SECTIGO CERTIFICATE SUBSCRIBER AGREEMENT

IMPORTANT—PLEASE READ THIS SECTIGO CERTIFICATE SUBSCRIBER AGREEMENT CAREFULLY BEFORE APPLYING FOR, ACCEPTING, OR USING A SECTIGO CERTIFICATE OR BEFORE CLICKING ON “I ACCEPT”. YOU AGREE THAT BY APPLYING FOR, ACCEPTING, OR USING A SECTIGO CERTIFICATE,YOU HAVE READ THIS AGREEMENT, YOU UNDERSTAND IT, AND YOU AGREE TO ITS TERMS. IF YOU ARE APPLYING FOR, ACCEPTING, OR USING A SECTIGO CERTIFICATE ON BEHALF OF A COMPANY OR OTHER LEGAL ENTITY, YOU REPRESENT THAT YOU ARE AN AUTHORIZED REPRESENTATIVE OF SUCH ENTITY AND HAVE THE AUTHORITY TO ACCEPTTHIS AGREEMENTON SUCH ENTITY’S BEHALF. IF YOU DO NOT HAVE SUCH AUTHORITY OR IF YOU DO NOT ACCEPT THIS AGREEMENT, DO NOT APPLY FOR, ACCEPT, OR USE A SECTIGO CERTIFICATEAND DO NOT CLICK “I ACCEPT”.SECTIGO CERTIFICATE SUBSCRIBER AGREEMENT

This Sectigo Certificate Subscriber Agreement (this “Agreement”) is between the individual or legal entity identified on the issued Certificate(s) resulting from this Agreement(“Subscriber”) and SectigoLimited, a limited company formed under the laws of England and Wales with registered number 04058690 and registered offices at 26 Office Village, 3rd Floor, Exchange Quay, Trafford Road, Salford, Manchester M5 3EQ, United Kingdom (“Sectigo”). This Agreement governs Subscriber’s application for and use of a Certificate issued from Sectigo. Subscriber and Sectigoagree as follows:

1.Definitions.

1.1.“Application Software Suppliers” means a developer of Internet browser software or other software that displays or uses Sectigo’s Certificates and distributes Sectigo’s root Certificates, such as Google Inc., Microsoft Corporation, Mozilla Foundation, and Opera Software ASA.

1.2.“CA/Browser Forum” means the association of Certificate issuers and Application Software Suppliers whose website is cabforum.org.

1.3.“CABF Standards” refers to the set of Industry Standards published by the CA/Browser Forum relating to the issuance and management of Publicly-Trusted Certificates, including (i) the Baseline Requirements for the Issuance and Management of Publicly-Trusted Certificates, (ii) the Guidelines for the Issuance and Management of Extended Validation Certificates, and (iii) the Guidelines for the Issuance and Management of Extended Validation Code Signing Certificates.

1.4.“Certificate”means a digitally signed electronic data file issued by Sectigoto a person orentity seeking to conduct business over a communications network which contains the identity of the person authorized to use the Digital Signature, a copy of their Public Key, a serial number, a time period during which the data file may be used, and a Digital Signature issued by Sectigo.

1.5.“Certificate Approver” means a natural person who is either Subscriber, employed by Subscriber, or an authorized agent who has express authority to represent Subscriber to (i) act as a Certificate Requester and to authorize other employees or third parties to act as a Certificate Requester, and (ii) to approve Certificate Requests for EV Certificates submitted by other Certificate Requesters.

1.6.“Certificate Requester” means a natural person who is either the Subscriber, employed by the Subscriber, an authorized agent who has express authority to represent the Subscriber, or a third party (such as an ISP or hosting company) that completes and submits a Certificate Request for an EV Certificate on behalf of Subscriber.

1.7.“Certification Practices Statement” or “CPS”meansthe Sectigo document posted in the Repository that explainsSectigo’s policies and practices of how Certificates are created, issued, managed, and revoked when operating its PKI infrastructure.

1.8.“Code Signing Certificate” means a Certificate that is issued for purposes of signing software objects and code.

1.9.“Confidential Information”means all material, data, systems, technical operations, and other information concerning Sectigo’s business operations that is not known to the general public, including all information about the Certificate issuance services (such as all Private Keys, personal identification numbers and passwords).

