This Master Training Services Agreement (“Agreement”) is made and entered into by and between The Escal Institute of Advanced Technologies, Inc. /dba SANS Institute, with a principal place of business at 11200 Rockville Pike, Suite 200, North Bethesda, MD 20852 (“SANS”) and Customer (“Customer”). SANS and Customer may be referred to individually as a "Party" and together as the "Parties”. By providing payment for SANS-provided training, product, and/or service, Customer agrees to be bound by the terms of this Agreement.
The following Addendums are attached and incorporated into this Agreement:
Addendum A – Cyber Security Training
Addendum B – Security Awareness Training
Addendum C – Private Class Training
Addendum D – Cyber Range Tournament
Addendum E – Cyber Attack Simulation Training
Addendum F – Voucher Account
1. DEFINITIONS
1.1. Affiliate means any entity, individual, firm, or corporation, directly or indirectly, through one or more intermediaries, controlling, controlled by, or under common control with Customer.
1.2. Applicable Data Protection Legislation means any data protection regulation that may apply in the context of the Agreement, including, where applicable, (i) the Regulation (EU) 2016/679 on the protection of natural persons with regard to the processing of Personal Data and on the free movement of such data (“GDPR”) and the laws and regulations adopted to implement the GDPR, (ii) the U.K. General Data Protection Act, (iii) the California Consumer Privacy Act and (iv) any other laws or regulations relating to the Processing, as defined in Addendum B, of Personal Data.
1.3. Confidential Information means any information that is proprietary or confidential to a Party and either marked as confidential or identified as such to the other Party, including, but not limited to, business or technical data or know-how, customer and prospective customer lists, secrets, ideas, concepts, designs, drawings, flow charts, diagrams, financials, and other intellectual property, in whatever form including, documented information, machine readable or interpreted information transmitted in any form including, in writing, orally, or visually. Any abstracts, summaries or compilations are included in this definition of Confidential Information. For avoidance of doubt, Confidential Information includes details of SANS training courses or exams, pricing, courseware, user information, and the business relationship between the Parties.
1.4. Disclosing Party means the Party that discloses its Confidential Information to the Receiving Party under this Agreement.
1.5. GIAC means Global Information Assurance Certification.
1.6. Personal Data means any information relating to an identified or identifiable natural person. An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.
1.7. PO means a purchase order used to facilitate invoicing and/or payment only.
1.8. Price Quote means the document that details the Training being provided to the Customer by SANS, as well as, if applicable, the quantities and price of such Training, subscription term, and the payment terms.
1.9. Products means the products to be provided by SANS to Customer as set forth in a Price Quote or Statement of Work.
1.10. Receiving Party means the Party that receives Confidential Information of the Disclosing Party under this Agreement.
1.11. SANS IP means any and all domestic and international rights in and to (i) registered or unregistered trademarks, service marks, social media handles and associated accounts, hashtags, internet domain names, together with the goodwill associated therewith, (ii) patents, patent disclosures, patentable subject matter, inventions, any improvements or modifications thereof or know-how; (iii) registered or unregistered copyright, copyrightable works, derivative works thereof, including any copyrights moral rights, and other sui generis rights in and to any of the foregoing; (iv) trade secrets including without limitation any customers, market strategy, sales initiatives and costs; (v) to the extent permitted by applicable law, other proprietary intellectual property (of every kind and nature and however designated), whether arising by operation of law, contract, license or otherwise, worldwide (including moral rights); and (vi) all registrations, applications, renewals, extensions, continuations, continuations-in-part, divisions or reissues of the foregoing now or hereafter in force or hereafter acquired or adopted. For the avoidance of doubt, “SANS IP” includes the Training and associated course materials, storyboards, scripts, educational material in any format, and GIAC test exam questions.
1.12. Services means the services to be performed by SANS for Customer as described herein or as set forth in a Price Quote or SOW.
1.13. Specifications means any characteristics, features, descriptions, criteria, scope, capabilities, standards, and/or requirements for the Services as described herein and/or in an applicable Price Quote or SOW.
1.14. Statement of Work or SOW means a mutually agreed statement of Services to be performed by SANS for Customer under a Price Quote.
1.15. Training means the SANS provided cybersecurity training, GIAC exams or other Products and Services as detailed in a Price Quote, SOW or User registration and provided in accordance with this Agreement. Training includes the training services provided in any Addendums to this Agreement.
1.16. User means an individual person who Customer has named and who will access or attend Training.
2. SANS RESPONSIBILITIES
2.1. Services. SANS will provide, perform, and/or deliver all Training and/or other Products and Services to Customer in accordance with Specifications. In the event of a conflict between the terms of this Agreement and the Price Quote, SOW, or other applicable addendums, or exhibits, the terms of this Agreement shall govern.
2.2. Compliance with Laws. In connection with its obligations under this Agreement, SANS agrees to comply with all federal, state, and local laws, constitutions, codes, statutes and ordinances of any governmental authority that may be applicable to SANS, its activities under this Agreement, including all applicable sanctions and export control laws and regulations.
3. SUBSIDIARY AUTHORITY
3.1. Provision Products and Services. Notwithstanding any other provision of this Agreement, it is expressly understood and agreed that wholly owned subsidiaries of The Escal Institute of Advanced Technologies, Inc. ("Parent") are authorized to engage in the provision of Products and Services under this Agreement. that are related to the scope of this Agreement, including any Price Quote, SOW or orders issued thereunder.
3.2. Transfer of Rights. In such instances, any wholly owned subsidiary of Parent providing the Products and Services shall be deemed a Party to this Agreement. The participating subsidiary shall assume all rights, obligations, and duties ascribed to the Parent under this Agreement, and shall be bound by the terms and conditions herein, to the same extent as the Parent.
3.3. Local Currency. To ensure compliance with local financial and regulatory requirements, In jurisdictions where the Parent has a subsidiary, and Products and Services are consumed in such jurisdictions, it is agreed that the relevant subsidiary will undertake the provision of Products and Services and will issue all Price Quotes or invoices for such Products and Services in the local currency of that jurisdiction.
3.4. Obligations of Parent. Notwithstanding the foregoing, it is further understood that this Section 3 does not relieve the Parent of any of its obligations under this Agreement. The Parent remains fully liable and responsible for the performance of all its obligations under this Agreement, irrespective of the participation of its subsidiaries.
4. INTELLECTUAL PROPERTY RIGHTS
4.1. Customer acknowledges that SANS or its licensors are the sole and exclusive owners or licensees of the SANS IP, including any improvements and enhancements thereto and derivations thereof. Nothing in this Agreement transfers any ownership interests in the SANS IP to Customer. In addition, nothing in this Agreement grants Customer any right to license or sell any SANS IP to any third parties.
4.2. Customer may not: (i) except as expressly provided in this Agreement, use, copy, modify, translate, or merge any such SANS IP or create derivative works therefrom; (ii) disable or circumvent any SANS licensing control feature in SANS IP; (iii) reverse-engineer, disassemble, or decompile SANS IP, or otherwise attempt to access or determine its underlying source code, underlying user interface techniques or algorithms, or permit any such actions; (iv) distribute, lend, sublicense, rent or lease SANS IP; and/or (v) attempt to build a competitive service or product to SANS IP, or copy any feature, function or graphic for competitive purposes.
5. TERM AND TERMINATION
5.1. Term. Unless terminated earlier as described elsewhere herein, this Agreement will become effective as of the Effective Date set forth above and will continue until the termination of all applicable Price Quote(s) or SOW(s), as applicable (“Term”).
5.2. Termination.
5.2.1. Without Cause. Either Party may terminate this Agreement or any Price Quote, in whole or in part, for any reason upon sixty (60) days prior written notice to the other Party.
5.2.2. For Breach. If either Party materially breaches this Agreement, the other Party may terminate this Agreement upon thirty (30) days prior written notice to the breaching Party of such material breach, provided that the breaching Party has not cured such material breach by the end of the thirty (30) day period.
5.2.3. Immediate. Either Party may terminate this Agreement immediately upon written notice to the other Party in the event the other Party: (a) becomes insolvent; (b) makes an assignment for the benefit of creditors; (c) files a voluntary bankruptcy petition; (d) acquiesces to any involuntary bankruptcy petition; (e) is adjudicated bankrupt; or (f) ceases to do business.
5.3. Effect of Termination. In the event of termination, Customer shall pay SANS for all Training received as well as other Products received or Services performed by SANS up to the date of termination, as well as all fees accrued prior to the date of termination.
5.4. Survivability. Sections 3 (Subsidiary Authority), 4 (Intellectual Property Rights), 5 (Term and Termination), 7 (Audit), 8 (Confidentiality), 9 (Data Privacy), 10 (Data Protection), 12 (Indemnification), 13 (Intellectual Property Indemnification), 14 (Disclaimer Of Warranty and Limitation Of Liability), 18 (Governing Law, Disputes) and 20.7 (Customer PO to Facilitate Payment Only) will survive the termination or expiration of this Agreement.
6. ORDERS AND PAYMENT TERMS
6.1. Order Placement and Processing. Customer shall order Products and Services, including Training, from SANS using a Price Quote. All orders are subject to acceptance by SANS. SANS shall notify Customer in writing if SANS rejects an order.
6.2. Purchase Orders. A PO must reference this Agreement. POs are for facilitating invoicing and payment only. SANS expressly rejects any additional or different terms and conditions which appear on a PO.
6.3. Price Quote. Customer may request changes to a Price Quote by providing written notice to SANS. Any changes to a Price Quote must be mutually agreed to in writing in an amended Price Quote. SANS will implement the changes and Customer will pay for any additional charges for changes as agreed to in the Price Quote.
6.4. Payment Terms. Customer agrees to make all payments in the currency set forth in a SANS’ invoice. Customer shall remit payment to SANS within thirty (30) days from receipt of SANS’ invoice or as otherwise set forth in a Price Quote or SOW.
6.5. Upfront Payment. Except as otherwise set forth in the Price Quote or SOW, Customer will be invoiced for one hundred percent (100%) of the retail price for all Products or Services as identified in the Price Quote.
6.6. Payment Forms. The acceptable payment forms are as set forth in a SANS’ invoice, the Customer is responsible for any applicable fees associated with the payment form.
6.7. Taxes. Customer and/or its Affiliates shall be liable for all sales, use, value added, duties, tariffs or other similar taxes of any nature whatsoever associated with the provision of Training or other products or services provided under this Agreement.
6.8. Tax Exemption Certificate. In order to be granted tax-exempt status, Customer shall provide SANS with a copy of all applicable tax exemption certificates and other documentation required by SANS. Customer will be billed for all applicable taxes and will be responsible for their payment until such time as SANS has ceased billing the applicable taxes. SANS is not liable for refunding the amount of the taxes paid by Customer. Customer is responsible for seeking refunds for such taxes from the appropriate taxing authority.
7. AUDIT
During the Term, SANS will keep true and accurate books and records relating to this procurement (collectively, “Records”). Records will include such information necessary for the Customer to verify the accuracy of the invoicing, billing, and payments in connection with the ordered Products and Services, but not the underlying costs and financial data used in calculating the same. At the Customer’s reasonable request, SANS will provide access to the Records, as necessary, to verify the fees and other amounts charged to the Customer, which shall be accomplished through electronic means.
8. CONFIDENTIALITY
8.1. The Receiving Party may be given Confidential Information from the Disclosing Party in order to perform its obligations under this Agreement. The Receiving Party will protect the confidentiality of the Disclosing Party’s Confidential Information during the Term of this Agreement and indefinitely thereafter by (a) using the same means it uses to protect its own Confidential Information, but in any event, not less than reasonable means, and (b) using the Disclosing Party’s Confidential Information solely in connection with this Agreement. The Receiving Party shall not copy or disclose this Agreement and the Disclosing Party’s Confidential Information except to those employees, officers, directors, subcontractors, agents, or affiliated entities of the Receiving Party (“Representatives”) who have a need to know such Confidential Information as required in connection with this Agreement; provided, such Representatives are advised of and agree to abide by the confidentiality obligations set forth in this Agreement. Compliance by Representatives with the confidentiality and use obligations in this Agreement will remain the responsibility of Receiving Party, and both Receiving Party and Representatives shall be liable for any breach of this Agreement by Representatives.
8.2. Confidential Information will not include any information or data which:
8.2.1. was rightfully in the Receiving Party or its Representatives’ possession prior to receipt from the Disclosing Party;
8.2.2. becomes rightfully available to the Receiving Party or its Representatives from a source other than the Disclosing Party who is free to lawfully disclose such information to the Receiving Party;
8.2.3. is independently developed by the Receiving Party or its Representatives, without the use of the Disclosing Party's Confidential Information; or
8.2.4. is legally required to be disclosed to a regulatory agency or pursuant to an order of a court of competent jurisdiction, provided that, where permissible, the Disclosing Party be given an opportunity to seek a protective order.
8.3. Government Entity Disclosure: Notwithstanding the foregoing, in the event SANS, as the Disclosing Party, identifies its information as Confidential Information, and Receiving Party is a government entity and can demonstrate that SANS’ Confidential Information would otherwise be public information based upon governing laws, then prior to public disclosure, the Receiving Party, as a government entity, shall provide SANS written notice demonstrating SANS’ Confidential Information would otherwise be public information based upon governing laws.
9. PRIVACY
In accordance with SANS’ Privacy Policy, all information collected from a User related to Training taken from SANS will be kept confidential except as may be disclosed (i) as permitted by applicable law, (ii) as consented to by the User, or (iii) to Customer as the sponsor of User’s training at SANS. Please see SANS’s Privacy Policy for additional information (https://www.sans.org/privacy/).
10. DATA PROTECTION
Each Party undertakes to comply on their own with Applicable Data Protection Legislation, exercising individual's rights, conducting impact assessments, taking commercially reasonable efforts to prevent and manage data breaches appropriately, maintaining confidentiality, limiting the processing to the Products or Services delivered under this Agreement, maintaining the ability to demonstrate compliance with Applicable Data Protection Legislation, implementing appropriate data retention procedures and adhering to data transfer requirements, and maintaining industry-standard administrative, physical and technical safeguards to protect the security, confidentiality and integrity of such Personal Data.
11. REPRESENTATIONS AND WARRANTIES
11.1. Each Party represents and warrants to the other Party:
11.1.1. it is duly organized and in good standing in the jurisdiction in which is it incorporated or organized;
11.1.2. it has full right and power to enter into this Agreement, and the signer of this Agreement has authority to bind such Party it signs on its behalf; and
11.1.3. it is not prohibited by any regulatory authority from carrying out its duties and obligations under this Agreement.
11.2. Such representations and warranties shall be continuing throughout the Term of this Agreement.
12. INDEMNIFICATION
12.1. Each Party (an “Indemnifying Party”) hereby agrees to indemnify, defend and hold the other Party, its affiliated entities, and its and their officers, directors, employees, and agents (each an “Indemnified Party”) harmless from and against any action, claim, suit, investigation or other proceeding (each, a “Claim”) brought against an Indemnified Party by a third party based on: (a) breach of any applicable law by such Indemnifying Party or (b) gross negligence or willful misconduct by such Indemnifying Party.
12.2. Government Entity Indemnification: Notwithstanding the foregoing, if Customer is a governmental entity, to the extent established law preempts or limits Customer from providing indemnification to SANS, each Party’s indemnification obligation in this section shall be eliminated or mutually limited pursuant to applicable law to Customer.
13. INTELLECTUAL PROPERTY INDEMNIFICATION
Subject to the limitations of liability in Section 14 (Disclaimer of Warranty and Limitation of Liability) of the Agreement, SANS shall defend, indemnify, and hold Customer and its officers, directors, employees, and agents (each a “Customer Indemnitee”) harmless from and against any third party claims, demands, suits, proceedings, and resulting liabilities, direct damages, and expenses (collectively “Claims”), to the extent that SANS IP infringe any patent, copyright, trademark, trade secret or other intellectual property interest of a third party. SANS shall, in its sole discretion and at no additional charge to Customer, make commercially reasonable efforts to replace, in whole or in part, the infringing materials or Services with substantially compatible and functionally equivalent materials or Services, modify them to avoid the infringement, or secure the right for Customer to continue their use. In the event that SANS determines that the foregoing actions are not commercially practicable, then either Party may terminate the applicable Price Quote and SANS shall refund to the Customer the applicable fees for periods after the effective date of termination.
13.2 The foregoing obligations are conditioned on (i) the Customer Indemnitee providing prompt notification of the Claim to SANS, (ii) Customer allowing SANS to control the defense and settlement of the Claim (except that SANS may not agree to any settlement or consent to any judgment that would admit fault, wrongdoing or liability on the part of the Customer without such Customer’s prior written consent), and (iii) the Customer’s cooperation with the SANS as reasonably requested by SANS (at SANS’ expense) in the defense and any related settlement of the Claim.
13.3 Government Entity Indemnification: Notwithstanding the foregoing, if Customer is a governmental entity, to the extent established law preempts or limits Customer from providing indemnification to SANS, each Party’s indemnification obligation in this section shall be eliminated or mutually limited pursuant to applicable law to Customer.
14. DISCLAIMER OF WARRANTY AND LIMITATION OF LIABILITY
14.1. Except as specifically provided herein, SANS disclaims any and all representations and warranties, oral or written, expressed, implied, or statutory, including without limitation, any implied warranties of fitness for a particular purpose or of merchantability. In no event shall SANS be liable for any incidental, indirect, consequential, exemplary, special, or punitive damages, whether or not foreseeable, and regardless of whether liability is based on agreement, tort, or otherwise.
14.2. EXCEPT IN THE EVENT OF BREACH OF SECTION 4 (INTELLECTUAL PROPERTY RIGHTS), IN NO EVENT SHALL EITHER PARTY, ANY OF THEIR RESPECTIVE DIRECTORS, OFFICERS, EMPLOYEES, OR AGENTS, OR ANY OF THEIR AFFILIATE’S LIABILITY IN ANY MANNER ARISING UNDER THIS AGREEMENT EXCEED AN AMOUNT EQUAL TO THE TOTAL PAYMENT RECEIVED BY SANS FOR PRODUCTS OR SERVICES UNDER THIS AGREEMENT DURING THE 12-MONTH PERIOD IMMEDIATELY PRECEDING THE DATE WHEN CAUSE OF ACTION ARISES, INCLUDING ATTORNEY FEES.
15. INSURANCE
Each Party will maintain the types of insurance customary and appropriate for such agreements, in the amount necessary to cover its obligations and responsibilities under this agreement or required by law.
16. ACCOMMODATION REQUESTS.
16.1. In accordance with the workplace reasonable accommodations guidelines of applicable disability laws (the “Acts”) a reasonable accommodation is any reasonable change or adjustment to a job or work environment that permits a person with a disability to participate in the job application process, to perform the essential functions of a job, or to enjoy benefits and privileges of employment equal to those enjoyed by staff participants without disabilities.
16.2. The reasonable accommodation process, following the guidelines established by the Acts, is a collaborative and interactive process between the Customer’s employee, Customer’s human resources department, Customer employee’s manager/department head, and/or other subject matter experts and SANS. While SANS considers a Customer employee’s preference when assessing requests for necessary reasonable accommodations, at times SANS may offer an alternative accommodation, so long as the alternative is effective.
16.3. SANS requests that accommodations requests be submitted by a Customer employee via their human resources representative a minimum of six (6) weeks before the start of Training. Any requests submitted after that time frame will be attempted to be met but are not guaranteed.
17. COMPLIANCE WITH LAWS
17.1. Each Party will, at its sole expense, obtain all permits and licenses, pay all fees, and comply with all federal, state, and local laws, ordinances, rules, regulations, codes, and orders applicable to it in the performance of this Agreement.
17.2. Each Party shall conduct operations in compliance with applicable laws, rules and regulations in exercising rights and obligations under any part of this Agreement. Laws may include but not be limited to the U.S. Foreign Corrupt Practices Act, the U.K. Bribery Act and local anticorruption legislation that may apply. Neither Party is listed by any government agency as debarred, suspended, proposed for suspension or debarment or otherwise determined to be ineligible for government procurement programs. In exercising rights and obligations under any part of this Agreement, neither Party nor anyone acting on its behalf shall make, offer, promise or authorize payment of anything of value directly or indirectly to any of the following prohibited Parties for the purpose of unlawfully influencing their acts or decisions: a) employees, consultants, or representatives of the other Party, b) government officials or employees, c) political party officials or candidates, d) officers or employees of any public international organization, e) immediate family member of such persons (or any other person) for the benefit of such persons.
17.3. Each Party warrants that neither it nor its controlling owners is listed on any (i) sanction programs list maintained by the U.S. Office of Foreign Assets Control within the U.S. Treasury Department (“OFAC”), or (ii) denied party list maintained by the U.S. Bureau of Industry and Security within the U.S. Department of Commerce (“BIS”). Customer agrees it shall not allow Users access to any SANS product, service, or technology provided under this Agreement to any person or entity in a U.S. embargoed country or in violation of a U.S. export control law or regulations. Customer agrees to cooperate with SANS as necessary for SANS to comply with export requirements and recordkeeping required by OFAC, BIS, or other governmental agency.
18. GOVERNING LAW; DISPUTES
18.1. This Agreement will be governed by and construed in accordance with the laws of the State of Maryland, USA. Each Party hereby irrevocably consents to exclusive personal jurisdiction and venue in the state and federal courts located in Maryland. Both Parties exclude the application of the Uniform Computer Information Transactions Act (“UCITA”), the United Nations Convention on the International Sale of Goods (“CISG”) and any law of any jurisdiction that would apply UCITA or CISG or terms equivalent to UCITA or CISG to this Agreement. The Parties agree to settle all disputes promptly by negotiation between executives in good faith. Should good faith negotiations fail, any controversy or claim arising out of or relating to this Agreement, or breach thereof, will be exclusively settled by binding arbitration in Montgomery County, Maryland, USA administered by the American Arbitration Association in accordance with its Commercial Arbitration Rules, and judgment on the award rendered by the arbitrator(s) may be entered in any court having jurisdiction thereof. Either Party may initiate arbitration by written notice if negotiations have failed to resolve the matter within 30 days of initiation. The language of the arbitration will be English.
18.2. Government Entity Governing Law. Notwithstanding the above, choice of law and forum shall be (i)The state in which the Customer is located if Customer is located in the United States of America, or (ii) the capital city of the country in which the Customer is located if Customer is located outside of the United States of America.
19. NOTICES
19.1. All notices or reports required or permitted under this Agreement shall be in writing and shall be delivered by personal delivery, facsimile transmission, a nationally recognized overnight delivery service, by certified or registered mail, return receipt requested, or by electronic mail to be confirmed in writing delivered by one of the methods described herein, and shall be deemed given upon personal delivery, electronic confirmation of electronic mail or facsimile transmission, or signature evidencing receipt of overnight delivery or registered mail, as applicable. Notices and communications between Customer and SANS shall be in English to the following addresses of the Parties or to such other addresses as the Party concerned may subsequently notify in writing to the other Party. Notice hereunder for SANS shall be delivered to the SANS address as follows. Notice hereunder for Customer is the address for Customer in the associated Price Quote with attention to the Legal Department.
If to SANS:
SANS Institute
Attn: Contracts Administration
11200 Rockville Pike, Suite 200
North Bethesda, MD 20852
Contractadmin@sans.org
20. MISCELLANEOUS
20.1. Assignment; No Third-Party Beneficiaries. Neither Party may assign this Agreement or its rights or obligations thereunder without the written consent of the other Party, which consent will not be unreasonably withheld, except that a Party may assign upon written notice to a successor by merger, acquisition, or sale of substantially all of such Party’s business or assets. In addition, SANS may assign this Agreement or applicable Price Quotes in whole or part to an affiliated entity without written consent of Customer. SANS may subcontract all or any part of its obligations under this Agreement or applicable Price Quotes but shall remain responsible for the acts and omissions of its subcontractors as though they were acts of SANS itself. Except as specifically provided herein, there are no third-party beneficiaries to this Agreement, and nothing in this Agreement shall benefit or create any right on behalf of any person or entity other than Customer and SANS.
20.2. Waiver. The failure of either Party to exercise or enforce any right or provision of this Agreement shall not constitute a waiver of such right or provision or a waiver of the right of such Party to thereafter enforce each and every provision of this Agreement.
20.3. Severability. If a particular provision of this Agreement is terminated or held by a court of competent jurisdiction to be invalid, illegal, or unenforceable, that provision of the Agreement will be enforced to the maximum extent legally permissible and the remainder of this Agreement will continue in full force and effect.
20.4. Headings. The headings or titles preceding the text of the sections and subsections of this Agreement are inserted solely for convenience of reference, and shall not constitute a part of this Agreement, nor shall they affect the meaning, construction or effect of this Agreement.
20.5. Independent Contractor. SANS is an independent contractor and not an employee, agent, affiliate, partner or joint venturer with or of Customer.
20.6. Force Majeure. Neither Party shall be liable to the extent that its performance of this Agreement is prevented, or rendered so difficult or expensive as to be commercially impracticable, by reason of an Act of God, labor dispute, unavailability of transportation, goods or services, governmental restrictions or actions, war (declared or undeclared) or other hostilities, pandemic, or by any other event, condition or cause which is not foreseeable on the Effective Date and is beyond the reasonable control of the Party, provided that such Party promptly informs the other Party of such event, and makes diligent efforts to work around the event and resume performance. In the event of non-performance or delay in performance attributable to any such causes, the period allowed for performance of the applicable obligation under this Agreement will be extended for a period equal to the period of the delay.
20.7. Customer PO to Facilitate Payment Only. The Parties agree that any PO submitted by a Customer to SANS is for facilitating invoicing and payment only. Any additional, inconsistent, or different terms included in a Customer PO or other documents (including electronic) submitted to SANS by or on behalf of Customer at any time, whether before or after the Effective Date are hereby expressly rejected by SANS and of no effect. These terms and conditions shall be deemed accepted by Customer without any such additional, inconsistent, or different terms and conditions, except to the extent expressly accepted by SANS in writing and signed by SANS.
20.8. Entire Agreement. This Agreement and all appendices attached hereto (which are specifically incorporated herein by this reference) contain the full and entire agreement between the Parties. It supersedes all prior negotiations, and proposals, written or otherwise, relating to its subject matter. Any modifications, revisions or amendments to this Agreement must be set forth in writing signed by authorized representatives of both Parties.
20.9. Counterparts. This Agreement may be executed and delivered (i) in any number of counterparts, each of which will be deemed an original, but all of which together will constitute one and the same instrument, and/or (ii) by exchange of facsimile or PDF copies, or secure electronic signature and delivery method (e.g., DocuSign), in which case the instruments so executed and delivered shall be binding and effective for all purposes.
ADDENDUM A – Cyber Security Training
1. DEFINITIONS
1.1. COTS means Commercial Off The Shelf and is used in reference to the SANS-provided Training and associated Courseware.
1.2. Course Materials means SANS' educational materials including, but not limited to, online, written, and visual materials.
1.3. Courseware means SANS' Course Materials and verbal instruction.
2. CYBER SECURITY TRAINING SEATS
2.1. SANS’ cyber security training program (“Cyber Security Training Program”) allows Customer and its Affiliates to purchase seats for SANS-provided COTS training and GIAC examinations under a Price Quote.
2.2. An Affiliate may participate in the Cyber Security Training Program pursuant to this Agreement and on the same terms thereof. Customer is responsible for ensuring that such Affiliate accepts and agrees to the terms of the Agreement by submitting a Price Quote that references this Agreement.
3. CYBER SECURITY TRAINING PROGRAM USAGE
3.1. All Training procured through the Cyber Security Training Program will be based on SANS’ published retail prices at the time of registration and cannot be combined with other discounts or promotional offers other than as provided for within this Agreement or any Price Quote or SOW.
3.2. Descriptions of the available courses are available at https://www.sans.org.
3.3. SANS reserves the right to change the availability of SANS-provided Training or Training instructors at any time and without notice.
4. COURESEWARE AND COURSE MATERIALS
4.1. Customer may not distribute Courseware to Customer’s employees who did not attend Training and may not use the Courseware to conduct its own in-house courses. SANS Training cannot be recorded, streamed, or set up for video conferencing by Customer or its Users except as set forth in Specifications agreed to by SANS.
4.2. SANS grants to each individual User enrolled in Training a worldwide, non-transferable, non-sublicensable, perpetual, irrevocable, non-exclusive, limited license directly to use such Courseware associated with such Training in connection with the User’s employment by Customer. Neither Customer nor its Users may copy, reproduce, distribute, display, modify or create derivative works based upon all or any portion of the Courseware in any medium, whether printed, electronic, or otherwise, for any purpose, including, but not limited to, for purposes of teaching any computer or electronic security courses to any third party, without the express written consent of SANS.
4.3. Course Materials are guaranteed to be in good working condition for the duration of the User's attendance in the Training for which the User is registered; provided, SANS is not responsible for any loss, damage, or performance limitation caused in whole or in part by User abuse, mishandling, misuse, negligence, improper storage, servicing or operation, or unauthorized attempts to repair or alter the Course Materials in any way.
4.4. For the avoidance of doubt, following termination, Users shall be permitted to keep any Course Materials licensed to them by their attendance at a SANS Training or GIAC exam.
5. CONDUCT
Customer’s personnel are expected to behave professionally. The use of obscene or sexually harassing language, and abusive or threatening behavior directed at SANS personnel or other students is not conducive to a learning environment. Improper conduct can result in expulsion from Training.
6. DATA PROTECTION
6.1. In the event that either Party needs to provide any Personal Data under any Applicable Data Protection Law to the other Party to perform a Party’s obligations under this Addendum, then the Parties acknowledge and agree that they are each acting as separate and Independent Controllers of such Personal Data shared. A Party shall not share any Personal Data with the other Party unless such Party confirms that it is legally permitted to share such Personal Data.
6.2. To the extent that Personal Data is provided from a Party to the other Party and such disclosure requires a data processing agreement between the Parties under an applicable data protection law, the Parties agree that the SANS DPA is incorporated into and attached to this Agreement by reference.
7. CANCELLATION POLICY
7.1. Transfers: A User may request to transfer to other COTS Training at any time prior to the start of the originally registered event, or where applicable, prior to accessing the online Course Materials, by submitting a transfer request, via e-mail to registration@sans.org. The difference in tuition fees, if applicable, and processing fees will apply.
7.2. Refunds: If a User cannot substitute their registration or transfer to other COTS Training, the registered User may submit a refund request via e-mail to registration@sans.org. If the refund request is submitted by the refund deadline date specific to the event, payments received will be refunded, less a processing fee, in the same manner they were paid. To find the specific deadline dates for a COTS Training event, please visit the training event link on the SANS webpage, www.sans.org, and navigate to the cancellations link. No refunds will be given after the stated deadline. If a User has already accessed online Course Material, no refund or substitution will be made.
7.3. Global Information Assurance Certification (GIAC) Exams. GIAC exams are non-transferable and non-refundable after the User receives access to the exam material.
7.4. Voucher Account Payment. All changes to a User registration, paid using Voucher Funds, as defined in Addendum F, will also be subject to the additional Voucher Account Cancellation Policy outlined therein.
ADDENDUM B – Security Awareness Training
This Addendum also incorporates any Product Specific Terms, as defined herein, that may apply to specific Products and Services.
1. DEFINITIONS
1.1. Customer Materials means Customer-sourced data or materials not provided by SANS or its suppliers, which are used in connection with SSA Training Materials, such as Customer-sourced content, logos, artworks, or media.
1.2. Engagement Materials means SANS fact sheets, FAQs, help files, media files, newsletters, posters, and screensavers provided or made available by SANS to facilitate use of the SANS Products and Services. Engagement Materials do not include SSA Training Materials themselves.
1.3. License Term means the period beginning upon Customer’s receipt of SANS’ electronic provision of license details invoice for Product(s) and/or Service(s) under any Price Quote, SOW, or other means.
1.4. Named User means, as applicable, an authorized SSA Training Named User, an authorized SSA Litmos Training Named User, an authorized SSA Phishing Named User, or a named user otherwise defined in a Price Quote or Product Specific Terms with respect to other Services.
1.5. Professional Services means setup, implementation, installation, configuration or other professional services to be provided by SANS to Customer under a Price Quote or SOW.
1.6. Processing means any operation or set of operations which is performed on Personal Data or on sets of Personal Data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
1.7. Product Specific Terms means the SANS SSA Training Services Supplemental Terms for use of the Products and Services, the Litmos Services Supplemental Terms for a subscription to Litmos US, L.P., and SSA Phishing Services Supplemental Terms for use of SSA Phishing Services, as defined therein.
1.8. SSA Training Materials means SANS Security Awareness videos, interactive programs, online training content, exams, assessments, electronic materials, and other training Products. Each Product is licensed separately.
1.9. Subscription Term means the License Term or Subscription Term specified in a Price Quote.
2. SSA TRAINING SERVICES.
2.1. Customer is granted a non-exclusive, non-transferable, and non-sublicensable license during the applicable Subscription Term to use SSA Training Materials and Engagement Materials related to the Products or Services to which it subscribes, only for its own internal use in connection with such Products or Services.
2.2. Engagement Materials: (i) are not subject to “per user” limitations; (ii) are provided as digital files only, and (iii) may be modified or updated by SANS from time to time.
2.3. Customer shall not, for the purposes of sale, resale, lease, and/or developing a competing product: copy, reproduce, distribute, display, modify or create derivative works based upon all or any portion of the SSA Training Services and/or Engagement Materials in any medium.
3. PERFORMANCE STANDARDS
Using commercially reasonable efforts, the Services will be available 99.999%, measured monthly, excluding: (i) holidays; (ii) weekends; (iii) scheduled maintenance; and/or (iv) any downtime resulting from outages of third-party connections or utilities or other reasons beyond SANS’ control.
4. SANS PROFESSIONAL SERVICES
All Professional Services will be performed in accordance with mutually agreed SOWs. Except as provided in a Price Quote or SOW for Professional Services, Customer is fully responsible for deployment of the Products and Services. SANS will only support such deployment remotely.
5. SUBSCRIPTION TERM
5.1. Subscription Term. Each Subscription Term shall be as specified in the applicable Price Quote, and if not specified, shall be twelve (12) months from the applicable start date.
5.1.1. Notwithstanding anything to the contrary, the following provision shall supersede the Section 5.1 of the Agreement: Each License Term, as defined in a Price Quote, will run for a period of twelve (12) months. At the end of a License Term, Customer may renew the License Term upon written notice to SANS at least thirty (30) days prior to the end of the License Term.
5.2. SANS may immediately suspend Customer and/or a Named User’s access to the SSA Learning Platform, as defined in the Product Specific Terms, and Services in connection with any:
5.2.1. material violation by Customer or a Named User of the use limitations or restrictions in the applicable Price Quote, Product Specific Terms, or SANS IP rights;
5.2.2. technical or security issues or problems caused by Customer that materially impact the business operations of SANS or other SANS customers; and/or
5.2.3. judicial, administrative, or law enforcement orders.
5.3. Upon expiration or termination of a Subscription Term, to the extent reasonably practicable, Customer shall return (or at SANS’ option destroy, and certify destruction of) all SSA Training Materials in its possession.
6. INTELLECTUAL PROPERTY.
6.1. SANS acknowledges that Customer or its licensors are the sole and exclusive owners of the Customer Materials and Customer Confidential Information, and all intellectual property rights therein. Nothing in this Agreement transfers Customer’s exclusive ownership of its intellectual property or Confidential Information.
6.2. The indemnification obligation in Section 13 of the Agreement does not extend to infringement by any Customer Materials incorporated into the Training, or to infringement resulting from any modifications or adaptations made by Customer or third parties to the Training.
6.3. Subject to the limitations of liability in Section 14 of the Agreement, Customer shall defend, indemnify, and hold SANS and its officers, directors, employees, and agents (each a “SANS Indemnitee”) harmless from and against any Claims alleging that the Customer Materials infringe any patent, copyright, trademark, trade secret or other intellectual property interest of a third party.
6.4. The foregoing obligations are conditioned on (i) the SANS Indemnitee providing prompt notification of the Claim to Customer, (ii) the SANS Indemnitee allowing Customer to control the defense and settlement of the Claim (except that Customer may not agree to any settlement or consent to any judgment that would admit fault, wrongdoing or liability on the part of the SANS without SANS’ prior written consent), and (iii) SANS’ cooperation with the Customer as reasonably requested by Customer (at the Customer’s expense) in the defense and any related settlement of the Claim.
7. DATA PROTECTION
7.1. In order to perform the SSA Training Services under this Addendum, SANS is required to Process Personal Data. SANS shall comply with the Applicable Data Protection Legislation.
7.2. With respect to Personal Data provided under this Addendum, the Customer shall act as a Personal Data Controller, where “Controller” means the entity which alone determines the purposes and the means of the Processing of Personal Data, and SANS shall carry out the Processing of the Personal Data only on behalf of the Customer. Acting as a Data Processor, SANS shall carry out the Processing of Personal Data only according to the Customer’s documented instructions for Processing, unless that law prohibits such information on important grounds of public interest.
7.3. To the extent that Personal Data is provided from a Party to the other Party and such disclosure requires a data processing agreement between the Parties under an applicable data protection law, the Parties agree that the SANS DPA is incorporated into and attached to this Agreement by reference.
ADDENDUM C – Private Class Training
1. DEFINITIONS
1.1. Guaranteed Minimum Student Count means a minimum guaranteed number of Users that the Customer is responsible for payment for regardless of whether those Users participate in the Private Class.
1.2. Modality means the medium or format in which SANS-provided COTS Training and/or GIAC exams are offered. This includes, but is not limited to, in-person events, live online events, on-demand online events, etc.
1.3. Private Class means SANS-provided COTS Training and/or GIAC exams available only to certain Users of Customer and not open to the general public.
1.4. Student Roster means the SANS provided format where Customer must provide a complete list of name and email addresses of all attending Users.
2. PRIVATE CLASS
2.1. SANS’ private class program (“Private Class Program”) allows Customer and its Affiliates to engage SANS to provide a Private Class for a minimum guaranteed number of Users using a specific Modality selected by Customer and agreed to by SANS under a Price Quote.
2.2. Customer is responsible for payment to SANS for a Minimum Guaranteed Student Count which is listed on the Price Quote. If there are less Users attending the Private Class than the Guaranteed Minimum Student Count, Customer is still responsible for payment for the full Guaranteed Minimum Student Count. Customer may have additional Users beyond the Guaranteed Minimum Student Count attend the Private Class and will be responsible for those individual seats purchased per the cost per User established on the Price Quote.
2.3. An Affiliate may participate in the Private Class Program pursuant to this Agreement and on the same terms thereof. Customer is responsible for ensuring that such Affiliate accepts and agrees to the terms of the Agreement by submitting a Price Quote that references this Agreement.
2.4. Customer must complete the Student Roster and provide it to SANS no less than seven (7) days prior to the Private Class start date. Should Customer need to substitute any Users on the Student Roster with a new User, Customer shall notify SANS as soon as possible and SANS will use reasonable efforts to accommodate such request.
3. INVOICES AND PAYMENT TERMS
Notwithstanding anything to the contrary, the following provision shall supersede the Section 6.5 of the Agreement: In order to confirm the Private Class date, Customer shall pay to SANS fifty percent (50%) of the fee detailed in the Price Quote thirty (30) days prior to the first day of the Private Class, with the balance due fifteen (15) days prior to the first day of the Private Class. A Private Class confirmed less than thirty (30) days prior to the first day of the Private Class requires full payment within three (3) business days of confirmation.
4. CONDUCT
Customer’s personnel are expected to behave professionally. The use of obscene or sexually harassing language, and abusive or threatening behavior directed at SANS personnel or other students is not conducive to a learning environment. Improper conduct can result in expulsion from the Private Class.
5. DATA PROTECTION
5.1. In the event that either Party needs to provide any Personal Data under any Applicable Data Protection Law to the other Party to perform a Party’s obligations under this Addendum, then the Parties acknowledge and agree that they are each acting as separate and Independent Controllers of such Personal Data shared. A Party shall not share any Personal Data with the other Party unless such Party confirms that it is legally permitted to share such Personal Data.
5.2 To the extent that Personal Data is provided from a Party to the other Party and such disclosure requires a data processing agreement between the Parties under an applicable data protection law, the Parties agree that the SANS DPA is incorporated into and attached to this Agreement by reference.
6. CANCELLATION POLICY
6.1. If Customer cancels Private Class (i) 60 calendar days prior to the start of Private Class, Customer is responsible to SANS for fifty percent (50%) of the Private Class total identified in the Price Quote or (b) less than 10 business days prior to the start of Private Class, Customer is responsible to SANS for one hundred percent (100%) of the Private Class total identified in the Price Quote.
6.2. The performance of the Agreement, by either Party, is subject to acts of God, government authority, disaster, strikes, civil disorders, or other emergencies, any of which make it illegal or impossible to hold class for either organization. In case of an emergency that prevents the confirmed instructor from teaching, SANS will use reasonable efforts to schedule another instructor or reschedule the Private Class for another mutually agreeable date. If another instructor cannot be confirmed for the originally requested date and Parties cannot mutually agree to another date, then, within forty-five (45) days of scheduled start date of the Private Class, Customer will receive a full refund of any payments made toward the Price Quote in the same manner as payment was received.
ADDENDUM D – Cyber Range Tournament
1. DEFINITIONS
1.1. Guaranteed Minimum Student Count means a minimum guaranteed number of Users that the Customer is responsible for payment for regardless of whether those Users participate in the Tournament.
1.2. Modality means the medium or format in which SANS-provided COTS Training and/or GIAC exams are offered. This includes, but is not limited to, in-person events, live online events, on-demand online events, etc.
1.3. Student Roster means the SANS provided format where Customer must provide a complete list of name and email addresses of all attending students.
1.4. Tournament means the virtual cyber range environment where Users participate in hands-on cyber challenges.
2. TOURNAMENT AND REQUIREMENTS
2.1. SANS’s cyber range Tournament program (“Cyber Range Program”) allows Customer to engage SANS to provide a Tournament for a minimum guaranteed number of Users using a specific Modality selected by Customer and agreed to by SANS in a Price Quote.
2.2. Customer is responsible for payment to SANS for a Guaranteed Minimum Student Count. which is listed on the Price Quote. If there are less Users attending the Tournament than the Guaranteed Minimum Student Count, Customer is still responsible for payment for the full Guaranteed Minimum Student Count. Customer may have additional Users beyond the Guaranteed Minimum Student Count attend the Tournament and will be responsible for those individual seats purchased per the cost per User established on the Price Quote.
2.3. Customer must complete the Student Roster and provide it to SANS no less than seven (7) days prior to the Tournament start date. Should Customer need to substitute any Users on the Student Roster with a new User, Customer shall notify SANS as soon as possible and SANS will use reasonable efforts to accommodate such request.
2.4. SANS will provide the following for the Tournament:
2.4.1. instructor laptop;
2.4.2. access to Tournament; including the registration and scoring servers;
2.4.3. back-end support during the duration of the Tournament event; and
2.4.4. music selection for background music during the Tournament event.
2.5. Customer will provide the following for the Tournament:
2.5.1. preconfigured computer or laptop meeting requirements specified in the Price Quote for each User;
2.5.2. internet connection capable of streaming video for each User; and
2.5.3. access to Zoom for virtual participation by Users where applicable.
2.6. Customer shall ensure the Tournament hosting site meets the following requirements:
2.6.1. Classroom Set Up: For individual Users competing in the Tournament, tables and chairs assembled in a classroom style facing the instructor in an amount sufficient for all Users. For team-based Users competing in the Tournament, tables and chairs grouped into teams in an amount sufficient for all teams of Users.
2.6.2. Technical Equipment: The hosting site should include (i) one (1) projector and one (1) screen, (ii) one (1) microphone, (iii) one (1) speaker system with audio that is compatible with a smartphone or a laptop computer.
2.6.3. Internet Connection. The hosting site should include robust and reliable internet connection meeting the following criteria: (a) Internet provided cannot be a satellite or 4G LTE connection (A 1Gbps wired network in the hosting site is sufficient), (b) If using the hosting site’s WiFi, it needs to be able to handle the number of attendees (Users, instructor and others) and have a robust WiFi signal everywhere in the room(s) being used, and (c) no outbound ports/traffic should be blocked by a firewall. The following Internet traffic should be prioritized: *.vpn.labs.sans.org & *.counterhack.com.
3. CONDUCT
Customer’s personnel are expected to behave professionally. The use of obscene or sexually harassing language, and abusive or threatening behavior directed at SANS personnel or other students is not conducive to a learning environment. Improper conduct can result in expulsion from the Tournament.
4. DATA PROTECTION
4.1. In the event that either Party needs to provide any Personal Data under any Applicable Data Protection Law to the other Party to perform a Party’s obligations under this Addendum, then the Parties acknowledge and agree that they are each acting as separate and Independent Controllers of such Personal Data shared. A Party shall not share any Personal Data with the other Party unless such Party confirms that it is legally permitted to share such Personal Data.
4.2. To the extent that Personal Data is provided from a Party to the other Party and such disclosure requires a data processing agreement between the Parties under an applicable data protection law , the Parties agree that the SANS DPA is incorporated into and attached to this Agreement by reference.
5. INVOICES AND PAYMENT TERMS
In order to confirm the Tournament date, Customer shall provide fifty percent (50%) of the total payment thirty (30) days prior to the first day of the Tournament, with the balance due fifteen (15) days prior to the first day of the Tournament. A Tournament confirmed less than thirty (30) days prior to the first day of the Tournament requires full payment within three (3) business days of confirmation.
6. CANCELLATION POLICY
6.1. If Customer cancels a Tournament (i) sixty (60) calendar days prior to the start of Tournament, Customer is responsible for paying fifty percent (50%) of the Tournament total identified on the Price Quote or (ii) less than ten (10) business days prior to the start of Tournament, Customer is responsible for paying one hundred percent (100%) of the Tournament total as identified on the Price Quote. Any amounts owed as a result of cancellation by the Customer will be immediately due upon SANS’ receipt of written notice of cancellation.
6.2. The performance of the Agreement, by either Party, is subject to acts of God, government authority, disaster, strikes, civil disorders, or other emergencies, any of which make it illegal or impossible to hold class for either organization. In case of an emergency that prevents the Tournament, SANS will attempt to reschedule the Tournament for another mutually agreeable date. If the Parties cannot mutually agree to another date, then within forty-five (45) days of the scheduled start of the Tournament the Customer will receive a full refund of any payments made toward the Price Quote in the same manner as payment was received.
Addendum E – Cyber Attack Simulation Training
1. DEFINITIONS
1.1. Change Order means an amendment to the scope of services previously agreed to in a Statement of Work.
1.2. Professional Services means setup, implementation, installation, configuration, or other professional Services to be provided by SANS to Customer under a Statement of Work.
1.3. Simulation Services means the cyber security attack simulation and related services to be performed by SANS for Customer as set forth in a Statement of Work.
2. SERVICES
2.1. Details of Simulation Services to be provided will be defined in a SOW produced by SANS and approved by Customer to identify the specific scope, requirements, and timelines.
2.2. Changes to any SOW will be mutually agreed to in writing by the Parties and will be documented in Change Orders incorporated into each SOW impacted by the change.
2.3. SOWs may not be used to materially alter the terms of this Agreement. When the terms of a SOW or Change Order conflict with the terms of this Agreement, the terms of this Agreement shall take precedence and remain in effect.
2.4. Approved SOWs and Change Orders will be attached hereto, incorporated by reference herein, and made a part hereof.
3. INVOICING AND PAYMENT
3.1. Expect as provided for in any Price Quote or SOW, the total fee for Simulation Services shall be invoiced by SANS and shall be due immediately by Customer before commencement of work on the agreed-upon Simulation Services.
3.2. In addition to fees for Simulation Services specified, Customer shall reimburse SANS for reasonable, necessary, and substantiated expenses incurred by SANS in connection with the Simulation Services rendered hereunder; provided, however, that any expense is approved by Customer in advance and in writing, to include electronic mail.
4. INTELLECTUAL PROPERTY
4.1. Customer may not distribute any SANS IP to Customer’s employees or others who did not participate in the Simulation Services. In addition, Customer may not use SANS IP to conduct its a cyber security attack simulation either in-house or for a third party.
4.2. SANS grants to Company and its employees engaging in the Simulation Services a non-exclusive, limited license directly to use the SANS IP during the Simulation Services. Neither Customer nor its Users may copy, reproduce, distribute, display, modify or create derivative works based upon all or any portion of the SANS IP in any medium, whether printed, electronic, or otherwise, for any purpose, including, but not limited to, for purposes of (i) engaging in a Customer-led cyber security attack simulation, and/or (ii) teaching any cyber security attack information learned from the SANS IP to any third party, without the express written consent of SANS.
5. USE OF MARKS
Customer hereby grants to SANS a non-exclusive, non-transferable, non-sublicensable right, permission, and license to use Customer’s trademarks, logos, name, service marks, slogans, and similar intellectual property (“Marks”) during the term to perform Simulation Services. Customer shall provide SANS with such Marks that Customer desires SANS to include while providing Simulation Services. Nothing herein shall grant SANS any right, title, or interest in the Marks, other than as provided herein.
Addendum F - Voucher Account
1. DEFINITIONS
1.1. Customer Investment Total means the agreed upon training investment established in each Price Quote that is paid by Customer to SANS and deposited into a Voucher Account held by SANS and dedicated to Customer.
1.2. Voucher Account means the SANS account where the Voucher Funds are held and where Customer can manage its budget for individual Users to receive Training or other Products and Services from SANS.
1.3. Voucher Funds means the total funds available to Customer to include Customer Investment Total and any other funds deposited into a Voucher Account.
2. VOUCHER FUNDS
2.1. SANS’ Voucher Account Program is a program that allows Customer and its Affiliates, upon SANS’ receipt of the Customer Investment Total, to manage its Voucher Account to purchase Products and Services from SANS. Voucher Funds in the Voucher Account have cash value and can be used by Customer or its Affiliates to register Users for Training or other Products and Services.
2.2. An Affiliate may invest monetary funds in a Voucher Account dedicated to Customer pursuant to this Agreement and on the same terms thereof. Customer is responsible for ensuring that such Affiliate accepts and agrees to the terms of the Agreement by submitting a Price Quote that references this Agreement.
2.3. Voucher Funds are non-transferable and shall remain with the SANS until depletion or expiration of such Voucher Funds.
3. UTILIZATION OF VOUCHER ACCOUNT
3.1. All SANS Training procured through the Voucher Account will be based on SANS’ published retail prices at the time of registration and cannot be combined with other discounts or promotional offers other than as provided for within this Agreement, Price Quote, or SOW.
3.2. Voucher Funds are valid for 12 months and non-refundable. If Voucher Funds remain in the Voucher Account nearing the conclusion of the initial 12- month period, Customer may contribute an additional investment, as agreed to in a Price Quote or SOW, prior to expiration, to renew the Voucher Account. The existing Voucher Funds rollover (renew) with the new funds for another 12 months.
3.3. Descriptions of the available courses are available at https://www.sans.org.
3.4. The Voucher Account and Voucher Funds therein may be used for Customer and Customer personnel only. Customer agrees and understands that any sale of Customer’s Voucher Funds, or use of Voucher Funds, by third parties is a breach of his Agreement and will result in irreparable harm to SANS for which SANS is entitled to relief.
4. VOUCHER ADMINISTRATION TOOL
4.1. Customer shall appoint a staff member to serve as Customer’s Voucher Account administrator (the “Administrator”) for each Voucher Account under a Price Quote or SOW, and such Administrator will be given access to the online SANS Voucher Administration Tool.
4.2. The SANS Voucher Administration Tool allows the Administrator to: (i) approve/deny User enrollment; (ii) view Voucher Fund usage in real time; (iii) control how and where Voucher Funds are utilized; (iv) view Users’ certification status and GIAC exam results; and (v) obtain OnDemand course progress by User per course to determine whether the User is on schedule to complete the course prior to the course expiration. Customer agrees and understands that Voucher Funds may only be utilized for Customer’s employees and that it is the Customer’s responsibility to ensure Voucher Funds are not used by any non-Customer personnel.
5. CANCELLATION POLICY
Voucher Fund Payment. In addition to any cancellation policy specific to User’s Training, where Customer has utilized Voucher Funds to pay for Training, all requests for substitution, transfer, or refund requests, along with Administrator approval, shall be sent via email to vouchersupport@sans.org.