Last Modified on March 13, 2017

This Software License and Service Agreement (this “Agreement”), sets forth terms under which The Marcus Buckingham Company, a Delaware corporation, with principal offices located at 8350 Wilshire Boulevard, Beverly Hills, CA 90211 (“Company”) shall provide the customer (“Customer”) with certain services and software licenses described on Statement(s) of Work and is effective as of the date set forth on those Statement(s) of Work (the “Effective Date”).  Each of Company and Customer may hereinafter be referred to as a “Party”, and collectively as the “Parties”.

  1. Services and Licenses.

1.1 Company will provide to Customer the services described in this Agreement and any written Statement of Work (“SOW”) between the Parties, a form of which is attached hereto as Exhibit A, in accordance with the terms and conditions of this Agreement and the applicable Statement of Work (the “Services”). Each SOW will become a part of and be governed by the terms of this Agreement.  Any conflict between the terms of this Agreement and a SOW will be resolved in favor of the SOW if the SOW explicitly states that it is intended to modify the conflicting terms of this Agreement.

1.2 To the extent set forth in a SOW, Company may also grant to Customer limited licenses to use the Application (as defined below) and/or various Company Materials (as defined below). Customer agrees to use the Application and/or Company Materials in strict compliance with the terms of this Agreement and the applicable SOW.

1.3 Subject only to the limited licenses that may be granted from time to time by Company to Customer as shall be expressly set forth in an SOW, as between the Parties, Company owns the exclusive right, title and interest, including all patent, copyright, trademark, trade names, trade secrets (including, without limitation, all related technical know-how) and other intellectual property rights, throughout the world, in and to the Application and Company Materials (as defined below) and any and all portions or copies thereof, and any changes, corrections, bug fixes, enhancements, updates and other modifications thereto, whether made by or on behalf of Company, Customer or any third party (“Proprietary Rights”), and as between the Parties, all such Proprietary Rights shall vest in and be assigned to Company.  The licenses granted in this Agreement (including any SOW) shall not constitute a sale of the Application or Company Materials, or of the underlying software and Proprietary Rights therein.

1.4 All rights not expressly granted to Customer under this Agreement (including any SOW) are expressly reserved to Company.

1.5 Customer shall not, and shall not permit any User (as defined below) to, directly or indirectly: (a) use the Application or Company Materials for any unlawful or unauthorized purpose or to compete with any Company service; (b) reverse engineer, decompile, disassemble, or otherwise attempt to discover the source code or underlying ideas or algorithms of the Application or Company Materials; (c) except as permitted in relation to an Insubstantial Amount of Data, copy, transfer, distribute, reproduce, modify, translate, or create derivative works from the Application or Company Materials or make available any part of the Application or Company Materials to non-Users; (d) share Application IDs or passwords or install, sublicense, rent, lease, distribute, sell, resell, assign, or otherwise transfer the rights to access and use the Application to any third party; (e) use any trademarks, service marks, names, logos or other identifiers from the Application or Company Materials without permission; or (f) remove any copyright, trademark, service mark and other proprietary notices contained on or within the Application or Company Materials, or any graphical representation thereof.

1.6 Customer shall use the Company Materials and Application with such copyright, trademark, service mark and other proprietary notices and policies of Company as Company shall reasonably designate from time to time.

1.7 The Company will provide the Services in accordance with this Agreement and the applicable SOW, and perform them with due care and skill in a proper and professional manner consistent with industry best practice.

  1. Term.

2.1 This Agreement begins on the Effective Date and, unless earlier terminated pursuant to this Agreement, continues for a period of one (1) year (the “Initial Term”).  After the Initial Term, this Agreement shall automatically renew for successive one (1) year periods (each a “Renewal Term”) unless terminated earlier pursuant to this Agreement.  The Initial Term and any Renewal Term shall constitute the entire term (“Term”) of this Agreement.

2.2 Either Party may terminate this Agreement effective at the end of the Initial Term or the end of any Renewal Term by providing at least thirty (30) days prior written notice of non-renewal to the other Party.  In addition, either Party may terminate this Agreement during the Term: (a) effective upon providing thirty (30) days prior written notice (ten (10) days with regard to the payment of Fees), if the other Party breaches or violates any of its material obligations set forth in this Agreement, and fails to cure such breach or violation within thirty (30) days (ten (10) days with regard to the payment of Fees) after receiving written notice of such breach or violation from the other Party; or (b) immediately if the other Party becomes insolvent or seeks protection under any bankruptcy, receivership, trust deed, creditors arrangement, composition or comparable proceeding, or if any such proceeding is instituted against such Party.

  1. Fees and Payment.

3.1 Customer shall pay Company the fees set forth in the applicable SOW to this Agreement for the Services and licenses set forth therein, together with all applicable taxes (the “Fees”).  Company’s obligation to provide access to the Application, Company Materials or any Services under this Agreement and any SOW is conditioned upon Customer’s prompt and timely payment of any and all amounts due.  Unless otherwise specified in any SOW or in an applicable invoice, Customer shall pay Company all Fees within thirty (30) days from the date of Company’s invoice for Services performed.  Any payments not made by its respective due date shall be subject to a late charge of one and one-half percent (1.5%) per month or the highest rate allowed by law, whichever is less.  All payments made to Company shall be made by wire transfer, ACH, credit card or check. If Customer objects to all or any portion of any invoice, Customer shall notify Company of its objection within fifteen (15) days from the date of Customer’s receipt of the invoice, give reasons for the objection, and pay only that portion of the invoice not in dispute.

