MASTER SERVICES AGREEMENT
Thank you for your interest in the products and services of DigiCert. This Master Services Agreement, together
with any appendices, addenda, Order Forms, schedules, and other terms referenced herein (collectively, the
“Agreement”), is between you and the applicable DigiCert Contracting Party defined in Section 1 (“DigiCert”)
and governs your use of DigiCert’s products and services presented in connection with this Agreement. The
Service Specific Terms are incorporated by reference into this Agreement. If Customer purchases QTSP Services,
Customer understands that any QTSP Services are provided by the Affiliate QTSP of DigiCert in accordance with
the terms of this Agreement.
By accessing or using DigiCert’s Services, by electronically accepting this Agreement via DigiCert’s online
services, or by mutually agreeing to an Order Form with DigiCert in the manner specified in Section 2.1 below
and which Order Form references this Agreement, Customer hereby accepts this Agreement as it relates to
Customer’s use of the Services. If Customer does not agree to the terms of this Agreement (or you do not have
authority to enter into this Agreement on behalf of Customer), then Customer may not purchase or use any
DigiCert Service. This Agreement is effective as of the date Customer first accepted this Agreement (the
“Effective Date”).
WHEREAS, DigiCert is a software company and trusted third-party certification authority that provides digital
trust solutions, including digital certificates (“Certificates”) and other trust products, software, and services
(collectively with the Certificates, the “Services”);
WHEREAS, as part of the Services, DigiCert operates account management interfaces, portals and related APIs
to facilitate the management of Services provided by DigiCert (each, a “Portal”); and
WHEREAS, Customer wishes to purchase, and DigiCert wishes to provide, one or more Services pursuant to the
terms of this Agreement.
NOW THEREFORE, in consideration of the mutual covenants contained herein and good and valuable
consideration which is hereby acknowledged, DigiCert and Customer hereby agree as follows:
1. Definitions. Capitalized terms used in this Agreement but not defined herein have the meanings set
forth below.
1.1. “Affiliate” means any entity that directly or indirectly controls, is controlled by, or is under common
control with a party to this Agreement.
1.2. “Customer” means you and any entity, business, or individual on whose behalf you are accessing or
using Services.
1.3. “Customer Content” means any data, information and other content transmitted by Customer via
the Services to DigiCert.
1.4. “DigiCert Contracting Party” means (i) DigiCert, Inc., a Utah corporation, if Customer’s billing
address is located in the United States, (ii) DigiCert Ireland Limited, if Customer’s billing address is located in
any country other than the United States or Japan, and (iii) DigiCert Japan G.K., if Customer’s billing address is
located in Japan. If Customer changes its billing address to a different country, then Customer agrees that this
Agreement is assigned to the corresponding DigiCert Contracting Party without further action required by
either party.
1.5. “Documentation” means the online documentation and user instructions published by DigiCert to
end users on DigiCert’s website, such as docs.digicert.com, as may be updated by DigiCert from time to time.
Page 2 of 13
1.6. “Feedback” means all suggestions, comments, opinions, code, input, ideas, reports, information,
know-how or other feedback provided by Customer (whether in oral, electronic, or written form) to DigiCert
in connection with Customer’s use of the Services. For purposes of this Agreement, Feedback will not be treated
as Confidential Information or as a trade secret.
1.7. “Legal Repository” means the repository of legal documents applicable to the Services at
https://www.digicert.com/legal-repository/ or https://www.quovadisglobal.com/repository/ (as applicable
for QTSP Services, and as updated from time to time).
1.8. “On-Premises Software” means any software included in the Services that is made available by
DigiCert to Customer for installation on hardware, equipment or devices that are owned or controlled by
Customer or Customer’s personnel, including any updates thereto. For clarity, the On-Premises Software is part
of the Services.
1.9. “Portal API” means the portion of the Portal that constitutes an application programming interface
and that facilitates the integration of the Portal with Customer’s internal systems, as such application
programming interface may be made available by DigiCert under this Agreement.
1.10. “Procuring Party” means a legal entity or business authorized to provide the Services to a
subscriber.
1.11. “QTSP” has the meaning set forth in the Certificate Terms of Use.
1.12. “QTSP Services” means Services issued by DigiCert’s QTSP (whether acting in its capacity as QTSP
or otherwise) or the QTSP of DigiCert’s Affiliates.
1.13. “Service Specific Terms” mean additional terms specific to certain Services as set forth at
www.digicert.com/service-specific-terms, which are incorporated herein to the extent applicable to any
specific Services procured by Customer hereunder (which includes the Certificate Terms of Use with respect to
Customer’s use of any Certificates).
1.14. “Third-Party Content” means information, data, technology, or materials made available to
Customer by any third party that Customer licenses and adds to the Services or directs DigiCert to install in
connection with the Services. Third-Party Content includes but is not limited to Third-Party Extensions, webbased or offline software applications, data service, or content that is provided by third parties.
2. Order Forms; Portal.
2.1. Order Forms. Customer may purchase specific Services from DigiCert by entering into one or more
mutually agreed upon quotes, purchase schedules, purchase orders, or order forms (whether online or
electronic) that set forth the specific Services being procured by Customer under this Agreement, the term when
each such Service is to be provided by DigiCert (the “Service Term”) and the related payment terms for such
Service (each, an “Order Form”). Order Forms are considered “mutually agreed upon” either (i) when executed
by both parties in writing, (ii) when Customer affirms its electronic acceptance of an Order Form that DigiCert
has presented to Customer via electronic means (e.g., at https://www.digicert.com/order), or (iii) when DigiCert
presents Customer with an Order Form and Customer affirms its acceptance by issuing a purchase order.
Customer and DigiCert acknowledge and agree that each Order Form will be governed by and incorporated by
reference into the terms of this Agreement.
