Additional Service Terms of Agreement Performance Enhancements Inc./Dataprise CONFIDENTIAL – DO NOT DISTRIBUTE By entering into any Statement of Work or other applicable agreement for services (“SOW”) with Performance Enhancements Inc. (“PEI”), a Dataprise Company (“Dataprise”), the Additional Service Terms of Agreement (“Terms”) shall apply and Customer agrees to and shall be bound by the terms and conditions herein. Customer and Dataprise/PEI may be referred to herein individually as a “Party” and collectively as “Parties”. If Customer and Dataprise have executed the Dataprise Master Services Agreement (the “MSA”), the MSA shall apply to any SOW entered into between the Parties, however, in the event of any conflicting terms between the Dataprise MSA and the Terms, the Terms shall govern. Any reference to “Agreement” in the Terms hereunder or in the MSA shall include any PEI or Dataprise SOW or other agreement for services entered into between the Parties. I. Scope and Performance of Services 1) Customer may, from time to time, purchase services as described in a Statement of Work (“SOW”) (collectively, the “Services”). Upon execution of the SOW by Customer, including electronically, PEI is authorized to proceed with the Services and Customer accepts the fees and charges for such Services. The Services shall be provided in accordance with the provisions of the Additional Service Terms of Agreement and any SOW, and all Services performed or provided by or on behalf of Dataprise shall be subject to the terms and conditions of these Additional Service Terms. The Additional Service Terms and the terms herein are expressly incorporated into any SOW executed by the Parties. 2) PEI shall only provide Services as specifically agreed to in a SOW . To the extent reasonably necessary to provide the Services, Customer shall provide PEI access to all of Customer’s leased, licensed, or owned computer systems, computer hardware and equipment, computer software and applications, networks, hosted solutions, custom applications, and other information technology systems or components used at, or in connection with, Customer’s locations or business (“Customer’s Computer Systems”). PEI may locate or install servers or other computer hardware on Customer’s premises or provide or install software or applications to provide the Services (“PEI-Supplied Computer Systems”). 3) PEI has the right, but not the obligation, to monitor or audit the Services or Customer’s Computer Systems with respect to the Services to verify compliance with any applicable licenses or authorizations or the Terms. Customer shall promptly provide information reasonably requested by PEI or a PEI Party in furtherance of such monitoring or audit, including access to Customer’s Computer Systems relevant to the Services and evidence of licenses for the software that Customer uses. PEI may engage a third-party auditor, which shall be subject to a confidentiality obligation to conduct the monitoring or audit. Any information collected during the monitoring or audit will be used solely for purposes of determining compliance in conformance with this section. Any such monitoring or audit shall take place during normal business hours and in a manner that does not unreasonably interfere with Customer’s operations. PEI has the right to use software license tracking tools to provide the Services and to monitor Customer’s compliance with the Terms. Regardless of whether PEI conducts such monitoring or audit, Customer is responsible for any liabilities or obligations for its own software usage and compliance with software licenses. If any such monitoring or auditing identifies a violation of any applicable license or authorization or breach of the Terms, Customer shall be responsible for the costs and expenses arising from the same; otherwise, PEI shall remain liable for all such costs and expenses. II. Customer Requirements 1) Customer represents and warrants that Customer has title to or has a license or the right to use or modify Customer’s Computer Systems and the right to permit PEI to use, access or modify any Customer’s Computer Systems that Customer has requested PEI to use, access, or modify as part of the Services. Customer is responsible for independently ensuring that it has all appropriate authorizations, licenses, or other approvals for Customer’s Computer Systems. 2) Customer agrees to: a) reasonably cooperate with PEI, including making relevant Customer personnel, information, and resources available to PEI in a timely manner to the extent required to perform the Services, including providing necessary administration and user password and access controls and accounts. b) ensure Customer’s Computer Systems meet manufacturer’s specifications, are kept updated with the latest software updates as applicable, are not defective, are not obsolete, have not reached end-of-life, are not deemed unsupportable by applicable vendors, and are otherwise in good operating condition; c) not make any alterations, additions, deletions or modifications to Customer’s Computer Systems or PEI-Supplied Computer Systems or any portion thereof that interferes with their normal and satisfactory operation or presents a security risk; d) execute, maintain, and comply with any applicable license, user agreement, use policy, or other agreement applicable to any Customer’s Computer Systems or