1.10.“Client Certificate” means a Certificate that is validated by Subscriber and provided by Sectigothat both (i) encrypts and adds a Digital Signature to emails sent by Subscriber or its employees, agents, or contractors and (ii) can be used by employees, agents, or contractors of Subscriber to authenticate access to Subscriber’s secure domains.

1.11.“Digital Signature” means an encrypted electronic data file which may be attached to or logically associated with other electronic data and which identifies and is uniquely linked to the signatory of the electronic data, is created using the signatory's Private Key and is linked in a way so as to make any subsequent changes to the electronic data detectable.

1.12.“Document Signing Certificate” means a Certificatethat is used to sign PDF documents.

1.13.“DV Certificate” means a Certificate that is validated by confirming the domain name listed in the Certificate.

1.14.“EV Certificate”means a Certificate signed by Sectigo’s EV root Certificate and that complies with CABF Standards.

1.15.“EV Code Signing Certificate” means a Code Signing Certificate issued in compliance with CABF Standards.

1.16.“Industry Standards” mean, individually or collectively, the CABF Standards and any other standards, rules, guidelines, and requirements applicable to a Certificate.

1.17.“OV Certificate” means a Certificate that is validated by confirming the existence of the entity named in the Certificate and the domain name listed in the Certificate.

1.18.“Privacy Policy” means Sectigo’s policies and practices about information privacy accessible via the website: https://sectigo.com/privacy-policy.

1.19.“Private Key”means a confidential encrypted electronic data file designed to interface with a Public Key using the same encryption algorithm and which may be used to create Digital Signatures, and decrypt files or messages which have been encrypted with a Public Key.

1.20.“Public Key”means a publicly available encrypted electronicdata file designed to interface with a Private Key using the same encryption algorithm and which may be used to verify Digital Signatures and encrypt files or messages.

1.21.“Relying Party”means an entity, other than Subscriber, that relieson a valid Certificate and that meets the conditions found in the Relying Party Agreement.

1.22.“Relying Party Agreement”refers to an agreement located in the SectigoRepository that governs a Relying Party’s use of a valid Certificate.

1.23.“Relying Party Warranty”refers to a warranty offered by Sectigoto a Relying Party under the terms and conditions found in the SectigoRelying Party Agreement in connection with the Relying Party’s use of a valid Certificate.

1.24.“Repository”means a publicly available collection of information and databases relating to Sectigo’s Certificate practices and which is available athttps://sectigo.com/legal.

1.25.“Services”means the Certificates ordered hereunder along with any related TrustLogosand/or Sectigosoftware, and documentation.

1.26.“Suspect Code” means code that contains malicious functionality or serious vulnerabilities, including spyware, malware, and other code that installs without the user’s consent and/or resists its own removal, and code that can be exploited in ways not intended by its designers to compromise the trustworthiness of the platforms on which it executes.

1.27.“TrustLogo”means a logo provided by Sectigofor use on a Subscriber’s site in connection with an issued Certificate.

2.Subscription Service and Products.

2.1.Request.
When applying for a Certificate, Subscriber shall submit a certificate request in a form specified by Sectigofor each ordered Certificate (“Certificate Request”). Forms for a Certificate Request are availableon Sectigo’s website and may be completed electronically.

2.2.Appointment. When submitting a Certificate Request for an EV Certificate, Subscriber shall designate, and thereby appoint, a Certificate Requester and Certificate Approver. Subscriber shall provide each natural person to be designated a Certificate Requester or Certificate Approver a copy of, or an opportunity to review, this Agreement and thePrivacy Policy prior to such appointment. Unless such appointment is revoked by Subscriber sending notice to Sectigo, such appointment lasts for the duration of this Agreement.

2.3.Validation.Upon Sectigo’s acceptance of Subscriber’s Certificate Request, Sectigoshall attempt to validate the information provided in accordance with the SectigoCPSand CABF Standards. If Sectigochooses to accept the application and can validate Subscriber to Sectigo’s satisfaction, Sectigoshall issue the ordered Certificate(s) toSubscriber. Sectigomay reject a Certificate Request and refuse to issue any ordered Certificate in its sole discretion.

