NEXTGUARD SOFTWARE AGREEMENT

2.1 License Grant.

Subject to Customer's compliance with this Agreement and timely payment of all applicable fees, Nextguard grants Customer a limited, non-exclusive, non-transferable, non-sublicensable licence during the License Term to install and use the Software solely for Customer's internal business purposes, up to the Permitted Capacity, and in accordance with the Documentation.

2.2 License Restrictions.

Customer shall not: (a) copy, modify, translate, or create derivative works of the Products; (b) reverse engineer, disassemble, decompile, or otherwise attempt to derive the source code of the Software except to the extent expressly permitted by Applicable Laws; (c) sell, resell, rent, lease, transfer, assign, or sublicense the Products to any third party; (d) use the Products to provide managed security services to third parties without Nextguard's prior written consent; or (e) remove or obscure any proprietary notices on the Products.

2.3 Modifications.

Any modifications to the Products made by Customer without Nextguard's prior written consent shall be at Customer's sole risk. Nextguard shall have no obligation to support modified Products, and such modifications shall not affect Nextguard's intellectual property rights in the original Products.

2.4 Capacity Limits.

Customer shall not deploy or use the Products in excess of the Permitted Capacity specified in the applicable Order. Customer shall promptly notify Nextguard if it exceeds the Permitted Capacity and shall purchase additional licences to cover such excess usage.

2.5 Agents and Contractors.

Customer may permit its agents and contractors to use the Products solely on Customer's behalf, provided that Customer remains responsible for such persons' compliance with this Agreement and that such use does not exceed the Permitted Capacity.

3.1 Service Levels.

Nextguard shall use commercially reasonable efforts to make the Cloud Services available in accordance with any service level agreement set out in the applicable Order or Documentation. Nextguard may perform scheduled maintenance that temporarily interrupts access to the Cloud Services, and shall use reasonable efforts to provide advance notice of such maintenance.

3.2 Suspension for Abuse.

Nextguard reserves the right to suspend Customer's access to the Cloud Services immediately upon notice if Nextguard reasonably believes that Customer is using the Cloud Services in a manner that: (a) poses a security or technical risk to Nextguard or its other customers; (b) violates Applicable Laws; or (c) constitutes abusive, fraudulent, or illegal activity. Nextguard will restore access promptly once the issue is resolved.

3.3 Configuration Changes.

Nextguard may update, modify, or discontinue features of the Cloud Services from time to time to improve performance, security, or compliance. Where such changes materially reduce the functionality available to Customer, Nextguard shall provide reasonable advance written notice.

3.4 Data Usage.

In connection with providing and improving the Products, Nextguard may collect and process telemetry, log data, and threat intelligence data generated through Customer's use of the Products, subject to Nextguard's Privacy Policy and Applicable Laws. Nextguard shall not disclose Customer's identifiable data to third parties except as required by law or as necessary to provide the Products.

4.1 Compliance.

Customer shall use the Products only in compliance with this Agreement, all applicable Documentation, and Applicable Laws. Customer is responsible for ensuring that its use of the Products complies with all relevant export control, data protection, and privacy regulations.

4.2 Informational Use.

The Products are intended to assist Customer's security operations. All decisions based on outputs from the Products remain Customer's sole responsibility. Customer shall not rely solely on the Products as the exclusive means of satisfying any regulatory or contractual security requirement.

4.3 Permissions.

Customer shall obtain and maintain all necessary rights, permissions, and consents required to allow Nextguard to provide the Products and process any data submitted to or generated by the Products on Customer's behalf.

4.4 Indemnification.

Customer shall indemnify, defend, and hold harmless Nextguard and its officers, directors, employees, and agents from and against any claims, damages, losses, and expenses (including reasonable legal fees) arising out of or relating to: (a) Customer's breach of this Agreement; (b) Customer's violation of Applicable Laws; or (c) Customer's use of the Products in a manner not authorised by this Agreement.

4.5 Cooperation.

Customer shall provide Nextguard with reasonable cooperation and access to information as may be required to deliver technical support, investigate potential Errors, or fulfil Nextguard's obligations under this Agreement.

5.1 Support Policies.

Nextguard shall provide technical support for the Products in accordance with Nextguard's then-current support policies and the support tier specified in the applicable Order. Details of support tiers, response times, and escalation procedures are set out in the Documentation or Order.

