Vendor Terms and Conditions
1. Services
These KnowBe4 Vendor Terms and Conditions, together with any applicable Purchase Order or Statement of Work, are collectively referred to as the “Agreement”. The Vendor (the “Vendor”) is being engaged by KnowBe4 (the “Company”) to provide the services described in the purchase order, or one or more written statements of work (“Statements of Work” or “SOW”) that are attached hereto or otherwise entered into by the parties for the provision of goods or performance of services (the “Services”). Vendor shall be deemed to have agreed to be bound by such terms by accepting thePO, SOW, delivering the goods, and/or performing the services. Each PO or SOW will be effective only when signed by Company and Vendor. In the event of a conflict between the body of this Agreement and any PO, SOW, or exhibit, the body of this Agreement will govern except to the extent that the PO, SOW or exhibit explicitly identifies (by section number) the provision of this Agreement that is modified or changed by the PO, SOW, or exhibit and explicitly and clearly states that the PO, SOW or exhibit modifies, changes, or overrides the identified section of this Agreement. Any modifications or changes to the Services following execution of a PO or SOW must be memorialized in a mutually agreed upon amendment to the PO or SOW signed by both parties.
2. Compensation and Expenses
As the Company’s sole and exclusive consideration for the Services, Vendor will be paid the fees set forth in the applicable PO or SOW. Except as expressly stated otherwise in an applicable PO or SOW, Vendor shall be responsible for and will bear the sole expense of all costs incurred in connection with the performance of the Services under this Agreement, including without limitation: all required licenses and permits; workers’ compensation and other legally required insurance; and all travel, transportation, and related expenses. Company shall pay Vendor’s undisputed, properly submitted invoices within thirty (30) days following receipt.
3. Relationship of the Parties
The parties’ relationship, as established by this Agreement, is solely that of independent contractors. This Agreement does not create any partnership, joint venture or similar business relationship between the parties. Neither party is a legal representative of the other party, and neither party can assume or create any obligation, representation, warranty or guarantee, express or implied, on behalf of the other party for any purpose whatsoever.
4. Indemnification by the Vendor
The Vendor agrees to defend and indemnify the Company (and its members, directors, managers, officers, employees, agents, representatives, subsidiaries, affiliates and successors in interest) from and against any and all claims, proceedings, and the defenses thereof of any kind (including without limitation losses, damages, costs, liabilities, attorneys’ fees, experts’ fees, court fees or any other expenses) arising out of, relating to or in connection with (a) Vendor’s performance of the Services, (b) any act or omission constituting fraud or willful misconduct by the Vendor, Vendor’s agents, employees, representatives, subcontractors and any and all others acting upon Vendor’s behalf, (c) any accident, injury or damage caused to any person or entity, or to the property of any person or entity, where such accident, damage or injury resulted or is claimed to have resulted from any act or omission constituting fraud or willful misconduct on the Vendor’s part, (d) failure to adhere to any applicable law, rule or regulation of any governing body having jurisdiction over work performed pursuant hereto, or (e) any breach of this Agreement (or any other agreement or other document between the and the Company) or any act, omission or default under any of Vendor’s undertakings in this Agreement.
5. Confidentiality
The parties each shall treat as confidential all information provided by a Party to the other regarding such party’s business and operations, including without limitation anything identified as confidential or that by its nature and circumstances around its disclosure should reasonably been deemed confidential (“Confidential Information”). All Confidential Information provided by a party hereto shall be used by the other party hereto solely for the purposes of rendering the Services pursuant to this Agreement, provided that any of the Vendor’s employees and/or representatives must have executed written agreements restricting use or disclosure of such Confidential Information that are at least as restrictive as the obligations under this Section. Except as may be required in carrying out the terms of this Agreement, Confidential Information shall not be disclosed to any third party without the prior consent of such providing party. The foregoing shall not be applicable to any information that is publicly available when provided or which thereafter becomes publicly available other than in contravention of this section or which is required to be disclosed by any regulatory authority in the lawful and appropriate exercise of its jurisdiction over a party, any auditor of the parties hereto, by judicial or administrative process, or otherwise by applicable law or regulation. Each party acknowledges that due to the unique nature of the other party’s Confidential Information, the disclosing party will not have an adequate remedy in money or damages in the event of any unauthorized use or disclosure of its Confidential Information, and that such breach will cause irreparable harm. Accordingly, the non-breaching party shall be entitled to seek specific performance and injunctive relief, in addition to any other remedies that may be available in law, in equity, or otherwise, to prevent such unauthorized use or disclosure.