2.2. Portal; Portal API. Subject to Customer’s compliance with the terms and conditions of this Agreement,
DigiCert hereby grants Customer permission, during the term of this Agreement, to use the Portal (if, and in the
form made available by DigiCert to Customer) to manage Services to the extent permitted in the Portal. Further,
subject to Customer’s compliance with this Agreement, if Customer has been granted access to the Portal API
Page 3 of 13
by DigiCert, then DigiCert hereby grants to Customer a non-exclusive, non-transferable, non-sublicensable,
revocable, limited license during the term of this Agreement to install, use and make calls to and from such
Portal API solely for the purpose of facilitating Customer’s use of the Portal (and its tools and functionalities)
directly from Customer’s internal systems. DigiCert may throttle any access to the Portal or Portal API if
DigiCert believes a system has initiated excessive connections to DigiCert’s Portals or Portal API or as DigiCert
otherwise deems it necessary to protect DigiCert’s technology systems. DigiCert reserves the right to block an
IP address that has been used to initiate connections that are not related to normal use of services, or as
DigiCert otherwise deems it necessary to protect DigiCert’s technology systems. Examples of non-normal use
connections include, but are not limited to, vulnerability or load/performance scans.
2.3. Portal Accounts. In connection with certain applicable Services, DigiCert will provide the Customer
with accounts to access and use the Portal (the “Portal Accounts”). Customer must maintain security over its
Portal Accounts. Customer assumes liability for any use of its Portal Accounts by individuals obtaining access
credentials from Customer.
2.4. Vendor Entities. DigiCert’s Affiliates may exercise any right or perform any obligation under this
Agreement. For clarity, a DigiCert Affiliate may (i) exercise DigiCert’s billing rights and obligations, and (ii)
execute Order Forms with Customer. If Customer purchases QTSP Services, the QTSP will be responsible to
perform the QTSP Services.
2.5. Purchases for Resale. If Customer purchases Services not for itself, its Affiliates, or their employees or
contractors but for resale, then Customer agrees that such purchases will be governed by the terms of the
Master Partner Agreement, available at https://www.digicert.com/master-partner-agreement (as updated
from time to time), which terms are incorporated herein by reference.
2.6. Purchase through or as a Procuring Party. If Customer purchases or uses the Services through a
Procuring Party, then Customer hereby represents and warrants that Customer has authorized such Procuring
Party to apply for, accept, install, maintain, renew and, if necessary, revoke the Services on Customer’s behalf.
By authorizing a Procuring Party to provide or resell the Services to Customer, Customer hereby affirms its
acceptance of this Agreement as it relates to Customer’s use of the Services. If Customer is accessing or using
the Services on behalf of a business, entity, or individual (as a Procuring Party or otherwise), then: (a) it
represents and warrants that (i) it is an authorized representative of such business, entity, or individual, with
the authority to bind the business, entity, or individual to this Agreement, and (ii) it will comply with and
procure the applicable party’s compliance with this Agreement; and (b) such business, entity, or individual is
the “Customer” hereunder and is legally and financially responsible for access to and use of the Services as well
as for the use of the account by others, including any employees, agents or contractors.
3. Fees.
3.1. Fees. Customer will pay DigiCert the fees for Services provided hereunder pursuant to the latest pricing
posted in the Portal or as set forth in an Order Form. All payments are due and payable either within 30 days of
the date of purchase or such other period, if any, stated in an Order Form. Fees payable hereunder are in
exchange for the provision of Services by DigiCert and are not a royalty or license fee. If Customer submits funds
to its Portal Account that are not connected to an Order Form (i.e., funds not connected to the purchase of
Services with a definite term length), Customer may use such funds to purchase Services within 12 months. If
Customer fails to use all such funds, any remaining funds will be deemed fees earned by DigiCert for Services
provided, and Customer may not use them in connection with any other purchase. If any undisputed invoiced
amount is not received by DigiCert by the due date, then without limiting DigiCert’s rights or remedies, (a) those
charges will accrue late interest at the rate of 1.5% of the outstanding balance per month, or the maximum rate
permitted by law, whichever is lower, (b) DigiCert may accelerate Customer’s unpaid fee obligations so that
they become immediately due and payable, and (c) DigiCert may suspend or limit Customer’s access to the
Portal or Services without notice until full payment is made. Customer must notify DigiCert of any fee disputes
within 30 days of the applicable invoice date or such invoice will be deemed accepted. If Customer has purchased
Page 4 of 13
the Services through a Procuring Party, the payment terms will be those terms established between Customer
and such Procuring Party. If Customer or an applicable Procuring Party does not pay the applicable fees for any
Services extended to Customer, then DigiCert may suspend or limit Customer’s access to the Portal or Services
without notice until full payment is made.
3.2. Taxes. DigiCert may charge, and Customer will pay, all applicable federal, state, or local sales or use
taxes, value added taxes (“VAT”), goods and services taxes (“GST”), and consumption taxes that DigiCert is
legally obligated to charge (“Taxes”). All fees charged by DigiCert are exclusive of any Taxes however imposed,
e.g., VAT, GST, or consumption taxes, unless such Taxes are stated on the invoice DigiCert provides to Customer.
Customer may provide DigiCert an exemption certificate or equivalent information acceptable to the relevant
taxing authority. In such case, DigiCert will not charge or collect the Taxes covered by such exemption certificate.
If the tax status of Customer were to change from tax-exempt to taxable during the term of this Agreement,
Customer shall notify DigiCert of this change within thirty (30) days. If Customer fails to notify DigiCert, then
Customer shall be solely responsible for any unpaid Taxes resulting from fees paid to DigiCert. During the term
of this Agreement, DigiCert will provide Customer with forms, documents, or certifications as may be required
for Customer to satisfy information reporting or withholding tax obligations with respect to payments under
this Agreement. Upon DigiCert’s receipt of Customer’s proof of legally required withholding (which proof must
be acceptable in DigiCert’s sole discretion), Customer may only deduct or withhold any Taxes that DigiCert and
Customer determine Customer is legally obligated to withhold from any amounts payable to DigiCert under this
Agreement. Except as stated in this Section 3.2, Customer may not withhold or offset any amount owed to
DigiCert for any reason.
