General Terms and Conditions

1. Services.

Company is engaging Supplier, and Supplier accepts such engagement, under and subject to the terms and conditions of this Agreement. During the Term (as defined below), Supplier shall draw on its knowledge, experience, and technical expertise to provide to Company the services listed on sequentially numbered statements of work as are executed from time to time by both parties to this Agreement (each a “SOW,”; the services described in SOWs, the “Services”). Services shall be provided in accordance with the terms of this Agreement and the applicable SOW. Supplier will remain responsible for determining the methods and means for completing the assigned Services in accordance with Company’s specifications as set forth in the applicable SOW, provided that Company shall have final approval over the results and outcomes of the Services. Supplier will provide all competent supervision, labor, and quality grade materials to complete the Services. Any Affiliate of Company may arrange for Services to be performed by Supplier under the terms of this Agreement by signing a SOW, in which case (1) that authorized Affiliate will be deemed to be “Company” for purposes of that SOW only, (2) such Affiliate will be solely responsible for all obligations associated with such SOW and Company shall have no liability associated with such SOW, (3) such SOW will be deemed to be a separate contract between the parties who sign it, and (4) such SOW will be deemed to be an independent contractual obligation from any other SOW. “Affiliate” means an entity that Controls, is Controlled by, or is under common Control with, a party. “Control” means direct or indirect ownership of (i) more than 50% of an entity’s voting interest; or (ii) the right to receive more than 50% of an entity’s profits.

2. Change Requests.

Company may modify an SOW at any time by submitting to Supplier a change order request specifying the changes (“Change Request”). Supplier shall make a reasonable, good faith attempt to accommodate the Change Request at no additional cost or delay to Company. However, if such modifications materially increase or decrease the resources necessary to perform the Services (as defined in each SOW), Supplier and Company shall negotiate in good faith with respect to adjusting the schedule and Fee (as defined below), if any, to the extent required to reflect the change in Supplier’s out-of-pocket costs.

3. Term; Termination.

Unless terminated earlier as provided below, this Agreement shall commence on the Effective Date and continue until it is terminated in accordance with this Agreement (the “Term”). Either party may terminate this Agreement at any time in the event of a material breach by the other party that remains uncured after 30 days written notice thereof. Notwithstanding anything to the contrary contained herein, Company may terminate this Agreement, or any SOW (even if such SOW includes an “end date”), at any time prior to the expiration of the Term for convenience immediately upon written notice to Supplier. In the event of any such termination, Company shall not be obligated to make any payments to Supplier other than undisputed amounts due and payable for Services and Deliverables (as defined below) completed and approved by Company prior to the effective date of such termination. Upon such termination by Company, Supplier shall immediately deliver to Company all work product and other materials requested or required by Company to continue the development of the Deliverables and, if applicable, Company’s videogame assets or other products, including, but not limited to, any drafts, mockups, work files, project files, interim Deliverables, assets, materials, source and/or object code related to the Deliverables.

4. Payment.

4.1 Fee. Supplier’s entire payment for performing services hereunder is set forth in this Section 4. Each SOW shall set forth the fee due for the Services to be provided pursuant to the SOW (the “Fee”). Company shall pay to Supplier the applicable Fee after Supplier’s completion of all Services set forth on the applicable SOW and Supplier’s delivery, and Company’s approval, of all Deliverables, such approval to be granted or denied in Company’s sole discretion. Prior to Company making the payments described in the preceding sentence, Supplier shall send Company an invoice (“Invoice”) describing in reasonable detail the Deliverables that were provided for the period described in the Invoice to the invoice address specified on the SOW. Except for any amounts disputed by Company, upon Company’s approval of each Invoice, Company shall pay Supplier within 30 days. All amounts of currency associated with this Agreement will be in United States dollars unless explicitly stated otherwise.

4.2 Expenses. Solely to the extent expressly permitted in any SOW, Supplier shall be entitled to reimbursement of reasonable and verifiable out-of-pocket expenses necessarily incurred in Supplier’s performance of the Services, including economy-class roundtrip travel, hotel accommodations, local car travel and meals, if any, set forth on the applicable SOW (“Reimbursable Expenses”), provided that: (i) Company has given its prior written consent for any such Reimbursable Expenses; (ii) the Reimbursable Expenses have been detailed on a form acceptable to Company and submitted to Company for review and approval; and (iii) if requested by Company, the Supplier submits supporting documentation in addition to the approved expense form. Reimbursable Expenses shall not exceed the amount set forth in the relevant SOW. The expenses invoiced, except for any amounts disputed by Company, shall be payable by Company within 30 days of Company’s receipt of each invoice.

4.3 No Other Payment. The Fee shall be in consideration for all Services rendered, Deliverables created, and all rights granted, by Supplier to Company hereunder. No other monies or consideration shall be owed or payable by Company to Supplier. The Fee includes provision for any individuals engaged by Supplier; provided that Supplier shall be solely responsible for any and all amounts of any kind due to third parties hired or contracted by Supplier in connection with the Services or for the provision of goods or services pursuant to this Agreement, and Supplier agrees to pay all amounts due to such third parties on a timely basis. Supplier shall be solely responsible for any other expenses incurred in its performance of the Services, including without limitation union payments, studio fees, expenses incurred to acquire rights in pre-existing materials (e.g. samples), and payments of any kind required to be made to third parties rendering services or providing materials.

