PacketFabric’s Terms and Conditions

These online terms and conditions (“T&Cs”) attached to and are incorporated into the Order entered into by and between PacketFabric, Inc. (“PacketFabric”) and the customer executing the Order (“Customer”) PacketFabric and Customer may be referred to individually as “Party” and collectively as “Parties.” These Terms and Conditions apply to Customer’s access to and use of the Services.

Capitalized terms are defined in Section 11 at the end of this document.

1. CONTRACTS

1.1 Agreements. These T&Cs sets out the general terms and conditions that apply to Customer’s access to and use of any of the PacketFabric Services (defined below). PacketFabric’s services are separated into two broad categories of: a) PacketFabric’s transmission of the Customer’s Data (referred to as Cloud Router Service, Core Service, Transporter, or Type 2 Service); and b) PacketFabric’s storage of Customer’s Data (referred to as Storage Service). Core Service, Type 2 Service, Cloud Router Service, Transporter, and Storage Service are defined in the addendum applicable to such and are collectively referred to as “Services”. If Customer wishes to order Cloud Router Service, Core Service, Transporter, or Type 2 Service, the Parties will execute the Transmission Service Addendum. If Customer wishes to order Storage Services, the Parties will execute the Storage Service Addendum. In the event Customer wishes to resell the Services, the Parties will execute the Reseller Addendum in addition to the applicable Service addendum. Customer may purchase Services by executing an order which contains specific financial and technical specifications, or by making such selection via the self-serve functionality of the Portal (either method creates an “Order”). These T&Cs, the Transmission Service Addendum, the Storage Service Addendum, and any Orders, along with any attachment and exhibit, shall be incorporated into these T&Cs to form one document and be referred to as the “Agreement”. In the event Customer purchases a Service without executing the applicable Service addendum, the Service will be governed by PacketFabric’s standard Service addendum applicable to such Order.

1.2 Term. These T&Cs shall remain in effect until the later of the following events: (i) all Orders have been terminated or expired; or (ii) either Customer or PacketFabric provides written notice of termination.

1.3 Services. The Transmission Service Addendum and the Storage Service Addendum each contain the technical specifications, Service Level Agreement (“SLA”), provisioning and activation, as well as a Data Protection Exhibit applicable to each Service.

1.4 Service Term. – Every Order will contain a period for which the Customer agrees to pay for the associated Service for the delineated duration (“Service Term”). A Service Term is Service specific, and therefore an Order may contain multiple different Service Terms. The Service Term commences on the Billing Start Date for the Service and continues for the duration of the Service Term, unless terminated or renewed in accordance with the Agreement. Upon the conclusion of the Service Term, each Service will automatically extend on a month-to-month basis at PacketFabric’s then-current published month-to-month rates, unless either Party provides the other with 30 days’ prior written notice of cancellation.

1.5 Services Outside the United States. If an Order requires the provision of Services outside the United States (“US”) additional terms and conditions may apply as otherwise specifically provided in Exhibit 1 attached to and incorporated into these T&Cs.

2. INVOICING AND PAYMENT

2.1 Fees. Fees are as set forth in the Order and may be comprised of a monthly recurring charge (“MRC”) and/or a one-time, non-recurring charge (“NRC”), and/or variable usage charges, all of which are payable in USD. PacketFabric reserves the right to invoice MRC monthly in advance, and the NRC when the Order is accepted. Customer is responsible for payment of all usage charges incurred on its account. All charges are payable within 45 days of the date of invoice and payable in USD. Invoices will be delivered electronically to the email address Customer specifies on the Order or in the Portal. Any invoice disputes must be submitted within 60 days of the date of invoice. Customer is responsible for any bank handling or charges PacketFabric incurs due to Customer’s vendor or third-party billing platform.

2.2 Late Payments. If Customer does not pay all undisputed amounts by the due date, PacketFabric may charge Customer interest (calculated on a daily basis) on any unpaid amounts at a monthly rate of 1.5%, or the maximum amount chargeable by law, whichever amount is lower. Additionally, in the event Customer fails to cure its non-payment breach of this Agreement, PacketFabric shall be entitled to recover any costs of collection, including reasonable attorneys’ fees, suffered due to Customer’s breach.

2.3 Credit Procedures. Customer authorizes PacketFabric to conduct an initial credit check on Customer. If Customer is repeatedly late in paying invoices, or if a single invoice is more than 60 days past due, PacketFabric may require prepayment as a condition to continuing to provide the Services to Customer, in an amount not to exceed three months estimated charges. Additionally, PacketFabric may set a credit limit on Customer’s account; if Customer exceeds its credit limit, PacketFabric may restrict Customer’s ability to order new Services and/ or require prepayment from Customer. PacketFabric may also communicate with credit reporting agencies about Customer’s delayed payments.

2.4 Taxes. Customer must pay all Taxes in respect of the Services. Unless expressly stated otherwise in the Order, the charges for the Services are exclusive of any Taxes.

3. CUSTOMER RESPONSIBILITIES.

3.1 Compliance. Customer is solely responsible for obtaining all licenses, approvals, and regulatory authority for its business operations and use of the Services. Customer shall comply with all applicable laws, rules, and regulations relating to Customer’s use of the Services, including PacketFabric’s Acceptable Use Policy attached to and incorporated into these T&Cs as Exhibit 2.

3.2 Equipment and Cross-Connects. Customer’s equipment used in connection with any Service shall not: (a) interfere with or impair service over any facilities and equipment of PacketFabric and its suppliers; (b) impair the privacy of any data carried over the Services; or (c) create hazards to the employees of PacketFabric or the public. Customer must: (i) establish and maintain all cabling at third-party sites (including all cross-connects) from the Service demarcation point to Customer’s own equipment and comply with any requirements of the third-party site provider in relation to that cabling; and (ii) uninstall cross connects from the Customer’s equipment to the demarcation point at Customer’s cost at the date the Service is terminated.

3.3 PacketFabric’s Equipment. In the event an Order states PacketFabric is providing a cabinet, server, or other similar equipment at Customer’s location (“PacketFabric’s Equipment”) Customer is responsible for: i) providing the necessary power and space, which will be further delineated in the applicable Order, in a secure location with appropriate cooling; ii) allowing PacketFabric employees access, as necessary, to the PacketFabric’s Equipment when reasonably requested; iii) ensuring its representatives do not touch PacketFabric’s Equipment, unless otherwise directed by PacketFabric; iv) any damage it causes to PacketFabric’s Equipment due to Customer’s unauthorized access to it; and v) providing PacketFabric with reasonable notice in the event it becomes aware of any damage to PacketFabric’s Equipment or aware of a future event which is reasonably likely to cause damage to PacketFabric’s Equipment (e.g. construction in the area where PacketFabric’s Equipment resides, or a planned power outage at the location where PacketFabric’s Equipment resides).

3.4 Use of the Services. Customer is responsible for all information and data transmitted or accessed using the Service and is responsible for any of its Users who have access to the Service. Customer must not resell a Service to any third-party without PacketFabric’s consent which will be memorialized in a reseller addendum.

3.5 PacketFabric’s Policies. Customer agrees and will ensure that any of Customer’s Affiliates, Users and any individuals who receive Services connected with the Agreement are aware and consent to PacketFabric’s collection, use and disclosure of information about Customer and each of them in accordance with PacketFabric’s policies referenced and attached to these T&Cs.

3.6 Indemnification. Customer will indemnify, defend, and hold PacketFabric and its Affiliates harmless from and against third-party claims that arise or are alleged to have arisen as a result of negligent or intentional acts or omissions of Customer or its Users or breach by Customer of any term of the Agreement. PacketFabric will give Customer prompt notice of third-party claims against PacketFabric or its Affiliates, and cooperate in the investigation, settlement, and defense of such claims.

4. PACKETFABRIC’S RESPONSIBILITIES.

4.1 Compliance. PacketFabric has obtained all licenses, approvals, and regulatory authority for its business operations and supply of its Services, which includes compliance with relevant data protection and secrecy laws regarding Ethernet transmission of data.

4.2 Customer’s Data. All data which is generated by, or on behalf of, Customer that Customer elects to traverse PacketFabric’s network via Customer’s use of the Service(s), which could include text, sound, video, image files, and software shall be collectively referred to as “Customer’s Data”. PacketFabric will adhere to all security and privacy laws required for such information in accordance with the Data Protection Exhibit contained in the applicable Service addendum.

4.3 Customer’s Personal Information. As provided in Section 6, PacketFabric offers Customer the ability to manage and order Services via its Portal. Customer’s use of such Portal will require Customer to input Customer’s authorized representatives, contact information, and billing information. If Customer uses the Portal to manage or order Services, the Portal will also contain Customer’s proprietary network information, see CPNI below. PacketFabric will adhere to all security and privacy laws required for such information in accordance with the Data Protection Exhibit contained in the applicable Service addendum.

4.4 Customer Proprietary Network Information. One of the telecommunications laws PacketFabric must adhere to for Services within the United States involves PacketFabric’s protection of certain usage-related information about the Customer known as customer proprietary network information (“CPNI”) under US federal law. Under US federal law, Customer has the right, and PacketFabric has the duty, to protect the confidentiality of Customer’s CPNI. PacketFabric agrees to use CPNI only in accordance with US law. PacketFabric currently provides Customer a dedicated account representative assigned to its account. Customer agrees that the PacketFabric dedicated account representative, or its delegate may use any means to provide CPNI to any representative of Customer. Customer authorizes PacketFabric to share CPNI with other PacketFabric Affiliates for any lawful purpose, including without limitation for provisioning, supporting billing and collecting charges for the Services and to develop, identify, offer, and provide products and services that may benefit Customer; provided those Affiliates first agree to observe the confidentiality of the information in accordance with Section 10.1.

4.5 Law Enforcement. PacketFabric may be required by law, regulation, court order, subpoena, civil investigative demand, or other similar law enforcement process to intercept data beyond what is provided for in this Section.