4. Intellectual Property Rights; Restrictions.
4.1. DigiCert Intellectual Property Rights. DigiCert and its applicable licensors retain, and Customer will not
obtain or claim, any title, interest, or ownership rights in any of DigiCert’s products or services, including all
software associated with the Portal, the On-Premises Software, any other Services, or techniques and ideas
embedded therein; all updates, improvements, enhancements, modifications, copies or derivative works of such
products or services or software provided by DigiCert, regardless of who produced, requested, or suggested the
updates, improvements, enhancements, modifications, copies or derivative works; all Documentation and
marketing material provided by DigiCert to Customer; and all of DigiCert’s copyrights, patent rights, trade
secret rights and other proprietary rights.
4.2. Restrictions. Customer will protect DigiCert’s intellectual property, and the value, good will, and
reputation associated therewith when accessing or using the Services. Customer will not: (i) attempt to
interfere with, or disrupt the operations of, the Services or attempt to gain access to any systems or networks
that connect thereto, except as required to access and use the Portal (including the Portal API) as permitted
hereunder; (ii) re-engineer, reverse engineer, decompile or disassemble any portion of the Services (except
that Customer may decompile the On-Premises Software for the purposes of interoperability only to the extent
permitted by and subject to strict compliance under applicable law); (iii) use, copy, modify, or create derivative
works of the Services for any purpose other than as expressly permitted herein or inconsistent with the uses
contemplated in any Documentation; (iv) transfer, sublicense, rent, lease, sublease, lend, distribute or
otherwise make available the Services to any third party other than as expressly permitted herein; (v) use the
Services in connection with a service bureau, facility management, timeshare, service provider or like activity
whereby Customer operates or uses the Services for the benefit of a third party; (vi) replicate, frame or mirror
the Services; (vii) remove, erase or tamper with any copyright or other proprietary notice encoded or recorded
in the Services; (viii) introduce into the Services any computer virus, malware, software lock or other such
harmful program or data which destroys, erases, damages or otherwise disrupts the normal operation of the
Services or allows for unauthorized access to the Services (“Malicious Code”); (ix) access, or allow another
party to access or use, the Services for any benchmarking purposes or to develop or improve a product or
service that competes with DigiCert; (x) impersonate or misrepresent Customer’s affiliation with any entity;
(xi) scan a DigiCert IP address (including through automated means) without obtaining DigiCert’s prior written
consent; or (xii) encourage or authorize a third party to do any of the foregoing. DigiCert may terminate this
Agreement or Customer’s Portal Accounts, or restrict Customer’s access to the Services, if DigiCert reasonably
Page 5 of 13
believes that Customer is using the Services to post or make accessible any material that infringes DigiCert’s or
any third party’s rights or is in breach of this Agreement. Customer will not use any marketing material or
Documentation that refers to DigiCert or its products or services without receiving written prior approval from
DigiCert, except as may be set forth in any Service Specific Terms.
4.3. Feedback. If Customer provides DigiCert with any Feedback related to the Services, DigiCert, in its sole
discretion, may or may not respond to Feedback or promise to address any Feedback in the development of
future features or functionalities of the Services. In the event DigiCert uses Feedback in any way, Customer
hereby grants DigiCert an unrestricted, perpetual, worldwide, exclusive, transferable, irrevocable,
sublicensable, royalty-free, fully paid-up license to use, copy, modify, create derivative works of, make, have
made, distribute (through multiple tiers of distribution), publicly perform or display, import, export, sell, offer
to sell, rent, or license copies of the Feedback as part of or in connection with any DigiCert product, service
(including the Services), technology, content, material, specification or Documentation. For the avoidance
doubt, Customer will not obtain any title, interest, or ownership right to the Services in connection with any
Feedback.
4.4. Trademark Usage. Customer agrees that DigiCert may use Customer’s name and trademark to perform
its obligations under this Agreement and to indicate that Customer is receiving DigiCert’s Service, provided that
such use would not foreseeably diminish or damage Customer’s rights in any of its trademarks, create a
misrepresentation of the parties’ relationship, or diminish or damage a party’s reputation. Neither party may
register or claim any right in the other party’s trademarks. Customer grants DigiCert the right to use any
trademark of Customer included in the Certificate to the extent necessary to operate such Certificate.
4.5. Customer Content. Customer retains all right, title and interest in and to its Customer Content.
Customer hereby grants to DigiCert and its Affiliates a worldwide, royalty-free, sublicensable, right and license
to host, copy, transmit and display Customer Content as necessary for DigiCert and its Affiliates to provide the
Services in accordance with this Agreement.
5. Additional Terms Applicable to the Services.
5.1. On-Premises Software. If Customer’s use of any Service (or component thereof) includes the use of
DigiCert’s On-Premises Software, then subject to Customer’s compliance with this Agreement and any
restrictions that DigiCert may impose on where such On-Premises Software can be installed, DigiCert hereby
grants to Customer a non-exclusive, non-transferable license to use, reproduce and install a reasonable number
of copies of the On-Premises Software on Customer’s hardware, equipment or devices, solely in connection with
Customer’s use of the Services that the On-Premises Software is provided in connection with. Any updates to
the On-Premises Software provided by DigiCert at its sole discretion shall be subject to any terms and
conditions provided with such updates. If no terms and conditions are provided, then such updates are subject
to this Agreement. Any such updates may affect Customer’s product and may require Customer to make
changes to Customer’s product in order to maintain interoperability.