5. Deliverables; Delivery Requirements.

5.1 Deliverables.Deliverables” shall mean any materials created by Supplier in connection with each applicable SOW, any and all of the results and proceeds of the Services rendered under any SOW, all materials related thereto, all associated derivatives, enhancements, and modifications, and all of the intellectual property rights related to any of the foregoing including, but not limited to (i) all specifications, designs, writings, code, artwork or other materials developed or prepared by Supplier in connection with any SOW or provided or delivered to Company by Supplier and (ii) any and all new or improved idea, design, concept, or other invention made or developed by Supplier during the course of rendering the services or developing the materials in connection with any SOW. Supplier shall complete and deliver the Deliverables as outlined in the applicable SOW.

5.2 Licensed Materials.Licensed Materials” shall mean any pre-existing materials (e.g., existing tools, software, algorithms and other technologies) owned or licensed by Supplier and provided to Company for its use under an applicable SOW. For the avoidance of doubt, Licensed Materials do not include any materials created by Supplier during the course of, or in connection with, providing Services. All Licensed Materials shall be listed and identified with specificity in the applicable SOW. Supplier and/or its licensors shall retain ownership of the Licensed Materials. Supplier hereby grants Company a fully paid-up, worldwide, irrevocable, non-exclusive, transferable and sub-licensable, royalty-free right and license to use, reproduce, distribute, modify, perform and display (publicly or otherwise) the Licensed Materials in connection with the Deliverables. Supplier represents and warrants that Company’s use of the Licensed Materials will not (i) cause Company to be liable for payment to any third party, or (ii) violate or infringe the rights of any third party.

5.3 Milestone Delivery. Supplier shall deliver the Deliverables in such formats and fashion as requested by Company and otherwise in accordance with any applicable specifications, together with any documentation reasonably required by Company. Supplier shall make changes or modifications to the Deliverables to ensure the Services performed are completed in accordance with Company’s specifications. Supplier acknowledges that Company has final approval over the Deliverables and all creative elements of the same in its sole discretion.

5.4 Milestone Acceptance, Rectification. Company may evaluate each Deliverable and use commercially reasonable efforts to accept or reject it within thirty (30) days after receipt. If Company does not accept or reject within that time period, the Deliverable is deemed rejected. Supplier will fix rejected Deliverable within ten (10) days after notice of rejection from Company (“Correction Period”) at no additional fee or expense to Company. If Supplier does not fix the Deliverable within the Correction Period, Company may terminate the related SOW by giving notice to Supplier (in which case Company, without limiting its rights hereunder, will have no payment liability for any unaccepted or future milestones or Deliverables described in that SOW).

5.5 Methods and Equipment. Supplier will remain responsible for determining the methods and means for completing the Services. Supplier will determine what tools and equipment are necessary to perform the Services described in the applicable SOW and will be responsible for providing all such tools and equipment, subject to Section 10.5.

5.6 Third-Party Materials. Supplier shall be solely responsible for legal clearance of all Deliverables and Licensed Materials. Supplier shall obtain, and provide to Company upon request, proof of waiver, license, or permission for any Deliverables and Licensed Materials that includes or embodies the intellectual property or rights of others sufficient for Supplier to grant the rights granted hereunder or in any SOW. Supplier shall ensure Deliverables and Licensed Materials are individually reviewed by legal counsel and cleared for infringement of third party rights. To the extent Supplier is inspired by, uses as a reference, or in any way implicates any third party material in the course of creating the Deliverables (e.g., real-life business logos as a basis or inspiration for a created logo, existing game as a basis or inspiration for a created game, portion of existing software code sampled and/or included in submitted software code), Supplier shall disclose such material and provide a copy thereof, and Company may, in its sole discretion, conduct its own review and clearance of the Deliverables. Clearance by Company, or approval of the Deliverables, shall in no way limit Supplier’s representations and warranties set forth in this Agreement.

5.7 Generative AI Tools. Supplier shall not use any Generative AI Tools (as defined below) in connection with the creation of Deliverables or in connection with any aspect of the Services without Company’s prior written approval, which Company may grant or withhold in its sole and absolute discretion. “Generative AI Tools” means any tool or computer program that uses algorithms or technology commonly known as artificial intelligence or machine learning to create or generate content, such as, but not limited to, software code, written text, still or moving images, audio material, or other creative works based on a user’s text, image or sound prompts or other inputs. Examples of Generative AI Tools include Stable Diffusion, ChatGPT, DALL-E 2, and Midjourney. Additionally, Supplier shall not use (or permit any third party to use) Company’s intellectual property in any manner to train, enhance, or provide source material for any Generative AI Tools, regardless of any ability Supplier has to obfuscate the origin of any Generative AI Tools’ input or output.

5.8 Key Resources. Any persons listed in any SOW will constitute Supplier’s key resource(s) (each a “Key Resource”) which Supplier has proposed for the provision of Services hereunder, and which Company hereby accepts. Supplier agrees that the Key Resource(s) will provide the Services and create the Deliverables required pursuant to this Agreement and any applicable SOW(s). Supplier shall not change, remove or replace any Key Resource without the prior written approval of Company in Company’s sole discretion. The Key Resources shall perform the Services exclusively and full-time, or as otherwise may be indicated on the applicable SOW(s).