5. INTELLECTUAL PROPERTY.

5.1 Intellectual Property Rights. Except as expressly set forth in the Agreement, the Agreement does not grant either Party any rights, implied or otherwise, to the other’s content or any of the other’s intellectual property. As between the Parties, Customer owns all Intellectual Property Rights in Customer’s Data, and PacketFabric owns all Intellectual Property Rights in the Services and Portal.

5.2 Customer Feedback. PacketFabric may use any feedback or suggestions about the Services provided to PacketFabric by Customer without obligation to Customer, and Customer hereby irrevocably assigns to PacketFabric all right, title, and interest in such feedback or suggestions.

5.3 IP Indemnification. PacketFabric will indemnify, defend, and hold Customer and its Affiliates harmless from third-party claims that PacketFabric’s Service(s) infringe the intellectual property rights of a third-party. If PacketFabric reasonably believes that a claim under this Section may bar or materially impair Customer’s use of the Service(s), PacketFabric will seek to: (i) obtain the right for Customer to keep using the Service(s); or (ii) modify or replace the Service(s) with a functional equivalent and notify Customer to stop use of the prior version of the Service(s). If these options are not commercially reasonable, PacketFabric may terminate the Service(s) and then refund any advance payments under the applicable Order. The infringement indemnity set forth in this Section states PacketFabric’s entire liability and obligation and Customer’s sole remedy for any claim of infringement of the intellectual property rights of a third-party. The foregoing indemnity does not apply to the extent the claim arises out of any modification of any Services provided by PacketFabric, relates to services or materials provided by a third-party, or is caused, or contributed to, by Customer. Customer agrees to defend, indemnify, and hold PacketFabric harmless from and against any and all damages that a court may award against PacketFabric in any suit that alleges that a Service infringes any intellectual property rights of a third-party due to any of the exceptions in the preceding sentence caused by the Customer or its Users. Customer will give PacketFabric prompt notice of third-party claims against Customer or its Affiliates, and cooperate in the investigation, settlement, and defense of such claims.

6. PORTAL.

PacketFabric provides Customer a license to use PacketFabric’s proprietary platform to electronically perform various administrative functions relating to the Services (“Portal”). Customer may designate which Users are allowed to perform which functions, via various access levels and permissions on the Portal account. Customer acknowledges that Users it authorizes to make modifications or add Services via the Portal may place Orders via the Portal which will impact Customer’s MRC. PacketFabric will provide a confirmation receipt for any modified or additional Orders for Services placed via the Portal. Customer is solely responsible for establishing and maintaining the security and confidentiality of its usernames, passwords, and other security data. Customer agrees to immediately notify PacketFabric if there is any unauthorized use of Customer passwords or other security data, or any use inconsistent with the terms of the Agreement. PacketFabric may change or discontinue any application program interface (“API”) for the Services from time to time but will use commercially reasonable efforts to continue supporting the previous version of any API changed. PacketFabric reserves the right to temporarily deactivate Customer’s access to the Portal in the event no activity has been logged for at least six (6) months; in the event Customer wants access, PacketFabric will reactivate the account with new logins.

7. SUSPENSION OF SERVICE.

7.1 Immediate and Temporary Suspension. In the event that Customer’s use of the Service (i) poses an immediate and severe security risk to the Services or any third-party, (ii) could subject PacketFabric, its Affiliates, or any third-party to immediate liability, or (iii) in PacketFabric’s reasonable judgement, could be fraudulent, PacketFabric may suspend Customer’s access to or use of all or any portion or all of the applicable Service(s) immediately upon notice to Customer. PacketFabric will remove the suspension promptly after the cause(s) of the suspension have been removed.

7.2 Suspension if Customer fails to Cure Default. PacketFabric may suspend Customer’s access to or use of all or any portion of the applicable Service(s) upon notice to Customer in accordance with the Agreement, and Customer’s failure to cure within the required period if: (i) Customer is in breach of the Agreement; or (ii) Customer has ceased to operate in the ordinary course, made an assignment for the benefit of creditors or similar disposition of its assets, or become the subject of any bankruptcy, reorganization, liquidation, dissolution or similar proceeding. If PacketFabric suspends Customer’s right to access or use any portion or all of the Services, (a) Customer remains responsible for all fees and charges incurred during the period of suspension; and (b) Customer will not be entitled to any service credits under the applicable SLA for any period of suspension. PacketFabric will remove the suspension promptly after the cause(s) of the suspension have been removed.

8. DEFAULT AND TERMINATION.

If a Party commits a material breach of the Agreement and does not remedy the breach within 30 days of receiving a written notice to do so (15 days in the event of a non-payment breach), then the other Party may terminate the Agreement. In the event PacketFabric terminates the Agreement due to Customer’s uncured breach, PacketFabric reserves the right to assess an early termination charge calculated in accordance with the applicable Service addendum.

9. WARRANTIES; LIMITATION OF LIABILITY.

9.1 PACKETFABRIC MAKES NO EXPRESS OR IMPLIED WARRANTIES AS TO ANY SERVICE PROVISIONED OR PRODUCT DELIVERED HEREUNDER. PACKETFABRIC SPECIFICALLY DISCLAIMS ALL IMPLIED WARRANTIES, INCLUDING WITHOUT LIMITATION, IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE, NON-INFRINGEMENT OF THIRD-PARTY RIGHTS, PERFORMANCE, OR INTEROPERABILITY OF THE SERVICE WITH ANY CUSTOMER-PROVIDED EQUIPMENT, AND ANY WARRANTIES ARISING OUT OF ANY COURSE OF DEALING OR USAGE OF TRADE.

9.2 IIN NO EVENT WILL EITHER PARTY OR ITS AFFILIATES BE LIABLE FOR ANY INDIRECT, CONSEQUENTIAL, INCIDENTAL, SPECIAL, PUNITIVE, OR EXEMPLARY DAMAGES, ANY LOSS OF REVENUE, PROFITS (EXCLUDING FEES UNDER THIS AGREEMENT), SALES, DATA, DATA USE, GOODWILL, OR REPUTATION, OR COST OF PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES.

9.3 IN NO EVENT SHALL THE AGGREGATE LIABILITY OF EITHER PARTY, NOR ITS AFFILIATES, ARISING OUT OF OR RELATED TO THIS AGREEMENT, WHETHER IN CONTRACT, TORT, OR OTHERWISE, EXCEED THE TOTAL AMOUNTS ACTUALLY PAID BY CUSTOMER FOR THE SERVICES GIVING RISE TO THE LIABILITY DURING THE TWELVE (12) MONTHS IMMEDIATELY PRECEDING THE EVENT GIVING RISE TO SUCH LIABILITY. THIS LIMITATION PROVIDED IN THIS SECTION DOES NOT APPLY TO EITHER PARTY’S INDEMNITY OBLIGATIONS, BREACH OF CONFIDENTIALITY, NOR BE INTERPRETED TO REDUCE CUSTOMER’S OBLIGATION TO PAY THE FEES UNDER AN ORDER.

9.4 THE LIMITATIONS IN THIS SECTION APPLY ONLY TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW AND SHALL SURVIVE FAILURE OF THE ESSENTIAL PURPOSE OF ANY REMEDIES PROVIDED IN THE AGREEMENT. Each Party shall use commercially reasonable efforts to mitigate any damages for which the other Party may be liable under the Agreement.

GENERAL TERMS.

10.1 Confidential Information. Each Party must treat as confidential information: (a) the terms of the Agreement; and (b) all information provided by the other Party in relation to the Agreement, including PacketFabric’s technical, operational, billing, pricing, and commercial information in relation to the supply of Services. A Party must not disclose the other Party’s confidential information to any person except: (a) to its Affiliates and its and their respective employees, officers, directors, representatives and professional advisors on a ‘need to know’ basis provided those persons first agree to observe the confidentiality of the information; (b) with the other Party’s prior written consent; (c) if required by applicable law, any regulatory authority or stock exchange; or d) if the confidential information is independently developed by the receiving Party, is lawfully received by the receiving Party free of any obligation to keep it confidential or is in the public domain, other than by a breach of this Section, Customer acknowledges and agrees that PacketFabric may disclose Customer’s confidential information to third parties as necessary to provide the Services, which may also involve PacketFabric disclosing, transferring, storing and making Customer’s confidential information accessible outside the United States, subject to and in accordance with applicable law.

10.2 Notices. Legal notices or requests for written consent shall be in writing and delivered by hand, courier, overnight delivery service, electronic mail, or registered or certified mail return receipt requested. Any such notice shall be deemed given when received or refused and shall be sent to PacketFabric at 9920 Jefferson Blvd., Culver City, CA 90232 Attn: Legal Department; with an e-mail copy (not official notice) to: legal@packetfabric.com. For notice to Customer, the notice address shall be that address, or email address, specified by Customer in the Portal.

10.3 Modifications. PacketFabric may modify its policies referenced and attached to the Agreement at any time by posting a revised version on the legal information section of the Portal or by notifying Customer in accordance with subsection 10.2. Modified terms that are required by law will be effective immediately and by continuing to use the Services Customer will be bound by such modified terms. All other modified terms will only be effective upon renewal (including automatic renewal) of an existing Order or placement of a new Order. If the Services are to be provided in a jurisdiction where, in order for the Order to be enforceable or consistent with local law or operational practice, additional terms must be added to the Agreement or existing terms amended, those additional or amended terms will be set out in an addendum to the Agreement. Except as set forth in the preceding sentences of this Section, any amendment must be in writing, signed by both Parties, and expressly state that it is amending the Agreement.

10.4 Assignment. The Agreement shall be binding on the Parties and their respective Affiliates, successors, and assigns. Either Party may assign the Agreement upon written notice, without the other Party’s prior written consent: (a) in connection with the sale of all or substantially all of its assets; (b) to the surviving entity in any merger or consolidation; or (c) to an Affiliate. Any other assignment will require the prior written consent of the other Party.

