Centage Security Policy

Overview

Helping to protect the confidentiality, integrity, and availability of our customers’ data is of the is a key consideration at Centage, as is maintaining customer trust and confidence. We recognize that information security entails end-to-end efforts, spanning application development, system configurations, hosting services, and personnel security. Here are some of the security features Centage has implemented to help protect customer data.

Organization, People, and Processes

Centage manages the security of its information assets according to a defined Information Security framework. Policies are the foundational elements of all standards, procedures, and security practices implemented at Centage.

Centage requires that all Centage staff:

  • Report information security incidents they may become aware of.
  • Comply with all relevant policies, including Centage‚Äôs Acceptable Use policy, which outlines appropriate and safe use of systems, fundamental security controls to protect from attack vectors, strong passwords, device encryption, multi-factor authentication, and anti-malware protections.
  • Undergo background checks as part of candidate screening, and upon starting sign our Acceptable Use and Employee Proprietary Information agreements

Centage follows these organizational processes and technical controls designed to support information security:

  • Least privilege, role-based user management.
  • Change management procedures applicable to system and network configurations, access controls, and application code.
  • Structured approaches to identifying, escalating, and responding to security issues, to ensure consistent and effective incident management.

Product Security

  • Support for single sign-on (SSO) and multi-factor authentication. Centage also supports custom SSO integrations with SAML 2.0 based identity providers.
  • Role-based access controls to limit the data that Centage users can view or edit.

Data Security and Availability

  • Transport layer encryption (SSL/TLS) is implemented for all client-server communication. Versions of TLS and SSL prior to TLS 1.2 are not supported. Customer data is encrypted in transit and at-rest.
  • Centage‚Äôs production environment is physically separate from development and test environments, and production data is never replicated to other environments.
  • For data redundancy, data in the application database is backed up in alternate data centers for disaster recovery purposes daily. Data restoration procedures are tested annually. Backups are retained for 30 days.

Centage Infrastructure

The Centage platform is designed and operated with security top of mind. Security controls are incorporated into Centage’s development and operating processes, and extended to Centage customers to help support their security requirements and priorities.

Monitoring and Logging

Centage generates audit logs for all customer and employee authentication events, and changes to database contents. Continuously managed Web Application Firewall (WAF) screening for known attack vectors and DDOS attacks.

Centage Hardware Infrastructure

Centage is committed to securing its customers’ data.

  • Centage is hosted in the US and Canada on the Amazon Web Services (AWS) infrastructure. All data is stored and processed in the USA, except for Canadian customers whose data is stored and processed in Canada.
  • Centage runs a multi-tenant environment. Production tenants are logically separated from each other.
  • Centage standardizes utilization of approved providers‚Äô built-in security capabilities.

Threat Management

Centage utilizes third party security information and event management tools to continuously monitor its environment . Any identified security issues are correlated, aggregated, and risk-rated for prioritized treatment, following a standards-based approach.

Privacy

Centage takes user privacy seriously and has strict policies to keep your personally identifiable information safe. Visit our privacy policy page for more information.

Conclusion

Want to Learn More? If you have any questions about our security measures or technology, please feel free to reach out to us directly at security@centage.com.

2. Services

2.1 Services and Support.
Centage shall provide the Services and Support on the terms and conditions and subject to the restrictions stated in the Agreement. Centage warrants that the Services will conform to the requirements stated in the Order and the Documentation (the ‚ÄúService Warranty‚ÄĚ). Centage also makes the availability and response time commitments stated in the Service Level Agreement.

2.2 Updates, Enhancements. Centage will update the Services consistent with its generally available commercial offering of the feature sets purchased by Customer without additional charge. Any new or additional features or functions will be made available to Customer for purchase under a separate Order.

2.3 Professional Services. Centage will provide any Professional Services in a good and professional manner (the ‚ÄúProfessional Services Warranty‚ÄĚ). Once scheduled to begin, Professional Services may not be canceled or postponed except for reasonable grounds as described in Customer‚Äôs written notice given at least ten (10) days prior to the scheduled start date. If the Professional Services are canceled or postponed without reasonable grounds or on less notice, Centage may charge a rescheduling or cancellation fee up to fifty percent (50%) or the estimated total fees under the Order.

2.4 Other Warranties. Centage warrants that it will provide the Services, Support, and Professional Services in accordance with applicable law. Centage warrants that it will observe security measures at least as stringent as those described at www.centage.com/legal/security (the ‚ÄúSecurity Materials‚ÄĚ).

