required or requested of Hyland in connection with such testing. Prior to any such testing, any third party engaged by Customer to assist with such testing, must be cleared by Hyland and enter into a Non-Disclosure Agreement directly with Hyland. Customer acknowledges and agrees that any such testing performed without mutual agreement regarding timing, scope, and criteria may be considered a hostile attack, which may trigger automated and manual responses, including reporting the activity to local and federal law enforcement agencies as well as immediate suspension of Customer’s access to or use of the Hyland Cloud Service. Customer is prohibited from distributing or publishing the results of such penetration testing to any third party without Hyland’s prior written approval.
Professional Services Schedule
Effective February 17th 2025
DownloadTable of Contents
(i) Form of Delivered Work Products. The form in which Hyland delivers Work Products will be determined by Hyland depending on the purpose and functionality of the Work Product. (ii) Configuration Work Products. If Hyland delivers a Work Product: (1) in the form of (i) source code which is compiled by tools in the Software to machine language form; or (ii) a script; or (2) created using the configuration tools in the Software (a “Configuration Work Product”), then the Configuration Work Product may be modified, provided such modified Configuration Work Product is used only in compliance with the terms of the limited license to such Work Product granted hereunder. (iii) Independent Work Products. If Hyland delivers a Work Product which is not a Configuration Work Product (an “Independent Work Product”), then, except as otherwise provided in the last sentence of this paragraph, such Independent Work Product may not be altered or modified. If mutually agreed by the parties, and subject to the payment of applicable fees to Hyland, if any, Hyland may redeliver an Independent Work Product in a format that may be modified. In such case, the redelivered Independent Work Product may be modified, and if necessary, compiled, provided such modified Independent Work Product is used only in compliance with the terms of the limited license to such Work Product granted hereunder. |
Removal and Refund. If Hyland is unable to accomplish either of the options set forth in subparagraph (d) above, Hyland shall remove the infringing portion of the Work Products and refund to Customer the full services fees paid, if any, by Customer for the creation and implementation of the infringing Work Products.
Exclusions. Notwithstanding anything to the contrary, Hyland shall have no obligation to Customer to defend or satisfy any claims made against Customer and otherwise described in this Section that arise from: (a) any Customer Data; (b) use of the Work Products by Customer other than as expressly permitted by this Schedule; (c) the combination of the Work Products with any product not furnished by Hyland to Customer; (d) the modification or addition to of the Work Products other than by Hyland or any of its authorized channel partners specifically retained by Hyland to provide such modification or addition; or (e) the Customer’s business methods or processes.
Effective February 17th 2025
DownloadForm der gelieferten Arbeitsergebnisse. Die Form, in der Hyland Arbeitsergebnisse liefert, wird von Hyland in Abhängigkeit vom Zweck und der Funktionalität des Arbeitsergebnisses festgelegt.
Konfigurierte Arbeitsergebnisse. Wenn Hyland ein Arbeitsergebnis liefert: (a) in Form von (i) Quellcode, der von Tools in der Software in Maschinensprache kompiliert wird; oder (ii) eines Skripts; oder (b) welches unter Verwendung der Konfigurations-Tools in der Software erstellt wird (ein „Konfiguriertes Arbeitsergebnis“), gewährt Hyland dem Kunden das beschränkte Recht, das Konfigurierte Arbeitsergebnis zu modifizieren, vorausgesetzt, ein solches modifiziertes Konfiguriertes Arbeitsergebnis wird nur in Übereinstimmung mit den Bedingungen der beschränkten Lizenz für ein solches Arbeitsergebnis verwendet, die gemäß diesem Abschnitt gewährt wird.
Unabhängige Arbeitsergebnisse. Wenn Hyland ein Arbeitsergebnis liefert, bei dem es sich nicht um ein Konfiguriertes Arbeitsergebnis handelt (ein „Unabhängiges Arbeitsergebnis“), darf der Kunde dieses Unabhängige Arbeitsergebnis nicht verändern oder modifizieren, es sei denn, der letzte Satz dieses Abschnittes sieht etwas anderes vor. Wenn Hyland ein Unabhängiges Arbeitsergebnis liefert und der Kunde das Recht zur Modifizierung des Unabhängigen Arbeitsergebnisses erhalten möchte, können die Parteien einvernehmlich vereinbaren, dass Hyland dem Kunden eine Kopie des Formats des Unabhängigen Arbeitsergebnisses liefert, das zur Modifizierung des Unabhängigen Arbeitsergebnisses erforderlich ist, vorbehaltlich und nach Zahlung der zusätzlichen Dienstleistungsgebühren durch den Kunden an Hyland, die Hyland möglicherweise für die Erstellung und Lieferung eines solchen Formats berechnen kann. In diesem Fall gewährt Hyland dem Kunden das Recht, das gelieferte Format des Unabhängigen Arbeitsergebnisses zu modifizieren und gegebenenfalls zu kompilieren, vorausgesetzt, dass das modifizierte Unabhängige Arbeitsergebnis nur in Übereinstimmung mit den Bedingungen der gemäß diesem Abschnitt gewährten beschränkten Lizenz für dieses gewährte Arbeitsergebnis verwendet wird.
Die einzige Verpflichtung von Hyland und das einzige und ausschließliche Recht des Kunden bei Nichteinhaltung der ausdrücklichen beschränkten Gewährleistung gemäß diesem Abschnitt lauten wie folgt: Sofern der Kunde Hyland innerhalb der geltenden 1-Jahres-Frist schriftlich über die Nichtkonformität benachrichtigt, wird Hyland entweder (a) das nicht konforme Arbeitsergebnis reparieren oder ersetzen, was die Lieferung einer angemessenen Umgehungslösung für die Nichtkonformität beinhalten kann; oder (b) wenn Hyland feststellt, dass eine Reparatur oder ein Ersatz des Arbeitsergebnisses wirtschaftlich nicht praktikabel ist, diese Anlage in Bezug auf das nicht konforme Arbeitsergebnis kündigen; in diesem Fall erstattet Hyland, sofern der Kunde seinen Verpflichtungen bei der Kündigung nachkommt, einen Teil der vor dem Zeitpunkt der Kündigung bezahlten Dienstleistungsgebühren in Bezug auf die Erstellung und Implementierung eines solchen Arbeitsergebnisses. Die gesetzlichen Gewährleistungsrechte des Kunden bleiben vorbehaltlich der ausdrücklichen Bestimmungen dieser Vereinbarung unberührt.
Effective February 17th 2025
DownloadRetirada y Reembolso. Si Hyland no puede cumplir con alguna de las opciones establecidas en el apartado (d) anterior, eliminará la parte infractora de los Productos de Trabajo y le reembolsará al Cliente la totalidad de las tarifas de servicios pagada por la creación e implementación de los Productos de Trabajo que no están en conformidad.
Exclusiones. Salvo disposición en contrario, Hyland no tendrá ninguna obligación de defender al Cliente ante cualquier reclamación realizada contra el Cliente y descrita en esta Sección que surja de: (a) Datos del Cliente; (b) el uso de los Productos de Trabajo por parte del Cliente que no esté expresamente permitido por este Anexo; (c) la combinación de los Productos de Trabajo con cualquier producto no proporcionado por Hyland; (d) la modificación o adición de los Productos de Trabajo que no sea por parte de Hyland o cualquiera de sus proveedores de soluciones autorizados específicamente para hacer las modificaciones o adiciones, o (e) los métodos o procesos comerciales del Cliente.
Effective February 17th 2025
DownloadProduits de Travail de Configuration. Dans le cas où Hyland fournit un Produit de Travail : (a) sous la forme (i) d’un code source compilé par des outils incorporés au(x) Logiciel(s) sous forme de langage machine ; ou (ii) d’un script ; ou (b) créé à l’aide des outils de configuration du/des Logiciel(s) (un «Produit de Travail de Configuration»), Hyland concède au Client un droit de modification limité du Produit de Travail de Configuration, sous réserve que ce Produit de Travail de Configuration modifié soit utilisé conformément aux termes de la licence limitée concédée sur le Produit de Travail en vertu du présent article.
Produits de Travail Indépendants. Dans le cas où Hyland fournit un Produit de Travail ne constituant pas un Produit de Travail de Configuration (un «Produit de Travail Indépendant»), et sous réserve des stipulations de la dernière phrase de ce paragraphe, le Client ne saurait altérer ou modifier le Produit de Travail Indépendant. Dans le cas où le Client désire obtenir le droit de modifier un Produit de Travail Indépendant fourni par Hyland, les parties pourront mutuellement convenir que Hyland fournira au Client une copie du format du Produit de Travail Indépendant afin de permettre au Client d'effectuer ses modifications, sous réserve du paiement par le Client à Hyland des frais additionnelles que Hyland se réserve le droit de facturer pour la préparation et la livraison dudit format. Dans un tel cas, Hyland concède au Client le droit de modifier, et si nécessaire, de compiler le format du Produit de Travail Indépendant concerné, sous réserve que le Produit de Travail Indépendant tel que modifié soit utilisé conformément aux termes de la licence limitée concédée sur le Produit de Travail en vertu du présent article.
La seule obligation de Hyland, et le seul et unique recours du Client, pour toute non-conformité à la garantie limitée expressément définie dans la presente Section, sont les suivants : sous réserve de la notification, par le Client, de la/les non-conformité(s) dans un délai de soixante (60) jours visé à la présente, Hyland (a) répare ou remplace le Produit de Travail non conforme, ce qui peut comprendre la fourniture d'une solution raisonnable de contournement de la non-conformité; ou (b) si Hyland détermine que la réparation ou le remplacement du Produit de Travail n'est pas commercialement viable, Hyland résiliera cette Annexe concernant le Produit de Travail non conforme, auquel cas, et si le Client respecte ses obligations à la date de la résiliation, Hyland rembourse les montants réglés préalablement à cette résiliation au titre de la création et l'implémentation de ce Produit de Travail non conforme.
Suppression et Remboursement. Dans le cas où Hyland n'est pas en mesure de réaliser l'une ou l'autre des options énoncées dans l'article 7.4(d), celle-ci supprimera la partie contrefaisante des Produits de Travail et remboursera au Client les montants réglés par le Client pour la création et l'implémentation des Produit de Travail contrefaisants.
Exclusions. Nonobstant toute stipulation contraire, Hyland n'est tenue par aucune obligation envers le Client de défendre ou de satisfaire toute réclamation faite à l'encontre du Client et autrement décrite dans la présente Section, fondées sur: (a) toute Donnée Client; (b) l'utilisation des Produits de Travail par le Client non expressément autorisée par la présente Annexe; (c) la combinaison des Produits de Travail avec tout produit non fourni par Hyland au Client; (d) la modification des Produits de Travail ou de l’ajout d’éléments à ceux-ci, non-effectuée par Hyland ou l'un de ses fournisseurs de solutions autorisés et spécifiquement retenus par Hyland afin de fournir une telle modification ou un tel ajout; ou (e) des méthodes ou process commerciaux du Client.
Effective February 17th 2025
DownloadEffective March 7th 2024 to February 17th 2025
DownloadTable of Contents
PROFESSIONAL SERVICES SCHEDULE
This Professional Services Schedule (this “Professional Services Schedule”) is part of the Master Agreement, Order Form, or other agreement or document entered into between Customer and Hyland, which incorporates this Professional Services Schedule by reference (the “Incorporating Document”). As used herein, the “Agreement” means the Incorporating Document, inclusive of this Professional Services Schedule, and any other agreement within which the Incorporating Document is incorporated.
DEFINED TERMS
All capitalized terms used in this Professional Services Schedule shall have the meaning ascribed them in this Professional Services Schedule or, if not defined in this Professional Services Schedule, the General Terms Schedule. If any capitalized terms used herein are not defined in this Professional Services Schedule or the General Terms Schedule, they shall have the meaning ascribed to them elsewhere in the Agreement. In the event the same defined term is defined in two (2) or more Schedules, the term shall be given the meaning defined in each Schedule with respect to that Schedule, and, if the term is also used within this Schedule, this Schedule shall be interpreted to include all definitions, as the context requires.
“Professional Services” means any professional services provided by Hyland under a Services Proposal (as defined in this Professional Services Schedule), including but not limited to those services listed at https://www.hyland.com/services. Examples of the services include: (a) installation of the Software; (b) consulting, implementation and integration projects related to the Software, including but not limited to the customized configuration of integration Software or business process automation modules; (c) project management; (d) development projects in connection with the integration of Software with other applications utilizing any Software application programming interface (API).
“Services Proposal” means either: (a) a written proposal issued hereunder, and which sets forth the Professional Services Hyland will provide to Customer and which is signed by Customer and Hyland; or (b) an order form submitted by Customer and accepted by Hyland for Professional Services. Services Proposals are fully incorporated herein by reference.
“Specifications” means the definitive, final functional specifications for Work Products, if any, produced by Hyland under a Services Proposal. If there is an underlying license agreement between the parties, then specifications shall be considered Documentation in the case of Work Products.
“Working Hour” means the services of one (1) person for a period of one (1) hour (or any part thereof) during regular business hours.
“Work Products” means all items in the nature of computer software, including source code, object code, scripts, and any components or elements of the foregoing, or items created using the configuration tools of the Software, together with any and all design documents associated with items in the nature of computer software, in each case which are created, developed, discovered, conceived or introduced by Hyland, working either alone or in conjunction with others, in the performance of services under the Agreement. If applicable, Work Products shall include any pre-configured templates or VBScripts which have been or may be created or otherwise provided by Hyland as part of the configuration of advance capture Software.
1. SERVICES PROPOSAL. Customer may request Professional Services from Hyland. Hyland and Customer will discuss the parameters of the request and Hyland will inform the Customer as to whether the Professional Services shall be performed pursuant to a Services Proposal.
2. FULFILLMENT.
(a) Hyland will provide the Professional Services described in any mutually agreed upon Services Proposal at a time and on a schedule that is mutually agreed upon by the parties. If any delays in such Professional Services occur solely as a result of any incorrect information, incorrect assumption or failure of Customer to perform or fulfill its obligations in connection with any Services Proposal, the performance schedule for the applicable project may be extended. Hyland shall have no liability or responsibility for any costs or expenses resulting from such delays. In the event that performance of any milestone set forth in any Services Proposal is not met due to a delay solely caused by Hyland, and provided that such cause is not an event of force majeure as described in the Agreement, Hyland agrees, at no additional charge, to commit such additional resources and personnel as shall be necessary to ensure that such delay does not result in the slippage of later milestones or completion of such Professional Services. The parties agree that any Professional Services or Work Products described in this Professional Services Schedule that have been performed or developed, in whole or in part, prior to the execution of this Agreement by the parties nevertheless shall be covered by all terms and conditions of this Professional Services Schedule.
(b) Corporate Policies. Hyland acknowledges that Customer maintains corporate policies which apply to individuals who will perform services utilizing Customer’s premises or system (collectively, the “Corporate Policies”). In performing Professional Services under the Agreement, or any Services Proposal entered into pursuant to the terms of the Agreement, Hyland will use reasonable efforts to comply with the Corporate Policies to the extent such Corporate Policies are applicable to the delivery of such Professional Services, do not conflict with the Agreement or any other related agreement in place between Hyland and Customer and have been provided to Hyland reasonably in advance of any Professional Services engagement. Notwithstanding anything to the contrary in such Corporate Policies, if a Hyland resource fails to comply with the Corporate Policies and such failure does not otherwise constitute a breach of this Agreement, then Customer acknowledges and agrees that Hyland will not be in breach of contract or otherwise liable for damages, and as Customer’s sole remedy, Customer may immediately remove from its premises the individual resource(s) responsible for the failure and require that such individual resource(s) do not perform any further Professional Services for Customer.
3. CHANGES TO SERVICES PROPOSAL. Either party may, at any time, reasonably request a change to any Service Proposal. Any requested change that the parties mutually accept (a “Change”) will be set forth in a written change order prepared by Hyland and agreed to and signed by both parties that specifically references the relevant Service Proposal. In the event the parties are unable to mutually agree upon a proposed Change or a proposed change order, and such proposed Change relates to a material component of the project that is the subject of the relevant Services Proposal, either party may terminate such Service Proposal upon not less than thirty (30) days advance written notice to the other party.
4. CUSTOMER’S OBLIGATIONS.
4.1 Assistance and Obligations. Customer agrees that it will cooperate with and assist Hyland in the performance of Professional Services under any Services Proposal; will provide the resources specified in the relevant Services Proposal; and will perform or fulfill all obligations required to be performed or fulfilled by Customer under the terms of the relevant Services Proposal. Customer acknowledges that if it fails to provide assistance and perform or fulfill its obligations in accordance with this Section and the relevant Services Proposal, Hyland’s ability to provide such Professional Services, meet the performance schedule set forth in such Services Proposal and keep services fees reasonably in line with any estimates given in the Services Proposal may be adversely affected. During any period in which Hyland is performing services hereunder, Customer shall provide to the Hyland project team independent local (onsite) and remote (offsite) access through the use of secure connections such as a network connection, VPN connection or other similar methods and dedicated user accounts with appropriate privileges to the applicable Software, hardware or virtual machines allocated to the applicable software system. Remote and local access will be granted for all provisioned environments, including production.
4.2 Third Party Software Rights. Notwithstanding any contrary terms, if Customer requests Hyland to perform Professional Services on or with respect to any third party software, Customer represents and warrants to Hyland that Customer has all necessary rights to allow Hyland to do so.
4.3 Protection of Customer’s Systems. EXCEPT AS IT RELATES TO A HYLAND CLOUD SERVICE HOSTED BY HYLAND, CUSTOMER UNDERSTANDS THAT IT IS SOLELY RESPONSIBLE TO TAKE APPROPRIATE MEASURES TO ISOLATE AND BACKUP OR OTHERWISE ARCHIVE ITS COMPUTER SYSTEMS, INCLUDING ITS COMPUTER PROGRAMS, DATA AND FILES.
4.4 Safe Work Environment. Customer will be responsible for and shall ensure that while Hyland employees, agents or subcontractors are on Customer’s premises, all proper and legal health and safety precautions are in place and fully operational to protect such persons.
5. SERVICES FEES. Except as otherwise provided in any applicable Services Proposal: (a) Hyland will charge services fees for Professional Services at Hyland’s then-current standard list price for the applicable Professional Services; and (b) Hyland shall invoice for Professional Services fees monthly, in arrears, based on the number of Working Hours required to complete the project and the applicable hourly fees; and each such invoice shall be paid in full in accordance with the terms of the Agreement. Any estimates of fees or Working Hours required to complete the project are approximations of the anticipated amount of fees and time needed to complete the project. The actual number of Working Hours may vary.
6. TRAVEL AND EXPENSES. Hyland shall be reimbursed for all customary and reasonable out-of-pocket costs and expenses incurred by Hyland in connection with the performance of services under the Agreement (including fees and expenses relating to travel, meals, lodging and third party vendor registration requirements) in accordance with Hyland’s applicable internal policy for the reimbursement of costs and expenses to its employees. Except as otherwise provided in any applicable Services Proposal, Hyland shall invoice for all reimbursable costs and expenses on a monthly basis, in arrears; and such invoices shall be paid in full each in accordance with the Agreement.
7. LIMITED WARRANTY FOR SERVICES.
7.1 Limited Warranty. For a period of sixty (60) days from the date of completion of Professional Services, Hyland warrants to Customer that such services have been performed in a good and workmanlike manner and substantially according to industry standards. This warranty specifically excludes non-performance issues caused as a result of incorrect data or incorrect procedures used or provided by Customer or a third party or failure of Customer to perform and fulfill its obligations under the Agreement.
7.2 Remedy. Hyland’s sole obligation, and Customer’s sole and exclusive remedy for any non-conformities to the express limited warranties under the immediately preceding Section shall be as follows: provided that, within the applicable warranty period, Customer notifies Hyland in writing of the non-conformity, Hyland will use reasonable efforts to re-perform the non-conforming services in an attempt to correct the non-conformity(ies). If Hyland is unable to correct such non-conformity(ies) after a reasonable period of time, Customer’s sole and exclusive remedy shall be to terminate the Services Proposal under which the non-conforming Services have been performed, in which event Hyland will refund to Customer any portion of the services fees under such Services Proposal relating directly to such non-conforming Professional Services paid prior to the time of such termination.
8. WORK PRODUCTS.
8.1 Work Products License. Hyland grants to Customer a limited, non-exclusive and non-assignable license to use the Work Products only in connection with Customer’s authorized use of the Software, Hyland Cloud Service, or Add-On Services, or other Hyland product or service (collectively “Hyland Core Product”) with which such Work Product was delivered by Hyland for use by Customer. Customer may not: (a) make or authorize the making of copies of any Work Products; (b) remove any Hyland notices in the Work Products; (c) sell, transfer, rent, lease, time share or sublicense the Work Products to any third party; or (d) disassemble, decompile, reverse engineer or otherwise attempt to derive source code from any Work Product for any reason. Customer further agrees that, in connection with any use of the Work Products by Customer, the Work Products shall not be copied and installed on additional servers unless Customer has purchased a license therefore. All restrictions on use of the Hyland Core Product, including without limitation export restrictions and U.S. Government End User provisions, shall apply to the Work Products. If the license to the Hyland Core Product with which such Work Product was delivered by Hyland for use by Customer terminates, Customer’s right to use the applicable Work Product shall also terminate. All post-termination rights and obligations with respect to the applicable Core Hyland Product shall also apply to the Work Product.
8.2 Modification of Work Products.
8.2.1 Form of Delivered Work Products. The form in which Hyland delivers Work Products will be determined by Hyland depending on the purpose and functionality of the Work Product.
8.2.2 Configuration Work Products. If Hyland delivers a Work Product: (a) in the form of (i) source code which is compiled by tools in the Software to machine language form; or (ii) a script; or (b) created using the configuration tools in the Software (a “Configuration Work Product”), then Hyland grants to Customer the limited right to modify the Configuration Work Product, provided such modified Configuration Work Product is used only in compliance with the terms of the limited license to such Work Product granted hereunder.
8.2.3 Independent Work Products. If Hyland delivers a Work Product which is not a Configuration Work Product (an “Independent Work Product”), then, except as otherwise provided in the last sentence of this paragraph, Customer may not alter or modify such Independent Work Product. If Hyland delivers an Independent Work Product, and Customer desires to obtain the right to modify the Independent Work Product, then the parties may mutually agree that Hyland shall deliver to Customer a copy of the format of the Independent Work Product that is necessary to enable the Customer to complete its modifications, subject to and upon the payment by Customer to Hyland of any additional Professional Services fees as Hyland may charge to prepare and deliver such format. In such case, Hyland grants to Customer the right to modify, and if necessary, compile the delivered format of the Independent Work Product, provided such modified Independent Work Product is used only in compliance with the terms of the limited license to such Work Product granted hereunder.
8.3 Work Products Warranty
8.3.1 Limited Warranty. For a period of sixty (60) days from and including the date that Hyland has delivered a completed Work Product to Customer, Hyland warrants to Customer that such Work Product, when properly installed and properly used, will function in all material respects as described in the Specifications. The terms of this warranty shall not apply to, and Hyland shall have no liability for any non-conformity related to, any Work Product that has been (a) modified or added to by Customer or a third party, (b) used in combination with equipment or software other than that which is consistent with the Specification, or (c) misused or abused.
8.3.2 Remedy. Hyland’s sole obligation, and Customer’s sole and exclusive remedy, for any non-conformities to the express limited warranty under the immediately preceding Section shall be as follows: provided that, within the applicable warranty period, Customer notifies Hyland in writing of the non-conformity, Hyland will either (a) repair or replace the non-conforming Work Product, which may include the delivery of a reasonable workaround for the non-conformity; or (b) if Hyland determines that repair or replacement of the Work Product is not commercially practicable, then terminate this Professional Services Schedule with respect to the non-conforming Work Product, in which event, upon compliance by Customer with its obligations upon termination, Hyland will refund any portion of the services fees paid prior to the time of such termination with respect to the creation and implementation of such Work Product.
8.4 Work Products Infringement Indemnification. Hyland agrees to indemnify Customer against all liability and expense, including reasonable attorneys’ fees, arising from or in connection with any third party claim, action or proceeding instituted against Customer based upon any infringement or misappropriation by the Work Products of any patent, registered copyright or registered trademark of a third party, provided that Hyland: (a) is notified immediately after Customer receives notice of such claim; (b) is solely in charge of the defense of and any settlement negotiations with respect to such claim, provided that Hyland will not settle any such claim without the prior written consent of Customer if such settlement contains a stipulation to or admission or acknowledgement of any liability or wrongdoing on the part of Customer or otherwise requires payment by Customer; (c) receives Customer’s reasonable cooperation in the defense or settlement of such claim; and (d) has the right, upon either the occurrence of or the likelihood (in the opinion of Hyland) of the occurrence of a finding of infringement or misappropriation, either to procure for Customer the right to continue use of the Work Products, or to replace the relevant portions of the Work Products with other equivalent, non-infringing portions.
8.4.1 Removal and Refund. If Hyland is unable to accomplish either of the options set forth in Section 8.4(d), Hyland shall remove the infringing portion of the Work Products and refund to Customer the full services fees paid, if any, by Customer for the creation and implementation of the infringing Work Products.
8.4.2 Exclusions. Notwithstanding anything to the contrary, Hyland shall have no obligation to Customer to defend or satisfy any claims made against Customer and otherwise described in this Section that arise from: (a) any Customer Data; (b) use of the Work Products by Customer other than as expressly permitted by this Professional Services Schedule; (c) the combination of the Work Products with any product not furnished by Hyland to Customer; (d) the modification or addition to of the Work Products other than by Hyland or any of its authorized channel partners specifically retained by Hyland to provide such modification or addition; or (e) the Customer’s business methods or processes.
8.4.3 THIS SECTION STATES HYLAND’S ENTIRE LIABILITY AND THE SOLE AND EXCLUSIVE REMEDY OF CUSTOMER WITH RESPECT TO ANY ALLEGED INFRINGEMENT OR MISAPPROPRIATION OF INTELLECTUAL PROPERTY OR PROPRIETARY PROPERTY BY THE WORK PRODUCTS.
9. TERMINATION.
9.1 Generally. In addition to the termination provisions set forth in the General Terms Schedule, Customer or Hyland may terminate this Professional Services Schedule, including any Services Proposal, for any reason, upon not less than thirty (30) days advance written notice to the other party to such effect. In the event this Professional Services Schedule is terminated in its entirety, any Services Proposal not terminated shall survive in accordance with its terms and the terms of this Professional Services Schedule.
9.2 Terminating a Services Proposal. In the case of termination of any Services Proposal, except in the case of termination due to Hyland's breach, all Professional Services fees related to all Professional Services performed by Hyland prior to and including the date of termination, as well as any additional reimbursable costs or expenses for which Hyland has incurred or contracted in connection with such Services Proposal and is unable to avoid, shall be due and payable in full. Additionally, all property of each party in possession of the other party in connection with Professional Services performed under this Schedule shall be returned.
9.3 Effects of Termination. Upon any termination of this Schedule in its entirety (other than by Hyland due to Customer’s breach), Customer’s license to use the Work Products provided in this Schedule shall survive according to its terms.
10 ADDITIONAL TERMS AND CONDITIONS. If Hyland is Hyland Software Germany GmbH, the additional or alternative terms and conditions set forth on Exhibit A shall apply.
11. CONTROLLING LANGAUGE. Hyland may make other versions of this Professional Services Schedule available in other languages at this online location. This English language version of this Professional Services Schedule controls over any version of the Professional Services Schedule made available at this online location in another language if the Incorporating Document is in English. If the Incorporating Document is in a language other than English (such language, the “Other Language”), but this Professional Services Schedule is not made available at this online location in the Other Language, this English language version controls over any other version of the Professional Services Schedule that may be made available at this online location in another language.
Exhibit A
Hyland Software Germany GmbH Additional Terms Exhibit
If Hyland is Hyland Software Germany GmbH, this Exhibit A shall apply:
1. The following provision shall be added to the Limited Warranty Section of the Professional Services Schedule:
To the extent the Professional Services provided under this Agreement constitute a contract for work (“Werkvertrag”), in this regard the statutory customer warranty provisions apply with the following restriction: Except in cases of intent or gross negligence on the part of Hyland the statutory warranty period amounts up to one year and begins upon acceptance of the respective Professional Service concerned.
Any warranty is specifically excluded with regard to non-performance issues caused as a result of a hardware or firmware malfunction or defect, software not developed by Hyland, incorrect data or incorrect procedures used or provided by Customer or a third party or failure of Customer to perform and fulfill its obligations in connection with the project covered by the Agreement. In such cases Customer agrees to reimburse Hyland for time and materials for any Professional Services provided by Hyland at Customer’s request to remedy excluded non-performance problems.
2. The Work Products License Section of the Professional Services Schedule shall be replaced in its entirety as follows:
Hyland grants to Customer a limited, non-exclusive and non-assignable license to use the Work Products only in connection with Customer’s authorized use of the Software, Hyland Cloud Service, or Add-On Services, or other Hyland product or service (collectively “Hyland Core Product”) with which such Work Product was delivered by Hyland for use by Customer. Customer may not: (a) make or authorize the making of copies of any Work Products; (b) remove any Hyland notices in the Work Products; (c) sell, transfer, rent, lease, time share or sublicense the Work Products to any third party; or (d) disassemble, decompile, reverse engineer or otherwise attempt to derive source code from any Work Product for any reason unless expressively permitted by statutory law for reasons indispensable to obtain the information necessary to achieve the interoperability of an independently created computer programs (see 69e of the Germany Copyright Act) or decompuling or reproducing the Software according to the provisions of see 69d of the German Copyright Act. Customer further agrees that, in connection with any use of the Work Products by Customer, the Work Products shall not be copied and installed on additional servers unless Customer has purchased a license therefore. All restrictions on use of the Hyland Core Product, including without limitation export restrictions and U.S. Government End User provisions, shall apply to the Work Products. If the license to the Hyland Core Product with which such Work Product was delivered by Hyland for use by Customer terminates, Customer’s right to use the applicable Work Product shall also terminate. All post-termination rights and obligations with respect to the applicable Core Hyland Product shall also apply to the Work Product.
3. The Work Products Warranty Section of the Professional Services Schedule shall be replaced in its entirety as follows:
For a period of one (1) year from and including the date that Hyland has delivered a completed Work Product to Customer, Hyland warrants to Customer that such Work Product, when properly installed and properly used, will function in all material respects as described in the Specifications. The terms of this warranty shall not apply to, and Hyland shall have no liability for any non-conformity related to, any Work Product that has been (a) modified or added to by Customer or a third party, (b) used in combination with equipment or software other than that which is consistent with the Specification, or (c) misused or abused.
Hyland’s sole obligation, and Customer’s sole and exclusive remedy, for any non-conformities to the express limited warranty under this Section shall be as follows: provided that, within the applicable warranty period, Customer notifies Hyland in writing of the non-conformity, Hyland will either (a) repair or replace the non-conforming Work Product, which may include the delivery of a reasonable workaround for the non-conformity; or (b) if Hyland determines that repair or replacement of the Work Product is not commercially practicable, then terminate this Schedule with respect to the non-conforming Work Product, in which event, upon compliance by Customer with its obligations upon termination, Hyland will refund any portion of the services fees paid prior to the time of such termination with respect to the creation and implementation of such Work Product. The Customer's statutory warranty rights shall remain unaffected subject to the express provisions of the Agreement.
4. The Work Products Infringement Indemnification Section of the Professional Services Schedule shall be replaced in its entirety as follows:
The most current version of this page shall be such in effect as of 12:00am EST (Eastern Standard Time) of the date stamped on such online version.
Effective October 4th 2023 to March 7th 2024
DownloadTable of Contents
PROFESSIONAL SERVICES SCHEDULE
This Professional Services Schedule (this “Professional Services Schedule”) is part of the Master Agreement, Order Form, or other agreement or document entered into between Customer and Hyland, which incorporates this Professional Services Schedule by reference (the “Incorporating Document”). As used herein, the “Agreement” means the Incorporating Document, inclusive of this Professional Services Schedule, and any other agreement within which the Incorporating Document is incorporated.
DEFINED TERMS
All capitalized terms used in this Professional Services Schedule shall have the meaning ascribed them in this Professional Services Schedule or, if not defined in this Professional Services Schedule, the General Terms Schedule. If any capitalized terms used herein are not defined in this Professional Services Schedule or the General Terms Schedule, they shall have the meaning ascribed to them elsewhere in the Agreement. In the event the same defined term is defined in two (2) or more Schedules, the term shall be given the meaning defined in each Schedule with respect to that Schedule, and, if the term is also used within this Schedule, this Schedule shall be interpreted to include all definitions, as the context requires.
“Professional Services” means any professional services provided by Hyland under a Services Proposal (as defined in this Professional Services Schedule), including but not limited to those services listed at https://www.hyland.com/services. Examples of the services include: (a) installation of the Software; (b) consulting, implementation and integration projects related to the Software, including but not limited to the customized configuration of integration Software or business process automation modules; (c) project management; (d) development projects in connection with the integration of Software with other applications utilizing any Software application programming interface (API).
“Services Proposal” means either: (a) a written proposal issued hereunder, and which sets forth the Professional Services Hyland will provide to Customer and which is signed by Customer and Hyland; or (b) an order form submitted by Customer and accepted by Hyland for Professional Services. Services Proposals are fully incorporated herein by reference.
“Specifications” means the definitive, final functional specifications for Work Products, if any, produced by Hyland under a Services Proposal. If there is an underlying license agreement between the parties, then specifications shall be considered Documentation in the case of Work Products.
“Working Hour” means the services of one (1) person for a period of one (1) hour (or any part thereof) during regular business hours.
“Work Products” means all items in the nature of computer software, including source code, object code, scripts, and any components or elements of the foregoing, or items created using the configuration tools of the Software, together with any and all design documents associated with items in the nature of computer software, in each case which are created, developed, discovered, conceived or introduced by Hyland, working either alone or in conjunction with others, in the performance of services under the Agreement. If applicable, Work Products shall include any pre-configured templates or VBScripts which have been or may be created or otherwise provided by Hyland as part of the configuration of advance capture Software.
1. SERVICES PROPOSAL. Customer may request Professional Services from Hyland. Hyland and Customer will discuss the parameters of the request and Hyland will inform the Customer as to whether the Professional Services shall be performed pursuant to a Services Proposal.
2. FULFILLMENT.
(a) Hyland will provide the Professional Services described in any mutually agreed upon Services Proposal at a time and on a schedule that is mutually agreed upon by the parties. If any delays in such Professional Services occur solely as a result of any incorrect information, incorrect assumption or failure of Customer to perform or fulfill its obligations in connection with any Services Proposal, the performance schedule for the applicable project may be extended. Hyland shall have no liability or responsibility for any costs or expenses resulting from such delays. In the event that performance of any milestone set forth in any Services Proposal is not met due to a delay solely caused by Hyland, and provided that such cause is not an event of force majeure as described in the Agreement, Hyland agrees, at no additional charge, to commit such additional resources and personnel as shall be necessary to ensure that such delay does not result in the slippage of later milestones or completion of such Professional Services. The parties agree that any Professional Services or Work Products described in this Professional Services Schedule that have been performed or developed, in whole or in part, prior to the execution of this Agreement by the parties nevertheless shall be covered by all terms and conditions of this Professional Services Schedule.
(b) Corporate Policies. Hyland acknowledges that Customer maintains corporate policies which apply to individuals who will perform services utilizing Customer’s premises or system (collectively, the “Corporate Policies”). In performing Professional Services under the Agreement, or any Services Proposal entered into pursuant to the terms of the Agreement, Hyland will use reasonable efforts to comply with the Corporate Policies to the extent such Corporate Policies are applicable to the delivery of such Professional Services, do not conflict with the Agreement or any other related agreement in place between Hyland and Customer and have been provided to Hyland reasonably in advance of any Professional Services engagement. Notwithstanding anything to the contrary in such Corporate Policies, if a Hyland resource fails to comply with the Corporate Policies and such failure does not otherwise constitute a breach of this Agreement, then Customer acknowledges and agrees that Hyland will not be in breach of contract or otherwise liable for damages, and as Customer’s sole remedy, Customer may immediately remove from its premises the individual resource(s) responsible for the failure and require that such individual resource(s) do not perform any further Professional Services for Customer.
3. CHANGES TO SERVICES PROPOSAL. Either party may, at any time, reasonably request a change to any Service Proposal. Any requested change that the parties mutually accept (a “Change”) will be set forth in a written change order prepared by Hyland and agreed to and signed by both parties that specifically references the relevant Service Proposal. In the event the parties are unable to mutually agree upon a proposed Change or a proposed change order, and such proposed Change relates to a material component of the project that is the subject of the relevant Services Proposal, either party may terminate such Service Proposal upon not less than thirty (30) days advance written notice to the other party.
4. CUSTOMER’S OBLIGATIONS.
4.1 Assistance and Obligations. Customer agrees that it will cooperate with and assist Hyland in the performance of Professional Services under any Services Proposal; will provide the resources specified in the relevant Services Proposal; and will perform or fulfill all obligations required to be performed or fulfilled by Customer under the terms of the relevant Services Proposal. Customer acknowledges that if it fails to provide assistance and perform or fulfill its obligations in accordance with this Section and the relevant Services Proposal, Hyland’s ability to provide such Professional Services, meet the performance schedule set forth in such Services Proposal and keep services fees reasonably in line with any estimates given in the Services Proposal may be adversely affected. During any period in which Hyland is performing services hereunder, Customer shall provide to the Hyland project team independent local (onsite) and remote (offsite) access through the use of secure connections such as a network connection, VPN connection or other similar methods and dedicated user accounts with appropriate privileges to the applicable Software, hardware or virtual machines allocated to the applicable software system. Remote and local access will be granted for all provisioned environments, including production.
4.2 Third Party Software Rights. Notwithstanding any contrary terms, if Customer requests Hyland to perform Professional Services on or with respect to any third party software, Customer represents and warrants to Hyland that Customer has all necessary rights to allow Hyland to do so.
4.3 Protection of Customer’s Systems. EXCEPT AS IT RELATES TO A HYLAND CLOUD SERVICE HOSTED BY HYLAND, CUSTOMER UNDERSTANDS THAT IT IS SOLELY RESPONSIBLE TO TAKE APPROPRIATE MEASURES TO ISOLATE AND BACKUP OR OTHERWISE ARCHIVE ITS COMPUTER SYSTEMS, INCLUDING ITS COMPUTER PROGRAMS, DATA AND FILES.
4.4 Safe Work Environment. Customer will be responsible for and shall ensure that while Hyland employees, agents or subcontractors are on Customer’s premises, all proper and legal health and safety precautions are in place and fully operational to protect such persons.
5. SERVICES FEES. Except as otherwise provided in any applicable Services Proposal: (a) Hyland will charge services fees for Professional Services at Hyland’s then-current standard list price for the applicable Professional Services; and (b) Hyland shall invoice for Professional Services fees monthly, in arrears, based on the number of Working Hours required to complete the project and the applicable hourly fees; and each such invoice shall be paid in full in accordance with the terms of the Agreement. Any estimates of fees or Working Hours required to complete the project are approximations of the anticipated amount of fees and time needed to complete the project. The actual number of Working Hours may vary.
6. TRAVEL AND EXPENSES. Hyland shall be reimbursed for all customary and reasonable out-of-pocket costs and expenses incurred by Hyland in connection with the performance of services under the Agreement (including fees and expenses relating to travel, meals, lodging and third party vendor registration requirements) in accordance with Hyland’s applicable internal policy for the reimbursement of costs and expenses to its employees. Except as otherwise provided in any applicable Services Proposal, Hyland shall invoice for all reimbursable costs and expenses on a monthly basis, in arrears; and such invoices shall be paid in full each in accordance with the Agreement.
7. LIMITED WARRANTY FOR SERVICES.
7.1 Limited Warranty. For a period of sixty (60) days from the date of completion of Professional Services, Hyland warrants to Customer that such services have been performed in a good and workmanlike manner and substantially according to industry standards. This warranty specifically excludes non-performance issues caused as a result of incorrect data or incorrect procedures used or provided by Customer or a third party or failure of Customer to perform and fulfill its obligations under the Agreement.
7.2 Remedy. Hyland’s sole obligation, and Customer’s sole and exclusive remedy for any non-conformities to the express limited warranties under the immediately preceding Section shall be as follows: provided that, within the applicable warranty period, Customer notifies Hyland in writing of the non-conformity, Hyland will use reasonable efforts to re-perform the non-conforming services in an attempt to correct the non-conformity(ies). If Hyland is unable to correct such non-conformity(ies) after a reasonable period of time, Customer’s sole and exclusive remedy shall be to terminate the Services Proposal under which the non-conforming Services have been performed, in which event Hyland will refund to Customer any portion of the services fees under such Services Proposal relating directly to such non-conforming Professional Services paid prior to the time of such termination.
8. WORK PRODUCTS.
8.1 Work Products License. Hyland grants to Customer a limited, non-exclusive and non-assignable license to use the Work Products only in connection with Customer’s authorized use of the Software, Hyland Cloud Service, or Add-On Services, or other Hyland product or service (collectively “Hyland Core Product”) with which such Work Product was delivered by Hyland for use by Customer. Customer may not: (a) make or authorize the making of copies of any Work Products; (b) remove any Hyland notices in the Work Products; (c) sell, transfer, rent, lease, time share or sublicense the Work Products to any third party; or (d) disassemble, decompile, reverse engineer or otherwise attempt to derive source code from any Work Product for any reason. Customer further agrees that, in connection with any use of the Work Products by Customer, the Work Products shall not be copied and installed on additional servers unless Customer has purchased a license therefore. All restrictions on use of the Hyland Core Product, including without limitation export restrictions and U.S. Government End User provisions, shall apply to the Work Products. If the license to the Hyland Core Product with which such Work Product was delivered by Hyland for use by Customer terminates, Customer’s right to use the applicable Work Product shall also terminate. All post-termination rights and obligations with respect to the applicable Core Hyland Product shall also apply to the Work Product.
8.2 Modification of Work Products.
8.2.1 Form of Delivered Work Products. The form in which Hyland delivers Work Products will be determined by Hyland depending on the purpose and functionality of the Work Product.
8.2.2 Configuration Work Products. If Hyland delivers a Work Product: (a) in the form of (i) source code which is compiled by tools in the Software to machine language form; or (ii) a script; or (b) created using the configuration tools in the Software (a “Configuration Work Product”), then Hyland grants to Customer the limited right to modify the Configuration Work Product, provided such modified Configuration Work Product is used only in compliance with the terms of the limited license to such Work Product granted hereunder.
8.2.3 Independent Work Products. If Hyland delivers a Work Product which is not a Configuration Work Product (an “Independent Work Product”), then, except as otherwise provided in the last sentence of this paragraph, Customer may not alter or modify such Independent Work Product. If Hyland delivers an Independent Work Product, and Customer desires to obtain the right to modify the Independent Work Product, then the parties may mutually agree that Hyland shall deliver to Customer a copy of the format of the Independent Work Product that is necessary to enable the Customer to complete its modifications, subject to and upon the payment by Customer to Hyland of any additional Professional Services fees as Hyland may charge to prepare and deliver such format. In such case, Hyland grants to Customer the right to modify, and if necessary, compile the delivered format of the Independent Work Product, provided such modified Independent Work Product is used only in compliance with the terms of the limited license to such Work Product granted hereunder.
8.3 Work Products Warranty
8.3.1 Limited Warranty. For a period of sixty (60) days from and including the date that Hyland has delivered a completed Work Product to Customer, Hyland warrants to Customer that such Work Product, when properly installed and properly used, will function in all material respects as described in the Specifications. The terms of this warranty shall not apply to, and Hyland shall have no liability for any non-conformity related to, any Work Product that has been (a) modified or added to by Customer or a third party, (b) used in combination with equipment or software other than that which is consistent with the Specification, or (c) misused or abused.
8.3.2 Remedy. Hyland’s sole obligation, and Customer’s sole and exclusive remedy, for any non-conformities to the express limited warranty under the immediately preceding Section shall be as follows: provided that, within the applicable warranty period, Customer notifies Hyland in writing of the non-conformity, Hyland will either (a) repair or replace the non-conforming Work Product, which may include the delivery of a reasonable workaround for the non-conformity; or (b) if Hyland determines that repair or replacement of the Work Product is not commercially practicable, then terminate this Professional Services Schedule with respect to the non-conforming Work Product, in which event, upon compliance by Customer with its obligations upon termination, Hyland will refund any portion of the services fees paid prior to the time of such termination with respect to the creation and implementation of such Work Product.
8.4 Work Products Infringement Indemnification. Hyland agrees to indemnify Customer against all liability and expense, including reasonable attorneys’ fees, arising from or in connection with any third party claim, action or proceeding instituted against Customer based upon any infringement or misappropriation by the Work Products of any patent, registered copyright or registered trademark of a third party, provided that Hyland: (a) is notified immediately after Customer receives notice of such claim; (b) is solely in charge of the defense of and any settlement negotiations with respect to such claim, provided that Hyland will not settle any such claim without the prior written consent of Customer if such settlement contains a stipulation to or admission or acknowledgement of any liability or wrongdoing on the part of Customer or otherwise requires payment by Customer; (c) receives Customer’s reasonable cooperation in the defense or settlement of such claim; and (d) has the right, upon either the occurrence of or the likelihood (in the opinion of Hyland) of the occurrence of a finding of infringement or misappropriation, either to procure for Customer the right to continue use of the Work Products, or to replace the relevant portions of the Work Products with other equivalent, non-infringing portions.
8.4.1 Removal and Refund. If Hyland is unable to accomplish either of the options set forth in Section 8.4(d), Hyland shall remove the infringing portion of the Work Products and refund to Customer the full services fees paid, if any, by Customer for the creation and implementation of the infringing Work Products.
8.4.2 Exclusions. Notwithstanding anything to the contrary, Hyland shall have no obligation to Customer to defend or satisfy any claims made against Customer and otherwise described in this Section that arise from: (a) any Customer Data; (b) use of the Work Products by Customer other than as expressly permitted by this Professional Services Schedule; (c) the combination of the Work Products with any product not furnished by Hyland to Customer; (d) the modification or addition to of the Work Products other than by Hyland or any of its authorized channel partners specifically retained by Hyland to provide such modification or addition; or (e) the Customer’s business methods or processes.
8.4.3 THIS SECTION STATES HYLAND’S ENTIRE LIABILITY AND THE SOLE AND EXCLUSIVE REMEDY OF CUSTOMER WITH RESPECT TO ANY ALLEGED INFRINGEMENT OR MISAPPROPRIATION OF INTELLECTUAL PROPERTY OR PROPRIETARY PROPERTY BY THE WORK PRODUCTS.
9. TERMINATION.
9.1 Generally. In addition to the termination provisions set forth in the General Terms Schedule, Customer or Hyland may terminate this Professional Services Schedule, including any Services Proposal, for any reason, upon not less than thirty (30) days advance written notice to Hyland to such effect. In the event this Professional Services Schedule is terminated in its entirety, any Services Proposal not terminated shall survive in accordance with its terms and the terms of this Professional Services Schedule.
9.2 Terminating a Services Proposal. In the case of termination of any Services Proposal, except in the case of termination due to Hyland's breach, all Professional Services fees related to all Professional Services performed by Hyland prior to and including the date of termination, as well as any additional reimbursable costs or expenses for which Hyland has incurred or contracted in connection with such Services Proposal and is unable to avoid, shall be due and payable in full. Additionally, all property of each party in possession of the other party in connection with Professional Services performed under this Schedule shall be returned.
9.3 Effects of Termination. Upon any termination of this Schedule in its entirety (other than by Hyland due to Customer’s breach), Customer’s license to use the Work Products provided in this Schedule shall survive according to its terms.
10 ADDITIONAL TERMS AND CONDITIONS. If Hyland is Hyland Software Germany GmbH, the additional or alternative terms and conditions set forth on Exhibit A shall apply.
11. CONTROLLING LANGAUGE. Hyland may make other versions of this Professional Services Schedule available in other languages at this online location. This English language version of this Professional Services Schedule controls over any version of the Professional Services Schedule made available at this online location in another language if the Incorporating Document is in English. If the Incorporating Document is in a language other than English (such language, the “Other Language”), but this Professional Services Schedule is not made available at this online location in the Other Language, this English language version controls over any other version of the Professional Services Schedule that may be made available at this online location in another language.
Exhibit A
Hyland Software Germany GmbH Additional Terms Exhibit
If Hyland is Hyland Software Germany GmbH, this Exhibit A shall apply:
1. The following provision shall be added to the Limited Warranty Section of the Professional Services Schedule:
To the extent the Professional Services provided under this Agreement constitute a contract for work (“Werkvertrag”), in this regard the statutory customer warranty provisions apply with the following restriction: Except in cases of intent or gross negligence on the part of Hyland the statutory warranty period amounts up to one year and begins upon acceptance of the respective Professional Service concerned.
Any warranty is specifically excluded with regard to non-performance issues caused as a result of a hardware or firmware malfunction or defect, software not developed by Hyland, incorrect data or incorrect procedures used or provided by Customer or a third party or failure of Customer to perform and fulfill its obligations in connection with the project covered by the Agreement. In such cases Customer agrees to reimburse Hyland for time and materials for any Professional Services provided by Hyland at Customer’s request to remedy excluded non-performance problems.
2. The Work Products License Section of the Professional Services Schedule shall be replaced in its entirety as follows:
Hyland grants to Customer a limited, non-exclusive and non-assignable license to use the Work Products only in connection with Customer’s authorized use of the Software, Hyland Cloud Service, or Add-On Services, or other Hyland product or service (collectively “Hyland Core Product”) with which such Work Product was delivered by Hyland for use by Customer. Customer may not: (a) make or authorize the making of copies of any Work Products; (b) remove any Hyland notices in the Work Products; (c) sell, transfer, rent, lease, time share or sublicense the Work Products to any third party; or (d) disassemble, decompile, reverse engineer or otherwise attempt to derive source code from any Work Product for any reason unless expressively permitted by statutory law for reasons indispensable to obtain the information necessary to achieve the interoperability of an independently created computer programs (see 69e of the Germany Copyright Act) or decompuling or reproducing the Software according to the provisions of see 69d of the German Copyright Act. Customer further agrees that, in connection with any use of the Work Products by Customer, the Work Products shall not be copied and installed on additional servers unless Customer has purchased a license therefore. All restrictions on use of the Hyland Core Product, including without limitation export restrictions and U.S. Government End User provisions, shall apply to the Work Products. If the license to the Hyland Core Product with which such Work Product was delivered by Hyland for use by Customer terminates, Customer’s right to use the applicable Work Product shall also terminate. All post-termination rights and obligations with respect to the applicable Core Hyland Product shall also apply to the Work Product.
3. The Work Products Warranty Section of the Professional Services Schedule shall be replaced in its entirety as follows:
For a period of one (1) year from and including the date that Hyland has delivered a completed Work Product to Customer, Hyland warrants to Customer that such Work Product, when properly installed and properly used, will function in all material respects as described in the Specifications. The terms of this warranty shall not apply to, and Hyland shall have no liability for any non-conformity related to, any Work Product that has been (a) modified or added to by Customer or a third party, (b) used in combination with equipment or software other than that which is consistent with the Specification, or (c) misused or abused.
Hyland’s sole obligation, and Customer’s sole and exclusive remedy, for any non-conformities to the express limited warranty under this Section shall be as follows: provided that, within the applicable warranty period, Customer notifies Hyland in writing of the non-conformity, Hyland will either (a) repair or replace the non-conforming Work Product, which may include the delivery of a reasonable workaround for the non-conformity; or (b) if Hyland determines that repair or replacement of the Work Product is not commercially practicable, then terminate this Schedule with respect to the non-conforming Work Product, in which event, upon compliance by Customer with its obligations upon termination, Hyland will refund any portion of the services fees paid prior to the time of such termination with respect to the creation and implementation of such Work Product. The Customer's statutory warranty rights shall remain unaffected subject to the express provisions of the Agreement.
4. The Work Products Infringement Indemnification Section of the Professional Services Schedule shall be replaced in its entirety as follows:
The most current version of this page shall be such in effect as of 12:00am EST (Eastern Standard Time) of the date stamped on such online version.
Effective June 2nd 2023 to October 4th 2023
DownloadTable of Contents
PROFESSIONAL SERVICES SCHEDULE
As of the Effective Date of the Incorporating Document (as defined below), this Professional Services Schedule (this “Professional Services Schedule”) is made part of the Hyland Master Agreement, Order Form, or any other agreement or document entered into between Customer and Hyland, which incorporates this Professional Services Schedule by reference (the “Incorporating Document”). As used herein, the “Agreement” means the Incorporating Document, inclusive of this Professional Services Schedule.
DEFINED TERMS
All capitalized terms used in this Professional Services Schedule shall have the meaning ascribed them in this Professional Services Schedule or, if not defined in this Professional Services Schedule, the General Terms Schedule. If any capitalized terms used herein are not defined in this Professional Services Schedule or the General Terms Schedule, they shall have the meaning ascribed to them elsewhere in this Agreement. In the event the same defined term is defined in two (2) or more Schedules, the term shall be given the meaning defined in each Schedule with respect to that Schedule, and, if the term is also used within this Schedule, this Schedule shall be interpreted to include all definitions, as the context requires.
“Professional Services” means any professional services provided by Hyland under a Services Proposal (as defined in this Professional Services Schedule), including but not limited to those services listed at https://www.hyland.com/services. Examples of the services include: (a) installation of the Software; (b) consulting, implementation and integration projects related to the Software, including but not limited to the customized configuration of integration Software or business process automation modules; (c) project management; (d) development projects in connection with the integration of Software with other applications utilizing any Software application programming interface (API).
“Services Proposal” means either: (a) a written proposal issued hereunder, and which sets forth the Professional Services Hyland will provide to Customer and which is signed by Customer and Hyland; or (b) an order form submitted by Customer and accepted by Hyland for Professional Services. Services Proposals are fully incorporated herein by reference.
“Specifications” means the definitive, final functional specifications for Work Products, if any, produced by Hyland under a Services Proposal. If there is an underlying license agreement between the parties, then specifications shall be considered Documentation in the case of Work Products.
“Working Hour” means the services of one (1) person for a period of one (1) hour (or any part thereof) during regular business hours.
“Work Products” means all items in the nature of computer software, including source code, object code, scripts, and any components or elements of the foregoing, or items created using the configuration tools of the Software, together with any and all design documents associated with items in the nature of computer software, in each case which are created, developed, discovered, conceived or introduced by Hyland, working either alone or in conjunction with others, in the performance of services under this Agreement. If applicable, Work Products shall include any pre-configured templates or VBScripts which have been or may be created or otherwise provided by Hyland as part of the configuration of advance capture Software.
1. SERVICES PROPOSAL. Customer may request Professional Services from Hyland. Hyland and Customer will discuss the parameters of the request and Hyland will inform the Customer as to whether the Professional Services shall be performed pursuant to a Services Proposal.
2. FULFILLMENT.
(a) Hyland will provide the Professional Services described in any mutually agreed upon Services Proposal at a time and on a schedule that is mutually agreed upon by the parties. If any delays in such Professional Services occur solely as a result of any incorrect information, incorrect assumption or failure of Customer to perform or fulfill its obligations in connection with any Services Proposal, the performance schedule for the applicable project may be extended. Hyland shall have no liability or responsibility for any costs or expenses resulting from such delays. In the event that performance of any milestone set forth in any Services Proposal is not met due to a delay solely caused by Hyland, and provided that such cause is not an event of force majeure as described in the Agreement, Hyland agrees, at no additional charge, to commit such additional resources and personnel as shall be necessary to ensure that such delay does not result in the slippage of later milestones or completion of such Professional Services. The parties agree that any Professional Services or Work Products described in this Professional Services Schedule that have been performed or developed, in whole or in part, prior to the execution of this Agreement by the parties nevertheless shall be covered by all terms and conditions of this Professional Services Schedule.
(b) Corporate Policies. Hyland acknowledges that Customer maintains corporate policies which apply to individuals who will perform services utilizing Customer’s premises or system (collectively, the “Corporate Policies”). In performing Professional Services under this Agreement, or any Services Proposal entered into pursuant to the terms of this Agreement, Hyland will use reasonable efforts to comply with the Corporate Policies to the extent such Corporate Policies are applicable to the delivery of such Professional Services, do not conflict with the Agreement or any other related agreement in place between Hyland and Customer and have been provided to Hyland reasonably in advance of any Professional Services engagement. Notwithstanding anything to the contrary in such Corporate Policies, if a Hyland resource fails to comply with the Corporate Policies and such failure does not otherwise constitute a breach of this Agreement, then Customer acknowledges and agrees that Hyland will not be in breach of contract or otherwise liable for damages, and as Customer’s sole remedy, Customer may immediately remove from its premises the individual resource(s) responsible for the failure and require that such individual resource(s) do not perform any further Professional Services for Customer.
3. CHANGES TO SERVICES PROPOSAL. Either party may, at any time, reasonably request a change to any Service Proposal. Any requested change that the parties mutually accept (a “Change”) will be set forth in a written change order prepared by Hyland and agreed to and signed by both parties that specifically references the relevant Service Proposal. In the event the parties are unable to mutually agree upon a proposed Change or a proposed change order, and such proposed Change relates to a material component of the project that is the subject of the relevant Services Proposal, either party may terminate such Service Proposal upon not less than thirty (30) days advance written notice to the other party.
4. CUSTOMER’S OBLIGATIONS.
4.1 Assistance and Obligations. Customer agrees that it will cooperate with and assist Hyland in the performance of Professional Services under any Services Proposal; will provide the resources specified in the relevant Services Proposal; and will perform or fulfill all obligations required to be performed or fulfilled by Customer under the terms of the relevant Services Proposal. Customer acknowledges that if it fails to provide assistance and perform or fulfill its obligations in accordance with this Section and the relevant Services Proposal, Hyland’s ability to provide such Professional Services, meet the performance schedule set forth in such Services Proposal and keep services fees reasonably in line with any estimates given in the Services Proposal may be adversely affected. During any period in which Hyland is performing services hereunder, Customer shall provide to the Hyland project team independent local (onsite) and remote (offsite) access through the use of secure connections such as a network connection, VPN connection or other similar methods and dedicated user accounts with appropriate privileges to the applicable Software, hardware or virtual machines allocated to the applicable software system. Remote and local access will be granted for all provisioned environments, including production.
4.2 Third Party Software Rights. Notwithstanding any contrary terms, if Customer requests Hyland to perform Professional Services on or with respect to any third party software, Customer represents and warrants to Hyland that Customer has all necessary rights to allow Hyland to do so.
4.3 Protection of Customer’s Systems. EXCEPT AS IT RELATES TO A HYLAND CLOUD SERVICE HOSTED BY HYLAND, CUSTOMER UNDERSTANDS THAT IT IS SOLELY RESPONSIBLE TO TAKE APPROPRIATE MEASURES TO ISOLATE AND BACKUP OR OTHERWISE ARCHIVE ITS COMPUTER SYSTEMS, INCLUDING ITS COMPUTER PROGRAMS, DATA AND FILES.
4.4 Safe Work Environment. Customer will be responsible for and shall ensure that while Hyland employees, agents or subcontractors are on Customer’s premises, all proper and legal health and safety precautions are in place and fully operational to protect such persons.
5. SERVICES FEES. Except as otherwise provided in any applicable Services Proposal: (a) Hyland will charge services fees for Professional Services at Hyland’s then-current standard list price for the applicable Professional Services; and (b) Hyland shall invoice for Professional Services fees monthly, in arrears, based on the number of Working Hours required to complete the project and the applicable hourly fees; and each such invoice shall be paid in full in accordance with the terms of this Agreement. Any estimates of fees or Working Hours required to complete the project are approximations of the anticipated amount of fees and time needed to complete the project. The actual number of Working Hours may vary.
6. TRAVEL AND EXPENSES. Hyland shall be reimbursed for all customary and reasonable out-of-pocket costs and expenses incurred by Hyland in connection with the performance of services under this Agreement (including fees and expenses relating to travel, meals, lodging and third party vendor registration requirements) in accordance with Hyland’s applicable internal policy for the reimbursement of costs and expenses to its employees. Except as otherwise provided in any applicable Services Proposal, Hyland shall invoice for all reimbursable costs and expenses on a monthly basis, in arrears; and such invoices shall be paid in full each in accordance with this Agreement.
7. LIMITED WARRANTY FOR SERVICES.
7.1 Limited Warranty. For a period of sixty (60) days from the date of completion of Professional Services, Hyland warrants to Customer that such services have been performed in a good and workmanlike manner and substantially according to industry standards. This warranty specifically excludes non-performance issues caused as a result of incorrect data or incorrect procedures used or provided by Customer or a third party or failure of Customer to perform and fulfill its obligations under this Agreement.
7.2 Remedy. Hyland’s sole obligation, and Customer’s sole and exclusive remedy for any non-conformities to the express limited warranties under the immediately preceding Section shall be as follows: provided that, within the applicable warranty period, Customer notifies Hyland in writing of the non-conformity, Hyland will use reasonable efforts to re-perform the non-conforming services in an attempt to correct the non-conformity(ies). If Hyland is unable to correct such non-conformity(ies) after a reasonable period of time, Customer’s sole and exclusive remedy shall be to terminate the Services Proposal under which the non-conforming Services have been performed, in which event Hyland will refund to Customer any portion of the services fees under such Services Proposal relating directly to such non-conforming Professional Services paid prior to the time of such termination.
8. WORK PRODUCTS.
8.1 Work Products License. Hyland grants to Customer a limited, non-exclusive and non-assignable license to use the Work Products only in connection with Customer’s authorized use of the Software, Hyland Cloud Service, or Add-On Services, or other Hyland product or service (collectively “Hyland Core Product”) with which such Work Product was delivered by Hyland for use by Customer. Customer may not: (a) make or authorize the making of copies of any Work Products; (b) remove any Hyland notices in the Work Products; (c) sell, transfer, rent, lease, time share or sublicense the Work Products to any third party; or (d) disassemble, decompile, reverse engineer or otherwise attempt to derive source code from any Work Product for any reason. Customer further agrees that, in connection with any use of the Work Products by Customer, the Work Products shall not be copied and installed on additional servers unless Customer has purchased a license therefore. All restrictions on use of the Hyland Core Product, including without limitation export restrictions and U.S. Government End User provisions, shall apply to the Work Products. If the license to the Hyland Core Product with which such Work Product was delivered by Hyland for use by Customer terminates, Customer’s right to use the applicable Work Product shall also terminate. All post-termination rights and obligations with respect to the applicable Core Hyland Product shall also apply to the Work Product.
8.2 Modification of Work Products.
8.2.1 Form of Delivered Work Products. The form in which Hyland delivers Work Products will be determined by Hyland depending on the purpose and functionality of the Work Product.
8.2.2 Configuration Work Products. If Hyland delivers a Work Product: (a) in the form of (i) source code which is compiled by tools in the Software to machine language form; or (ii) a script; or (b) created using the configuration tools in the Software (a “Configuration Work Product”), then Hyland grants to Customer the limited right to modify the Configuration Work Product, provided such modified Configuration Work Product is used only in compliance with the terms of the limited license to such Work Product granted hereunder.
8.2.3 Independent Work Products. If Hyland delivers a Work Product which is not a Configuration Work Product (an “Independent Work Product”), then, except as otherwise provided in the last sentence of this paragraph, Customer may not alter or modify such Independent Work Product. If Hyland delivers an Independent Work Product, and Customer desires to obtain the right to modify the Independent Work Product, then the parties may mutually agree that Hyland shall deliver to Customer a copy of the format of the Independent Work Product that is necessary to enable the Customer to complete its modifications, subject to and upon the payment by Customer to Hyland of any additional Professional Services fees as Hyland may charge to prepare and deliver such format. In such case, Hyland grants to Customer the right to modify, and if necessary, compile the delivered format of the Independent Work Product, provided such modified Independent Work Product is used only in compliance with the terms of the limited license to such Work Product granted hereunder.
8.3 Work Products Warranty
8.3.1 Limited Warranty. For a period of sixty (60) days from and including the date that Hyland has delivered a completed Work Product to Customer, Hyland warrants to Customer that such Work Product, when properly installed and properly used, will function in all material respects as described in the Specifications. The terms of this warranty shall not apply to, and Hyland shall have no liability for any non-conformity related to, any Work Product that has been (a) modified or added to by Customer or a third party, (b) used in combination with equipment or software other than that which is consistent with the Specification, or (c) misused or abused.
8.3.2 Remedy. Hyland’s sole obligation, and Customer’s sole and exclusive remedy, for any non-conformities to the express limited warranty under the immediately preceding Section shall be as follows: provided that, within the applicable warranty period, Customer notifies Hyland in writing of the non-conformity, Hyland will either (a) repair or replace the non-conforming Work Product, which may include the delivery of a reasonable workaround for the non-conformity; or (b) if Hyland determines that repair or replacement of the Work Product is not commercially practicable, then terminate this Professional Services Schedule with respect to the non-conforming Work Product, in which event, upon compliance by Customer with its obligations upon termination, Hyland will refund any portion of the services fees paid prior to the time of such termination with respect to the creation and implementation of such Work Product.
8.4 Work Products Infringement Indemnification. Hyland agrees to indemnify Customer against all liability and expense, including reasonable attorneys’ fees, arising from or in connection with any third party claim, action or proceeding instituted against Customer based upon any infringement or misappropriation by the Work Products of any patent, registered copyright or registered trademark of a third party, provided that Hyland: (a) is notified immediately after Customer receives notice of such claim; (b) is solely in charge of the defense of and any settlement negotiations with respect to such claim, provided that Hyland will not settle any such claim without the prior written consent of Customer if such settlement contains a stipulation to or admission or acknowledgement of any liability or wrongdoing on the part of Customer or otherwise requires payment by Customer; (c) receives Customer’s reasonable cooperation in the defense or settlement of such claim; and (d) has the right, upon either the occurrence of or the likelihood (in the opinion of Hyland) of the occurrence of a finding of infringement or misappropriation, either to procure for Customer the right to continue use of the Work Products, or to replace the relevant portions of the Work Products with other equivalent, non-infringing portions.
8.4.1 Removal and Refund. If Hyland is unable to accomplish either of the options set forth in Section 8.4(d), Hyland shall remove the infringing portion of the Work Products and refund to Customer the full services fees paid, if any, by Customer for the creation and implementation of the infringing Work Products.
8.4.2 Exclusions. Notwithstanding anything to the contrary, Hyland shall have no obligation to Customer to defend or satisfy any claims made against Customer and otherwise described in this Section that arise from: (a) any Customer Data; (b) use of the Work Products by Customer other than as expressly permitted by this Professional Services Schedule; (c) the combination of the Work Products with any product not furnished by Hyland to Customer; (d) the modification or addition to of the Work Products other than by Hyland or any of its authorized channel partners specifically retained by Hyland to provide such modification or addition; or (e) the Customer’s business methods or processes.
8.4.3 THIS SECTION STATES HYLAND’S ENTIRE LIABILITY AND THE SOLE AND EXCLUSIVE REMEDY OF CUSTOMER WITH RESPECT TO ANY ALLEGED INFRINGEMENT OR MISAPPROPRIATION OF INTELLECTUAL PROPERTY OR PROPRIETARY PROPERTY BY THE WORK PRODUCTS.
9. TERMINATION.
9.1 Generally. In addition to the termination provisions set forth in the General Terms Schedule, Customer or Hyland may terminate this Professional Services Schedule, including any Services Proposal, for any reason, upon not less than thirty (30) days advance written notice to Hyland to such effect. In the event this Professional Services Schedule is terminated in its entirety, any Services Proposal not terminated shall survive in accordance with its terms and the terms of this Professional Services Schedule.
9.2 Terminating a Services Proposal. In the case of termination of any Services Proposal, except in the case of termination due to Hyland's breach, all Professional Services fees related to all Professional Services performed by Hyland prior to and including the date of termination, as well as any additional reimbursable costs or expenses for which Hyland has incurred or contracted in connection with such Services Proposal and is unable to avoid, shall be due and payable in full. Additionally, all property of each party in possession of the other party in connection with Professional Services performed under this Schedule shall be returned.
9.3 Effects of Termination. Upon any termination of this Schedule in its entirety (other than by Hyland due to Customer’s breach), Customer’s license to use the Work Products provided in this Schedule shall survive according to its terms.
10 ADDITIONAL TERMS AND CONDITIONS. If Hyland is Hyland Software Germany GmbH, the additional or alternative terms and conditions set forth on Exhibit A shall apply.
11. CONTROLLING LANGAUGE. Hyland may make other versions of this Professional Services Schedule available in other languages at this online location. This English language version of this Professional Services Schedule controls over any version of the Professional Services Schedule made available at this online location in another language if the Incorporating Document is in English. If the Incorporating Document is in a language other than English (such language, the “Other Language”), but this Professional Services Schedule is not made available at this online location in the Other Language, this English language version controls over any other version of the Professional Services Schedule that may be made available at this online location in another language.
Exhibit A
Hyland Software Germany GmbH Additional Terms Exhibit
If Hyland is Hyland Software Germany GmbH, this Exhibit A shall apply:
1. The following provision shall be added to the Limited Warranty Section of the Professional Services Schedule:
To the extent the Professional Services provided under this Agreement constitute a contract for work (“Werkvertrag”), in this regard the statutory customer warranty provisions apply with the following restriction: Except in cases of intent or gross negligence on the part of Hyland the statutory warranty period amounts up to one year and begins upon acceptance of the respective Professional Service concerned.
Any warranty is specifically excluded with regard to non-performance issues caused as a result of a hardware or firmware malfunction or defect, software not developed by Hyland, incorrect data or incorrect procedures used or provided by Customer or a third party or failure of Customer to perform and fulfill its obligations in connection with the project covered by this Agreement. In such cases Customer agrees to reimburse Hyland for time and materials for any Professional Services provided by Hyland at Customer’s request to remedy excluded non-performance problems.
2. The Work Products License Section of the Professional Services Schedule shall be replaced in its entirety as follows:
Hyland grants to Customer a limited, non-exclusive and non-assignable license to use the Work Products only in connection with Customer’s authorized use of the Software, Hyland Cloud Service, or Add-On Services, or other Hyland product or service (collectively “Hyland Core Product”) with which such Work Product was delivered by Hyland for use by Customer. Customer may not: (a) make or authorize the making of copies of any Work Products; (b) remove any Hyland notices in the Work Products; (c) sell, transfer, rent, lease, time share or sublicense the Work Products to any third party; or (d) disassemble, decompile, reverse engineer or otherwise attempt to derive source code from any Work Product for any reason unless expressively permitted by statutory law for reasons indispensable to obtain the information necessary to achieve the interoperability of an independently created computer programs (see 69e of the Germany Copyright Act) or decompuling or reproducing the Software according to the provisions of see 69d of the German Copyright Act. Customer further agrees that, in connection with any use of the Work Products by Customer, the Work Products shall not be copied and installed on additional servers unless Customer has purchased a license therefore. All restrictions on use of the Hyland Core Product, including without limitation export restrictions and U.S. Government End User provisions, shall apply to the Work Products. If the license to the Hyland Core Product with which such Work Product was delivered by Hyland for use by Customer terminates, Customer’s right to use the applicable Work Product shall also terminate. All post-termination rights and obligations with respect to the applicable Core Hyland Product shall also apply to the Work Product.
3. The Work Products Warranty Section of the Professional Services Schedule shall be replaced in its entirety as follows:
For a period of one (1) year from and including the date that Hyland has delivered a completed Work Product to Customer, Hyland warrants to Customer that such Work Product, when properly installed and properly used, will function in all material respects as described in the Specifications. The terms of this warranty shall not apply to, and Hyland shall have no liability for any non-conformity related to, any Work Product that has been (a) modified or added to by Customer or a third party, (b) used in combination with equipment or software other than that which is consistent with the Specification, or (c) misused or abused.
Hyland’s sole obligation, and Customer’s sole and exclusive remedy, for any non-conformities to the express limited warranty under this Section shall be as follows: provided that, within the applicable warranty period, Customer notifies Hyland in writing of the non-conformity, Hyland will either (a) repair or replace the non-conforming Work Product, which may include the delivery of a reasonable workaround for the non-conformity; or (b) if Hyland determines that repair or replacement of the Work Product is not commercially practicable, then terminate this Schedule with respect to the non-conforming Work Product, in which event, upon compliance by Customer with its obligations upon termination, Hyland will refund any portion of the services fees paid prior to the time of such termination with respect to the creation and implementation of such Work Product. The Customer's statutory warranty rights shall remain unaffected subject to the express provisions of this Agreement.
4. The Work Products Infringement Indemnification Section of the Professional Services Schedule shall be replaced in its entirety as follows:
The most current version of this page shall be such in effect as of 12:00am EST (Eastern Standard Time) of the date stamped on such online version.
Effective December 8th 2022 to June 2nd 2023
DownloadTable of Contents
Effective March 30th 2021 to December 8th 2022
DownloadTable of Contents
Support Prioritization Attachment
Effective August 22nd 2023
DownloadTable of Contents
Effective May 30th 2023 to August 22nd 2023
DownloadTable of Contents
Effective May 30th 2023 to May 30th 2023
DownloadTable of Contents
Effective December 8th 2022 to May 30th 2023
DownloadTable of Contents
Severity Level | Description | Hyland Response |
Level 1 | “Level 1” means any Error that causes total or substantial Software failure, which means that the Software is down and Customer is unable to access the Software in any way within their production environment. | Upon receiving notification from Customer, Hyland’s Technical Support contact will immediately notify a support manager. Within thirty (30) minutes, the Manager will notify a member of senior management. If there is no Resolution within two (2) hours of the Customer’s notice, Hyland will place the Customer on the High Visibility Ticker (HVT). If there is no Resolution within four (4) hours of the Customer’s notice or by the end of business of that day, Hyland will designate the Error as Code Blue. Designation as Code Blue means a resolution team is immediately formed for the Level 1 Error and the resolution team provides continuous updates on all issues of change or status to all C-level executives and vice presidents of Hyland, and all of Hyland employees are made aware that the Customer is on Code Blue. To provide a Resolution, Hyland will match the Customer’s effort, up to and including 24 hour days, 7 days a week, through holidays and weekends until there is a Resolution. |
Level 2 | “Level 2” means an Error that causes substantial Software failure which prevents a portion of Customer’s users from accessing the Software in any way within the production environment. | Upon receiving notification from Customer, Hyland’s Technical Support contact will notify a support manager within sixty (60) minutes. Within two (2) hours, the manager will notify a member of senior management. If there is no Resolution by the end of business on that day, Hyland will place the Customer on Hyland’s High Visibility Ticker. If there is no Resolution within twenty-four (24) hours of Customer’s notice, Hyland will designate the Error as Code Blue. To provide a Resolution, Hyland will match Customer’s efforts up to 24 hour days, 7 days a week, through holidays and weekends until there is a Resolution. |
Level 3 | “Level 3” means that the Software is usable except that an Error causes an ongoing, system-wide, severe performance degradation. | To provide a Resolution, Hyland will match Customer’s efforts up to 5 days/week, 16 hours/day, through holidays and weekends until there is a Resolution. |
Level 4 | “Level 4” means that the Software is usable except that an Error prevents a specific feature or functionality from working. | To provide a Resolution, Hyland will use reasonable efforts during regular support hours. |
Level 5 | “Level 5” means that the Software is usable except that an Error causes a trivial inconvenience and the task can be completed in another way | Standard Maintenance and Support. |
Level 6 | “Level 6” means Technical Support Services. | Standard Maintenance and Support. |
Effective March 30th 2021 to December 8th 2022
DownloadTable of Contents
Severity Level | Description | Hyland Response |
Level 1 | “Level 1” means any Error that causes total or substantial Software failure, which means that the Software is down and Customer is unable to access the Software in any way within their production environment. | Upon receiving notification from Customer, Hyland’s Technical Support contact will immediately notify a support Manager. Within thirty (30) minutes, the Manager will notify a member of Senior Management or a Vice President. If there is no Resolution within two (2) hours of the Customer’s notice, Hyland will place the Customer on the High Visibility Ticker (HVT). If there is no Resolution within four (4) hours of the Customer’s notice or by the end of business of that day, Hyland will designate the Error as Code Blue. Designation as Code Blue means a resolution team is immediately formed for the Level 1 Error and the resolution team provides continuous updates on all issues of change or status to all C-Level Executives and Vice Presidents of Hyland, and all of Hyland employees are made aware that the Customer is on Code Blue. To provide a Resolution, Hyland will match the Customer’s effort, up to and including 24 hour days, 7 days a week, through holidays and weekends until there is a Resolution. |
Level 2 | “Level 2” means an Error that causes substantial Software failure which prevents a portion of Customer’s users from accessing the Software in any way within the production environment. | Upon receiving notification from Customer, Hyland’s Technical Support contact will notify a support Manager within sixty (60) minutes. Within two (2) hours, the Manager will notify a member of Senior Management or Vice President. If there is no Resolution by the end of business on that day, Hyland will place the Customer on Hyland’s High Visibility Ticker. If there is no Resolution within twenty-four (24) hours of Customer’s notice, Hyland will designate the Error as Code Blue. To provide a Resolution, Hyland will match Customer’s efforts up to 24 hour days, 7 days a week, through holidays and weekends until there is a Resolution. |
Level 3 | “Level 3” means that the Software is usable except that an Error causes an ongoing, system-wide, severe performance degradation. | To provide a Resolution, Hyland will match Customer’s efforts up to 5 days/week, 16 hours/day, through holidays and weekends until there is a Resolution. |
Level 4 | “Level 4” means that the Software is usable except that an Error prevents a specific feature or functionality from working. | To provide a Resolution, Hyland will use reasonable efforts during regular support hours. |
Level 5 | “Level 5” means that the Software is usable except that an Error causes a trivial inconvenience and the task can be completed in another way | Standard Maintenance and Support. |
Level 6 | “Level 6” means Technical Support Services. | Standard Maintenance and Support. |
Acceptable Use Policy Attachment - AUP
Effective February 16th 2025
DownloadTable of Contents
Effective February 16th 2025
DownloadEffective February 16th 2025
DownloadEffective February 16th 2025
Download
2. UTILISATIONS INTERDITERS. L'Utilisateur s’interdit toute utilisation du Service Cloud Hyland en violation de toute loi applicable, en ce compris, sans que cette liste soit exhaustive:
(a) de toute manière qui enfreint ou font appropriation illicite de droits de propriété intellectuelle, en ce compris les droits d'auteur, les droits sur les marques, les logiciels, les brevets et les secrets commerciaux;
(b) S'engager dans la promotion, la vente, la production, la réalisation ou le fournissement des drogues ou des jeux d'argent illégaux, des matériaux obscènes ou tout autre produit ou service interdit par la loi;
(c) d'afficher, transmettre, stocker ou rendre disponibles des éléments pédopornographiques;
(d) de transmettre, distribuer, stocker ou créer tout matériel illégal, y compris toute technologie ou tout logiciel contrôlé en virtu de toute loi pertinente sur le contrôle des exportations;
(e) d'afficher, transmettre, stocker ou publier des informations qui constituent une diffamation, du harcèlement, une obscénité, ou qui violent de toute autre manière la vie privée ou les droits personnels de tout individu;
(f) d'afficher ou transmettre des messages obscènes, menaçants, abusifs ou de harcèlement ou inciter de quelque manière que ce soit à la violence;
(g) de promouvoir, proposer ou mettre en œuvre des mécanismes financiers frauduleux, notamment des modèles financiers pyramidaux (« pyramid schemes ») , transferts de fonds illégaux et frais sur les cartes de crédit;
(i) d'interférer avec, d'obtenir un accès non autorisé au ou de violer de quelque autre manière la sécurité du serveur, du réseau, d’un ordinateur personnel, des dispositifs d'accès ou de contrôle du réseau, des logiciels ou des données, ou de tout autre système de Hyland ou d’un tiers, ou tenter de faire ce qui précède, en ce compris, mais sans s'y limiter, en utilisant dans le développement, la distribution ou l'exécution de virus, de vers, d'attaques par déni de service, d'inondations de réseau ou autres activités malveillantes destinées à perturber des services informatiques ou à détruire des données;
(j) d'interférer avec le réseau de Hyland ou l'utilisation et la jouissance, par ou pour d’autres Utilisateurs autorisés, des Services Cloud Hyland; ou
(k) de fournir des informations erronées ou trompeuses en en-têtes des messages ou tout d'autre contenu, utiliser des noms de domaine inexistants ou un adressage trompeur, ou cacher ou obscurcir les informations permettant d'identifier le point d'origine ou le chemin de transmission d'un message;
3. EXÉCUTION. En cas de manquement d’un Utilisateur aux termes de la PUA, Hyland se réserve le droit, et en fonction de la nature et de la gravité dudit manquement, de suspendre l’accès à tout Service Cloud Hyland auquel cet Utilisateur accède et ce, pour la durée nécessaire à la mise en place des mesures qui, selon le jugement raisonnable de Hyland, permettront de mettre fin audit manquement et en empêchement la poursuite ou la répétition.
4. NOTIFICATION. Excepté les cas prévus par la loi, Hyland notifie par écrit à l'Utilisateur, par courriel ou par tout autre moyen, tout manquement à la PUA afin qu’il puisse y être remédié, sans impact sur le Service Cloud Hyland ; Hyland indique également à l'Utilisateur le délai dans lequel celui-ci doit se mettre en conformité avec la PUA. Hyland se réserve toutefois le droit de suspendre sans préavis, et sans délai, le Service Cloud Hyland en réponse à une décision de justice ou administrative indiquant que certains comportements de l'Utilisateur doivent cesser, ou lorsque Hyland considère : (1) qu'il puisse exposer à une sanction, voir sa responsabilité civile engagée ou qu’elle s’expose à des poursuites en raison du manquement ; (2) que ce manquement est susceptible de causer un préjudice ou interférer avec l'intégrité ou les opérations normales ou la sécurité du réseau de Hyland ou des réseaux avec lesquels Hyland est interconnectée, ou interférer avec l'utilisation par un autre client de Hyland des Services Cloud Hyland, d'autres services ou logiciels ; ou (3) que ce manquement présente un quelconque risque imminent de préjudice pour Hyland ou d'autres clients de Hyland ou leurs salariés respectifs. Sous réserve de ce qui précède, Hyland s’efforce d’allouer à l'Utilisateur un préavis d'au moins sept (7) jours calendaires avant la suspension du Service Cloud Hyland.
5. EXCLUSION DE RESPONSABILITÉ. L'Utilisateur est le seul responsable du contenu et des messages transmis ou qu’il met à disposition en utilisant un Service Cloud Hyland. Hyland n’assume aucune responsabilité quant au matériel créé ou rendu accessible sur ou par le biais du Service Cloud Hyland et n’exercera aucun contrôle éditorial sur ce matériel. Hyland se réserve le droit mais n’est pas tenue de surveiller toute activité ou tout contenu, afin d’identifier un manquement à la loi applicable ou la PUA. Hyland décline toute responsabilité quant à l'utilisation inappropriée d'un Service Cloud Hyland par l'Utilisateur et ne pourra en aucun cas être tenue responsable de la violation par un tiers de la PUA ou de toute loi applicable.
6. TOLERANCE ET NULLITÉ PARTIELLE. Le fait de renoncer ou invoquer tardivement ou de ne pas invoquer l’application de la PUA ne saurait valoir, pour l'avenir, renonciation à invoquer la PUA ou à tout autre droit ou recours. Si une stipulation de la présente PUA se révélait inexécutoire ou contraire à une disposition légale impérative ou un changement de loi, ce caractère inexécutoire ou invalide n'affecte en rien la validité des autres stipulations de la PUA qui reste en vigueur.
7. QUESTIONS. Si vous n'êtes pas sûr qu'une utilisation ou une action envisagée soit autorisée, ou vous avez connaissance d’une violation de la présente PUA, veuillez contacter Hyland, à l’adresse security@hylandcloud.com .
Effective February 16th 2025
DownloadEffective June 6th 2023 to February 16th 2025
DownloadTable of Contents
Effective June 6th 2023 to February 16th 2025
DownloadANLAGE - RICHTLINIE ZUR AKZEPTABLEN NUTZUNG
1. EINLEITUNG:
Diese Richtlinie zur akzeptablen Nutzung (diese „RAN“) gilt für alle natürlichen und juristischen Personen (im Folgenden zusammenfassend als „Benutzer“ bezeichnet), welche die von Hyland Software, Inc. oder seinen verbundenen Unternehmen („Hyland“) bereitgestellten Dienste und Softwareprodukte in Verbindung mit dem Hyland Cloud-Dienst nutzen. Diese RAN dient dem Schutz der Sicherheit, Integrität, Zuverlässigkeit und Privatsphäre des Hyland-Netzwerks und des Hyland Cloud-Dienstes, den Hyland für seine Hosting-Kunden hostet.
Mit der Nutzung des Hyland Cloud-Dienstes akzeptiert der Benutzer die Bedingungen dieser RAN in ihrer zum Zeitpunkt der Nutzung gültigen Fassung. Hyland behält sich das Recht vor, diese Richtlinie jederzeit mit sofortiger Wirkung zu ändern, sobald Hyland die geänderte oder überarbeitete RAN auf der Hyland-Website veröffentlicht hat: https://www.hyland.com/community.
2. BENUTZERPFLICHTEN.
2.1 Fehlgebrauch. Der Benutzer ist für jede missbräuchliche Nutzung eines Hyland Cloud-Dienstes verantwortlich. Daher muss der Benutzer alle angemessenen Vorsichtsmaßnahmen ergreifen, um den Zugang und die Nutzung aller von ihm genutzten Hyland Cloud-Dienste zu schützen.
2.2 Nutzungsbeschränkungen. Der Benutzer darf einen Hyland Cloud-Dienst in keiner Weise nutzen, welche gegen geltendes Recht verstößt, einschließlich, aber nicht beschränkt auf:
(a) Verletzung oder widerrechtliche Aneignung von geistigen Eigentumsrechten, einschließlich Urheberrechten, Marken, Dienstleistungsmarken, Software, Patenten und Geschäftsgeheimnissen;
(b) Beteiligung an der Förderung, dem Verkauf, der Herstellung, der Erfüllung oder der Lieferung von illegalen Drogen, illegalem Glücksspiel, obszönem Material oder anderen gesetzlich verbotenen Produkten und Dienstleistungen. Ebenso ist die Aufforderung zu solch illegale Aktivitäten verboten, selbst wenn die Aktivitäten nicht tatsächlich durchgeführt werden;
(c) Das Anzeigen, Übertragen, Speichern oder Bereitstellen von kinderpornografischem Material;
(d) Das Übertragen, Verteilen oder Speichern von Material, das rechtswidrig ist, einschließlich Verschlüsselungssoftware, die gegen die US-, EU- und nationale Exportkontrollgesetze verstößt, oder das ein erhebliches Risiko zivilrechtlicher Haftung für Hyland darstellt;
(e) Das Anzeigen, Übertragen, Speichern oder Veröffentlichen von Informationen, die eine Beleidigung, Verleumdung, Diffamierung, Belästigung, Obszönität darstellen oder anderweitig die Privatsphäre oder die persönlichen Rechte einer Person verletzen;
(f) Das Anzeigen oder Übermitteln von obszönen, bedrohlichen, beleidigenden oder belästigenden Nachrichten; oder
(g) Förderung, Angebot oder Durchführung betrügerischer Finanzpläne, einschließlich Pyramiden, unrechtmäßigen Geldüberweisungen und Belastungen von Kreditkarten.
2.3 Verbotene Handlungen. Dem Benutzer ist es nicht gestattet, einen Hyland Cloud-Dienst zu nutzen, um eine der folgenden Handlungen vorzunehmen:
(a) Störung, unbefugter Zugriff auf oder anderweitige Verletzungen der Sicherheit von Servern, Netzwerken, PCs, Netzwerkzugangs- oder -kontrollgeräten, Software oder Daten oder anderen Systemen von Hyland oder einer anderen Partei oder der Versuch, eine der vorgenannten Handlungen auszuführen, einschließlich, aber nicht beschränkt auf die Entwicklung, Verbreitung oder Ausführung von Internetviren, Würmern, Denial-of-Service-Angriffen, Netzwerküberflutung oder anderen böswilligen Aktivitäten, die darauf abzielen, Computerdienste zu stören oder Daten zu zerstören;
(b) Störung des Hyland-Netzwerks oder der Nutzung des Hyland Cloud-Dienstes, durch andere autorisierte Benutzer;
(c) Das Bewerben oder Verbreiten von Software, Diensten oder Adresslisten, die den Zweck haben, Spam zu ermöglichen;
(d) Bereitstellung falscher oder irreführender Informationen in Nachrichtenkopfzeilen oder anderen Inhalten, Verwendung nicht existierender Domänennamen oder irreführender Adressierung oder Verbergen oder Verschleiern von Informationen, die den Ursprungsort oder Übertragungsweg einer Nachricht identifizieren;
(e) Verletzung von Persönlichkeitsrechten;
(f) Versenden und Sammeln von Antworten auf Spam, unerwünschte elektronische Nachrichten oder Kettenbriefe; und
3. DURCHSETZUNG. Wenn ein Benutzer gegen diese RAN verstößt, kann Hyland, je nach Art und Schwere des Verstoßes, das Hosting eines Hyland Cloud-Dienstes, auf den dieser Benutzer zugreift, so lange aussetzen, bis Maßnahmen ergriffen sind, die nach Hylands vernünftigem Ermessen eine Fortsetzung oder Wiederholung des Verstoßes ausschließen.
4. HINWEIS. Sofern dies nicht gesetzlich verboten ist, wird Hyland den Benutzer schriftlich per E-Mail oder auf andere Weise über einen Verstoß gegen diese RAN informieren, damit dieser Verstoß ohne Auswirkungen auf den Hyland Cloud-Dienst korrigiert werden kann. Hyland setzt dem Benutzer außerdem eine angemessene Frist, innerhalb derer der Benutzer diese RAN einhalten muss. Hyland behält sich jedoch das Recht vor, sofort und ohne vorherige Ankündigung zu handeln, um den Hyland Cloud-Dienst als Reaktion auf eine gerichtliche Anordnung oder eine behördliche Mitteilung, dass ein bestimmtes Verhalten des Benutzers eingestellt werden muss, auszusetzen oder wenn Hyland vernünftigerweise feststellt: (1) dass es Sanktionen, zivilrechtlicher Haftung oder strafrechtlicher Verfolgung ausgesetzt sein könnte; (2) dass ein solcher Verstoß die Integrität oder den normalen Betrieb oder die Sicherheit des Hyland-Netzwerks oder der Netzwerke, mit denen Hyland verbunden ist, schädigen oder beeinträchtigen könnte oder die Nutzung des Hyland Cloud-Dienstes, anderen Diensten oder Softwareprodukten durch einen anderen Hyland-Kunden beeinträchtigen könnte; oder (3) dass ein solcher Verstoß anderweitig eine unmittelbare Gefahr für Hyland oder andere Hyland-Kunden oder deren jeweilige Mitarbeiter darstellt. Anderfalls wird Hyland angemessene Anstrengungen unternehmen, um dem Benutzer eine Frist von mindestens sieben (7) Kalendertagen zu setzen, bevor der Hyland Cloud-Dienst ausgesetzt wird. Der Benutzer ist für alle Gebühren oder Entgelte verantwortlich, die Hyland bis zum Zeitpunkt der Aussetzung durch Hyland gemäß der zwischen dem Benutzer und Hyland bestehenden Vereinbarung in Bezug auf den Hyland Cloud-Dienst zu begleichen sind.
5. HAFTUNGSAUSSCHLUSS. Hyland lehnt jegliche Verantwortung für Schäden ab, die dem Benutzer als Folge der Reaktion von Hyland auf die Verletzung dieser RAN durch den Benutzer entstehen. Der Benutzer ist allein für die Inhalte und Nachrichten verantwortlich, die vom Benutzer über einen Hyland Cloud-Dienst übertragen oder zur Verfügung gestellt werden. Durch die Nutzung eines Hyland Cloud-Dienstes nimmt der Benutzer zur Kenntnis, dass Hyland nicht verpflichtet ist, Aktivitäten oder Inhalte auf Verstöße gegen geltendes Recht oder diese RAN zu überwachen, sich aber das Recht vorbehält, dies zu tun. Hyland lehnt jede Verantwortung für die unangemessene Nutzung eines Hyland Cloud-Dienstes durch den Benutzer und jegliche Haftung für die Verletzung dieser RAN oder geltenden Rechts durch Dritte ab.
6. ENTSCHÄDIGUNG. Der Benutzer erklärt sich damit einverstanden, Hyland von allen Verbindlichkeiten, Verpflichtungen, Verlusten und Schäden sowie von Kosten und Auslagen, einschließlich angemessener Anwaltskosten, freizustellen, die sich aus Ansprüchen, Schäden, Verlusten, Haftungen, Klagen oder Klagen Dritter gegen Hyland aufgrund schuldhaften Verhaltens des Benutzers, das gegen diese RAN verstößt, erhoben werden.
7. VERZICHT. Ein Versäumnis oder eine Verzögerung bei der Ausübung oder Durchsetzung dieser Richtlinie stellt keinen Verzicht auf die Richtlinie oder auf ein anderes Recht oder Rechtsmittel dar. Sollte eine Bestimmung dieser Richtlinie aufgrund eines Gesetzes oder einer Gesetzesänderung als nicht durchsetzbar erachtet werden, wird eine solche Bestimmung nicht berücksichtigt und der Rest der Richtlinie bleibt in Kraft.
8. FRAGEN. Wenn Sie sich nicht sicher sind, ob eine in Betracht gezogene Nutzung oder Handlung zulässig ist, wenden Sie sich bitte an Hyland unter der Nummer 440-788-5000.
Effective June 6th 2023 to February 16th 2025
DownloadANEXO DE POLÍTICA DE USO ACEPTABLE
1. INTRODUCCIÓN.
Esta Política de Uso Aceptable ("AUP” por sus siglas en inglés) aplica a todas las personas y entidades (en su conjunto de denomina "Usuario") que utilizan los servicios y productos de software proporcionados por Hyland Software, Inc. o sus filiales ("Hyland") en relación con el alojamiento de Hyland de una o más Soluciones Alojadas (en su conjunto de denomina "Soluciones Alojadas"). Esta AUP está diseñada para proteger la seguridad, integridad, confiabilidad y privacidad de la red de Hyland y los alojamientos de las Soluciones Alojadas para sus clientes de hosting.
El uso de la Solución Alojada por parte del Usuario constituye la aceptación del Usuario de los términos y condiciones de esta AUP vigentes en el momento de dicho uso. Hyland se reserva el derecho de modificar esta política en cualquier momento a partir de la publicación de la modificación o AUP revisada en el sitio web de Hyland: https://www.hyland.com/community.
2. OBLIGACIONES DEL USUARIO.
2.1 Mal Uso. El Usuario es responsable por cualquier mal uso de la Solución Alojada; por lo tanto, debe tomar todas las precauciones razonables para proteger el acceso y uso de cualquier Solución Alojada que utilice.
2.2 Restricciones de Uso. El Usuario no debe usar una Solución Alojada de ninguna forma que viole la ley aplicable, incluyendo, entre otros, al:
(a) Infringir o apropiarse indebidamente de los derechos de propiedad intelectual, incluidos los derechos de autor, marcas registradas, marcas de servicio, software, patentes y secretos comerciales;
(b) Participar en la promoción, venta, producción o entrega de drogas ilegales, apuestas ilegales, materiales obscenos u otros productos y servicios prohibidos por la ley. Del mismo modo, solicitar actividades ilegales está prohibido incluso si tales actividades no se realizan realmente;
(c) Mostrar, transmitir, almacenar o poner a disposición materiales de pornografía infantil;
(d) Transmitir, distribuir o almacenar cualquier material que sea ilegal, incluyendo software de cifrado en violación de las leyes de control de exportaciones de los Estados Unidos, o que presente un riesgo material de responsabilidad civil para Hyland;
(e) Mostrar, transmitir, almacenar o publicar información que constituya difamación, calumnia, hostigamiento, obscenidad o que viole la privacidad o los derechos personales de cualquier persona;
(f) Mostrar o transmitir mensajes obscenos, amenazantes, abusivos u hostigadores; o
(g) Promover, ofrecer o implementar esquemas financieros fraudulentos, incluyendo pirámides, transferencias ilegales de fondos y cargos a tarjetas de crédito.
2.3 Actos Prohibidos. El Usuario no debe usar la Solución Alojada para ninguna de las actividades siguientes:
(a) Interferir con, obtener acceso no autorizado a o violar la seguridad del servidor, red, computadora personal, dispositivos de acceso o control de red, software, datos u otro sistema de Hyland o tercera parte, o intentar hacer algo de lo anterior, incluyendo, entre otros, el desarrollo, distribución o ejecución de virus de Internet, gusanos, ataques de denegación de servicio, inundación de la red u otras actividades maliciosas destinadas a interrumpir los servicios informáticos o destruir datos;
(b) Interferir con la red de Hyland o con el uso de Soluciones Alojadas recibidas de otros Usuarios autorizados;
(c) Promover o distribuir software, servicios o directorios que tengan el propósito de facilitar el correo no deseado;
(d) Proporcionar información falsa o engañosa en encabezados de mensajes y otro contenido, usar nombres de dominios no existentes o direcciones engañosas, o esconder información que identifique el punto de origen o ruta de transmisión de un mensaje;
(e) Violar los derechos de privacidad personal;
(f) Enviar respuestas al correo no deseado, mensajes electrónicos no solicitados o cadena de correos, y
(g) Participar en actividades que Hyland crea, a su juicio, puedan ser dañinas para las operaciones, imagen pública o reputación de Hyland.
3. CUMPLIMIENTO. Si un Usuario viola esta AUP, Hyland puede, dependiendo de la naturaleza y gravedad de la violación, suspender el alojamiento de cualquier Solución Alojada a la que acceda dicho Usuario durante el tiempo que sea necesario para tomar medidas que, a juicio razonable de Hyland, eviten que la violación continúe u ocurra de nuevo.
4. NOTIFICACIONES. A menos que lo prohíba la ley, Hyland debe proporcionarle al Usuario una notificación escrita por correo electrónico o de otra forma sobre la violación de esta AUP para que se corrija sin afectar el alojamiento de las Soluciones Alojadas; Hyland también debe proporcionarle al Usuario una fecha límite para que cumpla con la AUP. Sin embargo, Hyland se reserva el derecho de actuar inmediatamente y suspender el alojamiento de las Soluciones Alojadas sin previo aviso en respuesta a una orden judicial o notificación gubernamental indicando que se debe suspender cierta conducta del Usuario o cuando Hyland determine: (1) que puede estar expuesto a sanciones, responsabilidad civil o enjuiciamiento; (2) que dicha violación puede dañar o interferir con la integridad o las operaciones normales o la seguridad de la red o redes de Hyland con las que Hyland está interconectada, o interferir con el uso que hace otro cliente de Hyland de los servicios o productos de software de Hyland, o (3) que dicha violación presenta un riesgo inminente de daño para Hyland u otros clientes de Hyland o sus respectivos empleados. En otras circunstancias, Hyland tomará las acciones que resulten comercialmente razonables para proporcionarle al Usuario un aviso por lo menos siete (7) días calendario antes de suspender el alojamiento de las Soluciones Alojadas. El Usuario es responsable de todos los cargos o tarifas que se le deben a Hyland hasta el punto de la suspensión, según el acuerdo existente entre el Usuario y Hyland con relación a las Soluciones Alojadas.
5. DESCARGO DE RESPONSABILIDAD. Hyland no asume ninguna responsabilidad por los daños y perjuicios sufridos por el Usuario como resultado de la respuesta de Hyland a la violación de esta AUP por parte del Usuario. El Usuario es el único responsable del contenido y mensajes transmitidos o puestos a disposición usando una Solución Alojada. Al utilizar una Solución Alojada, el Usuario reconoce que Hyland no tiene la obligación de monitorear las actividades o contenido para ver si violan alguna ley aplicable o esta AUP, pero se reserva el derecho de hacerlo. Hyland rechaza cualquier responsabilidad por el uso inadecuado de una Solución Alojada por parte del Usuario y cualquier responsabilidad por la violación a esta AUP o ley aplicable de un tercero.
6. INDEMNIZACIÓN. El Usuario acepta indemnizar a Hyland por y contra todas las responsabilidades, obligaciones, pérdidas y daños y perjuicios, más los costos y gastos, incluyendo los honorarios razonables de abogados, que surjan de cualquier reclamo, daño, pérdida, responsabilidad, demanda o acción presentada contra Hyland por un tercero como resultado de la conducta del Usuario que viola esta AUP.
7. EXENCIÓN. Ninguna falla o retraso en el cumplimiento de esta política constituirá una exención a la política o a ningún otro derecho o resarcimiento. Si no se puede cumplir alguna disposición de esta política debido a alguna ley o cambio en la ley, dicha disposición deberá ser ignorada y el resto de la política se mantendrá en vigor.
8. PREGUNTAS. Si el Usuario no está seguro si tiene permitido algún uso o acción debe contactar a Hyland al 440-788-5000.
Effective June 6th 2023 to February 16th 2025
Download
1. INTRODUCTION.
La présente Politique d'Utilisation Acceptable (la « PUA ») s'applique à toute personne physique ou morales qui utilise les services et logiciels (collectivement, l’« Utilisateur ») fournis par Hyland Software, Inc. ou ses affiliées (« Hyland ») en lien avec le Service Cloud Hyland. La PUA vise à protéger la sécurité, l'intégrité, la fiabilité et la confidentialité du réseau de Hyland et des Services Cloud Hyland que Hyland héberge pour les clients de ses services d’hébergement.
L'utilisation du Service Cloud Hyland par l’Utilisateur vaut acceptation par ce dernier des termes de la PUA en vigueur à la date d’utilisation dudit service. Hyland se réserve le droit de modifier la PUA à tout moment, toute nouvelle version prenant effet à la date de la publication par Hyland de la modification considérée ou de la PUA révisée, sur son site internet: https://www.hyland.com/community.
2. OBLIGATIONS DE L’UTILISATEUR.
2.1 Mauvaise utilisation. L'Utilisateur est seul responsable de toute utilisation inappropriée d'un Service Cloud Hyland. L'Utilisateur prend donc toutes précautions raisonnables afin de protéger l'accès au(x) et l'utilisation du/des Service Cloud Hyland qu'il utilise.
2.2 Restrictions d'utilisation. L'Utilisateur s’interdit toute utilisation du Service Cloud Hyland en violation de toute loi applicable, en ce compris, sans que cette liste soit exhaustive:
(a) en contrefaisant des ou faisant appropriation illicite de droits de propriété intellectuelle, en ce compris les droits d'auteur, les droits sur les marques, les logiciels, les brevets et les secrets commerciaux;
(b) en promouvant, vendant, produisant, réalisant ou fournissant des drogues ou jeux d'argent illégaux, des produits obscènes ou tout autre produit ou service interdit par la loi. De même, la sollicitation d'activités illégales est interdite, quand bien même ces activités ne seraient pas effectivement réalisées;
(c) en affichant, transmettant, stockant ou rendant disponibles des éléments pédopornographiques;
(d) en transmettant, distribuant ou stockant tout élément illégal, y compris tout logiciel de cryptage en violation des lois américaines – ou de toute autre juridiction, le cas échéant – sur le contrôle des exportations, ou susceptible d’engager la responsabilité civile de Hyland;
(e) en affichant, transmettant, stockant ou publiant des informations qui constituent une diffamation, du harcèlement, une obscénité, ou qui violent de toute autre manière la vie privée ou les droits personnels de tout individu;
(f) en affichant ou transmettant des messages obscènes, menaçants, abusifs ou de harcèlement; ou
(g) en promouvant, proposant ou mettant en œuvre des mécanismes financiers frauduleux, notamment des modèles financiers pyramidaux (« pyramid schemes ») , transferts de fonds illégaux et frais sur les cartes de crédit.
2.3 Actes Prohibés. L'Utilisateur s’interdit d’utiliser le Service Cloud Hyland pour se livrer à l'un quelconque des actes suivants:
(a) interférer avec, obtenir un accès non autorisé au ou violer de toute autre manière la sécurité du serveur, du réseau, d’un ordinateur personnel, des dispositifs d'accès ou de contrôle du réseau, des logiciels ou des données, ou de tout autre système de Hyland ou d’un tiers, ou tenter de faire ce qui précède, en ce compris, mais sans s'y limiter, en utilisant le Service Cloud Hyland dans le développement, la distribution ou l'exécution de virus, de vers, d'attaques par déni de service, d'inondations de réseau ou autres activités malveillantes destinées à perturber des services informatiques ou à détruire des données;
(b) interférer avec le réseau de Hyland ou l'utilisation et la jouissance, par ou pour d’autres Utilisateurs autorisés, des Services Cloud Hyland;
(c) promouvoir ou distribuer des logiciels, des services ou des listes d'adresses dont l’objet est de faciliter les spams;
(d) fournir des informations erronées ou trompeuses en en-têtes des messages ou tout d'autre contenu, utiliser des noms de domaine inexistants ou un adressage trompeur, ou cacher ou obscurcir les informations permettant d'identifier le point d'origine ou le chemin de transmission d'un message;
(e) violer les droits à la vie privée, sauf les cas autorisés par la loi;
(f) envoyer des spams et collecter les réponses qui y sont apportées, des messages électroniques non sollicités ou des chaînes de courriels; et
(g) s'engager dans toute activité que Hyland considère, à sa seule discrétion, comme pouvant être nuisible aux opérations, à l'image ou à la réputation de Hyland.
3. EXÉCUTION. En cas de manquement d’un Utilisateur aux termes de la PUA, et en fonction de la nature et de la gravité dudit manquement, Hyland se réserve le droit de suspendre l’hébergement de tout Service Cloud Hyland auquel cet Utilisateur a accès et ce, pour la durée nécessaire à la mise en place des mesures qui, selon Hyland, permettront de mettre fin audit manquement et en préviendront la poursuite ou répétition.
4. NOTIFICATION. Excepté les cas prévus par la loi, Hyland notifie par écrit à l'Utilisateur, par courriel ou par tout autre moyen, tout manquement à la PUA afin qu’il puisse y être remédié, sans impact sur le Service Cloud Hyland ; Hyland indique également à l'Utilisateur le délai dans lequel celui-ci doit se mettre en conformité avec la PUA. Hyland se réserve toutefois le droit de suspendre sans préavis, et sans délai, le Service Cloud Hyland en réponse à une décision de justice ou administrative indiquant que certains comportements de l'Utilisateur doivent cesser, ou lorsque Hyland considère: (1) qu'elle peut être exposée à une sanction, voir sa responsabilité civile engagée ou qu’elle s’expose à des poursuites; (2) que ce manquement est susceptible de causer un préjudice ou interférer avec l'intégrité ou les opérations normales ou la sécurité du réseau de Hyland ou des réseaux avec lesquels Hyland est interconnectée, ou interférer avec l'utilisation par un autre client de Hyland des Services Cloud Hyland, d'autres services ou logiciels; ou (3) que ce manquement présente un quelconque risque imminent de préjudice pour Hyland ou d'autres clients de Hyland ou leurs salariés respectifs. Sous réserve de ce qui précède, Hyland s’efforce d’allouer à l'Utilisateur un préavis d'au moins sept (7) jours calendaires avant la suspension du Service Cloud Hyland. L'Utilisateur est responsable de l’ensemble des montants dus à Hyland jusqu'au moment de la suspension par Hyland, conformément au contrat en vigueur entre l'Utilisateur et Hyland concernant les Services Cloud Hyland.
5. EXCLUSION DE RESPONSABILITÉ. Hyland décline toute responsabilité en cas de dommage subi par l'Utilisateur suite à la réponse de Hyland à un manquement de la PUA par l'Utilisateur. L'Utilisateur est seul responsable du contenu et des messages transmis ou qu’il met à disposition en utilisant un Service Cloud Hyland. En ayant recours à un Service Cloud Hyland, l'Utilisateur reconnaît que Hyland se réserve le droit mais n’est pas tenue de surveiller toute activité ou tout contenu, afin d’identifier un manquement à la loi applicable ou la PUA. Hyland décline toute responsabilité quant à l'utilisation inappropriée d'un Service Cloud Hyland par l'Utilisateur et ne pourra en aucun cas être tenue responsable de la violation par un tiers de la PUA ou de toute loi applicable.
6. INDEMNISATION. L'Utilisateur s’engage à indemniser Hyland de et contre toutes responsabilités, obligations, pertes et dommages, ainsi que les coûts et dépenses associés, en ce compris les frais d'avocat raisonnables, résultant de toute réclamation, dommage, perte, responsabilité, poursuite ou action intentée contre Hyland par un tiers suite à un manquement de l’Utilisateur à la PUA.
7. TOLERANCE ET NULLITE PARTIELLE. Le fait de renoncer ou invoquer tardivement ou de ne pas invoquer l’application de la PUA ne saurait valoir, pour l'avenir, renonciation à invoquer la PUA ou à tout autre droit ou recours. Si une stipulation de la présente politique se révélait inexécutoire ou contraire à une disposition légale impérative ou un changement de loi, ce caractère inexécutoire ou invalide n'affecte en rien la validité des autres stipulations de la PUA qui reste en vigueur.
8. QUESTIONS. Si vous n'êtes pas sûr qu'une utilisation ou une action envisagée soit autorisée, veuillez contacter Hyland, au 440-788-5000.
Effective June 6th 2023 to February 16th 2025
Download
1. INTRODUÇÃO.
Esta Política de Uso Aceitável (esta "AUP") aplica-se a todas as pessoas e entidades (coletivamente referidas nesta AUP como "Usuário") que usam os serviços e produtos de software fornecidos pela Hyland Software, Inc. ou suas afiliadas (“Hyland”) em conexão com o Serviço de Nuvem da Hyland. Esta AUP foi projetada para proteger a segurança, integridade, confiabilidade e privacidade da rede da Hyland e os Serviços de Nuvem da Hyland que a Hyland hospeda para seus clientes de hospedagem.
O uso do Serviço de Nuvem da Hyland pelo Usuário constitui a aceitação pelo Usuário dos termos e condições desta AUP em vigor no momento de tal uso. A Hyland se reserva o direito de modificar esta política a qualquer momento, sendo esta modificação ou AUP revisada efetiva imediatamente após a publicação pela Hyland no site da Hyland: https://www.hyland.com/community.
2. OBRIGAÇÕES DO USUÁRIO.
2.1 Uso Indevido. O usuário é responsável por qualquer uso indevido de um Serviço de Nuvem da Hyland. Portanto, o Usuário deve tomar todas as precauções razoáveis para proteger o acesso e o uso de qualquer Serviço de Nuvem da Hyland que usar.
2.2 Restrições de Uso. O Usuário não deve usar um Serviço de Nuvem da Hyland de nenhuma maneira que viole a lei aplicável, incluindo, sem limitação:
(a) Violação ou apropriação indevida de direitos de propriedade intelectual, incluindo direitos autorais, marcas, software, patentes e segredos comerciais;
(b) Envolver-se na promoção, venda, produção, cumprimento ou entrega de drogas ilegais, jogos ilegais, materiais obscenos ou outros produtos e serviços proibidos por lei. Da mesma forma, é proibido solicitar atividades ilegais, mesmo que essas atividades não sejam realmente executadas;
(c) Exibição, transmissão, armazenamento ou disponibilização de material de pornografia infantil;
(d) Transmissão, distribuição ou armazenamento de qualquer material ilegal, incluindo software de criptografia que viole as leis de controle de exportação dos EUA ou que apresente um risco substancial de responsabilidade civil para a Hyland;
(e) Exibição, transmissão, armazenamento ou publicação de informações que constituam calúnia, ofensa, difamação, assédio, obscenidade ou que de outra forma violem a privacidade ou os direitos pessoais de qualquer pessoa;
(f) Exibição ou transmissão de mensagens obscenas, ameaçadoras, abusivas ou assediadoras; ou
(g) Promoção, oferta ou implementação de esquemas financeiros fraudulentos, incluindo pirâmides, transferências ilegítimas de fundos e cobranças em cartões de crédito.
2.3 Atos Proibidos. O Usuário não deve usar um Serviço de Nuvem da Hyland para se envolver em qualquer um dos seguintes atos:
(a) Interferir, obtendo acesso não autorizado ou de outra forma violando a segurança do servidor, rede, computador pessoal, dispositivos de acesso ou controle de rede, software ou dados ou outro sistema da Hyland ou de terceiros, ou tentar realizar qualquer uma das ações acima, incluindo, sem limitação, o uso no desenvolvimento, distribuição ou execução de vírus da Internet, worms, ataques de negação de serviço, inundação da rede ou outras atividades mal-intencionadas destinadas a interromper os serviços de computador ou destruir dados;
(b) Interferir na rede da Hyland ou no uso e aproveitamento do Serviço de Nuvem da Hyland recebidos por outros Usuários autorizados;
(c) Promover ou distribuir software, serviços ou listas de endereços com o objetivo de facilitar o spam;
(d) Fornecer informações falsas ou enganosas em títulos de mensagens ou outro conteúdo, usando nomes de domínio inexistentes ou endereçamento enganoso, ou ocultar ou encobrir informações que identifiquem o ponto de origem ou a via de transmissão de uma mensagem;
(e) Violar direitos de privacidade pessoal;
(f) Enviar e coletar respostas a spam, mensagens eletrônicas não solicitadas ou mensagens em cadeia; e
(g) Envolver-se em qualquer atividade que a Hyland acredite, a seu exclusivo critério, que possa ser prejudicial às operações, imagem ou reputação pública da Hyland.
3. CUMPRIMENTO. Se um Usuário violar esta AUP, a Hyland poderá, dependendo da natureza e gravidade da violação, suspender a hospedagem de qualquer Serviço de Nuvem da Hyland que esse Usuário acessa pelo tempo necessário para que sejam tomadas medidas que, no julgamento razoável da Hyland, impedirão a violação de continuar ou reincidir.
4. NOTIFICAÇÃO. A menos que seja proibido por lei, a Hyland fornecerá ao Usuário uma notificação por escrito por e-mail ou de outra forma sobre uma violação desta AUP, para que tal violação possa ser corrigida sem impacto no Serviço de Nuvem da Hyland; A Hyland também fornecerá ao Usuário um prazo para que o Usuário esteja em conformidade com esta AUP. A Hyland se reserva o direito, no entanto, de agir imediatamente e sem aviso prévio para suspender o Serviço de Nuvem da Hyland em resposta a uma ordem judicial ou notificação governamental de que determinada conduta do Usuário deve ser interrompida ou quando a Hyland determinar razoavelmente: (1) que possa estar exposta a sanções, responsabilidade civil ou ação penal; (2) que tal violação pode causar danos ou interferir na integridade ou operações normais ou segurança da rede ou redes da Hyland com as quais a Hyland está interconectada ou interferir no uso do Serviço de Nuvem da Hyland de outro Cliente da Hyland, outros serviços ou produtos de software; ou (3) que tal violação apresente risco iminente de danos à Hyland ou a outros clientes da Hyland ou seus respectivos empregados. Em outras situações, a Hyland envidará esforços razoáveis para fornecer ao Usuário um aviso com pelo menos 7 (sete) dias corridos de antecedência antes de suspender o Serviço de Nuvem da Hyland. O Usuário é responsável por todas as cobranças ou taxas devidas à Hyland até o momento de suspensão pela Hyland, de acordo com o contrato em vigor entre o Usuário e a Hyland relacionado aos Serviços de Nuvem da Hyland.
5. ISENÇÃO DE RESPONSABILIDADE. A Hyland se isenta de qualquer responsabilidade por danos sofridos pelo Usuário como resultado da resposta da Hyland à violação desta AUP pelo Usuário. O Usuário é o único responsável pelo conteúdo e mensagens transmitidas ou disponibilizadas pelo Usuário usando um Serviço de Nuvem da Hyland. Ao usar um Serviço de Nuvem da Hyland, o Usuário reconhece que a Hyland não tem obrigação de monitorar nenhuma atividade ou conteúdo quanto a violações da lei aplicável ou desta AUP, mas reserva-se o direito de fazê-lo. A Hyland se isenta de qualquer responsabilidade pelo uso inadequado de um Serviço de Nuvem da Hyland pelo usuário e de qualquer responsabilidade por violação de terceiros desta AUP ou lei aplicável.
6. INDENIZAÇÃO. O Usuário concorda em indenizar a Hyland de e contra todas as responsabilidades, obrigações, perdas e danos, além de custos e despesas, incluindo honorários advocatícios razoáveis, decorrentes de qualquer reclamação, dano, perda, responsabilidade, processo ou ação movida contra a Hyland por terceiros, como resultado da conduta do Usuário que viola esta AUP.
7. RENÚNCIA. Nenhuma falha ou atraso no exercício ou no cumprimento desta política constituirá uma renúncia à política ou a qualquer outro direito ou medida. Se qualquer disposição desta política for considerada inexequível devido à lei ou mudança na lei, tal disposição será desconsiderada e as demais disposições da política permanecerão em vigor.
8. DÚVIDAS. Se você não tiver certeza se algum uso ou ação contemplada é permitida, entre em contato com a Hyland pelo telefone XX-1-440-788-5000.
Effective September 28th 2022 to June 6th 2023
DownloadTable of Contents
Effective March 30th 2021 to September 28th 2022
DownloadTable of Contents
HxP Acceptable Use Policy
Effective March 16th 2021
DownloadTable of Contents
HxP and Sharebase Privacy Policy
Effective March 26th 2021
DownloadTable of Contents
- To improve the Service and our other products;
- To continuously evaluate and improve user experience;
- To respond to emails or other requests, comments, or questions;
- To provide customer support;
- To provide you or our Customer with information that we believe may be useful, such as information about products or services we offer;
- To comply with applicable laws, regulations, or legal process as well as industry standards and our company policies;
- To prevent fraud or other misuse, including to protect our rights and the rights of affiliated companies or related third parties;
- To report suspected criminal acts;
- To maintain records of our transactions and communications; or
- To monitor and analyze trends, usage, and activities of users.
- Hyland Affiliates. As an international organization, Personal Information about you may be shared globally throughout Hyland’s international organization. A list of Hyland entities and their contact information is available here. Personal Information may be shared with affiliated companies for any of the purposes set forth in the section above titled “How We Use Your Information.”
- Third Party Service Providers Under Contract with Hyland. For example, data analytics providers, data center providers, website management, law firms, auditors, performance service providers, and other similar providers. We share your Personal Information with these Service Providers so that they can perform certain business functions on Hyland’s behalf.
- Third Party Solution Providers under contract with Hyland. To allow third parties that resell Hyland products and services (“Solution Provider”) to provide customer support and analyze trends, usage, and activities related to users affiliated with that Solution Provider’s customers.
- Other Unaffiliated Third Parties. We may also share your Personal Information with other unaffiliated third parties for the following purposes:
- Required Disclosures. To comply with a court proceeding, in response to a court order, subpoena, civil discovery request, other legal process, or as otherwise required by law.
- Government Agencies. To response to a request by a government agency.
- Legal Compliance and Protections: To comply with the law or to protect the rights, property, or safety of Hyland, our users, or others. This may include sharing information, including Personal Information, with other companies and organizations for fraud protection and credit risk reduction.
- Corporate Transactions: To disclose and transfer your data, including your Personal Information, if applicable:
- To a subsequent owner, co-owner, or operator of the Service or successor database.
- In connection with a corporate merger, consolidation, bankruptcy, the sale of substantially all of our membership interests and/or assets or other corporate change, including to any prospective purchasers.
- To prevent your information from being used by Google Analytics:
- you can install Google’s opt-out browser add-on: https://tools.google.com/dlpage/gaoptout.
- from your android or iOS device, follow these instructions: (1) open the menu located in the upper left corner of the ShareBase Mobile Application,(2) selected the Settings menu; and (3) toggle switch next to “Share Usage Statistics” to “off.”
- To opt out of interest-based advertising, you can visit http://optout.networkadvertising.org/#!/ and follow NAI’s on-screen instructions. Note that if you opt out through the NAI, you will still receive advertising, but the advertising will not be tailored to your interests. In addition, if you opt out through NAI and later delete your cookies, use a different browser, or buy a new device, you will need you opt out of interest-based advertising again.
- Check your mobile device for settings that control ads based on your interactions with the applications on your device. For example, on your iOS device, enable the “Limit Ad Tracking” setting, and on your Android device, enable the “Opt out of Ads Personalization” setting.
- Confirmation that Hyland processes your Personal Information;
- Access to your Personal Information from Hyland;
- Correction of your Personal Information if incomplete, inaccurate, or out-of-date;
- Anonymization, blocking or deletion of unnecessary or excessive Personal Information or Personal Information processed in noncompliance with the provisions of Brazil’s data protection law;
- Portability of your Personal Information to another service or product provider, by means of an express request and subject to commercial and industrial secrecy as long as that Personal Information has not already been anonymized at the time of your request;
- Deletion of personal data processed with the consent of the data subject;
- Information about public and private entities with which Hyland has shared your Personal Information; and
- Information about the possibility of denying consent and the consequences of such denial.
- Essential Cookies: These are cookies that are strictly necessary for the functioning of the website or for performing services that an individual user has requested. Some examples of functions performed by essential cookies are cookies that remember previous actions (e.g., entered text) when navigating back to a page in the same session.
- Analytical Cookies: These cookies collect information about how visitors use a website, for instance which pages visitors go to most often, and if they get error messages from web pages. These cookies don’t collect information that identifies a visitor. All information that analytical cookies collect is aggregated and therefore anonymous. These cookies are used only to improve how a website functions.
- Functional Cookies: These cookies allow the website to remember choices users make and to provide enhanced, personalized features. For example, on our website, these cookies remember users’ language preferences.
- Persistent Cookies: Persistent cookies remain on your device until deleted manually or automatically.
- What web pages you visit on the Service and how long you visit them;
- Information about how you navigate, use, and interact with the Service;
- Your IP address, device identifiers and signatures, and browser type; and
- The language you’ve chosen to read the website.
Hyland Software, Inc.
Attn: PRIVACY INQUIRY
Westlake OH, 44145
Hyland Experience Technical Support
Effective May 3rd 2024
DownloadTable of Contents
Technical Support Levels | |||
Digital | Premier | Signature | |
Initial Response Target | N/A | P1 and P2: 60 minutes* P3 and P4: 1 Business Day P5 and P6: 2 Business Days | P1 and P2: 30 minutes* P3 and P4: 1 Business Hour P5 and P6: 4 Business Hours |
Issue Update Frequency Target | N/A | P1 and P2: Hourly P3 - P6: 2 Business Days | P1 and P2: Conference bridge** P3 - P6: Business Daily |
Priority Level | Description | Hyland Response |
Level 1 (P1) | Total or substantial failure of Hyland Experience. | Hyland will match Customer’s effort, up to and including 24-hour days, 7 days a week. |
Level 2 (P2) | All of Customer’s users are unable to access an entire portion of Hyland Experience. | Hyland will match Customer’s effort, up to and including 24-hour days, 7 days a week. |
Level 3 (P3) | Hyland Experience is usable except there is an ongoing, system-wide, severe performance degradation. | Hyland will match Customer’s efforts during Business Days, up to 16 hours/day. |
Level 4 (P4) | Hyland Experience is usable except a specific feature or functionality is not working. | Hyland will use reasonable efforts during Business Hours. |
Level 5 (P5) | Hyland Experience is usable except for a trivial inconvenience. | Hyland will use reasonable efforts during Business Hours. |
Level 6 (P6) | All other matters, including “how to” requests and questions about the Documentation. | Hyland will use reasonable efforts during Business Hours. |
Effective March 30th 2021 to May 3rd 2024
DownloadTable of Contents
Severity Level | Description | Hyland Response |
Level 1 | “Level 1” means any error or issue in the Hyland Experience Service that causes total or substantial Hyland Experience Service failure, which means that the Hyland Experience Service is down and Customer is unable to access the Hyland Experience Service in any way. | Upon receiving notification from Customer, Hyland’s support Team Leader will immediately notify a support Manager. Within thirty (30) minutes, the Manager will notify a member of Senior Management or a Vice President. To provide a Resolution, Hyland will work up to and including 24 hour days, 7 days a week, through holidays and weekends until there is a Resolution, provided Customer remains accessible by phone for troubleshooting from the time Hyland receives the notification through Resolution. |
Level 2 | “Level 2” means an error or issue in the Hyland Experience Service that causes substantial Hyland Experience Service failure which prevents a portion of Customer’s users from accessing the Hyland Experience Service in any way. | Upon receiving notification from Customer, Hyland’s support Team Leader will notify a support Manager within sixty (60) minutes. Within two (2) hours, the Manager will notify a member of Senior Management or Vice President. To provide a Resolution, Hyland will work up to 24 hour days, 7 days a week, through holidays and weekends until there is a Resolution, provided Customer remains accessible by phone for troubleshooting from the time Hyland receives the notification through Resolution. |
Level 3 | “Level 3” means that the Hyland Experience Service is usable except that an error or issue in the Hyland Experience Service causes an ongoing, system-wide, severe performance degradation. | To provide a Resolution, Hyland will work up to 5 days/week, 16 hours/day, through holidays and weekends until there is a Resolution, provided Customer remains accessible by phone for troubleshooting from the time Hyland receives the notification through Resolution. |
Level 4 | “Level 4” means that the Hyland Experience Service is usable except that an error or issue in the Hyland Experience Service prevents a specific feature or functionality from working. | To provide a Resolution, Hyland will use commercially reasonable efforts during regular support hours. |
Level 5 | “Level 5” means that the Hyland Experience Service is usable except that an error or issue in the Hyland Experience Service causes a trivial inconvenience and the task can be completed in another way. | Standard Hyland Experience Service Support. |
Level 6 | “Level 6” means Technical Support Services. | Standard Hyland Experience Service Support. |
Hyland Experience Security
Effective May 3rd 2024
DownloadTable of Contents
Effective March 30th 2021 to May 3rd 2024
DownloadTable of Contents
- Risk Management.
