We have updated our Master Service Agreement. If you are a new Customer, then this Master Service Agreement will be effective as of October 15, 2024. If you are an existing Customer, please note that this constitutes a notice of change and that this updated Master Service Agreement shall be applied to your Cato Networks Solution upon any renewal, upgrade, or additional Solution subscribed for after October 15, 2024.
IMPORTANT INFORMATION – PLEASE READ THIS CATO SOLUTIONS’ MASTER SERVICE AGREEMENT (“MSA” OR “AGREEMENT”) CAREFULLY BEFORE OPENING YOUR ACCOUNT AND/OR BEFORE DOWNLOADING OR INSTALLING THE SOLUTIONS (DEFINED BELOW). THIS AGREEMENT CONSISTS OF THE TERMS AND CONDITIONS WHICH GOVERN YOUR (“YOU” OR “CUSTOMER“), ACCESS TO AND USE OF CATO’S SOLUTIONS. BY CREATING AN ACCOUNT WITH CATO AND/OR USING THE SOLUTIONS (IN WHOLE OR IN PART) IN ANY WAY OR MANNER, YOU AGREE THAT YOU ARE BOUND BY THIS AGREEMENT.
IF YOU DO NOT AGREE TO THE TERMS OF THIS AGREEMENT, YOU SHOULD NOT OPEN AN ACCOUNT WITH CATO AND IMMEDIATELY AVOID THE USE OF THE SOLUTIONS AND RETURN THEM TO CATO.
Cato and Customer hereby agree as follows:
1. DEFINITIONS
1.1. “Affiliate”
means and include any entity or association controlled by, controlling or under common control of a party hereto. For purposes of this definition, the term “control” shall mean the power to manage or direct the affairs of the person or entity in question, whether by ownership of voting securities, by contract or otherwise.
1.2. “Authorized User”
means any employee, contractor, representative, or other person acting on Customer’s behalf who is authorized by Customer to use the Solution and who has been supplied with access to the Solution by either Customer or Cato, at Customer’s written request.
1.3. “Cato’s Network”
means the network inside of Cato border routers;
1.4. “Cato”
means any of the following Cato entities identified in the Order:
Cato Contracting Party | Mailing Address |
Cato Networks Inc. | 3031 Tisch Way, 110 Plaza West San Jose, California, 95128 |
Cato Networks (Singapore) Pte. Ltd | 25 International Business Park #02-53 German Centre 609916, Singapore |
Cato Networks (Australia) Pty Ltd. | Suite 2204 Level22 520 Oxford Street BONDI JUNCTION NSW 2022, Australia |
Cato Networks (Japan) KK | 1F Otemachi Building 1F, 1-6-1 Otemachi, Chiyoda-ku 100-0004 Tokyo, Japan |
Cato Networks (UK) Limited | 30 Old Bailey, London, EC4M 7AU, United Kingdom |
Cato Networks (EU) B.V. | De cuserstraat 93, 1081 CN Amsterdam, the Netherlands |
Cato Networks Ltd. | Landmark Tower, 2 Leonardo da Vinci St, Tel-Aviv 6473309, Israel |
Cato Networks (France) SASU | 17-21 rue Saint Flacre, Paris, 75002, France |
Cato Networks (Germany) GmbH | Rheinstrasse 11, Teltow, 14513, Germany |
Cato Networks (Philippines) Inc. | Makati Sky Plaza, 6788 Ayala Ave., 1223 Makati City, Philippines |
Cato Networks (Czech Republic) s.r.o. | Na Perštýně 342/1, Staré Město, 110 00 Prague 1, Czech Republic |
1.5. “Confidential Information”
means all information (however recorded, preserved or disclosed) disclosed by one party (the “Disclosing Party”) or its employees, officers or representatives (together, the “Representatives”) to the other party (the “Recipient”) and that party’s Representatives:
(a) in connection with the Service or Solutions;
(b) the existence and terms of this MSA and the Order;
(c) any information that would be regarded as confidential by a reasonable business person relating to the business, affairs, customers, clients, suppliers, plans, intentions, specifications, formulas, prototypes, computer programs (source and/or object code) and any and all records, data, ideas, methods, techniques, processes and projections, plans, marketing information, materials, financial statements, memoranda, analyses, notes, legal documents and other data, documents and information (in whatever form), as well as improvements, patents (whether pending or duly registered) and any know-how related thereto, relating to the Disclosing Party and information learned by the Recipient from the Disclosing Party through the inspection of the Disclosing Party’s property (including notes, analyses or other documents prepared by, or on behalf of, the receiving party which contain the information furnished to the receiving party pursuant hereto), that relates to Disclosing Party’s products, designs, business plans, business opportunities, finances, research, development, know-how, personnel, or market opportunities of the Disclosing Party or of any Affiliate of the Disclosing Party and the operations, processes, product information, know-how, designs, trade secrets or software of the Disclosing Party or of any Affiliate of the Disclosing Party;
but not including any information that:
In addition to the above and for the avoidance of doubt “Confidential Information” of Cato shall include but not be limited to, all information and know-how in respect of the Solutions and/or that are transferred to, or disclosed to Customer.
1.6. “Customer Data”
means any information provided by Customer for data processing via the Cato Solution, which includes network traffic including traffic data and URL(s), IP address(es) used in connection therewith to support the Services.
1.7. “Distributor”
means a third party that distributes the Cato Solutions through Partners to the Customer.
1.8. “Force Majeure Event”
means: (a) fire, flood, earthquake, elements of nature or act of God; (b) riot, civil disorder, rebellion or revolution; or (c) other matters outside of the reasonable control of Cato.