5.2. Third Party Services. DigiCert may make third-party services and websites (“Third-Party Services”),
including any separately downloadable or accessible add-on, plug-in, module, command, function, playbook,
content, suite or application that extends the features or functionality of the applicable Service, available for
download or access as a convenience to its customers. DigiCert makes no promises or guarantees related to
any Third-Party Service and will not be liable for any such Third-Party Service. Nothing in this Agreement will
be deemed to be a representation or warranty by DigiCert with respect to any Third-Party Service. DigiCert
may, in its reasonable discretion, block or disable access to any Third-Party Service at any time without notice
or liability. Customer’s use of a Third-Party Service is at its own risk and may be subject to additional terms
and conditions applicable to that Third-Party Service (such as license terms of the providers of such ThirdParty Service). In addition, the On-Premises Software may contain third party software programs that are
available under open source or free software licenses, and this Agreement does not alter any rights or
obligations Customer may have under those open source or free software licenses and DigiCert makes no
promises or guarantees related to such third-party software.
Page 6 of 13
5.3. Third Party Content. The Services may contain features or functions that enable interoperation with
Third-Party Content that Customer, in its sole discretion, chooses to use in connection with a Service. Customer
may be required to obtain access to such Third-Party Content from the respective providers, and Customer
may be required to grant DigiCert access to Customer’s accounts with such providers to the extent necessary
for DigiCert to allow the interoperation with the Services. By requesting or allowing DigiCert to enable access
to such Third-Party Content in connection with the Services, Customer represents and warrants that it is
authorized under the provider’s terms to allow such access. If Customer installs or enables (or directs or
otherwise authorizes DigiCert to install or enable) Third-Party Content for use with the Services where the
interoperation includes access by the third-party provider of Customer Content or Customer’s Confidential
Information, Customer hereby authorizes DigiCert to allow the provider of such Third-Party Content to access
Customer Content or Customer’s Confidential Information as necessary for interoperation. Customer agrees
that DigiCert is not responsible or liable for disclosure, modification, or deletion of Customer Content resulting
from access to Customer Content by such Third-Party Content, nor is DigiCert liable for any damages or
downtime that Customer may incur or any impact on Customer’s experience of the Services, directly or
indirectly, as a result of Customer’s use of or reliance on any Third-Party Content, sites or resources.
6. Confidentiality.
6.1. Definition. “Confidential Information” means any information, documentation, system, or process
disclosed by a party or a party’s Affiliate that is: (i) designated as confidential (or a similar designation) at the
time of disclosure; (ii) disclosed in circumstances of confidence; or (iii) understood by the parties, exercising
reasonable business judgment, to be confidential.
6.2. Exclusions. Confidential Information does not include information that: (i) was lawfully known or
received by the receiving party prior to disclosure; (ii) is or becomes part of the public domain other than as a
result of a breach of this Agreement; (iii) was disclosed to the receiving party by a third party, provided such
third party, or any other party from whom such third party receives such information, is not in breach of any
confidentiality obligation in respect to such information; or (iv) is independently developed by the receiving
party as evidenced by independent written materials.
6.3. Obligations. Each party will keep confidential all Confidential Information it receives from the other
party or its Affiliates. Each party will use disclosed Confidential Information only for the purpose of exercising
its rights and fulfilling its obligations under this Agreement and will protect all Confidential Information against
disclosure using a reasonable degree of care. Each party may disclose Confidential Information to its
contractors if the contractor is contractually obligated to confidentiality provisions that are at least as
protective as those contained herein. If a receiving party is compelled by law to disclose Confidential
Information of the disclosing party, the receiving party may disclose such Confidential Information that it is
advised by its legal counsel is legally required, but only after using reasonable efforts to (i) seek confidential
treatment for the Confidential Information, and (ii) send sufficient prior notice to the other party to allow the
other party to seek protective or other court orders and reasonably cooperates with such attempts by the other
party.
6.4. Privacy. Customer acknowledges that it must have a lawful basis to provide certain required
information (or to cause such information to be provided) relating to an identified or identifiable natural person
(“Personal Data”), and that Customer must have a lawful basis to provide, or cause to provide, such Personal
Data, which is necessary for use of the Services (including the Certificates), and which will be processed and used
in accordance with DigiCert’s Privacy Policy available at https://www.digicert.com/digicert-privacy-policy (as
updated from time to time, the “Privacy Policy”). The Privacy Policies applicable to QTSP Services are available
at https://www.quovadisglobal.com/privacy/ (as updated from time to time).
7. Term and Termination.
Page 7 of 13
7.1. Term. This Agreement is effective upon the Effective Date and will remain in effect unless earlier
terminated in accordance with this Agreement.
7.2. Termination. Either party may terminate this Agreement immediately if the other party: (i) materially
breaches this Agreement (including any appendices, addenda, Order Forms, schedules and other terms
referenced herein) and fails to remedy the material breach within thirty (30) days after receiving notice of the
material breach; (ii) engages in illegal or fraudulent activity in connection with this Agreement (or in the case of
termination by DigiCert, Customer engages in an activity that could otherwise materially harm DigiCert’s
business in connection with this Agreement); (iii) has a receiver, trustee, or liquidator appointed over
substantially all of its assets; (iv) has an involuntary bankruptcy proceeding filed against it that is not dismissed
within 30 days of filing; or (v) files a voluntary petition of bankruptcy or reorganization.
7.3. Restrictions on Further Use. Upon expiration or termination of the Agreement: (i) except as otherwise
specified, all other rights and licenses granted herein terminate; (ii) each party will immediately discontinue all
representations or statements that could imply that a relationship exists between DigiCert and Customer; (iii)
each party will continue to comply with the confidentiality requirements in this Agreement; and (iv) Customer
will, within 30 days of the date of termination, pay to DigiCert any fees, or part thereof, still owed as of the date
of termination and destroy or deliver to DigiCert all sales manuals, price lists, literature and other materials
relating to DigiCert.