3.2  Customer shall, if applicable and provided for in a SOW, reimburse Company for the reasonable and actual travel and living expenses incurred by Company in performing the Services or in providing on-site training or coaching, so long as such expenses are pre-approved in writing by Customer.

3.3 Customer shall, if applicable and provided for in any SOW, reimburse Company for the cost of any software, hardware or any other equipment Company purchases at the request of or by instruction of Customer, so long as such expenses are preapproved in writing by Customer.

  1. Data and Materials Ownership, Aggregation, License and Storage.

4.1 Company acknowledges and recognizes Customer’s need to protect PII Derivative Data.  Therefore, Company shall not disclose the PII Derivative Data or Customer Data to any third party unless (a) directed by Customer, or (b) such disclosure is made by Company in response to a court order, subpoena or other legal process, and provided that Company has given Customer reasonable notice of such court order, subpoena or other legal process; provided, however, Company may disclose such information to Company’s parent company, Automatic Data Processing, Inc. and its subsidiaries and affiliates (the “ADP Family”) who shall each protect and keep such information confidential as provided herein.  Further, Company agrees to convert all PII Derivative Data to Non-PII Derivative Data upon termination of the Agreement and all SOWs pursuant to Section 13.

4.2 Subject to the terms and conditions of this Agreement, Customer hereby grants to Company (a) during the Term of this Agreement and while any SOW remains in effect and for thirty (30) days thereafter, the limited, non-exclusive, revocable, non-assignable and non-transferable license to access, use, reproduce, display, transmit, utilize the Customer Data and create Derivative Data from the Customer Data, solely for the purpose of providing the Application and the Services to Customer under this Agreement and (b) Customer hereby grants to Company and the other members of the ADP Family during and after the Term of the Agreement the worldwide perpetual, irrevocable, royalty-free right and license to collect, store, access, distribute, sublicense, modify and use Non-PII Derivative Data in connection with their respective businesses, and combine Non-PII Derivative Data with other similar data from other customers.

4.3 Subject only to the limited license expressly granted in Section 4.2, as between the Parties, Customer shall own all right, title and interest in and to Customer Data, and Company shall own all right, title and interest in and to Company Materials and Derivative Data.  For purposes of clarity, Customer agrees that Derivative Data, including PII Derivative Data, including but not limited to a User’s “Strength Role,” “StandOut Report” or a team’s “Pulse” or “Engagement Pulse Survey Results, ”Performance Pulse”, “Check-Ins” shall be exclusively owned by Company.

4.4 Customer agrees that it shall be solely responsible for making and keeping current copies of all Customer Data and related information and that any Customer Data stored on or through the Application is done at Customer’s own risk.

  1. Customer and User Conduct.

Company may immediately suspend or terminate this Agreement and access to the Application and Services without liability if: (a) Customer or any User, in connection with their use of the Application, Services or Company Materials participates in, undertakes, encourages or displays (as applicable) (i) any political hate-mongering, racial, ethnic, fraudulent, misleading or otherwise objectionable content or false advertising; (ii) any hacking or software pirating; (iii) any activity that violates any applicable state, federal or international laws, rules or regulations; or (iv) any activity that jeopardizes Company’s network connection and/or Company’s business in any way, as determined by Company in its sole discretion; (b) Customer or any User engages in any of the prohibited conduct listed in Section 1.4; (c) Customer or any User does not cooperate with Company’s investigation of suspected misuse; or (d) there is another event for which Company reasonably believes that the suspension of access to the Application, Services or Company Materials is necessary to protect Company, Customer, Users or Company’s other customers.

  1. Confidentiality.

6.1 Each Party receiving Confidential Information (the “Receiving Party”) of the other Party (the “Disclosing Party”) shall: (a) treat such Confidential Information as the confidential property of the Disclosing Party and be responsible for any breach of the terms hereof by itself or any authorized person on its behalf (including, in the case of Customer, any breach by a User); (b) not use the Confidential Information except in connection with its use of the Application and Services as expressly permitted in this Agreement (c) not disclose or otherwise make available the Confidential Information of the Disclosing Party to any third party (except as authorized herein and other than to such party’s employees who have a need to know such Confidential Information, and have been advised of the confidential nature of such information and the obligations that apply to them in connection therewith and other than Company’s subcontractors who are performing the services described in a SOW, provided that the Company shall remain liable for any unauthorized disclosure of Customer’s Confidential Information by those subcontractors); and (d) maintain the confidentiality of the Confidential Information of the Disclosing Party as it would its own most highly confidential information, but in no event shall the Receiving Party use less than reasonable care. Furthermore, each Party shall use commercially reasonable efforts to procure from each of its employees and from all independent contractors written undertakings that: (a) they will not use, disclose or otherwise make available or allow to be used, disclosed or made available, the Confidential Information of the Disclosing Party, by or to any third party (except as authorized herein); and (b) they will maintain the confidentiality of such Confidential Information.

6.2  “Confidential Information” means, with respect to a given party, formulas, methods, know how, processes, designs, new products, developmental work, marketing requirements, business and marketing plans, customer names, prospective customer names, the terms and pricing under this Agreement, any data relating to any research project, work in process, engineering, manufacturing, marketing, servicing, financing or personnel matter, data relating to a party’s present or future products, sales, suppliers, clients, customers, employees, investors or business partners (including any confidential information of such suppliers, clients, customers, employees, investors or business partners) and all information clearly identified in writing at the time of disclosure as confidential.

6.3 In addition, in the case of Customer, Customer Data and PII Derivative Data shall be deemed the Confidential Information of Customer, and in the case of Company, the Application, Company Materials and Non-PII Derivative Data shall be deemed the Confidential Information of Company.