1.9. “Hardware”
means all hardware sockets delivered to Customer by Cato and/or its approved distributors or resellers pursuant to this MSA, if any.
1.10. “Intellectual Property Rights”
means any and all worldwide, whether registered or not (a) patents, patent applications and patent rights; (b) rights associated with works of authorship, including copyrights, copyrights applications, copyrights restrictions, mask work rights, mask work applications and mask work registrations; (c) rights relating to the protection of trade secrets and confidential information; (d) trademarks, trade names, service marks, logos, trade dress, goodwill and domains (“Trademarks“); (e) rights analogous to those set forth herein and any other proprietary rights relating to intangible property; and (f) divisions, continuations, renewals, reissues and extensions of the foregoing (as applicable) now existing or hereafter filed, issued, or acquired.
1.11. “Order”
means any of Cato’s service order forms or proposals, or if the Solution is subscribed through a Partner, then the service order forms of Cato’s authorized Partners, with respect to subscription of the Solution. The term “Order” also includes any applicable renewal, upgrade or upsell you make to increase or upgrade your Scope of Use (as hereinafter defined).
1.12. “Partner”
means a reseller or a managed service provider who either resells directly to, or manages the Solution to/for, as applicable, the Customer.
1.13. “Service”
means (i) the Cato proprietary software as a service (SaaS), known as the Cato Cloud, (ii) any software and/or services that are delivered to Customer under the Order on behalf of Cato or any software that is provided with the Hardware; (iii) all revisions, corrections, modifications, enhancements, improvements and/or updates and upgrades to the foregoing, and (iv) all related documentation included in the package and/or placed on Cato’s Website or the Cato Management Application.
1.14. “Solution(s)”
means the Service and Hardware.
1.15. “Subscription Term”
means the term of the Solution subscribed for under the Order that shall commence as of the start date set forth in the applicable Order and shall continue for the length of time referenced in the applicable Order unless earlier terminated in accordance with the terms of this MSA.
2. SUBSCRIPTION SERVICE
2.1. Subject to the terms and conditions of this Agreement (including payment of all applicable subscription fees) and during the Subscription Term, the Solution shall be made available to Customer, to be used by Customer’s and its Affiliates’ users solely for internal use of Customer or such Affiliate (as the case may be) during the Subscription Term. For this purpose, an account will be enabled in order for the Customer to access the Service (“Account”).
2.2. The terms of this Agreement apply to the Solution, as well as to updates, and upgrades subsequently provided by Cato or its Distributors or Partners, as applicable, to Customer for Cato Solutions. Cato shall host the Service and may update, among others, the functionality, user interface, usability and other user documentation, training and educational information of, relating to the Solution, from time to time, in its sole discretion and in accordance with this Agreement as part of its ongoing mission to improve the Solution and customers’ use of the Solution.
3. ORDERS
3.1. Your Order will specify your authorized scope of use for the Solution, which may include: (a) the bandwidth volume per site; (b) the number of mobile users; and (c) other terms (as applicable, the “Scope of Use”).
3.2. This Agreement applies whether you subscribe for the Solution directly from Cato or through Cato’s authorized Partners. Cato is not bound by any obligations to you other than what Cato has explicitly agreed to in this Agreement.
4. TRUE UP
During the Subscription Term, Customer may not exceed its Scope of Use, as such Scope of Use was defined in the original Order, and Cato shall be committed to provide only the purchased Scope of Use per site. If Customer’s needs exceed this Scope of Use, additional Scope of Use must be purchased for the remainder of the applicable Subscription Term. If Customer attempts to exceed the Scope of Use, Customer shall not be granted the additional capacity and shall not be charged for any additional capacity unless Customer agrees to purchase such additional capacity through an Order.
5. CUSTOMER OBLIGATIONS AND LIMITATIONS
5.1. Customer will designate the Authorized Users, and create usernames and passwords for such Authorized Users. Customer is solely responsible for maintaining the status of its Authorized Users and for all the activity of such Authorized Users and their use of the Account. Customer and its Authorized Users will maintain the confidentiality of all usernames, passwords, access, and account information under their control. Except to the extent caused by Cato’s breach of this Agreement, Cato is not responsible for unauthorized access to the Account. Customer will contact Cato promptly if (i) Account information is lost, stolen, or disclosed to an unauthorized person; (ii) Customer reasonably believes that the Account has been compromised, including any unauthorized access, use, or disclosure of account information; or (iii) any other breach of security in relation to its passwords, usernames, access information, or Cato’s Solution that may have occurred or is reasonably likely to occur.