2.5 Security Materials. Customer acknowledges that the Security Materials are Centage’s sensitive Confidential Information and may be shared only with Customer’s personnel and professional advisors and consultants on a need-to-know basis. Centage is not responsible to Customer or Customer’s users for any harm or damage resulting from a security incident except to the extent the security incident resulted from Centage’s failure to comply with the Security Materials. Customer acknowledges that the measures described in the Security Materials are commercially reasonable as to the Services. Customer is responsible for determining if Centage’s security safeguards meet any regulatory requirements applicable to Customer and otherwise meet Customer’s business and security requirements.

2.6 Third Party Technologies, Integration Features. Third Party Technologies are covered by separate legal terms between the third party and the Customer. Centage makes no representations, warranties, support commitments, or other commitments whatsoever with respect to Third Party Technologies. If Centage provides an integration feature for the Third-Party Technology, then that integration feature (but not the Third-Party Technology) is part of the Centage Services and is covered by the warranties and other commitments applicable to the Centage Services. Customer acknowledges that Centage’s integration features may be unavailable or may not work properly if the third party’s API is unavailable or if the third party modifies its API, technology, or services in a way that impacts the Centage integration feature. Centage will use commercially reasonable efforts to modify its integration features to maintain compatibility with Third-Party Technologies but is not responsible for interruptions in the use of the Services that result from third-party changes or interruptions despite Centage’s use of commercially reasonable efforts.

2.7 License. Customer is licensed to use that part of the Services Technology that Centage provides for Customer’s use on a non-exclusive, limited term basis. Customer’s license expires on expiration of the Agreement or is terminated prior to expiration on any earlier termination of the Agreement under Section 7 (Term, Termination, Suspension). Customer’s license is world-wide subject to applicable export laws. Customer may not assign or transfer the license except as part of an assignment of the Agreement that is permitted by Section 10.11 (Assignment). Customer may permit use of the Services Technology only by authorized users as described and subject to the restrictions stated in Section 6.3 (Authorized Users) and may not otherwise sublicense the Services Technology.

3. Data Ownership and Use

3.1 Customer Data. As between Customer and Centage, Customer shall own and retain all right, title, and interest in and to Customer Data. Centage may use and disclose Customer Data only: (i) to provide the Services and Professional Services, (ii) manage its relationship with Customer, (iii) as instructed or requested by Customer, (iii) as required by applicable law, and (iv) as expressly permitted in Section 3.3 (Centage Data Use) or Section 10.3 (Confidential Information). Centage shall comply with the data privacy laws and regulations of the United States and each State of the United States, including the California Consumer Privacy Act (the ‚ÄúCCPA‚ÄĚ) as applicable to processors of personal data (or ‚Äúservice providers‚ÄĚ as that term is defined in the CCPA). Specifically, but without limitation, Centage shall not sell Customer‚Äôs personal data, will cooperate with Customer in responding to any data subject requests for modification or erasure of personal data, and will cooperate with regulatory audits and requests for information by Customer’s privacy regulators. Centage will require any sub-processors who have access to the Personal Data to execute contractual commitments for the protection of Customer Personal Data at least as stringent as those required of Centage by this Agreement. If Customer expects to use the online services to transmit personal data of individuals in the United Kingdom, European Union, or other jurisdiction within the European Economic Area, Centage will, on Customer‚Äôs request, execute Centage‚Äôs data privacy addendum that includes terms addressing the requirements of those regulations.

3.2 Data Retention and Destruction. Centage does not have an obligation to retain Customer Data following termination of the Agreement and will destroy any Customer Data that remains in its possession no later than ninety (90) days following termination of the Services, excluding anonymized data sets that it is authorized to create and use as described in Section 3.3 (Centage Data Use).

3.3 Centage Data Use. During the Term Centage may use a copy of Customer Data to develop and test Centage software and services provided the copy is protected by the same or more stringent security measures as those described in Section 2.5 (Security Materials). Centage may collect data generated by its systems during the Term to analyze and improve its services offering generally and use that data following expiration or termination of the Agreement. For example, Centage may use log data about user interactions with the Services to identify user experience issues or to make its training processes more effective or may use data about resource utilization trends across its customer base to plan changes to its systems. Centage shall not disclose service data of this type to a third party except as permitted by Section 11.3 (Confidential Information) or unless it has been anonymized such that neither the Customer’s identity or the identity of any individual whose Personal Data was included could be derived from the data. In addition, Centage may in the future offer an information service based on aggregate anonymized data of its customers generally. Customer authorizes Centage to use Customer Data to create and commercialize aggregate anonymized data sets for this purpose only if the data sets are created in a way that no part of any Customer Data can be reassociated to Customer or any individual whose Personal Data was used to create the data set.