6.4 Confidential Information does not include information that:  (a) was or is in the public domain prior to the date of disclosure; (b) was or is lawfully received by the Receiving Party from a third party independently of this Agreement without obligation of confidentiality; (c) was or is already known by or in the possession of the Receiving Party; or (d) is required to be disclosed under applicable law or by a governmental or court order, decree, regulation or rule, provided that the Receiving Party gives written notice to the Disclosing Party as far in advance as possible prior to disclosure.

6.5 The Receiving Party acknowledges that the Disclosing Party shall incur irreparable damage if the Receiving Party should breach any of the provisions of this Section.  Accordingly, if a Receiving Party or any of its respective agents or representatives breaches or threatens to breach any of the provisions of this Section, the Disclosing Party shall be entitled, without prejudice, to all the rights and remedies available to it, including an equitable relief restraining any potential breach of the provisions of this Section by the Receiving Party, without having to prove damages or post a bond.

  1. Representations and Warranties.

7.1 Each Party represents and warrants to the other that (a) it has the requisite power and authority to enter into and carry out the terms of, to grant the rights set forth in, and to perform its obligations under, this Agreement; (b) it is duly organized, validly existing and in good standing under the laws of the jurisdiction of its organization; and (c) this Agreement has been validly executed and delivered by, and constitutes a valid and binding obligation of, each Party enforceable in accordance with its terms.

7.2 Without limiting the generality of Section 7.1 above, Company represents and warrants to Customer that, to the best of Company’s knowledge but without having conducted any patent infringement analysis, the Application and Company Materials, at the time made available to Customer, do not infringe the copyrights, trademarks, trade dress or patents of any third party in the United States.

  1. Disclaimer of Warranties.

EXCEPT AS SET FORTH HEREIN, THE SERVICES, APPLICATION AND COMPANY MATERIALS ARE PROVIDED “AS-IS” AND WITHOUT ANY OTHER EXPRESSED OR IMPLIED WARRANTY OR CONDITION OF ANY KIND. EXCEPT AS SET FORTH HEREIN, COMPANY MAKES NO WARRANTIES, EXPRESS OR IMPLIED, CONCERNING THE SERVICES, APPLICATION AND/OR COMPANY MATERIALS OR THE OPERATION OR USE THEREOF.  COMPANY HEREBY EXCLUDES ALL IMPLIED WARRANTIES AND CONDITIONS TO THE EXTENT PERMITTED BY LAW, INCLUDING, ANY IMPLIED WARRANTY ARISING BY STATUTE OR OTHERWISE IN LAW OR FROM A COURSE OF DEALING OR USAGE OR TRADE. COMPANY HEREBY EXCLUDES ALL IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR ANY PARTICULAR PURPOSE, OR OF NON-INFRINGEMENT, CONCERNING THE SERVICES, APPLICATION AND/OR COMPANY MATERIALS AND OPERATION OR USE THEREOF.  COMPANY DOES NOT WARRANT THAT THE APPLICATION, COMPANY MATERIALS OR SERVICES WILL MEET ALL OF CUSTOMER’S BUSINESS REQUIREMENTS OR THAT THE OPERATION OF THE APPLICATION WILL BE UNINTERRUPTED OR ERROR FREE, AND COMPANY WILL NOT BE LIABLE FOR THE CONSEQUENCES OF ANY INTERRUPTIONS OR ERRORS (INCLUDING ANY LOST DATA).

  1. Disclaimer of Damages and Limitation of Liability.

TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, EXCEPT IN THE CASE OF  INFRINGEMENT OR MISAPPROPRIATION OF INTELLECTUAL PROPERTY OF THE OTHER PARTY, , NEITHER PARTY SHALL BE LIABLE UNDER ANY THEORY OF TORT, CONTRACT, OR STRICT LIABILITY FOR ANY SPECIAL, INDIRECT, INCIDENTAL, CONSEQUENTIAL, PUNITIVE OR EXEMPLARY DAMAGES, INCLU­DING LOSS OF PROFITS, DATA OR GOODWILL, REGARD­LESS OF WHETHER SUCH PARTY KNEW OR SHOULD HAVE KNOWN OF THE POSSIBILITY OF SUCH DAMAGES.  TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, EXCEPT IN THE CASE OF  INFRINGEMENT OR MISAPPROPRIATION OF INTELLECTUAL PROPERTY OF THE OTHER PARTY, IN NO EVENT SHALL EITHER PARTY’S TOTAL LIABILITY FOR DAMAGES UNDER THIS AGREEMENT IN ANY CALENDAR YEAR (REGARDLESS OF THE FORM OF ACTION, WHETHER IN CONTRACT, TORT, STRICT LIABILITY OR OTHERWISE) EXCEED An Amount Equal To 12 Times The Average Ongoing Monthly Fees Paid Or Payable By Customer To Company Under This Agreement During Such Calendar Year (THE “ORDINARY CAP”); PROVIDED, HOWEVER, THAT IF, AND ONLY IF, DAMAGES IN A PARTICULAR CALENDAR YEAR ARISE FROM BREACHES OF CONFIDENTIALITY OBLIGATIONS UNDER SECTION 6 HEREOF, THEN THE ORDINARY CAP WILL BE INCREASED BY AN ADDITIONAL AMOUNT NOT TO EXCEED AN AMOUNT EQUAL TO 12 TIMES THE AVERAGE ONGOING MONTHLY FEES PAID OR PAYABLE BY CUSTOMER TO COMPANY UNDER THIS AGREEMENT DURING SUCH CALENDAR YEAR. FOR THE AVOIDANCE OF DOUBT, IN NO CASE SHALL EITHER PARTY’S TOTAL CUMULATIVE LIABILITY FOR DAMAGES UNDER THIS AGREEMENT IN ANY CALENDAR YEAR EXCEED AN AMOUNT EQUAL TO 24 TIMES THE AVERAGE ONGOING MONTHLY FEES PAID OR PAYABLE BY CUSTOMER TO COMPANY UNDER THIS AGREEMENT DURING SUCH CALENDAR YEAR.