7.4. Survival. The Service Specific Terms, and any applicable sections herein or appendices that specifically
state they survive termination of this Agreement, will survive expiration or termination of this Agreement until
the applicable Services provided by DigiCert expire or are revoked. In addition, the obligations and
representations of the parties under Section 4.1, Section 4.2, Section 4.3, Section 6 (Confidentiality), Section 7
(Termination), Section 8 (Disclaimers of Warranties, Limitation of Liability, and Indemnification), and Section 9
(Miscellaneous) survive expiration or termination of this Agreement. Customer’s obligation to pay all amounts
owed by Customer to DigiCert survive termination of this Agreement.
8. Disclaimer of Warranties, Limitation of Liability, and Indemnification.
8.1. Warranties.
(i) Each party hereto represents and warrants that (a) such party is duly organized and in good standing
under the laws of its jurisdiction of organization and in each other jurisdiction where such organization or good
standing is required for the performance of this Agreement; (b) such party’s entry into and performance under
this Agreement has been duly approved by all necessary corporate action and does not violate any constituent
instrument of such party; and (c) such party’s entry into and performance under this Agreement does not
violate any law or regulation, judicial or executive order, or contractual commitment by which such party is
bound.
(ii) Except as may otherwise be stated in any Service Specific Terms, DigiCert represents and warrants
solely to Customer: (a) that the Services, when used in accordance with the terms of this Agreement, will
function substantially in accordance with the Documentation that may be provided by DigiCert for such
Services; and (b) that it will perform any professional services associated with the Services in a good and
workmanlike manner and in accordance with generally accepted industry standards.
(iii) Customer represents and warrants: (a) that Customer is solely responsible for its Customer Content,
including without limitation, the security of such Customer Content as it applies to Customer’s control of access
to such Customer Content via the Services; (b) that Customer has the necessary rights and licenses, consents,
permissions, waivers and releases to use its Customer Content and make it available hereunder; and (c) that
Customer Content (1) does not violate, misappropriate or infringe any rights of DigiCert or any third party,
(2) does not constitute defamation, invasion of privacy or publicity, or otherwise violate any rights of any third
party, (3) is not designed for use in any illegal activity or does not promote illegal activities, including, without
Page 8 of 13
limitation, in a manner that might be illegal or harmful to any person or entity; and (4) does not include,
distribute, share, or facilitate the distribution of Malicious Code.
8.2. DISCLAIMERS. OTHER THAN AS PROVIDED IN SECTION 8.1, THE SERVICES, AND ANY RELATED
SOFTWARE (INCLUDING THE PORTAL) ARE PROVIDED “AS IS” AND “AS AVAILABLE” AND TO THE MAXIMUM
EXTENT PERMITTED BY LAW, DIGICERT DISCLAIMS ALL EXPRESS AND IMPLIED WARRANTIES, INCLUDING
WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT.
DIGICERT DOES NOT WARRANT THAT ANY SERVICE OR PRODUCT WILL MEET CUSTOMER’S EXPECTATIONS
OR THAT ACCESS TO THE SERVICES WILL BE TIMELY OR ERROR-FREE. Notwithstanding anything herein to
the contrary, DigiCert does not guarantee the accessibility of any products or services and may modify or
discontinue offering any product or service offering at any time. Customer’s sole remedy for a defect in the
Services or a failure of the Services to function in accordance with the Documentation is for DigiCert to use
commercially reasonable efforts, upon notice of such defect or failure from Customer, to correct the defect or
failure, except that DigiCert has no obligation to correct defects or failures that arise from (i) misuse,
modification or damage of the Services, (ii) combination of the Services with other products and services by
parties other than DigiCert or with any software or hardware not supported by DigiCert, (iii) causes external to
the Services, such as problems with the hardware, network or other infrastructure with which the Services are
used, or (iv) Customer’s breach of any provision of this Agreement.
8.3. Limitation of Liability. This Agreement does not limit a party’s liability for: (i) death or personal injury
resulting from the negligence of a party; (ii) gross negligence or willful misconduct, or (iii) fraud or fraudulent
statements made by a party to the other party in connection with this Agreement. TO THE FULLEST EXTENT
PERMITTED BY APPLICABLE LAW AND NOTWITHSTANDING ANY FAILURE OF ESSENTIAL PURPOSE OF ANY
LIMITED REMEDY OR LIMITATION OF LIABILITY: (A) DIGICERT AND ITS AFFILIATES, SUBSIDIARIES,
OFFICERS, DIRECTORS, EMPLOYEES, AGENTS, PARTNERS AND LICENSORS (THE “DIGICERT ENTITIES”)
WILL NOT BE LIABLE FOR ANY SPECIAL, INDIRECT, INCIDENTAL, CONSEQUENTIAL, OR PUNITIVE DAMAGES
(INCLUDING ANY DAMAGES ARISING FROM LOSS OF USE, LOSS OF DATA, LOST PROFITS, BUSINESS
INTERRUPTION, OR COSTS OF PROCURING SUBSTITUTE SOFTWARE OR SERVICES) ARISING OUT OF OR
RELATING TO THIS AGREEMENT OR THE SUBJECT MATTER HEREOF; AND (B) THE DIGICERT ENTITIES’
TOTAL CUMULATIVE LIABILITY ARISING OUT OF OR RELATING TO THIS AGREEMENT OR THE SUBJECT
MATTER HEREOF WILL NOT EXCEED THE AMOUNTS PAID BY CUSTOMER TO DIGICERT IN THE TWELVE
MONTHS PRIOR TO THE EVENT GIVING RISE TO SUCH LIABILITY, REGARDLESS OF WHETHER SUCH
LIABILITY ARISES FROM CONTRACT, INDEMNIFICATION, WARRANTY, TORT (INCLUDING NEGLIGENCE),
STRICT LIABILITY OR OTHERWISE, AND REGARDLESS OF WHETHER DIGICERT HAS BEEN ADVISED OF THE
POSSIBILITY OF SUCH LOSS OR DAMAGE. NO CLAIM, REGARDLESS OF FORM, WHICH IN ANY WAY ARISES
OUT OF THIS AGREEMENT, MAY BE MADE OR BROUGHT BY CUSTOMER OR CUSTOMER’S REPRESENTATIVES
MORE THAN ONE (1) YEAR AFTER THE BASIS FOR THE CLAIM BECOMES KNOWN TO CUSTOMER.