2.4.Multiple Certificates. This Agreement applies to multiple future Certificate Requests and any resulting Certificates, regardless of when the Certificate is requested or issued.

3.Licenses and Restrictions.

3.1.Certificate License. Subject to the terms and conditionsstated herein, after issuance of a Certificate, Sectigogrants Subscriber a revocable, non-exclusive, non-transferable, limitedlicense to use the issued Certificate (i) on the server hosting the domain name(s) listed in the Certificate if the Certificate is a DV Certificate, OV Certificate, or EV Certificate, or (ii) for purposes of encrypting email messages, if the Certificate isa Client Certificate, (iii) to sign software objects or code, if the Certificate is a Code Signing Certificate, or (iv) to sign PDF documents for Subscriber legitimate business purposes, until the earlier of expiration or revocation of the Certificateor termination of this Agreement as provided herein. All rights not expressly granted herein to Subscriber are reserved to Sectigo.

3.2.TrustLogoLicense. To the extent included with the purchased Services, Sectigogrants Subscriber arevocable, non-exclusive, non-transferable, limitedlicense to display each purchased TrustLogo on domain(s) secured by a SectigoCertificate. When revoking a Certificate, Sectigomay also revoke any TrustLogos issued to the same site. Subscriber shall not modify a TrustLogo in any manner. Subscriber shall not display or use a TrustLogo 1) to represent that Sectigoguarantees any non-Sectigoproducts or services, 2) on a site that is misleading, defamatory, libelous, disparaging, obscene or otherwise objectionable to Sectigo, or 3) in a way that harms Sectigo’s rights to its trademarks or harms Sectigo’s business reputation.

3.3.Restrictions. Subscriber shall not:

(i)impersonate or misrepresent Subscriber’s affiliation with any entity,

(ii)modify, sub-license, create a derivative work of, or transfer to any third party any Certificate (except as required to use the Certificate) or the associated Private Key;

(iii)install or use an issued Certificate until after Subscriber has reviewed and verified the Certificate data’s accuracy;

(iv)use a Certificate, if Subscriber reasonably believes 1) any information in the Certificate is, or becomes, incorrect or inaccurate, 2) there is evidence that the Certificate was used to sign Suspect Code, if the Certificate is a Code Signing Certificate, or 3) the Private Key associated with the Public Key contained in the Certificate was misused or compromised;

(v)use a Certificate with any on-line control equipment in hazardous environments requiring fail-safe performance where the failure of the Certificate could lead directly to death, personal injury,or severe physical or environmental damage;

(vi)use a Certificate, or the associated Private Key,to upload or distribute any files or software that may damage the operation of another’s computer;

(vii)apply for a Code Signing Certificate if the Public Key in the Certificate is or will be used with a non-Code Signing Certificate;

(viii)use a Code Signing Certificate, or the associated Private Key, to sign software that contains Suspect Code;

(ix)use the Services to 1) engage in conduct that is offensive, abusive, contrary to public morality, indecent, defamatory, obscene, or menacing, 2) breach the confidence of a third party, 3) cause Sectigo or a third party distress, annoyance, denial of any service, disruptionor inconvenience, 4) send or receive unsolicited bulk correspondence or 5) create a Private Key that is substantially similar to a Sectigo or third party’s Private Key;and/or

(x)make representations regarding the Service to any third party except as agreed to in writing by Sectigo.

3.4.Revocation. Sectigo may revoke a Certificate if Sectigo believes or has reason to believe that:

(i)Subscriber requested revocation of the Certificate;

(ii)Subscriber did not authorize the Certificate Request and has not retroactively granted authorization;

(iii)Subscriber breached the terms of this Agreement, or any warranty or restriction provided therein;

(iv)the Private Key corresponding to the Public Key in the Certificate has been disclosed, compromised, or no longer complies with Industry Standards;

(v)the Private Key of the subordinate Certificate used to issue the Certificate has been compromised or no longer complies with Industry Standards;

(vi)the Certificate has been 1) misused, 2) used contrary to law, rule, regulation, or Industry Standard or 3) used, directly or indirectly, for illegal or fraudulent purposes;