  1. Indemnification.

10.1 Customer and its successors and assigns shall indemnify, defend, and hold harmless Company and its directors, officers, employees and agents and its and their successors and assigns from and against any and all claims, demands, losses, costs, expenses, obligations, liabilities, damages, recoveries and deficiencies, including interest, penalties, reasonable attorneys’ fees and costs that any such indemnified party may incur or suffer directly as a result of a third party claim or demand, which arise, result from, or relate to (a) a breach by Customer of any of its representations, warranties or covenants set forth in this Agreement, or (b) Customer’s or a User’s use of the Application, Company Materials or Services in violation of the terms of this Agreement.

10.2 Company and its successors and assigns shall indemnify, defend, and hold harmless Customer and its directors, officers, employees and agents and its and their successors and assigns from and against any and all claims, demands, losses, costs, expenses, obligations, liabilities, damages, recoveries and deficiencies, including interest, penalties, reasonable attorneys’ fees and costs that any such indemnified party may incur or suffer directly as a result of a third party claim or demand, which arise, result from, or relate to a breach by Company of any of its representations, warranties or covenants set forth in this Agreement.  Notwithstanding the foregoing, Company shall have no liability or indemnity obligation for any such claim arising from (i) modifications or maintenance of the Application, or Company Materials by a party other than Company, or (ii) or the use of the Application, Company Materials and/or Services in any manner not authorized herein or in violation of this Agreement.

10.3 The foregoing indemnification obligations are conditioned on the indemnified party: (a) giving the indemnifying party prompt written notice of the relevant claim; (b) reasonably cooperating with the indemnifying party, at the indemnifying party’s expense, in the defense of such claim; and (c) giving the indemnifying party the right to control the defense and settlement of such claim, except that the indemnifying party shall not enter any settlement other than for money damages without the indemnified party’s prior written approval.  The indemnifying party will pay any and all costs, damages and reasonable attorney’s fees and reasonable expert witness fees awarded against the indemnified party and all expenses incurred by the indemnified party in connection with or arising from any such claim, suit or proceeding.

10.4 During the term of this Agreement, Customer will maintain: (a) Commercial general liability or public liability insurance in the amount of $5 million in the aggregate; (b) Errors or omissions, or professional indemnity insurance in the amount of $2 million in the aggregate; and (c) workers compensation insurance as required by law.  Customer will provide Company with reasonable evidence of such insurance upon request.

During the term of this Agreement, Company shall maintain the following insurance coverage in at least the following amounts:

  1. Workers’ Compensation with statutory limits required by each state exercising jurisdiction over the Company associates engaged in performing services under this agreement.
  2. Employer’s Liability coverage with a minimum limit of $500,000 for bodily injury by accident or disease.
  3. Commercial General Liability coverage (including products and completed operations, blanket or broad form contractual, personal injury liability and broad form property damage) with minimum limits of one million dollars ($1,000,000) per occurrence for bodily injury/property damage and one million dollars ($1,000,000) for personal injury and products/completed operations.
  4. Business Automobile Liability coverage (covering the use of all owned, non owned and hired vehicles) with minimum limits (combined single limit) of one million dollars ($1,000,000) for bodily injury and property damage.
  5. Excess or Umbrella Liability coverage with a minimum limit of two million dollars ($2,000,000) coverage in excess of the coverage as set forth in items 2, 3, and 4 above.
  6. Employee Dishonesty (Fidelity) and Computer Crime coverage (for losses arising out of or in connection with any fraudulent or dishonest acts committed by employees of Company, acting alone or in collusion with others) with a minimum limit of ten million dollars ($10,000,000).
  7. Errors & Omissions coverage in the amount of ten million dollars ($10,000,000).

Subject to Company’s right to self-insure coverage as set forth below, the foregoing coverages shall be maintained with insurers which have an A.M. Best rating of A- or better and /or an equivalent rating from a recognized insurance company rating agency.

Company’s policies shall be primary and any insurance maintained by Client is excess and noncontributory.   Promptly upon Client’s written request for same, Company shall cause its insurers or insurance brokers to issue certificates of insurance evidencing that the coverages required under this Agreement are maintained and in force.  In addition, Company will use reasonable efforts to give thirty days’ notice to Client prior to cancellation or non-renewal of any of the policies providing such coverage; provided, however that Company shall not be obligated to provide such notice if, concurrently with such cancellation or non-renewal, Company provides self-insurance coverage as described below or obtains coverage from another insurer meeting the requirements described above.

  1. Compliance with Applicable Laws.

Each Party shall comply with all applicable federal, state, county and local laws, ordinances, regulations, and codes and will procure all required permits, approvals, inspections and certificates in order to operate its business in compliance with all applicable laws.

  1. Use of Customer’s Trademarks.

12.1 Only to the extent that Customer requests customized branding of the Application, Company Materials or Services in any SOW, Customer grants to Company for the term of this Agreement, a non-exclusive, non-transferable license to use, reproduce, publicly and digitally display and broadcast Customer’s name, trademarks, trade names, service marks, logos, URLs (“Customer Trademarks”) in the customized Application, Company Materials or Services, as applicable.