6. Disputes; Governing Law
The parties agree to attempt initially to solve all claims, disputes, or controversies arising under, out of, or in connection with this Agreement by conducting good faith negotiations. If the parties are unable to settle the matter between themselves, the following sets forth the law that will apply in the event of any dispute or lawsuit arising out of or in connection with this Agreement and the courts that have jurisdiction over any such dispute or lawsuit. The accompanying terms depend on where the Services are being performed in accordance with the following table. All proceedings are to be conducted in English. The United Nations Convention for the International Sale of Goods and the UN Convention on Contracts for the International Sale of Goods (UNCITRAL) will not apply to this Agreement.
|
If the Services are being provided in: |
Without giving effect to any choice or conflict of law provisions, rules, or principles, the governing law is the laws of: |
Venue/Courts with exclusive jurisdiction are: |
Additional terms included are: |
|
A country in North America, Central America, South America or Caribbean, other than Brazil. If Customer is domiciled in a geographic region that does not fall into one of the designations described in this table, then Customer will fall into this category. |
Florida and controlling United States federal law |
Hillsborough County, Florida, U.S. |
Notwithstanding the foregoing, the parties will have the right to seek injunctive or pre-judgment relief in any court of competent jurisdiction to prevent or enjoin the misappropriation, misuse, infringement or unauthorized disclosure of its Confidential Information or intellectual property rights. No Federal Acquisition Regulations will be construed to apply to KnowBe4 without KnowBe4’s written agreement thereto. THE PARTIES HERETO WILL AND THEY HEREBY DO WAIVE TRIAL BY JURY IN ANY ACTION, PROCEEDING OR COUNTERCLAIM BROUGHT BY EITHER OF THE PARTIES HERETO AGAINST THE OTHER ON ANY MATTERS WHATSOEVER ARISING OUT OF OR IN ANY WAY RELATED TO THIS AGREEMENT. |
|
A country in EMEA (Middle East, Europe and Africa) other than United Kingdom, South Africa, Germany, Austria and/or Switzerland |
The Netherlands |
Amsterdam |
|
|
Germany, Austria or Switzerland |
Federal Republic of Germany |
Berlin |
|
|
United Kingdom |
England and Wales |
London |
The parties agree that the election to the laws and Courts of England and Wales includes in respect of non-contractual disputes and claims |
|
Australia, New Zealand or Oceania |
Victoria, Australia |
Victoria, Australia |
|
|
Japan |
Japan |
Tokyo District Court |
|
|
Brazil |
Federative Republic of Brazil |
São Paulo, State of São Paulo, Brazil |
The parties agree that any subpoena or notice relating to the proceeding will be made by registered correspondence. |
|
South Africa |
England and Wales |
London |
The parties agree that the election to the laws and Courts of England and Wales includes in respect of non-contractual disputes and claims |
|
A country in the Asia-Pacific region, other than Japan, Australia, New Zealand or Oceania |
Singapore |
Singapore |
|
7. Limitation of Liability
In no event shall the Company be liable to Vendor for any damages of any kind under this Agreement, unless the Company’s act or failure to act involves intentional misconduct, fraud, or gross negligence.
8. Warranties
Vendor hereby represents and warrants that: (a) it is duly organized and validly existing and in good standing under the laws of the state of its formation, (b) it has full power and authority to enter into this Agreement and to perform its obligations hereunder; (c) Services under this Agreement will meet the requirements indicated in the PO or SOW and be performed in a timely, professional, and workmanlike manner, (d) it has obtained all permits, licenses, and other governmental authorizations and approvals required for its performance under this Agreement; (e) any software or deliverables provided will not contain any "back door," "time bomb," "Trojan horse," "worm," "drop dead device," "virus," or other computer software routine intended or designed to permit unauthorized access to, or to disable, erase, or otherwise harm, the Company’s systems or data; and further, that no such software contains any Open Source components that would require the Company to disclose or license its own proprietary source code to any third party; and (f) performance of the services to be rendered under this Agreement will neither violate any applicable law or regulation, nor infringe or violate any patent, copyright, trade secret, trademark, or other proprietary right of any third party.
