BitSight Purchase Order Terms and Conditions

Last Updated: March 24, 2022

These terms and conditions (the “Terms”) govern the products and/or performance of services (referred to herein together and separately as “Products”) provided by the entity delivering the Products (hereafter, such party referred to as “Supplier”), and purchased by BitSight Technologies, Inc. and/or its affiliate(s) (together, “BitSight”) pursuant to the BitSight purchase order form or Supplier invoice or order form that references these Terms or to which these Terms are attached (the “Order,”  and together with these Terms, the “PO”).  By providing Products to BitSight or otherwise accepting a PO from BitSight, Supplier affirmatively agrees to these Terms to the exclusion of any Supplier terms and conditions except as provided in Section 9 of these Terms.

SECTION 1 – PRODUCTS
Supplier shall provide the Products specified on the Order at the prices agreed to by the parties therein.  Unless otherwise indicated on the Order, prices stated in the Order include all applicable taxes (if any and if not separately shown), including for sales, consumption or VAT, and all fees and ancillary costs (such as for packaging and transport).  BitSight’s purchase order number and specific delivery location must appear on the outside of each package and on all packing slips, invoices and allied papers, as applicable.  A packing slip must be included with each shipment and, except as expressly provided in the Order, Supplier shall pack, mark and prepare all shipments to meet the carrier’s requirements at Supplier’s expense. These Terms will become effective upon (i) Supplier’s express acceptance of the PO, (ii) Supplier’s provision of the relevant Products to BitSight, or (iii) BitSight’s payment of fees pursuant to an invoice (whichever is the earlier), and shall continue through BitSight’s acceptance of the Products, subject to termination or expiry of these Terms.  BitSight may terminate these Terms, in whole or in part, immediately upon written notice to Supplier if Supplier is in breach of its duties under these Terms.  Any provision of these Terms that contemplates performance or observance after its termination or expiration (including confidentiality, limitation of liability and indemnification provisions) will survive termination or expiration hereof.   Time is of the essence in fulfillment of the Order.  Supplier shall bear the risk of loss or damage to all goods purchased pursuant to an Order until they are received by BitSight.  Unless otherwise indicated on the Order, all work created by Supplier solely or in collaboration with others in the course of providing the Products shall automatically be BitSight’s sole property upon their creation or (in the case of copyrightable works) fixation in a tangible medium of expression, and BitSight shall own all rights, including all proprietary and intellectual property rights, title and interest.  Unless otherwise indicated on the Order, Supplier hereby assigns to BitSight all of its right, title and interest in and to all of the work and all copies thereof.

SECTION 2 – REPRESENTATIONS, WARRANTIES AND COVENANTS
Supplier represents, warrants and covenants that: (i) it has full authority to enter into these Terms, and title to the Products is free and clear; (ii) the Products will materially conform to the specifications set forth in the Order or otherwise communicated to Supplier by BitSight; (iii) it shall, and shall cause its employees, contractors, subcontractors and agents (collectively, “Supplier Personnel”) to, comply with any and all applicable laws, regulations and orders of any governmental, judicial or administrative authority that apply to or govern Supplier, the Products or performance hereunder (together, “Law(s)”); and (iv) all Products will, for a period of not less than ninety (90) days after delivery (or performance in the case of services) (“Warranty Period”), be free from defects, and perform in accordance with and conform to the requirements specified in the PO.  At no cost to BitSight, Supplier shall promptly correct and repair any defect, malfunction or non-conformity that prevents a Product from conforming and performing as warranted during the Warranty Period.  This section 2 is without prejudice to any other warranty provided by Supplier or any third party in respect of the Products and any condition, warranty or right implied by, or statutory guarantee contained in, any Law.  Supplier will comply with any other applicable Laws of any other jurisdiction relating to employment, workplace safety and human rights.  

SECTION 3 – CONFIDENTIALITY
Supplier shall keep strictly confidential all non-public, competitively sensitive and/or private information and materials of BitSight (or any of its vendors or customers) that may be obtained by Supplier in connection with its performance under the PO (“CI”), and shall exercise the same degree of care for BitSight CI as it uses to protect its own confidential information, but in any event, not less than reasonable care.  If a disclosure of CI is required by Law, Supplier shall, to the extent permitted by Law, inform BitSight as soon as reasonably practicable after Supplier becomes aware of its obligation to disclose.  Upon written request, Supplier will promptly destroy or return all CI to BitSight. 

SECTION 4 – INDEMNIFICATION
Supplier shall, at its sole expense, indemnify, defend and hold harmless BitSight, its affiliates and their respective employees, directors, officers, successors, and assigns from and against any and all third-party claims, proceedings, damages, injuries, liabilities, losses, costs, and expenses (including reasonable attorneys’ fees and litigation expenses), relating to or arising from (i) negligence or willful misconduct of Supplier or Supplier Personnel; (ii) any claim that any Product(s), or the use thereof by BitSight, infringes, misappropriates or otherwise violates any intellectual property rights or any privacy, publicity, proprietary or contract rights of a third party; (iii) death or bodily injury or damage to property attributable to Supplier or Supplier Personnel; (iv) Supplier’s failure to comply with any applicable Law; or (v) allegations of Supplier Personnel claiming they are employees of BitSight or entitled to BitSight benefits.  

SECTION 5  –  LIMITATION OF LIABILITY
EXCEPT AS STATED BELOW, THE PARTIES AGREE THAT UNDER NO CIRCUMSTANCES SHALL BITSIGHT OR ITS AFFILIATES BE LIABLE TO SUPPLIER OR ANY THIRD PARTY UNDER OR IN CONNECTION WITH THESE TERMS, IN CONTRACT OR IN TORT, OR UNDER ANY OTHER LEGAL THEORY (INCLUDING STRICT LIABILITY), FOR (I) ANY INDIRECT, PUNITIVE, SPECIAL, INCIDENTAL, CONSEQUENTIAL OR SIMILAR DAMAGES, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH CLAIM; (II) LOST PROFITS OR REVENUES; OR (III) DAMAGES THAT EXCEED, IN THE AGGREGATE, THE AMOUNTS PAID AND PAYABLE BY BITSIGHT FOR THE PRODUCT(S) GIVING RISE TO SUCH LIABILITY.  NOTHING IN THESE TERMS SHALL EXCLUDE BITSIGHT’S LIABILITY (A) FOR DEATH OR PERSONAL INJURY, (B) RESULTING FROM FRAUD, OR (C) WHICH CANNOT BE LIMITED OR EXCLUDED BY LAW.

SECTION 6 - EQUAL OPPORTUNITY EMPLOYER
Supplier shall, to the extent they apply, abide by the requirements of 41 CFR §§ 60-1.4(a), 60-300.5(a) and 60-741.5(a). These regulations prohibit discrimination against qualified individuals based on their status as protected veterans or individuals with disabilities, prohibit discrimination against all individuals based on their race, color, religion, sex, sexual orientation, gender identity, or national origin and require affirmative action to employ and advance in employment individuals without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, or disability.

SECTION 7 – ANTI-BRIBERY
Supplier represents and warrants that it (a) will not, in connection with these Terms, promise, provide or accept any improper inducements and that it will comply with all applicable anti-bribery, anti-money laundering and export and sanctions Laws; and (b) is not, nor is it owned (50% or more) or controlled by or acting on behalf of or for the benefit of, person(s): (i) included on any list of asset freeze targets published by the U.N., E.U., U.K. or United States; or (ii) organized under the laws of, or ordinarily resident in, a country or territory subject to comprehensive economic or trade sanctions imposed by the United States (currently Crimea, Cuba, Iran, N. Korea, Syria and Sudan) or a governmental instrumentality thereof.  

SECTION 8 – INSURANCE REQUIREMENTS
Supplier must obtain and maintain, at no expense to BitSight, all applicable and appropriate insurance, (including, without limitation, business, workers’ compensation, auto, errors and omissions, professional and commercial general and liability insurance) in an amount consistent with Supplier’s industry practice including, but not limited to, insurance coverage of an amount no less than that reasonably required to repair, reperform or replace the Product in the event of loss, damage, theft, or destruction. Upon these Terms becoming effective, Supplier shall provide BitSight with its then current COI naming BitSight as an additional insured on Supplier’s workers’ compensation, auto, and commercial general and liability insurance.

SECTION 9 – CONDUCT OF PERSONNEL ON SITE
To the extent Products are being provided on site at any BitSight location, Supplier agrees to (a) comply with BitSight’s COVID-19 Addendum (attached as Exhibit A); (b) comply with all BitSight safety and security regulations and (c) take all reasonable precautions to prevent injury or damage to persons or property.  Supplier agrees not to assign any employee to provide Products at a BitSight location without first performing a criminal background check, including but not limited to a Criminal Offender Record Information check, or its equivalent, and a Sexual Offender Registry Information check, or its equivalent.  No Supplier representative with a criminal history shall be assigned to work at a BitSight location without the prior written approval of BitSight’s Human Resources Department.

SECTION 10 - PROTECTION OF PERSONAL DATA
Supplier represents and warrants that it has complied with all applicable laws, including the General Data Protection Regulation (“GDPR”), in supplying any personal data to BitSight, including providing any required notices and obtaining any required consents for BitSight’s processing of such personal data.  To the extent that Supplier is providing BitSight with email and other contact information (“Leads”), it represents that all such Leads are business contacts (and not consumers) and that such leads have been collected in accordance with applicable law (including Canada's Anti-SPAM Legislation, the GDPR, and any applicable FTC guidelines) such that BitSight may legally communicate with such Leads via email and phone without the need to obtain additional consents/permissions. In addition Supplier agrees that any terms of any Lead collection tool, system or scanner shall be consistent with the rights and obligations in this paragraph and any other requirements, documents or terms and conditions that may be presented to BitSight in connection with BitSight’s use of such Lead collection tool, system or scanner are specifically null and void. Notwithstanding anything to the contrary, to the extent Supplier processes personal data on behalf of BitSight, the parties agree the Vendor Data Processing Agreement shall apply to such processing activities.

SECTION 11 – MISCELLANEOUS    
In the absence of a Contract (defined below), these Terms constitute the entire agreement of the parties with regard to its subject matter, and supersedes all previous written or oral representations, agreements and understandings between BitSight and Supplier, including prior bids, quotes or forms, except as expressly stated herein.  These Terms may not be (i) supplemented, modified, or governed by any shrink-wrap or click-wrap agreement, online terms of use, or any confirmation, acknowledgement, order form, or other sales or shipping form of Supplier (together, the “Standard Terms”), and any such terms are affirmatively rejected and shall be void and of no effect; or (ii) amended, altered, or superseded (including by the Standard Terms) other than by a written agreement signed by authorized representatives of both parties hereto covering the subject matter of these Terms (a “Contract”).  In the event of any conflict between a Contract and these Terms, the Contract shall govern.  Supplier may not assign these Terms or any right or obligation herein, absent BitSight’s prior written consent. These Terms shall bind and accrue to the benefit of the parties hereto, and their respective successors and permitted assigns.  Nothing in these Terms shall be construed to create an employer-employee, partnership, joint venture, agency or other relationship between BitSight and Supplier and/or any Supplier Personnel.  Supplier may not use or refer to the corporate names, trademarks, service marks or logos of BitSight or its affiliates or subsidiaries, in any manner for promotional purposes without the prior written consent of BitSight.  No delay or omission on the part of either party in exercising any right hereunder, nor any payment made of any amounts owed hereunder, will operate as a waiver of any right hereunder.  To the extent permitted by applicable Law, (1) these Terms and all contractual and non-contractual obligations arising out of or in connection with it shall be governed and construed in accordance with the laws of the Commonwealth of Massachusetts, without regard to conflicts of Law, and (2) the parties submit to the exclusive jurisdiction of the courts of Massachusetts, in relation to any disputes arising out of or in connection with these Terms (whether relating to contractual or non-contractual obligations).  The parties agree that the United Nations Convention on Contracts for the International Sale of Goods and the Convention on the Limitation Period in the International Sale of Goods as either may be amended from time to time, shall not apply to these Terms. These Terms do not create any rights which are enforceable by any person not a party to it.  If any provision of these Terms shall be deemed, for any reason, to be invalid or unenforceable, the remaining provisions shall continue to be valid and enforceable to the extent compatible with applicable Law. 


        
[END OF PURCHASE ORDER TERMS AND CONDITIONS]

 

EXHIBIT A
COVID-19 ADDENDUM

This COVID-19 Addendum (“Addendum”) forms part of BitSight’s Purchase Order Terms and Conditions (“Terms”). This Addendum is incorporated into and forms part of the Terms. In the event of a conflict between the Terms and this Addendum, the terms of this Addendum will control.

Supplier acknowledges that novel coronavirus (“COVID-19”) infections have been confirmed throughout the United States, and hereby agrees, represents, and warrants that it will perform the Services in accordance with the most recent guidance and protocols issued by the World Health Organization (“WHO”), the Centers for Disease Control and Prevention (“CDC”), the Massachusetts Department of Public Health (“DPH”), the NC Department of Health and Human Services (“NCH”), industry standards and any other applicable guidance and protocols for slowing the transmission of COVID-19 (the “Guidance”). 
 
Supplier further represents and warrants that (i) its employees, contractors, or any other third party providing Services in accordance with the Agreement  (collectively the “Representatives”) visiting or performing work at the BitSight facilities have been fully vaccinated (pursuant to the CDC guidelines) against COVID-19 and it will provide BitSight with proof of such vaccination status at any time upon BitSight’s request (whether before or after entry to the BitSight facilities), (ii) none of its Representative who have COVID-19 symptoms (e.g. fever, cough or shortness of breath, etc.) shall visit or perform work at the BitSight facilities and it has implemented other policies in procedures for its Representatives recommended by the Guidance aimed at preventing the transmission of COVID-19 (e.g. wearing personal protective equipment and facial coverings designed to prevent the transmission of COVID-19 whenever on-site at the BitSight facilities, hand washing, etc.),  and (iii) it will notify BitSight immediately via email to [email protected] and [email protected] if Supplier becomes aware or has reasonable reason to believe that one of its Representatives has COVID-19 after performing the Services. 

SUPPLIER FULLY UNDERSTANDS BOTH THE KNOWN AND POTENTIAL RISKS AND DANGERS OF ENTERING THE BITSIGHT FACILITIES AND HEREBY ASSUMES FULL RESPONSIBILITY FOR ANY LIABILITY OR HARM (INCLUDING RISK OF ILLNESS, BODILY INJURY, DEATH OR PROPERTY DAMAGE) TO SUPPLIER OR ITS REPRESENTATIVES (INCLUDING DUE TO BITSIGHT'S NEGLIGENCE) RESULTING FROM OR RELATING TO COVID-19 AND BITSIGHT SHALL HAVE NO LIABILITY TO SUPPLIER OR ITS REPRESENTATIVES FOR THE SAME.