(vii)information in the Certificate is inaccurate, misleading, or infringes the intellectual property rights of a third party;

(viii)the technical content or the format of the Certificatepresents an unacceptable risk, in Sectigo’s opinion, to Application Software Suppliers or Relying Parties;

(ix)for EV Certificates, Subscriber loses exclusive control over a domain name listed in the Certificate;

(x)the Certificate was not issued or used in accordance with this Agreement, Sectigo’s CPS, or CABF Standards;

(xi)Sectigo 1) ceased operations or 2) is no longer allowed to issue the Certificate, and no other certificate authority has agreed to provide revocation support for the Certificate;

(xii)for wildcard Certificates, the Certificate has been used to authenticate a fraudulently misleading subordinate fully-qualified domain name;

(xiii)Subscriber is added as a denied party or prohibited person to a blacklist, or is operating from a prohibited destination under the laws of Sectigo’s jurisdiction of operation;

(xiv)the Certificate was issued to publishers of Suspect Code, or may have been used to sign Suspect Code;

(xv)Sectigo’s CPS authorizes revocation of the Certificate; or(xvi)the Certificate, if not revoked, will compromisethe trust status of Sectigo.After revoking a Certificate, Sectigo may, in its sole discretion, reissue the Certificate to Subscriber and/or terminate this Agreement.

4.Subscriber Warranties and Covenants.

4.1.Subscriber Obligations. Subscriber warrants and covenants:

(i)to provide accurate and complete information at all times to Sectigoin the Certificate Request and as otherwise requestedin connection with the issuance of Certificates;

(ii)to review and verify the accuracy of the data in each Certificate prior to installing and using the Certificate, and immediately inform Sectigo if any data listed in a Certificate changes or ceases to be accurate;

(iii)to install and use each DV Certificate, OV Certificate, and EV Certificate 1) only on domains owned or controlled by Subscriber and 2) only on the server(s) accessible at the subjectAltName(s)listed in the Certificate;

(iv)the subject named in each ordered EV Certificate has exclusive control of the domain name(s) listed in such Certificate;

(v)to be responsible, at Subscriber’s expense, for 1) all computers, telecommunication equipment, software, access to the Internet, and communications networks (if any) required to use the Certificates, 2) Subscriber’s conduct and its website maintenance, operation, development, and content;

(vi)to take all reasonable measures to assure control of, keep confidential, and properly protect at all times the Private Key that corresponds to the Public Key to be included in a Certificate;

(vii)to use one of the following options to generate Code Signing Certificate and to protect each Code Signing Certificateand each Document Signing Certificate: 1) a trusted platform module (TPM) that generates and secures a key pair and that can document protection of the Private Key through a TPM key attestation; 2) a hardware crypto module with a unit design form factor certified as conforming to at least FIPS 140 Level 2, Common Criteria EAL 4+, or equivalent; or 3) if 1) and 2) are not feasible, another type of hardware storage token with a unit design form factor of SD Card or USB token (not necessarily certified as conformant with FIPS 140 Level 2 or Common Criteria EAL 4+);

(viii)to use Document Signing Certificates solely for signing PDF documents in connection with its legitimate business purposes;

(ix)it has all necessary consents to appoint each Certificate Requester and Certificate Approver, and that each Certificate Requester and Certificate Approver has been provided a copy of, or an opportunity to review, this Agreement and Sectigo’s Privacy Policy;

(x)to promptly inform Sectigoif Subscriber becomes aware of any misuse of a Certificate and assist Sectigoin preventing, curing, and rectifying any misuse;

(xi)to immediately cease using a Certificate and the related Private Key and request revocation of the Certificate if 1) any information in the Certificate is or becomes incorrect or inaccurate, or 2) there is any actual or suspected misuse or compromise of the Private Key associated with the Certificate;

(xii)to cease all use of the Certificate and its Private Key upon expiration or revocation of the Certificate;

(xiii)to comply with all regulations, policies, and procedures of its networks while using Certificatesand obtain and keep in force any consent, authorization, permission or license that may be required for Subscriber’s lawful use of the Certificates;

(xiv)to abide by this Agreement, the Sectigo CPS,and all applicable laws, rules, regulations, and guidelines when using the Services;

(xv)Subscriber has full power and authority to enter into this Agreement and perform its obligations hereunder;

(xvi)it manifests assent to this Agreement as a condition of obtaining a Certificate; and

(xvii)the individual accepting this Agreement is expressly authorized by Subscriber to sign this Agreement for Subscriber.