5.2 Support Limitations.

Nextguard is not obligated to provide support for: (a) Products that have been modified by Customer without Nextguard's written consent; (b) issues caused by Customer's failure to use the Products in accordance with the Documentation; (c) third-party software or hardware; or (d) Products that are no longer within a supported release as specified in Section 5.3.

5.3 Supported Releases.

Nextguard shall provide technical support only for Software releases that are within Nextguard's then-current supported release lifecycle. Nextguard will publish its release lifecycle policy on its website and will provide reasonable advance notice of end-of-support dates.

7.1 Confidential Information.

Each party (“Receiving Party”) may receive or have access to confidential or proprietary information of the other party (“Disclosing Party”), including technical data, trade secrets, business plans, product plans, customer data, pricing, and software (“Confidential Information”). The Products (including their design, architecture, and performance characteristics) constitute Nextguard's Confidential Information.

7.2 Exclusions.

Confidential Information does not include information that: (a) is or becomes publicly available through no fault of the Receiving Party; (b) was known to the Receiving Party prior to disclosure without restriction; (c) is independently developed by the Receiving Party without use of the Disclosing Party's Confidential Information; or (d) is rightfully received from a third party without restriction.

7.3 Protection Standard.

The Receiving Party shall: (a) use the Disclosing Party's Confidential Information solely for the purposes of this Agreement; (b) protect such Confidential Information using at least the same degree of care it uses to protect its own confidential information, but in no event less than reasonable care; and (c) disclose such Confidential Information only to its employees, agents, and contractors who have a need to know and who are bound by confidentiality obligations no less protective than those in this Agreement.

7.4 Prohibited Activities.

Customer shall not use the Products to: (a) develop competitive products or services; (b) perform competitive benchmarking and publish such results without Nextguard's prior written consent; (c) engage in any activity that interferes with or disrupts the Products or Nextguard's infrastructure; or (d) distribute, transmit, or facilitate Malware.

9.1 Limited Warranty.

Nextguard warrants that, during the License Term, the Software will perform in all material respects in accordance with its Documentation. This warranty does not apply to evaluation or trial licences, free-of-charge software, or issues caused by Customer's modification of the Software or use outside the scope of the Documentation.

9.2 Remedy Process.

If Customer notifies Nextguard in writing of a warranty breach during the warranty period, Nextguard's sole obligation and Customer's exclusive remedy shall be for Nextguard to, at its option: (a) use commercially reasonable efforts to repair or provide a workaround for the Error; or (b) if Nextguard is unable to remedy the Error within a reasonable time, terminate the affected Order and refund the pre-paid, unused fees attributable to the remaining License Term.

9.3 Security Disclaimer.

The Products are designed to detect and respond to cybersecurity threats; however, no security product can guarantee complete protection against all threats. Nextguard does not warrant that the Products will detect all Malware or prevent all security incidents.

9.4 Disclaimer.

EXCEPT FOR THE LIMITED WARRANTY IN SECTION 9.1, THE PRODUCTS ARE PROVIDED “AS IS” AND NEXTGUARD DISCLAIMS ALL OTHER WARRANTIES, EXPRESS OR IMPLIED, INCLUDING WITHOUT LIMITATION ANY IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE, AND NON-INFRINGEMENT. NEXTGUARD DOES NOT WARRANT THAT THE PRODUCTS WILL BE UNINTERRUPTED OR ERROR-FREE.

11.1 Defence.

Nextguard shall defend Customer against any third-party claim alleging that Customer's use of the Products (as authorised under this Agreement) infringes any patent, copyright, trademark, or trade secret right of a third party, and shall pay any damages, costs, and legal fees awarded against Customer in any such proceeding or agreed in settlement, provided that Customer: (a) promptly notifies Nextguard in writing of the claim; (b) grants Nextguard sole control of the defence and settlement; and (c) provides Nextguard with reasonable assistance, at Nextguard's expense.

11.2 Conditions.

Nextguard's obligations under Section 11.1 are conditioned upon Customer not making any admission or settlement without Nextguard's prior written consent.

11.3 Exclusions.

Nextguard shall have no obligation under Section 11.1 with respect to claims arising from: (a) modifications to the Products by Customer; (b) use of the Products in combination with other products or services not supplied by Nextguard, where the infringement would not have occurred but for such combination; (c) Customer's continued use of an allegedly infringing version after Nextguard has provided a non-infringing alternative; or (d) compliance with Customer's specific instructions or designs.

11.4 Remedies.

If an infringement claim is made or Nextguard reasonably believes one is likely, Nextguard may, at its option: (a) procure for Customer the right to continue using the affected Product; (b) replace or modify the affected Product to make it non-infringing; or (c) if neither option is commercially practicable, terminate the affected licence and refund the pre-paid, unused fees for the remaining License Term. This Section 11 states Nextguard's entire obligation and Customer's sole remedy with respect to intellectual property infringement claims.

12.1 Agreement Term.

This Agreement commences on the effective date of the first Order and continues until all Orders have expired or been terminated, unless earlier terminated in accordance with this Section 12.

12.2 Evaluation Licences.

If Customer uses the Products under an evaluation or trial licence, such use is governed by this Agreement and any additional terms specified by Nextguard. Evaluation licences are time-limited and may be terminated by Nextguard at any time without notice. No warranties, support obligations, or refund rights apply to evaluation licences.

12.3 Termination Rights.

Either party may terminate this Agreement or any Order upon written notice if the other party: (a) commits a material breach of this Agreement and fails to cure such breach within thirty (30) days of receiving written notice; or (b) becomes insolvent, makes an assignment for the benefit of creditors, or becomes subject to bankruptcy or liquidation proceedings.

12.4 Post-Termination Obligations.

Upon expiry or termination of this Agreement or an Order: (a) all licences granted under the affected Order shall immediately cease; (b) each party shall promptly return or destroy the other party's Confidential Information; and (c) Customer shall pay all outstanding fees accrued prior to termination. Sections 1, 6, 7, 8 (for accrued obligations), 9.4, 10, 11, 12.4, 13, 14, and 15 shall survive termination.

12.5 Suspension.

Nextguard may suspend Customer's access to the Products (in whole or in part) if Customer: (a) is more than thirty (30) days overdue in payment; (b) materially breaches Section 2 (Product License) or Section 7 (Protection and Restrictions); or (c) poses a risk of harm to Nextguard's infrastructure or other customers. Nextguard will provide reasonable advance notice where practicable.

15.1 Assignment.

Customer shall not assign or transfer this Agreement or any of its rights or obligations hereunder without Nextguard's prior written consent, which shall not be unreasonably withheld. Any purported assignment without such consent shall be void. Nextguard may assign this Agreement without Customer's consent in connection with a merger, acquisition, or sale of all or substantially all of its assets.

15.2 Notices.

All notices under this Agreement shall be in writing and delivered by hand, registered post, courier, or electronic mail (with confirmation of receipt) to the addresses specified in the applicable Order, or to such other address as a party may designate in writing. Notices shall be deemed given upon delivery or, for email, upon confirmation of receipt.

15.3 Governing Law and Dispute Resolution.

This Agreement shall be governed by and construed in accordance with the laws of the Hong Kong Special Administrative Region, without regard to its conflict of laws principles. Any dispute, controversy, or claim arising out of or relating to this Agreement, or the breach, termination, or validity thereof, shall be finally resolved by arbitration administered by the Hong Kong International Arbitration Centre (“HKIAC”) in accordance with its Administered Arbitration Rules in force at the time of commencement of the arbitration. The seat of arbitration shall be Hong Kong. The language of the arbitration shall be English. The arbitral award shall be final and binding on the parties.

15.4 Force Majeure.

Neither party shall be liable for any delay or failure in performance (other than payment obligations) to the extent caused by circumstances beyond its reasonable control, including acts of God, war, terrorism, riot, embargoes, acts of civil or military authorities, fire, flood, earthquakes, or pandemic. The affected party shall notify the other promptly and use reasonable efforts to mitigate the impact of such event.

15.5 Entire Agreement.

This Agreement, together with all Orders, constitutes the entire agreement between the parties with respect to its subject matter and supersedes all prior and contemporaneous understandings, representations, and agreements, whether written or oral. Any modification to this Agreement must be in writing and signed by authorised representatives of both parties.

15.6 Severability.

If any provision of this Agreement is held to be invalid or unenforceable, such provision shall be modified to the minimum extent necessary to make it valid and enforceable, and the remaining provisions shall continue in full force and effect.

15.7 Waiver.

No waiver of any right or remedy under this Agreement shall be effective unless in writing. A party's failure or delay in exercising any right shall not constitute a waiver of that right.

15.8 Relationship of the Parties.

The parties are independent contractors. Nothing in this Agreement shall be construed to create a partnership, joint venture, agency, employment, or franchise relationship between the parties.