4. Restrictions

4.1 Fee Metrics. Customer may not exceed the Service fee metrics stated in the Order. For example, if the fees are based on a maximum number of ‚Äúusers‚ÄĚ each user must be an individual with a separate username (no shared logins), the number of users may not exceed the maximum, and Customer may not re-assign user seats from one individual to another unless the assignment is needed to reflect staffing changes in Customer‚Äôs organization.

4.2 No Resale. Customer may not re-sell the Services. Customer may not use the Services to provide services to third parties other than Customer’s Affiliates.

4.3 Protections. Customer may not do any of the following: (i) modify or create derivative works of the Services or Services Technology; (ii) access the Services or Services Technology for the purpose of creating a competing service; (iii) use the Services by means of any interface other than an interface provided by Centage; (iv) disassemble, decompile, reverse engineer, or attempt to discover any underlying algorithm or method embodied by the Services or Services Technology; (v) copy any part of the Services or Services Technology or mirror the Services on any site or system, except that Customer may download and print copies of Documentation as reasonably necessary for Customer’s permitted use of the Services, provided that Customer uses the Documentation in the exact form published, retain all branding and proprietary notices, and does not transfer the documentation to any other person(vi) remove any proprietary notices displayed on the Documentation or other Services materials; or (vii) publish any benchmarking or other performance analysis of the Services.

5. Fees and Payments

5.1 Services. The fees for the Services are stated in the Order, either directly or by reference to a page on Centage website. Fees may be stated as fixed amounts or as rates to be applied to the volume of Services used. The hourly rate for Professional Services is stated in the Order. Centage may not increase its fees or rates during the initial term of an Order but shall increase its fees for any renewal term by up to five percent (5%) over the fees in effect for the prior twelve (12) months. Any discounts stated in an Order apply for the initial term only, unless otherwise stated in the Order. Invoicing and payment terms are stated in the Order, or if no invoicing or payment terms are stated Centage may charge Customer monthly in advance for fixed recurring fees, monthly in arrears for variable, usage based fees, and on or after the Order effective date for any set-up or other non-recurring fees. If Customer’s use of Services significantly exceeds the parameters of the Order, Centage may, at its option, either charge overages at its then-current overage rates or suspend the Services until Customer has made payment arrangements satisfactory to Centage in its reasonable judgment. Centage’s waiver of overage fees for one or more billing periods is not a waiver for any subsequent billing periods.

5.2 Professional Services. The fees for any Professional Services that Customer may elect to purchase are stated in the Order and may be invoiced at the times stated in the Order.

5.3 Payments. Unless otherwise stated in the Order Customer must authorize and maintain a current, valid payment card on file with Centage at all times during the Term; Centage will charge each invoice to the payment card on the date each invoice is issued. If Customer disputes an invoiced amount, Centage will work in good faith with Customer to resolve the dispute, provided that Customer has notified Centage of the dispute within a reasonable period of time after the invoice date.

5.4 Sales and Withholding Tax. The stated fees and rates do not include any sales, use, VAT or like taxes (‚ÄúSales Tax‚ÄĚ). Customer must pay any applicable Sales Tax that is properly charged by Centage.

5.5 Overdue Payments. Centage may suspend or terminate Customer’s Services or Professional Services, or both, if Centage’s charge to Customer’s payment card is rejected or Centage fees are not timely paid for any reason. Centage may charge interest on overdue amounts at the lesser of 1.2% per month or the highest non-usurious amount permitted by applicable law. If Centage takes legal action to collect an overdue amount, Customer must also pay Centage’s reasonable costs of collection, such as attorney fees and court costs. If Centage suspends Customer’s account for late payment, Customer must pay Centage’s reasonable reinstatement fee.

5.6 General. Fees are non-refundable, even if Customer does not use the Services or Professional Services. Unless otherwise stated in the Order, fees are stated and must be paid in United States Dollars. Customer may not use the Services in a way that undermines Centage’s ability to correctly calculate its fees.

6. Customer’s Obligations

6.1 Fees. Customer must pay Centage’s fees when due for the entire Term of each Order.

6.2 Security Obligations. Customer must use reasonable security precautions in connection with Customer’s use of the Services, such as requiring Customer’s Authorized Users to establish reasonably secure passwords and using commercially reasonable efforts to protect Customer’s systems and data from malware. Customer shall notify Centage on becoming aware that an Authorized User’s login credentials have been compromised or on becoming aware of any other security issue or vulnerability with the Services.

