Science Exchange, Inc., Service Provider Agreement*
Updated: January 14, 2021
1.1 “Affiliate” means any corporation or other business entity controlled by, controlling, or under common control with, a Party. For this purpose, “Control” means direct or indirect beneficial ownership of more than fifty percent (50%) of the voting interest in such corporation or other business entity, or otherwise having the power to govern the financial and the operation policies or to appoint the management of an organization.
1.2 “Applicable Laws” shall mean any country, federal, state, provincial, commonwealth, cantonal or local government law, statute, rule, requirement, code, regulation, permit, ordinance, authorization or similar such governmental requirement and interpretation and guidance documents of the same by a governmental authority as applicable to Service Provider.
1.3 “Audit for Cause” shall refer to any audit resulting from the following: (I) suspected or actual serious persistent non-compliance with the Order, Service Provider’s policies and procedures, or any other guidance, (II) suspected or actual failure to perform any of the Services set forth in the Order, and (III) suspected or actual fabrication, falsification, plagiarism, deception, or other practices that materially deviate from those that are commonly accepted within the scientific community for conducting or reporting research, with the exception of honest error.
1.4 “Change Order” shall mean any change to an Order with respect to the Statement of Work, Term, Deliverables, Fees, Service Provider, or any other requirement.
1.5 “Confidential Information” shall mean any and all information including but not limited to know-how, intellectual property, plans, documents, financial information, formulas, designs, calculations, facilities, reports, models, agreements, methods, inventions, discoveries, research concepts, patents, technology, products, chemical compounds and compositions, molecules, precursors, concepts, ideas, plans, processes, specifications, characteristics, techniques, and assays; clinical information such as raw data, scientific preclinical or clinical data, observations, records, databases, dosing regimens, clinical studies or protocols, posters, presentations and abstracts, product pipelines, timelines and schedules; business information such as development, marketing, sales, customer lists, suppliers, consulting relationships, performance and cost structures, pricing and commercialization plans, forecasts, proposals, and any other non-public information or other trade secrets, whether scientific, clinical or financial in nature, however recorded or preserved that is provided or disclosed by or on behalf of (I) a Requester (defined in Section 1.21 below) to Service Provider or its Representatives, or (II) one Party to the other Party or its Representatives (in each case, (I) and (II), the entity causing the information to be disclosed or provided is the referred to herein as the “Disclosing Entity”) in the performance or contemplation of an Order, via the Platform or by any other means, whether in writing, orally, pictorially or through other tangible materials. A Party to this Agreement in receipt of Confidential Information from a Disclosing Entity is a “Receiving Party” with respect to such Confidential Information and, unless stated otherwise herein, the Confidential Information provided by or on behalf of the Disclosing Entity is referred to as the Disclosing Entity’s Confidential Information. Notwithstanding the foregoing, any Work Product and Deliverables shall be considered Requester’s Confidential Information.
1.6 “Covered Entity” (or, in the singular, “Covered Individual and Entity”) shall mean any one or more of HCP, HCI, Payor, Purchaser, Healthcare Industry Professional Societies and Trade Association, and entities owned or operated by one or more HCP, HCI, Payor, Purchaser, or Healthcare Industry Professional Societies or Trade Association. Additionally, the capitalized terms used in the above definition are defined as follows:
1.6.1 “Healthcare Industry Professional Societies and Trade Association” shall mean a non-profit or tax exempt healthcare industry organization seeking to further a particular profession, the interests of individuals engaged in that profession, or the public interest (examples of such include without limitation the American Society of Hematology, the North American Society for Dialysis and Transplantation, the American Society of Hypertension, the American Cancer Society and the American Society of Clinical Oncology).
1.6.2 “Healthcare Institution” or “HCI” shall mean a facility that provides health maintenance, or treats illness and injury and can include without limitation any hospital, convalescent hospital, dialysis center, health clinic, nursing home, extended care facility, or other institution devoted to the care of sick, infirm, or aged persons, and is in a position to purchase or influence a purchasing decision for any human therapeutic product marketed, distributed, or sold or any service related thereto provided by or on behalf of Company or any of its Affiliates (each a “Company Therapeutic Product”).
1.6.3 “Healthcare Professional” or “HCP” shall mean any person licensed to prescribe Company Therapeutic Products, as well as anyone working for a person licensed to prescribe a Company Therapeutic Product and in a position to influence a purchasing decision, including without limitation physicians and other providers (e.g., nurses, pharmacists), dialysis providers, other office personnel.
1.6.4 “Payor” shall mean an organization, including without limitation its directors, officers, employees, contractors and agents, whether private or governmental (e.g., Centers for Medicare and Medicaid Services, Veterans Administration), that provides medical and/or pharmacy plans for covering and reimbursing patients and/or Healthcare Professionals from medical expenses incurred including without limitation managed care organizations, pharmacy benefit managers, health maintenance organizations, other healthcare coverage providers, and any similar such organization.
