CERTICOM CERTIFICATE SUBSCRIBER AGREEMENT
IMPORTANT—PLEASE READ
THESE TERMS AND CONDITIONS CAREFULLY BEFORE APPLYING FOR, ACCEPTING, OR USING A
CERTICOM CERTIFICATE FOR YOURSELF OR ON BEHALF OF YOUR COMPANY. BY USING, APPLYING FOR, OR ACCEPTING A
CERTICOM CERTIFICATE OR BY ACCEPTING THIS AGREEMENT BY CLICKING ON “I ACCEPT”
BELOW, THE SUBSCRIBER ACKNOWLEDGES THAT
IT HAS READ THIS SUBSCRIBER AGREEMENT, THAT IT UNDERSTANDS IT, AND THAT IT
AGREES TO AND ACCEPTS THE TERMS AS PESENTED HEREIN. IF YOU (THE SUBSCRIBER) DO NOT AGREE TO THE
TERMS AND CONDITIONS OF THIS SUBSCRIBER AGREEMENT, DO NOT APPLY FOR, ACCEPT, OR
USE A CERTICOM CERTIFICATE AND CLICK “DECLINE” BELOW.
The terms and conditions set forth below constitute a binding agreement between you (the “Subscriber” or “you”) and Certicom Corporation (“Certicom”), which has its principal place of business at 5520 Explorer Drive, 4th Floor, Mississauga, ON L4W 5L1, Canada, with respect to your or your use of the Certicom digital certificate services (the “Agreement”). To receive a Certificate or use the Certicom services, you must agree to these terms and conditions. You agree that any failure to abide by these terms and conditions shall void any and all obligations of Certicom hereunder.
1.
Definitions and Interpretations
1.1.
In
this Agreement, unless the context requires otherwise, the following terms and
expressions shall have the following meanings:
”Applicant”
means the entity that applies for (or seeks renewal of) a Certificate naming it
as the Subject;
”Application
Software Vendor” means a developer of Internet browser software or other
software that displays or uses certificates and distributes root certificates,
such as KDE, Microsoft Corporation,
Mozilla Corporation, Opera Software ASA, and Red Hat, Inc.
“Certicom
CPS” or “Certificate Practice Statement” means a document setting forth the
working practices that Certicom uses to perform its certificate processes and
Repository operations, as set forth at www.certicom.com/repository and
as may be amended from time to time by Certicom in its sole and absolute
discretion.
“Confidential
Information” means all material, data, systems and other information concerning
the operation, business, projections, market goals, strategies, techniques,
financial affairs, products, services, research and development, customer and
vendor-related data, services and/or support, and intellectual property rights
of a Party that is not accessible or known to the general public. Confidential
Information shall include, but not be limited to, (a) any and all information
regarding or related to any software utilized by the Parties to create, operate
or perform their respective obligations hereunder, including, but not limited
to, all Private Keys, personal identification numbers and passwords; and (b)
any information which concerns technical details of operation of any of the Certicom
services and products offered hereunder.
“CRL”
means a certificate revocation list that contains details of Digital Signatures
that have been revoked by Certicom.
“Certificate”
means a digitally signed electronic data file (conforming to the X509 version 3
ITU standard) issued by Certicom in order to identify a person or entity
seeking to conduct business over a communications network using a Digital
Signature and which contains the identity of the person authorized to use the
Digital Signature and a copy of their Public Key, a serial number, a time
period during which the Certificate may be used and a Digital Signature issued
by Certicom. .
“Certificate
Beneficiaries” means the Subscriber, the Subject named in the Certificate, all
Application Software Vendors with whom Certicom has entered into a contract for
inclusion of its root certificate in software distributed by such Application
Software Vendors, and all Relying Parties that actually rely on such
Certificate during the period when it is valid.
“Digital
Signature” means an encrypted electronic data file which is attached to or
logically associated with other electronic data and which identifies and is
uniquely linked to the signatory of the electronic data, is created using the
signatory's Private Key and is linked in a way so as to make any subsequent
changes to the electronic data detectable.
“Effective
Date” means the date when Certicom receives the Subscriber's request for the Subscription
Service set out in the Enrollment Form and sent to Certicom via the online
registration process.
“Enrollment
Form” means an electronic form on Certicom's website completed by the
Subscriber by providing the Subscriber Data and which identifies the
requirements for the Subscription Service.
The data submitted with the Enrollment Form is considered part of this
Agreement and is incorporated herein.
“EV
Certificate” means a Certificate designed for installation within the
Subscriber’s SSL enabled web server software and for use with an SSL v3 or TLS
enabled web browser and that complies with the EV Guidelines.
“EV
Guidelines” means the official, adopted guidelines established by the
CA/Browser Forum that set forth certain minimum requirements that must be met
in order to issue EV Certificates and which are available online at http://www.cabforum.org.
“EV
Policies” means EV Certificate practices, policies and procedures, such as a
certification practice statement (CPS) and certificate policy (CP), as further
defined in Section 4 of the EV Guidelines.
“Force
Majeure Event” means, in relation to any Party any circumstances beyond the
reasonable control of that Party including without prejudice to the generality
of the foregoing any natural disaster, act or regulation of any governmental or
supra-national authority, lack or shortage of materials supplied by a third Party
(other than where such circumstances arise due to lack of reasonable planning),
war or natural emergency, accident, epidemic, fire or riot.
“Insolvency
Event” means, in respect of any company that is Party to this Agreement, that
such company has ceased to trade, been dissolved, suspended payment of its
debts or is unable to meet its debts as they fall due, has become insolvent or
gone into liquidation (unless such liquidation is for the purposes of a solvent
reconstruction or amalgamation), entered into administration, administrative
receivership, receivership, a voluntary arrangement, a scheme of arrangement
with creditors or taken any steps for its winding-up.
“Issue
Date” means the date of issue of a Certificate to the Subscriber.
“Place
of Business” means the location of any facility (such as a factory, retail
store, warehouse, etc) where the Applicant’s business is conducted.
“Private
Key” means a confidential encrypted electronic data file designed to interface
with a Public Key using the same encryption algorithm and which may be used to
create Digital Signatures, and decrypt files or messages which have been
encrypted with a Public Key.
“Public
Key” means a publicly available encrypted electronic data file designed to
interface with a Private Key using the same encryption algorithm and which may
be used to verify Digital Signatures and encrypt files or messages.
“Relying
Party” shall mean an individual or organization that acts in reliance on a
Certificate or a Digital Signature.
“Repository”
means a publicly available collection of databases for storing and retrieving
Certificates, CRLs, OCSP and other information relating to Certificates and
which may be accessed via the Certicom website.
“Server”
means the Subscriber’s server operating at the IP address identified by a
domain name provided by the Subscriber to Certicom and which is
cryptographically bound to the public key set out in the EV Certificate.
“Software”
means any software provided by Certicom to enable the Subscriber to access or
use the Subscription Service.
“SSL
Certificate” means a Certificate intended to be installed on a webserver in
order to secure online transactions over the SSL protocol.
“Subject”
means the entity identified as the Subject in the Certificate, whose identity
is unambiguously bound to a Public Key also specified in the Certificate.
“Subscriber”
means the entity named on the Enrollment Form during the online registration
process and identified as the Subject in of the Certificates issued hereunder pursuant
to this Agreement and the relevant Certificate Policies.
“Subscriber
Data” means information about the Subscriber required by Certicom to provide
the Subscription Service, including without limitation, the information set out
in the Certicom CPS which must be provided by the Subscriber on the Enrollment
Form during the online registration process.
“Subscription
Service” means the Certificate subscription services and any products
(including Certificates, Public Keys, Software, and Private Keys) and related
services.
“Subscription
Service Period” means the time period during which a Certificate remains valid
and may be used, depending on the Certificate ordered. All EV Certificates shall have a maximum
Subscription Service Period of twenty-seven (27) months.
1.2.
Subject
to Section 16, references to “indemnifying” any person against any circumstance
include indemnifying and holding that person harmless from all actions, claims,
and proceedings from time to time made against that person and all loss,
damage, payments, cost, or expenses suffered, made, or incurred by that person
as a consequence of that circumstance;
2.
Provisioning the Subscription Service
2.1.
Provided
that Certicom is able to validate, to its satisfaction, the Subscriber Data,
and that Certicom accepts a Subscriber's application for the Subscription
Service (as such application is set out in the Enrollment Form), Certicom shall
provide to the Subscriber the Subscription Service in accordance with the terms
of this Agreement and the relevant Certificate Policies. Notwithstanding the
foregoing, Certicom reserves the right to refuse a Subscriber's application at
its sole discretion and for any reason.
2.2.
Depending
on the Subscription Service selected during the enrollment process, this Agreement
may cover multiple future Certificate requests made on Subscriber’s behalf by
an authorized agent and the resulting Certificates. The terms and conditions of this Agreement
shall apply to each Certificate requested or issued regardless of when the
actual request or issuance was performed.
3.
Use of the Subscription Service
3.1.
License. Certicom
grants to Subscriber a revocable, non-exclusive, non-transferable license to
use any Certificates provided to Subscriber by Certicom in accordance with the
Subscription Service, any Digital Signature generated using the Subscriber’s
Public Key and Private Key, and any manuals or other documents relating to the
above insofar as is necessary for the Subscriber to utilize the Subscription
Service. The Subscription Service is provided by Certicom for the Subscriber's
sole use.
3.2.
Subscriber Obligations. Subscriber agrees and warrants that,
as related to and for the benefit of Certicom and, for EV Certificates, the
Certificate Beneficiaries, it shall:
(i)
use
or access the Subscription Service only for its intended purpose as set forth in the Certicom
CPS;
(ii)
install
each issued Certificate only on the server accessible at the domain name listed
on the Certificate and use each Certificate solely in compliance with all
applicable laws, solely for authorized company business, and solely in
accordance with the terms and conditions of this Agreement;
(iii)
be
responsible, at its own expense, for access to the Internet and all other
communications networks (if any) required in order to use the Subscription
Service and Certificate, and for the provision of all computer and
telecommunications equipment and software required to use the Subscription
Service, except where expressly provided otherwise herein;
(iv)
obtain
and keep in force any authorization, permission or license necessary for the
Subscriber to use the Subscription Service, except where Certicom expressly
agrees to obtain the same under the terms of this Agreement;
(v)
bind
each and every Relying Party using the Subscriber’s Certicom Certificate(s) to
the following terms:
“By relying upon a Certicom Certificate, the user agrees to be bound by the Certicom
Relying Party Agreement, which is incorporated herein in its entirety, and
which can be found at https://www.Certicom.com/repository/relying_Party.html”;
(vi)
be
responsible for the generation of any Private Key belonging to the Subscriber,
and take all reasonable measures, either by itself or through a subcontractor
(e.g. hosting provider), to maintain sole control of, keep confidential,
properly protect at all times, and ensure the proper use of the Private Key
that corresponds to the Public Key to be included in the requested Certificate,
personal identification numbers, passwords and other access information or devices
used in connection with the Subscription Service, and immediately inform Certicom
if there is any reason to believe that any of the foregoing has or is likely to
become known to someone not authorized to use it, or is being, or is likely to
be used in an unauthorized way;
(vii)
provide
accurate and complete information to Certicom at all times, both upon
requesting a Certificate and thereafter as requested by Certicom in connection
with the issuance of the Certificate, and immediately inform Certicom if any of
the Subscriber Data or information provided by the Subscriber to Certicom
ceases to remain valid or correct or otherwise changes;
(viii)
promptly
cease using an issued Certificate and its associated Private Key, and promptly
request Certicom to revoke the Certificate, in the event that: (a) any
information in the Certificate is or becomes incorrect or inaccurate, or (b)
there is any actual or suspected misuse or compromise of the Subscriber’s
Private Key associated with the Public Key listed in the Certificate;
(ix)
promptly
cease all use of the Private Key corresponding to the Public Key listed in a Certificate
upon expiration or revocation of such Certificate; and
(x)
promptly
disclose in writing to Certicom anything that constitutes a breach of, or is
inconsistent with, any of the obligations or warranties and representations in
sections 3 and 4 herein.
3.3.
Restrictions.
Subscriber agrees that, as related to and for the benefit of Certicom
and, for EV Certificates, the Certificate Beneficiaries, it shall not
(i)
modify,
license, transfer, convey or sublicense the Software or any right in the Software
to any third Party except as expressly allowed herein;
(ii)
install
and use an issued Certificate until after Subscriber has reviewed and verified
the accuracy of the data in the Certificate;
(iii)
resell
or attempt to resell (or provide in any form whether for consideration or not)
the Subscription Service (or any part of it) to any third Party and shall not
allow any third Party to use the Subscription Service without the prior written
consent of Certicom;
(iv)
use
the Subscription Service to transmit (either by sending by e-mail or uploading
using any format of communications protocol or any other method), receive
(either by soliciting an e-mail or downloading using any format of communications
protocol or any other method), view or in any other way use any information
which may be illegal, offensive, abusive, contrary to public morality,
indecent, defamatory, obscene or menacing, or which is in breach of confidence,
copyright or other intellectual property rights of any third Party, cause
distress, annoyance, denial of any service, disruption or inconvenience, send
or provide advertising or promotional material or other form of unsolicited
bulk correspondence or create a Private key which is identical or substantially
similar to any Public Key;
(v)
copy
or decompile, enhance, adapt or modify or attempt to do the same to the Certificates,
Public Keys and Private Keys, or any Digital Signature generated using any
Public Key or Private Key, or any documents or manuals relating to the same,
without the prior written consent of Certicom; or
(vi)
make
any representations regarding the Subscription Service to any third Party
except as first agreed to in writing by Certicom.
4.
Warranties and Representations
4.1.
Subscriber.
Subscriber warrants, represents and agrees, as related to and for the
benefit of Certicom and the Certificate Beneficiaries, that:
(i)
for
EV Certificate, that Applicant has exclusive control of the Domain Name listed
in the Certificate.
(ii)
that
it is not located in and will not modify, export or re-export, either directly
or indirectly, any certificates, software, hardware, technical information, or
any other certificates or technology signed by a Certicom certificate, to any
country or entity under United States restrictions or to any country or entity
subject to applicable trade sanctions. The US restricted country and persons
list is subject to change without notice from Certicom, and Subscriber must
comply with the list as it exists in fact. CERTICOM SHALL NOT BE LIABLE FOR
SUBSCRIBER’S VIOLATION OF ANY SUCH EXPORT OR IMPORT LAWS, WHETHER UNDER UNITED
STATES LAW OR FOREIGN LAW.”
(iii)
all
Subscriber Data is, and any other documents or information provided by the
Subscriber are, and will remain accurate and will not include any information
or material (or any part thereof) the accessing or use of which would be
unlawful, contrary to public interest or otherwise likely to damage the
business or reputation of Certicom in any way;
(iv)
it
will not use the Subscription Service to knowingly or intentionally spread,
upload, or distribute in any way, files that may contain viruses, corrupted
files, or any other similar software or programs that may damage the operation
of another’s computer;
(v)
it
has and will comply with all applicable consumer and other laws, regulations,
instructions and guidelines, with all relevant licenses and with all other
codes of practice which apply to the Subscriber or Certicom and that the
Subscriber has obtained all licenses and consents necessary to fully perform
its obligations under this Agreement;
(vi)
it
has full power and authority to enter into this Agreement and to perform all of
its obligations under this Agreement;
(vii)
it
shall have sole responsibility for all statements, acts and omissions which are
made under any password provided by it to Certicom;
(viii)
any
Certificate “Warranty” or other warranty described in the CPS and provided by Certicom
in connection with any Certificate is provided solely for the benefit of
Relying Parties up to the limitations specified in the CPS, and Subscriber
shall have no rights with respect thereto, including, but not limited to, any
right to enforce the terms of or make any claim under any such warranty; and
(ix)
for
EV Certificates, the individual signing or accepting this Agreement is employed
by the Subscriber or an authorized agent representing Subscriber that is
expressly authorized by Subscriber to sign this Agreement on behalf of
Subscriber.
5.
Payment Terms
5.1.
The
amount due to be paid by the Subscriber for the Subscription Service shall be
set forth during the registration process. The amount due shall be paid by the
Subscriber on or before the Issue Date.
5.2.
All
payments made by the Subscriber for the Subscription Service shall be
non-refundable except that the seller of the Certificate shall refund the
monies paid by the Subscriber if within twenty (20) business days of the Issue
Date the Subscriber has not used the Subscription Service and has, within this
period, made a written request to Certicom for revocation of the Certificate
issued to it.
6.
Revocation
Certicom
reserves the right to revoke any Certificate it has
issued to Subscriber in the event that Certicom has reasonable
grounds to believe that any of the following events has
occurred:
(i)
Subscriber
requests revocation of its Certificate;
(ii)
Subscriber
indicates that the original request for the Certificate was not authorized and
does not retroactively grant authorization;
(iii)
Certicom
obtains reasonable evidence that the Subscriber’s Private Key (corresponding to
the Public Key in the Certificate) has been compromised, or that the Certificate
has otherwise been misused, or that a personal identification number,
Private Key or password has, or is likely to become known to someone not
authorized to use it, or is being or is likely to be used in an unauthorized
way;
(iv)
Certicom
receives notice or otherwise become aware that a Subscriber violates any of its
material obligations under this Agreement or the Certicom CPS;
(v)
Subscriber
has used the Subscription Service contrary to law, rule or regulation, or Certicom
reasonably believes that the Subscriber is using the certificate, directly or
indirectly, to engage in illegal or fraudulent activity;
(vi)
Certicom
receives notice or otherwise becomes aware that a court or arbitrator has revoked
Subscriber’s right to use the domain name listed in the Certificate, or that
Subscriber has failed to renew its domain name;
(vii)
Certicom
receives notice or otherwise becomes aware of a material change in the
information contained in the Certificate;
(viii)
a
determination, in Certicom's sole discretion, that the Certificate was not
issued in accordance with the terms and conditions of the Certicom’s Policies,
including Certicom’s CPS and, for EV Certificates, the EV Guidelines;
(ix)
Certicom
determines that any of the information appearing in the Certificate is not
accurate;
(x)
Certicom
ceases operations for any reason and has not arranged for another certificate
authority to provide revocation support for the Certificate;
(xi)
for
EV Certificates, Certicom’s right to issue Certificates under the EV Guidelines
expires or is revoked or terminated [unless Certicom makes arrangements to
continue maintaining the CRL/OCSP Repository];
(xii)
Certicom’s
Private Key for Subscriber’s Certificate has been compromised;
(xiii)
there
has been, there is, or there is likely to be a violation of, loss of control
over, or unauthorized disclosure of Confidential Information relating to the
Subscription Service;
(xiv)
the
Subscriber has used the Subscription Service in violation of the intended use
as set forth in the Certicom CPS;
(xv)
Certicom
receives notice or otherwise becomes aware that Subscriber has been added as a
denied Party or prohibited person to a blacklist, or is operating from a
prohibited destination under the laws of Certicom’s jurisdiction of operation;
(xvi)
either
the Subscriber’s or Certicom’s obligations under the Certicom CPS or the
relevant Subscriber Agreement are delayed or prevented by a natural disaster,
computer or communications failure, or other cause beyond the person's
reasonable control, and as a result another person’s information is materially
threatened or compromised;
(xvii)
the
certificate was issued to persons or entities identified as publishers of
malicious software or that impersonated other persons or entities;
(xviii)
the
certificate was issued as a result of fraud or negligence;
(xix)
such additional revocation
events as Certicom publishes in its Certificate Policies; or
(xx)
the
certificate, if not revoked, will compromise the trust status of Certicom.
and
Certicom may, at its sole discretion, after revocation of the Certificate,
reissue a Certificate to Subscriber or terminate this Agreement in accordance
with the provisions of this Agreement.
7.
Confidentiality
7.1.
Neither
Party shall use any Confidential Information other than for the purpose of
performing its obligations under this Agreement or as otherwise permitted
pursuant to this Agreement. All uses of Confidential Information provided by
Subscriber, except as otherwise provided herein, are subject to the Certicom privacy
policy as set forth on the Certicom Repository.
7.2.
Each
Party shall ensure that any person to whom confidential Information is
disclosed by it complies with the restrictions set out in this section 7 as if
such person were a Party to this Agreement.
7.3.
Notwithstanding
the previous provisions of this section 7, either Party may disclose
Confidential Information if and to the extent required by law, for the purpose
of any judicial proceedings or any securities exchange or regulatory or
governmental body to which that Party is subject, wherever situated, whether or
not the requirement for information has the force of law, and if and to the
extent the information has come into the public domain through no fault of that
Party. Should a Party be required to disclose Confidential Information pursuant
to this section, the Party shall promptly give notice of such requirement to
the other Party prior to disclosing the Confidential Information.
7.4.
The
restrictions contained in this section 7 shall continue to apply to each Party
for the duration of this Agreement and for the period of 5 years following the
termination of this Agreement.
8.
Subscriber Data
8.1.
The
Subscriber acknowledges that in order to provide the Subscription Services,
some or all of the Subscriber Data shall be embedded in the issued
Certificates, and the Subscriber hereby consents, to the extent necessary in
issuing an ordered Certificate as provided for in the Certicom CPS, to the
disclosure of any and all Subscriber Data provided by the Subscriber.
8.2.
The
Subscriber hereby grants Certicom permission to examine, evaluate, process and
in some circumstances transmit to third Parties located outside the European
Union the Subscriber Data insofar as is reasonably necessary for Certicom to
provide the Certificates.
8.3.
Certicom
shall in performing its obligations under this Agreement, comply with the Data
Protection Act 1998 and any legislation or guidelines which amends or replaces
such legislation and shall take appropriate technical and organizational
measures against the unauthorized or unlawful processing of personal data and
against actual loss or destruction of or damage to such data.
9.
Intellectual Property Rights
9.1.
The
Subscriber agrees not to use the Certicom name, brand, trademarks, service
marks, logos, or any other intellectual property in any way except with the
prior written consent of Certicom.
9.2.
Except
as otherwise set forth herein, all right, title and interest in and to all, Certicom
(i) registered and unregistered trademarks, service marks and logos; (ii)
patents, patent applications, and patentable ideas, inventions, and/or
improvements; (iii) know-how; (iv) all divisions, continuations, reissues,
renewals, and extensions thereof now existing or hereafter filed, issued, or
acquired; (v) registered and unregistered copyrights including, without limitation,
any forms, images, audiovisual displays, text, software (“Certicom Intellectual
Property Rights”) are owned by Certicom or its licensors, and Subscriber agrees
to make no claim of interest in or ownership of any such Certicom Intellectual
Property Rights. Subscriber acknowledges that no title to the Certicom
Intellectual Property Rights is transferred to Subscriber, and that Subscriber
does not obtain any rights, express or implied, in the Certicom or its
licensors’ service, other than the rights expressly granted in this Agreement.
To the extent that Subscriber creates any derivative work (any work that is
based upon one or more preexisting versions of a work provided to Subscriber,
such as an enhancement or modification, revision, translation, abridgement,
condensation, expansion, collection, compilation or any other form in which
such preexisting works may be recast, transformed or adapted) such derivative
work shall be owned by Certicom and all right, title and interest in and to
each such derivative work shall automatically vest in Certicom. Certicom shall
have no obligation to grant Subscriber any right in or to any such derivative
work.
10.
Indemnification.
Subscriber shall defend, indemnify, and hold harmless Certicom, its officers,
directors, employees, and agents from and against any claims, costs, damages,
expenses, losses, legal proceedings, or other liabilities (including, without
limitation, reasonable attorneys’ fees) which are brought or threatened against
Certicom by any third Party as a result of (i) Subscriber’s negligence or
willful misconduct, (iii) any infringement of the intellectual property rights
of a third Party by Subscriber, (iv) Subscriber’s failure to disclose a
material fact related to the use or issuance of a Certificate, (v) Subscriber’s
failure to protect its Private Key, or (vi) Subscriber's breach of the
provisions of this Agreement. Certicom
will notify the Subscriber of any such claims or proceedings and keep the
Subscriber informed as to the progress of such claims or proceedings.
11.
Exclusion of Warranties
ANY SOFTWARE
PROVIDED BY CERTICOM IS PROVIDED TO SUBSCRIBER “AS IS” AND ANY USE BY SUBSCRIBER
OR A CUSTOMER OF SUBSCRIBER IS AT SUBSCRIBER’S OWN RISK. SUBSCRIBER
acknowledgeS that THE SOFTWARE May contain bugs, errors and other problems that
could cause system or other failures and data loss. CERTICOM DOES NOT
WARRANT THAT THE SOFTWARE WILL OPERATE SUBSTANTIALLY IN ACCORDANCE WITH THE
DOCUMENTATION ACCOMPANYING THE SOFTWARE. EXCEPT AS OTHERWISE PROVIDED UNDER THIS
AGREEMENT, ALL WARRANTIES EITHER EXPRESSED OR IMPLIED, INCLUDING WITHOUT
LIMITATION, WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT AND FITNESS FOR A
PARTICULAR PURPOSE, ARE HEREBY EXCLUDED TO THE FULLEST EXTENT PERMISSIBLE BY
LAW.
12.
Term and Termination
12.1.
This
Agreement shall commence on the Effective Date and shall continue for the
Subscription Service Period unless terminated earlier as allowed herein.
12.2.
Either
Party may terminate this Agreement for convenience by providing to the other twenty
(20) business days’ written notice.
12.3.
This
Agreement may be terminated forthwith or on the date specified in the notice:
(i)
by
either Party if the other commits any material breach of any term of this
Agreement and which (in the case of a breach capable of being remedied) is not
remedied within twenty (20) business days of receipt of a written request by
the other Party to remedy the same, or
(ii)
by
either Party if an Insolvency Event occurs to the other Party or the other Party
ceases to carry on its business;
(iii)
immediately
by Certicom if Certicom suspects Subscriber to have provided any false
information in connection with the validation or issuance of a Certificate or
if Certicom believes the Subscriber is engaging in practices that violate the
proper use of an issued Certificate; or
(iv)
by
Certicom in the event a Certificate is revoked in accordance with the
provisions of Section 6 or if Certicom is unable to validate, to its
satisfaction, all or part of the Subscriber Data.
13.
Consequences of Termination
If this Agreement is terminated by Certicom under Section 12 for any reason, Certicom
may (in the event that a Subscriber’s Certificate has not already been revoked)
revoke the Subscriber’s Certificate without further notice to the Subscriber
and the Subscriber shall pay any amounts due under this Agreement. There shall be no obligation to refund any
payment by the Subscriber in the event of any termination of this Agreement.
14.
Limitation of Liability
14.1.
Nothing
in this Agreement shall exclude or limit the liability of either Party for
death or personal injury resulting from the negligence of that Party or its
directors, officers, employees, contractors or agents, or in respect of fraud
or of any statements made fraudulently by either Party;
14.2.
SUBJECT
TO CLAUSE 16.1, CERTICOM’S MAXIMUM LIABILITY UNDER CONTRACT (INCLUDING BREACH
OF WARRANTY), TORT (INCLUDING NEGLIGENCE AND STRICT LIABILITY), STATUTE, OR ANY
OTHER THEORY OR CLAIM SHALL BE LIMITED TO THE AMOUNT PAID BY SUBCRIBER FOR THE SUBSCRIPTION
SERVICES REGARDLESS OF THE TYPE, AMOUNT, OR EXTENT OF ANY ACTUAL DAMAGES
SUFFERED. CERTICOM SHALL NOT BE LIABLE
FOR ANY INDIRECT, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES, INCLUDING,
WITHOUT LIMITATION, DAMAGES FOR LOST PROFITS, OPPORTUNITIES, REVENUE, SAVINGS,
GOODWILL, OR USE OR POSSESSION OF DATA, EVEN IF CERTICOM HAS BEEN APPRISED OF
THE POSSIBILITY OR THE EXISTANCE OF SUCH DAMAGES. CERTICOM DOES NOT GUARANTEE OR REPRESENT THAT
A CERTIFICATE WILL MEET SUBSCRIBER’S NEEDS, REQUIREMENTS, OR EXPECTATIONS NOR
DOES CERTICOM GUARANTEE OR REPRESENT THAT THE SUBSCRIPTION SERVICES WILL BE
UNINTERRUPTED, TIMELY, AND/OR ERROR-FREE.
THE LIMITATIONS ON LIABILITY PROVIDED HEREIN SHALL APPLY TO THE MAXIMUM
EXTENT ALLOWED UNDER THE LAW OF THE APPLICABLE JURISDICTION.
14.3.
CERTICOM
SHALL NOT BE LIABLE TO THE SUBSCRIBER FOR ANY LOSS SUFFERED BY THE SUBSCRIBER
DUE TO USE OF THE SUBSCRIPTION SERVICES OR A CERTIFICATE OUTSIDE THE
14.4.
Except
for indemnification and confidentiality obligations, neither Party may bring
any action, regardless of form, arising out of or relating to this Agreement
more than one (1) year after the cause of action has occurred.
14.5.
Subscriber’s
sole remedy for a defective Certificate shall be to have Certicom, through
commercially reasonable efforts, correct or cure any reproducible defect in the
Certificate by issuing corrected instructions, a restriction, or bypass. In the event that Certicom is unable or
unwilling to correct or cure a deformity, defect, or error with a Certificate,
Subscriber’s sole remedy shall be a refund of any amount paid for the
non-conforming or defective Certificate, provided that the Subscriber has
provided prompt notice to Certicom of any nonconformity or defect upon its
discovery. If Subscriber has made any
changes whatsoever to the Certificate, has mis-used damaged, altered, or
modified the Certificate in any manner, or fails to provide prompt notice of
the defect to Certicom, then Certicom shall not be obligated to provide any
correction, cure, or solution to the Subscriber.
15.
Force Majeure
15.1.
Neither
Party hereto shall be liable for any breach of its obligations hereunder
resulting from a Force Majeure Event.
15.2.
Each
of the Parties hereto agrees to give written notice forthwith to the other upon
becoming aware of a Force Majeure Event such notice to contain details of the
circumstances giving rise to the Force Majeure Event and its anticipated duration.
If such duration is more than twenty (20) days then the Party not in default
shall be entitled to terminate this agreement, with neither Party having any
liability to the other in respect of such termination.
15.3.
The
Party asserting a Force Majeure Event shall not be excused performance of its
obligations unaffected by such a Force Majeure Event and shall endeavor to seek
an alternative way of fulfilling its affected obligations without any
materially adverse affect on the other Party.
16.
Amendments and Waivers
16.1.
Except
as provided otherwise in this Agreement, Certicom may revise the terms and
conditions of this Agreement at any time and in its sole and absolute
discretion. Any revisions or changes
made will be binding and effective immediately upon the posting of the changes
or revisions to the Repository or upon notification to the Subscriber through
the local mail system or by email.
Subscriber agrees to periodically review the Repository in order to be
aware of any changes. Subscriber may
terminate this Agreement in accordance with Section 12 if Subscriber does not
agree to any changes made. By continuing
to use the Subscription Service or any Certificate issued under this Agreement
after any change is made, Subscriber agrees to abide by and be bound by such
changes.
16.2.
The
waiver by either Party of a breach or default of any of the provisions of this
Agreement by the other Party shall not be construed as a waiver of any
succeeding breach of the same or other provisions nor shall any delay or
omission on the part of either Party to exercise or avail itself of any right
power or privilege that it has or may have hereunder operate as a waiver of any
breach or default by the other Party.
17.
Notices
17.1.
Notices
shall be in writing, and shall be sent to the other Party marked for the
attention of the person either at the address set out in 17.2 below in the case
of Certicom, or the address of the Subscriber as provided by Subscriber during
the application process. Notices may be
sent by first-class mail or facsimile transmission provided that all facsimile
transmissions are confirmed within 12 hours by a first-class mailed copy of the
facsimile transmission. Correctly addressed notices sent by first-class mail
shall be deemed to have been delivered 48 hours after posting and correctly
directed facsimile transmissions shall be deemed to have been received 12 hours
after dispatch.
17.2.
The
address for Certicom Corporation is:
Attn:
Certificate Subscriber Agreement Administrator
Certicom Certificate Authority
Certicom Corp.
18.
Invalidity, Severability, and Survival
If
any provision of this Agreement (not being of a fundamental nature to its
operation) is judged to be invalid, illegal, or unenforceable in any respect by
a court of competent jurisdiction, the continuation in full force and effect of
the remainder of the provisions will not be prejudiced, affected, or impaired
thereby. All provisions related to the
limitation on liability, indemnification, confidentiality, intellectual
property rights, and limitation on actions shall survive the termination of
this Agreement.
19.
Entire Agreement
19.1.
This
Agreement and all documents referred to herein contain the entire and exclusive
agreement and understanding between the Parties on the subject matter of the
Agreement. This Agreement supersedes all
prior agreements, arrangements, understandings, communications,
representations, and arrangements relating thereto. Except as may be expressly included in this
Agreement, no oral or written representation, agreement, communication,
understanding, or promise related to the subject matter is given or implied
from anything previously said or written in negotiations between the Parties.
19.2.
Without
prejudice to any liability for fraudulent misrepresentation, Certicom shall not
be under any liability and Subscriber shall not have any remedy with respect to
misrepresentations or untrue statements unless, and to the extent that, the
claim is based on the breach of this Agreement.
20.
Assignment
Neither
Party may assign or transfer or purport to assign or transfer a right or
obligation under this Agreement without first obtaining the other Party's written
consent. Any attempt to assign or
transfer the rights and interests granted herein shall render the Agreement
voidable in Certicom’s sole and absolute discretion.
21.
Governing Law and Jurisdiction
This
Agreement and all matters arising from or connected with it, are governed by
and shall be construed in accordance with English law and the Parties hereby
submit to the non-exclusive jurisdiction of the English courts.
22.
Rights of Third Parties
The Certificate Beneficiaries are express third party beneficiaries of the Subscriber’s obligations contained in this Agreement. Except for the Certificate Beneficiaries, there are no other third Party shall be entitled to any rights under this Agreement which it may enter against Certicom.
ACCEPTANCE