6.3 Authorized Users. Customer may authorize as Services users Customer‚Äôs and Customer‚Äôs Affiliates‚Äô staff and the staff of any contractors that Customer retains to provide services to Customer in support of Customer‚Äôs internal business operations (each an ‚ÄúAuthorized User‚ÄĚ). Customer authorizes Centage to act on the instructions of each Authorized User within the permissions for that Authorized User‚Äôs role that has been established on the Services management interface. Customer is solely responsible for adding and removing users and other maintaining the user permissions and authentication credentials for Customer‚Äôs account using the Services management interface, such as on termination of the employment of an Authorized User. Customer is responsible for any action taken by a person using an Authorized User‚Äôs account credentials, even if the action was not authorized by Customer.

6.4 Compliance with Law. Customer must use the Services in compliance with applicable law, including export laws as further detailed in Section 10.7 (Export Compliance) and industry acceptable use norms.

6.5 Representations and Warranties. Customer represents and warrants to Centage that: (i) the information Customer submits to establish a Services account with Centage and place an Order is true, correct, and complete, and (ii) it has all rights and consents necessary to provide the Customer Data to Centage for use and processing as necessary to provide the Services and Professional Services and as otherwise expressly permitted by the Agreement. If Customer uses a Centage integration feature for a Third Party Technology, Customer represents and warrants that Customer’s agreement with the provider of the Third Party Technology permits the exchange of data between the Third Party Technology and the Centage Services.

7. Term, Termination and Suspension

7.1 Term. The initial term of each Order is defined in the Order. On expiration of the initial term, the Order renews for consecutive renewal terms of the same length as the initial term unless either Customer or Centage gives a notice of non-renewal at least thirty (30) days prior to the last day of the initial term or then current renewal term, as applicable. The initial term and all renewal terms of each Order are referred to as the ‚ÄúTerm.‚ÄĚ If an Order is stated to be ‚Äúco-terminous‚ÄĚ with an existing Order then the Order‚Äôs initial and renewal terms shall be the same as those for the Order with which it is co-terminous.

7.2 Termination. Either party may terminate any or all Orders on written notice if the other party is in material violation of any term of the Agreement, provided that if the violation is curable the terminating party must first give the other party a written notice describing the violation in reasonable detail and at least ten (10) days to cure the violation.

7.3 Suspension. Centage may suspend the Services during any period that Customer is in material breach of the Agreement or Customer’s access to the Services creates a material security vulnerability. Centage will give Customer at least two (2) business days’ advance notice of the suspension unless the suspension is made under emergency circumstances. Centage will reinstate Customer’s access to the Services when the grounds for suspension are cured unless Centage has already terminated the Agreement as described in this Section.

7.4 Surviving Provisions. The following sections survive expiration or termination of the Agreement: Section 1 (Defined Terms) to the extent defined terms are used in other surviving sections, Section 3 (Data Ownership and Use), Section 4 (Restrictions), Section 5 (Fees and Payments), Section 6 (Fees and Payments), Section 7 (Term, Termination, and Suspension), Section 8 (Remedies, Disclaimers, Indemnification, Limitation of Liability), and Section 8 (General Terms), and any other terms that by their nature are intended to survive expiration or termination.

8. Remedies, Disclaimers, Indemnification, Limitation of Liability

8.1 Warranty Remedies. If Centage materially fails to meet the Services Warranty stated in Section 2 (Services) Centage will attempt to cure the failure or if it is unable to cure the failure through commercially reasonable efforts, Customer may terminate the Order for the Services not meeting the Services Warranty. On Customer’s termination of an Order for a material breach of the Services Warranty Centage will refund the fees under that Order for the month during which the failure occurred and any prepaid fees for unused Services. If Centage fails to meet the Professional Services Warranty stated in Section 2 (Services) Centage will refund any fees paid for the Professional Services that fail to meet the Professional Services Warranty. However, to be eligible for a warranty remedy under this section, Customer must give a written notice describing the failure no later than ten (10) days following the end of the calendar month in which the failure occurred and cooperate with Centage’s reasonable efforts to cure the failure. The remedies stated in this Section are Customer’s sole and exclusive remedy for Centage’ breach of the Service Warranty and Professional Services Warranty.

8.2 Warranty Disclaimer. Except for the Services Warranty and Professional Services Warranty stated in Section 2 (Services) and the commitments in the Service Level Agreement Centage makes no representations or warranties regarding the Services. The Service Warranty does not apply to any use of the Services other than as permitted by the Agreement. Centage does not represent or warrant that Customer will achieve any specific result by means of the Services or Professional Services or that the Services or Professional Services will meet Customer’s requirements. Centage disclaims any implied warranties, such as any implied warranty of merchantability, fitness for a particular purpose, and non-infringement, and any representation or warranty that may arise through a course of dealing. Customer acknowledges that the use of the Services may not be uninterrupted, error free, or completely secure.

8.3 Indemnification. Centage agrees that if a third party asserts a legal claim against Customer or any of its Authorized Users (the ‚ÄúCustomer Persons‚ÄĚ) asserting that Customer Person‚Äôs use of the Services as permitted by the Agreement infringes or violates the third party‚Äôs patent, copyright, trade secret or other intellectual property right recognized in the United States, Centage will defend the claim at its expense, and pay any damages finally awarded to the third party by a court having jurisdiction over the claim or paid to the third party by Centage as a settlement. Customer agrees that Centage will have the right to select counsel to defend the claim and control the defense of the claim. Customer may participate in the defense of the claim with counsel of Customer‚Äôs choice at its option and expense. Customer will cooperate with Centage‚Äôs reasonable requests for information and assistance in connection with the defense of the claim. Centage agrees that it will not settle a claim under this Section without Customer‚Äôs consent unless it fully resolves the liability of the Customer Persons and does not require any of them to make an admission of liability. Customer agrees that if a Claim covered by Centage‚Äôs obligations under this Section is asserted, or is reasonably probable of assertion in Centage‚Äôs judgment, Centage may terminate the Services on reasonable advance notice without liability to Customer except to refund pre-paid fees for unused services periods. Notwithstanding anything to the contrary in this Section, Centage‚Äôs obligations do not extend to Customer‚Äôs use of the Services in a way that is not reasonably contemplated by the Documentation or to Customer‚Äôs use of a prior version of the Services if a subsequent version made available by Centage would have avoided the claim.

8.4 Exclusion of Consequential, Indirect Damages. Except for claims arising from a party’s breach of Section 10.3 (Confidential Information) and claims based on the party’s breach of the other party’s intellectual property rights, neither party nor its affiliates, licensors, suppliers, resellers, distributors or subcontractors is liable to the other for any lost profits, lost revenue, lost business opportunity, or any indirect, special, incidental, punitive, or consequential loss or damage of any kind arising in connection with this Agreement, or any loss or damage that could have been avoided by the claiming party’s reasonable mitigation, even if the party has been advised of or should be aware of the possibility of such damages. For avoidance of doubt, damages of the type described in this subsection that are awarded by a court or other tribunal to a third party as part of losses covered under Section 8.3 (Indemnification) are not excluded by this Subsection.

8.5 Maximum Liability. Notwithstanding anything to the contrary in this Agreement, excluding the Liability Cap Exceptions, as defined below, the maximum aggregate liability of a party and its Affiliates, and their respective licensors, suppliers, resellers, distributors, and subcontractors under or in connection with the Agreement for any type of damages, claims or obligations shall not exceed the amount of fees paid or payable by Customer under the Order giving rise to the claim for the 12 months preceding the event giving rise to the claim. For clarity, the maximum aggregate monetary limit stated in this subsection is not ‚Äúper incident‚ÄĚ but is an aggregate limitation applicable to all claims arising under or regarding this Agreement. The ‚ÄúLiability Cap Exceptions‚ÄĚ are: (i) claims arising from a party‚Äôs gross negligence, or willful misconduct; (ii) claims for personal injury or death or for damage to tangible (physical) personal property arising from a party‚Äôs negligence or other tort; (iii) claims arising from a party‚Äôs intentional breach of Section 10.3 (Confidential Information); (iv) claims based on a party‚Äôs intentional infringement or misappropriation of the other party‚Äôs intellectual property rights; and (v) payment obligations under Section 5 (Fees and Payments).

8.6 General. Each party acknowledges that the other party has entered into the Agreement in reliance on the limitations of remedies and liability stated in these Service Terms, and that these limitations reflect an agreed allocation of risk between Customer and Centage. The limitations stated in this Section shall apply to any liability arising from any cause of action whatsoever, whether in contract, tort, commercial code, strict liability or otherwise, even if a limited remedy fails of its essential purpose. If these limitations as written are not permitted by applicable law, they shall apply to the extent permitted by applicable law.

9. Beta Services. Centage may invite Customer to test ‚ÄúBeta‚ÄĚ services at no charge. Beta services will be designated as test, beta, pilot, limited release, developer preview, non-production, evaluation or with a similar description. Beta services are for evaluation purposes and not for production use, are not covered by the ‚ÄúServices Warranty‚ÄĚ or any security or indemnification obligations under this Agreement, are not supported, and may be subject to additional terms. Centage may discontinue Beta Services at any time in its sole discretion and may never make the Beta Services generally available. If a generally available version is released, there may not be an automatic update path from the Beta version to the generally available version. If not earlier terminated, any Beta services trial period will expire on the date that the Beta service is released on a generally available basis. Beta Services are provided AS IS, and Centage has no liability for any harm or damage arising out of or in connection with Customer‚Äôs use of a Beta Service. Centage may terminate a Beta service and delete Customer‚Äôs files and related information at any time, for any or no reason.