the Services; e) not infringe or have infringed on any third-party intellectual property right with respect to which Customer’s Computer Systems, PEI-Supplied Computer Systems, or the Services, or any portion thereof, are subject; f) comply with all applicable laws regarding Customer’s Computer Systems, PEI-Supplied Computer Systems, or the Services, and any data or information stored, transmitted, collected, downloaded, or received on, to, from, or with respect to the same (“Customer Data”); g) not uninstall or interfere with any software licensing tracking tools used by PEI to administer the Services; h) promptly install and maintain any software updates with respect to the Services; i) maintain responsibility for backing-up all Customer Data and protecting Customer Data from loss, damage, or destruction, except to the extent specified otherwise in the SOW or Exhibit Two – Managed Services; j) properly install and operate any Work Product (defined below), software, or other product provided by PEI to Customer with respect to the Services; k) employ all commercially reasonable physical, administrative, and technical controls, screening, security procedures, and other safeguards to securely administer and protect against any unauthorized access to or use of Customer’s Computer Systems or Customer Data; l) obtain and maintain any necessary agreements, authorizations, or approvals from third parties with respect to Customer’s Computer Systems to the extent required for PEI to perform the Services; m) promptly follow reasonable recommendations from PEI regarding Customer’s Computer Systems, PEI-Supplied Computer Systems, or the Services; n) not request that PEI take any action or refrain from acting in any manner, which in reasonable judgement, would result in a breach of the Terms; and o) notify PEI immediately upon becoming aware of a breach of any of the Terms. III. Ownership and License 1) PEI and Customer acknowledge that PEI personnel shall only be providing the Services and that no work product, deliverables, or other tangible or intangible personal property (“Work Product”) shall be provided to Customer except as expressly set forth in an applicable SOW. Customer agrees that, notwithstanding anything to the contrary in the Terms: (i) PEI shall have the right to retain a copy of any Work Product of PEI or its shareholders, directors, officers, members, managers, employees, agents, affiliates, subsidiaries, contractors, and other representatives (the “PEI Parties”); and (ii) as part of PEI’s provision of the Services specified in any SOW, PEI may utilize materials that PEI or third parties have an intellectual property interest in or proprietary works of authorship, pre-existing or otherwise, that have not been created specifically for Customer, including, without limitation, computer programs, methodologies, templates, flowcharts, architecture designs, tools, specifications, drawings, sketches, models, samples, administrative records, and documentation, as well as copyrights, trademarks, service marks, ideas, concepts, know-how, techniques, knowledge, or data, and any derivatives thereof, which have been originated, developed, or purchased by PEI or any parent, subsidiary, or affiliate of PEI or by third parties (“Existing Materials”). Existing Materials shall remain the sole and exclusive property of PEI or, if applicable, any third party that has intellectual property rights in the same. Notwithstanding anything contained herein to the contrary, Customer shall not have or obtain any rights in such Existing Materials, including, without limitation, proprietary products, materials, and methodologies of PEI or any third parties. Until the Customer has paid and fully satisfied its obligations under the applicable SOW and the Terms, PEI shall retain title to and ownership of all Work Product. At the time that the Customer has paid all amounts owed under an applicable SOW and provided that the Customer is otherwise not in breach of its obligations under the Terms, the MSA or such SOW, Work Product under such SOW shall become and shall thereafter be property of Customer, and Customer shall retain all rights to such Work Product, exclusive of any component derived from Existing Materials. Customer hereby authorizes PEI, at any time, to file financing statement(s) or take other actions to perfect its interest in the Work Product prior to transferring title to Customer or the Existing Materials. In the Event of Default (defined below) by Customer hereunder, in addition to, and not in substitution of, any other rights PEI may have at law or in equity or otherwise, ownership of any Work Product shall remain with PEI or transfer back to PEI if applicable, and PEI shall have the right to enter upon any location where any Work Product is located and to take possession of, remove, or render inoperable any Work Product. Customer shall grant PEI access to any such Work Product located on its own property and grants permission for PEI to enter upon the property of others for the purpose of carrying out its rights described herein. 