8.4. DigiCert Indemnity. DigiCert will defend Customer and its permitted Affiliates that use the Services
hereunder (each a “Customer Indemnified Party”) from and against all third party claims and all related
liabilities, damages, and costs, including reasonable attorneys’ fees, arising from a claim that the use of the
Services as permitted under this Agreement infringes or misappropriates a third party’s copyright, patent or
trademark rights in the United States, and will indemnify a Customer Indemnified Party for all reasonable
attorney’s fees incurred and damages and other costs finally awarded against such Customer Indemnified Party
in connection with or as a result of any such claim; provided, however, that DigiCert will have no liability or
obligation under this section if the claim arises from (a) Customer Content; (b) the use or combination of the
Services with any other software or hardware not supported by DigiCert; (c) causes external to the Services,
such as problems with the hardware, network or other infrastructure with which the Services are used; (d)
unauthorized or improper use of the Services; or (e) any modification of the Services by anyone other than
DigiCert. Should the Service become or, in DigiCert’s reasonable opinion is likely to become, the subject of any
third-party claim of infringement, DigiCert may, at its option and expense, either (x) procure for Customer the
right for DigiCert to continue to offer the Services as contemplated by this Agreement; (y) replace or modify
the Services to make its use in accordance with this Agreement non-infringing; or (z) with thirty (30) days’
notice to Customer, terminate this Agreement and refund to Customer any pre-paid, unused fees covering the
Page 9 of 13
remainder of the term after the effective date of termination. This section states DigiCert’s sole liability with
respect to, and Customer’s exclusive remedy against DigiCert or its Affiliates, for any claim that the use of the
Services as permitted under this Agreement infringes or misappropriates a third party’s intellectual property
rights.
8.5. Customer Indemnity. Customer will indemnify, defend and hold harmless DigiCert and DigiCert’s
employees, officers, directors, shareholders, Affiliates, and assigns (each a “DigiCert Indemnified Party”, and
together with the Customer Indemnified Parties, the “Indemnified Parties”) from and against all third party
claims and all related liabilities, damages, and costs, including reasonable attorneys’ fees, arising from (a)
Customer’s breach of this Agreement; (b) Customer’s online properties for which DigiCert provides Services
hereunder, or the technology or content embodied therein or made available through such properties; (c)
DigiCert’s access or use in compliance with this Agreement of any Customer Content or any other information,
systems, data or materials provided by or on behalf of Customer to DigiCert hereunder, (d) Customer’s failure to
protect the authentication mechanisms used to secure the Portal or a Portal Account; (e) Customer’s
modification of a DigiCert product or service or combination of a DigiCert product or service with any product
or service not provided by DigiCert; (f) an allegation that personal injury or property damage was caused by the
fault or negligence of Customer; (g) Customer’s failure to disclose a material fact related to the use or issuance
of the Services; or (h) an allegation that the Customer, or an agent of Customer, used DigiCert’s Services to
infringe on the rights of a third party.
8.6. Indemnity Obligations. An Indemnified Party seeking indemnification under this Agreement must
notify the indemnifying party promptly of any event requiring indemnification. However, an Indemnified Party’s
failure to notify will not relieve the indemnifying party from its indemnification obligations, except to the extent
that the failure to notify materially prejudices the indemnifying party. The indemnifying party may assume the
defense of any proceeding requiring indemnification unless assuming the defense would result in potential
conflicting interests as determined by the Indemnified Party in good faith. An Indemnified Party may, at the
indemnifying party’s expense, defend itself until the indemnifying party’s counsel has initiated a defense of the
Indemnified Party. Even after the indemnifying party assumes the defense, the Indemnified Party may
participate in any proceeding using counsel of its own choice and at its own expense. The indemnifying party
may not settle any proceeding related to this Agreement unless the settlement also includes an unconditional
release of liability for all Indemnified Parties. The indemnifying party’s indemnification obligations hereunder
are not an Indemnified Party’s sole remedy for events giving rise to indemnity by the indemnifying party
hereunder and are in addition to any other remedies an Indemnified Party may have against the indemnifying
party under this Agreement.
8.7. Injunctive Relief. Customer acknowledges that its breach of this Agreement may result in irreparable
harm to DigiCert that cannot adequately be redressed by damages. Accordingly, in addition to any other legal
remedies which may be available, DigiCert may seek and obtain an injunctive order against a breach or
threatened breach of this Agreement by Customer, and without a need to post a bond or similar action.
8.8. Extent. The limitations and obligations in this section apply to the maximum extent permitted by law
and apply regardless of: (i) the reason for or nature of the liability, including tort claims; (ii) the number of
claims of liability; (iii) the extent or nature of the damages; or (iv) whether any other provisions of this
Agreement were breached or proven ineffective.
9. Miscellaneous.
9.1. Force Majeure. Except for Customer’s payment obligations, neither party is liable for any failure or delay
in performing its obligations under this Agreement to the extent that the circumstances causing such failure or
delay are beyond a party’s reasonable control. Customer acknowledges that the Services (including the Portal
and Certificates) are subject to the operation and telecommunication infrastructures of the Internet and the
operation of Customer’s Internet connection services, all of which are beyond DigiCert’s control.