10. General.

10.1 Feedback. Customer agrees that Centage is licensed to use and commercialize any feedback or suggestions that Customer provides regarding the Services Technology or Services to improve Centage’s existing or future products and services on a perpetual basis without payment of any royalties or compensation to Customer and that Customer will not assert any patent or other claim against Centage based on its use or commercialization of the feedback or suggestions.

10.2 Reservation of Rights. Except for the rights and licenses expressly stated in this Agreement each party retains all right, title and interest in and to its intellectual property. No rights in intellectual property may arise by implication or estoppel.

10.3 Confidential Information. ‚ÄúConfidential Information‚ÄĚ means any non-public information that a party (the ‚Äúrecipient‚ÄĚ) receives from or learns about the other party (the ‚Äúdiscloser‚ÄĚ) as a result of activities contemplated by the Agreement that the recipient should reasonably understand to be confidential, given the nature of the information or the circumstances of its disclosure, but not including any information that is developed by the recipient independently and without reference to the discloser‚Äôs Confidential Information, or information that is or becomes available from a source other than discloser so long as the source did not, to recipient‚Äôs knowledge, acquire the information as a result of a violation of a duty of confidentiality to discloser. For example, non-public information Customer learns about Centage or its Services as part of the relationship contemplated by this Agreement is Centage‚Äôs Confidential Information. Customer Data is Customer‚Äôs Confidential Information. Recipient agrees not to use or disclose the discloser‚Äôs Confidential Information except to provide or use the Services, as applicable, or to exercise legal rights or obligations in connection with the Agreement. Recipient shall use reasonable care to protect the discloser‚Äôs Confidential Information from unauthorized use and disclosure. Centage‚Äôs use of reasonable care as to Customer‚Äôs Confidential Information that is part of Customer Data is met by the use of the safeguards described in the Security Materials. Recipient shall return or destroy the discloser‚Äôs Confidential Information (including that part of the Confidential Information that is ‚ÄúCustomer Data‚ÄĚ) on termination of the Agreement, except as necessary for reasonable and customary business record-keeping purposes. Recipient is responsible for acts and omissions in violation of this Section by any person to whom it has disclosed the discloser‚Äôs Confidential Information to the same extent as for its own violation. Notwithstanding the foregoing, the recipient may disclose discloser‚Äôs Confidential Information in response to a subpoena, request from law enforcement, or as otherwise required by law provided that it gives advance written notice of the disclosure (unless notice is prohibited by law) to the discloser.

10.4 Governing Law. The Agreement is governed by and should be interpreted under the laws of the State of Texas, and the United States of America, as applicable, without giving effect to any conflicts of law principles that would require the application of the law of a different jurisdiction. The parties expressly and irrevocably disclaim and waive the application of the United Nations Convention on Contracts for the International Sale of Good and the Uniform Computer Information Act.

10.5 Notices. Customer’s address for notice purposes is the email address of the individual who serves as its primary business contact and the physical address appearing on the Order. Centage’s address for notice purposes is legal@centage.com and the physical address of its principal office in the United States published on Centage’s website. Notices under this Agreement must be given by electronic mail with a copy transmitted via first class United States mail (or if Customer is located outside of the United States, a reputable and established international priority mail service) on the date of the electronic mail notice. Notices are deemed given, received and effective as of the time transmitted by electronic mail, or if that time does not fall within a business day, as of the beginning of the first business day following the time transmitted. Notices must be given in the English language. A party may change its address for notice by giving notice in the manner stated in this Section.

10.6 Disputes

10.6.1 Mediation. Except for a request for temporary injunctive or other equitable relief, each party agrees that it shall not begin a legal action in connection with this Agreement unless it has first given the other party written notice of the dispute and attempted to resolve the dispute through good faith negotiation. At the request of either party, the dispute will be submitted for non-binding mediation conducted by a mutually acceptable mediator in Bexar County, Texas. The mediator will be chosen by mutual agreement of the parties within twenty-one (21) days after written notice by either party demanding mediation. Neither party shall unreasonably withhold or delay consent to the selection of a mediator. The parties will share equally the costs of the mediation, exclusive of any fees paid by a party to its internal or external legal advisors, accountants and experts in connection with the dispute. The use of any mediation procedures will not be construed under the doctrines of laches, waiver or estoppel to affect adversely the rights of either party. If the dispute is not resolved through negotiation or mediation within forty-five (45) days of the date of the initial demand for mediation, the parties are free to file an arbitration action.

