|
E204 (Products and Services)
<br />REV: 07-22-25 MI
<br />February 14, 2025
<br />published security capabilities.
<br />B.7.2 Malicious Code. Esri will use commercially reasonable efforts to ensure that Esri Offerings will not transmit
<br />any Malicious Code to Customer. Esri is not responsible for Malicious Code that Customer introduces to Esri
<br />Offerings or that is introduced through Third-Party Content.
<br />B.7.3 Export Compliance. Each party will comply with all applicable export and trade sanctions laws and
<br />regulations, including the US Department of Commerce’s Export Administration Regulations (EAR), the US
<br />Department of State’s International Traffic in Arms Regulations (ITAR), the US Department of Treasury, Office of
<br />Foreign Assets Control (OFAC) Regulations, and other applicable export laws. Customer will not export, reexport,
<br />transfer, release, or otherwise dispose of, in whole or in part, or permit access to or transfer or use of Services or
<br />Esri Offerings to any United States embargoed countries currently including Iran, Syria, North Korea, Cuba, Russia,
<br />Belarus, Crimea region of Ukraine, the Donetsk People’s Republic (DNR) and Luhansk People’s Republic (LNR),
<br />or denied entities or persons except in accordance with all then-current applicable US government export laws and
<br />regulations. Customer will not export, reexport, transfer, or use Services or Esri Offerings for certain missile, nuclear,
<br />chemical, or biological activities or end uses without proper authorization from the US government. Customer shall
<br />immediately notify Esri in writing if any US government entity or agency denies, suspends, or revokes Customer’s
<br />export privileges. Customer will not upload, store, or process in Cloud Services any Customer Content that (i) has
<br />an Export Control Classification Number (ECCN) other than EAR99 or (ii) is controlled for export from the United
<br />States under ITAR or (iii) is subject to the EAR where the cloud host is on the US government’s Specially Designated
<br />Nationals List, Denied Entity List, Unverified List or Denied Parties List or any other US government restricted list.
<br />Customer will notify Esri in advance if Esri’s performance of any Services or provision of any Esri Offerings is related
<br />to any defense article, defense service, or technical data, as defined under the ITAR Sections 120.31, 120.32 and
<br />120.33, respectively; Esri will not perform any such Services or provide any such Esri Offerings until Esri obtains
<br />any necessary export license from the US government. Customer will reasonably assist Esri in applying for and
<br />obtaining an export license if needed.
<br />B.7.4 Privacy. Esri will process personal data according to the terms of the Data Processing Addendum available
<br />at https://www.esri.com/en-us/privacy/overview. a copy of which is attached hereto as Attachment D
<br />ARTICLE B.8—CLOUD SERVICES
<br />B.8.1 Prohibited Uses. Customer shall not provide Customer Content or otherwise access or use Cloud Services
<br />in a manner that
<br />a.Creates or transmits spam, spoofings, or phishing email or offensive, hate related or defamatory material; or
<br />stalks or makes threats of physical harm;
<br />b.Stores or transmits any Malicious Code;
<br />c.Violates any law or regulation;
<br />d.Infringes or misappropriates the rights of any third party;
<br />e.Probes, scans, or tests the vulnerability of Cloud Services or breach any security or authentication measures
<br />used by Cloud Services without written approval from Esri’s Product Security Officer; or
<br />f.Benchmarks the availability, performance, or functionality of Cloud Services.
<br />B.8.2 Service Interruption. System failures or other events beyond Esri’s reasonable control may interrupt
<br />Customer’s access to Cloud Services. Esri may not be able to provide advance notice of such interruptions.
<br />B.8.3 Customer Content.
<br />a.Customer grants Esri and its subcontractors a nonexclusive, nontransferable, worldwide right to host, run,
<br />modify, and reproduce Customer Content as needed to provide Cloud Services to Customer. Esri will not
<br />access, use, or disclose Customer Content without Customer’s written permission except as reasonably
<br />necessary to support Customer’s use of Cloud Services. Except for the limited rights granted to Esri under
<br />this Agreement, Customer retains all its rights, title, and interest in the Customer Content.
<br />b.If Customer accesses Cloud Services with an application provided by a third party, Esri may disclose
<br />Customer Content to such third party as necessary to enable interoperation between the application, Cloud
<br />Services, and Customer Content.
<br />ATTY/AGR.2025.178/Environmental Systems Research Institute, Inc.(ESRI Agreement for Services) (Page 13 of 31)
|