Page 10 of 13
9.2. Entire Agreement. This Agreement, along with all documents referred to herein, including any
applicable Order Form, constitutes the entire agreement between the parties with respect to the subject matter,
superseding all other prior agreements that might exist. The Services are provided only upon the terms and
conditions of this Agreement and the Service Specific Terms, and this Agreement prevails over any conflicting,
additional, or different terms and conditions proposed by Customer in any other documentation. Any terms
and conditions contained in any purchase order, click-through agreement, or other documentation issued by
Customer, before or after the Effective Date, and that may require affirmative acceptance of such terms and
conditions by DigiCert as part of a vendor set-up process or otherwise, are expressly rejected and will have no
effect. Except as otherwise allowed herein, neither party may amend this Agreement unless the amendment is
in writing and signed by the parties. In the event of an inconsistency between documents, the following order
of precedence will apply: (1) this Agreement, (2) Service Specific Terms; (3) other applicable appendices,
addenda, and schedules, and (4) Order Forms, unless the Order Form expressly states that it will take
precedence.
9.3. Amendment. DigiCert may amend: (i) the Service Specific Terms; (ii) the Privacy Policy; and (iii) any
other applicable appendices, addenda and schedules (but for clarity not an Order Form) at any time and will give
notice of any material changes via the Portal, by posting the amended version to the Legal Repository, or by a
means set forth in Section 9.7. If such an amendment materially and adversely affects Customer’s rights herein,
Customer will have the right, as its sole and exclusive remedy in connection with such amendment, to terminate
this Agreement during the 30-day period after DigiCert’s notice of such amendment, by providing written
notice of termination to DigiCert. Customer’s continued use of the Services after 30 days of DigiCert’s notice of
the amendment constitutes Customer’s acceptance of the amendment.
9.4. Waiver. A party’s failure to enforce or delay in enforcing a provision of this Agreement does not waive
the party’s right to enforce the same provision later or the party’s right to enforce any other provision of this
Agreement. A waiver is only effective if in writing and signed by both parties.
9.5. Assignment. Customer may not assign or delegate any of its rights or obligations under this Agreement
without the prior written consent of DigiCert. DigiCert may assign or delegate any of its rights and obligations
under this Agreement without Customer’s consent. Any purported assignment or delegation in violation of this
Agreement is null and void.
9.6. Relationship. DigiCert and Customer are independent contractors and not agents or employees of each
other. Neither party has the power to bind or obligate the other or to make any statements, representations,
warranties or commitments on behalf of the other party. Each party is responsible for its own expenses and
employees. All persons employed by a party will be employees of such party and not of the other party and all
costs and obligations incurred by reason of any such employment will be for the account and expense of such
party.
9.7. Notices. DigiCert will send notices of early termination or breach of this Agreement to Customer by
first class mail to the address listed in the Portal Account, which notices are effective upon receipt. DigiCert will
send all other notices (or if no physical address is provided by Customer, then DigiCert will send all notices
hereunder including notices of early termination or breach of this Agreement) by posting the notice in the
Portal Account or by email via the email address of Customer’s administrator in the Portal Account (or other
alternate email address associated with the Portal Account if provided), or by regular mail. All such notices are
effective when posted in the Portal or when sent to the Portal Account. It is Customer’s responsibility to keep
its email address current. Customer will be deemed to have received any email sent to the email address then
associated with the Portal Account when DigiCert sends the email, regardless of whether Customer receives
the email. Customer will send DigiCert notices in writing by postal mail that is addressed to DigiCert, Inc., Attn:
General Counsel, 2801 North Thanksgiving Way, Suite 500, Lehi, Utah 84043. Notices from Customer are
effective upon receipt. DigiCert may change its address for notice either by providing written (including email)
notice to Customer or by publishing a new address for notice through the Portal.
Page 11 of 13
9.8. Governing Law and Jurisdiction. The (i) laws that govern the interpretation, construction, and
enforcement of this Agreement and all matters, claims or disputes related to it, including tort claims, and (ii) the
courts or arbitration bodies that have exclusive jurisdiction over any of the matters, claims or disputes
contemplated in sub-section (i) above, will each depend on where Customer is domiciled, as set forth in the table
below; provided, for clarity, that rights and obligations arising from applicable local laws continue to be
governed by such laws, including with respect to EU Regulation 910/2014 (eIDAS), the General Data Protection
Regulation (GDPR), and trade compliance laws. In instances where the International Chamber of Commerce is
designated below as the court or arbitration body with exclusive jurisdiction of such matters, claims or disputes,
then the parties hereby agree that (x) all matters, claims or disputes arising out of or in connection with this
Agreement shall be finally settled under the Rules of Arbitration of the International Chamber of Commerce
(“Rules”) by one or more arbitrators appointed in accordance with the Rules, (y) judgment on the award
rendered by such arbitration may be entered in any court having jurisdiction, and (z) this arbitration clause shall
not preclude parties from seeking provisional remedies in aid of arbitration from a court of appropriate
jurisdiction.
Customer is Domiciled in or the
Services are:
Governing Law is laws of: Court or arbitration body with
exclusive jurisdiction:
The United States of America,
Canada, Mexico, Central America,
South America, the Caribbean, or
any other country not otherwise
included in the rest of the table
below
Utah state law and United States
federal law
State and Federal courts located in
Salt Lake County, Utah
Europe, the United Kingdom,
Switzerland, Russia, the Middle
East or Africa
England International Chamber of
Commerce, International Court of
Arbitration, with seat of
arbitration in London
Japan Japan International Chamber of
Commerce, International Court of
Arbitration, with seat of
arbitration in Tokyo
Australia or New Zealand Australia International Chamber of
Commerce, International Court of
Arbitration, with seat of
arbitration in Melbourne
A Country in Asia or the Pacific
region, other than Japan, Australia
or New Zealand
Singapore International Chamber of
Commerce, International Court of
Arbitration, with seat of
arbitration in Singapore
PKIoverheid Certificates The Netherlands International Chamber of
Commerce, International Court of
Arbitration, with seat of
arbitration in Amsterdam
9.9. Dispute Resolution. To the extent permitted by law, before Customer files suit or initiates an
arbitration claim with respect to a dispute involving any aspect of this Agreement, Customer shall notify
DigiCert, and any other party to the dispute for the purpose of seeking business resolution. Both Customer and
DigiCert shall make good faith efforts to resolve such dispute via business discussions. If the dispute is not
resolved within sixty (60) days after the initial notice, then a party may proceed as permitted under applicable
law and as specified under this Agreement.