10.6.2 Arbitration. If the mediation process does not resolve a dispute, the parties agree that they shall submit the dispute to binding arbitration in accordance with the commercial rules of the American Arbitration Association, without any right of appeal. The arbitration shall be held in Bexar County, Texas unless the parties agree to a different location. Centage and Customer agree that any dispute resolution process shall be conducted on an individual basis and may not be brought as a class, consolidated, or representative action. In the event there is proceeding in a court, each party irrevocably waives any right to a jury trial to the extent permitted by law.

10.6.3 Injunctive, Equitable Relief. Notwithstanding the requirement for arbitration stated above, either party may bring an action in a court to enjoin intellectual property infringement or breach of confidentiality.

10.6.4 Time Bar. A party may not bring an action in relation to this Agreement more than two (2) years after the date that the cause of action accrued.

10.7 Export Compliance. Customer may not permit users to access or use the Services in a U.S.-embargoed country or in violation of any U.S. export law or regulation, or in a manner that causes Centage to be in violation of U.S. export laws, even if the use is permitted the laws applicable to Customer or Customer’s users. For example, Customer may not authorize any person to use the Services that is on the list of Specially Designated Nationals and Blocked Persons issued by the U.S. Treasury Department’s Office of Foreign Asset Control (OFAC) or who is located in or is a national of any country that is embargoed under United States export laws; and Customer may not use or permit the use of the Services to process or store any data that is subject to the International Traffic in Arms Regulations maintained by the U.S. Department of State, or permit the use of the Services by any person who Customer know or have reason to know will utilize them in the design, development or production of nuclear, chemical or biological weapons, or rocket systems, space launch vehicles, or sounding rockets, or unmanned air vehicle systems. Each party represents that it is not on any restricted persons list maintained by the U.S., Canada, or any member of the European Union.

10.8 Anti-Corruption. Each party represents that it has not received or been offered any illegal or improper bribe, kickback, payment, gift, or thing of value from the other’s employees or agents in connection with this Agreement. Reasonable gifts and entertainment provided in the ordinary course of business do not violate the above restriction. If either party learns of any violation of the above restriction, it will promptly notify the other party.

10.9 Force Majeure. Except for Customer’s payment obligations, neither party is in violation of the Agreement if the failure to perform is due to an event beyond that party’s reasonable control, such as a significant failure of the power grid or Internet, denial of service attacks, natural disaster, war, riot, insurrection, epidemic, strikes or other organized labor action, terrorism, or other acts or events for which precautions are not generally taken in the industry.

10.10 Centage’s Service Providers. Centage may use service providers to provide the Services. Centage is responsible for its service providers acts and omissions in violation of the Agreement to the same extent as for its own acts and omissions.

10.11 Assignment. Neither party may assign the Agreement in whole or in part, whether by operation of law or otherwise, without the other party‚Äôs prior written consent (not to be unreasonably withheld)Õĺ provided, however, either party may assign this Agreement in its entirety (including all Orders), without the other party‚Äôs consent to its affiliate or in connection with a merger, acquisition, corporate reorganization, or sale of all or substantially all of its assets.

10.12 Publicity. Centage may identify Customer in its marketing and sales materials and may include Customer‚Äôs name, logo, trademarks, service marks or similar indicia (‚ÄúMarks‚ÄĚ) in an appropriate area of its website and marketing materials, provided that it does not state or imply that Customer endorses the Services. Centage will use and display Customer‚Äôs Marks in accordance with Customer‚Äôs trademark usage guidelines communicated to Centage in writing. Any goodwill accruing from Centage‚Äôs use of Customer‚Äôs Marks shall accrue to Customer.

10.13 Relationship of the Parties. The parties are independent contractors. Neither party is the agent of the other, and neither party is authorized to make any representations, contract, or commitment on behalf of the other. The use of the words ‚Äúpartner‚ÄĚ or ‚Äúpartnership‚ÄĚ in this Agreement or otherwise refers only to a business relationship, and does not create or reflect any legal partnership, joint venture, or other fiduciary or other special relationship between the persons described as partners. The parties do not agree to any exclusivity in regards to the subject matter of this Agreement and each party is free to contract with third parties, including competitors of the other party, for transactions of the type covered by this Agreement in any market, worldwide.

