Verafirm License Management Registry Terms of Service
This Verafirm License Management Registry Agreement (“Agreement”) is entered into by BSA Business Software Alliance, Inc. d/b/a BSA | The Software Alliance (“BSA”) and the entity you represent and identify upon registration (“Registrant”) effective as of the date you complete registration (“Effective Date”) and governs Registrant’s use of BSA’s Verafirm license management registry (formerly referred to as “LMR” or “LMR360”). Verafirm is the web-based portal provided by BSA where Registrant can maintain license deployment and entitlement information and other information concerning its license compliance (“Documentation”) and where third parties who are authorized by Registrant to access and use Verafirm to monitor Registrant’s license compliance (“Verafirm Subscribers”) can access and retrieve license compliance information that BSA makes available to them consistent with Registrant’s selected preferences using the visibility controls that may be provided by BSA (“Registry Data”). BSA and Registrant (each a “Party” and together the “Parties”) agree as follows:
1. Account Administration. Registrant must designate an executive officer of the company to administer the Registrant’s account; view, edit, and submit Documentation; and certify that submitted Documentation is true, accurate, current and complete (“Executive Representative”). The Executive Representative may authorize additional individuals who may view, edit, and upload Documentation for the Executive Representative to submit (“Authorized Users”). Registrant must submit all information required by BSA in the format requested by BSA and must promptly update Documentation to maintain its accuracy. Registrant may mark Documentation as “deleted” to hide it from view by Verafirm Subscribers or avoid having it disclosed to Verafirm Subscribers in aggregate form, but Documentation marked as “deleted” may remain in the Verafirm registry, and BSA may continue to access and use “deleted” Documentation consistent with this Agreement. Registrant is at all times responsible for any activity that takes place in connection with its account, but BSA may view, edit, or disable Registrant’s account to perform its duties and exercise its rights under the Agreement. BSA may, but is not obligated to, make available to Registrant digital badges that Registrant may display on its website consistent with the terms and conditions of Exhibit A, which is incorporated in this Agreement. Registration in the Verafirm registry does not mean that Registrant is in compliance with its software program licenses or that BSA has any authority to determine such compliance on behalf of applicable licensees.
2. Verification. At any time during the Term, BSA may seek to verify Registrant’s software program license compliance (“Verification”). BSA may conduct the Verification itself or by using a third-party selected by BSA (“Third-Party Verifier”).
2.1 BSA Verification. If, after including Registrant in the Verafirm registry, BSA reasonably believes that Registrant is without a license or is not in compliance with all material terms and conditions of any software program license, BSA may provide notice to Registrant specifying the reasonable belief of noncompliance (“Noncompliance Notice”). Within forty-five (45) days after receiving the Noncompliance Notice, Registrant must provide a written response to BSA describing the remedial actions, if any, taken by Registrant (“Noncompliance Response”); provided, however, that Registrant may request one (1) fifteen (15) day extension (“Cure Period”). If, at the conclusion of the Cure Period, Registrant has not provided BSA a Noncompliance Response or BSA, in its sole discretion, concludes that Registrant’s noncompliance persists, BSA may, in its sole discretion, either: (a) designate Registrant as noncompliant in the Verafirm registry until BSA determines that Registrant has come into compliance; or (b) remove Registrant from the Verafirm registry, and Registrant shall not be eligible to reregister for ninety (90) days, at which time Registrant must demonstrate, to BSA’s sole satisfaction, that Registrant has come into compliance (together, “Noncompliance Options”).
2.2 Third-Party Verification. If BSA provides notice of a third-party Verification, Registrant must enter into an agreement with the Third-Party Verifier in substantially the form attached as Exhibit B, which will govern the rights and obligations of Registrant and the Third-Party Verifier in connection with the Third-Party Verification. BSA will bear all costs of the Third-Party Verifier unless otherwise agreed to by the Parties. All other costs of Registrant under this Agreement must be borne by Registrant. BSA will own all right, title, and interest in any reports prepared by the Third-Party Verifier (“Third-Party Verification Reports”), provided that BSA will treat Third-Party Verification Reports as Confidential Information consistent with this Agreement. Registrant must implement all material recommendations contained in the Third-Party Verification Report for achieving compliance with its software program licenses (“Recommendations”) within forty-five (45) days after Registrant receives the Third-Party Verification Report (“Implementation Period”). If, in BSA’s sole judgment, Registrant does not implement the Recommendations by the end of the Implementation Period, BSA may, in its sole discretion, apply either of the Noncompliance Options. BSA may, at its option, conduct up to one (1) third-party Verification of Registrant per year.
2.3 Appeal Process. Registrant may appeal BSA’s exercise of a Noncompliance Option by providing an initial notice of appeal within fifteen (15) days, and a follow-up notice describing the remedial actions it took to cure any noncompliance or otherwise demonstrating it was in compliance at the end of the Cure Period (“Appeal Response”) within thirty (30) days, of the exercise of the Noncompliance Option (“Appeal Period”). If, at the conclusion of the Appeal Period, Registrant has not provided BSA an Appeal Response or BSA, in its sole discretion, concludes that Registrant’s noncompliance persists, BSA may, in its sole discretion, reinstitute either of the Noncompliance Options. Nothing in this Agreement shall obligate BSA to include Registrant in the Verafirm registry. Registrant’s exclusive remedy for BSA’s designating Registrant as noncompliant or removing Registrant from the Verafirm registry is to appeal under this Section 2.3.
3. Registry Fee. Registrant must pay BSA a non-refundable fee (“Registry Fee”) when Registrant creates its account, unless BSA waives the Registry Fee. The Registry Fee is nonrefundable even if BSA or Registrant terminates this Agreement or Registrant is not included in or is removed from the Verafirm registry.
4.1 Confidential Information. “Confidential Information” means information about a Party’s organization, business, products, services, or finances that is disclosed by that Party (the “Disclosing Party”) to the other Party (the “Receiving Party”) under this Agreement, except that Confidential Information does not include information that (a) becomes publicly known without breach of this Agreement; (b) is already known to the Receiving Party, without confidentiality restriction, when disclosed; (c) is lawfully communicated to the Receiving Party, without confidentiality restriction, after disclosure; or (d) the Receiving Party independently develops without use of the Confidential Information.
4.2 Restrictions. Except as permitted in Section 4.3, the Receiving Party shall not, and shall ensure that its employees and agents do not, (a) use Confidential Information of the Disclosing Party for any purpose other than to perform this Agreement or (b) disclose Confidential Information of the Disclosing Party to any third party other than its employees or agents (including, in the case of BSA, the Third-Party Verifier or any third-party vendors or legal representatives) that have a need to know such Confidential Information consistent with this Agreement and that are bound by confidentiality obligations no weaker than those set forth here.
4.3 Exceptions. BSA may disclose the Registry Data to Verafirm Subscribers. Upon notice to Registrant, which notice shall be provided in advance unless unduly burdensome or prejudicial to BSA or its Members’ interests, BSA may disclose Confidential Information in legal proceedings on behalf of a BSA Member, including without limitation copyright infringement proceedings. The Receiving Party may disclose Confidential Information of the Disclosing Party to the extent required by law, provided that the Receiving Party gives the Disclosing Party reasonable prior notice and a copy of the order requiring the disclosure and cooperates with the Disclosing Party to try to limit such disclosure. The Receiving Party may disclose Confidential Information with the Disclosing Party’s prior written consent.
4.4 Return of Information. Upon request, the Receiving Party shall (a) immediately cease all use of Confidential Information and (b) promptly return to the Disclosing Party or, if instructed by the Disclosing Party, destroy all copies of the Disclosing Party’s Confidential Information under its control and certify in writing that such return and/or destruction is complete, provided that such obligation shall not extend to Confidential Information of the Disclosing Party that the Receiving Party has a continuing need to retain and use for purposes of exercising its rights or fulfilling its obligations under this Agreement, and provided that Section 4.4 shall not apply to any Documentation, Registry Data, or Third-Party Verification Report.
5. Term and Termination. This Agreement shall commence as of the Effective Date and, unless earlier terminated in accordance with this Section 5 or renewed, expire at the end of one (1) year from the Effective Date (the “Term”). This Agreement may be terminated by either Party, without cause, effective upon (a) ten (10) days notice to the other Party or (b) the other Party’s material breach of its obligations under this Agreement and failure to cure such breach within thirty (30) days after the Party provides notice thereof. Termination of this Agreement will not limit remedies that may otherwise be available. Sections 1 (Account Administration), 2.2 (Third-Party Verification), 2.3 (Appeal Process), 4 (Confidentiality), 5 (Term and Termination), 6 (Representations and Warranties), 7 (Indemnification; Limitation of Liability), 9 (Governing Law), and 10 (Miscellaneous) shall survive any expiration or termination of this Agreement.
6. Representations and Warranties
6.1 Each Party represents and warrants that: (a) it is duly formed and in good standing under the laws of the jurisdiction of its formation; (b) it has the authority and legal right to enter into this Agreement and perform its obligations; (c) it has taken all necessary action required for the execution and delivery of this Agreement and its performance, including without limitation by obtaining any necessary consents, approvals, and authorizations; and (d) the execution and delivery of this Agreement and the performance of its obligations (1) do not and will not conflict with or violate any applicable law or any provision of the articles of incorporation, bylaws, or similar governing documents of such Party and (2) do not and will not conflict with, violate, breach, or constitute a default of any contractual obligation or court or administrative order by which such Party is bound, including without limitation any confidentiality obligations imposed by third parties who are not members of BSA or that company’s controlled subsidiaries (“BSA Members”).
6.2 Registrant represents and warrants that Documentation and all other Confidential Materials provided to BSA or the Third-Party Verifier are true, accurate, current and complete and that the Executive Representative does and will have the authority and the legal right to execute agreements that bind Registrant.
6.3 Disclaimer. THE WARRANTIES SPECIFIED IN THIS SECTION 6 ARE EXCLUSIVE AND IN LIEU OF ALL OTHER WARRANTIES. BSA MAKES NO OTHER REPRESENTATIONS OR WARRANTIES OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING, WITHOUT LIMITATION ANY REPRESENTATIONS OR WARRANTIES WITH RESPECT TO QUALITY, PERFORMANCE, MERCHANTABILITY, FITNESS FOR A PARTICULAR USE OR PURPOSE, TITLE, NON-INFRINGEMENT, DATA SECURITY, OR WARRANTIES ARISING FROM COURSE OF DEALING OR USAGE IN TRADE. THE VERAFIRM REGISTRY AND ANY DIGITAL BADGE CERTIFICATION MARKS ARE PROVIDED “AS IS” AND “WITH ALL FAULTS,” AND THE ENTIRE RISK AS TO SATISFACTORY QUALITY, PERFORMANCE, DATA BREACH, AND ACCURACY IS WITH REGISTRANT. BSA DOES NOT WARRANT THAT THE VERAFIRM REGISTRY OR ANY DIGITAL BADGE CERTIFICATION MARKS WILL OPERATE AT ALL TIMES UNINTERRUPTED OR ERROR-FREE, OR WILL MEET ANY OF REGISTRANT’S SPECIFIC NEEDS OR REQUIREMENTS. BSA MAKES NO WARRANTIES AS TO THE PERFORMANCE OF THE THIRD-PARTY VERIFICATION OR THE THIRD-PARTY VERIFICATION REPORT. BSA DOES NOT WARRANT THAT REGISTRATION OR COMPLIANCE WITH THIS AGREEMENT WILL LIMIT REGISTRANT’S POTENTIAL LIABILITY FOR INFRINGEMENT OF COPYRIGHT OR BREACH OF ANY APPLICABLE SOFTWARE LICENSE AGREEMENT.
7. Indemnification; Limitation on Liability
7.1.1 BSA will indemnify, defend and hold harmless Registrant, its affiliates and its and their officers, directors, employees, and agents from and against any and all damages, dues, penalties, fines, costs, amounts paid in settlement, liabilities, obligations, losses, and reasonable expenses and fees, including court costs and reasonable attorneys’ fees (collectively, “Losses”) arising out of or related to any third-party claim arising out of any material breach of a representation, warranty, or obligation of BSA under this Agreement.
7.1.2 Registrant will indemnify, defend, and hold harmless BSA and each of their officers, directors, employees, and agents from and against any and all Losses arising out of or related to any third-party claim arising out of (a) any material breach of a representation, warranty, or obligation of Registrant under this Agreement or (b) any gross negligence or willful misconduct of Registrant or its employees or agents in connection herewith.
7.1.3 If either Party determines that it is entitled to defense and indemnification under this Section 7.1, such indemnified Party shall promptly notify the indemnifying Party in writing of the claim and provide all reasonably necessary or useful information related to it. Defense will be provided by legal counsel of the indemnifying Party’s choosing; provided that the indemnified Party may retain separate counsel at its own expense to participate in the defense. The indemnifying Party may settle any claim without the consent of the indemnified Party, but only if the sole relief awarded is money damages that are paid in full by the indemnifying Party and such settlement includes a release of the indemnified Party from all liability for such claim or a dismissal of litigation with prejudice.
7.2 Limitation on Liability. NEITHER PARTY SHALL BE LIABLE TO THE OTHER PARTY FOR ANY INDIRECT, INCIDENTAL, CONSEQUENTIAL, RELIANCE, OR SPECIAL DAMAGES SUFFERED BY THE OTHER PARTY ARISING OUT OF OR IN CONNECTION WITH THIS AGREEMENT (INCLUDING DAMAGES FOR HARM TO BUSINESS, LOST REVENUES, LOST SAVINGS OR LOST PROFITS SUFFERED BY SUCH PARTY), WHETHER IN CONTRACT WARRANTY, STRICT LIABILITY, TORT OR OTHERWISE, INCLUDING NEGLIGENCE OF ANY KIND, WHETHER ACTIVE OR PASSIVE, AND REGARDLESS OF WHETHER THE POSSIBILITY THAT SUCH DAMAGES COULD RESULT WAS KNOWN. BSA’S TOTAL LIABILITY TO REGISTRANT FOR ALL CLAIMS ARISING OUT OF, OR RELATING TO, THIS AGREEMENT SHALL BE LIMITED TO THE REGISTRY FEE RECEIVED BY BSA FROM REGISTRANT UNDER THIS AGREEMENT DURING THE TWELVE MONTH PERIOD IMMEDIATELY PRECEDING THE DATE OF THE ALLEGED ACT OR OMISSION GIVING RISE TO SUCH CLAIMS. NOTHING IN THIS SECTION 7.2 SHALL LIMIT THE REMEDIES AVAILABLE IN THE EVENT THAT BSA ON BEHALF OF ONE OF ITS MEMBERS BRINGS AN ACTION FOR COPYRIGHT INFRINGEMENT OR BREACH OF A LICENSE AGREEMENT RELATING TO SUCH BSA MEMBER’S SOFTWARE PROGRAM.
8. Notices. All notices must be in writing and be made by nationally recognized overnight courier service and shall be deemed given one (1) day after deposit with the courier service. All notices must be addressed as follows, unless the Party designates otherwise in a notice: (a) if to BSA, to: Legal Department, BSA Business Software Alliance Inc., 1150 18th St. NW, Suite 700, Washington, DC 20036; (b) if to Registrant, to the address provided at the time of registration.
9. Governing Law. This Agreement shall be governed by and construed under the laws of the District of Columbia, USA, excluding any conflicts or choice of law rule or principle. Any dispute or claim arising under this Agreement must be brought in a court located in the District of Columbia, and Registrant submits to, and waives any objection to, personal jurisdiction and venue in such courts for such purpose. The prevailing Party in any controversy, claim, or action will receive from the other Party its reasonable attorneys’ fees and costs.
10. Miscellaneous. BSA and Registrant are independent contractors, and this Agreement does not create any partnership, agency, employment, or joint venture relationship between the Parties. This Agreement is the entire understanding and agreement between the Parties and supersedes all prior understandings and agreements between the Parties regarding its subject matter. No provision of this Agreement may be amended or waived except in a writing signed by both Parties. Waiver of a term or condition of this Agreement will not be deemed to be a waiver of the same or any other term or condition of this Agreement or future application. Neither Party may assign this Agreement without the other Party’s written consent.
Exhibit A ― Digital Badge License
The following terms and conditions govern Registrant’s use of digital badges that BSA, in its sole discretion, makes available to Registrant through BSA’s Verafirm registry (the “Digital Badge Certification Marks”). Capitalized terms used in this Digital Badge License Agreement will have the meanings set forth in the Verafirm License Management Registry Agreement between Registrant and BSA (“Verafirm Agreement”), unless otherwise provided.
- BSA may make one or more of the following Digital Badge Certification Marks available to Registrant for use on Registrant’s website:
a) Registered Digital Badge. Registrant’s right to use the Registered Digital Badge is conditioned on (i) submission by the Executive Representative of Registrant’s Documentation; (ii) certification by the Executive Representative that the submitted Documentation is true, accurate, current and complete; and (iii) registration by BSA of Registrant in the LMR.
b) Verified Digital Badge. Registrant’s right to use the Verified Digital Badge is conditioned on Registrant’s completion of a Third-Party Verification.
c) Certified Digital Badge. Registrant’s right to use the Certified Digital Badge is conditioned on (i) Registrant being certified by BSA pursuant to BSA’s Verafirm program for certifying organizations in standards-based SAM (formerly referred to as “CSS(O)”) and (ii) Registrant maintaining such certification.
- Registrant’s right to use the Digital Badge Certification Marks is subject to, and conditioned on, Registrant’s (i) maintaining registration in the Verafirm registry; (ii) remaining designated by BSA as compliant in the Verafirm registry; (iii) meeting the conditions for use of a specific Digital Badge under Section 1 hereof and complying with the terms and conditions of this Digital Badge License and the Verafirm Agreement; and (iv) using the Digital Badge Certification Marks in accordance with the guidelines set forth in the Digital Badge Certification Marks Usage Guidelines,which may be updated from time to time. Any use by Registrant outside the scope of such guidelines is grounds for termination of Registrant’s right to use the Digital Badge Certification Marks.
- Registrant may use the Digital Badge Certification Marks solely on Registrant’s website for the limited purpose of signaling to others that Registrant has met the certification requirements and that Registrant has been granted the right by BSA to hold itself out as Registered, Verified, or Certified (as applicable). The Digital Badge Certification Marks are personal to Registrant and are not assignable or sublicensable.
- BSA shall have the unconditional right to terminate Registrant’s right to use the Digital Badge Certification Marks, during the Term, for any or no reason, at its sole discretion, immediately without notice. Immediately upon expiration or termination, Registrant’s right to use the Digital Badge Certification Marks will cease and Registrant will immediately stop all further use of the Digital Badge Certification Marks and remove the Digital Badge Certification Marks from any portions of Registrant’s website.
- BSA shall have the right to make changes to the Digital Badge Certification Marks, including substituting other certification marks in place of the Digital Badge Certification Marks. Upon BSA’s notice to Registrant, Registrant will promptly discontinue all use of the original Digital Badge Certification Marks and use in their place the modified or substituted certification marks identified by BSA in its notice to Registrant.
- As between Registrant and BSA, BSA owns the Digital Badge Certification Marks and Registrant will not, either directly or indirectly, challenge or assist any person or entity in challenging (i) BSA’s rights in or to the Digital Badge Certification Marks, (ii) BSA’s rights to control the use of the Digital Badge Certification Marks, or (iii) the validity of the Digital Badge Certification Marks or of any registration or registration application for the certification mark.
- This Digital Badge License Agreement is subject to the terms and conditions of the Verafirm Agreement. In the event any provision of this Digital Badge License Agreement conflicts with the terms or conditions of the Verafirm Agreement, the Verafirm Agreement shall govern.
Exhibit B ― Third-Party Verification Agreement
This Third-Party Verification Agreement (“Agreement”) is entered into as of [insert date] by and between [insert the name of Third-Party Verifier] (“Third-Party Verifier”) and [insert the name of Registrant] (“Disclosing Party”). Third-Party Verifier and Disclosing Party agree that:
- “Confidential Information” means any information obtained by Third-Party Verifier from Disclosing Party in connection with the Services that: (i) is marked as confidential; (ii) Third-Party Verifier otherwise knows is confidential; or (iii) that due to its character and nature, a reasonable person under similar circumstances would treat as confidential, except that Confidential Information does not include information that: (a) becomes publicly known without breach of this Agreement; (b) is already known to Third-Party Verifier, without confidentiality restriction, when disclosed; (c) is lawfully communicated to Third-Party Verifier, without confidentiality restriction, after disclosure; (d) Third-Party Verifier independently develops without use of the Confidential Information; or (e) Third-Party Verifier is required by law, court, or administrative order to disclose, provided that in the case of (e), Third-Party Verifier gives the Disclosing Party reasonable prior notice that includes a copy of any written request or order requiring the disclosure and cooperates with the Disclosing Party to try to limit such disclosure.
- Third-Party Verifier may use Confidential Information for the purpose of conducting for the Business Software Alliance, Inc. (“Client”) a verification of Disclosing Party’s compliance with any software program license terms and conditions (the “Services”). The Third-Party Verification will occur during normal business hours and with three business days’ advance notice. Disclosing Party must fully cooperate with the Third-Party Verifier by, for example and without limitation, (a) providing the Third-Party Verifier with access to Disclosing Party’s premises and to any of its computers and computer systems, licensing information, policies, or other information reasonably requested by the Third-Party Verifier and (b) participating in any meetings or calls reasonably requested by the Third-Party Verifier.
- Third-Party Verifier must exercise the same standard of care used by Third-Party Verifier to protect its own confidential information to prevent the disclosure of Confidential Information to any third party, except that Third-Party Verifier may use and disclose to Client (including Client’s employees and agents) Confidential Information to the extent necessary or appropriate to perform the Services for Client.
- The Disclosing Party will not disclose any information to Third-Party Verifier in violation of the proprietary rights of any third party.
- This Agreement is subject to the terms and conditions of the Verafirm License Management Registry Agreement between Client and Disclosing Party (“Verafirm Agreement”). In the event any provision of this Agreement conflicts with the terms or conditions of the Verafirm Agreement, the Verafirm Agreement shall govern.
- All notices must be in writing and be made by personal delivery, nationally recognized overnight courier service, facsimile, or certified or registered mail, return receipt requested, and shall be deemed given upon the earlier of actual receipt or one (1) day after deposit with the courier service, receipt by sender of confirmation of electronic transmission or five (5) days after deposit in the mail. Notices must be sent to the addresses provided in this Agreement or such other address that either party specifies in writing.
- This Agreement is the entire understanding and agreement between the Parties and supersedes all prior understandings and agreements between the Parties regarding its subject matter. No provision of this Agreement may be amended or waived except in a writing signed by both Parties.