12.2 Customer grants Company limited permission to use Customer Trademarks on Company’s website and in marketing materials for promotion of the Application, Company Materials and Services (including without limitation, any press release regarding this Agreement or the relationship between Company and Customer); provided, however, that any such use shall be subject to Customer’s prior written consent as well as usage guidelines related to Customer Trademarks, if provided by Customer to Company.  Company agrees that nothing in this Agreement shall give any right, title, or interest in or to Customer Trademarks other than the right to use the Customer Trademarks in the manner contemplated by this Agreement.

  1. Effect of Termination.

Upon termination of this Agreement for any reason:

13.1 All licenses granted hereunder (including in any SOW) shall immediately terminate, except for the license granted in Section 4.2(b);

13.2 Company shall:  (a) convert all PII Derivative Data to Non-PII Derivative Data; (b) allow Customer to export Customer Data; and (c) except as prohibited by applicable law or legal process, return to Customer any tangible materials (in hard or soft copy) constituting Customer’s Confidential Information and destroy or delete all copies thereof, and if requested by the other Party, certify compliance with this requirement in writing within thirty (30) days from the date of termination;

13.3 Customer shall: (a) discontinue, and shall ensure that each User discontinues, all use of the Application and Services; (b) except as prohibited by applicable law or legal process, return to Company any tangible materials (in hard or soft copy) constituting Company’s Confidential Information and destroy or delete all copies thereof, and if requested by the other Party, certify compliance with this requirement in writing within thirty (30) days from the date of termination;

13.4 Customer shall promptly make all payments payable in accordance with the terms of this Agreement and any SOW attached thereto.  Customer shall be liable for all Fees (if any) incurred prior to the effective date of termination and shall not be entitled to a refund of any Fees paid by Customer prior to the date of termination, except in connection with Services paid for but not yet performed as of the effective date of termination; and

13.5 All SOWs shall terminate on the same date as the Agreement.

  1. Miscellaneous.

14.1         Survival.  Sections 1.2, 3, 4, 6, 7, 8, 9, 10, 13 and 14 shall survive termination of this Agreement.

14.2         Governing Law.  This Agreement shall be governed by and construed under the laws of the State of New York, without reference to conflicts of law principles.  The Parties expressly agree that any controversy or claim arising out of or relating to this Agreement shall exclusively be brought in New York, New York, and the Parties irrevocably consent to the jurisdiction of the State and Federal courts located in New York, New York.

14.3         Attorney’s Fees.  Should either Party hereto initiate a legal or administrative action or proceeding (an “Action”) to enforce any of the terms or conditions of this Agreement, the prevailing Party (as determined by the court or other fact-finder) shall be entitled to recover from the losing Party all reasonable costs of the Action, including without limitation attorneys’ fees and costs.

14.4         Relationship of the Parties.  Each Party hereto is an independent contractor and nothing contained herein shall be construed to create a partnership, joint venture or agency relationship between Company and Customer, and neither Party shall be authorized to bind the other in any way.  This Agreement is between Company and Customer, and is not for the benefit of any third party, whether directly or indirectly (including, if applicable, any User accessing the Application by means of an account established by Customer).

14.5         No Waiver. The failure of either Party to exercise in any respect any right provided for herein will not be deemed a waiver of any further rights hereunder.

14.6         Remedies; Amendment. Except as otherwise specifically provided herein, no remedy referred to in this Agreement is intended to be exclusive.  No delay by either Party in exercising any of their respective rights or remedies hereunder shall be deemed to be a waiver of such rights or remedies.  No waiver by either Party of any rights under this Agreement or breach by the other Party hereunder shall in any way be a waiver of any such rights in the future or any future breach. Any waiver, amendment or modification of this Agreement, and any approval or consent hereunder must be in writing and signed by the Party against whom enforcement is sought or the Party providing such approval or consent.

14.7         Assignment; Subcontracting. Neither Party shall have the right to assign or otherwise transfer its rights and obligations under this Agreement except with the prior written consent of the other Party.  Notwithstanding the foregoing, Company may assign this Agreement to a third party without such consent (a) in the event of a merger, reorganization or sale of all or substantially all of Company’s assets or voting securities or (b) to its own subsidiary or division.  Company reserves the right to subcontract any or all of the services described in a SOW, provided that Company remains fully responsible under this Agreement for the performance of any such subcontractor.

14.8         Severability.  If any provision of this Agreement is held to be invalid or unenforceable for any reason, such provision shall be conformed to prevailing law rather than voided, if possible, in order to achieve the intent of the Parties and, in any event, the remaining provisions of this Agreement shall remain in full force and effect and shall be binding upon the Parties hereto.

14.9         Headings. The headings set forth in this Agreement are solely for reference and have no legal effect whatsoever and shall not in any way affect the interpretation or construction of this Agreement.

14.10       Force Majeure. Except for the payment of monies when due, neither Party shall be liable for damage to the extent that it is caused by an event beyond its control, including, acts of God, acts of civil or military authority, labor disputes, failure or delay of suppliers or systems, including communications and power systems, DDOS attacks, fire, sabotage, war, embargo or acts or omissions of the other Party caused by any of such event.

14.11       Notices. All notices, statements and reports required or permitted by this Agreement shall be in writing, addressed as set forth in the opening paragraph and deemed to have been effectively given and received: (i) five (5) business days after the date of mailing if sent by registered or certified U.S. mail, postage prepaid, with return receipt requested; or (ii) when delivered if delivered personally or sent by express courier service to the address set forth below.  Either Party may change its address for the purpose of this paragraph by notice given pursuant to this paragraph.