(i) Arbitration. In the event a dispute is allowed or required under this agreement to be resolved
through arbitration, the parties will maintain the confidential nature of the existence, content, or results of any
Page 12 of 13
arbitration hereunder, except as may be necessary to prepare for or conduct the arbitration hearing on the
merits, or except as may be necessary in connection with a court application for a preliminary remedy, a judicial
confirmation or challenge to an arbitration award or its enforcement, or unless otherwise required by law or
judicial decision.
(ii) Class Action and Jury Trial Waiver. THE PARTIES EXPRESSLY WAIVE THEIR RESPECTIVE RIGHTS TO
A JURY TRIAL FOR THE PURPOSES OF LITIGATING DISPUTES HEREUNDER. Each party agrees that any dispute
must be brought in the respective party’s individual capacity, and not as a plaintiff or class member in any
purported class, collective, representative, multiple plaintiff, or similar proceeding (“Class Action”). The parties
expressly waive any ability to maintain any Class Action in any forum in connection with any dispute. If the
dispute is subject to arbitration, the arbitrator will not have authority to combine or aggregate similar claims
or conduct any Class Action nor make an award to any person or entity not a party to the arbitration. Any claim
that all or part of this Class Action waiver is unenforceable, unconscionable, void, or voidable may be
determined only by a court of competent jurisdiction and not by an arbitrator.
9.10. Compliance with Law. Each party will comply with all applicable laws, including federal, state and local
laws and regulations in connection with its performance under this Agreement. Customer acknowledges that
Services provided or offered under this Agreement may be subject to, and Customer agrees to comply with all
applicable laws in connection with its use of the Services, including all applicable export controls, trade
sanctions, and physical or electronic import laws, advertising laws, privacy laws, regulations, and rules.
DigiCert may suspend performance of any of its obligations under the Agreement, without any prior notice or
cure period and without any liability, if Customer fails to comply with this provision. Customer acknowledges
that it is not located in or a national of Cuba, North Korea, Iran, Syria or the Crimea, Donetsk People’s Republic
or Luhansk People’s Republic Region of Ukraine or any other country or region subject to comprehensive U.S.
economic sanctions or on any United States Government list or other government list of prohibited or restricted
parties for export control or economic sanctions purposes (including lists published by the U.S. Government,
European Union or the United Nations).
9.11. Export Regulation. Customer acknowledges that the On-Premises Software and related technical data
and services (collectively “Controlled Technology”) are subject to the import and export laws of the United
States, specifically the U.S. Export Administration Regulations (EAR), and the laws of any country where
Controlled Technology is imported or re-exported. The export or re-export of the On-Premises Software in
violation of the foregoing laws and regulations is strictly prohibited. The On-Premises Software may be subject
to import, distribution, transfer, or use restrictions for which Customer is solely responsible. The On-Premises
Software is prohibited from export or re-export to Cuba, North Korea, Iran, Syria, the Crimea, Donetsk People’s
Republic, or Luhansk People’s Republic Region of Ukraine, or to any other country or region subject to
comprehensive U.S. economic sanctions or export embargo. Customer shall not, directly or indirectly, facilitate
giving a country, entity or individual sanctioned under U.S. law access to the On-Premises Software. Customer
may not export the On-Premises Software in connection with the use or development of missiles or chemical,
biological, and nuclear weapons. Customer may not export the On-Premises Software to any military entity, or
to any other entity for a military purpose, unless subject to a valid license or license exception.
9.12. US Government Restricted Rights. The On-Premises Software and any other software elements of the
Services is provided with “Restricted Rights”, use, duplication or disclosure thereof by the U.S. Government is
subject to restrictions as set forth in subparagraph (c)(1)(ii) of the Rights in Technical Data and Computer
Software clause at DFARS 252.227-7013 or subparagraphs (c)(1) and (2) of the Commercial Computer Software
- Restricted Rights at 48 CFR 52.227- 19, as applicable (and the successor clauses to any of the foregoing). The
contractor/manufacturer is DigiCert, Inc. All On-Premises Software and other software elements of the Services
provided to the U.S. Government, including its civilian and military agencies, is commercial computer software
that was developed at private expense prior to its provision to any U.S. Government entity. Subject to any
applicable regulations set out in the FAR or DFARS (and any superseding regulations), the On-Premises Software
and other software elements of the Services is provided with the commercial license rights and restrictions
described elsewhere in the Agreement. For Department of Defense agencies, the restrictions set forth in the
Technical Data - Commercial Items clause at DFARS 252.227-7015 (Nov 1995) shall also apply.
Page 13 of 13
9.13. Severability. The invalidity or unenforceability of any provision of this Agreement, as determined by a
court or administrative body of competent jurisdiction, will not affect the validity or enforceability of the
remainder of this Agreement, and the provision affected will be construed so as to be enforceable to the
maximum extent permissible by law.
9.14. Rights of Third Parties. Except as stated in the Service Specific Terms or Section 2.4, no third parties
have any rights or remedies under this Agreement.
9.15. Interpretation. The definitive version of this Agreement is written in English. If this Agreement is
translated into another language and there is a conflict between the English version and the translated version,
the English language version controls.