5.Fees.

5.1.Payment. Subscriber shall pay all applicable fees for the Services before the Certificate is issued. Certificate fees are provided to Subscriber during the application process. All payments are non-refundable, except that the Certificate’s seller will refund a payment if, before twenty (20) business days after the Certificate’s issuance, the Subscriber has 1) not used the Certificate, and 2) made a written request to Sectigofor the Certificate’s revocation.Provided Subscriber purchased one or more Servicesthrough a Sectigo-authorized reseller (“Reseller”), Subscriber shall pay such Reseller in accordance with the payment terms established between Subscriber and Reseller. Subscriber acknowledges and agrees that if Subscriberor Reseller (if Subscriber purchased the Services through Reseller) does not pay Sectigo the applicable fees for the Services, Subscriber may not use the Services, and Sectigo may revoke issued Certificates, for which the applicable fees remain unpaid.

5.2.Taxes.All amounts payable by Subscriber under this Agreement are net amounts and are payable in full, without deduction for taxes or duties of any kind. Subscriber will be responsible for, and will promptly pay, all required taxes and duties of any kind (including, but not limited to, sales, use and withholding taxes) associated with this Agreement, except for taxes basedon Sectigo’s net income.If Sectigois required to collect, or pays on Subscriber’s behalf, any taxes or duties for which Subscriber is responsible, then Subscriber will pay or reimburse Sectigo, as the case may be, for all such amounts.

6.Term and Termination.

6.1.Term. Unless otherwise terminated as allowed herein, this Agreement is effective upon Subscriber’s acceptance and lasts for as long as a Certificate issued under this Agreement is valid.

6.2.Termination. Either party may terminate this Agreement with twenty (20) business days’notice for convenience. Sectigomay terminate this Agreement immediately without notice if

(i)Subscriber breaches the terms of this Agreement,or any of the warranties provided herein,

(ii)Sectigorevokes allCertificates issued to Subscriber,as allowed herein,

(iii)Sectigorejects Subscriber’s initial Certificate Request,

(iv)Sectigocannot satisfactorily validate Subscriber in accordance with section 2.3, or

(v)Industry Standards change in a way that affects the validity of the Certificates ordered by Subscriber.

6.3.Events Upon Termination. After termination, Sectigomay revoke any other Certificates issued to Subscriber without further notice. Subscriber shall pay any amounts still owed for the Certificates. Sectigo is not obligated to refund any payment made by Subscriber upon termination of this Agreement.

7.Intellectual Property Rights.

7.1.SectigoIP Rights. Sectigoretains, and Subscriber shall not obtain or claim, all title, interest, and ownership rights in:

(i)the Services, including issued Certificates,

(ii)all copies or derivative works of the Services, regardless of who produced, requested, or suggested the copy or derivative work,

(iii)all documentation and materials provided by Sectigo, and

(iv)all of Sectigo’s copyrights, patent rights, trade secret rights and other proprietary rights.

7.2.Trademarks. Subscriber shall not usea Sectigotrademark without Sectigo’s written consent. Sectigoconsents to Subscriber’s display of the Sectigo trademark provided with purchased TrustLogosuntil termination of this Agreement or revocation of the TrustLogo or associated Certificate.

7.3.Subscriber IP.Subscriber grants Sectigoa worldwide, non-exclusive, non-sublicensable right, to use any Subscriber trademark, service mark or tradename, to perform its obligations under this Agreement, and to identify Subscriber in Sectigo’s customer lists and other marketing and promotional materials and communications referencing Subscriber as a customer of Sectigo.

8.Confidentiality.