9. Intellectual Property
a. Deliverables
All work product, developments, inventions, and materials created by Vendor in connection with the Services (the “Deliverables”) shall be the sole and exclusive property of the Company. Vendor retains ownership of its pre-existing materials and intellectual property (“Background IP”); however, if Vendor incorporates any Background IP into the Deliverables, Vendor grants Company a perpetual, irrevocable, worldwide, royalty-free, non-exclusive license to use such Background IP as part of the Deliverables.
b. Work Made for Hire & Assignment
The parties agree that, to the extent permitted by applicable law, all Deliverables that are copyrightable subject matter shall be considered “works made for hire” within the meaning of the United States Copyright Act. To the extent that any Deliverable does not qualify as a work made for hire, or to the extent that Vendor retains any other Intellectual Property rights in the Deliverables, Vendor hereby irrevocably and unconditionally assigns, transfers, and conveys to Company all right, title, and interest in and to such Deliverables, including all worldwide patent, copyright, trade secret, and other proprietary rights therein. To the extent permitted by applicable law, Vendor further waives any “moral rights” or other rights with respect to attribution of authorship or integrity of the Deliverables.
c. Company Trademarks
Vendor will not use any trade name, trademark, service mark, logo, or commercial symbol, or any other proprietary rights of Company, in any manner (including, without limitation, reference to Company as a client or customer in any press release, advertisement, or other promotional material) without prior written authorization of Company.
Termination
Either party may terminate this Agreement on written notice to the other party if the other party materially breaches this Agreement and fails to cure such breach within thirty (30) days after receiving written notice thereof, provided the non-breaching party is entitled to a prorated reimbursement for all pre-paid, unearned fees up to the effective date of the termination. Company may terminate this Agreement at any time and for any reason upon providing thirty (30) days written notice to Vendor. Upon any termination of this Agreement, the Company shall be entitled to an immediate, prorated refund of all pre-paid, unearned fees for Services not rendered as of the effective date of termination, and all of Company's outstanding payment obligations for Services or goods not yet received as of the effective date of termination shall be immediately relieved and cancelled.
11. Compliance
a. Compliance with Law
Vendor shall comply with all applicable laws, rules, and regulations in its performance of the Services or provision of goods.
b. Partner Code of Conduct
Vendor agrees to abide by (and to require all Vendor employees, subcontractors, and other representatives to abide by) the KnowBe4 Partner Code of Conduct, available at knowbe4.com/partner-code-of-conduct or such other link as KnowBe4 may provide from time to time.
c. Anti-Bribery & Corruption
The Vendor will not, and will ensure that its representatives (if any) do not: (a) make any unlawful payments to any government official or employee; (b) make any unlawful payment to any person, or unlawfully provide anything of value (whether as property, services, or in any other form) to any person, for the purpose of obtaining an improper business advantage; or (c) agree, commit, or otherwise offer to undertake any of the foregoing actions in connection with this Agreement or any related activities.