6. Ownership; Assignment of Copyright; Grant of Rights.

6.1 Ownership. The Deliverables shall be considered a “work made for hire,” as that term is defined under the United States Copyright Act, and Supplier, solely for purposes of the United States Copyright Act, shall be considered an employee for hire of the Company, and all rights therein, including the copyright thereto, shall be the sole and exclusive property of Company, as the sole author and owner thereof, and the copyright thereto may be registered by Company in its own name. If the Deliverables include any patents, copyrights, or other intellectual property rights, such rights shall be owned solely by the Company. In the event that any part of the Deliverables are determined not to be a work made for hire or are determined not to be owned by Company, such Deliverables shall become the property of Company, and Supplier hereby absolutely, irrevocably and unconditionally, in perpetuity and throughout the world, assigns and agrees to assign and transfers and agrees to transfer (and shall take all actions requested by the Company to assign and transfer), exclusively to Company the full legal title and all right, title, and interest, including copyright and all renewals and extensions of copyright, to such Deliverables as and when created. Supplier hereby irrevocably waives, and agrees never to assert, all “moral rights” and “droit moral” rights (and any similar right existing under judicial or statutory law of any country in the world, or under any treaty, regardless of whether or not such right is generally referred to as a "moral right", including without limitation rights of paternity, integrity, or attribution) that Supplier may have in the Deliverables. Supplier agrees that it shall cooperate with Company, including executing and delivering to Company such instruments of transfer or any other documents which Company may reasonably request to establish and confirm Company’s rights hereunder, and irrevocably appoints Company as its attorney-in-fact coupled with an interest to sign such documents in Supplier’s name.

6.2 Agreements With Third Parties Making Deliverables. Supplier shall execute written agreements with all persons or entities that develop the Deliverables (or any and all intellectual property incorporated in or used for development and/or design of the Deliverables). Each such written agreement shall contain (i) a “work made for hire” provision, (ii) written, signed assignments from each person or entity of all intellectual property rights embodied in or pertaining to the Deliverables (or any and all intellectual property incorporated in or used for development and/or design of the Deliverables), free and clear of any and all rights and claims by that person or entity or any third party, and (iii) waivers from each such person or entity of any right to assert any moral rights against Company with respect to the Deliverables (or any and all intellectual property incorporated in or used for development and/or design of the Deliverables). With respect to the foregoing to be contributed by Supplier and its employees, Company shall have the sole and exclusive rights to do those things set forth in section 106 of the United States Copyright Act (e.g., (a) reproduce them, (b) prepare derivative works from them, (c) distribute copies of them to the public, by sale, rental or otherwise, (d) publicly perform them and/or publicly display them).

6.3 No Additional Payments or Royalties Due. Without limiting Company’s rights set forth in this Section 6, for the avoidance of doubt, Supplier acknowledges Company has the right to, without any additional payment to Supplier or any third party, use, edit, or modify the Deliverables, and combine them with other materials, for any purpose worldwide and in perpetuity.

7. Representations; Compliance; Data; Insurance.

7.1 Authority. Company and Supplier each warrant and represent that: (i) it has (and shall at all times remain possessed of) the full right, power and authority to enter into, deliver and perform this Agreement; (ii) the execution, delivery and performance of this Agreement will not conflict with any other agreement to which it is a party; (iii) it is not presently the subject of a voluntary or involuntary petition in bankruptcy, does not presently contemplate filing any such voluntary petition, and is not aware of any intention on the part of any other person to file such an involuntary petition against it; and (iv) the person(s) executing this Agreement on its behalf has the actual authority to bind it to this Agreement.

7.2 Supplier Representations, Warranties, and Covenants. Supplier represents, warrants and covenants that (i) the Deliverables, and all portions thereof, shall be wholly the original work of Supplier, shall not be derived from any work of authorship of any third person and shall be previously unpublished; (ii) the Deliverables do not contain any property of any third party; (iii) the Deliverables shall be free from any and all claims or encumbrances; (iv) the Deliverables shall not infringe upon or violate the intellectual property rights or any other rights of any person or entity; (v) the Licensed Materials are original to Supplier and/or exclusively owned by Supplier and/or that the Supplier has, and shall have, appropriate exclusive licenses for the purpose of compliance with this Agreement, and no part of the Licensed Materials or the rights granted hereunder will violate or infringe upon the intellectual property rights or any other rights of any person or entity; (vi) Supplier will not, during the term hereof, enter into any agreement which will prevent Supplier from performing the Services hereunder; (vii) Supplier shall perform the Services in compliance with all applicable local, state, federal and foreign laws and regulations; (viii) the Services will be completed by Supplier in a timely and professional manner according to best industry practices; (ix) it is properly licensed and otherwise in full compliance with all applicable laws, rules and regulations pertaining to its business; and (x) this Agreement and any SOW(s) do not constitute a material contract for Supplier requiring disclosure (and the execution or performance of this Agreement shall not require disclosure) pursuant to the securities laws or other laws, rules or regulations of any country. If Supplier is providing Services as a registered corporate entity, Supplier further represents and warrants that (A) it is duly organized and in good standing under the laws of the jurisdiction of its incorporation or existence; (B) it has (and shall at all times remain possessed of) the full right, power, and authority to enter into, deliver, and perform this Agreement; it is duly organized and in good standing under the laws of the jurisdiction of its incorporation or existence; and (C) it is not presently the subject of a voluntary or involuntary petition in bankruptcy, does not presently contemplate filing any such voluntary petition, and is not aware of any intention on the part of any other person to file such an involuntary petition against it.

7.3 Code of Conduct. Supplier acknowledges that it has been made aware of the Company’s Supplier Code of Conduct (the “Code”), which is located at under Policies & Conduct, Supplier Code of Conduct. Supplier represents and warrants that it understands the Code, and that it is presently in compliance and will remain in compliance with the Code during the Term. Supplier further represents and warrants that it shall provide this Code to any Supplier Assistant and shall confirm such party’s compliance with the Code. Furthermore, Supplier shall notify Company immediately if Supplier becomes aware that a violation by Supplier or any other subcontractor of the standards set forth in the Code has occurred during the Term. The Code is hereby incorporated herein by reference. Company reserves the right to update and/or expand upon the Code from time to time. If the Services hereunder include creative services, Supplier agrees to abide by the Company’s Supplier Code of Conduct for Talent and Creative Service Suppliers (as provided by Company).

7.4 Anti-Bribery Laws. Supplier is aware of the requirements of the United States Foreign Corrupt Practices Act, the United Kingdom Anti-Bribery Act, and any other applicable anti-bribery law (collectively “Anti-Bribery Laws”). Supplier will not take any action that could actually or potentially violate the Anti-Bribery Laws or expose Company to actual or potential liability under the Anti-Bribery Laws. Specifically, Supplier represents and warrants that, in connection with this Agreement, Supplier and its representatives or agents have not provided and will not provide, offer or promise to provide, or authorize the provision directly or indirectly of, any money, gift, loan, service or anything of value to any government official (or any agent, employee or family member thereof), any political party or candidate for political office, or any third party, for the purpose of influencing or inducing any act, omission or decision of such government official, political party, candidate, or third party, to obtain or retain business, direct business to any person, secure any improper advantage, or encourage improper behavior.

7.5 Personal Data.

(a) To the extent that Company provides to Supplier, or Supplier otherwise accesses or processes, any information relating to an identified or identifiable Company employee, customer, or other individual in connection with this Agreement (collectively, “Personal Data”), Supplier shall comply and be fully responsible for compliance with all applicable laws relating to the use, protection, and privacy of Personal Data (“Data Protection Laws”). Supplier agrees to execute and adhere to additional data privacy and information security terms as reasonably required, in the sole judgment of Company, to comply with Data Protection Laws. Supplier represents and warrants that: (i) Supplier will use Personal Data only for the purposes of fulfilling its obligations under the Agreement; (ii) Supplier will not copy, use, maintain or disclose Personal Data for any reason other than for fulfilling its obligations under the Agreement; (iii) Supplier will ensure that Personal Data is disclosed only on a need to know basis; and (iv) Supplier will notify Company in writing before disclosing any Personal Data to any government or regulatory authorities. To the extent that the Parties have executed a Data Processing Agreement or similar privacy-related agreement (“DPA”), the provisions of the DPA shall prevail over the provisions laid out in this 7.5(a) in the event of any inconsistency, and any such DPA is hereby incorporated by reference.

(b) In addition to the insurance coverage in Section 7.6, if this Agreement involves the exchange of personal information, at all times during the Term and for one year thereafter, Supplier shall carry technology or professional liability insurance with limits of liability not less than $5,000,000 covering network security/data protection liabilities, punitive damages, data incident regulatory fines / penalties, and claim expenses arising from acts, errors and omissions, in providing or failing to provide the Services and /or products under this Agreement, in addition to any and all required/mandatory insurance requirements as may be applicable, and Company shall be named as an additional insured party. Such technology or professional liability insurance shall include coverage for loss, disclosure and theft of data in any form (including coverage for statutory damages); network security failure, including denial of service attacks and transmission of malicious code; and costs for Personal Data security incident notification, credit monitoring / identity theft protection services, and other related crisis management for up to one year. If such technology or professional liability coverage is provided on a claims-made basis, it must be maintained for two years after completion of the Services provided under this Agreement.

(c) In addition to the indemnities in Section 8, if this Agreement involves the exchange of personal information, Suppler shall defend, indemnify, save and hold harmless Company and officers, directors, agents, affiliates, parent, employees and licensees of Company from Liabilities resulting from or relating to (a) any breach by Supplier of its obligations under Data Protection Laws or any DPA, (b) Supplier (or any person acting on its behalf) acting outside or contrary to the instructions of Company in respect of the processing of Personal Data, or (c) any security incidents relating to the processing of Personal Data that arises from Supplier’s failure to comply with its privacy and data protection obligations under this Agreement, any DPA, or data protection laws.

7.6 Insurance. At all times during the Term and for one year thereafter Supplier shall carry all insurance required by law or as would be carried by a reasonably prudent business in its industry and circumstances, but in no event less than comprehensive general liability insurance and comprehensive workers liability insurance, as required by law, with limits of liability of not less than $2,000,000 per occurrence and $2,000,000 per person, excess or umbrella coverage with limits of liability not less than $1,000,000 per occurrence and $2,000,000 in the aggregate, errors and omissions or professional liability insurance with limits of liability not less than $2,000,000 per claim, employee dishonesty or crime liability insurance with limits of liability not less than $250,000 per occurrence. All carriers should have AM Best rating of at least A+ and such insurance policy shall be on a “per occurrence” basis only. All insurance carriers shall waive right of subrogation against Company and each insurance policy shall have any applicable “Insured v. Insured” exclusive amended to allow Company, as the additional insured, to bring a claim against Supplier without invalidating Supplier’s coverage under such insurance policy. Supplier shall deliver to Company a certificate of such insurance which sets forth the scope of coverage and the limits of liability and Supplier shall obtain an endorsement to the insurance policy which provides that the insurance policy may not be canceled or amended without at least 30 days’ prior written notice, and Supplier shall provide evidence of such endorsement to Company upon issuance of such endorsement.

8. Indemnification; Limitation of Liability.

8.1 Indemnification by Supplier. Supplier will defend, indemnify, save and hold harmless Company and the officers, directors, agents, affiliates, parent, employees and licensees of Company from any and all third party claims, demands, liabilities, penalties, costs or expenses, including the reasonable attorneys’ fees of Company’s selected counsel and interest (“Liabilities”), resulting from or relating to (i) Supplier’s breach or alleged breach of any obligation, representation, or warranty of the Agreement, (ii) any negligent act or omission, or alleged act or omission, by Supplier in connection with this Agreement or any willful misconduct by Supplier; (iv) Supplier’s failure to satisfy any tax obligations in connection with the Fee as required by applicable federal, state, and local law; (v) any failure to fully comply with all applicable federal, state, and local laws applicable to the Assistants (as defined below), including with respect to the terms and conditions of employment and payment of wages or compensation of any kind; (vi) any allegations by Assistants that they were employed by Company and/or misclassified as non-employees; or (vii) any determination, finding, or ruling by a federal, state, or local court, government, or administrative body or agency that Assistants were misclassified as non-employees.