2) To the extent that Existing Materials are incorporated in any Work Product delivered to Customer, PEI grants to Customer a royalty-free, irrevocable, worldwide, non-transferable, non-exclusive, internal use, perpetual license to use, modify, and prepare derivative works of such Existing Materials and to use and display such Existing Materials, but only to the extent required to utilize the Work Product in accordance with all limitations in the Terms and as may be set forth in the relevant SOW. Nothing in this Section shall be deemed to permit Customer to disclose, provide access to, sublicense, disassemble, decompile, reverse engineer, modify, create derivative works of, or transfer any of PEI’s or its licensor’s Existing Materials to a subsidiary, affiliate, or third party without prior, written consent of PEI or other third parties as applicable. Furthermore, nothing herein shall be construed as limiting PEI’s ownership of any patent, copyright, or other intellectual property or trade secret rights in any information developed independently of the SOW or Agreement even though such information may have been used in connection with PEI’s performance of the Services or its obligations under such. Nothing herein shall prohibit PEI or PEI Parties from providing similar services to others and/or from using or disclosing to others the general knowledge, skill, and experience that they have developed over the years, including the general knowledge, skill, and experience that PEI and PEI Parties develop under the SOW or Agreement or with respect to the Services. IV. Product Purchases and Return Policy 1) Returned products will be accepted only if the return is pre-approved by PEI and is accompanied by a Return Merchandise Authorization (RMA) number issued by PEI. No cash refunds are given, and credits are issued only after the returned merchandise or product has been received and, in its entirety, is free from damage and alterations in PEI’s reasonable discretion. Such credits may be applied to future purchases by Customer. Returns based on product failure must be made within 10 days of Customer’s receipt of the product. Non-failure returns must be made within 14 days of the original invoice date. Either PEI’s technical support staff or your sales representative can issue RMA numbers, but product failures must first be directed to our technical support staff prior to the issuance of an RMA. RMAs expire after 15 days from date of issue. PEI reserves the right to require Customers to obtain their own warranty repair direct from the manufacturer for any product. Any non-failure related product returns are subject to restocking charge of twenty percent (20%) of the original product price. Special-order products, including fully integrated systems and subsystems, may be returned only for failure. 2) Products returned must be in their original packaging and must include all manuals, cables, cords, computer diskettes and other accessories that were included with the product to receive a credit. Any costs incurred to correct damage or modifications or replace missing parts will be charged to the Customer or deducted from any credit due. All returns must have the RMA number clearly marked on the outside of the package. Customers must prepay freight to PEI for the returned product. Products shipped without an RMA or shipped COD to PEI will be refused and no credit will be applied to Customer’s account. PEI will pay for domestic ground freight costs to return warranty repair products to the Customer, provided, however, Customer shall be responsible for any charges for international or expedited shipments. 3) Customer acknowledges and agrees that third-party vendors may not permit returns on customized, configured to order, special-order, or other similar equipment, and PEI’s ability to accept returns is governed by the third-party manufacturer, vendor, or distributor return policies. PEI is not required to accept returns if returns are not allowed or are otherwise restricted by the applicable manufacturer, vendor, or distributor or provide notice of applicable return policies in advance of sale. The inability to accept a return does not relieve Customer from their obligation to pay for products. V. Limitations on Liability and Disclaimers 1) Information security threats are continually changing, with new vulnerabilities discovered daily. PEI makes no representations, warranties, guarantees, or certifications related to identification of such vulnerabilities. If provided as part of the Services, Customer acknowledges that vulnerability testing does not protect against personal or business loss. PEI offers no representation, warranties, guarantees or legal certifications concerning the applications or systems it tests. PEI does not warrant that the resources tested are suitable for task, free of other defects, fully compliant with any industry standards, or fully compatible with any operating system, hardware, or other application. 2) If specifically addressed in an SOW, PEI security services and products may include monitoring, security incident detection, prevention, and impact visibility, should a security event occur. All recovery and/or remediation efforts provided by PEI, and its partners, are outside the scope of these service plans and will incur additional charges. Recovery and remediation services must be mutually agreed in writing by both PEI and Customer prior to commencing any recovery efforts. This is to include and is not limited to discovery & assessment, preservation, document recovery, coordination with Customer, legal counsel, cyber specialists, and insurance representatives, and designated third parties.