d. Export Compliance
The Vendor acknowledges that the products, services, technology, and any associated technical data received from the Company in accordance with the terms hereunder are subject to export controls, economic sanctions, and other restrictive trade measures enforced by the United States and other applicable jurisdictions. In the performance of its obligations hereunder, the Vendor shall at all times strictly comply with all applicable laws, regulations, and orders, and agrees to commit no act which, directly or indirectly, would violate any such laws, regulations, or orders, including, without limitation (1) the Export Control Reform Act of 2018, as amended (50 U.S.C. §§ 4801-4852) and the Export Administration Regulations, 15 C.F.R. §§ 730-774 (“EAR”); (2) the Arms Export Control Act, 22 U.S.C. § 2778, and the corresponding International Traffic in Arms Regulations (“ITAR”); (3) the economic sanctions laws and regulations enforced by the U.S. Department of the Treasury’s Office of Foreign Assets Control (“OFAC”), 31 C.F.R. Part 500 et seq.; and (4) the anti-boycott regulations, guidelines, and reporting requirements under the Export Administration Regulations and Section 999 of the Internal Revenue Code. Vendor confirms that it is not subject to, owned by, nor otherwise controlled by parties that are subject to any of the restrictive trade measures discussed above. In the event that the Vendor becomes subject to any of these restrictive trade measures, Vendor will immediately provide written notice to KnowBe4. Additionally, the Vendor shall not, and shall cause its representatives (if any) not to export, re-export, divert, or transfer (in-country) KnowBe4 products, services, or any direct product thereof to proscribed or embargoed countries or their nationals, or to any entity or individual subject to U.S. and other applicable economic sanction or export controls. The Vendor assumes sole responsibility for obtaining licenses to export or re-export as may be required. Certain products with encryption functions may be subject to additional restrictions, including restrictions on access or transfers to certain end users. The Vendor represents and warrants that it does not operate or perform services in, and is not engaged with, nor will it engage with, in the performance of its work, a national of a proscribed or embargoed country or territory (such as currently Iran, Syria, Cuba, North Korea, Russia, Belarus, the following regions of Ukraine: Crimea, Donetsk, Luhansk, Kherson and Zaporizhzhya, or such other locations that may become subject to comprehensive sanctions or embargoes from time to time). Additionally, in the event Vendor has access to any of Company’s proprietary software source code, Vendor will not travel with or access such source code outside its home country. Vendor may not take laptops or other devices that contain source code outside its home country, even if it does not plan to work on that source code, and may not access the source code hosted elsewhere via the internet from outside its home country.
e. Security & Data Protection
To the extent the Vendor is engaged in the processing of Personal Data (as such term is defined by applicable Data Protection Laws) on behalf of the Company in connection with the Services, the Vendor shall comply with all applicable Data Protection Laws in the performance of the Services, only process Personal Data in accordance with the Company’s written instructions and for the limited purpose of providing the Services, and, if required by applicable Data Protection Laws, promptly execute a Data Processing Addendum (the "DPA") provided by the Company, which will be incorporated by reference into this Agreement and will govern the parties' respective rights and obligations regarding the processing of Personal Data, with the DPA governing in the event of any conflict with the terms of this Agreement with respect to the processing of Personal Data. Vendor shall implement and maintain commercially reasonable and appropriate administrative, physical, and technical safeguards to protect Company's Confidential Information and any data provided by or collected on behalf of the Company, including Personal Data, from unauthorized access, acquisition, disclosure, use, or loss, with such safeguards being no less rigorous than those employed by the Vendor for its own similar data and in compliance with industry standards and applicable laws. In the event of any actual or suspected security incident or breach involving Company data, Vendor shall immediately notify the Company, in no case later than 72 hours after becoming aware, and cooperate fully in all reasonable efforts to investigate, mitigate, and remediate the incident, including any required regulatory or customer notifications.
f. Failure to comply
Failure to comply with this Section 11 (Compliance) shall be considered a material breach of this Agreement and cause for immediate termination.
12. Miscellaneous
Neither party may assign this Agreement without the other Party’s written authorization, which shall not be unreasonably withheld. Notwithstanding the foregoing, either Party may assign this Agreement to an affiliate or to a successor entity in the event of a merger, acquisition, or sale of all or substantially all of its assets; provided, in the case of assignment by Vendor, the successor entity agrees to be bound by the terms of this Agreement. This Agreement will inure to the benefit of and be binding upon each of the parties and their respective successors and permitted assigns. This Agreement may only be amended by a writing signed by both parties. The waiver or failure of either party to exercise any right in any respect provided herein shall not be deemed to be a waiver of any further right hereunder. This Agreement constitutes the final expression of the agreement of the parties, and is intended as the complete and exclusive statement of the terms of the parties' agreement with regard to the subject matter hereof. This Agreement supersedes all prior and concurrent proposals, promises, representations, negotiations, discussions and agreements that may have been made in connection with the subject matter hereof.