8.2 Indemnification by Company. Company will defend, indemnify, save and hold harmless Supplier and the officers, directors, agents, affiliates, parent, employees and licensees of Supplier from any and all third party Liabilities, resulting from (i) Company’s breach or alleged breach of any obligation, representation, or warranty of this Agreement, or (ii) any negligent act or omission, or alleged act or omission, by Company in connection with this Agreement, or any willful misconduct by Company.


9. Notices.

Any legal notices shall be given in writing and delivered to Company’s and Supplier’s respective Notice Addresses stated on the first page of this Agreement.

10. Confidentiality; Company Materials.

10.1 Confidential Information. The parties to this Agreement recognize that, in connection with the performance of this Agreement, Company (or any Affiliates) may disclose to Supplier information about Company’s (or its Affiliates’) business or activities that Company considers proprietary and confidential. All of such proprietary and confidential information of Company (or any Affiliates) (which shall include, without limitation, all business, financial, technical and other intellectual property information of Company or any of its Affiliates, identities of customers, clients or licensees, proprietary software code, progress of development, marketing plans, third party property and information provided to Supplier by Company, such as licensed technology, and any other information whether oral or written which is not generally known or available to the public), together with the terms of this Agreement and all Deliverables (or any portion thereof) created hereunder, is hereinafter referred to as “Confidential Information.” For purposes of this Agreement, Confidential Information does not include information that: (i) is or becomes publicly known through no act or failure to act on the part of the recipient; (ii) was rightfully in the recipient’s possession prior to disclosure by the disclosing party; (iii) became rightfully known to the recipient, without confidential or proprietary restrictions, from a source other than the disclosing party; (iv) is approved by the disclosing party for disclosure without restriction, in a written document that is signed by a duly authorized officer of that party; or (v) is or was developed independently by the recipient without use of or reference to any of the Confidential Information and without violation of any confidentiality restriction. During and after the Term, Supplier agrees to maintain the confidential status for such Confidential Information, not to use any such Confidential Information for any purpose other than the purpose for which it was originally disclosed to Supplier and in the performance of this Agreement. Supplier agrees to limit access to Confidential Information to only those of its employees and agents who have a bona fide need to access the same in connection with the performance of its obligations hereunder. Supplier shall not release, disseminate, distribute, publish or otherwise disclose any of such Confidential Information to any third party or to the public, in any manner whatsoever, without Company’s express prior written consent and approval (except as provided in this Agreement). The parties hereto hereby acknowledge and agree that (i) the Company would be irreparably injured in the event of a breach by Supplier of any of its obligations under this Section 10, (ii) monetary damages would not be an adequate remedy for any such breach, and (iii) the Company shall be entitled to injunctive relief, in addition to any other remedy which it may have, in the event of any such breach. Pursuant to the Defend Trade Secrets Act of 2016, an individual shall not be held criminally or civilly liable under any federal or state trade secret law for the disclosure of a trade secret that is made (i) in confidence to a federal, state, or local government official, either directly or indirectly, or to an attorney; and (ii) solely for the purpose of reporting or investigating a suspected violation of law; or is made in a complaint or other document filed in a lawsuit or other proceeding, if such filing is made under seal. An individual who files a lawsuit for retaliation by an employer for reporting a suspected violation of law may disclose the trade secret to the attorney of the individual and use the trade secret information in the court proceeding, if the individual (i) files any document containing the trade secret under seal; and (ii) does not disclose the trade secret, except pursuant to court order.

10.2 Security Requirements. Supplier shall comply with all industry standard security measures (including with respect to personnel, facilities, hardware and software, storage and networks, access controls, monitoring and logging, vulnerability and breach detection, incident response, encryption of Personal Data while in transit and at rest and any other organizational and technical measures necessary to protect against unauthorized or accidental access, loss, alteration, disclosure or destruction of Company Source Material or Personal Data), as well as with all applicable data privacy and security laws, regulations and standards. Additionally, Supplier agrees to abide by Company’s then-current security requirements, as may be provided to Company and updated during the Term. Supplier acknowledges that any failure to comply with such requirements will constitute a material breach of this Agreement.

10.3 Company Source Material. The parties acknowledge that source code, executables, binaries, source art, ideas, concepts, story lines, scripts, artwork, or other material provided by Company hereunder (“Company Source Material”) constitutes Company’s Confidential Information. Supplier acknowledges that the information contained in Company Source Material is proprietary in nature to Company and contains valuable trade secrets and other proprietary information developed or acquired at great expense to Company. Supplier acknowledges and agrees that its access to the Company Source Material is expressly contingent upon Supplier’s compliance with Section 10.2 above. Supplier shall not develop, create or manufacture any software products derived from or otherwise using Company Source Material, and shall not reverse engineer any software, tools or other materials provided to Supplier with or as part of the Company Source Material.

10.4 Compelled Disclosure. In the event Supplier is required or asked to disclose Confidential Information by a subpoena, civil investigative demand (or similar process), order, statute, rule or other legal requirement promulgated or imposed by a court or by a judicial, regulatory, self-regulatory or legislative body, organization, agency or committee or otherwise in connection with any judicial or administrative proceeding (including, without limitation, in response to oral questions, interrogatories or requests for information or documents), Supplier shall promptly notify Company, so that Company may seek an appropriate protective order and/or waive Supplier’s compliance with the provisions of this Agreement concerning confidentiality, and in connection therewith Supplier shall cooperate with the Company, at the Company’s request and expense. If, in the absence of a protective order or the receipt of a waiver hereunder, Supplier is nonetheless legally required to disclose Confidential Information, Supplier may disclose such information without liability hereunder, provided that Supplier complies with the notice provisions of this Section 10.4.

10.5 Use and Return of Company Materials. Company may loan to Supplier one or more development kits, computers, servers, and/or other hardware or software (collectively, the “Company Materials”) for use by Supplier in the performance of its Services hereunder. Supplier shall return all Company Materials to Company, in the condition in which it was originally provided to Supplier (allowing for reasonable wear and tear), within 48 hours of the earlier of completion of Supplier’s Services hereunder, termination of the Agreement or any SOW, or upon Company’s request. In the event Supplier fails to return any Company Materials or returns the same in damaged condition, Supplier hereby agrees to remunerate Company for any unreturned Company Materials and/or any reduction in the value of any Company Materials during the time they were on loan to Supplier. If Company requires Supplier to solely use the Company Materials (e.g., for security reasons), Supplier agrees to do so.

11. Independent Contractor Status.

It is understood and agreed that Supplier shall perform the Services as an independent contractor, and that Supplier shall not be deemed to be an employee, partner, agent or representative of the Company for any purpose. Supplier further understands and agrees that: (i) Supplier is not authorized to make any representation, contract or commitment on behalf of the Company, unless specifically requested or authorized by the Company in writing; (ii) Supplier will not be eligible to participate in any benefit plans, programs, or arrangements offered, or which may in the future be offered, by Company to its employees; (iii) Supplier is responsible for Supplier’s own taxes in connection with the Fee and Company shall not be required to withhold any taxes on behalf of Supplier, however, if Supplier is providing Services as an individual (without a registered corporate entity), Supplier further understands and agrees that Company may in its discretion make certain tax payments on behalf of Supplier, which may be reflected on Supplier’s tax forms, including Form 1099; and (iv) Supplier is free to engage in other business activities and may offer services to other companies, organizations, or individuals, to the extent that such other business activities do not interfere with performance of the Services.

12. Assistants.

12.1 Supplier shall not engage or subcontract with third parties to perform any of the Services hereunder or in connection with any of the Deliverables hereunder, except with the prior express written permission by Company. Supplier shall at all times assume all responsibility for the acts and omissions of its employees, independent contractors or consultants (“Assistants”) and ensure that the Assistants comply with all applicable terms of this Agreement. Supplier agrees to defend, indemnify, and hold harmless Company for the act or omission of any Assistant engaged by Supplier that violates this Agreement as if Supplier has committed such act or omission itself. Prior to any Assistant providing any services to Company, Company reserves the right to require such Assistant to sign a notice and acknowledgment in a form acceptable to Company agreeing to be bound by the confidentiality, non-disclosure and proprietary rights terms of this Agreement. Company has no relationship with or to Assistants and Assistants are not employees, agents, consultants, representatives, assistants or independent contractors of Company. Supplier shall be fully and solely responsible for supervising the Assistants and for all work performed by the Assistants. Moreover, Supplier agrees to fully comply with all applicable federal, state, and local laws applicable to the Assistants, including with respect to the terms and conditions of employment and payment of wages or compensation of any kind. Supplier further represents and warrants that it is fully aware of any applicable legal obligations it has pursuant to California Assembly Bill 5, or to other applicable law pertaining to the classification of employees in any relevant jurisdiction, and Supplier agrees to comply with such obligations in connection with the engagement of Assistants. Upon reasonable notice to Supplier and during normal business hours, Supplier shall allow Company, either directly or through a mutually agreeable third party, to inspect its books and records and to conduct any necessary interviews to periodically verify that Supplier is in compliance with the terms of this Section 12.

12.2 Supplier acknowledges and understands that Company has a legitimate interest in protecting the safety of its own employees, and therefore Supplier shall not, without first conferring with and obtaining written permission from Company, assign any of its Assistants to perform services at Company’s premises under this Agreement if a consumer report (which Supplier shall be obligated to obtain) reveals that Supplier’s Assistant has been convicted of a felony at any time or a misdemeanor within the prior 5 year period. Notwithstanding the foregoing, nothing in this Agreement shall be construed to prevent Supplier from employing any individual whose background check yields such results, subject to applicable law.

13. Miscellaneous.

13.1 No Publicity. Without the prior written consent (email sufficing) of Company in each instance, Supplier may not use any names, logos, assets, or other content of or related to Company, Company’s products or the Deliverables for publicity or any other purposes or make external reference to Company and/or any of Company’s products and/or services, including, without limitation, by identifying Company as a client of Supplier on any Supplier website, biographic material and/or marketing material. Company may grant, withhold, or revoke approval of any such use at any time in its sole discretion.

13.2 Union Obligations. Supplier acknowledges that Company is not a signatory to any union or guild agreement and not subject to the jurisdiction of any union or guild. Supplier is solely responsible for and shall pay all sums due to any and all parties engaged by Supplier in connection with the performance of the Services, including any guild or union dues or contributions, and any health, welfare, or pension contributions. Supplier shall ensure that the Services and Deliverables will not cause Company to incur any guild or union obligations, including residuals. Supplier will not have any rights or privileges with respect to the Services or in the Deliverables as a result of Supplier’s relationship with any guild or union or as a result of performance of Services by guild or union members. Supplier shall indemnify, defend, and hold Company and the other officers, directors, agents, affiliates, parent, employees, and licensees of Company harmless from and against all Liabilities resulting from claims made by any guild or union in connection with any Services performed and/or any Deliverables delivered hereunder.

13.3 No Obligation to Exploit. Company shall be under no obligation to produce the any specific products or to make any use of the Deliverables. Supplier shall have no right to inspect or approve Company’s products or the use of the Deliverables. Supplier is not, by virtue of this Agreement, acquiring any rights whatsoever with respect to any products or services which are based upon, derivative of, inspired by or otherwise related to Company’s products, content or other intellectual property. As between Company and Supplier, all right, title and interest in and to the above is retained by Company.

13.4 Acknowledgment by Supplier. Supplier further acknowledges that (i) Supplier has had a full and fair opportunity to consult with an attorney or other representative before signing this Agreement, (ii) Supplier fully understands the contents hereof, (iii) the signing of this Agreement is voluntary and has not been coerced in any way, and Supplier is aware that this Agreement sets forth the entire agreement between the parties and that it has binding effect on Supplier, (iv) neither Company nor its affiliates or representatives have made any representations concerning this Agreement other than those contained herein, and (v) Company shall have no other obligations to Supplier other than those contained herein, except as required by law.

13.5 Severability; Survival; Remedies. If any provision of this Agreement is held invalid or unenforceable by any court of competent jurisdiction, the other provisions of this Agreement will remain in full force and effect. No waiver of either party of any provision or breach of a provision of this Agreement shall constitute a waiver of any other provision or breach of a provision of this Agreement. No party hereto shall be entitled to recover damages or to terminate this Agreement by reason of any breach by the other party of its material obligations, unless, if the breach is capable of being cured, the latter party has failed to remedy the breach within 30 days following receipt of notice thereof. Sections 6 (Ownership; Assignment of Copyright; Grant of Rights), 7 (Representations), 8 (Indemnification; Limitation of Liability), 9 (Notices), 10 (Confidentiality; Company Materials), 11 (Independent Contractor Status), and 13 (Miscellaneous) will survive termination of this Agreement. Supplier will not be entitled to, and hereby waives any right to and agrees not to assert any claim for, injunctive relief to enforce the provisions of this Agreement, and Supplier’s sole remedy for any breach by Company shall be to recover damages. Notwithstanding any termination of this Agreement, Company shall retain all rights granted to Company in the Deliverables under this Agreement. If Company has paid Supplier in advance for Deliverables that are not accepted by Company prior to any termination, Supplier shall refund the fees associated with any unapproved Deliverables.

13.6 No Excuse for Performance. Neither party will be liable for any delay or failure in performance due to acts of God, earthquake, flood, riots, fire, epidemics, strikes or threat of strikes (excluding any such strike, labor dispute or work stoppage that involves their respective employees or agents) war or terrorism where such occurrence renders it unable to perform. The affected party will immediately notify the other party of such occurrence and will use all reasonable efforts to recommence performance as soon as possible.

13.7 Successors and Assigns. This Agreement shall inure to the benefit of the successors and assigns of Company, its affiliates and representatives and constitutes the entire agreement between the parties and supersedes all other communications (written or oral) and agreements between the parties. Supplier may not assign this Agreement.

13.8 Governing Law; Venue. The validity, construction, interpretation and legal effect of this Agreement shall be governed by the laws and judicial decisions of the State of New York and the United States without giving effect to principles of conflicts of law. The parties hereto expressly agree that any action at law or in equity arising out of or relating to this Agreement shall be filed only and exclusively in the courts of the State of New York for the County of New York, or the United States District Court for the Southern District of New York. The parties hereby consent and submit to the exclusive jurisdiction and venue of such courts for the purposes of litigating any such action. Both parties irrevocably waive any objection to such jurisdiction and venue and irrevocably waive the right to seek dismissal or transfer on the grounds of lack of personal jurisdiction, improper venue, forum non-convenience or similar grounds. In any action or suit to enforce any right or remedy under this Agreement or to interpret any provision of this Agreement, the prevailing party shall be entitled to recover its costs, including reasonable attorneys’ fees.

13.9 Entire Agreement; Order of Precedence. This Agreement supersedes all prior and contemporaneous communications, whether written or oral, and constitutes the complete and exclusive understanding regarding the subject matter covered in this Agreement. If there is a conflict between any parts of this Agreement, any signed SOW, and Company’s purchase order terms and conditions not resolved by their terms, the following order of precedence will apply: (1) this Agreement, including any addenda, exhibits, and Company policies referenced herein (with these General Terms and Conditions controlling in the event of any conflict within this Agreement); (2) a signed SOW, except if this Agreement or the SOW provides that a particular section of the SOW takes precedence over a particular section of this Agreement; and (3) Company’s purchase order terms and conditions. This Agreement may be modified only by a written agreement signed by authorized representatives of both parties. Neither Company nor any Company Affiliate is bound in any way by any online or “clickthrough” terms or agreements it accepts to login to or access the Services or Deliverables and no such terms will amend this Agreement.

Security Addendum

Supplier represents, warrants, and covenants that, at a minimum, Supplier’s information safeguards will include the following measures:



Measures of pseudonymisation

Prevent data exfiltration, mitigate the effects of exfiltrated data, and ensure the privacy and integrity of personal data or other sensitive information.

Give reasonable assurance that: (1) only the minimum types and amount of data are requested to perform the Services and (2) data elements are minimized, anonymized and/or hashed, wherever applicable.

Measures for ensuring ongoing confidentiality, integrity, availability and resilience of processing systems and services

Review and update data management documentation, such as data classification, data handling, data retention and disposal annually, or when significant enterprise changes occur that could impact data protection capability.

Implement and maintain encryption or functionally equivalent technology in accordance with good industry practice.

Implement a process for encryption key management and other measures to ensure that encrypted data is not lost or irretrievable should the encryption keys become unavailable.

Processes for regularly testing, assessing and evaluating the effectiveness of technical and organizational measures in order to ensure the security of the processing

Update operating systems and applications with the latest patches. Perform periodic vulnerability scans and remediate critical vulnerabilities within reasonable timeframes.

Test the overall strength of Supplier’s organization’s defenses (technology, processes, and people) by simulating the objectives and actions of an attacker.

Conduct annual external and internal penetration testing and/or quarterly bug bounty programs and quarterly vulnerability scans, and promptly implement a corrective action plan (including timeline) to correct material issues that are identified through testing.

Measures for user identification and authorization

Track, control, prevent, and correct the use, assignment, and configuration of administrative privileges on computers, devices, networks, and applications. Perform access control reviews of enterprise assets to validate that all privileges are authorized, on a recurring schedule at a minimum annually, or more frequently. Enable multi-factor authentication (MFA) for all administrative (i.e., privileged) accounts.

Track, control, prevent, correct, and secure access to critical assets (e.g., information, resources, systems) according to the formal determination of which persons, computers, and applications have a need and right to access such critical assets based on an approved classification. Implement authentication and access controls within applications, operating systems and equipment. For all remote access, enable MFA into production environment. Where reasonably possible implement logical separation of production and other (staging/development) environments.

Measures for the protection of data during transmission

Implement a secure transmission, storage and disposal, where the encryption protocol for data in transit should be at least TLS 1.2 or later. The transfer of Confidential Information via email or any types of unencrypted channels is prohibited.

Measures for the protection of data during storage

Implement encryption at rest using at least AES-256 for all data regardless of storage location (i.e., laptops, mobile devices, servers, databases, portable media, backups).

Measures for ensuring physical security of locations at which Confidential Information is processed

Supplier shall maintain (i) secure facilities, data centers, paper files, servers, back-up systems and computing equipment including, without limitation, all mobile devices and other equipment with information storage capability; and (ii) reasonable physical security controls including, without limitation, detective controls (e.g., surveillance camera), preventive controls (e.g., Physical/Electronic entry point, locks), and deterrent controls (e.g., alarm system) to prevent unauthorized personnel to access devices, server rooms, or office space(s) where Confidential Information would be stored.

Measures for ensuring events logging

Collect, manage, and analyze logs for all access, modification, destruction, and exfiltration, and retain logs for a period of at least one year.

Measures for ensuring system configuration, including default configuration

Actively manage (inventory, track, review and correct) all hardware devices on the network so that only authorized devices are given access, and unauthorized and unmanaged devices are found and prevented from gaining access.

Actively manage (inventory, track, review and correct) all software on the network so that only authorized software is installed and can execute, and unauthorized and unmanaged software is found and prevented from installation or execution.

Establish, implement, and actively manage (track, report on, and correct) the security configuration of workstations, laptops, servers, and mobile devices using a rigorous configuration management and change control process. Remove or change all default passwords on systems and hardware prior to implementation in production. Implement automatic session timeout and account lockout for workstations, laptops, servers, and mobile devices. Implement a process to decommission or securely manage end of life systems and software. Periodically review software versions to verify software is up to date.

Measures for internal IT and IT security governance and management

Security Training and Awareness

Implement a security training program focused on current security threats. Require all personnel to complete the training during onboarding and periodically thereafter. Review and update training program and content annually, or when significant enterprise changes occur that could impact security awareness training capability. Implement a process to assess effectiveness of the program through phishing tests or assessments or other training mechanisms.

Measures for ensuring data minimization

Supplier shall limit access of Confidential Information, and provide privacy and information security training, to Supplier’s Authorized Personnel. “

Authorized Personnel

” means Supplier’s employees, agents, and personnel who have a need to know or otherwise access Confidential Information to enable Supplier to perform its obligations under the Agreement, and who are bound in writing by obligations of confidentiality sufficient to protect Confidential Information in accordance with the terms of the Agreement.

Supplier shall give reasonable assurance that only the minimum types and amount of data are requested to perform the Services.

Measures for ensuring application software security

Manage the security lifecycle of all in-house developed and acquired software in order to prevent, detect, and correct security weaknesses. Review and update application development process related documentation, such as secure application design standards, secure coding practices, and vulnerability management documents, at least annually or when significant enterprise changes occur.

Implement reasonable patching cadence to ensure production tools, servers, virtual machines, libraries, and anti-virus software are up to date.

Supplier will not introduce to Company’s or any of its affiliates’ systems or devices or use any software or code that contains any virus, malware, ransomware, keylogger, logic bomb, Trojan horse, worm, or other software routines designed to disable, erase, or otherwise harm software, hardware, or data owned or controlled.

Measures for ensuring network and endpoint security

Email and Web Browser Protections

Minimize the attack surface and the opportunities for attackers to manipulate human behavior through their interaction with web browsers and e-mail systems.

Malware Defenses

Control the installation, spread, and execution of malicious code at multiple points in the enterprise, while optimizing the use of automation to enable rapid updating of defense, data gathering, and corrective action.

Limitation and Control of Network Ports, Protocols, and Services

Manage (track, control, and correct) the ongoing operational use of ports, protocols, and services on networked devices in order to minimize windows of vulnerability available to attackers.

Secure Configurations for Network Devices

Establish, implement, and actively manage (track, report on, and correct) the security configuration of network infrastructure devices (i.e., firewalls, routers, and switches) using a rigorous configuration management and change control process. Enable firewalls rules to monitor ingress/egress traffic and deny by default all traffic except approved services required to conduct the business.

Boundary Defense

Detect, prevent, and correct the flow of information transferring networks of different trust levels with a focus on security-damaging data.

Track, control, prevent, and correct the security use of wireless local area networks (LANs), access points, and wireless client systems.