1.6.5 “Purchaser” shall mean individuals or entities, including without limitation wholesalers, pharmacies, and group purchasing organizations, that purchase a Company Therapeutic Product to sell to members of the Healthcare Community or that are authorized to act as a purchasing agent for a group of individuals or entities who furnish healthcare services.
1.7.“Data Controller” shall mean the entity or Party which: (I) alone or jointly with others, determines the purposes and means of the processing of Personal Data; and (II) if and as applicable, acts as a Business as defined by Section 1798.140(c) of the CCPA.
1.8.“Data Processor” shall mean the entity or Party which: (I) processes Personal Data on behalf of a Data Controller; and (II) if and as applicable, acts as a Service Provider as defined by Section 1798.140(v) of the CCPA.
1.9 “Deliverable(s)” shall mean any Work Product, report, material, data, images or as agreed upon in the applicable Order to be delivered to Requester by Service Provider in accordance with the Statement of Work.
1.10 “Fees” shall mean the total cost of performance for the Services provided by Service Provider.
1.11 “Materials” shall mean materials, samples, compounds, research models or any other tangible items or its intangible equivalent provided to Service Provider by or on behalf of Requester in order to perform the Services.
1.12 “Order” shall mean a Quote for Services offered by Service Provider and accepted by Requester via the Platform.
1.13 “Platform” shall mean Science Exchange’s website, any other web services or applications owned, controlled, or offered by Science Exchange, including the Science Exchange concierge service and, any integrations with third-party software offered by Science Exchange.
1.14 “Personal Data” shall have the meaning assigned to the terms “personal data” or “personal information” under Applicable Laws, and will, at a minimum, mean any information relating to an identified or identifiable natural person (the “Data Subject”). For clarification, an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to their physical, physiological, genetic, mental, economic, cultural or social identity.
1.15 “Quote” shall mean a description of Services and Statement of Work being offered by a Service Provider to a Requester. To clarify, a description of Services and a Statement of Work being offered by a Service Provider to a Requester outside the Platform shall mean a Quote for Services as defined herein if an Order results that is accepted on the Platform.
1.16 “Records” shall mean any and all records, accounts, files, books, receipts, third party invoices, time sheets, written policies and procedures, tests, methods, results, records, reports, correspondence and memoranda as they pertain to this Agreement (including, but not limited to records related to standard operating procedures, system validation, time expended, tests performed, and materials procured, as applicable).
1.17 “Representative(s)” shall mean any agent, subcontractor, consultant or any other third party fulfilling a Party’s obligations hereunder.
1.18 “Request” shall mean requesting a Quote for Services via Science Exchange’s Platform.
1.19 “Requester” shall mean the party including its employees, directors and officers ordering Services via Science Exchange’s Platform.
1.20 “Service(s)” shall mean the scientific research services being offered and performed by Service Provider.
1.21 “Service Provider” shall mean the Party including its employees, directors and officers offering and providing Services via the Platform.
1.22 “Statement of Work” shall mean a detailed description of the specific Services to be completed by Service Provider including any pertinent information such as Fees, Deliverables, Term, protocols and payment schedules.
1.23 “Term” shall mean the effective date of any Order through the date that Service Provider discontinues use of the Platform for the performance of Services via any Order(s) or, the date Science Exchange terminates such use.
1.24 “Work Product” shall mean all tangibles and intangibles created directly or indirectly in connection with or arising out of an Order, Requester information (whether disclosed by or on behalf of Requester), or any of Service Provider’s obligations hereunder, including, without limitation, all patent, copyright, trademark, trade secret and other proprietary rights. Work Product may include without limitation all of the following, whether finished or unfinished: drafts, documents, writings, communications, plans, data, estimates, calculations, test results, specimens, schematics, drawings, tracings, studies, specifications, surveys, photographs, software programs, programs, reports, orders, maps, models, agreements and all derivative works thereof, ideas, concepts, discoveries, inventions, patents, know-how, negative know-how and improvements. For the avoidance of doubt, Deliverables shall also be considered Work Product.
*FKA “Science Exchange, Inc., Purchase Order Terms and Conditions”
2. Scope of Services.
Service Provider shall use its best efforts and assign properly trained, qualified and experienced personnel to perform the Services ethically, promptly, and diligently as outlined in the applicable Order and in accordance with this Agreement and all Applicable Laws. Service Provider represents and warrants that (I) it has facilities, computer systems, equipment, data and record management, and physical security measures in place that are compliant with Applicable Laws and industry best practices to perform the Services outlined in the applicable Order; (II) it has procedures in place to ship and receive Materials; (III) it meets any and all safety regulations as required by Applicable Laws to perform the applicable Order including but not limited to EPA, OSHA, GLP, GCP, GCLP, GMP, and CLIA regulations; (IV) it has the appropriate licenses and overview in place to perform the applicable Order including but not limited to AAALAC Accreditation, IACUC, IRB, and USDA license; (V) it has the right and authority to perform the Services contemplated under this Agreement, including with respect to any third party technology used to perform such Services; and (VI) the performance of its obligations hereunder do not violate any third party rights. Upon request and prior to providing Services that require adherence to Applicable Laws, Service Provider will subject itself to a full audit and inspection by Science Exchange and/or Requester to ensure adherence to relevant Applicable Laws as it pertains to the Services being offered via the Platform.