14.12       Entire Agreement.  This Agreement and any SOWs thereto represent the complete and exclusive statement of the mutual understanding of the Parties and supersede and cancel all previous written and oral agreements, communications and other understandings relating to the subject matter of this Agreement.  Except as otherwise provided herein, all modifications or amendments to this Agreement and SOWs must be in a writing signed by both Parties.

14.13       Agreement in Counterparts.  This Agreement may be signed by Customer and Company in counterparts, and facsimile and PDF signatures shall have the same force and effect as an original signature.

14.14       Definitions.

“Application” means the web-based application software known as StandOut that may be made available pursuant to an SOW by Company to Customer.

“Company Materials” means any information, content or materials in written or electronic form provided by Company to Customer through the Application, in the course of providing Services or by a license grant set forth in an SOW, other than Customer Data.

“Customer Data” consists of information input into the Application by Customer or any of its Users.

“Derivative Data” means data that the Company derives from a combination of Proprietary Rights and Customer Data, whether in personally identifiable form (“PII Derivative Data”) or in aggregate and non-personally identifiable form (“Non-PII Derivative Data”).

“Insubstantial Amount of Data” means an amount of Company Materials that has no independent commercial value and could not be used as a substitute for the Application or any part of it.

“User” means any employee or independent contractor of Customer who (i) utilizes the Company Materials or Services pursuant to the terms of this Agreement and/or (ii) has his or her own valid Application ID and password and who is authorized thereby to access and use the Application for and on behalf of Customer. Customer acknowledges and agrees that Customer shall remain liable for all actions and omissions of its Users hereunder or under any applicable separate agreement.

Effective Date: February 1, 2019

This Privacy Statement explains how the Marcus Buckingham Company, an ADP Company (“TMBC” or “our” or “we”) uses and discloses personal data that (i) we collect from individuals who visit our websites and associated sub-domains located at https://www.tmbc.com (the “Site”) and mobile application (the “Application”) and otherwise engage with us in business activities, or (ii) we receive from our Client (your employer) as a data processor.

This Privacy Statement incorporates ADP’s Binding Corporate Rules (“BCR”) Privacy Code for Business Data (the “Business Code”), which includes information about how ADP processes and protects data of our business contacts/professionals and consumers. For our Client employees located in the European Economic Area (EEA), this Privacy Statement also incorporates ADP’s Binding Corporate Rules (“BCR”) Privacy Code for Client Data Processing Services (the “Processor Code”). For more information on Business Code, Processor Code, or our Privacy Program, please click any of the overviews located here: https://www.adp.com/privacy.aspx. If you have additional questions about privacy or this Privacy Statement, please contact our Privacy Team at Privacy@ADP.com.

Types of Personal Data
Personal data is any information that can be used to identify, locate, or contact you. Some examples of personal data include your name, username, mailing address, telephone numbers, email address, customer account information, or other information about how you use the Site and Application. Personal data also includes other information that may be associated with your personal data.

How TMBC Collects Personal Data & Categories of Personal Data Collected
In the ordinary course of business, ADP collects and processes personal data on behalf of your employer when we act as a data processor.

If you are using the Site as a consumer and not as a Client employee, we collect Personal Data directly from you as a data controller. We will ask you for Personal Data when you interact with us, such as registering on our Site, signing up to receive a newsletter or marketing communications, making a purchase, entering comments related to job priorities and other work-related activities, as well as commenting with team members and leaders through the software, engaging with the Engagement Pulse or Performance Pulse tools, or providing services, goods, or products. We may also collect additional information from other ADP products.

TMBC, when acting as a data controller, collects the following categories of Personal Data directly from you: first name, last name, email address, professional information, billing information, address, and phone number.

If you interact with us through the Site or Application, we use cookies or other technological tools to collect information about your device and your use of our Site or Application. We treat this information as personal data when it is associated with your contact information. For more information about cookies and other technologies, please see the section Cookies and Other Data Collection Technologies below.

How TMBC uses Personal Data
When TMBC is acting as a data processor to your employer, TMBC processes your personal data only as instructed or permitted by your employer, in which case only your employer can inform you on the different purposes for which it will process your data through our products.

Otherwise, TMBC uses your personal data for the following business purposes:

Business purposes for processing personal data pertaining to business contacts/professionals. Personal data pertaining to business contacts/professionals with whom TMBC has a business relationship may be processed as needed:
To send communications related to providing services (such as emails from the production about events such as doing your weekly check-in, being invited to a team, or being part of an Engagement Pulse, requests for information, responses to requests for information, orders, confirmations, training, and service updates);
For account management, accounting, finance, and dispute resolution purposes (such as accounts receivable, accounts payable, account reconciliation, cash management, or money movement) and for consolidated management and reporting;
To assure quality control and to enforce our standards and policies;
For security management, including monitoring individuals with access to the Site, Application, systems, or facilities, investigation of threats, and as needed for any data security breach notification;
To anonymize or de-identify the personal data; and
For purposes of providing coaching, professional development, performance reviews, and employee insights, and tracking.
Business Purposes for processing personal data pertaining to consumers and other individuals. Personal data pertaining to consumers and other individuals may be processed as needed:
To provide the information, product, or service requested by the individual, and as would be reasonably expected by the individual given the context in which the personal data was collected, and the information provided in the applicable privacy statement given to the individual (such as for personalization, remembering preferences, or respecting individual rights);
For due diligence, including verifying the identity of the individual, as well as the eligibility of the individual to receive information, products, or services (such as verifying age, employment, or account status);
To send transactional communications (such as requests for information, responses to requests for information, orders, confirmations, training materials, and service updates);
To manage an individual’s account, such as for customer service, finance, and dispute resolution purposes;
For risk management and mitigation, including for audit and insurance functions, and as needed to license and protect intellectual property and other assets;
For security management, including monitoring individuals with access to the Site, Application, systems, or facilities, investigation of threats, and as needed for any data security breach notification;
To anonymize or de-identify the personal data; and
For purposes of providing coaching, professional development, performance reviews, and employee insights, and tracking.
Business-necessary processing activities.TMBC may also process personal data as needed (i) to protect the privacy and security of the personal data it maintains, such as in connection with advanced security initiatives and threat detection; (ii) for treasury operations and money movement activities; (ii) for compliance functions, including screening individuals against sanction lists in connection with anti-money laundering programs; (iv) for business structuring activities, including mergers, acquisitions, and divestitures; and (v) business activities, management reporting, and analysis.
Development and improvement of products and/or services.TMBC may process personal data to develop and improve TMBC’s products and/or services, and for research, development, analytics, and business intelligence.
Relationship management and marketing.TMBC may also process personal data for relationship management and marketing. This purpose includes sending marketing and promotional communications to individuals who have not objected to receiving such messages as may be appropriate given the nature of the relationship, such as product and service marketing, investor communications, Client communications (e.g., HR compliance alerts, product updates, and training opportunities and invitations to ADP events), customer satisfaction surveys, supplier communications (e.g., requests for proposals), corporate communications, and TMBC news.TMBC uses your personal data for secondary purposes such as:
Disaster recovery and business continuity, including transferring the information to an archive
Internal audits or investigations
Implementation or verification of business controls
Statistical, historical, or scientific research
Dispute resolution
Legal or business counseling
Compliance with laws and company policies
Insurance purposes
Why and How Personal Data is disclosed by TMBC
TMBC does not provide your personal data to third parties outside of ADP Group Companies for their own marketing purposes. We share your personal data:

To ADP Group Companies, which use your personal data for the purposes listed in this Privacy Statement.
To our service providers, who are bound by law or contract to protect your personal data and only use your personal data in accordance with our instructions.
To enforce our rights, protect our property, or protect the rights, property, or safety of others; in connection with the sale, assignment, or other transfer of TMBC’s business or assets, or as needed to support external auditing, compliance and corporate governance functions. We will also disclose personal data when required to do so by law, such as in response to a subpoena, including to law enforcement agencies and courts in the United States and other countries where we operate.
As instructed or permitted by your employer (when we are acting as a data processor) or you.
As needed to provide the services that you and/or your employer have requested.
Please note that we may also use and disclose information about you that is not personally identifiable. For example, we may publish reports that contain aggregated, anonymized, and/or statistical data about our Clients. These reports do not contain information that would enable the recipient to contact, locate, or identify you. These reports also do not contain identifiable company information.

Cookies and Other Data Collection Technologies
When you visit our Site, use our Application, or receive digital communications from us, we collect certain information by automated means, using technologies such as cookies, pixel tags, browser analysis tools, server logs, and web beacons. For example, when you visit our Site, we place cookies on your device. Cookies are small text files that websites send to your computer or other internet-connected device to uniquely identify your browser or to store information or settings in your browser. Cookies allow us to recognize you when you return. They also help us provide a customized experience and enable us to detect certain kinds of fraud. In many cases, you can manage cookie preferences and opt-out of having cookies and other data collection technologies used by adjusting the settings on your browser. All browsers are different, so visit the “help” section of your browser to learn about cookie preferences and other privacy settings that may be available. Pixel tags and web beacons are tiny graphic images placed on website pages or in our emails that allow us to determine whether you have performed a specific action. When you access these pages or open or click an email, the pixel tags and/or web beacons generate a notice of that action. These tools allow us to measure response to our communications and improve our web pages and promotions.

We collect many different types of information from cookies and other technologies. For example, we collect information from the device you use to access our Site, your operating system type, browser type, domain, and other system settings, as well as the language your system uses and the country and time zone where your device is located. Our server logs also record the Internet Protocol (“IP”) address assigned to the device you use to connect to the Internet. An IP address is a unique number that devices use to identify and communicate with each other on the internet. We may also collect information about the website you were visiting before you came to the Site and the website you visit after you leave our Site.

In many cases, the information we collect using cookies and other tools is only used in a non-identifiable way, without reference to personal data. For example, we use information we collect about website users to optimize our Site and to understand website traffic patterns. In some cases, we do associate the information we collect using cookies and other technology with your personal data. This Privacy Statement applies to the information when we associate it with your personal data.

Although our Site currently does not have a mechanism to recognize the various web browser Do Not Track signals, we do offer Individuals choices to manage their preferences that are provided in the previous sections above. The Site does not collect Personal Information about an individual consumer’s online activities over time and across different websites when a consumer uses the Site. To learn more about browser tracking signals and Do Not Track please visit http://www.allaboutdnt.org/. TMBC uses Google Analytics as a third party vendor. For information on how Google Analytics uses data, please visit “How Google uses data when you use our partners sites or apps”, located at http://bit.ly/2jXZ13Y.

Mobile Applications
TMBC offers the Application, which allows you to access your account, interact with us online, and receive other information via your mobile device. Personal data collected by TMBC via our Application is protected by the terms of this Privacy Statement or our Privacy Statement for Client Employees, as applicable.

Communication Preferences
When TMBC acts as a data controller, you may limit the information you provide to TMBC. You may also limit the communications that TMBC sends to you. To opt-out of commercial emails, simply click the link labeled “unsubscribe” at the bottom of the commercial email we send you. Please note that if you are currently receiving services from TMBC and you have decided to opt-out of emails, this will not impact the messages we send to you for purposes of delivering such services or as permitted by applicable law. If you have questions about your choices or if you need assistance with opting-out, please contact us via email to Privacy@ADP.com. You may also write us at the address in the How to Contact Ussection below. If you send us a letter, please provide your name, address, email address, and information about the communications that you do not want to receive.

Access, Correction, Erasure, and Other Individual Rights
TMBC respects your right to access, correct, and delete your personal data, or object to the processing of your personal data. If you have an online account, you may log into your account to access update, or delete the information you have provided to us. Additionally, you may contact Privacy@ADP.com to request access to your data, or to exercise any of the individual rights afforded to you by ADP’s Business Code, or by applicable data protection laws and regulations. You may also write to us at the address in the How to Contact Us section below. If you send us a letter, please provide your name, address, email address, and detailed information about the changes you would like to make. TMBC will respond to requests as soon as possible and in accordance with applicable data protection laws.

This section is not applicable if TMBC processes your data according to a contract with your employer. Your contact will be your employer who can inform you about any rights you may have.

Information Security
TMBC is committed to maintaining appropriate organizational, technical, and physical controls to protect personal data entrusted to TMBC. These controls protect personal data from anticipated threats and hazards and unauthorized access and use. Additional information about ADP’s Global Security Organization may be found at http://www.adp.com/trust. You should also take steps to protect yourself, especially online. When you register at the Site, choose a strong password, and do not use the same password that you use on other websites. Do not share your password with anyone else. TMBC will not ask you for your password in an unsolicited phone call or in an unsolicited email. Also remember to sign out of the Site and close your browser window when you have finished your work. This is to ensure that others cannot access your personal data and correspondence if they have access to your device.

Data Retention
TMBC will retain your personal data for as long as necessary for the purposes for which the personal data is processed. TMBC follows a Global Records Information Management (“RIM”) Policy and has established records retention schedules for all types of personal data that TMBC processes. Personal data is retained in accordance with the records retention schedules to ensure that records containing personal data are retained as needed to fulfill the applicable business purposes, to comply with applicable laws, or as advisable in light of applicable statutes of limitations. When the retention period has expired, records containing personal data will be securely deleted or destroyed, de-identified, or transferred to archive, in accordance with ADP’s RIM Policy.

This section doesn’t apply to processing carried out through a contract between your employer and TMBC.

International Data Transfers
TMBC is headquartered in the United States of America. Your personal data may be accessed by or transferred to the United States or elsewhere in the world in accordance with the ADP Privacy Code for Business Data.

Where authorized by your employer, ADP will transfer personal data pertaining to individuals located outside of the United States to our affiliates and suppliers in the United States and elsewhere in the world, pursuant to applicable data protection laws. We will only transfer personal data pertaining to individuals located in the European Economic Area as permitted by the ADP Privacy Code for Client Data Processing. Please click here for the list of our affiliates bound by the ADP Privacy Code for Client Data Processing Services.

Job Applicants
If you have applied for employment with TMBC, the personal data submitted with your job application will be added to our recruitment system and used for recruitment and other customary human resources purposes in accordance with ADP privacy policies.

Individuals Located in the European Economic Area
In addition to the rights already listed in this Privacy Statement, you also have the right to data portability, as well as the right to be notified of automated decision making or profiling related to your personal data. A data protection officer for the European Economic Area (“EEA”) has been appointed and can be reached at DataProtectionOfficer.ADPEMEA@adp.com. You may reach the data protection officer via mail at the address below.

Data Protection Officer – EMEA
ADP Europe SAS
31 Avenue Jules Quentin
92000 Nanterre
France
This section doesn’t apply to processing carried out through a contract between your employer and TMBC. As an employee of an ADP Client, please reach out to your employer for more information regarding the collection and processing of your personal data.

Changes to this Privacy Statement
We may update this Privacy Statement to reflect new or different privacy practices. We will place a notice online when we make material changes to this Privacy Statement.

Group Companies bound by this Privacy Statement
For a listing of Group Companies bound by this Privacy Statement and the Privacy Code for Business Data, please click www.adp.com/privacy/pdf/A2CoBDC.pdf.

How to Contact Us
Please contact us if you have questions, or comments. You may reach us via email at Privacy@ADP.com, or via mail at address below. If you send us a letter, please provide your name, address, email address, and detailed information about your question, comment, or complaints.

TMBC
Global Data Privacy and Governance Team
MS 325
One ADP Boulevard
Roseland, NJ 07068-1728 USA
How to Lodge a Complaint
If you believe that TMBC has not handled your personal data properly or that it has breached its privacy obligations, under any applicable data protection laws or the Business Code or of applicable law, you may file your complaint in writing to the address above, or via email, to the Global Data Privacy and Governance Team at Privacy@ADP.com. The Global Data Privacy and Governance Team will investigate each complaint and notify you within a reasonable timeframe of the outcome of the investigation. If you are not satisfied by the resolution TMBC proposes, you may lodge a complaint in accordance with the provisions of the Business Code.

This section doesn’t apply to processing carried out through a contract between your employer and TMBC. However, if you are a Client employee located in the EEA and Switzerland, you may file a complaint as a third party beneficiary in respect of a claim you may have for violation of the ADP Privacy Code for Client Data Processing Services or applicable law, by contacting the Global Data Privacy and Governance Team at Privacy@ADP.com. If ADP’s response to your complaint is unsatisfactory, you may file a complaint or claim with the relevant regulatory authorities or the courts, in accordance with the provisions of the ADP Privacy Code for Client Data Processing Services.

U.S. State Specific Privacy Rights
If you are a Nevada or California resident click here for additional information regarding your privacy rights.

Last Updated: December 30, 2019