10.5 Severability. If any part of the Agreement is held unenforceable, the rest remains in full force and effect.

10.6 Waiver. Failure to enforce any provision of the Agreement will not constitute a waiver.

10.7 No agency. Customer and PacketFabric are independent contractors. This Agreement does not create an agency, partnership, or joint venture.

10.8 No third-party beneficiaries. There are no third-party beneficiaries to the Agreement.

10.9 Remedies cumulative. Except with respect to rights and remedies expressly declared to be exclusive in the Agreement, the rights and remedies of the Parties are cumulative hereunder and are in addition to and not a substitute for all other remedies contained in the Agreement or as otherwise available at law or in equity.

10.10 Applicable law and venue. This Agreement is governed by and shall be construed in accordance with the laws of the state of New York (except that body of law controlling conflict of laws) and the United Nations Convention on the International Sale of Goods will not apply. Any suit or proceeding arising out of or relating to the Agreement will be brought in the applicable federal or state court located in the county of New York, state of New York, and each Party irrevocably submits to the jurisdiction and venue of such courts.

10.11 Import and Export Restrictions. The Parties acknowledge that the Services may be subject to import, export and re-export controls under the U.S. Export Administration Regulations and certain regulations under the Office of Foreign Assets Control of the U.S. Department of Commerce and regulations of other countries or governments. Neither Party shall export or re-export any Services, software, technical data or intellectual property, or undertake any transaction in violation of any such export and import laws, and each Party shall be responsible for its compliance with all such laws.

10.12 Publicity; Use of Name and Marks. Neither Party will issue any press releases or announcements, or any marketing, advertising, or other promotional materials, related to the Agreement without the prior written approval of the other Party. Neither Party will use the name or marks of the other Party or any of its Affiliates for any purpose without the other Party’s prior written consent. Notwithstanding this Section, either Party may use the other Party’s name and logo to list the other Party as a vendor or customer, as the case may be, on a Party’s websites or other marketing collateral listing other customers or vendors, as the case may be. Any such permitted use shall comply with any applicable usage guidelines that are published or made available by the other Party upon request and shall not be considered an endorsement.

10.13 Entire Agreement. These T&Cs supersedes all prior or contemporaneous representations, understandings, agreements, or communications between the Parties, whether written or verbal, regarding the subject matter of these T&Cs.

10.14 Survival. The expiration or termination of the Agreement shall not relieve either Party of those obligations that by their nature are intended to survive, including, without limitation, confidentiality, indemnification, limitation of liability, payment, and governing law/venue.

10.15 Force Majeure. Neither Party will be liable for any failure in performance due to causes beyond its reasonable control (such as fire, explosion, power blackout, earthquake, flood, severe storms, strike, embargo, labor disputes, acts of civil or military authority, war, terrorism (including cyber terrorism), acts of God, acts or omissions of Internet traffic carriers, actions or omissions of regulatory or governmental bodies (including the passage of laws or regulations or other acts of government that impact the delivery of Services).

10.16 Translation. Any local language translation (where applicable) exists for reference purposes only, and only the English version will be legally binding. If there is any inconsistency between the two versions, the English version shall control. All communications and notices to be made or given pursuant to the Agreement must be in the English language.

10.17 Order of Precedence/Construction. To the extent reasonably feasible, the provisions of these T&Cs, the applicable addendum, and the provisions of any Order shall be read together and interpreted so as to avoid any conflict between them. In the event of a conflict, precedence will be given to the Order, but solely with respect to the Services covered by that Order.

11. Definitions.

The use of the word “include” will mean “includes but is not limited to.” The singular use of words will include the plural use and vice versa.

Acceptable Use Policy” means the policy that is attached to an incorporated into these T&Cs as Exhibit 2.

Affiliates” means any entity that directly or indirectly Controls, is Controlled by, or is under common Control with a Party. As used in this definition, “Control” means control of greater than fifty percent of the voting rights or equity interests of a Party.

Billing Start Date” means the date the Service is available for Customer’s use, which is the date PacketFabric may commence charging Customer for the Service. It also denotes the commencement of the Service Term.

Data Protection Exhibit” means the policy which governs PacketFabric’s access to, protection of, and overall governance of Customer’s Data as well as any information Customer populates in the Portal, which is attached to an incorporated into the applicable Service’s addendum.

Intellectual Property Rights” means current and future worldwide rights under patent law, copyright law, trade secret law, trademark law, moral rights law, and other similar rights.

Taxes” means taxes, levies, imposts, duties, excise and charges, deductions or withholdings, however described, imposed by law or a government authority or agency, including but not limited to any foreign federal, state or local tax authority, the Federal Communications Commission (including the Universal Service Fund), state public utilities commissions, and the Universal Service Administrative Company, and additionally including any related interest, penalties, fines or other charges or expenses, but excluding income tax or capital gains tax.

User” means anyone, including a Customer Affiliate, end user, agent of the Customer, or any other person or entity who uses or accesses any Service purchased by Customer under the Agreement, including accessing Customer’s account on the Portal.

Exhibit 1

Foreign Addenda

Australia – For those Services in Australia, the following terms and conditions apply (“Australia Addendum”). In the event of a conflict between the terms contained in this Agreement and the Australia Addendum, the Australia Addendum shall control.

Section 10.10 Applicable law and venue. Shall be deleted in its entirety and replaced with the following: “This Agreement shall be governed in all respects by the laws of New South Wales, Australia without regard to its conflict of laws provisions. The Parties each irrevocably submit to the exclusive jurisdiction of the courts of New South Wales, Australia. English language shall be the applicable language and translation of the Agreement.”


Canada – For those Services in Canada, the following terms and conditions apply (“Canada Addendum”). In the event of a conflict between the terms contained in this Agreement and the Canada Addendum, the Canada Addendum shall control.

Section 10.10 Applicable law and venue. Shall be deleted in its entirety and replaced with the following: “This Agreement shall be governed in all respects by the laws of Province of Ontario, Canada without regard to its conflict of law provisions. The Parties each irrevocably agree to the exclusive jurisdiction of the courts of Province of Ontario, Canada. English language shall be the applicable language and translation of the Agreement.”


France – For those Services in France, the following terms and conditions apply (“France Addendum”). In the event of a conflict between the terms contained in this Agreement and the France Addendum, the France Addendum shall control.

Section 2.2 Late Payments – shall be deleted in its entirety and replaced with the following: “If Customer does not pay all undisputed amounts by the due date, PacketFabric may charge Customer a sum of Forty Euros (€40) for each overdue invoice in compliance with the provisions of article L. 441-6 du Code de Commerce.”

Section 7.2 of the Agreement shall be amended to remove PacketFabric’s right to suspend the Service if Customer enters into a bankruptcy proceeding to the extent such suspension is not allowed under French law.

Section 9.2 of the Agreement shall be amended to remove the reference to “in-direct” damages, “exemplary” and “punitive” damages.

Section 9.3 of the Agreement shall be repealed and replaced with: “IN NO EVENT SHALL THE AGGREGATE LIABILITY OF EITHER PARTY, NOR ITS AFFILIATES, ARISING OUT OF OR RELATED TO THESE TERMS AND CONDITIONS, WHETHER IN CONTRACT, TORT, OR OTHERWISE, EXCEED THE TOTAL AMOUNTS ACTUALLY PAID BY CUSTOMER FOR THE SERVICES GIVING RISE TO THE LIABILITY DURING THE TWELVE (12) MONTHS IMMEDIATELY PRECEDING THE EVENT GIVING RISE TO SUCH LIABILITY. THIS LIMITATION PROVIDED IN THIS SECTION DOES NOT APPLY TO EITHER PARTY’S INDEMNITY OBLIGATIONS, DAMAGE CAUSED BY PHYSICAL INJURY, WILLFUL MISCONDUCT, GROSS NEGLIGENCE, NOR THE CUSTOMER’S OBLIGATION TO PAY THE FEES UNDER AN ORDER. NOTHING IN THIS ARTICLE SHALL LIMIT OR EXCLUDE LIABILITY TO THE EXTENT SUCH LIABILITY CANNOT BE LIMITED OR EXCLUDED UNDER APPLICABLE LAW.

Section 10.10 Applicable law and venue. Shall be deleted in its entirety and replaced with the following: “This Agreement shall be governed in all respects by the laws of France. The Parties each irrevocably submit to the exclusive jurisdiction of the Commercial Courts in Paris. English language shall be the applicable language and translation of the Agreement.”

Section 10.18 Articles 1195 and 1194 – shall be added to this Agreement and state: “Each Party hereby acknowledges and agrees that the provisions of articles 1195 and 1194 of the French Civil Code shall not apply to either Party’s obligations under or arising from this Agreement and that neither Party shall be entitled to make any claim under articles 1194 and 1195, specifically in relation to no hardship caused by a change of circumstances that the Parties cannot anticipate at the date of signature of this Agreement.

Exhibit 2 – SLA – shall be amended to remove the statement that an SLA Credit is Customer’s sole and exclusive remedy if PacketFabric fails to meet the service level thresholds in the SLA. When an SLA Credit is applicable, such SLA Credit shall be deducted from all limitations of PacketFabric’s liability in this Agreement for any and all claims and causes of action, regardless of whether in contract, tort, strict liability or other theory.


Germany – For those Services provided in Germany, the following shall apply and govern Customer’s use of the Services (“Germany Addendum”). In the event of a conflict between the terms contained in this Agreement and the Germany Addendum, the Germany Addendum shall control.

Section 2.5 shall be added to this Agreement and states: “Customer shall not be entitled to set off any claim it may have against PacketFabric, whether under this Agreement or otherwise, against any claim by PacketFabric for any payments under this Agreement unless the Customer’s claim has become final (rechtskräftig) or is undisputed, and the same shall apply to the exercise of withholding rights (Zurűckbehaltungsrechte).”

Section 9.5 shall include the following language as a last sentence in the Section: “Notwithstanding any provision of this Agreement to the contrary, nothing in this Agreement excludes or limits or purports to exclude or limit the liability of PacketFabric for: (a) willful misconduct or gross negligence; or (b) any liability under the Product Liability Act, for which PacketFabric’s liability shall be in accordance with statutory provisions.”

Section 10.10 Applicable law and venue. Shall be deleted in its entirety and replaced with the following: “This Agreement shall be governed in all respects by the laws of the Federal Republic of Germany. The Parties each irrevocably submit to the exclusive jurisdiction of the Courts of Frankfurt am Main. English language shall be the applicable language and translation of the Agreement.”


Netherlands (Dutch law) – For those Services provided in the Netherlands, the following shall apply and govern Customer’s use of the Services (“Dutch Addendum”). In the event of a conflict between the terms contained in this Agreement and the Dutch Addendum, the Dutch Addendum shall control.

Section 1.4 Automatic renewal of orders – Shall be deleted in its entirety and replaced with the following: “Every Order will contain a period for which the Customer agrees to pay for the associated Service for the delineated duration (“Service Term”). A Service Term is Service specific, and therefore an Order may contain multiple different Service Terms. The Service Term commences on the Billing Start Date for the Service and continues for the duration of the Service Term, unless terminated or renewed in accordance with the Agreement. Upon the expiration of the Service Term, each Service will automatically extend on a month-to-month basis at an increase equal to the Price Index for all consumer households rendered by the Central Bureau of Statistics (CBS) when compared against the latest available base of the index.

Section 2.2 Late Payments – shall be deleted in its entirety and replaced with the following: “If Customer does not pay all undisputed amounts by the due date, PacketFabric may charge Customer interest (calculated on a daily basis) on any unpaid amounts at a monthly rate equal to statutory interest for trade agreements, according to Section 6:119a of the Dutch Civil Code (“Burgerlijk Wetboek”).”

Section 9 WARRANTIES: LIMITATION OF LIABILITY – shall be amended to remove any limitation of liability caused due to: 1) a Party’s willful misconduct (opzet) or gross negligence (bewuste roekeloosheid) of either Party’s owners, officers or directors (bedrijfsleiding); 2) any liability under product liability law; or 3) either Party’s action or omission where such limitation or exclusion would be prohibited under Dutch law. For such liability, the Party’s liability shall be in accordance with statutory provisions.

Section 10.10 Applicable law and venue. Shall be deleted in its entirety and replaced with the following: “This Agreement shall be governed in all respects by the laws of the Netherlands. The Parties irrevocably submit to the exclusive jurisdiction of the Courts in Amsterdam.”


United Kingdom – For those Services provided in the United Kingdom, the following shall apply and govern Customer’s use of the Services (“UK Addendum”). In the event of a conflict between the terms contained in this Agreement and the UK Addendum, the UK Addendum shall control.

Section 9.5 shall be added and state: “9.5 Nothing contained in the Agreement shall have the effect of excluding either Party’s liability for death or personal injury, fraud, fraudulent misrepresentation, or any other liability that cannot be excluded by the Parties pursuant to English law.

Section 10.11 Applicable law and venue. Shall be deleted in its entirety and replaced with the following: “This Agreement is governed by and shall be construed in accordance with the laws of England and Wales (except that body of law controlling conflict of laws) and the United Nations Convention on the International Sale of Goods will not apply. Any suit or proceeding arising out of or relating to this Agreement will be brought in the applicable court located in London, England, and each Party irrevocably submits to the jurisdiction and venue of such courts.”

Section 11.1 shall be added and state: “Contracts (Rights of Third Parties) Act 1999. A person or entity who is not a party to either the Agreement or the Order shall not have the rights under the Contracts (Rights of Third Parties) Act 1999 to enforce any term of the Order.”


Exhibit 2
Acceptable Use Policy (“AUP”)

1. NO ILLEGAL USE
The PacketFabric network may be used only for lawful purposes. Transmission, distribution, or storage of any materials in violation of any applicable law, regulation governmental order or decree is prohibited. Customer agrees not to, and not to allow third parties to use the Services: to violate, or encourage the violation of, the legal rights of others; to engage in, promote or encourage illegal activity; for any unlawful, invasive, infringing, defamatory or fraudulent purpose; to intentionally distribute viruses, worms, Trojan horses, corrupted files, hoaxes, or other items of a destructive or deceptive nature; to interfere with the use of the Services, or the equipment used to provide the Services, by customers, authorized resellers, or other authorized users; to generate, distribute, publish or facilitate unsolicited mass email, promotions, advertisings or other solicitations (“spam”); to disable, interfere with or circumvent any aspect of the Services; or to use the Services, or any interfaces provided with the Services, to access any other PacketFabric service in a manner that violates the terms of service of such other PacketFabric service.

2. SYSTEM AND NETWORK SECURITY
Customer may not use the Services to violate or interfere with the security or integrity of any network, computer or communications system, software application, or network or computing device. Customer may not make network connections to any users, hosts, or networks unless Customer have permission to communicate with them.

3. LIMITS ON USE OF SERVICE AND PORTAL – LICENSE RESTRICTIONS.
Customer shall not, and shall not permit its Users, or any third party to:

  • (a) modify, adapt, or create any derivative work of any part of the Portal, SaaS (defined in the Storage Addendum), or software associated with the Service (collectively referred to as “PacketFabric’s Network”), except to the extent permitted in the Agreement, or attempt to recompile, reverse engineer or disassemble PacketFabric’s Network;
  • (b) use any automatic device or program to monitor, copy, or reproduce PacketFabric’s Network or any portion of such; or
  • (c) intentionally interfere with the functionality of PacketFabric’s Network.

ny complaints regarding prohibited use or other abuse of the PacketFabric network, including violations of this AUP, should be sent to AUP@packetfabric.com. Please include all applicable information that will assist PacketFabric in investigating the compliant.

PacketFabric reserves the right, but does not assume the obligation, to investigate any violation of this AUP or misuse of the Services or PacketFabric’s website or Portal. PacketFabric may investigate violations of this AUP or misuse of the Services or PacketFabric site; or remove, disable access to, or modify any content or resource that violates this AUP or any other agreement PacketFabric has with Customer for use of the Services or the PacketFabric website or Portal.

PacketFabric may report any activity that PacketFabric suspect violates any applicable law, regulation governmental order or decree to appropriate law enforcement officials, regulators, or other appropriate third parties. PacketFabric’s reporting may include disclosing appropriate customer information. PacketFabric also may cooperate with appropriate law enforcement agencies, regulators, or other appropriate third parties to help with the investigation and prosecution of illegal conduct by providing network and systems information related to alleged violations of this AUP.

Changes to our Acceptable Use Policy:
PacketFabric reserves the right to modify this AUP at any time. Any material changes to this AUP will be provided to Customer in writing in accordance with the Agreement. All information submitted through the website or Portal to PacketFabric is subject to the terms and conditions of this AUP, as amended. It is Customer’s responsibility to request changes or deletions to its User’s personal information.

Contact Information:

Please direct any questions or comments regarding this AUP to AUP@packetfabric.com or to PacketFabric, Inc., Attn: Legal Department, 9920 Jefferson Blvd, Culver City, CA 90232.


Transmission Services Addendum to PacketFabric’s T&Cs

This Transmission Services Addendum (“Transmission Addendum”) is subject to, and made a part of, that certain T&Cs entered into between the undersigned Parties. The terms and conditions of the T&Cs apply to all Services delivered by PacketFabric to Customer. In the event of an express conflict between this Transmission Addendum and the T&Cs, this Transmission Addendum shall control. Any term used but not defined herein shall have the meaning provided in the T&Cs.

1. Services. The terms and conditions of this Transmission Addendum apply only to Cloud Router Service, Core Services, Transporter, and Type 2 Services. “Cloud Router Service” is a Border Gateway Protocol (BGP) enabled, distributed, layer 3 routing service which provides Customer with any to any connectivity between: i) all major cloud service providers, via a direct, private connectivity service (not the Internet), ii) Core Services, or iii) any remote Internet-attached device. “Core Services” means a physical port on equipment owned by PacketFabric, or a virtual circuit, that provides direct connectivity to Customer’s equipment and does not include any ancillary Type 2 Services. “Transporter” is a cloud-to-cloud data transmission service allowing Customer to move large objects from one cloud service provider to another cloud service provider via a fully integrated API connection between two cloud service providers. “Type 2 Services” means services procured by PacketFabric from a third-party service provider on Customer’s behalf, including, for example, local access services from a Customer’s premise location to a PacketFabric point-of-presence (POP), cross-connects within a data center, or other network service provider offers integrated into the Portal.

2. Addendum Term. The term for this Transmission Addendum shall commence on the Effective Date and continue until the Service Term for the last Order expires, unless otherwise terminated to by the Parties.

3. Provisioning of Services, other than Type 2 Services. Upon full execution of the Order, Customer is responsible for activating its account in the Portal in order to receive the Services. Customer may need to obtain cross-connect services from the data center provider in order to make use of the Services. The ordering, payment, and disconnection of cross-connects is Customer’s responsibility and will not alter the Billing Start Date for the Services. The Billing Start Date for is the date the Services are available for Customer’s use.

4. Provisioning of Type 2 Services. Delivery of Type 2 Services is dependent on the underlying provider; PacketFabric will work with Customer and the underlying provider to coordinate desired delivery timelines but is not responsible for any delays caused by the underlying provider. Where an Order also includes Type 2 Services, the Billing Start Date for any Services dependent on Type 2 Services will be the same date as the associated Type 2 Services. The Billing Start Date for Type 2 Services is the date the Services are available for Customer’s use.

5. Service Level Agreement (“SLA”). PacketFabric will provide all the Services in this Addendum, other than the Type 2 Services, in accordance with the SLA, which is attached to and incorporated herein as Exhibit 2. PACKETFABRIC MAKES NO GUARANTEE THAT ANY SERVICE WILL BE ERROR-FREE OR UNINTERRUPTED. As such, Customer’s sole and exclusive remedy for any Service Outage shall be the SLA Credits provided in Exhibit 2.

6. Customer Data. All of the Service provided in this Transmission Addendum involve Ethernet transmission of Customer’s Data. In order for Customer’s Data to be transmitted to a recipient, it must contain routing instructions such as IP addresses and packet header information which PacketFabric’s system uses to create a communication channel between the sender and the recipient of such Customer’s Data. PacketFabric does not access Customer’s Data, nor does it utilize technology to intercept, record or capture Customer’s Data. The Customer’s routing instructions used to route the Customer’s Data is deleted immediately after the communication channel between the sender and recipient is terminated. Given that PacketFabric does not have access to Customer’s Data, Customer is solely responsible for its content, protection, and encryption. PacketFabric does not assume any obligations with respect to Customer’s Data other than as expressly set forth in this Transmission Addendum or the Agreement or as required by applicable law.

7. Customer’s Personal Information. As provided in the T&Cs, PacketFabric offers Customer the ability to manage and order Services via its Portal. Customer’s use of such Portal will require Customer to input Customer’s authorized representatives, contact information, and billing information. If Customer uses the Portal to manage or order Services, PacketFabric will adhere to all security and privacy laws required for such information in accordance with the Data Process Addendum attached to an incorporated into this Transmission Addendum as Exhibit 1.

8. Termination by Customer for Convenience. Customer may terminate a Service for convenience at any time during its Service Term, subject to the early termination charge, if any, specified below; however, Customer must pay all amounts due and owing before the termination is effective. When requesting to disconnect a Service, Customer is responsible for delivering a disconnect completion notice for any and all cross-connects related to that Service; Customer will continue to be charged for the Service until the related cross-connect is disconnected.

8.1 Month-to-Month Order. An Order having a one-month Initial Period, or in month-to-month renewal status, may be terminated or reduced anytime, with 30 days’ notice, without any early termination charge.
8.2 Orders of more than one month. If Customer terminates or reduces the quantities of an Order prior to the end of the Initial Period, Customer shall pay an early termination charge equal to 50% of all MRCs for Core Services for the remainder of the Initial Period, and 100% of all MRCs for Type 2 Services, storage service for the remainder of the Initial Period.

Exhibit 1
Data Processing Addendum

1. Data Processing. PacketFabric does not extract, compile, store, synthesize or analyze any Customer Data which traverses through PacketFabric’s network during Customer’s use of the Service. PacketFabric, however, expressly acknowledges that Customer Data is Confidential Information and exclusively owned by Customer. No title to or ownership of any of Customer Data or other Confidential Information of Customer, is transferred to PacketFabric under this Addendum. PacketFabric represents and warrants to Customer that it will comply, at its sole expense, with all federal, state, and local laws, regulations, codes, executive orders, and other legal requirements, that apply to PacketFabric and the T&Cs, including without limitation all applicable privacy and data security laws.

2. Ownership and Rights in Customer Data. Customer is solely responsible for the content of all Customer Data. Customer will encrypt, secure and maintain all rights in its data. PacketFabric does not assume any obligations with respect to Customer Data other than as expressly set forth in the T&Cs, this Addendum, or as required by applicable law. As a general matter, PacketFabric will not have access to, and will not attempt to have access to, the Customer Data traversing through PacketFabric’s network during Customer’s use of the Service, and therefore will not copy, modify, or disclose the Customer Data, except if required by law.

3. Portal. Although PacketFabric does not have access to the Customer Data which traverses through PacketFabric’s network during Customer’s use of the Service, PacketFabric will have user accounts, contact information, configuration and history data in the event Customer uses PacketFabric’s online Portal (“Customer Account Data”). PacketFabric will use, at a minimum, industry standard encryption, technical and organizational security measures to transfer Customer Account Data in a manner designed to protect the integrity and privacy of Customer Account Data and guard against unlawful or unauthorized access or use.

4. Security of Portal. PacketFabric will maintain sufficient procedures to detect and respond to any unauthorized, access, possession, modification, disclosure, use or other security breaches involving its Portal. PacketFabric will: (a) notify Customer as soon as reasonably practicable, but in no event, more than forty-eight (48) hours after it becomes aware of any actual or reasonably suspected security breaches or unauthorized or attempted access to Customer Data within the Portal or control of PacketFabric; and (b) furnish Customer with all details of the unauthorized or attempted access, possession, disclosure, use or knowledge of such breach. PacketFabric will fully cooperate with Customer in investigating such breach or unauthorized access and preventing the recurrence of any unauthorized or attempted possession, use of the Customer Data. PacketFabric will take all action to identify, mitigate and remediate the effects of such breach and implement any other reasonable and appropriate measures in response to the breach. PacketFabric will also provide Customer with all available information regarding such breach to assist Customer in implementing its information security response program, and if applicable, in notifying its customers. In the event of a breach or threatened breach of this Transmission Addendum by PacketFabric, Customer shall, in addition to any other rights or remedies it may have, be entitled to obtain equitable relief, including an injunction, without the necessity of posting any bond or surety.

5. Privacy and Data Security. In connection with this Addendum, PacketFabric represents, warrants, and covenants that PacketFabric, including without limitation PacketFabric personnel and any authorized subcontractors, will not access nor otherwise process any Personally Identifiable Information. If at any time PacketFabric determines that it has accessed Personally Identifiable Information, or may require access to Personally Identifiable Information in connection with this Addendum, PacketFabric shall: (i) notify Customer immediately in writing; (ii) maintain strict confidentiality and security measures to protect the Personally Identifiable Information; (iii) not disclose the Personally Identifiable Information to any other party; (iv) notify Customer immediately if there is any potential or actual breach of security involving the Personally Identifiable Information; and (v) execute additional privacy and data security contractual terms with Customer and any of its Affiliates as required in Customer’s sole judgment to comply with applicable privacy and data security laws in all relevant jurisdictions, including but not limited to the following, in each case, as amended or supplemented: the Gramm-Leach-Bliley Act (“GLBA”), the Dodd-Frank Act, the Fair Credit Reporting Act, the Equal Credit Opportunity Act, the Truth in Lending Act, the Service members Civil Relief Act, the Telephone Consumer Protection Act, the Fair Debt Collection Practices Act, the CAN-SPAM Act, California Financial Information Privacy Act, the Federal Trade Commission Act, state data breach and data security laws, international data protection and security laws, including but not limited to Directive 95/46/EC of the European Parliament and of the Council and, when effective, the General Data Protection Regulation (the “EU Data Law”), and analogous local, state, federal, and international laws relating to the processing, privacy, usage, protection and security of PII. If, in Customer’s reasonable judgment, the performance of the Services would violate any applicable law, or in the event the Parties are unable to reach agreement on additional contractual terms required by subpart (v) above, Customer may require PacketFabric to immediately suspend the Services. In the event PacketFabric needs to suspend Customer’s use of the Service, such action shall not constitute a default under the T&Cs. In such event, the Parties will use commercially reasonable efforts to implement an alternative method of performing the Services. If an alternative method cannot be reasonably implemented, the T&Cs will be terminated and PacketFabric will refund any fees pre-paid by Customer for Services not performed or not delivered.

  • a. Personally Identifiable Information. As used in this Section, the term “Personally Identified Information” or “PII” means any (a) information that identifies or can be used to identify an individual either alone or in combination with other readily available data; (b) personally identifiable financial or insurance information, including but not limited to “non-public personal information” as that term is defined in GLBA; and (c) any other combination of data that, if compromised, would require notice or reporting under any applicable Privacy Laws.

Exhibit 2
Service Level Agreement (“SLA”)

1. OBJECTIVES

This SLA sets forth the specific terms and conditions of the service level reliability and performance metrics made by PacketFabric in connection with the Service provided by PacketFabric to the Customer pursuant to the signed Order, as well as any remedies which may be available to the Customer should those metrics not be met. Customer understands and acknowledges that the remedies set forth in this SLA are the sole and exclusive remedies with respect to any claim in any way related to or arising from any delay, outage, degradation, or non-compliance of the Service.

2. DEFINITIONS

2.1. “Access Port” is defined as a specific network interface on the PacketFabric network, which is utilized exclusively to connect a specific Customer to the PacketFabric platform.

2.2. “Availability” (or “Available”) is defined as the ability of Customer to pass unerrored data packets across the PacketFabric network between any two specified PacketFabric Access Ports, as measured by PacketFabric, or if applicable, as documented by the report of an issue via Customer Trouble Ticket.

2.3. “Availability Zone” is defined as a specific device or set of devices linked together to behave as one device, within which any Access Ports would share a common failure domain. PacketFabric defines and operates multiple Availability Zones at each location throughout its network, in order to ensure Customer has the opportunity to obtain redundant connections to the PacketFabric network.

2.4. “Cloud Router Service” is defined as a layer 3 routing service that joins 2 or more virtual circuits into a single routing domain enabling IP traffic to be exchanged between them. An individual Cloud Router Service is considered a Non-Diverse Service. The availability is 99.9%.

2.5. “Core Location” is defined as any specific Service Location that is connected via the PacketFabric Core Network to at least two additional Service Locations.

2.6. “Core Network” is defined as the network infrastructure and equipment which is operated by PacketFabric for the purposes of connecting one Core Location to another.

2.7. “Diverse Service” is defined as a Service which utilizes two (2) or more Access Ports, each from a different Availability Zones, at each Service Location where the Service is delivered, as further detailed in Section 3 below.

2.8. “Emergency Maintenance” is a maintenance activity for which normal Scheduled Maintenance notice cannot be given, due to a Service impacting event which requires more immediate attention. To be considered Emergency Maintenance, PacketFabric shall provide at least one (1) hours’ notice prior to any Service interruption.

2.9. “Jitter” is defined as the average variation in latency between successive packets sent between the same endpoints throughout the Service Month.

2.10. “Latency” is defined as the maximum round-trip time required for a data packet to traverse PacketFabric’s Core Network between any two specific endpoints during any five-minute sample period, as averaged throughout the Service Month.

2.11. “Non-Diverse Service” is defined as a Service which is not or cannot be diverse, such as a single Access Port, or a Service which is connected to only a single Access Port or a single Availability Zone within any Service Location where the Service is delivered.

2.12. “Packet Loss” is defined as the ability to successfully deliver some but not all packets between two specific endpoints during a five-minute sample period. Packet Loss is measured as the percentage of packets which could not be successfully delivered relative to the total number of packets for which delivery was attempted, as averaged throughout the Service Month.

2.13. “Percent Availability” is calculated with the formula “A/M*100”, where A is the total number of minutes during the month for which the Service was Available, and M is the total number of minutes in the month.

2.14. “Scheduled Maintenance” is defined as any work PacketFabric performs on the Service for which PacketFabric has provided Customer at least ten (10) days’ prior written notice.

2.15. “Service Location” is defined as any specific location where PacketFabric offers Access Ports for the purposes of providing Service to its customers.

2.16. “Service Month” is defined as the beginning and end dates of Customer’s monthly billing cycle for the Service.

2.17. “Service Outage” or “Outage” is defined as a period of time, measured to the nearest whole minute, for which the Service is not Available.

2.18. “SLA Credit” is defined to be a percentage of discount against the MRC of the affected Service, to be credited to the Customer against the monthly invoice for Service on the next billing cycle following the date on which the Outage occurred. If a single Outage triggers an SLA Credit under multiple SLA measurements (for example, Availability and Packet Loss), the measurement with the largest eligible SLA Credit shall apply.

3. SERVICE DESCRIPTION

PacketFabric’s Service allows Customer to configure and control an on-demand virtual packet-based network, enabling data connectivity between any two or more endpoints in a secure, private, and reliable fashion across PacketFabric’s private software-defined network fabric.

Customer connects to the PacketFabric network via one (1) or more Access Ports, which are utilized to deliver connectivity services. For each Access Port additional services may be purchased, for example, dedicated transport or virtual circuits. For the purposes of this SLA, the Access Port and any additional services which are purchased for the use of the Access Port are considered one Service, and any one individual Access Port is considered a Non-Diverse Service.

Customer may purchase PacketFabric’s Cloud Router Service which is a Layer 3 routing service that joins 2 or more virtual circuits into a single routing domain enabling IP traffic to be exchanged between them. An individual Cloud Router Service is considered a Non-Diverse Service.

Customers may also choose to purchase additional components of Service which connect an Access Port to one (1) or more other Access Ports, which may be either purchased by Customer, or associated with other users or endpoints on the PacketFabric platform. If Customer wishes to enhance the reliability of the Service on the PacketFabric network it may choose to purchase Diverse Services, which must be connected and properly configured to at least two (2) or more Access Ports, each from a different Availability Zone, within each Service Location where Service is provided. Any such properly configured Service is considered a Diverse Service.

For purposes of the Service Level Metrics below, Type 2 Services are excluded from the performance measurements.

4. SERVICE LEVEL METRICS

4.1. Availability

PacketFabric is committed to delivering Availability of at least 99.999% on its Core Network. Furthermore, PacketFabric offers an additional Availability metric for any component of the Service that provides connectivity between two (2) or more Access Ports: the Availability of a Diverse Service is 99.99%, while the Availability of a Non-Diverse Service is 99.9%.

In the event that these performance metrics cannot be met, the following table(s) shall define the amount of SLA credit the Customer is entitled to receive:

Core Network AvailabilityCore Network UnavailabilitySLA Credit
=99.862 <99.999%26 seconds – 1 hour10% of MRC
=99.445 <99.862%1 hours – 4 hours20% of MRC
=98.889 <99.445%4 hours – 8 hours30% of MRC
=98.334 <98.889%8 hours – 12 hours40% of MRC
=96.667 <98.334%12 hours – 24 hours60% of MRC
<96.667%More than 24 hours100% of MRC
AvailabilityService Component UnavailabilityDiverse Service SLA CreditNon-Diverse SLA Credit
=99.901 <99.999%4 minutes – 43 minutes15% of MRC0% of MRC
=99.445 <99.901%43 minutes – 4 hours25% of MRC10% of MRC
=98.889 <99.445%4 hours – 8 hours35% of MRC20% of MRC
=98.334 <98.889%8 hours – 12 hours50% of MRC30% of MRC
=96.667 <98.334%12 hours – 24 hours75% of MRC50% of MRC
<96.667%More than 24 hours100% of MRC100% of MRC

4.2. Latency

PacketFabric is committed to delivering a reliable, low-latency service, with guaranteed and predictable performance. To that end, and to accommodate PacketFabric’s ongoing market expansion, PacketFabric maintains a Round-Trip Latency Metric Table on its website, that is incorporated by reference into this SLA.

In the event that these performance metrics cannot be met, the following table(s) shall define the amount of SLA Credit the Customer is entitled to receive:

Percent of Month Latency Metric ExceededSLA Credit
10%10% of MRC
20%20% of MRC
30%30% of MRC
50%40% of MRC
75%50% of MRC
100%60% of MRC

4.3 Packet Loss

PacketFabric is committed to delivering a reliable, high-performance service, free from unnecessary Packet Loss which could impact Service quality. Network Packet Loss across the PacketFabric Core Network shall be equal to or lower than the corresponding value below.

Monthly Packet Loss MetricValue
North America< 0.1%
Europe< 0.1%
Australia< 0.1%
Trans-Atlantic< 0.1%
Trans-Pacific< 0.1%

In the event that these performance metrics cannot be met, the following table shall define the amount of credit the Customer is entitled to receive:

Percent of Monthly Packet Loss Metric ExceededSLA Credit
10%10% of MRC
25%20% of MRC
50%30% of MRC
75%40% of MRC
100%50% of MRC

*For example, 10% of .1% = .01%.

4.4. Jitter

PacketFabric is committed to delivering a reliable, high-performance service, free from unnecessary jitter which could impact Service quality. Network jitter performance should be equal to or better than the target performance metrics below.

Average Jitter MetricValue
North America< 2ms
Europe< 2ms
Australia< 2ms
Trans-Atlantic< 2ms
Trans-Pacific< 2ms

In the event that these performance metrics cannot be met, the following table shall define the amount of credit the Customer is entitled to receive:

Percent of Monthly Jitter Metric ExceededSLA Credit
10%10% of MRC
25%20% of MRC
50%30% of MRC
75%40% of MRC
100%50% of MRC

*For example, 10% of 2 ms = 0.2 ms.

5. TERMINATION FOR CHRONIC OUTAGES

5.1. For Diverse Services, in the event that Customer experiences three (3) or more Outages affecting the same Service, each lasting for more than thirty (30) minutes during any thirty (30) day period, or more than twenty-four (24) hours in aggregate during the Service Month, Customer may choose to terminate the impacted Services without any further liability to PacketFabric.

5.2. For Non-Diverse Services, in the event that Customer experiences three (3) or more Outages affecting the same Service, each lasting for more than twelve (12) hours during any thirty (30) day period, or more than forty-eight (48) hours in aggregate during the Service Month, Customer may choose to terminate the impacted Services without any further liability to PacketFabric.

5.3. In order to exercise the right to termination under this Section, Customer must notify PacketFabric in writing within thirty (30) days after the event giving rise to the right of termination. Customer shall be deemed to have waived its right to terminate under this Section if it fails to provide the requisite notice of termination within such thirty (30) day period. In the event that Customer exercises this termination option, Customer shall remain obligated to pay for the Service as rendered through the effective date of termination.

6. GENERAL TERMS AND CONDITIONS

To be eligible for an SLA Credit, Customer must notify PacketFabric’s Customer Support, via the Portal or by e-mail to support@packetfabric.com, within 30 calendar days of the SLA failure. PacketFabric reserves the right to investigate and verify all Customer’s claims for SLA Credits based on the terms and conditions specified in this SLA, and, if not granted, will provide a reason for denial (which may be provided by e-mail or the Portal). Customer is not eligible for SLA Credits during any period in which it is in default of the T&Cs, including without limitation, failure to pay undisputed amounts when due.

7. MAINTENANCE

From time to time, PacketFabric will conduct maintenance activities on its network infrastructure. Notification of any such activities will be delivered to the contacts specified in the Portal. It is the Customer’s responsibility to ensure its maintenance contact information is up to date.

7.1. Scheduled Maintenance – All Scheduled Maintenance shall occur between the hours of 12:00 am and 6:00 am in the local time-zone of the maintenance. No more than five (5) Scheduled Maintenance activities shall be conducted on any one Service during a Service Month, and the collective outage time for the Service Month shall not exceed twelve (12) hours.

7.2. Emergency Maintenance – No more than two (2) Emergency Maintenance activities shall be conducted on any one Service during a Service Month, and the collective outage time shall not exceed four (4) hours.

7.3. Other Activities – Any other outage caused by a maintenance activity shall be deemed a Service Outage.

8. EXCLUSIONS AND LIMITATIONS

8.1. The cumulative SLA Credits during any Service Month shall not exceed 100% of the MRC of the affected Service(s).

8.2. SLA Credits will not be issued where the target performance measure is not met as a result of:

  • a) The acts or omissions of Customer, its employees, contractors or agents or its end users;
  • b) The failure or malfunction of any network elements, equipment, applications, services, or systems not owned or controlled by PacketFabric, including without limitation, cross-connects, local loops, or other third-party access services;
  • c) Maintenance periods as permitted under Section 7 above, any other planned activities coordinated with the Customer or requested by Customer, including Customer-requested alterations to the Service;
  • d) The unavailability of required Customer personnel, including as a result of failure to provide PacketFabric with accurate, current contact information;
  • e) Lack of access to the Customer premises where reasonably required in order to restore the Service;
  • f) Customer’s failure to release the Service for testing or repair, and continuing to use the Service on an impaired basis;
  • g) PacketFabric’s termination or suspension of the Service for Customer’s default;
  • h) Customer’s use of the Service in an unauthorized or unlawful manner;
  • i) Customer’s request to keep a trouble ticket open after PacketFabric has confirmed that the Service is Available;
  • j) Force majeure events, as provided in the Customer’s T&Cs with PacketFabric;

The time period associated with any of the foregoing exceptions shall also be excluded from any calculations associated with Chronic Outages.


Storage Services Addendum to PacketFabric’s T&Cs

This Storage Services Addendum (“Storage Addendum”) is subject to, and made a part of, that certain T&Cs entered into between the undersigned Parties. The terms and conditions of the T&Cs apply to all Services delivered by PacketFabric to Customer. In the event of an express conflict between this Storage Addendum and the T&Cs, this Storage Addendum shall control. Any term used but not defined herein shall have the meaning provided in the T&Cs.

1. Services. The terms and conditions of this Storage Addendum apply only to PacketFabric’s “Storage Service” which is a S3 (Amazon Simple Storage Service) compatible object storage repository, an internal replication, and retention system. Additionally, the Storage Service includes user management tools, access interfaces, and billing tools via PacketFabric’s software-as-a-service (“SaaS”) platform. The term “SaaS” shall also include all updates, upgrades, enhancements, accompanying documentation, functionality, and tools provided via the software.

2. Addendum Term. The term for this Service Addendum shall commence on the Effective Date and continue until the Service Term for the last Order expires, unless otherwise terminated to by the Parties.

3. Software Use. Subject to the terms and conditions of the Agreement, Customer is granted a limited, personal, non-transferable, non-exclusive, revokable, and non-sublicensable license of use to the Storage Service during the Service Term. PacketFabric and its licensors shall retain sole and exclusive ownership of the SaaS (and all whole or partial copies thereof), including all intellectual property rights therein. Customer acknowledges that it has and shall acquire no rights therein, other than the limited rights expressly granted under this Storage Addendum.

4. Security and Access. With regard to the Storage Service and those locations where any Customer’s Data is processed by PacketFabric, PacketFabric will maintain and enforce safety, physical and computer system security procedures and safeguards that are at least equal to industry standards for such types of service locations. Additionally, PacketFabric will adhere to the processing (as defined in the GDPR and CCPA) requirements applicable to Customer’s Data and Customer’s personal information input into the SaaS and Portal, as more specifically delineated in the Data Protection Exhibit attached to and incorporated into this Service Addendum as Exhibit B. “CCPA” is the California Consumer Privacy Act of 2018 and “GDPR” is the General Data Protection Regulation (EU) 2016/679.

  • a) Customer acknowledges that PacketFabric exercises no control over the content of the information passing through Customer’s use of the Services. Customer acknowledges that PacketFabric is a passive conduit for the content of its customers, and as such has no control over any such content. With this in mind, Customer acknowledges that, except as required by applicable law, PacketFabric will have no liability hereunder for the content of any materials sent, posted, linked or otherwise communicated by its customers, nor does PacketFabric have the obligation to control or monitor any of the foregoing.

5. Security Incident Reporting. PacketFabric will report to Customer any actual or suspected Security Incident or a suspected event that is believed to be sufficiently plausible to warrant further investigation. “Security Incident” means any actual or suspected unauthorized access to or use of any Customer’s property or Confidential Information. Upon request from Customer, PacketFabric will reasonably cooperate in the investigation of any Security Incident and will produce logs and other documentation from the device(s) which are, or may be, related to a Security Incident. Except as required by Applicable Law, PacketFabric will not disclose to third parties any actual or suspected Security Incident without Customer’s prior written approval.

6. Export Control Restrictions. Customer agrees that its use of the Storage Service shall comply with all export control laws and agrees to indemnify, defend, and hold harmless PacketFabric from any liability, claim, loss or expense suffered or incurred by PacketFabric as a result of a breach of this section.

7. Termination by Customer. Customer understands and agrees that the Storage Service provided pursuant to an Order shall become a non-cancellable, binding obligation for the purchase of the Storage Service for the duration of the Service Term provided in the Order.

8. Service Level Agreement (“SLA”). PACKETFABRIC DOES NOT GUARANTEE THE STORAGE SERVICE WILL BE ERROR-FREE, NOR DOES PACKETFABRIC GUARANTEE THE STORAGE SERVICE WILL NEVER EXPERIENCE UNAVAILABILITY. In the event the Storage Service experiences unavailability PacketFabric will provide Customer with an outage credit as more specifically delineated in the SLA Exhibit attached to and incorporated into this Service Addendum as Exhibit A.


EXHIBIT A
Service Level Agreement


Service Commitment

PacketFabric will use commercially reasonable efforts to make the Storage Service available with a Monthly Uptime Percentage, as described below, during any monthly billing cycle (the “Service Commitment”). In the event Storage Service does not meet the Service Commitment, Customer will be eligible to receive a Service Credit as described below.

Definitions
Other than the capitalized terms specified in the Agreement, the following additional definitions apply to this SLA:

“Error Rate” means the number of Valid Requests that result in a response with HTTP Status 500 and Code “Internal Error” divided by the total number of Valid Requests during that period. Repeated identical requests do not count towards the Error Rate unless they conform to the Back-off Requirements.

“Monthly Uptime Percentage” means 100%, minus the average of Error Rates measured over each period during a monthly billing cycle.

“Service Credit” means the following for the multi-regional storage class of Storage Service:

Monthly Uptime PercentageService Credit
Less than 99.98% but greater than or equal to 99.0%10%
Less than 99.0% but greater than or equal to 95.0%25%
Less than 95.0%50%

“Valid Requests” are requests that conform to the documentation, and that would normally result in a non-error response.

Outages

Customer acknowledge that the Storage Service may be unavailable due to maintenance performed by PacketFabric. Notice of PacketFabric’s scheduled maintenance for the Storage Service (as well as any unscheduled, emergency maintenance, to the extent PacketFabric is able to provide any advance notice) will be provided to Customer via the portal. PacketFabric will endeavour to limit actual maintenance outages to the minimum necessary to provide a consistent and reliable Storage Service to Customer.

Customer Must Request Service Credit

In order to receive any of the Service Credits described above, Customer must notify PacketFabric Support within thirty days from the time Customer becomes eligible to receive a Service Credit. Failure to comply with this requirement will forfeit Customer’s right to receive a Service Credit.

Maximum Service Credit

The aggregate maximum number of Service Credits to be issued by PacketFabric to Customer in a single billing month will not exceed 100% of the amount due by Customer for the applicable the Storage Service for the applicable month. Service Credits will be made in the form of a monetary credit applied to future use of the Storage Service and will be applied within 60 days after the Service Credit was requested.

SLA Exclusions

The SLA does not apply to any:

(a) features or Services designated Alpha or Beta (unless otherwise set forth in the associated Documentation);

(b) features or Services excluded from the SLA (in the associated Documentation);

(c) Errors; or

(d) any unavailability, suspension or termination of the Service:

  • i. caused by factors outside of PacketFabric’s reasonable control including any force majeure event or Internet access or related problems beyond the demarcation point of the Storage Service;
  • ii. that resulted from Customer’s software or hardware or third-party software or hardware, or both;
  • iii. that result from any actions or omissions of Customer or any third party;
  • iv. that result from Customer’s equipment, software or other technology and/or third-party equipment, software or other technology (other than third party equipment within our direct control);
  • v. that result from scheduled or emergency maintenance activities for the Services;
  • vi. arising from our suspension and termination of Customer’s right to use the Service; or
  • vii. that resulted from abuses or other behaviors that violate this SLA or the Agreement.

Periodic pre-scheduled maintenance windows which will typically not impact uptime will not be included in the uptime calculation.


EXHIBIT B
DATA PROTECTION EXHIBIT (“DPA”)

This DPA applies to all activities related to the Agreement and in which employees of PacketFabric or third parties commissioned by PacketFabric may Process Personal Data on behalf of Customer. It contains, in conjunction with the Agreement, the documented instructions for the Processing of Personal Data as well as the subject-matter, duration, nature, purpose of the Processing, and shall govern the rights and obligations of the parties in connection with the Processing of Personal Data.

1. Definitions

1.1 For the purpose of this DPA (i) as the context requires, the reference to “Customer” in this DPA may include its “Users” (as defined in the T&Cs); (ii) “Data Controller” means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of Personal Data; (iii) “Data Processor” means a natural or legal person, public authority, agency or other body which processes Personal Data on behalf of the Data Controller; (iv) “Personal Data” means any information relating to an identified or identifiable natural person (“Data Subject”) or household; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person; (v) “Processing”, “Process”, “Processed” means any operation or set of operations which is performed on Personal Data or on sets of Personal Data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction; (vi) “Sell” means any sharing or disclosure of Personal Data to a third party in exchange for monetary or other valuable consideration.

2. Processing Personal Data on behalf of Customer

2.1 Any Processing of Personal Data by PacketFabric under this DPA shall occur only:
2.1.1 on behalf of Customer; and
2.1.2 in accordance with the Agreement; and
2.1.3 for the purpose of fulfilment of Customer’s instructions.
2.2 Without limiting the generality of Sections 2.1.1 through 2.1.3, PacketFabric agrees that it shall not: (i) Sell the Personal Data; (ii) retain, use, or disclose the Personal Data for any purpose other than for the specific purpose of performing functions under the Agreement, including retaining, using, or disclosing the Personal Data for a commercial purpose other than performing functions under the Agreement; (iii) retain, use, or disclose the Personal Data outside of the direct business relationship between PacketFabric and Customer. PacketFabric hereby certifies that it understands the restrictions set forth in this Section 2.2 and will comply with them.
2.3 Customer’s instructions for the Processing of Personal Data shall comply with applicable data protection laws and regulations. Customer shall have sole responsibility for the legitimacy, adequacy and accuracy of Personal Data and the means by which Customer acquired or collected Personal Data. If PacketFabric considers that an instruction of Customer may violate applicable data protection regulations, it shall notify Customer accordingly without any undue delay. This subsection 2.3 does not create an obligation of PacketFabric to actively monitor Customer’s instructions for legal compliance.
2.4 This DPA and the Agreement are Customer’s complete and final instructions at the time of signature of this DPA to PacketFabric for the Processing of Personal Data. However, such instructions may be amended, supplemented or replaced by Customer in documented form at any time (new instruction). If such new instructions from Customer exceed the scope of the Agreement, they shall be considered as request to amend the Agreement and the Parties shall commence good faith negotiations on this change request.
2.5 If, for any reason, PacketFabric is unable to comply with an agreed instruction, PacketFabric will inform Customer of this fact without undue delay. Customer may then suspend the transfer of Personal Data to PacketFabric, restrict the access to it, request all Personal Data to be returned to Customer and / or terminate the Agreement as per the terms of the Agreement.
2.6 PacketFabric will Process Personal Data as necessary to perform the Storage Services and as further instructed by Customer in its use of the Storage Services.
2.7 PacketFabric will Process Personal Data for the duration of the Agreement, unless otherwise agreed upon in writing or required / allowed by applicable law.
2.8 The categories of data subjects affected by the Processing of Personal Data on behalf of Customer within the scope of this DPA result from the Agreement and in particular from Customer’s individual usage of Storage Services or other technology solutions provided by PacketFabric. The categories of data subjects typically include: employees, agents, advisors, freelancers of Customer (who are natural persons), etc.
2.9 The types of Personal Data affected by the Processing on behalf of Customer within the scope of this DPA result from the Agreement and in particular from Customer’s individual usage of (and input into) the Storage Services or other technology solutions provided by PacketFabric. They typically include: name, contact information (company, title / position, email address, phone number, physical address), connection data, location data, video / call (recordings) data and metadata derived thereof, etc.

3. PacketFabric’s personnel

3.1 PacketFabric shall:
3.1.1 ensure all employees involved in Processing of Personal Data on behalf of Customer have committed themselves to confidentiality in writing or are under an appropriate statutory obligation of confidentiality, are prohibited from Processing Personal Data without authorization and have received appropriate training on their responsibilities; and
3.1.2 appoint in country / global data protection officer, to the extent required by the applicable law, and publish the contact details.

4. Security of processing

4.1 PacketFabric has implemented and shall maintain technical and organizational security measures that are appropriate with respect to the Processing of Personal Data that is undertaken on behalf of Customer. PacketFabric shall ensure a level of security appropriate to the risk of varying likelihood and severity for the rights and freedoms of natural persons and regularly check their abidance.
4.2 PacketFabric shall be entitled to modify its technical and organizational measures as long as an at least equivalent level of security appropriate to the risk of varying likelihood and severity for the rights and freedoms of natural persons is maintained. Additional technical and organizational measures and information concerning such measures may be specified in the Agreement.

5. Sub-processors (sub-contractors) and international Personal Data transfers

5.1 PacketFabric may engage sub-processors (sub-contractors) to Process Personal data on behalf of Customer and shall comply with any applicable data privacy law regarding the engagement of sub-processors (sub-contractors). PacketFabric shall make sure that at least equivalent data protection obligations, as set out in this DPA, are imposed on all sub-processors Processing Personal Data on behalf of European Economic Area or Switzerland (“EEA / CH”) based Customers by way of a contract or other legal act, in particular providing sufficient guarantees to implement appropriate technical and organizational measures.
5.2 Only applicable for EEA / CH based Customers: A list of sub-processors that may be engaged by PacketFabric to Process Personal Data on behalf of EEA / CH based Customers can be requested by emailing legal@PacketFabric.com Any objections of this list of sub-processors shall be sent by e-mail to security@PacketFabric.com (i) referencing the full legal name (and other credentials) of Customer and the affected Agreement, (ii) including the copy of the respective purchase order, and (iii) providing the reason for the objection. If Customer exercises its right to objection, PacketFabric shall at its choice and sole discretion:
5.2.1 refrain from using the objected sub-processor to Process Personal Data on behalf of Customer and confirm this to Customer in writing, or
5.2.2 contact Customer and seek for an agreement on mitigation of the reason for the objection. If an agreement between the parties is reached, Customer shall revoke the objection, or
5.2.3 have the right to terminate the Agreement entirely or only with respect to the Processing on behalf of Customer for which the objected new sub- processor shall be engaged.
5.3 PacketFabric shall comply with any applicable data privacy law regarding international transfers of Personal Data. For any transfer of Personal Data from the EEA / CH to a country outside the EEA / CH the requirements of Chapter V GDPR must be fulfilled.
5.3.1 The transfers of Personal Data between PacketFabric Affiliates shall be governed by PacketFabric’s Binding Corporate Rules. The PacketFabric Binding Corporate Rules (Processor) Policy is available by requesting via email to legal@PacketFabric.com and is incorporated herein by reference.
5.3.2 If PacketFabric transfers Personal Data originating from the EEA / CH to third party sub-processors (i.e., PacketFabric’s sub-contractors that are not PacketFabric Affiliates) located in countries outside the EEA / CH that have not received a binding adequacy decision by the European Commission, such transfers shall be subject to (i) the terms of Standard Contractual Clauses (as per European Commission’s Decision 2010/87/EU); or (ii) other appropriate transfer mechanisms that provide an adequate level of protection in compliance with the GDPR.

6. Requests from Data Subjects

6.1 PacketFabric shall, in accordance with applicable laws, promptly notify Customer if PacketFabric receives a request from Data Subject to exercise his rights, such as: right of access, right to rectification, restriction of Processing, erasure (“right to be forgotten”), data portability, object to the Processing, or right not to be subject to an automated individual decision making, etc. Taking into account the nature of the Processing, PacketFabric shall assist Customer by appropriate technical and organizational measures, insofar as this is possible, for the fulfilment of Customer’s obligation to respond to Data Subject request under applicable data protection laws and regulations, including complying with a Personal Data deletion request if required by law. In addition, to the extent Customer, in its use of the services and / or products and / or other technology solutions provided by PacketFabric, does not have the ability to address Data Subject Request, PacketFabric shall upon Customer’s request assist Customer in responding to such Data Subject request, to the extent PacketFabric is legally permitted to do so and the response to such Data Subject request is required under applicable data protection laws and regulations. To the extent legally permitted, Customer shall be responsible for any costs arising from PacketFabric’s provision of such assistance.

7. Notification and incidents

7.1 PacketFabric shall:
7.1.1 Notify Customer of any breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, Personal Data transmitted, stored or otherwise Processed (“Personal Data Breach“) without undue delay after becoming aware of it;
7.1.2 Promptly provide Customer with full cooperation and assistance in respect of any Personal Data Breach and all information in PacketFabric’s possession concerning the Personal Data Breach, including the following: (i) the possible cause and consequences of the breach; (ii) the categories of Personal Data involved; (iii) a summary of the possible consequences for the relevant Data Subjects; (iv) a summary of the unauthorized recipients of Personal Data; and (v) the measures taken by PacketFabric to mitigate any related risk and / or loss or damage or (potential loss or damage);
7.1.3 Not make any announcement or publish or otherwise authorize any broadcast of any notice or information about a Personal Data Breach (the “Breach Notice“) without the prior written consent from Customer; and prior written approval by Customer of the content, media and timing of the Breach Notice unless such Beach Notice is mandatory under the applicable law.

8. Assistance to Customer

8.1 Upon written request of Customer and subject to reasonable remuneration which shall be subject to a separate agreement, PacketFabric shall assist Customer in ensuring compliance with any obligations applicable to Customer as per Articles 32 (Security of processing) 35 (Data protection impact assessment) and 36 (Prior consultation) GDPR, taking into account the nature of processing and the information available to PacketFabric. To the extent any other applicable data privacy law requires PacketFabric to assist Customer in ensuring compliance with such law, PacketFabric shall provide the mandatory assistance to Customer, subject to a separate agreement.

9. Return and deletion of Customer Personal Data

9.1 Personal Data (including any copy of it) shall not be kept longer than is required for the Processing purposes, unless (i) a longer retention period is required by applicable law or (ii) Customer instructs PacketFabric in writing (a) to keep certain Personal Data longer and PacketFabric agrees to follow such instruction or (b) return or delete certain Personal Data earlier.
9.2 The return of any data storage medium provided by Customer to PacketFabric shall be conducted without undue delay (i) after termination / expiration of the Processing activity or (ii) earlier as instructed by Customer.

10. Audits

10.1 Upon prior written request by Customer PacketFabric shall supply Customer with all information necessary to effectively perform an audit on PacketFabric’s compliance with the terms of this DPA.
10.2 Upon prior written notice and within a reasonable term PacketFabric shall grant Customer access to its data Processing facilities, data files and documentation relevant for the Processing activities during its usual business hours without disturbances to the normal course of operations for the purpose of auditing PacketFabric’s compliance with the terms of this DPA. For clarity purposes PacketFabric is not under an obligation to provide Customer with an access to its systems which Process Personal Data of other PacketFabric’s customers / Customers (Data Controllers). The engagement of a third- party auditor to conduct the audit on behalf of Customer shall be subject to PacketFabric’s prior written consent, which may only be refused on due cause, and to an executed written confidentiality agreement between the third-party auditor, Customer and PacketFabric. Customer will provide PacketFabric any audit report(s) generated in connection with any audit under this Section 10.2. Customer may use the audit report(s) only for the purposes of meeting its regulatory audit requirements and / or confirming compliance with the requirements of this DPA. The audit report(s) shall constitute confidential information of the parties under the terms of the Agreement. This right to audit may be exercised once a year, unless any specific cause requires exceptional further audits.

Last updated: October 27, 2022

Download as PDF