8.1.Except as allowed herein, a party (the “Receiving Party”) shall not use or disclose any Confidential Information provided by the other party (the “Disclosing Party”) other than for the purpose of performing its obligations under this Agreement. The Receiving Party shall take reasonable measures to prevent unauthorized disclosure and shall ensure that any person receiving Confidential Information complies with the restrictions in this section. The Receiving Party may disclose Confidential Information if the information:

(i)is already possessed by the Receiving Party before receipt from the Disclosing Party;

(ii)is or becomes public domain without fault of the Receiving Party;

(iii)is received by the Receiving Party from a third party who is not under an obligation of confidentiality or a restriction on the use and disclosure of the information,

(iv)is disclosed in response to the requirements of a law, governmental order, regulation, or legal process and the Receiving Party first gives prior notice to the Disclosing Party of the requirement to disclose the information, or

(v)is disclosed under operation of law to the public without a duty of confidentiality.

8.2.A party asserting one of the exceptions to Confidential Information above shall prove the assertion using verifiable documentary evidence. The confidentiality obligations contained in this section apply for the duration of this Agreement plus five years after its termination; provided, however, with respect to Confidential Information that constitutes a trade secret, for as long as that Confidential Information remains a trade secret.

9.Privacy and Data Protection.

9.1.Privacy Policy. Sectigoshall follow its Privacy Policy when processing Subscriber’sinformation. Sectigo may amend its Privacy Policy at any time in accordance with the process outlined therein. Subject to Section 9.2, Sectigoshall use reasonable efforts in protecting Subscriber’s information. Subscriber acknowledges that risks remain that are beyond Sectigo’s reasonable control and waives all liability of Sectigofor these risks.

9.2.Disclosures. Subscriber acknowledges and understands that (i) issued Certificates are embedded with information about Subscriber (such as Subscriber’s domain name, jurisdiction of incorporation, or email address), which varies depending on the type Certificate ordered by Subscriber, (ii) issued Certificates may be logged in publicly-accessible Certificate transparency databases for purposes of detecting and preventing phishing attacks and other forms of fraud, and (iii) Certificates logged in publicly-accessible Certificate transparency databases cannot be removed. Subscriber consents to a) Sectigo disclosing Subscriber’s information publicly by embedding the information in issued Certificates,and b) Sectigo disclosing and transferring Subscriber’s information to third parties located outside of the European Union as necessary to validate and issue Certificates.

9.3.Retention. Information provided by Subscriber for the validation of a Certificate shall be retained by Sectigoin accordance with the CPSand Industry Standardsfor not less than seven (7) years, or as necessary to comply with applicable laws. The retention period shall begin on the date of the rejection, expiration, or revocation of a Certificate. Copies of Certificatesare held, regardless of their status, whether valid, expired,or revoked.

10.Indemnification.

10.1.Indemnification. Subscriber shall indemnify Sectigoand its affiliates and their respective directors, officers, employees, and agents (each an “Indemnified Person”) against all liabilities, losses, expenses, or costs (including reasonable attorney’s fees) that,directly or indirectly, are based on Subscriber’s breach of this Agreement, information provided by Subscriber, or Subscriber’s or its customers’ infringement on the rights of a third party.

10.2.Indemnification Procedure. Sectigoshall notify Subscriber promptly of any demand for indemnification. However, Sectigo’s failure to notify will not relieve Subscriber from its indemnification obligations except to the extent that the failure to provide timely notice materially prejudices Subscriber. Subscriber may assume the defense of any action, suit, or proceeding giving rise to an indemnification obligation unless assuming the defense would result in potential conflicting interests as determined by the IndemnifiedPerson in good faith. Subscriber may not settle any claim, action, suit or proceeding related to this Agreement unless the settlement also includes an unconditional release of all Indemnified Persons from liability.

10.3.Additional Liability. The indemnification obligations of Subscriber are not Sectigo’s sole remedy for Subscriber’s breach and are in addition to any other remedies Sectigomay have against Subscriber under this Agreement. Subscriber’s indemnification obligations survive the termination of this Agreement.

11.Disclaimers and Limitation of Liability.

11.1.Relying Party Warranties. Subscriber acknowledges that the Relying Party Warranty is only for the benefit of Relying Parties. Subscriber does not have rights under the warranty, including any right to enforce the terms of the warranty or make a claim under the warranty.