2.2 Animal Welfare.
To the extent that Services involve animals, animals shall be cared for and used in accordance with all Applicable Laws (e.g., NIH guidelines, ILAR Guide for the Care and Use of Laboratory Animals, Animal Welfare Act, AAALAC, International, etc.). For Services conducted in a country outside of the United States, comparable humane animal research regulations and guidelines shall be followed. Animal testing should be performed after consideration to replace animals, reduce the numbers of animals used or refine procedures to minimize distress. Alternatives should be used wherever scientifically valid and acceptable to regulators. Service Provider represents and warrants that its Institutional Animal Care and Use Committee (IACUC) will review and approve the animal research protocol. Service Provider shall be responsible for the care and treatment of any animals involved in the Services, including seeking any necessary veterinary care.
2.3 Prior Agreements.
At Requester’s sole discretion, it may choose to use the Platform to order Services from Service Provider using a prior agreement (the “Prior Agreement”), such Prior Agreement shall govern the Services ordered via the Platform. In such instance, Science Exchange’s sole responsibility is to act as the billing entity and purchase order processor. Notwithstanding the foregoing, it is understood and agreed between the Parties that Section 3.3 of this Agreement shall supersede the applicable section of the Prior Agreement between Requester and Service Provider. Furthermore, unless otherwise explicitly agreed to herein, Science Exchange disclaims all contractual liability as it relates to Services under any such Prior Agreement, and any disputes arising out of such Services shall be resolved in accordance with the Prior Agreement between Requester and Service Provider.
2.4 Additional Terms.
It is the intent of the Parties to include in this Agreement any and all applicable terms and conditions for the provision of Services required by Requester. However, in the event a Party requires the other Party or Requester or its/their employees, directors, officers, or Representatives to agree to additional terms beyond those contained herein, such Party shall have the right to add such terms to the respective Quote, provided, that the additional terms are agreed upon by the Parties and/or Requester prior to commencement of the Services. For the avoidance of doubt, such terms shall only be applicable to the respective Order and if such terms conflict with this Agreement, the terms of such Quote and/or Order shall prevail.
3. Service Contract.
Service Provider agrees that it will abide by all terms of this Agreement and warrants that it has the authority or has received approval from an authorized official of its institution to enter into this Agreement. Service Provider acknowledges and agrees that this contractual relationship is formed when Requester accepts a Quote for the Services being offered. In such an instance, the Service Provider agrees to perform the Order in accordance with the following: (I) this Agreement, (II) the Fees, (III) additional contractual provisions agreed upon by the Parties, and (IV) the Statement of Work accepted by both Requester and Service Provider, to the extent consistent with this Agreement (a “Service Contract”).
3.2 Non-Conforming Services.
In the event Services rendered by Service Provider do not meet the specifications as set forth in the applicable Order, at Requester’s option, Service Provider shall either (I) re-perform the non-conforming Services at its own cost within thirty (30) days after receiving notice from Requester of such non-conforming Services, or (II) reimburse Science Exchange any amounts paid and compensate Science Exchange for the cost of Materials used in the performance of the Services. In the event that any animal involved in the Services becomes moribund or seriously ill (except for illness or death due to treatment with the Material), Service Provider shall be required to replace such animal at Service Provider’s expense upon request by Requester or Science Exchange.
With respect to each Service Contract, Service Provider authorizes Science Exchange or Science Exchange’s third-party payment processor to collect the Fees for an Order from the Requester on behalf of the Service Provider. Science Exchange guarantees the payment of the applicable Fees to Service Provider’s indicated payment account in accordance with the payment terms set forth in the purchase order issued to Service Provider, provided the Order was performed in compliance with this Agreement and any additional terms as set forth in the Order. Service Provider is solely responsible for all costs incurred in using the Platform, performing Orders and determining, collecting, reporting and paying all applicable state and federal sales, income, and other taxes. After the commencement of an Order, should a Change Order be needed, such Change Order shall be documented and agreed to between the Service Provider and Requester (via the Science Exchange Platform). All payments shall be made in US Dollars at the agreed upon price stated in the Order, as issued by Science Exchange, regardless of any exchange rate.
Upon acceptance of a Quote, an Affiliate of a Party agrees to be bound by the terms and conditions of this Agreement applicable to Service Provider or Science Exchange, as the case may be, as if such Affiliate were a party hereto, to the extent such terms and conditions relate to performance under the Order. Each of Service Provider and Science Exchange shall be responsible for the performance of its respective Affiliates under the applicable Order.
Service Provider shall not subcontract any portion of an Order without the express written consent of Requester and Science Exchange. In the event Service Provider receives approval to use a subcontractor to perform any of its obligations under this Agreement or Order, