CROWDSTRIKE TERMS AND
CONDITIONS FOR HUMIO
SELF-HOSTED PRODUCT
PLEASE READ CAREFULLY: THE INDIVIDUAL ACCEPTING THESE TERMS AND CONDITIONS ON BEHALF OF A COMPANY OR OTHER LEGAL ENTITY (“CUSTOMER” OR “YOU”), REPRESENTS AND WARRANTS THAT HE OR SHE HAS FULL AUTHORITY TO BIND THE CUSTOMER TO THIS AGREEMENT. UNLESS THE CUSTOMER HAS ANOTHER VALID AGREEMENT FOR THE PURCHASE AND USE OF THE CROWDSTRIKE-HUMIO SELF HOSTED PRODUCTS AND SERVICES, THESE TERMS AND CONDITIONS GOVERN YOUR RIGHTS TO USE THE CROWDSTRIKE-HUMIO SELF HOSTED PRODUCTS AND SERVICES. BY ASSENTING TO THESE TERMS (EITHER BY CLICKING, CHECKING A BOX, DOWNLOADING OR USING THE PRODUCT, OR PLACING AN ORDER) CUSTOMER ACCEPTS THESE TERMS AND CONDITIONS, WHICH WILL BE DEEMED A BINDING CONTRACT BETWEEN CUSTOMER AND CROWDSTRIKE, INC., A DELAWARE CORPORATION, ON BEHALF OF ITSELF AND ANY AFFILIATES PERFORMING HEREUNDER (COLLECTIVELY, “CROWDSTRIKE”). IF CUSTOMER DOES NOT AGREE TO OR CANNOT COMPLY WITH ALL THE TERMS AND CONDITIONS OR IF THE INDIVIDUAL DOES NOT HAVE AUTHORITY TO BIND THE CUSTOMER, THEN DO NOT ASSENT AND CUSTOMER WILL NOT BE AUTHORIZED TO DOWNLOAD, INSTALL, ACCESS OR USE THE PRODUCTS OR SERVICES. THESE TERMS AND CONDITIONS ARE BINDING AS OF THE EARLIEST OF THE DATE THAT CUSTOMER ACCEPTS THE TERMS AND CONDITIONS HEREIN, THE DATE SET FORTH ON AN ORDER OR THE DATE ON WHICH CUSTOMER DOWNLOADS, INSTALLS, ACTIVATES OR USES THE PRODUCT OR SERVICE.
These CrowdStrike Terms and Conditions for Humio Self-Hosted Product are a master agreement that apply to the CrowdStrike Humio Self-Hosted Product and related services. These Terms and Conditions do not apply to the Falcon Platform products or services which are governed by the CrowdStrike Terms and Conditions.
1. Updating the Terms. We may revise and update these Terms and Conditions from time to time in our sole discretion. You are expected to check this page from time to time to take notice of any changes we made, as they are binding on you. All material changes apply prospectively only. Your continued use of the CrowdStrike Humio Self-Hosted Product and related services following the posting of revised Terms of Use means that you accept and agree to the changes.
2. Definitions.
“Affiliate” means any entity that a party directly or indirectly controls (e.g., subsidiary) or is controlled by (e.g., parent), or with which it is under common control (e.g., sibling).
“Agreement” means these CrowdStrike Terms and Conditions for Humio Self-Hosted Product together with each Order.
“API” means an application program (or programming) interface.
“CrowdStrike Competitor” means a person or entity in the business of developing, distributing, or commercializing log management or Internet security products or services substantially similar to or competitive with CrowdStrike’s products or services.
“CrowdStrike Data” means the data made available to Customer during the Subscription/Order Term as part of the Humio Self-Hosted Product, including but not limited to, correlative and/or contextual data, or indicators of compromise (for example, IP addresses of threat actors/hackers).
“Customer” means as the context requires, in addition to the entity identified above, any Customer Affiliate that places an Order under these CrowdStrike Terms and Conditions, downloads, uses or accesses any Offering hereunder, or benefits from the Customer’s download or use of, or access to, an Offering.
“Customer Contractor” means any individual or entity (and in no event a CrowdStrike Competitor) that: (i) downloads, has access to, or use of a Product under this Agreement solely on behalf of and for Customer’s Internal Use, (ii) has an agreement to provide Customer (or its Affiliates) services, and (iii) is subject to confidentiality obligations covering CrowdStrike’s Confidential Information.
“Customer Contractor Services” means products, services or content developed or provided by Customer Contractors, including, but not limited to, third party applications complimentary to the Offerings, implementation services, managed services, training, technical support, or other consulting services related to, or in conjunction with, the Offerings.
“Documentation” means CrowdStrike’s end-user technical documentation included in the applicable Offering or made available at https://docs.humio.com/docs/.
“Error” means a reproducible failure of a Product to perform in substantial conformity with its applicable Documentation.
“Internal Use” means Use solely for Customer’s and, subject to the Section entitled Affiliates, Orders and Payment; Affiliates and the Section entitled Licensed Rights and Restrictions, its Affiliates’, own internal log management or information security purposes. By way of example and not limitation, Internal Use does not include any Use: (i) for the benefit of any person or entity other than Customer or its Affiliates, or (ii) in any event, for the development of any product or service. Internal Use is limited to Use by Customer’s and its Affiliates’ employees and Customer Contractors (except as set forth in the Section entitled Customer Contractors), in either event, solely on Customer’s behalf and for Customer’s benefit.
“Offerings” means any Product and Product-Related Services.
“Order” means any purchase order or other ordering document (including a statement of work) accepted by CrowdStrike or a reseller that identifies the following ordered by Customer: Offering, Offering quantity based on CrowdStrike’s applicable license metrics (e.g., amount of data the Product ingests or a user searches, number of users, size of company (based on number of employees), or number of queries), price and Subscription/Order Term.
“Personal Data” means information provided by Customer to CrowdStrike or collected by CrowdStrike from Customer used to distinguish or trace a natural person’s identity, either alone or when combined with other personal or identifying information that is linked or linkable by CrowdStrike to a specific natural person. Personal Data also includes such other information about a specific natural person to the extent that the data protection laws applicable in the jurisdictions in which such person resides define such information as Personal Data.
“Product” means the Humio self-hosted log management or similar products ordered by Customer as set forth in the relevant Order, any available accompanying APIs, any CrowdStrike Data, any Documentation and any updates or upgrades thereto that may be made available to Customer from time to time by CrowdStrike.
“Product-Related Services” means, collectively, (i) the technical support services (as provided in the technical support policy located at https://www.humio.com/EULA), (ii) training, and (iii) any other CrowdStrike services provided or sold with Products which, at the discretion of the parties, may be documented in a statement of work. Product-Related Services do not include CrowdStrike professional services (for example, incident response, investigation or forensic services).
“Subscription/Order Term” means the period of time set forth in the applicable Order during which: (i) Customer is authorized by CrowdStrike to Use the Product or Product-Related Service.
“Use” means download, install and run as applies to Product; utilize as applies to online training or technical support services; access, call, transmit data and enable data exchange as applies to APIs accompanying Product; access, download, or process with the Product in any way as applies to CrowdStrike Data; and as provided in this definition as applies to components of an Offering.
3. Affiliates, Orders and Payment.
3.1 Affiliates. Any Affiliate purchasing hereunder, or using or accessing any Offering hereunder, or benefitting from the Customer’s use of an Offering, will be bound by and comply with all terms and conditions of this Agreement. The Customer entering into these Terms and Conditions will remain responsible for Customer’s Affiliates’ acts and omissions unless Customer’s Affiliate has entered into its own Terms and Conditions with CrowdStrike.
3.2 Orders. Only those transaction-specific terms stating the Offerings ordered, quantity, price, payment terms, Subscription/Order Term, and billing/provisioning contact information (and for the avoidance of doubt, specifically excluding any pre-printed terms on a Customer or reseller purchase order) will have any force or effect unless a particular Order is executed by an authorized signer of CrowdStrike and returned to Customer (or the applicable reseller). If any such Order is so executed and delivered, then only those specific terms on the face of such Order that expressly identify those portions of this Agreement that are to be superseded will prevail over any conflicting terms herein but only with respect to those Offerings ordered on such Order. Orders are non-cancellable. Any Order through a reseller is subject to, and CrowdStrike’s obligations and liabilities to Customer are governed by, these Terms and Conditions.
3.3 Payment and Taxes. Customer will pay the fees for Offerings to a reseller or CrowdStrike as set forth in the applicable Order. Unless otherwise expressly set forth on the Order, Customer will pay the fees and amounts stated on each Order within 30 days after receipt of the applicable invoice. Except as otherwise expressly provided in this Agreement, all fees and other amounts are non-refundable. Fees are exclusive of any applicable sales, use, value added, withholding, and other taxes, however designated. Customer shall pay all such taxes levied or imposed by reason of Customer’s purchase of the Offerings and the transactions hereunder, except for taxes based on CrowdStrike’s income or with respect to CrowdStrike’s employment of its employees.
4. Licensed Rights and Restrictions.
4.1 License. Subject to Customer’s full compliance with this Agreement and receipt by CrowdStrike of all applicable fees, CrowdStrike grants Customer, under CrowdStrike’s intellectual property rights in and to the applicable Offerings, a non-exclusive, non-transferable (except as expressly provided in the Section entitled Assignment), non-sublicensable license to Use the Products in accordance with any applicable Documentation solely for Customer’s Internal Use during the applicable Subscription/Order Term. Customer’s Use is limited to the quantity in the applicable Order.
4.2 Restrictions. The rights set forth in the Section entitled License do not include any rights to, and Customer may not, with respect to any Offering (or any portion thereof): (i) employ or authorize a CrowdStrike Competitor to use or view the Offering or Documentation that is not posted on a publicly available website, or to provide management, hosting, or support for an Offering; (ii) copy (other than one backup copy), alter, publicly display, translate, create derivative works of or otherwise modify an Offering; (iii) sublicense, publish, distribute or otherwise transfer an Offering to any third party (except as expressly provided in the Section entitled Assignment); (iv) allow third parties to download, access or use an Offering (except for Customer Contractors as expressly permitted herein); (v) create public Internet “links” to an Offering or “frame” or “mirror” any Offering content on any other server or wireless or Internet-based device; (vi) reverse engineer, decompile, disassemble or otherwise attempt to derive the source code (if any) for an Offering (except to the extent that such prohibition is expressly precluded by applicable law), circumvent its functions, or attempt to gain unauthorized access to an Offering or its related systems or networks; (vii) remove or alter any notice of proprietary right appearing on an Offering; (viii) conduct any stress tests, competitive benchmarking or analysis on, or publish any performance data of, an Offering (provided, that this does not prevent Customer from comparing the Products to other products for Customer’s Internal Use); (ix) use any feature of CrowdStrike APIs for any purpose other than in the performance of, and in accordance with, this Agreement; or (x) cause, encourage or assist any third party to do any of the foregoing. Customer agrees to use an Offering in accordance with laws, rules and regulations directly applicable to Customer and acknowledges that Customer is solely responsible for determining whether a particular use of an Offering is compliant with such laws.
4.3 Installation and User Accounts. CrowdStrike is not responsible for installing Products unless Customer purchases installation services from CrowdStrike. For those Products requiring user accounts, only the single individual user assigned to a user account may access or use the Product. Customer is liable and responsible for all actions and omissions occurring under Customer’s and Customer Contractor’s user accounts for Offerings. Customer shall notify CrowdStrike if Customer learns of any unauthorized access or use of Customer’s user accounts or passwords for an Offering.
4.4 Third Party Software. CrowdStrike uses certain third party software in its Products, including what is commonly referred to as open source software. Under some of these third party licenses, CrowdStrike is required to provide Customer with notice of the license terms and attribution to the third party. See the licensing terms and attributions for such third party software that CrowdStrike uses at: https://docs.humio.com/notices/third-party-licenses.
4.5 Ownership & Feedback. The Offerings are made available for use or licensed, not sold. Except for the limited license expressly granted herein, CrowdStrike and its licensors own and retain all right, title and interest (including all intellectual property rights) in and to the Offerings. Any feedback or suggestions that Customer provides to CrowdStrike regarding its Offerings (e.g., bug fixes and features requests) is non-confidential and may be used by CrowdStrike for any purpose without acknowledgement or compensation; provided, Customer will not be identified publicly as the source of the feedback or suggestion.
4.6 Evaluation. If CrowdStrike approves Customer’s evaluation use of a CrowdStrike product (“Evaluation Product”), the terms herein applicable to Product also apply to evaluation usage of such Evaluation Product, except for the following different or additional terms: (i) the duration of the evaluation is as mutually agreed upon by Customer and CrowdStrike, provided, that either CrowdStrike or Customer can terminate the evaluation at any time upon written (including email) notice to the other party; (ii) the Evaluation Product is provided “AS-IS” without warranty of any kind, and CrowdStrike disclaims all warranties, support obligations, and other liabilities and obligations for the Evaluation Product; and (iii) Customer’s Use is limited to Internal Use by Customer employees only.
5. Customer Contractors.
5.1 Authorization. Customer authorizes CrowdStrike to give Customer Contractors the rights and privileges to the Offerings necessary to enable and provide for Customer’s use and receipt of the Customer Contractor Services. If at any time Customer revokes this authorization, Customer shall: (i) require that Customer Contractor uninstall the Product, (ii) destroy or return all copies of the Offering under its control, (iii) revoke or limit Contractor’s use of Product-Related Services, and (iv) contact CrowdStrike Support with written notice of such revocation or limitation at support@humio.com.
5.2 Disclaimer. Customer Contractors are subject to the terms and conditions in the Agreement while they are using the Offerings on behalf of Customer and Customer remains responsible for their acts and omissions during such time. Any breach by a Customer Contractor of this Agreement is a breach by Customer. CrowdStrike may make available Customer Contractor Services to Customer, for example, through an online directory, catalog, store, or marketplace. Customer Contractor Services are not required for use of the Offerings. Offerings may contain features, including API’s, designed to interface with or provide data to Customer Contractor Services. CrowdStrike is not responsible or liable for any loss, costs or damages arising out of Customer Contractor’s actions or inactions in any manner, including but not limited to, for any disclosure, transfer, modification or deletion of Customer data. Whether or not a Customer Contractor is designated by CrowdStrike as, or otherwise claims to be “certified,” “authorized,” or similarly labeled, CrowdStrike does not: (i) control, monitor, maintain or provide support for, Customer Contractor Services, (ii) disclaims all warranties of any kind, indemnities, obligations, and other liabilities in connection with the Customer Contractor Services, and any Customer Contractor interface or integration with the Offerings, and (iii) cannot guarantee the continued availability of Customer Contractor Services and related features. If Customer Contractor Services and related features are no longer available for any reason, CrowdStrike is not obligated to provide any refund, credit, or other compensation for, or related to, the Offerings.
6. Data Security and Privacy.
6.1 Personal Data. CrowdStrike may obtain Customer Personal Data in connection with carrying out the terms of this Agreement, for example, provisioning and providing Product Related Services, such as technical support. CrowdStrike processes data consistent with its Privacy Notice. To the extent CrowdStrike may be considered a processor of Customer Personal Data under applicable law, CrowdStrike’s Global Data Protection Addendum will apply.
6.2 Safeguards. CrowdStrike shall maintain appropriate technical and organizational safeguards commensurate with the sensitivity of the Personal Data processed by it on Customer’s behalf, which are designed to protect the security, confidentiality, and integrity of such Personal Data and protect such Personal Data against accidental or unlawful destruction or accidental loss, alteration, unauthorized disclosure or access.
6.3 Customer Obligations. Customer, along with its Affiliates, represents and warrants that: (i) it has a lawful basis in having CrowdStrike process the Personal Data as set forth in this Agreement; (ii) that it is and will at all relevant times remain duly and effectively authorized to instruct CrowdStrike to carry out the Offerings, and (iii) it has made all necessary disclosures, obtained all necessary consents and government authorizations required under applicable law to permit the processing and international transfer of Customer Personal Data from each Customer and Customer Affiliate, to CrowdStrike.
7. Confidentiality.
7.1 Definitions. In connection with this Agreement, each party (“Recipient”) may receive Confidential Information of the other party (“Discloser”) or third parties to whom Discloser has a duty of confidentiality. “Confidential Information” means non-public information in any form that is in the Recipient’s possession regardless of the method of acquisition that the Discloser designates as confidential to Recipient or should be reasonably known by the Recipient to be Confidential Information due to the nature of the information disclosed and/or the circumstances surrounding the disclosure. Confidential Information shall not include information that is: (i) in or becomes part of the public domain (other than by disclosure by Recipient in violation of this Agreement); (ii) previously known to Recipient without an obligation of confidentiality and demonstrable by the Recipient; (iii) independently developed by Recipient without use of Discloser’s Confidential Information; or (iv) rightfully obtained by Recipient from third parties without an obligation of confidentiality.
7.2 Restrictions on Use. Except as allowed in Section 7.3 (Exceptions), Recipient shall hold Discloser’s Confidential Information in strict confidence and shall not disclose any such Confidential Information to any third party, other than to its employees, and contractors, including without limitation, counsel, accountants, and financial advisors (collectively, “Representatives”), its Affiliates and their Representatives, subject to the other terms of this Agreement, and in each case who need to know such information and who are bound by restrictions regarding disclosure and use of such information comparable to and no less restrictive than those set forth herein. Recipient shall not use Discloser’s Confidential Information for any purpose other than as set forth in this Agreement. Recipient shall take the same degree of care that it uses to protect its own confidential information of a similar nature and importance (but in no event less than reasonable care) to protect the confidentiality and avoid the unauthorized use, disclosure, publication, or dissemination of the Discloser’s Confidential Information. Within 72 hours of Recipient becoming aware of the unauthorized use, disclosure, publication, or dissemination of the Discloser’s Confidential Information while in Recipient’s control, Recipient shall provide Discloser with notice thereof.
7.3 Exceptions. Recipient may disclose Discloser’s Confidential Information: (i) to the extent required by applicable law or regulation; (ii) pursuant to a subpoena or order of a court or regulatory, self-regulatory, or legislative body of competent jurisdiction; (iii) in connection with any regulatory report, audit, or inquiry; or (iv) where requested by a regulator with jurisdiction over Recipient. In the event of such a requirement or request, Recipient shall, to the extent legally permitted: (a) give Discloser prompt written notice of such requirement or request prior to such disclosure; and (b) at Discloser’s cost, a reasonable opportunity to review and comment upon the disclosure and request confidential treatment or a protective order pertaining thereto prior to Recipient making such disclosure. If the Recipient is legally required to disclose the Discloser’s Confidential Information as part of: (x) a legal proceeding to which the Discloser is a party but the Recipient is not; or (y) a government or regulatory investigation of the Discloser, the Discloser shall pay all of the Recipient’s reasonable and actual out of pocket legal fees and expenses (as evidenced by reasonably detailed invoices) and will reimburse the Recipient for its reasonable costs and fees of compiling and providing such Confidential Information, including, a reasonable hourly rate for time spent preparing for, and participating in, depositions and other testimony.
7.4 Destruction. Upon Discloser’s written request, Recipient shall use commercially reasonable efforts to destroy the Confidential Information and any copies or extracts thereof. However, Recipient, its Affiliates and their Representatives may retain any Confidential Information that: (i) they are required to keep for compliance purposes under a document retention policy or as required by applicable law, professional standards, a court, or regulatory agency; or (ii) have been created electronically pursuant to automatic or ordinary course archiving, back-up, security, or disaster recovery systems or procedures; provided, however, that any such retained information shall remain subject to this Agreement. Upon Discloser’s request, Recipient will provide Discloser with written confirmation of destruction in compliance with this provision.
7.5 Equitable Relief. Each party acknowledges that a breach of this Section 7 (Confidentiality) shall cause the other party irreparable injury and damage. Therefore, each party agrees that those breaches may be stopped through injunctive proceedings in addition to any other rights and remedies which may be available to the injured party at law or in equity without the posting of a bond.
8. Warranties & Disclaimer.
8.1 No Warranty for Pre-Production Versions. Any pre-production feature or version of an Offering provided to Customer is experimental and provided “AS IS” without warranty of any kind and will not create any obligation for CrowdStrike to continue to develop, productize, support, repair, offer for sale, or in any other way continue to provide or develop any such feature or Offering. Customer agrees that its purchase is not contingent on the delivery of any future functionality or features, or dependent on any oral or written statements made by CrowdStrike regarding future functionality or features.
8.2 Product Warranty. If Customer has purchased a Product, CrowdStrike warrants to Customer during the applicable Subscription/Order Term that: (i) the Product will operate without Error; and (ii) CrowdStrike has used industry standard techniques to prevent the Products at the time of delivery from injecting malicious software viruses into Customer’s computers or servers where the Products are installed. Customer must notify CrowdStrike of any warranty claim during the Subscription/Order Term. Customer’s sole and exclusive remedy and the entire liability of CrowdStrike for its breach of this warranty will be for CrowdStrike, at its own expense to do at least one of the following: (a) use commercially reasonable efforts to provide a work-around or correct such Error; or (b) terminate Customer’s license to the applicable non-conforming Product and refund the prepaid fee prorated for the unused period of the Subscription/Order Term. CrowdStrike shall have no obligation regarding Errors reported after the applicable Subscription/Order Term.
8.3 Services Warranty. CrowdStrike warrants to Customer that it will perform all Product-Related Services in a professional and workmanlike manner consistent with generally accepted industry standards. Customer must notify CrowdStrike of any warranty claim for Product-Related Services during the period the Product-Related Services are being performed or within 30 days after the conclusion of the Product-Related Services. Customer’s sole and exclusive remedy and the entire liability of CrowdStrike for its breach of this warranty will be for CrowdStrike, at its option and expense, to (a) use commercially reasonable efforts to re-perform the non-conforming Product-Related Services, or (b) refund the portion of the fees paid attributable to the non-conforming Product-Related Services.
8.4 Exclusions. The express warranties do not apply if the applicable Product or Service: (i) has been modified, except by CrowdStrike, (ii) has not been installed, used, or maintained in accordance with this Agreement or Documentation, or (iii) is non-conforming due to a failure to use an applicable Product update or upgrade. If any part of a Product or Service references websites, hypertext links, network addresses, or other third party locations, information, or activities, it is provided as a convenience only.
8.5 No Guarantee. CUSTOMER ACKNOWLEDGES, UNDERSTANDS, AND AGREES THAT CROWDSTRIKE DOES NOT GUARANTEE OR WARRANT THAT PRODUCT WILL ENABLE CUSTOMER TO FIND, LOCATE, OR DISCOVER ALL OF CUSTOMER’S OR ITS AFFILIATES’ SYSTEM THREATS, VULNERABILITIES, MALWARE, AND MALICIOUS SOFTWARE, AND CUSTOMER AND ITS AFFILIATES WILL NOT HOLD CROWDSTRIKE RESPONSIBLE THEREFOR.
8.6 Disclaimer. EXCEPT FOR THE EXPRESS WARRANTIES IN THIS SECTION 8, CROWDSTRIKE AND ITS AFFILIATES DISCLAIM ALL OTHER WARRANTIES, WHETHER EXPRESS, IMPLIED, STATUTORY OR OTHERWISE. TO THE MAXIMUM EXTENT PERMITTED UNDER APPLICABLE LAW, CROWDSTRIKE AND ITS AFFILIATES AND SUPPLIERS SPECIFICALLY DISCLAIM ALL IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE, AND NON-INFRINGMENT WITH RESPECT TO THE OFFERINGS. THERE IS NO WARRANTY THAT THE OFFERINGS WILL BE ERROR FREE, OR THAT THEY WILL OPERATE WITHOUT INTERRUPTION OR WILL FULFILL ANY OF CUSTOMER’S PARTICULAR PURPOSES OR NEEDS. THE OFFERINGS ARE NOT FAULT-TOLERANT AND ARE NOT DESIGNED OR INTENDED FOR USE IN ANY HAZARDOUS ENVIRONMENT REQUIRING FAIL-SAFE PERFORMANCE OR OPERATION. THE OFFERINGS ARE NOT FOR USE IN THE OPERATION OF AIRCRAFT NAVIGATION, NUCLEAR FACILITIES, COMMUNICATION SYSTEMS, WEAPONS SYSTEMS, DIRECT OR INDIRECT LIFE-SUPPORT SYSTEMS, AIR TRAFFIC CONTROL, OR ANY APPLICATION OR INSTALLATION WHERE FAILURE COULD RESULT IN DEATH, SEVERE PHYSICAL INJURY, OR PROPERTY DAMAGE. Customer agrees that it is Customer’s responsibility to ensure safe use of an Offering in such applications and installations. CROWDSTRIKE DOES NOT WARRANT ANY THIRD PARTY PRODUCTS OR SERVICES.
8.7 Additional Terms That May Apply. See Exhibit B for additional warranties that may apply to certain Customers.
9. Indemnification.
9.1 CrowdStrike’s Obligation. CrowdStrike shall at its cost and expense: (i) defend and/or settle any claim brought against Customer by an unaffiliated third party alleging that an Offering infringes or violates that third party’s intellectual property rights, and (ii) pay and indemnify any settlement of such claim or any damages awarded to such third party by a court of competent jurisdiction as a result of such claim; provided, that Customer: (a) gives CrowdStrike prompt written notice of such claim; (b) permits CrowdStrike to solely control and direct the defense or settlement of such claim (however, CrowdStrike will not settle any claim in a manner that requires Customer to admit liability without Customer’s prior written consent); and (c) provides CrowdStrike all reasonable assistance in connection with the defense or settlement of such claim, at CrowdStrike’s cost and expense. In addition, Customer may, at Customer’s own expense, participate in defense of any claim.
9.2 Remedies. If a claim covered under this Section occurs or in CrowdStrike’s opinion is reasonably likely to occur, CrowdStrike may at its expense and sole discretion (and if Customer’s Use of an Offering is enjoined, CrowdStrike will, at its expense): (i) procure the right to allow Customer to continue using the applicable Offering; (ii) modify or replace the applicable Offering to become non-infringing; or (iii) if neither (i) nor (ii) is commercially practicable, terminate Customer’s license or access to the affected portion of applicable Offering and refund a portion of the pre-paid, unused fees paid by Customer corresponding to the unused period of the Subscription/Order Term.
9.3 Exclusions. CrowdStrike shall have no obligations under this Section if the claim is based upon or arises out of: (i) any modification to the applicable Offering not made by CrowdStrike; (ii) any combination or use of the applicable Offering with or in any third party software, hardware, process, firmware, or data, to the extent that such claim is based on such combination or use; (iii) Customer’s continued use of the allegedly infringing Offering after being notified of the infringement claim or after being provided a modified version of the Offering by CrowdStrike at no additional cost that is intended to address such alleged infringement; (iv) Customer’s failure to use the Offering in accordance with the applicable Documentation; and/or (v) Customer’s use of the Offering outside the scope of the rights granted under this Agreement.
9.4 Exclusive Remedy. THE REMEDIES SPECIFIED IN THIS SECTION CONSTITUTE CUSTOMER’S SOLE AND EXCLUSIVE REMEDIES, AND CROWDSTRIKE’S ENTIRE LIABILITY, WITH RESPECT TO ANY INFRINGEMENT OF THIRD PARTY INTELLECTUAL PROPERTY RIGHTS.
10. Limitation of Liability.
10. 1 TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, EXCEPT FOR LIABILITY FOR ANY AMOUNTS PAID OR PAYABLE TO THIRD PARTIES UNDER SECTION 9 (INDEMNIFICATION), CUSTOMER’S PAYMENT OBLIGATIONS, AND/OR ANY INFRINGEMENT OR MISAPPROPRIATION BY ONE PARTY OF THE OTHER PARTY’S INTELLECTUAL PROPERTY RIGHTS, NEITHER PARTY SHALL BE LIABLE TO THE OTHER PARTY IN CONNECTION WITH THIS AGREEMENT OR THE SUBJECT MATTER HEREOF (UNDER ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STATUTE, TORT OR OTHERWISE) FOR ANY (A) LOST PROFITS, REVENUE, OR SAVINGS, LOST BUSINESS OPPORTUNITIES, LOST DATA, OR SPECIAL, INCIDENTAL, CONSEQUENTIAL, OR PUNITIVE DAMAGES, EVEN IF SUCH PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES OR LOSSES OR SUCH DAMAGES OR LOSSES WERE REASONABLY FORESEEABLE; OR (B) AN AMOUNT THAT EXCEEDS THE TOTAL FEES PAID OR PAYABLE TO CROWDSTRIKE FOR THE RELEVANT OFFERING DURING THAT OFFERING’S SUBSCRIPTION/ORDER TERM. THESE LIMITATIONS WILL APPLY NOTWITHSTANDING ANY FAILURE OF ESSENTIAL PURPOSE OF ANY REMEDY SPECIFIED IN THIS AGREEMENT. MULTIPLE CLAIMS SHALL NOT EXPAND THE LIMITATIONS SPECIFIED IN THIS SECTION 10.
10. 2 Additional or Different Terms That May Apply. See Exhibit B for additional or different terms related to liability that may apply to certain Customers.
11. Compliance with Laws. Each party agrees to comply with all U.S. federal, state, local and non-U.S. laws directly applicable to such party in the performance of this Agreement, including but not limited to, applicable export and import, anti-corruption and employment laws. Customer acknowledges and agrees the Offerings shall not be used, transferred, or otherwise exported or re-exported to regions that the United States and/or the European Union maintains an embargo or comprehensive sanctions (collectively, “Embargoed Countries”), or to or by a national or resident thereof, or any person or entity subject to individual prohibitions (e.g., parties listed on the U.S. Department of Treasury’s List of Specially Designated Nationals or the U.S. Department of Commerce’s Table of Denial Orders) (collectively, “Designated Nationals”), without first obtaining all required authorizations from the U.S. government and any other applicable government. Customer represents and warrants that Customer is not located in, or is under the control of, or a national or resident of, an Embargoed Country or Designated National. CrowdStrike represents and warrants that CrowdStrike is not located in, or is under the control of, or a national or resident of, an Embargoed Country or Designated National.
12. US. Government End Users.
12.1 Commercial Items. The following applies to all acquisitions by or for the U.S. government or by any U.S Government prime contractor or subcontractor at any tier (“Government Users”) under any U.S. Government contract, grant, other transaction, or other funding agreement. The Products and Documentation are “commercial items,” as that term is defined in Federal Acquisition Regulation (“FAR”) (48 C.F.R.) 2.101, consisting of “commercial computer software” and “commercial computer software documentation,” as such terms are used in FAR 12.211 and 12.212. In addition, Department of Defense FAR Supplement (“DFARS”) 252.227-7015 (Technical Data – Commercial Items) applies to technical data acquired by Department of Defense agencies. Consistent with FAR 12.211 and 12.212 and DFARS (48 C.F.R.) 227.7202-1 through 227.7202-4, the Products and Documentation are being licensed to Government Users pursuant to the terms of this license(s) customarily provided to the public as forth in this Agreement, unless such terms are inconsistent with United States federal law (“Federal Law”).
12.2 Disputes with the U.S. Government. If this Agreement fails to meet the Government’s needs or is inconsistent in any way with Federal Law and the parties cannot reach a mutual agreement on terms for this Agreement, the Government agrees to terminate its use of the Offerings. In the event of any disputes with the U.S. Government in connection with this Agreement, Section 14.3 of this Agreement shall not apply. Instead the rights and duties of the parties arising from this Agreement, shall be governed by, construed, and enforced in accordance with Federal Procurement Law and any such disputes shall be resolved pursuant to the Contract Disputes Act of 1978, as amended (41 U.S.C. 7101-7109), as implemented by the Disputes Clause, FAR 52.233-1.
12.3 Precedence. This U.S. Government rights in this Section are in lieu of, and supersedes, any other FAR, DFARS, or other clause, provision, or supplemental regulation that addresses Government rights in the Offerings, computer software or technical data under this Agreement.
12.4 Disputes with U.S. State and Municipal Governments. In the event of any disputes with United States’ State and municipal government agencies in connection with this Agreement, Section 14.3 of this Agreement shall not apply. Instead, the rights and duties of the parties arising from this Agreement, shall be governed by, construed, and enforced in accordance with the laws of the Customer’s State excluding its conflict of laws principles.
13. Suspension and Termination. This Agreement shall remain effective until termination in accordance with this Section or as otherwise specified herein. CrowdStrike may immediately suspend or revoke Customer’s license or entitlement to the Offerings if: (i) CrowdStrike believes that there is a significant threat to the security, integrity, functionality, or availability of the Offerings; (ii) Customer or Customer users are in breach of Section 4.2 (Restrictions); or (iii) Customer fails to pay CrowdStrike when undisputed fees are due; provided, however, CrowdStrike will use commercially reasonable efforts under the circumstances to provide Customer with notice and, if applicable, an opportunity to remedy such violation prior to any such suspension or revocation. Either party may terminate this Agreement upon 30 days’ written notice of a material breach by the other party, unless the breach is cured within the 30-day notice period. Upon termination of this Agreement for any reason: (a) all Customer’s licensed rights granted in this Agreement will terminate; and (b) Customer must promptly cease all use of the Offerings, un-install the Products and destroy or return the Product in Customer’s or Customer Contractor’s possession or control. Sections 2, 4.2, 7, 10, 12, 13, and 14 and all liabilities that accrue prior to termination shall survive expiration or termination of this Agreement for any reason.
14. General.
14.1 Entire Agreement. This Agreement constitutes the entire agreement between Customer and CrowdStrike concerning the subject matter of this Agreement and it supersedes all prior and simultaneous proposals, agreements, understandings, or other communications between the parties, oral or written, regarding such subject matter. It is expressly agreed that the terms of this Agreement shall supersede any terms in any procurement Internet portal or other similar non-CrowdStrike document and no such terms included in any such portal or other non-CrowdStrike document shall apply to the Offerings ordered. Any Order through a reseller is subject to, and CrowdStrike’s obligations and liabilities to Customer are governed by, this Agreement. CrowdStrike is not obligated under any reseller’s agreement with you unless an officer of CrowdStrike executes the agreement. This Agreement shall not be construed for or against any party to this Agreement because that party or that party’s legal representative drafted any of its provisions.
14.2 Assignment. Neither party may assign this Agreement without the prior written consent of the other party, except to an Affiliate in connection with a corporate reorganization or in connection with a merger, acquisition, or sale of all or substantially all of its business and/or assets. Any assignment in violation of this Section shall be void. Subject to the foregoing, all rights and obligations of the parties under this Agreement shall be binding upon and inure to the benefit of and be enforceable by and against the successors and permitted assigns.
14.3 Governing Law; Venue. Except as otherwise provided in Exhibit A (if applicable), this Agreement, and the rights and duties of the parties arising from this Agreement, shall be governed by, construed, and enforced in accordance with the laws of the State of California, excluding its conflicts-of-law principles. The sole and exclusive jurisdiction and venue for actions arising under this Agreement shall be state and federal courts in Santa Clara County, California, and the parties agree to service of process in accordance with the rules of such courts. The Uniform Computer Information Transactions Act and the United Nations Convention on the International Sale of Goods shall not apply. Notwithstanding the foregoing, each party reserves the right to file a suit or action in any court of competent jurisdiction as such party deems necessary to protect its intellectual property rights and, in CrowdStrike’s case, to recoup any payments due.
14.4 Permission to List You as a Customer. Unless you direct otherwise by sending an email to us at legal@crowdstrike.com, which direction may be given at any time, you agree that CrowdStrike may display your company name and logo (in accordance with any trademark guidelines you provide) as a CrowdStrike customer in a manner that does not suggest your use or endorsement of any specific CrowdStrike product or service.
14.5 Independent Contractors; No Third Party Rights. The parties are independent contractors. This Agreement shall not establish any relationship of partnership, joint venture, employment, franchise, or agency between the parties. No provision in this Agreement is intended or shall create any rights with respect to the subject matter of this Agreement in any third party.
14.6 Waiver, Severability & Amendments. The failure of either party to enforce any provision of this Agreement shall not constitute a waiver of any other provision or any subsequent breach. If any provision of this Agreement is held to be illegal, invalid, or unenforceable, the provision will be enforced to the maximum extent permissible so as to affect the intent of the parties, and the remaining provisions of this Agreement will remain in full force and effect. This Agreement may only be amended, or any term or condition set forth herein waived, by written consent of both parties.
14.7 Force Majeure. Neither party shall be liable for, nor shall either party be considered in breach of this Agreement due to, any failure to perform its obligations under this Agreement (other than its payment obligations) as a result of a cause beyond its control, including but not limited to, act of God or a public enemy, act of any military, civil or regulatory authority, change in any law or regulation, fire, flood, earthquake, storm or other like event, disruption or outage of communications (including an upstream server block and Internet or other networked environment disruption or outage), power or other utility, labor problem, or any other cause, whether similar or dissimilar to any of the foregoing, which could not have been prevented with reasonable care. The party experiencing a force majeure event, shall use commercially reasonable efforts to provide notice of such to the other party.
14.8 Notices. All legal notices will be given in writing to the addresses in the first introductory paragraph of this Agreement and will be effective: (i) when personally delivered, (ii) on the reported delivery date if sent by a recognized international or overnight courier, or (iii) five business days after being sent by registered or certified mail (or ten days for international mail). For clarity, Orders, POs, confirmations, invoices, and other documents relating to order processing and payment are not legal notices and may be delivered electronically in accordance with each party’s standard ordering procedures.
Exhibit A
Dispute Resolution Outside North America
If Customer’s principal office is located outside North America as indicated in the Agreement, the terms and conditions of this Exhibit shall apply to all disputes arising out of or relating to this Agreement (excluding disputes regarding the actual or alleged violation of CrowdStrike’s intellectual property rights or the collection of overdue invoices, which shall be governed by California law).
1. For ALL principal offices outside North America:
a. Choice of Law. This Agreement, and the rights and duties of the parties arising from this Agreement, shall be governed by, construed, and enforced with the laws of the State of New York, excluding its conflicts-of-law principles. The Uniform Computer Information Transactions Act and the United Nations Convention on the International Sale of Goods shall not apply.
b. Arbitration. Any dispute, claim, or controversy arising out of or relating to this Agreement or the existence, breach, termination, enforcement, interpretation, or validity of the Agreement, including the determination of the scope or applicability of this Agreement to arbitrate, (each, a “Dispute”) shall be referred to and finally resolved by arbitration under the rules and at the location identified below. The arbitral panel shall consist of three (3) arbitrators, selected as follows: each party shall appoint one (1) arbitrator; and those two (2) arbitrators shall discuss and select third arbitrator. If the two party-appointed arbitrators are unable to agree on a third arbitrator, the third arbitrator shall be selected in accordance with the applicable rules of the arbitration body. Each arbitrator shall be independent of each of the parties and shall have suitable experience and knowledge in the subject matter of the Dispute. The arbitrators shall have the authority to grant specific performance and to allocate between the parties the costs of arbitration (including service fees, arbitrator fees and all other fees related to the arbitration) in such equitable manner as the arbitrators may determine. Judgment upon the award so rendered may be entered in a court having jurisdiction or application may be made to such court for judicial acceptance of any award and an order of enforcement, as the case may be. Notwithstanding the foregoing, either party shall have the right to institute an action in a court of proper jurisdiction for preliminary injunctive relief pending a final decision by the arbitrator, provided that a permanent injunction and damages shall only be awarded by the arbitrator. The language to be used in the arbitral proceedings shall be English.
2. For ONLY principal offices within Europe, the Middle East or Africa:
Any Dispute shall be referred to and finally resolved by arbitration under the London Court of International Arbitration Rules (which Rules are deemed to be incorporated by reference into this clause) on the basis that the governing law is as follows: (a) if Customer brings an action against CrowdStrike, then the governing law is the State of New York, USA, (b) if CrowdStrike brings an action against Customer, then the governing law is the laws of England and Wales. The seat, or legal place, of arbitration shall be London, England.
3. For ONLY principal offices within Asia Pacific (including India), Australia & New Zealand:
Any Dispute shall be referred to and finally resolved by arbitration under the Rules of Conciliation and Arbitration of the International Chamber of Commerce in force on the date when the notice of arbitration is submitted in accordance with such Rules (which Rules are deemed to be incorporated by reference into this clause) on the basis that the governing law is as follows: (a) if Customer brings an action against CrowdStrike, then the governing law is the State of New York, USA, (b) if CrowdStrike brings an action against Customer, then the governing law is as follows: (i) for Customers in: (x) Asia Pacific (including India): the laws of England and Wales, (y) Australia and New Zealand: the laws of the State of New South Wales, Australia. In all cases, the seat, or legal place, of arbitration shall be Singapore.
4. For ONLY principal offices within the Americas, excluding North America:
Any Dispute shall be referred to and finally resolved by arbitration under International Dispute Resolution Procedures of the American Arbitration Association in force on the date when the notice of arbitration is submitted in accordance with such Procedures (which Procedures are deemed to be incorporated by reference into this clause) on the basis that the governing law is the law of the State of New York, USA. The seat, or legal place, of arbitration shall be New York, New York, USA.
Exhibit B
Additional or Different Terms That May Apply to Certain Customers
A. For Australian Consumers Only.
A.1. For Customers that are consumers under the Australian Consumer Law, the following provisions apply.
The benefits of the warranty in Section 8 Warranties & Disclaimer of this Agreement are in addition to any other rights and remedies in relation to the Offerings that Customer may be entitled to under Australian Consumer Law. Our goods and services come with guarantees that cannot be excluded under the Australian Consumer Law. For major failures with the service, you are entitled: (i) to cancel your service contract with us; and (ii) to a refund for the unused portion, or to compensation for its reduced value. You are also entitled to choose a refund or replacement for major failures with goods. If a failure with the goods or a service does not amount to a major failure, you are entitled to have the failure rectified in a reasonable time. If this is not done you are entitled to a refund for the goods and to cancel the contract for the service and obtain a refund of any unused portion. You are also entitled to be compensated for any other reasonably foreseeable loss or damage from a failure in the goods or service.
The warranties in this Agreement are provided by CrowdStrike, Inc. at 150 Mathilda Place, Third Floor, Sunnyvale California, USA. To file a claim under this limited warranty, Customers must contact CrowdStrike at support@crowdstrike.com. CrowdStrike shall be responsible for any costs Customer incurs in making a warranty claim under this Agreement.
A.2. For Customers that are consumers under the Australian Consumer Law, Section 12 Limited Liability shall be replaced in its entirety with the following:
TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, EXCEPT FOR LIABILITY FOR ANY AMOUNTS PAID OR PAYABLE TO THIRD PARTIES UNDER SECTION 9 (INDEMNIFICATION), CUSTOMER’S PAYMENT OBLIGATIONS, AND/OR ANY INFRINGEMENT OR MISAPPROPRIATION BY ONE PARTY OF THE OTHER PARTY’S INTELLECTUAL PROPERTY RIGHTS, NEITHER PARTY SHALL BE LIABLE TO THE OTHER PARTY IN CONNECTION WITH THIS AGREEMENT OR THE SUBJECT MATTER HEREOF (UNDER ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STATUTE, TORT (INCLUDING NEGLIGENCE), INDEMNITIES (OTHER THAN EXPRESSLY STATED IN SECTION 9 (INDEMNIFICATION)), OR OTHERWISE) FOR ANY LOST PROFITS, REVENUE, OR SAVINGS, LOST BUSINESS OPPORTUNITIES, LOST DATA, OR SPECIAL, INCIDENTAL, CONSEQUENTIAL, OR PUNITIVE DAMAGES, EVEN IF SUCH PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES OR LOSSES OR SUCH DAMAGES OR LOSSES WERE REASONABLY FORESEEABLE; OR (B) AN AMOUNT THAT EXCEEDS THE TOTAL FEES PAID OR PAYABLE TO CROWDSTRIKE FOR THE RELEVANT OFFERING DURING THAT OFFERING’S SUBSCRIPTION/ORDER TERM. THESE LIMITATIONS WILL APPLY NOTWITHSTANDING ANY FAILURE OF ESSENTIAL PURPOSE OF ANY REMEDY SPECIFIED IN THIS AGREEMENT. MULTIPLE CLAIMS SHALL NOT EXPAND THE LIMITATIONS SPECIFIED IN THIS SECTION A2.
SECTION A.2 DOES NOT SEEK TO LIMIT OR EXCLUDE THE LIABILITY OF CROWDSTRIKE OR ITS AFFILIATES IN THE EVENT OF DEATH OR PERSONAL INJURY CAUSED BY ITS NEGLIGENCE OR FOR FRAUD OR FOR ANY OTHER LIABILITY FOR WHICH IT IS NOT PERMITTED BY LAW TO EXCLUDE. TO THE EXTENT APPLICABLE, THIS PROVISION MUST BE READ SUBJECT TO THE AUSTRALIAN CONSUMER LAW.
B. For Customers Outside the United States and Australia. Some countries, states and provinces, including member states of the European Economic Area, do not allow certain exclusions or limitations of liability, therefore, the exclusions or limitation of liabilities and disclaimers of warranties in the Agreement may not fully apply to Customer if the laws directly applicable to CrowdStrike in the performance of this Agreement do not allow such terms.