11.2.Exclusion of Warranties. THE SERVICES ARE PROVIDED “AS IS” AND “AS AVAILABLE”. SECTIGOEXPRESSLY DISCLAIMS ALL IMPLIED AND EXPRESS WARRANTIES IN THE SERVICES. THIS DISCLAIMER INCLUDES ALL WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT AND IS EFFECTIVE TO THE MAXIMUM EXTENT ALLOWED BY LAW. SECTIGODOES NOT GUARANTEE THAT 1) THE SERVICES WILL MEET SUBSCRIBER’S REQUIREMENTS OR EXPECTATIONS OR 2) THAT ACCESS TO THE SERVICES WILL BE UNINTERRUPTED, TIMELY, SECURE, OR ERROR-FREE.

11.3.Limitation on Liability. SUBJECT TO SECTION 11.4, THE TOTAL LIABILITY OF SECTIGOAND ITS AFFILIATES, AND EACH OF THEIR OFFICERS, DIRECTORS, PARTNERS, EMPLOYEES, AND CONTRACTORS, RESULTING FROM OR CONNECTED TO THIS AGREEMENT IS LIMITED TO THE AMOUNT PAID BY SUBSCRIBER FOR THE SERVICES GIVING RISE TO THE LIABILITY. SUBSCRIBER WAIVES ALL LIABILITY FOR ANY SPECIAL, INDIRECT, INCIDENTAL OR CONSEQUENTIAL DAMAGES. THIS WAIVER INCLUDES ALL DAMAGES FOR LOST PROFITS, REVENUE, USE, OR DATA AND APPLIES EVEN IF SECTIGOIS AWARE OF THE POSSIBILITY OF SUCH DAMAGES. These limitations apply to the maximum extent permitted by law regardless of 1) the reason for or nature of the liability, including tort claims, 2) the number of any claims, 3) the extent or nature of the damages, and 4) whether any other provisions of this Agreement have been breached or proven ineffective.

11.4.Exception. Nothing in this Agreement excludes or limits the liability of either party for death or personal injury resulting from the negligence of that party or for any statements made fraudulently by either party.

12.Miscellaneous.

12.1.Relationship of the Parties.The status of a party under this Agreement shall be that of an independent contractor. Nothing contained in this Agreement shall be construed as creating a partnership, joint venture or agency relationship between the parties or, except as otherwise expressly provided in this Agreement, as granting either party the authority to bind or contract any obligation in the name of or on the account of the other party or to make any statements, representations, warranties or commitments on behalf of the other party. All persons employed by a party shall be employees of such party and not of the other party and all costs and obligations incurred by reason of any such employment shall be for the account and expense of such party.

12.2.Force Majeure and Internet Frailties. Other than for payment obligations by Subscriber, neither party will be liable for a delay or failure to perform an obligation to the extent that the delay or failure is caused by an occurrence beyond the party's reasonable control. Each party acknowledges that the operation of the Internet is beyond the other party’s reasonable control, and neither party will be liable for a delay or failure caused by an interruption or failure of telecommunication or digital transmission links, Internet slow-downs or failures, or other such transmission failure.

12.3.Opt-out. Subscriber may opt-out of having information used for purposes not directly related to the Services by emailing a clear notice to optout@sectigo.com. By clicking “I AGREE”, Subscriber affirmatively consents to receiving Sectigo’s and its affiliates marketing material.

12.4.Injunctive Relief.Subscriber acknowledges that its breach of this Agreement will result in irreparable harm to Sectigothat cannot adequately be redressed by compensatory damages. Accordingly, in addition to any other legal remedies which may be available, Sectigomay seek and obtain an injunctive order against a breach or threatened breach of this Agreement by Subscriber.

12.5.Limitation on Actions. Except for actions and claims related to a party’s indemnification and confidentiality obligations, all claims and actions arising from this Agreement must be brought within one (1) year from the date when the cause of action occurred.

12.6.Remedy. Subscriber’s sole remedy for a defect in the Services is to have Sectigouse reasonable efforts to correct the defect. Sectigois not obligated to correct a defect if (i) the Service was misused, damaged, or modified, (ii) Subscriber did not immediately report the defect to Sectigo, or (iii) Subscriber breached any provision of this Agreement.

12.7.Notices. Subscribershall send all notices to Sectigoby first class mail in writing in English, with return receipt requested, to SectigoLimited, 26 Office Village, 3rdFloor, Exchange Quay, Trafford Road, Salford, Manchester M5 3EQ, United Kingdom. Sectigoshall send all notices to Subscriber’s contact information listed on its Certificate application. Sectigomay send notices by mail, email, or facsimile.

12.8.Entire Agreement. This Agreement and all documents referred to herein constitutes the entire agreementbetween the parties, superseding all other agreements that may exist with respect to the subject matter. Section headings are for reference and convenience only and are not part of the interpretation of this Agreement.

12.9.Amendments. Sectigomay amend this Agreement, the CPS, the Relying Party Agreement, the Relying Party Warranty, its website, and any documents listed in its Repository at any time by posting either the amendment or the amended document in the Repository. Subscriber shall periodically review the Repository to be aware of any changes. Subscriber may terminate this Agreement if Subscriber does not agree to the amendment. Subscriber’s continued use of the Services after an amendment is posted constitutes Subscriber’s acceptance of the amendment.

12.10.Rules of Interpretation. Except as otherwise expressly provided in this Agreement, the following rules of interpretation apply to this Agreement: (i) the singular includes the plural and the plural includes the singular; (ii) "or" and "any" are not exclusive and "include" and "including" are not limiting; (iii) a reference to any agreement or other contract includes permitted supplements and amendments thereto; (iv) a reference to a law includes any amendment or modification to such law and any rules or regulations issued thereunder; (v) a reference to a person or entity includes its permitted successors and assigns; and (vi) a reference in this Agreement to an Article, Section, Annex, Exhibit or Schedule is to the Article, Section, Annex, Exhibit or Schedule of this Agreement.

12.11.Waiver. A party’s failure to enforce a provision of this Agreement will not waive the party’s right to enforce the same provision later or right to enforce any other provision of this Agreement. To be effective, all waivers must be both in writing and signed by the party benefiting from the waived provision.

12.12.Assignment. Subscriber may not assign any of its rights or obligations under this Agreement without the prior written consent of Sectigo. Any transfer without consent is void. Sectigomay assign its rights and obligations without Subscriber’s consent.

12.13.Governing Law and Venue. This Agreement and any disputes relating to the Certificates provided hereunder shall be governed and interpreted according to each of the following laws, respectively, without regard to its conflicts of law provisions: (a) the laws of the State of New Jersey, if Subscriber is located in North America; or (b) the laws of England and Wales, if Subscriber is located outside of North America. The parties agree to the exclusive jurisdiction of (a) the courts of New Jersey if Subscriber is located in North America, or (b) the courts of England and Wales if the Subscriber is located outside of North America.

12.14.Severability. Any provision determined invalid or unenforceable by rule of law will be reformed to the minimum extent necessary to make the provision valid and enforceable. If reformation is not possible, the provision is deemed omitted and the balance of this Agreement remains valid and enforceable.

12.15.Survival. All provisions of this Agreement related to confidentiality, proprietary rights, indemnification, and limitations of liability survive the termination of this Agreement.

12.16.Rights of Third Parties. Except for Application Software Suppliers, nothing in this Agreement is intended or shall be construed to give any person or entity any legal or equitable right, remedy, or claim under or in respect of this Agreement.

12.17.Counterparts; Integration; Effectiveness.This Agreement may be executed by written, facsimile or electronic means, and in one or more counterparts (and by different parties hereto in different counterparts), each of which shall constitute an original, but all of which when taken together shall constitute a single contract.

ACCEPTANCEBY CLICKING ON “I ACCEPT”, YOU AGREE THAT YOU HAVE READ AND UNDERSTAND THIS AGREEMENT AND THAT YOU WILL BE BOUND BY AND COMPLY WITH ALL OF ITS TERMS AND CONDITIONS. DO NOT CLICK THE “I ACCEPT” BUTTON IF YOU DO NOT AGREE TO BE BOUND BY THE TERMS AND CONDITIONS OF THIS AGREEMENT.

point up