5.2. Customer shall not (and shall not allow any third party to) (i) copy, reproduce, sell, license (or sub-license), lease, loan, assign, transfer, or pledge the Solutions or any part thereof, or otherwise permit any third party to do any of the foregoing; (ii) modify, copy, display, disassemble, decompile, reverse engineer, revise or enhance or republish or create any derivative works or otherwise merge or utilize all or any part of the Solutions with or into any third party materials or components or attempt to access or discover the Service’s source code; (iii) place the Solution onto a server so that it is accessible via a public network or use the Solution for timesharing or for service bureau purposes; (iv) ship, transfer, or export the Solution or any component thereof or use the Solution in any manner prohibited by law, including without limitation to, sell, distribute, export or download Solutions into (or to a national or resident of) Cuba, Iran, Iraq, Libya, North Korea, Sudan, Lebanon, Syria or the Ukrainian regions of Crimea, Donetsk, Luhansk, Kherson and Zaporizhzhia, or otherwise in violation of any export or import restrictions, laws or regulations of the U.S. or Israel or any foreign agency or authority. Customer agrees to the foregoing and warrants that it is not located in, under the control of, or a national or resident of any prohibited country or on any prohibited party list; (v) contest Cato’s Intellectual Property Rights to the Cato IPR; (vi) use the Service that is installed on or embedded or included in any Hardware on any server or hardware other than the Hardware as delivered by Cato or its Partner; (vii) remove or add any labels, notices or logos to the Solutions, (viii) perform any act or be responsible to any omission that is illegal, including, without limitation, those enforcing censorship, privacy, government authority restrictions, or by accessing any blocked services, or in Cato’s discretion otherwise jeopardizes, destabilizes, interrupts or encumbers the Solutions and/or Cato’s Network or their servers and/or has a detrimental impact on Cato and/or Cato IPR and/or Cato’s Network; (ix) transmit or upload any spam, viruses, spyware or other harmful, infringing, obscene, threatening, libelous, illegal, disruptive or destructive content, messages or files, or send or store worms, time bombs, Trojan horses or other harmful or malicious code, files, scripts, agents or programs; (x) access any Solution and/or its servers through or use with the Solutions any unauthorized means, services or tools, including, without limitation, any data mining, robots, or similar automated means or data gathering and extraction tools, including, without limitation, in order to extract for re-utilization of any parts of the Solutions or to establish a back door to the Solution; (xi) use the Solution for any purpose other than as permitted by this Agreement, including all Orders; (xii) directly or indirectly conduct any penetration testing (including to users’ systems, network and/or servers) through or using the Solutions and/or their respective connectivity or networks, unless (a) Customer performs such testing to their own systems and applications through no use of the Solution; (b) Customer notifies Cato about it 30 days in advance and in writing and (c) it is done solely as part of its legal and obligatory auditing processes to assure the operation of the Solution, or for its internal security verification requirements. Whether Customer has violated any of the limitations set forth in this Section 5.2 shall reside within Cato’s sole discretion. If Cato determines a violation has occurred, Cato shall notify Customer of the violation and Customer shall be required to cease the violation immediately. Cato may also determine in its sole discretion whether to suspend or block the Customer Account. Cato shall use such remedy if and when there is an imminent threat to Cato’s Network or if so directed by a court of competent authority. In such cases Cato will: (i) suspend the Account only to the extent reasonably necessary to prevent any harm to Cato’s Network; (ii) use its reasonable efforts to promptly contact Customer and give Customer the opportunity to promptly change the configuration of its server(s) accordingly and/or work with Customer to promptly resolve the issues causing the suspension of the Account; and (iii) reinstate any suspended part of the Account immediately after any issue as above-mentioned has been resolved, provided if Cato determines that any such violation was willful or is unable to be adequately remedied, it may immediately terminate this Agreement and/or any impacted Order without penalty upon notice to Customer.
5.3. Customer is solely responsible for acquiring and maintaining all of the hardware, software and services necessary to access and make use of the Solutions, including paying all fees and other costs related to internet access. Customer shall use the Solutions solely in accordance with the Cato’s Solution documentation made available and/or provided by Cato, and as may be updated from time to time, and in compliance with the applicable operating instructions and all applicable laws and regulations (including obtaining and maintaining any applicable necessary licenses and permits) and for no purpose other than as specifically authorized in the Solution documentation, including without limitation, Customer shall not use the Solution for the purpose of circumvention of government censorship, laws or regulations.
5.4. Customer is solely responsible for the accuracy, quality, integrity, legality, reliability and appropriateness of all Customer Data. Customer will enable and permit Cato (and/or its third party contractors) to process Customer Data used in connection therewith to support and operate the Services, all in accordance with Cato’s Data Processing and Privacy Agreement available at: https://www.catonetworks.com/cato-networks-data-processing-and-privacy-agreement; (the “Cato’s Data Processing Agreement”) and Cato’s Privacy Policy located at: https://www.catonetworks.com/privacypolicy (the “Privacy Policy”).
5.5. Customer will comply with all applicable privacy laws and regulations (including all registration and notice requirements), inclusive of the Cato Data Processing Agreement and the Privacy Policy; and Customer will obtain all applicable consents required by law for data processing by Cato of personal information submitted by Customer, if any.
5.6. Customer shall comply at all times with the applicable laws related to anti-corruption laws, money-laundering and bribery laws, including without limitation, the U.S. Foreign Corrupt Practices Act of 1977 and the UK Bribery Act, 2010, each as amended.
6. IP OWNERSHIP
6.1. Notwithstanding any other provision to the contrary, all Cato Confidential Information, Trademarks, Feedback (as defined below), the Service and the Intellectual Property Rights in the Hardware and all improvements, enhancements and derivatives thereof, and including any scripts and/or tools provided by Cato, including those that leverage Cato’s public API, and all Intellectual Property Rights thereto (“Cato IPR“) are exclusively owned by Cato and/or its licensors. This MSA does not convey to the Customer any right, title or interest in the Cato IPR. Customer Confidential Information, Customer Trademarks, and other Customer proprietary information, including all Customer Data, shall be the sole property of Customer, and Cato shall only have such rights to use such information as expressly provided in this Agreement and to provide the Cato Solution.
6.2. Feedback from Customer regarding the Solutions and Services, their use or any suggested improvements, enhancements or derivatives (“Feedback”) is welcomed by Cato. Customer is not required to provide Feedback, however, to the extent that it does so, such Feedback shall not constitute Customer’s Confidential Information and Customer acknowledges that Cato may use such Feedback in any manner Cato sees fit, without payment of royalty or any other consideration.