- Conducting an annual risk assessment designed to identify threats and vulnerabilities in the administrative, physical, legal, regulatory, and technical safeguards used to protect the Hyland Experience Service.
- Maintaining a documented risk remediation process to assign ownership of identified risks, establish remediation plans and timeframes, and provide for periodic monitoring of progress.
- Information Security Program.
- Maintaining a documented comprehensive Hyland Experience Service information security program. This program will include policies and procedures based on industry standard practices, which may include ISO 27001/27002, or other equivalent standards.
- Such information security program shall include, as applicable: (i) adequate physical and cyber security where Customer Data will be processed and/or stored; and (ii) reasonable precautions taken with respect to Hyland personnel employment.
- These policies will be reviewed and updated by Hyland management annually.
- Organization of Information Security. Assigning security responsibilities to appropriate Hyland individuals or groups to facilitate protection of the Hyland Experience Service and associated assets.
- Human Resources Security.
- Hyland employees undergo comprehensive screening during the hiring process. Background checks and reference validation will be performed to determine whether candidate qualifications are appropriate for the proposed position. Subject to any restrictions imposed by applicable law and based on jurisdiction, these background checks include criminal background checks, employment validation, and education verification as applicable.
- Ensuring all Hyland employees are subject to confidentiality and non-disclosure commitments before access is provisioned to the Hyland Experience Service or Customer Data.
- Ensuring applicable Hyland employees receive security awareness training designed to provide such employees with information security knowledge to provide for the security, availability, and confidentiality of Customer Data.
- Upon Hyland employee separation or change in roles, Hyland shall ensure any Hyland employee access to the Hyland Experience Service is revoked in a timely manner and all applicable Hyland assets, both information and physical, are returned.
- Asset Management.
- Maintaining asset and information management policies and procedures. This includes ownership of assets, an inventory of assets, classification guidelines, and handling standards pertaining to Hyland assets.
- Maintaining media handling procedures to ensure media containing Customer Data as part of the Hyland Experience Service is encrypted and stored in a secure location subject to strict physical access controls.
- When a Hyland Experience Service storage device has reached the end of its useful life, procedures include a decommissioning process that is designed to prevent Customer Data from being exposed to unauthorized individuals using the techniques recommended by NIST to destroy data as part of the decommissioning process.
- If a Hyland storage device is unable to be decommissioned using these procedures, the device will be virtually shredded, degaussed, purged/wiped, or physically destroyed in accordance with industry-standard practices.
- Access Controls.
- Maintaining a logical access policy and corresponding procedures. The logical access procedures will define the request, approval and access provisioning process for Hyland personnel. The logical access process will restrict Hyland user (local and remote) access based on Hyland user job function (role/profile based, appropriate access) for applications and databases. Hyland user access recertification to determine access and privileges will be performed periodically. Procedures for onboarding and offboarding Hyland personnel users in a timely manner will be documented. Procedures for Hyland personnel user inactivity threshold leading to account suspension and removal threshold will be documented.
- Limiting Hyland’s access to Customer Data to its personnel who have a need to access Customer Data as a condition to Hyland’s performance of the services under this Agreement. Hyland shall utilize the principle of “least privilege” and the concept of “minimum necessary” when determining the level of access for all Hyland users to Customer Data. Hyland shall require strong passwords subject to complexity requirements and periodic rotation and the use of multi-factor authentication.
- Ensuring strict access controls are in place for Customer Data access by Hyland. Customer administrators control its user access, user permissions, and Customer Data retention to the extent such controls are available to Customer with respect to the Hyland Experience Service.
- System Boundaries.
- Hyland is not responsible for any system components that are not within the Hyland Cloud Platform, including network devices, network connectivity, workstations, servers, and software owned and operated by the Customer or other third parties. Hyland may provide support for these components at its reasonable discretion.
- The processes executed within the Hyland Cloud Platform are limited to those that are executed by a Hyland employee (or Hyland authorized third party) or processes that are executed within Hyland’s established system boundaries, in whole. This includes, but is not limited to, hardware installation, software installation, data replication, data security, and authentication processes.
- Certain business processes may cross these boundaries, meaning one or more tasks are executed outside of Hyland’s established system boundaries for the Hyland Cloud Platform, one or more tasks are executed by individuals who are not Hyland personnel (or authorized third-parties), or one or more tasks are executed based on written requests placed by Customer. In such event, Hyland will provide support for such processes to the extent they occur within Hyland’s established system boundaries, but Hyland is not responsible for providing support for such processes to the extent they occur outside of such established system boundaries. At its reasonable discretion, Hyland may provide limited support for processes that occur outside such established system boundaries for the Hyland Cloud Platform. Examples of business processes that cross these boundaries include, but are not limited to, Hyland Experience Service configuration changes, processing that occurs within the Hyland Experience Service, user authorization, and file transfers.
- Encryption.
- Customer Data shall only be uploaded to the Hyland Experience Services in an encrypted format such as via SFTP, TLS, or other equivalent method.
- Customer Data shall be encrypted at rest.
- Where use of encryption functionality may be controlled or modified by Customer, in the event Customer elects to modify the use of or turn off any encryption functionality, Customer does so at its own risk.
- Physical and Environment Security.
- The Hyland Cloud Platform uses data centers or third party service providers who have demonstrated compliance with one or more of the following standards (or a reasonable equivalent): International Organization for Standardization (“ISO”) 27001 and/or American Institute of Certified Public Accountants (“AICPA”) Service Organization Controls (“SOC”) Reports for Services Organizations. These providers provide Internet connectivity, physical security, power, and environmental systems and other services for the Hyland Cloud Platform.
- Hyland uses architecture and technologies designed to promote both security and high availability.
- Operations Security.
- Maintaining documented Hyland cloud operating procedures.
- Maintaining change management controls to ensure changes to Hyland Experience Service production systems made by Hyland are properly authorized and reviewed prior to implementation. Customer is responsible for testing all configuration changes, authentication changes and upgrades implemented by Customer or implemented by Hyland at the request of Customer prior to production use of the Hyland Experience Service. In cases where the Customer relies upon Hyland to implement changes on its behalf, a written request describing the change must be submitted (e.g. an e-mail, or another method provided by Hyland) by Customer’s designated Customer Security Administrators (“CSAs”) or set forth in a Services Proposal. Hyland will make scheduled configuration changes that are expected to impact Customer access to their Hyland Experience Service during a planned maintenance window. Hyland may make configuration changes that are not expected to impact Customer during normal business hours.
- Monitoring usage and capacity levels within the Hyland Cloud Platform to adequately and proactively plan for future growth.
- Utilizing virus and malware protection technologies, which are configured to meet common industry standards designed to protect the Customer Data and equipment located within the Hyland Cloud Platform from virus infections or similar malicious payloads.
- Implementing disaster recovery and business continuity procedures. These will include replication of Customer Data to a secondary location.
- Maintaining a system and security logging process to capture system logs deemed critical by Hyland. These logs shall be maintained for at least six months and reviewed on a periodic basis.
- Maintaining system hardening requirements and configuration standards for components deployed within the Hyland Cloud Platform. Ensuring servers, operating systems, and supporting software used in the Hyland Cloud Platform receive all Critical and High security patches within a timely manner, but in no event more than 90 days after release, subject to the next sentence. In the event any such security patch would materially adversely affect the Hyland Experience Service, then Hyland will use reasonable efforts to implement compensating controls until a security patch is available that would not materially adversely affect the Hyland Experience Service.
- Conducting Hyland Cloud Platform vulnerability scans or analysis on at least a quarterly basis and remediate all critical and high vulnerabilities identified in accordance with its patch management procedures.
- Conducting Hyland Cloud Platform penetration tests at least annually.
- Communications Security
- Implementing Hyland Cloud Platform security controls to protect information resources within the Hyland Cloud Platform.
- When supported, upon implementation and once annually thereafter, Customer may request Hyland limit access to Customer’s Hyland Experience Service to a list of pre-defined IP addresses at no additional cost.
- Supplier Relationships. Maintaining a Vendor Management Program for its critical vendors. This program will ensure critical vendors are evaluated on an annual basis.
- Security Incident.
- Employing incident response standards that are based upon applicable industry standards, such as ISO 27001 and National Institute for Standards and Technology (“NIST”), to maintain the information security components of the Hyland Experience Service environment.
- Responses to these incidents follow the Hyland documented incident response sequence. This sequence includes the incident trigger phase, evaluation phase, escalation phase, response phase, recovery phase, de-escalation phase, and post-incident review phase.
- If Hyland has determined Customer’s Hyland Experience Service has been negatively impacted by a security incident, Hyland will deliver a root cause analysis summary. Such notice will not be unreasonably delayed, but will occur after initial corrective actions have been taken to contain the security threat or stabilize the Hyland Experience Service.
- The root cause analysis will include the duration of the event, resolution, technical summary, outstanding issues, and follow-up, including steps Customer needs to take in order to prevent further issues. Hyland Experience Service information including data elements that require additional confidentiality and security measures (including that of other customers impacted in the event) will not be publicly disclosed. If Customer needs additional details of an incident, a request to the Hyland GCS Support team must be submitted and handled on a case by case basis. The release of information process may require an on-site review to protect the confidentiality and security of the requested information.
- Hyland will notify Customer of a Security Incident within 48 hours. A “Security Incident” means a determination by Hyland of an actual disclosure of unencrypted Customer Data to an unauthorized person or entity that compromises the security, confidentiality, or integrity of the Customer Data.
- Information Security Aspects of Business Continuity Management.
- Maintaining a business continuity and disaster recovery plan.
- Reviewing and testing this plan annually.
- Aggregated Data.
- Hyland owns all Customer and User registration and billing data collected and used by Hyland that is required for user set-up, use and billing for the Hyland Experience Service (“Account Information”) and all aggregated, anonymized and statistical data derived from the use and operation of the Hyland Experience Service, including without limitation, the number of records in the Hyland Experience Service, the number and types of transactions, configurations, and reports processed as part of the Hyland Experience Service and the performance results of the Hyland Experience Service (the “Aggregated Data”).
- Hyland may utilize the Account Information and Aggregated Data for purposes of operating Hyland’s business. For clarity, Account Information and Aggregated Data does not include Customer Data.
- Audit and Security Testing.
- Monitoring its compliance with its information security program. This includes periodic internal reviews. Results are shared with Hyland leadership and deviations tracked through to remediation.
- Maintaining a periodic external audit program. Completed attestations, such as available SOC 2 reports, are provided to Customer upon written request.
- Customer may conduct audits of Hyland’s operations that participate in the ongoing delivery and support of the Hyland Experience Service purchased by Customer on an annual basis; provided Customer provides Hyland written notice of its desire to conduct such audit and the following criteria are met: (a) Hyland and Customer mutually agree upon the timing, scope, and criteria of such audit, which may include the completion of questionnaires supplied by Customer and guided review of policies, practices, procedures, Hyland Experience Service configurations, invoices, or application logs, and (b) Customer agrees to pay Hyland fees (at Hyland’s standard rates) for the Professional Services that are required or requested of Hyland in connection with such audit. Prior to any such audit, any third party engaged by Customer to assist with such audit, must be cleared by Hyland and enter into a Non-Disclosure Agreement directly with Hyland. If any documentation requested by Customer cannot be removed from Hyland’s facilities as a result of physical limitations or policy restrictions, Hyland will allow Customer’s auditors access to such documentation at Hyland’s corporate headquarters in Ohio and may prohibit any type of copying or the taking of screen shots. Where necessary, Hyland will provide private and reasonable accommodation at Hyland’s corporate headquarters in Ohio for data analysis and meetings. Upon reasonable notice, Hyland and Customer mutually agree to make necessary employees or contractors available for interviews in person or on the phone during such audit at Customer’s cost and expense. Customer is prohibited from distributing or publishing the results of such audit to any third party without Hyland’s prior written approval.
- Customer may conduct penetration testing against the public URL used to access the Hyland Experience Service on an annual basis; provided Customer provides Hyland with written notice of its desire to conduct such testing and the following criteria are met: (a) Hyland and Customer mutually agree upon the timing, scope, and criteria of such testing, which may include common social engineering, application, and network testing techniques used to identify or exploit common vulnerabilities including buffer overflows, cross site scripting, SQL injection, and man in the middle attacks, and (b) such testing is at Customer’s cost and expense and Customer pays to Hyland fees (at Hyland’s standard rates) for the Professional Services that are required or requested of Hyland in connection with such testing. Prior to any such testing, any third party engaged by Customer to assist with such testing, must be cleared by Hyland and enter into a Non-Disclosure Agreement directly with Hyland. Customer acknowledges and agrees that any such testing performed without mutual agreement regarding timing, scope, and criteria may be considered a hostile attack, which may trigger automated and manual responses, including reporting the activity to local and federal law enforcement agencies as well as immediate suspension of Customer’s access to or use of the Hyland Experience Service. Customer is prohibited from distributing or publishing the results of such penetration testing to any third party without Hyland’s prior written approval.
Hyland Experience Service Levels
Effective April 19th 2024
DownloadTable of Contents
Hyland Experience Service Levels
Service Level Agreements (“SLA”) described in this document pertain to the availability of Hyland Experience. This document does not address Support Services.
Service Level Definitions
“Downtime” is calculated as the aggregate time (in minutes) each calendar month, as confirmed by Hyland following written notice from the Customer, that Hyland Experience is Unavailable (as defined below). The length of Downtime will be measured from the time an incident occurs, as confirmed by Hyland, until the time when Hyland confirms that the failure condition(s) reported are no longer present. Downtime does not include any failure conditions which occur due to an Exclusion Event (see below).
“Exclusion Event” means any of the following occurrences:
- System maintenance, whether such maintenance is scheduled (e.g., for upgrading of the Service or its components or for any other scheduled purpose) or unscheduled (due to emergency) which results in the Service being unavailable or inaccessible to Customer.
- Failure of a customer’s or user’s equipment or facilities.
- Acts or omissions of a customer or its user, including but not limited to (a) performance or non-performance of any services by a third party (other than Hyland) contracted by the customer to provide services to the customer or its users related to Hyland Experience, (b) any failure that is not due to fault of Hyland or Hyland’s contracted third-party service provider, (c) failure of any code or configurations managed or written by the customer or any third-party vendor to the customer, or (d) any unauthorized use or access by the customer or any of its users;
- The occurrence of a force majeure event.
- Internet failure or congestion.
- Failure of equipment or systems not within Hyland Experience, or of equipment or systems not provided, or not under the control or direction of Hyland including equipment or systems Hyland may obtain or contract for at the request of the customer; or
- Failures or other failures caused directly or indirectly by known or unknown computer viruses, worms or other malicious programs (assuming Hyland has not breached any of its obligations here or in the applicable agreement relating to virus protection protocols).
“Failover Notice” is a notification made by Hyland to the Customer (which may be made by electronic communication via e-mail or the Community portal) indicating that Hyland is initiating an AWS (Amazon Web Services) Region failover.
“Monthly Fees” is the portion of the recurring fees for Hyland Experience attributable to the month in which the applicable performance deficiency occurs, excluding any taxes, one-time fees, third party fees, travel or expense, professional services or similar additional fees. E.g., if fees are charged annually, the Monthly Fee equals the annual fees divided by 12, subject to the same exclusions above.
Monthly Uptime Percentage. is calculated as the total number of minutes in a calendar month, minus the number of minutes of Downtime (as defined above) in such month, divided by the total number of minutes in such month.
“Recovery Point” means the minimum number of hours (prior to the time Hyland provides a Failover Notice) that the customer’s data must have been stored within Hyland Experience to qualify as eligible data. Customer Data is deemed “eligible” if Hyland confirms it has been stored within the Hyland Cloud Service for a number of hours (prior to the time Hyland provides a Failover Notice) that exceeds the applicable Recovery Point Objective defined in Table 2 below.
“Recovery Time” means the number of hours from the time the required Failover Notice is delivered to the time Hyland Experience has been Restored (excluding any time during that period if/when an Exclusion Event affects both the current primary and secondary data centers).
“Restoration” occurs once access to Hyland Experience has been restored such that:
(1) eligible Customer Data can be retrieved; and
(2) new Customer Data can be input.
“Unavailability” or “Unavailable” refers to a state when Hyland Experience is either unresponsive or responds with an error, thereby preventing access. For clarification: if certain features or functions within Hyland Experience are unavailable while other features remain accessible, this will not be considered “Unavailability,” so long as the unavailable features or functions do not, when combined, significantly hinder the Customer’s use of Hyland Experience.
Service Level Commitments
Table 1: Monthly Uptime Percentages
STANDARD | |
Monthly Uptime Percentage | 99.5% |
Applicable Credit | 10% of the Monthly Fee |
Table 2: Business Continuity
STANDARD | |
Recovery Point Objective (RPO) | 24 Hours |
Applicable Credit | 25% of the Monthly Fee |
Recovery Time Objective (RTO) | 8 Hours |
Applicable Credit | 25% of the Monthly Fee |
Service Level Commitment Terms
Monthly Uptime Percentage. Hyland will meet the Monthly Uptime, as identified in Table 1 above, during each calendar month.
Business Continuity. Hyland shall provide business continuity redundancy via AWS Availability Zones. Hyland Experience does not use multiple AWS Regions. If Hyland delivers a Restoration Notice to Customer, Hyland shall restore Hyland Experience within the applicable Recovery Time Objective set forth in Table 2 above (except to the extent caused or prevented by an Exclusion Event).
Downtime Report. Following the occurrence of a Downtime event, upon request by the customer, Hyland shall provide a report which will include, as applicable, a detailed description of the incident, start and end times of the incident, duration of the incident, business/functional impact of the incident, description of remediation efforts taken, and a description of outstanding issues or tasks relating to the incident.
Exclusive Remedies Terms
Monthly Uptime Percentage. In the event the Monthly Uptime Percentage during any calendar month is less than the applicable Monthly Uptime Percentage set forth in the Table 1 above, the customer shall receive the applicable credit against the fees specified in Table 1 above, provided Customer submitted a technical support request within twenty-four hours of such Downtime.
Maximum Service Level Credit. Notwithstanding anything to the contrary, customers are only entitled to a maximum of one service level credit for all events occurring in a particular calendar month. If available, Customer shall be entitled to only the largest service level credit which may be payable for one or more of the service level failures occurring in such calendar month.
Application of Service Level Credits. Service level credits will be applied first to any outstanding amounts which are due and owing from Customer, and then to future fees.
Termination Remedy. If Customer earns a service level credit either: (a) in two consecutive calendar months, or (b) in three calendar months during any six consecutive month period; then the customer may, by written notice to Hyland delivered within thirty days after the last credit described in either clause or (a) or (b) above is earned, terminate the subscription to Hyland Experience.
Exclusivity. The remedies set forth above constitute the sole and exclusive remedies available to a customer for any failure to meet the service level commitments set forth in this document.
System Maintenance
For the purposes of the Service Level Commitment, Scheduled Maintenance is defined as:
Hyland Scheduled Maintenance Windows. Modifications or repairs to shared infrastructure or platform patching and upgrades that are expected to impact or potentially impact Hyland Experience availability is currently restricted to within the hours of 12 AM to 2 AM, based on the time zone of the impacted AWS Region. Hyland expects that scheduled system maintenance will not exceed 16 hours per month.
Hyland will notify Customer of scheduled system maintenance expected to impact system availability or functionality through the status page (currently, https://status.experience.hyland.com) or through direct communication. Customers must subscribe to the status page to receive notifications. Hyland will use reasonable efforts to notify Customer of unscheduled system maintenance that is expected to impact or potentially impact system availability or functionality. Such notifications will typically be sent at least 24 hours in advance, but to the extent Hyland determines that such maintenance is required sooner due to a security or availability concern (e.g., emergency maintenance is required by Hyland), Hyland will use reasonable efforts to send such notice no less than 2 hours prior to the specified start time.
Effective March 30th 2021 to April 19th 2024
DownloadTable of Contents
- System Maintenance (see “System Maintenance” below);
- failure of Customer’s equipment or facilities;
- acts or omissions of Customer, including but not limited to (a) performance or non-performance of any services by a third party (other than Hyland) contracted by Customer to provide services to Customer related to the Service, (b) any failure that Customer mutually agrees is not due to fault of Hyland or Hyland’s contracted third party service provider, or (c) failure of any code or configurations managed or written by Customer or any third party vendor to Customer;
- the occurrence of a force majeure event (as described in the Agreement);
- Internet failure or congestion;
- Use of the Service by Customer in violation of the Acceptable Use Policy; or Use of the Service by Customer after Hyland has advised Customer to modify its use of the Service, if Customer did not modify its use as advised;
- provided that Hyland has fulfilled its obligations under the Agreement, Service Unavailability or other failures caused directly or indirectly by known or unknown computer viruses, worms or other malicious programs;
- During beta or trial periods as reasonably determined by Hyland.
Service Classes | Silver |
Monthly Uptime Percentage | 99% |
Applicable Credit Determinations | Less than 99% 15% of the Monthly Fees for the Hyland Cloud Service for the calendar month in which the downtime began |
Data Processing Addendum - Brazil
Effective April 29th 2021
DownloadTable of Contents
- DEFINITIONS
- “Controller”, “Processor”, “Processing”, and “National Authority” have the same meanings as in Article 5 of the LGPD.
- “Data Subject” means the subject of Personal Data.
- “Hyland” means Hyland Software, Inc. on behalf of itself and its affiliates. The term affiliates shall be deemed to include any parent company, subsidiary, affiliate of, or entity controlled by (including beneficial control), controlling or under common control with Hyland Software, Inc.
- “Personal Data” means any information received by Service Provider from, or received or created on behalf of, Hyland relating to an identified or identifiable natural person located in Brazil. An “identifiable natural person” is one who can be identified, directly or indirectly, in particular, by reference to an identification number, location data, an online identifier or to one or more factors specific to the physical, psychological, genetic, mental, economic, cultural or social identity of the natural person.
- “Personal Data Breach” means breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, Personal Data transmitted, stored or otherwise Processed when that Personal Data is in the possession of Service Provider or its agents or subcontractors.
- “Required By Law” means that a statute, regulation, court order, or legal process, enforceable in a court of law, mandates the conduct.
- “Sensitive Personal Data” shall have the meaning given to it under Article 5 of the LGPD and also includes information about criminal history.
- “Sub-processor” means an entity that processes Personal Data at the request of Service Provider.
- SERVICE PROVIDER’S PROCESSING OF PERSONAL DATA
- Nature and Purpose of Processing of Personal Data. Service Provider agrees to Process Personal Data solely in accordance with Appendix A.
- Duration of Processing. Service Provider shall Process Personal Data only during the term of the Service Agreement.
- Violation Of Data Protection Law. Service Provider will immediately notify Hyland if Service Provider becomes aware that Service Provider’s compliance with a term or condition of this Addendum has violated, violates, or will violate Service Provider’s or Hyland’s obligations under applicable law.
- Disclosures of Personal Data. Service Provider may not disclose Personal Data to third parties unless the disclosure is (1) Required By Law, or (2) with the prior written consent of Hyland. Before disclosing Personal Data as Required By Law, Service Provider will immediately notify Hyland in writing of such required disclosure and will provide Hyland a reasonable opportunity to object to the request before Service Provider produces any Personal Data in response. Upon request, Service Provider will provide Hyland a copy of any Personal Data disclosed to a third party as Required by Law.
- Cross-Border Data Transfers. Service Provider will not transfer Personal Data outside of Brazil unless (1) Hyland has provided prior written permission for the transfer, and (2) in addition to the other requirements set forth in this Addendum, Service Provider ensures an adequate level of protection in accordance with the LGPD or the transfer falls under a derogation in accordance with the LGPD.
- SERVICE PROVIDER’S SAFEGUARDS FOR PERSONAL DATA
- Confidentiality Of Personal Data. Service Provider will maintain the confidentiality of all Personal Data. Service Provider has required employees responsible for Processing Personal Data to sign a confidentiality agreement prohibiting the disclosure of Personal Data Processed for Hyland to any third party except as permitted by this Addendum or as Required By Law.
- Physical, Technical And Organizational Safeguards. Service Provider shall maintain a comprehensive written information privacy and security program that includes reasonable and appropriate measures to protect against reasonably foreseeable risks to the security, confidentiality, integrity and resilience of Personal Data, which risks could result in the unauthorized disclosure, use, alteration, destruction or other compromise of the Personal Data, including a Personal Data Breach. Such program shall comply with the LGPD concerning the protection of Personal Data and shall include the measures set forth in the Services Agreement and such measures shall not be materially reduced during the Term of the Services Agreement. Service Provider will regularly monitor, test, and update its information security program. Service Provider shall also maintain in accordance with good industry practice, measures to protect Personal Data from interception such as: (i) network protections intended to deny attackers the ability to intercept or access Personal Data; and (ii) anonymization or other measures to deny attackers the ability to read intelligible Personal Data, including encryption in transit between Service Provider and any third party, as permitted by this Agreement. Service Provider will provide Hyland with such information concerning its information security program as Hyland may reasonably request from time to time.
- Reporting Personal Data Breaches. Service Provider shall report to Hyland any Personal Data Breach of which it becomes aware. Service Provider will make such report within 24 hours of Service Provider’s becoming aware of the incident and such report shall include, at a minimum subject to the availability of necessary information, the following: (1) a description of the incident; (2) the date that the incident occurred; (3) the date that Service Provider became aware of the incident; (4) the identity and last known mailing address of each affected Data Subject; (5) the approximate number of affected Personal Data records involved; (6) the affected categories of Personal Data, including Sensitive Personal Data, if any, for each affected Data Subject that was affected; (7) the approximate number of Data Subjects affected; (8) an identification of any law enforcement agency or National Authority that has been contacted about the incident and contact information for the relevant official; (9) a description of the steps that have been, or will be, taken to mitigate the incident; (10) a description of the steps that have been, or will be, taken to prevent a recurrence; (11) the likely consequences of the Personal Data Breach; and (12) contact information for the person at Service Provider principally responsible for responding to the Personal Data Breach.
- Service Provider will update the written report periodically as new information becomes available. All reports required by this provision shall be made to: Hyland Legal Department, Attn: Person In Charge, 28500 Clemens Rd. Westlake, Ohio 44145, 440-788-5000, brazilprivacy@hyland.com, or such other person that Hyland may designate from time to time in writing to Service Provider without amending this Addendum. Service Provider acknowledges that its determination that a particular set of circumstances constitutes a Personal Data Breach shall not be binding on Hyland.
- Mitigation Of Damages By Service Provider And Cooperation in Investigation. Service Provider agrees to take, at its own expense, measures reasonably necessary to mitigate any harmful effect of a Personal Data Breach. Service Provider agrees to cooperate, at its own expense, with Hyland in its investigation of any Personal Data Breach. Service Provider will reimburse Hyland for all imputed and out-of-pocket costs reasonably incurred by Hyland in connection with the Personal Data Breach, including, but not limited to, costs related to provision of notices to affected Data Subjects and to any services offered to affected Data Subjects.
- Notifications Related To A Personal Data Breach. Service Provider acknowledges that Hyland shall determine (1) whether and when to notify any National Authority and which National Authority to notify; (2) who will provide notice to Data Subjects with respect to any Personal Data Breach; (3) the content of any such notice(s); (4) the timing for, and method of, delivery of any such notice(s); and (5) the products or services, if any, to be offered to affected Data Subjects. Service Provider shall not disclose the fact that a Personal Data Breach has occurred, or any details related to a Personal Data Breach to any third party without Hyland’s written consent, unless otherwise Required By Law.
- SERVICE PROVIDER’S ASSISTANCE WITH AUDITS AND REQUESTS FROM DATA SUBJECTS
- Information Technology Audits. Service Provider will permit Hyland, directly or through a contractor, to conduct audits of the information technology and information security controls to ensure that: (i) Service Provider is in compliance with this Addendum; and (ii) Service Provider provides the appropriate level of security for the Personal Data.
- Requests For Impact Assessment Information. Service Provider shall promptly provide the information requested by Hyland to assist in conducting a data protection impact assessment pursuant to the LGPD.
- Requests Directed to Service Provider. Service Provider agrees to assist Hyland in responding to a request from a Data Subject to exercise any of his/her rights as provided for under the LGPD. In the event a Data Subject submits such a request with respect to the Data Subject’s Personal Data, Service Provider agrees to comply with the request within five (5) business days of receiving the request from Hyland. Service Provider will immediately provide Hyland with any requests concerning Personal Data that are sent directly to Service Provider from parties other than Hyland.
- SERVICE PROVIDER’S SUB-PROCESSORS
- Consent To Processing By Sub-Processors. Service Provider will not disclose Personal Data to any sub-processor without Hyland’s prior written consent. In the event that Hyland consents to Service Provider’s disclosure of Personal Data to a sub-processor, Service Provider shall remain responsible for, and remain liable to, Hyland for, the acts and omissions of such sub-processor as if they were Service Provider’s own acts and omissions.
- Sub-processors’ Physical, Technical And Administrative Safeguards: Service Provider shall obtain reasonable assurances, in writing, from any sub-processor to whom Service Provider discloses Personal Data. Such assurances shall include at least the following: that the sub-processor (1) will comply with substantially the same restrictions and conditions on Processing of Personal Data that this Addendum imposes on Service Provider, including the restrictions on cross-border data transfers; (2) will implement reasonable and appropriate physical, technical and organizational safeguards to protect Personal Data in compliance with the LGPD; and (3) will notify Service Provider within 24 hours of becoming aware of any Personal Data Breach involving Personal Data.
- SERVICE PROVIDER’S OBLIGATIONS UPON TERMINATION OF THE SERVICE AGREEMENT
- Return Or Destruction Of Personal Data. Upon Hyland's written instruction, Service Provider shall return or destroy Personal Data. If Hyland directs Service Provider to destroy the Personal Data, Service Provider shall do so in a manner reasonably intended to prevent recovery of the Personal Data and shall certify to the same in writing.
- Service Provider’s Retention Of Personal Data. If local law requires Service Provider to retain a copy of any Personal Data, then Service Provider shall (1) notify Hyland of such requirement, (2) extend the protections of this Addendum to the retained Personal Data and (3) limit further Processing of the retained Personal Data to those purposes Required By Law for as long as Service Provider maintains the Personal Data.
- Survival. Service Provider’s obligations and duties under this Addendum with respect to Personal Data shall survive the termination of the Service Agreement and of this Addendum and shall continue for as long as the Personal Data remains in the possession of Service Provider or of its sub-processors.
- MISCELLANEOUS TERMS
- Indemnification. Service Provider shall defend and indemnify Data Processor, its parent and subsidiary corporations, officers, directors, employees and agents for any and all claims, charges, inquiries, investigations, costs, reasonable attorneys’ fees, monetary penalties, and damages incurred by Hyland and/or its parent or subsidiary corporations, officers, directors, employees and agents resulting from (1) any Processing of Personal Data not permitted by the Services Agreement including this Addendum, (2) any Personal Data Breach involving Personal Data in the possession, custody or control of Service Provider or its sub-processors, in the event such Personal Data Breach results in the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, Personal Data.
- Indemnification Process. The foregoing indemnification obligations are conditioned upon Hyland: (1) notifying Service Provider promptly in writing of any claim, charge, inquiry, or investigation as described in Section 7.1 above; (2) reasonably cooperating and assisting in defense of such claim, charge, inquiry, or investigation; and (3) giving sole control of the defense and any related settlement negotiations to Service Provider with the understanding that Service Provider may not settle any claim in a manner that admits guilt or otherwise prejudices Hyland, without Hyland’s consent.
- Construction. This Addendum supersedes any inconsistent provisions in the Services Agreement and/or other existing agreements between the Hyland and Service Provider with respect to Service Provider’s obligation to safeguard Personal Data.
Subject Matter and During of the Processing | The subject matter of the Processing is Service Providers provision of Services under the Services Agreement. The duration of the Processing is the term of the Services Agreement, and any exit period, if applicable. |
Nature and Purpose of the Processing | The purpose of the Processing is to provide the Services as set forth in the Services Agreement. The nature of the Processing may include, but is not limited to, collection, recording, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction. |
Type of Personal Data Processed | The Personal Data transferred may concern the following categories of data subjects: Employees - Past, potential, present and future staff of Hyland (including job candidates, volunteers, agents, independent contractors, interns, temporary and casual workers). Vendors - Past, present and potential advisors, consultants, vendors, contractors, subcontractors and other professionals engaged by Hyland and related staff. Website visitors – Individuals who visit any Hyland owned or operated website. Hyland Customers or End Users (collectively, “Customers”) – (a) Past, present and potential Customers of Hyland, and (b) data subjects whose Personal Data is uploaded or provided by Customers to Hyland during use of Hyland’s services or products. |
Categories of Personal Data Processed | The Personal Data transferred may concern the following categories: Employees Identification data: civil/marital status; first and last name; photograph; date and place of birth; nationality; corporate identifier; gender. Contact details: address; telephone number (fixed and mobile); email address; fax number; emergency contact information. Employment details: job title; company name; grade, occupation code; geographic location; employee performance and evaluation data; employee discipline information; information regarding previous roles and employment; employee benefits information such as election decisions, leave requests, authorization/declination, health insurance company. National identifiers: national ID/passport number; tax ID; government identification number; driver's license, visa or immigration status. Academic and professional qualifications: degrees; titles; skills; language proficiency; training information; employment history; CV/résumé. Financial data: bank account number; IBAN number; bank details including bank name, bank code, sort code; salary and compensation data; bonuses; pension qualification information; payroll data; tax class; tax office name. IT related data: computer ID; user ID and password; domain name; IP address; log files; software and hardware inventory; software usage pattern tracking information (i.e., cookies and information recorded for operation and training purposes). Lifestyle: hobbies; social activities; holiday preferences. Vendors Identification data: first and last name; date of birth; place of birth; nationality; photograph; vendor ID. Contact details: address; professional email address; professional telephone number (including mobile telephone number). Professional details: job title; employer; academic and professional qualifications; data related to transactions involving goods and services. National identifiers: tax ID; government identification number. Financial data: bank account number; bank details. Website visitors IT-related data: unique device identifiers, dynamic and static Internet Protocol addresses, as well as other information, such as browser characteristics, language preferences, operating system details, referring URLs, length of visits, and pages viewed. Customers, potential Customers and/or their staff, each as applicable Contact information (including name, physical address, e-mail and telephone numbers); Employer; Job title; Login credentials; Account profile, including interests and photograph; Applications for Hyland’s educational opportunities, including name, contact information, references, programming experience, and application essays; Dietary preferences and restrictions; Order information for trainings courses; Training records including courses taken, certifications completed, and scores and grades; Questions, feedback, comments and other postings, including through https://community.hyland.com; Other information the Customer chooses to provide; Information provided by third parties: data relating to the Customer, potential Customer or staff having clicked on a Hyland advertisement posted on a third party website; Information provided by third parties, where a Customer attends a Hyland event sponsored by a third party: including name, e-mail address, and phone number; Versions of Hyland Group company software used and how the software is being used (what functions, how often etc.); bank account number; bank details; credit card details; purchasing history; return history; cancellation history; and Personal Data submitted by a Customer in the course of the Customer's use of Hyland's Services or during the performance of Services under the Service Agreement. |
Categories of Sensitive Personal Data Processed | No collection of any sensitive data by a Service Provider is anticipated other than employee data required to provide Services in connection with valid employment purposes or to the extent required by applicable law. Such collection will only concern limited sensitive data, for example, health-related information for the purpose of managing employee absences, or disabilities in order to provide access to our premises. |
Data Processing Addendum - GDPR
Effective April 29th 2021
DownloadTable of Contents
- “Controller”, “Processor”, “Processing”, and “Supervisory Authority” have the same meanings as in Article 4 of the GDPR.
- “Data Subject” means the subject of Personal Data.
- "Data Protection Law" means: (i) EU Regulation 2016/679 (General Data Protection Regulation) (the "GDPR"); (ii) EU Directive 2002/58/EC (the "ePrivacy Directive"); (iii) after European Union law no longer applies in the United Kingdom, the data protection laws of the relevant territories of the United Kingdom; and (iv) any and all applicable national data protection laws made under or pursuant to (i), (ii) or (iii), in each case as may be amended or superseded from time to time.
- “EU Model Clauses” means standard contractual clauses adopted or approved by the European Commission for transfers under the GDPR (and if more than one set of such clauses may apply to a transfer, the most recent such set).
- “Hyland” means Hyland Software, Inc. on behalf of itself and its affiliates. The term affiliates shall be deemed to include any parent company, subsidiary, affiliate of, or entity controlled by (including beneficial control), controlling or under common control with Hyland.
- “Personal Data” means any information received by Service Provider from, or received or created on behalf of, Hyland relating to an identified or identifiable natural person located in the European Economic Area, the UK or Switzerland. An “identifiable natural person” is one who can be identified, directly or indirectly, in particular, by reference to an identification number, location data, an online identifier or to one or more factors specific to the physical, psychological, genetic, mental, economic, cultural or social identity of the natural person.
- “Personal Data Breach” means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, Personal Data transmitted, stored or otherwise Processed when that Personal Data is in the possession of Service Provider or its agents or subcontractors.
- “Required By Law” means that a statute, regulation, court order, or legal process, enforceable in a court of law, mandates the conduct.
- “Sensitive Personal Data” means Personal Data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, data concerning health, sex life, or sexual orientation, genetic data and biometric data when Processed for the purpose of uniquely identifying a natural person, and also includes information about criminal history.
- “Sub-processor” means an entity that processes Personal Data at the request of Service Provider.
- SERVICE PROVIDER’S PROCESSING OF PERSONAL DATA
- Nature and Purpose of Processing of Personal Data. Service Provider agrees to Process Personal Data solely in accordance with Appendix A.
- Duration of Processing. Service Provider shall Process Personal Data only during the term of the Services Agreement.
- Violation Of Data Protection Law. Service Provider will immediately notify Hyland if Service Provider becomes aware that Service Provider’s compliance with a term or condition of this DPA has violated, violates, or will violate Service Provider’s or Hyland’s obligations under applicable law.
- CROSS-BORDER DATA TRANSFERS
- Service Provider will not transfer Personal Data outside of the European Economic Area, which term shall include the United Kingdom (“EEA”) (but only for so long as transmission of personal data from the EEA to the United Kingdom is not considered as a transfer to a third country under European Union law), unless it has taken such measures as are necessary to ensure the transfer is in compliance with Data Protection Law. Such measures may include (without limitation) transfers to any country or territory and/or sector that is at the time subject to a current finding by the European Commission of adequate protection, to a recipient that has achieved binding corporate rules authorization in accordance with Data Protection Law, or under any derogation permitted by Data Protection Law.
- To the extent that Service Provider transfers Personal Data outside the EEA in connection with the Services provided under the Services Agreement, and such transfer is not covered by any measure set forth in Section 3.1, the relevant transfer shall be governed by the appropriate EU Model Clauses, with the data importer being the Service Provider or other approved Sub-Processor and, as appropriate:
- the data exporter being Hyland and the governing law being that of where the applicable Hyland entity is established;
- the data exporter being the applicable Hyland customer and the governing law being that of where the applicable customer is located;
- Sections 3.1 and 3.2 shall apply equally to any transfers made from the United Kingdom to a recipient outside the United Kingdom in a territory and/or sector that has not been designated under Data Protection Laws as ensuring an adequate level of protection, with references in those clauses to EU Model Clauses being read as references to standard data protection clauses specified under Data Protection Laws as providing appropriate safeguards for transfers, and such clauses shall be deemed completed with the information stated in Sections 3.1 and 3.2 mutatis mutandis as appropriate.
- Where Personal Data originating in Switzerland is Processed by Service Provider (including a Sub-processor) outside Switzerland in a territory and sector that has not been designated as ensuring an adequate level of protection pursuant to Swiss laws Sections 3.1 and 3.2 shall apply mutatis mutandis but with the amendments stated in the Addendum hereto.
- SERVICE PROVIDER’S SAFEGUARDS FOR PERSONAL DATA
- Confidentiality Of Personal Data. Service Provider will maintain the confidentiality of all Personal Data. Service Provider will require employees responsible for Processing Personal Data to sign a confidentiality agreement prohibiting the disclosure of Personal Data to any third party except as permitted by this DPA or as Required By Law.
- Physical, Technical And Organizational Safeguards. Service Provider shall maintain a comprehensive written information privacy and security program that includes reasonable and appropriate measures to protect against reasonably foreseeable risks to the security, confidentiality, integrity and resilience of Personal Data, which risks could result in the unauthorized disclosure, use, alteration, destruction or other compromise of the Personal Data, including a Personal Data Breach. Such program shall comply with Article 32 of the GDPR and local laws concerning the protection of Personal Data and shall include the measures set forth in the Services Agreement and such measures shall not be materially reduced during the Term of the Services Agreement. Service Provider will regularly monitor, test, and update its information security program. Service Provider shall also maintain in accordance with good industry practice, measures to protect Personal Data from interception such as: (i) network protections intended to deny attackers the ability to intercept or access Personal Data; and (ii) anonymization or other measures to deny attackers the ability to read intelligible Personal Data, including encryption in transit between Service Provider and any third party, as permitted by this Agreement. Service Provider will provide Hyland with such information concerning its information security program as Hyland may reasonably request from time to time.
- Reporting Personal Data Breaches. Service Provider shall report to Hyland any Personal Data Breach of which it becomes aware. Service Provider will make such report orally to Hyland within 24 hours of Service Provider’s becoming aware of the incident followed by a report in writing (e-mail is acceptable) within 24 hours of the initial oral report. The written report shall include, at a minimum subject to the availability of necessary information, the following: (1) a description of the incident; (2) the date that the incident occurred; (3) the date that Service Provider became aware of the incident; (4) the identity and last known mailing address of each affected Data Subject; (5) the approximate number of affected Personal Data records involved; (6) the affected categories of Personal Data, including Sensitive Personal Data, if any, for each affected Data Subject that was affected; (7) the approximate number of Data Subjects affected; (8) an identification of any law enforcement agency or Supervisory Authority that has been contacted about the incident and contact information for the relevant official; (9) a description of the steps that have been, or will be, taken to mitigate the incident; (10) a description of the steps that have been, or will be, taken to prevent a recurrence; (11) the likely consequences of the Personal Data Breach; and (12) contact information for the person at Service Provider principally responsible for responding to the Personal Data Breach.
- Service Provider will update the written report periodically as new information becomes available. All reports required by this provision shall be made to: Hyland Legal Department, Attn: Privacy Officer, 28500 Clemens Rd. Westlake, Ohio 44145, 440-788-5000, privacy@hyland.com. Service Provider acknowledges that its determination that a particular set of circumstances constitutes a Personal Data Breach shall not be binding on Hyland.
- Mitigation Of Damages By Service Provider And Cooperation in Investigation. Service Provider agrees to take, at its own expense, measures reasonably necessary to mitigate any harmful effect of a Personal Data Breach. Service Provider agrees to cooperate, at its own expense, with Hyland in its investigation of any Personal Data Breach. Service Provider will reimburse Hyland for all imputed and out-of-pocket costs reasonably incurred by Hyland in connection with the Personal Data Breach, including, but not limited to, costs related to provision of notices to affected Data Subjects and to any services offered to affected Data Subjects.
- Notifications Related To A Personal Data Breach. Service Provider acknowledges that Hyland shall determine (1) whether and when to notify any Controller (if applicable) or Supervisory Authority and which Supervisory Authority to notify; (2) who will provide notice to Data Subjects with respect to any Personal Data Breach; (3) the content of any such notice(s); (4) the timing for, and method of, delivery of any such notice(s); and (5) the products or services, if any, to be offered to affected Data Subjects. Service Provider shall not disclose the fact that a Personal Data Breach has occurred or any details related to a Personal Data Breach to any third party without Hyland’s written consent, unless otherwise Required By Law.
- Third Party Access Requests. In the event Service Provider receives a non-compulsory request from any third party, including without limitation, any law enforcement, regulatory, judicial or governmental authority, for disclosure of or access to Personal Data, Service Provider will not disclose or provide such access unless instructed to do so by Hyland. In the event Service Provider receives a compulsory order issued at the request of any third party, including without limitation any law enforcement, regulatory, judicial or governmental authority for disclosure of or access to Personal Data, Service Provider will prior to any disclosure or provision of access:
- promptly notify Hyland of such order, unless prohibited by law, and, if so prohibited from notifying Hyland, seek to obtain the right to waive such prohibition in favor of promptly communicating to Hyland as much information as possible; and
- inform the third party that: (i) Service Provider is a Processor of such transferred Personal Data and that Hyland has not authorised the disclosure of Personal Data to the third party; and (ii) any and all requests or demands for disclosure of or access to such transferred Personal Data should therefore be notified to or served upon Hyland; and
- Only disclose such transferred Personal Data to the extent Service Provider is legally required to do so in accordance with an applicable lawful process, and prior to any such transfer, use reasonable efforts to challenge the scope or validity of any order that Service Provider reasonably believes to be overly broad.
- Service Provider will maintain, in accordance with good industry practice, measures to protect Personal Data from interception such as: (a) network safeguards intended to deny attackers the ability to access Personal Data; and (b) other measures to deny attackers the ability to read intelligible Personal Data, including encryption in transit between Service Provider to Hyland and from Service Provider to any Sub-Processor.
- SERVICE PROVIDER’S ASSISTANCE WITH AUDITS AND DATA SUBJECT REQUESTS
- Availability Of Records Of Processing. Service Provider shall promptly, after a reasonable request from Hyland, make available to Hyland all information necessary to demonstrate the Controller’s compliance with the obligations established by Article 28 of the GDPR.
- Information Technology Audits. Service Provider will permit Hyland, directly or through a contractor, to conduct site audits of the information technology and information security controls for all facilities used to Process Personal Data so that Hyland can ensure that Service Provider provides the appropriate level of security for the Personal Data.
- Requests For Impact Assessment Information. Service Provider shall promptly provide the information requested by Hyland to assist in conducting a data protection impact assessment pursuant to Articles 35 and 36 of the GDPR.
- Requests Directed to Service Provider. Service Provider agrees to assist Hyland in responding to a request from a Data Subject to exercise any of his/her rights as provided for under the GDPR. In the event a Data Subject submits such a request with respect to the Data Subject’s Personal Data, Service Provider agrees to comply with the request within 5 business days of receiving the request from Hyland. Service Provider will immediately provide Hyland with any requests concerning Personal Data that are sent directly to Service Provider from parties other than Hyland.
- SERVICE PROVIDER’S SUB-PROCESSORS
- Consent To Processing By Sub-Processors. Service Provider will not disclose Personal Data to any third party without Hyland’s prior written consent. In the event that Hyland consents to Service Provider’s disclosure of Personal Data to a Sub-processor, Service Provider shall remain responsible for, and remain liable to, Hyland for, the acts and omissions of such Sub-processor as if they were Service Provider’s own acts and omissions.
- Sub-processors’ Physical, Technical And Administrative Safeguards. Service Provider shall obtain reasonable assurances, in writing, from any Sub-processor to whom Service Provider discloses Personal Data. Such assurances shall include at least the following: that the sub-processor (1) will comply with substantially the same restrictions and conditions on Processing of Personal Data that this DPA imposes on Service Provider, including the restrictions on cross-border data transfers; (2) will implement reasonable and appropriate physical, technical and organizational safeguards to protect Personal Data in compliance with Article 32 of the GDPR; and (3) will notify Service Provider within 24 hours of becoming aware of any Personal Data Breach involving Personal Data.
- SERVICE PROVIDER’S OBLIGATIONS UPON TERMINATION OF THE SERVICE AGREEMENT
- Return Or Destruction Of Personal Data. Upon Hyland's written instruction, Service Provider shall return or destroy Personal Data. If Hyland directs Service Provider to destroy the Personal Data, Service Provider shall do so in a manner reasonably intended to prevent recovery of the Personal Data and shall certify to the same in writing.
- Service Provider’s Retention Of Personal Data. If local law requires Service Provider to retain a copy of any Personal Data, then Service Provider shall (1) notify Hyland of such requirement, (2) extend the protections of this DPA to the retained Personal Data and (3) limit further Processing of the retained Personal Data to those purposes Required By Law for as long as Service Provider maintains the Personal Data.
- Survival. Service Provider’s obligations and duties under this DPA with respect to Personal Data shall survive the termination of the Services Agreement and of this DPA and shall continue for as long as the Personal Data remains in the possession of Service Provider or of its Sub-processors.
- MISCELLANEOUS TERMS
- Indemnification. Service Provider shall defend and indemnify Hyland, its parent and subsidiary corporations, officers, directors, employees and agents for any and all claims, charges, inquiries, investigations, costs, reasonable attorneys’ fees, monetary penalties, and damages incurred by Hyland and/or its parent or subsidiary corporations, officers, directors, employees and agents resulting from (1) any Processing of Personal Data not permitted by the Services Agreement and this DPA, (2) any Personal Data Breach involving Personal Data in the possession, custody or control of Service Provider or its sub-processors, in the event such Personal Data Breach results in the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, Personal Data.
- Indemnification Process. The foregoing indemnification obligations are conditioned upon Hyland: (1) notifying Service Provider promptly in writing of any claim, charge, inquiry, or investigation as described in Section VII.A above; (2) reasonably cooperating and assisting in defense of such claim, charge, inquiry, or investigation; and (3) giving sole control of the defense and any related settlement negotiations to Service Provider with the understanding that Service Provider may not settle any claim in a manner that admits guilt or otherwise prejudices Hyland, without Hyland’s consent.
- Construction. This DPA supersedes any inconsistent provisions in the Services Agreement and/or other existing agreements between the Hyland and Service Provider with respect to Service Provider’s obligation to safeguard Personal Data.
Subject Matter and During of the Processing | The subject matter of the Processing is Service Providers provision of Services under the Services Agreement. The duration of the Processing is the term of the Services Agreement, and any exit period, if applicable. |
Nature and Purpose of the Processing | The purpose of the Processing is to provide the Services as set forth in the Services Agreement. The nature of the Processing may include, but is not limited to, collection, recording, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction. |
Type of Personal Data Processed | The Personal Data transferred may concern the following categories of data subjects: Employees - Past, potential, present and future staff of Hyland (including job candidates, volunteers, agents, independent contractors, interns, temporary and casual workers). Vendors - Past, present and potential advisors, consultants, vendors, contractors, subcontractors and other professionals engaged by Hyland and related staff. Website visitors – Individuals who visit any Hyland owned or operated website. Hyland Customers or End Users (collectively, “Customers”) – (a) Past, present and potential Customers of Hyland, and (b) data subjects whose Personal Data is uploaded or provided by Customers to Hyland during use of Hyland’s services or products. |
Categories of Personal Data Processed | The Personal Data transferred may concern the following categories: Employees Identification data: civil/marital status; first and last name; photograph; date and place of birth; nationality; corporate identifier; gender. Contact details: address; telephone number (fixed and mobile); email address; fax number; emergency contact information. Employment details: job title; company name; grade, occupation code; geographic location; employee performance and evaluation data; employee discipline information; information regarding previous roles and employment; employee benefits information such as election decisions, leave requests, authorization/declination, health insurance company. National identifiers: national ID/passport number; tax ID; government identification number; driver's license, visa or immigration status. Academic and professional qualifications: degrees; titles; skills; language proficiency; training information; employment history; CV/résumé. Financial data: bank account number; IBAN number; bank details including bank name, bank code, sort code; salary and compensation data; bonuses; pension qualification information; payroll data; tax class; tax office name. IT related data: computer ID; user ID and password; domain name; IP address; log files; software and hardware inventory; software usage pattern tracking information (i.e., cookies and information recorded for operation and training purposes). Lifestyle: hobbies; social activities; holiday preferences. Vendors Identification data: first and last name; date of birth; place of birth; nationality; photograph; vendor ID. Contact details: address; professional email address; professional telephone number (including mobile telephone number). Professional details: job title; employer; academic and professional qualifications; data related to transactions involving goods and services. National identifiers: tax ID; government identification number. Financial data: bank account number; bank details. Website visitors IT-related data: unique device identifiers, dynamic and static Internet Protocol addresses, as well as other information, such as browser characteristics, language preferences, operating system details, referring URLs, length of visits, and pages viewed. Customers, potential Customers and/or their staff, each as applicable Contact information (including name, physical address, e-mail and telephone numbers); Employer; Job title; Login credentials; Account profile, including interests and photograph; Applications for Hyland’s educational opportunities, including name, contact information, references, programming experience, and application essays; Dietary preferences and restrictions; Order information for trainings courses; Training records including courses taken, certifications completed, and scores and grades; Questions, feedback, comments and other postings, including through https://community.hyland.com; Other information the Customer chooses to provide; Information provided by third parties: data relating to the Customer, potential Customer or staff having clicked on a Hyland advertisement posted on a third party website; Information provided by third parties, where a Customer attends a Hyland event sponsored by a third party: including name, e-mail address, and phone number; Versions of Hyland Group company software used and how the software is being used (what functions, how often etc.); bank account number; bank details; credit card details; purchasing history; return history; cancellation history; and Personal Data submitted by a Customer in the course of the Customer's use of Hyland's Services or during the performance of Services under the Service Agreement. |
Categories of Sensitive Personal Data Processed | No collection of any sensitive data by a Service Provider is anticipated other than employee data required to provide Services in connection with valid employment purposes or to the extent required by applicable law. Such collection will only concern limited sensitive data, for example, health-related information for the purpose of managing employee absences, or disabilities in order to provide access to our premises. |
- that the processing, including the transfer itself, of the personal data has been and will continue to be carried out in accordance with the relevant provisions of the applicable data protection law (and, where applicable, has been notified to the relevant Authorities of the country where the data exporter is established) and does not violate the relevant provisions of that country.
Hyland Anti-Bribery/Anti-Corruption Policy and Guide - English
Hyland Anti-Bribery and Anti-Corruption Policy and Guide - Portuguese
Hyland Anti-Bribery and Anti-Corruption Policy and Guide - Spanish
Hyland Anti-Bribery and Anti-Corruption Policy and Guide - German
HIPAA Subcontractor Addendum
Effective April 30th 2021
DownloadTable of Contents
- Except as provided in paragraph (b) of this Section 14, upon termination of the Services Agreement or this Addendum for any reason, Service Provider shall return or destroy all PHI received from Hyland or a Covered Entity, or created or received by Service Provider on behalf of Hyland or a Covered Entity, and shall retain no copies of the PHI. Service Provider will certify that such return or destruction has been completed no later than thirty (30) calendar days following the effective date of termination.
- If it is infeasible for Service Provider to return or destroy the PHI upon termination of the Services Agreement or this Addendum, Service Provider shall: (i) extend the protections of this Addendum to such PHI; and (ii) limit further uses and disclosures of such PHI to those purposes that make the return or destruction infeasible, for so long as Service Provider maintains such PHI.
- Notwithstanding the foregoing, at any time during the term of this Addendum, upon request by Hyland, Service Provider will return or destroy all PHI relating to a particular Covered Entity. Service Provider will certify that such return or destruction has been completed no later than thirty (30) calendar days following Hyland’s request.
Hyland Purchase Order Terms and Conditions
Effective June 6th 2024
DownloadTable of Contents
(ii) as applicable, process such Personal Information pursuant to the following: (i) only process such personal information for the limited purpose of performing its obligations under this Agreement, as may be amended; (ii) not sell (as defined in the CCPA) such Personal Information, and
Effective May 4th 2021 to June 6th 2024
DownloadTable of Contents
(ii) as applicable, process such Personal Information pursuant to the following: (i) only process such personal information for the limited purpose of performing its obligations under this Agreement, as may be amended; (ii) not sell (as defined in the CCPA) such Personal Information, and
Hyland Poland Sp. zoo Purchase Order Terms and Conditions
Effective June 6th 2024
DownloadTable of Contents
HYLAND POLAND SP. Z O.O.
PURCHASE ORDER TERMS AND CONDITIONS
1. Scope and Acceptance. This purchase order (“P.O.”) is a complete and binding agreement between Hyland Poland Sp. z o.o. (“Hyland”) and the supplier identified by Hyland on the face of this P.O. (“Supplier”). This P.O. covers Hyland’s purchase of: (a) software licenses, tangible goods or deliverables in the nature of intellectual property or work products developed specifically for Hyland by Supplier or any subcontractor of Supplier in the performance of services to Hyland (“Goods”); or (b) services (“Services”). This P.O. is effective upon the first to occur of Supplier’s commencement of fulfillment or acceptance in accordance with the terms of an applicable agreement described in Section 2 below.
(b) any and all claims, compensations, inquiries or investigations incurred by an Indemnitee resulting from (1) any use or disclosure or any other processing of Personal Data not permitted by this P.O., (2) any Security Incident involving any Personal Data in the possession, custody or processing of Supplier or its subcontractors or agents; or
(c) any breach of confidentiality obligations under Section 11; or
(d) any failure to comply with applicable laws, rules or regulations by Supplier or its agents, employees or subcontractors.
Revised: 4-22-20
Effective May 5th 2021 to June 6th 2024
DownloadTable of Contents
HYLAND POLAND SP. Z O.O.
PURCHASE ORDER TERMS AND CONDITIONS
1. Scope and Acceptance. This purchase order (“P.O.”) is a complete and binding agreement between Hyland Poland Sp. z o.o. (“Hyland”) and the supplier identified by Hyland on the face of this P.O. (“Supplier”). This P.O. covers Hyland’s purchase of: (a) software licenses, tangible goods or deliverables in the nature of intellectual property or work products developed specifically for Hyland by Supplier or any subcontractor of Supplier in the performance of services to Hyland (“Goods”); or (b) services (“Services”). This P.O. is effective upon the first to occur of Supplier’s commencement of fulfillment or acceptance in accordance with the terms of an applicable agreement described in Section 2 below.
(b) any and all claims, compensations, inquiries or investigations incurred by an Indemnitee resulting from (1) any use or disclosure or any other processing of Personal Data not permitted by this P.O., (2) any Security Incident involving any Personal Data in the possession, custody or processing of Supplier or its subcontractors or agents; or
(c) any breach of confidentiality obligations under Section 11; or
(d) any failure to comply with applicable laws, rules or regulations by Supplier or its agents, employees or subcontractors.
Revised: 4-22-20
Effective May 5th 2021 to May 5th 2021
DownloadTable of Contents
HYLAND POLAND SP. Z O.O.
PURCHASE ORDER TERMS AND CONDITIONS
1. Scope and Acceptance. This purchase order (“P.O.”) is a complete and binding agreement between Hyland Poland Sp. z o.o. (“Hyland”) and the supplier identified by Hyland on the face of this P.O. (“Supplier”). This P.O. covers Hyland’s purchase of: (a) software licenses, tangible goods or deliverables in the nature of intellectual property or work products developed specifically for Hyland by Supplier or any subcontractor of Supplier in the performance of services to Hyland (“Goods”); or (b) services (“Services”). This P.O. is effective upon the first to occur of Supplier’s commencement of fulfillment or acceptance in accordance with the terms of an applicable agreement described in Section 2 below.
(b) any and all claims, compensations, inquiries or investigations incurred by an Indemnitee resulting from (1) any use or disclosure or any other processing of Personal Data not permitted by this P.O., (2) any Security Incident involving any Personal Data in the possession, custody or processing of Supplier or its subcontractors or agents; or
(c) any breach of confidentiality obligations under Section 11; or
(d) any failure to comply with applicable laws, rules or regulations by Supplier or its agents, employees or subcontractors.
Revised: 4-22-20
Software-as-a-Service Schedule
Effective February 18th 2025
DownloadTable of Contents
The initial Service Class purchased by Customer is set forth in the initial Order Form. Hyland may to modify the applicable Service Class Manual from time to time, provided that any modifications will not be effective until the next renewal of Customer's applicable Product Subscription. To the extent Service Class upgrades or downgrades are available related to the Hyland Cloud Service purchase by Customer, Customer may upgrade the Service Class at any time, but any downgrade will not be effective until the beginning of the next renewal of Customer's applicable Product Subscription.
(a) except as otherwise expressly permitted under the terms of the Agreement, Customer will not permit or authorize any third parties (such as persons or legal entities) to use the Hyland Cloud Service
(b) Customer is responsible for all use of and access to the Hyland Cloud Service through Customer and compliance with the Agreement by all Users, including, but not limited to, (i) setting-up log-in accounts/credentials (e.g. user names, passwords, tokens, etc.), (ii) immediately revoking accounts/credentials when a User no longer requires access, and (iii) prohibiting the sharing of log-in accounts/credentials;
(c) Customer has sole responsibility for the accuracy, quality, content and legality of all Customer Data;
(d) Customer shall prohibit unauthorized access to, or use of, the Hyland Cloud Service and shall notify Hyland promptly of any such unauthorized access or use by contacting Customer’s Hyland technical support contact or another contact notified to Customer in writing (which may be via email or posted on Hyland’s secure end user web site (currently www.hyland.com/community)).
(e) Customer understands and agrees: (i) it has an independent duty to comply with any and all laws applicable to it, (ii) its use of the Hyland Cloud Service and compliance with any terms and conditions under the Agreement does not constitute compliance with any law, (iii) it shall make use of available Hyland Cloud Service security features and controls to properly transmit, store, process and provide access to Customer Data and (iv) it shall use the tools and reporting capabilities made available in the Hyland Cloud Service to monitor and confirm Customer Data processing, such as batch processing of electronic documents uploaded to the Hyland Cloud Service.
(g) Customer may give any of its Users the rights to act as a system administrator, through the configuration tools included in the Software for the Hyland Cloud Service. Hyland has no responsibility or obligations in connection with Customer’s internal management or administration of Customer’s Hyland Cloud Service.
Hyland Company | Additional Terms Exhibit |
Hyland Software Brasil Ltda. Hyland Software Germany GmbH | Exhibit A Exhibit B |
Effective February 18th 2025
Download(a) Sofern in den Bestimmungen der Vereinbarung nicht ausdrücklich etwas anderes gestattet ist, wird der Kunde Dritten (wie z. B. natürlichen oder juristischen Personen) die Nutzung des Hyland Cloud-Services nicht gestatten oder genehmigen.
(b) Der Kunde ist für die gesamte Nutzung des und den Zugriff auf den Hyland Cloud-Services durch den Kunden verantwortlich, sowie für die Einhaltung der Vereinbarung durch Benutzer, einschließlich, aber nicht beschränkt auf (i) die Einrichtung von Benutzerkonten/Anmeldeinformationen (z. B. Benutzernamen, Kennwörter, Token usw.) und den sofortigen Entzug von Benutzerkonten/Anmeldeinformationen, wenn der Nutzer den Zugang nicht mehr benötigt, und (ii) die Sicherstellung, dass die Nutzer, Benutzerkonten/Anmeldeinformationen nicht weitergeben.
(c) Der Kunde trägt die alleinige Verantwortung für die Richtigkeit, Qualität, den Inhalt und die Rechtmäßigkeit aller Kundendaten.
(d) Der Kunde ist verpflichtet, den unbefugten Zugriff auf den Hyland Cloud-Service oder dessen Nutzung zu untersagen und Hyland unverzüglich über einen solchen unbefugten Zugriff oder eine unbefugte Nutzung zu informieren, indem er sich an den technischen Supportkontakt des Kunden bei Hyland oder an einen anderen Kontakt wendet, der dem Kunden schriftlich mitgeteilt wurde (dies kann per E-Mail erfolgen oder auf der sicheren Endbenutzer-Website von Hyland (derzeit www.hyland.com/community) veröffentlicht werden).
(e) Der Kunde nimmt zur Kenntnis und erklärt sich damit einverstanden, dass: (i) er die unabhängige Pflicht hat, alle auf ihn anwendbaren Gesetze einzuhalten; (ii) die Nutzung des Hyland Cloud-Services und die Einhaltung der Bestimmungen und Bedingungen der Vereinbarung keine Einhaltung der Gesetze darstellt; (iii) er die verfügbaren Sicherheitsfunktionen und -kontrollen des Hyland Cloud-Services nutzen wird, um Kundendaten ordnungsgemäß zu übertragen, zu speichern, zu verarbeiten und Zugriff darauf zu gewähren; und (iv) er die im Hyland Cloud-Service zur Verfügung gestellten Tools und Berichtsfunktionen nutzen wird, um die Verarbeitung von Kundendaten zu überwachen und zu bestätigen, wie z. B. die Stapelverarbeitung von elektronischen Dokumenten, die in den Hyland Cloud-Service hochgeladen werden.
Effective February 18th 2025
DownloadEl Cliente y los Usuarios solo utilizarán el Servicio en la Nube de Hyland de forma coherente con la Documentación y de conformidad con la AUP y el presente Contrato. El Cliente y sus Usuarios no utilizarán el Servicio en la Nube de Hyland de ninguna manera que no esté expresamente permitida en el Contrato. El Cliente acepta que solo accederá a los Datos del Cliente a través del Servicio en la Nube de Hyland y no permitirán el acceso directo o indirecto al Servicio en la Nube de Hyland o a los Datos del Cliente, ni su uso, de forma que se eluda cualquier límite de uso. El Cliente reconoce además que todos los componentes del Servicio en la Nube de Hyland puestos a disposición por Hyland, incluyendo los componentes descargados o instalados localmente en los sistemas del Cliente o de los Usuarios, son exclusivamente para ser usados con el Servicio en la Nube de Hyland y no están destinados a ser utilizados de forma independiente.
(a) salvo que se permita expresamente lo contrario en virtud de los términos de este Contrato o Anexo de SaaS (según el caso), el Cliente no permitirá ni autorizará a terceros (como personas o entidades legales) a utilizar el Servicio en la Nube de Hyland;
(b) El Cliente es responsable de todo uso y acceso a través del Cliente y sus Usuarios al Servicio en la Nube de Hyland y del cumplimiento del Contrato por parte de todos los Usuarios, incluidos, entre otros, (i) la configuración de cuentas / credenciales de inicio de sesión (por ejemplo, nombres de usuario, contraseñas, tokens, etc.); (ii) la revocación inmediata de las cuentas / credenciales cuando un Usuario ya no requiera acceso; y (iii) la prohibición de compartir cuentas/credenciales de inicio de sesión;
(c) El Cliente es el único responsable de la exactitud, calidad, contenido y legalidad de todos los Datos del Cliente;
(d) El Cliente prohibirá el acceso o uso no autorizado del Servicio en la Nube de Hyland y notificará a Hyland de inmediato de cualquier acceso o uso no autorizado poniéndose en contacto con el contacto de soporte técnico de Hyland del Cliente u otro contacto notificado al Cliente por escrito (que puede ser por correo electrónico o publicado en el sitio web seguro del usuario final de Hyland (actualmente www.hyland.com/community)).
(e) El Cliente entiende y acepta que: (i) tiene el deber independiente de cumplir con todas y cada una de las leyes que le sean aplicables, (ii) su uso del Servicio en la Nube de Hyland y el cumplimiento de los términos y condiciones bajo el Contrato no constituye el cumplimiento de ninguna ley, (iii) hará uso de las características y controles de seguridad disponibles del Servicio en la Nube de Hyland para transmitir adecuadamente, almacenará, procesará y proporcionará acceso a los Datos del Cliente y (iv) utilizará las herramientas y capacidades de generación de informes disponibles en el Servicio en la Nube de Hyland para supervisar y confirmar el procesamiento de los Datos del Cliente, como el procesamiento por lotes de documentos electrónicos cargados en el Servicio en la Nube de Hyland.
(f) El Cliente designará a su Administrador de Seguridad del Cliente. Los “Administradores de Seguridad del Cliente” (también conocidos como “CSA” o “CSAs” por sus siglas en inglés) son individuos designados por el Cliente que están autorizados a enviar solicitudes de cambio de configuración del Servicio en la Nube de Hyland, hablar en nombre del Servicio en la Nube de Hyland del Cliente y deben recibir y proporcionar, según corresponda, todas las notificaciones relacionadas con el mantenimiento, la seguridad, las fallas de servicio, etc. Si el Cliente no designa a su CSA inicial, Hyland puede designar como CSA inicial al individuo que ejecutó el Contrato en nombre del Cliente.
(g) El Cliente puede otorgar a cualquiera de sus Usuarios los derechos para actuar como administradores del sistema a través de las herramientas de configuración incluidas en el Software para el Servicio en la Nube de Hyland. Hyland no tiene responsabilidades ni obligaciones ante la gestión o administración interna del Servicio en la Nube de Hyland del Cliente.
Sujeto a las disposiciones de Plazo y Rescisión, Hyland acepta cumplir en todos os aspectos materiales con todas las leyes aplicables a Hyland en su desempeño de los servicios en virtud del Contrato.
11. IDIOMA QUE CONTROLA. Hyland puede poner a disposición otras versiones de este Anexo en otros idiomas en esta ubicación en línea. Esta versión en inglés de este Anexo prevalece sobre cualquier versión de este Anexo disponible en este sitio web en otro idioma si el Documento de Incorporación está en inglés. Si el Documento de Incorporación está en un idioma distinto del inglés (dicho idioma, el “Otro Idioma”), pero este Anexo no está disponible en este sitio web en el Otro Idioma, esta versión en inglés prevalece sobre cualquier otra versión de este Anexo que pueda estar disponible en este sitio web en otro idioma.
La versión más actual de este documento será la vigente a las 12:00 a. m. EST (Eastern Standard Time) de la fecha estampada en dicha versión en línea.
Effective February 18th 2025
DownloadLe Client et ses Utilisateurs ne doivent utiliser le Service Cloud Hyland que d’une manière conforme à la Documentation, et conformément à la PUA et au présent Contrat. Toute utilisation non expressément autorisée par le Client et ses Utilisateurs au titre de la présente Annexe SaaS est strictement interdite. Le Client reconnaît que tant le Client que ses Utilisateurs ne peuvent accéder aux Données Client que par le biais du Service Cloud Hyland et ne doivent pas autoriser l'accés direct ou indirect au Service Cloud Hyland ou aux Données Client ou leur utilisation d’une manière qui contourne toute limite d'utilisation. Le Client reconnaît également que tous les composants du Service Cloud Hyland mis à disposition par Hyland, y compris tous les composants téléchargés ou installés localement sur les systèmes du Client ou des Utilisateurs, sont destinés à leur seule utilisation avec le Service Cloud Hyland et ne sont pas destinés à être utilisés de manière autonome.
(a) ne permet pas ou n'autorise pas des tiers (qu’il s’agisse de personnes physiques ou morales) à utiliser le Service Cloud Hyland, sauf stipulation expresse prévue par les présentes ;
(b) s'engage de tout l’accès et de toute l'utilisation du Service Cloud Hyland par moyen du Client du respect du Contrat par tous les Utilisateurs, y compris, mais sans s'y limiter, (i) de la configuration des comptes et d'identifiants (par exemple, les noms des utilisateurs, mots de passe, jetons, etc.), (ii) de la révocation sans délai des comptes et identifiants, dès lors qu'un Utilisateurs n’a plus besoin d'accés, et (iii) à ne pas permettre partager des comptes et identifiants ;
(c) est seul responsable de l'exactitude, de la qualité, du contenu et de la légalité de toutes les Données Client ;
(d) interdit tout accès ou utilisation non autorisé(e) du Service Cloud Hyland et notifie Hyland promptement par le biais du contact du support technique Hyland, ou tout autre contact notifié au Client par écrit par Hyland (tel que stipulé par e-mail ou publié sur le site internet sécurisé réservé aux utilisateurs finaux de Hyland (à date, www.hyland.com/community)).
(e) Le Client reconnaît et accepte : (i) qu'il a l’obligation de se conformer à toutes les lois qui lui sont applicables, (ii) que sa seule utilisation du Service Cloud Hyland et son respect des termes du Contrat et de la présente Annexe SaaS et du Contrat ne suffisent à justifier de sa conformité aux lois qui lui sont applicables, (iii) qu'il fera usage des fonctions et contrôles de sécurité du Service Cloud Hyland, tels que disponibles, pour transmettre, stocker, traiter et fournir un accès aux Données Client de manière appropriée et (iv) qu'il fera usage des outils et capacités de signalement mis à disposition dans le Service Cloud Hyland pour surveiller et confirmer le traitement des Données Client, comme le traitement par lots des documents électroniques versés au Service Cloud Hyland.
(f) Le Client désigne son administrateur de sécurité. Les « Administrateurs Sécurité Client » (également désignés « ASC » ou « ASCs ») sont les personnes physiques désignées par le Client, autorisées à soumettre des demandes de modification de configuration du Service Cloud Hyland, à s'exprimer au nom du Client en lien avec le Service Cloud Hyland et à recevoir et fournir, le cas échéant, toutes notifications, notamment relatives à la maintenance, à la sécurité, et aux défaillances du service et autres sujets similaires. Si aucun ASC initial n’a été désigné par le Client, Hyland se réserve le droit de désigner à son choix comme ASC initial, la personne physique signataire du Contrat.
(g) (g) Le Client peut conférer à l'un de ses Utilisateurs le droit d'agir en tant qu'administrateur système, par le biais des outils de configuration inclus dans le(s) Logiciel(s) relatifs au Service Cloud Hyland. En aucun cas Hyland n’a une quelconque obligation et/ou n'est responsable de la gestion interne du Client ou de son administration du Service Cloud Hyland.
Effective February 18th 2025
DownloadO Cliente e seus Usuários devem somente fazer uso do Serviço de Nuvem da Hyland de maneira consistente com a Documentação e em conformidade com a AUP e este Contrato. O Cliente e seus Usuários não devem fazer uso do Serviço de Nuvem da Hyland de nenhuma maneira que não esteja expressamente permitida pelo Contrato. O Cliente reconhece que o Cliente e seus Usuários só podem acessar os Dados do Cliente por meio do Serviço de Nuvem da Hyland e não devem permitir o acesso direto ou indireto ou o uso do Serviço de Nuvem da Hyland ou dos Dados do Cliente de forma a contornar qualquer limitação de uso. O Cliente reconhece ainda que todos os componentes do Serviço de Nuvem da Hyland disponibilizados pela Hyland, incluindo qualquer componente baixado ou instalado localmente nos sistemas do Cliente ou do Usuário, são exclusivamente para uso com o Serviço de Nuvem da Hyland e não se destinam a ser utilizados de forma independente.
Effective June 29th 2024 to February 18th 2025
DownloadTable of Contents
SOFTWARE-AS-A-SERVICE SCHEDULE
This Software-As-A-Service Schedule (this “SaaS Schedule”) is part of the Master Agreement, Order Form or other agreement or document entered into between Customer and Hyland, which incorporates this SaaS Schedule by reference (the “Incorporating Document”). As used herein, the “Agreement” means the Incorporating Document, inclusive of this SaaS Schedule, and any other agreement within which the Incorporating Document is incorporated.
DEFINED TERMS
All capitalized terms used in this SaaS Schedule shall have the meaning ascribed them in this SaaS Schedule or, if not defined in this SaaS Schedule, the General Terms Schedule. If any capitalized terms used herein are not defined in this SaaS Schedule or the General Terms Schedule, they shall have the meaning ascribed to them elsewhere in the Agreement. In the event the same defined term is defined in two (2) or more Schedules, the term shall be given the meaning defined in each Schedule with respect to that Schedule, and, if the term is also used within this Schedule, this Schedule shall be interpreted to include all definitions, as the context requires.
“Consumption Fees” means the amounts payable by Customer for storage of data and information in the Hyland Cloud Service in excess of the data storage allocation set forth in the initial Order Form for the Hyland Cloud Service.
“Customer Data” means any and all electronic data and information submitted by Customer or Users to the Hyland Cloud Service.
“Documentation” means: (a) to the extent available, the “Help Files” included in the Hyland Cloud Service, or (b) if no such “Help Files” are included in the Hyland Cloud Service, such other documentation published by Hyland, in each case, which relate to the functional, operational or performance characteristics of the Hyland Cloud Service.
“Host Web Site” means the web site hosted by Hyland as part of the Hyland Cloud Service on a web server included in the Hyland Cloud Platform used to access the Hyland Cloud Service, through which the Customer will access the Software and Customer Data stored using the Software.
“Hyland Cloud Service Support” means the services described in this SaaS Schedule.
“Hosted 3rd Party Software” means all third party software products (other than third party software products bundled by Hyland as a part of the Software) provided by Hyland as part of the Hyland Cloud Service, along with the associated documentation.
“Hyland Cloud Platform” means the Physical Infrastructure and any composite software layers such as databases, operating systems, virtualization technology, Hosted 3rd Party Software, and Host Web Site, responsible for providing the Hyland Cloud Service, whether owned by Hyland or a third party.
“Hyland Cloud Service” means Hyland’s provision of Software and the Hyland Cloud Platform for use by Customer.
“Physical Infrastructure” means the physical hardware and infrastructure which Hyland uses to provide the Hyland Cloud Service (which may include servers, network devices, cabling, CPU, data centers, memory, storage, switches, firewalls, routers and other network devices) whether owned by Hyland or a third party services provider.
“Resolution” means Hyland provides Customer with a reasonable workaround, correction, or modification that solves or mitigates a reported Hyland Cloud Service issue or error.
“SaaS Fees” means the amounts invoiced by Hyland and payable by Customer to Hyland for the use of the Hyland Cloud Service. The initial SaaS Fees are set forth in the initial Order Form.
“SaaS Security Attachment” means the document available at https://legal.hyland.com/Customer-Legal-Center#saas-security-attachment. The SaaS Security Attachment describes Hyland's current security processes and procedures. These processes and procedures may be updated from time to time, but will not be materially reduced.
“Service Class” means the applicable service level commitment purchase by Customer, as described in the Service Class Manual.
“Service Class Manual” means the latest version of the manual describing any available Service Classes, as posted by Hyland from time to time on a website designated by Hyland, currently https://legal.hyland.com/#service-class-manual.
“Support Prioritization Attachment” is the document available at https://legal.hyland.com/Customer-Legal-Center#maintenance-and-support-prioritization-attachment.
“Testing Environment” means a separate instance of the Hyland Cloud Service (including Customer Data) hosted by Hyland, for use by Customer solely with production data in a non-production environment for the limited purpose of functional and performance testing of the Software and environment, Hosted 3rd Party Software and each Work Product included in the Hyland Cloud Service.
“Testing Lite Environment” means a separate instance of the Hyland Cloud Service (including Customer Data) hosted by Hyland, for use by Customer solely with production data in a non-production environment for the limited purpose of functional testing of the Software and environment, Hosted 3rd Party Software and each Work Product included in the Hyland Cloud Service.
“Upgrades and Enhancements” means any and all new versions, improvements, modifications, upgrades, updates, fixes and additions to Software that Hyland makes available to its end users generally during the term of this Schedule to correct Errors or deficiencies or enhance the capabilities of the Software, together with updates of the Documentation to reflect such new versions, improvements, modifications, upgrades, fixes or additions; provided, however, that the foregoing shall not include new, separate product offerings, new modules or re-platformed Software.
“Users” means: (i) employees of Customer and its Authorized Affiliate(s) that access and use the Hyland Cloud Service; and (ii) any additional users to which Customer is authorized to provide access to the Hyland Cloud Service as expressly agreed in writing between the parties.
1. HYLAND CLOUD SERVICE.
1.1 General. During the term of the Agreement Hyland will: (a) make the Hyland Cloud Service available to Customer pursuant to the Agreement, the SaaS Security Attachment, Documentation and the applicable Service Class Manual; and (b) only use Customer Data to provide, develop, and improve the Hyland Cloud Service and other services, to prevent or address service or technical problems, or as otherwise permitted by Customer.
1.2 Service Class. Prior to or on the Effective Date, Hyland has delivered a then-current copy of the applicable Service Class Manual to Customer. After the Effective Date, Hyland will have the right to modify the applicable Service Class Manual (including the right to issue an entirely restated Service Class Manual) from time to time. The modifications or the revised Service Class Manual will be effective thirty (30) days after Hyland provides written notice to Customer informing Customer of Hyland’s posting of such modifications or revisions on the website identified in such notice. Notwithstanding the foregoing, no modifications of any Service Class Manual relating to Customer’s then-current Service Class will be effective until the next renewal of the Agreement. The initial Service Class purchased by Customer is set forth in the initial Order Form. To the extent Service Class upgrades or downgrades are available related to the Hyland Cloud Service purchase by Customer, Customer may upgrade the Service Class at any time, but may downgrade such Service Class only after the expiration of the Initial Term of the Agreement. In the event Customer elects to downgrade such Service Class, such downgrade will not be effective until the beginning of the next renewal of the Agreement. To modify a Service Class selection, Customer must submit a purchase order indicating the new Service Class.
1.3 Customer Data Extraction. In connection with any termination or expiration of the Agreement for any reason, Hyland will send a notice to Customer (which notice may be by email to the last known Customer contact) (the “Data Extraction Notice”), advising Customer that the Customer Data will remain accessible for a period of thirty (30) days after the date of such Data Extraction Notice, during which period Customer may extract such Customer Data. If Customer desires assistance with Customer Data extraction, Hyland may provide such services subject to the execution of a mutually agreed upon Services Proposal. Customer acknowledges and agrees that thirty (30) days after the date of such Data Extraction Notice, Hyland shall have no obligation to maintain or provide any Customer Data and shall thereafter, unless legally prohibited, delete all Customer Data from all of Hyland’s datacenters, including all replicated copies.
1.4 Hyland customers may license some Software provisioned by Hyland as part of the Hyland Cloud Service, and other Software which is implemented only on the customer’s premise (or a third party cloud other than the Hyland Cloud Platform), such as Hyland RPA (“On-Premise Software”). For clarity, if Customer licenses On-Premise Software, these SaaS terms do not apply to such On-Premise Software.
2. GRANT OF RIGHTS AND PROHIBITED CONDUCT.
2.1 Hyland Cloud Service Use Grant. During the term of the Agreement, Hyland grants to Customer a revocable, non-exclusive, non-assignable (except as otherwise expressly provided herein), limited right to use the Hyland Cloud Service as provided by Hyland, and the associated Documentation, solely for use by Customer and its Users for the internal business purposes of Customer, and only for capturing, storing, processing and accessing Customer’s data. The Hyland Cloud Service is for use by Customer and its Users and may not be used for processing of third-party data as a service bureau, application service provider or otherwise. Customer and its Users shall not make any use of the Hyland Cloud Service in any manner not expressly permitted by the Agreement. Customer acknowledges that it and its Users may only access Customer Data via the Hyland Cloud Service and shall only access the Hyland Cloud Service in a manner consistent with the Agreement and the Documentation. Use of software or hardware that reduces the number of users directly accessing or utilizing the Hyland Cloud Service (e.g. by using “bots” or “multiplexing” or “pooling” software or hardware) does not reduce the number of users accessing the Hyland Cloud Services for purposes of calculating the number of users, as the required number of users would equal the number of distinct inputs to such software or hardware (e.g. to such “bots” or “multiplexing” or “pooling” software or hardware). Customer is prohibited from using any software (including bots) other than the Software client modules or a Software application programming interface (API) to access the Hyland Cloud Service or any data stored in the Software database for any purpose other than generating reports or statistics regarding system utilization, unless Hyland has given its prior written consent to Customer’s use of such other software and Customer has paid the required fees with respect to such access. Customer further acknowledges that all components of the Hyland Cloud Service made available by Hyland, including any components downloaded or installed locally on Customer’s or Users’ systems, are solely for use with the Hyland Cloud Service and are not intended to be used on a stand-alone basis.
2.2 Volume Use Restriction. There are certain Software products that Hyland makes available and which Customer may purchase for use as part of the Hyland Cloud Service that are volume-based and may: (i) no longer function if applicable volume limits have been exceeded; (ii) require Customer to pay additional fees based on Customer’s volume usage; or (iii) include functionality which monitors or tracks Customer usage and reports that usage. Customer may not circumvent or attempt to circumvent this restriction by any means, including but not limited to changing the computer calendars.
2.3 Test Environments. Customer may purchase limited access to Testing Environments or Testing Lite Environments, or both. Hyland agrees that the security measures described in the SaaS Security Attachment are also applied to the Testing Environment and Testing Lite Environment. Hyland reserves the right to further define the permitted use(s) and/or restrict the use(s) of the Testing Environment and Testing Lite Environment. If, at any time, Customer is not satisfied with the Testing Environment or Testing Lite Environment, Customer’s sole and exclusive remedy shall be to stop using the Testing Environment or Testing Lite Environment.
2.4 No High Risk Use. The Software and/or any Hyland Cloud Services are not fault-tolerant and are not guaranteed to be error free or to operate uninterrupted. Such Software and/or Hyland Cloud Services are not designed or intended for use in any situation where failure or fault of any kind of the Software and/or Cloud Services could lead to death or serious bodily injury to any person, or to severe physical or environmental damage (“High Risk Use”). The Software and/or any Hyland Cloud Service is not licensed by Hyland to use in, or in conjunction with, High Risk Use. High Risk Use is STRICTLY PROHIBITED. High Risk Use includes, for example, the following: aircraft or other modes of human mass transportation, nuclear or chemical facilities, life support systems, implantable medical equipment, motor vehicles, or weaponry systems. High Risk Use does not include utilization of the Software or Cloud Services for administrative purposes, as an information resource for medical professionals, to store configuration data, engineering and/or configuration tools, or other non-control applications, the failure of which would not result in death, personal injury, or severe physical or environmental damage. These non-controlling applications may communicate with the applications that perform the control, but must not be directly or indirectly responsible for the control function. Customer agrees to indemnify and hold harmless Hyland from any third-party claim arising out of Customer's or its Contractors use of the Software and/or Hyland Cloud Services in connection with any High Risk Use.
2.5 Assessment. Hyland shall be permitted access to assess Customer’s use of the Hyland Cloud Service in order to determine Customer’s compliance with the grant of use and pricing terms of the Agreement, including, where applicable, to measure Customer’s volume usage. Customer shall reasonably cooperate with Hyland with respect to its performance of such assessment.
2.6 Third Party Services and Content. The Hyland Cloud Service may contain functionality which allows Customer to: (a) access, link or integrate the Hyland Cloud Service with Customer’s applications or applications or services provided by third parties and (b) access third party websites and content. Hyland has no responsibility for such applications or services, websites or content and shall have no responsibility for any disclosure, modification or deletion of Customer Data resulting from any such access or use by such applications or services. Any activities engaged in by Customer or any of its Users with such third parties using the Hyland Cloud Service is solely between Customer and such third party and Hyland has no liability, obligation or responsibility for any such activities. Hyland does not endorse any third party web sites, applications or services that may be linked or integrated through the Hyland Cloud Service. Hyland is not responsible for any third party content, products or materials purchased, accessed or used by Customer or its Users using the Hyland Cloud Service.
2.7 Acceptable Use Policy. Customer agrees to comply with the Acceptable Use Policy, available at https://legal.hyland.com/Customer-Legal-Center#acceptable-use-policy-attachment. Customer acknowledges that a violation of the Acceptable Use Policy shall be considered a Prohibited Act.
2.8 Ownership of Customer Data. As between Hyland and Customer, Customer owns Customer Data.
2.9 Customer Input and Suggestions. Hyland shall have a royalty-free, worldwide, perpetual, transferable, sub-licensable, and irrevocable license to use or incorporate into any of Hyland’s products or services, including the Hyland Cloud Services, any suggestions, enhancements, improvements, recommendations or any other feedback provided by Customer or its users, related to the operation or use of the Hyland Cloud Service.
3. PRICES, INVOICES AND PAYMENT.
3.1 SaaS Fees. Customer shall pay SaaS Fees to Hyland for the Hyland Cloud Service in such amounts as are invoiced by Hyland; provided, that during the Initial Term, Customer shall pay SaaS Fees to Hyland for the Hyland Cloud Service as initially composed in accordance with the initial Order Form. Hyland will invoice Customer on or after the Effective Date for SaaS Fees for the first year of the Initial Term. Following expiration of the Initial Term, Hyland may increase the SaaS Fees for the Hyland Cloud Service for any renewal period by up to ten percent (10%) of the previous year’s SaaS Fees. For any subsequent years, Hyland will invoice Customer for SaaS Fees prior to the beginning of such year, and such invoice shall be due and payable by Customer to Hyland in full in accordance with the General Terms Schedule. In the event Customer adds Software modules for the Hyland Cloud Service, Hyland will invoice Customer for SaaS Fees for such additional Software modules on a prorated basis upon Hyland’s acceptance of the purchase order for such additional Software modules. Thereafter, SaaS Fees relating to such additional Software shall be included in the subsequent invoices issued with respect to the existing licensed Software.
3.2 Consumption Fees. Hyland will invoice for any Consumption Fees, monthly in arrears, promptly upon the end of the month to which such Consumption Fees relate. Consumption Fees will be due for a month if at any time during such month the amount of Customer Data stored in the Hyland Cloud Service exceeds Customer’s then-current data storage allocation.
3.3 Add-On Services. If Customer subscribes to an Add-On Service, the fees for such Add-On Service will be invoiced on a periodic basis, in advance, and Customer shall pay such invoices in accordance with the General Terms Schedule unless otherwise stated on an Order Form. Some Add-On Services may be priced on a volume basis, for which Add-On Services fees may be invoiced in arrears based on the applicable volume usage. Add-On Services may be subject to additional terms.
3.4 Other Fees. If, upon mutual agreement of the parties, Hyland provides any other services or deliverables that are not covered by the fees and charges described herein, Hyland will invoice for such other fees or charges based upon Hyland’s then current list prices or the pricing that the parties have mutually agreed upon in connection with such other services or deliverables.
4. U.S. GOVERNMENT END USERS. To the extent applicable to Customer, the terms and conditions of the Agreement shall pertain to the U.S. Government’s use and/or disclosure of the Software, Add-On Services, and the Hyland Cloud Service, as the case may be, and shall supersede any conflicting contractual terms or conditions. By accepting the terms of the Agreement and/or the Delivery of the Software, Add-On Services and Hyland Cloud Service, as the case may be, the U.S. Government hereby agrees that the Software, including the Hosted 3rd Party Software included in the Hyland Cloud Service, and Add-On Services, as the case may be, qualify as “commercial” computer software within the meaning of ALL U.S. federal acquisition regulation(s) applicable to this procurement and that the Software and Add-On Services are developed exclusively at private expense. If this license fails to meet the U.S. Government’s needs or is inconsistent in any respect with Federal law, the U.S. Government agrees to return this Software, Add-On Services or Hyland Cloud Service, as the case may be, to Hyland. In addition to the foregoing, where DFARS is applicable, use, modification, reproduction, release, display, or disclosure of the Software, Add-On Services and Hyland Cloud Service, or Documentation, as the case may be, by the U.S. Government is subject solely to the terms of the Agreement, as stated in DFARS 227.7202, and the terms of the Agreement shall supersede any conflicting contractual term or conditions.
5. HYLAND CLOUD SERVICE SUPPORT.
5.1 Hyland Cloud Service Support Terms. Hyland will provide Hyland Cloud Service Support in accordance with this Section and the Support Prioritization Attachment.
(a) Technical Support Services. Hyland will provide telephone or online technical support related to problems reported by Customer and associated with the operation of the Hyland Cloud Service, including assistance and advice related to the operation of the Hyland Cloud Service.
(b) Error Correction Services. With respect to any issues or errors in the Hyland Cloud Service which are reported by Customer and which are confirmed by Hyland, Hyland will use its reasonable efforts to correct such issue or error, which may be effected by a reasonable workaround. Hyland shall promptly commence to confirm any reported issues or errors after receipt of a proper report of such suspected issue or error from Customer in accordance with the Support Prioritization Attachment. Hyland may elect to correct the issue or error by updating or upgrading the applicable component of the Hyland Cloud Service to a new build or version.
(c) Reporting Policies and Procedures Applicable to Technical Support Services and Error Correction Services.
(i) Customer Reporting Requirements. When requesting Hyland Cloud Service Support, Customer will submit such requests through Hyland’s secure end user website, the details of which will be separately provided to Customer. Once such request is submitted through the end user website, Customer may call for a Level 1 or Level 2 Severity Level (support numbers are available through Hyland’s secure end user website). In the case of reporting a problem, issue, or error with the Hyland Cloud Service, Customer will provide Hyland with as much information and access to systems as reasonably possible to enable Hyland to investigate and attempt to identify and verify the problem, issue or error. Customer will work with Hyland support personnel during the problem isolation process, as reasonably needed. Customer will notify Hyland of any configuration changes it has made to the Hyland Cloud Service, such as workflow configuration changes, network installation/expansion, integrations, upgrades, relocations, etc.
(ii) Hyland Response Procedures. Hyland shall respond to all reports in accordance with the Support Prioritization Attachment. Hyland: (A) will respond based on the confirmed severity level; (B) may reclassify severity levels as it learns information about such problems, issues or errors during the resolution process; and (C) obligations for a reported issue or error concludes upon delivery of a Resolution in accordance with the Support Prioritization Attachment.
(d) Software Upgrades and Enhancements. Hyland will provide, in accordance with Hyland’s then current policies, as set forth from time to time on Hyland’s secure end user web site (currently www.hyland.com/community), all Upgrades and Enhancements, if and when released during the term of the Agreement.
(e) Update, Upgrade, Change or Replacement of Components of the Hyland Cloud Service. Hyland may update or upgrade the build or version of the Software used in the Hyland Cloud Service from time to time at Hyland’s expense. Hyland also may change, replace, update or upgrade the Hyland Cloud Platform from time to time. Customer agrees to collaborate with Hyland and assist Hyland in connection with the completion of installation and testing of any update or upgrade related to the Hyland Cloud Service. Notwithstanding the foregoing, Customer acknowledges that it is Customer’s responsibility to ensure that Customer is running a Cloud Compatible Version of the Software in accordance with Hyland’s Cloud Software Version Policy available at Hyland’s end user website (currently, community.hyland.com); Customer’s failure to comply with Hyland’s Cloud Software Version Policy shall be considered a material breach of the Agreement.
Customer acknowledges and agrees that for regulatory compliance purposes, Customer may be required to engage Hyland under a Services Proposal to implement Upgrades and Enhancements to a regulated product. If Hyland offers a self-service option for implementing Upgrades and Enhancements to a regulated product, and the Customer chooses this option, Customer agrees to comply with the training, reporting, and documentation requirements established by Hyland to ensure that the implementation is performed and documented as required by applicable regulations.
5.2 Exclusions. Hyland is not responsible for providing, or obligated to provide, Hyland Cloud Service Support: (1) in connection with any errors, defects or problems that result in whole or in part from any alteration, revision, change, enhancement or modification of any nature of the Hyland Cloud Service or from any error or defect in any configuration of any component of the Hyland Cloud Service, which activities in any such case were undertaken by any party other than Hyland or a party retained by Hyland; (2) in connection with any error or defect or problem in any other component of the Hyland Cloud Service if Hyland has previously made available corrections for such error or defect which Customer fails to implement; (3) in connection with any errors, defects or problems which have been caused by errors, defects, problems, alterations, revisions, changes, enhancements or modifications in any software, hardware or system or networking which is not a part of the Hyland Cloud Service; (4) if any party other than Hyland, or an authorized subcontractor specifically selected by Hyland, has provided any services in the nature of Hyland Cloud Service Support to Customer with respect to the Hyland Cloud Service; or (5) in connection with any questions related to the operation or use of the Software application programming interfaces (APIs); or in connection with any errors, defects or problems with Work Products (as defined in the Professional Services Schedule). Support relating to Work Products and the operation or use of APIs may be provided, on a case-by-case basis, as mutually agreed to in an applicable Services Proposal which outlines Professional Services for such support activities.
5.3 Professional Services. Customer agrees that the Professional Services Terms, available at https://legal.hyland.com/Customer-Legal-Center#professional-services-schedule shall apply to all Professional Services (as that term is defined in the Professional Services Terms) provided by Hyland for Customer.
6. SECURITY. During the term of the Agreement, Hyland shall maintain a security program which shall conform to the SaaS Security Attachment.
7. CERTAIN RESPONSIBILITIES AND OBLIGATIONS OF CUSTOMER.
7.1 Customer Responsibilities. In connection with the relationship established between Customer and Hyland under the Agreement:
(a) except as otherwise expressly permitted under the terms of the Agreement, Customer will not permit or authorize any third parties (such as persons or legal entities) to use the Hyland Cloud Service;
(b) Customer will comply with Hyland’s Acceptable Use Policy, as in effect from time to time, a copy of the current form of which is attached hereto as the Acceptable Use Policy Attachment;
(c) Customer is responsible for all Users use and all access through Customer and its Users of the Hyland Cloud Service and compliance with the Agreement, including, but not limited to, (i) setting-up User log-in accounts/credentials (e.g. user names, passwords, tokens, etc.) to the Hyland Cloud Service and immediately revoking User accounts/credentials when User no longer requires access to the Hyland Cloud Service, and (ii) shall not permit Users to share log-in accounts/credentials;
(d) Customer has sole responsibility for the accuracy, quality, content and legality of all Customer Data;
(e) Customer shall prohibit unauthorized access to, or use of, the Hyland Cloud Service and shall notify Hyland promptly of any such unauthorized access or use by contacting Customer’s Hyland technical support contact or another contact notified to Customer in writing (which may be via email or posted on Hyland’s secure end user web site (currently www.hyland.com/community)).
(f) Customer understands and agrees: (i) it has an independent duty to comply with any and all laws applicable to it, (ii) its use of the Hyland Cloud Service and compliance with any terms and conditions under the Agreement does not constitute compliance with any law, (iii) it shall make use of available Hyland Cloud Service security features and controls to properly transmit, store, process and provide access to Customer Data and (iv) it shall use the tools and reporting capabilities made available in the Hyland Cloud Service to monitor and confirm Customer Data processing, such as batch processing of electronic documents uploaded to the Hyland Cloud Service.
(h) Customer may give any of its Users the rights to act as a system administrator, through the configuration tools included in the Software for the Hyland Cloud Service. Hyland has no responsibility or obligations in connection with Customer’s internal management or administration of Customer’s Hyland Cloud Service.
7.2 Customer Internet Connection. Customer is responsible for obtaining and maintaining all software, hardware (including without limitation network systems), telephonic or other communications circuits, and Internet Service Provider relationships that are necessary or appropriate for Customer to properly access and use the Hyland Cloud Service. Hyland shall have no responsibility or liability under the Agreement for any unavailability or failure of, or nonconformity or defect in, the Hyland Cloud Service that is caused by or related in any manner to any failure of Customer to obtain and maintain all such software, hardware, equipment and relationships.
8. LIMITED WARRANTIES.
8.1 Hyland Cloud Service Limited Warranty. Hyland warrants to Customer that during the term of the Agreement the Hyland Cloud Service will function in all material respects as described in the Documentation. The terms of this warranty shall not apply to, and Hyland shall have no liability for any non-conformity related to, the Hyland Cloud Service if: (i) any component of the Hyland Cloud Service has been modified, misused or abused by Customer or a third party, (ii) any such non-conformity arises from or is related to problems within or impacting Customer’s computing environment, including any Customer third party software applications, hardware, network or internet connectivity, or (iii) if the Hyland Cloud Service is used in combination with equipment or software other than that which is provided by Hyland or is consistent with the Documentation.
8.2 Hyland Cloud Service Warranty Remedy. Hyland’s sole obligation, and Customer’s sole and exclusive remedy, for any non-conformities to the express limited warranties granted by Hyland under this Section shall be as follows: provided that Customer notifies Hyland in writing of the non-conformity, Hyland will either (a) correct the non-conforming component of the Hyland Cloud Service, which may include the delivery of a reasonable workaround for the non-conformity; or (b) if Hyland determines that correcting the non-conformity is not practicable, then terminate the Agreement with respect to the non-conforming component, in which event, upon compliance by Customer with its obligations under the Agreement, Hyland will refund or cause to be refunded to Customer the “unused portion of prepaid SaaS Fees” (as defined below) paid by Customer and attributable to the non-conforming component. The “unused portion of the prepaid SaaS Fees” shall mean an amount equal to the total SaaS Fees paid by Customer for the non-conforming portion of the Hyland Cloud Service for the then current term (or applicable twelve-month period within the Initial Term) during which such removal occurs, multiplied by a fraction, the numerator of which shall be the number of full calendar months remaining during the term (or applicable twelve-month period within the Initial Term) during which such removal occurs, and the denominator of which shall be twelve (12).
8.3 Customer Limited Warranty. Customer represents and warrants to Hyland that: (a) Customer and its Users are the legal custodian of the Customer Data and it has the right and authority to use the Hyland Cloud Service in connection with all Customer Data and other materials hereunder; (b) Customer will use reasonable efforts to ensure that any Customer Data submitted to Hyland via electronic media will be free of viruses; and (c) anyone submitting Customer Data to Hyland for use in connection with the Hyland Cloud Service or Professional Services (if any) has the legal authority to do so, either through ownership of the Customer Data or by obtaining appropriate authorizations therefor, and that submission of Customer Data does not violate any contracts, agreements, or any applicable law. Customer is responsible for all Customer Data that is submitted to Hyland for use in connection with the Hyland Cloud Service or Professional Services (if any).
9. INFRINGEMENT INDEMNIFICATION.
9.1 Generally. Hyland agrees to indemnify Customer against all liability and expense, including reasonable attorneys’ fees, arising from or in connection with any third party claim, action or proceeding instituted against Customer based upon any infringement or misappropriation by the Hyland Cloud Service of any patent, registered copyright or registered trademark of a third party, provided that Hyland: (a) is notified promptly after Customer receives notice of such claim; (b) is solely in charge of the defense of and any settlement negotiations with respect to such claim, provided, that Hyland will not settle any such claim without the prior written consent of Customer if such settlement contains a stipulation to or admission or acknowledgement of any liability or wrongdoing on the part of the Customer or otherwise requires payment by Customer; (c) receives Customer’s reasonable cooperation in the defense or settlement of such claim; and (d) has the right, upon either the occurrence of or the likelihood (in the opinion of Hyland) of the occurrence of a finding of infringement or misappropriation, either to procure for Customer the right to continue use of the Hyland Cloud Service, or to replace the relevant portions of the Hyland Cloud Service with other equivalent, non-infringing portions. If Hyland is unable to accomplish either of the options set forth in the preceding sentence, Hyland shall terminate the Agreement upon thirty (30) days advance written notice to Customer and refund to Customer the “unused portion of prepaid SaaS Fees” (as defined below) paid during the then current term (or applicable twelve-month period within the Initial Term). For these purposes, the “unused portion of prepaid SaaS Fees” shall mean an amount equal to the total SaaS Fees paid by Customer for the term (or applicable twelve-month period within the Initial Term) during which termination occurs, multiplied by a fraction, the numerator of which shall be the number of full calendar months remaining during the term (or applicable twelve-month period within the Initial Term) during which such termination occurs, and the denominator or which shall be twelve (12). Notwithstanding anything to the contrary, Hyland shall have no obligation to indemnify Customer against any claims made against Customer and otherwise described in this Section that arise from: (v) any Customer Data; (w) use of the Hyland Cloud Service other than as expressly permitted herein; (x) the combination of the Hyland Cloud Service or any component thereof with any product not furnished by Hyland; (y) the modification or addition of any component of the Hyland Cloud Service, other than by Hyland or any of its authorized channel partners specifically retained by Hyland to provide such modification or addition; or (z) the Customer’s business methods or processes.
9.2 THIS SECTION STATES HYLAND’S ENTIRE LIABILITY AND THE SOLE AND EXCLUSIVE REMEDY OF CUSTOMER WITH RESPECT TO ANY ALLEGED INFRINGEMENT OR MISAPPROPRIATION OF INTELLECTUAL PROPERTY OR PROPRIETARY PROPERTY BY THE HYLAND CLOUD SERVICE.
10. LIABILITY FOR CUSTOMER DATA INCIDENTS.
10.1 NOTWITHSTANDING ANYTHING TO THE CONTRARY IN THIS AGREEMENT OR ANY OTHER CONTRACT (INCLUDING WITHOUT LIMITATION A BUSINESS ASSOCIATE AGREEMENT OR DATA PROCESSING AGREEMENT), IN THE CASE OF AN UNAUTHORIZED DISCLOSURE OF OR ACCESS TO CUSTOMER DATA FOR WHICH A CLAIM AGAINST HYLAND (OR ANY OF ITS AFFILIATES OR SUPPLIERS) ARISES (A "CUSTOMER DATA INCIDENT"), THE FOLLOWING LIMITATIONS SHALL APPLY:
(A) THE MAXIMUM LIABILITY OF HYLAND (INCLUDING ITS AFFILIATES AND SUPPLIERS), WHETHER IN CONTRACT OR TORT (INCLUDING NEGLIGENCE), OR ANY OTHER LEGAL OR EQUITABLE THEORY, SHALL IN NO EVENT EXCEED, IN THE AGGREGATE, ALL FEES AND CHARGES ACTUALLY PAID BY CUSTOMER TO HYLAND (LESS ANY REFUNDS OR CREDITS) UNDER THE AGREEMENT DURING THE TWELVE (12) MONTH PERIOD IMMEDIATELY PRECEDING THE CUSTOMER DATA INCIDENT MULTIPLIED BY THE NUMBER INDICATED IN THE TABLE BELOW BASED ON CUSTOMER’S SERVICE CLASS AT THE TIME OF THE CUSTOMER DATA INCIDENT; AND
(B) NEITHER HYLAND NOR ANY OF ITS AFFILIATES OR SUPPLIERS SHALL BE LIABLE, WHETHER IN CONTRACT, TORT (INCLUDING NEGLIGENCE), OR ANY OTHER LEGAL OR EQUITY THEORY, FOR ANY INDIRECT, INCIDENTAL, SPECIAL, PUNITIVE, OR CONSEQUENTIAL DAMAGES, EVEN IF ADVISED OF THE POSSIBILITY OF DAMAGES, LOSSES, EXPENSES OR COSTS.
Service Class | Multiplier |
Silver | 1 |
Gold | 2 |
Platinum | 3 |
Double Platinum | 4 |
10.2 Subject to Section 10.1(A) of this Schedule, in the event of a Customer Data Incident for which Hyland is liable, Hyland shall pay the reasonable and documented costs incurred by Customer in connection with the following items: (a) providing notification of the Customer Data Incident to applicable government and relevant industry self-regulatory agencies, to the media and to individuals whose personal data may have been accessed or acquired, where required by law; and (b) providing credit monitoring service (where such service addresses the harm caused by the Customer Data Incident) to individuals who elect to receive such credit monitoring service and whose personal data may have been accessed or acquired, for a period of one year after the date on which such individuals were notified of the unauthorized access or acquisition.
11. TRANSITION PERIOD. Except in the case of termination due to Customer’s breach of the Agreement, upon Customer’s request, Hyland will use good faith efforts to enter into an amendment or Services Proposal pursuant to which Customer may continue to access the Hyland Cloud Service pursuant to the terms of the Agreement for a period following the expiration or termination of the Agreement (the “Transition Period”). Any such amendment or Services Proposal shall be subject to Customer’s payment of mutually agreed upon fees, including SaaS Fees, Consumption Fees and any fees for Professional Services related to such Transition Period.
12. COMPLIANCE WITH LAWS. Subject to the Term and Termination provisions, Hyland agrees to comply in all material respects with all laws applicable to Hyland in its performance of services under the Agreement.
13. ADDITIONAL TERMS AND CONDITIONS. If Hyland is a Hyland company set forth below, the additional or alternative terms and conditions set forth on the applicable Additional Terms Exhibit shall apply:
| Hyland Company | Additional Terms Exhibit |
| Hyland Software Brasil LTDA. Hyland Software Germany GmbH | Exhibit A Exhibit B |
14. CONTROLLING LANGUAGE. Hyland may make other versions of this SaaS Schedule available in other languages at this online location. This English language version of this SaaS Schedule controls over any version of the SaaS Schedule made available at this online location in another language if the Incorporating Document is in English. If the Incorporating Document is in a language other than English (such language, the “Other Language”), but this SaaS Schedule is not made available at this online location in the Other Language, this English language version controls over any other version of the SaaS Schedule that may be made available at this online location in another language.
Exhibit A
Hyland Software Brasil LTDA Additional Terms Exhibit
If Hyland is Hyland Software Brasil LTDA this Exhibit A shall apply:
- The SaaS Fees Section of this SaaS Schedule shall be replaced in its entirety as follows:
Customer shall pay SaaS Fees to Hyland for the Hyland Cloud Service in such amounts as are invoiced by Hyland; provided, that during the first year of the Initial Term, Customer shall pay SaaS Fees to Hyland for the Hyland Cloud Service as initially composed in accordance with the initial Order Form. Hyland will adjust the SaaS Fees annually on each anniversary of the Effective Date by the last known accumulated value of IPCA at the time Hyland issues the invoice for SaaS Fees. For all purposes, “IPCA” means the Índice de Preços para o Consumidor Amplo, as measured by IBGE, or any index created to replace this index. Hyland will invoice Customer on or after the Effective Date for SaaS Fees for the first year of the Initial Term. For any subsequent years, Hyland will invoice Customer for SaaS Fees prior to the beginning of such year, and such invoice shall be due and payable by Customer to Hyland in full in accordance with the General Terms Schedule. In the event Customer adds Software for the Hyland Cloud Service, Hyland will invoice Customer for SaaS Fees for such additional Software on a prorated basis upon Hyland’s acceptance of the purchase order for such additional Software. Thereafter, SaaS Fees relating to such additional Software shall be included in the subsequent invoices issued with respect to the existing licensed Software.
Exhibit B
Hyland Software Germany GmbH Additional Terms Exhibit
If Hyland is Hyland Software Germany GmbH this Exhibit B shall apply:
Customer agrees to indemnify and hold harmless Hyland from any third-party claim arising out of Customer's culpable breach of this Section with regard to the use of the Software and/or Hyland Cloud Service in connection with any High Risk Use.
Any statutory rights of the Customer regarding any damages resulting from the breach of the above Software warranty shall remain unaffected subject to the express terms of the Agreement. Warranty for only insignificant reductions in the suitability of the performance is excluded. The strict liability according to Sec. 536a (1) of German Civil Code for defects that already existed at the time of conclusion of this SaaS Schedule is excluded.
NOTWITHSTANDING ANYTHING TO THE CONTRARY IN THIS AGREEMENT OR ANY OTHER CONTRACT (INCLUDING WITHOUT LIMITATION A BUSINESS ASSOCIATE AGREEMENT OR DATA PROCESSING AGREEMENT), IN THE CASE OF AN UNAUTHORIZED DISCLOSURE OF OR ACCESS TO CUSTOMER DATA FOR WHICH A CLAIM AGAINST HYLAND (OR ANY OF ITS AFFILIATES OR SUPPLIERS) ARISES (A “CUSTOMER DATA INCIDENT"), THE FOLLOWING LIMITATIONS SHALL APPLY (EXCEPT WHERE HYLAND'S LIABILITY IS UNLIMITED PURSUANT TO THE GENERAL TERMS SCHEDULE):
(A) THE MAXIMUM LIABILITY OF HYLAND (INCLUDING ITS AFFILIATES AND SUPPLIERS), WHETHER IN CONTRACT OR TORT (INCLUDING NEGLIGENCE), OR ANY OTHER LEGAL OR EQUITABLE THEORY, SHALL IN NO EVENT EXCEED, IN THE AGGREGATE, ALL FEES AND CHARGES ACTUALLY PAID BY CUSTOMER TO HYLAND (LESS ANY REFUNDS OR CREDITS) UNDER THE AGREEMENT DURING THE TWELVE (12) MONTH PERIOD IMMEDIATELY PRECEDING THE CUSTOMER DATA INCIDENT MULTIPLIED BY THE NUMBER INDICATED IN THE TABLE BELOW BASED ON CUSTOMER’S SERVICE CLASS AT THE TIME OF THE CUSTOMER DATA INCIDENT.
The most current version of this page shall be such in effect as of 12:00am EST of the date stamped on such online version.
Confidential - Ó 2023 Hyland Software, Inc.
Effective May 3rd 2024 to June 29th 2024
DownloadTable of Contents
SOFTWARE-AS-A-SERVICE SCHEDULE
This Software-As-A-Service Schedule (this “SaaS Schedule”) is part of the Master Agreement, Order Form or other agreement or document entered into between Customer and Hyland, which incorporates this SaaS Schedule by reference (the “Incorporating Document”). As used herein, the “Agreement” means the Incorporating Document, inclusive of this SaaS Schedule, and any other agreement within which the Incorporating Document is incorporated.
DEFINED TERMS
All capitalized terms used in this SaaS Schedule shall have the meaning ascribed them in this SaaS Schedule or, if not defined in this SaaS Schedule, the General Terms Schedule. If any capitalized terms used herein are not defined in this SaaS Schedule or the General Terms Schedule, they shall have the meaning ascribed to them elsewhere in the Agreement. In the event the same defined term is defined in two (2) or more Schedules, the term shall be given the meaning defined in each Schedule with respect to that Schedule, and, if the term is also used within this Schedule, this Schedule shall be interpreted to include all definitions, as the context requires.
“Consumption Fees” means the amounts payable by Customer for storage of data and information in the Hyland Cloud Service in excess of the data storage allocation set forth in the initial Order Form for the Hyland Cloud Service.
“Customer Data” means any and all electronic data and information submitted by Customer or Users to the Hyland Cloud Service.
“Customer Data Incident” means an unauthorized disclosure of Customer Data resulting from Hyland’s failure to comply with the SaaS Security Attachment. Without limitation, Customer Data Incident does not include any of the following that results in no unauthorized access to Customer Data or to any Hyland’s systems storing Customer Data: (a) pings and other broadcast attacks on firewalls or edge servers; (b) port scans; (c) unsuccessful log-on attempts; (d) denial of service attacks; or (e) packet sniffing (or other unauthorized access to traffic data that does not result in access beyond IP addresses or headers).
“Documentation” means: (a) to the extent available, the “Help Files” included in the Hyland Cloud Service, or (b) if no such “Help Files” are included in the Hyland Cloud Service, such other documentation published by Hyland, in each case, which relate to the functional, operational or performance characteristics of the Hyland Cloud Service.
“Host Web Site” means the web site hosted by Hyland as part of the Hyland Cloud Service on a web server included in the Hyland Cloud Platform used to access the Hyland Cloud Service, through which the Customer will access the Software and Customer Data stored using the Software.
“Hyland Cloud Service Support” means the services described in this SaaS Schedule.
“Hosted 3rd Party Software” means all third party software products (other than third party software products bundled by Hyland as a part of the Software) provided by Hyland as part of the Hyland Cloud Service, along with the associated documentation.
“Hyland Cloud Platform” means the Physical Infrastructure and any composite software layers such as databases, operating systems, virtualization technology, Hosted 3rd Party Software, and Host Web Site, responsible for providing the Hyland Cloud Service, whether owned by Hyland or a third party.
“Hyland Cloud Service” means Hyland’s provision of Software and the Hyland Cloud Platform for use by Customer.
“Physical Infrastructure” means the physical hardware and infrastructure which Hyland uses to provide the Hyland Cloud Service (which may include servers, network devices, cabling, CPU, data centers, memory, storage, switches, firewalls, routers and other network devices) whether owned by Hyland or a third party services provider.
“Resolution” means Hyland provides Customer with a reasonable workaround, correction, or modification that solves or mitigates a reported Hyland Cloud Service issue or error.
“SaaS Fees” means the amounts invoiced by Hyland and payable by Customer to Hyland for the use of the Hyland Cloud Service. The initial SaaS Fees are set forth in the initial Order Form.
“SaaS Security Attachment” means the document available at https://legal.hyland.com/Customer-Legal-Center#saas-security-attachment. The SaaS Security Attachment describes Hyland's current security processes and procedures. These processes and procedures may be updated from time to time, but will not be materially reduced.
“Service Class” means the applicable service level commitment purchase by Customer, as described in the Service Class Manual.
“Service Class Manual” means the latest version of the manual describing any available Service Classes, as posted by Hyland from time to time on a website designated by Hyland, currently https://legal.hyland.com/#service-class-manual.
“Support Prioritization Attachment” is the document available at https://legal.hyland.com/Customer-Legal-Center#maintenance-and-support-prioritization-attachment.
“Testing Environment” means a separate instance of the Hyland Cloud Service (including Customer Data) hosted by Hyland, for use by Customer solely with production data in a non-production environment for the limited purpose of functional and performance testing of the Software and environment, Hosted 3rd Party Software and each Work Product included in the Hyland Cloud Service.
“Testing Lite Environment” means a separate instance of the Hyland Cloud Service (including Customer Data) hosted by Hyland, for use by Customer solely with production data in a non-production environment for the limited purpose of functional testing of the Software and environment, Hosted 3rd Party Software and each Work Product included in the Hyland Cloud Service.
“Upgrades and Enhancements” means any and all new versions, improvements, modifications, upgrades, updates, fixes and additions to Software that Hyland makes available to its end users generally during the term of this Schedule to correct Errors or deficiencies or enhance the capabilities of the Software, together with updates of the Documentation to reflect such new versions, improvements, modifications, upgrades, fixes or additions; provided, however, that the foregoing shall not include new, separate product offerings, new modules or re-platformed Software.
“Users” means: (i) employees of Customer and its Authorized Affiliate(s) that access and use the Hyland Cloud Service; and (ii) any additional users to which Customer is authorized to provide access to the Hyland Cloud Service as expressly agreed in writing between the parties.
1. HYLAND CLOUD SERVICE.
1.1 General. During the term of the Agreement Hyland will: (a) make the Hyland Cloud Service available to Customer pursuant to the Agreement, the SaaS Security Attachment, Documentation and the applicable Service Class Manual; and (b) only use Customer Data to provide, develop, and improve the Hyland Cloud Service and other services, to prevent or address service or technical problems, or as otherwise permitted by Customer.
1.2 Service Class. Prior to or on the Effective Date, Hyland has delivered a then-current copy of the applicable Service Class Manual to Customer. After the Effective Date, Hyland will have the right to modify the applicable Service Class Manual (including the right to issue an entirely restated Service Class Manual) from time to time. The modifications or the revised Service Class Manual will be effective thirty (30) days after Hyland provides written notice to Customer informing Customer of Hyland’s posting of such modifications or revisions on the website identified in such notice. Notwithstanding the foregoing, no modifications of any Service Class Manual relating to Customer’s then-current Service Class will be effective until the next renewal of the Agreement. The initial Service Class purchased by Customer is set forth in the initial Order Form. To the extent Service Class upgrades or downgrades are available related to the Hyland Cloud Service purchase by Customer, Customer may upgrade the Service Class at any time, but may downgrade such Service Class only after the expiration of the Initial Term of the Agreement. In the event Customer elects to downgrade such Service Class, such downgrade will not be effective until the beginning of the next renewal of the Agreement. To modify a Service Class selection, Customer must submit a purchase order indicating the new Service Class.
1.3 Customer Data Extraction. In connection with any termination or expiration of the Agreement for any reason, Hyland will send a notice to Customer (which notice may be by email to the last known Customer contact) (the “Data Extraction Notice”), advising Customer that the Customer Data will remain accessible for a period of thirty (30) days after the date of such Data Extraction Notice, during which period Customer may extract such Customer Data. If Customer desires assistance with Customer Data extraction, Hyland may provide such services subject to the execution of a mutually agreed upon Services Proposal. Customer acknowledges and agrees that thirty (30) days after the date of such Data Extraction Notice, Hyland shall have no obligation to maintain or provide any Customer Data and shall thereafter, unless legally prohibited, delete all Customer Data from all of Hyland’s datacenters, including all replicated copies.
1.4 Hyland customers may license some Software provisioned by Hyland as part of the Hyland Cloud Service, and other Software which is implemented only on the customer’s premise (or a third party cloud other than the Hyland Cloud Platform), such as Hyland RPA (“On-Premise Software”). For clarity, if Customer licenses On-Premise Software, these SaaS terms do not apply to such On-Premise Software.
2. GRANT OF RIGHTS AND PROHIBITED CONDUCT.
2.1 Hyland Cloud Service Use Grant. During the term of the Agreement, Hyland grants to Customer a revocable, non-exclusive, non-assignable (except as otherwise expressly provided herein), limited right to use the Hyland Cloud Service as provided by Hyland, and the associated Documentation, solely for use by Customer and its Users for the internal business purposes of Customer, and only for capturing, storing, processing and accessing Customer’s data. The Hyland Cloud Service is for use by Customer and its Users and may not be used for processing of third-party data as a service bureau, application service provider or otherwise. Customer and its Users shall not make any use of the Hyland Cloud Service in any manner not expressly permitted by the Agreement. Customer acknowledges that it and its Users may only access Customer Data via the Hyland Cloud Service and shall only access the Hyland Cloud Service in a manner consistent with the Agreement and the Documentation. Use of software or hardware that reduces the number of users directly accessing or utilizing the Hyland Cloud Service (e.g. by using “bots” or “multiplexing” or “pooling” software or hardware) does not reduce the number of users accessing the Hyland Cloud Services for purposes of calculating the number of users, as the required number of users would equal the number of distinct inputs to such software or hardware (e.g. to such “bots” or “multiplexing” or “pooling” software or hardware). Customer is prohibited from using any software (including bots) other than the Software client modules or a Software application programming interface (API) to access the Hyland Cloud Service or any data stored in the Software database for any purpose other than generating reports or statistics regarding system utilization, unless Hyland has given its prior written consent to Customer’s use of such other software and Customer has paid the required fees with respect to such access. Customer further acknowledges that all components of the Hyland Cloud Service made available by Hyland, including any components downloaded or installed locally on Customer’s or Users’ systems, are solely for use with the Hyland Cloud Service and are not intended to be used on a stand-alone basis.
2.2 Volume Use Restriction. There are certain Software products that Hyland makes available and which Customer may purchase for use as part of the Hyland Cloud Service that are volume-based and may: (i) no longer function if applicable volume limits have been exceeded; (ii) require Customer to pay additional fees based on Customer’s volume usage; or (iii) include functionality which monitors or tracks Customer usage and reports that usage. Customer may not circumvent or attempt to circumvent this restriction by any means, including but not limited to changing the computer calendars.
2.3 Test Environments. Customer may purchase limited access to Testing Environments or Testing Lite Environments, or both. Hyland agrees that the security measures described in the SaaS Security Attachment are also applied to the Testing Environment and Testing Lite Environment. Hyland reserves the right to further define the permitted use(s) and/or restrict the use(s) of the Testing Environment and Testing Lite Environment. If, at any time, Customer is not satisfied with the Testing Environment or Testing Lite Environment, Customer’s sole and exclusive remedy shall be to stop using the Testing Environment or Testing Lite Environment.
2.4 No High Risk Use. The Software and/or any Hyland Cloud Services are not fault-tolerant and are not guaranteed to be error free or to operate uninterrupted. Such Software and/or Hyland Cloud Services are not designed or intended for use in any situation where failure or fault of any kind of the Software and/or Cloud Services could lead to death or serious bodily injury to any person, or to severe physical or environmental damage (“High Risk Use”). The Software and/or any Hyland Cloud Service is not licensed by Hyland to use in, or in conjunction with, High Risk Use. High Risk Use is STRICTLY PROHIBITED. High Risk Use includes, for example, the following: aircraft or other modes of human mass transportation, nuclear or chemical facilities, life support systems, implantable medical equipment, motor vehicles, or weaponry systems. High Risk Use does not include utilization of the Software or Cloud Services for administrative purposes, as an information resource for medical professionals, to store configuration data, engineering and/or configuration tools, or other non-control applications, the failure of which would not result in death, personal injury, or severe physical or environmental damage. These non-controlling applications may communicate with the applications that perform the control, but must not be directly or indirectly responsible for the control function. Customer agrees to indemnify and hold harmless Hyland from any third-party claim arising out of Customer's or its Contractors use of the Software and/or Hyland Cloud Services in connection with any High Risk Use.
2.5 Assessment. Hyland shall be permitted access to assess Customer’s use of the Hyland Cloud Service in order to determine Customer’s compliance with the grant of use and pricing terms of the Agreement, including, where applicable, to measure Customer’s volume usage. Customer shall reasonably cooperate with Hyland with respect to its performance of such assessment.
2.6 Third Party Services and Content. The Hyland Cloud Service may contain functionality which allows Customer to: (a) access, link or integrate the Hyland Cloud Service with Customer’s applications or applications or services provided by third parties and (b) access third party websites and content. Hyland has no responsibility for such applications or services, websites or content and shall have no responsibility for any disclosure, modification or deletion of Customer Data resulting from any such access or use by such applications or services. Any activities engaged in by Customer or any of its Users with such third parties using the Hyland Cloud Service is solely between Customer and such third party and Hyland has no liability, obligation or responsibility for any such activities. Hyland does not endorse any third party web sites, applications or services that may be linked or integrated through the Hyland Cloud Service. Hyland is not responsible for any third party content, products or materials purchased, accessed or used by Customer or its Users using the Hyland Cloud Service.
2.7 Acceptable Use Policy. Customer agrees to comply with the Acceptable Use Policy, available at https://legal.hyland.com/Customer-Legal-Center#acceptable-use-policy-attachment. Customer acknowledges that a violation of the Acceptable Use Policy shall be considered a Prohibited Act.
2.8 Ownership of Customer Data. As between Hyland and Customer, Customer owns Customer Data.
2.9 Customer Input and Suggestions. Hyland shall have a royalty-free, worldwide, perpetual, transferable, sub-licensable, and irrevocable license to use or incorporate into any of Hyland’s products or services, including the Hyland Cloud Services, any suggestions, enhancements, improvements, recommendations or any other feedback provided by Customer or its users, related to the operation or use of the Hyland Cloud Service.
3. PRICES, INVOICES AND PAYMENT.
3.1 SaaS Fees. Customer shall pay SaaS Fees to Hyland for the Hyland Cloud Service in such amounts as are invoiced by Hyland; provided, that during the Initial Term, Customer shall pay SaaS Fees to Hyland for the Hyland Cloud Service as initially composed in accordance with the initial Order Form. Hyland will invoice Customer on or after the Effective Date for SaaS Fees for the first year of the Initial Term. Following expiration of the Initial Term, Hyland may increase the SaaS Fees for the Hyland Cloud Service for any renewal period by up to ten percent (10%) of the previous year’s SaaS Fees. For any subsequent years, Hyland will invoice Customer for SaaS Fees prior to the beginning of such year, and such invoice shall be due and payable by Customer to Hyland in full in accordance with the General Terms Schedule. In the event Customer adds Software modules for the Hyland Cloud Service, Hyland will invoice Customer for SaaS Fees for such additional Software modules on a prorated basis upon Hyland’s acceptance of the purchase order for such additional Software modules. Thereafter, SaaS Fees relating to such additional Software shall be included in the subsequent invoices issued with respect to the existing licensed Software.
3.2 Consumption Fees. Hyland will invoice for any Consumption Fees, monthly in arrears, promptly upon the end of the month to which such Consumption Fees relate. Consumption Fees will be due for a month if at any time during such month the amount of Customer Data stored in the Hyland Cloud Service exceeds Customer’s then-current data storage allocation.
3.3 Add-On Services. If Customer subscribes to an Add-On Service, the fees for such Add-On Service will be invoiced on a periodic basis, in advance, and Customer shall pay such invoices in accordance with the General Terms Schedule unless otherwise stated on an Order Form. Some Add-On Services may be priced on a volume basis, for which Add-On Services fees may be invoiced in arrears based on the applicable volume usage. Add-On Services may be subject to additional terms.
3.4 Other Fees. If, upon mutual agreement of the parties, Hyland provides any other services or deliverables that are not covered by the fees and charges described herein, Hyland will invoice for such other fees or charges based upon Hyland’s then current list prices or the pricing that the parties have mutually agreed upon in connection with such other services or deliverables.
4. U.S. GOVERNMENT END USERS. To the extent applicable to Customer, the terms and conditions of the Agreement shall pertain to the U.S. Government’s use and/or disclosure of the Software, Add-On Services, and the Hyland Cloud Service, as the case may be, and shall supersede any conflicting contractual terms or conditions. By accepting the terms of the Agreement and/or the Delivery of the Software, Add-On Services and Hyland Cloud Service, as the case may be, the U.S. Government hereby agrees that the Software, including the Hosted 3rd Party Software included in the Hyland Cloud Service, and Add-On Services, as the case may be, qualify as “commercial” computer software within the meaning of ALL U.S. federal acquisition regulation(s) applicable to this procurement and that the Software and Add-On Services are developed exclusively at private expense. If this license fails to meet the U.S. Government’s needs or is inconsistent in any respect with Federal law, the U.S. Government agrees to return this Software, Add-On Services or Hyland Cloud Service, as the case may be, to Hyland. In addition to the foregoing, where DFARS is applicable, use, modification, reproduction, release, display, or disclosure of the Software, Add-On Services and Hyland Cloud Service, or Documentation, as the case may be, by the U.S. Government is subject solely to the terms of the Agreement, as stated in DFARS 227.7202, and the terms of the Agreement shall supersede any conflicting contractual term or conditions.
5. HYLAND CLOUD SERVICE SUPPORT.
5.1 Hyland Cloud Service Support Terms. Hyland will provide Hyland Cloud Service Support in accordance with this Section and the Support Prioritization Attachment.
(a) Technical Support Services. Hyland will provide telephone or online technical support related to problems reported by Customer and associated with the operation of the Hyland Cloud Service, including assistance and advice related to the operation of the Hyland Cloud Service.
(b) Error Correction Services. With respect to any issues or errors in the Hyland Cloud Service which are reported by Customer and which are confirmed by Hyland, Hyland will use its reasonable efforts to correct such issue or error, which may be effected by a reasonable workaround. Hyland shall promptly commence to confirm any reported issues or errors after receipt of a proper report of such suspected issue or error from Customer in accordance with the Support Prioritization Attachment. Hyland may elect to correct the issue or error by updating or upgrading the applicable component of the Hyland Cloud Service to a new build or version.
(c) Reporting Policies and Procedures Applicable to Technical Support Services and Error Correction Services.
(i) Customer Reporting Requirements. When requesting Hyland Cloud Service Support, Customer will submit such requests through Hyland’s secure end user website, the details of which will be separately provided to Customer. Once such request is submitted through the end user website, Customer may call for a Level 1 or Level 2 Severity Level (support numbers are available through Hyland’s secure end user website). In the case of reporting a problem, issue, or error with the Hyland Cloud Service, Customer will provide Hyland with as much information and access to systems as reasonably possible to enable Hyland to investigate and attempt to identify and verify the problem, issue or error. Customer will work with Hyland support personnel during the problem isolation process, as reasonably needed. Customer will notify Hyland of any configuration changes it has made to the Hyland Cloud Service, such as workflow configuration changes, network installation/expansion, integrations, upgrades, relocations, etc.
(ii) Hyland Response Procedures. Hyland shall respond to all reports in accordance with the Support Prioritization Attachment. Hyland: (A) will respond based on the confirmed severity level; (B) may reclassify severity levels as it learns information about such problems, issues or errors during the resolution process; and (C) obligations for a reported issue or error concludes upon delivery of a Resolution in accordance with the Support Prioritization Attachment.
(d) Software Upgrades and Enhancements. Hyland will provide, in accordance with Hyland’s then current policies, as set forth from time to time on Hyland’s secure end user web site (currently www.hyland.com/community), all Upgrades and Enhancements, if and when released during the term of the Agreement.
(e) Update, Upgrade, Change or Replacement of Components of the Hyland Cloud Service. Hyland may update or upgrade the build or version of the Software used in the Hyland Cloud Service from time to time at Hyland’s expense. Hyland also may change, replace, update or upgrade the Hyland Cloud Platform from time to time. Customer agrees to collaborate with Hyland and assist Hyland in connection with the completion of installation and testing of any update or upgrade related to the Hyland Cloud Service. Notwithstanding the foregoing, Customer acknowledges that it is Customer’s responsibility to ensure that Customer is running a Cloud Compatible Version of the Software in accordance with Hyland’s Cloud Software Version Policy available at Hyland’s end user website (currently, community.hyland.com); Customer’s failure to comply with Hyland’s Cloud Software Version Policy shall be considered a material breach of the Agreement.
Customer acknowledges and agrees that for regulatory compliance purposes, Customer may be required to engage Hyland under a Services Proposal to implement Upgrades and Enhancements to a regulated product. If Hyland offers a self-service option for implementing Upgrades and Enhancements to a regulated product, and the Customer chooses this option, Customer agrees to comply with the training, reporting, and documentation requirements established by Hyland to ensure that the implementation is performed and documented as required by applicable regulations.
5.2 Exclusions. Hyland is not responsible for providing, or obligated to provide, Hyland Cloud Service Support: (1) in connection with any errors, defects or problems that result in whole or in part from any alteration, revision, change, enhancement or modification of any nature of the Hyland Cloud Service or from any error or defect in any configuration of any component of the Hyland Cloud Service, which activities in any such case were undertaken by any party other than Hyland or a party retained by Hyland; (2) in connection with any error or defect or problem in any other component of the Hyland Cloud Service if Hyland has previously made available corrections for such error or defect which Customer fails to implement; (3) in connection with any errors, defects or problems which have been caused by errors, defects, problems, alterations, revisions, changes, enhancements or modifications in any software, hardware or system or networking which is not a part of the Hyland Cloud Service; (4) if any party other than Hyland, or an authorized subcontractor specifically selected by Hyland, has provided any services in the nature of Hyland Cloud Service Support to Customer with respect to the Hyland Cloud Service; or (5) in connection with any questions related to the operation or use of the Software application programming interfaces (APIs); or in connection with any errors, defects or problems with Work Products (as defined in the Professional Services Schedule). Support relating to Work Products and the operation or use of APIs may be provided, on a case-by-case basis, as mutually agreed to in an applicable Services Proposal which outlines Professional Services for such support activities.
5.3 Professional Services. Customer agrees that the Professional Services Terms, available at https://legal.hyland.com/Customer-Legal-Center#professional-services-schedule shall apply to all Professional Services (as that term is defined in the Professional Services Terms) provided by Hyland for Customer.
6. SECURITY. During the term of the Agreement, Hyland shall maintain a security program which shall conform to the SaaS Security Attachment.
7. CERTAIN RESPONSIBILITIES AND OBLIGATIONS OF CUSTOMER.
7.1 Customer Responsibilities. In connection with the relationship established between Customer and Hyland under the Agreement:
(a) except as otherwise expressly permitted under the terms of the Agreement, Customer will not permit or authorize any third parties (such as persons or legal entities) to use the Hyland Cloud Service;
(b) Customer will comply with Hyland’s Acceptable Use Policy, as in effect from time to time, a copy of the current form of which is attached hereto as the Acceptable Use Policy Attachment;
(c) Customer is responsible for all Users use and all access through Customer and its Users of the Hyland Cloud Service and compliance with the Agreement, including, but not limited to, (i) setting-up User log-in accounts/credentials (e.g. user names, passwords, tokens, etc.) to the Hyland Cloud Service and immediately revoking User accounts/credentials when User no longer requires access to the Hyland Cloud Service, and (ii) shall not permit Users to share log-in accounts/credentials;
(d) Customer has sole responsibility for the accuracy, quality, content and legality of all Customer Data;
(e) Customer shall prohibit unauthorized access to, or use of, the Hyland Cloud Service and shall notify Hyland promptly of any such unauthorized access or use by contacting Customer’s Hyland technical support contact or another contact notified to Customer in writing (which may be via email or posted on Hyland’s secure end user web site (currently www.hyland.com/community)).
(f) Customer understands and agrees: (i) it has an independent duty to comply with any and all laws applicable to it, (ii) its use of the Hyland Cloud Service and compliance with any terms and conditions under the Agreement does not constitute compliance with any law, (iii) it shall make use of available Hyland Cloud Service security features and controls to properly transmit, store, process and provide access to Customer Data and (iv) it shall use the tools and reporting capabilities made available in the Hyland Cloud Service to monitor and confirm Customer Data processing, such as batch processing of electronic documents uploaded to the Hyland Cloud Service.
(h) Customer may give any of its Users the rights to act as a system administrator, through the configuration tools included in the Software for the Hyland Cloud Service. Hyland has no responsibility or obligations in connection with Customer’s internal management or administration of Customer’s Hyland Cloud Service.
7.2 Customer Internet Connection. Customer is responsible for obtaining and maintaining all software, hardware (including without limitation network systems), telephonic or other communications circuits, and Internet Service Provider relationships that are necessary or appropriate for Customer to properly access and use the Hyland Cloud Service. Hyland shall have no responsibility or liability under the Agreement for any unavailability or failure of, or nonconformity or defect in, the Hyland Cloud Service that is caused by or related in any manner to any failure of Customer to obtain and maintain all such software, hardware, equipment and relationships.
8. LIMITED WARRANTIES.
8.1 Hyland Cloud Service Limited Warranty. Hyland warrants to Customer that during the term of the Agreement the Hyland Cloud Service will function in all material respects as described in the Documentation. The terms of this warranty shall not apply to, and Hyland shall have no liability for any non-conformity related to, the Hyland Cloud Service if: (i) any component of the Hyland Cloud Service has been modified, misused or abused by Customer or a third party, (ii) any such non-conformity arises from or is related to problems within or impacting Customer’s computing environment, including any Customer third party software applications, hardware, network or internet connectivity, or (iii) if the Hyland Cloud Service is used in combination with equipment or software other than that which is provided by Hyland or is consistent with the Documentation.
8.2 Hyland Cloud Service Warranty Remedy. Hyland’s sole obligation, and Customer’s sole and exclusive remedy, for any non-conformities to the express limited warranties granted by Hyland under this Section shall be as follows: provided that Customer notifies Hyland in writing of the non-conformity, Hyland will either (a) correct the non-conforming component of the Hyland Cloud Service, which may include the delivery of a reasonable workaround for the non-conformity; or (b) if Hyland determines that correcting the non-conformity is not practicable, then terminate the Agreement with respect to the non-conforming component, in which event, upon compliance by Customer with its obligations under the Agreement, Hyland will refund or cause to be refunded to Customer the “unused portion of prepaid SaaS Fees” (as defined below) paid by Customer and attributable to the non-conforming component. The “unused portion of the prepaid SaaS Fees” shall mean an amount equal to the total SaaS Fees paid by Customer for the non-conforming portion of the Hyland Cloud Service for the then current term (or applicable twelve-month period within the Initial Term) during which such removal occurs, multiplied by a fraction, the numerator of which shall be the number of full calendar months remaining during the term (or applicable twelve-month period within the Initial Term) during which such removal occurs, and the denominator of which shall be twelve (12).
8.3 Customer Limited Warranty. Customer represents and warrants to Hyland that: (a) Customer and its Users are the legal custodian of the Customer Data and it has the right and authority to use the Hyland Cloud Service in connection with all Customer Data and other materials hereunder; (b) Customer will use reasonable efforts to ensure that any Customer Data submitted to Hyland via electronic media will be free of viruses; and (c) anyone submitting Customer Data to Hyland for use in connection with the Hyland Cloud Service or Professional Services (if any) has the legal authority to do so, either through ownership of the Customer Data or by obtaining appropriate authorizations therefor, and that submission of Customer Data does not violate any contracts, agreements, or any applicable law. Customer is responsible for all Customer Data that is submitted to Hyland for use in connection with the Hyland Cloud Service or Professional Services (if any).
9. INFRINGEMENT INDEMNIFICATION.
9.1 Generally. Hyland agrees to indemnify Customer against all liability and expense, including reasonable attorneys’ fees, arising from or in connection with any third party claim, action or proceeding instituted against Customer based upon any infringement or misappropriation by the Hyland Cloud Service of any patent, registered copyright or registered trademark of a third party, provided that Hyland: (a) is notified promptly after Customer receives notice of such claim; (b) is solely in charge of the defense of and any settlement negotiations with respect to such claim, provided, that Hyland will not settle any such claim without the prior written consent of Customer if such settlement contains a stipulation to or admission or acknowledgement of any liability or wrongdoing on the part of the Customer or otherwise requires payment by Customer; (c) receives Customer’s reasonable cooperation in the defense or settlement of such claim; and (d) has the right, upon either the occurrence of or the likelihood (in the opinion of Hyland) of the occurrence of a finding of infringement or misappropriation, either to procure for Customer the right to continue use of the Hyland Cloud Service, or to replace the relevant portions of the Hyland Cloud Service with other equivalent, non-infringing portions. If Hyland is unable to accomplish either of the options set forth in the preceding sentence, Hyland shall terminate the Agreement upon thirty (30) days advance written notice to Customer and refund to Customer the “unused portion of prepaid SaaS Fees” (as defined below) paid during the then current term (or applicable twelve-month period within the Initial Term). For these purposes, the “unused portion of prepaid SaaS Fees” shall mean an amount equal to the total SaaS Fees paid by Customer for the term (or applicable twelve-month period within the Initial Term) during which termination occurs, multiplied by a fraction, the numerator of which shall be the number of full calendar months remaining during the term (or applicable twelve-month period within the Initial Term) during which such termination occurs, and the denominator or which shall be twelve (12). Notwithstanding anything to the contrary, Hyland shall have no obligation to indemnify Customer against any claims made against Customer and otherwise described in this Section that arise from: (v) any Customer Data; (w) use of the Hyland Cloud Service other than as expressly permitted herein; (x) the combination of the Hyland Cloud Service or any component thereof with any product not furnished by Hyland; (y) the modification or addition of any component of the Hyland Cloud Service, other than by Hyland or any of its authorized channel partners specifically retained by Hyland to provide such modification or addition; or (z) the Customer’s business methods or processes.
9.2 THIS SECTION STATES HYLAND’S ENTIRE LIABILITY AND THE SOLE AND EXCLUSIVE REMEDY OF CUSTOMER WITH RESPECT TO ANY ALLEGED INFRINGEMENT OR MISAPPROPRIATION OF INTELLECTUAL PROPERTY OR PROPRIETARY PROPERTY BY THE HYLAND CLOUD SERVICE.
10. LIABILITY FOR CUSTOMER DATA INCIDENTS.
10.1 NOTWITHSTANDING ANYTHING TO THE CONTRARY, IN THE CASE OF A CUSTOMER DATA INCIDENT (AS DEFINED IN THIS SCHEDULE), THE FOLLOWING SHALL APPLY IN LIEU OF THE LIABILITY CAP IN SECTION 6 OF THE GENERAL TERMS SCHEDULE: THE MAXIMUM LIABILITY OF HYLAND (INCLUDING ITS AFFILIATES AND SUPPLIERS) ARISING OUT OF OR RELATED TO THE AGREEMENT OR THE PRODUCTS OR SERVICES PROVIDED UNDER IT FOR A CUSTOMER DATA INCIDENT (AS DEFINED IN THIS SCHEDULE), WHETHER IN CONTRACT OR TORT (INCLUDING NEGLIGENCE), OR ANY OTHER LEGAL OR EQUITABLE THEORY, SHALL IN NO EVENT EXCEED, IN THE AGGREGATE, ALL FEES AND CHARGES ACTUALLY PAID BY CUSTOMER TO HYLAND (LESS ANY REFUNDS OR CREDITS) UNDER THE AGREEMENT DURING THE TWELVE (12) MONTH PERIOD IMMEDIATELY PRECEDING THE CUSTOMER DATA INCIDENT MULTIPLIED BY THE NUMBER INDICATED IN THE TABLE BELOW BASED ON CUSTOMER’S SERVICE CLASS AT THE TIME OF THE CUSTOMER DATA INCIDENT.
Service Class | Multiplier |
Silver | 1 |
Gold | 2 |
Platinum | 3 |
Double Platinum | 4 |
10.2 Notwithstanding Section 6.1 of the General Terms Schedule, and subject to Section 10.1 of this Schedule, in the event of a Customer Data Incident, Hyland shall pay the reasonable and documented costs incurred by Customer in connection with the following items: (a) providing notification of the Customer Data Incident to applicable government and relevant industry self-regulatory agencies, to the media and to individuals whose personal data may have been accessed or acquired, where required by law; and (b) providing credit monitoring service (where such service addresses the harm caused by the Customer Data Incident) to individuals who elect to receive such credit monitoring service and whose personal data may have been accessed or acquired, for a period of one year after the date on which such individuals were notified of the unauthorized access or acquisition.
11. TRANSITION PERIOD. Except in the case of termination due to Customer’s breach of the Agreement, upon Customer’s request, Hyland will use good faith efforts to enter into an amendment or Services Proposal pursuant to which Customer may continue to access the Hyland Cloud Service pursuant to the terms of the Agreement for a period following the expiration or termination of the Agreement (the “Transition Period”). Any such amendment or Services Proposal shall be subject to Customer’s payment of mutually agreed upon fees, including SaaS Fees, Consumption Fees and any fees for Professional Services related to such Transition Period.
12. COMPLIANCE WITH LAWS. Subject to the Term and Termination provisions, Hyland agrees to comply in all material respects with all laws applicable to Hyland in its performance of services under the Agreement.
13. ADDITIONAL TERMS AND CONDITIONS. If Hyland is a Hyland company set forth below, the additional or alternative terms and conditions set forth on the applicable Additional Terms Exhibit shall apply:
| Hyland Company | Additional Terms Exhibit |
| Hyland Software Brasil LTDA. Hyland Software Germany GmbH | Exhibit A Exhibit B |
14. CONTROLLING LANGUAGE. Hyland may make other versions of this SaaS Schedule available in other languages at this online location. This English language version of this SaaS Schedule controls over any version of the SaaS Schedule made available at this online location in another language if the Incorporating Document is in English. If the Incorporating Document is in a language other than English (such language, the “Other Language”), but this SaaS Schedule is not made available at this online location in the Other Language, this English language version controls over any other version of the SaaS Schedule that may be made available at this online location in another language.
Exhibit A
Hyland Software Brasil LTDA Additional Terms Exhibit
If Hyland is Hyland Software Brasil LTDA this Exhibit A shall apply:
- The SaaS Fees Section of this SaaS Schedule shall be replaced in its entirety as follows:
Customer shall pay SaaS Fees to Hyland for the Hyland Cloud Service in such amounts as are invoiced by Hyland; provided, that during the first year of the Initial Term, Customer shall pay SaaS Fees to Hyland for the Hyland Cloud Service as initially composed in accordance with the initial Order Form. Hyland will adjust the SaaS Fees annually on each anniversary of the Effective Date by the last known accumulated value of IPCA at the time Hyland issues the invoice for SaaS Fees. For all purposes, “IPCA” means the Índice de Preços para o Consumidor Amplo, as measured by IBGE, or any index created to replace this index. Hyland will invoice Customer on or after the Effective Date for SaaS Fees for the first year of the Initial Term. For any subsequent years, Hyland will invoice Customer for SaaS Fees prior to the beginning of such year, and such invoice shall be due and payable by Customer to Hyland in full in accordance with the General Terms Schedule. In the event Customer adds Software for the Hyland Cloud Service, Hyland will invoice Customer for SaaS Fees for such additional Software on a prorated basis upon Hyland’s acceptance of the purchase order for such additional Software. Thereafter, SaaS Fees relating to such additional Software shall be included in the subsequent invoices issued with respect to the existing licensed Software.
Exhibit B
Hyland Software Germany GmbH Additional Terms Exhibit
If Hyland is Hyland Software Germany GmbH this Exhibit B shall apply:
Customer agrees to indemnify and hold harmless Hyland from any third-party claim arising out of Customer's culpable breach of this Section with regard to the use of the Software and/or Hyland Cloud Service in connection with any High Risk Use.
Any statutory rights of the Customer regarding any damages resulting from the breach of the above Software warranty shall remain unaffected subject to the express terms of the Agreement. Warranty for only insignificant reductions in the suitability of the performance is excluded. The strict liability according to Sec. 536a (1) of German Civil Code for defects that already existed at the time of conclusion of this SaaS Schedule is excluded.
NOTWITHSTANDING ANYTHING TO THE CONTRARY, IN THE CASE OF A CUSTOMER DATA INCIDENT (AS DEFINED IN THIS SCHEDULE), THE FOLLOWING SHALL APPLY IN LIEU OF THE LIMITATION OF LIABLITY IN THE GENERAL TERMS SCHEDULE (EXCEPT WHERE HYLAND'S LIABILITY IS UNLIMITED PURSUANT TO THE GENERAL TERMS SCHEDULE): THE MAXIMUM LIABILITY OF HYLAND (INCLUDING ITS AFFILIATES AND SUPPLIERS) ARISING OUT OF OR RELATED TO THIS AGREEMENT OR THE PRODUCTS OR SERVICES PROVIDED UNDER IT FOR A CUSTOMER DATA INCIDENT (AS DEFINED IN THIS SCHEDULE), WHETHER IN CONTRACT OR TORT (INCLUDING NEGLIGENCE), OR ANY OTHER LEGAL OR EQUITABLE THEORY, SHALL IN NO EVENT EXCEED, IN THE AGGREGATE, ALL FEES AND CHARGES ACTUALLY PAID BY CUSTOMER TO HYLAND (LESS ANY REFUNDS OR CREDITS) UNDER THE AGREEMENT DURING THE TWELVE (12) MONTH PERIOD IMMEDIATELY PRECEDING THE CUSTOMER DATA INCIDENT MULTIPLIED BY THE NUMBER INDICATED IN THE TABLE BELOW BASED ON CUSTOMER’S SERVICE CLASS AT THE TIME OF THE CUSTOMER DATA INCIDENT.
The most current version of this page shall be such in effect as of 12:00am EST of the date stamped on such online version.
Confidential - Ó 2023 Hyland Software, Inc.
Effective February 13th 2024 to May 3rd 2024
DownloadTable of Contents
SOFTWARE-AS-A-SERVICE SCHEDULE
This Software-As-A-Service Schedule (this “SaaS Schedule”) is part of the Master Agreement, Order Form or other agreement or document entered into between Customer and Hyland, which incorporates this SaaS Schedule by reference (the “Incorporating Document”). As used herein, the “Agreement” means the Incorporating Document, inclusive of this SaaS Schedule, and any other agreement within which the Incorporating Document is incorporated.
DEFINED TERMS
All capitalized terms used in this SaaS Schedule shall have the meaning ascribed them in this SaaS Schedule or, if not defined in this SaaS Schedule, the General Terms Schedule. If any capitalized terms used herein are not defined in this SaaS Schedule or the General Terms Schedule, they shall have the meaning ascribed to them elsewhere in the Agreement. In the event the same defined term is defined in two (2) or more Schedules, the term shall be given the meaning defined in each Schedule with respect to that Schedule, and, if the term is also used within this Schedule, this Schedule shall be interpreted to include all definitions, as the context requires.
“Consumption Fees” means the amounts payable by Customer for storage of data and information in the Hyland Cloud Service in excess of the data storage allocation set forth in the initial Order Form for the Hyland Cloud Service.
“Customer Data” means any and all electronic data and information submitted by Customer or Users to the Hyland Cloud Service.
“Customer Data Incident” means an unauthorized disclosure of Customer Data resulting from Hyland’s failure to comply with the SaaS Security Attachment. Without limitation, Customer Data Incident does not include any of the following that results in no unauthorized access to Customer Data or to any Hyland’s systems storing Customer Data: (a) pings and other broadcast attacks on firewalls or edge servers; (b) port scans; (c) unsuccessful log-on attempts; (d) denial of service attacks; or (e) packet sniffing (or other unauthorized access to traffic data that does not result in access beyond IP addresses or headers).
“Documentation” means: (a) to the extent available, the “Help Files” included in the Hyland Cloud Service, or (b) if no such “Help Files” are included in the Hyland Cloud Service, such other documentation published by Hyland, in each case, which relate to the functional, operational or performance characteristics of the Hyland Cloud Service.
“Host Web Site” means the web site hosted by Hyland as part of the Hyland Cloud Service on a web server included in the Hyland Cloud Platform used to access the Hyland Cloud Service, through which the Customer will access the Software and Customer Data stored using the Software.
“Hyland Cloud Service Support” means the services described in this SaaS Schedule.
“Hosted 3rd Party Software” means all third party software products (other than third party software products bundled by Hyland as a part of the Software) provided by Hyland as part of the Hyland Cloud Service, along with the associated documentation.
“Hyland Cloud Platform” means the Physical Infrastructure and any composite software layers such as databases, operating systems, virtualization technology, Hosted 3rd Party Software, and Host Web Site, responsible for providing the Hyland Cloud Service, whether owned by Hyland or a third party.
“Hyland Cloud Service” means Hyland’s provision of Software and the Hyland Cloud Platform for use by Customer.
“Physical Infrastructure” means the physical hardware and infrastructure which Hyland uses to provide the Hyland Cloud Service (which may include servers, network devices, cabling, CPU, data centers, memory, storage, switches, firewalls, routers and other network devices) whether owned by Hyland or a third party services provider.
“Resolution” means Hyland provides Customer with a reasonable workaround, correction, or modification that solves or mitigates a reported Hyland Cloud Service issue or error.
“SaaS Fees” means the amounts invoiced by Hyland and payable by Customer to Hyland for the use of the Hyland Cloud Service. The initial SaaS Fees are set forth in the initial Order Form.
“SaaS Security Attachment” means the document available at https://legal.hyland.com/Customer-Legal-Center#saas-security-attachment. The SaaS Security Attachment describes Hyland's current security processes and procedures. These processes and procedures may be updated from time to time, but will not be materially reduced.
“Service Class” means the applicable service level commitment purchase by Customer, as described in the Service Class Manual.
“Service Class Manual” means the latest version of the manual describing any available Service Classes, as posted by Hyland from time to time on a website designated by Hyland.
“Support Prioritization Attachment” is the document available at https://legal.hyland.com/Customer-Legal-Center#maintenance-and-support-prioritization-attachment.
“Testing Environment” means a separate instance of the Hyland Cloud Service (including Customer Data) hosted by Hyland, for use by Customer solely with production data in a non-production environment for the limited purpose of functional and performance testing of the Software and environment, Hosted 3rd Party Software and each Work Product included in the Hyland Cloud Service.
“Testing Lite Environment” means a separate instance of the Hyland Cloud Service (including Customer Data) hosted by Hyland, for use by Customer solely with production data in a non-production environment for the limited purpose of functional testing of the Software and environment, Hosted 3rd Party Software and each Work Product included in the Hyland Cloud Service.
“Upgrades and Enhancements” means any and all new versions, improvements, modifications, upgrades, updates, fixes and additions to Software that Hyland makes available to its end users generally during the term of this Schedule to correct Errors or deficiencies or enhance the capabilities of the Software, together with updates of the Documentation to reflect such new versions, improvements, modifications, upgrades, fixes or additions; provided, however, that the foregoing shall not include new, separate product offerings, new modules or re-platformed Software.
“Users” means: (i) employees of Customer and its Authorized Affiliate(s) that access and use the Hyland Cloud Service; and (ii) any additional users to which Customer is authorized to provide access to the Hyland Cloud Service as expressly agreed in writing between the parties.
1. HYLAND CLOUD SERVICE.
1.1 General. During the term of the Agreement Hyland will: (a) make the Hyland Cloud Service available to Customer pursuant to the Agreement, the SaaS Security Attachment, Documentation and the applicable Service Class Manual; and (b) only use Customer Data to provide, develop, and improve the Hyland Cloud Service and other services, to prevent or address service or technical problems, or as otherwise permitted by Customer.
1.2 Service Class. Prior to or on the Effective Date, Hyland has delivered a then-current copy of the applicable Service Class Manual to Customer. After the Effective Date, Hyland will have the right to modify the applicable Service Class Manual (including the right to issue an entirely restated Service Class Manual) from time to time. The modifications or the revised Service Class Manual will be effective thirty (30) days after Hyland provides written notice to Customer informing Customer of Hyland’s posting of such modifications or revisions on the website identified in such notice. Notwithstanding the foregoing, no modifications of any Service Class Manual relating to Customer’s then-current Service Class will be effective until the next renewal of the Agreement. The initial Service Class purchased by Customer is set forth in the initial Order Form. To the extent Service Class upgrades or downgrades are available related to the Hyland Cloud Service purchase by Customer, Customer may upgrade the Service Class at any time, but may downgrade such Service Class only after the expiration of the Initial Term of the Agreement. In the event Customer elects to downgrade such Service Class, such downgrade will not be effective until the beginning of the next renewal of the Agreement. To modify a Service Class selection, Customer must submit a purchase order indicating the new Service Class.
1.3 Customer Data Extraction. In connection with any termination or expiration of the Agreement for any reason, Hyland will send a notice to Customer (which notice may be by email to the last known Customer contact) (the “Data Extraction Notice”), advising Customer that the Customer Data will remain accessible for a period of thirty (30) days after the date of such Data Extraction Notice, during which period Customer may extract such Customer Data. If Customer desires assistance with Customer Data extraction, Hyland may provide such services subject to the execution of a mutually agreed upon Services Proposal. Customer acknowledges and agrees that thirty (30) days after the date of such Data Extraction Notice, Hyland shall have no obligation to maintain or provide any Customer Data and shall thereafter, unless legally prohibited, delete all Customer Data from all of Hyland’s datacenters, including all replicated copies.
1.4 Hyland customers may license some Software provisioned by Hyland as part of the Hyland Cloud Service, and other Software which is implemented only on the customer’s premise (or a third party cloud other than the Hyland Cloud Platform), such as Hyland RPA (“On-Premise Software”). For clarity, if Customer licenses On-Premise Software, these SaaS terms do not apply to such On-Premise Software.
2. GRANT OF RIGHTS AND PROHIBITED CONDUCT.
2.1 Hyland Cloud Service Use Grant. During the term of the Agreement, Hyland grants to Customer a revocable, non-exclusive, non-assignable (except as otherwise expressly provided herein), limited right to use the Hyland Cloud Service as provided by Hyland, and the associated Documentation, solely for use by Customer and its Users for the internal business purposes of Customer, and only for capturing, storing, processing and accessing Customer’s data. The Hyland Cloud Service is for use by Customer and its Users and may not be used for processing of third-party data as a service bureau, application service provider or otherwise. Customer and its Users shall not make any use of the Hyland Cloud Service in any manner not expressly permitted by the Agreement. Customer acknowledges that it and its Users may only access Customer Data via the Hyland Cloud Service and shall only access the Hyland Cloud Service in a manner consistent with the Agreement and the Documentation. Use of software or hardware that reduces the number of users directly accessing or utilizing the Hyland Cloud Service (e.g. by using “bots” or “multiplexing” or “pooling” software or hardware) does not reduce the number of users accessing the Hyland Cloud Services for purposes of calculating the number of users, as the required number of users would equal the number of distinct inputs to such software or hardware (e.g. to such “bots” or “multiplexing” or “pooling” software or hardware). Customer is prohibited from using any software (including bots) other than the Software client modules or a Software application programming interface (API) to access the Hyland Cloud Service or any data stored in the Software database for any purpose other than generating reports or statistics regarding system utilization, unless Hyland has given its prior written consent to Customer’s use of such other software and Customer has paid the required fees with respect to such access. Customer further acknowledges that all components of the Hyland Cloud Service made available by Hyland, including any components downloaded or installed locally on Customer’s or Users’ systems, are solely for use with the Hyland Cloud Service and are not intended to be used on a stand-alone basis.
2.2 Volume Use Restriction. There are certain Software products that Hyland makes available and which Customer may purchase for use as part of the Hyland Cloud Service that are volume-based and may: (i) no longer function if applicable volume limits have been exceeded; (ii) require Customer to pay additional fees based on Customer’s volume usage; or (iii) include functionality which monitors or tracks Customer usage and reports that usage. Customer may not circumvent or attempt to circumvent this restriction by any means, including but not limited to changing the computer calendars.
2.3 Test Environments. Customer may purchase limited access to Testing Environments or Testing Lite Environments, or both. Hyland agrees that the security measures described in the SaaS Security Attachment are also applied to the Testing Environment and Testing Lite Environment. Hyland reserves the right to further define the permitted use(s) and/or restrict the use(s) of the Testing Environment and Testing Lite Environment. If, at any time, Customer is not satisfied with the Testing Environment or Testing Lite Environment, Customer’s sole and exclusive remedy shall be to stop using the Testing Environment or Testing Lite Environment.
2.4 No High Risk Use. The Software and/or any Hyland Cloud Services are not fault-tolerant and are not guaranteed to be error free or to operate uninterrupted. Such Software and/or Hyland Cloud Services are not designed or intended for use in any situation where failure or fault of any kind of the Software and/or Cloud Services could lead to death or serious bodily injury to any person, or to severe physical or environmental damage (“High Risk Use”). The Software and/or any Hyland Cloud Service is not licensed by Hyland to use in, or in conjunction with, High Risk Use. High Risk Use is STRICTLY PROHIBITED. High Risk Use includes, for example, the following: aircraft or other modes of human mass transportation, nuclear or chemical facilities, life support systems, implantable medical equipment, motor vehicles, or weaponry systems. High Risk Use does not include utilization of the Software or Cloud Services for administrative purposes, as an information resource for medical professionals, to store configuration data, engineering and/or configuration tools, or other non-control applications, the failure of which would not result in death, personal injury, or severe physical or environmental damage. These non-controlling applications may communicate with the applications that perform the control, but must not be directly or indirectly responsible for the control function. Customer agrees to indemnify and hold harmless Hyland from any third-party claim arising out of Customer's or its Contractors use of the Software and/or Hyland Cloud Services in connection with any High Risk Use.
2.5 Assessment. Hyland shall be permitted access to assess Customer’s use of the Hyland Cloud Service in order to determine Customer’s compliance with the grant of use and pricing terms of the Agreement, including, where applicable, to measure Customer’s volume usage. Customer shall reasonably cooperate with Hyland with respect to its performance of such assessment.
2.6 Third Party Services and Content. The Hyland Cloud Service may contain functionality which allows Customer to: (a) access, link or integrate the Hyland Cloud Service with Customer’s applications or applications or services provided by third parties and (b) access third party websites and content. Hyland has no responsibility for such applications or services, websites or content and shall have no responsibility for any disclosure, modification or deletion of Customer Data resulting from any such access or use by such applications or services. Any activities engaged in by Customer or any of its Users with such third parties using the Hyland Cloud Service is solely between Customer and such third party and Hyland has no liability, obligation or responsibility for any such activities. Hyland does not endorse any third party web sites, applications or services that may be linked or integrated through the Hyland Cloud Service. Hyland is not responsible for any third party content, products or materials purchased, accessed or used by Customer or its Users using the Hyland Cloud Service.
2.7 Acceptable Use Policy. Customer agrees to comply with the Acceptable Use Policy, available at https://legal.hyland.com/Customer-Legal-Center#acceptable-use-policy-attachment. Customer acknowledges that a violation of the Acceptable Use Policy shall be considered a Prohibited Act.
2.8 Ownership of Customer Data. As between Hyland and Customer, Customer owns Customer Data.
2.9 Customer Input and Suggestions. Hyland shall have a royalty-free, worldwide, perpetual, transferable, sub-licensable, and irrevocable license to use or incorporate into any of Hyland’s products or services, including the Hyland Cloud Services, any suggestions, enhancements, improvements, recommendations or any other feedback provided by Customer or its users, related to the operation or use of the Hyland Cloud Service.
3. PRICES, INVOICES AND PAYMENT.
3.1 SaaS Fees. Customer shall pay SaaS Fees to Hyland for the Hyland Cloud Service in such amounts as are invoiced by Hyland; provided, that during the Initial Term, Customer shall pay SaaS Fees to Hyland for the Hyland Cloud Service as initially composed in accordance with the initial Order Form. Hyland will invoice Customer on or after the Effective Date for SaaS Fees for the first year of the Initial Term. Following expiration of the Initial Term, Hyland may increase the SaaS Fees for the Hyland Cloud Service for any renewal period by up to ten percent (10%) of the previous year’s SaaS Fees. For any subsequent years, Hyland will invoice Customer for SaaS Fees prior to the beginning of such year, and such invoice shall be due and payable by Customer to Hyland in full in accordance with the General Terms Schedule. In the event Customer adds Software modules for the Hyland Cloud Service, Hyland will invoice Customer for SaaS Fees for such additional Software modules on a prorated basis upon Hyland’s acceptance of the purchase order for such additional Software modules. Thereafter, SaaS Fees relating to such additional Software shall be included in the subsequent invoices issued with respect to the existing licensed Software.
3.2 Consumption Fees. Hyland will invoice for any Consumption Fees, monthly in arrears, promptly upon the end of the month to which such Consumption Fees relate. Consumption Fees will be due for a month if at any time during such month the amount of Customer Data stored in the Hyland Cloud Service exceeds Customer’s then-current data storage allocation.
3.3 Add-On Services. If Customer subscribes to an Add-On Service, the fees for such Add-On Service will be invoiced on a periodic basis, in advance, and Customer shall pay such invoices in accordance with the General Terms Schedule unless otherwise stated on an Order Form. Some Add-On Services may be priced on a volume basis, for which Add-On Services fees may be invoiced in arrears based on the applicable volume usage. Add-On Services may be subject to additional terms.
3.4 Other Fees. If, upon mutual agreement of the parties, Hyland provides any other services or deliverables that are not covered by the fees and charges described herein, Hyland will invoice for such other fees or charges based upon Hyland’s then current list prices or the pricing that the parties have mutually agreed upon in connection with such other services or deliverables.
4. U.S. GOVERNMENT END USERS. To the extent applicable to Customer, the terms and conditions of the Agreement shall pertain to the U.S. Government’s use and/or disclosure of the Software, Add-On Services, and the Hyland Cloud Service, as the case may be, and shall supersede any conflicting contractual terms or conditions. By accepting the terms of the Agreement and/or the Delivery of the Software, Add-On Services and Hyland Cloud Service, as the case may be, the U.S. Government hereby agrees that the Software, including the Hosted 3rd Party Software included in the Hyland Cloud Service, and Add-On Services, as the case may be, qualify as “commercial” computer software within the meaning of ALL U.S. federal acquisition regulation(s) applicable to this procurement and that the Software and Add-On Services are developed exclusively at private expense. If this license fails to meet the U.S. Government’s needs or is inconsistent in any respect with Federal law, the U.S. Government agrees to return this Software, Add-On Services or Hyland Cloud Service, as the case may be, to Hyland. In addition to the foregoing, where DFARS is applicable, use, modification, reproduction, release, display, or disclosure of the Software, Add-On Services and Hyland Cloud Service, or Documentation, as the case may be, by the U.S. Government is subject solely to the terms of the Agreement, as stated in DFARS 227.7202, and the terms of the Agreement shall supersede any conflicting contractual term or conditions.
5. HYLAND CLOUD SERVICE SUPPORT.
5.1 Hyland Cloud Service Support Terms. Hyland will provide Hyland Cloud Service Support in accordance with this Section and the Support Prioritization Attachment.
(a) Technical Support Services. Hyland will provide telephone or online technical support related to problems reported by Customer and associated with the operation of the Hyland Cloud Service, including assistance and advice related to the operation of the Hyland Cloud Service.
(b) Error Correction Services. With respect to any issues or errors in the Hyland Cloud Service which are reported by Customer and which are confirmed by Hyland, Hyland will use its reasonable efforts to correct such issue or error, which may be effected by a reasonable workaround. Hyland shall promptly commence to confirm any reported issues or errors after receipt of a proper report of such suspected issue or error from Customer in accordance with the Support Prioritization Attachment. Hyland may elect to correct the issue or error by updating or upgrading the applicable component of the Hyland Cloud Service to a new build or version.
(c) Reporting Policies and Procedures Applicable to Technical Support Services and Error Correction Services.
(i) Customer Reporting Requirements. When requesting Hyland Cloud Service Support, Customer will submit such requests through Hyland’s secure end user website, the details of which will be separately provided to Customer. Once such request is submitted through the end user website, Customer may call for a Level 1 or Level 2 Severity Level (support numbers are available through Hyland’s secure end user website). In the case of reporting a problem, issue, or error with the Hyland Cloud Service, Customer will provide Hyland with as much information and access to systems as reasonably possible to enable Hyland to investigate and attempt to identify and verify the problem, issue or error. Customer will work with Hyland support personnel during the problem isolation process, as reasonably needed. Customer will notify Hyland of any configuration changes it has made to the Hyland Cloud Service, such as workflow configuration changes, network installation/expansion, integrations, upgrades, relocations, etc.
(ii) Hyland Response Procedures. Hyland shall respond to all reports in accordance with the Support Prioritization Attachment. Hyland: (A) will respond based on the confirmed severity level; (B) may reclassify severity levels as it learns information about such problems, issues or errors during the resolution process; and (C) obligations for a reported issue or error concludes upon delivery of a Resolution in accordance with the Support Prioritization Attachment.
(d) Software Upgrades and Enhancements. Hyland will provide, in accordance with Hyland’s then current policies, as set forth from time to time on Hyland’s secure end user web site (currently www.hyland.com/community), all Upgrades and Enhancements, if and when released during the term of the Agreement.
(e) Update, Upgrade, Change or Replacement of Components of the Hyland Cloud Service. Hyland may update or upgrade the build or version of the Software used in the Hyland Cloud Service from time to time at Hyland’s expense. Hyland also may change, replace, update or upgrade the Hyland Cloud Platform from time to time. Customer agrees to collaborate with Hyland and assist Hyland in connection with the completion of installation and testing of any update or upgrade related to the Hyland Cloud Service. Notwithstanding the foregoing, Customer acknowledges that it is Customer’s responsibility to ensure that Customer is running a Cloud Compatible Version of the Software in accordance with Hyland’s Cloud Software Version Policy available at Hyland’s end user website (currently, community.hyland.com); Customer’s failure to comply with Hyland’s Cloud Software Version Policy shall be considered a material breach of the Agreement.
Customer acknowledges and agrees that for regulatory compliance purposes, Customer may be required to engage Hyland under a Services Proposal to implement Upgrades and Enhancements to a regulated product. If Hyland offers a self-service option for implementing Upgrades and Enhancements to a regulated product, and the Customer chooses this option, Customer agrees to comply with the training, reporting, and documentation requirements established by Hyland to ensure that the implementation is performed and documented as required by applicable regulations.
5.2 Exclusions. Hyland is not responsible for providing, or obligated to provide, Hyland Cloud Service Support: (1) in connection with any errors, defects or problems that result in whole or in part from any alteration, revision, change, enhancement or modification of any nature of the Hyland Cloud Service or from any error or defect in any configuration of any component of the Hyland Cloud Service, which activities in any such case were undertaken by any party other than Hyland or a party retained by Hyland; (2) in connection with any error or defect or problem in any other component of the Hyland Cloud Service if Hyland has previously made available corrections for such error or defect which Customer fails to implement; (3) in connection with any errors, defects or problems which have been caused by errors, defects, problems, alterations, revisions, changes, enhancements or modifications in any software, hardware or system or networking which is not a part of the Hyland Cloud Service; (4) if any party other than Hyland, or an authorized subcontractor specifically selected by Hyland, has provided any services in the nature of Hyland Cloud Service Support to Customer with respect to the Hyland Cloud Service; or (5) in connection with any questions related to the operation or use of the Software application programming interfaces (APIs); or in connection with any errors, defects or problems with Work Products (as defined in the Professional Services Schedule). Support relating to Work Products and the operation or use of APIs may be provided, on a case-by-case basis, as mutually agreed to in an applicable Services Proposal which outlines Professional Services for such support activities.
5.3 Professional Services. Customer agrees that the Professional Services Terms, available at https://legal.hyland.com/Customer-Legal-Center#professional-services-schedule shall apply to all Professional Services (as that term is defined in the Professional Services Terms) provided by Hyland for Customer.
6. SECURITY. During the term of the Agreement, Hyland shall maintain a security program which shall conform to the SaaS Security Attachment.
7. CERTAIN RESPONSIBILITIES AND OBLIGATIONS OF CUSTOMER.
7.1 Customer Responsibilities. In connection with the relationship established between Customer and Hyland under the Agreement:
(a) except as otherwise expressly permitted under the terms of the Agreement, Customer will not permit or authorize any third parties (such as persons or legal entities) to use the Hyland Cloud Service;
(b) Customer will comply with Hyland’s Acceptable Use Policy, as in effect from time to time, a copy of the current form of which is attached hereto as the Acceptable Use Policy Attachment;
(c) Customer is responsible for all Users use and all access through Customer and its Users of the Hyland Cloud Service and compliance with the Agreement, including, but not limited to, (i) setting-up User log-in accounts/credentials (e.g. user names, passwords, tokens, etc.) to the Hyland Cloud Service and immediately revoking User accounts/credentials when User no longer requires access to the Hyland Cloud Service, and (ii) shall not permit Users to share log-in accounts/credentials;
(d) Customer has sole responsibility for the accuracy, quality, content and legality of all Customer Data;
(e) Customer shall prohibit unauthorized access to, or use of, the Hyland Cloud Service and shall notify Hyland promptly of any such unauthorized access or use by contacting Customer’s Hyland technical support contact or another contact notified to Customer in writing (which may be via email or posted on Hyland’s secure end user web site (currently www.hyland.com/community)).
(f) Customer understands and agrees: (i) it has an independent duty to comply with any and all laws applicable to it, (ii) its use of the Hyland Cloud Service and compliance with any terms and conditions under the Agreement does not constitute compliance with any law, (iii) it shall make use of available Hyland Cloud Service security features and controls to properly transmit, store, process and provide access to Customer Data and (iv) it shall use the tools and reporting capabilities made available in the Hyland Cloud Service to monitor and confirm Customer Data processing, such as batch processing of electronic documents uploaded to the Hyland Cloud Service.
(h) Customer may give any of its Users the rights to act as a system administrator, through the configuration tools included in the Software for the Hyland Cloud Service. Hyland has no responsibility or obligations in connection with Customer’s internal management or administration of Customer’s Hyland Cloud Service.
7.2 Customer Internet Connection. Customer is responsible for obtaining and maintaining all software, hardware (including without limitation network systems), telephonic or other communications circuits, and Internet Service Provider relationships that are necessary or appropriate for Customer to properly access and use the Hyland Cloud Service. Hyland shall have no responsibility or liability under the Agreement for any unavailability or failure of, or nonconformity or defect in, the Hyland Cloud Service that is caused by or related in any manner to any failure of Customer to obtain and maintain all such software, hardware, equipment and relationships.
8. LIMITED WARRANTIES.
8.1 Hyland Cloud Service Limited Warranty. Hyland warrants to Customer that during the term of the Agreement the Hyland Cloud Service will function in all material respects as described in the Documentation. The terms of this warranty shall not apply to, and Hyland shall have no liability for any non-conformity related to, the Hyland Cloud Service if: (i) any component of the Hyland Cloud Service has been modified, misused or abused by Customer or a third party, (ii) any such non-conformity arises from or is related to problems within or impacting Customer’s computing environment, including any Customer third party software applications, hardware, network or internet connectivity, or (iii) if the Hyland Cloud Service is used in combination with equipment or software other than that which is provided by Hyland or is consistent with the Documentation.
8.2 Hyland Cloud Service Warranty Remedy. Hyland’s sole obligation, and Customer’s sole and exclusive remedy, for any non-conformities to the express limited warranties granted by Hyland under this Section shall be as follows: provided that Customer notifies Hyland in writing of the non-conformity, Hyland will either (a) correct the non-conforming component of the Hyland Cloud Service, which may include the delivery of a reasonable workaround for the non-conformity; or (b) if Hyland determines that correcting the non-conformity is not practicable, then terminate the Agreement with respect to the non-conforming component, in which event, upon compliance by Customer with its obligations under the Agreement, Hyland will refund or cause to be refunded to Customer the “unused portion of prepaid SaaS Fees” (as defined below) paid by Customer and attributable to the non-conforming component. The “unused portion of the prepaid SaaS Fees” shall mean an amount equal to the total SaaS Fees paid by Customer for the non-conforming portion of the Hyland Cloud Service for the then current term (or applicable twelve-month period within the Initial Term) during which such removal occurs, multiplied by a fraction, the numerator of which shall be the number of full calendar months remaining during the term (or applicable twelve-month period within the Initial Term) during which such removal occurs, and the denominator of which shall be twelve (12).
8.3 Customer Limited Warranty. Customer represents and warrants to Hyland that: (a) Customer and its Users are the legal custodian of the Customer Data and it has the right and authority to use the Hyland Cloud Service in connection with all Customer Data and other materials hereunder; (b) Customer will use reasonable efforts to ensure that any Customer Data submitted to Hyland via electronic media will be free of viruses; and (c) anyone submitting Customer Data to Hyland for use in connection with the Hyland Cloud Service or Professional Services (if any) has the legal authority to do so, either through ownership of the Customer Data or by obtaining appropriate authorizations therefor, and that submission of Customer Data does not violate any contracts, agreements, or any applicable law. Customer is responsible for all Customer Data that is submitted to Hyland for use in connection with the Hyland Cloud Service or Professional Services (if any).
9. INFRINGEMENT INDEMNIFICATION.
9.1 Generally. Hyland agrees to indemnify Customer against all liability and expense, including reasonable attorneys’ fees, arising from or in connection with any third party claim, action or proceeding instituted against Customer based upon any infringement or misappropriation by the Hyland Cloud Service of any patent, registered copyright or registered trademark of a third party, provided that Hyland: (a) is notified promptly after Customer receives notice of such claim; (b) is solely in charge of the defense of and any settlement negotiations with respect to such claim, provided, that Hyland will not settle any such claim without the prior written consent of Customer if such settlement contains a stipulation to or admission or acknowledgement of any liability or wrongdoing on the part of the Customer or otherwise requires payment by Customer; (c) receives Customer’s reasonable cooperation in the defense or settlement of such claim; and (d) has the right, upon either the occurrence of or the likelihood (in the opinion of Hyland) of the occurrence of a finding of infringement or misappropriation, either to procure for Customer the right to continue use of the Hyland Cloud Service, or to replace the relevant portions of the Hyland Cloud Service with other equivalent, non-infringing portions. If Hyland is unable to accomplish either of the options set forth in the preceding sentence, Hyland shall terminate the Agreement upon thirty (30) days advance written notice to Customer and refund to Customer the “unused portion of prepaid SaaS Fees” (as defined below) paid during the then current term (or applicable twelve-month period within the Initial Term). For these purposes, the “unused portion of prepaid SaaS Fees” shall mean an amount equal to the total SaaS Fees paid by Customer for the term (or applicable twelve-month period within the Initial Term) during which termination occurs, multiplied by a fraction, the numerator of which shall be the number of full calendar months remaining during the term (or applicable twelve-month period within the Initial Term) during which such termination occurs, and the denominator or which shall be twelve (12). Notwithstanding anything to the contrary, Hyland shall have no obligation to indemnify Customer against any claims made against Customer and otherwise described in this Section that arise from: (v) any Customer Data; (w) use of the Hyland Cloud Service other than as expressly permitted herein; (x) the combination of the Hyland Cloud Service or any component thereof with any product not furnished by Hyland; (y) the modification or addition of any component of the Hyland Cloud Service, other than by Hyland or any of its authorized channel partners specifically retained by Hyland to provide such modification or addition; or (z) the Customer’s business methods or processes.
9.2 THIS SECTION STATES HYLAND’S ENTIRE LIABILITY AND THE SOLE AND EXCLUSIVE REMEDY OF CUSTOMER WITH RESPECT TO ANY ALLEGED INFRINGEMENT OR MISAPPROPRIATION OF INTELLECTUAL PROPERTY OR PROPRIETARY PROPERTY BY THE HYLAND CLOUD SERVICE.
10. LIABILITY FOR CUSTOMER DATA INCIDENTS.
10.1 NOTWITHSTANDING ANYTHING TO THE CONTRARY, IN THE CASE OF A CUSTOMER DATA INCIDENT (AS DEFINED IN THIS SCHEDULE), THE FOLLOWING SHALL APPLY IN LIEU OF THE LIABILITY CAP IN SECTION 6 OF THE GENERAL TERMS SCHEDULE: THE MAXIMUM LIABILITY OF HYLAND (INCLUDING ITS AFFILIATES AND SUPPLIERS) ARISING OUT OF OR RELATED TO THE AGREEMENT OR THE PRODUCTS OR SERVICES PROVIDED UNDER IT FOR A CUSTOMER DATA INCIDENT (AS DEFINED IN THIS SCHEDULE), WHETHER IN CONTRACT OR TORT (INCLUDING NEGLIGENCE), OR ANY OTHER LEGAL OR EQUITABLE THEORY, SHALL IN NO EVENT EXCEED, IN THE AGGREGATE, ALL FEES AND CHARGES ACTUALLY PAID BY CUSTOMER TO HYLAND (LESS ANY REFUNDS OR CREDITS) UNDER THE AGREEMENT DURING THE TWELVE (12) MONTH PERIOD IMMEDIATELY PRECEDING THE CUSTOMER DATA INCIDENT MULTIPLIED BY THE NUMBER INDICATED IN THE TABLE BELOW BASED ON CUSTOMER’S SERVICE CLASS AT THE TIME OF THE CUSTOMER DATA INCIDENT.
Service Class | Multiplier |
Silver | 1 |
Gold | 2 |
Platinum | 3 |
Double Platinum | 4 |
10.2 Notwithstanding Section 6.1 of the General Terms Schedule, and subject to Section 10.1 of this Schedule, in the event of a Customer Data Incident, Hyland shall pay the reasonable and documented costs incurred by Customer in connection with the following items: (a) providing notification of the Customer Data Incident to applicable government and relevant industry self-regulatory agencies, to the media and to individuals whose personal data may have been accessed or acquired, where required by law; and (b) providing credit monitoring service (where such service addresses the harm caused by the Customer Data Incident) to individuals who elect to receive such credit monitoring service and whose personal data may have been accessed or acquired, for a period of one year after the date on which such individuals were notified of the unauthorized access or acquisition.
11. TRANSITION PERIOD. Except in the case of termination due to Customer’s breach of the Agreement, upon Customer’s request, Hyland will use good faith efforts to enter into an amendment or Services Proposal pursuant to which Customer may continue to access the Hyland Cloud Service pursuant to the terms of the Agreement for a period following the expiration or termination of the Agreement (the “Transition Period”). Any such amendment or Services Proposal shall be subject to Customer’s payment of mutually agreed upon fees, including SaaS Fees, Consumption Fees and any fees for Professional Services related to such Transition Period.
12. COMPLIANCE WITH LAWS. Subject to the Term and Termination provisions, Hyland agrees to comply in all material respects with all laws applicable to Hyland in its performance of services under the Agreement.
13. ADDITIONAL TERMS AND CONDITIONS. If Hyland is a Hyland company set forth below, the additional or alternative terms and conditions set forth on the applicable Additional Terms Exhibit shall apply:
| Hyland Company | Additional Terms Exhibit |
| Hyland Software Brasil LTDA. Hyland Software Germany GmbH | Exhibit A Exhibit B |
14. CONTROLLING LANGUAGE. Hyland may make other versions of this SaaS Schedule available in other languages at this online location. This English language version of this SaaS Schedule controls over any version of the SaaS Schedule made available at this online location in another language if the Incorporating Document is in English. If the Incorporating Document is in a language other than English (such language, the “Other Language”), but this SaaS Schedule is not made available at this online location in the Other Language, this English language version controls over any other version of the SaaS Schedule that may be made available at this online location in another language.
Exhibit A
Hyland Software Brasil LTDA Additional Terms Exhibit
If Hyland is Hyland Software Brasil LTDA this Exhibit A shall apply:
- The SaaS Fees Section of this SaaS Schedule shall be replaced in its entirety as follows:
Customer shall pay SaaS Fees to Hyland for the Hyland Cloud Service in such amounts as are invoiced by Hyland; provided, that during the first year of the Initial Term, Customer shall pay SaaS Fees to Hyland for the Hyland Cloud Service as initially composed in accordance with the initial Order Form. Hyland will adjust the SaaS Fees annually on each anniversary of the Effective Date by the last known accumulated value of IPCA at the time Hyland issues the invoice for SaaS Fees. For all purposes, “IPCA” means the Índice de Preços para o Consumidor Amplo, as measured by IBGE, or any index created to replace this index. Hyland will invoice Customer on or after the Effective Date for SaaS Fees for the first year of the Initial Term. For any subsequent years, Hyland will invoice Customer for SaaS Fees prior to the beginning of such year, and such invoice shall be due and payable by Customer to Hyland in full in accordance with the General Terms Schedule. In the event Customer adds Software for the Hyland Cloud Service, Hyland will invoice Customer for SaaS Fees for such additional Software on a prorated basis upon Hyland’s acceptance of the purchase order for such additional Software. Thereafter, SaaS Fees relating to such additional Software shall be included in the subsequent invoices issued with respect to the existing licensed Software.
Exhibit B
Hyland Software Germany GmbH Additional Terms Exhibit
If Hyland is Hyland Software Germany GmbH this Exhibit B shall apply:
Customer agrees to indemnify and hold harmless Hyland from any third-party claim arising out of Customer's culpable breach of this Section with regard to the use of the Software and/or Hyland Cloud Service in connection with any High Risk Use.
Any statutory rights of the Customer regarding any damages resulting from the breach of the above Software warranty shall remain unaffected subject to the express terms of the Agreement. Warranty for only insignificant reductions in the suitability of the performance is excluded. The strict liability according to Sec. 536a (1) of German Civil Code for defects that already existed at the time of conclusion of this SaaS Schedule is excluded.
NOTWITHSTANDING ANYTHING TO THE CONTRARY, IN THE CASE OF A CUSTOMER DATA INCIDENT (AS DEFINED IN THIS SCHEDULE), THE FOLLOWING SHALL APPLY IN LIEU OF THE LIMITATION OF LIABLITY IN THE GENERAL TERMS SCHEDULE (EXCEPT WHERE HYLAND'S LIABILITY IS UNLIMITED PURSUANT TO THE GENERAL TERMS SCHEDULE): THE MAXIMUM LIABILITY OF HYLAND (INCLUDING ITS AFFILIATES AND SUPPLIERS) ARISING OUT OF OR RELATED TO THIS AGREEMENT OR THE PRODUCTS OR SERVICES PROVIDED UNDER IT FOR A CUSTOMER DATA INCIDENT (AS DEFINED IN THIS SCHEDULE), WHETHER IN CONTRACT OR TORT (INCLUDING NEGLIGENCE), OR ANY OTHER LEGAL OR EQUITABLE THEORY, SHALL IN NO EVENT EXCEED, IN THE AGGREGATE, ALL FEES AND CHARGES ACTUALLY PAID BY CUSTOMER TO HYLAND (LESS ANY REFUNDS OR CREDITS) UNDER THE AGREEMENT DURING THE TWELVE (12) MONTH PERIOD IMMEDIATELY PRECEDING THE CUSTOMER DATA INCIDENT MULTIPLIED BY THE NUMBER INDICATED IN THE TABLE BELOW BASED ON CUSTOMER’S SERVICE CLASS AT THE TIME OF THE CUSTOMER DATA INCIDENT.
The most current version of this page shall be such in effect as of 12:00am EST of the date stamped on such online version.
Confidential - Ó 2023 Hyland Software, Inc.
Effective October 4th 2023 to February 13th 2024
DownloadTable of Contents
SOFTWARE-AS-A-SERVICE SCHEDULE
This Software-As-A-Service Schedule (this “SaaS Schedule”) is part of the Master Agreement, Order Form or other agreement or document entered into between Customer and Hyland, which incorporates this SaaS Schedule by reference (the “Incorporating Document”). As used herein, the “Agreement” means the Incorporating Document, inclusive of this SaaS Schedule, and any other agreement within which the Incorporating Document is incorporated.
DEFINED TERMS
All capitalized terms used in this SaaS Schedule shall have the meaning ascribed them in this SaaS Schedule or, if not defined in this SaaS Schedule, the General Terms Schedule. If any capitalized terms used herein are not defined in this SaaS Schedule or the General Terms Schedule, they shall have the meaning ascribed to them elsewhere in the Agreement. In the event the same defined term is defined in two (2) or more Schedules, the term shall be given the meaning defined in each Schedule with respect to that Schedule, and, if the term is also used within this Schedule, this Schedule shall be interpreted to include all definitions, as the context requires.
“Consumption Fees” means the amounts payable by Customer for storage of data and information in the Hyland Cloud Service in excess of the data storage allocation set forth in the initial Order Form for the Hyland Cloud Service.
“Customer Data” means any and all electronic data and information submitted by Customer or Users to the Hyland Cloud Service.
“Customer Data Incident” means an unauthorized disclosure of Customer Data resulting from Hyland’s failure to comply with the SaaS Security Attachment. Without limitation, Customer Data Incident does not include any of the following that results in no unauthorized access to Customer Data or to any Hyland’s systems storing Customer Data: (a) pings and other broadcast attacks on firewalls or edge servers; (b) port scans; (c) unsuccessful log-on attempts; (d) denial of service attacks; or (e) packet sniffing (or other unauthorized access to traffic data that does not result in access beyond IP addresses or headers).
“Documentation” means: (a) to the extent available, the “Help Files” included in the Hyland Cloud Service, or (b) if no such “Help Files” are included in the Hyland Cloud Service, such other documentation published by Hyland, in each case, which relate to the functional, operational or performance characteristics of the Hyland Cloud Service.
“Host Web Site” means the web site hosted by Hyland as part of the Hyland Cloud Service on a web server included in the Hyland Cloud Platform used to access the Hyland Cloud Service, through which the Customer will access the Software and Customer Data stored using the Software.
“Hyland Cloud Service Support” means the services described in this SaaS Schedule.
“Hosted 3rd Party Software” means all third party software products (other than third party software products bundled by Hyland as a part of the Software) provided by Hyland as part of the Hyland Cloud Service, along with the associated documentation.
“Hyland Cloud Platform” means the Physical Infrastructure and any composite software layers such as databases, operating systems, virtualization technology, Hosted 3rd Party Software, and Host Web Site, responsible for providing the Hyland Cloud Service, whether owned by Hyland or a third party.
“Hyland Cloud Service” means Hyland’s provision of Software and the Hyland Cloud Platform for use by Customer.
“Initial Term” means, unless otherwise defined in the General Terms Schedule, and as used in this SaaS Schedule, (a) the initial term for which Customer has purchased products or services governed by this SaaS Schedule as set forth on the Incorporating Document for such product or service; or (b) if an initial term is not set forth as described in (a), the three (3) year period that begins on the date of Hyland’s acceptance of the applicable purchase order.
“Order Form” means, unless otherwise defined in the General Terms Schedule, and as used in this SaaS Schedule, an Incorporating Document (or a Purchase Table included in an Incorporating Document) describing the Software or other products or services purchased, associated fees, and other terms agreed to by the parties.
“Physical Infrastructure” means the physical hardware and infrastructure which Hyland uses to provide the Hyland Cloud Service (which may include servers, network devices, cabling, CPU, data centers, memory, storage, switches, firewalls, routers and other network devices) whether owned by Hyland or a third party services provider.
“Resolution” means Hyland provides Customer with a reasonable workaround, correction, or modification that solves or mitigates a reported Hyland Cloud Service issue or error.
“SaaS Fees” means the amounts invoiced by Hyland and payable by Customer to Hyland for the use of the Hyland Cloud Service. The initial SaaS Fees are set forth in the initial Order Form.
“SaaS Security Attachment” means the document available at https://legal.hyland.com/Customer-Legal-Center#saas-security-attachment. The SaaS Security Attachment describes Hyland's current security processes and procedures. These processes and procedures may be updated from time to time, but will not be materially reduced.
“Service Class” means the applicable service level commitment purchase by Customer, as described in the Service Class Manual.
“Service Class Manual” means the latest version of the manual describing any available Service Classes, as posted by Hyland from time to time on a website designated by Hyland.
“Support Prioritization Attachment” is the document available at https://legal.hyland.com/Customer-Legal-Center#maintenance-and-support-prioritization-attachment.
“Testing Environment” means a separate instance of the Hyland Cloud Service (including Customer Data) hosted by Hyland, for use by Customer solely with production data in a non-production environment for the limited purpose of functional and performance testing of the Software and environment, Hosted 3rd Party Software and each Work Product included in the Hyland Cloud Service.
“Testing Lite Environment” means a separate instance of the Hyland Cloud Service (including Customer Data) hosted by Hyland, for use by Customer solely with production data in a non-production environment for the limited purpose of functional testing of the Software and environment, Hosted 3rd Party Software and each Work Product included in the Hyland Cloud Service.
“Upgrades and Enhancements” means any and all new versions, improvements, modifications, upgrades, updates, fixes and additions to Software that Hyland makes available to its end users generally during the term of this Schedule to correct Errors or deficiencies or enhance the capabilities of the Software, together with updates of the Documentation to reflect such new versions, improvements, modifications, upgrades, fixes or additions; provided, however, that the foregoing shall not include new, separate product offerings, new modules or re-platformed Software.
“Users” means: (i) employees of Customer and its Authorized Affiliate(s) that access and use the Hyland Cloud Service; and (ii) any additional users to which Customer is authorized to provide access to the Hyland Cloud Service as expressly agreed in writing between the parties.
1. HYLAND CLOUD SERVICE.
1.1 General. During the term of the Agreement Hyland will: (a) make the Hyland Cloud Service available to Customer pursuant to the Agreement, the SaaS Security Attachment, Documentation and the applicable Service Class Manual; and (b) only use Customer Data to provide, develop, and improve the Hyland Cloud Service and other services, to prevent or address service or technical problems, or in accordance with Customer’s instructions.
1.2 Service Class. Prior to or on the Effective Date, Hyland has delivered a then-current copy of the applicable Service Class Manual to Customer. After the Effective Date, Hyland will have the right to modify the applicable Service Class Manual (including the right to issue an entirely restated Service Class Manual) from time to time. The modifications or the revised Service Class Manual will be effective thirty (30) days after Hyland provides written notice to Customer informing Customer of Hyland’s posting of such modifications or revisions on the website identified in such notice. Notwithstanding the foregoing, no modifications of any Service Class Manual relating to Customer’s then-current Service Class will be effective until the next renewal of the Agreement. The initial Service Class purchased by Customer is set forth in the initial Order Form. To the extent Service Class upgrades or downgrades are available related to the Hyland Cloud Service purchase by Customer, Customer may upgrade the Service Class at any time, but may downgrade such Service Class only after the expiration of the Initial Term of the Agreement. In the event Customer elects to downgrade such Service Class, such downgrade will not be effective until the beginning of the next renewal of the Agreement. To modify a Service Class selection, Customer must submit a purchase order indicating the new Service Class.
1.3 Return of Customer Data and Deletion. In connection with any termination or expiration of the Agreement for any reason, Hyland will send a notice to Customer (which notice may be by email to the last known Customer contact) (the “Data Extraction Notice”), advising Customer that the Customer Data will remain accessible for a period of thirty (30) days after the date of such Data Extraction Notice, during which period Customer may extract such Customer Data. If Customer desires assistance with Customer Data extraction, Hyland may provide such services subject to the execution of a mutually agreed upon Services Proposal. Customer acknowledges and agrees that thirty (30) days after the date of such Data Extraction Notice, Hyland shall have no obligation to maintain or provide any Customer Data and shall thereafter, unless legally prohibited, delete all Customer Data from all of Hyland’s datacenters, including all replicated copies.
1.4 Hyland customers may license some Software provisioned by Hyland as part of the Hyland Cloud Service, and other Software which is implemented only on the customer’s premise (or a third party cloud other than the Hyland Cloud Platform), such as Hyland RPA (“On-Premise Software”). For clarity, if Customer licenses On-Premise Software from Hyland, this Agreement or Schedule (as the case may be) does not apply to such On-Premise Software.
2. GRANT OF RIGHTS AND PROHIBITED CONDUCT.
2.1 Hyland Cloud Service Use Grant. During the term of the Agreement, Hyland grants to Customer a revocable, non-exclusive, non-assignable (except as otherwise expressly provided herein), limited right to use the Hyland Cloud Service as provided by Hyland, and the associated Documentation, solely for use by Customer and its Users for the internal business purposes of Customer, and only for capturing, storing, processing and accessing Customer’s data.
The Hyland Cloud Service is for use by Customer and its Users and may not be used for processing of third-party data as a service bureau, application service provider or otherwise. Customer and its Users shall not make any use of the Hyland Cloud Service in any manner not expressly permitted by the Agreement or SaaS Schedule (as the case may be). Customer acknowledges that it and its Users may only access Customer Data via the Hyland Cloud Service and shall only access the Hyland Cloud Service in a manner consistent with the Agreement or SaaS Schedule (as the case may be) and the Documentation. Use of software or hardware that reduces the number of users directly accessing or utilizing the Hyland Cloud Service (e.g. by using “bots” or “multiplexing” or “pooling” software or hardware) does not reduce the number of users accessing the Hyland Cloud Services for purposes of calculating the number of users, as the required number of users would equal the number of distinct inputs to such software or hardware (e.g. to such “bots” or “multiplexing” or “pooling” software or hardware). Customer is prohibited from using any software (including bots) other than the Software client modules or a Software application programming interface (API) to access the Hyland Cloud Service or any data stored in the Software database for any purpose other than generating reports or statistics regarding system utilization, unless Hyland has given its prior written consent to Customer’s use of such other software and Customer has paid the required fees with respect to such access. Customer further acknowledges that all components of the Hyland Cloud Service made available by Hyland, including any components downloaded or installed locally on Customer’s or Users’ systems, are solely for use with the Hyland Cloud Service and are not intended to be used on a stand-alone basis.
2.2 Volume Use Restriction. There are certain Software products that Hyland makes available and which Customer may purchase for use as part of the Hyland Cloud Service that are volume-based and may: (a) no longer function if applicable volume limits have been exceeded; (b) require Customer to pay additional fees based on Customer’s volume usage; or (c) include functionality which monitors or tracks Customer usage and reports that usage. Customer may not circumvent or attempt to circumvent this restriction by any means, including but not limited to changing the computer calendars.
2.3 Test Environments. Customer may purchase limited access to Testing Environments or Testing Lite Environments, or both. Hyland agrees that the security measures described in the SaaS Security Attachment are also applied to the Testing Environment and Testing Lite Environment. Hyland reserves the right to further define the permitted use(s) and/or restrict the use(s) of the Testing Environment and Testing Lite Environment. If, at any time, Customer is not satisfied with the Testing Environment or Testing Lite Environment, Customer’s sole and exclusive remedy shall be to stop using the Testing Environment or Testing Lite Environment.
2.4 No High Risk Use. The Software and/or any Hyland Cloud Services are not fault-tolerant and are not guaranteed to be error free or to operate uninterrupted. Such Software and/or Cloud Services are not designed or intended for use in any situation where failure or fault of any kind of the Software and/or Cloud Services could lead to death or serious bodily injury to any person, or to severe physical or environmental damage (“High Risk Use”). The Software and/or any Hyland Cloud Service is not licensed by Hyland to use in, or in conjunction with, High Risk Use. High Risk Use is STRICTLY PROHIBITED. High Risk Use includes, for example, the following: aircraft or other modes of human mass transportation, nuclear or chemical facilities, life support systems, implantable medical equipment, motor vehicles, or weaponry systems. High Risk Use does not include utilization of the Software or Cloud Services for administrative purposes, as an information resource for medical professionals, to store configuration data, engineering and/or configuration tools, or other non-control applications, the failure of which would not result in death, personal injury, or severe physical or environmental damage. These non-controlling applications may communicate with the applications that perform the control, but must not be directly or indirectly responsible for the control function. Customer agrees to indemnify and hold harmless Hyland from any third-party claim arising out of Customer's or its Contractors use of the Software and/or Cloud Services in connection with any High Risk Use.
2.5 Assessment. Hyland shall be permitted access to assess Customer’s use of the Hyland Cloud Service in order to determine Customer’s compliance with the grant of use and pricing terms of the Agreement and this SaaS Schedule, including, where applicable, to measure Customer’s volume usage. Customer shall reasonably cooperate with Hyland with respect to its performance of such assessment.
2.6 Third Party Services and Content. The Hyland Cloud Service may contain functionality which allows Customer to: (a) access, link or integrate the Hyland Cloud Service with Customer’s applications or applications or services provided by third parties and (b) access third party websites and content. Hyland has no responsibility for such applications or services, websites or content and shall have no responsibility for any disclosure, modification or deletion of Customer Data resulting from any such access or use by such applications or services. Any activities engaged in by Customer or any of its Users with such third parties using the Hyland Cloud Service is solely between Customer and such third party and Hyland has no liability, obligation or responsibility for any such activities. Hyland does not endorse any third party web sites, applications or services that may be linked or integrated through the Hyland Cloud Service. Hyland is not responsible for any third party content, products or materials purchased, accessed or used by Customer or its Users using the Hyland Cloud Service.
2.7 Acceptable Use Policy. Customer agrees to comply with the Acceptable Use Policy, available at https://legal.hyland.com/Customer-Legal-Center#acceptable-use-policy-attachment. Customer acknowledges that a violation of the Acceptable Use Policy shall be considered a Prohibited Act.
2.8 Ownership of Customer Data. As between Hyland and Customer, Customer owns Customer Data.
2.9 Customer Input and Suggestions. Hyland shall have a royalty-free, worldwide, perpetual, transferable, sub-licensable, and irrevocable license to use or incorporate into any of Hyland’s products or services, including the Hyland Cloud Services, any suggestions, enhancements, improvements, recommendations or any other feedback provided by Customer or its users, related to the operation or use of the Hyland Cloud Service.
3. PRICES, INVOICES AND PAYMENT.
3.1 SaaS Fees. Customer shall pay SaaS Fees to Hyland for the Hyland Cloud Service in such amounts as are invoiced by Hyland; provided, that during the Initial Term, Customer shall pay SaaS Fees to Hyland for the Hyland Cloud Service as initially composed in accordance with the initial Order Form. Hyland will invoice Customer on or after the Effective Date for SaaS Fees for the first year of the Initial Term. Following expiration of the Initial Term, Hyland may increase the SaaS Fees for the Hyland Cloud Service for any renewal period by up to ten percent (10%) of the previous year’s SaaS Fees. For any subsequent years, Hyland will invoice Customer for SaaS Fees prior to the beginning of such year, and such invoice shall be due and payable by Customer to Hyland in full in accordance with the General Terms Schedule. In the event Customer adds Software modules for the Hyland Cloud Service, Hyland will invoice Customer for SaaS Fees for such additional Software modules on a prorated basis upon Hyland’s acceptance of the purchase order for such additional Software modules. Thereafter, SaaS Fees relating to such additional Software shall be included in the subsequent invoices issued with respect to the existing licensed Software.
3.2 Consumption Fees. Hyland will invoice for any Consumption Fees, monthly in arrears, promptly upon the end of the month to which such Consumption Fees relate. Consumption Fees will be due for a month if at any time during such month the amount of Customer Data stored in the Hyland Cloud Service exceeds Customer’s then-current data storage allocation.
3.3 Add-On Services. If Customer subscribes to an Add-On Service, the fees for such Add-On Service will be invoiced on a periodic basis, in advance, and Customer shall pay such invoices in accordance with the General Terms Schedule unless otherwise stated on an Order Form. Some Add-On Services may be priced on a volume basis, for which Add-On Services fees may be invoiced in arrears based on the applicable volume usage. Add-On Services may be subject to additional terms.
3.4 Other Fees. If, upon mutual agreement of the parties, Hyland provides any other services or deliverables that are not covered by the fees and charges described herein, Hyland will invoice for such other fees or charges based upon Hyland’s then current list prices or the pricing that the parties have mutually agreed upon in connection with such other services or deliverables.
4. U.S. GOVERNMENT END USERS. To the extent applicable to Customer, the terms and conditions of the Agreement shall pertain to the U.S. Government’s use and/or disclosure of the Software, Add-On Services, and the Hyland Cloud Service, as the case may be, and shall supersede any conflicting contractual terms or conditions. By accepting the terms of the Agreement and/or the Delivery of the Software, Add-On Services and Hyland Cloud Service, as the case may be, the U.S. Government hereby agrees that the Software, including the Hosted 3rd Party Software included in the Hyland Cloud Service, and Add-On Services, as the case may be, qualify as “commercial” computer software within the meaning of ALL U.S. federal acquisition regulation(s) applicable to this procurement and that the Software and Add-On Services are developed exclusively at private expense. If this license fails to meet the U.S. Government’s needs or is inconsistent in any respect with Federal law, the U.S. Government agrees to return this Software, Add-On Services or Hyland Cloud Service, as the case may be, to Hyland. In addition to the foregoing, where DFARS is applicable, use, modification, reproduction, release, display, or disclosure of the Software, Add-On Services and Hyland Cloud Service, or Documentation, as the case may be, by the U.S. Government is subject solely to the terms of the Agreement, as stated in DFARS 227.7202, and the terms of the Agreement shall supersede any conflicting contractual term or conditions.
5. HYLAND CLOUD SERVICE SUPPORT.
5.1 Hyland Cloud Service Support Terms. Hyland will provide Hyland Cloud Service Support in accordance with this Section and the Support Prioritization Attachment attached hereto.
(a) Technical Support Services. Hyland will provide telephone or online technical support related to problems reported by Customer and associated with the operation of the Hyland Cloud Service, including assistance and advice related to the operation of the Hyland Cloud Service.
(b) Error Correction Services. With respect to any issues or errors in the Hyland Cloud Service which are reported by Customer and which are confirmed by Hyland, Hyland will use its reasonable efforts to correct such issue or error, which may be effected by a reasonable workaround. Hyland shall promptly commence to confirm any reported issues or errors after receipt of a proper report of such suspected issue or error from Customer in accordance with the Support Prioritization Attachment. Hyland may elect to correct the issue or error by updating or upgrading the applicable component of the Hyland Cloud Service to a new build or version.
(c) Reporting Policies and Procedures Applicable to Technical Support Services and Error Correction Services.
(i) Customer Reporting Requirements. When requesting Hyland Cloud Service Support, Customer will submit such requests through Hyland’s secure end user website, the details of which will be separately provided to Customer. Once such request is submitted through the end user website, Customer may call for a Level 1 or Level 2 Severity Level (support numbers are available through Hyland’s secure end user website). In the case of reporting a problem, issue, or error with the Hyland Cloud Service, Customer will provide Hyland with as much information and access to systems as reasonably possible to enable Hyland to investigate and attempt to identify and verify the problem, issue or error. Customer will work with Hyland support personnel during the problem isolation process, as reasonably needed. Customer will notify Hyland of any configuration changes it has made to the Hyland Cloud Service, such as workflow configuration changes, network installation/expansion, integrations, upgrades, relocations, etc.
(ii) Hyland Response Procedures. Hyland shall respond to all reports in accordance with the Support Prioritization Attachment. Hyland: (A) will respond based on the confirmed severity level; (B) may reclassify severity levels as it learns information about such problems, issues or errors during the resolution process; and (C) obligations for a reported issue or error concludes upon delivery of a Resolution in accordance with the Support Prioritization Attachment.
(d) Software Upgrades and Enhancements. Hyland will provide, in accordance with Hyland’s then current policies, as set forth from time to time on Hyland’s secure end user web site (currently www.hyland.com/community), all Upgrades and Enhancements, if and when released during the term of this SaaS Schedule.
(e) Update, Upgrade, Change or Replacement of Components of the Hyland Cloud Service. Hyland may update or upgrade the build or version of the Software used in the Hyland Cloud Service from time to time at Hyland’s expense. Hyland also may change, replace, update or upgrade the Hyland Cloud Platform from time to time. Customer agrees to collaborate with Hyland and assist Hyland in connection with the completion of installation and testing of any update or upgrade related to the Hyland Cloud Service. Notwithstanding the foregoing, Customer acknowledges that it is Customer’s responsibility to ensure that Customer is running a Cloud Compatible Version of the Software in accordance with Hyland’s Cloud Software Version Policy available at Hyland’s end user website (currently, community.hyland.com); Customer’s failure to comply with Hyland’s Cloud Software Version Policy shall be considered a material breach of the Agreement.
Customer acknowledges and agrees that for regulatory compliance purposes, Customer may be required to engage Hyland under a Services Proposal to implement Upgrades and Enhancements to a regulated product. If Hyland offers a self-service option for implementing Upgrades and Enhancements to a regulated product, and the Customer chooses this option, Customer agrees to comply with the training, reporting, and documentation requirements established by Hyland to ensure that the implementation is performed and documented as required by applicable regulations.
5.2 Exclusions. Hyland is not responsible for providing, or obligated to provide, Hyland Cloud Service Support: (a) in connection with any errors, defects or problems that result in whole or in part from any alteration, revision, change, enhancement or modification of any nature of the Hyland Cloud Service or from any error or defect in any configuration of any component of the Hyland Cloud Service, which activities in any such case were undertaken by any party other than Hyland or a party retained by Hyland; (b) in connection with any error or defect or problem in any other component of the Hyland Cloud Service if Hyland has previously made available corrections for such error or defect which Customer fails to implement; (c) in connection with any errors, defects or problems which have been caused by errors, defects, problems, alterations, revisions, changes, enhancements or modifications in any software, hardware or system or networking which is not a part of the Hyland Cloud Service; (d) if any party other than Hyland, or an authorized subcontractor specifically selected by Hyland, has provided any services in the nature of Hyland Cloud Service Support to Customer with respect to the Hyland Cloud Service; or (e) in connection with any questions related to the operation or use of the Software application programming interfaces (APIs); or in connection with any errors, defects or problems with Work Products (as defined in the Professional Services Schedule). Support relating to Work Products and the operation or use of APIs may be provided, on a case-by-case basis, as mutually agreed to in an applicable Services Proposal which outlines Professional Services for such support activities.
5.3 Professional Services. Customer agrees that the Professional Services Terms, available at https://legal.hyland.com/Customer-Legal-Center#professional-services-schedule shall apply to all Professional Services (as that term is defined in the Professional Services Terms) provided by Hyland for Customer.
6. SECURITY. During the term of the Agreement or this SaaS Schedule (as the case may be), Hyland shall maintain a security program which shall conform to the SaaS Security Attachment.
7. CERTAIN RESPONSIBILITIES AND OBLIGATIONS OF CUSTOMER.
7.1 Customer Responsibilities. In connection with the relationship established between Customer and Hyland under the Agreement:
(a) except as otherwise expressly permitted under the terms of the Agreement, Customer will not permit or authorize any third parties (such as persons or legal entities) to use the Hyland Cloud Service;
(b) Customer will comply with Hyland’s Acceptable Use Policy, as in effect from time to time, a copy of the current form of which is attached hereto as the Acceptable Use Policy Attachment;
(c) Customer is responsible for all Users use and all access through Customer and its Users of the Hyland Cloud Service and compliance with this SaaS Schedule and the Agreement, including, but not limited to, (i) setting-up User log-in accounts/credentials (e.g. user names, passwords, tokens, etc.) to the Hyland Cloud Service and immediately revoking User accounts/credentials when User no longer requires access to the Hyland Cloud Service, and (ii) shall not permit Users to share log-in accounts/credentials;
(d) Customer has sole responsibility for the accuracy, quality, content and legality of all Customer Data;
(e) Customer shall prohibit unauthorized access to, or use of, the Hyland Cloud Service and shall notify Hyland promptly of any such unauthorized access or use by contacting Customer’s Hyland technical support contact or another contact notified to Customer in writing (which may be via email or posted on Hyland’s secure end user web site (currently www.hyland.com/community)).
(f) Customer understands and agrees: (i) it has an independent duty to comply with any and all laws applicable to it, (ii) its use of the Hyland Cloud Service and compliance with any terms and conditions under this SaaS Schedule and the Agreement does not constitute compliance with any law, (iii) it shall make use of available Hyland Cloud Service security features and controls to properly transmit, store, process and provide access to Customer Data and (iv) it shall use the tools and reporting capabilities made available in the Hyland Cloud Service to monitor and confirm Customer Data processing, such as batch processing of electronic documents uploaded to the Hyland Cloud Service.
(h) Customer may give any of its Users the rights to act as a system administrator, through the configuration tools included in the Software for the Hyland Cloud Service. Hyland has no responsibility or obligations in connection with Customer’s internal management or administration of Customer’s Hyland Cloud Service.
7.2 Customer Internet Connection. Customer is responsible for obtaining and maintaining all software, hardware (including without limitation network systems), telephonic or other communications circuits, and Internet Service Provider relationships that are necessary or appropriate for Customer to properly access and use the Hyland Cloud Service. Hyland shall have no responsibility or liability under the Agreement for any unavailability or failure of, or nonconformity or defect in, the Hyland Cloud Service that is caused by or related in any manner to any failure of Customer to obtain and maintain all such software, hardware, equipment and relationships.
8. LIMITED WARRANTIES.
8.1 Hyland Cloud Service Limited Warranty. Hyland warrants to Customer that during the term of the Agreement the Hyland Cloud Service will function in all material respects as described in the Documentation. The terms of this warranty shall not apply to, and Hyland shall have no liability for any non-conformity related to, the Hyland Cloud Service if: (a) any component of the Hyland Cloud Service has been modified, misused or abused by Customer or a third party, (b) any such non-conformity arises from or is related to problems within or impacting Customer’s computing environment, including any Customer third party software applications, hardware, network or internet connectivity, or (c) if the Hyland Cloud Service is used in combination with equipment or software other than that which is provided by Hyland or is consistent with the Documentation.
8.2 Hyland Cloud Service Warranty Remedy. Hyland’s sole obligation, and Customer’s sole and exclusive remedy, for any non-conformities to the express limited warranties granted by Hyland under this Section shall be as follows: provided that Customer notifies Hyland in writing of the non-conformity, Hyland will either (a) correct the non-conforming component of the Hyland Cloud Service, which may include the delivery of a reasonable workaround for the non-conformity; or (b) if Hyland determines that correcting the non-conformity is not practicable, then terminate the with respect to the non-conforming component, in which event, upon compliance by Customer with its obligations under the Agreement, Hyland will refund or cause to be refunded to Customer the “unused portion of prepaid SaaS Fees” (as defined below) paid by Customer and attributable to the non-conforming component. The “unused portion of the prepaid SaaS Fees” shall mean an amount equal to the total SaaS Fees paid by Customer for the non-conforming portion of the Hyland Cloud Service for the then current term (or applicable twelve-month period within the Initial Term) during which such removal occurs, multiplied by a fraction, the numerator of which shall be the number of full calendar months remaining during the term (or applicable twelve-month period within the Initial Term) during which such removal occurs, and the denominator of which shall be twelve (12).
8.3 Customer Limited Warranty. Customer represents and warrants to Hyland that: (a) Customer and its Users are the legal custodian of the Customer Data and it has the right and authority to use the Hyland Cloud Service in connection with all Customer Data and other materials hereunder; (b) Customer will use reasonable efforts to ensure that any Customer Data submitted to Hyland via electronic media will be free of viruses; and (c) anyone submitting Customer Data to Hyland for use in connection with the Hyland Cloud Service or Professional Services (if any) has the legal authority to do so, either through ownership of the Customer Data or by obtaining appropriate authorizations therefor, and that submission of Customer Data does not violate any contracts, agreements, or any applicable law. Customer is responsible for all Customer Data that is submitted to Hyland for use in connection with the Hyland Cloud Service or Professional Services (if any).
9. INFRINGEMENT INDEMNIFICATION.
9.1 Generally. Hyland agrees to indemnify Customer against all liability and expense, including reasonable attorneys’ fees, arising from or in connection with any third party claim, action or proceeding instituted against Customer based upon any infringement or misappropriation by the Hyland Cloud Service of any patent, registered copyright or registered trademark of a third party, provided that Hyland: (a) is notified promptly after Customer receives notice of such claim; (b) is solely in charge of the defense of and any settlement negotiations with respect to such claim, provided, that Hyland will not settle any such claim without the prior written consent of Customer if such settlement contains a stipulation to or admission or acknowledgement of any liability or wrongdoing on the part of the Customer or otherwise requires payment by Customer; (c) receives Customer’s reasonable cooperation in the defense or settlement of such claim; and (d) has the right, upon either the occurrence of or the likelihood (in the opinion of Hyland) of the occurrence of a finding of infringement or misappropriation, either to procure for Customer the right to continue use of the Hyland Cloud Service, or to replace the relevant portions of the Hyland Cloud Service with other equivalent, non-infringing portions. If Hyland is unable to accomplish either of the options set forth in the preceding sentence, Hyland shall terminate the upon thirty (30) days advance written notice to Customer and refund to Customer the “unused portion of prepaid SaaS Fees” as defined below paid during the then current term (or applicable twelve-month period within the Initial Term). For these purposes, the “unused portion of prepaid SaaS Fees” shall mean an amount equal to the total SaaS Fees paid by Customer for the term (or applicable twelve-month period within the Initial Term) during which termination occurs, multiplied by a fraction, the numerator of which shall be the number of full calendar months remaining during the term (or applicable twelve-month period within the Initial Term) during which such termination occurs, and the denominator or which shall be twelve (12). Notwithstanding anything to the contrary, Hyland shall have no obligation to indemnify Customer against any claims made against Customer and otherwise described in this Section that arise from: (v) any Customer Data; (w) use of the Hyland Cloud Service other than as expressly permitted herein; (x) the combination of the Hyland Cloud Service or any component thereof with any product not furnished by Hyland; (y) the modification or addition of any component of the Hyland Cloud Service, other than by Hyland or any of its authorized channel partners specifically retained by Hyland to provide such modification or addition; or (z) the Customer’s business methods or processes.
9.2 THIS SECTION STATES HYLAND’S ENTIRE LIABILITY AND THE SOLE AND EXCLUSIVE REMEDY OF CUSTOMER WITH RESPECT TO ANY ALLEGED INFRINGEMENT OR MISAPPROPRIATION OF INTELLECTUAL PROPERTY OR PROPRIETARY PROPERTY BY THE HYLAND CLOUD SERVICE.
10. LIABILITY FOR CUSTOMER DATA INCIDENTS.
10.1 NOTWITHSTANDING ANYTHING TO THE CONTRARY, IN THE CASE OF A CUSTOMER DATA INCIDENT (AS DEFINED IN THIS SCHEDULE), THE FOLLOWING SHALL APPLY IN LIEU OF THE LIABILITY CAP IN SECTION 6 OF THE GENERAL TERMS SCHEDULE: THE MAXIMUM LIABILITY OF HYLAND (INCLUDING ITS AFFILIATES AND SUPPLIERS) ARISING OUT OF OR RELATED TO THE AGREEMENT OR THE PRODUCTS OR SERVICES PROVIDED UNDER IT FOR A CUSTOMER DATA INCIDENT (AS DEFINED IN THIS SCHEDULE), WHETHER IN CONTRACT OR TORT (INCLUDING NEGLIGENCE), OR ANY OTHER LEGAL OR EQUITABLE THEORY, SHALL IN NO EVENT EXCEED, IN THE AGGREGATE, ALL FEES AND CHARGES ACTUALLY PAID BY CUSTOMER TO HYLAND (LESS ANY REFUNDS OR CREDITS) UNDER THE AGREEMENT DURING THE TWELVE (12) MONTH PERIOD IMMEDIATELY PRECEDING THE CUSTOMER DATA INCIDENT MULTIPLIED BY THE NUMBER INDICATED IN THE TABLE BELOW BASED ON CUSTOMER’S SERVICE CLASS AT THE TIME OF THE CUSTOMER DATA INCIDENT.
Service Class | Multiplier |
Silver | 1 |
Gold | 2 |
Platinum | 3 |
Double Platinum | 4 |
10.2 Notwithstanding Section 6.1 of the General Terms Schedule, and subject to Section 10.1 of this Schedule, in the event of a Customer Data Incident, Hyland shall pay the reasonable and documented costs incurred by Customer in connection with the following items: (a) providing notification of the Customer Data Incident to applicable government and relevant industry self-regulatory agencies, to the media and to individuals whose personal data may have been accessed or acquired, where required by law; and (b) providing credit monitoring service (where such service addresses the harm caused by the Customer Data Incident) to individuals who elect to receive such credit monitoring service and whose personal data may have been accessed or acquired, for a period of one year after the date on which such individuals were notified of the unauthorized access or acquisition.
11. TRANSITION PERIOD. Except in the case of termination due to Customer’s breach of the Agreement, upon Customer’s request, Hyland will use good faith efforts to enter into an amendment or Services Proposal pursuant to which Customer may continue to access the Hyland Cloud Service pursuant to the terms of the Agreement for a period following the expiration or termination of the Agreement (the “Transition Period”). Any such amendment or Services Proposal shall be subject to Customer’s payment of mutually agreed upon fees, including SaaS Fees, Consumption Fees and any fees for Professional Services related to such Transition Period.
12. COMPLIANCE WITH LAWS. Subject to the Term and Termination provisions set forth above, Hyland agrees to comply in all material respects with all laws applicable to Hyland in its performance of services under this SaaS Schedule.
13. ADDITIONAL TERMS AND CONDITIONS. If Hyland is a Hyland company set forth below, the additional or alternative terms and conditions set forth on the applicable Additional Terms Exhibit shall apply:
| Hyland Company | Additional Terms Exhibit |
| Hyland Software Brasil LTDA. Hyland Software Germany GmbH | Exhibit A Exhibit B |
14. CONTROLLING LANGUAGE. Hyland may make other versions of this SaaS Schedule available in other languages at this online location. This English language version of this SaaS Schedule controls over any version of the SaaS Schedule made available at this online location in another language if the Incorporating Document is in English. If the Incorporating Document is in a language other than English (such language, the “Other Language”), but this SaaS Schedule is not made available at this online location in the Other Language, this English language version controls over any other version of the SaaS Schedule that may be made available at this online location in another language.
Exhibit A
Hyland Software Brasil LTDA Additional Terms Exhibit
If Hyland is Hyland Software Brasil LTDA this Exhibit A shall apply:
- The SaaS Fees Section of this SaaS Schedule shall be replaced in its entirety as follows:
Customer shall pay SaaS Fees to Hyland for the Hyland Cloud Service in such amounts as are invoiced by Hyland; provided, that during the first year of the Initial Term, Customer shall pay SaaS Fees to Hyland for the Hyland Cloud Service as initially composed in accordance with the initial Order Form. Hyland will adjust the SaaS Fees annually on each anniversary of the Effective Date by the last known accumulated value of IPCA at the time Hyland issues the invoice for SaaS Fees. For all purposes, “IPCA” means the Índice de Preços para o Consumidor Amplo, as measured by IBGE, or any index created to replace this index. Hyland will invoice Customer on or after the Effective Date for SaaS Fees for the first year of the Initial Term. For any subsequent years, Hyland will invoice Customer for SaaS Fees prior to the beginning of such year, and such invoice shall be due and payable by Customer to Hyland in full in accordance with the General Terms Schedule. In the event Customer adds Software for the Hyland Cloud Service, Hyland will invoice Customer for SaaS Fees for such additional Software on a prorated basis upon Hyland’s acceptance of the purchase order for such additional Software. Thereafter, SaaS Fees relating to such additional Software shall be included in the subsequent invoices issued with respect to the existing licensed Software.
Exhibit B
Hyland Software Germany GmbH Additional Terms Exhibit
If Hyland is Hyland Software Germany GmbH this Exhibit B shall apply:
Customer agrees to indemnify and hold harmless Hyland from any third-party claim arising out of Customer's culpable breach of this Section with regard to the use of the Software and/or Hyland Cloud Service in connection with any High Risk Use.
Any statutory rights of the Customer regarding any damages resulting from the breach of the above Software warranty shall remain unaffected subject to the express terms of the Agreement. Warranty for only insignificant reductions in the suitability of the performance is excluded. The strict liability according to Sec. 536a (1) of German Civil Code for defects that already existed at the time of conclusion of this SaaS Schedule is excluded.
NOTWITHSTANDING ANYTHING TO THE CONTRARY, IN THE CASE OF A CUSTOMER DATA INCIDENT (AS DEFINED IN THIS SCHEDULE), THE FOLLOWING SHALL APPLY IN LIEU OF THE LIMITATION OF LIABLITY IN THE GENERAL TERMS SCHEDULE (EXCEPT WHERE HYLAND'S LIABILITY IS UNLIMITED PURSUANT TO THE GENERAL TERMS SCHEDULE): THE MAXIMUM LIABILITY OF HYLAND (INCLUDING ITS AFFILIATES AND SUPPLIERS) ARISING OUT OF OR RELATED TO THIS AGREEMENT OR THE PRODUCTS OR SERVICES PROVIDED UNDER IT FOR A CUSTOMER DATA INCIDENT (AS DEFINED IN THIS SCHEDULE), WHETHER IN CONTRACT OR TORT (INCLUDING NEGLIGENCE), OR ANY OTHER LEGAL OR EQUITABLE THEORY, SHALL IN NO EVENT EXCEED, IN THE AGGREGATE, ALL FEES AND CHARGES ACTUALLY PAID BY CUSTOMER TO HYLAND (LESS ANY REFUNDS OR CREDITS) UNDER THE AGREEMENT DURING THE TWELVE (12) MONTH PERIOD IMMEDIATELY PRECEDING THE CUSTOMER DATA INCIDENT MULTIPLIED BY THE NUMBER INDICATED IN THE TABLE BELOW BASED ON CUSTOMER’S SERVICE CLASS AT THE TIME OF THE CUSTOMER DATA INCIDENT.
The most current version of this page shall be such in effect as of 12:00am EST of the date stamped on such online version.
Confidential - Ó 2023 Hyland Software, Inc.
Effective June 2nd 2023 to October 4th 2023
DownloadTable of Contents
SOFTWARE-AS-A-SERVICE SCHEDULE
As of the Effective Date of the Incorporating Document (as defined below), this Software-As-A-Service Schedule (this “SaaS Schedule”) is part of the Hyland Master Agreement, Order Form or any other agreement or document entered into between Customer and Hyland, which incorporates this SaaS Schedule by reference (the “Incorporating Document”). As used herein, the “Agreement” means the Incorporating Document, inclusive of this SaaS Schedule.
DEFINED TERMS
All capitalized terms used in this SaaS Schedule shall have the meaning ascribed them in this SaaS Schedule or, if not defined in this SaaS Schedule, the General Terms Schedule. If any capitalized terms used herein are not defined in this SaaS Schedule or the General Terms Schedule, they shall have the meaning ascribed to them elsewhere in this Agreement. In the event the same defined term is defined in two (2) or more Schedules, the term shall be given the meaning defined in each Schedule with respect to that Schedule, and, if the term is also used within this Schedule, this Schedule shall be interpreted to include all definitions, as the context requires.
“Consumption Fees” means the amounts payable by Customer for storage of data and information in the Hyland Cloud Service in excess of the data storage allocation set forth in the initial Order Form for the Hyland Cloud Service.
“Customer Data” means any and all electronic data and information submitted by Customer or Users to the Hyland Cloud Service.
“Customer Data Incident” means an unauthorized disclosure of Customer Data resulting from Hyland’s failure to comply with the SaaS Security Attachment. Without limitation, Customer Data Incident does not include any of the following that results in no unauthorized access to Customer Data or to any Hyland’s systems storing Customer Data: (a) pings and other broadcast attacks on firewalls or edge servers; (b) port scans; (c) unsuccessful log-on attempts; (d) denial of service attacks; or (e) packet sniffing (or other unauthorized access to traffic data that does not result in access beyond IP addresses or headers).
“Documentation” means: (a) to the extent available, the “Help Files” included in the Hyland Cloud Service, or (b) if no such “Help Files” are included in the Hyland Cloud Service, such other documentation published by Hyland, in each case, which relate to the functional, operational or performance characteristics of the Hyland Cloud Service.
“Host Web Site” means the web site hosted by Hyland as part of the Hyland Cloud Service on a web server included in the Hyland Cloud Platform used to access the Hyland Cloud Service, through which the Customer will access the Software and Customer Data stored using the Software.
“Hyland Cloud Service Support” means the services described in this SaaS Schedule.
“Hosted 3rd Party Software” means all third party software products (other than third party software products bundled by Hyland as a part of the Software) provided by Hyland as part of the Hyland Cloud Service, along with the associated documentation.
“Hyland Cloud Platform” means the Physical Infrastructure and any composite software layers such as databases, operating systems, virtualization technology, Hosted 3rd Party Software, and Host Web Site, responsible for providing the Hyland Cloud Service, whether owned by Hyland or a third party.
“Hyland Cloud Service” means Hyland’s provision of Software and the Hyland Cloud Platform for use by Customer.
“Initial Setup Fee” means the one-time fee invoiced by Hyland to Customer and payable by Customer to Hyland for the setup and activation of the Hyland Cloud Platform and the Host Web Site for use applicable to each Software module purchase under the Agreement.
“Initial Term” means, unless otherwise defined in the General Terms Schedule, and as used in this SaaS Schedule, (a) the initial term for which Customer has purchased products or services governed by this SaaS Schedule as set forth on the applicable Cover Page, Purchase Table Schedule, or Incorporating Document for such product or service; or (b) if an initial term is not set forth as described in (a), the three (3) year period that begins on the date of Hyland’s acceptance of the applicable purchase order.
“Order Form” means, unless otherwise defined in the General Terms Schedule, and as used in this SaaS Schedule, an Incorporating Document (or a Purchase Table included in an Incorporating Document) describing the Software or other products or services purchased, associated fees, and other terms agreed to by the parties.
“Physical Infrastructure” means the physical hardware and infrastructure which Hyland uses to provide the Hyland Cloud Service (which may include servers, network devices, cabling, CPU, data centers, memory, storage, switches, firewalls, routers and other network devices) whether owned by Hyland or a third party services provider.
“Resolution” means Hyland provides Customer with a reasonable workaround, correction, or modification that solves or mitigates a reported Hyland Cloud Service issue or error.
“SaaS Fees” means the amounts invoiced by Hyland and payable by Customer to Hyland for the use of the Hyland Cloud Service. The initial SaaS Fees are set forth in the initial Order Form.
“SaaS Security Attachment” means the document available at https://legal.hyland.com/Customer-Legal-Center#saas-security-attachment. The SaaS Security Attachment describes Hyland's current security processes and procedures. These processes and procedures may be updated from time to time, but will not be materially reduced.
“Service Class” means the applicable service level commitment purchase by Customer, as described in the Service Class Manual.
“Service Class Manual” means the latest version of the manual describing any available Service Classes, as posted by Hyland from time to time on a website designated by Hyland.
“Support Prioritization Attachment” is the document available at https://legal.hyland.com/Customer-Legal-Center#maintenance-and-support-prioritization-attachment.
“Testing Environment” means a separate instance of the Hyland Cloud Service (including Customer Data) hosted by Hyland, for use by Customer solely with production data in a non-production environment for the limited purpose of functional and performance testing of the Software and environment, Hosted 3rd Party Software and each Work Product included in the Hyland Cloud Service.
“Testing Lite Environment” means a separate instance of the Hyland Cloud Service (including Customer Data) hosted by Hyland, for use by Customer solely with production data in a non-production environment for the limited purpose of functional testing of the Software and environment, Hosted 3rd Party Software and each Work Product included in the Hyland Cloud Service.
“Upgrades and Enhancements” means any and all new versions, improvements, modifications, upgrades, updates, fixes and additions to Software that Hyland makes available to its end users generally during the term of this Schedule to correct Errors or deficiencies or enhance the capabilities of the Software, together with updates of the Documentation to reflect such new versions, improvements, modifications, upgrades, fixes or additions; provided, however, that the foregoing shall not include new, separate product offerings, new modules or re-platformed Software.
“Users” means Customer’s employees that access and use the Hyland Cloud Service.
1. HYLAND CLOUD SERVICE.
1.1 General. During the term of this SaaS Schedule Hyland will: (a) make the Hyland Cloud Service available to Customer pursuant to this SaaS Schedule, the SaaS Security Attachment, Documentation and the applicable Service Class Manual; and (b) only use Customer Data to provide, develop, and improve the Hyland Cloud Service and other services, to prevent or address service or technical problems, or in accordance with Customer’s instructions.
1.2 Service Class. Prior to or on the Effective Date, Hyland has delivered a then-current copy of the applicable Service Class Manual to Customer. After the Effective Date, Hyland will have the right to modify the applicable Service Class Manual (including the right to issue an entirely restated Service Class Manual) from time to time. The modifications or the revised Service Class Manual will be effective thirty (30) days after Hyland provides written notice to Customer informing Customer of Hyland’s posting of such modifications or revisions on the website identified in such notice. Notwithstanding the foregoing, no modifications of any Service Class Manual relating to Customer’s then-current Service Class will be effective until the next renewal of this Agreement. The initial Service Class purchased by Customer is set forth in the initial Order Form. To the extent Service Class upgrades or downgrades are available related to the Hyland Cloud Service purchase by Customer, Customer may upgrade the Service Class at any time, but may downgrade such Service Class only after the expiration of the Initial Term of this Agreement. In the event Customer elects to downgrade such Service Class, such downgrade will not be effective until the beginning of the next renewal of this Agreement. To modify a Service Class selection, Customer must submit a purchase order indicating the new Service Class.
1.3 Return of Customer Data and Deletion. In connection with any termination or expiration of this SaaS Schedule for any reason, Hyland will send a notice to Customer (which notice may be by email to the last known Customer contact) (the “Data Extraction Notice”), advising Customer that the Customer Data will remain accessible for a period of thirty (30) days after the date of such Data Extraction Notice, during which period Customer may extract such Customer Data. If Customer desires assistance with Customer Data extraction, Hyland may provide such services subject to the execution of a mutually agreed upon Services Proposal. Customer acknowledges and agrees that thirty (30) days after the date of such Data Extraction Notice, Hyland shall have no obligation to maintain or provide any Customer Data and shall thereafter, unless legally prohibited, delete all Customer Data from all of Hyland’s datacenters, including all replicated copies.
1.4 Hyland customers may license some Software provisioned by Hyland as part of the Hyland Cloud Service, and other Software which is implemented only on the customer’s premise (or a third party cloud other than the Hyland Cloud Platform), such as Hyland RPA (“On-Premise Software”). For clarity, if Customer licenses On-Premise Software from Hyland, this Agreement or Schedule (as the case may be) does not apply to such On-Premise Software.
2. GRANT OF RIGHTS AND PROHIBITED CONDUCT.
2.1 Hyland Cloud Service Use Grant. During the term of this Agreement or SaaS Schedule (as the case may be), Hyland grants to Customer a revocable, non-exclusive, non-assignable (except as otherwise expressly provided herein), limited right to use the Hyland Cloud Service as provided by Hyland, and the associated Documentation, solely for use by Customer and its Users for the internal business purposes of Customer, and only for capturing, storing, processing and accessing Customer’s data.
The Hyland Cloud Service is for use by Customer and its Users and may not be used for processing of third-party data as a service bureau, application service provider or otherwise. Customer and its Users shall not make any use of the Hyland Cloud Service in any manner not expressly permitted by this Agreement or SaaS Schedule (as the case may be). Customer acknowledges that it and its Users may only access Customer Data via the Hyland Cloud Service and shall only access the Hyland Cloud Service in a manner consistent with this Agreement or SaaS Schedule (as the case may be) and the Documentation. Use of software or hardware that reduces the number of users directly accessing or utilizing the Hyland Cloud Service (e.g. by using “bots” or “multiplexing” or “pooling” software or hardware) does not reduce the number of users accessing the Hyland Cloud Services for purposes of calculating the number of users, as the required number of users would equal the number of distinct inputs to such software or hardware (e.g. to such “bots” or “multiplexing” or “pooling” software or hardware). Customer is prohibited from using any software (including bots) other than the Software client modules or a Software application programming interface (API) to access the Hyland Cloud Service or any data stored in the Software database for any purpose other than generating reports or statistics regarding system utilization, unless Hyland has given its prior written consent to Customer’s use of such other software and Customer has paid the required fees with respect to such access. Customer further acknowledges that all components of the Hyland Cloud Service made available by Hyland, including any components downloaded or installed locally on Customer’s or Users’ systems, are solely for use with the Hyland Cloud Service and are not intended to be used on a stand-alone basis.
2.2 Volume Use Restriction. There are certain Software products that Hyland makes available and which Customer may purchase for use as part of the Hyland Cloud Service that are volume-based and may: (a) no longer function if applicable volume limits have been exceeded; (b) require Customer to pay additional fees based on Customer’s volume usage; or (c) include functionality which monitors or tracks Customer usage and reports that usage. Customer may not circumvent or attempt to circumvent this restriction by any means, including but not limited to changing the computer calendars.
2.3 Test Environments. Customer may purchase limited access to Testing Environments or Testing Lite Environments, or both. Hyland agrees that the security measures described in the SaaS Security Attachment are also applied to the Testing Environment and Testing Lite Environment. Hyland reserves the right to further define the permitted use(s) and/or restrict the use(s) of the Testing Environment and Testing Lite Environment. If, at any time, Customer is not satisfied with the Testing Environment or Testing Lite Environment, Customer’s sole and exclusive remedy shall be to stop using the Testing Environment or Testing Lite Environment.
2.4 No High Risk Use. The Software and/or any Hyland Cloud Services are not fault-tolerant and are not guaranteed to be error free or to operate uninterrupted. Such Software and/or Cloud Services are not designed or intended for use in any situation where failure or fault of any kind of the Software and/or Cloud Services could lead to death or serious bodily injury to any person, or to severe physical or environmental damage (“High Risk Use”). The Software and/or any Hyland Cloud Service is not licensed by Hyland to use in, or in conjunction with, High Risk Use. High Risk Use is STRICTLY PROHIBITED. High Risk Use includes, for example, the following: aircraft or other modes of human mass transportation, nuclear or chemical facilities, life support systems, implantable medical equipment, motor vehicles, or weaponry systems. High Risk Use does not include utilization of the Software or Cloud Services for administrative purposes, as an information resource for medical professionals, to store configuration data, engineering and/or configuration tools, or other non-control applications, the failure of which would not result in death, personal injury, or severe physical or environmental damage. These non-controlling applications may communicate with the applications that perform the control, but must not be directly or indirectly responsible for the control function. Customer agrees to indemnify and hold harmless Hyland from any third-party claim arising out of Customer's or its Contractors use of the Software and/or Cloud Services in connection with any High Risk Use.
2.5 Assessment. Hyland shall be permitted access to assess Customer’s use of the Hyland Cloud Service in order to determine Customer’s compliance with the grant of use and pricing terms of the Agreement and this SaaS Schedule, including, where applicable, to measure Customer’s volume usage. Customer shall reasonably cooperate with Hyland with respect to its performance of such assessment.
2.6 Third Party Services and Content. The Hyland Cloud Service may contain functionality which allows Customer to: (a) access, link or integrate the Hyland Cloud Service with Customer’s applications or applications or services provided by third parties and (b) access third party websites and content. Hyland has no responsibility for such applications or services, websites or content and shall have no responsibility for any disclosure, modification or deletion of Customer Data resulting from any such access or use by such applications or services. Any activities engaged in by Customer or any of its Users with such third parties using the Hyland Cloud Service is solely between Customer and such third party and Hyland has no liability, obligation or responsibility for any such activities. Hyland does not endorse any third party web sites, applications or services that may be linked or integrated through the Hyland Cloud Service. Hyland is not responsible for any third party content, products or materials purchased, accessed or used by Customer or its Users using the Hyland Cloud Service.
2.7 Acceptable Use Policy. Customer agrees to comply with the Acceptable Use Policy, available at https://legal.hyland.com/Customer-Legal-Center#acceptable-use-policy-attachment. Customer acknowledges that a violation of the Acceptable Use Policy shall be considered a Prohibited Act.
2.8 Ownership of Customer Data. As between Hyland and Customer, Customer owns Customer Data.
2.9 Customer Input and Suggestions. Hyland shall have a royalty-free, worldwide, perpetual, transferable, sub-licensable, and irrevocable license to use or incorporate into any of Hyland’s products or services, including the Hyland Cloud Services, any suggestions, enhancements, improvements, recommendations or any other feedback provided by Customer or its users, related to the operation or use of the Hyland Cloud Service.
3. PRICES, INVOICES AND PAYMENT.
3.1 Initial Setup Fees. Hyland will invoice for Initial Setup Fees upon Hyland's acceptance of the applicable initial order and subsequent orders for each purchase of Software for the Hyland Cloud Service, and such invoice shall be due and payable to Hyland in accordance with this Agreement.
3.2 SaaS Fees. Customer shall pay SaaS Fees to Hyland for the Hyland Cloud Service in such amounts as are invoiced by Hyland; provided, that during the Initial Term, Customer shall pay SaaS Fees to Hyland for the Hyland Cloud Service as initially composed in accordance with the initial Order Form. Hyland will invoice Customer on or after the Effective Date for SaaS Fees for the first year of the Initial Term. Following expiration of the Initial Term, Hyland may increase the SaaS Fees for the Hyland Cloud Service for any renewal period by up to ten percent (10%) of the previous year’s SaaS Fees. For any subsequent years, Hyland will invoice Customer for SaaS Fees prior to the beginning of such year, and such invoice shall be due and payable by Customer to Hyland in full in accordance with the General Terms Schedule. In the event Customer adds Software modules for the Hyland Cloud Service, Hyland will invoice Customer for SaaS Fees for such additional Software modules on a prorated basis upon Hyland’s acceptance of the purchase order for such additional Software modules. Thereafter, SaaS Fees relating to such additional Software shall be included in the subsequent invoices issued with respect to the existing licensed Software.
3.3 Consumption Fees. Hyland will invoice for any Consumption Fees, monthly in arrears, promptly upon the end of the month to which such Consumption Fees relate. Consumption Fees will be due for a month if at any time during such month the amount of Customer Data stored in the Hyland Cloud Service exceeds Customer’s then-current data storage allocation.
3.4 Add-On Services. If Customer subscribes to an Add-On Service, the fees for such Add-On Service will be invoiced on a periodic basis, in advance, and Customer shall pay such invoices in accordance with the General Terms Schedule unless otherwise stated on an Order Form. Some Add-On Services may be priced on a volume basis, for which Add-On Services fees may be invoiced in arrears based on the applicable volume usage. Add-On Services may be subject to additional terms.
3.5 Other Fees. If, upon mutual agreement of the parties, Hyland provides any other services or deliverables that are not covered by the fees and charges described herein, Hyland will invoice for such other fees or charges based upon Hyland’s then current list prices or the pricing that the parties have mutually agreed upon in connection with such other services or deliverables.
4. U.S. GOVERNMENT END USERS. To the extent applicable to Customer, the terms and conditions of the Agreement shall pertain to the U.S. Government’s use and/or disclosure of the Software, Add-On Services, and the Hyland Cloud Service, as the case may be, and shall supersede any conflicting contractual terms or conditions. By accepting the terms of the Agreement and/or the Delivery of the Software, Add-On Services and Hyland Cloud Service, as the case may be, the U.S. Government hereby agrees that the Software, including the Hosted 3rd Party Software included in the Hyland Cloud Service, and Add-On Services, as the case may be, qualify as “commercial” computer software within the meaning of ALL U.S. federal acquisition regulation(s) applicable to this procurement and that the Software and Add-On Services are developed exclusively at private expense. If this license fails to meet the U.S. Government’s needs or is inconsistent in any respect with Federal law, the U.S. Government agrees to return this Software, Add-On Services or Hyland Cloud Service, as the case may be, to Hyland. In addition to the foregoing, where DFARS is applicable, use, modification, reproduction, release, display, or disclosure of the Software, Add-On Services and Hyland Cloud Service, or Documentation, as the case may be, by the U.S. Government is subject solely to the terms of the Agreement, as stated in DFARS 227.7202, and the terms of the Agreement shall supersede any conflicting contractual term or conditions.
5. HYLAND CLOUD SERVICE SUPPORT.
5.1 Hyland Cloud Service Support Terms. Hyland will provide Hyland Cloud Service Support in accordance with this Section and the Support Prioritization Attachment attached hereto.
(a) Technical Support Services. Hyland will provide telephone or online technical support related to problems reported by Customer and associated with the operation of the Hyland Cloud Service, including assistance and advice related to the operation of the Hyland Cloud Service.
(b) Error Correction Services. With respect to any issues or errors in the Hyland Cloud Service which are reported by Customer and which are confirmed by Hyland, Hyland will use its reasonable efforts to correct such issue or error, which may be effected by a reasonable workaround. Hyland shall promptly commence to confirm any reported issues or errors after receipt of a proper report of such suspected issue or error from Customer in accordance with the Support Prioritization Attachment. Hyland may elect to correct the issue or error by updating or upgrading the applicable component of the Hyland Cloud Service to a new build or version.
(c) Reporting Policies and Procedures Applicable to Technical Support Services and Error Correction Services.
(i) Customer Reporting Requirements. When requesting Hyland Cloud Service Support, Customer will submit such requests through Hyland’s secure end user website, the details of which will be separately provided to Customer. Once such request is submitted through the end user website, Customer may call for a Level 1 or Level 2 Severity Level (support numbers are available through Hyland’s secure end user website). In the case of reporting a problem, issue, or error with the Hyland Cloud Service, Customer will provide Hyland with as much information and access to systems as reasonably possible to enable Hyland to investigate and attempt to identify and verify the problem, issue or error. Customer will work with Hyland support personnel during the problem isolation process, as reasonably needed. Customer will notify Hyland of any configuration changes it has made to the Hyland Cloud Service, such as workflow configuration changes, network installation/expansion, integrations, upgrades, relocations, etc.
(ii) Hyland Response Procedures. Hyland shall respond to all reports in accordance with the Support Prioritization Attachment. Hyland: (A) will respond based on the confirmed severity level; (B) may reclassify severity levels as it learns information about such problems, issues or errors during the resolution process; and (C) obligations for a reported issue or error concludes upon delivery of a Resolution in accordance with the Support Prioritization Attachment.
(d) Software Upgrades and Enhancements. Hyland will provide, in accordance with Hyland’s then current policies, as set forth from time to time on Hyland’s secure end user web site (currently www.hyland.com/community), all Upgrades and Enhancements, if and when released during the term of this SaaS Schedule.
(e) Update, Upgrade, Change or Replacement of Components of the Hyland Cloud Service. Hyland may update or upgrade the build or version of the Software used in the Hyland Cloud Service from time to time at Hyland’s expense. Hyland also may change, replace, update or upgrade the Hyland Cloud Platform from time to time. Customer agrees to collaborate with Hyland and assist Hyland in connection with the completion of installation and testing of any update or upgrade related to the Hyland Cloud Service. Notwithstanding the foregoing, Customer acknowledges that it is Customer’s responsibility to ensure that Customer is running a Cloud Compatible Version of the Software in accordance with Hyland’s Cloud Software Version Policy available at Hyland’s end user website (currently, community.hyland.com); Customer’s failure to comply with Hyland’s Cloud Software Version Policy shall be considered a material breach of the Agreement.
Customer acknowledges and agrees that for regulatory compliance purposes, Customer may be required to engage Hyland under a Services Proposal to implement Upgrades and Enhancements to a regulated product. If Hyland offers a self-service option for implementing Upgrades and Enhancements to a regulated product, and the Customer chooses this option, Customer agrees to comply with the training, reporting, and documentation requirements established by Hyland to ensure that the implementation is performed and documented as required by applicable regulations.
5.2 Exclusions. Hyland is not responsible for providing, or obligated to provide, Hyland Cloud Service Support: (a) in connection with any errors, defects or problems that result in whole or in part from any alteration, revision, change, enhancement or modification of any nature of the Hyland Cloud Service or from any error or defect in any configuration of any component of the Hyland Cloud Service, which activities in any such case were undertaken by any party other than Hyland or a party retained by Hyland; (b) in connection with any error or defect or problem in any other component of the Hyland Cloud Service if Hyland has previously made available corrections for such error or defect which Customer fails to implement; (c) in connection with any errors, defects or problems which have been caused by errors, defects, problems, alterations, revisions, changes, enhancements or modifications in any software, hardware or system or networking which is not a part of the Hyland Cloud Service; (d) if any party other than Hyland, or an authorized subcontractor specifically selected by Hyland, has provided any services in the nature of Hyland Cloud Service Support to Customer with respect to the Hyland Cloud Service; or (e) in connection with any questions related to the operation or use of the Software application programming interfaces (APIs); or in connection with any errors, defects or problems with Work Products (as defined in the Professional Services Schedule). Support relating to Work Products and the operation or use of APIs may be provided, on a case-by-case basis, as mutually agreed to in an applicable Services Proposal which outlines Professional Services for such support activities.
5.3 Professional Services. Customer agrees that the Professional Services Terms, available at https://legal.hyland.com/Customer-Legal-Center#professional-services-schedule shall apply to all Professional Services (as that term is defined in the Professional Services Terms) provided by Hyland for Customer.
6. SECURITY. During the term of this Agreement or this SaaS Schedule (as the case may be), Hyland shall maintain a security program which shall conform to the SaaS Security Attachment.
7. CERTAIN RESPONSIBILITIES AND OBLIGATIONS OF CUSTOMER.
7.1 Customer Responsibilities. In connection with the relationship established between Customer and Hyland under this SaaS Schedule:
(a) except as otherwise expressly permitted under the terms of this SaaS Schedule, Customer will not permit or authorize any third parties (such as persons or legal entities) to use the Hyland Cloud Service;
(b) Customer will comply with Hyland’s Acceptable Use Policy, as in effect from time to time, a copy of the current form of which is attached hereto as the Acceptable Use Policy Attachment;
(c) Customer is responsible for all Users use and all access through Customer and its Users of the Hyland Cloud Service and compliance with this SaaS Schedule and the Agreement, including, but not limited to, (i) setting-up User log-in accounts/credentials (e.g. user names, passwords, tokens, etc.) to the Hyland Cloud Service and immediately revoking User accounts/credentials when User no longer requires access to the Hyland Cloud Service, and (ii) shall not permit Users to share log-in accounts/credentials;
(d) Customer has sole responsibility for the accuracy, quality, content and legality of all Customer Data;
(e) Customer shall prohibit unauthorized access to, or use of, the Hyland Cloud Service and shall notify Hyland promptly of any such unauthorized access or use by contacting Customer’s Hyland technical support contact or another contact notified to Customer in writing (which may be via email or posted on Hyland’s secure end user web site (currently www.hyland.com/community)).
(f) Customer understands and agrees: (i) it has an independent duty to comply with any and all laws applicable to it, (ii) its use of the Hyland Cloud Service and compliance with any terms and conditions under this SaaS Schedule and the Agreement does not constitute compliance with any law, (iii) it shall make use of available Hyland Cloud Service security features and controls to properly transmit, store, process and provide access to Customer Data and (iv) it shall use the tools and reporting capabilities made available in the Hyland Cloud Service to monitor and confirm Customer Data processing, such as batch processing of electronic documents uploaded to the Hyland Cloud Service.
(h) Customer may give any of its Users the rights to act as a system administrator, through the configuration tools included in the Software for the Hyland Cloud Service. Hyland has no responsibility or obligations in connection with Customer’s internal management or administration of Customer’s Hyland Cloud Service.
7.2 Customer Internet Connection. Customer is responsible for obtaining and maintaining all software, hardware (including without limitation network systems), telephonic or other communications circuits, and Internet Service Provider relationships that are necessary or appropriate for Customer to properly access and use the Hyland Cloud Service. Hyland shall have no responsibility or liability under this Agreement or this SaaS Schedule (as the case may be) for any unavailability or failure of, or nonconformity or defect in, the Hyland Cloud Service that is caused by or related in any manner to any failure of Customer to obtain and maintain all such software, hardware, equipment and relationships.
8. LIMITED WARRANTIES.
8.1 Hyland Cloud Service Limited Warranty. Hyland warrants to Customer that during the term of this Agreement or this SaaS Schedule (as the case may be) the Hyland Cloud Service will function in all material respects as described in the Documentation. The terms of this warranty shall not apply to, and Hyland shall have no liability for any non-conformity related to, the Hyland Cloud Service if: (a) any component of the Hyland Cloud Service has been modified, misused or abused by Customer or a third party, (b) any such non-conformity arises from or is related to problems within or impacting Customer’s computing environment, including any Customer third party software applications, hardware, network or internet connectivity, or (c) if the Hyland Cloud Service is used in combination with equipment or software other than that which is provided by Hyland or is consistent with the Documentation.
8.2 Hyland Cloud Service Warranty Remedy. Hyland’s sole obligation, and Customer’s sole and exclusive remedy, for any non-conformities to the express limited warranties granted by Hyland under this Section shall be as follows: provided that Customer notifies Hyland in writing of the non-conformity, Hyland will either (a) correct the non-conforming component of the Hyland Cloud Service, which may include the delivery of a reasonable workaround for the non-conformity; or (b) if Hyland determines that correcting the non-conformity is not practicable, then terminate this Agreement or this SaaS Schedule (as the case may be) with respect to the non-conforming component, in which event, upon compliance by Customer with its obligations under this Agreement or this SaaS Schedule (as the case may be), Hyland will refund or cause to be refunded to Customer the “unused portion of prepaid SaaS Fees” (as defined below) paid by Customer and attributable to the non-conforming component. The “unused portion of the prepaid SaaS Fees” shall mean an amount equal to the total SaaS Fees paid by Customer for the non-conforming portion of the Hyland Cloud Service for the then current term (or applicable twelve-month period within the Initial Term) during which such removal occurs, multiplied by a fraction, the numerator of which shall be the number of full calendar months remaining during the term (or applicable twelve-month period within the Initial Term) during which such removal occurs, and the denominator of which shall be twelve (12).
8.3 Customer Limited Warranty. Customer represents and warrants to Hyland that: (a) Customer and its Users are the legal custodian of the Customer Data and it has the right and authority to use the Hyland Cloud Service in connection with all Customer Data and other materials hereunder; (b) Customer will use reasonable efforts to ensure that any Customer Data submitted to Hyland via electronic media will be free of viruses; and (c) anyone submitting Customer Data to Hyland for use in connection with the Hyland Cloud Service or Professional Services (if any) has the legal authority to do so, either through ownership of the Customer Data or by obtaining appropriate authorizations therefor, and that submission of Customer Data does not violate any contracts, agreements, or any applicable law. Customer is responsible for all Customer Data that is submitted to Hyland for use in connection with the Hyland Cloud Service or Professional Services (if any).
9. INFRINGEMENT INDEMNIFICATION.
9.1 Generally. Hyland agrees to indemnify Customer against all liability and expense, including reasonable attorneys’ fees, arising from or in connection with any third party claim, action or proceeding instituted against Customer based upon any infringement or misappropriation by the Hyland Cloud Service of any patent, registered copyright or registered trademark of a third party, provided that Hyland: (a) is notified promptly after Customer receives notice of such claim; (b) is solely in charge of the defense of and any settlement negotiations with respect to such claim, provided, that Hyland will not settle any such claim without the prior written consent of Customer if such settlement contains a stipulation to or admission or acknowledgement of any liability or wrongdoing on the part of the Customer or otherwise requires payment by Customer; (c) receives Customer’s reasonable cooperation in the defense or settlement of such claim; and (d) has the right, upon either the occurrence of or the likelihood (in the opinion of Hyland) of the occurrence of a finding of infringement or misappropriation, either to procure for Customer the right to continue use of the Hyland Cloud Service, or to replace the relevant portions of the Hyland Cloud Service with other equivalent, non-infringing portions. If Hyland is unable to accomplish either of the options set forth in the preceding sentence, Hyland shall terminate this Agreement or this SaaS Schedule (as the case may be) upon thirty (30) days advance written notice to Customer and refund to Customer the “unused portion of prepaid SaaS Fees” as defined below paid during the then current term (or applicable twelve-month period within the Initial Term). For these purposes, the “unused portion of prepaid SaaS Fees” shall mean an amount equal to the total SaaS Fees paid by Customer for the term (or applicable twelve-month period within the Initial Term) during which termination occurs, multiplied by a fraction, the numerator of which shall be the number of full calendar months remaining during the term (or applicable twelve-month period within the Initial Term) during which such termination occurs, and the denominator or which shall be twelve (12). Notwithstanding anything to the contrary, Hyland shall have no obligation to indemnify Customer against any claims made against Customer and otherwise described in this Section that arise from: (v) any Customer Data; (w) use of the Hyland Cloud Service other than as expressly permitted herein; (x) the combination of the Hyland Cloud Service or any component thereof with any product not furnished by Hyland; (y) the modification or addition of any component of the Hyland Cloud Service, other than by Hyland or any of its authorized channel partners specifically retained by Hyland to provide such modification or addition; or (z) the Customer’s business methods or processes.
9.2 THIS SECTION STATES HYLAND’S ENTIRE LIABILITY AND THE SOLE AND EXCLUSIVE REMEDY OF CUSTOMER WITH RESPECT TO ANY ALLEGED INFRINGEMENT OR MISAPPROPRIATION OF INTELLECTUAL PROPERTY OR PROPRIETARY PROPERTY BY THE HYLAND CLOUD SERVICE.
10. LIABILITY FOR CUSTOMER DATA INCIDENTS.
10.1 NOTWITHSTANDING ANYTHING TO THE CONTRARY, IN THE CASE OF A CUSTOMER DATA INCIDENT (AS DEFINED IN THIS SCHEDULE), THE FOLLOWING SHALL APPLY IN LIEU OF SECTION 6 OF THE GENERAL TERMS SCHEDULE: THE MAXIMUM LIABILITY OF HYLAND (INCLUDING ITS AFFILIATES AND SUPPLIERS) ARISING OUT OF OR RELATED TO THIS AGREEMENT OR THE PRODUCTS OR SERVICES PROVIDED UNDER IT FOR A CUSTOMER DATA INCIDENT (AS DEFINED IN THIS SCHEDULE), WHETHER IN CONTRACT OR TORT (INCLUDING NEGLIGENCE), OR ANY OTHER LEGAL OR EQUITABLE THEORY, SHALL IN NO EVENT EXCEED, IN THE AGGREGATE, ALL FEES AND CHARGES ACTUALLY PAID BY CUSTOMER TO HYLAND (LESS ANY REFUNDS OR CREDITS) UNDER THIS AGREEMENT DURING THE TWELVE (12) MONTH PERIOD IMMEDIATELY PRECEDING THE CUSTOMER DATA INCIDENT MULTIPLIED BY THE NUMBER INDICATED IN THE TABLE BELOW BASED ON CUSTOMER’S SERVICE CLASS AT THE TIME OF THE CUSTOMER DATA INCIDENT.
Service Class | Multiplier |
Silver | 1 |
Gold | 2 |
Platinum | 3 |
Double Platinum | 4 |
10.2 Notwithstanding Section 6.1 of the General Terms Schedule, and subject to Section 10.1 of this Schedule, in the event of a Customer Data Incident, Hyland shall pay the reasonable and documented costs incurred by Customer in connection with the following items: (a) providing notification of the Customer Data Incident to applicable government and relevant industry self-regulatory agencies, to the media and to individuals whose personal data may have been accessed or acquired, where required by law; and (b) providing credit monitoring service (where such service addresses the harm caused by the Customer Data Incident) to individuals who elect to receive such credit monitoring service and whose personal data may have been accessed or acquired, for a period of one year after the date on which such individuals were notified of the unauthorized access or acquisition.
11. TERM; TERMINATION.
11.1 Term.Subject to the termination provisions set forth in termination for breach section of the General Terms Schedule, the initial term of this Schedule will be the Initial Term; and such term will automatically renew thereafter for successive Renewal Terms, unless and until either party provides at least thirty (30) days advance written notice of non-renewal, in which case the Agreement shall terminate at the end of the then current term. “Renewal Terms” shall be a period of one (1) year each unless a renewal Order Form defines a different Renewal Term for the applicable renewal period. The Schedule will not terminate unless and until all Software subscriptions purchased have terminated or expired.
11.1.1 If, in the reasonable opinion of Customer or Hyland, the compliance by either party with the terms of the Agreement will be in violation of any law or regulation implemented or modified after the Effective Date, Customer or Hyland, as the case may be, may terminate the applicable license or services under the Agreement, upon thirty (30) days written notice to the other party.
11.2 Additional Effects or Consequences of Termination. In addition to the obligations set forth in the General Terms Schedule, immediately upon any termination or expiration of this SaaS Schedule, Customer shall cease any and all uses of or access to the Hyland Cloud Service and Documentation.
11.3 Transition Period Upon Termination. Except in the case of termination by Hyland due to Customer’s breach of this SaaS Schedule or the Agreement, upon Customer’s request, Hyland will use good faith efforts to enter into an amendment or Services Proposal pursuant to which Customer may continue to access the Hyland Cloud Service pursuant to the terms of this SaaS Schedule and the Agreement for a period following the expiration or termination of the SaaS Schedule (the “Transition Period”). Any such amendment or Services Proposal shall be subject to Customer’s payment of mutually agreed upon fees, including SaaS Fees, Consumption Fees and any fees for Professional Services related to such Transition Period.
12. COMPLIANCE WITH LAWS. Subject to the Term and Termination provisions set forth above, Hyland agrees to comply in all material respects with all laws applicable to Hyland in its performance of services under this SaaS Schedule.
13. ADDITIONAL TERMS AND CONDITIONS. If Hyland is a Hyland company set forth below, the additional or alternative terms and conditions set forth on the applicable Additional Terms Exhibit shall apply:
Hyland Company Additional Terms Exhibit
Hyland Software Brasil LTDA. Exhibit A
Hyland Software Germany GmbH Exhibit B
14. CONTROLLING LANGUAGE. Hyland may make other versions of this SaaS Schedule available in other languages at this online location. This English language version of this SaaS Schedule controls over any version of the SaaS Schedule made available at this online location in another language if the Incorporating Document is in English. If the Incorporating Document is in a language other than English (such language, the “Other Language”), but this SaaS Schedule is not made available at this online location in the Other Language, this English language version controls over any other version of the SaaS Schedule that may be made available at this online location in another language.
Exhibit A
Hyland Software Brasil LTDA Additional Terms Exhibit
If Hyland is Hyland Software Brasil LTDA this Exhibit A shall apply:
- The SaaS Fees Section of this SaaS Schedule shall be replaced in its entirety as follows:
Customer shall pay SaaS Fees to Hyland for the Hyland Cloud Service in such amounts as are invoiced by Hyland; provided, that during the first year of the Initial Term, Customer shall pay SaaS Fees to Hyland for the Hyland Cloud Service as initially composed in accordance with the initial Order Form. Hyland will adjust the SaaS Fees annually on each anniversary of the Effective Date by the last known accumulated value of IPCA at the time Hyland issues the invoice for SaaS Fees. For all purposes, “IPCA” means the Índice de Preços para o Consumidor Amplo, as measured by IBGE, or any index created to replace this index. Hyland will invoice Customer on or after the Effective Date for SaaS Fees for the first year of the Initial Term. For any subsequent years, Hyland will invoice Customer for SaaS Fees prior to the beginning of such year, and such invoice shall be due and payable by Customer to Hyland in full in accordance with the General Terms Schedule. In the event Customer adds Software modules for the Hyland Cloud Service, Hyland will invoice Customer for SaaS Fees for such additional Software modules on a prorated basis upon Hyland’s acceptance of the purchase order for such additional Software modules. Thereafter, SaaS Fees relating to such additional Software shall be included in the subsequent invoices issued with respect to the existing licensed Software.
Exhibit B
Hyland Software Germany GmbH Additional Terms Exhibit
If Hyland is Hyland Software Germany GmbH this Exhibit B shall apply:
Customer agrees to indemnify and hold harmless Hyland from any third-party claim arising out of Customer's culpable breach of this Section with regard to the use of the Software and/or Hyland Cloud Service in connection with any High Risk Use.
Any statutory rights of the Customer regarding any damages resulting from the breach of the above Software warranty shall remain unaffected subject to the express terms of the Agreement. Warranty for only insignificant reductions in the suitability of the performance is excluded. The strict liability according to Sec. 536a (1) of German Civil Code for defects that already existed at the time of conclusion of this SaaS Schedule is excluded.
NOTWITHSTANDING ANYTHING TO THE CONTRARY, IN THE CASE OF A CUSTOMER DATA INCIDENT (AS DEFINED IN THIS SCHEDULE), THE FOLLOWING SHALL APPLY IN LIEU OF THE LIMITATION OF LIABLITY IN THE GENERAL TERMS SCHEDULE (EXCEPT WHERE HYLAND'S LIABILITY IS UNLIMITED PURSUANT TO THE GENERAL TERMS SCHEDULE): THE MAXIMUM LIABILITY OF HYLAND (INCLUDING ITS AFFILIATES AND SUPPLIERS) ARISING OUT OF OR RELATED TO THIS AGREEMENT OR THE PRODUCTS OR SERVICES PROVIDED UNDER IT FOR A CUSTOMER DATA INCIDENT (AS DEFINED IN THIS SCHEDULE), WHETHER IN CONTRACT OR TORT (INCLUDING NEGLIGENCE), OR ANY OTHER LEGAL OR EQUITABLE THEORY, SHALL IN NO EVENT EXCEED, IN THE AGGREGATE, ALL FEES AND CHARGES ACTUALLY PAID BY CUSTOMER TO HYLAND (LESS ANY REFUNDS OR CREDITS) UNDER THIS AGREEMENT DURING THE TWELVE (12) MONTH PERIOD IMMEDIATELY PRECEDING THE CUSTOMER DATA INCIDENT MULTIPLIED BY THE NUMBER INDICATED IN THE TABLE BELOW BASED ON CUSTOMER’S SERVICE CLASS AT THE TIME OF THE CUSTOMER DATA INCIDENT.
The most current version of this page shall be such in effect as of 12:00am EST of the date stamped on such online version.
Confidential - Ó 2023 Hyland Software, Inc.
Effective February 24th 2023 to June 2nd 2023
DownloadTable of Contents
SOFTWARE-AS-A-SERVICE SCHEDULE
This SaaS Schedule (“SaaS Schedule”) forms a part of the Hyland Master Agreement or any other agreement between Customer and Hyland (the “Agreement”) which incorporates this SaaS Schedule by reference.
All capitalized terms used in this Schedule shall have the meaning ascribed them in this Schedule or, if not defined in this Schedule, the General Terms Schedule. If any capitalized terms used herein are not defined in this Schedule or the General Terms Schedule, they shall have the meaning ascribed to them elsewhere in the Agreement.
“Consumption Fees” means the amounts payable by Customer for storage of data and information in the Hyland Cloud Service in excess of the data storage allocation set forth in the initial Purchase Table Schedule for the Hyland Cloud Service.
“Customer Data” means any and all electronic data and information submitted by Customer or Users to the Hyland Cloud Service.
“Customer Data Incident” means an unauthorized disclosure of Customer Data resulting from Hyland’s failure to comply with the SaaS Security Attachment. Without limitation, Customer Data Incident does not include any of the following that results in no unauthorized access to Customer Data or to any Hyland’s systems storing Customer Data: (a) pings and other broadcast attacks on firewalls or edge servers; (b) port scans; (c) unsuccessful log-on attempts; (d) denial of service attacks; or (e) packet sniffing (or other unauthorized access to traffic data that does not result in access beyond IP addresses or headers).
“Documentation” means: (1) to the extent available, the “Help Files” included in the Hyland Cloud Service, or (2) if no such “Help Files” are included in the Hyland Cloud Service, such other documentation published by Hyland, in each case, which relate to the functional, operational or performance characteristics of the Hyland Cloud Service.
“Host Web Site” means the web site hosted by Hyland as part of the Hyland Cloud Service on a web server included in the Hyland Cloud Platform used to access the Hyland Cloud Service.
“Hosted 3rd Party Software” means all third party software products (other than third party software products bundled by Hyland as a part of the Software) provided by Hyland as part of the Hyland Cloud Service.
“Hyland Cloud Platform” means the Physical Infrastructure and any composite software layers such as databases, operating systems, virtualization technology, Hosted 3rd Party Software, and Host Web Site, responsible for providing the Hyland Cloud Service, whether owned by Hyland or a third party.
“Hyland Cloud Service” means Hyland’s provision of Software and the Hyland Cloud Platform for use by Customer in accordance with the Agreement and this SaaS Schedule.
“Hyland Cloud Service Support” means the services described in Section 5 of this Schedule.
“Initial Setup Fee” means the one-time fee invoiced by Hyland to Customer and payable by Customer to Hyland for the setup and activation of the Hyland Cloud Platform and the Host Web Site for use applicable to each Software module purchase under the Agreement.
“Physical Infrastructure” means the physical hardware and infrastructure which Hyland uses to provide the Hyland Cloud Service (which may include servers, network devices, cabling, CPU, data centers, memory, storage, switches, firewalls, routers and other network devices) whether owned by Hyland or a third party services provider.
“Resolution” means Hyland provides Customer with a reasonable workaround, correction, or modification that solves or mitigates a reported Hyland Cloud Service issue or error.
“SaaS Fees” means the amounts invoiced by Hyland and payable by Customer to Hyland for the use of the Hyland Cloud Service. The initial SaaS Fees are set forth in the initial Purchase Table Schedule.
“SaaS Security Attachment” means the document available at https://legal.hyland.com/Customer-Legal-Center#saas-security-attachment. The SaaS Security Attachment describes Hyland's current security processes and procedures. These processes and procedures may be updated from time to time, but will not be materially reduced.
“Service Class” means the service level commitment included as part of the Hyland Cloud Service, as described in the Service Class Manual, and purchased by Customer as part of the Hyland Cloud Service.
“Service Class Manual” means the latest version of the manual describing any available Service Classes, as posted by Hyland from time to time on a website designated by Hyland.
“Support Prioritization Attachment” is the document available at https://legal.hyland.com/Customer-Legal-Center#maintenance-and-support-prioritization-attachment.
“Testing Environment” means a separate instance of the Hyland Cloud Service (including Customer Data) hosted by Hyland, for use by Customer solely with production data in a non-production environment for the limited purpose of functional and performance testing of the Software and environment, Hosted 3rd Party Software and each Work Product included in the Hyland Cloud Service.
“Testing Lite Environment” means a separate instance of the Hyland Cloud Service (including Customer Data) hosted by Hyland, for use by Customer solely with production data in a non-production environment for the limited purpose of functional testing of the Software and environment, Hosted 3rd Party Software and each Work Product included in the Hyland Cloud Service.
“Upgrades and Enhancements” means any and all new versions, improvements, modifications, upgrades, updates, fixes and additions to Software that Hyland makes available to Customer or to Hyland’s end users generally during the term of this Schedule to correct errors or deficiencies or enhance the capabilities of the Software, together with updates of the Documentation to reflect such new versions, improvements, modifications, upgrades, fixes or additions; provided, however, that the foregoing shall not include new, separate product offerings, new modules or re-platformed Software.
“Users” means Customer’s employees that access and use the Hyland Cloud Service.
1. HYLAND CLOUD SERVICE.
1.1 General. During the term of this SaaS Schedule Hyland will: (a) make the Hyland Cloud Service available to Customer pursuant to this SaaS Schedule, the SaaS Security Attachment, Documentation and the applicable Service Class Manual; and (b) only use Customer Data to provide, develop, and improve the Hyland Cloud Service and other services, to prevent or address service or technical problems, or in accordance with Customer’s instructions.
1.2 Service Class. Prior to or on the Effective Date, Hyland has delivered a then-current copy of the applicable Service Class Manual to Customer. After the Effective Date, Hyland will have the right to modify the applicable Service Class Manual (including the right to issue an entirely restated Service Class Manual) from time to time. The modifications or the revised Service Class Manual will be effective thirty (30) days after Hyland provides written notice to Customer informing Customer of Hyland’s posting of such modifications or revisions on the website identified in such notice. Notwithstanding the foregoing, no modifications of any Service Class Manual relating to Customer’s then-current Service Class will be effective until the next renewal of this SaaS Schedule. The initial Service Class purchased by Customer is set forth in the initial Purchase Table Schedule. To the extent Service Class upgrades or downgrades are available related to the Hyland Cloud Service purchase by Customer, Customer may upgrade the Service Class at any time, but may downgrade such Service Class only after the expiration of the Initial Term of this SaaS Schedule. In the event Customer elects to downgrade such Service Class, such downgrade will not be effective until the beginning of the next renewal of this SaaS Schedule. To modify a Service Class selection, Customer must submit a purchase order indicating the new Service Class.
1.3 Customer Data Extraction and Deletion. In connection with any termination or expiration of this SaaS Schedule for any reason, Hyland will send a notice to Customer (which notice may be by email to the last known Customer contact) (the “Data Extraction Notice”), advising Customer that the Customer Data will remain accessible for a period of thirty (30) days after the date of such Data Extraction Notice, during which period Customer may extract such Customer Data. If Customer desires assistance with Customer Data extraction, Hyland may provide such services subject to the execution of a mutually agreed upon Services Proposal. Customer acknowledges and agrees that thirty (30) days after the date of such Data Extraction Notice, Hyland shall have no obligation to maintain or provide any Customer Data and shall thereafter, unless legally prohibited, delete all Customer Data from all of Hyland’s datacenters, including all replicated copies.
1.4 Data Location. Hyland shall store Customer Data at data centers located in the country(ies) indicated in the initial Purchase Table. Hyland may, at its expense, change the location of the Customer Data to other data centers; provided that such locations remain in that country.
1.5 Hyland customers may license some Software provisioned by Hyland as part of the Hyland Cloud Service, and other Software which is implemented only on the customer’s premise (or a third party cloud other than the Hyland Cloud Platform), such as Hyland RPA (“On-Premise Software”). For clarity, if Customer licenses On-Premise Software from Hyland, this Schedule does not apply to such On-Premise Software.
2. GRANT OF RIGHTS AND PROHIBITED CONDUCT.
2.1 Hyland Cloud Service Use Grant. During the term of this SaaS Schedule, Hyland grants to Customer a revocable, non-exclusive, non-assignable (except as provided in the General Terms Schedule), limited right to use the Hyland Cloud Service as provided by Hyland, and the associated Documentation, solely for use by Customer and its Users for the internal business purposes of Customer, and only for capturing, storing, processing and accessing Customer’s data.
The Hyland Cloud Service is for use by Customer and its Users and may not be used for processing of third-party data as a service bureau, application service provider or otherwise. Customer and its Users shall not make any use of the Hyland Cloud Service in any manner not expressly permitted by this SaaS Schedule. Customer acknowledges that it and its Users may only access Customer Data via the Hyland Cloud Service and shall only access the Hyland Cloud Service in a manner consistent with this SaaS Schedule and the Documentation. Use of software or hardware that reduces the number of users directly accessing or utilizing the Hyland Cloud Service (e.g. by using “bots” or “multiplexing” or “pooling” software or hardware) does not reduce the number of users accessing the Hyland Cloud Services for purposes of calculating the number of users, as the required number of users would equal the number of distinct inputs to such software or hardware (e.g. to such “bots” or “multiplexing” or “pooling” software or hardware). Customer is prohibited from using any software (including bots) other than the Software client modules or a Software application programming interface (API) to access the Hyland Cloud Service or any data stored in the Software database for any purpose other than generating reports or statistics regarding system utilization, unless Hyland has given its prior written consent to Customer’s use of such other software and Customer has paid to Hyland the SaaS Fees with respect to such access. Customer further acknowledges that all components of the Hyland Cloud Service made available by Hyland, including any components downloaded or installed locally on Customer’s or Users’ systems, are solely for use with the Hyland Cloud Service and are not intended to be used on a stand-alone basis.
2.2 Volume Use Restriction. There are certain Software products that Hyland makes available and which Customer may purchase for use as part of the Hyland Cloud Service that are volume-based and may: (i) no longer function if applicable volume limits have been exceeded; (ii) require Customer to pay additional fees based on Customer’s volume usage; or (iii) include functionality which monitors or tracks Customer usage and reports that usage. Customer may not circumvent or attempt to circumvent this restriction by any means, including but not limited to changing the computer calendars.
2.3 Test Environments. Customer may purchase limited access to Testing Environments or Testing Lite Environments, or both. Hyland agrees that the security measures described in the SaaS Security Attachment are also applied to the Testing Environment and Testing Lite Environment. Hyland reserves the right to further define the permitted use(s) and/or restrict the use(s) of the Testing Environment and Testing Lite Environment. If, at any time, Customer is not satisfied with the Testing Environment or Testing Lite Environment, Customer’s sole and exclusive remedy shall be to stop using the Testing Environment or Testing Lite Environment.
2.4 No High Risk Use. The Hyland Cloud Service is not fault-tolerant and is not guaranteed to be error free or to operate uninterrupted. The Hyland Cloud Service is not designed or intended for use in any situation where failure or fault of any kind of the Hyland Cloud Service could lead to death or serious bodily injury to any person, or to severe physical or environmental damage (“High Risk Use”). Customer is not permitted to use the Hyland Cloud Service in, or in conjunction with, High Risk Use. High Risk Use is STRICTLY PROHIBITED. High Risk Use includes, for example, the following: aircraft or other modes of human mass transportation, nuclear or chemical facilities, life support systems, implantable medical equipment, motor vehicles, or weaponry systems. High Risk Use does not include utilization of the Hyland Cloud Service for administrative purposes, as an information resource for medical professionals, to store configuration data, engineering and/or configuration tools, or other non-control applications, the failure of which would not result in death, personal injury, or severe physical or environmental damage. These non-controlling applications may communicate with the applications that perform the control, but must not be directly or indirectly responsible for the control function. Customer agrees not to use, distribute, license, or grant the use of the Hyland Cloud Service in, or in connection with, any High Risk Use." Customer agrees to indemnify and hold harmless Hyland from any third-party claim arising out of Customer’s use of the Hyland Cloud Service in connection with any High Risk Use.
2.5 Assessment. Hyland shall be permitted access to assess Customer’s use of the Hyland Cloud Service in order to determine Customer’s compliance with the grant of use and pricing terms of the Agreement and this SaaS Schedule, including, where applicable, to measure Customer’s volume usage. Customer shall reasonably cooperate with Hyland with respect to its performance of such assessment.
2.6 Third Party Services and Content. The Hyland Cloud Service may contain functionality which allows Customer to: (a) access, link or integrate the Hyland Cloud Service with Customer’s applications or applications or services provided by third parties and (b) access third party websites and content. Hyland has no responsibility for such applications or services, websites or content and shall have no responsibility for any disclosure, modification or deletion of Customer Data resulting from any such access or use by such applications or services. Any activities engaged in by Customer or any of its Users with such third parties using the Hyland Cloud Service is solely between Customer and such third party and Hyland has no liability, obligation or responsibility for any such activities. Hyland does not endorse any third party web sites, applications or services that may be linked or integrated through the Hyland Cloud Service. Hyland is not responsible for any third party content, products or materials purchased, accessed or used by Customer or its Users using the Hyland Cloud Service.
2.7 Prohibited Conduct. Customer agrees not to: (a) remove copyright, trademark or other proprietary rights notices that appear during the use of the Hyland Cloud Service; (b) sell, transfer, rent, lease or sub-license the Hyland Cloud Service to any third party; (c) alter or modify the Hyland Cloud Service; (d) reverse engineer, disassemble, decompile or attempt to derive source code from the Hyland Cloud Service, or prepare derivative works therefrom; or (e) use the Hyland Cloud Service or permit it to be used in violation of the Acceptable Use Policy, as in effect from time to time, a copy of the current form of which is available at https://legal.hyland.com/Customer-Legal-Center#acceptable-use-policy-attachment or for the purposes of evaluation, benchmarking, or other comparative analysis intended for external publication without Hyland’s prior written consent.
2.8 Ownership of Customer Data. As between Hyland and Customer, Customer owns Customer Data.
2.9 Customer Input and Suggestions. Hyland shall have a royalty-free, worldwide, perpetual, transferable, sub-licensable, and irrevocable license to use or incorporate into any of Hyland’s products or services, including the Hyland Cloud Services, any suggestions, enhancements, improvements, recommendations or any other feedback provided by Customer or its users, related to the operation or use of the Hyland Cloud Service.
3. PRICES, INVOICES AND PAYMENT.
3.1 Initial Setup Fees. Hyland will invoice Customer for Initial Setup Fees in the amount set forth in the initial Purchase Table Schedule promptly following the Effective Date. Hyland will invoice Customer for Initial Setup Fees upon each additional purchase of Software for the Hyland Cloud Service upon acceptance of Customer’s purchase order for such Software.
3.2 SaaS Fees. Customer shall pay SaaS Fees to Hyland for the Hyland Cloud Service in such amounts as are invoiced by Hyland; provided, that during the Initial Term, Customer shall pay SaaS Fees to Hyland for the Hyland Cloud Service as initially composed in accordance with the initial Purchase Table Schedule. Hyland will invoice Customer on or after the Effective Date for SaaS Fees for the first year of the Initial Term. Following expiration of the Initial Term, Hyland may increase the SaaS Fees for the Hyland Cloud Service for any renewal period by up to ten percent (10%) of the previous year’s SaaS Fees. For any subsequent years, Hyland will invoice Customer for SaaS Fees prior to the beginning of such year, and such invoice shall be due and payable by Customer to Hyland in full in accordance with the General Terms Schedule. In the event Customer adds Software modules for the Hyland Cloud Service, Hyland will invoice Customer for SaaS Fees for such additional Software modules on a prorated basis upon Hyland’s acceptance of the purchase order for such additional Software modules. Thereafter, SaaS Fees relating to such additional Software shall be included in the subsequent invoices issued with respect to the existing licensed Software.
3.3 Consumption Fees. Hyland will invoice Customer for any Consumption Fees, monthly in arrears, promptly upon the end of the month to which such Consumption Fees relate. Consumption Fees will be due for a month if at any time during such month the amount of Customer Data stored in the Hyland Cloud Service exceeds Customer’s data storage allocation as set forth in the initial Purchase Table.
3.4 Add-On Services. If Customer subscribes to an Add-On Service, the fees for such Add-On Service will be invoiced on a periodic basis, in advance, and Customer shall pay such invoices in accordance with the General Terms Schedule. Some Add-On Services may be priced on a volume basis, for which Add-On Service fees may be invoiced in arrears based on the applicable volume usage. Except as may be stated in a separate Schedule, the Add-On Services are part of the Hyland Cloud Service.
3.5 Other Fees. If Customer procures and Hyland provides any other services or deliverables in connection with the Hyland Cloud Service that are not covered by the fees and charges described in Sections 3.1 through 3.4 above, Hyland will invoice Customer for such other fees or charges based upon Hyland’s then current list prices or the pricing that the parties have mutually agreed upon in connection with such other services or deliverables.
4. U.S. GOVERNMENT END USERS. To the extent applicable to Customer, the terms and conditions of the Agreement shall pertain to the U.S. Government’s use and/or disclosure of the Hyland Cloud Service, and shall supersede any conflicting contractual terms or conditions. By accepting the terms of the Agreement and/or the delivery of the Hyland Cloud Service, the U.S. Government hereby agrees that the Software, and the Hosted 3rd Party Software included in the Hyland Cloud Service and Add-On Services qualify as “commercial” computer software within the meaning of ALL U.S. federal acquisition regulation(s) applicable to this procurement and that the Software is developed exclusively at private expense. If this license fails to meet the U.S. Government’s needs or is inconsistent in any respect with Federal law, the U.S. Government agrees to return this Hyland Cloud Service or Add-On Services to Hyland. In addition to the foregoing, where DFARS is applicable, use, modification, reproduction, release, display, or disclosure of the Hyland Cloud Service, Add-On Services or Documentation by the U.S. Government is subject solely to the terms of the Agreement, as stated in DFARS 227.7202, and the terms of the Agreement shall supersede any conflicting contractual term or conditions.
5. HYLAND CLOUD SERVICE SUPPORT.
5.1 HYLAND CLOUD SERVICE SUPPORT TERMS. Hyland will provide Hyland Cloud Service Support in accordance with this Section and the Support Prioritization Attachment.
(a) Technical Support Services. Hyland will provide telephone or online technical support related to problems reported by Customer and associated with the operation of the Hyland Cloud Service, including assistance and advice related to the operation of the Hyland Cloud Service.
(b) Error Correction Services. With respect to any issues or errors in the Hyland Cloud Service which are reported by Customer and which are confirmed by Hyland, Hyland will use its reasonable efforts to correct such issue or error, which may be effected by a reasonable workaround. Hyland shall promptly commence to confirm any reported issues or errors after receipt of a proper report of such suspected issue or error from Customer in accordance with the Support Prioritization Attachment. Hyland may elect to correct the issue or error by updating or upgrading the applicable component of the Hyland Cloud Service to a new build or version.
(c) Reporting Policies and Procedures Applicable to Technical Support Services and Error Correction Services.
(1) Customer Reporting Requirements. When requesting Hyland Cloud Service Support, Customer will submit such requests through Hyland’s secure end user website, the details of which will be separately provided to Customer. Once such request is submitted through the end user website, Customer may call for a Level 1 or Level 2 Severity Level (support numbers are available through Hyland’s secure end user website). In the case of reporting a problem, issue, or error with the Hyland Cloud Service, Customer will provide Hyland with as much information and access to systems as reasonably possible to enable Hyland to investigate and attempt to identify and verify the problem, issue or error. Customer will work with Hyland support personnel during the problem isolation process, as reasonably needed. Customer will notify Hyland of any configuration changes it has made to the Hyland Cloud Service, such as workflow configuration changes, network installation/expansion, integrations, upgrades, relocations, etc.
(2) Hyland Response Procedures. Hyland shall respond to all reports in accordance with the Support Prioritization Attachment. Hyland: (a) will respond based on the confirmed severity level; (b) may reclassify severity levels as it learns information about such problems, issues or errors during the resolution process; and (c) obligations for a reported issue or error concludes upon delivery of a Resolution in accordance with the Support Prioritization Attachment.
(d) Software Upgrades and Enhancements. Hyland will make available, in accordance with Hyland’s then current policies, as set forth from time to time on Hyland’s secure end user web site (currently www.hyland.com/community), all Upgrades and Enhancements to the Software, if and when released during the term of this SaaS Schedule.
(e) Update, Upgrade, Change or Replacement of Components of the Hyland Cloud Service. Hyland may update or upgrade the build or version of the Software used in the Hyland Cloud Service from time to time at Hyland’s expense. Hyland also may change, replace, update or upgrade the Hyland Cloud Platform from time to time. Customer agrees to collaborate with Hyland and assist Hyland in connection with the completion of installation and testing of any update or upgrade related to the Hyland Cloud Service. Notwithstanding the foregoing, Customer acknowledges that it is Customer's responsibility to ensure that Customer is running a Cloud Compatible Version of the Software in accordance with Hyland's Cloud Software Version Policy available at Hyland's end user website (currently, community.hyland.com); Customer's failure to comply with Hyland's Cloud Software Version Policy shall be considered a material breach of the Agreement.
Customer acknowledges and agrees that for regulatory compliance purposes, Customer may be required to engage Hyland under a Services Proposal to implement Upgrades and Enhancements to a regulated product. If Hyland offers a self-service option for implementing Upgrades and Enhancements to a regulated product, and the Customer chooses this option, Customer agrees to comply with the training, reporting, and documentation requirements established by Hyland to ensure that the implementation is performed and documented as required by applicable regulations.
5.2 EXCLUSIONS.
Generally. Hyland is not responsible for providing, or obligated to provide, Hyland Cloud Service Support: (1) in connection with any errors, defects or problems that result in whole or in part from any alteration, revision, change, enhancement or modification of any nature of the Hyland Cloud Service or from any error or defect in any configuration of any component of the Hyland Cloud Service, which activities in any such case were undertaken by any party other than Hyland or a party retained by Hyland; (2) in connection with any error or defect or problem in any other component of the Hyland Cloud Service if Hyland has previously made available corrections for such error or defect which Customer fails to implement; (3) in connection with any errors, defects or problems which have been caused by errors, defects, problems, alterations, revisions, changes, enhancements or modifications in any software, hardware or system or networking which is not a part of the Hyland Cloud Service; (4) if any party other than Hyland, or an authorized subcontractor specifically selected by Hyland, has provided any services in the nature of Hyland Cloud Service Support to Customer with respect to the Hyland Cloud Service; or (5) in connection with any questions related to the operation or use of the Software application programming interfaces (APIs); or in connection with any errors, defects or problems with Work Products (as defined in the Professional Services Schedule). Support relating to Work Products and the operation or use of APIs may be provided, on a case-by-case basis, as mutually agreed to in an applicable Services Proposal which outlines Professional Services for such support activities.
6. SECURITY. During the term of this SaaS Schedule, Hyland shall maintain a security program which shall conform to the SaaS Security Attachment.
7. CERTAIN RESPONSIBILITIES AND OBLIGATIONS OF CUSTOMER.
7.1 Customer Responsibilities. In connection with the relationship established between Customer and Hyland under this SaaS Schedule:
(a) except as otherwise expressly permitted under the terms of this SaaS Schedule, Customer will not permit or authorize any third parties (such as persons or legal entities) to use the Hyland Cloud Service;
(b) Customer will comply with Hyland’s Acceptable Use Policy, as in effect from time to time, a copy of the current form of which is available at https://legal.hyland.com/Customer-Legal-Center#acceptable-use-policy-attachment;
(c) Customer is responsible for all Users use and all access through Customer and its Users of the Hyland Cloud Service and compliance with this SaaS Schedule and the Agreement, including, but not limited to, (i) setting-up User log-in accounts/credentials (e.g. user names, passwords, tokens, etc.) to the Hyland Cloud Service and immediately revoking User accounts/credentials when User no longer requires access to the Hyland Cloud Service, and (ii) shall not permit Users to share log-in accounts/credentials;
(d) Customer has sole responsibility for the accuracy, quality, content and legality of all Customer Data;
(e) Customer shall prohibit unauthorized access to, or use of, the Hyland Cloud Service and shall notify Hyland promptly of any such unauthorized access or use by contacting Customer’s Hyland technical support contact or another contact notified to Customer in writing (which may be via email or posted on Hyland’s secure end user web site (currently www.hyland.com/community)).
(f) Customer understands and agrees: (i) it has an independent duty to comply with any and all laws applicable to it, (ii) its use of the Hyland Cloud Service and compliance with any terms and conditions under this SaaS Schedule and the Agreement does not constitute compliance with any law, (iii) it shall make use of available Hyland Cloud Service security features and controls to properly transmit, store, process and provide access to Customer Data and (iv) it shall use the tools and reporting capabilities made available in the Hyland Cloud Service to monitor and confirm Customer Data processing, such as batch processing of electronic documents uploaded to the Hyland Cloud Service.
(g) Customer may give any of its Users the rights to act as a system administrator, through the configuration tools included in the Software for the Hyland Cloud Service. Hyland has no responsibility or obligations in connection with Customer’s internal management or administration of Customer’s Hyland Cloud Service.
7.2 Customer Internet Connection. Customer is responsible for obtaining and maintaining all software, hardware (including without limitation network systems), telephonic or other communications circuits, and Internet Service Provider relationships that are necessary or appropriate for Customer to properly access and use the Hyland Cloud Service. Hyland shall have no responsibility or liability under this SaaS Schedule for any unavailability or failure of, or nonconformity or defect in, the Hyland Cloud Service that is caused by or related in any manner to any failure of Customer to obtain and maintain all such software, hardware, equipment and relationships.
8. LIMITED WARRANTIES.
8.1 Hyland Cloud Service Limited Warranty. Hyland warrants to Customer that during the term of this SaaS Schedule the Hyland Cloud Service will function in all material respects as described in the Documentation. The terms of this warranty shall not apply to, and Hyland shall have no liability for any non-conformity related to, the Hyland Cloud Service if: (i) any component of the Hyland Cloud Service has been modified, misused or abused by Customer or a third party, (ii) any such non-conformity arises from or is related to problems within or impacting Customer’s computing environment, including any Customer third party software applications, hardware, network or internet connectivity, or (iii) if the Hyland Cloud Service is used in combination with equipment or software other than that which is provided by Hyland or is consistent with the Documentation.
8.2 Hyland Cloud Service Warranty Remedy. Hyland’s sole obligation, and Customer’s sole and exclusive remedy, for any non-conformities to the express limited warranties under Section 8.1 shall be as follows: provided that Customer notifies Hyland in writing of the non-conformity, Hyland will either (a) correct the non-conforming component of the Hyland Cloud Service, which may include the delivery of a reasonable workaround for the non-conformity; or (b) if Hyland determines that correcting the non-conformity is not practicable, then terminate this SaaS Schedule with respect to the non-conforming component, in which event, upon compliance by Customer with its obligations under Section 11.2 of this SaaS Schedule, Hyland will provide a refund to Customer of the “unused portion of prepaid SaaS Fees” (as defined below) paid by Customer and attributable to the non-conforming component. The “unused portion of the prepaid SaaS Fees” shall mean an amount equal to the total SaaS Fees paid by Customer for the non-conforming portion of the Hyland Cloud Service for the then current term (or applicable twelve-month period within the Initial Term) during which such removal occurs, multiplied by a fraction, the numerator of which shall be the number of full calendar months remaining during the term (or applicable twelve-month period within the Initial Term) during which such removal occurs, and the denominator of which shall be twelve (12).
8.3 Customer Limited Warranty. Customer represents and warrants to Hyland that: (a) Customer and its Users are the legal custodian of the Customer Data and it has the right and authority to use the Hyland Cloud Service in connection with all Customer Data and other materials hereunder; (b) Customer will use reasonable efforts to ensure that any Customer Data submitted to Hyland via electronic media will be free of viruses; and (c) anyone submitting Customer Data to Hyland for use in connection with the Hyland Cloud Service or Professional Services has the legal authority to do so, either through ownership of the Customer Data or by obtaining appropriate authorizations therefor, and that submission of Customer Data does not violate any contracts, agreements, or any applicable law. Customer is responsible for all Customer Data that is submitted to Hyland for use in connection with the Hyland Cloud Service or Professional Services.
9. INFRINGEMENT INDEMNIFICATION.
9.1 Generally. Hyland agrees to indemnify Customer against all liability and expense, including reasonable attorneys’ fees, arising from or in connection with any third party claim, action or proceeding instituted against Customer based upon any infringement or misappropriation by the Hyland Cloud Service of any patent, registered copyright or registered trademark of a third party that is enforceable in the United States, provided that Hyland: (a) is notified promptly after Customer receives notice of such claim; (b) is solely in charge of the defense of and any settlement negotiations with respect to such claim, provided, that Hyland will not settle any such claim without the prior written consent of Customer if such settlement contains a stipulation to or admission or acknowledgement of any liability or wrongdoing on the part of the Customer or otherwise requires payment by Customer; (c) receives Customer’s reasonable cooperation in the defense or settlement of such claim; and (d) has the right, upon either the occurrence of or the likelihood (in the opinion of Hyland) of the occurrence of a finding of infringement or misappropriation, either to procure for Customer the right to continue use of the Hyland Cloud Service, or to replace the relevant portions of the Hyland Cloud Service with other equivalent, non-infringing portions. If Hyland is unable to accomplish either of the options set forth in the preceding sentence, Hyland shall terminate this SaaS Schedule upon thirty (30) days advance written notice to Customer and refund to Customer the “unused portion of prepaid SaaS Fees” as defined below paid during the then current term (or applicable twelve-month period within the Initial Term). For these purposes, the “unused portion of prepaid SaaS Fees” shall mean an amount equal to the total SaaS Fees paid by Customer for the term (or applicable twelve-month period within the Initial Term) during which termination occurs, multiplied by a fraction, the numerator of which shall be the number of full calendar months remaining during the term (or applicable twelve-month period within the Initial Term) during which such termination occurs, and the denominator or which shall be twelve (12). Notwithstanding anything to the contrary, Hyland shall have no obligation to indemnify Customer against any claims made against Customer and otherwise described in this Section that arise from: (v) any Customer Data; (w) use of the Hyland Cloud Service other than as expressly permitted by this SaaS Schedule and the Agreement; (x) the combination of the Hyland Cloud Service or any component thereof with any product not furnished by Hyland; (y) the modification or addition of any component of the Hyland Cloud Service, other than by Hyland or any of its authorized resellers specifically retained by Hyland to provide such modification or addition; or (z) the Customer’s business methods or processes.
9.2 THIS SECTION 9 STATES HYLAND’S ENTIRE LIABILITY AND THE SOLE AND EXCLUSIVE REMEDY OF CUSTOMER WITH RESPECT TO ANY ALLEGED INFRINGEMENT OR MISAPPROPRIATION OF INTELLECTUAL PROPERTY OR PROPRIETARY PROPERTY BY THE HYLAND CLOUD SERVICE.
10. LIABILITY FOR CUSTOMER DATA INCIDENTS.
10.1 NOTWITHSTANDING ANYTHING TO THE CONTRARY, IN THE CASE OF A CUSTOMER DATA INCIDENT (AS DEFINED IN THIS SCHEDULE), THE FOLLOWING SHALL APPLY IN LIEU OF SECTION 6.2 OF THE GENERAL TERMS SCHEDULE: THE MAXIMUM LIABILITY OF HYLAND (INCLUDING ITS AFFILIATES AND SUPPLIERS) ARISING OUT OF OR RELATED TO THE AGREEMENT OR THE PRODUCTS OR SERVICES PROVIDED UNDER IT FOR A CUSTOMER DATA INCIDENT (AS DEFINED IN THIS SCHEDULE), WHETHER IN CONTRACT OR TORT (INCLUDING NEGLIGENCE), OR ANY OTHER LEGAL OR EQUITABLE THEORY, SHALL IN NO EVENT EXCEED, IN THE AGGREGATE, ALL FEES AND CHARGES ACTUALLY PAID BY CUSTOMER TO HYLAND (LESS ANY REFUNDS OR CREDITS) UNDER THE AGREEMENT DURING THE TWELVE (12) MONTH PERIOD IMMEDIATELY PRECEDING THE CUSTOMER DATA INCIDENT MULTIPLIED BY THE NUMBER INDICATED IN THE TABLE BELOW BASED ON CUSTOMER’S SERVICE CLASS AT THE TIME OF THE CUSTOMER DATA INCIDENT.
Service Class | Multiplier |
Silver | 1 |
Gold | 2 |
Platinum | 3 |
Double Platinum | 4 |
10.2 Notwithstanding Section 6.1 of the General Terms Schedule, and subject to Section 10.1 of this Schedule, in the event of a Customer Data Incident, Hyland shall pay the reasonable and documented costs incurred by Customer in connection with the following items: (a) providing notification of the Customer Data Incident to applicable government and relevant industry self-regulatory agencies, to the media and to individuals whose personal data may have been accessed or acquired, where required by law; and (b) providing credit monitoring service (where such service addresses the harm caused by the Customer Data Incident) to individuals who elect to receive such credit monitoring service and whose personal data may have been accessed or acquired, for a period of one year after the date on which such individuals were notified of the unauthorized access or acquisition.
11. TERM; TERMINATION.
11.1 Term. Subject to the termination provisions set forth in Section 1.2 of the General Terms Schedule and Section 11.1.1 below, the initial term of this SaaS Schedule will be the Initial Term; and such term will automatically renew thereafter for successive terms of one (1) year each, unless and until either party provides at least thirty (30) days advance written notice of non-renewal, in which case this SaaS Schedule shall terminate at the end of the then current term.
11.1.1 If, in the reasonable opinion of Customer or Hyland, the compliance by either party with the terms of this SaaS Schedule will be in violation of any law or regulation implemented or modified after the commencement of Hyland Cloud Service provided pursuant to this SaaS Schedule, Customer or Hyland, as the case may be, may terminate this SaaS Schedule upon thirty (30) days written notice to the other party.
11.2 Additional Effects or Consequences of Termination. In addition to Section 1.3 of the General Terms Schedule, immediately upon any termination or expiration of this SaaS Schedule, Customer shall cease any and all uses of or access to the Hyland Cloud Service and Documentation.
11.3 Transition Period Upon Termination. Except in the case of termination by Hyland due to Customer’s breach of this SaaS Schedule or the Agreement, upon Customer’s request, Hyland will use good faith efforts to enter into an amendment or Services Proposal pursuant to which Customer may continue to access the Hyland Cloud Service pursuant to the terms of this SaaS Schedule and the Agreement for a period following the expiration or termination of the SaaS Schedule (the “Transition Period”). Any such amendment or Services Proposal shall be subject to Customer’s payment of mutually agreed upon fees, including SaaS Fees, Consumption Fees and any fees for Professional Services related to such Transition Period.
12. COMPLIANCE WITH LAWS. Subject to Section 11 above, Hyland agrees to comply in all material respects with all laws applicable to Hyland in its performance of services under this SaaS Schedule.
Confidential - Ó 2021 Hyland Software, Inc.
Effective October 24th 2022 to February 24th 2023
DownloadTable of Contents
SOFTWARE-AS-A-SERVICE SCHEDULE
This SaaS Schedule (“SaaS Schedule”) forms a part of the Hyland Master Agreement or any other agreement between Customer and Hyland (the “Agreement”) which incorporates this SaaS Schedule by reference.
All capitalized terms used in this Schedule shall have the meaning ascribed them in this Schedule or, if not defined in this Schedule, the General Terms Schedule. If any capitalized terms used herein are not defined in this Schedule or the General Terms Schedule, they shall have the meaning ascribed to them elsewhere in the Agreement.
“Consumption Fees” means the amounts payable by Customer for storage of data and information in the Hyland Cloud Service in excess of the data storage allocation set forth in the initial Purchase Table Schedule for the Hyland Cloud Service.
“Customer Data” means any and all electronic data and information submitted by Customer or Users to the Hyland Cloud Service.
“Customer Data Incident” means an unauthorized disclosure of Customer Data resulting from Hyland’s failure to comply with the SaaS Security Attachment. Without limitation, Customer Data Incident does not include any of the following that results in no unauthorized access to Customer Data or to any Hyland’s systems storing Customer Data: (a) pings and other broadcast attacks on firewalls or edge servers; (b) port scans; (c) unsuccessful log-on attempts; (d) denial of service attacks; or (e) packet sniffing (or other unauthorized access to traffic data that does not result in access beyond IP addresses or headers).
“Documentation” means: (1) to the extent available, the “Help Files” included in the Hyland Cloud Service, or (2) if no such “Help Files” are included in the Hyland Cloud Service, such other documentation published by Hyland, in each case, which relate to the functional, operational or performance characteristics of the Hyland Cloud Service.
“Host Web Site” means the web site hosted by Hyland as part of the Hyland Cloud Service on a web server included in the Hyland Cloud Platform used to access the Hyland Cloud Service.
“Hosted 3rd Party Software” means all third party software products (other than third party software products bundled by Hyland as a part of the Software) provided by Hyland as part of the Hyland Cloud Service.
“Hyland Cloud Platform” means the Physical Infrastructure and any composite software layers such as databases, operating systems, virtualization technology, Hosted 3rd Party Software, and Host Web Site, responsible for providing the Hyland Cloud Service, whether owned by Hyland or a third party.
“Hyland Cloud Service” means Hyland’s provision of Software and the Hyland Cloud Platform for use by Customer in accordance with the Agreement and this SaaS Schedule.
“Hyland Cloud Service Support” means the services described in Section 5 of this Schedule.
“Initial Setup Fee” means the one-time fee invoiced by Hyland to Customer and payable by Customer to Hyland for the setup and activation of the Hyland Cloud Platform and the Host Web Site for use applicable to each Software module purchase under the Agreement.
“Physical Infrastructure” means the physical hardware and infrastructure which Hyland uses to provide the Hyland Cloud Service (which may include servers, network devices, cabling, CPU, data centers, memory, storage, switches, firewalls, routers and other network devices) whether owned by Hyland or a third party services provider.
“Resolution” means Hyland provides Customer with a reasonable workaround, correction, or modification that solves or mitigates a reported Hyland Cloud Service issue or error.
“SaaS Fees” means the amounts invoiced by Hyland and payable by Customer to Hyland for the use of the Hyland Cloud Service. The initial SaaS Fees are set forth in the initial Purchase Table Schedule.
“SaaS Security Attachment” means the document available at https://legal.hyland.com/Customer-Legal-Center#saas-security-attachment. The SaaS Security Attachment describes Hyland's current security processes and procedures. These processes and procedures may be updated from time to time, but will not be materially reduced.
“Service Class” means the service level commitment included as part of the Hyland Cloud Service, as described in the Service Class Manual, and purchased by Customer as part of the Hyland Cloud Service.
“Service Class Manual” means the latest version of the manual describing any available Service Classes, as posted by Hyland from time to time on a website designated by Hyland.
“Support Prioritization Attachment” is the document available at https://legal.hyland.com/Customer-Legal-Center#maintenance-and-support-prioritization-attachment.
“Testing Environment” means a separate instance of the Hyland Cloud Service (including Customer Data) hosted by Hyland, for use by Customer solely with production data in a non-production environment for the limited purpose of functional and performance testing of the Software and environment, Hosted 3rd Party Software and each Work Product included in the Hyland Cloud Service.
“Testing Lite Environment” means a separate instance of the Hyland Cloud Service (including Customer Data) hosted by Hyland, for use by Customer solely with production data in a non-production environment for the limited purpose of functional testing of the Software and environment, Hosted 3rd Party Software and each Work Product included in the Hyland Cloud Service.
“Upgrades and Enhancements” means any and all new versions, improvements, modifications, upgrades, updates, fixes and additions to Software that Hyland makes available to Customer or to Hyland’s end users generally during the term of this Schedule to correct errors or deficiencies or enhance the capabilities of the Software, together with updates of the Documentation to reflect such new versions, improvements, modifications, upgrades, fixes or additions; provided, however, that the foregoing shall not include new, separate product offerings, new modules or re-platformed Software.
“Users” means Customer’s employees that access and use the Hyland Cloud Service.
1. HYLAND CLOUD SERVICE.
1.1 General. During the term of this SaaS Schedule Hyland will: (a) make the Hyland Cloud Service available to Customer pursuant to this SaaS Schedule, the SaaS Security Attachment, Documentation and the applicable Service Class Manual; and (b) only use Customer Data to provide, develop, and improve the Hyland Cloud Service and other services, to prevent or address service or technical problems, or in accordance with Customer’s instructions.
1.2 Service Class. Prior to or on the Effective Date, Hyland has delivered a then-current copy of the applicable Service Class Manual to Customer. After the Effective Date, Hyland will have the right to modify the applicable Service Class Manual (including the right to issue an entirely restated Service Class Manual) from time to time. The modifications or the revised Service Class Manual will be effective thirty (30) days after Hyland provides written notice to Customer informing Customer of Hyland’s posting of such modifications or revisions on the website identified in such notice. Notwithstanding the foregoing, no modifications of any Service Class Manual relating to Customer’s then-current Service Class will be effective until the next renewal of this SaaS Schedule. The initial Service Class purchased by Customer is set forth in the initial Purchase Table Schedule. To the extent Service Class upgrades or downgrades are available related to the Hyland Cloud Service purchase by Customer, Customer may upgrade the Service Class at any time, but may downgrade such Service Class only after the expiration of the Initial Term of this SaaS Schedule. In the event Customer elects to downgrade such Service Class, such downgrade will not be effective until the beginning of the next renewal of this SaaS Schedule. To modify a Service Class selection, Customer must submit a purchase order indicating the new Service Class.
1.3 Return of Customer Data and Deletion. Upon termination or expiration of this SaaS Schedule for any reason:
(a) Upon written request by Customer to Hyland sent to cloud@hyland.com, made within thirty (30) days after the effective date of any such termination or expiration, for Customer Data extraction Professional Services (“Notice of Return of Customer Data”), Hyland will either: (1) return Customer Data to Customer by providing: Customer Data on one (1) or more encrypted hard drives or other similar media and an export file containing the relevant keyword values and related file locations for the Customer Data or (2) make available to Customer the Customer Data for extraction by Customer. Hyland will work with Customer on determining the extraction method most suitable to meet Customer’s requirements. Customer acknowledges and agrees that thirty (30) days after Hyland has sent or made available to Customer the Customer Data, Hyland shall have no obligation to maintain or provide any Customer Data and shall thereafter, unless legally prohibited, delete all such Customer Data from all of Hyland’s datacenters, including all replicated copies.
(b) Upon written request by Customer to Hyland sent to cloud@hyland.com, made within thirty (30) days after the effective date of any such termination or expiration, for the deletion of Customer Data (“Notice of Deletion of Customer Data”), Hyland will have no obligation to maintain or provide any Customer Data and shall thereafter, unless legally prohibited, delete all Customer Data from all of Hyland’s datacenters, including all replicated copies.
(c) If Customer does not provide the Notice of Return of Customer Data or the Notice of Deletion of Customer Data in accordance with paragraph (a) or (b) above, Customer acknowledges and agrees that thirty (30) days after any termination or expiration of this SaaS Schedule, Hyland will have no obligation to maintain or provide any Customer Data and may thereafter, unless legally prohibited, delete all Customer Data from all of Hyland’s datacenters, including all replicated copies.
1.4 Data Location. Hyland shall store Customer Data at data centers located in the country(ies) indicated in the initial Purchase Table. Hyland may, at its expense, change the location of the Customer Data to other data centers; provided that such locations remain in that country.
1.5 Hyland customers may license some Software provisioned by Hyland as part of the Hyland Cloud Service, and other Software which is implemented only on the customer’s premise (or a third party cloud other than the Hyland Cloud Platform), such as Hyland RPA (“On-Premise Software”). For clarity, if Customer licenses On-Premise Software from Hyland, this Schedule does not apply to such On-Premise Software.
2. GRANT OF RIGHTS AND PROHIBITED CONDUCT.
2.1 Hyland Cloud Service Use Grant. During the term of this SaaS Schedule, Hyland grants to Customer a revocable, non-exclusive, non-assignable (except as provided in the General Terms Schedule), limited right to use the Hyland Cloud Service as provided by Hyland, and the associated Documentation, solely for use by Customer and its Users for the internal business purposes of Customer, and only for capturing, storing, processing and accessing Customer’s data.
The Hyland Cloud Service is for use by Customer and its Users and may not be used for processing of third-party data as a service bureau, application service provider or otherwise. Customer and its Users shall not make any use of the Hyland Cloud Service in any manner not expressly permitted by this SaaS Schedule. Customer acknowledges that it and its Users may only access Customer Data via the Hyland Cloud Service and shall only access the Hyland Cloud Service in a manner consistent with this SaaS Schedule and the Documentation. Use of software or hardware that reduces the number of users directly accessing or utilizing the Hyland Cloud Service (e.g. by using “bots” or “multiplexing” or “pooling” software or hardware) does not reduce the number of users accessing the Hyland Cloud Services for purposes of calculating the number of users, as the required number of users would equal the number of distinct inputs to such software or hardware (e.g. to such “bots” or “multiplexing” or “pooling” software or hardware). Customer is prohibited from using any software (including bots) other than the Software client modules or a Software application programming interface (API) to access the Hyland Cloud Service or any data stored in the Software database for any purpose other than generating reports or statistics regarding system utilization, unless Hyland has given its prior written consent to Customer’s use of such other software and Customer has paid to Hyland the SaaS Fees with respect to such access. Customer further acknowledges that all components of the Hyland Cloud Service made available by Hyland, including any components downloaded or installed locally on Customer’s or Users’ systems, are solely for use with the Hyland Cloud Service and are not intended to be used on a stand-alone basis.
2.2 Volume Use Restriction. There are certain Software products that Hyland makes available and which Customer may purchase for use as part of the Hyland Cloud Service that are volume-based and may: (i) no longer function if applicable volume limits have been exceeded; (ii) require Customer to pay additional fees based on Customer’s volume usage; or (iii) include functionality which monitors or tracks Customer usage and reports that usage. Customer may not circumvent or attempt to circumvent this restriction by any means, including but not limited to changing the computer calendars.
2.3 Test Environments. Customer may purchase limited access to Testing Environments or Testing Lite Environments, or both. Hyland agrees that the security measures described in the SaaS Security Attachment are also applied to the Testing Environment and Testing Lite Environment. Hyland reserves the right to further define the permitted use(s) and/or restrict the use(s) of the Testing Environment and Testing Lite Environment. If, at any time, Customer is not satisfied with the Testing Environment or Testing Lite Environment, Customer’s sole and exclusive remedy shall be to stop using the Testing Environment or Testing Lite Environment.
2.4 No High Risk Use. The Hyland Cloud Service is not fault-tolerant and is not guaranteed to be error free or to operate uninterrupted. The Hyland Cloud Service is not designed or intended for use in any situation where failure or fault of any kind of the Hyland Cloud Service could lead to death or serious bodily injury to any person, or to severe physical or environmental damage (“High Risk Use”). Customer is not permitted to use the Hyland Cloud Service in, or in conjunction with, High Risk Use. High Risk Use is STRICTLY PROHIBITED. High Risk Use includes, for example, the following: aircraft or other modes of human mass transportation, nuclear or chemical facilities, life support systems, implantable medical equipment, motor vehicles, or weaponry systems. High Risk Use does not include utilization of the Hyland Cloud Service for administrative purposes, as an information resource for medical professionals, to store configuration data, engineering and/or configuration tools, or other non-control applications, the failure of which would not result in death, personal injury, or severe physical or environmental damage. These non-controlling applications may communicate with the applications that perform the control, but must not be directly or indirectly responsible for the control function. Customer agrees not to use, distribute, license, or grant the use of the Hyland Cloud Service in, or in connection with, any High Risk Use." Customer agrees to indemnify and hold harmless Hyland from any third-party claim arising out of Customer’s use of the Hyland Cloud Service in connection with any High Risk Use.
2.5 Assessment. Hyland shall be permitted access to assess Customer’s use of the Hyland Cloud Service in order to determine Customer’s compliance with the grant of use and pricing terms of the Agreement and this SaaS Schedule, including, where applicable, to measure Customer’s volume usage. Customer shall reasonably cooperate with Hyland with respect to its performance of such assessment.
2.6 Third Party Services and Content. The Hyland Cloud Service may contain functionality which allows Customer to: (a) access, link or integrate the Hyland Cloud Service with Customer’s applications or applications or services provided by third parties and (b) access third party websites and content. Hyland has no responsibility for such applications or services, websites or content and shall have no responsibility for any disclosure, modification or deletion of Customer Data resulting from any such access or use by such applications or services. Any activities engaged in by Customer or any of its Users with such third parties using the Hyland Cloud Service is solely between Customer and such third party and Hyland has no liability, obligation or responsibility for any such activities. Hyland does not endorse any third party web sites, applications or services that may be linked or integrated through the Hyland Cloud Service. Hyland is not responsible for any third party content, products or materials purchased, accessed or used by Customer or its Users using the Hyland Cloud Service.
2.7 Prohibited Conduct. Customer agrees not to: (a) remove copyright, trademark or other proprietary rights notices that appear during the use of the Hyland Cloud Service; (b) sell, transfer, rent, lease or sub-license the Hyland Cloud Service to any third party; (c) alter or modify the Hyland Cloud Service; (d) reverse engineer, disassemble, decompile or attempt to derive source code from the Hyland Cloud Service, or prepare derivative works therefrom; or (e) use the Hyland Cloud Service or permit it to be used in violation of the Acceptable Use Policy, as in effect from time to time, a copy of the current form of which is available at https://legal.hyland.com/Customer-Legal-Center#acceptable-use-policy-attachment or for the purposes of evaluation, benchmarking, or other comparative analysis intended for external publication without Hyland’s prior written consent.
2.8 Ownership of Customer Data. As between Hyland and Customer, Customer owns Customer Data.
2.9 Customer Input and Suggestions. Hyland shall have a royalty-free, worldwide, perpetual, transferable, sub-licensable, and irrevocable license to use or incorporate into any of Hyland’s products or services, including the Hyland Cloud Services, any suggestions, enhancements, improvements, recommendations or any other feedback provided by Customer or its users, related to the operation or use of the Hyland Cloud Service.
3. PRICES, INVOICES AND PAYMENT.
3.1 Initial Setup Fees. Hyland will invoice Customer for Initial Setup Fees in the amount set forth in the initial Purchase Table Schedule promptly following the Effective Date. Hyland will invoice Customer for Initial Setup Fees upon each additional purchase of Software for the Hyland Cloud Service upon acceptance of Customer’s purchase order for such Software.
3.2 SaaS Fees. Customer shall pay SaaS Fees to Hyland for the Hyland Cloud Service in such amounts as are invoiced by Hyland; provided, that during the Initial Term, Customer shall pay SaaS Fees to Hyland for the Hyland Cloud Service as initially composed in accordance with the initial Purchase Table Schedule. Hyland will invoice Customer on or after the Effective Date for SaaS Fees for the first year of the Initial Term. Following expiration of the Initial Term, Hyland may increase the SaaS Fees for the Hyland Cloud Service for any renewal period by up to ten percent (10%) of the previous year’s SaaS Fees. For any subsequent years, Hyland will invoice Customer for SaaS Fees prior to the beginning of such year, and such invoice shall be due and payable by Customer to Hyland in full in accordance with the General Terms Schedule. In the event Customer adds Software modules for the Hyland Cloud Service, Hyland will invoice Customer for SaaS Fees for such additional Software modules on a prorated basis upon Hyland’s acceptance of the purchase order for such additional Software modules. Thereafter, SaaS Fees relating to such additional Software shall be included in the subsequent invoices issued with respect to the existing licensed Software.
3.3 Consumption Fees. Hyland will invoice Customer for any Consumption Fees, monthly in arrears, promptly upon the end of the month to which such Consumption Fees relate. Consumption Fees will be due for a month if at any time during such month the amount of Customer Data stored in the Hyland Cloud Service exceeds Customer’s data storage allocation as set forth in the initial Purchase Table.
3.4 Add-On Services. If Customer subscribes to an Add-On Service, the fees for such Add-On Service will be invoiced on a periodic basis, in advance, and Customer shall pay such invoices in accordance with the General Terms Schedule. Some Add-On Services may be priced on a volume basis, for which Add-On Service fees may be invoiced in arrears based on the applicable volume usage. Except as may be stated in a separate Schedule, the Add-On Services are part of the Hyland Cloud Service.
3.5 Other Fees. If Customer procures and Hyland provides any other services or deliverables in connection with the Hyland Cloud Service that are not covered by the fees and charges described in Sections 3.1 through 3.4 above, Hyland will invoice Customer for such other fees or charges based upon Hyland’s then current list prices or the pricing that the parties have mutually agreed upon in connection with such other services or deliverables.
4. U.S. GOVERNMENT END USERS. To the extent applicable to Customer, the terms and conditions of the Agreement shall pertain to the U.S. Government’s use and/or disclosure of the Hyland Cloud Service, and shall supersede any conflicting contractual terms or conditions. By accepting the terms of the Agreement and/or the delivery of the Hyland Cloud Service, the U.S. Government hereby agrees that the Software, and the Hosted 3rd Party Software included in the Hyland Cloud Service and Add-On Services qualify as “commercial” computer software within the meaning of ALL U.S. federal acquisition regulation(s) applicable to this procurement and that the Software is developed exclusively at private expense. If this license fails to meet the U.S. Government’s needs or is inconsistent in any respect with Federal law, the U.S. Government agrees to return this Hyland Cloud Service or Add-On Services to Hyland. In addition to the foregoing, where DFARS is applicable, use, modification, reproduction, release, display, or disclosure of the Hyland Cloud Service, Add-On Services or Documentation by the U.S. Government is subject solely to the terms of the Agreement, as stated in DFARS 227.7202, and the terms of the Agreement shall supersede any conflicting contractual term or conditions.
5. HYLAND CLOUD SERVICE SUPPORT.
5.1 HYLAND CLOUD SERVICE SUPPORT TERMS. Hyland will provide Hyland Cloud Service Support in accordance with this Section and the Support Prioritization Attachment.
(a) Technical Support Services. Hyland will provide telephone or online technical support related to problems reported by Customer and associated with the operation of the Hyland Cloud Service, including assistance and advice related to the operation of the Hyland Cloud Service.
(b) Error Correction Services. With respect to any issues or errors in the Hyland Cloud Service which are reported by Customer and which are confirmed by Hyland, Hyland will use its reasonable efforts to correct such issue or error, which may be effected by a reasonable workaround. Hyland shall promptly commence to confirm any reported issues or errors after receipt of a proper report of such suspected issue or error from Customer in accordance with the Support Prioritization Attachment. Hyland may elect to correct the issue or error by updating or upgrading the applicable component of the Hyland Cloud Service to a new build or version.
(c) Reporting Policies and Procedures Applicable to Technical Support Services and Error Correction Services.
(1) Customer Reporting Requirements. When requesting Hyland Cloud Service Support, Customer will submit such requests through Hyland’s secure end user website, the details of which will be separately provided to Customer. Once such request is submitted through the end user website, Customer may call for a Level 1 or Level 2 Severity Level (support numbers are available through Hyland’s secure end user website). In the case of reporting a problem, issue, or error with the Hyland Cloud Service, Customer will provide Hyland with as much information and access to systems as reasonably possible to enable Hyland to investigate and attempt to identify and verify the problem, issue or error. Customer will work with Hyland support personnel during the problem isolation process, as reasonably needed. Customer will notify Hyland of any configuration changes it has made to the Hyland Cloud Service, such as workflow configuration changes, network installation/expansion, integrations, upgrades, relocations, etc.
(2) Hyland Response Procedures. Hyland shall respond to all reports in accordance with the Support Prioritization Attachment. Hyland: (a) will respond based on the confirmed severity level; (b) may reclassify severity levels as it learns information about such problems, issues or errors during the resolution process; and (c) obligations for a reported issue or error concludes upon delivery of a Resolution in accordance with the Support Prioritization Attachment.
(d) Software Upgrades and Enhancements. Hyland will make available, in accordance with Hyland’s then current policies, as set forth from time to time on Hyland’s secure end user web site (currently www.hyland.com/community), all Upgrades and Enhancements to the Software, if and when released during the term of this SaaS Schedule.
(e) Update, Upgrade, Change or Replacement of Components of the Hyland Cloud Service. Hyland may update or upgrade the build or version of the Software used in the Hyland Cloud Service from time to time at Hyland’s expense. Hyland also may change, replace, update or upgrade the Hyland Cloud Platform from time to time. Customer agrees to collaborate with Hyland and assist Hyland in connection with the completion of installation and testing of any update or upgrade related to the Hyland Cloud Service. Notwithstanding the foregoing, Customer acknowledges that it is Customer's responsibility to ensure that Customer is running a Cloud Compatible Version of the Software in accordance with Hyland's Cloud Software Version Policy available at Hyland's end user website (currently, community.hyland.com); Customer's failure to comply with Hyland's Cloud Software Version Policy shall be considered a material breach of the Agreement.
Customer acknowledges and agrees that for regulatory compliance purposes, Customer may be required to engage Hyland under a Services Proposal to implement Upgrades and Enhancements to a regulated product. If Hyland offers a self-service option for implementing Upgrades and Enhancements to a regulated product, and the Customer chooses this option, Customer agrees to comply with the training, reporting, and documentation requirements established by Hyland to ensure that the implementation is performed and documented as required by applicable regulations.
5.2 EXCLUSIONS.
Generally. Hyland is not responsible for providing, or obligated to provide, Hyland Cloud Service Support: (1) in connection with any errors, defects or problems that result in whole or in part from any alteration, revision, change, enhancement or modification of any nature of the Hyland Cloud Service or from any error or defect in any configuration of any component of the Hyland Cloud Service, which activities in any such case were undertaken by any party other than Hyland or a party retained by Hyland; (2) in connection with any error or defect or problem in any other component of the Hyland Cloud Service if Hyland has previously made available corrections for such error or defect which Customer fails to implement; (3) in connection with any errors, defects or problems which have been caused by errors, defects, problems, alterations, revisions, changes, enhancements or modifications in any software, hardware or system or networking which is not a part of the Hyland Cloud Service; (4) if any party other than Hyland, or an authorized subcontractor specifically selected by Hyland, has provided any services in the nature of Hyland Cloud Service Support to Customer with respect to the Hyland Cloud Service; or (5) in connection with any questions related to the operation or use of the Software application programming interfaces (APIs); or in connection with any errors, defects or problems with Work Products (as defined in the Professional Services Schedule). Support relating to Work Products and the operation or use of APIs may be provided, on a case-by-case basis, as mutually agreed to in an applicable Services Proposal which outlines Professional Services for such support activities.
6. SECURITY. During the term of this SaaS Schedule, Hyland shall maintain a security program which shall conform to the SaaS Security Attachment.
7. CERTAIN RESPONSIBILITIES AND OBLIGATIONS OF CUSTOMER.
7.1 Customer Responsibilities. In connection with the relationship established between Customer and Hyland under this SaaS Schedule:
(a) except as otherwise expressly permitted under the terms of this SaaS Schedule, Customer will not permit or authorize any third parties (such as persons or legal entities) to use the Hyland Cloud Service;
(b) Customer will comply with Hyland’s Acceptable Use Policy, as in effect from time to time, a copy of the current form of which is available at https://legal.hyland.com/Customer-Legal-Center#acceptable-use-policy-attachment;
(c) Customer is responsible for all Users use and all access through Customer and its Users of the Hyland Cloud Service and compliance with this SaaS Schedule and the Agreement, including, but not limited to, (i) setting-up User log-in accounts/credentials (e.g. user names, passwords, tokens, etc.) to the Hyland Cloud Service and immediately revoking User accounts/credentials when User no longer requires access to the Hyland Cloud Service, and (ii) shall not permit Users to share log-in accounts/credentials;
(d) Customer has sole responsibility for the accuracy, quality, content and legality of all Customer Data;
(e) Customer shall prohibit unauthorized access to, or use of, the Hyland Cloud Service and shall notify Hyland promptly of any such unauthorized access or use by contacting Customer’s Hyland technical support contact or another contact notified to Customer in writing (which may be via email or posted on Hyland’s secure end user web site (currently www.hyland.com/community)).
(f) Customer understands and agrees: (i) it has an independent duty to comply with any and all laws applicable to it, (ii) its use of the Hyland Cloud Service and compliance with any terms and conditions under this SaaS Schedule and the Agreement does not constitute compliance with any law, (iii) it shall make use of available Hyland Cloud Service security features and controls to properly transmit, store, process and provide access to Customer Data and (iv) it shall use the tools and reporting capabilities made available in the Hyland Cloud Service to monitor and confirm Customer Data processing, such as batch processing of electronic documents uploaded to the Hyland Cloud Service.
(g) Customer may give any of its Users the rights to act as a system administrator, through the configuration tools included in the Software for the Hyland Cloud Service. Hyland has no responsibility or obligations in connection with Customer’s internal management or administration of Customer’s Hyland Cloud Service.
7.2 Customer Internet Connection. Customer is responsible for obtaining and maintaining all software, hardware (including without limitation network systems), telephonic or other communications circuits, and Internet Service Provider relationships that are necessary or appropriate for Customer to properly access and use the Hyland Cloud Service. Hyland shall have no responsibility or liability under this SaaS Schedule for any unavailability or failure of, or nonconformity or defect in, the Hyland Cloud Service that is caused by or related in any manner to any failure of Customer to obtain and maintain all such software, hardware, equipment and relationships.
8. LIMITED WARRANTIES.
8.1 Hyland Cloud Service Limited Warranty. Hyland warrants to Customer that during the term of this SaaS Schedule the Hyland Cloud Service will function in all material respects as described in the Documentation. The terms of this warranty shall not apply to, and Hyland shall have no liability for any non-conformity related to, the Hyland Cloud Service if: (i) any component of the Hyland Cloud Service has been modified, misused or abused by Customer or a third party, (ii) any such non-conformity arises from or is related to problems within or impacting Customer’s computing environment, including any Customer third party software applications, hardware, network or internet connectivity, or (iii) if the Hyland Cloud Service is used in combination with equipment or software other than that which is provided by Hyland or is consistent with the Documentation.
8.2 Hyland Cloud Service Warranty Remedy. Hyland’s sole obligation, and Customer’s sole and exclusive remedy, for any non-conformities to the express limited warranties under Section 8.1 shall be as follows: provided that Customer notifies Hyland in writing of the non-conformity, Hyland will either (a) correct the non-conforming component of the Hyland Cloud Service, which may include the delivery of a reasonable workaround for the non-conformity; or (b) if Hyland determines that correcting the non-conformity is not practicable, then terminate this SaaS Schedule with respect to the non-conforming component, in which event, upon compliance by Customer with its obligations under Section 11.2 of this SaaS Schedule, Hyland will provide a refund to Customer of the “unused portion of prepaid SaaS Fees” (as defined below) paid by Customer and attributable to the non-conforming component. The “unused portion of the prepaid SaaS Fees” shall mean an amount equal to the total SaaS Fees paid by Customer for the non-conforming portion of the Hyland Cloud Service for the then current term (or applicable twelve-month period within the Initial Term) during which such removal occurs, multiplied by a fraction, the numerator of which shall be the number of full calendar months remaining during the term (or applicable twelve-month period within the Initial Term) during which such removal occurs, and the denominator of which shall be twelve (12).
8.3 Customer Limited Warranty. Customer represents and warrants to Hyland that: (a) Customer and its Users are the legal custodian of the Customer Data and it has the right and authority to use the Hyland Cloud Service in connection with all Customer Data and other materials hereunder; (b) Customer will use reasonable efforts to ensure that any Customer Data submitted to Hyland via electronic media will be free of viruses; and (c) anyone submitting Customer Data to Hyland for use in connection with the Hyland Cloud Service or Professional Services has the legal authority to do so, either through ownership of the Customer Data or by obtaining appropriate authorizations therefor, and that submission of Customer Data does not violate any contracts, agreements, or any applicable law. Customer is responsible for all Customer Data that is submitted to Hyland for use in connection with the Hyland Cloud Service or Professional Services.
9. INFRINGEMENT INDEMNIFICATION.
9.1 Generally. Hyland agrees to indemnify Customer against all liability and expense, including reasonable attorneys’ fees, arising from or in connection with any third party claim, action or proceeding instituted against Customer based upon any infringement or misappropriation by the Hyland Cloud Service of any patent, registered copyright or registered trademark of a third party that is enforceable in the United States, provided that Hyland: (a) is notified promptly after Customer receives notice of such claim; (b) is solely in charge of the defense of and any settlement negotiations with respect to such claim, provided, that Hyland will not settle any such claim without the prior written consent of Customer if such settlement contains a stipulation to or admission or acknowledgement of any liability or wrongdoing on the part of the Customer or otherwise requires payment by Customer; (c) receives Customer’s reasonable cooperation in the defense or settlement of such claim; and (d) has the right, upon either the occurrence of or the likelihood (in the opinion of Hyland) of the occurrence of a finding of infringement or misappropriation, either to procure for Customer the right to continue use of the Hyland Cloud Service, or to replace the relevant portions of the Hyland Cloud Service with other equivalent, non-infringing portions. If Hyland is unable to accomplish either of the options set forth in the preceding sentence, Hyland shall terminate this SaaS Schedule upon thirty (30) days advance written notice to Customer and refund to Customer the “unused portion of prepaid SaaS Fees” as defined below paid during the then current term (or applicable twelve-month period within the Initial Term). For these purposes, the “unused portion of prepaid SaaS Fees” shall mean an amount equal to the total SaaS Fees paid by Customer for the term (or applicable twelve-month period within the Initial Term) during which termination occurs, multiplied by a fraction, the numerator of which shall be the number of full calendar months remaining during the term (or applicable twelve-month period within the Initial Term) during which such termination occurs, and the denominator or which shall be twelve (12). Notwithstanding anything to the contrary, Hyland shall have no obligation to indemnify Customer against any claims made against Customer and otherwise described in this Section that arise from: (v) any Customer Data; (w) use of the Hyland Cloud Service other than as expressly permitted by this SaaS Schedule and the Agreement; (x) the combination of the Hyland Cloud Service or any component thereof with any product not furnished by Hyland; (y) the modification or addition of any component of the Hyland Cloud Service, other than by Hyland or any of its authorized resellers specifically retained by Hyland to provide such modification or addition; or (z) the Customer’s business methods or processes.
9.2 THIS SECTION 9 STATES HYLAND’S ENTIRE LIABILITY AND THE SOLE AND EXCLUSIVE REMEDY OF CUSTOMER WITH RESPECT TO ANY ALLEGED INFRINGEMENT OR MISAPPROPRIATION OF INTELLECTUAL PROPERTY OR PROPRIETARY PROPERTY BY THE HYLAND CLOUD SERVICE.
10. LIABILITY FOR CUSTOMER DATA INCIDENTS.
10.1 NOTWITHSTANDING ANYTHING TO THE CONTRARY, IN THE CASE OF A CUSTOMER DATA INCIDENT (AS DEFINED IN THIS SCHEDULE), THE FOLLOWING SHALL APPLY IN LIEU OF SECTION 6.2 OF THE GENERAL TERMS SCHEDULE: THE MAXIMUM LIABILITY OF HYLAND (INCLUDING ITS AFFILIATES AND SUPPLIERS) ARISING OUT OF OR RELATED TO THE AGREEMENT OR THE PRODUCTS OR SERVICES PROVIDED UNDER IT FOR A CUSTOMER DATA INCIDENT (AS DEFINED IN THIS SCHEDULE), WHETHER IN CONTRACT OR TORT (INCLUDING NEGLIGENCE), OR ANY OTHER LEGAL OR EQUITABLE THEORY, SHALL IN NO EVENT EXCEED, IN THE AGGREGATE, ALL FEES AND CHARGES ACTUALLY PAID BY CUSTOMER TO HYLAND (LESS ANY REFUNDS OR CREDITS) UNDER THE AGREEMENT DURING THE TWELVE (12) MONTH PERIOD IMMEDIATELY PRECEDING THE CUSTOMER DATA INCIDENT MULTIPLIED BY THE NUMBER INDICATED IN THE TABLE BELOW BASED ON CUSTOMER’S SERVICE CLASS AT THE TIME OF THE CUSTOMER DATA INCIDENT.
Service Class | Multiplier |
Silver | 1 |
Gold | 2 |
Platinum | 3 |
Double Platinum | 4 |
10.2 Notwithstanding Section 6.1 of the General Terms Schedule, and subject to Section 10.1 of this Schedule, in the event of a Customer Data Incident, Hyland shall pay the reasonable and documented costs incurred by Customer in connection with the following items: (a) providing notification of the Customer Data Incident to applicable government and relevant industry self-regulatory agencies, to the media and to individuals whose personal data may have been accessed or acquired, where required by law; and (b) providing credit monitoring service (where such service addresses the harm caused by the Customer Data Incident) to individuals who elect to receive such credit monitoring service and whose personal data may have been accessed or acquired, for a period of one year after the date on which such individuals were notified of the unauthorized access or acquisition.
11. TERM; TERMINATION.
11.1 Term. Subject to the termination provisions set forth in Section 1.2 of the General Terms Schedule and Section 11.1.1 below, the initial term of this SaaS Schedule will be the Initial Term; and such term will automatically renew thereafter for successive terms of one (1) year each, unless and until either party provides at least thirty (30) days advance written notice of non-renewal, in which case this SaaS Schedule shall terminate at the end of the then current term.
11.1.1 If, in the reasonable opinion of Customer or Hyland, the compliance by either party with the terms of this SaaS Schedule will be in violation of any law or regulation implemented or modified after the commencement of Hyland Cloud Service provided pursuant to this SaaS Schedule, Customer or Hyland, as the case may be, may terminate this SaaS Schedule upon thirty (30) days written notice to the other party.
11.2 Additional Effects or Consequences of Termination. In addition to Section 1.3 of the General Terms Schedule, immediately upon any termination or expiration of this SaaS Schedule, Customer shall cease any and all uses of or access to the Hyland Cloud Service and Documentation.
11.3 Transition Period Upon Termination. Except in the case of termination by Hyland due to Customer’s breach of this SaaS Schedule or the Agreement, in the event of any other termination of this SaaS Schedule or the Agreement, Hyland shall, upon Customer’s request, continue to provide Hyland Cloud Service Support and access to the Hyland Cloud Service (except where Hyland is enjoined) pursuant to the terms of this SaaS Schedule and the Agreement for a period of up to ninety (90) calendar days following such a termination (the “Transition Period”), provided Customer pays all applicable SaaS Fees and Consumption Fees for such Transition Period plus an additional five percent (5%) of such fees. During such Transition Period, both parties will reasonably cooperate and use their reasonable efforts to provide for an orderly transition that is designed to minimize the disruption to Customer’s business operations. Such cooperation and assistance will be limited to Professional Services consisting of consulting services and subject to Hyland’s then-current rates for such Professional Services which will be set out in a purchase order or a Services Proposal in accordance with the Professional Services Schedule to the Agreement.
12. COMPLIANCE WITH LAWS. Subject to Section 11 above, Hyland agrees to comply in all material respects with all laws applicable to Hyland in its performance of services under this SaaS Schedule.
Confidential - Ó 2021 Hyland Software, Inc.
Effective September 27th 2021 to October 24th 2022
DownloadTable of Contents
SOFTWARE-AS-A-SERVICE SCHEDULE
This SaaS Schedule (“SaaS Schedule”) forms a part of the Hyland Master Agreement or any other agreement between Customer and Hyland (the “Agreement”) which incorporates this SaaS Schedule by reference.
All capitalized terms used in this Schedule shall have the meaning ascribed them in this Schedule or, if not defined in this Schedule, the General Terms Schedule. If any capitalized terms used herein are not defined in this Schedule or the General Terms Schedule, they shall have the meaning ascribed to them elsewhere in the Agreement.
“Consumption Fees” means the amounts payable by Customer for storage of data and information in the Hyland Cloud Service in excess of the data storage allocation set forth in the initial Purchase Table Schedule for the Hyland Cloud Service.
“Customer Data” means any and all electronic data and information submitted by Customer or Users to the Hyland Cloud Service.
“Customer Data Incident” means an unauthorized disclosure of Customer Data resulting from Hyland’s failure to comply with the SaaS Security Attachment. Without limitation, Customer Data Incident does not include any of the following that results in no unauthorized access to Customer Data or to any Hyland’s systems storing Customer Data: (a) pings and other broadcast attacks on firewalls or edge servers; (b) port scans; (c) unsuccessful log-on attempts; (d) denial of service attacks; or (e) packet sniffing (or other unauthorized access to traffic data that does not result in access beyond IP addresses or headers).
“Documentation” means: (1) to the extent available, the “Help Files” included in the Hyland Cloud Service, or (2) if no such “Help Files” are included in the Hyland Cloud Service, such other documentation published by Hyland, in each case, which relate to the functional, operational or performance characteristics of the Hyland Cloud Service.
“Host Web Site” means the web site hosted by Hyland as part of the Hyland Cloud Service on a web server included in the Hyland Cloud Platform used to access the Hyland Cloud Service.
“Hosted 3rd Party Software” means all third party software products (other than third party software products bundled by Hyland as a part of the Software) provided by Hyland as part of the Hyland Cloud Service.
“Hyland Cloud Platform” means the Physical Infrastructure and any composite software layers such as databases, operating systems, virtualization technology, Hosted 3rd Party Software, and Host Web Site, responsible for providing the Hyland Cloud Service, whether owned by Hyland or a third party.
“Hyland Cloud Service” means Hyland’s provision of Software and the Hyland Cloud Platform for use by Customer in accordance with the Agreement and this SaaS Schedule.
“Hyland Cloud Service Support” means the services described in Section 5 of this Schedule.
“Initial Setup Fee” means the one-time fee invoiced by Hyland to Customer and payable by Customer to Hyland for the setup and activation of the Hyland Cloud Platform and the Host Web Site for use applicable to each Software module purchase under the Agreement.
“Physical Infrastructure” means the physical hardware and infrastructure which Hyland uses to provide the Hyland Cloud Service (which may include servers, network devices, cabling, CPU, data centers, memory, storage, switches, firewalls, routers and other network devices) whether owned by Hyland or a third party services provider.
“Resolution” means Hyland provides Customer with a reasonable workaround, correction, or modification that solves or mitigates a reported Hyland Cloud Service issue or error.
“SaaS Fees” means the amounts invoiced by Hyland and payable by Customer to Hyland for the use of the Hyland Cloud Service. The initial SaaS Fees are set forth in the initial Purchase Table Schedule.
“SaaS Security Attachment” means the document available at https://legal.hyland.com/Customer-Legal-Center#saas-security-attachment. The SaaS Security Attachment describes Hyland's current security processes and procedures. These processes and procedures may be updated from time to time, but will not be materially reduced.
“Service Class” means the service level commitment included as part of the Hyland Cloud Service, as described in the Service Class Manual, and purchased by Customer as part of the Hyland Cloud Service.
“Service Class Manual” means the latest version of the manual describing any available Service Classes, as posted by Hyland from time to time on a website designated by Hyland.
“Support Prioritization Attachment” is the document available at https://legal.hyland.com/Customer-Legal-Center#maintenance-and-support-prioritization-attachment.
“Testing Environment” means a separate instance of the Hyland Cloud Service (including Customer Data) hosted by Hyland, for use by Customer solely with production data in a non-production environment for the limited purpose of functional and performance testing of the Software and environment, Hosted 3rd Party Software and each Work Product included in the Hyland Cloud Service.
“Testing Lite Environment” means a separate instance of the Hyland Cloud Service (including Customer Data) hosted by Hyland, for use by Customer solely with production data in a non-production environment for the limited purpose of functional testing of the Software and environment, Hosted 3rd Party Software and each Work Product included in the Hyland Cloud Service.
“Upgrades and Enhancements” means any and all new versions, improvements, modifications, upgrades, updates, fixes and additions to Software that Hyland makes available to Customer or to Hyland’s end users generally during the term of this Schedule to correct errors or deficiencies or enhance the capabilities of the Software, together with updates of the Documentation to reflect such new versions, improvements, modifications, upgrades, fixes or additions; provided, however, that the foregoing shall not include new, separate product offerings, new modules or re-platformed Software.
“Users” means Customer’s employees that access and use the Hyland Cloud Service.
1. HYLAND CLOUD SERVICE.
1.1 General. During the term of this SaaS Schedule Hyland will: (a) make the Hyland Cloud Service available to Customer pursuant to this SaaS Schedule, the SaaS Security Attachment, Documentation and the applicable Service Class Manual; and (b) only use Customer Data to provide, develop, and improve the Hyland Cloud Service and other services, to prevent or address service or technical problems, or in accordance with Customer’s instructions.
1.2 Service Class. Prior to or on the Effective Date, Hyland has delivered a then-current copy of the applicable Service Class Manual to Customer. After the Effective Date, Hyland will have the right to modify the applicable Service Class Manual (including the right to issue an entirely restated Service Class Manual) from time to time. The modifications or the revised Service Class Manual will be effective thirty (30) days after Hyland provides written notice to Customer informing Customer of Hyland’s posting of such modifications or revisions on the website identified in such notice. Notwithstanding the foregoing, no modifications of any Service Class Manual relating to Customer’s then-current Service Class will be effective until the next renewal of this SaaS Schedule. The initial Service Class purchased by Customer is set forth in the initial Purchase Table Schedule. To the extent Service Class upgrades or downgrades are available related to the Hyland Cloud Service purchase by Customer, Customer may upgrade the Service Class at any time, but may downgrade such Service Class only after the expiration of the Initial Term of this SaaS Schedule. In the event Customer elects to downgrade such Service Class, such downgrade will not be effective until the beginning of the next renewal of this SaaS Schedule. To modify a Service Class selection, Customer must submit a purchase order indicating the new Service Class.
1.3 Return of Customer Data and Deletion. Upon termination or expiration of this SaaS Schedule for any reason:
(a) Upon written request by Customer to Hyland sent to cloud@hyland.com, made within thirty (30) days after the effective date of any such termination or expiration, for Customer Data extraction Professional Services (“Notice of Return of Customer Data”), Hyland will either: (1) return Customer Data to Customer by providing: Customer Data on one (1) or more encrypted hard drives or other similar media and an export file containing the relevant keyword values and related file locations for the Customer Data or (2) make available to Customer the Customer Data for extraction by Customer. Hyland will work with Customer on determining the extraction method most suitable to meet Customer’s requirements. Customer acknowledges and agrees that thirty (30) days after Hyland has sent or made available to Customer the Customer Data, Hyland shall have no obligation to maintain or provide any Customer Data and shall thereafter, unless legally prohibited, delete all such Customer Data from all of Hyland’s datacenters, including all replicated copies.
(b) Upon written request by Customer to Hyland sent to cloud@hyland.com, made within thirty (30) days after the effective date of any such termination or expiration, for the deletion of Customer Data (“Notice of Deletion of Customer Data”), Hyland will have no obligation to maintain or provide any Customer Data and shall thereafter, unless legally prohibited, delete all Customer Data from all of Hyland’s datacenters, including all replicated copies.
(c) If Customer does not provide the Notice of Return of Customer Data or the Notice of Deletion of Customer Data in accordance with paragraph (a) or (b) above, Customer acknowledges and agrees that thirty (30) days after any termination or expiration of this SaaS Schedule, Hyland will have no obligation to maintain or provide any Customer Data and may thereafter, unless legally prohibited, delete all Customer Data from all of Hyland’s datacenters, including all replicated copies.
1.4 Data Location. Hyland shall store Customer Data at data centers located in the country(ies) indicated in the initial Purchase Table. Hyland may, at its expense, change the location of the Customer Data to other data centers; provided that such locations remain in that country.
1.5 Hyland customers may license some Software provisioned by Hyland as part of the Hyland Cloud Service, and other Software which is implemented only on the customer’s premise (or a third party cloud other than the Hyland Cloud Platform), such as Hyland RPA (“On-Premise Software”). For clarity, if Customer licenses On-Premise Software from Hyland, this Schedule does not apply to such On-Premise Software.
2. GRANT OF RIGHTS AND PROHIBITED CONDUCT.
2.1 Hyland Cloud Service Use Grant. During the term of this SaaS Schedule, Hyland grants to Customer a revocable, non-exclusive, non-assignable (except as provided in the General Terms Schedule), limited right to use the Hyland Cloud Service as provided by Hyland, and the associated Documentation, solely for use by Customer and its Users for the internal business purposes of Customer, and only for capturing, storing, processing and accessing Customer’s data.
The Hyland Cloud Service is for use by Customer and its Users and may not be used for processing of third-party data as a service bureau, application service provider or otherwise. Customer and its Users shall not make any use of the Hyland Cloud Service in any manner not expressly permitted by this SaaS Schedule. Customer acknowledges that it and its Users may only access Customer Data via the Hyland Cloud Service and shall only access the Hyland Cloud Service in a manner consistent with this SaaS Schedule and the Documentation. Use of software or hardware that reduces the number of users directly accessing or utilizing the Hyland Cloud Service (e.g. by using “bots” or “multiplexing” or “pooling” software or hardware) does not reduce the number of users accessing the Hyland Cloud Services for purposes of calculating the number of users, as the required number of users would equal the number of distinct inputs to such software or hardware (e.g. to such “bots” or “multiplexing” or “pooling” software or hardware). Customer is prohibited from using any software (including bots) other than the Software client modules or a Software application programming interface (API) to access the Hyland Cloud Service or any data stored in the Software database for any purpose other than generating reports or statistics regarding system utilization, unless Hyland has given its prior written consent to Customer’s use of such other software and Customer has paid to Hyland the SaaS Fees with respect to such access. Customer further acknowledges that all components of the Hyland Cloud Service made available by Hyland, including any components downloaded or installed locally on Customer’s or Users’ systems, are solely for use with the Hyland Cloud Service and are not intended to be used on a stand-alone basis.
2.2 Volume Use Restriction. There are certain Software products that Hyland makes available and which Customer may purchase for use as part of the Hyland Cloud Service that are volume-based and may: (i) no longer function if applicable volume limits have been exceeded; (ii) require Customer to pay additional fees based on Customer’s volume usage; or (iii) include functionality which monitors or tracks Customer usage and reports that usage. Customer may not circumvent or attempt to circumvent this restriction by any means, including but not limited to changing the computer calendars.
2.3 Test Environments. Customer may purchase limited access to Testing Environments or Testing Lite Environments, or both. Hyland agrees that the security measures described in the SaaS Security Attachment are also applied to the Testing Environment and Testing Lite Environment. Hyland reserves the right to further define the permitted use(s) and/or restrict the use(s) of the Testing Environment and Testing Lite Environment. If, at any time, Customer is not satisfied with the Testing Environment or Testing Lite Environment, Customer’s sole and exclusive remedy shall be to stop using the Testing Environment or Testing Lite Environment.
2.4 No High Risk Use. The Hyland Cloud Service is not fault-tolerant and is not guaranteed to be error free or to operate uninterrupted. The Hyland Cloud Service is not designed or intended for use in any situation where failure or fault of any kind of the Hyland Cloud Service could lead to death or serious bodily injury to any person, or to severe physical or environmental damage (“High Risk Use”). Customer is not permitted to use the Hyland Cloud Service in, or in conjunction with, High Risk Use. High Risk Use is STRICTLY PROHIBITED. High Risk Use includes, for example, the following: aircraft or other modes of human mass transportation, nuclear or chemical facilities, life support systems, implantable medical equipment, motor vehicles, or weaponry systems. High Risk Use does not include utilization of the Hyland Cloud Service for administrative purposes, as an information resource for medical professionals, to store configuration data, engineering and/or configuration tools, or other non-control applications, the failure of which would not result in death, personal injury, or severe physical or environmental damage. These non-controlling applications may communicate with the applications that perform the control, but must not be directly or indirectly responsible for the control function. Customer agrees not to use, distribute, license, or grant the use of the Hyland Cloud Service in, or in connection with, any High Risk Use." Customer agrees to indemnify and hold harmless Hyland from any third-party claim arising out of Customer’s use of the Hyland Cloud Service in connection with any High Risk Use.
2.5 Assessment. Hyland shall be permitted access to assess Customer’s use of the Hyland Cloud Service in order to determine Customer’s compliance with the grant of use and pricing terms of the Agreement and this SaaS Schedule, including, where applicable, to measure Customer’s volume usage. Customer shall reasonably cooperate with Hyland with respect to its performance of such assessment.
2.6 Third Party Services and Content. The Hyland Cloud Service may contain functionality which allows Customer to: (a) access, link or integrate the Hyland Cloud Service with Customer’s applications or applications or services provided by third parties and (b) access third party websites and content. Hyland has no responsibility for such applications or services, websites or content and shall have no responsibility for any disclosure, modification or deletion of Customer Data resulting from any such access or use by such applications or services. Any activities engaged in by Customer or any of its Users with such third parties using the Hyland Cloud Service is solely between Customer and such third party and Hyland has no liability, obligation or responsibility for any such activities. Hyland does not endorse any third party web sites, applications or services that may be linked or integrated through the Hyland Cloud Service. Hyland is not responsible for any third party content, products or materials purchased, accessed or used by Customer or its Users using the Hyland Cloud Service.
2.7 Prohibited Conduct. Customer agrees not to: (a) remove copyright, trademark or other proprietary rights notices that appear during the use of the Hyland Cloud Service; (b) sell, transfer, rent, lease or sub-license the Hyland Cloud Service to any third party; (c) alter or modify the Hyland Cloud Service; (d) reverse engineer, disassemble, decompile or attempt to derive source code from the Hyland Cloud Service, or prepare derivative works therefrom; or (e) use the Hyland Cloud Service or permit it to be used in violation of the Acceptable Use Policy, as in effect from time to time, a copy of the current form of which is available at https://legal.hyland.com/Customer-Legal-Center#acceptable-use-policy-attachment or for the purposes of evaluation, benchmarking, or other comparative analysis intended for external publication without Hyland’s prior written consent.
2.8 Ownership of Customer Data. As between Hyland and Customer, Customer owns Customer Data.
2.9 Customer Input and Suggestions. Hyland shall have a royalty-free, worldwide, perpetual, transferable, sub-licensable, and irrevocable license to use or incorporate into any of Hyland’s products or services, including the Hyland Cloud Services, any suggestions, enhancements, improvements, recommendations or any other feedback provided by Customer or its users, related to the operation or use of the Hyland Cloud Service.
3. PRICES, INVOICES AND PAYMENT.
3.1 Initial Setup Fees. Hyland will invoice Customer for Initial Setup Fees in the amount set forth in the initial Purchase Table Schedule promptly following the Effective Date. Hyland will invoice Customer for Initial Setup Fees upon each additional purchase of Software for the Hyland Cloud Service upon acceptance of Customer’s purchase order for such Software.
3.2 SaaS Fees. Customer shall pay SaaS Fees to Hyland for the Hyland Cloud Service in such amounts as are invoiced by Hyland; provided, that during the Initial Term, Customer shall pay SaaS Fees to Hyland for the Hyland Cloud Service as initially composed in accordance with the initial Purchase Table Schedule. Hyland will invoice Customer on or after the Effective Date for SaaS Fees for the first year of the Initial Term. Following expiration of the Initial Term, Hyland may increase the SaaS Fees for the Hyland Cloud Service for any renewal period by up to ten percent (10%) of the previous year’s SaaS Fees. For any subsequent years, Hyland will invoice Customer for SaaS Fees prior to the beginning of such year, and such invoice shall be due and payable by Customer to Hyland in full in accordance with the General Terms Schedule. In the event Customer adds Software modules for the Hyland Cloud Service, Hyland will invoice Customer for SaaS Fees for such additional Software modules on a prorated basis upon Hyland’s acceptance of the purchase order for such additional Software modules. Thereafter, SaaS Fees relating to such additional Software shall be included in the subsequent invoices issued with respect to the existing licensed Software.
3.3 Consumption Fees. Hyland will invoice Customer for any Consumption Fees, monthly in arrears, promptly upon the end of the month to which such Consumption Fees relate. Consumption Fees will be due for a month if at any time during such month the amount of Customer Data stored in the Hyland Cloud Service exceeds Customer’s data storage allocation as set forth in the initial Purchase Table.
3.4 Add-On Services. If Customer subscribes to an Add-On Service, the fees for such Add-On Service will be invoiced on a periodic basis, in advance, and Customer shall pay such invoices in accordance with the General Terms Schedule. Some Add-On Services may be priced on a volume basis, for which Add-On Service fees may be invoiced in arrears based on the applicable volume usage. Except as may be stated in a separate Schedule, the Add-On Services are part of the Hyland Cloud Service.
3.5 Other Fees. If Customer procures and Hyland provides any other services or deliverables in connection with the Hyland Cloud Service that are not covered by the fees and charges described in Sections 3.1 through 3.4 above, Hyland will invoice Customer for such other fees or charges based upon Hyland’s then current list prices or the pricing that the parties have mutually agreed upon in connection with such other services or deliverables.
4. U.S. GOVERNMENT END USERS. To the extent applicable to Customer, the terms and conditions of the Agreement shall pertain to the U.S. Government’s use and/or disclosure of the Hyland Cloud Service, and shall supersede any conflicting contractual terms or conditions. By accepting the terms of the Agreement and/or the delivery of the Hyland Cloud Service, the U.S. Government hereby agrees that the Software, and the Hosted 3rd Party Software included in the Hyland Cloud Service and Add-On Services qualify as “commercial” computer software within the meaning of ALL U.S. federal acquisition regulation(s) applicable to this procurement and that the Software is developed exclusively at private expense. If this license fails to meet the U.S. Government’s needs or is inconsistent in any respect with Federal law, the U.S. Government agrees to return this Hyland Cloud Service or Add-On Services to Hyland. In addition to the foregoing, where DFARS is applicable, use, modification, reproduction, release, display, or disclosure of the Hyland Cloud Service, Add-On Services or Documentation by the U.S. Government is subject solely to the terms of the Agreement, as stated in DFARS 227.7202, and the terms of the Agreement shall supersede any conflicting contractual term or conditions.
5. HYLAND CLOUD SERVICE SUPPORT.
5.1 HYLAND CLOUD SERVICE SUPPORT TERMS. Hyland will provide Hyland Cloud Service Support in accordance with this Section and the Support Prioritization Attachment.
(a) Technical Support Services. Hyland will provide telephone or online technical support related to problems reported by Customer and associated with the operation of the Hyland Cloud Service, including assistance and advice related to the operation of the Hyland Cloud Service.
(b) Error Correction Services. With respect to any issues or errors in the Hyland Cloud Service which are reported by Customer and which are confirmed by Hyland, Hyland will use its reasonable efforts to correct such issue or error, which may be effected by a reasonable workaround. Hyland shall promptly commence to confirm any reported issues or errors after receipt of a proper report of such suspected issue or error from Customer in accordance with the Support Prioritization Attachment. Hyland may elect to correct the issue or error by updating or upgrading the applicable component of the Hyland Cloud Service to a new build or version.
(c) Reporting Policies and Procedures Applicable to Technical Support Services and Error Correction Services.
(1) Customer Reporting Requirements. When requesting Hyland Cloud Service Support, Customer will submit such requests through Hyland’s secure end user website, the details of which will be separately provided to Customer. Once such request is submitted through the end user website, Customer may call for a Level 1 or Level 2 Severity Level (support numbers are available through Hyland’s secure end user website). In the case of reporting a problem, issue, or error with the Hyland Cloud Service, Customer will provide Hyland with as much information and access to systems as reasonably possible to enable Hyland to investigate and attempt to identify and verify the problem, issue or error. Customer will work with Hyland support personnel during the problem isolation process, as reasonably needed. Customer will notify Hyland of any configuration changes it has made to the Hyland Cloud Service, such as workflow configuration changes, network installation/expansion, integrations, upgrades, relocations, etc.
(2) Hyland Response Procedures. Hyland shall respond to all reports in accordance with the Support Prioritization Attachment. Hyland: (a) will respond based on the confirmed severity level; (b) may reclassify severity levels as it learns information about such problems, issues or errors during the resolution process; and (c) obligations for a reported issue or error concludes upon delivery of a Resolution in accordance with the Support Prioritization Attachment.
(d) Software Upgrades and Enhancements. Hyland will make available, in accordance with Hyland’s then current policies, as set forth from time to time on Hyland’s secure end user web site (currently www.hyland.com/community), all Upgrades and Enhancements to the Software, if and when released during the term of this SaaS Schedule.
(e) Update, Upgrade, Change or Replacement of Components of the Hyland Cloud Service. Hyland may update or upgrade the build or version of the Software used in the Hyland Cloud Service from time to time at Hyland’s expense. Hyland also may change, replace, update or upgrade the Hyland Cloud Platform from time to time. Customer agrees to collaborate with Hyland and assist Hyland in connection with the completion of installation and testing of any update or upgrade related to the Hyland Cloud Service.
Customer acknowledges and agrees that for regulatory compliance purposes, Customer may be required to engage Hyland under a Services Proposal to implement Upgrades and Enhancements to a regulated product. If Hyland offers a self-service option for implementing Upgrades and Enhancements to a regulated product, and the Customer chooses this option, Customer agrees to comply with the training, reporting, and documentation requirements established by Hyland to ensure that the implementation is performed and documented as required by applicable regulations.
5.2 EXCLUSIONS.
Generally. Hyland is not responsible for providing, or obligated to provide, Hyland Cloud Service Support: (1) in connection with any errors, defects or problems that result in whole or in part from any alteration, revision, change, enhancement or modification of any nature of the Hyland Cloud Service or from any error or defect in any configuration of any component of the Hyland Cloud Service, which activities in any such case were undertaken by any party other than Hyland or a party retained by Hyland; (2) in connection with any error or defect or problem in any other component of the Hyland Cloud Service if Hyland has previously made available corrections for such error or defect which Customer fails to implement; (3) in connection with any errors, defects or problems which have been caused by errors, defects, problems, alterations, revisions, changes, enhancements or modifications in any software, hardware or system or networking which is not a part of the Hyland Cloud Service; (4) if any party other than Hyland, or an authorized subcontractor specifically selected by Hyland, has provided any services in the nature of Hyland Cloud Service Support to Customer with respect to the Hyland Cloud Service; or (5) in connection with any questions related to the operation or use of the Software application programming interfaces (APIs); or in connection with any errors, defects or problems with Work Products (as defined in the Professional Services Schedule). Support relating to Work Products and the operation or use of APIs may be provided, on a case-by-case basis, as mutually agreed to in an applicable Services Proposal which outlines Professional Services for such support activities.
6. SECURITY. During the term of this SaaS Schedule, Hyland shall maintain a security program which shall conform to the SaaS Security Attachment.
7. CERTAIN RESPONSIBILITIES AND OBLIGATIONS OF CUSTOMER.
7.1 Customer Responsibilities. In connection with the relationship established between Customer and Hyland under this SaaS Schedule:
(a) except as otherwise expressly permitted under the terms of this SaaS Schedule, Customer will not permit or authorize any third parties (such as persons or legal entities) to use the Hyland Cloud Service;
(b) Customer will comply with Hyland’s Acceptable Use Policy, as in effect from time to time, a copy of the current form of which is available at https://legal.hyland.com/Customer-Legal-Center#acceptable-use-policy-attachment;
(c) Customer is responsible for all Users use and all access through Customer and its Users of the Hyland Cloud Service and compliance with this SaaS Schedule and the Agreement, including, but not limited to, (i) setting-up User log-in accounts/credentials (e.g. user names, passwords, tokens, etc.) to the Hyland Cloud Service and immediately revoking User accounts/credentials when User no longer requires access to the Hyland Cloud Service, and (ii) shall not permit Users to share log-in accounts/credentials;
(d) Customer has sole responsibility for the accuracy, quality, content and legality of all Customer Data;
(e) Customer shall prohibit unauthorized access to, or use of, the Hyland Cloud Service and shall notify Hyland promptly of any such unauthorized access or use by contacting Customer’s Hyland technical support contact or another contact notified to Customer in writing (which may be via email or posted on Hyland’s secure end user web site (currently www.hyland.com/community)).
(f) Customer understands and agrees: (i) it has an independent duty to comply with any and all laws applicable to it, (ii) its use of the Hyland Cloud Service and compliance with any terms and conditions under this SaaS Schedule and the Agreement does not constitute compliance with any law, (iii) it shall make use of available Hyland Cloud Service security features and controls to properly transmit, store, process and provide access to Customer Data and (iv) it shall use the tools and reporting capabilities made available in the Hyland Cloud Service to monitor and confirm Customer Data processing, such as batch processing of electronic documents uploaded to the Hyland Cloud Service.
(g) Customer may give any of its Users the rights to act as a system administrator, through the configuration tools included in the Software for the Hyland Cloud Service. Hyland has no responsibility or obligations in connection with Customer’s internal management or administration of Customer’s Hyland Cloud Service.
7.2 Customer Internet Connection. Customer is responsible for obtaining and maintaining all software, hardware (including without limitation network systems), telephonic or other communications circuits, and Internet Service Provider relationships that are necessary or appropriate for Customer to properly access and use the Hyland Cloud Service. Hyland shall have no responsibility or liability under this SaaS Schedule for any unavailability or failure of, or nonconformity or defect in, the Hyland Cloud Service that is caused by or related in any manner to any failure of Customer to obtain and maintain all such software, hardware, equipment and relationships.
8. LIMITED WARRANTIES.
8.1 Hyland Cloud Service Limited Warranty. Hyland warrants to Customer that during the term of this SaaS Schedule the Hyland Cloud Service will function in all material respects as described in the Documentation. The terms of this warranty shall not apply to, and Hyland shall have no liability for any non-conformity related to, the Hyland Cloud Service if: (i) any component of the Hyland Cloud Service has been modified, misused or abused by Customer or a third party, (ii) any such non-conformity arises from or is related to problems within or impacting Customer’s computing environment, including any Customer third party software applications, hardware, network or internet connectivity, or (iii) if the Hyland Cloud Service is used in combination with equipment or software other than that which is provided by Hyland or is consistent with the Documentation.
8.2 Hyland Cloud Service Warranty Remedy. Hyland’s sole obligation, and Customer’s sole and exclusive remedy, for any non-conformities to the express limited warranties under Section 8.1 shall be as follows: provided that Customer notifies Hyland in writing of the non-conformity, Hyland will either (a) correct the non-conforming component of the Hyland Cloud Service, which may include the delivery of a reasonable workaround for the non-conformity; or (b) if Hyland determines that correcting the non-conformity is not practicable, then terminate this SaaS Schedule with respect to the non-conforming component, in which event, upon compliance by Customer with its obligations under Section 11.2 of this SaaS Schedule, Hyland will provide a refund to Customer of the “unused portion of prepaid SaaS Fees” (as defined below) paid by Customer and attributable to the non-conforming component. The “unused portion of the prepaid SaaS Fees” shall mean an amount equal to the total SaaS Fees paid by Customer for the non-conforming portion of the Hyland Cloud Service for the then current term (or applicable twelve-month period within the Initial Term) during which such removal occurs, multiplied by a fraction, the numerator of which shall be the number of full calendar months remaining during the term (or applicable twelve-month period within the Initial Term) during which such removal occurs, and the denominator of which shall be twelve (12).
8.3 Customer Limited Warranty. Customer represents and warrants to Hyland that: (a) Customer and its Users are the legal custodian of the Customer Data and it has the right and authority to use the Hyland Cloud Service in connection with all Customer Data and other materials hereunder; (b) Customer will use reasonable efforts to ensure that any Customer Data submitted to Hyland via electronic media will be free of viruses; and (c) anyone submitting Customer Data to Hyland for use in connection with the Hyland Cloud Service or Professional Services has the legal authority to do so, either through ownership of the Customer Data or by obtaining appropriate authorizations therefor, and that submission of Customer Data does not violate any contracts, agreements, or any applicable law. Customer is responsible for all Customer Data that is submitted to Hyland for use in connection with the Hyland Cloud Service or Professional Services.
9. INFRINGEMENT INDEMNIFICATION.
9.1 Generally. Hyland agrees to indemnify Customer against all liability and expense, including reasonable attorneys’ fees, arising from or in connection with any third party claim, action or proceeding instituted against Customer based upon any infringement or misappropriation by the Hyland Cloud Service of any patent, registered copyright or registered trademark of a third party that is enforceable in the United States, provided that Hyland: (a) is notified promptly after Customer receives notice of such claim; (b) is solely in charge of the defense of and any settlement negotiations with respect to such claim, provided, that Hyland will not settle any such claim without the prior written consent of Customer if such settlement contains a stipulation to or admission or acknowledgement of any liability or wrongdoing on the part of the Customer or otherwise requires payment by Customer; (c) receives Customer’s reasonable cooperation in the defense or settlement of such claim; and (d) has the right, upon either the occurrence of or the likelihood (in the opinion of Hyland) of the occurrence of a finding of infringement or misappropriation, either to procure for Customer the right to continue use of the Hyland Cloud Service, or to replace the relevant portions of the Hyland Cloud Service with other equivalent, non-infringing portions. If Hyland is unable to accomplish either of the options set forth in the preceding sentence, Hyland shall terminate this SaaS Schedule upon thirty (30) days advance written notice to Customer and refund to Customer the “unused portion of prepaid SaaS Fees” as defined below paid during the then current term (or applicable twelve-month period within the Initial Term). For these purposes, the “unused portion of prepaid SaaS Fees” shall mean an amount equal to the total SaaS Fees paid by Customer for the term (or applicable twelve-month period within the Initial Term) during which termination occurs, multiplied by a fraction, the numerator of which shall be the number of full calendar months remaining during the term (or applicable twelve-month period within the Initial Term) during which such termination occurs, and the denominator or which shall be twelve (12). Notwithstanding anything to the contrary, Hyland shall have no obligation to indemnify Customer against any claims made against Customer and otherwise described in this Section that arise from: (v) any Customer Data; (w) use of the Hyland Cloud Service other than as expressly permitted by this SaaS Schedule and the Agreement; (x) the combination of the Hyland Cloud Service or any component thereof with any product not furnished by Hyland; (y) the modification or addition of any component of the Hyland Cloud Service, other than by Hyland or any of its authorized resellers specifically retained by Hyland to provide such modification or addition; or (z) the Customer’s business methods or processes.
9.2 THIS SECTION 9 STATES HYLAND’S ENTIRE LIABILITY AND THE SOLE AND EXCLUSIVE REMEDY OF CUSTOMER WITH RESPECT TO ANY ALLEGED INFRINGEMENT OR MISAPPROPRIATION OF INTELLECTUAL PROPERTY OR PROPRIETARY PROPERTY BY THE HYLAND CLOUD SERVICE.
10. LIABILITY FOR CUSTOMER DATA INCIDENTS.
10.1 NOTWITHSTANDING ANYTHING TO THE CONTRARY, IN THE CASE OF A CUSTOMER DATA INCIDENT (AS DEFINED IN THIS SCHEDULE), THE FOLLOWING SHALL APPLY IN LIEU OF SECTION 6.2 OF THE GENERAL TERMS SCHEDULE: THE MAXIMUM LIABILITY OF HYLAND (INCLUDING ITS AFFILIATES AND SUPPLIERS) ARISING OUT OF OR RELATED TO THE AGREEMENT OR THE PRODUCTS OR SERVICES PROVIDED UNDER IT FOR A CUSTOMER DATA INCIDENT (AS DEFINED IN THIS SCHEDULE), WHETHER IN CONTRACT OR TORT (INCLUDING NEGLIGENCE), OR ANY OTHER LEGAL OR EQUITABLE THEORY, SHALL IN NO EVENT EXCEED, IN THE AGGREGATE, ALL FEES AND CHARGES ACTUALLY PAID BY CUSTOMER TO HYLAND (LESS ANY REFUNDS OR CREDITS) UNDER THE AGREEMENT DURING THE TWELVE (12) MONTH PERIOD IMMEDIATELY PRECEDING THE CUSTOMER DATA INCIDENT MULTIPLIED BY THE NUMBER INDICATED IN THE TABLE BELOW BASED ON CUSTOMER’S SERVICE CLASS AT THE TIME OF THE CUSTOMER DATA INCIDENT.
Service Class | Multiplier |
Silver | 1 |
Gold | 2 |
Platinum | 3 |
Double Platinum | 4 |
10.2 Notwithstanding Section 6.1 of the General Terms Schedule, and subject to Section 10.1 of this Schedule, in the event of a Customer Data Incident, Hyland shall pay the reasonable and documented costs incurred by Customer in connection with the following items: (a) providing notification of the Customer Data Incident to applicable government and relevant industry self-regulatory agencies, to the media and to individuals whose personal data may have been accessed or acquired, where required by law; and (b) providing credit monitoring service (where such service addresses the harm caused by the Customer Data Incident) to individuals who elect to receive such credit monitoring service and whose personal data may have been accessed or acquired, for a period of one year after the date on which such individuals were notified of the unauthorized access or acquisition.
11. TERM; TERMINATION.
11.1 Term. Subject to the termination provisions set forth in Section 1.2 of the General Terms Schedule and Section 11.1.1 below, the initial term of this SaaS Schedule will be the Initial Term; and such term will automatically renew thereafter for successive terms of one (1) year each, unless and until either party provides at least thirty (30) days advance written notice of non-renewal, in which case this SaaS Schedule shall terminate at the end of the then current term.
11.1.1 If, in the reasonable opinion of Customer or Hyland, the compliance by either party with the terms of this SaaS Schedule will be in violation of any law or regulation implemented or modified after the commencement of Hyland Cloud Service provided pursuant to this SaaS Schedule, Customer or Hyland, as the case may be, may terminate this SaaS Schedule upon thirty (30) days written notice to the other party.
11.2 Additional Effects or Consequences of Termination. In addition to Section 1.3 of the General Terms Schedule, immediately upon any termination or expiration of this SaaS Schedule, Customer shall cease any and all uses of or access to the Hyland Cloud Service and Documentation.
11.3 Transition Period Upon Termination. Except in the case of termination by Hyland due to Customer’s breach of this SaaS Schedule or the Agreement, in the event of any other termination of this SaaS Schedule or the Agreement, Hyland shall, upon Customer’s request, continue to provide Hyland Cloud Service Support and access to the Hyland Cloud Service (except where Hyland is enjoined) pursuant to the terms of this SaaS Schedule and the Agreement for a period of up to ninety (90) calendar days following such a termination (the “Transition Period”), provided Customer pays all applicable SaaS Fees and Consumption Fees for such Transition Period plus an additional five percent (5%) of such fees. During such Transition Period, both parties will reasonably cooperate and use their reasonable efforts to provide for an orderly transition that is designed to minimize the disruption to Customer’s business operations. Such cooperation and assistance will be limited to Professional Services consisting of consulting services and subject to Hyland’s then-current rates for such Professional Services which will be set out in a purchase order or a Services Proposal in accordance with the Professional Services Schedule to the Agreement.
12. COMPLIANCE WITH LAWS. Subject to Section 11 above, Hyland agrees to comply in all material respects with all laws applicable to Hyland in its performance of services under this SaaS Schedule.
Confidential - Ó 2021 Hyland Software, Inc.
Effective May 13th 2021 to September 27th 2021
DownloadTable of Contents
SOFTWARE-AS-A-SERVICE SCHEDULE
This SaaS Schedule (“SaaS Schedule”) forms a part of the Hyland Master Agreement or any other agreement between Customer and Hyland (the “Agreement”) which incorporates this SaaS Schedule by reference.
All capitalized terms used in this Schedule shall have the meaning ascribed them in this Schedule or, if not defined in this Schedule, the General Terms Schedule. If any capitalized terms used herein are not defined in this Schedule or the General Terms Schedule, they shall have the meaning ascribed to them elsewhere in the Agreement.
“Consumption Fees” means the amounts payable by Customer for storage of data and information in the Hyland Cloud Service in excess of the data storage allocation set forth in the initial Purchase Table Schedule for the Hyland Cloud Service.
“Customer Data” means any and all electronic data and information submitted by Customer or Users to the Hyland Cloud Service.
“Customer Data Incident” means an unauthorized disclosure of Customer Data resulting from Hyland’s failure to comply with the SaaS Security Attachment. Without limitation, Customer Data Incident does not include any of the following that results in no unauthorized access to Customer Data or to any Hyland’s systems storing Customer Data: (a) pings and other broadcast attacks on firewalls or edge servers; (b) port scans; (c) unsuccessful log-on attempts; (d) denial of service attacks; or (e) packet sniffing (or other unauthorized access to traffic data that does not result in access beyond IP addresses or headers).
“Documentation” means: (1) to the extent available, the “Help Files” included in the Hyland Cloud Service, or (2) if no such “Help Files” are included in the Hyland Cloud Service, such other documentation published by Hyland, in each case, which relate to the functional, operational or performance characteristics of the Hyland Cloud Service.
“Host Web Site” means the web site hosted by Hyland as part of the Hyland Cloud Service on a web server included in the Hyland Cloud Platform used to access the Hyland Cloud Service.
“Hosted 3rd Party Software” means all third party software products (other than third party software products bundled by Hyland as a part of the Software) provided by Hyland as part of the Hyland Cloud Service.
“Hyland Cloud Platform” means the Physical Infrastructure and any composite software layers such as databases, operating systems, virtualization technology, Hosted 3rd Party Software, and Host Web Site, responsible for providing the Hyland Cloud Service, whether owned by Hyland or a third party.
“Hyland Cloud Service” means Hyland’s provision of Software and the Hyland Cloud Platform for use by Customer in accordance with the Agreement and this SaaS Schedule.
“Hyland Cloud Service Support” means the services described in Section 5 of this Schedule.
“Initial Setup Fee” means the one-time fee invoiced by Hyland to Customer and payable by Customer to Hyland for the setup and activation of the Hyland Cloud Platform and the Host Web Site for use applicable to each Software module purchase under the Agreement.
“Physical Infrastructure” means the physical hardware and infrastructure which Hyland uses to provide the Hyland Cloud Service (which may include servers, network devices, cabling, CPU, data centers, memory, storage, switches, firewalls, routers and other network devices) whether owned by Hyland or a third party services provider.
“Resolution” means Hyland provides Customer with a reasonable workaround, correction, or modification that solves or mitigates a reported Hyland Cloud Service issue or error.
“SaaS Fees” means the amounts invoiced by Hyland and payable by Customer to Hyland for the use of the Hyland Cloud Service. The initial SaaS Fees are set forth in the initial Purchase Table Schedule.
“SaaS Security Attachment” means the document available at https://legal.hyland.com/Customer-Legal-Center#saas-security-attachment. The SaaS Security Attachment describes Hyland's current security processes and procedures. These processes and procedures may be updated from time to time, but will not be materially reduced.
“Service Class” means the service level commitment included as part of the Hyland Cloud Service, as described in the Service Class Manual, and purchased by Customer as part of the Hyland Cloud Service.
“Service Class Manual” means the latest version of the manual describing any available Service Classes, as posted by Hyland from time to time on a website designated by Hyland.
“Support Prioritization Attachment” is the document available at https://legal.hyland.com/Customer-Legal-Center#maintenance-and-support-prioritization-attachment.
“Testing Environment” means a separate instance of the Hyland Cloud Service (including Customer Data) hosted by Hyland, for use by Customer solely with production data in a non-production environment for the limited purpose of functional and performance testing of the Software and environment, Hosted 3rd Party Software and each Work Product included in the Hyland Cloud Service.
“Testing Lite Environment” means a separate instance of the Hyland Cloud Service (including Customer Data) hosted by Hyland, for use by Customer solely with production data in a non-production environment for the limited purpose of functional testing of the Software and environment, Hosted 3rd Party Software and each Work Product included in the Hyland Cloud Service.
“Upgrades and Enhancements” means any and all new versions, improvements, modifications, upgrades, updates, fixes and additions to Software that Hyland makes available to Customer or to Hyland’s end users generally during the term of this Schedule to correct errors or deficiencies or enhance the capabilities of the Software, together with updates of the Documentation to reflect such new versions, improvements, modifications, upgrades, fixes or additions; provided, however, that the foregoing shall not include new, separate product offerings, new modules or re-platformed Software.
“Users” means Customer’s employees that access and use the Hyland Cloud Service.
1. HYLAND CLOUD SERVICE.
1.1 General. During the term of this SaaS Schedule Hyland will: (a) make the Hyland Cloud Service available to Customer pursuant to this SaaS Schedule, the SaaS Security Attachment, Documentation and the applicable Service Class Manual; and (b) only use Customer Data to provide, develop, and improve the Hyland Cloud Service and other services, to prevent or address service or technical problems, or in accordance with Customer’s instructions.
1.2 Service Class. Prior to or on the Effective Date, Hyland has delivered a then-current copy of the applicable Service Class Manual to Customer. After the Effective Date, Hyland will have the right to modify the applicable Service Class Manual (including the right to issue an entirely restated Service Class Manual) from time to time. The modifications or the revised Service Class Manual will be effective thirty (30) days after Hyland provides written notice to Customer informing Customer of Hyland’s posting of such modifications or revisions on the website identified in such notice. Notwithstanding the foregoing, no modifications of any Service Class Manual relating to Customer’s then-current Service Class will be effective until the next renewal of this SaaS Schedule. The initial Service Class purchased by Customer is set forth in the initial Purchase Table Schedule. To the extent Service Class upgrades or downgrades are available related to the Hyland Cloud Service purchase by Customer, Customer may upgrade the Service Class at any time, but may downgrade such Service Class only after the expiration of the Initial Term (as defined below) of this SaaS Schedule. In the event Customer elects to downgrade such Service Class, such downgrade will not be effective until the beginning of the next renewal of this SaaS Schedule. To modify a Service Class selection, Customer must submit a purchase order indicating the new Service Class.
1.3 Return of Customer Data and Deletion. Upon termination or expiration of this SaaS Schedule for any reason:
(a) Upon written request by Customer to Hyland sent to cloud@hyland.com, made within thirty (30) days after the effective date of any such termination or expiration, for Customer Data extraction Professional Services (“Notice of Return of Customer Data”), Hyland will either: (1) return Customer Data to Customer by providing: Customer Data on one (1) or more encrypted hard drives or other similar media and an export file containing the relevant keyword values and related file locations for the Customer Data or (2) make available to Customer the Customer Data for extraction by Customer. Hyland will work with Customer on determining the extraction method most suitable to meet Customer’s requirements. Customer acknowledges and agrees that thirty (30) days after Hyland has sent or made available to Customer the Customer Data, Hyland shall have no obligation to maintain or provide any Customer Data and shall thereafter, unless legally prohibited, delete all such Customer Data from all of Hyland’s datacenters, including all replicated copies.
(b) Upon written request by Customer to Hyland sent to cloud@hyland.com, made within thirty (30) days after the effective date of any such termination or expiration, for the deletion of Customer Data (“Notice of Deletion of Customer Data”), Hyland will have no obligation to maintain or provide any Customer Data and shall thereafter, unless legally prohibited, delete all Customer Data from all of Hyland’s datacenters, including all replicated copies.
(c) If Customer does not provide the Notice of Return of Customer Data or the Notice of Deletion of Customer Data in accordance with paragraph (a) or (b) above, Customer acknowledges and agrees that thirty (30) days after any termination or expiration of this SaaS Schedule, Hyland will have no obligation to maintain or provide any Customer Data and may thereafter, unless legally prohibited, delete all Customer Data from all of Hyland’s datacenters, including all replicated copies.
1.4 Data Location. Hyland shall store Customer Data at data centers located in the country(ies) indicated in the initial Purchase Table. Hyland may, at its expense, change the location of the Customer Data to other data centers; provided that such locations remain in that country.
1.5 Hyland customers may license some Software provisioned by Hyland as part of the Hyland Cloud Service, and other Software which is implemented only on the customer’s premise (or a third party cloud other than the Hyland Cloud Platform), such as Hyland RPA (“On-Premise Software”). For clarity, if Customer licenses On-Premise Software from Hyland, this Schedule does not apply to such On-Premise Software.
2. GRANT OF RIGHTS AND PROHIBITED CONDUCT.
2.1 Hyland Cloud Service Use Grant. During the term of this SaaS Schedule, Hyland grants to Customer a revocable, non-exclusive, non-assignable (except as provided in the General Terms Schedule), limited right to use the Hyland Cloud Service as provided by Hyland, and the associated Documentation, solely for use by Customer and its Users for the internal business purposes of Customer, and only for capturing, storing, processing and accessing Customer’s data.
The Hyland Cloud Service is for use by Customer and its Users and may not be used for processing of third-party data as a service bureau, application service provider or otherwise. Customer and its Users shall not make any use of the Hyland Cloud Service in any manner not expressly permitted by this SaaS Schedule. Customer acknowledges that it and its Users may only access Customer Data via the Hyland Cloud Service and shall only access the Hyland Cloud Service in a manner consistent with this SaaS Schedule and the Documentation. Use of software or hardware that reduces the number of users directly accessing or utilizing the Hyland Cloud Service (e.g. by using “bots” or “multiplexing” or “pooling” software or hardware) does not reduce the number of users accessing the Hyland Cloud Services for purposes of calculating the number of users, as the required number of users would equal the number of distinct inputs to such software or hardware (e.g. to such “bots” or “multiplexing” or “pooling” software or hardware). Customer is prohibited from using any software (including bots) other than the Software client modules or a Software application programming interface (API) to access the Hyland Cloud Service or any data stored in the Software database for any purpose other than generating reports or statistics regarding system utilization, unless Hyland has given its prior written consent to Customer’s use of such other software and Customer has paid to Hyland the SaaS Fees with respect to such access. Customer further acknowledges that all components of the Hyland Cloud Service made available by Hyland, including any components downloaded or installed locally on Customer’s or Users’ systems, are solely for use with the Hyland Cloud Service and are not intended to be used on a stand-alone basis.
2.2 Volume Use Restriction. There are certain Software products that Hyland makes available and which Customer may purchase for use as part of the Hyland Cloud Service that are volume-based and may: (i) no longer function if applicable volume limits have been exceeded; (ii) require Customer to pay additional fees based on Customer’s volume usage; or (iii) include functionality which monitors or tracks Customer usage and reports that usage. Customer may not circumvent or attempt to circumvent this restriction by any means, including but not limited to changing the computer calendars.
2.3 Test Environments. Customer may purchase limited access to Testing Environments or Testing Lite Environments, or both. Hyland agrees that the security measures described in the SaaS Security Attachment are also applied to the Testing Environment and Testing Lite Environment. Hyland reserves the right to further define the permitted use(s) and/or restrict the use(s) of the Testing Environment and Testing Lite Environment. If, at any time, Customer is not satisfied with the Testing Environment or Testing Lite Environment, Customer’s sole and exclusive remedy shall be to stop using the Testing Environment or Testing Lite Environment.
2.4 No High Risk Use. The Hyland Cloud Service is not fault-tolerant and is not guaranteed to be error free or to operate uninterrupted. The Hyland Cloud Service is not designed or intended for use in any situation where failure or fault of any kind of the Hyland Cloud Service could lead to death or serious bodily injury to any person, or to severe physical or environmental damage (“High Risk Use”). Customer is not permitted to use the Hyland Cloud Service in, or in conjunction with, High Risk Use. High Risk Use is STRICTLY PROHIBITED. High Risk Use includes, for example, the following: aircraft or other modes of human mass transportation, nuclear or chemical facilities, life support systems, implantable medical equipment, motor vehicles, or weaponry systems. High Risk Use does not include utilization of the Hyland Cloud Service for administrative purposes, as an information resource for medical professionals, to store configuration data, engineering and/or configuration tools, or other non-control applications, the failure of which would not result in death, personal injury, or severe physical or environmental damage. These non-controlling applications may communicate with the applications that perform the control, but must not be directly or indirectly responsible for the control function. Customer agrees not to use, distribute, license, or grant the use of the Hyland Cloud Service in, or in connection with, any High Risk Use." Customer agrees to indemnify and hold harmless Hyland from any third-party claim arising out of Customer’s use of the Hyland Cloud Service in connection with any High Risk Use.
2.5 Assessment. Hyland shall be permitted access to assess Customer’s use of the Hyland Cloud Service in order to determine Customer’s compliance with the grant of use and pricing terms of the Agreement and this SaaS Schedule, including, where applicable, to measure Customer’s volume usage. Customer shall reasonably cooperate with Hyland with respect to its performance of such assessment.
2.6 Third Party Services and Content. The Hyland Cloud Service may contain functionality which allows Customer to: (a) access, link or integrate the Hyland Cloud Service with Customer’s applications or applications or services provided by third parties and (b) access third party websites and content. Hyland has no responsibility for such applications or services, websites or content and shall have no responsibility for any disclosure, modification or deletion of Customer Data resulting from any such access or use by such applications or services. Any activities engaged in by Customer or any of its Users with such third parties using the Hyland Cloud Service is solely between Customer and such third party and Hyland has no liability, obligation or responsibility for any such activities. Hyland does not endorse any third party web sites, applications or services that may be linked or integrated through the Hyland Cloud Service. Hyland is not responsible for any third party content, products or materials purchased, accessed or used by Customer or its Users using the Hyland Cloud Service.
2.7 Prohibited Conduct. Customer agrees not to: (a) remove copyright, trademark or other proprietary rights notices that appear during the use of the Hyland Cloud Service; (b) sell, transfer, rent, lease or sub-license the Hyland Cloud Service to any third party; (c) alter or modify the Hyland Cloud Service; (d) reverse engineer, disassemble, decompile or attempt to derive source code from the Hyland Cloud Service, or prepare derivative works therefrom; or (e) use the Hyland Cloud Service or permit it to be used in violation of the Acceptable Use Policy, as in effect from time to time, a copy of the current form of which is available at https://legal.hyland.com/Customer-Legal-Center#acceptable-use-policy-attachment or for the purposes of evaluation, benchmarking, or other comparative analysis intended for external publication without Hyland’s prior written consent.
2.8 Ownership of Customer Data. As between Hyland and Customer, Customer owns Customer Data.
2.9 Customer Input and Suggestions. Hyland shall have a royalty-free, worldwide, perpetual, transferable, sub-licensable, and irrevocable license to use or incorporate into any of Hyland’s products or services, including the Hyland Cloud Services, any suggestions, enhancements, improvements, recommendations or any other feedback provided by Customer or its users, related to the operation or use of the Hyland Cloud Service.
3. PRICES, INVOICES AND PAYMENT.
3.1 Initial Setup Fees. Hyland will invoice Customer for Initial Setup Fees in the amount set forth in the initial Purchase Table Schedule promptly following the Effective Date. Hyland will invoice Customer for Initial Setup Fees upon each additional purchase of Software for the Hyland Cloud Service upon acceptance of Customer’s purchase order for such Software.
3.2 SaaS Fees. Customer shall pay SaaS Fees to Hyland for the Hyland Cloud Service in such amounts as are invoiced by Hyland; provided, that during the Initial Term, Customer shall pay SaaS Fees to Hyland for the Hyland Cloud Service as initially composed in accordance with the initial Purchase Table Schedule. Hyland will invoice Customer on or after the Effective Date for SaaS Fees for the first year of the Initial Term. Following expiration of the Initial Term, Hyland may increase the SaaS Fees for the Hyland Cloud Service for any renewal period by up to ten percent (10%) of the previous year’s SaaS Fees. For any subsequent years, Hyland will invoice Customer for SaaS Fees prior to the beginning of such year, and such invoice shall be due and payable by Customer to Hyland in full in accordance with the General Terms Schedule. In the event Customer adds Software modules for the Hyland Cloud Service, Hyland will invoice Customer for SaaS Fees for such additional Software modules on a prorated basis upon Hyland’s acceptance of the purchase order for such additional Software modules. Thereafter, SaaS Fees relating to such additional Software shall be included in the subsequent invoices issued with respect to the existing licensed Software.
3.3 Consumption Fees. Hyland will invoice Customer for any Consumption Fees, monthly in arrears, promptly upon the end of the month to which such Consumption Fees relate. Consumption Fees will be due for a month if at any time during such month the amount of Customer Data stored in the Hyland Cloud Service exceeds Customer’s data storage allocation as set forth in the initial Purchase Table.
3.4 Add-On Services. If Customer subscribes to an Add-On Service, the fees for such Add-On Service will be invoiced on a periodic basis, in advance, and Customer shall pay such invoices in accordance with the General Terms Schedule. Some Add-On Services may be priced on a volume basis, for which Add-On Service fees may be invoiced in arrears based on the applicable volume usage. Except as may be stated in a separate Schedule, the Add-On Services are part of the Hyland Cloud Service.
3.5 Other Fees. If Customer procures and Hyland provides any other services or deliverables in connection with the Hyland Cloud Service that are not covered by the fees and charges described in Sections 3.1 through 3.4 above, Hyland will invoice Customer for such other fees or charges based upon Hyland’s then current list prices or the pricing that the parties have mutually agreed upon in connection with such other services or deliverables.
4. U.S. GOVERNMENT END USERS. To the extent applicable to Customer, the terms and conditions of the Agreement shall pertain to the U.S. Government’s use and/or disclosure of the Hyland Cloud Service, and shall supersede any conflicting contractual terms or conditions. By accepting the terms of the Agreement and/or the delivery of the Hyland Cloud Service, the U.S. Government hereby agrees that the Software, and the Hosted 3rd Party Software included in the Hyland Cloud Service and Add-On Services qualify as “commercial” computer software within the meaning of ALL U.S. federal acquisition regulation(s) applicable to this procurement and that the Software is developed exclusively at private expense. If this license fails to meet the U.S. Government’s needs or is inconsistent in any respect with Federal law, the U.S. Government agrees to return this Hyland Cloud Service or Add-On Services to Hyland. In addition to the foregoing, where DFARS is applicable, use, modification, reproduction, release, display, or disclosure of the Hyland Cloud Service, Add-On Services or Documentation by the U.S. Government is subject solely to the terms of the Agreement, as stated in DFARS 227.7202, and the terms of the Agreement shall supersede any conflicting contractual term or conditions.
5. HYLAND CLOUD SERVICE SUPPORT.
5.1 HYLAND CLOUD SERVICE SUPPORT TERMS. Hyland will provide Hyland Cloud Service Support in accordance with this Section and the Support Prioritization Attachment.
(a) Technical Support Services. Hyland will provide telephone or online technical support related to problems reported by Customer and associated with the operation of the Hyland Cloud Service, including assistance and advice related to the operation of the Hyland Cloud Service.
(b) Error Correction Services. With respect to any issues or errors in the Hyland Cloud Service which are reported by Customer and which are confirmed by Hyland, Hyland will use its reasonable efforts to correct such issue or error, which may be effected by a reasonable workaround. Hyland shall promptly commence to confirm any reported issues or errors after receipt of a proper report of such suspected issue or error from Customer in accordance with the Support Prioritization Attachment. Hyland may elect to correct the issue or error by updating or upgrading the applicable component of the Hyland Cloud Service to a new build or version.
(c) Reporting Policies and Procedures Applicable to Technical Support Services and Error Correction Services.
(1) Customer Reporting Requirements. When requesting Hyland Cloud Service Support, Customer will submit such requests through Hyland’s secure end user website, the details of which will be separately provided to Customer. Once such request is submitted through the end user website, Customer may call for a Level 1 or Level 2 Severity Level (support numbers are available through Hyland’s secure end user website). In the case of reporting a problem, issue, or error with the Hyland Cloud Service, Customer will provide Hyland with as much information and access to systems as reasonably possible to enable Hyland to investigate and attempt to identify and verify the problem, issue or error. Customer will work with Hyland support personnel during the problem isolation process, as reasonably needed. Customer will notify Hyland of any configuration changes it has made to the Hyland Cloud Service, such as workflow configuration changes, network installation/expansion, integrations, upgrades, relocations, etc.
(2) Hyland Response Procedures. Hyland shall respond to all reports in accordance with the Support Prioritization Attachment. Hyland: (a) will respond based on the confirmed severity level; (b) may reclassify severity levels as it learns information about such problems, issues or errors during the resolution process; and (c) obligations for a reported issue or error concludes upon delivery of a Resolution in accordance with the Support Prioritization Attachment.
(d) Software Upgrades and Enhancements. Hyland will make available, in accordance with Hyland’s then current policies, as set forth from time to time on Hyland’s secure end user web site (currently www.hyland.com/community), all Upgrades and Enhancements to the Software, if and when released during the term of this SaaS Schedule.
(e) Update, Upgrade, Change or Replacement of Components of the Hyland Cloud Service. Hyland may update or upgrade the build or version of the Software used in the Hyland Cloud Service from time to time at Hyland’s expense. Hyland also may change, replace, update or upgrade the Hyland Cloud Platform from time to time. Customer agrees to collaborate with Hyland and assist Hyland in connection with the completion of installation and testing of any update or upgrade related to the Hyland Cloud Service.
Customer acknowledges and agrees that for regulatory compliance purposes, Customer may be required to engage Hyland under a Services Proposal to implement Upgrades and Enhancements to a regulated product. If Hyland offers a self-service option for implementing Upgrades and Enhancements to a regulated product, and the Customer chooses this option, Customer agrees to comply with the training, reporting, and documentation requirements established by Hyland to ensure that the implementation is performed and documented as required by applicable regulations.
5.2 EXCLUSIONS.
Generally. Hyland is not responsible for providing, or obligated to provide, Hyland Cloud Service Support: (1) in connection with any errors, defects or problems that result in whole or in part from any alteration, revision, change, enhancement or modification of any nature of the Hyland Cloud Service or from any error or defect in any configuration of any component of the Hyland Cloud Service, which activities in any such case were undertaken by any party other than Hyland or a party retained by Hyland; (2) in connection with any error or defect or problem in any other component of the Hyland Cloud Service if Hyland has previously made available corrections for such error or defect which Customer fails to implement; (3) in connection with any errors, defects or problems which have been caused by errors, defects, problems, alterations, revisions, changes, enhancements or modifications in any software, hardware or system or networking which is not a part of the Hyland Cloud Service; (4) if any party other than Hyland, or an authorized subcontractor specifically selected by Hyland, has provided any services in the nature of Hyland Cloud Service Support to Customer with respect to the Hyland Cloud Service; or (5) in connection with any questions related to the operation or use of the Software application programming interfaces (APIs); or in connection with any errors, defects or problems with Work Products (as defined in the Professional Services Schedule). Support relating to Work Products and the operation or use of APIs may be provided, on a case-by-case basis, as mutually agreed to in an applicable Services Proposal which outlines Professional Services for such support activities.
6. SECURITY. During the term of this SaaS Schedule, Hyland shall maintain a security program which shall conform to the SaaS Security Attachment.
7. CERTAIN RESPONSIBILITIES AND OBLIGATIONS OF CUSTOMER.
7.1 Customer Responsibilities. In connection with the relationship established between Customer and Hyland under this SaaS Schedule:
(a) except as otherwise expressly permitted under the terms of this SaaS Schedule, Customer will not permit or authorize any third parties (such as persons or legal entities) to use the Hyland Cloud Service;
(b) Customer will comply with Hyland’s Acceptable Use Policy, as in effect from time to time, a copy of the current form of which is available at https://legal.hyland.com/Customer-Legal-Center#acceptable-use-policy-attachment;
(c) Customer is responsible for all Users use and all access through Customer and its Users of the Hyland Cloud Service and compliance with this SaaS Schedule and the Agreement, including, but not limited to, (i) setting-up User log-in accounts/credentials (e.g. user names, passwords, tokens, etc.) to the Hyland Cloud Service and immediately revoking User accounts/credentials when User no longer requires access to the Hyland Cloud Service, and (ii) shall not permit Users to share log-in accounts/credentials;
(d) Customer has sole responsibility for the accuracy, quality, content and legality of all Customer Data;
(e) Customer shall prohibit unauthorized access to, or use of, the Hyland Cloud Service and shall notify Hyland promptly of any such unauthorized access or use by contacting Customer’s Hyland technical support contact or another contact notified to Customer in writing (which may be via email or posted on Hyland’s secure end user web site (currently www.hyland.com/community)).
(f) Customer understands and agrees: (i) it has an independent duty to comply with any and all laws applicable to it, (ii) its use of the Hyland Cloud Service and compliance with any terms and conditions under this SaaS Schedule and the Agreement does not constitute compliance with any law, (iii) it shall make use of available Hyland Cloud Service security features and controls to properly transmit, store, process and provide access to Customer Data and (iv) it shall use the tools and reporting capabilities made available in the Hyland Cloud Service to monitor and confirm Customer Data processing, such as batch processing of electronic documents uploaded to the Hyland Cloud Service.
(g) Customer may give any of its Users the rights to act as a system administrator, through the configuration tools included in the Software for the Hyland Cloud Service. Hyland has no responsibility or obligations in connection with Customer’s internal management or administration of Customer’s Hyland Cloud Service.
7.2 Customer Internet Connection. Customer is responsible for obtaining and maintaining all software, hardware (including without limitation network systems), telephonic or other communications circuits, and Internet Service Provider relationships that are necessary or appropriate for Customer to properly access and use the Hyland Cloud Service. Hyland shall have no responsibility or liability under this SaaS Schedule for any unavailability or failure of, or nonconformity or defect in, the Hyland Cloud Service that is caused by or related in any manner to any failure of Customer to obtain and maintain all such software, hardware, equipment and relationships.
8. LIMITED WARRANTIES.
8.1 Hyland Cloud Service Limited Warranty. Hyland warrants to Customer that during the term of this SaaS Schedule the Hyland Cloud Service will function in all material respects as described in the Documentation. The terms of this warranty shall not apply to, and Hyland shall have no liability for any non-conformity related to, the Hyland Cloud Service if: (i) any component of the Hyland Cloud Service has been modified, misused or abused by Customer or a third party, (ii) any such non-conformity arises from or is related to problems within or impacting Customer’s computing environment, including any Customer third party software applications, hardware, network or internet connectivity, or (iii) if the Hyland Cloud Service is used in combination with equipment or software other than that which is provided by Hyland or is consistent with the Documentation.
8.2 Hyland Cloud Service Warranty Remedy. Hyland’s sole obligation, and Customer’s sole and exclusive remedy, for any non-conformities to the express limited warranties under Section 8.1 shall be as follows: provided that Customer notifies Hyland in writing of the non-conformity, Hyland will either (a) correct the non-conforming component of the Hyland Cloud Service, which may include the delivery of a reasonable workaround for the non-conformity; or (b) if Hyland determines that correcting the non-conformity is not practicable, then terminate this SaaS Schedule with respect to the non-conforming component, in which event, upon compliance by Customer with its obligations under Section 11.2 of this SaaS Schedule, Hyland will provide a refund to Customer of the “unused portion of prepaid SaaS Fees” (as defined below) paid by Customer and attributable to the non-conforming component. The “unused portion of the prepaid SaaS Fees” shall mean an amount equal to the total SaaS Fees paid by Customer for the non-conforming portion of the Hyland Cloud Service for the then current term (or applicable twelve-month period within the Initial Term) during which such removal occurs, multiplied by a fraction, the numerator of which shall be the number of full calendar months remaining during the term (or applicable twelve-month period within the Initial Term) during which such removal occurs, and the denominator of which shall be twelve (12).
8.3 Customer Limited Warranty. Customer represents and warrants to Hyland that: (a) Customer and its Users are the legal custodian of the Customer Data and it has the right and authority to use the Hyland Cloud Service in connection with all Customer Data and other materials hereunder; (b) Customer will use reasonable efforts to ensure that any Customer Data submitted to Hyland via electronic media will be free of viruses; and (c) anyone submitting Customer Data to Hyland for use in connection with the Hyland Cloud Service or Professional Services has the legal authority to do so, either through ownership of the Customer Data or by obtaining appropriate authorizations therefor, and that submission of Customer Data does not violate any contracts, agreements, or any applicable law. Customer is responsible for all Customer Data that is submitted to Hyland for use in connection with the Hyland Cloud Service or Professional Services.
9. INFRINGEMENT INDEMNIFICATION.
9.1 Generally. Hyland agrees to indemnify Customer against all liability and expense, including reasonable attorneys’ fees, arising from or in connection with any third party claim, action or proceeding instituted against Customer based upon any infringement or misappropriation by the Hyland Cloud Service of any patent, registered copyright or registered trademark of a third party that is enforceable in the United States, provided that Hyland: (a) is notified promptly after Customer receives notice of such claim; (b) is solely in charge of the defense of and any settlement negotiations with respect to such claim, provided, that Hyland will not settle any such claim without the prior written consent of Customer if such settlement contains a stipulation to or admission or acknowledgement of any liability or wrongdoing on the part of the Customer or otherwise requires payment by Customer; (c) receives Customer’s reasonable cooperation in the defense or settlement of such claim; and (d) has the right, upon either the occurrence of or the likelihood (in the opinion of Hyland) of the occurrence of a finding of infringement or misappropriation, either to procure for Customer the right to continue use of the Hyland Cloud Service, or to replace the relevant portions of the Hyland Cloud Service with other equivalent, non-infringing portions. If Hyland is unable to accomplish either of the options set forth in the preceding sentence, Hyland shall terminate this SaaS Schedule upon thirty (30) days advance written notice to Customer and refund to Customer the “unused portion of prepaid SaaS Fees” as defined below paid during the then current term (or applicable twelve-month period within the Initial Term). For these purposes, the “unused portion of prepaid SaaS Fees” shall mean an amount equal to the total SaaS Fees paid by Customer for the term (or applicable twelve-month period within the Initial Term) during which termination occurs, multiplied by a fraction, the numerator of which shall be the number of full calendar months remaining during the term (or applicable twelve-month period within the Initial Term) during which such termination occurs, and the denominator or which shall be twelve (12). Notwithstanding anything to the contrary, Hyland shall have no obligation to indemnify Customer against any claims made against Customer and otherwise described in this Section that arise from: (v) any Customer Data; (w) use of the Hyland Cloud Service other than as expressly permitted by this SaaS Schedule and the Agreement; (x) the combination of the Hyland Cloud Service or any component thereof with any product not furnished by Hyland; (y) the modification or addition of any component of the Hyland Cloud Service, other than by Hyland or any of its authorized resellers specifically retained by Hyland to provide such modification or addition; or (z) the Customer’s business methods or processes.
9.2 THIS SECTION 9 STATES HYLAND’S ENTIRE LIABILITY AND THE SOLE AND EXCLUSIVE REMEDY OF CUSTOMER WITH RESPECT TO ANY ALLEGED INFRINGEMENT OR MISAPPROPRIATION OF INTELLECTUAL PROPERTY OR PROPRIETARY PROPERTY BY THE HYLAND CLOUD SERVICE.
10. LIABILITY FOR CUSTOMER DATA INCIDENTS.
10.1 NOTWITHSTANDING ANYTHING TO THE CONTRARY, IN THE CASE OF A CUSTOMER DATA INCIDENT (AS DEFINED IN THIS SCHEDULE), THE FOLLOWING SHALL APPLY IN LIEU OF SECTION 6.2 OF THE GENERAL TERMS SCHEDULE: THE MAXIMUM LIABILITY OF HYLAND (INCLUDING ITS AFFILIATES AND SUPPLIERS) ARISING OUT OF OR RELATED TO THE AGREEMENT OR THE PRODUCTS OR SERVICES PROVIDED UNDER IT FOR A CUSTOMER DATA INCIDENT (AS DEFINED IN THIS SCHEDULE), WHETHER IN CONTRACT OR TORT (INCLUDING NEGLIGENCE), OR ANY OTHER LEGAL OR EQUITABLE THEORY, SHALL IN NO EVENT EXCEED, IN THE AGGREGATE, ALL FEES AND CHARGES ACTUALLY PAID BY CUSTOMER TO HYLAND (LESS ANY REFUNDS OR CREDITS) UNDER THE AGREEMENT DURING THE TWELVE (12) MONTH PERIOD IMMEDIATELY PRECEDING THE CUSTOMER DATA INCIDENT MULTIPLIED BY THE NUMBER INDICATED IN THE TABLE BELOW BASED ON CUSTOMER’S SERVICE CLASS AT THE TIME OF THE CUSTOMER DATA INCIDENT.
Service Class | Multiplier |
Silver | 1 |
Gold | 2 |
Platinum | 3 |
Double Platinum | 4 |
10.2 Notwithstanding Section 6.1 of the General Terms Schedule, and subject to Section 10.1 of this Schedule, in the event of a Customer Data Incident, Hyland shall pay the reasonable and documented costs incurred by Customer in connection with the following items: (a) providing notification of the Customer Data Incident to applicable government and relevant industry self-regulatory agencies, to the media and to individuals whose personal data may have been accessed or acquired, where required by law; and (b) providing credit monitoring service (where such service addresses the harm caused by the Customer Data Incident) to individuals who elect to receive such credit monitoring service and whose personal data may have been accessed or acquired, for a period of one year after the date on which such individuals were notified of the unauthorized access or acquisition.
11. TERM; TERMINATION.
11.1 Term. Subject to the termination provisions set forth in Section 1.2 of the General Terms Schedule and Section 11.1.1 below, the initial term of this SaaS Schedule will be the three (3) year period that commences on the Effective Date (the “Initial Term”); and such term will automatically renew thereafter for successive terms of one (1) year each, unless and until either party provides at least thirty (30) days advance written notice of non-renewal, in which case this SaaS Schedule shall terminate at the end of the then current term.
11.1.1 If, in the reasonable opinion of Customer or Hyland, the compliance by either party with the terms of this SaaS Schedule will be in violation of any law or regulation implemented or modified after the commencement of Hyland Cloud Service provided pursuant to this SaaS Schedule, Customer or Hyland, as the case may be, may terminate this SaaS Schedule upon thirty (30) days written notice to the other party.
11.2 Additional Effects or Consequences of Termination. In addition to Section 1.3 of the General Terms Schedule, immediately upon any termination or expiration of this SaaS Schedule, Customer shall cease any and all uses of or access to the Hyland Cloud Service and Documentation.
11.3 Transition Period Upon Termination. Except in the case of termination by Hyland due to Customer’s breach of this SaaS Schedule or the Agreement, in the event of any other termination of this SaaS Schedule or the Agreement, Hyland shall, upon Customer’s request, continue to provide Hyland Cloud Service Support and access to the Hyland Cloud Service (except where Hyland is enjoined) pursuant to the terms of this SaaS Schedule and the Agreement for a period of up to ninety (90) calendar days following such a termination (the “Transition Period”), provided Customer pays all applicable SaaS Fees and Consumption Fees for such Transition Period plus an additional five percent (5%) of such fees. During such Transition Period, both parties will reasonably cooperate and use their reasonable efforts to provide for an orderly transition that is designed to minimize the disruption to Customer’s business operations. Such cooperation and assistance will be limited to Professional Services consisting of consulting services and subject to Hyland’s then-current rates for such Professional Services which will be set out in a purchase order or a Services Proposal in accordance with the Professional Services Schedule to the Agreement.
12. COMPLIANCE WITH LAWS. Subject to Section 11 above, Hyland agrees to comply in all material respects with all laws applicable to Hyland in its performance of services under this SaaS Schedule.
Confidential - Ó 2021 Hyland Software, Inc.
Software License and Maintenance Schedule - Subscription
Effective February 18th 2025
DownloadTable of Contents
(a) by Customer internally, and only for storing, processing and accessing Customer’s own data; and
(b) subject to the contractor use restrictions set forth herein, by a third party contractor retained by Customer as a provider of services to Customer, but only by the contractor for capturing, storing, processing and accessing Customer’s own data in fulfillment of the contractor’s contractual obligations as a service provider to Customer.
Customer shall not make any use of the Software or associated Documentation in any manner not expressly permitted by this Agreement. Software subject to a regulatory control may only be installed in the country identified as the end user location in the purchase order. The Software may be located and hosted on computer servers owned and controlled by a third party. Such third party hosting provider shall be considered a contractor, and subject to the contractor use restrictions set forth herein.
Hyland Company | Additional Terms Exhibit |
Hyland Software Brasil Ltda. Hyland Software Germany GmbH | Exhibit A Exhibit B |
Effective February 18th 2025
DownloadEffective February 18th 2025
Download(a) del Cliente de forma interna y solo para almacenar, procesar y acceder a los propios datos del Cliente, y
(b) Sujeto a las restricciones de uso del contratista estabelecidas en este Contrato, por un contratista externo contratado por el Cliente como proveedor de servicios, pero solo para capturar, almacenar, procesar y acceder a los proprios datos del Cliente en cumplimiento con las obligaciones contractuales del contratista como proveedor de servicios para el Cliente.
El Cliente no debe usar el Software o la Documentación asociada de ninguna manera que no esté expresamente permitida en este Contrato. El Software sujeto a control regulatorio sólo puede instalarse en el país identificado como la ubicación del usuario final en la orden de compra. El Software puede estar ubicado y alojado en servidores de computadora que son propiedad de y están operados por un tercero. Dicho tercero debe ser considerado un contratista y estar sujeto a las restricciones de uso del contratista estabelecidas en este Contrato.
Effective February 18th 2025
Download(a) par le Client, en interne, pour les seuls stockage, traitement et accès à ses propres données ; et
(b) sous réserve du respect des termes de l’article 1.7, par un prestataire tiers choisi par le Client en qualité de prestataire de services, mais uniquement pour le stockage, le traitement et l'accès aux données du Client par le prestataire au nom et pour le compte du Client, aux seules fins de remplir ses obligations contractuelles vis-à-vis du Client, en tant que prestataire de services.
Le Client s’interdit d’utiliser le Logiciel ou la Documentation associée d’une quelconque manière non expressément autorisée par le Contrat. Le Logiciel, s’il est soumis au contrôle d’une autorité quelconque, ne peut être installé et hébergé qu’au sein du pays correspondant à l’adresse du Client telle qu’indiquée dans le bon de commande. Le Logiciel peut être installé et hébergé sur des serveurs informatiques détenus et contrôlés par un tiers ; le prestataire d'hébergement tiers étant alors considéré comme un prestataire et soumis aux restrictions d'utilisation du prestaire énoncées dans le présent document.
Effective February 18th 2025
Download(a) interno do Cliente e apenas para armazenamento, processamento e acesso aos dados do próprio Cliente; e
(b) sujeito às disposições e restrições de uso do contratado estabelecidas neste Contrato, por terceiro contratado pelo Cliente como prestador de serviços ao Cliente, mas somente pelo contratado para capturar, armazenar, processar e acessar os dados do próprio Cliente em cumprimento das obrigações contratuais do contratado na qualidade de prestador de serviços do Cliente.
O Cliente não fará uso do Software ou da Documentação correlata de maneira diversa da expressamente autorizada neste Contrato. Qualquer Software sujeito a um controle regulatório só poderá ser instalado no país identificado como o local do usuário final no pedido de compra. O Software poderá estar localizado e hospedado em servidores de computador de propriedade e controlados por terceiros. Esse provedor de hospedagem terceirizado será considerado um contratado e estará sujeito às restrições de uso do contratado estabelecidas neste Contrato.
(i) use as ferramentas de configuração do Software, ferramentas administrativas do Software, ou qualquer das interfaces de programação de aplicativos do Software (“APIs”);
(ii) participe de qualquer curso de treinamento de Software, online ou pessoalmente; ou
(iii) acesse qualquer dos websites seguros da Hyland (inclusive, mas não apenas, Hyland.com/Community), seja por meio do uso pelo contratado das credenciais de acesso do próprio Cliente ou com credenciais recebidas direta ou indiretamente pelo contratado;
então, a Hyland poderá exigir que ele celebre um contrato de confidencialidade diretamente com a empresa que emprega tal contratado.
Effective February 27th 2024 to February 18th 2025
DownloadTable of Contents
SOFTWARE LICENSE AND MAINTENANCE SCHEDULE – SUBSCRIPTION
(Subscription License for Software, includes Maintenance and Support)
This Software License and Maintenance Schedule – Subscription (this “Subscription Schedule”) is part of the Master Agreement, Order Form or other agreement or document entered into between Customer and Hyland, which incorporates this Subscription Schedule by reference (the “Incorporating Document”). As used herein, the “Agreement” means the Incorporating Document, inclusive of this Subscription Schedule, and any other agreement within the Incorporating Document is incorporated.
DEFINED TERMS
All capitalized terms used in this Subscription Schedule shall have the meaning ascribed them in this Subscription Schedule or, if not defined in this Subscription Schedule, the General Terms Schedule. If any capitalized terms used herein are not defined in this Subscription Schedule or the General Terms Schedule, they shall have the meaning ascribed to them elsewhere in the Agreement. In the event the same defined term is defined in two (2) or more Schedules, the term shall be given the meaning defined in each Schedule with respect to that Schedule, and, if the term is also used within this Schedule, this Schedule shall be interpreted to include all definitions, as the context requires.
“Alfresco Community Versions” means the free, open source community versions that Hyland makes available at no charge, including without limitation Digital Business Platform, Alfresco Content Services, Alfresco Process Services and Records Management software.
“Alfresco Instance” means the installation of the Software into Customer’s individual repository or process environment using the license key generated by Hyland upon Customer’s execution of an Order Form or Hyland’s acceptance of Customer’s purchase order. The Alfresco Instance can be deployed over multiple physical or virtual servers limited to the number of Cores licensed to create one logical repository.
“Cores” means physical computer processing cores or virtual Central Processing Units (vCPUs), sold in groups of four Cores. As licensed by Hyland, an initial set of four Cores allows Customer to deploy the Alfresco Software on up to four physical cores, or up to four vCPUs, on a single server instance. If Customer purchases eight or more Cores, Customer may deploy the Software on physical cores or vCPUs equal to the number of Cores it has purchased, without limitation, as to the number of service instances upon which they can run. For example, if Customer purchases Alfresco Content Services (with eight Cores), Customer may deploy the Software on up or eight physical cores, or up to eight vCPUs, on any number of server instances.
“CPUs” means a single physical central processing unit with up to four (4) Cores on which the Alfresco Software may be installed or executed. In virtualized environments, a CPU is defined as an allocation of 1 to 4 virtual Cores to a given virtual machine instance. As an example, a virtual machine with 6 virtual Cores counts as 2 CPUs.
“Delivery” means: (i) the electronic downloading of the Software onto Customer’s systems, (ii) the Software being made available by Hyland to Customer for electronic download onto Customer’s systems; or (iii) the delivery by Hyland to Customer of a Production Certificate for such Software module(s) by Hyland either shipping (physically or electronically) the Production Certificate to Customer or making the Production Certificate available for electronic download by Customer (including through one of Hyland’s authorized channel partners).
“Documentation” means: (1) to the extent available, the “Help Files” included in the Software, or (2) if no such “Help Files” are included in the Software, such other documentation published by Hyland, in each case, which relate to the functional, operational or performance characteristics of the Software.
“Error” means any defect or condition inherent in the Software which is reported in accordance with the Agreement and which is confirmed by Hyland, that causes the Software to fail to function in any material respect as described in the Documentation.
“Error Correction Services” means Hyland’s reasonable efforts to correct an Error, which may be effected by a reasonable workaround.
“Maintenance and Support” means for Software, (a) Error Correction Services; (b) Technical Support Services; and (c) the availability of Upgrades and Enhancements in accordance with this Subscription Schedule.
“Production Certificate” means license codes, a license certificate, or an IFM file issued by Hyland and necessary for Customer to activate Software for Customer’s production use.
“Resolution” means Hyland provides Customer with a reasonable workaround, correction, or modification that solves or mitigates a reported Error.
“Subscription Fees” means periodic fees for the licensing of Software licensed under this Subscription Schedule and for Maintenance and Support for such Software, and payable by Customer to Hyland.
“Retired Software” means, at any particular time any Software product or version of the Software licensed under the Agreement which is identified as being retired on Hyland’s applicable secure end user web site. Hyland will specify on such web site Software modules or versions which become Retired Software. The effective date of such change will be twelve (12) months from the date Hyland initially posts the status change on its end user web site.
“Support Prioritization Attachment” is the document available at https://legal.hyland.com/Customer-Legal-Center#maintenance-and-support-prioritization-attachment.
“Technical Support Services” means telephone or online technical support related to problems reported by Customer and associated with the operation of any Software, including assistance and advice related to the operation of the Software.
“Upgrades and Enhancements” means any and all new versions, improvements, modifications, upgrades, updates, fixes and additions to Software that Hyland makes available to its end users generally during the term of the Agreement to correct Errors or deficiencies or enhance the capabilities of the Software, together with updates of the Documentation to reflect such new versions, improvements, modifications, upgrades, fixes or additions; provided, however, that the foregoing shall not include new, separate product offerings, new modules or re-platformed Software.
1. SOFTWARE LICENSE.
1.1 Grant of License. Subject to Customer’s payment in full of the Subscription Fees, and subject further to Customer’s compliance with the Agreement, Hyland grants to Customer a revocable, non-exclusive, non-assignable (except as provided in the Agreement), limited license to the Software, in machine-readable object code form only and associated Documentation; in each case solely for use:
(a) by Customer internally, and only for storing, processing and accessing Customer’s own data; and
(b) subject to the Contractor use restrictions set forth herein, by a third party contractor retained by Customer as a provider of services to Customer (“Contractor”), but only by the Contractor for capturing, storing, processing and accessing Customer’s own data in fulfillment of the Contractor’s contractual obligations as a service provider to Customer.
The Software and associated Documentation are licensed for use by a single organization and may not be used for processing of third-party data as a service bureau, application service provider or otherwise. Customer shall not make any use of the Software or associated Documentation in any manner not expressly permitted by the Agreement. Software subject to a regulatory control may only be installed in the country identified as the end user location in the purchase order. The Software may be located and hosted on computer servers owned and controlled by a third party. Such third party hosting provider shall be considered a Contractor, and subject to the Contractor use restrictions set forth herein.
1.2 Use Restriction. The Software is licensed for a specific type of use, such as concurrently or on a specified workstation or by a specified individual and the Software may control such use. Certain Software products that are volume-based (which shall include the number of Cores, Alfresco Instances and/or users) may: (i) no longer function if applicable volume limits have been exceeded; (ii) require Customer to pay additional fees based on Customer’s volume usage; and/or (iii) include functionality which monitors or tracks Customer usage and reports that usage. Customer acknowledges and agrees that additional fees may apply based on Customer's volume usage. Customer may not circumvent or attempt to circumvent this restriction by any means, including but not limited to changing the computer calendars. Use of software or hardware that reduces the number of users directly accessing or utilizing the Software (sometimes called “multiplexing” or “pooling” software or hardware) does not reduce the number of Software licenses required. The required number of Software licenses would equal the number of distinct inputs to the multiplexing or pooling software or hardware. Customer is prohibited from using any software other than the Software Client licenses, platforms or a Software application programming interface (API) to access the Software or any data stored in the Software database for any purpose other than generating reports or statistics regarding system utilization, unless Hyland has given its prior written consent to Customer’s use of such other software and Customer has paid the applicable fees with respect to such access. Customer further agrees that the Software shall not be copied and installed on additional servers unless Customer has purchased a license therefore, and the number of users of the Software shall not exceed the number of users permitted by the Software licenses purchased by Customer. In the case of Alfresco, Customer will not combine, call, link to, or otherwise use the Software in conjunction with any Alfresco Community Version, or use any of the services for Alfresco Community Versions or for any unlicensed Cores or users.
1.3 Production and Test Systems. Unless otherwise stated in an Order Form, Customer shall be entitled to use one (1) production copy of the Software licensed and one (1) additional copy of the production environment licensed Software for customary remote disaster recovery purposes which may not be used as a production system concurrently with the operation of any other copy of the Software in a production environment. Subject to the payment of any additional applicable fees, Customer shall also be entitled to license a reasonable number of additional copies of the production environment licensed Software to be used exclusively in a non-production environment and solely for the purposes of experimenting and testing the Software, developing integrations between the Software and other applications that integrate to the Software solely using integration functionality of the Software licensed by Customer under the Agreement, and training Customer’s employees on the Software (“Test Systems”). Customer may be required to provide to Hyland certain information relating to Customer’s intended use of such Test Systems such as the manufacturer, model number, serial number and installation site. Hyland reserves the right to further define the permitted use(s) and/or restrict the use(s) of the Test Systems. Customer’s sole recourse in the event of any dissatisfaction with any Software in any non-production system is to stop using such Software and return it to Hyland, provided that, to the extent that Customer is using the Test System for the purposes of testing an Upgrade or Enhancement of the Software prior to implementing the same in Customer’s production environment, then Customer may contact Hyland for the provision of Maintenance and Support as described in this Subscription Schedule. Customer shall not make any copies of the Software not specifically authorized by this Section 1.3.
1.4 Evaluation Software. From time to time Customer may elect to evaluate certain Software (“Evaluation Software”) for the purpose of determining whether or not to purchase a production license of such Evaluation Software. Evaluation Software is licensed for Customer’s use in a non-production environment. Notwithstanding anything to the contrary, as to any Evaluation Software, the Agreement and the limited license granted hereby will terminate on the earliest of: (a) last day of the evaluation period specified in the accepted purchase order or Order Form delivered for such Evaluation Software; or (b) immediately upon the delivery of written notice to such effect by Hyland to Customer. Upon expiration or other termination of such period, Customer immediately shall either (y) discontinue any and all of use of the Evaluation Software and related Documentation and remove the Evaluation Software; or (z) deliver a purchase order or execute an Order Form for purchase of such Evaluation Software.
1.5 Third Party Licenses. The Software may be bundled with software owned by third parties, including but not limited to those manufacturers listed in the Help About screen of the Software. Such third party software is licensed solely for use within the Software and is not to be used on a stand-alone basis. Notwithstanding the above, Customer acknowledges that, depending on the modules licensed, the Software may include open source software governed by an open source license, in which case the open source license (a copy of which is provided in the Software or upon request) may grant additional rights to such open source software. Additionally, in the case of such software to be downloaded and installed on a mobile device, if such software will be downloaded from the application market or store maintained by the manufacturer of the mobile device, then use of such software will be governed by the license terms for the software included at the applicable application store or market or presented to Customer or Customer’s user in the software, and the Agreement will not govern such use.
1.6 Integration Code. If applicable, Software also includes all adapters or connectors created by Hyland and provided as part of an integration between the Software and a third party line of business application (“Integration Code”). Software also includes any desktop host or other content services software provided by Hyland and downloaded on a user's computer used to extend functionality in Hyland’s products. Such Integration Code and desktop host may only be used in combination with other Software and in accordance with the terms of the Agreement.
1.7 Contractor Use Agreement. Customer agrees that if it desires to allow a Contractor to do any of the following:
(a) make use of the Software configuration tools, Software administrative tools or any of the Software’s application programming interfaces (“APIs”);
(b) make use of any training materials or attend any training courses, either online or in person, in either case related to the Software; or
(c) access any of Hyland’s secure websites (including, but not limited to Hyland.com/Community), either through Contractor’s use of Customer’s own log-in credentials or through credentials received directly or indirectly by Contractor;
then, Customer must cause such Contractor to execute a use agreement in a form available for download at Hyland’s Community website (“Contractor Use Agreement”). Customer understands and agrees that: (x) Customer may not allow a Contractor to do any of the foregoing if such Contractor has not signed a Contractor Use Agreement, and (y) Contractors may use the Software only in compliance with the terms of the Agreement, and (z) Customer is responsible for such compliance by all Contractors that do not execute a Contractor Use Agreement. Customer agrees that it shall indemnify Hyland from and against all claims, liabilities, losses, damages and costs, including, but not limited to, reasonable attorneys’ fees and court costs, which are suffered or incurred by Hyland and arise from or in connection with the breach or noncompliance with the terms of the Agreement by any Contractor that does not sign a Contractor Use Agreement.
1.8 No High Risk Use. The Software and/or any Hyland Cloud Services are not fault-tolerant and are not guaranteed to be error free or to operate uninterrupted. Such Software and/or Hyland Cloud Services are not designed or intended for use in any situation where failure or fault of any kind of the Software and/or Cloud Services could lead to death or serious bodily injury to any person, or to severe physical or environmental damage (“High Risk Use”). The Software and/or any Hyland Cloud Service is not licensed by Hyland to use in, or in conjunction with, High Risk Use. High Risk Use is STRICTLY PROHIBITED. High Risk Use includes, for example, the following: aircraft or other modes of human mass transportation, nuclear or chemical facilities, life support systems, implantable medical equipment, motor vehicles, or weaponry systems. High Risk Use does not include utilization of the Software or Cloud Services for administrative purposes, as an information resource for medical professionals, to store configuration data, engineering and/or configuration tools, or other non-control applications, the failure of which would not result in death, personal injury, or severe physical or environmental damage. These non-controlling applications may communicate with the applications that perform the control, but must not be directly or indirectly responsible for the control function. Customer agrees to indemnify and hold harmless Hyland from any third-party claim arising out of Customer's or its Contractors use of the Software and/or Cloud Services in connection with any High Risk Use.
1.9 Audit Rights. During the term of the Agreement and for one (1) year thereafter, upon reasonable notice to Customer, Hyland shall be permitted access to Customer’s facilities and records, during regular business hours, to audit Customer’s use of the Software solely in order to determine Customer’s compliance with the licensing and pricing terms the Agreement, including, where applicable, to measure Customer’s volume usage. Additionally, if requested by Hyland in connection with Software licensed on a volume basis, Customer shall provide reports that show Customer’s volume usage. Customer shall reasonably cooperate with Hyland with respect to its performance of such audit. Customer acknowledges and agrees that Customer is prohibited from publishing the results of any benchmark test using the Software to any third party without Hyland’s prior written approval, and that Customer has not relied on the future availability of any programs or services in entering into the Agreement.
1.10 The Software may contain functionality that allows Customer to access, link or integrate the Software with Customer’s applications or applications or services provided by third parties. Hyland has no responsibility for such applications or services, websites or content and does not endorse any third party web sites, applications or services that may be linked or integrated through the Software; any activities engaged in by Customer with such third parties is solely between Customer and such third party.
1.11 ACS Specific Restriction Only. If Customer purchases Alfresco Content Services (“ACS”), the following restriction shall apply: The Alfresco Content Services (ACS) includes a workflow capability along with a predetermined set of document-review and approval workflows, and a set of predetermined management-task functions. Customer may use and modify the predetermined workflows and management tasks that are provided with the ACS subscription. However, Customer may not use the workflow software to design, create or run other types of workflows, business processes and/or management tasks. A separate subscription for Alfresco Process Services (APS) software is required for any such uses.
1.12 Nuxeo Software. If Customer is purchasing Nuxeo Software, Nuxeo Software is subject to additional licensing terms, which are available at https://legal.hyland.com/Customer-Legal-Center#nuxeo-subscription-terms.
2. SUBSCRIPTION FEES. Customer shall pay Subscription Fees to Hyland for the Software licensed hereunder in such amounts as are invoiced by Hyland; provided, that during the Initial Term, Customer shall pay Subscription Fees to Hyland for the initial Software licensed hereunder in accordance with the applicable Order Form. Following expiration of the Initial Term of the Agreement, Hyland may increase the Subscription Fees for the Software for any renewal period by up to ten percent (10%) of the previous year’s Subscription Fees. Hyland will invoice Customer on or after the Effective Date for Subscription Fees for the first year of the Initial Term. Such invoice shall be due and payable by Customer to Hyland in accordance with the General Terms Schedule. For any subsequent years, Hyland will invoice Customer for Subscription Fees prior to the beginning of such year, and such invoices shall be due and payable by Customer to Hyland on or before the beginning of such year. In the event Customer licenses additional Software under the Agreement, Hyland will invoice Customer for Subscription Fees for such additional Software on a pro rata basis upon Hyland’s acceptance of the purchase order for such additional Software. Such invoice shall be due and payable by Customer to Hyland in accordance with the General Terms Schedule. Thereafter, Subscription Fees relating to such additional Software shall be included in the subsequent invoices issued with respect to the existing licensed Software.
3. ADD-ON SERVICES. If Customer subscribes to an Add-On Service, the fees for such Add-On Service will be invoiced on a periodic basis, in advance, and Customer shall pay such invoices in accordance with the General Terms Schedule unless otherwise stated on an Order Form. Some Add-On Services may be priced on a volume basis, for which Add-On Services fees may be invoiced in arrears based on the applicable volume usage. Add-On Services may be subject to additional terms.
4. U.S. GOVERNMENT END USERS. To the extent applicable to Customer, the terms and conditions of the Agreement shall pertain to the U.S. Government’s use and/or disclosure of the Software, Add-On Services, and the Hyland Cloud Service, as the case may be, and shall supersede any conflicting contractual terms or conditions. By accepting the terms of the Agreement and/or the Delivery of the Software, Add-On Services and Hyland Cloud Service, as the case may be, the U.S. Government hereby agrees that the Software, including the Hosted 3rd Party Software included in the Hyland Cloud Service, and Add-On Services, as the case may be, qualify as “commercial” computer software within the meaning of ALL U.S. federal acquisition regulation(s) applicable to this procurement and that the Software and Add-On Services are developed exclusively at private expense. If this license fails to meet the U.S. Government’s needs or is inconsistent in any respect with Federal law, the U.S. Government agrees to return this Software, Add-On Services or Hyland Cloud Service, as the case may be, to Hyland. In addition to the foregoing, where DFARS is applicable, use, modification, reproduction, release, display, or disclosure of the Software, Add-On Services and Hyland Cloud Service, or Documentation, as the case may be, by the U.S. Government is subject solely to the terms of the Agreement, as stated in DFARS 227.7202, and the terms of the Agreement shall supersede any conflicting contractual term or conditions.
5. MAINTENANCE AND SUPPORT FOR SOFTWARE AND RETIRED SOFTWARE.
5.1 Maintenance and Support Terms. Except with respect to Retired Software, Hyland will provide Maintenance and Support in accordance with the Support Prioritization Attachment.
(a) Technical Support Services. Hyland will provide telephone or online technical support related to problems reported by Customer and associated with the operation of any Software, including assistance and advice related to the operation of the Software. Technical Support Services are not available for Retired Software.
(b) Error Correction Services. With respect to any Errors in the Software which are reported by Customer and which are confirmed by Hyland, in the exercise of its reasonable judgment, Hyland will use its reasonable efforts to correct the Error, which may be effected by a reasonable workaround. Hyland shall promptly commence to confirm any reported Errors after receipt of a proper report of such suspected Error from Customer. Hyland may elect to correct the Error in the current available or in the next available commercially released version of the Software and the Resolution may require the Customer to implement an Upgrade and Enhancement to obtain the correction. Error Correction Services are not available for Retired Software.
(c) Reporting Policies and Procedures Applicable to Technical Support Services and Error Correction Services.
(1) Customer Reporting Requirements. In requesting Technical Support Services and Error Correction Services, Customer will submit such requests through Hyland’s secure end user website, the details of which will be separately provided to Customer. Once such request is submitted through the end user website, Customer may call for Level 1 or Level 2 Severity Levels (support numbers are available through Hyland’s secure end user website). In the case of reporting an Error, Customer will provide Hyland with as much information and access to systems as reasonably possible to enable Hyland to investigate and attempt to identify and verify the Error. Customer will work with Hyland support personnel during the problem isolation process, as reasonably needed. Customer will notify Hyland of any configuration changes, such as network installation/expansion, Software upgrades, relocations, etc.
(2) Hyland Response Procedures. Hyland shall respond to all Technical Support Services requests and Error Correction Services requests in accordance with the Support Prioritization Attachment. With respect to Errors: (a) Hyland will respond based on the confirmed severity level of an Error; (b) Hyland may reclassify Errors as it learns information about such Errors during the resolution process; and (c) Hyland’s obligation for a reported Error concludes upon delivery of a Resolution in accordance with the Support Prioritization Attachment.
(d) Upgrades and Enhancements. Hyland will provide, in accordance with Hyland’s then current policies, as set forth from time to time on Hyland’s secure end user web site (currently www.hyland.com/community), all Upgrades and Enhancements, if and when released during the term of the Agreement.
5.2 Exclusions.
(a) Generally. Hyland is not responsible for providing, or obligated to provide, Maintenance and Support under the Agreement: (1) in connection with any Errors or problems that result in whole or in part from any alteration, revision, change, enhancement or modification of any nature of the Software, or from any error or defect in any configuration of the Software, which activities in any such case were undertaken by any party other than Hyland; (2) in connection with any Error if Hyland has previously provided corrections for such Error which Customer fails to implement; (3) in connection with any Errors or problems that have been caused by errors, defects, problems, alterations, revisions, changes, enhancements or modifications in the database, operating system, third party software (other than third party software embedded in the Software by Hyland), hardware or any system or networking utilized by Customer; (4) if the Software or related software or systems have been subjected to abuse, misuse, improper handling, accident or neglect; or (5) if any party other than Hyland, or an authorized subcontractor specifically selected by Hyland, has provided any services in the nature of Maintenance and Support to Customer with respect to the Software. Maintenance and Support does not include any services that Hyland may provide in connection with assisting or completing an upgrade of Software with any available Upgrade and Enhancement.
(b) Work Products. Maintenance and Support is not provided for any Work Products (as defined in the Professional Services Schedule); however, if Customer desires Maintenance and Support regarding the operation or use of such Work Products, Customer may request such Maintenance and Support and the parties may agree to enter into a Services Proposal for such Maintenance and Support in accordance with the terms of the Professional Services Schedule.
(c) Excluded Software and Hardware. This Subscription Schedule does not govern, and Hyland shall not be responsible for, the maintenance or support of any software other than Software, or for any hardware or equipment of any kind or nature, whether or not obtained by Customer from Hyland.
5.3 Certain Other Responsibilities of Customer.
(a) Operation of the Software and Related Systems. Customer acknowledges and agrees that it is solely responsible for the operation, configuration, supervision, management and control of the Software and all related hardware and software (including the database software). Customer is solely responsible for: obtaining or providing training for its personnel; taking appropriate measures to isolate and backup or otherwise archive its computer systems, programs, data or files; and instituting appropriate security procedures and implementing reasonable procedures to examine and verify all output before use.
(b) Access to Premises and Systems. Customer shall make available reasonable access and use of Customer’s premises, and online access to Customer’s computer hardware, peripherals, Software and other software as Hyland deems necessary to diagnose and correct any Errors or to otherwise provide Maintenance and Support. Accordingly, Customer shall install and maintain means of communication and the appropriate communications software as mutually agreed upon by Hyland and Customer and an adequate connection with Hyland to facilitate Hyland’s on-line Maintenance and Support. Such right of access and use shall be provided at no cost or charge to Hyland.
5.4 Professional Services for Projects Not Covered by Technical Support Services or Error Correction Services. If Customer requests Professional Services which are outside the scope of Technical Support Services or Error Correction Services, Customer agrees that such services shall not be covered by this Section 5 and such services only shall be engaged pursuant to a Services Proposal under an applicable Professional Services Schedule.
5.5 Implementation of Upgrades And Enhancements to Regulated Products. Customer acknowledges and agrees that for regulatory compliance purposes, Customer may be required to engage Hyland under a Services Proposal to implement Upgrades and Enhancements to a regulated product. If Hyland offers a self-service option for implementing Upgrades and Enhancements to a regulated product, and the Customer chooses this option, Customer agrees to comply with the training, reporting, and documentation requirements established by Hyland to ensure that the implementation is performed and documented as required by applicable regulations.
5.6 Technical Support Contacts. Hyland will provide Maintenance and Support to the designated contacts, as identified by Customer (“Technical Support Contacts”). The Technical Support Contacts should have “read, write and execute” access to the necessary files, English language communication skills, and relevant technical knowledge. Customer may modify its designated Technical Support Contacts at any time during the term of the Agreement by notifying Hyland in writing and giving Hyland five (5) business days to process the change. Technical Support Contacts will be the only interface to the Hyland customer support center. Hyland recommends that the Technical Support Contacts obtain the applicable Software certification by attending Hyland training courses. In an emergency, a Hyland customer support engineer will respond to an issue for an unauthorized contact on an exception basis, subject to later verification and involvement of a named Technical Support Contact.
5.7 Professional Services. Customer agrees that the Professional Services Terms, available at https://legal.hyland.com/Customer-Legal-Center#professional-services-schedule shall apply to all Professional Services (as that term is defined in the Professional Services Terms) provided by Hyland for Customer.
6. LIMITED WARRANTY FOR SOFTWARE.
6.1 Hyland warrants to Customer that during the term of the Agreement the Software will function in all material respects as described in the Documentation. The terms of this warranty shall not apply to, and Hyland shall have no liability for any non-conformity related to, the Software if: (a) any component of the Software has been modified, misused or abused by Customer or a third party, (b) any such non-conformity arises from or is related to problems within or impacting Customer’s computing environment, including any Customer third party software applications, hardware, network or internet connectivity, (c) if the Software is used in combination with equipment or software other than that which is provided by Hyland or is consistent with the Documentation; or (d) to the extent the Software is Retired Software.
6.2 Hyland’s sole obligation, and Customer’s sole and exclusive remedy for any non-conformities to the express limited warranties under this Section shall be as follows: provided that Customer notifies Hyland in writing of the non-conformity, Hyland will either (a) correct the non-conforming component of the Software, which may include the delivery of a reasonable workaround for the non-conformity; or (b) if Hyland determines that correcting the non-conformity is not practicable, then terminate this Subscription Schedule with respect to the non-conforming component, in which event, upon compliance by Customer with its termination obligations under the Agreement, Hyland will provide a refund to Customer of the “unused portion of pre-paid Subscription Fees” (as defined below) paid by Customer and attributable to the non-conforming component. The “unused portion of the prepaid Subscription Fees” shall mean an amount equal to the pro rata portion of the Subscription Fees prepaid by Customer, if any, for any portion of the then current term that would have remained after the effective date of termination.
7. INFRINGEMENT INDEMNIFICATION.
7.1 Generally. Hyland agrees to indemnify Customer against all liability and expense, including reasonable attorneys’ fees, arising from or in connection with any third party claim, action or proceeding instituted against Customer based upon any infringement or misappropriation by the Software of any patent, registered copyright or registered trademark of a third party, provided that Hyland: (a) is notified immediately after Customer receives notice of such claim; (b) is solely in charge of the defense of and any settlement negotiations with respect to such claim, provided that Hyland will not settle any such claim without the prior written consent of Customer if such settlement contains a stipulation to or admission or acknowledgement of any liability or wrongdoing on the part of Customer or otherwise requires payment by Customer; (c) receives Customer’s reasonable cooperation in the defense or settlement of such claim; and (d) has the right, upon either the occurrence of or the likelihood (in the opinion of Hyland) of the occurrence of a finding of infringement or misappropriation, either to procure for Customer the right to continue use of the Software, or to replace the relevant portions of the Software or with other equivalent, non-infringing portions.
7.2 Removal and Refund. If Hyland is unable to accomplish either of the options set forth in subparagraph (d) of the immediately preceding Section, Hyland shall remove the infringing portion of the Software and refund to Customer the “unused portion of prepaid Subscription Fees” (as defined below) paid by Customer, with respect to the infringing portion of the Software. For these purposes, the “unused portion of the prepaid Subscription Fees” shall mean an amount equal to the pro rata portion of the Subscription Fees prepaid by Customer, if any, for any portion of the then current term that would have remained after the effective date of termination.
7.3 Exclusions. Notwithstanding anything to the contrary, Hyland shall have no obligation to Customer to indemnify any claims made against Customer and otherwise described in the first subsection (Generally) of this Infringement Indemnification Section that arise from: (a) use of the Software by Customer other than as expressly permitted by the Agreement; (b) the combination of the Software with any product not furnished by Hyland to Customer; (c) the modification or addition to of the Software other than by Hyland or any of its authorized channel partners specifically retained by Hyland to provide such modification or addition; or (d) the Customer’s business methods or processes.
7.4 THIS INFRINGEMENT INDEMNIFICATION SECTION STATES HYLAND’S ENTIRE LIABILITY AND THE SOLE AND EXCLUSIVE REMEDY WITH RESPECT TO ANY ALLEGED INFRINGEMENT OR MISAPPROPRIATION OF INTELLECTUAL PROPERTY OR PROPRIETARY PROPERTY BY THE SOFTWARE.
8. ADDITIONAL TERMS AND CONDITIONS. If Hyland is a Hyland company set forth below, the additional or alternative terms and conditions set forth on the applicable Additional Terms Exhibit shall apply:
| Hyland Company | Additional Terms Exhibit |
| Hyland Software Brasil LTDA. Hyland Software Germany GmbH | Exhibit A Exhibit B |
9. CONTROLLING LANGUAGE. Hyland may make other versions of this Subscription Schedule available in other languages at this online location. This English language version of this Subscription Schedule controls over any version of the Subscription Schedule made available at this online location in another language if the Incorporating Document is in English. If the Incorporating Document is in a language other than English (such language, the “Other Language”), but this Subscription Schedule is not made available at this online location in the Other Language, this English language version controls over any other version of the Subscription Schedule that may be made available at this online location in another language.
Exhibit A
Hyland Software Brasil Ltda Additional Terms Exhibit
If Hyland is Hyland Software Brasil Ltda, this Exhibit A shall apply:
- The Subscription Fees Section of the Subscription Schedule shall be replaced in its entirety as follows:
Customer shall pay Subscription Fees to Hyland for the Software licensed hereunder in such amounts as are invoiced by Hyland; provided, that during the first year of the Initial Term of this Schedule (as defined herein), Customer shall pay Subscription Fees to Hyland for the initial Software licensed hereunder in accordance with the applicable Order Form. Hyland will adjust the Subscription Fees annually on each anniversary of the Effective Date of the Agreement by the last known accumulated value of IPCA for a period of twelve (12) months at the time Hyland issues the invoice. For all purposes, “IPCA” means the Índice de Preços para o Consumidor Amplo, as measured by IBGE, or any index created to replace this index. Hyland will invoice Customer on or after the Effective Date for Subscription Fees for the first year of the Initial Term. Such invoice shall be due and payable by Customer to Hyland in accordance with the General Terms. For any subsequent years, Hyland will invoice Customer for Subscription Fees prior to the beginning of such year, and such invoices shall be due and payable by Customer to Hyland on or before the beginning of such year. In the event Customer licenses additional Software modules under the Agreement, Hyland will invoice Customer for Subscription Fees for such additional Software modules on a pro rata basis upon Hyland’s acceptance of the purchase order for such additional Software modules. Such invoice shall be due and payable by Customer to Hyland in accordance with the General Terms. Thereafter, Subscription Fees relating to such additional Software shall be included in the subsequent invoices issued with respect to the existing licensed Software.
Exhibit B
Hyland Software Germany GmbH Additional Terms Exhibit
If Hyland is Hyland Software Germany GmbH, this Exhibit B shall apply:
The most current version of this page shall be such in effect as of 12:00am EST (Eastern Standard Time) of the date stamped on such online version.
Confidential – © 2023 Hyland Software, Inc.
Effective December 11th 2023 to February 27th 2024
DownloadTable of Contents
SOFTWARE LICENSE AND MAINTENANCE SCHEDULE – SUBSCRIPTION
(Subscription License for Software, includes Maintenance and Support)
This Software License and Maintenance Schedule – Subscription (this “Subscription Schedule”) is part of the Master Agreement, Order Form or other agreement or document entered into between Customer and Hyland, which incorporates this Subscription Schedule by reference (the “Incorporating Document”). As used herein, the “Agreement” means the Incorporating Document, inclusive of this Subscription Schedule, and any other agreement within the Incorporating Document is incorporated.
DEFINED TERMS
All capitalized terms used in this Subscription Schedule shall have the meaning ascribed them in this Subscription Schedule or, if not defined in this Subscription Schedule, the General Terms Schedule. If any capitalized terms used herein are not defined in this Subscription Schedule or the General Terms Schedule, they shall have the meaning ascribed to them elsewhere in the Agreement. In the event the same defined term is defined in two (2) or more Schedules, the term shall be given the meaning defined in each Schedule with respect to that Schedule, and, if the term is also used within this Schedule, this Schedule shall be interpreted to include all definitions, as the context requires.
“Active Processes” means a process instance within the Alfresco Software that has not been completed, cancelled, or formally suspended. Processes that have been initiated – but which have not been completed, cancelled, or formally suspended, or which are in a “wait” state – shall constitute Active Processes regardless of the level of user or machine activity associated with those processes over time.
“Alfresco Community Versions” means the free, open source community versions that Hyland makes available at no charge, including without limitation Digital Business Platform, Alfresco Content Services, Alfresco Process Services and Records Management software.
“Alfresco Instance” means the installation of the Software into Customer’s individual repository or process environment using the license key generated by Hyland upon Customer’s execution of an Order Form or Hyland’s acceptance of Customer’s purchase order. The Alfresco Instance can be deployed over multiple physical or virtual servers limited to the number of Cores licensed to create one logical repository.
“Cores” means physical computer processing cores or virtual Central Processing Units (vCPUs), sold in groups of four Cores. As licensed by Hyland, an initial set of four Cores allows Customer to deploy the Alfresco Software on up to four physical cores, or up to four vCPUs, on a single server instance. If Customer purchases eight or more Cores, Customer may deploy the Software on physical cores or vCPUs equal to the number of Cores it has purchased, without limitation, as to the number of service instances upon which they can run. For example, if Customer purchases Alfresco Content Services (with eight Cores), Customer may deploy the Software on up or eight physical cores, or up to eight vCPUs, on any number of server instances.
“CPUs” means a single physical central processing unit with up to four (4) Cores on which the Alfresco Software may be installed or executed. In virtualized environments, a CPU is defined as an allocation of 1 to 4 virtual Cores to a given virtual machine instance. As an example, a virtual machine with 6 virtual Cores counts as 2 CPUs.
“Delivery” means: (a) the electronic downloading of the Software onto Customer’s systems, (b) the Software being made available by Hyland to Customer for electronic download onto Customer’s systems; or (c) the delivery by Hyland to Customer of a Production Certificate for such Software module(s) by Hyland either shipping (physically or electronically) the Production Certificate to Customer or making the Production Certificate available for electronic download by Customer (including through one of Hyland’s authorized channel partners).
“Documentation” means: (a) to the extent available, the “Help Files” included in the Software, or (b) if no such “Help Files” are included in the Software, such other documentation published by Hyland, in each case, which relate to the functional, operational or performance characteristics of the Software.
“Error” means any defect or condition inherent in the Software which is reported in accordance with the Agreement and which is confirmed by Hyland, that causes the Software to fail to function in any material respect as described in the Documentation.
“Error Correction Services” means Hyland’s reasonable efforts to correct an Error, which may be effected by a reasonable workaround.
“Initial Term” means, unless otherwise defined in the General Terms Schedule, and as used in this Subscription Schedule, (a) the initial term for which Customer has purchased products or services governed by this Subscription Schedule as set forth on the Incorporating Document for such product or service; or (b) if an initial term is not set forth as described in (a), the three (3) year period that begins on the date of Hyland’s acceptance of the applicable purchase order.
“Maintenance and Support” means for Software, (a) Error Correction Services; (b) Technical Support Services; and (c) the availability of Upgrades and Enhancements in accordance with this Subscription Schedule.
“Order Form” means, unless otherwise defined in the General Terms Schedule, and as used in this Subscription Schedule, an Incorporating Document (or a Purchase Table included in an Incorporating Document) describing the Software or other products or services purchased, associated fees, and other terms agreed to by the parties.
“Production Certificate” means license codes, a license certificate, or an IFM file issued by Hyland and necessary for Customer to activate Software for Customer’s production use.
“Resolution” means Hyland provides Customer with a reasonable workaround, correction, or modification that solves or mitigates a reported Error.
“Subscription Fees” means periodic fees for the licensing of Software licensed under this Subscription Schedule and for Maintenance and Support for such Software, and payable by Customer to Hyland.
“Retired Software” means, at any particular time any Software product or version of the Software licensed under the Agreement which is identified as being retired on Hyland’s applicable secure end user web site. Hyland will specify on such web site Software modules or versions which become Retired Software. The effective date of such change will be twelve (12) months from the date Hyland initially posts the status change on its end user web site.
“Support Prioritization Attachment” is the document available at https://legal.hyland.com/Customer-Legal-Center#maintenance-and-support-prioritization-attachment.
“Technical Support Services” means telephone or online technical support related to problems reported by Customer and associated with the operation of any Software, including assistance and advice related to the operation of the Software.
“Upgrades and Enhancements” means any and all new versions, improvements, modifications, upgrades, updates, fixes and additions to Software that Hyland makes available to its end users generally during the term of this Schedule to correct Errors or deficiencies or enhance the capabilities of the Software, together with updates of the Documentation to reflect such new versions, improvements, modifications, upgrades, fixes or additions; provided, however, that the foregoing shall not include new, separate product offerings, new modules or re-platformed Software.
1. SOFTWARE LICENSE.
1.1 Grant of License. Subject to Customer’s payment in full of the Subscription Fees, and subject further to Customer’s compliance with the Agreement, Hyland grants to Customer a revocable, non-exclusive, non-assignable (except as provided in the Agreement), limited license to the Software, in machine-readable object code form only and associated Documentation; in each case solely for use:
(a) by Customer internally, and only for storing, processing and accessing Customer’s own data; and
(b) subject to the Contractor use restrictions set forth herein, by a third party contractor retained by Customer as a provider of services to Customer (“Contractor”), but only by the Contractor for capturing, storing, processing and accessing Customer’s own data in fulfillment of the Contractor’s contractual obligations as a service provider to Customer.
The Software and associated Documentation are licensed for use by a single organization and may not be used for processing of third-party data as a service bureau, application service provider or otherwise. Customer shall not make any use of the Software or associated Documentation in any manner not expressly permitted by the Agreement. Software subject to a regulatory control may only be installed in the country identified as the end user location in the purchase order. The Software may be located and hosted on computer servers owned and controlled by a third party. Such third party hosting provider shall be considered a Contractor, and subject to the requirements of the Contractor use restrictions set forth herein.
1.2 Use Restriction. The Software is licensed for a specific type of use, such as concurrently or on a specified workstation or by a specified individual and the Software may control such use. Certain Software products that are volume-based (which shall include the number of Cores, Alfresco Instances and/or users) may: (a no longer function if applicable volume limits have been exceeded; (b) require Customer to pay additional fees based on Customer’s volume usage; and/or (c) include functionality which monitors or tracks Customer usage and reports that usage. Customer acknowledges and agrees that additional fees may apply based on Customer's volume usage. Customer may not circumvent or attempt to circumvent this restriction by any means, including but not limited to changing the computer calendars. Use of software or hardware that reduces the number of users directly accessing or utilizing the Software (sometimes called “multiplexing” or “pooling” software or hardware) does not reduce the number of Software licenses required. The required number of Software licenses would equal the number of distinct inputs to the multiplexing or pooling software or hardware. Customer is prohibited from using any software other than the Software Client licenses, platforms or a Software application programming interface (API) to access the Software or any data stored in the Software database for any purpose other than generating reports or statistics regarding system utilization, unless Hyland has given its prior written consent to Customer’s use of such other software and Customer has paid to Hyland the applicable fees with respect to such access. Customer further agrees that the Software shall not be copied and installed on additional servers unless Customer has purchased a license therefore, and the number of users of the Software shall not exceed the number of users permitted by the Software licenses purchased by Customer. In the case of Alfresco Software, Customer will not combine, call, link to, or otherwise use the Software in conjunction with any Alfresco Community Version, or use any of the services for Alfresco Community Versions or for any unlicensed Cores or users.
1.3 Production and Test Systems. Unless otherwise stated in an Order Form, Customer shall be entitled to use one (1) production copy of the Software licensed and one (1) additional copy of the production environment licensed Software for customary remote disaster recovery purposes which may not be used as a production system concurrently with the operation of any other copy of the Software in a production environment. In addition, Customer shall also be entitled to license a reasonable number of additional copies of the production environment licensed Software to be used exclusively in a non-production environment and solely for the purposes of experimenting and testing the Software, developing integrations between the Software and other applications that integrate to the Software solely using integration functionality of the Software licensed by Customer under the Agreement, and training Customer’s employees on the Software (“Test Systems”). Customer may be required to provide to Hyland certain information relating to Customer’s intended use of such Test Systems such as the manufacturer, model number, serial number and installation site. Hyland reserves the right to further define the permitted use(s) and/or restrict the use(s) of the Test Systems. Customer’s sole recourse in the event of any dissatisfaction with any Software in any non-production system is to stop using such Software and return it to Hyland, provided that, to the extent that Customer is using the Test System for the purposes of testing an Upgrade or Enhancement of the Software prior to implementing the same in Customer’s production environment, then Customer may contact Hyland for the provision of Maintenance and Support as described in this Subscription Schedule. Customer shall not make any copies of the Software not specifically authorized by this Section 1.3.
1.4 Evaluation Software. From time to time Customer may elect to evaluate certain Software modules (“Evaluation Software”) for the purpose of determining whether or not to purchase a production license of such Evaluation Software. Evaluation Software is licensed for Customer’s use in a non-production environment. Notwithstanding anything to the contrary, as to any Evaluation Software, the Agreement and the limited license granted hereby will terminate on the earliest of: (a) last day of the evaluation period specified in the accepted Order Form delivered for such Evaluation Software; or (b) immediately upon the delivery of written notice to such effect by Hyland to Customer. Upon expiration or other termination of such period, Customer immediately shall either (y) discontinue any and all of use of the Evaluation Software and related Documentation and remove the Evaluation Software; or (z) deliver an Order Form to Hyland for purchase of such Evaluation Software.
1.5 Third Party Licenses. The Software may be bundled with software owned by third parties, including but not limited to those manufacturers listed in the Help About screen of the Software. Such third party software is licensed solely for use within the Software and is not to be used on a stand-alone basis. Notwithstanding the above, Customer acknowledges that, depending on the modules licensed, the Software may include open source software governed by an open source license, in which case the open source license (a copy of which is provided in the Software) may grant additional rights to such open source software. Additionally, in the case of such software to be downloaded and installed on a mobile device, if such software will be downloaded from the application market or store maintained by the manufacturer of the mobile device, then use of such software will be governed by the license terms for the software included at the applicable application store or market or presented to Customer or Customer’s user in the software, and the Agreement will not govern such use.
1.6 Integration Code. If applicable, Software also includes all adapters or connectors created by Hyland and provided as part of an integration between the Software and a third party line of business application (“Integration Code”). Software also includes any desktop host or other content services software provided by Hyland and downloaded on a user's computer used to extend functionality in Hyland’s products. Such Integration Code and desktop host may only be used in combination with other Software and in accordance with the terms of the Agreement.
1.7 Contractor Use Agreement. Customer agrees that if it desires to allow a Contractor to do any of the following:
(a) make use of the Software configuration tools, Software administrative tools or any of the Software’s application programming interfaces (“APIs”);
(b) make use of any training materials or attend any training courses, either online or in person, in either case related to the Software; or
(c) access any of Hyland’s secure websites (including, but not limited to Hyland.com/Community), either through Contractor’s use of Customer’s own log-in credentials or through credentials received directly or indirectly by Contractor;
then, Customer must cause such Contractor to execute a use agreement in a form available for download at Hyland’s Community website (“Contractor Use Agreement”). Customer understands and agrees that: (x) Customer may not allow a Contractor to do any of the foregoing if such Contractor has not signed a Contractor Use Agreement, and (y) Contractors may use the Software only in compliance with the terms of the Agreement, and (z) Customer is responsible for such compliance by all Contractors that do not execute a Contractor Use Agreement. Customer agrees that it shall indemnify Hyland from and against all claims, liabilities, losses, damages and costs, including, but not limited to, reasonable attorneys’ fees and court costs, which are suffered or incurred by Hyland and arise from or in connection with the breach or noncompliance with the terms of the Agreement by any Contractor that does not sign a Contractor Use Agreement.
1.8 No High Risk Use. The Software and/or any Hyland Cloud Services are not fault-tolerant and are not guaranteed to be error free or to operate uninterrupted. Such Software and/or Cloud Services are not designed or intended for use in any situation where failure or fault of any kind of the Software and/or Cloud Services could lead to death or serious bodily injury to any person, or to severe physical or environmental damage (“High Risk Use”). The Software and/or any Hyland Cloud Service is not licensed by Hyland to use in, or in conjunction with, High Risk Use. High Risk Use is STRICTLY PROHIBITED. High Risk Use includes, for example, the following: aircraft or other modes of human mass transportation, nuclear or chemical facilities, life support systems, implantable medical equipment, motor vehicles, or weaponry systems. High Risk Use does not include utilization of the Software or Cloud Services for administrative purposes, as an information resource for medical professionals, to store configuration data, engineering and/or configuration tools, or other non-control applications, the failure of which would not result in death, personal injury, or severe physical or environmental damage. These non-controlling applications may communicate with the applications that perform the control, but must not be directly or indirectly responsible for the control function. Customer agrees to indemnify and hold harmless Hyland from any third-party claim arising out of Customer's or its Contractors use of the Software and/or Cloud Services in connection with any High Risk Use.
1.9 Audit Rights. During the term of this Subscription Schedule and for one (1) year thereafter, upon reasonable notice to Customer, Hyland shall be permitted access to Customer’s facilities and records, during regular business hours, to audit Customer’s use of the Software solely in order to determine Customer’s compliance with the licensing and pricing terms the Agreement, including, where applicable, to measure Customer’s volume usage. Additionally, if requested by Hyland in connection with Software licensed on a volume basis, Customer shall provide reports that show Customer’s volume usage. Customer shall reasonably cooperate with Hyland with respect to its performance of such audit. Customer acknowledges and agrees that Customer is prohibited from publishing the results of any benchmark test using the Software to any third party without Hyland’s prior written approval, and that Customer has not relied on the future availability of any programs or services in entering into the Agreement.
1.10 The Software may contain functionality that allows Customer to access, link or integrate the Software with Customer’s applications or applications or services provided by third parties. Hyland has no responsibility for such applications or services, websites or content and does not endorse any third party web sites, applications or services that may be linked or integrated through the Software; any activities engaged in by Customer with such third parties is solely between Customer and such third party.
1.11 ACS Specific Restriction Only. If Customer purchases Alfresco Content Services (“ACS”), the following restriction shall apply: The Alfresco Content Services (ACS) includes a workflow capability along with a predetermined set of document-review and approval workflows, and a set of predetermined management-task functions. Customer may use and modify the predetermined workflows and management tasks that are provided with the ACS subscription. However, Customer may not use the workflow software to design, create or run other types of workflows, business processes and/or management tasks. A separate subscription for Alfresco Process Services (APS) software is required for any such uses.
1.12 Nuxeo Software. If Customer is purchasing Nuxeo Software, Nuxeo Software is subject to additional licensing terms, which are available at https://legal.hyland.com/Customer-Legal-Center#nuxeo-subscription-terms.
2. SUBSCRIPTION FEES. Customer shall pay Subscription Fees to Hyland for the Software licensed hereunder in such amounts as are invoiced by Hyland; provided, that during the Initial Term of this Subscription Schedule (as defined herein), Customer shall pay Subscription Fees to Hyland for the initial Software licensed hereunder in accordance with the applicable Order Form. Following expiration of the Initial Term of this Subscription Schedule, Hyland may increase the Subscription Fees for the Software for any renewal period by up to ten percent (10%) of the previous year’s Subscription Fees. Hyland will invoice Customer on or after the Effective Date for Subscription Fees for the first year of the Initial Term. Such invoice shall be due and payable by Customer to Hyland in accordance with the General Terms Schedule. For any subsequent years, Hyland will invoice Customer for Subscription Fees prior to the beginning of such year, and such invoices shall be due and payable by Customer to Hyland on or before the beginning of such year. In the event Customer licenses additional Software under the Agreement, Hyland will invoice Customer for Subscription Fees for such additional Software on a pro rata basis upon Hyland’s acceptance of the purchase order for such additional Software. Such invoice shall be due and payable by Customer to Hyland in accordance with the General Terms Schedule. Thereafter, Subscription Fees relating to such additional Software shall be included in the subsequent invoices issued with respect to the existing licensed Software.
3. ADD-ON SERVICES. If Customer subscribes to an Add-On Service, the fees for such Add-On Service will be invoiced on a periodic basis, in advance, and Customer shall pay such invoices in accordance with the General Terms Schedule unless otherwise stated on an Order Form. Some Add-On Services may be priced on a volume basis, for which Add-On Services fees may be invoiced in arrears based on the applicable volume usage. Add-On Services may be subject to additional terms.
4. U.S. GOVERNMENT END USERS. To the extent applicable to Customer, the terms and conditions of the Agreement shall pertain to the U.S. Government’s use and/or disclosure of the Software, Add-On Services, and the Hyland Cloud Service, as the case may be, and shall supersede any conflicting contractual terms or conditions. By accepting the terms of the Agreement and/or the Delivery of the Software, Add-On Services and Hyland Cloud Service, as the case may be, the U.S. Government hereby agrees that the Software, including the Hosted 3rd Party Software included in the Hyland Cloud Service, and Add-On Services, as the case may be, qualify as “commercial” computer software within the meaning of ALL U.S. federal acquisition regulation(s) applicable to this procurement and that the Software and Add-On Services are developed exclusively at private expense. If this license fails to meet the U.S. Government’s needs or is inconsistent in any respect with Federal law, the U.S. Government agrees to return this Software, Add-On Services or Hyland Cloud Service, as the case may be, to Hyland. In addition to the foregoing, where DFARS is applicable, use, modification, reproduction, release, display, or disclosure of the Software, Add-On Services and Hyland Cloud Service, or Documentation, as the case may be, by the U.S. Government is subject solely to the terms of the Agreement, as stated in DFARS 227.7202, and the terms of the Agreement shall supersede any conflicting contractual term or conditions.
5. MAINTENANCE AND SUPPORT FOR SOFTWARE AND RETIRED SOFTWARE.
5.1 Maintenance and Support Terms. Except with respect to Retired Software, Hyland will provide Maintenance and Support in accordance with the Support Prioritization Attachment.
(a) Technical Support Services. Hyland will provide telephone or online technical support related to problems reported by Customer and associated with the operation of any Software, including assistance and advice related to the operation of the Software. Technical Support Services are not available for Retired Software.
(b) Error Correction Services. With respect to any Errors in the Software which are reported by Customer and which are confirmed by Hyland, in the exercise of its reasonable judgment, Hyland will use its reasonable efforts to correct the Error, which may be effected by a reasonable workaround. Hyland shall promptly commence to confirm any reported Errors after receipt of a proper report of such suspected Error from Customer. Hyland may elect to correct the Error in the current available or in the next available commercially released version of the Software and the Resolution may require the Customer to implement an Upgrade and Enhancement to obtain the correction. Error Correction Services are not available for Retired Software.
(c) Reporting Policies and Procedures Applicable to Technical Support Services and Error Correction Services.
(1) Customer Reporting Requirements. In requesting Technical Support Services and Error Correction Services, Customer will submit such requests through Hyland’s secure end user website, the details of which will be separately provided to Customer. Once such request is submitted through the end user website, Customer may call for Level 1 or Level 2 Severity Levels (support numbers are available through Hyland’s secure end user website). In the case of reporting an Error, Customer will provide Hyland with as much information and access to systems as reasonably possible to enable Hyland to investigate and attempt to identify and verify the Error. Customer will work with Hyland support personnel during the problem isolation process, as reasonably needed. Customer will notify Hyland of any configuration changes, such as network installation/expansion, Software upgrades, relocations, etc.
(2) Hyland Response Procedures. Hyland shall respond to all Technical Support Services requests and Error Correction Services requests in accordance with the Support Prioritization Attachment. With respect to Errors: (a) Hyland will respond based on the confirmed severity level of an Error; (b) Hyland may reclassify Errors as it learns information about such Errors during the resolution process; and (c) Hyland’s obligation for a reported Error concludes upon delivery of a Resolution in accordance with the Support Prioritization Attachment.
(d) Upgrades and Enhancements. Hyland will provide, in accordance with Hyland’s then current policies, as set forth from time to time on Hyland’s secure end user web site (currently www.hyland.com/community), all Upgrades and Enhancements, if and when released during the term of this Schedule.
5.2 Exclusions.
(a) Generally. Hyland is not responsible for providing, or obligated to provide, Maintenance and Support under the Agreement: (i) in connection with any Errors or problems that result in whole or in part from any alteration, revision, change, enhancement or modification of any nature of the Software, or from any error or defect in any configuration of the Software, which activities in any such case were undertaken by any party other than Hyland; (ii) in connection with any Error if Hyland has previously provided corrections for such Error which Customer fails to implement; (iii) in connection with any Errors or problems that have been caused by errors, defects, problems, alterations, revisions, changes, enhancements or modifications in the database, operating system, third party software (other than third party software embedded in the Software by Hyland), hardware or any system or networking utilized by Customer; (iv) if the Software or related software or systems have been subjected to abuse, misuse, improper handling, accident or neglect; or (v) if any party other than Hyland, or an authorized subcontractor specifically selected by Hyland, has provided any services in the nature of Maintenance and Support to Customer with respect to the Software. Maintenance and Support does not include any services that Hyland may provide in connection with assisting or completing an upgrade of Software with any available Upgrade and Enhancement.
(b) Work Products. Maintenance and Support is not provided for any Work Products (as defined in the Professional Services Schedule); however, if Customer desires Maintenance and Support regarding the operation or use of such Work Products, Customer may request such Maintenance and Support and the parties may agree to enter into a Services Proposal for such Maintenance and Support in accordance with the terms of the Professional Services Schedule.
(c) Excluded Software and Hardware. This Subscription Schedule does not govern, and Hyland shall not be responsible for, the maintenance or support of any software other than Software, or for any hardware or equipment of any kind or nature, whether or not obtained by Customer from Hyland.
5.3 Certain Other Responsibilities of Customer.
(a) Operation of the Software and Related Systems. Customer acknowledges and agrees that it is solely responsible for the operation, configuration, supervision, management and control of the Software and all related hardware and software (including the database software). Customer is solely responsible for: obtaining or providing training for its personnel; taking appropriate measures to isolate and backup or otherwise archive its computer systems, programs, data or files; and instituting appropriate security procedures and implementing reasonable procedures to examine and verify all output before use.
(b) Access to Premises and Systems. Customer shall make available reasonable access and use of Customer’s premises, and online access to Customer’s computer hardware, peripherals, Software and other software as Hyland deems necessary to diagnose and correct any Errors or to otherwise provide Maintenance and Support. Accordingly, Customer shall install and maintain means of communication and the appropriate communications software as mutually agreed upon by Hyland and Customer and an adequate connection with Hyland to facilitate Hyland’s on-line Maintenance and Support. Such right of access and use shall be provided at no cost or charge to Hyland.
5.4 Professional Services for Projects Not Covered by Technical Support Services or Error Correction Services. If Customer requests Professional Services which are outside the scope of Technical Support Services or Error Correction Services, Customer agrees that such services shall not be covered by this Section 5 and such services only shall be engaged pursuant to a Services Proposal under an applicable Professional Services Schedule.
5.5 Implementation of Upgrades And Enhancements to Regulated Products. Customer acknowledges and agrees that for regulatory compliance purposes, Customer may be required to engage Hyland under a Services Proposal to implement Upgrades and Enhancements to a regulated product. If Hyland offers a self-service option for implementing Upgrades and Enhancements to a regulated product, and the Customer chooses this option, Customer agrees to comply with the training, reporting, and documentation requirements established by Hyland to ensure that the implementation is performed and documented as required by applicable regulations.
5.6 Technical Support Contacts. Hyland will provide Maintenance and Support to the designated contacts, as identified by Customer (“Technical Support Contacts”). The Technical Support Contacts should have “read, write and execute” access to the necessary files, English language communication skills, and relevant technical knowledge. Customer may modify its designated Technical Support Contacts at any time during the term of this Subscription Schedule by notifying Hyland in writing and giving Hyland five (5) business days to process the change. Technical Support Contacts will be the only interface to the Hyland customer support center. Hyland recommends that the Technical Support Contacts obtain the applicable Software certification by attending Hyland training courses. In an emergency, a Hyland customer support engineer will respond to an issue for an unauthorized contact on an exception basis, subject to later verification and involvement of a named Technical Support Contact.
5.7 Professional Services. Customer agrees that the Professional Services Terms, available at https://legal.hyland.com/Customer-Legal-Center#professional-services-schedule shall apply to all Professional Services (as that term is defined in the Professional Services Terms) provided by Hyland for Customer.
6. LIMITED WARRANTY FOR SOFTWARE.
6.1 Hyland warrants to Customer that during the term of this Subscription Schedule the Software will function in all material respects as described in the Documentation. The terms of this warranty shall not apply to, and Hyland shall have no liability for any non-conformity related to, the Software if: (a) any component of the Software has been modified, misused or abused by Customer or a third party, (b) any such non-conformity arises from or is related to problems within or impacting Customer’s computing environment, including any Customer third party software applications, hardware, network or internet connectivity, (c) if the Software is used in combination with equipment or software other than that which is provided by Hyland or is consistent with the Documentation; or (d) to the extent the Software is Retired Software.
6.2 Hyland’s sole obligation, and Customer’s sole exclusive remedy for any non-conformities to the express limited warranties under this Section shall be as follows: provided that Customer notifies Hyland in writing of the non-conformity, Hyland will either (a) correct the non-conforming component of the Software, which may include the delivery of a reasonable workaround for the non-conformity; or (b) if Hyland determines that correcting the non-conformity is not practicable, then terminate this Subscription Schedule with respect to the non-conforming component, in which event, upon compliance by Customer with its obligations under the Additional Effects or Consequences of Termination Section of this Subscription Schedule, Hyland will provide a refund to Customer of the “unused portion of pre-paid Subscription Fees” (as defined below) paid by Customer and attributable to the non-conforming component. The “unused portion of the prepaid Subscription Fees” shall mean an amount equal to the pro rata portion of the Subscription Fees prepaid by Customer, if any, for any portion of the then current term that would have remained after the effective date of termination.
7. INFRINGEMENT INDEMNIFICATION.
7.1 Generally. Hyland agrees to indemnify Customer against all liability and expense, including reasonable attorneys’ fees, arising from or in connection with any third party claim, action or proceeding instituted against Customer based upon any infringement or misappropriation by the Software of any patent, registered copyright or registered trademark of a third party, provided that Hyland: (a) is notified immediately after Customer receives notice of such claim; (b) is solely in charge of the defense of and any settlement negotiations with respect to such claim, provided that Hyland will not settle any such claim without the prior written consent of Customer if such settlement contains a stipulation to or admission or acknowledgement of any liability or wrongdoing on the part of Customer or otherwise requires payment by Customer; (c) receives Customer’s reasonable cooperation in the defense or settlement of such claim; and (d) has the right, upon either the occurrence of or the likelihood (in the opinion of Hyland) of the occurrence of a finding of infringement or misappropriation, either to procure for Customer the right to continue use of the Software, or to replace the relevant portions of the Software or with other equivalent, non-infringing portions.
7.2 Removal and Refund. If Hyland is unable to accomplish either of the options set forth in subparagraph (d) of the immediately preceding Section, Hyland shall remove the infringing portion of the Software and refund to Customer the “unused portion of prepaid Subscription Fees” (as defined below) paid by Customer, with respect to the infringing portion of the Software. For these purposes, the “unused portion of the prepaid Subscription Fees” shall mean an amount equal to the pro rata portion of the Subscription Fees prepaid by Customer, if any, for any portion of the then current term that would have remained after the effective date of termination.
7.3 Exclusions. Notwithstanding anything to the contrary, Hyland shall have no obligation to Customer to indemnify any claims made against Customer and otherwise described in the first subsection (Generally) of this Infringement Indemnification Section that arise from: (a) use of the Software by Customer other than as expressly permitted by the Agreement; (b) the combination of the Software with any product not furnished by Hyland to Customer; (c) the modification or addition to of the Software other than by Hyland or any of its authorized channel partners specifically retained by Hyland to provide such modification or addition; or (d) the Customer’s business methods or processes.
7.4 THIS INFRINGEMENT INDEMNIFICATION SECTION STATES HYLAND’S ENTIRE LIABILITY AND THE SOLE AND EXCLUSIVE REMEDY WITH RESPECT TO ANY ALLEGED INFRINGEMENT OR MISAPPROPRIATION OF INTELLECTUAL PROPERTY OR PROPRIETARY PROPERTY BY THE SOFTWARE.
8. ADDITIONAL TERMS AND CONDITIONS. If Hyland is a Hyland company set forth below, the additional or alternative terms and conditions set forth on the applicable Additional Terms Exhibit shall apply:
| Hyland Company | Additional Terms Exhibit |
| Hyland Software Brasil LTDA. Hyland Software Germany GmbH | Exhibit A Exhibit B |
9. CONTROLLING LANGUAGE. Hyland may make other versions of this Subscription Schedule available in other languages at this online location. This English language version of this Subscription Schedule controls over any version of the Subscription Schedule made available at this online location in another language if the Incorporating Document is in English. If the Incorporating Document is in a language other than English (such language, the “Other Language”), but this Subscription Schedule is not made available at this online location in the Other Language, this English language version controls over any other version of the Subscription Schedule that may be made available at this online location in another language.
Exhibit A
Hyland Software Brasil Ltda Additional Terms Exhibit
If Hyland is Hyland Software Brasil Ltda, this Exhibit A shall apply:
- The Subscription Fees Section of the Subscription Schedule shall be replaced in its entirety as follows:
Customer shall pay Subscription Fees to Hyland for the Software licensed hereunder in such amounts as are invoiced by Hyland; provided, that during the first year of the Initial Term of this Schedule (as defined herein), Customer shall pay Subscription Fees to Hyland for the initial Software licensed hereunder in accordance with the applicable Order Form. Hyland will adjust the Subscription Fees annually on each anniversary of the Effective Date of the Agreement by the last known accumulated value of IPCA for a period of twelve (12) months at the time Hyland issues the invoice. For all purposes, “IPCA” means the Índice de Preços para o Consumidor Amplo, as measured by IBGE, or any index created to replace this index. Hyland will invoice Customer on or after the Effective Date for Subscription Fees for the first year of the Initial Term. Such invoice shall be due and payable by Customer to Hyland in accordance with the General Terms. For any subsequent years, Hyland will invoice Customer for Subscription Fees prior to the beginning of such year, and such invoices shall be due and payable by Customer to Hyland on or before the beginning of such year. In the event Customer licenses additional Software modules under the Agreement, Hyland will invoice Customer for Subscription Fees for such additional Software modules on a pro rata basis upon Hyland’s acceptance of the purchase order for such additional Software modules. Such invoice shall be due and payable by Customer to Hyland in accordance with the General Terms. Thereafter, Subscription Fees relating to such additional Software shall be included in the subsequent invoices issued with respect to the existing licensed Software.
Exhibit B
Hyland Software Germany GmbH Additional Terms Exhibit
If Hyland is Hyland Software Germany GmbH, this Exhibit B shall apply:
The most current version of this page shall be such in effect as of 12:00am EST (Eastern Standard Time) of the date stamped on such online version.
Confidential – © 2023 Hyland Software, Inc.
Effective October 4th 2023 to December 11th 2023
DownloadTable of Contents
SOFTWARE LICENSE AND MAINTENANCE SCHEDULE – SUBSCRIPTION
(Subscription License for Software, includes Maintenance and Support)
This Software License and Maintenance Schedule – Subscription (this “Subscription Schedule”) is part of the Master Agreement, Order Form or other agreement or document entered into between Customer and Hyland, which incorporates this Subscription Schedule by reference (the “Incorporating Document”). As used herein, the “Agreement” means the Incorporating Document, inclusive of this Subscription Schedule, and any other agreement within the Incorporating Document is incorporated.
DEFINED TERMS
All capitalized terms used in this Subscription Schedule shall have the meaning ascribed them in this Subscription Schedule or, if not defined in this Subscription Schedule, the General Terms Schedule. If any capitalized terms used herein are not defined in this Subscription Schedule or the General Terms Schedule, they shall have the meaning ascribed to them elsewhere in the Agreement. In the event the same defined term is defined in two (2) or more Schedules, the term shall be given the meaning defined in each Schedule with respect to that Schedule, and, if the term is also used within this Schedule, this Schedule shall be interpreted to include all definitions, as the context requires.
“Active Processes” means a process instance within the Alfresco Software that has not been completed, cancelled, or formally suspended. Processes that have been initiated – but which have not been completed, cancelled, or formally suspended, or which are in a “wait” state – shall constitute Active Processes regardless of the level of user or machine activity associated with those processes over time.
“Alfresco Community Versions” means the free, open source community versions that Hyland makes available at no charge, including without limitation Digital Business Platform, Alfresco Content Services, Alfresco Process Services and Records Management software.
“Alfresco Instance” means the installation of the Software into Customer’s individual repository or process environment using the license key generated by Hyland upon Customer’s execution of an Order Form or Hyland’s acceptance of Customer’s purchase order. The Alfresco Instance can be deployed over multiple physical or virtual servers limited to the number of Cores licensed to create one logical repository.
“Cores” means physical computer processing cores or virtual Central Processing Units (vCPUs), sold in groups of four Cores. As licensed by Hyland, an initial set of four Cores allows Customer to deploy the Alfresco Software on up to four physical cores, or up to four vCPUs, on a single server instance. If Customer purchases eight or more Cores, Customer may deploy the Software on physical cores or vCPUs equal to the number of Cores it has purchased, without limitation, as to the number of service instances upon which they can run. For example, if Customer purchases Alfresco Content Services (with eight Cores), Customer may deploy the Software on up or eight physical cores, or up to eight vCPUs, on any number of server instances.
“CPUs” means a single physical central processing unit with up to four (4) Cores on which the Alfresco Software may be installed or executed. In virtualized environments, a CPU is defined as an allocation of 1 to 4 virtual Cores to a given virtual machine instance. As an example, a virtual machine with 6 virtual Cores counts as 2 CPUs.
“Delivery” means: (a) the electronic downloading of the Software onto Customer’s systems, (b) the Software being made available by Hyland to Customer for electronic download onto Customer’s systems; or (c) the delivery by Hyland to Customer of a Production Certificate for such Software module(s) by Hyland either shipping (physically or electronically) the Production Certificate to Customer or making the Production Certificate available for electronic download by Customer (including through one of Hyland’s authorized channel partners).
“Documentation” means: (a) to the extent available, the “Help Files” included in the Software, or (b) if no such “Help Files” are included in the Software, such other documentation published by Hyland, in each case, which relate to the functional, operational or performance characteristics of the Software.
“Error” means any defect or condition inherent in the Software which is reported in accordance with the Agreement and which is confirmed by Hyland, that causes the Software to fail to function in any material respect as described in the Documentation.
“Error Correction Services” means Hyland’s reasonable efforts to correct an Error, which may be effected by a reasonable workaround.
“Initial Term” means, unless otherwise defined in the General Terms Schedule, and as used in this Subscription Schedule, (a) the initial term for which Customer has purchased products or services governed by this Subscription Schedule as set forth on the Incorporating Document for such product or service; or (b) if an initial term is not set forth as described in (a), the three (3) year period that begins on the date of Hyland’s acceptance of the applicable purchase order.
“Maintenance and Support” means for Software, (a) Error Correction Services; (b) Technical Support Services; and (c) the availability of Upgrades and Enhancements in accordance with this Subscription Schedule.
“Order Form” means, unless otherwise defined in the General Terms Schedule, and as used in this Subscription Schedule, an Incorporating Document (or a Purchase Table included in an Incorporating Document) describing the Software or other products or services purchased, associated fees, and other terms agreed to by the parties.
“Production Certificate” means license codes, a license certificate, or an IFM file issued by Hyland and necessary for Customer to activate Software for Customer’s production use.
“Resolution” means Hyland provides Customer with a reasonable workaround, correction, or modification that solves or mitigates a reported Error.
“Subscription Fees” means periodic fees for the licensing of Software licensed under this Subscription Schedule and for Maintenance and Support for such Software, and payable by Customer to Hyland.
“Retired Software” means, at any particular time any Software product or version of the Software licensed under the Agreement which is identified as being retired on Hyland’s applicable secure end user web site. Hyland will specify on such web site Software modules or versions which become Retired Software. The effective date of such change will be twelve (12) months from the date Hyland initially posts the status change on its end user web site.
“Support Prioritization Attachment” is the document available at https://legal.hyland.com/Customer-Legal-Center#maintenance-and-support-prioritization-attachment.
“Technical Support Services” means telephone or online technical support related to problems reported by Customer and associated with the operation of any Software, including assistance and advice related to the operation of the Software.
“Upgrades and Enhancements” means any and all new versions, improvements, modifications, upgrades, updates, fixes and additions to Software that Hyland makes available to its end users generally during the term of this Schedule to correct Errors or deficiencies or enhance the capabilities of the Software, together with updates of the Documentation to reflect such new versions, improvements, modifications, upgrades, fixes or additions; provided, however, that the foregoing shall not include new, separate product offerings, new modules or re-platformed Software.
1. SOFTWARE LICENSE.
1.1 Grant of License. Subject to Customer’s payment in full of the Subscription Fees, and subject further to Customer’s compliance with the Agreement, Hyland grants to Customer a revocable, non-exclusive, non-assignable (except as provided in the Agreement), limited license to the Software, in machine-readable object code form only and associated Documentation; in each case solely for use:
(a) by Customer internally, and only for storing, processing and accessing Customer’s own data; and
(b) subject to the Contractor use restrictions set forth herein, by a third party contractor retained by Customer as a provider of services to Customer (“Contractor”), but only by the Contractor for capturing, storing, processing and accessing Customer’s own data in fulfillment of the Contractor’s contractual obligations as a service provider to Customer.
The Software and associated Documentation are licensed for use by a single organization and may not be used for processing of third-party data as a service bureau, application service provider or otherwise. Customer shall not make any use of the Software or associated Documentation in any manner not expressly permitted by the Agreement. Software subject to a regulatory control may only be installed in the country identified as the end user location in the purchase order. The Software may be located and hosted on computer servers owned and controlled by a third party. Such third party hosting provider shall be considered a Contractor, and subject to the requirements of the Contractor use restrictions set forth herein.
1.2 Use Restriction. The Software is licensed for a specific type of use, such as concurrently or on a specified workstation or by a specified individual and the Software may control such use. Certain Software products that are volume-based (which shall include the number of Cores, Alfresco Instances and/or users) may: (a no longer function if applicable volume limits have been exceeded; (b) require Customer to pay additional fees based on Customer’s volume usage; and/or (c) include functionality which monitors or tracks Customer usage and reports that usage. Customer acknowledges and agrees that additional fees may apply based on Customer's volume usage. Customer may not circumvent or attempt to circumvent this restriction by any means, including but not limited to changing the computer calendars. Use of software or hardware that reduces the number of users directly accessing or utilizing the Software (sometimes called “multiplexing” or “pooling” software or hardware) does not reduce the number of Software licenses required. The required number of Software licenses would equal the number of distinct inputs to the multiplexing or pooling software or hardware. Customer is prohibited from using any software other than the Software Client licenses, platforms or a Software application programming interface (API) to access the Software or any data stored in the Software database for any purpose other than generating reports or statistics regarding system utilization, unless Hyland has given its prior written consent to Customer’s use of such other software and Customer has paid to Hyland the applicable fees with respect to such access. Customer further agrees that the Software shall not be copied and installed on additional servers unless Customer has purchased a license therefore, and the number of users of the Software shall not exceed the number of users permitted by the Software licenses purchased by Customer. In the case of Alfresco Software, Customer will not combine, call, link to, or otherwise use the Software in conjunction with any Alfresco Community Version, or use any of the services for Alfresco Community Versions or for any unlicensed Cores or users.
1.3 Production and Test Systems. Unless otherwise stated in an Order Form, Customer shall be entitled to use one (1) production copy of the Software licensed and one (1) additional copy of the production environment licensed Software for customary remote disaster recovery purposes which may not be used as a production system concurrently with the operation of any other copy of the Software in a production environment. In addition, Customer shall also be entitled to license a reasonable number of additional copies of the production environment licensed Software to be used exclusively in a non-production environment and solely for the purposes of experimenting and testing the Software, developing integrations between the Software and other applications that integrate to the Software solely using integration functionality of the Software licensed by Customer under the Agreement, and training Customer’s employees on the Software (“Test Systems”). Customer may be required to provide to Hyland certain information relating to Customer’s intended use of such Test Systems such as the manufacturer, model number, serial number and installation site. Hyland reserves the right to further define the permitted use(s) and/or restrict the use(s) of the Test Systems. Customer’s sole recourse in the event of any dissatisfaction with any Software in any non-production system is to stop using such Software and return it to Hyland, provided that, to the extent that Customer is using the Test System for the purposes of testing an Upgrade or Enhancement of the Software prior to implementing the same in Customer’s production environment, then Customer may contact Hyland for the provision of Maintenance and Support as described in this Subscription Schedule. Customer shall not make any copies of the Software not specifically authorized by this Section 1.3.
1.4 Evaluation Software. From time to time Customer may elect to evaluate certain Software modules (“Evaluation Software”) for the purpose of determining whether or not to purchase a production license of such Evaluation Software. Evaluation Software is licensed for Customer’s use in a non-production environment. Notwithstanding anything to the contrary, as to any Evaluation Software, the Agreement and the limited license granted hereby will terminate on the earliest of: (a) last day of the evaluation period specified in the accepted Order Form delivered for such Evaluation Software; or (b) immediately upon the delivery of written notice to such effect by Hyland to Customer. Upon expiration or other termination of such period, Customer immediately shall either (y) discontinue any and all of use of the Evaluation Software and related Documentation and remove the Evaluation Software; or (z) deliver an Order Form to Hyland for purchase of such Evaluation Software.
1.5 Third Party Licenses. The Software may be bundled with software owned by third parties, including but not limited to those manufacturers listed in the Help About screen of the Software. Such third party software is licensed solely for use within the Software and is not to be used on a stand-alone basis. Notwithstanding the above, Customer acknowledges that, depending on the modules licensed, the Software may include open source software governed by an open source license, in which case the open source license (a copy of which is provided in the Software) may grant additional rights to such open source software. Additionally, in the case of such software to be downloaded and installed on a mobile device, if such software will be downloaded from the application market or store maintained by the manufacturer of the mobile device, then use of such software will be governed by the license terms for the software included at the applicable application store or market or presented to Customer or Customer’s user in the software, and the Agreement will not govern such use.
1.6 Integration Code. If applicable, Software also includes all adapters or connectors created by Hyland and provided as part of an integration between the Software and a third party line of business application (“Integration Code”). Software also includes any desktop host or other content services software provided by Hyland and downloaded on a user's computer used to extend functionality in Hyland’s products. Such Integration Code and desktop host may only be used in combination with other Software and in accordance with the terms of the Agreement.
1.7 Contractor Use Agreement. Customer agrees that if it desires to allow a Contractor to do any of the following:
(a) make use of the Software configuration tools, Software administrative tools or any of the Software’s application programming interfaces (“APIs”);
(b) make use of any training materials or attend any training courses, either online or in person, in either case related to the Software; or
(c) access any of Hyland’s secure websites (including, but not limited to Hyland.com/Community), either through Contractor’s use of Customer’s own log-in credentials or through credentials received directly or indirectly by Contractor;
then, Customer must cause such Contractor to execute a use agreement in a form available for download at Hyland’s Community website (“Contractor Use Agreement”). Customer understands and agrees that: (x) Customer may not allow a Contractor to do any of the foregoing if such Contractor has not signed a Contractor Use Agreement, and (y) Contractors may use the Software only in compliance with the terms of the Agreement, and (z) Customer is responsible for such compliance by all Contractors that do not execute a Contractor Use Agreement. Customer agrees that it shall indemnify Hyland from and against all claims, liabilities, losses, damages and costs, including, but not limited to, reasonable attorneys’ fees and court costs, which are suffered or incurred by Hyland and arise from or in connection with the breach or noncompliance with the terms of the Agreement by any Contractor that does not sign a Contractor Use Agreement.
1.8 No High Risk Use. The Software and/or any Hyland Cloud Services are not fault-tolerant and are not guaranteed to be error free or to operate uninterrupted. Such Software and/or Cloud Services are not designed or intended for use in any situation where failure or fault of any kind of the Software and/or Cloud Services could lead to death or serious bodily injury to any person, or to severe physical or environmental damage (“High Risk Use”). The Software and/or any Hyland Cloud Service is not licensed by Hyland to use in, or in conjunction with, High Risk Use. High Risk Use is STRICTLY PROHIBITED. High Risk Use includes, for example, the following: aircraft or other modes of human mass transportation, nuclear or chemical facilities, life support systems, implantable medical equipment, motor vehicles, or weaponry systems. High Risk Use does not include utilization of the Software or Cloud Services for administrative purposes, as an information resource for medical professionals, to store configuration data, engineering and/or configuration tools, or other non-control applications, the failure of which would not result in death, personal injury, or severe physical or environmental damage. These non-controlling applications may communicate with the applications that perform the control, but must not be directly or indirectly responsible for the control function. Customer agrees to indemnify and hold harmless Hyland from any third-party claim arising out of Customer's or its Contractors use of the Software and/or Cloud Services in connection with any High Risk Use.
1.9 Audit Rights. During the term of this Subscription Schedule and for one (1) year thereafter, upon reasonable notice to Customer, Hyland shall be permitted access to Customer’s facilities and records, during regular business hours, to audit Customer’s use of the Software solely in order to determine Customer’s compliance with the licensing and pricing terms the Agreement, including, where applicable, to measure Customer’s volume usage. Additionally, if requested by Hyland in connection with Software licensed on a volume basis, Customer shall provide reports that show Customer’s volume usage. Customer shall reasonably cooperate with Hyland with respect to its performance of such audit. Customer acknowledges and agrees that Customer is prohibited from publishing the results of any benchmark test using the Software to any third party without Hyland’s prior written approval, and that Customer has not relied on the future availability of any programs or services in entering into the Agreement.
1.10 The Software may contain functionality that allows Customer to access, link or integrate the Software with Customer’s applications or applications or services provided by third parties. Hyland has no responsibility for such applications or services, websites or content and does not endorse any third party web sites, applications or services that may be linked or integrated through the Software; any activities engaged in by Customer with such third parties is solely between Customer and such third party.
1.11 ACS Specific Restriction Only. If Customer purchases Alfresco Content Services (“ACS”), the following restriction shall apply: The Alfresco Content Services (ACS) includes a workflow capability along with a predetermined set of document-review and approval workflows, and a set of predetermined management-task functions. Customer may use and modify the predetermined workflows and management tasks that are provided with the ACS subscription. However, Customer may not use the workflow software to design, create or run other types of workflows, business processes and/or management tasks. A separate subscription for Alfresco Process Services (APS) software is required for any such uses.
1.12 Nuxeo Software. If Customer is purchasing Nuxeo Software, Nuxeo Software is subject to additional licensing terms, which are available at https://legal.hyland.com/NuxeoSubscriptionTerms.
2. SUBSCRIPTION FEES. Customer shall pay Subscription Fees to Hyland for the Software licensed hereunder in such amounts as are invoiced by Hyland; provided, that during the Initial Term of this Subscription Schedule (as defined herein), Customer shall pay Subscription Fees to Hyland for the initial Software licensed hereunder in accordance with the applicable Order Form. Following expiration of the Initial Term of this Subscription Schedule, Hyland may increase the Subscription Fees for the Software for any renewal period by up to ten percent (10%) of the previous year’s Subscription Fees. Hyland will invoice Customer on or after the Effective Date for Subscription Fees for the first year of the Initial Term. Such invoice shall be due and payable by Customer to Hyland in accordance with the General Terms Schedule. For any subsequent years, Hyland will invoice Customer for Subscription Fees prior to the beginning of such year, and such invoices shall be due and payable by Customer to Hyland on or before the beginning of such year. In the event Customer licenses additional Software under the Agreement, Hyland will invoice Customer for Subscription Fees for such additional Software on a pro rata basis upon Hyland’s acceptance of the purchase order for such additional Software. Such invoice shall be due and payable by Customer to Hyland in accordance with the General Terms Schedule. Thereafter, Subscription Fees relating to such additional Software shall be included in the subsequent invoices issued with respect to the existing licensed Software.
3. ADD-ON SERVICES. If Customer subscribes to an Add-On Service, the fees for such Add-On Service will be invoiced on a periodic basis, in advance, and Customer shall pay such invoices in accordance with the General Terms Schedule unless otherwise stated on an Order Form. Some Add-On Services may be priced on a volume basis, for which Add-On Services fees may be invoiced in arrears based on the applicable volume usage. Add-On Services may be subject to additional terms.
4. U.S. GOVERNMENT END USERS. To the extent applicable to Customer, the terms and conditions of the Agreement shall pertain to the U.S. Government’s use and/or disclosure of the Software, Add-On Services, and the Hyland Cloud Service, as the case may be, and shall supersede any conflicting contractual terms or conditions. By accepting the terms of the Agreement and/or the Delivery of the Software, Add-On Services and Hyland Cloud Service, as the case may be, the U.S. Government hereby agrees that the Software, including the Hosted 3rd Party Software included in the Hyland Cloud Service, and Add-On Services, as the case may be, qualify as “commercial” computer software within the meaning of ALL U.S. federal acquisition regulation(s) applicable to this procurement and that the Software and Add-On Services are developed exclusively at private expense. If this license fails to meet the U.S. Government’s needs or is inconsistent in any respect with Federal law, the U.S. Government agrees to return this Software, Add-On Services or Hyland Cloud Service, as the case may be, to Hyland. In addition to the foregoing, where DFARS is applicable, use, modification, reproduction, release, display, or disclosure of the Software, Add-On Services and Hyland Cloud Service, or Documentation, as the case may be, by the U.S. Government is subject solely to the terms of the Agreement, as stated in DFARS 227.7202, and the terms of the Agreement shall supersede any conflicting contractual term or conditions.
5. MAINTENANCE AND SUPPORT FOR SOFTWARE AND RETIRED SOFTWARE.
5.1 Maintenance and Support Terms. Except with respect to Retired Software, Hyland will provide Maintenance and Support in accordance with the Support Prioritization Attachment.
(a) Technical Support Services. Hyland will provide telephone or online technical support related to problems reported by Customer and associated with the operation of any Software, including assistance and advice related to the operation of the Software. Technical Support Services are not available for Retired Software.
(b) Error Correction Services. With respect to any Errors in the Software which are reported by Customer and which are confirmed by Hyland, in the exercise of its reasonable judgment, Hyland will use its reasonable efforts to correct the Error, which may be effected by a reasonable workaround. Hyland shall promptly commence to confirm any reported Errors after receipt of a proper report of such suspected Error from Customer. Hyland may elect to correct the Error in the current available or in the next available commercially released version of the Software and the Resolution may require the Customer to implement an Upgrade and Enhancement to obtain the correction. Error Correction Services are not available for Retired Software.
(c) Reporting Policies and Procedures Applicable to Technical Support Services and Error Correction Services.
(1) Customer Reporting Requirements. In requesting Technical Support Services and Error Correction Services, Customer will submit such requests through Hyland’s secure end user website, the details of which will be separately provided to Customer. Once such request is submitted through the end user website, Customer may call for Level 1 or Level 2 Severity Levels (support numbers are available through Hyland’s secure end user website). In the case of reporting an Error, Customer will provide Hyland with as much information and access to systems as reasonably possible to enable Hyland to investigate and attempt to identify and verify the Error. Customer will work with Hyland support personnel during the problem isolation process, as reasonably needed. Customer will notify Hyland of any configuration changes, such as network installation/expansion, Software upgrades, relocations, etc.
(2) Hyland Response Procedures. Hyland shall respond to all Technical Support Services requests and Error Correction Services requests in accordance with the Support Prioritization Attachment. With respect to Errors: (a) Hyland will respond based on the confirmed severity level of an Error; (b) Hyland may reclassify Errors as it learns information about such Errors during the resolution process; and (c) Hyland’s obligation for a reported Error concludes upon delivery of a Resolution in accordance with the Support Prioritization Attachment.
(d) Upgrades and Enhancements. Hyland will provide, in accordance with Hyland’s then current policies, as set forth from time to time on Hyland’s secure end user web site (currently www.hyland.com/community), all Upgrades and Enhancements, if and when released during the term of this Schedule.
5.2 Exclusions.
(a) Generally. Hyland is not responsible for providing, or obligated to provide, Maintenance and Support under the Agreement: (i) in connection with any Errors or problems that result in whole or in part from any alteration, revision, change, enhancement or modification of any nature of the Software, or from any error or defect in any configuration of the Software, which activities in any such case were undertaken by any party other than Hyland; (ii) in connection with any Error if Hyland has previously provided corrections for such Error which Customer fails to implement; (iii) in connection with any Errors or problems that have been caused by errors, defects, problems, alterations, revisions, changes, enhancements or modifications in the database, operating system, third party software (other than third party software embedded in the Software by Hyland), hardware or any system or networking utilized by Customer; (iv) if the Software or related software or systems have been subjected to abuse, misuse, improper handling, accident or neglect; or (v) if any party other than Hyland, or an authorized subcontractor specifically selected by Hyland, has provided any services in the nature of Maintenance and Support to Customer with respect to the Software. Maintenance and Support does not include any services that Hyland may provide in connection with assisting or completing an upgrade of Software with any available Upgrade and Enhancement.
(b) Work Products. Maintenance and Support is not provided for any Work Products (as defined in the Professional Services Schedule); however, if Customer desires Maintenance and Support regarding the operation or use of such Work Products, Customer may request such Maintenance and Support and the parties may agree to enter into a Services Proposal for such Maintenance and Support in accordance with the terms of the Professional Services Schedule.
(c) Excluded Software and Hardware. This Subscription Schedule does not govern, and Hyland shall not be responsible for, the maintenance or support of any software other than Software, or for any hardware or equipment of any kind or nature, whether or not obtained by Customer from Hyland.
5.3 Certain Other Responsibilities of Customer.
(a) Operation of the Software and Related Systems. Customer acknowledges and agrees that it is solely responsible for the operation, configuration, supervision, management and control of the Software and all related hardware and software (including the database software). Customer is solely responsible for: obtaining or providing training for its personnel; taking appropriate measures to isolate and backup or otherwise archive its computer systems, programs, data or files; and instituting appropriate security procedures and implementing reasonable procedures to examine and verify all output before use.
(b) Access to Premises and Systems. Customer shall make available reasonable access and use of Customer’s premises, and online access to Customer’s computer hardware, peripherals, Software and other software as Hyland deems necessary to diagnose and correct any Errors or to otherwise provide Maintenance and Support. Accordingly, Customer shall install and maintain means of communication and the appropriate communications software as mutually agreed upon by Hyland and Customer and an adequate connection with Hyland to facilitate Hyland’s on-line Maintenance and Support. Such right of access and use shall be provided at no cost or charge to Hyland.
5.4 Professional Services for Projects Not Covered by Technical Support Services or Error Correction Services. If Customer requests Professional Services which are outside the scope of Technical Support Services or Error Correction Services, Customer agrees that such services shall not be covered by this Section 5 and such services only shall be engaged pursuant to a Services Proposal under an applicable Professional Services Schedule.
5.5 Implementation of Upgrades And Enhancements to Regulated Products. Customer acknowledges and agrees that for regulatory compliance purposes, Customer may be required to engage Hyland under a Services Proposal to implement Upgrades and Enhancements to a regulated product. If Hyland offers a self-service option for implementing Upgrades and Enhancements to a regulated product, and the Customer chooses this option, Customer agrees to comply with the training, reporting, and documentation requirements established by Hyland to ensure that the implementation is performed and documented as required by applicable regulations.
5.6 Technical Support Contacts. Hyland will provide Maintenance and Support to the designated contacts, as identified by Customer (“Technical Support Contacts”). The Technical Support Contacts should have “read, write and execute” access to the necessary files, English language communication skills, and relevant technical knowledge. Customer may modify its designated Technical Support Contacts at any time during the term of this Subscription Schedule by notifying Hyland in writing and giving Hyland five (5) business days to process the change. Technical Support Contacts will be the only interface to the Hyland customer support center. Hyland recommends that the Technical Support Contacts obtain the applicable Software certification by attending Hyland training courses. In an emergency, a Hyland customer support engineer will respond to an issue for an unauthorized contact on an exception basis, subject to later verification and involvement of a named Technical Support Contact.
5.7 Professional Services. Customer agrees that the Professional Services Terms, available at https://legal.hyland.com/Customer-Legal-Center#professional-services-schedule shall apply to all Professional Services (as that term is defined in the Professional Services Terms) provided by Hyland for Customer.
6. LIMITED WARRANTY FOR SOFTWARE.
6.1 Hyland warrants to Customer that during the term of this Subscription Schedule the Software will function in all material respects as described in the Documentation. The terms of this warranty shall not apply to, and Hyland shall have no liability for any non-conformity related to, the Software if: (a) any component of the Software has been modified, misused or abused by Customer or a third party, (b) any such non-conformity arises from or is related to problems within or impacting Customer’s computing environment, including any Customer third party software applications, hardware, network or internet connectivity, (c) if the Software is used in combination with equipment or software other than that which is provided by Hyland or is consistent with the Documentation; or (d) to the extent the Software is Retired Software.
6.2 Hyland’s sole obligation, and Customer’s sole exclusive remedy for any non-conformities to the express limited warranties under this Section shall be as follows: provided that Customer notifies Hyland in writing of the non-conformity, Hyland will either (a) correct the non-conforming component of the Software, which may include the delivery of a reasonable workaround for the non-conformity; or (b) if Hyland determines that correcting the non-conformity is not practicable, then terminate this Subscription Schedule with respect to the non-conforming component, in which event, upon compliance by Customer with its obligations under the Additional Effects or Consequences of Termination Section of this Subscription Schedule, Hyland will provide a refund to Customer of the “unused portion of pre-paid Subscription Fees” (as defined below) paid by Customer and attributable to the non-conforming component. The “unused portion of the prepaid Subscription Fees” shall mean an amount equal to the pro rata portion of the Subscription Fees prepaid by Customer, if any, for any portion of the then current term that would have remained after the effective date of termination.
7. INFRINGEMENT INDEMNIFICATION.
7.1 Generally. Hyland agrees to indemnify Customer against all liability and expense, including reasonable attorneys’ fees, arising from or in connection with any third party claim, action or proceeding instituted against Customer based upon any infringement or misappropriation by the Software of any patent, registered copyright or registered trademark of a third party, provided that Hyland: (a) is notified immediately after Customer receives notice of such claim; (b) is solely in charge of the defense of and any settlement negotiations with respect to such claim, provided that Hyland will not settle any such claim without the prior written consent of Customer if such settlement contains a stipulation to or admission or acknowledgement of any liability or wrongdoing on the part of Customer or otherwise requires payment by Customer; (c) receives Customer’s reasonable cooperation in the defense or settlement of such claim; and (d) has the right, upon either the occurrence of or the likelihood (in the opinion of Hyland) of the occurrence of a finding of infringement or misappropriation, either to procure for Customer the right to continue use of the Software, or to replace the relevant portions of the Software or with other equivalent, non-infringing portions.
7.2 Removal and Refund. If Hyland is unable to accomplish either of the options set forth in subparagraph (d) of the immediately preceding Section, Hyland shall remove the infringing portion of the Software and refund to Customer the “unused portion of prepaid Subscription Fees” (as defined below) paid by Customer, with respect to the infringing portion of the Software. For these purposes, the “unused portion of the prepaid Subscription Fees” shall mean an amount equal to the pro rata portion of the Subscription Fees prepaid by Customer, if any, for any portion of the then current term that would have remained after the effective date of termination.
7.3 Exclusions. Notwithstanding anything to the contrary, Hyland shall have no obligation to Customer to indemnify any claims made against Customer and otherwise described in the first subsection (Generally) of this Infringement Indemnification Section that arise from: (a) use of the Software by Customer other than as expressly permitted by the Agreement; (b) the combination of the Software with any product not furnished by Hyland to Customer; (c) the modification or addition to of the Software other than by Hyland or any of its authorized channel partners specifically retained by Hyland to provide such modification or addition; or (d) the Customer’s business methods or processes.
7.4 THIS INFRINGEMENT INDEMNIFICATION SECTION STATES HYLAND’S ENTIRE LIABILITY AND THE SOLE AND EXCLUSIVE REMEDY WITH RESPECT TO ANY ALLEGED INFRINGEMENT OR MISAPPROPRIATION OF INTELLECTUAL PROPERTY OR PROPRIETARY PROPERTY BY THE SOFTWARE.
8. ADDITIONAL TERMS AND CONDITIONS. If Hyland is a Hyland company set forth below, the additional or alternative terms and conditions set forth on the applicable Additional Terms Exhibit shall apply:
| Hyland Company | Additional Terms Exhibit |
| Hyland Software Brasil LTDA. Hyland Software Germany GmbH | Exhibit A Exhibit B |
9. CONTROLLING LANGUAGE. Hyland may make other versions of this Subscription Schedule available in other languages at this online location. This English language version of this Subscription Schedule controls over any version of the Subscription Schedule made available at this online location in another language if the Incorporating Document is in English. If the Incorporating Document is in a language other than English (such language, the “Other Language”), but this Subscription Schedule is not made available at this online location in the Other Language, this English language version controls over any other version of the Subscription Schedule that may be made available at this online location in another language.
Exhibit A
Hyland Software Brasil Ltda Additional Terms Exhibit
If Hyland is Hyland Software Brasil Ltda, this Exhibit A shall apply:
- The Subscription Fees Section of the Subscription Schedule shall be replaced in its entirety as follows:
Customer shall pay Subscription Fees to Hyland for the Software licensed hereunder in such amounts as are invoiced by Hyland; provided, that during the first year of the Initial Term of this Schedule (as defined herein), Customer shall pay Subscription Fees to Hyland for the initial Software licensed hereunder in accordance with the applicable Order Form. Hyland will adjust the Subscription Fees annually on each anniversary of the Effective Date of the Agreement by the last known accumulated value of IPCA for a period of twelve (12) months at the time Hyland issues the invoice. For all purposes, “IPCA” means the Índice de Preços para o Consumidor Amplo, as measured by IBGE, or any index created to replace this index. Hyland will invoice Customer on or after the Effective Date for Subscription Fees for the first year of the Initial Term. Such invoice shall be due and payable by Customer to Hyland in accordance with the General Terms. For any subsequent years, Hyland will invoice Customer for Subscription Fees prior to the beginning of such year, and such invoices shall be due and payable by Customer to Hyland on or before the beginning of such year. In the event Customer licenses additional Software modules under the Agreement, Hyland will invoice Customer for Subscription Fees for such additional Software modules on a pro rata basis upon Hyland’s acceptance of the purchase order for such additional Software modules. Such invoice shall be due and payable by Customer to Hyland in accordance with the General Terms. Thereafter, Subscription Fees relating to such additional Software shall be included in the subsequent invoices issued with respect to the existing licensed Software.
Exhibit B
Hyland Software Germany GmbH Additional Terms Exhibit
If Hyland is Hyland Software Germany GmbH, this Exhibit B shall apply:
The most current version of this page shall be such in effect as of 12:00am EST (Eastern Standard Time) of the date stamped on such online version.
Confidential – © 2023 Hyland Software, Inc.
Effective June 2nd 2023 to October 4th 2023
DownloadTable of Contents
SOFTWARE LICENSE AND MAINTENANCE SCHEDULE – SUBSCRIPTION
(Subscription License for Software, includes Maintenance and Support)
As of the Effective Date of the Incorporating Document (as defined below), this Software License and Maintenance Schedule – Subscription (this “Subscription Schedule”) is part of the Hyland Master Agreement or any other agreement entered into between Customer and Hyland, which incorporates this Subscription Schedule by reference (the “Incorporating Document”). As used herein, the “Agreement” means the Incorporating Document, inclusive of this Subscription Schedule.
DEFINED TERMS
All capitalized terms used in this Subscription Schedule shall have the meaning ascribed them in this Subscription Schedule or, if not defined in this Subscription Schedule, the General Terms Schedule. If any capitalized terms used herein are not defined in this Subscription Schedule or the General Terms Schedule, they shall have the meaning ascribed to them elsewhere in this Agreement. In the event the same defined term is defined in two (2) or more Schedules, the term shall be given the meaning defined in each Schedule with respect to that Schedule, and, if the term is also used within this Schedule, this Schedule shall be interpreted to include all definitions, as the context requires.
“Active Processes” means a process instance within the Alfresco Software that has not been completed, cancelled, or formally suspended. Processes that have been initiated – but which have not been completed, cancelled, or formally suspended, or which are in a “wait” state – shall constitute Active Processes regardless of the level of user or machine activity associated with those processes over time.
“Alfresco Community Versions” means the free, open source community versions that Hyland makes available at no charge, including without limitation Digital Business Platform, Alfresco Content Services, Alfresco Process Services and Records Management software.
“Alfresco Instance” means the installation of the Software into Customer’s individual repository or process environment using the license key generated by Hyland upon Customer’s execution of an Order Form or Hyland’s acceptance of Customer’s purchase order. The Alfresco Instance can be deployed over multiple physical or virtual servers limited to the number of Cores licensed to create one logical repository.
“Cores” means physical computer processing cores or virtual Central Processing Units (vCPUs), sold in groups of four Cores. As licensed by Hyland, an initial set of four Cores allows Customer to deploy the Alfresco Software on up to four physical cores, or up to four vCPUs, on a single server instance. If Customer purchases eight or more Cores, Customer may deploy the Software on physical cores or vCPUs equal to the number of Cores it has purchased, without limitation, as to the number of service instances upon which they can run. For example, if Customer purchases Alfresco Content Services (with eight Cores), Customer may deploy the Software on up or eight physical cores, or up to eight vCPUs, on any number of server instances.
“CPUs” means a single physical central processing unit with up to four (4) Cores on which the Alfresco Software may be installed or executed. In virtualized environments, a CPU is defined as an allocation of 1 to 4 virtual Cores to a given virtual machine instance. As an example, a virtual machine with 6 virtual Cores counts as 2 CPUs.
“Delivery” means: (a) the electronic downloading of the Software onto Customer’s systems, (b) the Software being made available by Hyland to Customer for electronic download onto Customer’s systems; or (c) the delivery by Hyland to Customer of a Production Certificate for such Software module(s) by Hyland either shipping (physically or electronically) the Production Certificate to Customer or making the Production Certificate available for electronic download by Customer (including through one of Hyland’s authorized channel partners).
“Documentation” means: (a) to the extent available, the “Help Files” included in the Software, or (b) if no such “Help Files” are included in the Software, such other documentation published by Hyland, in each case, which relate to the functional, operational or performance characteristics of the Software.
“Error” means any defect or condition inherent in the Software which is reported in accordance with this Agreement and which is confirmed by Hyland, that causes the Software to fail to function in any material respect as described in the Documentation.
“Error Correction Services” means Hyland’s reasonable efforts to correct an Error, which may be effected by a reasonable workaround.
“Initial Term” means, unless otherwise defined in the General Terms Schedule, and as used in this Subscription Schedule, (a) the initial term for which Customer has purchased products or services governed by this Subscription Schedule as set forth on the applicable Cover Page, Purchase Table Schedule, or Incorporating Document for such product or service; or (b) if an initial term is not set forth as described in (a), the three (3) year period that begins on the date of Hyland’s acceptance of the applicable purchase order.
“Maintenance and Support” means for Software, (a) Error Correction Services; (b) Technical Support Services; and (c) the availability of Upgrades and Enhancements in accordance with this Subscription Schedule.
“Order Form” means, unless otherwise defined in the General Terms Schedule, and as used in this Subscription Schedule, an Incorporating Document (or a Purchase Table included in an Incorporating Document) describing the Software or other products or services purchased, associated fees, and other terms agreed to by the parties.
“Production Certificate” means license codes, a license certificate, or an IFM file issued by Hyland and necessary for Customer to activate Software for Customer’s production use.
“Resolution” means Hyland provides Customer with a reasonable workaround, correction, or modification that solves or mitigates a reported Error.
“Subscription Fees” means periodic fees for the licensing of Software licensed under this Subscription Schedule and for Maintenance and Support for such Software, and payable by Customer to Hyland.
“Retired Software” means, at any particular time any Software product or version of the Software licensed under this Agreement which is identified as being retired on Hyland’s applicable secure end user web site. Hyland will specify on such web site Software modules or versions which become Retired Software. The effective date of such change will be twelve (12) months from the date Hyland initially posts the status change on its end user web site.
“Support Prioritization Attachment” is the document available at https://legal.hyland.com/Customer-Legal-Center#maintenance-and-support-prioritization-attachment.
“Technical Support Services” means telephone or online technical support related to problems reported by Customer and associated with the operation of any Software, including assistance and advice related to the operation of the Software.
“Upgrades and Enhancements” means any and all new versions, improvements, modifications, upgrades, updates, fixes and additions to Software that Hyland makes available to its end users generally during the term of this Schedule to correct Errors or deficiencies or enhance the capabilities of the Software, together with updates of the Documentation to reflect such new versions, improvements, modifications, upgrades, fixes or additions; provided, however, that the foregoing shall not include new, separate product offerings, new modules or re-platformed Software.
1. SOFTWARE LICENSE.
1.1 Grant of License. Subject to Customer’s payment in full of the Subscription Fees, and subject further to Customer’s compliance with this Agreement, Hyland grants to Customer a revocable, non-exclusive, non-assignable (except as provided in this Agreement), limited license to the Software, in machine-readable object code form only and associated Documentation; in each case solely for use:
(a) by Customer internally, and only for storing, processing and accessing Customer’s own data; and
(b) subject to the Contractor use restrictions set forth herein, by a third party contractor retained by Customer as a provider of services to Customer (“Contractor”), but only by the Contractor for capturing, storing, processing and accessing Customer’s own data in fulfillment of the Contractor’s contractual obligations as a service provider to Customer.
The Software and associated Documentation are licensed for use by a single organization and may not be used for processing of third-party data as a service bureau, application service provider or otherwise. Customer shall not make any use of the Software or associated Documentation in any manner not expressly permitted by this Agreement. Software subject to a regulatory control may only be installed in the country identified as the end user location in the purchase order. The Software may be located and hosted on computer servers owned and controlled by a third party. Such third party hosting provider shall be considered a Contractor, and subject to the requirements of the Contractor use restrictions set forth herein.
1.2 Use Restriction. The Software is licensed for a specific type of use, such as concurrently or on a specified workstation or by a specified individual and the Software may control such use. Certain Software products that are volume-based (which shall include the number of Cores, Alfresco Instances and/or users) may: (a no longer function if applicable volume limits have been exceeded; (b) require Customer to pay additional fees based on Customer’s volume usage; and/or (c) include functionality which monitors or tracks Customer usage and reports that usage. Customer acknowledges and agrees that additional fees may apply based on Customer's volume usage. Customer may not circumvent or attempt to circumvent this restriction by any means, including but not limited to changing the computer calendars. Use of software or hardware that reduces the number of users directly accessing or utilizing the Software (sometimes called “multiplexing” or “pooling” software or hardware) does not reduce the number of Software licenses required. The required number of Software licenses would equal the number of distinct inputs to the multiplexing or pooling software or hardware. Customer is prohibited from using any software other than the Software Client licenses, platforms or a Software application programming interface (API) to access the Software or any data stored in the Software database for any purpose other than generating reports or statistics regarding system utilization, unless Hyland has given its prior written consent to Customer’s use of such other software and Customer has paid to Hyland the applicable fees with respect to such access. Customer further agrees that the Software shall not be copied and installed on additional servers unless Customer has purchased a license therefore, and the number of users of the Software shall not exceed the number of users permitted by the Software licenses purchased by Customer. In the case of Alfresco Software, Customer will not combine, call, link to, or otherwise use the Software in conjunction with any Alfresco Community Version, or use any of the services for Alfresco Community Versions or for any unlicensed Cores or users.
1.3 Production and Test Systems. Unless otherwise stated in an Order Form, Customer shall be entitled to use one (1) production copy of the Software licensed and one (1) additional copy of the production environment licensed Software for customary remote disaster recovery purposes which may not be used as a production system concurrently with the operation of any other copy of the Software in a production environment. In addition, Customer shall also be entitled to license a reasonable number of additional copies of the production environment licensed Software to be used exclusively in a non-production environment and solely for the purposes of experimenting and testing the Software, developing integrations between the Software and other applications that integrate to the Software solely using integration functionality of the Software licensed by Customer under this Agreement, and training Customer’s employees on the Software (“Test Systems”). Customer may be required to provide to Hyland certain information relating to Customer’s intended use of such Test Systems such as the manufacturer, model number, serial number and installation site. Hyland reserves the right to further define the permitted use(s) and/or restrict the use(s) of the Test Systems. Customer’s sole recourse in the event of any dissatisfaction with any Software in any non-production system is to stop using such Software and return it to Hyland, provided that, to the extent that Customer is using the Test System for the purposes of testing an Upgrade or Enhancement of the Software prior to implementing the same in Customer’s production environment, then Customer may contact Hyland for the provision of Maintenance and Support as described in this Subscription Schedule. Customer shall not make any copies of the Software not specifically authorized by this Section 1.3.
1.4 Evaluation Software. From time to time Customer may elect to evaluate certain Software modules (“Evaluation Software”) for the purpose of determining whether or not to purchase a production license of such Evaluation Software. Evaluation Software is licensed for Customer’s use in a non-production environment. Notwithstanding anything to the contrary, as to any Evaluation Software, the Agreement and the limited license granted hereby will terminate on the earliest of: (a) last day of the evaluation period specified in the accepted order form delivered for such Evaluation Software; or (b) immediately upon the delivery of written notice to such effect by Hyland to Customer. Upon expiration or other termination of such period, Customer immediately shall either (y) discontinue any and all of use of the Evaluation Software and related Documentation and remove the Evaluation Software; or (z) deliver an order form with Hyland for purchase of such Evaluation Software.
1.5 Third Party Licenses. The Software may be bundled with software owned by third parties, including but not limited to those manufacturers listed in the Help About screen of the Software. Such third party software is licensed solely for use within the Software and is not to be used on a stand-alone basis. Notwithstanding the above, Customer acknowledges that, depending on the modules licensed, the Software may include open source software governed by an open source license, in which case the open source license (a copy of which is provided in the Software) may grant additional rights to such open source software. Additionally, in the case of such software to be downloaded and installed on a mobile device, if such software will be downloaded from the application market or store maintained by the manufacturer of the mobile device, then use of such software will be governed by the license terms for the software included at the applicable application store or market or presented to Customer or Customer’s user in the software, and this Agreement will not govern such use.
1.6 Integration Code. If applicable, Software also includes all adapters or connectors created by Hyland and provided as part of an integration between the Software and a third party line of business application (“Integration Code”). Software also includes any desktop host or other content services software provided by Hyland and downloaded on a user's computer used to extend functionality in Hyland’s products. Such Integration Code and desktop host may only be used in combination with other Software and in accordance with the terms of this Agreement.
1.7 Contractor Use Agreement. Customer agrees that if it desires to allow a Contractor to do any of the following:
(a) make use of the Software configuration tools, Software administrative tools or any of the Software’s application programming interfaces (“APIs”);
(b) make use of any training materials or attend any training courses, either online or in person, in either case related to the Software; or
(c) access any of Hyland’s secure websites (including, but not limited to Hyland.com/Community), either through Contractor’s use of Customer’s own log-in credentials or through credentials received directly or indirectly by Contractor;
then, Customer must cause such Contractor to execute a use agreement in a form available for download at Hyland’s Community website (“Contractor Use Agreement”). Customer understands and agrees that: (x) Customer may not allow a Contractor to do any of the foregoing if such Contractor has not signed a Contractor Use Agreement, and (y) Contractors may use the Software only in compliance with the terms of this Agreement, and (z) Customer is responsible for such compliance by all Contractors that do not execute a Contractor Use Agreement. Customer agrees that it shall indemnify Hyland from and against all claims, liabilities, losses, damages and costs, including, but not limited to, reasonable attorneys’ fees and court costs, which are suffered or incurred by Hyland and arise from or in connection with the breach or noncompliance with the terms of this Agreement by any Contractor that does not sign a Contractor Use Agreement.
1.8 No High Risk Use. The Software and/or any Hyland Cloud Services are not fault-tolerant and are not guaranteed to be error free or to operate uninterrupted. Such Software and/or Cloud Services are not designed or intended for use in any situation where failure or fault of any kind of the Software and/or Cloud Services could lead to death or serious bodily injury to any person, or to severe physical or environmental damage (“High Risk Use”). The Software and/or any Hyland Cloud Service is not licensed by Hyland to use in, or in conjunction with, High Risk Use. High Risk Use is STRICTLY PROHIBITED. High Risk Use includes, for example, the following: aircraft or other modes of human mass transportation, nuclear or chemical facilities, life support systems, implantable medical equipment, motor vehicles, or weaponry systems. High Risk Use does not include utilization of the Software or Cloud Services for administrative purposes, as an information resource for medical professionals, to store configuration data, engineering and/or configuration tools, or other non-control applications, the failure of which would not result in death, personal injury, or severe physical or environmental damage. These non-controlling applications may communicate with the applications that perform the control, but must not be directly or indirectly responsible for the control function. Customer agrees to indemnify and hold harmless Hyland from any third-party claim arising out of Customer's or its Contractors use of the Software and/or Cloud Services in connection with any High Risk Use.
1.9 Audit Rights. During the term of this Subscription Schedule and for one (1) year thereafter, upon reasonable notice to Customer, Hyland shall be permitted access to Customer’s facilities and records, during regular business hours, to audit Customer’s use of the Software solely in order to determine Customer’s compliance with the licensing and pricing terms this Agreement, including, where applicable, to measure Customer’s volume usage. Additionally, if requested by Hyland in connection with Software licensed on a volume basis, Customer shall provide reports that show Customer’s volume usage. Customer shall reasonably cooperate with Hyland with respect to its performance of such audit. Customer acknowledges and agrees that Customer is prohibited from publishing the results of any benchmark test using the Software to any third party without Hyland’s prior written approval, and that Customer has not relied on the future availability of any programs or services in entering into this Agreement.
1.10 The Software may contain functionality that allows Customer to access, link or integrate the Software with Customer’s applications or applications or services provided by third parties. Hyland has no responsibility for such applications or services, websites or content and does not endorse any third party web sites, applications or services that may be linked or integrated through the Software; any activities engaged in by Customer with such third parties is solely between Customer and such third party.
1.11 ACS Specific Restriction Only. If Customer purchases Alfresco Content Services (“ACS”), the following restriction shall apply: The Alfresco Content Services (ACS) includes a workflow capability along with a predetermined set of document-review and approval workflows, and a set of predetermined management-task functions. Customer may use and modify the predetermined workflows and management tasks that are provided with the ACS subscription. However, Customer may not use the workflow software to design, create or run other types of workflows, business processes and/or management tasks. A separate subscription for Alfresco Process Services (APS) software is required for any such uses.
1.12 Nuxeo Software. If Customer is purchasing Nuxeo Software, Nuxeo Software is subject to additional licensing terms, which are available at https://legal.hyland.com/NuxeoSubscriptionTerms.
2. SUBSCRIPTION FEES. Customer shall pay Subscription Fees to Hyland for the Software licensed hereunder in such amounts as are invoiced by Hyland; provided, that during the Initial Term of this Subscription Schedule (as defined herein), Customer shall pay Subscription Fees to Hyland for the initial Software licensed hereunder in accordance with the applicable Order Form. Following expiration of the Initial Term of this Subscription Schedule, Hyland may increase the Subscription Fees for the Software for any renewal period by up to ten percent (10%) of the previous year’s Subscription Fees. Hyland will invoice Customer on or after the Effective Date for Subscription Fees for the first year of the Initial Term. Such invoice shall be due and payable by Customer to Hyland in accordance with the General Terms Schedule. For any subsequent years, Hyland will invoice Customer for Subscription Fees prior to the beginning of such year, and such invoices shall be due and payable by Customer to Hyland on or before the beginning of such year. In the event Customer licenses additional Software modules under this Agreement, Hyland will invoice Customer for Subscription Fees for such additional Software modules on a pro rata basis upon Hyland’s acceptance of the purchase order for such additional Software modules. Such invoice shall be due and payable by Customer to Hyland in accordance with the General Terms Schedule. Thereafter, Subscription Fees relating to such additional Software shall be included in the subsequent invoices issued with respect to the existing licensed Software.
3. ADD-ON SERVICES. If Customer subscribes to an Add-On Service, the fees for such Add-On Service will be invoiced on a periodic basis, in advance, and Customer shall pay such invoices in accordance with the General Terms Schedule unless otherwise stated on an Order Form. Some Add-On Services may be priced on a volume basis, for which Add-On Services fees may be invoiced in arrears based on the applicable volume usage. Add-On Services may be subject to additional terms.
4. U.S. GOVERNMENT END USERS. To the extent applicable to Customer, the terms and conditions of the Agreement shall pertain to the U.S. Government’s use and/or disclosure of the Software, Add-On Services, and the Hyland Cloud Service, as the case may be, and shall supersede any conflicting contractual terms or conditions. By accepting the terms of the Agreement and/or the Delivery of the Software, Add-On Services and Hyland Cloud Service, as the case may be, the U.S. Government hereby agrees that the Software, including the Hosted 3rd Party Software included in the Hyland Cloud Service, and Add-On Services, as the case may be, qualify as “commercial” computer software within the meaning of ALL U.S. federal acquisition regulation(s) applicable to this procurement and that the Software and Add-On Services are developed exclusively at private expense. If this license fails to meet the U.S. Government’s needs or is inconsistent in any respect with Federal law, the U.S. Government agrees to return this Software, Add-On Services or Hyland Cloud Service, as the case may be, to Hyland. In addition to the foregoing, where DFARS is applicable, use, modification, reproduction, release, display, or disclosure of the Software, Add-On Services and Hyland Cloud Service, or Documentation, as the case may be, by the U.S. Government is subject solely to the terms of the Agreement, as stated in DFARS 227.7202, and the terms of the Agreement shall supersede any conflicting contractual term or conditions.
5. MAINTENANCE AND SUPPORT FOR SOFTWARE AND RETIRED SOFTWARE.
5.1 Maintenance and Support Terms. Except with respect to Retired Software, Hyland will provide Maintenance and Support in accordance with the Support Prioritization Attachment.
(a) Technical Support Services. Hyland will provide telephone or online technical support related to problems reported by Customer and associated with the operation of any Software, including assistance and advice related to the operation of the Software. Technical Support Services are not available for Retired Software.
(b) Error Correction Services. With respect to any Errors in the Software which are reported by Customer and which are confirmed by Hyland, in the exercise of its reasonable judgment, Hyland will use its reasonable efforts to correct the Error, which may be effected by a reasonable workaround. Hyland shall promptly commence to confirm any reported Errors after receipt of a proper report of such suspected Error from Customer. Hyland may elect to correct the Error in the current available or in the next available commercially released version of the Software and the Resolution may require the Customer to implement an Upgrade and Enhancement to obtain the correction. Error Correction Services are not available for Retired Software.
(c) Reporting Policies and Procedures Applicable to Technical Support Services and Error Correction Services.
(1) Customer Reporting Requirements. In requesting Technical Support Services and Error Correction Services, Customer will submit such requests through Hyland’s secure end user website, the details of which will be separately provided to Customer. Once such request is submitted through the end user website, Customer may call for Level 1 or Level 2 Severity Levels (support numbers are available through Hyland’s secure end user website). In the case of reporting an Error, Customer will provide Hyland with as much information and access to systems as reasonably possible to enable Hyland to investigate and attempt to identify and verify the Error. Customer will work with Hyland support personnel during the problem isolation process, as reasonably needed. Customer will notify Hyland of any configuration changes, such as network installation/expansion, Software upgrades, relocations, etc.
(2) Hyland Response Procedures. Hyland shall respond to all Technical Support Services requests and Error Correction Services requests in accordance with the Support Prioritization Attachment. With respect to Errors: (a) Hyland will respond based on the confirmed severity level of an Error; (b) Hyland may reclassify Errors as it learns information about such Errors during the resolution process; and (c) Hyland’s obligation for a reported Error concludes upon delivery of a Resolution in accordance with the Support Prioritization Attachment.
(d) Upgrades and Enhancements. Hyland will provide, in accordance with Hyland’s then current policies, as set forth from time to time on Hyland’s secure end user web site (currently www.hyland.com/community), all Upgrades and Enhancements, if and when released during the term of this Schedule.
5.2 Exclusions.
(a) Generally. Hyland is not responsible for providing, or obligated to provide, Maintenance and Support under this Agreement: (i) in connection with any Errors or problems that result in whole or in part from any alteration, revision, change, enhancement or modification of any nature of the Software, or from any error or defect in any configuration of the Software, which activities in any such case were undertaken by any party other than Hyland; (ii) in connection with any Error if Hyland has previously provided corrections for such Error which Customer fails to implement; (iii) in connection with any Errors or problems that have been caused by errors, defects, problems, alterations, revisions, changes, enhancements or modifications in the database, operating system, third party software (other than third party software embedded in the Software by Hyland), hardware or any system or networking utilized by Customer; (iv) if the Software or related software or systems have been subjected to abuse, misuse, improper handling, accident or neglect; or (v) if any party other than Hyland, or an authorized subcontractor specifically selected by Hyland, has provided any services in the nature of Maintenance and Support to Customer with respect to the Software. Maintenance and Support does not include any services that Hyland may provide in connection with assisting or completing an upgrade of Software with any available Upgrade and Enhancement.
(b) Work Products. Maintenance and Support is not provided for any Work Products (as defined in the Professional Services Schedule); however, if Customer desires Maintenance and Support regarding the operation or use of such Work Products, Customer may request such Maintenance and Support and the parties may agree to enter into a Services Proposal for such Maintenance and Support in accordance with the terms of the Professional Services Schedule.
(c) Excluded Software and Hardware. This Subscription Schedule does not govern, and Hyland shall not be responsible for, the maintenance or support of any software other than Software, or for any hardware or equipment of any kind or nature, whether or not obtained by Customer from Hyland.
5.3 Certain Other Responsibilities of Customer.
(a) Operation of the Software and Related Systems. Customer acknowledges and agrees that it is solely responsible for the operation, configuration, supervision, management and control of the Software and all related hardware and software (including the database software). Customer is solely responsible for: obtaining or providing training for its personnel; taking appropriate measures to isolate and backup or otherwise archive its computer systems, programs, data or files; and instituting appropriate security procedures and implementing reasonable procedures to examine and verify all output before use.
(b) Access to Premises and Systems. Customer shall make available reasonable access and use of Customer’s premises, and online access to Customer’s computer hardware, peripherals, Software and other software as Hyland deems necessary to diagnose and correct any Errors or to otherwise provide Maintenance and Support. Accordingly, Customer shall install and maintain means of communication and the appropriate communications software as mutually agreed upon by Hyland and Customer and an adequate connection with Hyland to facilitate Hyland’s on-line Maintenance and Support. Such right of access and use shall be provided at no cost or charge to Hyland.
5.4 Professional Services for Projects Not Covered by Technical Support Services or Error Correction Services. If Customer requests Professional Services which are outside the scope of Technical Support Services or Error Correction Services, Customer agrees that such services shall not be covered by this Section 5 and such services only shall be engaged pursuant to a Services Proposal under an applicable Professional Services Schedule.
5.5 Implementation of Upgrades And Enhancements to Regulated Products. Customer acknowledges and agrees that for regulatory compliance purposes, Customer may be required to engage Hyland under a Services Proposal to implement Upgrades and Enhancements to a regulated product. If Hyland offers a self-service option for implementing Upgrades and Enhancements to a regulated product, and the Customer chooses this option, Customer agrees to comply with the training, reporting, and documentation requirements established by Hyland to ensure that the implementation is performed and documented as required by applicable regulations.
5.6 Technical Support Contacts. Hyland will provide Maintenance and Support to the designated contacts, as identified by Customer (“Technical Support Contacts”). The Technical Support Contacts should have “read, write and execute” access to the necessary files, English language communication skills, and relevant technical knowledge. Customer may modify its designated Technical Support Contacts at any time during the term of this Subscription Schedule by notifying Hyland in writing and giving Hyland five (5) business days to process the change. Technical Support Contacts will be the only interface to the Hyland customer support center. Hyland recommends that the Technical Support Contacts obtain the applicable Software certification by attending Hyland training courses. In an emergency, a Hyland customer support engineer will respond to an issue for an unauthorized contact on an exception basis, subject to later verification and involvement of a named Technical Support Contact.
5.7 Professional Services. Customer agrees that the Professional Services Terms, available at https://legal.hyland.com/Customer-Legal-Center#professional-services-schedule shall apply to all Professional Services (as that term is defined in the Professional Services Terms) provided by Hyland for Customer.
6. LIMITED WARRANTY FOR SOFTWARE.
6.1 Hyland warrants to Customer that during the term of this Subscription Schedule the Software will function in all material respects as described in the Documentation. The terms of this warranty shall not apply to, and Hyland shall have no liability for any non-conformity related to, the Software if: (a) any component of the Software has been modified, misused or abused by Customer or a third party, (b) any such non-conformity arises from or is related to problems within or impacting Customer’s computing environment, including any Customer third party software applications, hardware, network or internet connectivity, (c) if the Software is used in combination with equipment or software other than that which is provided by Hyland or is consistent with the Documentation; or (d) to the extent the Software is Retired Software.
6.2 Hyland’s sole obligation, and Customer’s sole exclusive remedy for any non-conformities to the express limited warranties under this Section shall be as follows: provided that Customer notifies Hyland in writing of the non-conformity, Hyland will either (a) correct the non-conforming component of the Software, which may include the delivery of a reasonable workaround for the non-conformity; or (b) if Hyland determines that correcting the non-conformity is not practicable, then terminate this Subscription Schedule with respect to the non-conforming component, in which event, upon compliance by Customer with its obligations under the Additional Effects or Consequences of Termination Section of this Subscription Schedule, Hyland will provide a refund to Customer of the “unused portion of pre-paid Subscription Fees” (as defined below) paid by Customer and attributable to the non-conforming component. The “unused portion of the prepaid Subscription Fees” shall mean an amount equal to the pro rata portion of the Subscription Fees prepaid by Customer, if any, for any portion of the then current term that would have remained after the effective date of termination.
7. INFRINGEMENT INDEMNIFICATION.
7.1 Generally. Hyland agrees to indemnify Customer against all liability and expense, including reasonable attorneys’ fees, arising from or in connection with any third party claim, action or proceeding instituted against Customer based upon any infringement or misappropriation by the Software of any patent, registered copyright or registered trademark of a third party, provided that Hyland: (a) is notified immediately after Customer receives notice of such claim; (b) is solely in charge of the defense of and any settlement negotiations with respect to such claim, provided that Hyland will not settle any such claim without the prior written consent of Customer if such settlement contains a stipulation to or admission or acknowledgement of any liability or wrongdoing on the part of Customer or otherwise requires payment by Customer; (c) receives Customer’s reasonable cooperation in the defense or settlement of such claim; and (d) has the right, upon either the occurrence of or the likelihood (in the opinion of Hyland) of the occurrence of a finding of infringement or misappropriation, either to procure for Customer the right to continue use of the Software, or to replace the relevant portions of the Software or with other equivalent, non-infringing portions.
7.2 Removal and Refund. If Hyland is unable to accomplish either of the options set forth in subparagraph (d) of the immediately preceding Section, Hyland shall remove the infringing portion of the Software and refund to Customer the “unused portion of prepaid Subscription Fees” (as defined below) paid by Customer, with respect to the infringing portion of the Software. For these purposes, the “unused portion of the prepaid Subscription Fees” shall mean an amount equal to the pro rata portion of the Subscription Fees prepaid by Customer, if any, for any portion of the then current term that would have remained after the effective date of termination.
7.3 Exclusions. Notwithstanding anything to the contrary, Hyland shall have no obligation to Customer to indemnify any claims made against Customer and otherwise described in the first subsection (Generally) of this Infringement Indemnification Section that arise from: (a) use of the Software by Customer other than as expressly permitted by this Agreement; (b) the combination of the Software with any product not furnished by Hyland to Customer; (c) the modification or addition to of the Software other than by Hyland or any of its authorized channel partners specifically retained by Hyland to provide such modification or addition; or (d) the Customer’s business methods or processes.
7.4 THIS INFRINGEMENT INDEMNIFICATION SECTION STATES HYLAND’S ENTIRE LIABILITY AND THE SOLE AND EXCLUSIVE REMEDY WITH RESPECT TO ANY ALLEGED INFRINGEMENT OR MISAPPROPRIATION OF INTELLECTUAL PROPERTY OR PROPRIETARY PROPERTY BY THE SOFTWARE.
8. TERM; TERMINATION.
8.1 Term.Subject to the termination provisions set forth in Termination for Breach Section of the General Terms Schedule, the initial term of this Schedule will be the Initial Term; and such term will automatically renew thereafter for successive Renewal Terms, unless and until either party provides at least thirty (30) days advance written notice of non-renewal, in which case the Agreement shall terminate at the end of the then current term. “Renewal Terms” shall be a period of one (1) year each unless a renewal Order Form defines a different Renewal Term for the applicable renewal period. The Schedule will not terminate unless and until all Software subscriptions purchased have terminated or expired.
8.2 Additional Effects or Consequences of Termination. In addition to Term and Termination provisions of the General Terms Schedule, upon any termination of this Subscription Schedule in its entirety, any license to use the Software will automatically terminate without other or further action on the part of any party; and Customer shall immediately: (a) discontinue any and all use of the Software and Documentation; and (b) either (i) return the Software and Documentation to Hyland, or (ii) with the prior permission of Hyland, destroy the Software and Documentation and certify in writing to Hyland that Customer has completed such destruction.
9. ADDITIONAL TERMS AND CONDITIONS. If Hyland is a Hyland company set forth below, the additional or alternative terms and conditions set forth on the applicable Additional Terms Exhibit shall apply:
Hyland Company Additional Terms Exhibit
Hyland Software Brasil Ltda Exhibit A
Hyland Software Germany GmbH Exhibit B
10. CONTROLLING LANGUAGE. Hyland may make other versions of this Subscription Schedule available in other languages at this online location. This English language version of this Subscription Schedule controls over any version of the Subscription Schedule made available at this online location in another language if the Incorporating Document is in English. If the Incorporating Document is in a language other than English (such language, the “Other Language”), but this Subscription Schedule is not made available at this online location in the Other Language, this English language version controls over any other version of the Subscription Schedule that may be made available at this online location in another language.
Exhibit A
Hyland Software Brasil Ltda Additional Terms Exhibit
If Hyland is Hyland Software Brasil Ltda, this Exhibit A shall apply:
- The Subscription Fees Section of the Subscription Schedule shall be replaced in its entirety as follows:
Customer shall pay Subscription Fees to Hyland for the Software licensed hereunder in such amounts as are invoiced by Hyland; provided, that during the first year of the Initial Term of this Schedule (as defined herein), Customer shall pay Subscription Fees to Hyland for the initial Software licensed hereunder in accordance with the applicable Order Form. Hyland will adjust the Subscription Fees annually on each anniversary of the Effective Date of this Agreement by the last known accumulated value of IPCA for a period of twelve (12) months at the time Hyland issues the invoice. For all purposes, “IPCA” means the Índice de Preços para o Consumidor Amplo, as measured by IBGE, or any index created to replace this index. Hyland will invoice Customer on or after the Effective Date for Subscription Fees for the first year of the Initial Term. Such invoice shall be due and payable by Customer to Hyland in accordance with the General Terms. For any subsequent years, Hyland will invoice Customer for Subscription Fees prior to the beginning of such year, and such invoices shall be due and payable by Customer to Hyland on or before the beginning of such year. In the event Customer licenses additional Software modules under this Agreement, Hyland will invoice Customer for Subscription Fees for such additional Software modules on a pro rata basis upon Hyland’s acceptance of the purchase order for such additional Software modules. Such invoice shall be due and payable by Customer to Hyland in accordance with the General Terms. Thereafter, Subscription Fees relating to such additional Software shall be included in the subsequent invoices issued with respect to the existing licensed Software.
Exhibit B
Hyland Software Germany GmbH Additional Terms Exhibit
If Hyland is Hyland Software Germany GmbH, this Exhibit B shall apply:
The most current version of this page shall be such in effect as of 12:00am EST (Eastern Standard Time) of the date stamped on such online version.
Confidential – © 2023 Hyland Software, Inc.
Effective December 8th 2022 to June 2nd 2023
DownloadTable of Contents
SOFTWARE LICENSE AND MAINTENANCE SCHEDULE- SUBSCRIPTION
(Subscription License for Software, includes Maintenance and Support)
This Software License and Maintenance Schedule – Subscription (the “Subscription Schedule”) forms a part of the Hyland Master Agreement or any other agreement between Customer and Hyland (the “Agreement”) which incorporates this Subscription Schedule by reference.
DEFINED TERMS:
All capitalized terms used in this Subscription Schedule shall have the meaning ascribed them in this Subscription Schedule or, if not defined in this Subscription Schedule, the General Terms Schedule. If any capitalized terms used herein are not defined in this Subscription Schedule or the General Terms Schedule, they shall have the meaning ascribed to them elsewhere in the Agreement.
“Alfresco Community Versions” means the free, open source community versions that Hyland makes available at no charge, including without limitation Digital Business Platform, Alfresco Content Services, Alfresco Process Services and Records Management software
“Cores” means physical computer processing cores or virtual Central Processing Units (vCPUs), sold in groups of four Cores. As licensed by Hyland, an initial set of four Cores allows Customer to deploy the Software on up to four physical cores, or up to four vCPUs, on a single server instance. If Customer purchases eight or more Cores, Customer may deploy the Software on physical cores or vCPUs equal to the number of Cores it has purchased, without limitation, as to the number of service instances upon which they can run.
“CPUs” means a single physical central processing unit with up to four (4) Cores on which the Software may be installed or executed. In virtualized environments, a CPU is defined as an allocation of 1 to 4 virtual Cores to a given virtual machine instance. As an example, a virtual machine with 6 virtual Cores counts as 2 CPUs.
“Delivery” means: (i) the electronic downloading of the Software onto Customer’s systems, (ii) the Software being made available by Hyland to Customer for electronic download onto Customer’s systems; or (iii) the delivery by Hyland to Customer of a Production Certificate for such Software by Hyland either shipping (physically or electronically) the Production Certificate to Customer or making the Production Certificate available for electronic download by Customer (including through one of Hyland’s authorized solution providers).
“Documentation” means: (1) to the extent available, the “Help Files” included in the Software, or (2) if no such “Help Files” are included in the Software, such other documentation published by Hyland, in each case, which relate to the functional, operational or performance characteristics of the Software.
“Error” means any defect or condition inherent in the Software which is reported by Customer in accordance with the Agreement and which is confirmed by Hyland, that causes the Software to fail to function in any material respect as described in the Documentation.
“Error Correction Services” means Hyland’s reasonable efforts to correct an Error, which may be effected by a reasonable workaround.
“Initial Term” means (i) the initial term for which Customer has purchased particular products or services as set forth on the applicable Order Form for such product or service; if there is no Order Form or the Order Form does not state an initial term, the Initial Term shall be the three (3) year period that begins on the date of Hyland’s acceptance of the applicable Purchase Order or the Effective Date of the Order Form, as applicable; and (ii) with respect to any Schedule that governs the products or services purchased, shall be the Initial Term as defined in (i).
“Maintenance and Support Prioritization Attachment” is the document available at https://legal.hyland.com/Customer-Legal-Center#maintenance-and-support-prioritization-attachment.
“Production Certificate” means: license codes, a license certificate, or an IFM file issued by Hyland and necessary for Customer to activate Software for Customer’s production use.
“Resolution” means Hyland provides Customer with a reasonable workaround, correction, or modification that solves or mitigates a reported Error.
“Subscription Fees” means periodic fees for the licensing of Software licensed under this Subscription Schedule and for Maintenance and Support for such Software, and payable by Customer to Hyland.
“Retired Software” means, at any particular time during a maintenance period covered by this Subscription Schedule, any Software product or version of the Software licensed by Customer from Hyland under the Agreement which is identified as being retired on Hyland’s applicable secure end user web site. Hyland will specify on its end user web site Software or versions which become Retired Software. The effective date of such change will be twelve (12) months from the date Hyland initially posts the status change on its end user web site, and Customer will receive notice as a registered user of Hyland’s applicable secure end user web site.
“Technical Support Services” means telephone or online technical support related to problems reported by Customer and associated with the operation of any Software, including assistance and advice related to the operation of the Software.
“Upgrades and Enhancements” means any and all new versions, improvements, modifications, upgrades, updates, fixes and additions to Software that Hyland makes available to Customer or to Hyland’s end users generally during any maintenance period under this Subscription Schedule to correct Errors or deficiencies or enhance the capabilities of the Software, together with updates of the Documentation to reflect such new versions, improvements, modifications, upgrades, fixes or additions; provided, however, that the foregoing shall not include new, separate product offerings, new Software or re-platformed Software.
1. SOFTWARE LICENSE.
1.1 Grant of License. Subject to Customer’s payment in full of the Subscription Fees, and subject further to Customer’s compliance with the Agreement, Hyland grants to Customer a revocable, non-exclusive, non-assignable (except as provided in the General Terms Schedule), limited license to use the Software, in machine-readable object code form only and associated Documentation; in each case solely for use:
(a) by Customer internally, and only for storing, processing and accessing Customer’s own data; and
(b) subject to Section 1.7 below, by a third party contractor retained by Customer as a provider of services to Customer (“Contractor”), but only by the Contractor for capturing, storing, processing and accessing Customer’s own data in fulfillment of the Contractor’s contractual obligations as a service provider to Customer.
The Software and associated Documentation are licensed for use by a single organization and may not be used for processing of third-party data as a service bureau, application service provider or otherwise. Customer shall not make any use of the Software or associated Documentation in any manner not expressly permitted by the Agreement. Software subject to a regulatory control may only be installed in the country identified as the end user location in the purchase order. The Software may be located and hosted on computer servers owned and controlled by a third party. Such third party hosting provider shall be considered a Contractor, and subject to the requirements of Section 1.7 below
1.2 Use Restriction. The Software is licensed for a specific type of use, such as concurrently or on a specified workstation or by a specified individual and the Software may control such use. Certain Software products that are volume-based (which shall include the number of Cores and/or users) may: (i) no longer function if applicable volume limits have been exceeded; (ii) require Customer to pay additional fees based on Customer’s volume usage; and/or (iii) include functionality which monitors or tracks Customer usage and reports that usage. Customer acknowledges and agrees that additional fees may apply based on Customer's volume usage. Customer may not circumvent or attempt to circumvent this restriction by any means, including but not limited to changing the computer calendars. Use of software or hardware that reduces the number of users directly accessing or utilizing the Software (sometimes called “multiplexing” or “pooling” software or hardware) does not reduce the number of Software licenses required. The required number of Software licenses would equal the number of distinct inputs to the multiplexing or pooling software or hardware. Customer is prohibited from using any software other than the Software Client licenses, platforms or a Software application programming interface (API) to access the Software or any data stored in the Software database for any purpose other than generating reports or statistics regarding system utilization, unless Hyland has given its prior written consent to Customer’s use of such other software and Customer has paid to Hyland the Subscription Fees with respect to such access. Customer further agrees that the Software shall not be copied and installed on additional servers unless Customer has purchased a license therefore, and the number of users of the Software shall not exceed the number of users permitted by the Software licenses purchased by Customer. In the case of Software branded by Hyland as Alfresco, Customer will not combine, call, link to, or otherwise use the Software in conjunction with any Alfresco Community Version, or use any of the services for Alfresco Community Versions or for any unlicensed Cores or users.
1.3 Production and Test Systems. Unless otherwise stated in an Order Form, Customer shall be entitled to use one (1) production copy of the Software licensed and one (1) additional copy of the production environment licensed Software for customary remote disaster recovery purposes which may not be used as a production system concurrently with the operation of any other copy of the Software in a production environment. In addition, Customer shall also be entitled to license a reasonable number of additional copies of the production environment licensed Software to be used exclusively in a non-production environment and solely for the purposes of experimenting and testing the Software, developing integrations between the Software and other applications that integrate to the Software solely using integration Software licensed by Customer under the Agreement, and training Customer’s employees on the Software (“Test Systems”). Customer may be required to provide to Hyland certain information relating to Customer’s intended use of such Test Systems such as the manufacturer, model number, serial number and installation site. Hyland reserves the right to further define the permitted use(s) and/or restrict the use(s) of the Test Systems. Customer’s sole recourse in the event of any dissatisfaction with any Software in any non-production system is to stop using such Software and return it to Hyland, provided that, to the extent that Customer is using the Test System for the purposes of testing an Upgrade or Enhancement of the Software prior to implementing the same in Customer’s production environment, then Customer may contact Hyland for the provision of Maintenance and Support as described in this Subscription Schedule. Customer shall not make any copies of the Software not specifically authorized by this Section 1.3.
1.4 Evaluation Software. From time to time Customer may elect to evaluate certain Software (“Evaluation Software”) for the purpose of determining whether or not to purchase a production license of such Evaluation Software. Evaluation Software is licensed for Customer’s use in a non-production environment. Notwithstanding anything to the contrary, as to any Evaluation Software, the Agreement and the limited license granted hereby will terminate on the earliest of: (a) last day of the evaluation period specified in the accepted purchase order delivered for such Evaluation Software; or (b) immediately upon the delivery of written notice to such effect by Hyland to Customer. Upon expiration or other termination of such period, Customer immediately shall either (y) discontinue any and all of use of the Evaluation Software and related Documentation and remove the Evaluation Software; or (z) deliver a purchase order or execute an Order Form with Hyland for purchase of such Evaluation Software.
1.5 Third Party Licenses. The Software may be bundled with software owned by third parties, including but not limited to those manufacturers listed in the Help About screen of the Software. Such third party software is licensed solely for use within the Software and is not to be used on a stand-alone basis. Notwithstanding the above, Customer acknowledges that, depending on the Software licensed, the Software may include open source software governed by an open source license, in which case the open source license (a copy of which is provided in the Software) may grant you additional rights to such open source software. Additionally, in the case of such software to be downloaded and installed on a mobile device, if such software will be downloaded from the application market or store maintained by the manufacturer of the mobile device, then use of such software will be governed by the license terms for the software included at the applicable application store or market or presented to Customer or Customer’s user in the software, and the Agreement will not govern such use.
1.6 Integration Code. If applicable, Software also includes all adapters or connectors created by Hyland and provided to you by Hyland as part of an integration between the Software and a third party line of business application (“Integration Code”). Software also includes any desktop host or other content services software provided by Hyland and downloaded on a user's computer used to extend functionality in Hyland's products. Such Integration Code and desktop host may only be used in combination with other Software and in accordance with the terms of the Agreement.
1.7 Contractor Use Agreement. Customer agrees that if it desires to allow a Contractor to do any of the following:
(a) make use of the Software configuration tools, Software administrative tools or any of the Software’s application programming interfaces (“APIs”);
(b) make use of any training materials or attend any training courses, either online or in person, in either case related to the Software; or
(c) access any of Hyland’s secure websites (including, but not limited to Hyland.com/Community), either through Contractor’s use of Customer’s own log-in credentials or through credentials received directly or indirectly by Contractor;
then, Customer must cause such Contractor to execute a use agreement in a form available for download at Hyland’s Community website (“Contractor Use Agreement”). Customer understands and agrees that: (x) Customer may not allow a Contractor to do any of the foregoing if such Contractor has not signed a Contractor Use Agreement, and (y) Contractors may use the Software only in compliance with the terms of the Agreement, and (z) Customer is responsible for such compliance by all Contractors that do not execute a Contractor Use Agreement. Customer agrees that it shall indemnify Hyland from and against all claims, liabilities, losses, damages and costs, including, but not limited to, reasonable attorneys’ fees and court costs, which are suffered or incurred by Hyland and arise from or in connection with the breach or noncompliance with the terms of the Agreement by any Contractor that does not sign a Contractor Use Agreement.
1.8 No High Risk Use. The Software is not fault-tolerant and is not guaranteed to be error free or to operate uninterrupted. The Software is not designed or intended for use in any situation where failure or fault of any kind of the Software could lead to death or serious bodily injury to any person, or to severe physical or environmental damage (“High Risk Use”). Customer is not licensed to use the Software in, or in conjunction with, High Risk Use. High Risk Use is STRICTLY PROHIBITED. High Risk Use includes, for example, the following: aircraft or other modes of human mass transportation, nuclear or chemical facilities, life support systems, implantable medical equipment, motor vehicles, or weaponry systems. High Risk Use does not include utilization of the Software for administrative purposes, as an information resource for medical professionals, to store configuration data, engineering and/or configuration tools, or other non-control applications, the failure of which would not result in death, personal injury, or severe physical or environmental damage. These non- controlling applications may communicate with the applications that perform the control, but must not be directly or indirectly responsible for the control function. Customer agrees not to use, distribute or sublicense the use of the Software in, or in connection with, any High Risk Use." Customer agrees to indemnify and hold harmless Hyland from any third-party claim arising out of Customer’s use of the Software in connection with any High Risk Use.
1.9 Audit Rights. During the term of this Subscription Schedule and for one (1) year thereafter, upon reasonable notice to Customer, Hyland shall be permitted access to Customer’s facilities and records, during regular business hours, to audit Customer’s use of the Software solely in order to determine Customer’s compliance with the licensing and pricing terms the Agreement, including, where applicable, to measure Customer’s volume usage. Additionally, if requested by Hyland in connection with Software licensed on a volume basis, Customer shall provide reports that show Customer’s volume usage. Customer shall reasonably cooperate with Hyland with respect to its performance of such audit. Customer acknowledges and agrees that Customer is prohibited from publishing the results of any benchmark test using the Software to any third party without Hyland’s prior written approval, and that Customer has not relied on the future availability of any programs or services in entering into the Agreement.
1.10 AnyDoc. The optional AccuZip component of the OCR for AnyDoc and AnyDoc EXCHANGEit Software products contains material obtained under agreement from the United States Postal Service (USPS) and must be kept current via an update plan provided by Hyland to maintain Customer’s continued right to use. The USPS has contractually required Hyland to include “technology which automatically disables access to outdated [zip code] products.” This technology disables only the AccuZip component and is activated only if AccuZip is not updated on a regular and timely basis. Hyland regularly updates the zip code list as part of Maintenance and Support for the AccuZip module.
1.11 The Software may contain functionality that allows Customer to access, link or integrate the Software with Customer’s applications or applications or services provided by third parties. Hyland has no responsibility for such applications or services, websites or content and does not endorse any third party web sites, applications or services that may be linked or integrated through the Software; any activities engaged in by Customer with such third parties is solely between Customer and such third party.
1.12 Alfresco Content Services Specific Restriction Only. If Customer purchases Alfresco Content Services (“ACS”), the following restriction shall apply: The Alfresco Content Services (ACS) includes a workflow capability along with a predetermined set of document-review and approval workflows, and a set of predetermined management-task functions. Customer may use and modify the predetermined workflows and management tasks that are provided with the ACS subscription. However, Customer may not use the workflow software to design, create or run other types of workflows, business processes and/or management tasks. A separate subscription for Alfresco Process Services (APS) software is required for any such uses.
1.13 Nuxeo Software. If Customer is purchasing Software branded by Hyland as Nuxeo, Nuxeo Software is subject to additional licensing terms, which are available at https://legal.hyland.com/Customer-Legal-Center#nuxeo-subscription-terms .
2. SUBSCRIPTION FEES. Customer shall pay Subscription Fees to Hyland for the Software licensed hereunder in such amounts as are invoiced by Hyland; provided, that during the Initial Term of this Subscription Schedule (as defined in this Subscription Schedule or in an applicable Order Form), Customer shall pay Subscription Fees to Hyland for the initial Software licensed hereunder in accordance with the applicable Purchase Table Schedule or Order Form. Following expiration of the Initial Term of this Subscription Schedule, Hyland may increase the Subscription Fees for the Software for any renewal period by up to ten percent (10%) of the previous year’s Subscription Fees. Hyland will invoice Customer on or after the Effective Date for Subscription Fees for the first year of the Initial Term. Such invoice shall be due and payable by Customer to Hyland in accordance with the General Terms Schedule. For any subsequent years, Hyland will invoice Customer for Subscription Fees prior to the beginning of such year, and such invoices shall be due and payable by Customer to Hyland on or before the beginning of such year. In the event Customer licenses additional Software under the Agreement, Hyland will invoice Customer for Subscription Fees for such additional Software on a pro rata basis upon execution by the parties of a new Order Form or Hyland’s acceptance of the purchase order for such additional Software. Unless otherwise stated on an applicable Order Form, such invoice shall be due and payable by Customer to Hyland in accordance with the General Terms Schedule. Thereafter, Subscription Fees relating to such additional Software shall be included in the subsequent invoices issued with respect to the existing licensed Software.
3. ADD-ON SERVICES. If Customer subscribes to an Add-On Service, the fees for such Add-On Service will be invoiced on a periodic basis, in advance, and Customer shall pay such invoices in accordance with the General Terms Schedule unless otherwise stated on an applicable Order Form for an Add-On Service. Some Add-On Services may be priced on a volume basis, for which Add-On Services fees may be invoiced in arrears based on the applicable volume usage. Add-On Services may be subject to an additional Schedule or terms added to an Order Form.
4. U.S. GOVERNMENT END USERS. To the extent applicable to Customer, the terms and conditions of the Agreement shall pertain to the U.S. Government’s use and/or disclosure of the Software and Add-On Services, and shall supersede any conflicting contractual terms or conditions. By accepting the terms of the Agreement and/or the Delivery of the Software and Add-On Services, the U.S. Government hereby agrees that the Software and Add-On Services qualify as “commercial” computer software within the meaning of ALL U.S. federal acquisition regulation(s) applicable to this procurement and that the Software and Add-On Services are developed exclusively at private expense. If this license fails to meet the U.S. Government’s needs or is inconsistent in any respect with Federal law, the U.S. Government agrees to return this Software and Add-On Services to Hyland. In addition to the foregoing, where DFARS is applicable, use, modification, reproduction, release, display, or disclosure of the Software and Add-On Services, or Documentation by the U.S. Government is subject solely to the terms of the Agreement, as stated in DFARS 227.7202, and the terms of the Agreement shall supersede any conflicting contractual term or conditions.
5. MAINTENANCE AND SUPPORT FOR SOFTWARE AND RETIRED SOFTWARE.
5.1 MAINTENANCE AND SUPPORT TERMS. Except with respect to Retired Software, and notwithstanding anything to the contrary, Hyland will provide Maintenance and Support in accordance with the Maintenance and Support Prioritization Attachment.
(a) Technical Support Services. Hyland will provide telephone or online technical support related to problems reported by Customer and associated with the operation of any Software, including assistance and advice related to the operation of the Software. Technical Support Services are not available for Retired Software.
(b) Error Correction Services. With respect to any Errors in the Software which are reported by Customer and which are confirmed by Hyland, in the exercise of its reasonable judgment, Hyland will use its reasonable efforts to correct the Error, which may be effected by a reasonable workaround. Hyland shall promptly commence to confirm any reported Errors after receipt of a proper report of such suspected Error from Customer. Hyland may elect to correct the Error in the current available or in the next available commercially released version of the Software and the Resolution may require the Customer to implement an Upgrade and Enhancement to obtain the correction. Error Correction Services are not available for Retired Software.
(c) Reporting Policies and Procedures Applicable to Technical Support Services and Error Correction Services.
(1) Customer Reporting Requirements. In requesting Technical Support Services and Error Correction Services, Customer will submit such requests through Hyland’s secure end user website, the details of which will be separately provided to Customer. Once such request is submitted through the end user website, to the extent provided by Hyland through Hyland’s secure end user website , Customer may call for Level 1 or Level 2 Severity Levels. In the case of reporting an Error, Customer will provide Hyland with as much information and access to systems as reasonably possible to enable Hyland to investigate and attempt to identify and verify the Error, which shall include, to the extent applicable, functioning test code that reproduces and isolates each issue. Customer will work with Hyland support personnel during the problem isolation process, as reasonably needed. Customer will notify Hyland of any configuration changes, such as network installation/expansion, Software upgrades, relocations, etc.
(2) Hyland Response Procedures. Hyland shall respond to all Technical Support Services requests and Error Correction Services requests in accordance with the Maintenance and Support Prioritization Attachment. With respect to Errors: (a) Hyland will respond based on the confirmed severity level of an Error; (b) Hyland may reclassify Errors as it learns information about such Errors during the resolution process; and (c) Hyland’s obligation for a reported Error concludes upon delivery of a Resolution in accordance with the Maintenance and Support Prioritization Attachment.
(d) Upgrades and Enhancements. Hyland will provide all Upgrades and Enhancements, if and when released during the term of this Subscription Schedule. Upgrades and Enhancements are not available for Retired Software.
5.2 EXCLUSIONS.
(a) Generally. Hyland is not responsible for providing, or obligated to provide, Maintenance and Support under the Agreement: (1) in connection with any Errors or problems that result in whole or in part from any alteration, revision, change, enhancement or modification of any nature of the Software, or from any error or defect in any configuration of the Software, which activities in any such case were undertaken by any party other than Hyland; (2) in connection with any Error if Hyland has previously provided corrections for such Error which Customer fails to implement; (3) in connection with any Errors or problems that have been caused by errors, defects, problems, alterations, revisions, changes, enhancements or modifications in the database, operating system, third party software (other than third party software embedded in the Software by Hyland), hardware or any system or networking utilized by Customer; (4) if the Software or related software or systems have been subjected to abuse, misuse, improper handling, accident or neglect; or (5) if any party other than Hyland, or an authorized subcontractor specifically selected by Hyland, has provided any services in the nature of Maintenance and Support to Customer with respect to the Software. Maintenance and Support does not include any services that Hyland may provide in connection with assisting or completing an upgrade of Software with any available Upgrade and Enhancement.
(b) Work Products. Maintenance and Support is not provided for any Work Products (as defined in the Professional Services Schedule); however, if Customer desires Maintenance and Support regarding the operation or use of such Work Products, Customer may request such Maintenance and Support and the parties may agree to enter into a Services Proposal for such Maintenance and Support in accordance with the terms of the Professional Services Schedule.
(c) Excluded Software and Hardware. This Subscription Schedule does not govern, and Hyland shall not be responsible for, the maintenance or support of any software other than Software, or for any hardware or equipment of any kind or nature, whether or not obtained by Customer from Hyland.
5.3 CERTAIN OTHER RESPONSIBILITIES OF CUSTOMER.
(a) Operation of the Software and Related Systems. Customer acknowledges and agrees that it is solely responsible for the operation, configuration, supervision, management and control of the Software and all related hardware and software (including the database software). Customer is solely responsible for: obtaining or providing training for its personnel; taking appropriate measures to isolate and backup or otherwise archive its computer systems, programs, data or files; and instituting appropriate security procedures and implementing reasonable procedures to examine and verify all output before use.
(b) Access to Premises and Systems. Customer shall make available reasonable access and use of Customer’s premises, and online access to Customer’s computer hardware, peripherals, Software and other software as Hyland deems necessary to diagnose and correct any Errors or to otherwise provide Maintenance and Support. Accordingly, Customer shall install and maintain means of communication and the appropriate communications software as mutually agreed upon by Hyland and Customer and an adequate connection with Hyland to facilitate Hyland’s on-line Maintenance and Support. Such right of access and use shall be provided at no cost or charge to Hyland.
5.4 PROFESSIONAL SERVICES FOR PROJECTS NOT COVERED BY TECHNICAL SUPPORT SERVICES OR ERROR CORRECTION SERVICES. If Customer requests Professional Services which are outside the scope of Technical Support Services or Error Correction Services, Customer agrees that such services shall not be covered by this Section 5 and such services only shall be engaged pursuant to a Services Proposal under an applicable Professional Services Schedule.
5.5 IMPLEMENTATION OF UPGRADES AND ENHANCEMENTS TO REGULATED PRODUCTS. Customer acknowledges and agrees that for regulatory compliance purposes, Customer may be required to engage Hyland under a Services Proposal to implement Upgrades and Enhancements to a regulated product. If Hyland offers a self-service option for implementing Upgrades and Enhancements to a regulated product, and the Customer chooses this option, Customer agrees to comply with the training, reporting, and documentation requirements established by Hyland to ensure that the implementation is performed and documented as required by applicable regulations.
5.6 TECHNICAL SUPPORT CONTACTS. Hyland will provide Maintenance and Support to the designated contacts, as identified by Customer (“Technical Support Contacts”). The Technical Support Contacts should have “read, write and execute” access to the necessary files, English language communication skills, and relevant technical knowledge. Customer may modify its designated Technical Support Contacts at any time during the term of this Schedule by notifying Hyland in writing and giving Hyland five (5) business days to process the change. Technical Support Contacts will be the only interface to the Hyland customer support center. Hyland recommends that the Technical Support Contacts obtain the applicable Software certification by attending Hyland training courses. In an emergency, a Hyland customer support engineer will respond to an issue for an unauthorized contact on an exception basis, subject to later verification and involvement of a named Technical Support Contact.
6.1 Software Warranty. Hyland warrants to Customer that during the term of this Subscription Schedule the Software will function in all material respects as described in the Documentation. The terms of this warranty shall not apply to, and Hyland shall have no liability for any non-conformity related to, the Software if (a) any component of the Software has been modified, misused or abused by Customer or a third party, (b) any such non-conformity arises from or is related to problems within or impacting Customer's computing environment, including any Customer third party software applications, hardware, network or internet connectivity, (c) if the Software is used in combination with equipment or software other than that which is provided by Hyland or is consistent with the Documentation, or (d) to the extent the Software is Retired Software.
6.2 Remedy. Hyland’s sole obligation, and Customer's sole and exclusive remedy for any non-conformities to the express limited warranties under Section 6.1 shall be as follows: provided that Customer notifies Hyland in writing of the non-conformity, Hyland will either (a) correct the non-conforming component of the Software, which may include the delivery of a reasonable workaround for the non-conformity; or (b) if Hyland determines that correcting the non-conformity is not practicable, then terminate this Subscription Schedule with respect to the non-conforming component, in which event, upon compliance by Customer with its obligations under Section 8.2 of this Subscription Schedule, Hyland will provide a refund to Customer of the "unused portion of the prepaid Subscription Fees" (as defined below) paid by Customer and attributable to the non-conforming component. The "unused portion of prepaid Subscription Fees" shall mean an amount equal to the total Subscription Fees paid by Customer for the non-conforming portion of the Software for the then current term (or applicable twelve-month period within the Initial Term) during which such removal occurs, multiplied by a fraction, the numerator of which shall be the number of full calendar months remaining during the term (or applicable twelve-month period within the Initial Term) during which such removal occurs, and the denominator of which shall be twelve (12).
7. INFRINGEMENT INDEMNIFICATION.
7.1 Generally. Hyland agrees to indemnify Customer against all liability and expense, including reasonable attorneys’ fees, arising from or in connection with any third party claim, action or proceeding instituted against Customer based upon any infringement or misappropriation by the Software of any patent, registered copyright or registered trademark of a third party that is enforceable in the United States, provided that Hyland: (a) is notified immediately after Customer receives notice of such claim; (b) is solely in charge of the defense of and any settlement negotiations with respect to such claim, provided that Hyland will not settle any such claim without the prior written consent of Customer if such settlement contains a stipulation to or admission or acknowledgement of any liability or wrongdoing on the part of Customer or otherwise requires payment by Customer; (c) receives Customer’s reasonable cooperation in the defense or settlement of such claim; and (d) has the right, upon either the occurrence of or the likelihood (in the opinion of Hyland) of the occurrence of a finding of infringement or misappropriation, either to procure for Customer the right to continue use of the Software, or to replace the relevant portions of the Software or with other equivalent, non-infringing portions.
7.2 Removal and Refund. If Hyland is unable to accomplish either of the options set forth in Section 7.1(d), Hyland shall remove the infringing portion of the Software and refund to Customer the “unused portion of prepaid Subscription Fees” (as defined below) paid by Customer, with respect to the infringing portion of the Software. For these purposes, the “unused portion of the prepaid Subscription Fees” shall mean an amount equal to the total Subscription Fees paid by Customer for the infringing portion of the Software for the term (or applicable twelve-month period within the Initial Term) during which such removal occurs, multiplied by a fraction, the numerator of which shall be the number of full calendar months remaining during the term (or applicable twelve-month period within the Initial Term) during which such removal occurs, and the denominator of which shall be twelve (12).
7.3 Exclusions. Notwithstanding anything to the contrary, Hyland shall have no obligation to Customer to indemnify any claims made against Customer and otherwise described in Section 7.1 that arise from: (a) use of the Software by Customer other than as expressly permitted by the Agreement; (b) the combination of the Software with any product not furnished by Hyland to Customer; (c) the modification or addition to of the Software other than by Hyland or any of its authorized solution providers specifically retained by Hyland to provide such modification or addition; (d) use of non-current versions of the Software when Hyland has made newer, non-infringing versions available to the Customer; or (e) the Customer’s business methods or processes.
7.4 THIS SECTION 7 STATES HYLAND’S ENTIRE LIABILITY AND THE SOLE AND EXCLUSIVE REMEDY OF CUSTOMER WITH RESPECT TO ANY ALLEGED INFRINGEMENT OR MISAPPROPRIATION OF INTELLECTUAL PROPERTY OR PROPRIETARY PROPERTY BY THE SOFTWARE.
8. TERM; TERMINATION.
8.1 TERM. Subject to the termination provisions set forth in Section 1.2 of the General Terms Schedule, the initial term of this Subscription Schedule will be the Initial Term; and such term will automatically renew thereafter for successive Renewal Terms, unless and until either party provides at least thirty (30) days advance written notice of non-renewal, in which case this Subscription Schedule shall terminate at the end of the then current term. “Renewal Term” shall mean a renewal term of one (1) year each unless a renewal Order Form defines a different Renewal Term for the applicable renewal term. This Schedule will not terminate unless and until all Software subscriptions listed in a Purchase Table or Order Form have terminated or expired.
8.2 Additional Effects or Consequences of Termination. In addition to Section 1.3 of the General Terms Schedule, upon any termination of this Subscription Schedule in its entirety, any license to use the Software will automatically terminate without other or further action on the part of any party; and Customer shall immediately: (a) discontinue any and all use of the Software and Documentation; and (b) either (1) return the Software and Documentation to Hyland, or (2) with the prior permission of Hyland, destroy the Software and Documentation and certify in writing to Hyland that Customer has completed such destruction.
Effective April 14th 2022 to December 8th 2022
DownloadTable of Contents
Copyright Ó 2021 Hyland Software, Inc.
SOFTWARE LICENSE AND MAINTENANCE SCHEDULE- SUBSCRIPTION
(Subscription License for Software, includes Maintenance and Support)
This Software License and Maintenance Schedule – Subscription (the “Subscription Schedule”) forms a part of the Hyland Master Agreement or any other agreement between Customer and Hyland (the “Agreement”) which incorporates this Subscription Schedule by reference.
DEFINED TERMS:
All capitalized terms used in this Subscription Schedule shall have the meaning ascribed them in this Subscription Schedule or, if not defined in this Subscription Schedule, the General Terms Schedule. If any capitalized terms used herein are not defined in this Subscription Schedule or the General Terms Schedule, they shall have the meaning ascribed to them elsewhere in the Agreement.
“Delivery” means: (i) the electronic downloading of the Software onto Customer’s systems, (ii) the Software being made available by Hyland to Customer for electronic download onto Customer’s systems; or (iii) the delivery by Hyland to Customer of a Production Certificate for such Software module(s) by Hyland either shipping (physically or electronically) the Production Certificate to Customer or making the Production Certificate available for electronic download by Customer (including through one of Hyland’s authorized solution providers).
“Documentation” means: (1) to the extent available, the “Help Files” included in the Software, or (2) if no such “Help Files” are included in the Software, such other documentation published by Hyland, in each case, which relate to the functional, operational or performance characteristics of the Software.
“Error” means any defect or condition inherent in the Software which is reported by Customer in accordance with the Agreement and which is confirmed by Hyland, that causes the Software to fail to function in any material respect as described in the Documentation.
“Error Correction Services” means Hyland’s reasonable efforts to correct an Error, which may be effected by a reasonable workaround.
“Maintenance and Support” means for Software, (i) Error Correction Services; (ii) Technical Support Services; and (iii) the availability of Upgrades and Enhancements in accordance with this Subscription Schedule.
“Maintenance and Support Prioritization Attachment” is the document available at https://legal.hyland.com/Customer-Legal-Center#maintenance-and-support-prioritization-attachment.
“Production Certificate” means: license codes, a license certificate, or an IFM file issued by Hyland and necessary for Customer to activate Software for Customer’s production use.
“Resolution” means Hyland provides Customer with a reasonable workaround, correction, or modification that solves or mitigates a reported Error.
“Subscription Fees” means periodic fees for the licensing of Software licensed under this Subscription Schedule and for Maintenance and Support for such Software, and payable by Customer to Hyland.
“Retired Software” means, at any particular time during a maintenance period covered by this Subscription Schedule, any Software product or version of the Software licensed by Customer from Hyland under the Agreement which is identified as being retired on Hyland’s applicable secure end user web site. Hyland will specify on its end user web site Software modules or versions which become Retired Software. The effective date of such change will be twelve (12) months from the date Hyland initially posts the status change on its end user web site, and Customer will receive notice as a registered user of Hyland’s applicable secure end user web site.
“Technical Support Services” means telephone or online technical support related to problems reported by Customer and associated with the operation of any Software, including assistance and advice related to the operation of the Software.
“Upgrades and Enhancements” means any and all new versions, improvements, modifications, upgrades, updates, fixes and additions to Software that Hyland makes available to Customer or to Hyland’s end users generally during any maintenance period under this Subscription Schedule to correct Errors or deficiencies or enhance the capabilities of the Software, together with updates of the Documentation to reflect such new versions, improvements, modifications, upgrades, fixes or additions; provided, however, that the foregoing shall not include new, separate product offerings, new modules or re-platformed Software.
1. SOFTWARE LICENSE.
1.1 Grant of License. Subject to Customer’s payment in full of the Subscription Fees, and subject further to Customer’s compliance with the Agreement, Hyland grants to Customer a revocable, non-exclusive, non-assignable (except as provided in the General Terms Schedule), limited license to the Software, in machine-readable object code form only and associated Documentation; in each case solely for use:
(a) by Customer internally, and only for storing, processing and accessing Customer’s own data; and
(b) subject to Section 1.7 below, by a third party contractor retained by Customer as a provider of services to Customer (“Contractor”), but only by the Contractor for capturing, storing, processing and accessing Customer’s own data in fulfillment of the Contractor’s contractual obligations as a service provider to Customer.
The Software and associated Documentation are licensed for use by a single organization and may not be used for processing of third-party data as a service bureau, application service provider or otherwise. Customer shall not make any use of the Software or associated Documentation in any manner not expressly permitted by the Agreement. Software subject to a regulatory control may only be installed in the country identified as the end user location in the purchase order. The Software may be located and hosted on computer servers owned and controlled by a third party. Such third party hosting provider shall be considered a Contractor, and subject to the requirements of Section 1.7 below
1.2 Use Restriction. Each module of the Software is licensed for a specific type of use, such as concurrently or on a specified workstation or by a specified individual and the Software may control such use. Software products that are volume-based may: (i) no longer function if applicable volume limits have been exceeded; (ii) require Customer to pay additional fees based on Customer’s volume usage; and/or (iii) include functionality which monitors or tracks Customer usage and reports that usage. Customer acknowledges and agrees that additional fees may apply based on Customer's volume usage. Customer may not circumvent or attempt to circumvent this restriction by any means, including but not limited to changing the computer calendars. Use of software or hardware that reduces the number of users directly accessing or utilizing the Software (sometimes called “multiplexing” or “pooling” software or hardware) does not reduce the number of Software licenses required. The required number of Software licenses would equal the number of distinct inputs to the multiplexing or pooling software or hardware. Customer is prohibited from using any software other than the Software Client modules or a Software application programming interface (API) to access the Software or any data stored in the Software database for any purpose other than generating reports or statistics regarding system utilization, unless Hyland has given its prior written consent to Customer’s use of such other software and Customer has paid to Hyland the Subscription Fees with respect to such access. Customer further agrees that the Software shall not be copied and installed on additional servers unless Customer has purchased a license therefore, and the number of users of the Software shall not exceed the number of users permitted by the Software Client licenses purchased by Customer.
1.3 Production and Test Systems. Customer shall be entitled to use one (1) production copy of the Software licensed and one (1) additional copy of the production environment licensed Software for customary remote disaster recovery purposes which may not be used as a production system concurrently with the operation of any other copy of the Software in a production environment. In addition, Customer shall also be entitled to license a reasonable number of additional copies of the production environment licensed Software to be used exclusively in a non-production environment and solely for the purposes of experimenting and testing the Software, developing integrations between the Software and other applications that integrate to the Software solely using integration modules of the Software licensed by Customer under the Agreement, and training Customer’s employees on the Software (“Test Systems”). Customer may be required to provide to Hyland certain information relating to Customer’s intended use of such Test Systems such as the manufacturer, model number, serial number and installation site. Hyland reserves the right to further define the permitted use(s) and/or restrict the use(s) of the Test Systems. Customer’s sole recourse in the event of any dissatisfaction with any Software in any non-production system is to stop using such Software and return it to Hyland, provided that, to the extent that Customer is using the Test System for the purposes of testing an Upgrade or Enhancement of the Software prior to implementing the same in Customer’s production environment, then Customer may contact Hyland for the provision of Maintenance and Support as described in this Subscription Schedule. Customer shall not make any copies of the Software not specifically authorized by this Section 1.3.
1.4 Evaluation Software. From time to time Customer may elect to evaluate certain Software modules (“Evaluation Software”) for the purpose of determining whether or not to purchase a production license of such Evaluation Software. Evaluation Software is licensed for Customer’s use in a non-production environment. Notwithstanding anything to the contrary, as to any Evaluation Software, the Agreement and the limited license granted hereby will terminate on the earliest of: (a) last day of the evaluation period specified in the accepted purchase order delivered for such Evaluation Software; or (b) immediately upon the delivery of written notice to such effect by Hyland to Customer. Upon expiration or other termination of such period, Customer immediately shall either (y) discontinue any and all of use of the Evaluation Software and related Documentation and remove the Evaluation Software; or (z) deliver a purchase order for purchase of such Evaluation Software.
1.5 Third Party Licenses. The Software may be bundled with software owned by third parties, including but not limited to those manufacturers listed in the Help About screen of the Software. Such third party software is licensed solely for use within the Software and is not to be used on a stand-alone basis. Notwithstanding the above, Customer acknowledges that, depending on the modules licensed, the Software may include open source software governed by an open source license, in which case the open source license (a copy of which is provided in the Software) may grant you additional rights to such open source software. Additionally, in the case of such software to be downloaded and installed on a mobile device, if such software will be downloaded from the application market or store maintained by the manufacturer of the mobile device, then use of such software will be governed by the license terms for the software included at the applicable application store or market or presented to Customer or Customer’s user in the software, and the Agreement will not govern such use.
1.6 Integration Code. If applicable, Software also includes all adapters or connectors created by Hyland and provided to you by Hyland as part of an integration between the Software and a third party line of business application (“Integration Code”). Software also includes any desktop host or other content services software provided by Hyland and downloaded on a user's computer used to extend functionality in Hyland's products. Such Integration Code and desktop host may only be used in combination with other Software and in accordance with the terms of the Agreement.
1.7 Contractor Use Agreement. Customer agrees that if it desires to allow a Contractor to do any of the following:
(a) make use of the Software configuration tools, Software administrative tools or any of the Software’s application programming interfaces (“APIs”);
(b) make use of any training materials or attend any training courses, either online or in person, in either case related to the Software; or
(c) access any of Hyland’s secure websites (including, but not limited to, users.onbase.com, teamonbase.com, training.onbase.com, demo.onbase.com, and Hyland.com/Community), either through Contractor’s use of Customer’s own log-in credentials or through credentials received directly or indirectly by Contractor;
then, Customer must cause such Contractor to execute a use agreement in a form available for download at Hyland’s Community website (“Contractor Use Agreement”). Customer understands and agrees that: (x) Customer may not allow a Contractor to do any of the foregoing if such Contractor has not signed a Contractor Use Agreement, and (y) Contractors may use the Software only in compliance with the terms of the Agreement, and (z) Customer is responsible for such compliance by all Contractors that do not execute a Contractor Use Agreement. Customer agrees that it shall indemnify Hyland from and against all claims, liabilities, losses, damages and costs, including, but not limited to, reasonable attorneys’ fees and court costs, which are suffered or incurred by Hyland and arise from or in connection with the breach or noncompliance with the terms of the Agreement by any Contractor that does not sign a Contractor Use Agreement.
1.8 No High Risk Use. The Software is not fault-tolerant and is not guaranteed to be error free or to operate uninterrupted. The Software is not designed or intended for use in any situation where failure or fault of any kind of the Software could lead to death or serious bodily injury to any person, or to severe physical or environmental damage (“High Risk Use”). Customer is not licensed to use the Software in, or in conjunction with, High Risk Use. High Risk Use is STRICTLY PROHIBITED. High Risk Use includes, for example, the following: aircraft or other modes of human mass transportation, nuclear or chemical facilities, life support systems, implantable medical equipment, motor vehicles, or weaponry systems. High Risk Use does not include utilization of the Software for administrative purposes, as an information resource for medical professionals, to store configuration data, engineering and/or configuration tools, or other non-control applications, the failure of which would not result in death, personal injury, or severe physical or environmental damage. These non- controlling applications may communicate with the applications that perform the control, but must not be directly or indirectly responsible for the control function. Customer agrees not to use, distribute or sublicense the use of the Software in, or in connection with, any High Risk Use." Customer agrees to indemnify and hold harmless Hyland from any third-party claim arising out of Customer’s use of the Software in connection with any High Risk Use.
1.9 Audit Rights. Upon reasonable notice to Customer, Hyland shall be permitted access to audit Customer’s use of the Software solely in order to determine Customer’s compliance with the licensing and pricing terms the Agreement, including, where applicable, to measure Customer’s volume usage. Additionally, if requested by Hyland in connection with Software licensed on a volume basis, Customer shall provide reports that show Customer’s volume usage. Customer shall reasonably cooperate with Hyland with respect to its performance of such audit. Customer acknowledges and agrees that Customer is prohibited from publishing the results of any benchmark test using the Software to any third party without Hyland’s prior written approval, and that Customer has not relied on the future availability of any programs or services in entering into the Agreement.
1.10 AnyDoc. The optional AccuZip component of the OCR for AnyDoc and AnyDoc EXCHANGEit Software products contains material obtained under agreement from the United States Postal Service (USPS) and must be kept current via an update plan provided by Hyland to maintain Customer’s continued right to use. The USPS has contractually required Hyland to include “technology which automatically disables access to outdated [zip code] products.” This technology disables only the AccuZip component and is activated only if AccuZip is not updated on a regular and timely basis. Hyland regularly updates the zip code list as part of Maintenance and Support for the AccuZip module.
1.11 The Software may contain functionality that allows Customer to access, link or integrate the Software with Customer’s applications or applications or services provided by third parties. Hyland has no responsibility for such applications or services, websites or content and does not endorse any third party web sites, applications or services that may be linked or integrated through the Software; any activities engaged in by Customer with such third parties is solely between Customer and such third party.
2. SUBSCRIPTION FEES. Customer shall pay Subscription Fees to Hyland for the Software licensed hereunder in such amounts as are invoiced by Hyland; provided, that during the Initial Term of this Subscription Schedule, Customer shall pay Subscription Fees to Hyland for the initial Software licensed hereunder in accordance with the applicable Purchase Table Schedule. Following expiration of the Initial Term of this Subscription Schedule, Hyland may increase the Subscription Fees for the Software for any renewal period by up to ten percent (10%) of the previous year’s Subscription Fees. Hyland will invoice Customer on or after the Effective Date for Subscription Fees for the first year of the Initial Term. Such invoice shall be due and payable by Customer to Hyland in accordance with the General Terms Schedule. For any subsequent years, Hyland will invoice Customer for Subscription Fees prior to the beginning of such year, and such invoices shall be due and payable by Customer to Hyland on or before the beginning of such year. In the event Customer licenses additional Software modules under the Agreement, Hyland will invoice Customer for Subscription Fees for such additional Software modules on a pro rata basis upon Hyland’s acceptance of the purchase order for such additional Software modules. Such invoice shall be due and payable by Customer to Hyland in accordance with the General Terms Schedule. Thereafter, Subscription Fees relating to such additional Software shall be included in the subsequent invoices issued with respect to the existing licensed Software.
3. ADD-ON SERVICES. If Customer subscribes to an Add-On Service, the fees for such Add-On Service will be invoiced on a periodic basis, in advance, and Customer shall pay such invoices in accordance with the General Terms Schedule. Some Add-On Services may be priced on a volume basis, for which Add-On Services fees may be invoiced in arrears based on the applicable volume usage. Add-On Services may be subject to an additional Schedule.
4. U.S. GOVERNMENT END USERS. To the extent applicable to Customer, the terms and conditions of the Agreement shall pertain to the U.S. Government’s use and/or disclosure of the Software and Add-On Services, and shall supersede any conflicting contractual terms or conditions. By accepting the terms of the Agreement and/or the Delivery of the Software and Add-On Services, the U.S. Government hereby agrees that the Software and Add-On Services qualify as “commercial” computer software within the meaning of ALL U.S. federal acquisition regulation(s) applicable to this procurement and that the Software and Add-On Services are developed exclusively at private expense. If this license fails to meet the U.S. Government’s needs or is inconsistent in any respect with Federal law, the U.S. Government agrees to return this Software and Add-On Services to Hyland. In addition to the foregoing, where DFARS is applicable, use, modification, reproduction, release, display, or disclosure of the Software and Add-On Services, or Documentation by the U.S. Government is subject solely to the terms of the Agreement, as stated in DFARS 227.7202, and the terms of the Agreement shall supersede any conflicting contractual term or conditions.
5. MAINTENANCE AND SUPPORT FOR SOFTWARE AND RETIRED SOFTWARE.
5.1 MAINTENANCE AND SUPPORT TERMS. Except with respect to Retired Software, Hyland will provide Maintenance and Support in accordance with the Maintenance and Support Prioritization Attachment.
(a) Technical Support Services. Hyland will provide telephone or online technical support related to problems reported by Customer and associated with the operation of any Software, including assistance and advice related to the operation of the Software. Technical Support Services are not available for Retired Software.
(b) Error Correction Services. With respect to any Errors in the Software which are reported by Customer and which are confirmed by Hyland, in the exercise of its reasonable judgment, Hyland will use its reasonable efforts to correct the Error, which may be effected by a reasonable workaround. Hyland shall promptly commence to confirm any reported Errors after receipt of a proper report of such suspected Error from Customer. Hyland may elect to correct the Error in the current available or in the next available commercially released version of the Software and the Resolution may require the Customer to implement an Upgrade and Enhancement to obtain the correction. Error Correction Services are not available for Retired Software.
(c) Reporting Policies and Procedures Applicable to Technical Support Services and Error Correction Services.
(1) Customer Reporting Requirements. In requesting Technical Support Services and Error Correction Services, Customer will submit such requests through Hyland’s secure end user website, the details of which will be separately provided to Customer. Once such request is submitted through the end user website, Customer may call for Level 1 or Level 2 Severity Levels (support numbers are available through Hyland’s secure end user website). In the case of reporting an Error, Customer will provide Hyland with as much information and access to systems as reasonably possible to enable Hyland to investigate and attempt to identify and verify the Error. Customer will work with Hyland support personnel during the problem isolation process, as reasonably needed. Customer will notify Hyland of any configuration changes, such as network installation/expansion, Software upgrades, relocations, etc.
(2) Hyland Response Procedures. Hyland shall respond to all Technical Support Services requests and Error Correction Services requests in accordance with the Maintenance and Support Prioritization Attachment. With respect to Errors: (a) Hyland will respond based on the confirmed severity level of an Error; (b) Hyland may reclassify Errors as it learns information about such Errors during the resolution process; and (c) Hyland’s obligation for a reported Error concludes upon delivery of a Resolution in accordance with the Maintenance and Support Prioritization Attachment.
(d) Upgrades and Enhancements. Hyland will provide, in accordance with Hyland’s then current policies, as set forth from time to time on Hyland’s secure end user web site (currently www.hyland.com/community), all Upgrades and Enhancements, if and when released during the term of this Subscription Schedule. Upgrades and Enhancements are not available for Retired Software.
5.2 EXCLUSIONS.
(a) Generally. Hyland is not responsible for providing, or obligated to provide, Maintenance and Support under the Agreement: (1) in connection with any Errors or problems that result in whole or in part from any alteration, revision, change, enhancement or modification of any nature of the Software, or from any error or defect in any configuration of the Software, which activities in any such case were undertaken by any party other than Hyland; (2) in connection with any Error if Hyland has previously provided corrections for such Error which Customer fails to implement; (3) in connection with any Errors or problems that have been caused by errors, defects, problems, alterations, revisions, changes, enhancements or modifications in the database, operating system, third party software (other than third party software embedded in the Software by Hyland), hardware or any system or networking utilized by Customer; (4) if the Software or related software or systems have been subjected to abuse, misuse, improper handling, accident or neglect; or (5) if any party other than Hyland, or an authorized subcontractor specifically selected by Hyland, has provided any services in the nature of Maintenance and Support to Customer with respect to the Software. Maintenance and Support does not include any services that Hyland may provide in connection with assisting or completing an upgrade of Software with any available Upgrade and Enhancement.
(b) Work Products. Maintenance and Support is not provided for any Work Products (as defined in the Professional Services Schedule); however, if Customer desires Maintenance and Support regarding the operation or use of such Work Products, Customer may request such Maintenance and Support and the parties may agree to enter into a Services Proposal for such Maintenance and Support in accordance with the terms of the Professional Services Schedule.
(c) Excluded Software and Hardware. This Subscription Schedule does not govern, and Hyland shall not be responsible for, the maintenance or support of any software other than Software, or for any hardware or equipment of any kind or nature, whether or not obtained by Customer from Hyland.
5.3 CERTAIN OTHER RESPONSIBILITIES OF CUSTOMER.
(a) Operation of the Software and Related Systems. Customer acknowledges and agrees that it is solely responsible for the operation, configuration, supervision, management and control of the Software and all related hardware and software (including the database software). Customer is solely responsible for: obtaining or providing training for its personnel; taking appropriate measures to isolate and backup or otherwise archive its computer systems, programs, data or files; and instituting appropriate security procedures and implementing reasonable procedures to examine and verify all output before use.
(b) Access to Premises and Systems. Customer shall make available reasonable access and use of Customer’s premises, and online access to Customer’s computer hardware, peripherals, Software and other software as Hyland deems necessary to diagnose and correct any Errors or to otherwise provide Maintenance and Support. Accordingly, Customer shall install and maintain means of communication and the appropriate communications software as mutually agreed upon by Hyland and Customer and an adequate connection with Hyland to facilitate Hyland’s on-line Maintenance and Support. Such right of access and use shall be provided at no cost or charge to Hyland.
5.4 PROFESSIONAL SERVICES FOR PROJECTS NOT COVERED BY TECHNICAL SUPPORT SERVICES OR ERROR CORRECTION SERVICES. If Customer requests Professional Services which are outside the scope of Technical Support Services or Error Correction Services, Customer agrees that such services shall not be covered by this Section 5 and such services only shall be engaged pursuant to a Services Proposal under an applicable Professional Services Schedule.
5.5 IMPLEMENTATION OF UPGRADES AND ENHANCEMENTS TO REGULATED PRODUCTS. Customer acknowledges and agrees that for regulatory compliance purposes, Customer may be required to engage Hyland under a Services Proposal to implement Upgrades and Enhancements to a regulated product. If Hyland offers a self-service option for implementing Upgrades and Enhancements to a regulated product, and the Customer chooses this option, Customer agrees to comply with the training, reporting, and documentation requirements established by Hyland to ensure that the implementation is performed and documented as required by applicable regulations.
6. LIMITED WARRANTY FOR SOFTWARE
6.1 Software Warranty. Hyland warrants to Customer that during the term of this Subscription Schedule the Software will function in all material respects as described in the Documentation. The terms of this warranty shall not apply to, and Hyland shall have no liability for any non-conformity related to, the Software if (a) any component of the Software has been modified, misused or abused by Customer or a third party, (b) any such non-conformity arises from or is related to problems within or impacting Customer's computing environment, including any Customer third party software applications, hardware, network or internet connectivity, (c) if the Software is used in combination with equipment or software other than that which is provided by Hyland or is consistent with the Documentation, or (d) to the extent the Software is Retired Software.
6.2 Remedy. Hyland’s sole obligation, and Customer's sole and exclusive remedy for any non-conformities to the express limited warranties under Section 6.1 shall be as follows: provided that Customer notifies Hyland in writing of the non-conformity, Hyland will either (a) correct the non-conforming component of the Software, which may include the delivery of a reasonable workaround for the non-conformity; or (b) if Hyland determines that correcting the non-conformity is not practicable, then terminate this Subscription Schedule with respect to the non-conforming component, in which event, upon compliance by Customer with its obligations under Section 8.2 of this Subscription Schedule, Hyland will provide a refund to Customer of the "unused portion of the prepaid Subscription Fees" (as defined below) paid by Customer and attributable to the non-conforming component. The "unused portion of prepaid Subscription Fees" shall mean an amount equal to the total Subscription Fees paid by Customer for the non-conforming portion of the Software for the then current term (or applicable twelve-month period within the Initial Term) during which such removal occurs, multiplied by a fraction, the numerator of which shall be the number of full calendar months remaining during the term (or applicable twelve-month period within the Initial Term) during which such removal occurs, and the denominator of which shall be twelve (12).
7. INFRINGEMENT INDEMNIFICATION.
7.1 Generally. Hyland agrees to indemnify Customer against all liability and expense, including reasonable attorneys’ fees, arising from or in connection with any third party claim, action or proceeding instituted against Customer based upon any infringement or misappropriation by the Software of any patent, registered copyright or registered trademark of a third party that is enforceable in the United States, provided that Hyland: (a) is notified immediately after Customer receives notice of such claim; (b) is solely in charge of the defense of and any settlement negotiations with respect to such claim, provided that Hyland will not settle any such claim without the prior written consent of Customer if such settlement contains a stipulation to or admission or acknowledgement of any liability or wrongdoing on the part of Customer or otherwise requires payment by Customer; (c) receives Customer’s reasonable cooperation in the defense or settlement of such claim; and (d) has the right, upon either the occurrence of or the likelihood (in the opinion of Hyland) of the occurrence of a finding of infringement or misappropriation, either to procure for Customer the right to continue use of the Software, or to replace the relevant portions of the Software or with other equivalent, non-infringing portions.
7.2 Removal and Refund. If Hyland is unable to accomplish either of the options set forth in Section 7.1(d), Hyland shall remove the infringing portion of the Software and refund to Customer the “unused portion of prepaid Subscription Fees” (as defined below) paid by Customer, with respect to the infringing portion of the Software. For these purposes, the “unused portion of the prepaid Subscription Fees” shall mean an amount equal to the total Subscription Fees paid by Customer for the infringing portion of the Software for the term (or applicable twelve-month period within the Initial Term) during which such removal occurs, multiplied by a fraction, the numerator of which shall be the number of full calendar months remaining during the term (or applicable twelve-month period within the Initial Term) during which such removal occurs, and the denominator of which shall be twelve (12).
7.3 Exclusions. Notwithstanding anything to the contrary, Hyland shall have no obligation to Customer to indemnify any claims made against Customer and otherwise described in Section 7.1 that arise from: (a) use of the Software by Customer other than as expressly permitted by the Agreement; (b) the combination of the Software with any product not furnished by Hyland to Customer; (c) the modification or addition to of the Software other than by Hyland or any of its authorized solution providers specifically retained by Hyland to provide such modification or addition; or (d) the Customer’s business methods or processes.
7.4 THIS SECTION 7 STATES HYLAND’S ENTIRE LIABILITY AND THE SOLE AND EXCLUSIVE REMEDY OF CUSTOMER WITH RESPECT TO ANY ALLEGED INFRINGEMENT OR MISAPPROPRIATION OF INTELLECTUAL PROPERTY OR PROPRIETARY PROPERTY BY THE SOFTWARE.
8. TERM; TERMINATION.
8.1 TERM. Subject to the termination provisions set forth in Section 1.2 of the General Terms Schedule, the initial term of this Subscription Schedule will be the Initial Term; and such term will automatically renew thereafter for successive terms of one (1) year each, unless and until either party provides at least thirty (30) days advance written notice of non-renewal, in which case this Subscription Schedule shall terminate at the end of the then current term.
8.2 Additional Effects or Consequences of Termination. In addition to Section 1.3 of the General Terms Schedule, upon any termination of this Subscription Schedule in its entirety, any license to use the Software will automatically terminate without other or further action on the part of any party; and Customer shall immediately: (a) discontinue any and all use of the Software and Documentation; and (b) either (1) return the Software and Documentation to Hyland, or (2) with the prior permission of Hyland, destroy the Software and Documentation and certify in writing to Hyland that Customer has completed such destruction.
Effective March 14th 2022 to April 14th 2022
DownloadTable of Contents
SOFTWARE LICENSE AND MAINTENANCE SCHEDULE- SUBSCRIPTION
(Subscription License for Software, includes Maintenance and Support)
This Software License and Maintenance Schedule – Subscription (the “Subscription Schedule”) forms a part of the Hyland Master Agreement or any other agreement between Customer and Hyland (the “Agreement”) which incorporates this Subscription Schedule by reference.
DEFINED TERMS:
All capitalized terms used in this Subscription Schedule shall have the meaning ascribed them in this Subscription Schedule or, if not defined in this Subscription Schedule, the General Terms Schedule. If any capitalized terms used herein are not defined in this Subscription Schedule or the General Terms Schedule, they shall have the meaning ascribed to them elsewhere in the Agreement.
“Delivery” means: (i) the electronic downloading of the Software onto Customer’s systems, (ii) the Software being made available by Hyland to Customer for electronic download onto Customer’s systems; or (iii) the delivery by Hyland to Customer of a Production Certificate for such Software module(s) by Hyland either shipping (physically or electronically) the Production Certificate to Customer or making the Production Certificate available for electronic download by Customer (including through one of Hyland’s authorized solution providers).
“Documentation” means: (1) to the extent available, the “Help Files” included in the Software, or (2) if no such “Help Files” are included in the Software, such other documentation published by Hyland, in each case, which relate to the functional, operational or performance characteristics of the Software.
“Error” means any defect or condition inherent in the Software which is reported by Customer in accordance with the Agreement and which is confirmed by Hyland, that causes the Software to fail to function in any material respect as described in the Documentation.
“Error Correction Services” means Hyland’s reasonable efforts to correct an Error, which may be effected by a reasonable workaround.
“Maintenance and Support” means for Software, (i) Error Correction Services; (ii) Technical Support Services; and (iii) the availability of Upgrades and Enhancements in accordance with this Subscription Schedule.
“Maintenance and Support Prioritization Attachment” is the document available at https://legal.hyland.com/Customer-Legal-Center#maintenance-and-support-prioritization-attachment.
“Production Certificate” means: license codes, a license certificate, or an IFM file issued by Hyland and necessary for Customer to activate Software for Customer’s production use.
“Resolution” means Hyland provides Customer with a reasonable workaround, correction, or modification that solves or mitigates a reported Error.
“Subscription Fees” means periodic fees for the licensing of Software licensed under this Subscription Schedule and for Maintenance and Support for such Software, and payable by Customer to Hyland.
“Retired Software” means, at any particular time during a maintenance period covered by this Subscription Schedule, any Software product or version of the Software licensed by Customer from Hyland under the Agreement which is identified as being retired on Hyland’s applicable secure end user web site. Hyland will specify on its end user web site Software modules or versions which become Retired Software. The effective date of such change will be twelve (12) months from the date Hyland initially posts the status change on its end user web site, and Customer will receive notice as a registered user of Hyland’s applicable secure end user web site.
“Technical Support Services” means telephone or online technical support related to problems reported by Customer and associated with the operation of any Software, including assistance and advice related to the operation of the Software.
“Upgrades and Enhancements” means any and all new versions, improvements, modifications, upgrades, updates, fixes and additions to Software that Hyland makes available to Customer or to Hyland’s end users generally during any maintenance period under this Subscription Schedule to correct Errors or deficiencies or enhance the capabilities of the Software, together with updates of the Documentation to reflect such new versions, improvements, modifications, upgrades, fixes or additions; provided, however, that the foregoing shall not include new, separate product offerings, new modules or re-platformed Software.
1. SOFTWARE LICENSE.
1.1 Grant of License. Subject to Customer’s payment in full of the Subscription Fees, and subject further to Customer’s compliance with the Agreement, Hyland grants to Customer a revocable, non-exclusive, non-assignable (except as provided in the General Terms Schedule), limited license to the Software, in machine-readable object code form only and associated Documentation; in each case solely for use:
(a) by Customer internally, and only for storing, processing and accessing Customer’s own data; and
(b) subject to Section 1.7 below, by a third party contractor retained by Customer as a provider of services to Customer (“Contractor”), but only by the Contractor for capturing, storing, processing and accessing Customer’s own data in fulfillment of the Contractor’s contractual obligations as a service provider to Customer.
The Software and associated Documentation are licensed for use by a single organization and may not be used for processing of third-party data as a service bureau, application service provider or otherwise. Customer shall not make any use of the Software or associated Documentation in any manner not expressly permitted by the Agreement. Software subject to a regulatory control may only be installed in the country identified as the end user location in the purchase order. The Software may be located and hosted on computer servers owned and controlled by a third party. Such third party hosting provider shall be considered a Contractor, and subject to the requirements of Section 1.7 below
1.2 Use Restriction. Each module of the Software is licensed for a specific type of use, such as concurrently or on a specified workstation or by a specified individual and the Software may control such use. Software products that are volume-based may: (i) no longer function if applicable volume limits have been exceeded; (ii) require Customer to pay additional fees based on Customer’s volume usage; and/or (iii) include functionality which monitors or tracks Customer usage and reports that usage. Customer acknowledges and agrees that additional fees may apply based on Customer's volume usage. Customer may not circumvent or attempt to circumvent this restriction by any means, including but not limited to changing the computer calendars. Use of software or hardware that reduces the number of users directly accessing or utilizing the Software (sometimes called “multiplexing” or “pooling” software or hardware) does not reduce the number of Software licenses required. The required number of Software licenses would equal the number of distinct inputs to the multiplexing or pooling software or hardware. Customer is prohibited from using any software other than the Software Client modules or a Software application programming interface (API) to access the Software or any data stored in the Software database for any purpose other than generating reports or statistics regarding system utilization, unless Hyland has given its prior written consent to Customer’s use of such other software and Customer has paid to Hyland the Subscription Fees with respect to such access. Customer further agrees that the Software shall not be copied and installed on additional servers unless Customer has purchased a license therefore, and the number of users of the Software shall not exceed the number of users permitted by the Software Client licenses purchased by Customer.
1.3 Production and Test Systems. Customer shall be entitled to use one (1) production copy of the Software licensed and one (1) additional copy of the production environment licensed Software for customary remote disaster recovery purposes which may not be used as a production system concurrently with the operation of any other copy of the Software in a production environment. In addition, Customer shall also be entitled to license a reasonable number of additional copies of the production environment licensed Software to be used exclusively in a non-production environment and solely for the purposes of experimenting and testing the Software, developing integrations between the Software and other applications that integrate to the Software solely using integration modules of the Software licensed by Customer under the Agreement, and training Customer’s employees on the Software (“Test Systems”). Customer may be required to provide to Hyland certain information relating to Customer’s intended use of such Test Systems such as the manufacturer, model number, serial number and installation site. Hyland reserves the right to further define the permitted use(s) and/or restrict the use(s) of the Test Systems. Customer’s sole recourse in the event of any dissatisfaction with any Software in any non-production system is to stop using such Software and return it to Hyland, provided that, to the extent that Customer is using the Test System for the purposes of testing an Upgrade or Enhancement of the Software prior to implementing the same in Customer’s production environment, then Customer may contact Hyland for the provision of Maintenance and Support as described in this Subscription Schedule. Customer shall not make any copies of the Software not specifically authorized by this Section 1.3.
1.4 Evaluation Software. From time to time Customer may elect to evaluate certain Software modules (“Evaluation Software”) for the purpose of determining whether or not to purchase a production license of such Evaluation Software. Evaluation Software is licensed for Customer’s use in a non-production environment. Notwithstanding anything to the contrary, as to any Evaluation Software, the Agreement and the limited license granted hereby will terminate on the earliest of: (a) last day of the evaluation period specified in the accepted purchase order delivered for such Evaluation Software; or (b) immediately upon the delivery of written notice to such effect by Hyland to Customer. Upon expiration or other termination of such period, Customer immediately shall either (y) discontinue any and all of use of the Evaluation Software and related Documentation and remove the Evaluation Software; or (z) deliver a purchase order for purchase of such Evaluation Software.
1.5 Third Party Licenses. The Software may be bundled with software owned by third parties, including but not limited to those manufacturers listed in the Help About screen of the Software. Such third party software is licensed solely for use within the Software and is not to be used on a stand-alone basis. Notwithstanding the above, Customer acknowledges that, depending on the modules licensed, the Software may include open source software governed by an open source license, in which case the open source license (a copy of which is provided in the Software) may grant you additional rights to such open source software. Additionally, in the case of such software to be downloaded and installed on a mobile device, if such software will be downloaded from the application market or store maintained by the manufacturer of the mobile device, then use of such software will be governed by the license terms for the software included at the applicable application store or market or presented to Customer or Customer’s user in the software, and the Agreement will not govern such use.
1.6 Integration Code. If applicable, Software also includes all adapters or connectors created by Hyland and provided to you by Hyland as part of an integration between the Software and a third party line of business application (“Integration Code”). Software also includes any desktop host or other content services software provided by Hyland and downloaded on a user's computer used to extend functionality in Hyland's products. Such Integration Code and desktop host may only be used in combination with other Software and in accordance with the terms of the Agreement.
1.7 Contractor Use Agreement. Customer agrees that if it desires to allow a Contractor to do any of the following:
(a) make use of the Software configuration tools, Software administrative tools or any of the Software’s application programming interfaces (“APIs”);
(b) make use of any training materials or attend any training courses, either online or in person, in either case related to the Software; or
(c) access any of Hyland’s secure websites (including, but not limited to, users.onbase.com, teamonbase.com, training.onbase.com, demo.onbase.com, and Hyland.com/Community), either through Contractor’s use of Customer’s own log-in credentials or through credentials received directly or indirectly by Contractor;
then, Customer must cause such Contractor to execute a use agreement in a form available for download at Hyland’s Community website (“Contractor Use Agreement”). Customer understands and agrees that: (x) Customer may not allow a Contractor to do any of the foregoing if such Contractor has not signed a Contractor Use Agreement, and (y) Contractors may use the Software only in compliance with the terms of the Agreement, and (z) Customer is responsible for such compliance by all Contractors that do not execute a Contractor Use Agreement. Customer agrees that it shall indemnify Hyland from and against all claims, liabilities, losses, damages and costs, including, but not limited to, reasonable attorneys’ fees and court costs, which are suffered or incurred by Hyland and arise from or in connection with the breach or noncompliance with the terms of the Agreement by any Contractor that does not sign a Contractor Use Agreement.
1.8 No High Risk Use. The Software is not fault-tolerant and is not guaranteed to be error free or to operate uninterrupted. The Software is not designed or intended for use in any situation where failure or fault of any kind of the Software could lead to death or serious bodily injury to any person, or to severe physical or environmental damage (“High Risk Use”). Customer is not licensed to use the Software in, or in conjunction with, High Risk Use. High Risk Use is STRICTLY PROHIBITED. High Risk Use includes, for example, the following: aircraft or other modes of human mass transportation, nuclear or chemical facilities, life support systems, implantable medical equipment, motor vehicles, or weaponry systems. High Risk Use does not include utilization of the Software for administrative purposes, as an information resource for medical professionals, to store configuration data, engineering and/or configuration tools, or other non-control applications, the failure of which would not result in death, personal injury, or severe physical or environmental damage. These non- controlling applications may communicate with the applications that perform the control, but must not be directly or indirectly responsible for the control function. Customer agrees not to use, distribute or sublicense the use of the Software in, or in connection with, any High Risk Use." Customer agrees to indemnify and hold harmless Hyland from any third-party claim arising out of Customer’s use of the Software in connection with any High Risk Use.
1.9 Audit Rights. Upon reasonable notice to Customer, Hyland shall be permitted access to audit Customer’s use of the Software solely in order to determine Customer’s compliance with the licensing and pricing terms the Agreement, including, where applicable, to measure Customer’s volume usage. Additionally, if requested by Hyland in connection with Software licensed on a volume basis, Customer shall provide reports that show Customer’s volume usage. Customer shall reasonably cooperate with Hyland with respect to its performance of such audit. Customer acknowledges and agrees that Customer is prohibited from publishing the results of any benchmark test using the Software to any third party without Hyland’s prior written approval, and that Customer has not relied on the future availability of any programs or services in entering into the Agreement.
1.10 AnyDoc. The optional AccuZip component of the OCR for AnyDoc and AnyDoc EXCHANGEit Software products contains material obtained under agreement from the United States Postal Service (USPS) and must be kept current via an update plan provided by Hyland to maintain Customer’s continued right to use. The USPS has contractually required Hyland to include “technology which automatically disables access to outdated [zip code] products.” This technology disables only the AccuZip component and is activated only if AccuZip is not updated on a regular and timely basis. Hyland regularly updates the zip code list as part of Maintenance and Support for the AccuZip module.
1.11 The Software may contain functionality that allows Customer to access, link or integrate the Software with Customer’s applications or applications or services provided by third parties. Hyland has no responsibility for such applications or services, websites or content and does not endorse any third party web sites, applications or services that may be linked or integrated through the Software; any activities engaged in by Customer with such third parties is solely between Customer and such third party.
2. SUBSCRIPTION FEES. Customer shall pay Subscription Fees to Hyland for the Software licensed hereunder in such amounts as are invoiced by Hyland; provided, that during the Initial Term of this Subscription Schedule, Customer shall pay Subscription Fees to Hyland for the initial Software licensed hereunder in accordance with the applicable Purchase Table Schedule. Following expiration of the Initial Term of this Subscription Schedule, Hyland may increase the Subscription Fees for the Software for any renewal period by up to ten percent (10%) of the previous year’s Subscription Fees. Hyland will invoice Customer on or after the Effective Date for Subscription Fees for the first year of the Initial Term. Such invoice shall be due and payable by Customer to Hyland in accordance with the General Terms Schedule. For any subsequent years, Hyland will invoice Customer for Subscription Fees at least sixty (60) days prior to the beginning of such year, and such invoices shall be due and payable by Customer to Hyland on or before the beginning of such year. In the event Customer licenses additional Software modules under the Agreement, Hyland will invoice Customer for Subscription Fees for such additional Software modules on a pro rata basis upon Hyland’s acceptance of the purchase order for such additional Software modules. Such invoice shall be due and payable by Customer to Hyland in accordance with the General Terms Schedule. Thereafter, Subscription Fees relating to such additional Software shall be included in the subsequent invoices issued with respect to the existing licensed Software.
3. ADD-ON SERVICES. If Customer subscribes to an Add-On Service, the fees for such Add-On Service will be invoiced on a periodic basis, in advance, and Customer shall pay such invoices in accordance with the General Terms Schedule. Some Add-On Services may be priced on a volume basis, for which Add-On Services fees may be invoiced in arrears based on the applicable volume usage. Add-On Services may be subject to an additional Schedule.
4. U.S. GOVERNMENT END USERS. To the extent applicable to Customer, the terms and conditions of the Agreement shall pertain to the U.S. Government’s use and/or disclosure of the Software and Add-On Services, and shall supersede any conflicting contractual terms or conditions. By accepting the terms of the Agreement and/or the Delivery of the Software and Add-On Services, the U.S. Government hereby agrees that the Software and Add-On Services qualify as “commercial” computer software within the meaning of ALL U.S. federal acquisition regulation(s) applicable to this procurement and that the Software and Add-On Services are developed exclusively at private expense. If this license fails to meet the U.S. Government’s needs or is inconsistent in any respect with Federal law, the U.S. Government agrees to return this Software and Add-On Services to Hyland. In addition to the foregoing, where DFARS is applicable, use, modification, reproduction, release, display, or disclosure of the Software and Add-On Services, or Documentation by the U.S. Government is subject solely to the terms of the Agreement, as stated in DFARS 227.7202, and the terms of the Agreement shall supersede any conflicting contractual term or conditions.
5. MAINTENANCE AND SUPPORT FOR SOFTWARE AND RETIRED SOFTWARE.
5.1 MAINTENANCE AND SUPPORT TERMS. Except with respect to Retired Software, Hyland will provide Maintenance and Support in accordance with the Maintenance and Support Prioritization Attachment.
(a) Technical Support Services. Hyland will provide telephone or online technical support related to problems reported by Customer and associated with the operation of any Software, including assistance and advice related to the operation of the Software. Technical Support Services are not available for Retired Software.
(b) Error Correction Services. With respect to any Errors in the Software which are reported by Customer and which are confirmed by Hyland, in the exercise of its reasonable judgment, Hyland will use its reasonable efforts to correct the Error, which may be effected by a reasonable workaround. Hyland shall promptly commence to confirm any reported Errors after receipt of a proper report of such suspected Error from Customer. Hyland may elect to correct the Error in the current available or in the next available commercially released version of the Software and the Resolution may require the Customer to implement an Upgrade and Enhancement to obtain the correction. Error Correction Services are not available for Retired Software.
(c) Reporting Policies and Procedures Applicable to Technical Support Services and Error Correction Services.
(1) Customer Reporting Requirements. In requesting Technical Support Services and Error Correction Services, Customer will submit such requests through Hyland’s secure end user website, the details of which will be separately provided to Customer. Once such request is submitted through the end user website, Customer may call for Level 1 or Level 2 Severity Levels (support numbers are available through Hyland’s secure end user website). In the case of reporting an Error, Customer will provide Hyland with as much information and access to systems as reasonably possible to enable Hyland to investigate and attempt to identify and verify the Error. Customer will work with Hyland support personnel during the problem isolation process, as reasonably needed. Customer will notify Hyland of any configuration changes, such as network installation/expansion, Software upgrades, relocations, etc.
(2) Hyland Response Procedures. Hyland shall respond to all Technical Support Services requests and Error Correction Services requests in accordance with the Maintenance and Support Prioritization Attachment. With respect to Errors: (a) Hyland will respond based on the confirmed severity level of an Error; (b) Hyland may reclassify Errors as it learns information about such Errors during the resolution process; and (c) Hyland’s obligation for a reported Error concludes upon delivery of a Resolution in accordance with the Maintenance and Support Prioritization Attachment.
(d) Upgrades and Enhancements. Hyland will provide, in accordance with Hyland’s then current policies, as set forth from time to time on Hyland’s secure end user web site (currently www.hyland.com/community), all Upgrades and Enhancements, if and when released during the term of this Subscription Schedule. Upgrades and Enhancements are not available for Retired Software.
5.2 EXCLUSIONS.
(a) Generally. Hyland is not responsible for providing, or obligated to provide, Maintenance and Support under the Agreement: (1) in connection with any Errors or problems that result in whole or in part from any alteration, revision, change, enhancement or modification of any nature of the Software, or from any error or defect in any configuration of the Software, which activities in any such case were undertaken by any party other than Hyland; (2) in connection with any Error if Hyland has previously provided corrections for such Error which Customer fails to implement; (3) in connection with any Errors or problems that have been caused by errors, defects, problems, alterations, revisions, changes, enhancements or modifications in the database, operating system, third party software (other than third party software embedded in the Software by Hyland), hardware or any system or networking utilized by Customer; (4) if the Software or related software or systems have been subjected to abuse, misuse, improper handling, accident or neglect; or (5) if any party other than Hyland, or an authorized subcontractor specifically selected by Hyland, has provided any services in the nature of Maintenance and Support to Customer with respect to the Software. Maintenance and Support does not include any services that Hyland may provide in connection with assisting or completing an upgrade of Software with any available Upgrade and Enhancement.
(b) Work Products. Maintenance and Support is not provided for any Work Products (as defined in the Professional Services Schedule); however, if Customer desires Maintenance and Support regarding the operation or use of such Work Products, Customer may request such Maintenance and Support and the parties may agree to enter into a Services Proposal for such Maintenance and Support in accordance with the terms of the Professional Services Schedule.
(c) Excluded Software and Hardware. This Subscription Schedule does not govern, and Hyland shall not be responsible for, the maintenance or support of any software other than Software, or for any hardware or equipment of any kind or nature, whether or not obtained by Customer from Hyland.
5.3 CERTAIN OTHER RESPONSIBILITIES OF CUSTOMER.
(a) Operation of the Software and Related Systems. Customer acknowledges and agrees that it is solely responsible for the operation, configuration, supervision, management and control of the Software and all related hardware and software (including the database software). Customer is solely responsible for: obtaining or providing training for its personnel; taking appropriate measures to isolate and backup or otherwise archive its computer systems, programs, data or files; and instituting appropriate security procedures and implementing reasonable procedures to examine and verify all output before use.
(b) Access to Premises and Systems. Customer shall make available reasonable access and use of Customer’s premises, and online access to Customer’s computer hardware, peripherals, Software and other software as Hyland deems necessary to diagnose and correct any Errors or to otherwise provide Maintenance and Support. Accordingly, Customer shall install and maintain means of communication and the appropriate communications software as mutually agreed upon by Hyland and Customer and an adequate connection with Hyland to facilitate Hyland’s on-line Maintenance and Support. Such right of access and use shall be provided at no cost or charge to Hyland.
5.4 PROFESSIONAL SERVICES FOR PROJECTS NOT COVERED BY TECHNICAL SUPPORT SERVICES OR ERROR CORRECTION SERVICES. If Customer requests Professional Services which are outside the scope of Technical Support Services or Error Correction Services, Customer agrees that such services shall not be covered by this Section 5 and such services only shall be engaged pursuant to a Services Proposal under an applicable Professional Services Schedule.
5.5 IMPLEMENTATION OF UPGRADES AND ENHANCEMENTS TO REGULATED PRODUCTS. Customer acknowledges and agrees that for regulatory compliance purposes, Customer may be required to engage Hyland under a Services Proposal to implement Upgrades and Enhancements to a regulated product. If Hyland offers a self-service option for implementing Upgrades and Enhancements to a regulated product, and the Customer chooses this option, Customer agrees to comply with the training, reporting, and documentation requirements established by Hyland to ensure that the implementation is performed and documented as required by applicable regulations.
6. LIMITED WARRANTY FOR SOFTWARE
6.1 Software Warranty. Hyland warrants to Customer that during the term of this Subscription Schedule the Software will function in all material respects as described in the Documentation. The terms of this warranty shall not apply to, and Hyland shall have no liability for any non-conformity related to, the Software if (a) any component of the Software has been modified, misused or abused by Customer or a third party, (b) any such non-conformity arises from or is related to problems within or impacting Customer's computing environment, including any Customer third party software applications, hardware, network or internet connectivity, (c) if the Software is used in combination with equipment or software other than that which is provided by Hyland or is consistent with the Documentation, or (d) to the extent the Software is Retired Software.
6.2 Remedy. Hyland’s sole obligation, and Customer's sole and exclusive remedy for any non-conformities to the express limited warranties under Section 6.1 shall be as follows: provided that Customer notifies Hyland in writing of the non-conformity, Hyland will either (a) correct the non-conforming component of the Software, which may include the delivery of a reasonable workaround for the non-conformity; or (b) if Hyland determines that correcting the non-conformity is not practicable, then terminate this Subscription Schedule with respect to the non-conforming component, in which event, upon compliance by Customer with its obligations under Section 8.2 of this Subscription Schedule, Hyland will provide a refund to Customer of the "unused portion of the prepaid Subscription Fees" (as defined below) paid by Customer and attributable to the non-conforming component. The "unused portion of prepaid Subscription Fees" shall mean an amount equal to the total Subscription Fees paid by Customer for the non-conforming portion of the Software for the then current term (or applicable twelve-month period within the Initial Term) during which such removal occurs, multiplied by a fraction, the numerator of which shall be the number of full calendar months remaining during the term (or applicable twelve-month period within the Initial Term) during which such removal occurs, and the denominator of which shall be twelve (12).
7. INFRINGEMENT INDEMNIFICATION.
7.1 Generally. Hyland agrees to indemnify Customer against all liability and expense, including reasonable attorneys’ fees, arising from or in connection with any third party claim, action or proceeding instituted against Customer based upon any infringement or misappropriation by the Software of any patent, registered copyright or registered trademark of a third party that is enforceable in the United States, provided that Hyland: (a) is notified immediately after Customer receives notice of such claim; (b) is solely in charge of the defense of and any settlement negotiations with respect to such claim, provided that Hyland will not settle any such claim without the prior written consent of Customer if such settlement contains a stipulation to or admission or acknowledgement of any liability or wrongdoing on the part of Customer or otherwise requires payment by Customer; (c) receives Customer’s reasonable cooperation in the defense or settlement of such claim; and (d) has the right, upon either the occurrence of or the likelihood (in the opinion of Hyland) of the occurrence of a finding of infringement or misappropriation, either to procure for Customer the right to continue use of the Software, or to replace the relevant portions of the Software or with other equivalent, non-infringing portions.
7.2 Removal and Refund. If Hyland is unable to accomplish either of the options set forth in Section 7.1(d), Hyland shall remove the infringing portion of the Software and refund to Customer the “unused portion of prepaid Subscription Fees” (as defined below) paid by Customer, with respect to the infringing portion of the Software. For these purposes, the “unused portion of the prepaid Subscription Fees” shall mean an amount equal to the total Subscription Fees paid by Customer for the infringing portion of the Software for the term (or applicable twelve-month period within the Initial Term) during which such removal occurs, multiplied by a fraction, the numerator of which shall be the number of full calendar months remaining during the term (or applicable twelve-month period within the Initial Term) during which such removal occurs, and the denominator of which shall be twelve (12).
7.3 Exclusions. Notwithstanding anything to the contrary, Hyland shall have no obligation to Customer to indemnify any claims made against Customer and otherwise described in Section 7.1 that arise from: (a) use of the Software by Customer other than as expressly permitted by the Agreement; (b) the combination of the Software with any product not furnished by Hyland to Customer; (c) the modification or addition to of the Software other than by Hyland or any of its authorized solution providers specifically retained by Hyland to provide such modification or addition; or (d) the Customer’s business methods or processes.
7.4 THIS SECTION 7 STATES HYLAND’S ENTIRE LIABILITY AND THE SOLE AND EXCLUSIVE REMEDY OF CUSTOMER WITH RESPECT TO ANY ALLEGED INFRINGEMENT OR MISAPPROPRIATION OF INTELLECTUAL PROPERTY OR PROPRIETARY PROPERTY BY THE SOFTWARE.
8. TERM; TERMINATION.
8.1 TERM. Subject to the termination provisions set forth in Section 1.2 of the General Terms Schedule, the initial term of this Subscription Schedule will be the Initial Term; and such term will automatically renew thereafter for successive terms of one (1) year each, unless and until either party provides at least thirty (30) days advance written notice of non-renewal, in which case this Subscription Schedule shall terminate at the end of the then current term.
8.2 Additional Effects or Consequences of Termination. In addition to Section 1.3 of the General Terms Schedule, upon any termination of this Subscription Schedule in its entirety, any license to use the Software will automatically terminate without other or further action on the part of any party; and Customer shall immediately: (a) discontinue any and all use of the Software and Documentation; and (b) either (1) return the Software and Documentation to Hyland, or (2) with the prior permission of Hyland, destroy the Software and Documentation and certify in writing to Hyland that Customer has completed such destruction.
Effective September 27th 2021 to March 14th 2022
DownloadTable of Contents
SOFTWARE LICENSE AND MAINTENANCE SCHEDULE- SUBSCRIPTION
(Subscription License for Software, includes Maintenance and Support)
This Software License and Maintenance Schedule – Subscription (the “Subscription Schedule”) forms a part of the Hyland Master Agreement or any other agreement between Customer and Hyland (the “Agreement”) which incorporates this Subscription Schedule by reference.
DEFINED TERMS:
All capitalized terms used in this Subscription Schedule shall have the meaning ascribed them in this Subscription Schedule or, if not defined in this Subscription Schedule, the General Terms Schedule. If any capitalized terms used herein are not defined in this Subscription Schedule or the General Terms Schedule, they shall have the meaning ascribed to them elsewhere in the Agreement.
“Delivery” means: (i) the electronic downloading of the Software onto Customer’s systems, (ii) the Software being made available by Hyland to Customer for electronic download onto Customer’s systems; or (iii) the delivery by Hyland to Customer of a Production Certificate for such Software module(s) by Hyland either shipping (physically or electronically) the Production Certificate to Customer or making the Production Certificate available for electronic download by Customer (including through one of Hyland’s authorized solution providers).
“Documentation” means: (1) to the extent available, the “Help Files” included in the Software, or (2) if no such “Help Files” are included in the Software, such other documentation published by Hyland, in each case, which relate to the functional, operational or performance characteristics of the Software.
“Error” means any defect or condition inherent in the Software which is reported by Customer in accordance with the Agreement and which is confirmed by Hyland, that causes the Software to fail to function in any material respect as described in the Documentation.
“Error Correction Services” means Hyland’s reasonable efforts to correct an Error, which may be effected by a reasonable workaround.
“Maintenance and Support” means for Software, (i) Error Correction Services; (ii) Technical Support Services; and (iii) the availability of Upgrades and Enhancements in accordance with this Subscription Schedule.
“Maintenance and Support Prioritization Attachment” is the document available at https://legal.hyland.com/Customer-Legal-Center#maintenance-and-support-prioritization-attachment.
“Production Certificate” means: license codes, a license certificate, or an IFM file issued by Hyland and necessary for Customer to activate Software for Customer’s production use.
“Resolution” means Hyland provides Customer with a reasonable workaround, correction, or modification that solves or mitigates a reported Error.
“Subscription Fees” means periodic fees for the licensing of Software licensed under this Subscription Schedule and for Maintenance and Support for such Software, and payable by Customer to Hyland.
“Retired Software” means, at any particular time during a maintenance period covered by this Subscription Schedule, any Software product or version of the Software licensed by Customer from Hyland under the Agreement which is identified as being retired on Hyland’s applicable secure end user web site. Hyland will specify on its end user web site Software modules or versions which become Retired Software. The effective date of such change will be twelve (12) months from the date Hyland initially posts the status change on its end user web site, and Customer will receive notice as a registered user of Hyland’s applicable secure end user web site.
“Technical Support Services” means telephone or online technical support related to problems reported by Customer and associated with the operation of any Software, including assistance and advice related to the operation of the Software.
“Upgrades and Enhancements” means any and all new versions, improvements, modifications, upgrades, updates, fixes and additions to Software that Hyland makes available to Customer or to Hyland’s end users generally during any maintenance period under this Subscription Schedule to correct Errors or deficiencies or enhance the capabilities of the Software, together with updates of the Documentation to reflect such new versions, improvements, modifications, upgrades, fixes or additions; provided, however, that the foregoing shall not include new, separate product offerings, new modules or re-platformed Software.
1. SOFTWARE LICENSE.
1.1 Grant of License. Subject to Customer’s payment in full of the Subscription Fees, and subject further to Customer’s compliance with the Agreement, Hyland grants to Customer a revocable, non-exclusive, non-assignable (except as provided in the General Terms Schedule), limited license to the Software, in machine-readable object code form only and associated Documentation; in each case solely for use:
(a) by Customer internally, and only for storing, processing and accessing Customer’s own data; and
(b) subject to Section 1.7 below, by a third party contractor retained by Customer as a provider of services to Customer (“Contractor”), but only by the Contractor for capturing, storing, processing and accessing Customer’s own data in fulfillment of the Contractor’s contractual obligations as a service provider to Customer.
The Software and associated Documentation are licensed for use by a single organization and may not be used for processing of third-party data as a service bureau, application service provider or otherwise. Customer shall not make any use of the Software or associated Documentation in any manner not expressly permitted by the Agreement. Software subject to a regulatory control may only be installed in the country identified as the end user location in the purchase order. The Software may be located and hosted on computer servers owned and controlled by a third party. Such third party hosting provider shall be considered a Contractor, and subject to the requirements of Section 1.7 below
1.2 Use Restriction. Each module of the Software is licensed for a specific type of use, such as concurrently or on a specified workstation or by a specified individual and the Software may control such use. Software products that are volume-based may: (i) no longer function if applicable volume limits have been exceeded; (ii) require Customer to pay additional fees based on Customer’s volume usage; and/or (iii) include functionality which monitors or tracks Customer usage and reports that usage. Customer acknowledges and agrees that additional fees may apply based on Customer's volume usage. Customer may not circumvent or attempt to circumvent this restriction by any means, including but not limited to changing the computer calendars. Use of software or hardware that reduces the number of users directly accessing or utilizing the Software (sometimes called “multiplexing” or “pooling” software or hardware) does not reduce the number of Software licenses required. The required number of Software licenses would equal the number of distinct inputs to the multiplexing or pooling software or hardware. Customer is prohibited from using any software other than the Software Client modules or a Software application programming interface (API) to access the Software or any data stored in the Software database for any purpose other than generating reports or statistics regarding system utilization, unless Hyland has given its prior written consent to Customer’s use of such other software and Customer has paid to Hyland the Subscription Fees with respect to such access. Customer further agrees that the Software shall not be copied and installed on additional servers unless Customer has purchased a license therefore, and the number of users of the Software shall not exceed the number of users permitted by the Software Client licenses purchased by Customer.
1.3 Production and Test Systems. Customer shall be entitled to use one (1) production copy of the Software licensed and one (1) additional copy of the production environment licensed Software for customary remote disaster recovery purposes which may not be used as a production system concurrently with the operation of any other copy of the Software in a production environment. In addition, Customer shall also be entitled to license a reasonable number of additional copies of the production environment licensed Software to be used exclusively in a non-production environment and solely for the purposes of experimenting and testing the Software, developing integrations between the Software and other applications that integrate to the Software solely using integration modules of the Software licensed by Customer under the Agreement, and training Customer’s employees on the Software (“Test Systems”). Customer may be required to provide to Hyland certain information relating to Customer’s intended use of such Test Systems such as the manufacturer, model number, serial number and installation site. Hyland reserves the right to further define the permitted use(s) and/or restrict the use(s) of the Test Systems. Customer’s sole recourse in the event of any dissatisfaction with any Software in any non-production system is to stop using such Software and return it to Hyland, provided that, to the extent that Customer is using the Test System for the purposes of testing an Upgrade or Enhancement of the Software prior to implementing the same in Customer’s production environment, then Customer may contact Hyland for the provision of Maintenance and Support as described in this Subscription Schedule. Customer shall not make any copies of the Software not specifically authorized by this Section 1.3.
1.4 Evaluation Software. From time to time Customer may elect to evaluate certain Software modules (“Evaluation Software”) for the purpose of determining whether or not to purchase a production license of such Evaluation Software. Evaluation Software is licensed for Customer’s use in a non-production environment. Notwithstanding anything to the contrary, as to any Evaluation Software, the Agreement and the limited license granted hereby will terminate on the earliest of: (a) last day of the evaluation period specified in the accepted purchase order delivered for such Evaluation Software; or (b) immediately upon the delivery of written notice to such effect by Hyland to Customer. Upon expiration or other termination of such period, Customer immediately shall either (y) discontinue any and all of use of the Evaluation Software and related Documentation and remove the Evaluation Software; or (z) deliver a purchase order for purchase of such Evaluation Software.
1.5 Third Party Licenses. The Software may be bundled with software owned by third parties, including but not limited to those manufacturers listed in the Help About screen of the Software. Such third party software is licensed solely for use within the Software and is not to be used on a stand-alone basis. Notwithstanding the above, Customer acknowledges that, depending on the modules licensed, the Software may include open source software governed by an open source license, in which case the open source license (a copy of which is provided in the Software) may grant you additional rights to such open source software. Additionally, in the case of such software to be downloaded and installed on a mobile device, if such software will be downloaded from the application market or store maintained by the manufacturer of the mobile device, then use of such software will be governed by the license terms for the software included at the applicable application store or market or presented to Customer or Customer’s user in the software, and the Agreement will not govern such use.
1.6 Integration Code. If applicable, Software also includes all adapters or connectors created by Hyland and provided to you by Hyland as part of an integration between the Software and a third party line of business application (“Integration Code”). Software also includes any desktop host or other content services software provided by Hyland and downloaded on a user's computer used to extend functionality in Hyland's products. Such Integration Code and desktop host may only be used in combination with other Software and in accordance with the terms of the Agreement.
1.7 Contractor Use Agreement. Customer agrees that if it desires to allow a Contractor to do any of the following:
(a) make use of the Software configuration tools, Software administrative tools or any of the Software’s application programming interfaces (“APIs”);
(b) make use of any training materials or attend any training courses, either online or in person, in either case related to the Software; or
(c) access any of Hyland’s secure websites (including, but not limited to, users.onbase.com, teamonbase.com, training.onbase.com, demo.onbase.com, and Hyland.com/Community), either through Contractor’s use of Customer’s own log-in credentials or through credentials received directly or indirectly by Contractor;
then, Customer must cause such Contractor to execute a use agreement in a form available for download at Hyland’s Community website (“Contractor Use Agreement”). Customer understands and agrees that: (x) Customer may not allow a Contractor to do any of the foregoing if such Contractor has not signed a Contractor Use Agreement, and (y) Contractors may use the Software only in compliance with the terms of the Agreement, and (z) Customer is responsible for such compliance by all Contractors that do not execute a Contractor Use Agreement. Customer agrees that it shall indemnify Hyland from and against all claims, liabilities, losses, damages and costs, including, but not limited to, reasonable attorneys’ fees and court costs, which are suffered or incurred by Hyland and arise from or in connection with the breach or noncompliance with the terms of the Agreement by any Contractor that does not sign a Contractor Use Agreement.
1.8 No High Risk Use. The Software is not fault-tolerant and is not guaranteed to be error free or to operate uninterrupted. The Software is not designed or intended for use in any situation where failure or fault of any kind of the Software could lead to death or serious bodily injury to any person, or to severe physical or environmental damage (“High Risk Use”). Customer is not licensed to use the Software in, or in conjunction with, High Risk Use. High Risk Use is STRICTLY PROHIBITED. High Risk Use includes, for example, the following: aircraft or other modes of human mass transportation, nuclear or chemical facilities, life support systems, implantable medical equipment, motor vehicles, or weaponry systems. High Risk Use does not include utilization of the Software for administrative purposes, as an information resource for medical professionals, to store configuration data, engineering and/or configuration tools, or other non-control applications, the failure of which would not result in death, personal injury, or severe physical or environmental damage. These non- controlling applications may communicate with the applications that perform the control, but must not be directly or indirectly responsible for the control function. Customer agrees not to use, distribute or sublicense the use of the Software in, or in connection with, any High Risk Use." Customer agrees to indemnify and hold harmless Hyland from any third-party claim arising out of Customer’s use of the Software in connection with any High Risk Use.
1.9 Audit Rights. Upon reasonable notice to Customer, Hyland shall be permitted access to audit Customer’s use of the Software solely in order to determine Customer’s compliance with the licensing and pricing terms the Agreement, including, where applicable, to measure Customer’s volume usage. Additionally, if requested by Hyland in connection with Software licensed on a volume basis, Customer shall provide reports that show Customer’s volume usage. Customer shall reasonably cooperate with Hyland with respect to its performance of such audit. Customer acknowledges and agrees that Customer is prohibited from publishing the results of any benchmark test using the Software to any third party without Hyland’s prior written approval, and that Customer has not relied on the future availability of any programs or services in entering into the Agreement.
1.10 AnyDoc. The optional AccuZip component of the OCR for AnyDoc and AnyDoc EXCHANGEit Software products contains material obtained under agreement from the United States Postal Service (USPS) and must be kept current via an update plan provided by Hyland to maintain Customer’s continued right to use. The USPS has contractually required Hyland to include “technology which automatically disables access to outdated [zip code] products.” This technology disables only the AccuZip component and is activated only if AccuZip is not updated on a regular and timely basis. Hyland regularly updates the zip code list as part of Maintenance and Support for the AccuZip module.
1.11 The Software may contain functionality that allows Customer to access, link or integrate the Software with Customer’s applications or applications or services provided by third parties. Hyland has no responsibility for such applications or services, websites or content and does not endorse any third party web sites, applications or services that may be linked or integrated through the Software; any activities engaged in by Customer with such third parties is solely between Customer and such third party.
2. SUBSCRIPTION FEES. Customer shall pay Subscription Fees to Hyland for the Software licensed hereunder in such amounts as are invoiced by Hyland; provided, that during the Initial Term of this Subscription Schedule, Customer shall pay Subscription Fees to Hyland for the initial Software licensed hereunder in accordance with the applicable Purchase Table Schedule. Following expiration of the Initial Term of this Subscription Schedule, Hyland may increase the Subscription Fees for the Software for any renewal period by up to ten percent (10%) of the previous year’s Subscription Fees. Hyland will invoice Customer on or after the Effective Date for Subscription Fees for the first year of the Initial Term. Such invoice shall be due and payable by Customer to Hyland in accordance with the General Terms Schedule. For any subsequent years, Hyland will invoice Customer for Subscription Fees at least sixty (60) days prior to the beginning of such year, and such invoices shall be due and payable by Customer to Hyland on or before the beginning of such year. In the event Customer licenses additional Software modules under the Agreement, Hyland will invoice Customer for Subscription Fees for such additional Software modules on a pro rata basis upon Hyland’s acceptance of the purchase order for such additional Software modules. Such invoice shall be due and payable by Customer to Hyland in accordance with the General Terms Schedule. Thereafter, Subscription Fees relating to such additional Software shall be included in the subsequent invoices issued with respect to the existing licensed Software.
3. ADD-ON SERVICES. If Customer subscribes to an Add-On Service, the fees for such Add-On Service will be invoiced on a periodic basis, in advance, and Customer shall pay such invoices in accordance with the General Terms Schedule. Some Add-On Services may be priced on a volume basis, for which Add-On Services fees may be invoiced in arrears based on the applicable volume usage. Add-On Services may be subject to an additional Schedule.
4. U.S. GOVERNMENT END USERS. To the extent applicable to Customer, the terms and conditions of the Agreement shall pertain to the U.S. Government’s use and/or disclosure of the Software and Add-On Services, and shall supersede any conflicting contractual terms or conditions. By accepting the terms of the Agreement and/or the Delivery of the Software and Add-On Services, the U.S. Government hereby agrees that the Software and Add-On Services qualify as “commercial” computer software within the meaning of ALL U.S. federal acquisition regulation(s) applicable to this procurement and that the Software and Add-On Services are developed exclusively at private expense. If this license fails to meet the U.S. Government’s needs or is inconsistent in any respect with Federal law, the U.S. Government agrees to return this Software and Add-On Services to Hyland. In addition to the foregoing, where DFARS is applicable, use, modification, reproduction, release, display, or disclosure of the Software and Add-On Services, or Documentation by the U.S. Government is subject solely to the terms of the Agreement, as stated in DFARS 227.7202, and the terms of the Agreement shall supersede any conflicting contractual term or conditions.
5. MAINTENANCE AND SUPPORT FOR SOFTWARE AND RETIRED SOFTWARE.
5.1 MAINTENANCE AND SUPPORT TERMS. Except with respect to Retired Software, Hyland will provide Maintenance and Support in accordance with the Maintenance and Support Prioritization Attachment.
(a) Technical Support Services. Hyland will provide telephone or online technical support related to problems reported by Customer and associated with the operation of any Software, including assistance and advice related to the operation of the Software. Technical Support Services are not available for Retired Software.
(b) Error Correction Services. With respect to any Errors in the Software which are reported by Customer and which are confirmed by Hyland, in the exercise of its reasonable judgment, Hyland will use its reasonable efforts to correct the Error, which may be effected by a reasonable workaround. Hyland shall promptly commence to confirm any reported Errors after receipt of a proper report of such suspected Error from Customer. Hyland may elect to correct the Error in the current available or in the next available commercially released version of the Software and the Resolution may require the Customer to implement an Upgrade and Enhancement to obtain the correction. Error Correction Services are not available for Retired Software.
(c) Reporting Policies and Procedures Applicable to Technical Support Services and Error Correction Services.
(1) Customer Reporting Requirements. In requesting Technical Support Services and Error Correction Services, Customer will submit such requests through Hyland’s secure end user website, the details of which will be separately provided to Customer. Once such request is submitted through the end user website, Customer may call for Level 1 or Level 2 Severity Levels (support numbers are available through Hyland’s secure end user website). In the case of reporting an Error, Customer will provide Hyland with as much information and access to systems as reasonably possible to enable Hyland to investigate and attempt to identify and verify the Error. Customer will work with Hyland support personnel during the problem isolation process, as reasonably needed. Customer will notify Hyland of any configuration changes, such as network installation/expansion, Software upgrades, relocations, etc.
(2) Hyland Response Procedures. Hyland shall respond to all Technical Support Services requests and Error Correction Services requests in accordance with the Maintenance and Support Prioritization Attachment. With respect to Errors: (a) Hyland will respond based on the confirmed severity level of an Error; (b) Hyland may reclassify Errors as it learns information about such Errors during the resolution process; and (c) Hyland’s obligation for a reported Error concludes upon delivery of a Resolution in accordance with the Maintenance and Support Prioritization Attachment.
(d) Upgrades and Enhancements. Hyland will provide, in accordance with Hyland’s then current policies, as set forth from time to time on Hyland’s secure end user web site (currently www.hyland.com/community), all Upgrades and Enhancements, if and when released during the term of this Subscription Schedule. Upgrades and Enhancements are not available for Retired Software.
5.2 EXCLUSIONS.
(a) Generally. Hyland is not responsible for providing, or obligated to provide, Maintenance and Support under the Agreement: (1) in connection with any Errors or problems that result in whole or in part from any alteration, revision, change, enhancement or modification of any nature of the Software, or from any error or defect in any configuration of the Software, which activities in any such case were undertaken by any party other than Hyland; (2) in connection with any Error if Hyland has previously provided corrections for such Error which Customer fails to implement; (3) in connection with any Errors or problems that have been caused by errors, defects, problems, alterations, revisions, changes, enhancements or modifications in the database, operating system, third party software (other than third party software embedded in the Software by Hyland), hardware or any system or networking utilized by Customer; (4) if the Software or related software or systems have been subjected to abuse, misuse, improper handling, accident or neglect; or (5) if any party other than Hyland, or an authorized subcontractor specifically selected by Hyland, has provided any services in the nature of Maintenance and Support to Customer with respect to the Software. Maintenance and Support does not include any services that Hyland may provide in connection with assisting or completing an upgrade of Software with any available Upgrade and Enhancement.
(b) Work Products. Maintenance and Support is not provided for any Work Products (as defined in the Professional Services Schedule); however, if Customer desires Maintenance and Support regarding the operation or use of such Work Products, Customer may request such Maintenance and Support and the parties may agree to enter into a Services Proposal for such Maintenance and Support in accordance with the terms of the Professional Services Schedule.
(c) Excluded Software and Hardware. This Subscription Schedule does not govern, and Hyland shall not be responsible for, the maintenance or support of any software other than Software, or for any hardware or equipment of any kind or nature, whether or not obtained by Customer from Hyland.
5.3 CERTAIN OTHER RESPONSIBILITIES OF CUSTOMER.
(a) Operation of the Software and Related Systems. Customer acknowledges and agrees that it is solely responsible for the operation, configuration, supervision, management and control of the Software and all related hardware and software (including the database software). Customer is solely responsible for: obtaining or providing training for its personnel; taking appropriate measures to isolate and backup or otherwise archive its computer systems, programs, data or files; and instituting appropriate security procedures and implementing reasonable procedures to examine and verify all output before use.
(b) Access to Premises and Systems. Customer shall make available reasonable access and use of Customer’s premises, and online access to Customer’s computer hardware, peripherals, Software and other software as Hyland deems necessary to diagnose and correct any Errors or to otherwise provide Maintenance and Support. Accordingly, Customer shall install and maintain means of communication and the appropriate communications software as mutually agreed upon by Hyland and Customer and an adequate connection with Hyland to facilitate Hyland’s on-line Maintenance and Support. Such right of access and use shall be provided at no cost or charge to Hyland.
5.4 PROFESSIONAL SERVICES FOR PROJECTS NOT COVERED BY TECHNICAL SUPPORT SERVICES OR ERROR CORRECTION SERVICES. If Customer requests Professional Services which are outside the scope of Technical Support Services or Error Correction Services, Customer agrees that such services shall not be covered by this Section 5 and such services only shall be engaged pursuant to a Services Proposal under an applicable Professional Services Schedule.
5.5 IMPLEMENTATION OF UPGRADES AND ENHANCEMENTS TO REGULATED PRODUCTS. Customer acknowledges and agrees that for regulatory compliance purposes, Customer may be required to engage Hyland under a Services Proposal to implement Upgrades and Enhancements to a regulated product. If Hyland offers a self-service option for implementing Upgrades and Enhancements to a regulated product, and the Customer chooses this option, Customer agrees to comply with the training, reporting, and documentation requirements established by Hyland to ensure that the implementation is performed and documented as required by applicable regulations.
6. LIMITED WARRANTY FOR SOFTWARE
6.1 Software Warranty. Hyland warrants to Customer that during the term of this Subscription Schedule the Software will function in all material respects as described in the Documentation. The terms of this warranty shall not apply to, and Hyland shall have no liability for any non-conformity related to, the Software if (a) any component of the Software has been modified, misused or abused by Customer or a third party, (b) any such non-conformity arises from or is related to problems within or impacting Customer's computing environment, including any Customer third party software applications, hardware, network or internet connectivity, (c) if the Software is used in combination with equipment or software other than that which is provided by Hyland or is consistent with the Documentation, or (d) to the extent the Software is Retired Software.
6.2 Remedy. Hyland’s sole and exclusive remedy for any non-conformities to the express limited warranties under Section 6.1 shall be as follows: provided that Customer notifies Hyland in writing of the non-conformity, Hyland will either (a) correct the non-conforming component of the Software, which may include the delivery of a reasonable workaround for the non-conformity; or (b) if Hyland determines that correcting the non-conformity is not practicable, then terminate this Subscription Schedule with respect to the non-conforming component, in which event, upon compliance by Customer with its obligations under Section 8.2 of this Subscription Schedule, Hyland will provide a refund to Customer of the "unused portion of the prepaid Subscription Fees" (as defined below) paid by Customer and attributable to the non-conforming component. The "unused portion of prepaid Subscription Fees" shall mean an amount equal to the total Subscription Fees paid by Customer for the non-conforming portion of the Software for the then current term (or applicable twelve-month period within the Initial Term) during which such removal occurs, multiplied by a fraction, the numerator of which shall be the number of full calendar months remaining during the term (or applicable twelve-month period within the Initial Term) during which such removal occurs, and the denominator of which shall be twelve (12).
7. INFRINGEMENT INDEMNIFICATION.
7.1 Generally. Hyland agrees to indemnify Customer against all liability and expense, including reasonable attorneys’ fees, arising from or in connection with any third party claim, action or proceeding instituted against Customer based upon any infringement or misappropriation by the Software of any patent, registered copyright or registered trademark of a third party that is enforceable in the United States, provided that Hyland: (a) is notified immediately after Customer receives notice of such claim; (b) is solely in charge of the defense of and any settlement negotiations with respect to such claim, provided that Hyland will not settle any such claim without the prior written consent of Customer if such settlement contains a stipulation to or admission or acknowledgement of any liability or wrongdoing on the part of Customer or otherwise requires payment by Customer; (c) receives Customer’s reasonable cooperation in the defense or settlement of such claim; and (d) has the right, upon either the occurrence of or the likelihood (in the opinion of Hyland) of the occurrence of a finding of infringement or misappropriation, either to procure for Customer the right to continue use of the Software, or to replace the relevant portions of the Software or with other equivalent, non-infringing portions.
7.2 Removal and Refund. If Hyland is unable to accomplish either of the options set forth in Section 7.1(d), Hyland shall remove the infringing portion of the Software and refund to Customer the “unused portion of prepaid Subscription Fees” (as defined below) paid by Customer, with respect to the infringing portion of the Software. For these purposes, the “unused portion of the prepaid Subscription Fees” shall mean an amount equal to the total Subscription Fees paid by Customer for the infringing portion of the Software for the term (or applicable twelve-month period within the Initial Term) during which such removal occurs, multiplied by a fraction, the numerator of which shall be the number of full calendar months remaining during the term (or applicable twelve-month period within the Initial Term) during which such removal occurs, and the denominator of which shall be twelve (12).
7.3 Exclusions. Notwithstanding anything to the contrary, Hyland shall have no obligation to Customer to indemnify any claims made against Customer and otherwise described in Section 7.1 that arise from: (a) use of the Software by Customer other than as expressly permitted by the Agreement; (b) the combination of the Software with any product not furnished by Hyland to Customer; (c) the modification or addition to of the Software other than by Hyland or any of its authorized solution providers specifically retained by Hyland to provide such modification or addition; or (d) the Customer’s business methods or processes.
7.4 THIS SECTION 7 STATES HYLAND’S ENTIRE LIABILITY AND THE SOLE AND EXCLUSIVE REMEDY OF CUSTOMER WITH RESPECT TO ANY ALLEGED INFRINGEMENT OR MISAPPROPRIATION OF INTELLECTUAL PROPERTY OR PROPRIETARY PROPERTY BY THE SOFTWARE.
8. TERM; TERMINATION.
8.1 TERM. Subject to the termination provisions set forth in Section 1.2 of the General Terms Schedule, the initial term of this Subscription Schedule will be the Initial Term; and such term will automatically renew thereafter for successive terms of one (1) year each, unless and until either party provides at least thirty (30) days advance written notice of non-renewal, in which case this Subscription Schedule shall terminate at the end of the then current term.
8.2 Additional Effects or Consequences of Termination. In addition to Section 1.3 of the General Terms Schedule, upon any termination of this Subscription Schedule in its entirety, any license to use the Software will automatically terminate without other or further action on the part of any party; and Customer shall immediately: (a) discontinue any and all use of the Software and Documentation; and (b) either (1) return the Software and Documentation to Hyland, or (2) with the prior permission of Hyland, destroy the Software and Documentation and certify in writing to Hyland that Customer has completed such destruction.
Effective May 17th 2021 to September 27th 2021
DownloadTable of Contents
SOFTWARE LICENSE AND MAINTENANCE SCHEDULE- SUBSCRIPTION
(Subscription License for Software, includes Maintenance and Support)
This Software License and Maintenance Schedule – Subscription (the “Subscription Schedule”) forms a part of the Hyland Master Agreement or any other agreement between Customer and Hyland (the “Agreement”) which incorporates this Subscription Schedule by reference.
DEFINED TERMS:
All capitalized terms used in this Subscription Schedule shall have the meaning ascribed them in this Subscription Schedule or, if not defined in this Subscription Schedule, the General Terms Schedule. If any capitalized terms used herein are not defined in this Subscription Schedule or the General Terms Schedule, they shall have the meaning ascribed to them elsewhere in the Agreement.
“Delivery” means: (i) the electronic downloading of the Software onto Customer’s systems, (ii) the Software being made available by Hyland to Customer for electronic download onto Customer’s systems; or (iii) the delivery by Hyland to Customer of a Production Certificate for such Software module(s) by Hyland either shipping (physically or electronically) the Production Certificate to Customer or making the Production Certificate available for electronic download by Customer (including through one of Hyland’s authorized solution providers).
“Documentation” means: (1) to the extent available, the “Help Files” included in the Software, or (2) if no such “Help Files” are included in the Software, such other documentation published by Hyland, in each case, which relate to the functional, operational or performance characteristics of the Software.
“Error” means any defect or condition inherent in the Software which is reported by Customer in accordance with the Agreement and which is confirmed by Hyland, that causes the Software to fail to function in any material respect as described in the Documentation.
“Error Correction Services” means Hyland’s reasonable efforts to correct an Error, which may be effected by a reasonable workaround.
“Maintenance and Support” means for Software, (i) Error Correction Services; (ii) Technical Support Services; and (iii) the availability of Upgrades and Enhancements in accordance with this Subscription Schedule.
“Maintenance and Support Prioritization Attachment” is the document available at https://legal.hyland.com/Customer-Legal-Center#maintenance-and-support-prioritization-attachment.
“Production Certificate” means: license codes, a license certificate, or an IFM file issued by Hyland and necessary for Customer to activate Software for Customer’s production use.
“Resolution” means Hyland provides Customer with a reasonable workaround, correction, or modification that solves or mitigates a reported Error.
“Subscription Fees” means periodic fees for the licensing of Software licensed under this Subscription Schedule and for Maintenance and Support for such Software, and payable by Customer to Hyland.
“Retired Software” means, at any particular time during a maintenance period covered by this Subscription Schedule, any Software product or version of the Software licensed by Customer from Hyland under the Agreement which is identified as being retired on Hyland’s applicable secure end user web site. Hyland will specify on its end user web site Software modules or versions which become Retired Software. The effective date of such change will be twelve (12) months from the date Hyland initially posts the status change on its end user web site, and Customer will receive notice as a registered user of Hyland’s applicable secure end user web site.
“Technical Support Services” means telephone or online technical support related to problems reported by Customer and associated with the operation of any Software, including assistance and advice related to the operation of the Software.
“Upgrades and Enhancements” means any and all new versions, improvements, modifications, upgrades, updates, fixes and additions to Software that Hyland makes available to Customer or to Hyland’s end users generally during any maintenance period under this Subscription Schedule to correct Errors or deficiencies or enhance the capabilities of the Software, together with updates of the Documentation to reflect such new versions, improvements, modifications, upgrades, fixes or additions; provided, however, that the foregoing shall not include new, separate product offerings, new modules or re-platformed Software.
1. SOFTWARE LICENSE.
1.1 Grant of License. Subject to Customer’s payment in full of the Subscription Fees, and subject further to Customer’s compliance with the Agreement, Hyland grants to Customer a revocable, non-exclusive, non-assignable (except as provided in the General Terms), limited license to the Software, in machine-readable object code form only and associated Documentation; in each case solely for use:
(a) by Customer internally, and only for storing, processing and accessing Customer’s own data; and
(b) subject to Section 1.7 below, by a third party contractor retained by Customer as a provider of services to Customer (“Contractor”), but only by the Contractor for capturing, storing, processing and accessing Customer’s own data in fulfillment of the Contractor’s contractual obligations as a service provider to Customer.
The Software and associated Documentation are licensed for use by a single organization and may not be used for processing of third-party data as a service bureau, application service provider or otherwise. Customer shall not make any use of the Software or associated Documentation in any manner not expressly permitted by the Agreement. Software subject to a regulatory control may only be installed in the country identified as the end user location in the purchase order. The Software may be located and hosted on computer servers owned and controlled by a third party. Such third party hosting provider shall be considered a Contractor, and subject to the requirements of Section 1.7 below
1.2 Use Restriction. Each module of the Software is licensed for a specific type of use, such as concurrently or on a specified workstation or by a specified individual and the Software may control such use. Software products that are volume-based may: (i) no longer function if applicable volume limits have been exceeded; (ii) require Customer to pay additional fees based on Customer’s volume usage; and/or (iii) include functionality which monitors or tracks Customer usage and reports that usage. Customer acknowledges and agrees that additional fees may apply based on Customer's volume usage. Customer may not circumvent or attempt to circumvent this restriction by any means, including but not limited to changing the computer calendars. Use of software or hardware that reduces the number of users directly accessing or utilizing the Software (sometimes called “multiplexing” or “pooling” software or hardware) does not reduce the number of Software licenses required. The required number of Software licenses would equal the number of distinct inputs to the multiplexing or pooling software or hardware. Customer is prohibited from using any software other than the Software Client modules or a Software application programming interface (API) to access the Software or any data stored in the Software database for any purpose other than generating reports or statistics regarding system utilization, unless Hyland has given its prior written consent to Customer’s use of such other software and Customer has paid to Hyland the Subscription Fees with respect to such access. Customer further agrees that the Software shall not be copied and installed on additional servers unless Customer has purchased a license therefore, and the number of users of the Software shall not exceed the number of users permitted by the Software Client licenses purchased by Customer.
1.3 Production and Test Systems. Customer shall be entitled to use one (1) production copy of the Software licensed and one (1) additional copy of the production environment licensed Software for customary remote disaster recovery purposes which may not be used as a production system concurrently with the operation of any other copy of the Software in a production environment. In addition, Customer shall also be entitled to license a reasonable number of additional copies of the production environment licensed Software to be used exclusively in a non-production environment and solely for the purposes of experimenting and testing the Software, developing integrations between the Software and other applications that integrate to the Software solely using integration modules of the Software licensed by Customer under the Agreement, and training Customer’s employees on the Software (“Test Systems”). Customer may be required to provide to Hyland certain information relating to Customer’s intended use of such Test Systems such as the manufacturer, model number, serial number and installation site. Hyland reserves the right to further define the permitted use(s) and/or restrict the use(s) of the Test Systems. Customer’s sole recourse in the event of any dissatisfaction with any Software in any non-production system is to stop using such Software and return it to Hyland, provided that, to the extent that Customer is using the Test System for the purposes of testing an Upgrade or Enhancement of the Software prior to implementing the same in Customer’s production environment, then Customer may contact Hyland for the provision of Maintenance and Support as described in this Subscription Schedule. Customer shall not make any copies of the Software not specifically authorized by this Section 1.3.
1.4 Evaluation Software. From time to time Customer may elect to evaluate certain Software modules (“Evaluation Software”) for the purpose of determining whether or not to purchase a production license of such Evaluation Software. Evaluation Software is licensed for Customer’s use in a non-production environment. Notwithstanding anything to the contrary, as to any Evaluation Software, the Agreement and the limited license granted hereby will terminate on the earliest of: (a) last day of the evaluation period specified in the accepted purchase order delivered for such Evaluation Software; or (b) immediately upon the delivery of written notice to such effect by Hyland to Customer. Upon expiration or other termination of such period, Customer immediately shall either (y) discontinue any and all of use of the Evaluation Software and related Documentation and remove the Evaluation Software; or (z) deliver a purchase order for purchase of such Evaluation Software.
1.5 Third Party Licenses. The Software may be bundled with software owned by third parties, including but not limited to those manufacturers listed in the Help About screen of the Software. Such third party software is licensed solely for use within the Software and is not to be used on a stand-alone basis. Notwithstanding the above, Customer acknowledges that, depending on the modules licensed, the Software may include open source software governed by an open source license, in which case the open source license (a copy of which is provided in the Software) may grant you additional rights to such open source software. Additionally, in the case of such software to be downloaded and installed on a mobile device, if such software will be downloaded from the application market or store maintained by the manufacturer of the mobile device, then use of such software will be governed by the license terms for the software included at the applicable application store or market or presented to Customer or Customer’s user in the software, and the Agreement will not govern such use.
1.6 Integration Code. If applicable, Software also includes all adapters or connectors created by Hyland and provided to you by Hyland as part of an integration between the Software and a third party line of business application (“Integration Code”). Software also includes any desktop host or other content services software provided by Hyland and downloaded on a user's computer used to extend functionality in Hyland's products. Such Integration Code and desktop host may only be used in combination with other Software and in accordance with the terms of the Agreement.
1.7 Contractor Use Agreement. Customer agrees that if it desires to allow a Contractor to do any of the following:
(a) make use of the Software configuration tools, Software administrative tools or any of the Software’s application programming interfaces (“APIs”);
(b) make use of any training materials or attend any training courses, either online or in person, in either case related to the Software; or
(c) access any of Hyland’s secure websites (including, but not limited to, users.onbase.com, teamonbase.com, training.onbase.com, demo.onbase.com, and Hyland.com/Community), either through Contractor’s use of Customer’s own log-in credentials or through credentials received directly or indirectly by Contractor;
then, Customer must cause such Contractor to execute a use agreement in a form available for download at Hyland’s Community website (“Contractor Use Agreement”). Customer understands and agrees that: (x) Customer may not allow a Contractor to do any of the foregoing if such Contractor has not signed a Contractor Use Agreement, and (y) Contractors may use the Software only in compliance with the terms of the Agreement, and (z) Customer is responsible for such compliance by all Contractors that do not execute a Contractor Use Agreement. Customer agrees that it shall indemnify Hyland from and against all claims, liabilities, losses, damages and costs, including, but not limited to, reasonable attorneys’ fees and court costs, which are suffered or incurred by Hyland and arise from or in connection with the breach or noncompliance with the terms of the Agreement by any Contractor that does not sign a Contractor Use Agreement.
1.8 No High Risk Use. The Software is not fault-tolerant and is not guaranteed to be error free or to operate uninterrupted. The Software is not designed or intended for use in any situation where failure or fault of any kind of the Software could lead to death or serious bodily injury to any person, or to severe physical or environmental damage (“High Risk Use”). Customer is not licensed to use the Software in, or in conjunction with, High Risk Use. High Risk Use is STRICTLY PROHIBITED. High Risk Use includes, for example, the following: aircraft or other modes of human mass transportation, nuclear or chemical facilities, life support systems, implantable medical equipment, motor vehicles, or weaponry systems. High Risk Use does not include utilization of the Software for administrative purposes, as an information resource for medical professionals, to store configuration data, engineering and/or configuration tools, or other non-control applications, the failure of which would not result in death, personal injury, or severe physical or environmental damage. These non- controlling applications may communicate with the applications that perform the control, but must not be directly or indirectly responsible for the control function. Customer agrees not to use, distribute or sublicense the use of the Software in, or in connection with, any High Risk Use." Customer agrees to indemnify and hold harmless Hyland from any third-party claim arising out of Customer’s use of the Software in connection with any High Risk Use.
1.9 Audit Rights. Upon reasonable notice to Customer, Hyland shall be permitted access to audit Customer’s use of the Software solely in order to determine Customer’s compliance with the licensing and pricing terms the Agreement, including, where applicable, to measure Customer’s volume usage. Additionally, if requested by Hyland in connection with Software licensed on a volume basis, Customer shall provide reports that show Customer’s volume usage. Customer shall reasonably cooperate with Hyland with respect to its performance of such audit. Customer acknowledges and agrees that Customer is prohibited from publishing the results of any benchmark test using the Software to any third party without Hyland’s prior written approval, and that Customer has not relied on the future availability of any programs or services in entering into the Agreement.
1.10 AnyDoc. The optional AccuZip component of the OCR for AnyDoc and AnyDoc EXCHANGEit Software products contains material obtained under agreement from the United States Postal Service (USPS) and must be kept current via an update plan provided by Hyland to maintain Customer’s continued right to use. The USPS has contractually required Hyland to include “technology which automatically disables access to outdated [zip code] products.” This technology disables only the AccuZip component and is activated only if AccuZip is not updated on a regular and timely basis. Hyland regularly updates the zip code list as part of Maintenance and Support for the AccuZip module.
1.11 The Software may contain functionality that allows Customer to access, link or integrate the Software with Customer’s applications or applications or services provided by third parties. Hyland has no responsibility for such applications or services, websites or content and does not endorse any third party web sites, applications or services that may be linked or integrated through the Software; any activities engaged in by Customer with such third parties is solely between Customer and such third party.
2. SUBSCRIPTION FEES. Customer shall pay Subscription Fees to Hyland for the Software licensed hereunder in such amounts as are invoiced by Hyland; provided, that during the Initial Term of this Subscription Schedule (as defined in Section 8 of this Subscription Schedule), Customer shall pay Subscription Fees to Hyland for the initial Software licensed hereunder in accordance with the applicable Purchase Table Schedule. Following expiration of the Initial Term of this Subscription Schedule, Hyland may increase the Subscription Fees for the Software for any renewal period by up to ten percent (10%) of the previous year’s Subscription Fees. Hyland will invoice Customer on or after the Effective Date for Subscription Fees for the first year of the Initial Term. Such invoice shall be due and payable by Customer to Hyland in accordance with the General Terms. For any subsequent years, Hyland will invoice Customer for Subscription Fees at least sixty (60) days prior to the beginning of such year, and such invoices shall be due and payable by Customer to Hyland on or before the beginning of such year. In the event Customer licenses additional Software modules under the Agreement, Hyland will invoice Customer for Subscription Fees for such additional Software modules on a pro rata basis upon Hyland’s acceptance of the purchase order for such additional Software modules. Such invoice shall be due and payable by Customer to Hyland in accordance with the General Terms. Thereafter, Subscription Fees relating to such additional Software shall be included in the subsequent invoices issued with respect to the existing licensed Software.
3. ADD-ON SERVICES. If Customer subscribes to an Add-On Service, the fees for such Add-On Service will be invoiced on a periodic basis, in advance, and Customer shall pay such invoices in accordance with the General Terms Schedule. Some Add-On Services may be priced on a volume basis, for which Add-On Services fees may be invoiced in arrears based on the applicable volume usage. Add-On Services may be subject to an additional Schedule.
4. U.S. GOVERNMENT END USERS. To the extent applicable to Customer, the terms and conditions of the Agreement shall pertain to the U.S. Government’s use and/or disclosure of the Software and Add-On Services, and shall supersede any conflicting contractual terms or conditions. By accepting the terms of the Agreement and/or the Delivery of the Software and Add-On Services, the U.S. Government hereby agrees that the Software and Add-On Services qualify as “commercial” computer software within the meaning of ALL U.S. federal acquisition regulation(s) applicable to this procurement and that the Software and Add-On Services are developed exclusively at private expense. If this license fails to meet the U.S. Government’s needs or is inconsistent in any respect with Federal law, the U.S. Government agrees to return this Software and Add-On Services to Hyland. In addition to the foregoing, where DFARS is applicable, use, modification, reproduction, release, display, or disclosure of the Software and Add-On Services, or Documentation by the U.S. Government is subject solely to the terms of the Agreement, as stated in DFARS 227.7202, and the terms of the Agreement shall supersede any conflicting contractual term or conditions.
5. MAINTENANCE AND SUPPORT FOR SOFTWARE AND RETIRED SOFTWARE.
5.1 MAINTENANCE AND SUPPORT TERMS. Except with respect to Retired Software, Hyland will provide Maintenance and Support in accordance with the Maintenance and Support Prioritization Attachment.
(a) Technical Support Services. Hyland will provide telephone or online technical support related to problems reported by Customer and associated with the operation of any Software, including assistance and advice related to the operation of the Software. Technical Support Services are not available for Retired Software.
(b) Error Correction Services. With respect to any Errors in the Software which are reported by Customer and which are confirmed by Hyland, in the exercise of its reasonable judgment, Hyland will use its reasonable efforts to correct the Error, which may be effected by a reasonable workaround. Hyland shall promptly commence to confirm any reported Errors after receipt of a proper report of such suspected Error from Customer. Hyland may elect to correct the Error in the current available or in the next available commercially released version of the Software and the Resolution may require the Customer to implement an Upgrade and Enhancement to obtain the correction. Error Correction Services are not available for Retired Software.
(c) Reporting Policies and Procedures Applicable to Technical Support Services and Error Correction Services.
(1) Customer Reporting Requirements. In requesting Technical Support Services and Error Correction Services, Customer will submit such requests through Hyland’s secure end user website, the details of which will be separately provided to Customer. Once such request is submitted through the end user website, Customer may call for Level 1 or Level 2 Severity Levels (support numbers are available through Hyland’s secure end user website). In the case of reporting an Error, Customer will provide Hyland with as much information and access to systems as reasonably possible to enable Hyland to investigate and attempt to identify and verify the Error. Customer will work with Hyland support personnel during the problem isolation process, as reasonably needed. Customer will notify Hyland of any configuration changes, such as network installation/expansion, Software upgrades, relocations, etc.
(2) Hyland Response Procedures. Hyland shall respond to all Technical Support Services requests and Error Correction Services requests in accordance with the Maintenance and Support Prioritization Attachment. With respect to Errors: (a) Hyland will respond based on the confirmed severity level of an Error; (b) Hyland may reclassify Errors as it learns information about such Errors during the resolution process; and (c) Hyland’s obligation for a reported Error concludes upon delivery of a Resolution in accordance with the Maintenance and Support Prioritization Attachment.
(d) Upgrades and Enhancements. Hyland will provide, in accordance with Hyland’s then current policies, as set forth from time to time on Hyland’s secure end user web site (currently www.hyland.com/community), all Upgrades and Enhancements, if and when released during the term of this Subscription Schedule. Upgrades and Enhancements are not available for Retired Software.
5.2 EXCLUSIONS.
(a) Generally. Hyland is not responsible for providing, or obligated to provide, Maintenance and Support under the Agreement: (1) in connection with any Errors or problems that result in whole or in part from any alteration, revision, change, enhancement or modification of any nature of the Software, or from any error or defect in any configuration of the Software, which activities in any such case were undertaken by any party other than Hyland; (2) in connection with any Error if Hyland has previously provided corrections for such Error which Customer fails to implement; (3) in connection with any Errors or problems that have been caused by errors, defects, problems, alterations, revisions, changes, enhancements or modifications in the database, operating system, third party software (other than third party software embedded in the Software by Hyland), hardware or any system or networking utilized by Customer; (4) if the Software or related software or systems have been subjected to abuse, misuse, improper handling, accident or neglect; or (5) if any party other than Hyland, or an authorized subcontractor specifically selected by Hyland, has provided any services in the nature of Maintenance and Support to Customer with respect to the Software. Maintenance and Support does not include any services that Hyland may provide in connection with assisting or completing an upgrade of Software with any available Upgrade and Enhancement.
(b) Work Products. Maintenance and Support is not provided for any Work Products (as defined in the Professional Services Schedule); however, if Customer desires Maintenance and Support regarding the operation or use of such Work Products, Customer may request such Maintenance and Support and the parties may agree to enter into a Services Proposal for such Maintenance and Support in accordance with the terms of the Professional Services Schedule.
(c) Excluded Software and Hardware. This Subscription Schedule does not govern, and Hyland shall not be responsible for, the maintenance or support of any software other than Software, or for any hardware or equipment of any kind or nature, whether or not obtained by Customer from Hyland.
5.3 CERTAIN OTHER RESPONSIBILITIES OF CUSTOMER.
(a) Operation of the Software and Related Systems. Customer acknowledges and agrees that it is solely responsible for the operation, configuration, supervision, management and control of the Software and all related hardware and software (including the database software). Customer is solely responsible for: obtaining or providing training for its personnel; taking appropriate measures to isolate and backup or otherwise archive its computer systems, programs, data or files; and instituting appropriate security procedures and implementing reasonable procedures to examine and verify all output before use.
(b) Access to Premises and Systems. Customer shall make available reasonable access and use of Customer’s premises, and online access to Customer’s computer hardware, peripherals, Software and other software as Hyland deems necessary to diagnose and correct any Errors or to otherwise provide Maintenance and Support. Accordingly, Customer shall install and maintain means of communication and the appropriate communications software as mutually agreed upon by Hyland and Customer and an adequate connection with Hyland to facilitate Hyland’s on-line Maintenance and Support. Such right of access and use shall be provided at no cost or charge to Hyland.
5.4 PROFESSIONAL SERVICES FOR PROJECTS NOT COVERED BY TECHNICAL SUPPORT SERVICES OR ERROR CORRECTION SERVICES. If Customer requests Professional Services which are outside the scope of Technical Support Services or Error Correction Services, Customer agrees that such services shall not be covered by this Section 5 and such services only shall be engaged pursuant to a Services Proposal under an applicable Professional Services Schedule.
5.5 IMPLEMENTATION OF UPGRADES AND ENHANCEMENTS TO REGULATED PRODUCTS. Customer acknowledges and agrees that for regulatory compliance purposes, Customer may be required to engage Hyland under a Services Proposal to implement Upgrades and Enhancements to a regulated product. If Hyland offers a self-service option for implementing Upgrades and Enhancements to a regulated product, and the Customer chooses this option, Customer agrees to comply with the training, reporting, and documentation requirements established by Hyland to ensure that the implementation is performed and documented as required by applicable regulations.
6. LIMITED WARRANTY FOR SOFTWARE
6.1 Software Warranty. For a period of sixty (60) days from and including the date a Software module listed in the Purchase Table Schedule identifying the Software licenses initially purchased by Customer under this Subscription Schedule, has been Delivered to Customer, and for a period of sixty (60) days from and including the date any other Software module has been Delivered to Customer, Hyland warrants to Customer that such Software module, when properly installed and properly used, will function in all material respects as described in the Documentation. The terms of this warranty shall not apply to, and Hyland shall have no liability for any non-conformity related to: (a) any Retired Software modules; or (b) any Software module that has been (i) modified by Customer or a third party, (ii) used in combination with equipment or software other than that which is consistent with the Documentation, or (iii) misused or abused.
6.2 Remedy. Hyland’s sole obligation, and Customer’s sole and exclusive remedy, for any non-conformities to the express limited warranties under Sections 6.1 shall be as follows: provided that, within the applicable period, Customer notifies Hyland in writing of the non-conformity, Hyland will either (a) repair or replace the non-conforming Software module, which may include the delivery of a reasonable workaround for the non-conformity; or (b) if Hyland determines that repair or replacement of the Software module is not practicable, then terminate the Agreement with respect to the non-conforming Software module, in which event, upon compliance by Customer with its obligations under Section 8.2 of this Subscription Schedule, Hyland will refund any portion of the Subscription Fees paid prior to the time of such termination with respect to such Software.
7. INFRINGEMENT INDEMNIFICATION.
7.1 Generally. Hyland agrees to indemnify Customer against all liability and expense, including reasonable attorneys’ fees, arising from or in connection with any third party claim, action or proceeding instituted against Customer based upon any infringement or misappropriation by the Software of any patent, registered copyright or registered trademark of a third party that is enforceable in the United States, provided that Hyland: (a) is notified immediately after Customer receives notice of such claim; (b) is solely in charge of the defense of and any settlement negotiations with respect to such claim, provided that Hyland will not settle any such claim without the prior written consent of Customer if such settlement contains a stipulation to or admission or acknowledgement of any liability or wrongdoing on the part of Customer or otherwise requires payment by Customer; (c) receives Customer’s reasonable cooperation in the defense or settlement of such claim; and (d) has the right, upon either the occurrence of or the likelihood (in the opinion of Hyland) of the occurrence of a finding of infringement or misappropriation, either to procure for Customer the right to continue use of the Software, or to replace the relevant portions of the Software or with other equivalent, non-infringing portions.
7.2 Removal and Refund. If Hyland is unable to accomplish either of the options set forth in Section 7.1(d), Hyland shall remove the infringing portion of the Software and refund to Customer the “unused portion of prepaid Subscription Fees” (as defined below) paid by Customer, with respect to the infringing portion of the Software. For these purposes, the “unused portion of the prepaid Subscription Fees” shall mean an amount equal to the total Subscription Fees paid by Customer for the infringing portion of the Software for the term (or applicable twelve-month period within the Initial Term) during which such removal occurs, multiplied by a fraction, the numerator of which shall be the number of full calendar months remaining during the term (or applicable twelve-month period within the Initial Term) during which such removal occurs, and the denominator of which shall be twelve (12).
7.3 Exclusions. Notwithstanding anything to the contrary, Hyland shall have no obligation to Customer to indemnify any claims made against Customer and otherwise described in Section 7.1 that arise from: (a) use of the Software by Customer other than as expressly permitted by the Agreement; (b) the combination of the Software with any product not furnished by Hyland to Customer; (c) the modification or addition to of the Software other than by Hyland or any of its authorized solution providers specifically retained by Hyland to provide such modification or addition; or (d) the Customer’s business methods or processes.
7.4 THIS SECTION 7 STATES HYLAND’S ENTIRE LIABILITY AND THE SOLE AND EXCLUSIVE REMEDY OF CUSTOMER WITH RESPECT TO ANY ALLEGED INFRINGEMENT OR MISAPPROPRIATION OF INTELLECTUAL PROPERTY OR PROPRIETARY PROPERTY BY THE SOFTWARE.
8. TERM; TERMINATION.
8.1 TERM. Subject to the termination provisions set forth in Section 1.2 of the General Terms Schedule, the initial term of this Subscription Schedule will be the three (3) year period that commences on the Effective Date (the “Initial Term”); and such term will automatically renew thereafter for successive terms of one (1) year each, unless and until either party provides at least thirty (30) days advance written notice of non-renewal, in which case this Subscription Schedule shall terminate at the end of the then current term.
8.2 Additional Effects or Consequences of Termination. In addition to Section 1.3 of the General Terms Schedule, upon any termination of this Subscription Schedule in its entirety, any license to use the Software will automatically terminate without other or further action on the part of any party; and Customer shall immediately: (a) discontinue any and all use of the Software and Documentation; and (b) either (1) return the Software and Documentation to Hyland, or (2) with the prior permission of Hyland, destroy the Software and Documentation and certify in writing to Hyland that Customer has completed such destruction.
SaaS Agreement - AWS
Effective June 9th 2021
DownloadTable of Contents
HYLAND SaaS AGREEMENT
This SaaS Agreement (“Agreement”) is made between Hyland Software, Inc. (“Hyland”), 28500 Clemens Road, Westlake, Ohio 44145 USA, an Ohio corporation, and the entity (“Customer”) that has ordered the Hyland Cloud Service through the AWS Marketplace. This Agreement is effective on the date Customer first places an order for Hyland Cloud Service through the AWS Marketplace (the “Effective Date”). Unless Hyland and Customer have executed and delivered another Hyland SaaS Agreement or document of similar import with respect to the Hyland Cloud Service, by ordering the Hyland Cloud Service through the AWS Marketplace, Customer agrees to be bound to the terms of this Agreement. If Hyland and Customer have executed and delivered another Hyland SaaS Agreement or document of similar import with respect to the Software and the Hyland Cloud Service shall have no force or effect and the terms and conditions of such other Hyland SaaS Agreement or document of similar import shall govern.
REPRESENTATION AND WARRANTY REGARDING AUTHORITY: BY ORDERING THE HYLAND CLOUD SERVICE THROUGH THE AWS MARKETPLACE, CUSTOMER REPRESENTS AND WARRANTS THAT THE PERSON THAT HAS PLACED SUCH ORDER HAS ALL REQUISITE POWER AND AUTHORITY, FOR AND ON BEHALF OF CUSTOMER, TO TAKE SUCH ACTION AND TO BIND CUSTOMER TO SUCH ACCEPTANCE AND TO THE TERMS AND CONDITIONS OF THIS HYLAND SAAS AGREEMENT.
The following schedules are incorporated into this Agreement by reference:
☒General Terms Schedule
☒ Software-as-a-Service Schedule, available at: https://legal.hyland.com/Customer-Legal-Center#contracts-software-as-a-service-schedule
INITIAL COMPONENTS OF HYLAND CLOUD SERVICE |
Initial Service Class Package: Double Platinum Initial data storage allocation: .5 terabytes Initial data center location: United States |
GENERAL TERMS SCHEDULE
This General Terms Schedule (“General Terms” or “General Terms Schedule”) includes terms that will apply to any product license or service you purchase from Hyland under other Schedules that are incorporated into this Agreement. Other Schedules will have more specific terms relevant to the product licensee or service governed by that Schedule. If there is a conflict between the terms of this General Terms Schedule and any other Schedule, the other Schedule shall control with respect to the subject matter of such Schedule. In the event the same topic is addressed in both the General Terms Schedule and any other Schedule but the terms do not conflict, the terms of both the General Terms Schedule and the Schedule shall apply. Capitalized terms used in this General Terms Schedule may be defined within this Schedule or within other Schedules to which they are applicable.
1. TERM; TERMINATION; SURVIVAL OF PROVISIONS AFTER EXPIRATION OR TERMINATION.
1.1 Term. This Agreement shall have a term commencing on the Effective Date, and will continue until all Schedules have been terminated or expired in accordance with their terms.
1.2 Termination.
1.2.1 By Either Party. Either party may terminate this Agreement in its entirety or any Schedule, effective immediately upon written notice to the other party, if the other party has committed a breach of a material provision of this Agreement or any Schedule and has failed to cure the breach within thirty (30) days after the receipt of written notice of the breach given by the non-breaching party; provided, that Hyland shall not be required to give Customer any opportunity to cure any breach in the case of a Prohibited Act or breach of the U.S. Government End User section of any Schedule, all of which are considered for all purposes to be material provisions of this Agreement.
1.2.2 Termination of General Terms Schedule. Notwithstanding the foregoing, this General Terms Schedule will terminate when and only if all other Schedules have been terminated.
1.3 Certain Effects or Consequences of Termination; Survival of Certain Provisions.
1.3.1 Generally. Any termination of this Agreement or any Schedule will not discharge or otherwise affect any pre-termination obligations of either party existing under this Agreement at the time of termination, including Customer’s obligation to pay to Hyland all fees and charges accrued or due for any period or event occurring on or prior to the effective date of termination or expiration of this Agreement or the applicable Schedule; and all liabilities which have accrued prior to the date of termination shall survive.
1.3.2 Survival of Certain Obligations. All provisions of this Agreement or of an applicable Schedule, which by their nature extend beyond the expiration or termination of this Agreement will survive and remain in effect until all obligations are satisfied, including, but not limited to all sections of these General Terms (except Section 8.13).
1.3.3. Termination of a Schedule. If any Schedule under which a license to Software is granted is terminated in accordance with its terms, then this entire Agreement will terminate with respect to the Software licensed under such Schedule. Otherwise, termination of a Schedule will not affect the remaining Schedules.
2. PAYMENT TERMS.
2.1 Purchase Orders. Customer acknowledges and agrees that, when Customer places its initial order for the Hyland Cloud Service through the AWS Marketplace, the parties will treat this Agreement as: (a) Customer’s written purchase order for the matters described in a Purchase Table Schedule, and (b) Hyland’s acceptance of such purchase order.
2.2 Invoicing. Customer will be invoiced by AWS as a paying agent for Hyland for purchases made on the AWS Marketplace.
2.3 General Payment Terms. So long as Customer is not in default of any payment obligations under this Agreement, except as otherwise provided in this Agreement, Customer shall pay in full each invoice issued hereunder net thirty (30) days from the date of Customer’s receipt of such invoice.
2.4 Taxes and Governmental Charges. All payments under this Agreement are exclusive of all applicable taxes and governmental charges (such as duties), all of which shall be paid by Customer (other than taxes on Hyland’s income). In the event Customer is required by law to withhold taxes, Customer agrees to furnish Hyland or AWS all required receipts and documentation substantiating such payment. If Hyland is required by law to remit any tax or governmental charge on behalf of or for the account of Customer, Customer agrees to reimburse Hyland or AWS, as applicable, within thirty (30) days after Hyland notifies Customer in writing of such remittance. Customer agrees to provide Hyland with valid tax exemption certificates in advance of any remittance otherwise required to be made by Hyland on behalf of or for the account of Customer, where such certificates are applicable.
2.5 Resolution of Invoice Disputes. If, prior to the due date for payment under any invoice, Customer notifies Hyland in writing that it disputes all or any portion of an amount invoiced, both parties will use reasonable efforts to resolve the dispute within thirty (30) calendar days of Hyland’s receipt of the notice. If any amount remains disputed in good faith after such 30-day period, either party may escalate the disputed items to the parties’ respective executive management to attempt to resolve the dispute. The parties agree that at least one of each of their respective executives will meet (which may be by telephone or other similarly effective means of remote communication) within ten (10) calendar days of any such escalation to attempt to resolve the dispute. If the parties’ executive managers are unable to resolve the dispute within ten (10) calendar days of such meeting, either party thereafter may file litigation in a court of competent jurisdiction under Section 8.1 of these General Terms to seek resolution of the dispute.
2.6 Certain Remedies For Non-Payment or For Late Payment. At the election of Hyland, exercisable by written notice to Customer, any past due amounts (except those amounts properly disputed in accordance with Section 2.5 of these General Terms) under any Hyland invoice shall bear interest at the rate of one and one-half percent (1.5%) per month (or, if lower, the maximum rate lawfully chargeable) from the date due through the date that such past due amounts and such accrued interest are paid in full. In the event of any default by Customer in the payment of any amounts invoiced hereunder (except with respect to those amounts on invoices the parties are attempting to resolve under Section 2.5 of these General Terms), which default continues unremedied for at least thirty (30) calendar days after the due date of such payment, Hyland shall have the right to suspend or cease the provision of any services under this Agreement or any Services Proposal, including the delivery of any Upgrades and Enhancements to Customer, unless and until such default shall have been cured.
2.7 U.S. Dollars; Delivery of Hasps and CDs. All fees, costs and expenses under this Agreement shall be determined and invoiced in, and all payments required to be made in connection with this Agreement shall be made in, U.S. dollars. Delivery of CDs, if any, shall be F.O.B. Hyland’s offices in Westlake, Ohio, USA.
2.8 Training. Hyland offers training courses to Customer and its employees as described on Hyland’s training web portal (currently. https://training.onbase.com). Training fees for such courses shall be determined at Hyland’s retail prices in effect at the time Customer registers for training. Hyland shall invoice Customer for applicable training fees upon Customer’s registration for each training course and such invoice shall be due and payable in accordance with Section 2.3 above. In the event that Customer prepays for training, then such prepaid training shall expire twelve (12) months from the date Hyland accepts Customer’s purchase order for such training.
3. CONFIDENTIAL INFORMATION.
“Confidential Information” shall be such information that is marked “Proprietary” or “Confidential,” that is known by the recipient to be confidential or that is of such a nature as customarily would be confidential between business parties, except as provided in the next sentence. Confidential Information shall not include information that: (a) is or becomes generally known to the public without breach of this Agreement by the recipient, or (b) is demonstrated by the recipient to have been in the recipient’s possession prior to its disclosure by the disclosing party, or (c) is received by the recipient from a third party that is not bound by restrictions, obligations or duties of non-disclosure to the disclosing party, or (d) is demonstrated by recipient to have been independently developed by recipient without reference to the other party’s information.
3.2 Each party agrees that, with respect to the Confidential Information of the other party, or its affiliates, such party as a recipient shall use the same degree of care to protect the other party’s Confidential Information that such party uses to protect its own confidential information, but in any event not less than reasonable care, and not use or disclose to any third party any such Confidential Information, except as may be required by law or court order or as provided under this Agreement. Customer agrees to take all reasonable steps to protect all Software, Hyland Cloud Services, Add-On Services, Work Products and Innovations, and any related Documentation, delivered by Hyland to Customer under this Agreement from unauthorized copying or use. Each party shall be liable and responsible for any breach of this Section 3 committed by any of such party’s employees, agents, consultants, contractors or representatives.
4. OWNERSHIP AND PROHIBITED CONDUCT.
4.1 Ownership.Hyland and its suppliers own the Software, Work Products, Documentation, Hyland Cloud Services, Add-On Services, and Innovations, including, without limitation, any and all worldwide copyrights, patents, trade secrets, trademarks and proprietary and confidential information rights in or associated with the foregoing. The Software, Documentation, Hyland Cloud Services, Add-On Services, and Work Products are protected by copyright laws and international copyright treaties, as well as other intellectual property laws and treaties. No ownership rights in the Software, Hyland Cloud Services, Add-On Services, Innovations or Work Products are transferred to Customer. Customer agrees that nothing in this Agreement or associated documents gives it any right, title or interest in the Software, Hyland Cloud Service, Add-On Services, Documentation, or Work Products, except for the limited express rights granted in this Agreement. Customer acknowledges and agrees that, with respect to Hyland’s end users generally, Hyland has the right, at any time, to change the specifications and operating characteristics of the Software, Hyland Cloud Services, and Add-On Services, and Hyland’s policies respecting Upgrades and Enhancements (including but not limited to its release process). THIS AGREEMENT IS NOT A WORK-FOR-HIRE AGREEMENT. At no time shall Customer file or obtain any lien or security interest in or on any components of the Software, Hyland Cloud Service, Add-On Services, Documentation, or Work Products.
4.2 Prohibited Conduct. Customer agrees not to: (a) remove copyright, trademark or other proprietary rights notices that appear on or during the use of the Software, Work Products, Documentation, Hyland Cloud Services, Add-On Services, or Hosted 3rd Party Software documentation; (b) sell, transfer, rent, lease or sub-license the Software, Work Products, Documentation, Hyland Cloud Services, Add-On Services, or Hosted 3rd Party Software documentation to any third party; (c) except as expressly permitted with respect to Work Products, alter or modify the Software, Work Products, Hyland Cloud Services, Add-On Services, Documentation or Hosted 3rd Party Software documentation; or (d) reverse engineer, disassemble, decompile or attempt to derive source code from the Software, Work Products, Documentation, Hyland Cloud Services, Add-On Services, or Hosted 3rd Party Software documentation, or prepare derivative works therefrom.
5. DISCLAIMER OF WARRANTIES.
5.1 EXCEPT FOR THE WARRANTIES PROVIDED BY HYLAND AS EXPRESSLY SET FORTH IN THE SCHEDULES MADE PART OF THIS AGREEMENT, HYLAND AND ITS SUPPLIERS MAKE NO WARRANTIES OR REPRESENTATIONS REGARDING ANY SOFTWARE, HYLAND CLOUD SERVICE (INCLUDING ANY SOFTWARE OR HARDWARE), ADD-ON SERVICES, WORK PRODUCTS, INNOVATIONS, INFORMATION, MAINTENANCE AND SUPPORT, PROFESSIONAL SERVICES OR ANY OTHER SERVICES PROVIDED UNDER THIS AGREEMENT OR ANY SERVICES PROPOSAL. HYLAND AND ITS SUPPLIERS DISCLAIM AND EXCLUDE ANY AND ALL OTHER EXPRESS, IMPLIED AND STATUTORY WARRANTIES, INCLUDING, WITHOUT LIMITATION, WARRANTIES OF GOOD TITLE, WARRANTIES AGAINST INFRINGEMENT, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE, AND WARRANTIES THAT MAY ARISE OR BE DEEMED TO ARISE FROM ANY COURSE OF PERFORMANCE, COURSE OF DEALING OR USAGE OF TRADE. HYLAND AND ITS SUPPLIERS DO NOT WARRANT THAT ANY MAINTENANCE AND SUPPORT, HYLAND CLOUD SERVICE, ADD-ON SERVICES, PROFESSIONAL SERVICES, SOFTWARE OR WORK PRODUCTS PROVIDED WILL SATISFY CUSTOMER’S REQUIREMENTS OR ARE WITHOUT DEFECT OR ERROR, OR THAT THE OPERATION OF ANY SOFTWARE, HYLAND CLOUD SERVICE, ADD-ON SERVICES, OR ANY WORK PRODUCTS PROVIDED UNDER THIS AGREEMENT WILL BE UNINTERRUPTED. EXCEPT AS EXPRESSLY STATED IN THIS AGREEMENT, HYLAND DOES NOT ASSUME ANY LIABILITY WHATSOEVER WITH RESPECT TO ANY THIRD PARTY HARDWARE, FIRMWARE, SOFTWARE OR SERVICES.
5.2 CUSTOMER SPECIFICALLY ASSUMES RESPONSIBILITY FOR THE SELECTION OF THE SOFTWARE, WORK PRODUCTS, ADD-ON SERVICES, MAINTENANCE AND SUPPORT, HOSTING SERVICES AND PROFESSIONAL SERVICES TO ACHIEVE ITS BUSINESS OBJECTIVES.
5.3 HYLAND MAKES NO WARRANTIES WITH RESPECT TO ANY SOFTWARE, HYLAND CLOUD SERVICES, ADD-ON SERVICES, OR WORK PRODUCTS USED IN ANY NON-PRODUCTION SYSTEM AND PROVIDES ANY SUCH SOFTWARE, HYLAND CLOUD SERVICE, AND WORK PRODUCTS “AS IS.”
5.4 No oral or written information given by Hyland, its agents, or employees shall create any additional warranty. No modification or addition to the limited warranties set forth in this Agreement is authorized unless it is set forth in writing, references this Agreement, and is signed on behalf of Hyland by a corporate officer.
6. LIMITATIONS OF LIABILITY.
6.1 NEITHER PARTY NOR ANY OF ITS AFFILIATES (AND IN THE CASE OF HYLAND, ITS SUPPLIERS) SHALL BE LIABLE, WHETHER IN CONTRACT, TORT (INCLUDING NEGLIGENCE), OR ANY OTHER LEGAL OR EQUITABLE THEORY, FOR ANY INDIRECT, INCIDENTAL, SPECIAL, PUNITIVE, OR CONSEQUENTIAL DAMAGES, OR ANY LOSS OF REVENUE, GOODWILL, SAVINGS OR PROFITS (EXCLUDING FEES DUE UNDER THIS AGREEMENT), LOSS OR CORRUPTION OF DATA OR PROGRAMS, COSTS OF REPLACEMENT OR THE REMEDY OF COVER, OR BUSINESS INTERRUPTION DAMAGES, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES, LOSSES, EXPENSES OR COSTS.
6.2 HYLAND’S (INCLUDING ITS AFFILIATES AND SUPPLIERS) TOTAL, CUMULATIVE LIABILITY ARISING OUT OF OR RELATED TO THIS AGREEMENT OR THE PRODUCTS OR SERVICES PROVIDED UNDER IT, WHETHER IN CONTRACT OR TORT (INCLUDING NEGLIGENCE), OR ANY OTHER LEGAL OR EQUITABLE THEORY, SHALL IN NO EVENT EXCEED THE TOTAL AMOUNTS ACTUALLY PAID TO HYLAND (THROUGH AWS) BY CUSTOMER (LESS ANY REFUNDS OR CREDITS) FOR THE USE OF THE PRODUCTS OR PROVISION OF THE SERVICES GIVING RISE TO THE CLAIM DURING THE TWELVE (12) MONTH PERIOD IMMEDIATELY PRECEDING THE FIRST EVENT GIVING RISE TO SUCH CLAIM. WITH RESPECT TO ANY PRODUCTS OR SERVICES PROVIDED TO CUSTOMER FREE OF CHARGE (SUCH AS EVALUATION SOFTWARE OR SERVICES), NEITHER HYLAND NOR ANY OF ITS AFFILIATES OR SUPPLIERS WILL BE LIABLE FOR DIRECT DAMAGES.
6.3 THE LIMITATIONS IN SECTIONS 6.1 AND 6.2 SHALL NOT APPLY: (1) TO THE EXTENT SUCH LIMITATIONS ARE PROHIBITED BY LAW, (2) PAYMENTS TO A THIRD PARTY ARISING FROM HYLAND’S INDEMNIFICATION OBLIGATION FOR INTELLECTUAL PROPERTY INFRINGEMENT; OR (3) TO ANY CLAIMS, LOSSES OR DAMAGES ARISING OUT OF CUSTOMER’S OR CONTRACTOR’S PROHIBITED ACTS.
6.4 IF CUSTOMER USES THE SOFTWARE, HYLAND CLOUD SERVICE, OR ADD-ON SERVICES IN A CLINICAL SETTING, CUSTOMER ACKNOWLEDGES THAT THE SOFTWARE, HYLAND CLOUD SERVICES AND ADD-ON SERVICES DO NOT OFFER MEDICAL INTERPRETATIONS OF DATA, DIAGNOSE PATIENTS, OR RECOMMEND THERAPY OR TREATMENT; THE SOFTWARE, HYLAND CLOUD SERVICE AND ADD-ON SERVICES ARE AN INFORMATION RESOURCE AND IS NOT A SUBSTITUTE FOR THE SKILL, JUDGMENT AND KNOWLEDGE OF CUSTOMER’S USERS OF THE SOFTWARE, HYLAND CLOUD SERVICE OR ADD-ON SERVICES IN THE PROVISION OF HEALTHCARE SERVICES. IN ADDITION TO THE LIMITATIONS OF LIABILITY PROVIDED HEREIN, HYLAND SHALL NOT HAVE ANY LIABILITY FOR ANY ASPECT OF CUSTOMER’S SERVICES PROVIDED IN CONJUNCTION WITH ITS USE OF THE SOFTWARE, HYLAND CLOUD SERVICE OR ADD-ON SERVICES.
7. FORCE MAJEURE. No failure, delay or default in performance of any obligation of a party to this Agreement (except the payment of money) shall constitute a default or breach to the extent that such failure to perform, delay or default arises out of a cause, existing or future, beyond the control (including, but not limited to: action or inaction of governmental, civil or military authority; fire; strike, lockout or other labor dispute; flood; war; riot; theft; earthquake; natural disaster or acts of God; national emergencies; unavailability of materials or utilities; sabotage; viruses; or the act, negligence or default of the other party) and without negligence or willful misconduct of the party otherwise chargeable with failure, delay or default. Either party desiring to rely upon any of the foregoing as an excuse for failure, default or delay in performance shall, when the cause arises, give to the other party prompt notice in writing of the facts which constitute such cause; and, when the cause ceases to exist, give prompt notice of that fact to the other party. This Section 7 shall in no way limit the right of either party to make any claim against third parties for any damages suffered due to said causes. If any performance date by a party under this Agreement is postponed or extended pursuant to this Section 7 for longer than ninety (90) calendar days, the other party, by written notice given during the postponement or extension, and at least thirty (30) days prior to the effective date of termination, may terminate this Agreement.
8. GENERAL PROVISIONS.
8.1 Governing Law; Jurisdiction. This Agreement and any claim, action, suit, proceeding or dispute arising out of this Agreement shall in all respects be governed by, and interpreted in accordance with, the substantive laws of the State of Ohio (and not the 1980 United Nations Convention on Contracts for the International Sale of Goods or the Uniform Computer Information Transactions Act, each as amended), without regard to the conflicts of laws provisions thereof. Venue and jurisdiction for any action, suit or proceeding arising out of this Agreement shall vest exclusively in the federal or state courts of general jurisdiction located in Cuyahoga County, Ohio.
8.2 Interpretation. The headings used in this Agreement are for reference and convenience purposes only and shall not in any way limit or affect the meaning or interpretation of any of the terms hereof. All defined terms in this Agreement shall be deemed to refer to the masculine, feminine, neuter, singular or plural, in each instance as the context or particular facts may require. Use of the terms “hereunder,” “herein,” “hereby” and similar terms refer to this Agreement.
8.3 Waiver. No waiver of any right or remedy on one occasion by either party shall be deemed a waiver of such right or remedy on any other occasion.
8.4 Integration. This Agreement, including any and all exhibits and schedules referred to herein, set forth the entire agreement and understanding between the parties pertaining to the subject matter and merges and supersedes all prior agreements, negotiations and discussions between them on the same subject matter. Customer acknowledges and agrees in entering into the Agreement and its purchases hereunder are not contingent on the availability of any future functionality, features, programs, or services. This Agreement may only be modified by a written document signed by duly authorized representatives of the parties. This Agreement shall not be supplemented or modified by any course of performance, course of dealing or trade usage. Customer and Hyland specifically acknowledge and agree that any other terms varying from or adding to the terms of this Agreement, whether contained in any purchase order or other electronic, written or oral communication made from Customer to Hyland are rejected and shall be null and void and of no force or effect, unless expressly agreed to in writing by both parties. This Agreement will prevail over any conflicting stipulations contained or referenced in any other document.
8.5 Notices. Unless otherwise agreed to by the parties in a writing signed by both parties, all notices required under this Agreement shall be deemed effective when made in writing and sent to each party, by either: (A) reputable overnight courier, specifying next day delivery to the address specified below or (B) email to the address below or such other email address provided by Customer, without receipt of a notice of failed delivery.
Hyland:
28500 Clemens Road
Westlake, OH 44145
Attn: General Counsel
hylandcontracts@onbase.com
Customer:
Name and address provided by Customer through AWS Marketplace
8.6 Binding Effect; No Assignment. This Agreement shall be binding upon and shall inure to the benefit of the parties and their respective successors and permitted assigns. Neither party may assign, transfer or sublicense all or part of this Agreement or its rights or obligations under this Agreement, in whole or in part, to any other person or entity without the prior written consent of the other party; provided that such consent shall not be unreasonably withheld in the case of any assignment or transfer by a party of this Agreement in its entirety to the surviving entity of any merger or consolidation or to any purchaser of substantially all of such party’s assets that assumes in writing all of such party’s obligations and duties under this Agreement. Any assignment made without compliance with the provisions of this Section 8.6 shall be null and void and of no force or effect. Customer acknowledges that Hyland and/or any of its affiliates may fulfill any of Hyland’s obligations contemplated by this Agreement.
8.7 Severability. In the event that any term or provision of this Agreement is deemed by a court of competent jurisdiction to be overly broad in scope, duration or area of applicability, the court considering the same will have the power and is hereby authorized and directed to limit such scope, duration or area of applicability, or all of them, so that such term or provision is no longer overly broad and to enforce the same as so limited. Subject to the foregoing sentence, in the event any provision of this Agreement is held to be invalid or unenforceable for any reason, such invalidity or unenforceability will attach only to such provision and will not affect or render invalid or unenforceable any other provision of this Agreement.
8.8 Subcontracting. Hyland may subcontract all or any part of the services, provided that Hyland shall remain responsible to Customer for the provision of any subcontracted services.
8.9 Independent Contractor. The parties acknowledge that Hyland is an independent contractor and that it will be responsible for its obligations as employer for those individuals providing any services.
8.10 Export. Any Software, Hyland Cloud Service, Add-On Services, Work Products or Documentation provided under this Agreement are subject to export control laws and regulations of the United States and other jurisdictions. Customer agrees to comply fully with all relevant export control laws and regulations, including the regulations of the U.S. Department of Commerce and all U.S. export control laws, including, but not limited to, the U.S. Department of Commerce Export Administration Regulations (EAR), to assure that the Software, Hyland Cloud Service, Add-On Services, Work Products or Documentation is not exported in violation of United States of America law or the laws and regulations of other jurisdictions. Customer agrees that it will not export or re-export the Software, Hyland Cloud Service, Add-On Services, Work Products or Documentation to any organizations or nationals in the United States embargoed territories of Cuba, Iran, North Korea, Sudan, Syria or any other territory or nation with respect to which the U.S. Department of Commerce, the U.S. Department of State or the U.S. Department of Treasury maintains any commercial activities sanctions program. Customer shall not use the Software, Hyland Cloud Service, Add-On Services, Work Products, or Documentation for any prohibited end uses under applicable laws and regulations of the United States and other jurisdictions, including but not limited to, any application related to, or purposes associated with, nuclear, chemical or biological warfare, missile technology (including unmanned air vehicles), military application or any other use prohibited or restricted under the U.S. Export Administration Regulations (EAR) or any other relevant laws, rules or regulations of the United States of America and other jurisdictions.
8.11 Injunctive Relief. The parties to this Agreement recognize that a remedy at law for a breach of the provisions of this Agreement relating to Confidential Information and intellectual property rights will not be adequate for the aggrieved party’s protection and, accordingly, the aggrieved party shall have the right to seek, in addition to any other relief and remedies available to it, specific performance or injunctive relief to enforce the provisions of this Agreement.
8.12 Non-Solicitation; Non-Hire. During the term of this Agreement and for one (1) year after the expiration or termination of this Agreement, neither Customer nor Hyland will:
(a) solicit for employment or for engagement as an independent contractor for the soliciting party or for any other third party a person who is or was an employee of the other party, or otherwise encourage or assist any such person to leave the employ of the other party for any reason, in each case at any time during such person’s employment by the other party or within one year (1) after such person has ceased to be an employee of the other party; or
(b) hire or engage, directly or indirectly, as an employee or independent contractor a person: (i) with whom the hiring party had contact or who became known to the hiring party in connection with this Agreement (including during the performance of any Professional Services under a Services Proposal); and (ii) who is or was an employee of the other party, in each case at any time during such person’s employment by the other party or within one year (1) after such person has ceased to be an employee of the other party.
Each violation of this provision by a party entitles the other party to liquidated damages (not a penalty) in an amount equal to the greater of: (i) $50,000.00, or (2) 100% of the employee’s annual earnings immediately prior to leaving the other party’s service, and, in either case, all costs associated with the collection of such liquidated damages, including, but not limited to, reasonable attorneys’ fees. A general advertisement or a request for employment that is initiated exclusively by an employee of the other party shall not be considered a solicitation pursuant to Section 8.12(a). The parties agree that this provision survives the termination of this Agreement.
8.13 Marketing and Publicity.
(a) References and Site Visits. From time to time, upon the reasonable request of Hyland, Customer agrees to make one or more employees available: (i) for telephone interviews with Hyland and/or third parties, relating to Hyland, Customer’s use of Hyland’s products or services, the benefits Customer has derived from Hyland’s products or services or similar topics; and (ii) to participate in customer site visits. Hyland agrees that it shall reimburse Customer for any out-of-pocket travel, lodging, registration and meals costs and expenses that are incurred by any such employees of Customer in connection with any off site visit if applicable, provided that such costs and expenses are reimbursable in accordance with Hyland’s expense reimbursement policies.
(b) Press Release. Either party may, with prior approval of the other party, prepare and issue a press release referring to the other party and relating to the signing of this Agreement, the scope of the relationship and the products or services established under this Agreement.
(c) Case Studies. Hyland may, with the prior approval of Customer, prepare, publish and distribute, for its sales, marketing and advertising purposes, one or more case studies describing any or all of the applications for which Hyland’s products or services will be used by Customer (e.g., Accounts Payable).
(d) Limitations. Except as specifically set forth in paragraphs (a) through (c) above, or as necessary to perform its obligations under this Agreement, neither party shall, without the prior written consent of the other party, use the names, services marks or trademarks of such other party nor the name of any employee of such other party, or reveal the existence of or terms of this Agreement, in any advertising or publicity release or promotional literature.
8.14 Counterparts. This Agreement may be executed in one or more counterparts, all of which when taken together shall constitute one and the same instrument.
8.15 Expenses. Except as otherwise specifically provided herein, each party shall bear and pay its own expenses incurred in connection with this Agreement and the transactions contemplated hereby.
8.16 Third Parties. Nothing herein expressed or implied is intended or shall be construed to confer upon or give to any person or entity, other than the parties hereto, any rights or remedies by reason of this Agreement; provided, however, that third party suppliers of software products bundled with the Software are third party beneficiaries to this Agreement as it applies to their respective software products.
9. DEFINED TERMS.
The defined terms below shall have the meaning ascribed to them below as used throughout the Agreement. Specific Schedules may also include additional defined terms that are relevant to the terms of that Schedule and these General Terms. Defined terms below may also incorporate defined terms that are defined in a particular Schedule, only if applicable. In the event the same defined term is defined in two (2) or more Schedules, the term shall be given the meaning defined in each Schedule with respect to that Schedule, and, if the term is also used within the General Terms Schedule, the General Terms Schedule shall be interpreted to include all definitions, as the context requires.
“Add-On Service” means a software as a service offering provided by Hyland that provides additional or separate functionality or service to Customer’s Software solution or Hyland Cloud Service.
“Innovations” means all designs, processes, procedures, methods and innovations which are developed, discovered, conceived or introduced by Hyland, working either alone or in conjunction with others, in the performance of this Agreement (including any Services Proposal).
“Purchase Table Schedule” means, for orders placed on the AWS Marketplace, the information displayed within the Marketplace describing the fees, software or services ordered by Customer through the AWS Marketplace, as well as the information set forth in the Initial Components of Hyland Cloud Service table of this Agreement.
“Prohibited Act” or “Prohibited Acts” means any action taken by Customer that is: (i) in violation of Section 1 of a Software License Schedule - Perpetual or Section 1, 2 or 3 of a Software and Maintenance Schedule – Subscription or Section 2 of a SaaS Schedule; (ii) contrary to Section 4 of these General Terms; or (iii) in violation of any term of any Schedule that is identified within that Schedule to be a Prohibited Act.
“Software” means: except as otherwise expressly stated in a particular Schedule, (a) Hyland’s proprietary software products, listed in the Purchase Table Schedule, and other Hyland proprietary software products for which Customer submits a written purchase order to Hyland (or an authorized solution provider) that Hyland accepts and fulfills, including, in each case, third party software bundled by Hyland together with Hyland’s proprietary software products as a unified product; and (b) all Upgrades and Enhancements of the software products described in clause (a) which Customer properly obtains pursuant to this Agreement; Software does not include ShareBase.
Hyland's Compliance and Due Diligence Form
Effective August 24th 2021
DownloadSummary of changes
Table of Contents
Effective August 6th 2021 to August 24th 2021
DownloadTable of Contents
Effective July 7th 2021 to August 6th 2021
DownloadTable of Contents
- Please provide your company’s business name, primary business address, form of business organization (corporation, LLC, etc.) and indicate the number of years your company has conducted business activities: Click here to enter text.
- List each person or legal entity (including a trust) which individually (or collectively with other related or commonly owned or controlled persons or legal entities) is the record or beneficial owner of 5% or more of the outstanding ownership interests of your company, specifying their percentages of ownership. If your company does not have any 5% or more owners, please answer “None” or “N/A.” If your company has a legal entity, or group of commonly owned or controlled legal entities, which owns more than 50% of such outstanding ownership interests (a “Parent Company”), then please include all of the information required in #1 above for your Parent Company: Click here to enter text.
- List the names and titles of all officers and directors (or comparable) of your company and of any Parent Company: Click here to enter text.
- Does your company own of record or beneficially a controlling interest in any other company (a “Subsidiary”), directly or through one or more other companies (other than investments in less than 5% of the outstanding ownership interests of any publicly traded company)? If yes, will that company have any rights or obligations under any agreement with Hyland related to our potential business relationship? If yes to both of the above, please provide the information requested in #1 and #3 above for each Subsidiary. If no to either of the above, please answer “None” or “N/A”: Click here to enter text.
- Please provide the name, position and email address for:
- Please provide the company names and individual contacts for at least 3 businesses with which you currently conduct business that we may contact as business references for your company (names, addresses and primary contact information): Click here to enter text.
- Please list your company’s primary banking institution (business name, address and contact information to verify relationship): Click here to enter text.
- Will your company retain any subcontractors, consultants, agents or representatives specifically to conduct activities with prospective customers, customers or other third parties in connection with your business relationship with Hyland (this does not include third parties that you retain on a temporary or contracted basis in connection with your business operations generally, including those operations entirely unrelated to Hyland)? If yes, please identify the individual(s) or entity(ies) and describe their activities. If no, please answer “None” or “N/A.” Click here to enter text.
- Please list all countries where you plan to conduct activities: Click here to enter text.
- Does or has your company, any Parent Company, any Subsidiary, any individual identified in response to any of #1 - #5 or any key employee of any of the foregoing (or any of the family members of any identified individuals or key employees) act or acted in any official capacity for: (a) any government or department, agency, or instrumentality thereof; (b) a government owned or controlled entity; (c) a public international organization, such as the United Nations or the World Bank; (d) a political party; or (e) a candidate for political office? If yes, please identify the individual(s) or entity(ies) and describe the official capacity. If no, please answer “None”: Click here to enter text.
- Does any person acting in an official capacity for, or any employee of, a government, department, agency, or instrumentality thereof, a government owned or controlled entity, a public international organization, a political party or a candidate for political office have any interest in or stand to benefit in any way as a result of your activities in connection with your potential business relationship with Hyland? If yes, please list the individual(s) or entity(ies) and provide details. If no, please answer “None”: Click here to enter text.
- Answer Yes or No to each item below with respect to your company, any Parent Company and any Subsidiaries.
Supplement to Hyland's Compliance and Due Diligence Form
Effective August 24th 2021
DownloadSummary of changes
Table of Contents
Effective August 6th 2021 to August 24th 2021
DownloadTable of Contents
Effective July 7th 2021 to August 6th 2021
DownloadTable of Contents
- Relationship with Royal Family Members. Is any person you listed as an officer, director, or owner (or any family member thereof), in the Legal Compliance and Operational Due Diligence Form a member of the Royal Family? Choose Yes or No.
- Does or did such individual(s) have an official or unofficial title or role in the government? Choose Yes or No.
- Does such individual(s) have direct or indirect power to award business, or an official or unofficial power over any aspect whatsoever of the government, including its decision-making process, executive function, administration, or finances? Choose Yes or No.
- Does such individual(s) have the ability to ascend to a government position by virtue of membership in the Royal Family? Choose Yes or No.
- Does such individual(s) enjoy benefits or privileges by virtue of their membership in the Royal Family? Choose Yes or No.
- Does such individual(s) have a relationship with the decision-makers in the government who decide whether to award business to your organization or to Hyland? Choose Yes or No.
Contractor Use Agreement - SF V1
Effective August 12th 2021
DownloadTable of Contents
Effective August 12th 2021 to August 12th 2021
DownloadTable of Contents
Effective July 14th 2021 to August 12th 2021
DownloadTable of Contents
Global Data Processing Addendum
Effective September 29th 2022
DownloadTable of Contents
Global Data Processing Addendum
This Global Data Processing Addendum together with all appendices and addenda (“DPA”) forms part of the Master Services Agreement (or similar agreement under which Services are provided to Hyland) (“Services Agreement”) which incorporates this DPA by reference.
EEA and Switzerland
The Parties agree that transfers of Personal Data from the European Economic Area or Switzerland (collectively the “EEA”) shall be governed by the EU SCCs (as supplemented by this DPA), which are incorporated herein by reference.
The Parties further agree that the EU SCCs shall be completed as follows:
- Module 2 shall apply unless Hyland is a Processor in which case Module 3 will apply.
- Clause 7, the optional docking clause will not apply.
- Clause 9(a), Option 2 will apply. Hyland authorizes Service Provider to engage Sub-Processors as set forth in Section 5 of this DPA.
- Clause 11, the optional redress language will not apply.
- Clause 17, Option 1 will apply, and the EU SCCs shall be governed by the law specified in the Services Agreement, provided that law is an EU Member State recognizing third party beneficiaries, otherwise the laws of the Netherlands shall apply.
- Under Clause 18(b), disputes will be resolved before the courts specified under the Services Agreement, provided those courts are in an EU Member State recognizing third party beneficiaries, otherwise those courts shall be the courts of the Netherlands.
- Annex I of the EU SCCs shall be deemed completed with the information set out in the Data Processing Particulars.
- Annex II of the EU SCCs shall be deemed completed with the information set out in Appendix A.
- Annex III of the EU SCCs shall be deemed completed with the information set out in the Data Processing Particulars.
In relation to Personal Data that is protected by the Swiss Federal Act on Data Protection, the EU SCCs will apply as completed herein and as adapted below:
- The Swiss Federal Data Protection and Information Commissioner (“Swiss DPA”) is the exclusive supervisory authority, and each reference to a “supervisory authority” shall be understood to be a reference to the Swiss DPA.
- The term “member state” will not be interpreted in such a way as to exclude Data Subjects in Switzerland from the possibility of enforcing their rights in their place of habitual residence (Switzerland) in accordance with Clause 18 and the choice of law in Clause 17 shall be the applicable Swiss law.
- References to the GDPR and EU SCCs shall include equivalent provisions of the Swiss Federal Act on Data Protection.
Signatures to the Services Agreement shall constitute all necessary signatures to the EU SCCs, including the Annexes attached thereto.
ADDENDUM II
United Kingdom
Part 1: Tables
TABLE 1: Parties | ||
Start date | Effective Date as defined in the Services Agreement. | |
The Parties | Exporter (who sends the Restricted Transfer) | Importer (who receives the Restricted Transfer) |
Parties’ details | Full legal name: Hyland on behalf of its affiliates located in the United Kingdom, including the following: Hyland UK Operations Limited Hyland UK Holdings Limited Hyland Software UK Ltd. Hyland Software Solutions UK Ltd. Nuxeo Group Limited Nuxeo Limited Trading name (if different): n/a Main address (if a company registered address): As specified in the Services Agreement Official registration number (if any) (company number of similar identifier): | Full legal name: Service Provider, as set forth in the Services Agreement. Trading name (if different): Main address (if a company registered address): As specified in the Services Agreement Official registration number (if any) (company number of similar identifier): |
Key Contact | Full Name (optional): Job Title: Global Privacy Officer Contact Details including email: privacy@hyland.com | Full Name (optional): Job Title: Contact Details including email: As set forth in the Data Processing Particulars |
Signature (if required for purposes of Section 2) | Signatures to the Services Agreement shall constitute all necessary signatures to this Addendum II. | Signatures to the Services Agreement shall constitute all necessary signatures to this Addendum II. |
TABLE 2: Selected SCCs, Modules, and Selected Clauses | |
Addendum EU SCCs | The version of the Approved EU SCCs which this Addendum is appended, including the Appendix Information. |
TABLE 3: Appendix Information | |
“Appendix Information” means the information which must be provided for the selected modules as set out in the Appendix of the Approved EU SCCs (other than the Parties), and which for this Addendum is set out in. | |
Annex 1A: List of Parties: | As described in the Data Processing Particulars |
Annex 1B: Description of Transfer: | As described in the Data Processing Particulars |
Annex II: Technical and organizational measures including technical and organizational measures to ensure the security of the data: | As described in the DPA, Appendix A |
Annex III: List of Sub processors (Modules 2 and 3 only): | As described in the Data Processing Particulars |
TABLE 4: Ending this Addendum when the Approved Addendum Changes | |
Ending this Addendum when the Approved Addendum Changes | Which Parties may end this Addendum as set out in Section 19: Importer Exporter |
Part 2: Mandatory Clauses
Mandatory Clauses | Part 2: Mandatory Clauses of the Approved Addendum, being the template Addendum B.1.0 issued by the ICO and laid before Parliament in accordance with s119A of the Data Protection Act 2018 on 2 February 2022, as it is revised under Section 18 of those Mandatory Clauses. |
ADDENDUM III
California, USA
The following additional provisions apply to Service Providers ’s Processing of the Personal Information that is subject to the CCPA and/or CPRA, as applicable.
APPENDIX A
Security Measures
Taking into account
- the state of the art,
- the costs of implementation and
- the nature, scope, context and
- the purpose of processing as well as
- the risk of varying likelihood and severity for the rights and freedoms of natural persons ,
Service Provider shall maintain a comprehensive written information privacy and security program that includes reasonable and appropriate measures to protect against reasonably foreseeable risks to the security, confidentiality, integrity and resilience of Personal Data. Such program shall include those measures set forth in the Services Agreement and the DPA, including, at a minimum, the following:
Administrative Controls
- A person or committee responsible for Service Provider’s information security and privacy program;
- Policies and procedures to investigate, mitigate, and provide notice of a Personal Data Breach;
- Vulnerability management program to identity, prioritize and remediate security vulnerabilities;
- Employees that are subject to confidentiality commitments and understand their obligations and responsibilities in relation to the Service Provider’s information privacy and security program;
- A security awareness training program, which includes periodic security reminders and updates;
- A password policy, requiring complex passwords, a maximum password age, a minimum password complexity, account lockout policies and other logon restrictions; and
- Disaster recovery and business continuity procedures.
Physical Controls
- Policies and procedures to safeguard the facilities and equipment that house Personal Data against unauthorized physical access, theft or destruction;
- Procedures to control and validate access to facilities that house Personal Data based on role/function, including visitor control;
- Physical safeguards for all workstations that access Personal Data to restrict access from authorized users; and
- Permanently and securely destroying or removing Personal Data from hardware prior to final disposition.
Technical Controls
- Policies and procedures to limit access rights based on the principle of least privilege;
- User access controls that address timely provisioning and de-provisioning of user accounts;
- Workstations that are set to lock automatically after a set period of inactivity;
- Encryption at rest and in transit of Personal Data;
- Industry standard anti-malware software used on all endpoints with behavioral based protection against ransomware and other exploits;
- Procedures to ensure that all security patches are applied in a timely manner;
- Operating system and application patches and updates pushed regularly;
- Network segregation including but not limited to the separation of all Hyland Personal Data stored by Service Provider;
- An external audit program, tested at least annually; and
- Completed attestations, such as SOC 2 reports, shall be provided to Hyland upon written request.
Effective January 19th 2022 to September 29th 2022
DownloadTable of Contents
Global Data Processing Addendum
This Global Data Processing Addendum together with all attachments and appendices (“DPA”) forms part of the Master Services Agreement (or similar agreement under which Services are provided to Hyland) (“Services Agreement”) which incorporates this Addendum by reference.
AGREEMENT
and the remaining details required under the EU Model Clauses being deemed completed as appropriate with the information set out in this DPA (including without limitation the Appendix) and the Services Agreement. For the avoidance of doubt, for purposes of the EU Model Clauses, Appendix A of this DPA shall serve as Annex I and Appendix B shall serve as Annex II. In the event of any conflict or inconsistency among or between the terms and conditions of any such EU Model Clauses and this DPA and/or the Services Agreement, the terms of the EU Model Clauses shall prevail.
APPENDIX A
Subject Matter and During of the Processing | The subject matter of the Processing is Service Providers provision of Services under the Services Agreement. The duration of the Processing is the term of the Services Agreement, and any exit period, if applicable. |
Categories of Data Subjects whose Personal Data is Processed | Employees, Vendors, Website visitors, Hyland Customers or End-Users |
Nature and Purpose of the Processing | The purpose of the Processing is to provide the Services as set forth in the Services Agreement. The nature of the Processing may include, but is not limited to, collection, recording, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction. |
Type of Personal Data Processed | The Personal Data transferred may concern the following categories of Data Subjects: Employees - Past, potential, present and future staff of Hyland (including job candidates, volunteers, agents, independent contractors, interns, temporary and casual workers). Vendors - Past, present and potential advisors, consultants, vendors, contractors, subcontractors and other professionals engaged by Hyland and related staff. Website visitors – Individuals who visit any Hyland owned or operated website. Hyland Customers or End Users (collectively, “Customers”) – (a) Past, present and potential Customers of Hyland, and (b) data subjects whose Personal Data is uploaded or provided by Customers to Hyland during use of Hyland’s services or products. |
Categories of Personal Data Processed | The Personal Data transferred may concern the following categories: Employees Identification data: civil/marital status; first and last name; photograph; date and place of birth; nationality; corporate identifier; gender. Contact details: address; telephone number (fixed and mobile); email address; fax number; emergency contact information. Employment details: job title; company name; grade, occupation code; geographic location; employee performance and evaluation data; employee discipline information; information regarding previous roles and employment; employee benefits information such as election decisions, leave requests, authorization/declination, health insurance company. National identifiers: national ID/passport number; tax ID; government identification number; driver's license, visa or immigration status. Academic and professional qualifications: degrees; titles; skills; language proficiency; training information; employment history; CV/résumé. Financial data: bank account number; IBAN number; bank details including bank name, bank code, sort code; salary and compensation data; bonuses; pension qualification information; payroll data; tax class; tax office name. IT related data: computer ID; user ID and password; domain name; IP address; log files; software and hardware inventory; software usage pattern tracking information (i.e., cookies and information recorded for operation and training purposes). Lifestyle: hobbies; social activities; holiday preferences. Vendors Identification data: first and last name; date of birth; place of birth; nationality; photograph; vendor ID. Contact details: address; professional email address; professional telephone number (including mobile telephone number). Professional details: job title; employer; academic and professional qualifications; data related to transactions involving goods and services. National identifiers: tax ID; government identification number. Financial data: bank account number; bank details. Website visitors IT-related data: unique device identifiers, dynamic and static Internet Protocol addresses, as well as other information, such as browser characteristics, language preferences, operating system details, referring URLs, length of visits, and pages viewed. Customers, potential Customers and/or their staff, each as applicable Contact information (including name, physical address, e-mail and telephone numbers); Employer; Job title; Login credentials; Account profile, including interests and photograph; Applications for Hyland’s educational opportunities, including name, contact information, references, programming experience, and application essays; Dietary preferences and restrictions; Order information for trainings courses; Training records including courses taken, certifications completed, and scores and grades; Questions, feedback, comments and other postings, including through https://community.hyland.com; Other information the Customer chooses to provide; Information provided by third parties: data relating to the Customer, potential Customer or staff having clicked on a Hyland advertisement posted on a third party website; Information provided by third parties, where a Customer attends a Hyland event sponsored by a third party: including name, e-mail address, and phone number; Versions of Hyland Group company software used and how the software is being used (what functions, how often etc.); bank account number; bank details; credit card details; purchasing history; return history; cancellation history; and Personal Data submitted by a Customer in the course of the Customer's use of Hyland's Services or during the performance of Services under the Service Agreement. |
Categories of Sensitive Personal Data Processed | No collection of any sensitive data by a Service Provider is anticipated other than employee data required to provide Services in connection with valid employment purposes or to the extent required by applicable law. Such collection will only concern limited sensitive data, for example, health-related information for the purpose of managing employee absences, or disabilities in order to provide access to our premises. |
FOR USE ONLY WITH THE EU MODEL CLAUSES | |
Data Exporter (including country of establishment) | Hyland, as defined in this DPA. |
Data Importer (including country of establishment) | Service Provider, as defined in the Service Provider Agreement. |
Frequency of the Transfer | Continuous basis |
Retention Period | The Personal Data transferred may be stored in an identifiable form for no longer than necessary for the purposes for which the Personal Data was transferred and, in no event, longer than permitted under the laws of the country of the Data Exporter. |
Governing Law | MODULE TWO: EU Member State in which the data exporter (i.e., applicable Hyland entity) is established. MODULE THREE: EU Member State in which the data exporter (i.e., applicable customer entity) is established. |
Choice of Forum and Jurisdiction | The Parties agree that any disputes arising from the EU Model Clauses shall be resolves by the courts of the Netherlands. |
Sub-processors | Data importer may use Sub-processors as set forth by Section 6 of this DPA. |
Competent Supervisory Authority | The competent supervisory authority is the supervisory authority of the EU/EEA Member State where the Data Exporter is established. |
Appendix B
Technical and organizational measures
Taking into account
Service Provider shall maintain a comprehensive written information privacy and security program that includes reasonable and appropriate measures to protect against reasonably foreseeable risks to the security, confidentiality, integrity and resilience of Personal Data. Such program shall include, at a minimum, the following:
Administrative Controls
- A person or committee responsible for Service Provider’s information security and privacy program;
- Policies and procedures to investigate, mitigate, and provide notice of a Personal Data Breach;
- Vulnerability management program to identity, prioritize and remediate security vulnerabilities;
- Employees that are subject to confidentiality and non-disclosure commitments and understand their obligations and responsibilities in relation to the Service Providers information privacy and security program;
- A security awareness training program, which includes periodic security reminders and updates;
- A password policy, requiring complex passwords, a maximum password age, a minimum password age, account lockout policies and other logon restrictions; and
- Disaster recovery and business continuity procedures.
Physical Controls
- Policies and procedures to safeguard the facilities and equipment that house Personal Data against unauthorized physical access, theft or destruction;
- Procedures to control and validate access to facilities that house Personal Data based on role/function, including visitor control;
- Physical safeguards for all workstations that access Personal Data to restrict access from authorized users; and
- Permanently destroying or removing Personal Data from hardware prior to final disposition.
Technical Controls
- Policies and procedures to limit access rights based on the principle of least privilege;
- User access controls that address timely provisioning and de-provisioning of user accounts;
- Workstations that are set to lock automatically after a set period of inactivity;
- Encryption at rest and in transit of Personal Data;
- Industry standard anti-malware software used on all endpoints with behavioral based protection against ransomware and other exploits;
- Procedures to ensure that all security patches are applied in a timely manner;
- Operating system and application patches and updates pushed regularly;
- Network segregation including but not limited to the separation of all Hyland Personal Data stored by Service Provider; and
- Service Providers that store Hyland Personal Data shall also maintain an external audit program, tested at least annually.
- Completed attestations, such as SOC 2 reports, shall be provided to Hyland upon written request.
Effective December 7th 2021 to January 19th 2022
DownloadTable of Contents
Global Data Processing Addendum
This Global Data Processing Addendum together with all attachments and appendices (“DPA”) forms part of the Master Services Agreement (or similar agreement under which Services are provided to Hyland) (“Services Agreement”) which incorporates this Addendum by reference.
AGREEMENT
and the remaining details required under the EU Model Clauses being deemed completed as appropriate with the information set out in this DPA (including without limitation the Appendix) and the Services Agreement. For the avoidance of doubt, for purposes of the EU Model Clauses, Appendix A of this DPA shall serve as Annex I and Appendix B shall serve as Annex II. In the event of any conflict or inconsistency among or between the terms and conditions of any such EU Model Clauses and this DPA and/or the Services Agreement, the terms of the EU Model Clauses shall prevail.
APPENDIX A
Subject Matter and During of the Processing | The subject matter of the Processing is Service Providers provision of Services under the Services Agreement. The duration of the Processing is the term of the Services Agreement, and any exit period, if applicable. |
Categories of Data Subjects whose Personal Data is Processed | Employees, Vendors, Website visitors, Hyland Customers or End-Users |
Nature and Purpose of the Processing | The purpose of the Processing is to provide the Services as set forth in the Services Agreement. The nature of the Processing may include, but is not limited to, collection, recording, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction. |
Type of Personal Data Processed | The Personal Data transferred may concern the following categories of Data Subjects: Employees - Past, potential, present and future staff of Hyland (including job candidates, volunteers, agents, independent contractors, interns, temporary and casual workers). Vendors - Past, present and potential advisors, consultants, vendors, contractors, subcontractors and other professionals engaged by Hyland and related staff. Website visitors – Individuals who visit any Hyland owned or operated website. Hyland Customers or End Users (collectively, “Customers”) – (a) Past, present and potential Customers of Hyland, and (b) data subjects whose Personal Data is uploaded or provided by Customers to Hyland during use of Hyland’s services or products. |
Categories of Personal Data Processed | The Personal Data transferred may concern the following categories: Employees Identification data: civil/marital status; first and last name; photograph; date and place of birth; nationality; corporate identifier; gender. Contact details: address; telephone number (fixed and mobile); email address; fax number; emergency contact information. Employment details: job title; company name; grade, occupation code; geographic location; employee performance and evaluation data; employee discipline information; information regarding previous roles and employment; employee benefits information such as election decisions, leave requests, authorization/declination, health insurance company. National identifiers: national ID/passport number; tax ID; government identification number; driver's license, visa or immigration status. Academic and professional qualifications: degrees; titles; skills; language proficiency; training information; employment history; CV/résumé. Financial data: bank account number; IBAN number; bank details including bank name, bank code, sort code; salary and compensation data; bonuses; pension qualification information; payroll data; tax class; tax office name. IT related data: computer ID; user ID and password; domain name; IP address; log files; software and hardware inventory; software usage pattern tracking information (i.e., cookies and information recorded for operation and training purposes). Lifestyle: hobbies; social activities; holiday preferences. Vendors Identification data: first and last name; date of birth; place of birth; nationality; photograph; vendor ID. Contact details: address; professional email address; professional telephone number (including mobile telephone number). Professional details: job title; employer; academic and professional qualifications; data related to transactions involving goods and services. National identifiers: tax ID; government identification number. Financial data: bank account number; bank details. Website visitors IT-related data: unique device identifiers, dynamic and static Internet Protocol addresses, as well as other information, such as browser characteristics, language preferences, operating system details, referring URLs, length of visits, and pages viewed. Customers, potential Customers and/or their staff, each as applicable Contact information (including name, physical address, e-mail and telephone numbers); Employer; Job title; Login credentials; Account profile, including interests and photograph; Applications for Hyland’s educational opportunities, including name, contact information, references, programming experience, and application essays; Dietary preferences and restrictions; Order information for trainings courses; Training records including courses taken, certifications completed, and scores and grades; Questions, feedback, comments and other postings, including through https://community.hyland.com; Other information the Customer chooses to provide; Information provided by third parties: data relating to the Customer, potential Customer or staff having clicked on a Hyland advertisement posted on a third party website; Information provided by third parties, where a Customer attends a Hyland event sponsored by a third party: including name, e-mail address, and phone number; Versions of Hyland Group company software used and how the software is being used (what functions, how often etc.); bank account number; bank details; credit card details; purchasing history; return history; cancellation history; and Personal Data submitted by a Customer in the course of the Customer's use of Hyland's Services or during the performance of Services under the Service Agreement. |
Categories of Sensitive Personal Data Processed | No collection of any sensitive data by a Service Provider is anticipated other than employee data required to provide Services in connection with valid employment purposes or to the extent required by applicable law. Such collection will only concern limited sensitive data, for example, health-related information for the purpose of managing employee absences, or disabilities in order to provide access to our premises. |
FOR USE ONLY WITH THE EU MODEL CLAUSES | |
Data Exporter (including country of establishment) | Hyland, as defined in this DPA. |
Data Importer (including country of establishment) | Service Provider, as defined in the Service Provider Agreement. |
Frequency of the Transfer | Continuous basis |
Retention Period | The Personal Data transferred may be stored in an identifiable form for no longer than necessary for the purposes for which the Personal Data was transferred and, in no event, longer than permitted under the laws of the country of the Data Exporter. |
Governing Law | MODULE TWO: EU Member State in which the data exporter (i.e., applicable Hyland entity) is established. MODULE THREE: EU Member State in which the data exporter (i.e., applicable customer entity) is established. |
Choice of Forum and Jurisdiction | The Parties agree that any disputes arising from the EU Model Clauses shall be resolves by the courts of the Netherlands. |
Sub-processors | Data importer may use Sub-processors as set forth by Section 6 of this DPA. |
Competent Supervisory Authority | The competent supervisory authority is the supervisory authority of the EU/EEA Member State where the Data Exporter is established. |
Appendix B
Technical and organizational measures
Taking into account
Service Provider shall maintain a comprehensive written information privacy and security program that includes reasonable and appropriate measures to protect against reasonably foreseeable risks to the security, confidentiality, integrity and resilience of Personal Data. Such program shall include, at a minimum, the following:
Administrative Controls
- A person or committee responsible for Service Provider’s information security and privacy program;
- Policies and procedures to investigate, mitigate, and provide notice of a Personal Data Breach;
- Vulnerability management program to identity, prioritize and remediate security vulnerabilities;
- Employees that are subject to confidentiality and non-disclosure commitments and understand their obligations and responsibilities in relation to the Service Providers information privacy and security program;
- A security awareness training program, which includes periodic security reminders and updates;
- A password policy, requiring complex passwords, a maximum password age, a minimum password age, account lockout policies and other logon restrictions; and
- Disaster recovery and business continuity procedures.
Physical Controls
- Policies and procedures to safeguard the facilities and equipment that house Personal Data against unauthorized physical access, theft or destruction;
- Procedures to control and validate access to facilities that house Personal Data based on role/function, including visitor control;
- Physical safeguards for all workstations that access Personal Data to restrict access from authorized users; and
- Permanently destroying or removing Personal Data from hardware prior to final disposition.
Technical Controls
- Policies and procedures to limit access rights based on the principle of least privilege;
- User access controls that address timely provisioning and de-provisioning of user accounts;
- Workstations that are set to lock automatically after a set period of inactivity;
- Encryption at rest and in transit of Personal Data;
- Industry standard anti-malware software used on all endpoints with behavioral based protection against ransomware and other exploits;
- Procedures to ensure that all security patches are applied in a timely manner;
- Operating system and application patches and updates pushed regularly;
- Network segregation including but not limited to the separation of all Hyland Personal Data stored by Service Provider; and
- Service Providers that store Hyland Personal Data shall also maintain an external audit program, tested at least annually.
- Completed attestations, such as SOC 2 reports, shall be provided to Hyland upon written request.
Effective September 24th 2021 to December 7th 2021
DownloadTable of Contents
Global Data Processing Addendum
This Global Data Processing Addendum together with all attachments and appendices (“DPA”) forms part of the Master Services Agreement (or similar agreement under which Services are provided to Hyland) (“Services Agreement”) between Service Provider (or similar term under the Services Agreement) and Hyland and is incorporated therein by reference.
AGREEMENT
and the remaining details required under the EU Model Clauses being deemed completed as appropriate with the information set out in this DPA (including without limitation the Appendix) and the Services Agreement. For the avoidance of doubt, for purposes of the EU Model Clauses, Appendix A of this DPA shall serve as Annex I and Appendix B shall serve as Annex II. In the event of any conflict or inconsistency among or between the terms and conditions of any such EU Model Clauses and this DPA and/or the Services Agreement, the terms of the EU Model Clauses shall prevail.
APPENDIX A
Subject Matter and During of the Processing | The subject matter of the Processing is Service Providers provision of Services under the Services Agreement. The duration of the Processing is the term of the Services Agreement, and any exit period, if applicable. |
Categories of Data Subjects whose Personal Data is Processed | Employees, Vendors, Website visitors, Hyland Customers or End-Users |
Nature and Purpose of the Processing | The purpose of the Processing is to provide the Services as set forth in the Services Agreement. The nature of the Processing may include, but is not limited to, collection, recording, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction. |
Type of Personal Data Processed | The Personal Data transferred may concern the following categories of Data Subjects: Employees - Past, potential, present and future staff of Hyland (including job candidates, volunteers, agents, independent contractors, interns, temporary and casual workers). Vendors - Past, present and potential advisors, consultants, vendors, contractors, subcontractors and other professionals engaged by Hyland and related staff. Website visitors – Individuals who visit any Hyland owned or operated website. Hyland Customers or End Users (collectively, “Customers”) – (a) Past, present and potential Customers of Hyland, and (b) data subjects whose Personal Data is uploaded or provided by Customers to Hyland during use of Hyland’s services or products. |
Categories of Personal Data Processed | The Personal Data transferred may concern the following categories: Employees Identification data: civil/marital status; first and last name; photograph; date and place of birth; nationality; corporate identifier; gender. Contact details: address; telephone number (fixed and mobile); email address; fax number; emergency contact information. Employment details: job title; company name; grade, occupation code; geographic location; employee performance and evaluation data; employee discipline information; information regarding previous roles and employment; employee benefits information such as election decisions, leave requests, authorization/declination, health insurance company. National identifiers: national ID/passport number; tax ID; government identification number; driver's license, visa or immigration status. Academic and professional qualifications: degrees; titles; skills; language proficiency; training information; employment history; CV/résumé. Financial data: bank account number; IBAN number; bank details including bank name, bank code, sort code; salary and compensation data; bonuses; pension qualification information; payroll data; tax class; tax office name. IT related data: computer ID; user ID and password; domain name; IP address; log files; software and hardware inventory; software usage pattern tracking information (i.e., cookies and information recorded for operation and training purposes). Lifestyle: hobbies; social activities; holiday preferences. Vendors Identification data: first and last name; date of birth; place of birth; nationality; photograph; vendor ID. Contact details: address; professional email address; professional telephone number (including mobile telephone number). Professional details: job title; employer; academic and professional qualifications; data related to transactions involving goods and services. National identifiers: tax ID; government identification number. Financial data: bank account number; bank details. Website visitors IT-related data: unique device identifiers, dynamic and static Internet Protocol addresses, as well as other information, such as browser characteristics, language preferences, operating system details, referring URLs, length of visits, and pages viewed. Customers, potential Customers and/or their staff, each as applicable Contact information (including name, physical address, e-mail and telephone numbers); Employer; Job title; Login credentials; Account profile, including interests and photograph; Applications for Hyland’s educational opportunities, including name, contact information, references, programming experience, and application essays; Dietary preferences and restrictions; Order information for trainings courses; Training records including courses taken, certifications completed, and scores and grades; Questions, feedback, comments and other postings, including through https://community.hyland.com; Other information the Customer chooses to provide; Information provided by third parties: data relating to the Customer, potential Customer or staff having clicked on a Hyland advertisement posted on a third party website; Information provided by third parties, where a Customer attends a Hyland event sponsored by a third party: including name, e-mail address, and phone number; Versions of Hyland Group company software used and how the software is being used (what functions, how often etc.); bank account number; bank details; credit card details; purchasing history; return history; cancellation history; and Personal Data submitted by a Customer in the course of the Customer's use of Hyland's Services or during the performance of Services under the Service Agreement. |
Categories of Sensitive Personal Data Processed | No collection of any sensitive data by a Service Provider is anticipated other than employee data required to provide Services in connection with valid employment purposes or to the extent required by applicable law. Such collection will only concern limited sensitive data, for example, health-related information for the purpose of managing employee absences, or disabilities in order to provide access to our premises. |
FOR USE ONLY WITH THE EU MODEL CLAUSES | |
Data Exporter (including country of establishment) | Hyland, as defined in this DPA. |
Data Importer (including country of establishment) | Service Provider, as defined in the Service Provider Agreement. |
Frequency of the Transfer | Continuous basis |
Retention Period | The Personal Data transferred may be stored in an identifiable form for no longer than necessary for the purposes for which the Personal Data was transferred and, in no event, longer than permitted under the laws of the country of the Data Exporter. |
Governing Law | MODULE TWO: EU Member State in which the data exporter (i.e., applicable Hyland entity) is established. MODULE THREE: EU Member State in which the data exporter (i.e., applicable customer entity) is established. |
Choice of Forum and Jurisdiction | The Parties agree that any disputes arising from the EU Model Clauses shall be resolves by the courts of the Netherlands. |
Sub-processors | Data importer may use Sub-processors as set forth by Section 6 of this DPA. |
Competent Supervisory Authority | The competent supervisory authority is the supervisory authority of the EU/EEA Member State where the Data Exporter is established. |
Appendix B
Technical and organizational measures
Taking into account
Service Provider shall maintain a comprehensive written information privacy and security program that includes reasonable and appropriate measures to protect against reasonably foreseeable risks to the security, confidentiality, integrity and resilience of Personal Data. Such program shall include, at a minimum, the following:
Administrative Controls
- A person or committee responsible for Service Provider’s information security and privacy program;
- Policies and procedures to investigate, mitigate, and provide notice of a Personal Data Breach;
- Vulnerability management program to identity, prioritize and remediate security vulnerabilities;
- Employees that are subject to confidentiality and non-disclosure commitments and understand their obligations and responsibilities in relation to the Service Providers information privacy and security program;
- A security awareness training program, which includes periodic security reminders and updates;
- A password policy, requiring complex passwords, a maximum password age, a minimum password age, account lockout policies and other logon restrictions; and
- Disaster recovery and business continuity procedures.
Physical Controls
- Policies and procedures to safeguard the facilities and equipment that house Personal Data against unauthorized physical access, theft or destruction;
- Procedures to control and validate access to facilities that house Personal Data based on role/function, including visitor control;
- Physical safeguards for all workstations that access Personal Data to restrict access from authorized users; and
- Permanently destroying or removing Personal Data from hardware prior to final disposition.
Technical Controls
- Policies and procedures to limit access rights based on the principle of least privilege;
- User access controls that address timely provisioning and de-provisioning of user accounts;
- Workstations that are set to lock automatically after a set period of inactivity;
- Encryption at rest and in transit of Personal Data;
- Industry standard anti-malware software used on all endpoints with behavioral based protection against ransomware and other exploits;
- Procedures to ensure that all security patches are applied in a timely manner;
- Operating system and application patches and updates pushed regularly;
- Network segregation including but not limited to the separation of all Hyland Personal Data stored by Service Provider; and
- Service Providers that store Hyland Personal Data shall also maintain an external audit program, tested at least annually.
- Completed attestations, such as SOC 2 reports, shall be provided to Hyland upon written request.
Customer GDPR DPA
Effective October 4th 2021
DownloadTable of Contents
| CUSTOMER Print Name: _________________________________ Title: _______________________________________ Date: ______________________________________ Mailing Address: ____________________________ ____________________________________________ Email: ______________________________________ Signature: ____________________________________ | Print Name: _____________________________ Title: __________________________________ Date: __________________________________ Signature: ________________________________ Hyland Legal Approved By: Date: |
- Customer Employees (Past, potential, present and future staff of Customer)
- Customer Vendors (Past, present and potential advisors, consultants, vendors, contractors, subcontractors and other professionals engaged by Customer and related staff.)
- Customers End Users (Past, present and potential users of Customer services or products)
- Any Personal Data submitted or made available by the Customer to Hyland in the course of Customer's use of Hyland's Services under the Related Agreements:
- Customer determines what Personal Data is provided to Hyland.
- Continuous basis (services related to Hyland’s hosted offerings or cloud services);
- One-off basis (technical support, professional services or other applicable services)
- The data is processes as part of the data exporter’s and the data importer’s regular business operations as well as on an ad hoc basis where a specific business need arises. The nature of the processing may include, but is not limited to, collection, recording, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
- To provide the Services set forth in the Related Agreements.
- For hosting or cloud customers, data is retained for the duration of the Related Agreements, including any applicable transition period. Personal data provided to Hyland during the performance of technical support or professional services is retained for no longer than necessary for the purposes for which the Personal Data was transferred and, in no event, longer than permitted under the laws of the country of the data exporter.
- The data importer may use various processors to process the data for the purposes set out above. Such processors are typically engaged on the basis of a contract with an unlimited term. See also Section 3(e) of this DPA.
- the state of the art,
- the costs of implementation and
- the nature, scope, context and
- the purpose of processing as well as
- the risk of varying likelihood and severity for the rights and freedoms of natural persons
Effective October 4th 2021 to October 4th 2021
DownloadTable of Contents
| CUSTOMER Print Name: _________________________________ Title: _______________________________________ Date: ______________________________________ Mailing Address: ____________________________ ____________________________________________ Email: ______________________________________ Signature: ____________________________________ | Print Name: _____________________________ Title: __________________________________ Date: __________________________________ Signature: ________________________________ Hyland Legal Approved By: Date: |
- Customer Employees (Past, potential, present and future staff of Customer)
- Customer Vendors (Past, present and potential advisors, consultants, vendors, contractors, subcontractors and other professionals engaged by Customer and related staff.)
- Customers End Users (Past, present and potential users of Customer services or products)
- Other: ______________________________________________________________
- Any Personal Data submitted or made available by the Customer to Hyland in the course of Customer's use of Hyland's Services under the Related Agreements:
- Customer determines what Personal Data is provided to Hyland.
- Continuous basis (services related to Hyland’s hosted offerings or cloud services);
- One-off basis (technical support, professional services or other applicable services)
- The data is processes as part of the data exporter’s and the data importer’s regular business operations as well as on an ad hoc basis where a specific business need arises. The nature of the processing may include, but is not limited to, collection, recording, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
- To provide the Services set forth in the Related Agreements.
- For hosting or cloud customers, data is retained for the duration of the Related Agreements, including any applicable transition period. Personal data provided to Hyland during the performance of technical support or professional services is retained for no longer than necessary for the purposes for which the Personal Data was transferred and, in no event, longer than permitted under the laws of the country of the data exporter.
- The data importer may use various processors to process the data for the purposes set out above. Such processors are typically engaged on the basis of a contract with an unlimited term. See also Section 3(e) of this DPA.
- the state of the art,
- the costs of implementation and
- the nature, scope, context and
- the purpose of processing as well as
- the risk of varying likelihood and severity for the rights and freedoms of natural persons
Service Class Manual
Healthcare Service Class Manual
Healthcare Schedule - SaaS
Effective March 4th 2022
DownloadTable of Contents
HEALTHCARE SCHEDULE - SAAS
This Healthcare Schedule (“Healthcare Schedule”) forms a part of the Hyland Master Agreement or any other agreement entered into between Customer and Hyland (the “Agreement”) which incorporates this Healthcare Schedule by reference.
All capitalized terms used in this Healthcare Schedule shall have the meaning ascribed them in this Healthcare Schedule or, if not defined in this Healthcare Schedule, the General Terms Schedule. If any capitalized terms used herein are not defined in this Healthcare Schedule or the General Terms Schedule, they shall have the meaning ascribed to them elsewhere in this Agreement.
“Ambulatory Surgery Centers” means a facility that performs outpatient surgery and/or procedures (i) to which Customer grants access to Customer’s EPIC system; and (ii) for which Customer has paid to Hyland the requisite fees as described in the Healthcare Customer Schedule.
“Community Connect Physician Practice” means a physician practice (i) to which Customer grants access to Customer’s EPIC system; and (ii) for which Customer has paid to Hyland the requisite fees as described in this Healthcare Schedule.
“Community Connect User(s)” means: Small Community Connect Hospital(s); Community Connect Physician Practice(s); and Ambulatory Surgery Centers.
“Small Community Connect Hospital” means a hospital (i) which has less than two hundred and fifty (250) licensed beds (as most recently reported by Customer for such hospital), (ii) to which Customer grants access to Customer’s EPIC system; and (iii) for which Customer has paid to Hyland the requisite fees as described in this Healthcare Customer Schedule.
1. ADDITIONAL TERMS.
1.1 Use by Community Connect User. In addition to the grant of access to the Hyland Cloud Service in the SaaS Schedule, such Hyland Cloud Service may also be used by a Community Connect User solely to manage its own medical records function through Epic.
1.2 Indemnification. Customer understands and agrees that Community Connect Users may use the Hyland Cloud Service only in compliance with the terms of the Agreement, and that Customer shall indemnify Hyland from and against all claims, liabilities, losses, damages and costs, including, but not limited to, reasonable attorneys’ fees and court costs, which are suffered or incurred by Hyland and arise from or in connection with the breach or noncompliance with the terms of the Agreement by any Community Connect User.
2. PAYMENT TERMS FOR COMMUNITY CONNECT USERS.
2.1 SaaS for Small Community Connect Hospitals. For each Small Community Connect Hospital to which Customer wishes to grant access to the Hyland Cloud Service as a Community Connect User, Customer shall pay SaaS Fees in an amount determined by multiplying the number of licensed beds for such Small Community Connect Hospital (at the time of such payment) for such Small Community Connect Hospital) by Hyland’s then-current Small Community Connect Hospital SaaS Fee. Thereafter, from time to time, but no less than annually, Customer shall report to Hyland the number of licensed beds for each Small Community Connect Hospital that is a Community Connect User hereunder. If the number of licensed beds of such Small Community Connect Hospital increases based upon the reports contemplated herein, Customer shall pay additional SaaS Fees to Hyland in an amount equal to the number of such additional licensed beds, multiplied by Hyland’s then-current Small Community Connect Hospital SaaS Fee. Customer may not transfer or reassign license rights between Small Community Connect Hospitals, and shall not be entitled to a refund or credit if the number of licensed beds decreases at any time.
2.2 SaaS Fees for Community Connect Physician Practices. For each Community Connect Physician Practice which Customer wishes to grant access to the Hyland Cloud Service as a Community Connect User, Customer shall pay additional SaaS Fees in an amount determined by multiplying the number of physicians in such practice (at the time of such payment) by Hyland’s then-current Community Connect Physician Practice SaaS Fee. Thereafter, from time to time, but no less than annually, Customer shall report to Hyland the number of physicians in each Community Connect Physician Practice that is a Community Connect User hereunder. If the number of physicians in such practice increases based upon the reports contemplated herein, Customer shall pay additional SaaS Fees to Hyland in an amount equal to the number of such additional physicians, multiplied by Hyland’s then-current Community Connect Physician Practice SaaS Fee. Customer may not transfer or reassign license rights between Community Connect Physician Practices, and shall not be entitled to a refund or credit if the number of physicians decreases at any time.
2.3 SaaS Fees for Ambulatory Surgery Centers. For each Ambulatory Surgery Center to which Customer wishes to grant access to the Hyland Cloud Service as a Community Connect User, Customer shall pay additional SaaS Fees in an amount determined by multiplying the number of operating/procedure rooms for such Ambulatory Surgery Center (at the time of such payment) for such Ambulatory Surgery Center by Hyland’s then-current Ambulatory Surgery Center SaaS Fee. Thereafter, from time to time, but no less than annually, Customer shall report to Hyland the number of operating/procedure rooms for each Ambulatory Surgery Center that is a Community Connect User hereunder. If the number of operating/procedure rooms of such Ambulatory Surgery Center increases based upon the reports contemplated herein, Customer shall pay additional SaaS Fees to Hyland in an amount equal to the number of such additional operating/procedure rooms, multiplied by Hyland’s then-current Ambulatory Surgery Center SaaS Fee. Customer may not transfer or reassign license rights between Ambulatory Surgery Centers, and shall not be entitled to a refund or credit if the number of operating/procedure rooms decreases at any time.
3. TERM; TERMINATION. This Healthcare Schedule will be in effect for so long as the Customer’s SaaS Schedule, and will terminate upon any termination of Customer’s SaaS Schedule.
Effective October 27th 2021 to March 4th 2022
DownloadTable of Contents
HEALTHCARE SCHEDULE - SAAS
This Healthcare Schedule (“Healthcare Schedule”) forms a part of the Hyland Master Agreement or any other agreement entered into between Customer and Hyland (the “Agreement”) which incorporates this Healthcare Schedule by reference.
All capitalized terms used in this Healthcare Schedule shall have the meaning ascribed them in this Healthcare Schedule or, if not defined in this Healthcare Schedule, the General Terms Schedule. If any capitalized terms used herein are not defined in this Healthcare Schedule or the General Terms Schedule, they shall have the meaning ascribed to them elsewhere in this Agreement.
“Community Connect Physician Practice” means a physician practice (i) to which Customer grants access to Customer’s EPIC system; and (ii) for which Customer has paid to Hyland the requisite Software license fee and annual maintenance fees as described in this Healthcare Schedule.
“Community Connect User(s)” means Community Connect Physician Practice(s).
1. ADDITIONAL TERMS.
1.1 Use by Community Connect User. In addition to the grant of access to the Hyland Cloud Service in the SaaS Schedule, such Hyland Cloud Service may also be used by a Community Connect User solely to manage its own medical records function through Epic.
1.2 Indemnification. Customer understands and agrees that Community Connect Users may use the Hyland Cloud Service only in compliance with the terms of the Agreement, and that Customer shall indemnify Hyland from and against all claims, liabilities, losses, damages and costs, including, but not limited to, reasonable attorneys’ fees and court costs, which are suffered or incurred by Hyland and arise from or in connection with the breach or noncompliance with the terms of the Agreement by any Community Connect User.
2. PAYMENT TERMS FOR COMMUNITY CONNECT USERS.
2.1 SaaS Fees. For each Community Connect Physician Practice which Customer wishes to grant access to the Hyland Cloud Service as a Community Connect User, Customer shall pay additional SaaS Fees in an amount determined by multiplying the number of physicians in such practice (at the time of such payment) by Hyland’s then-current Community Connect Physician Practice SaaS Fee. Thereafter, from time to time, but no less than annually, Customer shall report to Hyland the number of physicians in each Community Connect Physician Practice that is a Community Connect User hereunder. If the number of physicians in such practice increases, Customer shall pay additional SaaS Fees to Hyland in an amount equal to the number of such additional physicians, multiplied by Hyland’s then-current Community Connect Physician Practice SaaS Fee. Customer may not transfer or reassign license rights between Community Connect Physician Practices, and shall not be entitled to a refund or credit if the number of physicians decreases at any time.
3. TERM; TERMINATION. This Healthcare Schedule will be in effect for so long as the Customer’s SaaS Schedule, and will terminate upon any termination of Customer’s SaaS Schedule.
Healthcare Schedule
Effective February 16th 2025
DownloadTable of Contents
Hyland Company | Additional Terms Exhibit |
Hyland Software Germany GmbH | Exhibit A |
Effective February 16th 2025
Download1.3 Community Connect Arztpraxen.Für jede Community Connect Arztpraxis, der der Kunde Zugang zu der Software oder (sofern zutreffend) zu den Hyland Cloud Services als Community Connect Nutzer gewähren möchte, ist der Kunde verpflichtet, Abonnementgebühren oder (sofern zutreffend) SaaS-Gebühren zu zahlen. Die jeweilige Gebühr wird durch die Multiplikation der zum Zeitpunkt der Zahlung bestehenden Anzahl der Ärzte in einer solchen Praxis mit der zu diesem Zeitpunkt geltenden Hyland Community Connect Arztpraxis Gebühr oder (sofern zutreffend) SaaS-Gebühr berechnet.
Effective February 16th 2025
DownloadEffective February 16th 2025
DownloadEffective February 16th 2025
DownloadEffective February 15th 2024 to February 16th 2025
DownloadTable of Contents
HEALTHCARE SCHEDULE
As of the Effective Date of the Incorporating Document (as defined below), this Healthcare Schedule (this “Healthcare Schedule”) is made part of the Hyland Master Agreement, Order Form or any other agreement or document entered into between Customer and Hyland, which incorporates this Healthcare Schedule by reference (the “Incorporating Document”). As used herein, the “Agreement” means the Incorporating Document, inclusive of this Healthcare Schedule.
DEFINED TERMS
All capitalized terms used in this Healthcare Schedule shall have the meaning ascribed them in this Healthcare Schedule or, if not defined in this Healthcare Schedule, the General Terms Schedule. If any capitalized terms used herein are not defined in this Healthcare Schedule or the General Terms Schedule, they shall have the meaning ascribed to them elsewhere in this Agreement. In the event the same defined term is defined in two (2) or more Schedules, the term shall be given the meaning defined in each Schedule with respect to that Schedule, and, if the term is also used within this Schedule, this Schedule shall be interpreted to include all definitions, as the context requires.
“Ambulatory Surgery Centers” means a facility that performs outpatient surgery and/or procedures (a) to which Customer grants access to Customer’s EMR system; and (b) for which Customer has paid to Hyland the requisite fees as described in this Healthcare Schedule.
“Community Connect Physician Practice” means a physician practice (a) to which Customer grants access to Customer’s EMR system; and (b) for which Customer has paid to Hyland the requisite fees as described in this Healthcare Schedule.
“Community Connect User(s)” means: Community Connect Hospital(s); Community Connect Physician Practice(s); and Ambulatory Surgery Centers.
“Community Connect Hospital” means a hospital (a) which has less than two hundred and fifty (250) licensed beds (as most recently reported by Customer for such hospital), (b) to which Customer grants access to Customer’s EMR system; and (c) for which Customer has paid to Hyland the requisite fees as described in this Healthcare Schedule.
“Incorporating Document” means the Order Form or any other agreement or document entered into between Customer and Hyland, which incorporates this Healthcare Schedule by reference.
“Non-DICOM Object” means a collection of one of or more images or documents which are not identified by a study instance unique identifier (SUID) and are stored as a single file.
“Study” or “Studies” means a collection of one of or more images generated for a single patient which is identified by a study instance unique identifier (SUID).
1. COMMUNITY CONNECT USERS.
1.1 Use by Community Connect User. Software, Work Products, and Hyland Cloud Service, as applicable, may also be used by a Community Connect User solely to manage its own medical records function through Customer’s EMR system.
1.2 Community Connect Hospitals. For each Community Connect Hospital to which Customer wishes to grant access to the Software or to the Hyland Cloud Service, as the case may be, as a Community Connect User, Customer shall pay Subscription Fees or SaaS Fees, as applicable, in an amount determined by multiplying the number of licensed beds for such Community Connect Hospital (at the time of such payment) by Hyland’s then-current Community Connect Hospital Subscription Fee or SaaS Fee, as applicable.
1.3 Community Connect Physician Practices. For each Community Connect Physician Practice to which Customer wishes to grant access to the Software or to the Hyland Cloud Service, as the case may be, as a Community Connect User, Customer shall pay additional Subscription Fees or SaaS Fees, as applicable, in an amount determined by multiplying the number of physicians in such practice (at the time of such payment) by Hyland’s then-current Community Connect Physician Practice Subscription Fee or SaaS Fee, as applicable.
1.4 Ambulatory Surgery Centers. For each Ambulatory Surgery Center to which Customer wishes to grant access to the Software or to the Hyland Cloud Service, as the case may be, as a Community Connect User, Customer shall pay additional Subscription Fees or SaaS Fees, as applicable, in an amount determined by multiplying the number of operating/procedure rooms for such Ambulatory Surgery Center (at the time of such payment) by Hyland’s then-current Ambulatory Surgery Center Subscription Fee or SaaS Fee, as applicable.
1.5 Community Connect Users Reports; Additional Fees. From time to time, but no less than annually, Customer shall report to Hyland, as applicable, (a) the number of licensed beds for each Community Connect Hospital, (b) the number of physicians in each Community Connect Physician Practice, and (c) the number of operating/procedure rooms for each Ambulatory Surgery Center that is a Community Connect User hereunder. If the number of licensed beds, physicians or operating/procedure rooms, as applicable, increases based upon the reports contemplated herein, Customer shall pay additional Subscription Fees or SaaS Fees, as applicable, to Hyland in an amount equal to the number of such additional licensed beds, physicians or operating/procedure rooms, multiplied by Hyland’s then-current Subscription Fee or SaaS Fee, as applicable, for the applicable Community Connect Users.
1.6 Indemnification. Customer understands and agrees that Community Connect Users may use the Software or the Hyland Cloud Service, as applicable, only in compliance with the terms of the Agreement, and that Customer shall indemnify Hyland from and against all claims, liabilities, losses, damages and costs, including, but not limited to, reasonable attorneys’ fees and court costs, which are suffered or incurred by Hyland and arise from or in connection with the breach or noncompliance with the terms of the Agreement by any Community Connect User.
2. ACUO AND NILREAD.
2.1 Acuo and Nilread Pricing. If Customer licenses Acuo or Nilread, Customer acknowledges that the pricing for such Software is based upon the number of Studies and Non-DICOM Objects that are generated annually by Customer using such Software, and such pricing will be adjusted based on Customer’s usage. For clarification, the number of Studies and Non-DICOM does not include any pre-existing Studies that are migrated into the Software.
2.2 Acuo and Nilread Reporting. Commencing on the first anniversary of the Effective Date and each anniversary thereafter, Customer shall promptly either (a) provide to Hyland reasonable access to the Software to enable Hyland to report to Customer in writing the number of Studies and Non-DICOM Objects generated by Customer during the reporting period identified by Hyland (the “Hyland Reported Number”) or (b) provide written attestation to the number of Studies and Non-DICOM Objects generated by Customer during the reporting period identified by Hyland (the “Customer Reported Number”) (the Hyland Reported Number and Customer Reported Number shall collectively be referred to as the “Reported Number”). The parties shall have the right to review and object in writing to such Reported Number. If either party objects to the Reported Number, the parties shall cooperate in good faith to attempt to resolve the dispute substantially in the manner described in the ‘Resolution of Invoice Disputes’ provision in the General Terms Schedule. As used herein, the number of Studies and Non-DICOM Objects resulting from the process described above shall be final and binding upon Hyland and Customer.
3. EPIC; AUDIT RIGHTS IN CONNECTION WITH EPIC MARKETPLACE PURCHASES. Subject to the following requirements, Hyland grants the Customer the right to conduct an audit to verify Hyland’s compliance with the terms and conditions found in the Vendor Services Development Agreement between Hyland and Epic Systems Corporation (“EPIC”). If Customer purchases from Hyland the rights to use Software which constitutes an “App” distributed under the Vendor Services program managed by EPIC (as the same may be amended from time to time), Hyland hereby grants to Customer the right to conduct an audit to verify Hyland’s compliance with the terms of the Vendor Services Development Agreement (which is the agreement that authorizes the distribution by Hyland of such Software, as amended from time to time). Such audit shall be conducted on a mutually agreed upon date and time, and Hyland will provide reasonable cooperation to provide all such pertinent information and data expressly requested by Customer; all such information and data produced by Hyland for such audit shall be made available to Customer from the applicable Hyland location(s). To the extent a material non-compliance by Hyland with the terms of such Vendor Services Development Agreement is identified and confirmed, Hyland shall bear the reasonable and actual costs and expenses incurred by Customer in conducting such audit.
4. PAYMENT TERMS. Customer shall pay to Hyland any fees described in this Healthcare Schedule in such amounts as invoiced by Hyland and in accordance with the General Terms Schedule.
5. CONTROLLING LANGUAGE. Hyland may make other versions of this Healthcare Schedule available in other languages at this online location. This English language version of this Healthcare Schedule controls over any version of the Healthcare Schedule made available at this online location in another language if the Incorporating Document is in English. If the Incorporating Document is in a language other than English (such language, the “Other Language”), but this Healthcare Schedule is not made available at this online location in the Other Language, this English language version controls over any other version of the Healthcare Schedule that may be made available at this online location in another language.
The most current version of this page shall be such in effect as of 12:00am EST (Eastern Standard Time) of the date stamped on such online version.
Effective October 4th 2023 to February 15th 2024
DownloadTable of Contents
HEALTHCARE SCHEDULE
As of the Effective Date of the Incorporating Document (as defined below), this Healthcare Schedule (this “Healthcare Schedule”) is made part of the Hyland Master Agreement, Order Form or any other agreement or document entered into between Customer and Hyland, which incorporates this Healthcare Schedule by reference (the “Incorporating Document”). As used herein, the “Agreement” means the Incorporating Document, inclusive of this Healthcare Schedule.
DEFINED TERMS
All capitalized terms used in this Healthcare Schedule shall have the meaning ascribed them in this Healthcare Schedule or, if not defined in this Healthcare Schedule, the General Terms Schedule. If any capitalized terms used herein are not defined in this Healthcare Schedule or the General Terms Schedule, they shall have the meaning ascribed to them elsewhere in this Agreement. In the event the same defined term is defined in two (2) or more Schedules, the term shall be given the meaning defined in each Schedule with respect to that Schedule, and, if the term is also used within this Schedule, this Schedule shall be interpreted to include all definitions, as the context requires.
“Ambulatory Surgery Centers” means a facility that performs outpatient surgery and/or procedures (a) to which Customer grants access to Customer’s EMR system; and (b) for which Customer has paid to Hyland the requisite fees as described in this Healthcare Schedule.
“Community Connect Physician Practice” means a physician practice (a) to which Customer grants access to Customer’s EMR system; and (b) for which Customer has paid to Hyland the requisite fees as described in this Healthcare Schedule.
“Community Connect User(s)” means: Community Connect Hospital(s); Community Connect Physician Practice(s); and Ambulatory Surgery Centers.
“Community Connect Hospital” means a hospital (a) which has less than two hundred and fifty (250) licensed beds (as most recently reported by Customer for such hospital), (b) to which Customer grants access to Customer’s EMR system; and (c) for which Customer has paid to Hyland the requisite fees as described in this Healthcare Schedule.
“Incorporating Document” means the Order Form or any other agreement or document entered into between Customer and Hyland, which incorporates this Healthcare Schedule by reference.
“Non-DICOM Object” means a collection of one of or more images or documents which are not identified by a study instance unique identifier (SUID) and are stored as a single file.
“Study” or “Studies” means a collection of one of or more images generated for a single patient which is identified by a study instance unique identifier (SUID).
1. COMMUNITY CONNECT USERS.
1.1 Use by Community Connect User. Software, Work Products, and Hyland Cloud Service, as applicable, may also be used by a Community Connect User solely to manage its own medical records function through Customer’s EMR system.
1.2 Community Connect Hospitals. For each Community Connect Hospital to which Customer wishes to grant access to the Software or to the Hyland Cloud Service, as the case may be, as a Community Connect User, Customer shall pay Subscription Fees or SaaS Fees, as applicable, in an amount determined by multiplying the number of licensed beds for such Community Connect Hospital (at the time of such payment) by Hyland’s then-current Community Connect Hospital Subscription Fee or SaaS Fee, as applicable.
1.3 Community Connect Physician Practices. For each Community Connect Physician Practice to which Customer wishes to grant access to the Software or to the Hyland Cloud Service, as the case may be, as a Community Connect User, Customer shall pay additional Subscription Fees or SaaS Fees, as applicable, in an amount determined by multiplying the number of physicians in such practice (at the time of such payment) by Hyland’s then-current Community Connect Physician Practice Subscription Fee or SaaS Fee, as applicable.
1.4 Ambulatory Surgery Centers. For each Ambulatory Surgery Center to which Customer wishes to grant access to the Software or to the Hyland Cloud Service, as the case may be, as a Community Connect User, Customer shall pay additional Subscription Fees or SaaS Fees, as applicable, in an amount determined by multiplying the number of operating/procedure rooms for such Ambulatory Surgery Center (at the time of such payment) by Hyland’s then-current Ambulatory Surgery Center Subscription Fee or SaaS Fee, as applicable.
1.5 Community Connect Users Reports; Additional Fees. From time to time, but no less than annually, Customer shall report to Hyland, as applicable, (a) the number of licensed beds for each Community Connect Hospital, (b) the number of physicians in each Community Connect Physician Practice, and (c) the number of operating/procedure rooms for each Ambulatory Surgery Center that is a Community Connect User hereunder. If the number of licensed beds, physicians or operating/procedure rooms, as applicable, increases based upon the reports contemplated herein, Customer shall pay additional Subscription Fees or SaaS Fees, as applicable, to Hyland in an amount equal to the number of such additional licensed beds, physicians or operating/procedure rooms, multiplied by Hyland’s then-current Subscription Fee or SaaS Fee, as applicable, for the applicable Community Connect Users.
1.6 Indemnification. Customer understands and agrees that Community Connect Users may use the Software or the Hyland Cloud Service, as applicable, only in compliance with the terms of the Agreement, and that Customer shall indemnify Hyland from and against all claims, liabilities, losses, damages and costs, including, but not limited to, reasonable attorneys’ fees and court costs, which are suffered or incurred by Hyland and arise from or in connection with the breach or noncompliance with the terms of the Agreement by any Community Connect User.
2. ACUO AND NILREAD.
2.1 Acuo and Nilread Pricing. If Customer licenses Acuo or Nilread, Customer acknowledges that the pricing for such Software is based upon the number of Studies and Non-DICOM Objects that are generated annually by Customer using such Software, and such pricing will be adjusted based on Customer’s usage. For clarification, the number of Studies and Non-DICOM does not include any pre-existing Studies that are migrated into the Software.
2.2 Acuo and Nilread Reporting. Commencing on the first anniversary of the Effective Date and each anniversary thereafter, Customer shall promptly either (a) provide to Hyland reasonable access to the Software to enable Hyland to report to Customer in writing the number of Studies and Non-DICOM Objects generated by Customer during the reporting period identified by Hyland (the “Hyland Reported Number”) or (b) provide written attestation to the number of Studies and Non-DICOM Objects generated by Customer during the reporting period identified by Hyland (the “Customer Reported Number”) (the Hyland Reported Number and Customer Reported Number shall collectively be referred to as the “Reported Number”). The parties shall have the right to review and object in writing to such Reported Number. If either party objects to the Reported Number, the parties shall cooperate in good faith to attempt to resolve the dispute substantially in the manner described in the ‘Resolution of Invoice Disputes’ provision in the General Terms Schedule. As used herein, the number of Studies and Non-DICOM Objects resulting from the process described above shall be final and binding upon Hyland and Customer.
3. PAYMENT TERMS. Customer shall pay to Hyland any fees described in this Healthcare Schedule in such amounts as invoiced by Hyland and in accordance with the General Terms Schedule.
4. CONTROLLING LANGUAGE. Hyland may make other versions of this Healthcare Schedule available in other languages at this online location. This English language version of this Healthcare Schedule controls over any version of the Healthcare Schedule made available at this online location in another language if the Incorporating Document is in English. If the Incorporating Document is in a language other than English (such language, the “Other Language”), but this Healthcare Schedule is not made available at this online location in the Other Language, this English language version controls over any other version of the Healthcare Schedule that may be made available at this online location in another language.
The most current version of this page shall be such in effect as of 12:00am EST (Eastern Standard Time) of the date stamped on such online version.
Effective June 3rd 2023 to October 4th 2023
DownloadTable of Contents
HEALTHCARE SCHEDULE
As of the Effective Date of the Incorporating Document (as defined below), this Healthcare Schedule (this “Healthcare Schedule”) is made part of the Hyland Master Agreement, Order Form or any other agreement or document entered into between Customer and Hyland, which incorporates this Healthcare Schedule by reference (the “Incorporating Document”). As used herein, the “Agreement” means the Incorporating Document, inclusive of this Healthcare Schedule.
DEFINED TERMS
All capitalized terms used in this Healthcare Schedule shall have the meaning ascribed them in this Healthcare Schedule or, if not defined in this Healthcare Schedule, the General Terms Schedule. If any capitalized terms used herein are not defined in this Healthcare Schedule or the General Terms Schedule, they shall have the meaning ascribed to them elsewhere in this Agreement. In the event the same defined term is defined in two (2) or more Schedules, the term shall be given the meaning defined in each Schedule with respect to that Schedule, and, if the term is also used within this Schedule, this Schedule shall be interpreted to include all definitions, as the context requires.
“Ambulatory Surgery Centers” means a facility that performs outpatient surgery and/or procedures (a) to which Customer grants access to Customer’s EMR system; and (b) for which Customer has paid to Hyland the requisite fees as described in this Healthcare Schedule.
“Community Connect Physician Practice” means a physician practice (a) to which Customer grants access to Customer’s EMR system; and (b) for which Customer has paid to Hyland the requisite fees as described in this Healthcare Schedule.
“Community Connect User(s)” means: Community Connect Hospital(s); Community Connect Physician Practice(s); and Ambulatory Surgery Centers.
“Community Connect Hospital” means a hospital (a) which has less than two hundred and fifty (250) licensed beds (as most recently reported by Customer for such hospital), (b) to which Customer grants access to Customer’s EMR system; and (c) for which Customer has paid to Hyland the requisite fees as described in this Healthcare Schedule.
“Incorporating Document” means the Order Form or any other agreement or document entered into between Customer and Hyland, which incorporates this Healthcare Schedule by reference.
“Non-DICOM Object” means a collection of one of or more images or documents which are not identified by a study instance unique identifier (SUID) and are stored as a single file.
“Study” or “Studies” means a collection of one of or more images generated for a single patient which is identified by a study instance unique identifier (SUID).
1. COMMUNITY CONNECT USERS.
1.1 Use by Community Connect User. Software, Work Products, and Hyland Cloud Service, as applicable, may also be used by a Community Connect User solely to manage its own medical records function through Customer’s EMR system.
1.2 Community Connect Hospitals. For each Community Connect Hospital to which Customer wishes to grant access to the Software or to the Hyland Cloud Service, as the case may be, as a Community Connect User, Customer shall pay Subscription Fees or SaaS Fees, as applicable, in an amount determined by multiplying the number of licensed beds for such Community Connect Hospital (at the time of such payment) by Hyland’s then-current Community Connect Hospital Subscription Fee or SaaS Fee, as applicable.
1.3 Community Connect Physician Practices. For each Community Connect Physician Practice to which Customer wishes to grant access to the Software or to the Hyland Cloud Service, as the case may be, as a Community Connect User, Customer shall pay additional Subscription Fees or SaaS Fees, as applicable, in an amount determined by multiplying the number of physicians in such practice (at the time of such payment) by Hyland’s then-current Community Connect Physician Practice Subscription Fee or SaaS Fee, as applicable.
1.4 Ambulatory Surgery Centers. For each Ambulatory Surgery Center to which Customer wishes to grant access to the Software or to the Hyland Cloud Service, as the case may be, as a Community Connect User, Customer shall pay additional Subscription Fees or SaaS Fees, as applicable, in an amount determined by multiplying the number of operating/procedure rooms for such Ambulatory Surgery Center (at the time of such payment) by Hyland’s then-current Ambulatory Surgery Center Subscription Fee or SaaS Fee, as applicable.
1.5 Community Connect Users Reports; Additional Fees. From time to time, but no less than annually, Customer shall report to Hyland, as applicable, (a) the number of licensed beds for each Community Connect Hospital, (b) the number of physicians in each Community Connect Physician Practice, and (c) the number of operating/procedure rooms for each Ambulatory Surgery Center that is a Community Connect User hereunder. If the number of licensed beds, physicians or operating/procedure rooms, as applicable, increases based upon the reports contemplated herein, Customer shall pay additional Subscription Fees or SaaS Fees, as applicable, to Hyland in an amount equal to the number of such additional licensed beds, physicians or operating/procedure rooms, multiplied by Hyland’s then-current Subscription Fee or SaaS Fee, as applicable, for the applicable Community Connect Users.
1.6 Indemnification. Customer understands and agrees that Community Connect Users may use the Software or the Hyland Cloud Service, as applicable, only in compliance with the terms of the Agreement, and that Customer shall indemnify Hyland from and against all claims, liabilities, losses, damages and costs, including, but not limited to, reasonable attorneys’ fees and court costs, which are suffered or incurred by Hyland and arise from or in connection with the breach or noncompliance with the terms of the Agreement by any Community Connect User.
2. ACUO AND NILREAD.
2.1 Acuo and Nilread Pricing. If Customer licenses Acuo or Nilread, Customer acknowledges that the pricing for such Software is based upon the number of Studies and Non-DICOM Objects that are generated annually by Customer using such Software, and such pricing will be adjusted based on Customer’s usage. For clarification, the number of Studies and Non-DICOM does not include any pre-existing Studies that are migrated into the Software.
2.2 Acuo and Nilread Reporting. Commencing on the first anniversary of the Effective Date and each anniversary thereafter, Customer shall promptly either (a) provide to Hyland reasonable access to the Software to enable Hyland to report to Customer in writing the number of Studies and Non-DICOM Objects generated by Customer during the reporting period identified by Hyland (the “Hyland Reported Number”) or (b) provide written attestation to the number of Studies and Non-DICOM Objects generated by Customer during the reporting period identified by Hyland (the “Customer Reported Number”) (the Hyland Reported Number and Customer Reported Number shall collectively be referred to as the “Reported Number”). The parties shall have the right to review and object in writing to such Reported Number. If either party objects to the Reported Number, the parties shall cooperate in good faith to attempt to resolve the dispute substantially in the manner described in the ‘Resolution of Invoice Disputes’ provision in the General Terms Schedule. As used herein, the number of Studies and Non-DICOM Objects resulting from the process described above shall be final and binding upon Hyland and Customer.
3. PAYMENT TERMS. Customer shall pay to Hyland any fees described in this Healthcare Schedule in such amounts as invoiced by Hyland and in accordance with the General Terms Schedule.
4. TERM; TERMINATION. This Healthcare Schedule will be in effect for so long as the Schedule that governs the Customer’s access to the Software is in effect, and will terminate upon any termination or expiration of such Schedule.
5. CONTROLLING LANGUAGE. Hyland may make other versions of this Healthcare Schedule available in other languages at this online location. This English language version of this Healthcare Schedule controls over any version of the Healthcare Schedule made available at this online location in another language if the Incorporating Document is in English. If the Incorporating Document is in a language other than English (such language, the “Other Language”), but this Healthcare Schedule is not made available at this online location in the Other Language, this English language version controls over any other version of the Healthcare Schedule that may be made available at this online location in another language.
The most current version of this page shall be such in effect as of 12:00am EST (Eastern Standard Time) of the date stamped on such online version.
Effective July 8th 2022 to June 3rd 2023
DownloadTable of Contents
HEALTHCARE SCHEDULE
This Healthcare Schedule (“Schedule”) forms a part of the Hyland Master Agreement or any other agreement entered into between Customer and Hyland (the “Agreement”) which incorporates this Healthcare Schedule by reference.
Effective July 7th 2022 to July 8th 2022
DownloadTable of Contents
HEALTHCARE SCHEDULE
This Healthcare Schedule (“Schedule”) forms a part of the Hyland Master Agreement or any other agreement entered into between Customer and Hyland (the “Agreement”) which incorporates this Healthcare Schedule by reference.
Effective March 4th 2022 to July 7th 2022
DownloadTable of Contents
HEALTHCARE SCHEDULE - SUBSCRIPTION
This Healthcare Schedule (“Healthcare Schedule”) forms a part of the Hyland Master Agreement or any other agreement entered into between Customer and Hyland (the “Agreement”) which incorporates this Healthcare Schedule by reference.
All capitalized terms used in this Healthcare Schedule shall have the meaning ascribed them in this Healthcare Schedule or, if not defined in this Healthcare Schedule, the General Terms Schedule. If any capitalized terms used herein are not defined in this Healthcare Schedule or the General Terms Schedule, they shall have the meaning ascribed to them elsewhere in this Agreement.
“Ambulatory Surgery Centers” means a facility that performs outpatient surgery and/or procedures (i) to which Customer grants access to Customer’s EPIC system; and (ii) for which Customer has paid to Hyland the requisite fees as described in the Healthcare Customer Schedule.
“Community Connect Physician Practice” means a physician practice (i) to which Customer grants access to Customer’s EPIC system; and (ii) for which Customer has paid to Hyland the requisite fees as described in this Healthcare Schedule.
“Community Connect User(s)” means: Small Community Connect Hospital(s); Community Connect Physician Practice(s); and Ambulatory Surgery Centers.
“Small Community Connect Hospital” means a hospital (i) which has less than two hundred and fifty (250) licensed beds (as most recently reported by Customer for such hospital), (ii) to which Customer grants access to Customer’s EPIC system; and (iii) for which Customer has paid to Hyland the requisite fees as described in this Healthcare Customer Schedule.
1. ADDITIONAL LICENSE TERMS.
1.1 Use by Community Connect User. In addition to the license granted to the Software and Work Products (if applicable) in a Software License and Maintenance Schedule – Subscription and Professional Services Schedule (if applicable), such Software and Work Products may also be used by a Community Connect User solely to manage its own medical records function through Epic.
1.2 Indemnification. Customer understands and agrees that Community Connect Users may use the Software only in compliance with the terms of the Agreement, and that Customer shall indemnify Hyland from and against all claims, liabilities, losses, damages and costs, including, but not limited to, reasonable attorneys’ fees and court costs, which are suffered or incurred by Hyland and arise from or in connection with the breach or noncompliance with the terms of the Agreement by any Community Connect User.
2. PAYMENT TERMS FOR COMMUNITY CONNECT USERS.
2.1 Subscription Fees for Small Community Connect Hospitals. For each Small Community Connect Hospital to which Customer wishes to grant access to the Software as a Community Connect User, Customer shall pay Subscription Fees in an amount determined by multiplying the number of licensed beds for such Small Community Connect Hospital (at the time of such payment) for such Small Community Connect Hospital) by Hyland’s then-current Small Community Connect Hospital Subscription Fee. Thereafter, from time to time, but no less than annually, Customer shall report to Hyland the number of licensed beds for each Small Community Connect Hospital that is a Community Connect User hereunder. If the number of licensed beds of such Small Community Connect Hospital increases based upon the reports contemplated herein, Customer shall pay additional Subscription Fees to Hyland in an amount equal to the number of such additional licensed beds, multiplied by Hyland’s then-current Small Community Connect Hospital Subscription Fee. Customer may not transfer or reassign license rights between Small Community Connect Hospitals, and shall not be entitled to a refund or credit if the number of licensed beds decreases at any time.
2.2 Subscription Fees for Community Connect Physician Practices. For each Community Connect Physician Practice which Customer wishes to grant access to the Software as a Community Connect User, Customer shall pay additional Subscription Fees in an amount determined by multiplying the number of physicians in such practice (at the time of such payment) by Hyland’s then-current Community Connect Physician Practice Subscription Fee. Thereafter, from time to time, but no less than annually, Customer shall report to Hyland the number of physicians in each Community Connect Physician Practice that is a Community Connect User hereunder. If the number of physicians in such practice increases based upon the reports contemplated herein, Customer shall pay additional Subscription Fees to Hyland in an amount equal to the number of such additional physicians, multiplied by Hyland’s then-current Community Connect Physician Practice Subscription Fee. Customer may not transfer or reassign license rights between Community Connect Physician Practices, and shall not be entitled to a refund or credit if the number of physicians decreases at any time.
2.3 Subscription Fees for Ambulatory Surgery Centers. For each Ambulatory Surgery Center to which Customer wishes to grant access to the Software as a Community Connect User, Customer shall pay additional Subscription Fees in an amount determined by multiplying the number of operating/procedure rooms for such Ambulatory Surgery Center (at the time of such payment) for such Ambulatory Surgery Center by Hyland’s then-current Ambulatory Surgery Center Subscription Fee. Thereafter, from time to time, but no less than annually, Customer shall report to Hyland the number of operating/procedure rooms for each Ambulatory Surgery Center that is a Community Connect User hereunder. If the number of operating/procedure rooms of such Ambulatory Surgery Center increases based upon the reports contemplated herein, Customer shall pay additional Subscription Fees to Hyland in an amount equal to the number of such additional operating/procedure rooms, multiplied by Hyland’s then-current Ambulatory Surgery Center Subscription Fee. Customer may not transfer or reassign license rights between Ambulatory Surgery Centers, and shall not be entitled to a refund or credit if the number of operating/procedure rooms decreases at any time.
3. TERM; TERMINATION. This Healthcare Schedule will be in effect for so long as the Customer’s Software License and Maintenance Schedule – Subscription, and will terminate upon any termination of Customer’s Software License and Maintenance Schedule - Subscription.
Effective October 28th 2021 to March 4th 2022
DownloadTable of Contents
HEALTHCARE SCHEDULE - SUBSCRIPTION
This Healthcare Schedule (“Healthcare Schedule”) forms a part of the Hyland Master Agreement or any other agreement entered into between Customer and Hyland (the “Agreement”) which incorporates this Healthcare Schedule by reference.
All capitalized terms used in this Healthcare Schedule shall have the meaning ascribed them in this Healthcare Schedule or, if not defined in this Healthcare Schedule, the General Terms Schedule. If any capitalized terms used herein are not defined in this Healthcare Schedule or the General Terms Schedule, they shall have the meaning ascribed to them elsewhere in this Agreement.
“Community Connect Physician Practice” means a physician practice (i) to which Customer grants access to Customer’s EPIC system; and (ii) for which Customer has paid to Hyland the requisite Software license fee and annual maintenance fees as described in this Healthcare Schedule.
“Community Connect User(s)” means Community Connect Physician Practice(s).
1. ADDITIONAL LICENSE TERMS.
1.1 Use by Community Connect User. In addition to the license granted to the Software and Work Products (if applicable) in a Software License and Maintenance Schedule – Subscription and Professional Services Schedule (if applicable), such Software and Work Products may also be used by a Community Connect User solely to manage its own medical records function through Epic.
1.2 Indemnification. Customer understands and agrees that Community Connect Users may use the Software only in compliance with the terms of the Agreement, and that Customer shall indemnify Hyland from and against all claims, liabilities, losses, damages and costs, including, but not limited to, reasonable attorneys’ fees and court costs, which are suffered or incurred by Hyland and arise from or in connection with the breach or noncompliance with the terms of the Agreement by any Community Connect User.
2. PAYMENT TERMS FOR COMMUNITY CONNECT USERS.
2.1 Subscription Fees. For each Community Connect Physician Practice which Customer wishes to grant access to the Software as a Community Connect User, Customer shall pay additional Subscription Fees in an amount determined by multiplying the number of physicians in such practice (at the time of such payment) by Hyland’s then-current Community Connect Physician Practice Subscription Fee. Thereafter, from time to time, but no less than annually, Customer shall report to Hyland the number of physicians in each Community Connect Physician Practice that is a Community Connect User hereunder. If the number of physicians in such practice increases, Customer shall pay additional Subscription Fees to Hyland in an amount equal to the number of such additional physicians, multiplied by Hyland’s then-current Community Connect Physician Practice Subscription Fee. Customer may not transfer or reassign license rights between Community Connect Physician Practices, and shall not be entitled to a refund or credit if the number of physicians decreases at any time.
3. TERM; TERMINATION. This Healthcare Schedule will be in effect for so long as the Customer’s Software License and Maintenance Schedule – Subscription, and will terminate upon any termination of Customer’s Software License and Maintenance Schedule - Subscription.
Effective October 27th 2021 to October 28th 2021
DownloadTable of Contents
HEALTHCARE SCHEDULE - SUBSCRIPTION
This Healthcare Schedule (“Healthcare Schedule”) forms a part of the Hyland Master Agreement or any other agreement entered into between Customer and Hyland (the “Agreement”) which incorporates this Healthcare Schedule by reference.
All capitalized terms used in this Healthcare Schedule shall have the meaning ascribed them in this Healthcare Schedule or, if not defined in this Healthcare Schedule, the General Terms Schedule. If any capitalized terms used herein are not defined in this Healthcare Schedule or the General Terms Schedule, they shall have the meaning ascribed to them elsewhere in this Agreement.
“Community Connect Physician Practice” means a physician practice (i) to which Customer grants access to Customer’s EPIC system; and (ii) for which Customer has paid to Hyland the requisite Software license fee and annual maintenance fees as described in this Healthcare Schedule.
“Community Connect User(s)” means Community Connect Physician Practice(s).
1. ADDITIONAL LICENSE TERMS.
1.1 Use by Community Connect User. In addition to the license granted to the Software and Work Products (if applicable) in a Software License and Maintenance Schedule – Subscription and Professional Services Schedule (if applicable), such Software and Work Products may also be used by a Community Connect User solely to manage its own medical records function through Epic.
1.2 Indemnification. Customer understands and agrees that Community Connect Users may use the Software only in compliance with the terms of the Agreement, and that Customer shall indemnify Hyland from and against all claims, liabilities, losses, damages and costs, including, but not limited to, reasonable attorneys’ fees and court costs, which are suffered or incurred by Hyland and arise from or in connection with the breach or noncompliance with the terms of the Agreement by any Community Connect User.
2. PAYMENT TERMS FOR COMMUNITY CONNECT USERS.
2.1 Subscription Fees. For each Community Connect Physician Practice which Customer wishes to grant access to the Software as a Community Connect User, Customer shall pay additional Subscription Fees in an amount determined by multiplying the number of physicians in such practice (at the time of such payment) by Hyland’s then-current Community Connect Physician Practice Subscription Fee. Thereafter, from time to time, but no less than annually, Customer shall report to Hyland the number of physicians in each Community Connect Physician Practice that is a Community Connect User hereunder. If the number of physicians in such practice increases, Customer shall pay additional Subscription Fees to Hyland in an amount equal to the number of such additional physicians, multiplied by Hyland’s then-current Community Connect Physician Practice Subscription Fee. Customer may not transfer or reassign license rights between Community Connect Physician Practices, and shall not be entitled to a refund or credit if the number of physicians decreases at any time.
3. TERM; TERMINATION. This Healthcare Schedule will be in effect for so long as the Customer’s Software License and Maintenance Schedule – Subscription, and will terminate upon any termination of Customer’s Software License and Maintenance Schedule - Subscription.
Global Customer Data Processing Schedule
Effective February 20th 2025
DownloadTable of Contents
GLOBAL DATA PROCESSING SCHEDULE
As of the Effective Date of the Incorporating Document (as defined below), this Global Data Processing Schedule (this “DPA”) is made part of the Hyland Master Agreement, Order Form or any other agreement or document entered into between Customer and Hyland, which incorporates this DPA by reference (the “Incorporating Document”). As used herein, the “Agreement” means the Incorporating Document, inclusive of this DPA.
1. DEFINITIONS
All capitalized terms used in this DPA shall have the meaning ascribed them in this DPA or, if not defined in this DPA, the General Terms Schedule. If any capitalized terms used herein are not defined in this DPA or the General Terms Schedule, they shall have the meaning ascribed to them elsewhere in the Agreement. In the event the same defined term is defined in two (2) or more Schedules, the term shall be given the meaning defined in each Schedule with respect to that Schedule, and, if the term is also used within this DPA, this DPA shall be interpreted to include all definitions, as the context requires.
“Adequacy Determination” means a final determination by a Regulator that the laws of a third country provide an adequate level of protection for Personal Data when that Personal Data is transferred from the jurisdiction of the governmental authority to a third country.
“Customer Personal Data” means any Personal Data submitted by or on behalf of Customer to Hyland for the performance of Services.
"Data Protection Law(s)" means any applicable law, regulation, legislation, or directive applicable to the Processing of Personal Data.
“Data Subject” means an identified or identifiable natural person as defined by applicable Data Protection Law.
“EU SCCs” means the Commission Implementing Decision (EU) 2021/914 establishing Standard Contractual Clauses for data transfers to third countries.
“Personal Data” means any individually identifiable information relating to a Data Subject which is protected under applicable Data Protection Law.
“Personal Data Breach” means a breach of security leading to the accidental or unlawful destruction, loss, alteration, disclosure or access to Customer Personal Data.
“Processing” means any operation or set of operations which is performed on Personal Data or on sets of Personal Data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
“Regulator” means the competent supervisory authority or regulatory body under applicable Data Protection Law.
“Services” means technical support services, professional services, services relating to Hyland’s hosted offering, or other applicable services provided by Hyland to Customer as defined in the Incorporating Document.
“Sub-Processor,” means an entity that Processes Personal Data at the request of Hyland.
2. HYLAND’S PROCESSING OF PERSONAL DATA
2.1 Instructions for Processing Personal Data. Hyland shall only Process Customer Personal Data for the purposes of performing its obligations under the Agreement and in accordance with Appendix A, unless otherwise required by law. Each Party shall comply with the obligations that apply to it under the Data Protection Laws.
2.2 Duration of Processing. Hyland shall Process Personal Data only for the duration set out in Appendix A.
3. HYLAND’S SAFEGUARDS FOR PERSONAL DATA
3.1 Physical, Technical And Organizational Safeguards. Maintain appropriate technical and organisational security measures designed to protect Customer Personal Data from accidental or unlawful destruction, loss, alteration, disclosure, or access, as more fully described in Appendix B.
3.2 Processing By Sub-Processors. Hyland shall only engage those Sub-Processors, listed at https://community.hyland.com/en/connect/hyland-sub-processor-list (as may be updated by Hyland from time to time without amendment of this DPA). Hyland has entered into a written agreement with each Sub-Processor containing data protection obligations to protect Customer Personal Data no less protective of Data Subjects than those required by applicable Data Protection Law. Hyland shall remain liable to Customer for the acts or omissions of its Sub-Processors. Hyland shall provide Customer notification of any new sub-processors that Hyland intends to engage by updating such webpage, to which Customer can subscribe, with the new sub-processor's details. Where such rights are granted by applicable Data Protection Law, Customer may object to any such new Sub-Processor solely on reasonable grounds relating to data protection concerns by notifying Hyland (in accordance with this DPA) of its objection and grounds within 10 days after receipt of Hyland's notice. In the event of such an objection, Hyland may elect to not engage such Sub-Processor to Process Customer Personal Data. If Hyland continues use of such Sub-Processor after Customer’s reasonable objection, then Customer may elect to immediately (without prejudice to accrued fees or other rights under the Agreement) suspend or terminate the portions of the Agreement affected by the use of such Sub-Processor upon notice to Hyland.
3.3 Confidentiality of Personal Data. Hyland shall treat Customer Personal Data as confidential and ensure that Hyland's personnel (including independent contractors) who have access to the Customer Personal Data: (i) have entered into appropriate contractually binding confidentiality undertakings; (ii) are informed of the confidential nature of Customer Personal Data; and (iii) have received appropriate training related to Customer Personal Data;
3.4 Information Technology Audits. Hyland will permit Customer audits in accordance with the Agreement. If the Agreement does not address Customer audits, then where such rights are granted by applicable Data Protection Law, at the Customer’s reasonable request but no more than once per annum, Hyland shall permit Customer to conduct an audit of Hyland’s security and privacy policies and records in relation to the Processing of Customer Personal Data and such other evidence as Customer may reasonably request to demonstrate Hyland's compliance with the requirements of this DPA. To the extent that Customer elects to conduct an audit at Hyland’s physical facility, such audit shall be limited to the physical areas where Processing of Customer Personal Data occurs. Customer is prohibited from distributing or publishing the results of such audit to any third party (except to a competent supervisory authority) without Hyland’s prior written approval. At Hyland’s election and upon prior notice, Customer shall reimburse Hyland’s reasonable costs in relation to any such request at Hyland’s then-current professional services rates (rates list available on request). All such audits shall be subject to the Parties’ confidentiality obligations. Should Customer retain an independent third party to perform an audit, the Parties agree that: (i) prior to such audit, the independent third party and Hyland shall directly enter into appropriate confidentiality provisions; and (ii) any reports or Hyland information collected during such audit can only be used for Customer internal use.
3.5 Return or Destruction of Personal Data. Hyland shall delete or return Customer Personal Data in accordance with the Agreement. If the Agreement does not address the deletion of return of Customer Personal Data, then at the Customer’s written direction, Hyland shall arrange for the prompt and safe return and/or secure permanent destruction of all Customer Personal Data in Hyland’s possession and control, together with all copies (if any) within 28 days of such direction and, where requested by the Customer, certify that such destruction has taken place. Hyland shall continue to extend the protections set forth in this DPA to such Customer Personal Data pending such return and/or destruction.
3.6 Requests Directed to Hyland. To the extent legally permitted, Hyland will notify Customer without undue delay (and in any event within forty-eight (48) hours) following its receipt of: (a) any actual or purported request from (or on behalf of) a Data Subject exercising his rights under Data Protection Laws ("Data Subject Request"); or (b) any correspondence or communication from a Regulator ("Regulator Correspondence"). Unless otherwise required by applicable law, Hyland shall not disclose any Customer Personal Data in response to any such request without Customer's prior written direction.
3.7 Requests For Privacy Impact Assessment Information. At Customer's reasonable request and to the extent Customer does not otherwise have access to the relevant information, Hyland shall provide Customer with reasonable cooperation and assistance necessary to assist Customer to fulfil any obligation on Customer under Data Protection Laws to conduct a privacy impact assessment or data protection impact assessment regarding Customer's use of the Services. At Hyland’s election and upon prior notice, Customer shall reimburse Hyland's reasonable costs in relation to any such request at Hyland's then-current professional services rates (rates list available on request).
3.8 Reporting Personal Data Breach. Hyland will notify the Customer without undue delay upon becoming aware of a Personal Data Breach. Hyland will take reasonable efforts to identify the cause of such Personal Data Breach and take the steps that Hyland deems necessary and reasonable to remediate the cause of the Personal Data Breach. In relation to such Personal Data Breach, Hyland shall further assist Customer, taking into account the information available to Hyland and the nature of its Processing, with Customer’s Personal Data Breach notification obligations under Data Protection Laws. Any notification by Hyland under this subsection shall not be construed as an admission of fault by Hyland.
4. CUSTOMER OBLIGATIONS FOR PERSONAL DATA
4.1 Customer shall, where required to do so by applicable Data Protection Law, make third party notification(s) in an objective manner that does not intentionally or unreasonably bring Hyland into disrepute or otherwise tarnish the reputation of Hyland.
4.2 Customer shall ensure it is not subject to any prohibition or restriction which would: (i) prevent or restrict it from disclosing or transferring the Customer Personal Data to Hyland; (ii) prevent or restrict it from granting Hyland access to the Customer Personal Data; and/or (iii) prevent or restrict Hyland from Processing the Customer Personal Data, in each case as required for Hyland to perform the Services.
4.3 Customer shall ensure that all fair processing notices have been given (and, as applicable, consents obtained) and are sufficient in scope to enable Hyland to Process the Customer Personal in accordance with the Data Protection Laws.
4.4 Customer shall ensure that Customer Personal Data disclosed or transferred to Hyland is only the minimum amount necessary to perform the Services.
4.5 Customer shall ensure implement and maintain reasonable technical and organisational security measures sufficient to prevent unauthorized access to the Services through Customer’s information systems.
4.6 Customer shall have sole responsibility for the accuracy, quality, and legality of the Customer Personal Data provided to Hyland and the means by which Customer acquired the Customer Personal Data.
6. TERM AND TERMINATION
6.1 Term. This DPA shall have a term commencing on the Effective Date and will terminate automatically upon the termination or expiration of the Incorporating Document.
6.4 Effect. Upon termination of this DPA, Hyland shall return or destroy any Customer Personal Data as set forth above.
7. GENERAL PROVISIONS
7.1 Modification. The Parties agree to amend this DPA from time to time as may be necessary to permit the Parties to remain in compliance with applicable Data Protection Laws.
7.2 Conflict. This DPA supersedes any inconsistent provision in any other components of the Agreement and any other existing agreements between the Hyland and Customer with respect to the Parties’ obligations to comply with Data Protection Laws with respect to Customer Personal Data. If there is any conflict between this DPA, other components of the Agreement, and the terms of an applicable Addendum, the terms of the applicable Addendum shall prevail regarding the Personal Data subject to that Addendum.
7.3 Controlling Language. Hyland may make other versions of this DPA available in other languages at this online location. This English language version of this DPA controls over any version of the Global Data Processing Schedule made available at this online location in another language if the Incorporating Document is in English. If the Incorporating Document is in a language other than English (such language, the “Other Language”), but this DPA is not made available at this online location in the Other Language, this English language version controls over any other version of the DPA that may be made available at this online location in another language.
ADDENDUM I
EEA
The parties agree that transfers of Customer Personal Data from the European Union or Switzerland (collectively the “EEA”) shall be governed by the appropriate EU SCCs (as supplemented by this DPA), which are incorporated herein by reference.
The Parties further agree that the EU SCCs shall be completed as follows:
- Module 2 shall apply unless Customer is a Processor in which case Module 3 will apply.
- Clause 7, the optional docking clause will not apply.
- Clause 9(a), Option 2 will apply. Customer authorizes Hyland to engage Sub-Processors as set forth in this DPA.
- Clause 11, the optional redress language will not apply.
- Clause 17, Option 1 will apply, and the EU SCCs shall be governed by the law specified in the Agreement, provided that law is an EU Member State recognizing third party beneficiaries, otherwise the laws of the Netherlands shall apply.
- Under Clause 18(b), disputes will be resolved before the courts specified under the Agreement, provided those courts are in an EU Member State recognizing third party beneficiaries, otherwise those courts shall be the courts of the Netherlands.
- Annex I of the EU SCCs shall be deemed completed with the information set out in Appendix A.
- Annex II of the EU SCCs shall be deemed completed with the information set out in Appendix B.
- Annex III of the EU SCCs shall be deemed completed with the applicable information set out in Appendix A.
In relation to Personal Data that is protected by the Swiss Federal Act on Data Protection, the EU SCCs will apply as completed herein and as adapted below:
- The Swiss Federal Data Protection and Information Commissioner (“Swiss DPA”) is the exclusive supervisory authority, and each reference to a “supervisory authority” shall be understood to be a reference to the Swiss DPA.
- The term “member state” will not be interpreted in such a way as to exclude Data Subjects in Switzerland from the possibility of enforcing their rights in their place of habitual residence (Switzerland) in accordance with Clause 18 and the choice of law in Clause 17 shall be the applicable Swiss law.
- References to the GDPR and EU SCCs shall include equivalent provisions of the Swiss Federal Act on Data Protection.
Signatures to the Agreement shall constitute all necessary signatures to the EU SCCs, including the Appendices attached thereto.
ADDENDUM II
United Kingdom
Part 1: Tables
TABLE 1: Parties | ||
Start date | Effective Date as defined in the Agreement. | |
The Parties | Exporter (who sends the Restricted Transfer) | Importer (who receives the Restricted Transfer) |
Parties’ details | Full legal name: Trading name (if different): Main address (if a company registered address): Official registration number (if any) (company number of similar identifier): | Full legal name: Hyland Trading name (if different): n/a Main address (if a company registered address): As specified in the Agreement Official registration number (if any) (company number of similar identifier): |
Key Contact | Full Name (optional): Job Title: Contact Details including email: | Full Name (optional): Job Title: Global Privacy Officer Contact Details including email: privacy@hyland.com |
Signature (if required for purposes of Section 2) | Signatures to the Agreement shall constitute all necessary signatures to this Addendum II. | Signatures to the Agreement shall constitute all necessary signatures to this Addendum II. |
TABLE 2: Selected SCCs, Modules, and Selected Clauses | |
Addendum EU SCCs | The version of the Approved EU SCCs which this Addendum is appended, including the Appendix Information. |
TABLE 3: Appendix Information | |
“Appendix Information” means the information which must be provided for the selected modules as set out in the Appendix of the Approved EU SCCs (other than the Parties), and which for this Addendum is set out in. | |
Annex 1A: List of Parties: | As described in the Agreement, Appendix A |
Annex 1B: Description of Transfer: | As described in the Agreement, Appendix A |
Annex II: Technical and organisational measures including technical and organisational measures to ensure the security of the data: | As described in the Agremenet, Appendix B. |
Annex III: List of Sub-Processors (Modules 2 and 3 only): | https://community.hyland.com/en/connect/hyland-sub-processor-list |
TABLE 4: Ending this Addendum when the Approved Addendum Changes | |
Ending this Addendum when the Approved Addendum Changes | Which Parties may end this Addendum as set out in Section 19: Importer Exporter |
Part 2: Mandatory Clauses
Mandatory Clauses | Part 2: Mandatory Clauses of the Approved Addendum, being the template Addendum B.1.0 issued by the ICO and laid before Parliament in accordance with s119A of the Data Protection Act 2018 on 2 February 2022, as it is revised under Section 18 of those Mandatory Clauses. |
ADDENDUM III
California, USA
The following additional provisions apply to Hyland’s Processing of the Personal Information that is subject to the CPRA.
Appendix A
Subject Matter and Duration of the Processing | The subject matter of the Processing is Hyland’s fulfilment of its obligations under the Agreement. The duration of the Processing is the term of the Agreement, and any exit period, if applicable. |
Categories of Data Subjects whose Personal Data is Processed | Any Data Subject whose Personal Data is transferred to Hyland under the Agreement, which could include the following categories:
|
Nature and Purpose of the Processing | The purpose of the Processing is to provide the Services and otherwise for Hyland’s fulfilment of its obligations under the Agreement. The nature of the Processing may include, but is not limited to, collection, recording, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction. |
Categories of Personal Data Processed | Any Personal Data submitted by Customer to Hyland under the Agreement. |
Categories of Sensitive Personal Data Processed | ☒No collection of any Sensitive Personal Data by Hyland is anticipated. ☐ Customer will provide the following categories of Sensitive Personal Data to Hyland under the Agreement: |
FOR USE ONLY WITH THE EU SCCS | |
Data Exporter (including country of establishment) | Customer, as defined in this DPA. |
Data Importer (including country of establishment) | Hyland, as defined in this DPA. |
Frequency of the Transfer | Continuous basis (services related to Hyland’s hosted offerings or cloud services); One-off basis (technical support, professional services or other applicable services) |
Retention Period | For hosting or cloud customers, data is retained for the duration of the Agreement, including any applicable transition period subject to any shorter period which Customer may choose by permanently deleted the personal data from the Services. Personal data provided to Hyland during the performance of technical support or professional services is retained for no longer than necessary for the purposes for which the Personal Data was transferred and, in no event, longer than permitted under the laws of the country of the data exporter. |
Sub-processors | Data importer may use the Sub-processors listed at https://community.hyland.com/en/connect/hyland-sub-processor-list . |
Competent Supervisory Authority | The competent supervisory authority is the supervisory authority of the EU/EEA Member State where the Data Exporter is established. |
Appendix B
Technical and organizational measures
Taking into account:
- the state of the art,
- the costs of implementation and
- the nature, scope, context and
- the purpose of processing as well as
- the risk of varying likelihood and severity for the rights and freedoms of natural persons
Hyland shall implement the technical and organisational measures set forth in the Agreement. To the extent the Agreement does not specify the applicable technical and organizational security measures, then Hyland shall implement the technical and organizational security measures set forth in this Appendix B as follows:
1. Measures for encryption
- encryption of mobile devices such as laptops, tablets, smartphones
- encryption of mobile storage media (CD/DVD- ROM, USB sticks, external hard drives)
- encrypted storage of passwords
- encryption option for sensitive e-mails and e-mail attachments
- secured data sharing (e.g. SSL, FTPS, TLS)
- secured WLAN
2. Measures to ensure confidentiality
a. Measures which ensure that unauthorized persons do not have access to Customer Personal Data:
- access control system, document reader (magnetic / chip card)
- door protections (electric door opener, number lock, etc.)
- protection of facilities, including security guards at Hyland headquarters.
- alarm system
- video surveillance
- special protective measures for the server room
- prohibited areas
- visitor rules (e.g. pick-up at reception, documentation of visiting hours, visitor pass, accompanying visitors to exit after visit)
b. Measures which prevent that unauthorized persons can use the systems that process Customer Personal Data:
- personal and individual user log-in for registration in the systems or company network
- authorization process for access authorizations
- limitation of authorized users
- single sign-on
- two-factor authentication
- BIOS passwords for corporate laptops
- password procedures (indication of password parameters with regard to complexity and update interval)
- logging of access
- additional system log-in for certain applications
- automatic locking of the clients after expiry of a certain period without user activity (also password-protected screensaver or automatic stand-by)
- firewall
c. Measures which ensure that only authorized persons have access to the systems that Process Customer Personal Data and that Customer Personal Data cannot be read, copied, modified or removed without authorization:
- evaluations/logging of data processing
- authorization process for authorizations
- approval routines
- profiles / roles
- encryption at rest and in transit for Customer Personal Data transferred to Hyland via its secure file transfer tool.
- Mobile Device Management system for corporate owned mobile devices and approved personal mobile devices (mobile devices are not part of the hosted solution)
- segregation of functions “segregation of duties”
- destruction of records and storage devices in accordance with NIST 800-88, as applicable
- cyber-related logs retained for no less than six months
3. Measures to ensure integrity
- access rights
- system-side logging
- document management system (DMS) with change history
- security / logging software
- functional responsibilities, organisationally specified responsibilities
- tunnelled remote data connections (VPN = virtual private network)
- electronic signature
- logging of data transfer or data transport
- logging of read accesses
4. Measures to ensure and restore availability
- security concept for software and IT applications
- back-up procedures, as applicable
- ensuring data storage in secured network
- need-based installation of security updates
- set-up of an uninterrupted power supply
- suitable archiving facilities for paper documents
- fire and/or extinguishing water protection for the server room
- air-conditioned server room
- virus protection
- firewall
- business continuity plan
- successful disaster recovery exercises
- redundant, locally separated data storage (off-site storage), as applicable
5. Measures to ensure resilience
- emergency plan in case of machine breakdown / business recovery plan
- redundant power supply
- sufficient capacity of IT systems and plants
- logistically controlled process to avoid power peaks
- redundant systems / plants
- resilience and error management
6. Procedure for regular review, assessment and evaluation of the effectiveness of the technical and organisational measures
- procedures for regular controls/audits
- concept for regular review, assessment and evaluation
- reporting system
- penetration tests
- emergency tests
- applicable certifications
7. “Control of instructions / assignment control”
- process of issuing and/or following instructions
- specification of contact persons and/or responsible employees
- control / examination that the assignment is executed in accordance with instructions
- training / instruction of all access-authorized employees
- independent auditing of adherence to instructions
- commitment of employees to maintain confidentiality
- agreement on penalties for infringements of instructions
- data protection manager / coordinator
- maintain records of processing activities in accordance with art. 30, para. 2 GDPR, as applicable
- documented Security Incident Response Policy, which includes escalation processes for Personal Data Breaches
- guidelines / instructions designed to ensure technical-organisational measures for the security of the processing
- process for forwarding requests of data subjects
The most current version of this page shall be such in effect as of 12:00am EST (Eastern Standard Time) of the date stamped on such online version.
Effective February 20th 2025
Download- Es gilt Modul 2, es sei denn, der Kunde ist ein Auftragsverarbeiter; in diesem Fall gilt Modul 3.
- Klausel 7, die fakultative Kopplungsklausel, wird nicht angewendet.
- Klausel 9(a), Option 2 findet Anwendung. Der Kunde ermächtigt Hyland zur Beauftragung von Unterauftragsverarbeitern, wie in dieser DVV festgelegt.
- Klausel 11, die fakultative Rechtsbehelfsbelehrung, wird nicht angewendet.
- Klausel 17, Option 1 findet Anwendung, und die EU-SVK unterliegen dem im Hyland-Rahmenvertrag festgelegten Recht, sofern es sich dabei um einen EU-Mitgliedstaat handelt, der Drittbegünstigte anerkennt, andernfalls gilt das Recht der Niederlande.
- Gemäß Klausel 18(b) werden Streitigkeiten vor den im Hyland-Rahmenvertrag genannten Gerichten entschieden, sofern sich diese Gerichte in einem EU-Mitgliedstaat befinden, der Drittbegünstigte anerkennt; andernfalls sind dies die Gerichte der Niederlande.
- Anlage I der EU-SVK gilt mit den in Anhang A aufgeführten Informationen als ausgefüllt.
- Anlage II der EU-SVK gilt mit den in Anhang B aufgeführten Informationen als ausgefüllt.
- Anlage III der EU-SVK gilt mit den in Anhang A aufgeführten geltenden Informationen als ausgefüllt.
| Gegenstand und Dauer der Verarbeitung | Der Gegenstand der Verarbeitung ist die Erfüllung der Verpflichtungen von Hyland aus dem Hyland-Rahmenvertrag. Die Dauer der Verarbeitung entspricht der Laufzeit des Hyland-Rahmenvertrags und ggf. der Ausstiegsfrist. |
| Kategorien betroffener Personen, deren Personenbezogene Daten verarbeitet werden | Jede Betroffene Person, deren Personenbezogene Daten im Rahmen des Hyland-Rahmenvertrags an Hyland übermittelt werden, wozu die folgenden Kategorien gehören können:
|
| Art und Zweck der Verarbeitung | Der Zweck der Verarbeitung ist die Erbringung der Dienstleistungen sowie ansonsten die Erfüllung der Verpflichtungen von Hyland aus dem Hyland-Rahmenvertrag. Die Art der Verarbeitung kann unter anderem das Erheben, das Aufzeichnen, die Speicherung, die Anpassung oder Veränderung, das Auslesen, das Abfragen, die Verwendung, die Offenlegung durch Übermittlung, Verbreitung oder eine andere Form der Bereitstellung, den Abgleich oder die Kombination, die Einschränkung, das Löschen oder die Vernichtung umfassen. |
| Kategorien der übermittelten Personenbezogenen Daten | Alle Personenbezogenen Daten, die der Kunde im Rahmen des Hyland-Rahmenvertrags an Hyland übermittelt. |
| Kategorien von verarbeiteten sensiblen Personenbezogener Daten | ☒Es ist nicht vorgesehen, dass Hyland sensible Personenbezogene Daten sammelt. ☐ Der Kunde stellt Hyland im Rahmen des Hyland-Rahmenvertrags die folgenden Kategorien sensibler Personenbezogener Daten zur Verfügung: |
| NUR ZUR VERWENDUNG MIT DEN EU-SVK | |
| Datenexporteur (einschließlich Land der Niederlassung) | Kunde, wie in dieser DVV definiert. |
| Datenimporteur (einschließlich Land der Niederlassung) | Hyland, wie in dieser DVV definiert. |
| Häufigkeit der Übertragung | Kontinuierliche Basis (Dienste im Zusammenhang mit den gehosteten Angeboten von Hyland oder Cloud-Diensten); Einmalige Basis (technische Unterstützung, professionelle Dienste oder andere geltende Dienste) |
| Speicherdauer | Bei Hosting- oder Cloud-Kunden werden die Daten für die Dauer des Hyland-Rahmenvertrags aufbewahrt, einschließlich einer eventuellen Übergangszeit, vorbehaltlich eines kürzeren Zeitraums, den der Kunde wählen kann, indem er die Personenbezogenen Daten dauerhaft aus den Dienstleistungen löscht. Personenbezogene Daten, die Hyland im Rahmen des technischen Supports oder professioneller Dienstleistungen zur Verfügung gestellt werden, werden nur so lange aufbewahrt, wie es für die Zwecke, für die die Personenbezogenen Daten übermittelt wurden, erforderlich ist, und auf keinen Fall länger, als es nach den Gesetzen des Landes des Datenexporteurs zulässig ist. |
| Unterauftragsverarbeiter | Der Datenimporteur kann die unter https://community.hyland.com/en/connect/hyland-sub-processor-list aufgeführten Unterauftragsverarbeiter einsetzen. |
| Zuständige Aufsichtsbehörde | Die zuständige Aufsichtsbehörde ist die Aufsichtsbehörde des EU/EWR-Mitgliedstaates, in dem der Datenexporteur niedergelassen ist. |
- des Standes der Technik,
- der Implementierungskosten und
- der Art, des Umfangs, der Umstände und
- der Zwecke der Verarbeitung sowie
- der unterschiedlichen Eintrittswahrscheinlichkeit und Schwere des Risikos für die Rechte und Freiheiten von natürlichen Personen
- Verschlüsselung von mobilen Geräten wie Laptops, Tablets und Smartphones
- Verschlüsselung von mobilen Speichermedien (CD/DVD-ROM, USB-Sticks, externe Festplatten)
- verschlüsselte Speicherung von Passwörtern
- Verschlüsselungsoption für sensible E-Mails und E-Mail-Anhänge
- gesicherter Datenaustausch (z. B. SSL, FTPS, TLS)
- gesichertes WLAN
- Zugangskontrollsystem, Dokumentenleser (Magnet-/Chipkarte)
- Türsicherungen (elektrischer Türöffner, Zahlenschloss, usw.)
- Schutz der Einrichtungen, einschließlich Sicherheitspersonal in der Hyland-Zentrale.
- Alarmanlage
- Videoüberwachung
- besondere Schutzmaßnahmen für den Serverraum
- Sperrgebiete
- Besucherregeln (z. B. Abholung am Empfang, Dokumentation der Besuchszeiten, Besucherausweis, Begleitung der Besucher zum Ausgang nach dem Besuch)
- persönlicher und individueller User-Log-In bei Anmeldung am System bzw. Unternehmensnetzwerk
- Genehmigungsverfahren für Zugangsberechtigungen
- Einschränkung der autorisierten Benutzer
- Single Sign-On
- zwei-Faktor-Authentifizierung
- BIOS-Kennwörter für Firmen-Laptops
- Passwortverfahren (Angabe von Passwortparametern in Bezug auf Komplexität und Aktualisierungsintervall)
- Protokollierung von Zugriffen
- zusätzliche Systemanmeldung für bestimmte Anwendungen
- automatische Sperrung der Clients nach Ablauf einer bestimmten Zeit ohne Benutzeraktivität (auch passwortgeschützter Bildschirmschoner oder automatischer Stand-by)
- Firewall
- Auswertungen/Protokollierung der Datenverarbeitung
- Genehmigungsverfahren für Berechtigungen
- Genehmigungsroutinen
- Profile/Rollen
- Verschlüsselung im Ruhezustand und während der Übertragung für Personenbezogene Kundendaten, die über das sichere Dateiübertragungstool an Hyland übertragen werden.
- Mobilgeräte-Management-System für unternehmenseigene mobile Geräte und genehmigte persönliche mobile Geräte (mobile Geräte sind nicht Teil der gehosteten Lösung)
- Aufgabentrennung „Segregation of Duties“ (Trennung der Aufgaben)
- Vernichtung von Aufzeichnungen und Speichermedien in Übereinstimmung mit NIST 800-88, soweit anwendbar
- Cyber-bezogene Protokolle, die mindestens sechs Monate lang aufbewahrt werden
- Zugangsrechte
- systemseitige Protokollierung
- Dokumentenmanagementsystem (DMS) mit Änderungshistorie
- Sicherheits-/Protokollierungssoftware
- funktionale Verantwortlichkeiten, organisatorisch festgelegte Verantwortlichkeiten
- getunnelte Datenfernverbindungen (VPN = Virtual Private Network)
- elektronische Unterschrift
- Protokollierung der Datenübertragung oder des Datentransports
- Protokollierung von Lesezugriffen
- Sicherheitskonzept für Software und IT-Anwendungen
- ggf. Back-up-Verfahren
- Gewährleistung der Datenspeicherung in einem gesicherten Netz
- bedarfsgerechte Installation von Sicherheitsupdates
- Aufbau einer unterbrechungsfreien Stromversorgung
- geeignete Archivierungsmöglichkeiten für Papierdokumente
- Brand- und/oder Löschwasserschutz für den Serverraum
- klimatisierter Serverraum
- Virenschutz
- Firewall
- Geschäftsfortführungsplan
- erfolgreiche Übungen zur Wiederherstellung im Katastrophenfall
- ggf. redundante, lokal getrennte Datenspeicherung (Off-Site-Speicherung)
- Notfallplan für den Fall eines Maschinenausfalls/Geschäftswiederherstellungsplan
- redundante Stromversorgung
- ausreichende Kapazität der IT-Systeme und Anlagen
- logistisch kontrollierter Prozess zur Vermeidung von Leistungsspitzen
- redundante Systeme/Anlagen
- Ausfallsicherheit und Fehlermanagement
- Verfahren für regelmäßige Kontrollen/Prüfungen
- Konzept für regelmäßige Überprüfung, Bewertung und Evaluierung
- Meldesystem
- Penetrationstests
- Notfalltests
- Geltende Zertifizierungen
- Prozess der Erteilung und/oder Befolgung von Anweisungen
- Angabe von Ansprechpartnern und/oder verantwortlichen Mitarbeitern
- Kontrolle/Prüfung, dass der Auftrag weisungsgemäß ausgeführt wird
- Schulung/Unterweisung aller zugangsberechtigten Mitarbeiter
- unabhängige Prüfung der Einhaltung der Anweisungen
- Verpflichtung der Mitarbeiter zur Wahrung der Vertraulichkeit
- Vereinbarung von Sanktionen für Verstöße gegen die Anweisungen
- Datenschutzbeauftragter/-koordinator
- Aufzeichnungen über die Verarbeitungstätigkeiten gemäß Art. 30 Abs. 2 DSGVO, soweit anwendbar
- eine dokumentierte Politik zur Reaktion auf Sicherheitsvorfälle, die Eskalationsprozesse für Verletzungen des Schutzes Personenbezogener Daten umfasst
- Richtlinien/Anweisungen zur Gewährleistung der technisch-organisatorischen Maßnahmen für die Sicherheit der Verarbeitung
- Verfahren zur Weiterleitung von Anfragen betroffener Personen
Effective February 20th 2025
Download- Le Module 2 s'applique, sauf dans le cas où le Client est un Sous-Traitant, auquel cas le Module 3 s'applique.
- La clause d’adhésion facultative prévue par l’article 7 ne s’applique pas.
- Dans le cadre de l’article 9(a), l’option 2 s’applique. Le Client autorise Hyland à engager des Sous-Traitants Ultérieurs dans les conditions décrites par le DPA.
- Les voies de recours optionnelles prévues par l’article 11 ne s’appliquent pas.
- Dans le cadre de l’article 17, l’option 1 s'applique. Les CCT UE sont régies par le droit applicable au Contrat Cadre Hyland, tel qu’il y est stipulé, sous réserve que ce droit soit celui d'un État Membre de l'UE reconnaissant les tiers bénéficiaires; à défaut, le droit des Pays-Bas s’applique.
- Dans le cadre de l’article 18(b), les litiges sont résolus devant la juridiction compétente au titre du Contrat Cadre Hyland sous réserve que cette juridiction soit située dans un État Membre de l'UE reconnaissant les tiers bénéficiaires; à défaut, les tribunaux des Pays-Bas sont compétents.
- L'annexe I des CCT UE est réputée complétée par les informations figurant à l’Annexe A.
- L'annexe II des CCT UE est réputée complétée par les informations figurant à l’Annexe B.
- L'annexe III des CCT UE est réputée complétée par les informations applicables figurant à l’Annexe A.
- La signature du Contrat emporte toute signature nécessaire des CCT EU, en ce compris les Annexes ci-après.
| Objet et Durée du Traitement | L’objet du Traitement est l’exécution, par Hyland, de ses obligations au titre du Contrat Cadre Hyland. La durée du Traitement est la durée du Contrat Cadre Hyland augmentée de toute période de sortie, le cas échéant. |
| Catégories de Personnes Concernées | Toute Personne Concernée dont les Données à Caractère Personnel sont transmises à Hyland au titre du Contrat Cadre Hyland, et qui peut relever des catégories suivantes:
|
| Nature et Finalité du Traitement | La finalité du Traitement est de fournir les Services et de permettre à Hyland d’exécuter ses obligations en vertu du Contrat Cadre Hyland. La nature du Traitement peut inclure, sans que cette liste ne soit exhaustive, la collecte, l'enregistrement, la conservation, l'adaptation ou la modification, l'extraction, la consultation, l'utilisation, la communication par transmission, diffusion ou toute autre forme de mise à disposition, le rapprochement ou l'interconnexion, la limitation, l'effacement ou la destruction. |
| Catégories de Données à Caractère Personnel Traitées | Toute Donnée à Caractère Personnel transmise par le client à Hyland en vertu du Contrat Cadre Hyland. |
| Catégories de Données à Caractère Personnel sensibles Traitées | ☐ Aucun traitement de Données à Caractère Personnel sensibles par Hyland n'est prévu. ☐ Le Client fournit des Données à Caractère Personnel sensibles appartenant aux catégories suivantes à Hyland dans le cadre du Contrat Cadre Hyland. |
| POUR LES CCT UE UNIQUEMENT | |
| Exportateur de Données (et pays dans lequel celui-ci est établi) | Le Client, tel que défini dans le DPA. |
| Importateur de Données (et pays dans lequel celui-ci est établi) | Hyland, tel que défini dans le DPA. |
| Fréquence du/des Transfert(s) | De manière continue (services liés aux offres hébergées ou aux services cloud Hyland); De manière ponctuelle (support technique, prestations de services ou autres services applicables). |
| Durée de Conservation | Pour les clients des services d'hébergement ou cloud, les données sont conservées pendant la durée du Contrat-Cadre Hyland, en ce compris toute période de transition applicable, sous réserve de toute période plus courte que le Client peut choisir en supprimant définitivement les Données à Caractère Personnel des Services. Les Données à Caractère Personnel transmises à Hyland pour les besoins du support technique ou des prestations de services sont conservées pendant une durée n'excédant pas celle nécessaire aux fins pour lesquelles les Données à Caractère Personnel ont été transmises et, en aucun cas, plus longtemps que ce qui est autorisé par les lois du pays où est établi l'exportateur de données. |
| Sous-Traitants Ultérieurs | L'importateur de données peut avoir recours aux Sous-Traitants Ultérieurs énumérés à l'adresse suivante: https://community.hyland.com/en/connect/hyland-sub-processor-list. |
| Autorité de contrôle compétente | L’autorité de contrôle compétente est l’autorité de contrôle compétente de l‘État Membre de l’UE/EEE où l’Exportateur de Données est établi. |
- de l’état de l’art,
- des coûts de mise en œuvre et
- de la nature, de la portée, du contexte et
- des finalités du traitement ainsi que
- des risques pour les droits et libertés des personnes physiques, dont le degré de probabilité et de gravité sont variables,
- chiffrement des appareils mobiles tels que les ordinateurs portables, les tablettes et les smartphones
- chiffrement des supports de stockage mobiles (CD/DVD- ROM, clés USB, disques durs externes)
- stockage crypté des mots de passe
- option de chiffrement des e-mails et pièces jointes sensibles
- partage sécurisé des données (par ex. SSL, FTPS, TLS)
- WLAN sécurisé
- système de contrôle d'accès, lecteur de documents (carte magnétique / à puce)
- protection des portes (ouvre-porte électrique, serrure à chiffres, etc.)
- protection des installations, y compris les gardes de sécurité au siège social de Hyland
- système d'alarme
- surveillance vidéo
- mesures de protection spéciales pour la salle des serveurs
- zones dont l’accès est restreint à certaines catégories de salariés ou consultants
- règles relatives aux visiteurs (par exemple, prise en charge à la réception, documentation des heures de visite, carte de visiteur, accompagnement des visiteurs à la sortie après la visite).
- connexion personnelle et individuelle des utilisateurs pour l'enregistrement dans les systèmes ou le réseau de l'entreprise
- processus d'autorisation d'accès
- limitation des utilisateurs autorisés
- authentification unique
- authentification à deux facteurs
- mots de passe BIOS pour les ordinateurs portables d'entreprise
- procédures relatives aux mots de passe (indication des paramètres des mots de passe en ce qui concerne leur complexité et l'intervalle de leur mise à jour)
- journalisation des accès
- système de connexion supplémentaire pour certaines applications
- verrouillage automatique des appareils après l'expiration d'une certaine période sans activité de l'utilisateur (également économiseur d'écran protégé par mot de passe ou mise en veille automatique)
- pare-feu
- évaluations/journalisation du traitement des données
- processus d'autorisation pour les autorisations
- routines d'approbation
- profils / rôles
- chiffrement au repos et en transit des Données à Caractère Personnel du Client transférées à Hyland via son outil de transfert de fichiers sécurisé.
- système de gestion des appareils mobiles pour les appareils mobiles appartenant à l'entreprise et les appareils mobiles personnels approuvés (les appareils mobiles ne font pas partie de la solution hébergée)
- séparation des fonctions "segregation of duties" (séparation des tâches)
- destruction des dossiers et des dispositifs de stockage conformément à la norme NIST 800-88, le cas échéant
- journalisations liées à la cybersécurité conservées pendant au moins six mois
- droits d'accès
- journalisation côté système
- système de gestion des documents (SGD) avec historique des modifications
- logiciel de sécurité / journalisation
- responsabilités fonctionnelles, responsabilités organisationnelles spécifiques
- connexions de données à distance par tunnel (VPN = réseau privé virtuel)
- signature électronique
- journalisation du transfert ou du transport des données
- journalisation des accès en lecture
- concept de sécurité pour les logiciels et les applications informatiques
- procédures de sauvegarde, le cas échéant
- stockage des données dans un réseau sécurisé
- installation des mises à jour de sécurité en fonction des besoins
- mise en place d'une alimentation électrique ininterrompue
- installations d'archivage appropriées pour les documents papier
- protection contre le feu et/ou l'eau d'extinction pour la salle des serveurs
- salle des serveurs climatisée
- protection contre les virus
- pare-feu
- plan de continuité des activités
- exercices de reprise après sinistre réussis
- stockage des données redondant et séparé localement (stockage hors site), le cas échéant
- plan d'urgence en cas de panne de machine / plan de reprise d'activité
- alimentation électrique redondante
- capacité suffisante des systèmes informatiques et des installations
- processus logistiquement contrôlé pour éviter les pics de puissance
- systèmes / installations redondants
- gestion de la résilience et des erreurs
- procédures de contrôles/audits réguliers
- concept d'examen, d'appréciation et d'évaluation réguliers
- système de rapports
- tests de pénétration
- tests d'urgence
- certifications applicables
- processus d'émission et/ou de suivi des instructions
- spécification des personnes de contact et/ou des employés responsables
- contrôle / examen que l'affectation est exécutée conformément aux instructions
- formation / instruction de tous les employés autorisés à accéder au site
- audit indépendant du respect des instructions
- engagement de confidentialité des salariés
- accord sur les sanctions en cas de violation des instructions
- responsable / coordinateur de la protection des données
- tenir des registres des activités de traitement conformément à l'art. 30, paragraphe 2 du RGPD, le cas échéant
- Politique de Réponse aux Incidents de Sécurité documentée, qui comprend des processus d'escalade pour les Violations de Données à Caractère Personnel
- lignes directrices / instructions visant à garantir des mesures technico-organisationnelles pour la sécurité du traitement
- processus de transmission des demandes des personnes concernées
Effective June 30th 2023 to February 20th 2025
DownloadTable of Contents
GLOBAL DATA PROCESSING SCHEDULE
As of the Effective Date of the Incorporating Document (as defined below), this Global Data Processing Schedule (this “DPA”) is made part of the Hyland Master Agreement, Order Form or any other agreement or document entered into between Customer and Hyland, which incorporates this DPA by reference (the “Incorporating Document”). As used herein, the “Agreement” means the Incorporating Document, inclusive of this DPA.
1. DEFINITIONS
All capitalized terms used in this DPA shall have the meaning ascribed them in this DPA or, if not defined in this DPA, the General Terms Schedule. If any capitalized terms used herein are not defined in this DPA or the General Terms Schedule, they shall have the meaning ascribed to them elsewhere in the Agreement. In the event the same defined term is defined in two (2) or more Schedules, the term shall be given the meaning defined in each Schedule with respect to that Schedule, and, if the term is also used within this DPA, this DPA shall be interpreted to include all definitions, as the context requires.
“Adequacy Determination” means a final determination by a Regulator that the laws of a third country provide an adequate level of protection for Personal Data when that Personal Data is transferred from the jurisdiction of the governmental authority to a third country.
“Customer Personal Data” means any Personal Data submitted by or on behalf of Customer to Hyland for the performance of Services.
"Data Protection Law(s)" means any applicable law, regulation, legislation, or directive applicable to the Processing of Personal Data.
“Data Subject” means an identified or identifiable natural person as defined by applicable Data Protection Law.
“EU SCCs” means the Commission Implementing Decision (EU) 2021/914 establishing Standard Contractual Clauses for data transfers to third countries.
“Personal Data” means any individually identifiable information relating to a Data Subject which is protected under applicable Data Protection Law.
“Personal Data Breach” means a breach of security leading to the accidental or unlawful destruction, loss, alteration, disclosure or access to Customer Personal Data.
“Processing” means any operation or set of operations which is performed on Personal Data or on sets of Personal Data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
“Regulator” means the competent supervisory authority or regulatory body under applicable Data Protection Law.
“Services” means technical support services, professional services, services relating to Hyland’s hosted offering, or other applicable services provided by Hyland to Customer as defined in the Incorporating Document.
“Sub-Processor,” means an entity that Processes Personal Data at the request of Hyland.
2. HYLAND’S PROCESSING OF PERSONAL DATA
2.1 Instructions for Processing Personal Data. Hyland shall only Process Customer Personal Data for the purposes of performing its obligations under the Agreement and in accordance with Appendix A, unless otherwise required by law. Each Party shall comply with the obligations that apply to it under the Data Protection Laws.
2.2 Duration of Processing. Hyland shall Process Personal Data only for the duration set out in Appendix A.
3. HYLAND’S SAFEGUARDS FOR PERSONAL DATA
3.1 Physical, Technical And Organizational Safeguards. Maintain appropriate technical and organisational security measures designed to protect Customer Personal Data from accidental or unlawful destruction, loss, alteration, disclosure, or access, as more fully described in Appendix B.
3.2 Processing By Sub-Processors. Hyland shall only engage those Sub-Processors, listed at https://community.hyland.com/en/connect/hyland-sub-processor-list (as may be updated by Hyland from time to time without amendment of this DPA). Hyland has entered into a written agreement with each Sub-Processor containing data protection obligations to protect Customer Personal Data no less protective of Data Subjects than those required by applicable Data Protection Law. Hyland shall remain liable to Customer for the acts or omissions of its Sub-Processors. Hyland shall provide Customer notification of any new sub-processors that Hyland intends to engage by updating such webpage, to which Customer can subscribe, with the new sub-processor's details. Where such rights are granted by applicable Data Protection Law, Customer may object to any such new Sub-Processor solely on reasonable grounds relating to data protection concerns by notifying Hyland (in accordance with this DPA) of its objection and grounds within 10 days after receipt of Hyland's notice. In the event of such an objection, Hyland may elect to not engage such Sub-Processor to Process Customer Personal Data. If Hyland continues use of such Sub-Processor after Customer’s reasonable objection, then Customer may elect to immediately (without prejudice to accrued fees or other rights under the Agreement) suspend or terminate the portions of the Agreement affected by the use of such Sub-Processor upon notice to Hyland.
3.3 Confidentiality of Personal Data. Hyland shall treat Customer Personal Data as confidential and ensure that Hyland's personnel (including independent contractors) who have access to the Customer Personal Data: (i) have entered into appropriate contractually binding confidentiality undertakings; (ii) are informed of the confidential nature of Customer Personal Data; and (iii) have received appropriate training related to Customer Personal Data;
3.4 Information Technology Audits. Hyland will permit Customer audits in accordance with the Agreement. If the Agreement does not address Customer audits, then where such rights are granted by applicable Data Protection Law, at the Customer’s reasonable request but no more than once per annum, Hyland shall permit Customer to conduct an audit of Hyland’s security and privacy policies and records in relation to the Processing of Customer Personal Data and such other evidence as Customer may reasonably request to demonstrate Hyland's compliance with the requirements of this DPA. To the extent that Customer elects to conduct an audit at Hyland’s physical facility, such audit shall be limited to the physical areas where Processing of Customer Personal Data occurs. Customer is prohibited from distributing or publishing the results of such audit to any third party (except to a competent supervisory authority) without Hyland’s prior written approval. At Hyland’s election and upon prior notice, Customer shall reimburse Hyland’s reasonable costs in relation to any such request at Hyland’s then-current professional services rates (rates list available on request). All such audits shall be subject to the Parties’ confidentiality obligations. Should Customer retain an independent third party to perform an audit, the Parties agree that: (i) prior to such audit, the independent third party and Hyland shall directly enter into appropriate confidentiality provisions; and (ii) any reports or Hyland information collected during such audit can only be used for Customer internal use.
3.5 Return or Destruction of Personal Data. Hyland shall delete or return Customer Personal Data in accordance with the Agreement. If the Agreement does not address the deletion of return of Customer Personal Data, then at the Customer’s written direction, Hyland shall arrange for the prompt and safe return and/or secure permanent destruction of all Customer Personal Data in Hyland’s possession and control, together with all copies (if any) within 28 days of such direction and, where requested by the Customer, certify that such destruction has taken place. Hyland shall continue to extend the protections set forth in this DPA to such Customer Personal Data pending such return and/or destruction.
3.6 Requests Directed to Hyland. To the extent legally permitted, Hyland will notify Customer without undue delay (and in any event within forty-eight (48) hours) following its receipt of: (a) any actual or purported request from (or on behalf of) a Data Subject exercising his rights under Data Protection Laws ("Data Subject Request"); or (b) any correspondence or communication from a Regulator ("Regulator Correspondence"). Unless otherwise required by applicable law, Hyland shall not disclose any Customer Personal Data in response to any such request without Customer's prior written direction.
3.7 Requests For Privacy Impact Assessment Information. At Customer's reasonable request and to the extent Customer does not otherwise have access to the relevant information, Hyland shall provide Customer with reasonable cooperation and assistance necessary to assist Customer to fulfil any obligation on Customer under Data Protection Laws to conduct a privacy impact assessment or data protection impact assessment regarding Customer's use of the Services. At Hyland’s election and upon prior notice, Customer shall reimburse Hyland's reasonable costs in relation to any such request at Hyland's then-current professional services rates (rates list available on request).
3.8 Reporting Personal Data Breach. Hyland will notify the Customer without undue delay upon becoming aware of a Personal Data Breach. Hyland will take reasonable efforts to identify the cause of such Personal Data Breach and take the steps that Hyland deems necessary and reasonable to remediate the cause of the Personal Data Breach. In relation to such Personal Data Breach, Hyland shall further assist Customer, taking into account the information available to Hyland and the nature of its Processing, with Customer’s Personal Data Breach notification obligations under Data Protection Laws. Any notification by Hyland under this subsection shall not be construed as an admission of fault by Hyland.
4. CUSTOMER OBLIGATIONS FOR PERSONAL DATA
4.1 Customer shall, where required to do so by applicable Data Protection Law, make third party notification(s) in an objective manner that does not intentionally or unreasonably bring Hyland into disrepute or otherwise tarnish the reputation of Hyland.
4.2 Customer shall ensure it is not subject to any prohibition or restriction which would: (i) prevent or restrict it from disclosing or transferring the Customer Personal Data to Hyland; (ii) prevent or restrict it from granting Hyland access to the Customer Personal Data; and/or (iii) prevent or restrict Hyland from Processing the Customer Personal Data, in each case as required for Hyland to perform the Services.
4.3 Customer shall ensure that all fair processing notices have been given (and, as applicable, consents obtained) and are sufficient in scope to enable Hyland to Process the Customer Personal in accordance with the Data Protection Laws.
4.4 Customer shall ensure that Customer Personal Data disclosed or transferred to Hyland is only the minimum amount necessary to perform the Services.
4.5 Customer shall ensure implement and maintain reasonable technical and organisational security measures sufficient to prevent unauthorized access to the Services through Customer’s information systems.
4.6 Customer shall have sole responsibility for the accuracy, quality, and legality of the Customer Personal Data provided to Hyland and the means by which Customer acquired the Customer Personal Data.
6. TERM AND TERMINATION
6.1 Term. This DPA shall have a term commencing on the Effective Date and will terminate automatically upon the termination or expiration of the Incorporating Document.
6.4 Effect. Upon termination of this DPA, Hyland shall return or destroy any Customer Personal Data as set forth above.
7. GENERAL PROVISIONS
7.1 Modification. The Parties agree to amend this DPA from time to time as may be necessary to permit the Parties to remain in compliance with applicable Data Protection Laws.
7.2 Conflict. This DPA supersedes any inconsistent provision in any other components of the Agreement and any other existing agreements between the Hyland and Customer with respect to the Parties’ obligations to comply with Data Protection Laws with respect to Customer Personal Data. If there is any conflict between this DPA, other components of the Agreement, and the terms of an applicable Addendum, the terms of the applicable Addendum shall prevail regarding the Personal Data subject to that Addendum.
7.3 Controlling Language. Hyland may make other versions of this DPA available in other languages at this online location. This English language version of this DPA controls over any version of the Global Data Processing Schedule made available at this online location in another language if the Incorporating Document is in English. If the Incorporating Document is in a language other than English (such language, the “Other Language”), but this DPA is not made available at this online location in the Other Language, this English language version controls over any other version of the DPA that may be made available at this online location in another language.
ADDENDUM I
EEA
The parties agree that transfers of Customer Personal Data from the European Union or Switzerland (collectively the “EEA”) shall be governed by the appropriate EU SCCs (as supplemented by this DPA), which are incorporated herein by reference.
The Parties further agree that the EU SCCs shall be completed as follows:
- Module 2 shall apply unless Customer is a Processor in which case Module 3 will apply.
- Clause 7, the optional docking clause will not apply.
- Clause 9(a), Option 2 will apply. Customer authorizes Hyland to engage Sub-Processors as set forth in this DPA.
- Clause 11, the optional redress language will not apply.
- Clause 17, Option 1 will apply, and the EU SCCs shall be governed by the law specified in the Agreement, provided that law is an EU Member State recognizing third party beneficiaries, otherwise the laws of the Netherlands shall apply.
- Under Clause 18(b), disputes will be resolved before the courts specified under the Agreement, provided those courts are in an EU Member State recognizing third party beneficiaries, otherwise those courts shall be the courts of the Netherlands.
- Annex I of the EU SCCs shall be deemed completed with the information set out in Appendix A.
- Annex II of the EU SCCs shall be deemed completed with the information set out in Appendix B.
- Annex III of the EU SCCs shall be deemed completed with the applicable information set out in Appendix A.
In relation to Personal Data that is protected by the Swiss Federal Act on Data Protection, the EU SCCs will apply as completed herein and as adapted below:
- The Swiss Federal Data Protection and Information Commissioner (“Swiss DPA”) is the exclusive supervisory authority, and each reference to a “supervisory authority” shall be understood to be a reference to the Swiss DPA.
- The term “member state” will not be interpreted in such a way as to exclude Data Subjects in Switzerland from the possibility of enforcing their rights in their place of habitual residence (Switzerland) in accordance with Clause 18 and the choice of law in Clause 17 shall be the applicable Swiss law.
- References to the GDPR and EU SCCs shall include equivalent provisions of the Swiss Federal Act on Data Protection.
Signatures to the Agreement shall constitute all necessary signatures to the EU SCCs, including the Appendices attached thereto.
ADDENDUM II
United Kingdom
Part 1: Tables
TABLE 1: Parties | ||
Start date | Effective Date as defined in the Agreement. | |
The Parties | Exporter (who sends the Restricted Transfer) | Importer (who receives the Restricted Transfer) |
Parties’ details | Full legal name: Trading name (if different): Main address (if a company registered address): Official registration number (if any) (company number of similar identifier): | Full legal name: Hyland Trading name (if different): n/a Main address (if a company registered address): As specified in the Agreement Official registration number (if any) (company number of similar identifier): |
Key Contact | Full Name (optional): Job Title: Contact Details including email: | Full Name (optional): Job Title: Global Privacy Officer Contact Details including email: privacy@hyland.com |
Signature (if required for purposes of Section 2) | Signatures to the Agreement shall constitute all necessary signatures to this Addendum II. | Signatures to the Agreement shall constitute all necessary signatures to this Addendum II. |
TABLE 2: Selected SCCs, Modules, and Selected Clauses | |
Addendum EU SCCs | The version of the Approved EU SCCs which this Addendum is appended, including the Appendix Information. |
TABLE 3: Appendix Information | |
“Appendix Information” means the information which must be provided for the selected modules as set out in the Appendix of the Approved EU SCCs (other than the Parties), and which for this Addendum is set out in. | |
Annex 1A: List of Parties: | As described in the Agreement, Appendix A |
Annex 1B: Description of Transfer: | As described in the Agreement, Appendix A |
Annex II: Technical and organisational measures including technical and organisational measures to ensure the security of the data: | As described in the Agremenet, Appendix B. |
Annex III: List of Sub-Processors (Modules 2 and 3 only): | https://community.hyland.com/en/connect/hyland-sub-processor-list |
TABLE 4: Ending this Addendum when the Approved Addendum Changes | |
Ending this Addendum when the Approved Addendum Changes | Which Parties may end this Addendum as set out in Section 19: Importer Exporter |
Part 2: Mandatory Clauses
Mandatory Clauses | Part 2: Mandatory Clauses of the Approved Addendum, being the template Addendum B.1.0 issued by the ICO and laid before Parliament in accordance with s119A of the Data Protection Act 2018 on 2 February 2022, as it is revised under Section 18 of those Mandatory Clauses. |
ADDENDUM III
California, USA
The following additional provisions apply to Hyland’s Processing of the Personal Information that is subject to the CPRA.
Appendix A
Subject Matter and Duration of the Processing | The subject matter of the Processing is Hyland’s fulfilment of its obligations under the Agreement. The duration of the Processing is the term of the Agreement, and any exit period, if applicable. |
Categories of Data Subjects whose Personal Data is Processed | Any Data Subject whose Personal Data is transferred to Hyland under the Agreement, which could include the following categories:
|
Nature and Purpose of the Processing | The purpose of the Processing is to provide the Services and otherwise for Hyland’s fulfilment of its obligations under the Agreement. The nature of the Processing may include, but is not limited to, collection, recording, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction. |
Categories of Personal Data Processed | Any Personal Data submitted by Customer to Hyland under the Agreement. |
Categories of Sensitive Personal Data Processed | ☒No collection of any Sensitive Personal Data by Hyland is anticipated. ☐ Customer will provide the following categories of Sensitive Personal Data to Hyland under the Agreement: |
FOR USE ONLY WITH THE EU SCCS | |
Data Exporter (including country of establishment) | Customer, as defined in this DPA. |
Data Importer (including country of establishment) | Hyland, as defined in this DPA. |
Frequency of the Transfer | Continuous basis (services related to Hyland’s hosted offerings or cloud services); One-off basis (technical support, professional services or other applicable services) |
Retention Period | For hosting or cloud customers, data is retained for the duration of the Agreement, including any applicable transition period subject to any shorter period which Customer may choose by permanently deleted the personal data from the Services. Personal data provided to Hyland during the performance of technical support or professional services is retained for no longer than necessary for the purposes for which the Personal Data was transferred and, in no event, longer than permitted under the laws of the country of the data exporter. |
Sub-processors | Data importer may use the Sub-processors listed at https://community.hyland.com/en/connect/hyland-sub-processor-list . |
Competent Supervisory Authority | The competent supervisory authority is the supervisory authority of the EU/EEA Member State where the Data Exporter is established. |
Appendix B
Technical and organizational measures
Taking into account:
- the state of the art,
- the costs of implementation and
- the nature, scope, context and
- the purpose of processing as well as
- the risk of varying likelihood and severity for the rights and freedoms of natural persons
Hyland shall implement the technical and organisational measures set forth in the Agreement. To the extent the Agreement does not specify the applicable technical and organizational security measures, then Hyland shall implement the technical and organizational security measures set forth in this Appendix B as follows:
1. Measures for encryption
- encryption of mobile devices such as laptops, tablets, smartphones
- encryption of mobile storage media (CD/DVD- ROM, USB sticks, external hard drives)
- encrypted storage of passwords
- encryption option for sensitive e-mails and e-mail attachments
- secured data sharing (e.g. SSL, FTPS, TLS)
- secured WLAN
2. Measures to ensure confidentiality
a. Measures which ensure that unauthorized persons do not have access to Customer Personal Data:
- access control system, document reader (magnetic / chip card)
- door protections (electric door opener, number lock, etc.)
- protection of facilities, including security guards at Hyland headquarters.
- alarm system
- video surveillance
- special protective measures for the server room
- prohibited areas
- visitor rules (e.g. pick-up at reception, documentation of visiting hours, visitor pass, accompanying visitors to exit after visit)
b. Measures which prevent that unauthorized persons can use the systems that process Customer Personal Data:
- personal and individual user log-in for registration in the systems or company network
- authorization process for access authorizations
- limitation of authorized users
- single sign-on
- two-factor authentication
- BIOS passwords for corporate laptops
- password procedures (indication of password parameters with regard to complexity and update interval)
- logging of access
- additional system log-in for certain applications
- automatic locking of the clients after expiry of a certain period without user activity (also password-protected screensaver or automatic stand-by)
- firewall
c. Measures which ensure that only authorized persons have access to the systems that Process Customer Personal Data and that Customer Personal Data cannot be read, copied, modified or removed without authorization:
- evaluations/logging of data processing
- authorization process for authorizations
- approval routines
- profiles / roles
- encryption at rest and in transit for Customer Personal Data transferred to Hyland via its secure file transfer tool.
- Mobile Device Management system for corporate owned mobile devices and approved personal mobile devices (mobile devices are not part of the hosted solution)
- segregation of functions “segregation of duties”
- destruction of records and storage devices in accordance with NIST 800-88, as applicable
- cyber-related logs retained for no less than six months
3. Measures to ensure integrity
- access rights
- system-side logging
- document management system (DMS) with change history
- security / logging software
- functional responsibilities, organisationally specified responsibilities
- tunnelled remote data connections (VPN = virtual private network)
- electronic signature
- logging of data transfer or data transport
- logging of read accesses
4. Measures to ensure and restore availability
- security concept for software and IT applications
- back-up procedures, as applicable
- ensuring data storage in secured network
- need-based installation of security updates
- set-up of an uninterrupted power supply
- suitable archiving facilities for paper documents
- fire and/or extinguishing water protection for the server room
- air-conditioned server room
- virus protection
- firewall
- business continuity plan
- successful disaster recovery exercises
- redundant, locally separated data storage (off-site storage), as applicable
5. Measures to ensure resilience
- emergency plan in case of machine breakdown / business recovery plan
- redundant power supply
- sufficient capacity of IT systems and plants
- logistically controlled process to avoid power peaks
- redundant systems / plants
- resilience and error management
6. Procedure for regular review, assessment and evaluation of the effectiveness of the technical and organisational measures
- procedures for regular controls/audits
- concept for regular review, assessment and evaluation
- reporting system
- penetration tests
- emergency tests
- applicable certifications
7. “Control of instructions / assignment control”
- process of issuing and/or following instructions
- specification of contact persons and/or responsible employees
- control / examination that the assignment is executed in accordance with instructions
- training / instruction of all access-authorized employees
- independent auditing of adherence to instructions
- commitment of employees to maintain confidentiality
- agreement on penalties for infringements of instructions
- data protection manager / coordinator
- maintain records of processing activities in accordance with art. 30, para. 2 GDPR, as applicable
- documented Security Incident Response Policy, which includes escalation processes for Personal Data Breaches
- guidelines / instructions designed to ensure technical-organisational measures for the security of the processing
- process for forwarding requests of data subjects
The most current version of this page shall be such in effect as of 12:00am EST (Eastern Standard Time) of the date stamped on such online version.
Effective January 19th 2023 to June 30th 2023
DownloadTable of Contents
GLOBAL DATA PROCESSING SCHEDULE
This Global Data Processing Schedule (“DPA Schedule”) forms a part of the Hyland Master Agreement or any other agreement between Customer and Hyland (the "Agreement") which incorporates this DPA Schedule by reference.
- Module 2 shall apply unless Customer is a Processor in which case Module 3 will apply.
- Clause 7, the optional docking clause will not apply.
- Clause 9(a), Option 2 will apply. Customer authorizes Hyland to engage Sub-Processors as set forth in this DPA.
- Clause 11, the optional redress language will not apply.
- Clause 17, Option 1 will apply, and the EU SCCs shall be governed by the law specified in the Hyland Master Agreement, provided that law is an EU Member State recognizing third party beneficiaries, otherwise the laws of the Netherlands shall apply.
- Under Clause 18(b), disputes will be resolved before the courts specified under the Hyland Master Agreement, provided those courts are in an EU Member State recognizing third party beneficiaries, otherwise those courts shall be the courts of the Netherlands.
- Annex I of the EU SCCs shall be deemed completed with the information set out in Appendix A.
- Annex II of the EU SCCs shall be deemed completed with the information set out in Appendix B.
- Annex III of the EU SCCs shall be deemed completed with the applicable information set out in Appendix A.
- The Swiss Federal Data Protection and Information Commissioner (“Swiss DPA”) is the exclusive supervisory authority, and each reference to a “supervisory authority” shall be understood to be a reference to the Swiss DPA.
- The term “member state” will not be interpreted in such a way as to exclude Data Subjects in Switzerland from the possibility of enforcing their rights in their place of habitual residence (Switzerland) in accordance with Clause 18 and the choice of law in Clause 17 shall be the applicable Swiss law.
- References to the GDPR and EU SCCs shall include equivalent provisions of the Swiss Federal Act on Data Protection.
TABLE 1: Parties | ||
Start date | Effective Date as defined in the Agreement. | |
The Parties | Exporter (who sends the Restricted Transfer) | Importer (who receives the Restricted Transfer) |
Parties’ details | Full legal name: Trading name (if different): Main address (if a company registered address): Official registration number (if any) (company number of similar identifier): | Full legal name: Hyland Trading name (if different): n/a Main address (if a company registered address): As specified in the Agreement Official registration number (if any) (company number of similar identifier): |
Key Contact | Full Name (optional): Job Title: Contact Details including email: | Full Name (optional): Job Title: Global Privacy Officer Contact Details including email: privacy@hyland.com |
Signature (if required for purposes of Section 2) | Signatures to the Agreement shall constitute all necessary signatures to this Addendum II. | Signatures to the Agreement shall constitute all necessary signatures to this Addendum II. |
TABLE 2: Selected SCCs, Modules, and Selected Clauses | |
Addendum EU SCCs | The version of the Approved EU SCCs which this Addendum is appended, including the Appendix Information. |
TABLE 3: Appendix Information | |
“Appendix Information” means the information which must be provided for the selected modules as set out in the Appendix of the Approved EU SCCs (other than the Parties), and which for this Addendum is set out in. | |
Annex 1A: List of Parties: | As described in the Agreement, Appendix A |
Annex 1B: Description of Transfer: | As described in the Agreement, Appendix A |
Annex II: Technical and organisational measures including technical and organisational measures to ensure the security of the data: | As described in the Agremenet, Appendix B. |
Annex III: List of Sub-Processors (Modules 2 and 3 only): | |
TABLE 4: Ending this Addendum when the Approved Addendum Changes | |
Ending this Addendum when the Approved Addendum Changes | Which Parties may end this Addendum as set out in Section 19: Importer Exporter |
Mandatory Clauses | Part 2: Mandatory Clauses of the Approved Addendum, being the template Addendum B.1.0 issued by the ICO and laid before Parliament in accordance with s119A of the Data Protection Act 2018 on 2 February 2022, as it is revised under Section 18 of those Mandatory Clauses. |
Subject Matter and Duration of the Processing | The subject matter of the Processing is Hyland’s fulfilment of its obligations under the Hyland Master Agreement. The duration of the Processing is the term of the Hyland Master Agreement, and any exit period, if applicable. |
Categories of Data Subjects whose Personal Data is Processed | Any Data Subject whose Personal Data is transferred to Hyland under the Hyland Master Agreement, which could include the following categories:
|
Nature and Purpose of the Processing | The purpose of the Processing is to provide the Services and otherwise for Hyland’s fulfillment of its obligations under the Hyland Master Agreement. The nature of the Processing may include, but is not limited to, collection, recording, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction. |
Categories of Personal Data Processed | Any Personal Data submitted by Customer to Hyland under the Hyland Master Agreement. |
Categories of Sensitive Personal Data Processed | ☒No collection of any Sensitive Personal Data by Hyland is anticipated. ☐ Customer will provide the following categories of Sensitive Personal Data to Hyland under the Hyland Master Agreement: |
FOR USE ONLY WITH THE EU SCCS | |
Data Exporter (including country of establishment) | Customer, as defined in this DPA. |
Data Importer (including country of establishment) | Hyland, as defined in this DPA. |
Frequency of the Transfer | Continuous basis (services related to Hyland’s hosted offerings or cloud services); One-off basis (technical support, professional services or other applicable services) |
Retention Period | For hosting or cloud customers, data is retained for the duration of the Hyland Master Agreement, including any applicable transition period subject to any shorter period which Customer may choose by permanently deleted the personal data from the Services. Personal data provided to Hyland during the performance of technical support or professional services is retained for no longer than necessary for the purposes for which the Personal Data was transferred and, in no event, longer than permitted under the laws of the country of the data exporter. |
Sub-processors | Data importer may use the Sub-processors listed at https://community.hyland.com/en/connect/hyland-sub-processor-list. |
Competent Supervisory Authority | The competent supervisory authority is the supervisory authority of the EU/EEA Member State where the Data Exporter is established. |
- the state of the art,
- the costs of implementation and
- the nature, scope, context and
- the purpose of processing as well as
- the risk of varying likelihood and severity for the rights and freedoms of natural persons
- encryption of mobile devices such as laptops, tablets, smartphones
- encryption of mobile storage media (CD/DVD- ROM, USB sticks, external hard drives)
- encrypted storage of passwords
- encryption option for sensitive e-mails and e-mail attachments
- secured data sharing (e.g. SSL, FTPS, TLS)
- secured WLAN
- access control system, document reader (magnetic / chip card)
- door protections (electric door opener, number lock, etc.)
- protection of facilities, including security guards at Hyland headquarters.
- alarm system
- video surveillance
- special protective measures for the server room
- prohibited areas
- visitor rules (e.g. pick-up at reception, documentation of visiting hours, visitor pass, accompanying visitors to exit after visit)
- personal and individual user log-in for registration in the systems or company network
- authorization process for access authorizations
- limitation of authorized users
- single sign-on
- two-factor authentication
- BIOS passwords for corporate laptops
- password procedures (indication of password parameters with regard to complexity and update interval)
- logging of access
- additional system log-in for certain applications
- automatic locking of the clients after expiry of a certain period without user activity (also password-protected screensaver or automatic stand-by)
- firewall
- evaluations/logging of data processing
- authorization process for authorizations
- approval routines
- profiles / roles
- encryption at rest and in transit for Customer Personal Data transferred to Hyland via its secure file transfer tool.
- Mobile Device Management system for corporate owned mobile devices and approved personal mobile devices (mobile devices are not part of the hosted solution)
- segregation of functions “segregation of duties”
- destruction of records and storage devices in accordance with NIST 800-88, as applicable
- cyber-related logs retained for no less than six months
- access rights
- system-side logging
- document management system (DMS) with change history
- security / logging software
- functional responsibilities, organisationally specified responsibilities
- tunnelled remote data connections (VPN = virtual private network)
- electronic signature
- logging of data transfer or data transport
- logging of read accesses
- security concept for software and IT applications
- back-up procedures, as applicable
- ensuring data storage in secured network
- need-based installation of security updates
- set-up of an uninterrupted power supply
- suitable archiving facilities for paper documents
- fire and/or extinguishing water protection for the server room
- air-conditioned server room
- virus protection
- firewall
- business continuity plan
- successful disaster recovery exercises
- redundant, locally separated data storage (off-site storage), as applicable
- emergency plan in case of machine breakdown / business recovery plan
- redundant power supply
- sufficient capacity of IT systems and plants
- logistically controlled process to avoid power peaks
- redundant systems / plants
- resilience and error management
- procedures for regular controls/audits
- concept for regular review, assessment and evaluation
- reporting system
- penetration tests
- emergency tests
- applicable certifications
- process of issuing and/or following instructions
- specification of contact persons and/or responsible employees
- control / examination that the assignment is executed in accordance with instructions
- training / instruction of all access-authorized employees
- independent auditing of adherence to instructions
- commitment of employees to maintain confidentiality
- agreement on penalties for infringements of instructions
- data protection manager / coordinator
- maintain records of processing activities in accordance with art. 30, para. 2 GDPR, as applicable
- documented Security Incident Response Policy, which includes escalation processes for Personal Data Breaches
- guidelines / instructions designed to ensure technical-organisational measures for the security of the processing
- process for forwarding requests of data subjects
Effective January 19th 2023 to January 19th 2023
DownloadTable of Contents
GLOBAL DATA PROCESSING SCHEDULE
This Global Data Processing Schedule (“DPA Schedule”) forms a part of the Hyland Master Agreement or any other agreement between Customer and Hyland (the "Agreement") which incorporates this DPA Schedule by reference.
- Module 2 shall apply unless Customer is a Processor in which case Module 3 will apply.
- Clause 7, the optional docking clause will not apply.
- Clause 9(a), Option 2 will apply. Customer authorizes Hyland to engage Sub-Processors as set forth in this DPA.
- Clause 11, the optional redress language will not apply.
- Clause 17, Option 1 will apply, and the EU SCCs shall be governed by the law specified in the Hyland Master Agreement, provided that law is an EU Member State recognizing third party beneficiaries, otherwise the laws of the Netherlands shall apply.
- Under Clause 18(b), disputes will be resolved before the courts specified under the Hyland Master Agreement, provided those courts are in an EU Member State recognizing third party beneficiaries, otherwise those courts shall be the courts of the Netherlands.
- Annex I of the EU SCCs shall be deemed completed with the information set out in Appendix A.
- Annex II of the EU SCCs shall be deemed completed with the information set out in Appendix B.
- Annex III of the EU SCCs shall be deemed completed with the applicable information set out in Appendix A.
- The Swiss Federal Data Protection and Information Commissioner (“Swiss DPA”) is the exclusive supervisory authority, and each reference to a “supervisory authority” shall be understood to be a reference to the Swiss DPA.
- The term “member state” will not be interpreted in such a way as to exclude Data Subjects in Switzerland from the possibility of enforcing their rights in their place of habitual residence (Switzerland) in accordance with Clause 18 and the choice of law in Clause 17 shall be the applicable Swiss law.
- References to the GDPR and EU SCCs shall include equivalent provisions of the Swiss Federal Act on Data Protection.
TABLE 1: Parties | ||
Start date | Effective Date as defined in the Agreement. | |
The Parties | Exporter (who sends the Restricted Transfer) | Importer (who receives the Restricted Transfer) |
Parties’ details | Full legal name: Trading name (if different): Main address (if a company registered address): Official registration number (if any) (company number of similar identifier): | Full legal name: Hyland Trading name (if different): n/a Main address (if a company registered address): As specified in the Agreement Official registration number (if any) (company number of similar identifier): |
Key Contact | Full Name (optional): Job Title: Contact Details including email: | Full Name (optional): Job Title: Global Privacy Officer Contact Details including email: privacy@hyland.com |
Signature (if required for purposes of Section 2) | Signatures to the Agreement shall constitute all necessary signatures to this Addendum II. | Signatures to the Agreement shall constitute all necessary signatures to this Addendum II. |
TABLE 2: Selected SCCs, Modules, and Selected Clauses | |
Addendum EU SCCs | The version of the Approved EU SCCs which this Addendum is appended, including the Appendix Information. |
TABLE 3: Appendix Information | |
“Appendix Information” means the information which must be provided for the selected modules as set out in the Appendix of the Approved EU SCCs (other than the Parties), and which for this Addendum is set out in. | |
Annex 1A: List of Parties: | As described in the Agreement, Appendix A |
Annex 1B: Description of Transfer: | As described in the Agreement, Appendix A |
Annex II: Technical and organisational measures including technical and organisational measures to ensure the security of the data: | As described in the Agremenet, Appendix B. |
Annex III: List of Sub-Processors (Modules 2 and 3 only): | |
TABLE 4: Ending this Addendum when the Approved Addendum Changes | |
Ending this Addendum when the Approved Addendum Changes | Which Parties may end this Addendum as set out in Section 19: Importer Exporter |
Mandatory Clauses | Part 2: Mandatory Clauses of the Approved Addendum, being the template Addendum B.1.0 issued by the ICO and laid before Parliament in accordance with s119A of the Data Protection Act 2018 on 2 February 2022, as it is revised under Section 18 of those Mandatory Clauses. |
Subject Matter and Duration of the Processing | The subject matter of the Processing is Hyland’s fulfilment of its obligations under the Hyland Master Agreement. The duration of the Processing is the term of the Hyland Master Agreement, and any exit period, if applicable. |
Categories of Data Subjects whose Personal Data is Processed | Any Data Subject whose Personal Data is transferred to Hyland under the Hyland Master Agreement, which could include the following categories:
|
Nature and Purpose of the Processing | The purpose of the Processing is to provide the Services and otherwise for Hyland’s fulfillment of its obligations under the Hyland Master Agreement. The nature of the Processing may include, but is not limited to, collection, recording, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction. |
Categories of Personal Data Processed | Any Personal Data submitted by Customer to Hyland under the Hyland Master Agreement. |
Categories of Sensitive Personal Data Processed | ☒No collection of any Sensitive Personal Data by Hyland is anticipated. ☐ Customer will provide the following categories of Sensitive Personal Data to Hyland under the Hyland Master Agreement: |
FOR USE ONLY WITH THE EU SCCS | |
Data Exporter (including country of establishment) | Customer, as defined in this DPA. |
Data Importer (including country of establishment) | Hyland, as defined in this DPA. |
Frequency of the Transfer | Continuous basis (services related to Hyland’s hosted offerings or cloud services); One-off basis (technical support, professional services or other applicable services) |
Retention Period | For hosting or cloud customers, data is retained for the duration of the Hyland Master Agreement, including any applicable transition period subject to any shorter period which Customer may choose by permanently deleted the personal data from the Services. Personal data provided to Hyland during the performance of technical support or professional services is retained for no longer than necessary for the purposes for which the Personal Data was transferred and, in no event, longer than permitted under the laws of the country of the data exporter. |
Sub-processors | Data importer may use the Sub-processors listed at https://community.hyland.com/en/connect/hyland-sub-processor-list. |
Competent Supervisory Authority | The competent supervisory authority is the supervisory authority of the EU/EEA Member State where the Data Exporter is established. |
- the state of the art,
- the costs of implementation and
- the nature, scope, context and
- the purpose of processing as well as
- the risk of varying likelihood and severity for the rights and freedoms of natural persons
- encryption of mobile devices such as laptops, tablets, smartphones
- encryption of mobile storage media (CD/DVD- ROM, USB sticks, external hard drives)
- encrypted storage of passwords
- encryption option for sensitive e-mails and e-mail attachments
- secured data sharing (e.g. SSL, FTPS, TLS)
- secured WLAN
- access control system, document reader (magnetic / chip card)
- door protections (electric door opener, number lock, etc.)
- protection of facilities, including security guards at Hyland headquarters.
- alarm system
- video surveillance
- special protective measures for the server room
- prohibited areas
- visitor rules (e.g. pick-up at reception, documentation of visiting hours, visitor pass, accompanying visitors to exit after visit)
- personal and individual user log-in for registration in the systems or company network
- authorization process for access authorizations
- limitation of authorized users
- single sign-on
- two-factor authentication
- BIOS passwords for corporate laptops
- password procedures (indication of password parameters with regard to complexity and update interval)
- logging of access
- additional system log-in for certain applications
- automatic locking of the clients after expiry of a certain period without user activity (also password-protected screensaver or automatic stand-by)
- firewall
- evaluations/logging of data processing
- authorization process for authorizations
- approval routines
- profiles / roles
- encryption at rest and in transit for Customer Personal Data transferred to Hyland via its secure file transfer tool.
- Mobile Device Management system for corporate owned mobile devices and approved personal mobile devices (mobile devices are not part of the hosted solution)
- segregation of functions “segregation of duties”
- destruction of records and storage devices in accordance with NIST 800-88, as applicable
- cyber-related logs retained for no less than six months
- access rights
- system-side logging
- document management system (DMS) with change history
- security / logging software
- functional responsibilities, organisationally specified responsibilities
- tunnelled remote data connections (VPN = virtual private network)
- electronic signature
- logging of data transfer or data transport
- logging of read accesses
- security concept for software and IT applications
- back-up procedures, as applicable
- ensuring data storage in secured network
- need-based installation of security updates
- set-up of an uninterrupted power supply
- suitable archiving facilities for paper documents
- fire and/or extinguishing water protection for the server room
- air-conditioned server room
- virus protection
- firewall
- business continuity plan
- successful disaster recovery exercises
- redundant, locally separated data storage (off-site storage), as applicable
- emergency plan in case of machine breakdown / business recovery plan
- redundant power supply
- sufficient capacity of IT systems and plants
- logistically controlled process to avoid power peaks
- redundant systems / plants
- resilience and error management
- procedures for regular controls/audits
- concept for regular review, assessment and evaluation
- reporting system
- penetration tests
- emergency tests
- applicable certifications
- process of issuing and/or following instructions
- specification of contact persons and/or responsible employees
- control / examination that the assignment is executed in accordance with instructions
- training / instruction of all access-authorized employees
- independent auditing of adherence to instructions
- commitment of employees to maintain confidentiality
- agreement on penalties for infringements of instructions
- data protection manager / coordinator
- maintain records of processing activities in accordance with art. 30, para. 2 GDPR, as applicable
- documented Security Incident Response Policy, which includes escalation processes for Personal Data Breaches
- guidelines / instructions designed to ensure technical-organisational measures for the security of the processing
- process for forwarding requests of data subjects
Effective June 8th 2022 to January 19th 2023
DownloadTable of Contents
GDPR DATA PROCESSING SCHEDULE
This GDPR Data Processing Schedule (“DPA”) forms a part of the Hyland Master Agreement or any other agreement between Customer and Hyland (the "Agreement") which incorporates this DPA Schedule by reference.
All capitalized terms used in this Schedule shall have the meaning ascribed them in this Schedule or, if not defined in this Schedule, the General Terms Schedule. If any capitalized terms used herein are not defined in this Schedule or the General Terms Schedule, they shall have the meaning ascribed to them elsewhere in this Agreement.
The following terms shall have the meanings set forth in the Article 28 Model Clauses or the EU Model Clauses, as applicable: “Controller”, “Data Subject”, “Personal Data Breach”, “Process”, “Processed”, “Processing”, and “Processor.” Sensitive Personal Data shall mean the special categories of Personal Data set our in Article 9(1) of the GDPR.
“Article 28 Model Clauses” means the Commission Implementing Decision (EU) 2021/915 on Standard Contractual Clauses Between Controllers and Processors.
“Customer Personal Data” means any Personal Data and Sensitive Personal Data of a Data Subject Processed by (or on behalf of) Hyland during the performance of the Services as set out in the Related Agreements.
“Data Protection Law” means: (i) Regulation (EU) 2016/679 if the European Parliament and of the Counsel of 27 April 2016 (“GDPR”); (ii) the Swiss Federal Data Protection Act; and (iii) any and all applicable national data protection laws made under or pursuant to (i), (ii), or (iii) in each case as may be amended or superseded from time to time.
“EU Model Clauses” means the Commission Implementing Decision (EU) 2021/914 establishing Standard Contractual Clauses for data transfers to Third Countries. For purposes of this DPA, the applicable modules within the EU Model Clauses are MODULE TWO (Transfer Controller to Processor) and/or MODULE THREE (Transfer Processor to Processor). For the avoidance of doubt, neither MODULE ONE (Transfer Controller to Controller) nor MODULE FOUR (Transfer Processor to Controller) shall apply to this DPA.
“Services” means technical support services, professional services, services relating to Hyland’s hosted offering or cloud service, or other applicable services provided by Hyland to Customer in relation to Hyland’s software offerings, as defined in the Agreement.
“Sub-Processor,” means an entity engaged by Hyland to perform certain services as described in Section 3(e).
and the remaining details required under the Article 28 Model Clauses being deemed completed as appropriate with the information set out in this DPA (including without limitation the Appendices) and the Agreement.
and the remaining details required under the EU Model Clauses being deemed completed as appropriate with the information set out in this DPA (including without limitation the Appendices) and the Agreement. For the avoidance of doubt, for purposes of the EU Model Clauses, Appendix A of this DPA shall serve as Annex I and Appendix B shall serve as Annex II.
Appendix A
Data exporter(s):
Name: Customer, as defined in the Agreement
Address: As specified in the Agreement
Contact person’s name, position, and contact details: As specified in the Agreement
Activities relevant to the data transferred under the SCCs: Purchase of content management software licenses and related services and support
Signature and date:
Role (controller / processor): Controller and/or Processor
Data importer(s):
Name: Hyland, As defined in the Agreement
Address: As specified in the Agreement
Contact person’s name, position, and contact details: As specified in the Agreement
Activities relevant to the data transferred under the SCCs: Services, as defined in this DPA.
Signature and date:
Role (controller / processor): Processor
Description of transfer:
Categories of data subjects whose personal data is transferred:
Any data subject whose personal data is transferred to Hyland in the course of Hyland’s Services under the Agreement, which may include the following categories :
* Customer Employees (Past, potential, present and future staff of Customer)
* Customer Vendors (Past, present and potential advisors, consultants, vendors, contractors, subcontractors and other professionals engaged by Customer and related staff.)
* Customers End Users (Past, present and potential users of Customer services or products)
Categories of personal data transferred:
Sensitive data transferred (if applicable) and applied restrictions or safeguards that fully take into consideration the nature of the data and the risks involved, such as for instance strict purpose limitation, access restrictions (including access only for staff having followed specialized training), keeping a record of access to the data, restrictions for onward transfers or additional security measures.
The frequency of the transfer (e.g. whether the data is transferred on a one-off or continuous basis).
* Continuous basis (services related to Hyland’s hosted offerings or cloud services);
* One-off basis (technical support, professional services or other applicable services)
Nature of the processing
Purpose(s) of the data transfer and further processing
* To provide the Services set forth in the Agreement.
The period for which the personal data will be retained, or, if that is not possible, the criteria used to determine that period:
* For hosting or cloud customers, data is retained for the duration of the Agreement, including any applicable transition period. Personal data provided to Hyland during the performance of technical support or professional services is retained for no longer than necessary for the purposes for which the Personal Data was transferred and, in no event, longer than permitted under the laws of the country of the data exporter.
For transfers to (sub-) processors, also specify subject matter, nature and duration of the processing
Competent supervisory authority
Unless otherwise stated in the DPA, the competent supervisory authority is the supervisory authority of the EU/EEA Member State where the Data Exporter is established.
Appendix B
Technical and organizational measures
Taking into account:
- the state of the art,
- the costs of implementation and
- the nature, scope, context and
- the purpose of processing as well as
- the risk of varying likelihood and severity for the rights and freedoms of natural persons
Hyland shall implement appropriate technical and organisational measures designed to ensure a level of security appropriate to the risk, including those security measures set forth in the Agreement and as follows:
- Measures for encryption
☒ encryption of mobile devices such as laptops, tablets, smartphones
☒ encryption of mobile storage media (CD/DVD- ROM, USB sticks, external hard drives)
☒ encrypted storage of passwords
☒ encryption option for sensitive e-mails and e-mail attachments
☒ secured data sharing (e.g. SSL, FTPS, TLS)
☒ secured WLAN
2. Measures to ensure confidentiality
a. Measures which ensure that unauthorized persons do not have access to Customer Personal Data:
☒ access control system, document reader (magnetic / chip card)
☒ door protections (electric door opener, number lock, etc.)
☒ protection of facilities, including security guards at Hyland headquarters.
☒ alarm system
☒ video surveillance
☒ special protective measures for the server room
☒ prohibited areas
☒ visitor rules (e.g. pick-up at reception, documentation of visiting hours, visitor pass, accompanying visitors to exit after visit)
b. Measures which prevent that unauthorized persons can use the systems that process Customer Personal Data:
☒ personal and individual user log-in for registration in the systems or company network
☒ authorization process for access authorizations
☒ limitation of authorized users
☒ single sign-on
☒ two-factor authentication
☒ BIOS passwords for corporate laptops
☒ password procedures (indication of password parameters with regard to complexity and update interval)
☒ logging of access
☒ additional system log-in for certain applications
☒ automatic locking of the clients after expiry of a certain period without user activity (also password-protected screensaver or automatic stand-by)
☒ firewall
c. Measures which ensure that only authorized persons have access to the systems that Process Customer Personal Data and that Customer Personal Data cannot be read, copied, modified or removed without authorization:
☒ evaluations/logging of data processing
☒ authorization process for authorizations
☒ approval routines
☒ profiles / roles
☒ encryption at rest and in transit for Customer Personal Data transferred to Hyland via its secure file transfer tool.
☒ Mobile Device Management system for corporate owned mobile devices and approved personal mobile devices (mobile devices are not part of the hosted solution)
☒ segregation of functions “segregation of duties”
☒ destruction of records and storage devices in accordance with NIST 800-88, as applicable
☒ cyber-related logs retained for no less than six months
3. Measures to ensure integrity
☒ access rights
☒ system-side logging
☒ document management system (DMS) with change history
☒ security / logging software
☒ functional responsibilities, organisationally specified responsibilities