10.14 Interpretations. (i) In calculating any period of time under this Agreement, the day of the act, event or default from which the designated period of time begins to run is not to be included. (ii) The term ‚Äúperson‚ÄĚ refers to any legal person, and may mean a natural person (individual), a legally created person (such as an entity, trustee, or executor), or an entity (such as a corporation, partnership, or limited liability company). (iii) The word ‚Äúpersonnel‚ÄĚ refers to a person‚Äôs employees and individual contractors who are under the person‚Äôs direct supervision. (iv) The use of the word ‚Äúincluding‚ÄĚ should be read to mean ‚Äúincluding, without limitation.‚ÄĚ (v) All references to monetary amounts mean United States Dollars. (vi) The term ‚Äúparties,‚ÄĚ either in lower- or upper-case form, refers to the persons who are parties to this Agreement unless expressly described as ‚Äúthird parties.‚ÄĚ (vii) For notice purposes, the words ‚Äúbusiness day,‚ÄĚ ‚Äúbusiness hours,‚ÄĚ or the like means Monday ‚Äď Friday, 9:00 a.m. ‚Äď 5:00 p.m., United States Central Time, excluding federal public holidays in the United States. (viii) A reference to ‚Äúday‚ÄĚ shall mean a calendar day, unless expressly designated as a ‚Äúbusiness‚ÄĚ day. (ix) All software and other technology provided for Customer‚Äôs use is licensed and not sold; any references to a sale or purchase of software or other technology means the sale or purchase of a subscription. (x) Any requirement in this Agreement that a statement be written, in writing, or a like requirement is satisfied by an email or other digital form of writing unless expressly stated otherwise. (xi) Nouns stated in the singular imply the plural as indicated by the context, and pronouns that are gender specific refer to either gender. (xii) The Section captions in the Agreement are for convenience only; they are not part of this Agreement and may not be used to interpret the terms of the Agreement.

10.15 Third-Party Beneficiaries. There are no third-party beneficiaries under the Agreement.

10.16 Severability. In the event one or more of the terms of this Agreement are adjudicated invalid, illegal, or unenforceable, the adjudicating body may either interpret the Agreement as if such terms had not been included, or may reform such terms to the limited extent necessary to make them valid, legal or enforceable, consistent with the economic and legal incentives underlying the Agreement.

10.17 Changes to the Services. Customer agrees that Customer’s purchases are not contingent on the delivery of any future functionality or features, or dependent on any oral or written public comments made by Centage regarding future functionality or features. Customer acknowledges that Centage may modify or suspend any of its services offerings at any time. If a modification or suspension materially and adversely affects Customer’s use of the Services, Customer may terminate the Agreement by giving written notice of the change no later than 30 days following the date of the change and receive a refund of any prepaid fees for unused services as Customer’s sole and exclusive remedy.

10.18 General Representations. Each party represents that it has validly entered into this Agreement and has the legal power to do so.

10.19 Representation by Individual Submitting the Order. If an individual submits an Order, the individual represents that: (i) if the individual submits the Order on his or her own behalf (including as a sole proprietor), the individual is old enough to enter into contracts and otherwise has the legal capacity to enter into contracts under applicable law; or (ii) if the individual submits the Order on behalf of a company or other legal entity, the individual has the legal power and authority to bind that entity to the Order and these Service Terms.

10.20 Changes to Online Service Terms. Centage may amend these Services Terms at any time in its sole discretion. Any amendment will become effective as to Customer’s Order on the first renewal of the Order that follows the publication of the amendment by at least thirty (30) days or on the execution of a subsequent Order that modifies the Services covered by an existing Order. If the amendment materially and adversely impacts Customer’s use of the Services, Customer may terminate the Agreement by giving written notice no later than thirty (30) days following the date the amendment is published and receive a refund of prepaid fees for unused Services as Customer’s sole and exclusive remedy.

10.21 Waiver. No right or remedy arising regarding this Agreement shall be waived by a course of dealing between the parties, or a party’s delay in exercising the right or remedy. A party may waive a right or remedy only by signing a written document that expressly identifies the right or remedy waived. Unless expressly stated in the waiver, a waiver of any right or remedy on one occasion will not be deemed a waiver of that right or remedy on any other occasion, or a waiver of any other right or remedy.

10.22 Entire Agreement and Order of Precedence. This Agreement is the entire agreement between Customer and Centage regarding Customer’s use of the Services and supersedes all prior and contemporaneous agreements, proposals or representations, written or oral, concerning its subject matter. No modification, amendment, or waiver of any provision of the Agreement will be effective unless in writing and signed by the party against whom the modification, amendment or waiver is to be asserted. The parties agree that any preprinted term or condition stated in any business form is void. In the event of any conflict or inconsistency among the following documents, the order of precedence shall be: (1) the applicable Order, (2) these Services Terms, and (3) the Services documentation. Customer’s use of the Services, both during any free use period and Customer’s paid term, is subject to all of the terms, conditions, and restrictions stated in the Agreement and any restrictions stated on a page on the Centage website that is part of Customer’s Order.