7. PAYMENT AND TAXES
All fees, taxes and other charges in connection with the Cato Solution shall be as set forth on the applicable Order.
8. SERVICE LEVELS
Subject to Customer’s compliance with the terms of this Agreement Customer shall be provided with the Services at the levels set forth in the Schedule 1 attached hereto (“SLA“).
9. CONFIDENTIAL INFORMATION
9.1. The Recipient agrees and acknowledges that all Confidential Information it obtains from the Disclosing Party constitutes the confidential property of the Disclosing Party if it is identified as confidential at the time of disclosure or should be reasonably known by the Recipient to be Confidential Information due to the nature of the information disclosed and the circumstances surrounding the disclosure. The Cato Solutions, pricing, technical information and other code, data, business or financial information of any type (including, without limitation, Cato’s plans for new or enhanced products and services) provided by Cato will be deemed trade secret and Confidential Information of Cato without any marking or further designation.
9.2. The Receiving Party may use or make copies of the Confidential Information of the Disclosing Party only to the extent reasonably necessary for purposes of this Agreement. The sharing of Confidential Information hereunder shall be “as is” without warranty and conveys to the Receiving Party no rights in or to such Confidential Information. The Receiving Party will protect the confidentiality of the Disclosing Party’s Confidential Information in the same manner that it protects the confidentiality of its own similar information, but in no event using less than a reasonable standard of care. The Receiving Party will restrict access in the Confidential Information to those of its personnel (including such personnel employed by its Affiliates, contractors, agents and legal and financial professionals) and subcontractors engaged in the performance, management, receipt or use of the Solution under this Agreement, or otherwise necessary in connection with its performance of all obligations under this Agreement, provided that such parties are bound by obligations of confidentiality at least as restrictive as the terms of this Agreement.
9.3. Notwithstanding the above provisions of this Section 9, a party may disclose Confidential Information to the extent required by law, by any governmental or other regulatory authority, or by a court or other authority of competent jurisdiction provided that, to the extent it is legally permissible to do so if:
9.3.1. it gives the other party as much notice in writing of this disclosure as possible;
9.3.2. to the extent required to disclose, discloses only that portion of the Confidential Information legally required; and
9.3.3. where notice of disclosure is not prohibited by law, and is given in accordance with this Section 9, it provides reasonable cooperation upon the Disclosing Party’s request in either disputing the request or seeking an appropriate protective order, or similar relief, to the protect the disclosure of such Confidential Information.
9.4. Receiving Party will return or destroy the Disclosing Party’s Confidential Information in its possession upon request by the Disclosing Party, and upon the expiration or other termination of this Agreement, provided the Receiving Party may retain the Confidential Information of the Disclosing Party by agreement or if required under applicable law. Each party may retain copies of the other party’s Confidential Information required for compliance with its recordkeeping or quality assurance requirements (subject to the terms of this Agreement and all confidentiality requirements herein for the length of such retention).
9.5. The Recipient acknowledges that disclosure of Confidential Information would cause substantial harm to the Disclosing Party that could not be remedied by the payment of damages alone and therefore that upon any such disclosure by the Recipient will be entitled to appropriate equitable relief in addition to whatever remedies it might have at law.
10. TERM AND TERMINATION.
10.1. Term. The term of this Agreement shall be the Subscription Term set forth in the Order, but in no event shall be less than 12 (twelve) months, including all renewals thereof.
10.2. Co-Term. Should any Order be submitted by Customer for additional Services and/or Hardware (an “Additional Order”) during any existing Subscription Term or renewal Subscription Term, the initial Subscription Term of such Additional Order shall be pro-rated to concur with the existing Subscription Term or renewal Subscription Term so that the termination of all current Subscription Terms and all subsequent renewal Subscription Terms shall coincide to take effect on the same date. Applicable fees shall be pro-rated in accordance with any pro-rated Subscription Term or renewal Subscription Term.
10.3. Termination.
10.3.1. If the Order is placed by Customer directly to Cato (rather than through a Partner), then the following shall apply:
10.3.1.1. Customer may terminate this MSA upon thirty (30) days prior written notice to Cato if Cato is in material breach of the MSA and fails to cure the breach within the said notice period, in which case Customer will be entitled to receive a pro-rata refund of all pre-paid fees attributable to any period post termination, if any, as Customer’s sole and exclusive remedy.
10.3.1.2. Cato may terminate this MSA upon thirty (30) days prior written notice to Customer if Customer is in material breach of the MSA and fails to cure the breach within the said notice period, subject to the foregoing. Cato may terminate the MSA with written notice: (i) upon Customer’s failure to comply with its obligations under Section 5; (ii) if Customer attempts to transfer or assign any of its rights, liabilities or obligations under this MSA contrary to the provisions of this MSA; (iii) non-payment of the applicable fees to Cato after a delay of more than seven (7) days; (iv) Cato reasonably believes it is necessary to do so to comply with any law or an order, instruction or request of government, emergency services or other competent authority; or (v) a Force Majeure Event occurs which materially affects Cato’s ability to provide the Service.
10.3.2. If the Order is placed by Customer to Cato’s Partner, the following shall apply:
10.3.2.1. Notwithstanding any termination rights set forth in the Order between the Customer and the Partner, Cato may terminate the provision of the Services provided to Customer upon thirty (30) days prior written notice to Partner if Customer is in material breach of any of the obligations hereunder;
10.3.2.2. Notwithstanding the foregoing, Cato may terminate the provision of the Services provided to Customer (in whole or in part) with written notice to Customer and Partner: (i) upon Customer’s failure to comply with its obligations under Section 5; ii) if Customer attempts to transfer or assign any of its rights, liabilities or obligations under this MSA contrary to the provisions of this MSA; (iii) non-payment of the applicable fees to Cato after a delay of more than seven (7) days (iv) Cato reasonably believes it is necessary to do so to comply with any law or an order, instruction or request of government, emergency services or other competent authority; or (v) a Force Majeure Event occurs which materially affects Cato’s ability to provide the Service.
10.3.3. Licensed local telecommunication suppliers will be used to provide portion of the Services in China and such portion of the Services will be part of our global Network. Without derogating from the aforesaid in this Agreement, in the event of regulatory changes in China, acts of government authorities, or unexpected and immediate acts of the licensed local telecommunication supplier, affecting the local suppliers’ ability to provide the Services, Cato will be entitled to (i) terminate applicable Services or (ii) transition Customer to another alternative local provider, under such provider’s terms; in either case without any further liability.
10.3.4. In order to comply with the laws and regulations of China, and enable your use of Cato Solution in China, if applicable, you are required to provide additional information and deliver applicable forms to our local service providers, all solely in connection with your sites in China. In order to be able to provide you with the Solution, such forms and information are to be provided (i) prior to the execution of the Order, and (ii) as soon as possible after receiving Cato’s request of information at any time during the term of this Agreement, as a condition precedent for the provision (and continuous provision) of the Solution. Without such information and forms provided, Cato shall not be able to process the Order nor provision of the Solution.
10.4. Effects of Termination. Upon termination or expiration of this MSA Customer shall cease use of the Solutions and immediately return to Cato all Confidential Information and Cato IPR in any media and shall, to the extent applicable, erase all copies of the Service. Notwithstanding the termination or expiration of this MSA, Sections 6, 9, 10.3.3, 11, 12, 13 , and 14 shall survive and remain in effect in perpetuity.
11. LIMITATIONS OF LIABILITY
NEITHER CUSTOMER NOR CATO NOR CATO’S AFFILIATES, LICENSORS, SUPPLIERS, REPRESENTATIVES OR DISTRIBUTORS OR PARTNERS OR SHAREHOLDERS, MANAGERS, DIRECTORS, OFFICERS, AFFILIATES AND EMPLOYEES, RESPECTIVELY, SHALL BE LIABLE UNDER THIS AGREEMENT UNDER ANY LEGAL THEORY WHETHER IN CONTRACT, TORT OR OTHERWISE, FOR ANY INCIDENTAL, CONSEQUENTIAL, INDIRECT, SPECIAL, PUNITIVE, OR EXEMPLARY DAMAGES, INCLUDING DAMAGES FOR LOSS OF BUSINESS PROFITS, BUSINESS INTERRUPTION, LOSS OF INFORMATION, LOSS OF DATA INCLUDING ARISING OUT OF THE USE OF OR INABILITY TO USE THE SOLUTION OR OTHER PECUNIARY LOSS EVEN IF THE OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES, PROVIDED, HOWEVER, THAT THE FOREGOING LIMITATION ON LIABILITY SHALL NOT APPLY TO CUSTOMER’S LIABILITY FOR FAILURE TO PAY ALL FEES UNDER EACH APPLICABLE ORDER.
THE SOLE LIABILITY OF CATO, IT’S AFFILIATE’S, AND LICENSORS, WHETHER IN CONTRACT, TORT, NEGLIGENCE, STRICT LIABILITY IN TORT, BY STATUTE OR OTHERWISE, FOR ANY AND ALL CLAIMS IN ANY MANNER RELATED TO THIS AGREEMENT, WILL BE THE PAYMENT OF DIRECT DAMAGES NOT TO EXCEED IN THE AGGREGATE THE TOTAL SUBSCRIPTION FEES PAID BY CUSTOMER TO CATO FOR THE SOLUTION DURING THE TWELVE (12) MONTHS PRECEDING THE EVENT THAT GAVE RISE TO THE CLAIM. NOTWITHSTANDING THE FOREGOING OR ANYTHING TO THE CONTRARY IN THIS AGREEMENT OR AN ORDER, IF CUSTOMER HAS PURCHASED THE CATO SOLUTION THROUGH A PARTNER, CUSTOMER SHALL LOOK EXCLUSIVELY TO THE PARTNER FOR ANY RELIEF RELATING TO THE SERVICES OR VIOLATION OR BREACH OF THIS MSA.
12. DISCLAIMER OF WARRANTY
CATO MAKES NO WARRANTY REGARDING THE SOLUTION AND IT IS PROVIDED ON AN “AS IS” BASIS AND CATO HEREBY DISCLAIMS ALL WARRANTIES, EXPRESS AND IMPLIED, INCLUDING ANY IMPLIED WARRANTIES OF FITNESS FOR A PARTICULAR PURPOSE, MERCHANTABILITY, INFORMATIONAL CONTENT, SYSTEMS INTEGRATION, INTERFERENCE WITH ENJOYMENT OR OTHERWISE. CATO DOES NOT WARRANT THAT (I) THE SOLUTION WILL BE UNINTERRUPTED OR ERROR-FREE, OR (II) THE SOLUTION WILL PERFORM IN ACCORDANCE WITH CUSTOMER’S EXPECTATIONS OR ACHIEVE CUSTOMER’S DESIRED RESULT.
THE SOLUTION IS NOT DESIGNED FOR USE WITH CRITICAL OR LIFE SAVING INFRASTRUCTURES, SYSTEMS THAT CONTAIN OR PROTECT AGAINST DANGEROUS OR HAZARDOUS MATERIALS OR FORCES, NATIONAL SECURITY PURPOSES OR NUCLEAR, CHEMICAL, OR BIOLOGICAL WEAPONS.
CUSTOMER’S SOLE AND EXCLUSIVE REMEDY IN CONNECTION WITH ITS USE OR PERFORMANCE OF THE SOLUTION HEREUNDER SHALL BE THOSE REMEDIES SET FORTH IN THE SLA ATTACHED AS SCHEDULE 1 HERETO.
13. GOVERNING LAW & JURISDICTION
When Customer subscribes for the Cato Solution directly from Cato, this MSA is governed by the laws and courts as set forth in the following table:
Cato Contracting Party | Governing Laws and Courts |
Cato Networks Inc. | The laws of the State of New York without regard to conflict of laws provisions thereof. The courts of New York, New York shall have exclusive jurisdiction and venue to adjudicate any dispute arising out of this MSA and both parties hereby irrevocably submit to the exclusive jurisdiction of those courts.
THE PARTIES SPECIFICALLY WAIVE ANY RIGHT TO TRIAL BY JURY IN ANY COURT WITH RESPECT TO ANY CONTRACTUAL, TORTIOUS, OR STATUTORY CLAIM, COUNTERCLAIM, OR CROSS-CLAIM AGAINST THE OTHER ARISING OUT OF OR CONNECTED IN ANY WAY TO THIS AGREEMENT |
Cato Networks (Singapore) Pte. Ltd
Cato Networks (Japan) KK Cato Networks (Philippines) Inc. |
The laws of Singapore without regard to conflict of law provisions thereof. The courts of Singapore, shall have exclusive jurisdiction and venue to adjudicate any dispute rising out of this MSA and both parties hereby irrevocably submit to the exclusive jurisdiction of those courts. |
Cato Networks (UK) Limited
Cato Networks (Australia) Pty Ltd. |
The laws of England and Wales without regard to conflict of law provisions thereof. The courts of London, United Kingdom shall have exclusive jurisdiction and venue to adjudicate any dispute arising out of this MSA and both parties hereby irrevocably submit to the exclusive jurisdiction of those courts. |
Cato Networks (EU) B.V.
Cato Networks (Germany) GmbH Cato Networks (France) SASU Cato Networks (Czech Republic) s.r.o. |
The laws of the Netherlands without regard to conflict of law provisions thereof. The courts of Amsterdam, the Netherlands shall have exclusive jurisdiction and venue to adjudicate any dispute arising out of this MSA and both parties hereby irrevocably submit to the exclusive jurisdiction of those courts. |
Cato Networks Ltd. | The laws of the State of Israel without regard to conflict of law provisions thereof. The courts of Tel Aviv, Israel shall have exclusive jurisdiction and venue to adjudicate any dispute arising out of this MSA and both parties hereby irrevocably submit to the exclusive jurisdiction of those courts. |
When Customer subscribes to the Cato Solution from any of Cato’s Partners, the laws of the State of New York shall apply to this MSA, without regard to its conflict of law’s provisions. The courts located in New York, NY shall have exclusive jurisdiction and venue to adjudicate any valid dispute arising out of this MSA and both parties hereby irrevocably submit to the exclusive jurisdiction of those courts. THE PARTIES SPECIFICALLY WAIVE ANY RIGHT TO TRIAL BY JURY IN ANY COURT WITH RESPECT TO ANY CONTRACTUAL, TORTIOUS, OR STATUTORY CLAIM, COUNTERCLAIM, OR CROSS-CLAIM AGAINST THE OTHER ARISING OUT OF OR CONNECTED IN ANY WAY TO THIS AGREEMENT.
14. GENERAL
14.1. Entire Agreement. This Agreement is the entire agreement between the parties regarding the subject matter of this Agreement. This Agreement supersedes all prior or contemporaneous representations, understandings, agreements, or communications whether written or verbal, regarding the subject matter of this Agreement. Unless otherwise expressly provided, no provisions of this MSA are intended or shall be construed to confer upon or give to any person or entity other than Customer and Cato, its Affiliates and successors or assignees any rights, remedies or other benefits under or by reason of the MSA; In case Customer submits its own PO, such PO will be viewed as a technical document and its terms will not bind Cato even if Cato is being requested and consequently signs such document. The terms and conditions of this MSA shall apply to all Order(s), orders and any additional or inconsistent terms appearing on purchase orders generated by Customer, if applicable, are not incorporated into this MSA and are not otherwise binding on Cato.
14.2. Changes to the Solution. Cato may make technical or other changes to the Solution and the provision of the Solution. Where any such change would adversely and materially affect Customer, Cato shall notify Customer, through Cato management system of the Solution to Customer’s administrator, and if such change is unique to the Customer via a ticket made available to Customer’s administrator of the Solution on the Customer Portal (the details of the Customer administrator should be inserted by the Customer in Cato management system and should remain subscribed for Cato’s notifications) and the change shall only take effect upon renewal of Customer’s then current Subscription Term of the Solution or upgrade, or additional Solution subscribed for from Cato.
14.3. Assignment. This Agreement will bind and inure to the benefit of each party’s permitted successors and assigns. Neither this MSA, nor any rights or obligations under this MSA, is assignable by Customer, without the prior written consent by Cato. Cato may assign this Agreement to any party without the consent of Customer. Any unauthorized assignment will be void and of no force or effect;
14.4. Validity. In case any provision of this MSA shall be invalid, illegal or unenforceable, the validity, legality and enforceability of the remaining provisions shall not in any way be affected or impaired thereby
14.5. Exercise of Rights. No failure or delay on the part of Cato or its Partners hereto in exercising any right, power or remedy shall operate as a waiver thereof, any waiver granted by Cato and/or a Partner, hereunder must be explicit and in writing and shall be valid only in the specific instance in which given;
14.6. Notices. Any notice hereunder will be in writing to the notice address set forth in the Order: (i) upon receipt if by personal delivery; (ii) upon receipt if sent by certified or registered mail (return receipt requested); (iii) two (2) days after it is sent if by overnight delivery by a major commercial delivery service; or (iv) upon written approval of receipt by the receiving party if sent by email. Either party may, by like notice, specify or change an address to which notices and communications shall thereafter be sent.;
Service Level Agreement (“SLA”)
1. SLA OBJECTIVE
This SLA is an integral part of the Agreement and subject to the terms set forth therein, and Customer’s fulfillment of its obligations therein. Defined terms shall have the meaning ascribed to them in the Agreement, unless defined otherwise herein. The SLA provides certain rights and remedies if an Authorized User experiences service interruption because of failure of Cato’s infrastructure.
2. TERM DEFINITIONS
For the purpose of this SLA, the terms in bold are defined as follows:
2.1. “Affected Site(s)” means the physical or virtual specific Site that is connected to the Services, in which the relevant Downtime occurred;
2.2. “Available” or “Availability” means the time during which a Site is active, enabled and has reasonable access to the Service provided by Cato, subject to the exclusions defined in Downtime Minutes below;
2.3 “Cato Service Improvements” means upgrades, patches, bug fixes, or other service improvements that Cato may provide to the Services from time to time;
2.4. “Cato Support Portal” means https://support.catonetworks.com;
2.5. “Downtime” or “Downtime Minutes” means the total number of minutes that the Service is not Available, and a Site cannot access the Service. The calculation of Downtime excludes time that a Site is unable to access the Services due to any of the following: (a) Maintenance; (b) A Site’s own Internet service provider failure or any other 3rd party connectivity method; (c) any failure of the Hardware, other than if Customer has purchased the high availability solution (i.e. redundant Hardware), configured it correctly, and the failure of the Hardware results in a Site outage; (d) A Force Majeure event; (e) Any systemic Internet failures; (f) Any failure in the Site’s own hardware, software or network connection; (g) Site’s bandwidth restrictions; (h) Customer’s acts or omissions; (i) Customer changes made negligently in the Customer Management Application; or (j) inability to access the Service, if a Customer is using IPSec or Cross Connect to connect to the Cato Service, and has not implemented a connection to a secondary location, or (i) Anything outside of the direct control of Cato;
2.6. “Emergency Maintenance” shall mean maintenance required to ensure the Availability, reliability, or security level of the Service due to unforeseen circumstances;
2.7. “Maintenance” shall mean Cato Service Improvements and Emergency Maintenance;
2.8. “Maintenance Time” shall mean the time period during which the Service may not be Available due to Cato’s performance of Maintenance;
2.9 “Problem Response Time” shall mean the time between the receipt of a valid Initial Support Ticket regarding a Service issue, and the initial response by Cato in respect thereto;
2.10 “Service Event” shall mean an event of disruption to the Service, confirmed as such in writing by Cato, based on and provided that, all information from the Customer regarding such an event was provided by the Customer through Cato Support Portal.
2.11 “Service Level Credit” shall mean the credits to be provided to Customer upon the occurrence of a reduction in Availability as detailed below, which are calculated as more fully detailed below and are a percentage of total Fees paid by Customer for the Affected Site(s) during the month in which such reduction occurs;
2.12 “Site” shall mean the applicable office-headquarters, branch-office, on-premises-datacenter, cloud-datacenter, or SDP Client.
2.13 “SLA Metric” or “Service Level” shall mean the overall Service availability metric of 99.999%, measured by Cato monthly and made available to the Customer at: https://status.catonetworks.com/ (“Status Page”);
2.14 “Total Monthly Minutes” shall mean the number of days in the month multiplied by 1,440 minutes per day;
3. CATO SERVICE IMPROVEMENTS AND EMERGENCY MAINTENANCE
3.1 Cato Service Improvements.
During the term of the Agreement when Cato performs Cato Service Improvements, it will make reasonable efforts to: (i) notify Customer via the Status Page, forty-eight (48) hours in advance of any Cato Service Improvements, such notification to include the time and date of such Cato Service Improvements, and (ii) synchronize such windows outside of applicable location working hours. No notice shall be required for Cato Service Improvements conducted on Sundays between 2PM – 6PM UTC.
3.2 Emergency Maintenance
3.2.1 Customer hereby understands and agrees that there may be instances where Cato needs to interrupt the Services without notice, in its sole discretion, in case of Emergency Maintenance.
3.2.2 Emergency Maintenance will only be deemed as Downtime for the purpose of section 7.1 below if Cato does not provide at least six (6) hours advance notice of Emergency Maintenance.
4. PROBLEM RESPONSE TIME
4.1. If Customer experiences an issue with the Service, Customer is responsible to first verify if a broader service disruption has already been reported at Cato’s Status Page (i.e. https://status.catonetworks.com/). If a service disruption has already been reported which is applicable to the Customer’s problem, Cato shall not be obligated to the response time per the table below, as the issue shall be considered as already being addressed, and progress updates will be provided to all affected Customers via the Status Page (i.e. https://status.catonetworks.com/).
4.2 Excluding the circumstances set forth in section 4.1 above, Cato will respond to Customer after Customer’s submission of an Initial Support Ticket to Cato via the Cato Support Portal, and will provide Customer with progress updates in accordance with the timelines set forth in the table below.
The Problem Response Time Table:
Categorization | Criteria | Initial Response Time | Status Update |
Level 1 – Critical | Outage of Multiple PoP locations. The Customer cannot connect to Cato Network services at all. | 2 hours | Every 2 hours |
Level 2 – High | Outage of a single PoP location. The Customer can connect to a different PoP; and/or outage of the Cato Management Application |
4 hours | Every 1 business day |
Level 3 – Low | Other issues that do not prevent the Customer from accessing a significant feature of the Service | 1 business day | In 4 business days |
5. AFFECTED SITE(S)
The Services are provided in a multi-PoPs architecture where the access of the Customer may be extended across numerous PoPs. Customer may obtain the remedies set forth in this SLA for the Affected Site(s) failing to meet the Availability metrics below.
6. MEASUREMENT
Cato uses a proprietary system to measure Availability of the Services, and this system will be the sole basis for resolution of any dispute that may arise between the Customer and Cato regarding the Service Level. Customer may present different measurement of the Availability of the Services based on internal systems of Customer to Cato, but in the event of a contradiction between Cato’s measurements and Customer’s measurements, measurements based on Cato’s proprietary system shall prevail.
7. SERVICE LEVEL CREDITS
7.1. Availability Calculation.
Availability is calculated based on the following formula:
A = (T – M – D) / (T – M) x 100%
A = Availability
T = Total Monthly Minutes
M = Maintenance Time
D = Downtime
Availability | Credit Amount of Monthly Fee for Affected Site(s) |
>= 97.9% but < 99.999% | 5% |
>= 96.9% but < 97.9% | 7% |
< 96.9% | 9% |
7.2. Service Level Credits; Claim Process and Payment. To be eligible for Service Level Credit(s), Customer must meet the following:
7.2.1. Customer account must be in good standing with all invoices paid and up to date;
7.2.2. There must be a support ticket documenting the event created within 24 hours of the Service Event (the “Initial Support Ticket”);
7.2.3. The Customer must notify Cato by opening an additional support ticket, within five (5) business days of opening the Initial Support Ticket and provide a claim notice (“Claim Notice”).
For SDP Client Downtime, a Claim Notice may be submitted, provided that at least 5% or 10 SDP Clients (the greater of the two) experienced simultaneous Downtime;
7.2.4. The Claim Notice must include the following:
7.2.4.1. Subject of the ticket must be: “Claim Notice – <account-name>” (Customer account name as registered with Cato must be listed in place of ‘<account-name>’);
7.2.4.2. List the type of Service that was affected;
7.2.4.3. List the date and time on which the Downtime began and the date and time on which the Downtime ended;
7.2.4.4. List the Sites that were affected by Downtime;
7.2.4.5. Ticket number of the documented Service Event.
7.3. Cato will confirm receipt of the Claim Notice within five (5) business days of receipt. If Cato cannot confirm the Downtime, then the Customer and Cato agree to refer the matter to executives at each company for resolution. The sole and exclusive remedy to which the Customer may be entitled for failure to provide the level of Availability set forth in this SLA as per the Service Level Metric, is the amount of Service Level Credits set forth above for the affected Service Level Metric and the Affected Sites for the affected month.
7.4. The Service Level Credit will be reflected in Cato’s invoice to the Customer following Cato’s confirmation that the Customer is eligible for credits.
8. HARDWARE SUPPORT AND MAINTENANCE SERVICES
8.1. In the event of failure of a Hardware component, a Customer may contact Cato for assistance in troubleshooting the problem. Cato will attempt to diagnose and resolve the problem with the Customer, remotely.
8.2. If after troubleshooting, Cato determines that the failure is caused by defective Hardware, Cato will initiate Hardware exchange or repair of the defective Hardware component (such replacement Hardware may be refurbished or renewed) according to the following process:
8.2.1 Cato will initiate an advance exchange (“Advance Exchange”) of the defective Hardware component with a repaired or replacement Hardware component (prior to receiving the defective Appliance), but only after issuing the return material authorization (“RMA”) number to the Customer;
8.2.2 Shipping will be by air freight, priority service to the Customer or its designee unless the parties mutually agree otherwise. The replacement Hardware component will ship from Cato within 1 business day of Cato and the Customer’s determination that an Advance Exchange is appropriate;
8.2.3 Cato will include with the replacement Hardware component instructions on how to return the defective Hardware component, which must be returned within ten (10) calendar days, complete with such Hardware component’s original packaging and documentation, if available, to Cato freight collect with the RMA number displayed on the outside of the shipping container.
8.2.4 Cato will provide a prepaid shipping label to facilitate the return of the Hardware component. All inbound and outbound Hardware component shipping charges for defective Hardware components hereunder will be paid by Cato. In the event that the defective Hardware is the result of Customer’s misuse of the Hardware, all inbound and outbound Hardware component shipping charges for Hardware component hereunder will be paid by Customer, in addition to an amount of $300 per socket. In the event that a socket has been stolen or lost by Customer, Cato will ship a new socket within 1 business day of notification of the socket being lost or stolen, in accordance with the above described process.In such a case, All inbound and outbound socket shipping charges for the new socket hereunder will be paid by Customer, in addition to an amount of $300 per socket.Cato will provide phone and email support for configuration and installation of the Hardware component.
8.3 During the Subscription Term, Cato may update and replace the Hardware by providing 90 days written notice to Customer, and Customer shall be obligated to replace its then-current Hardware within 30 days of receiving the new Hardware. Any such replacement of Hardware shall be in accordance with the process described above.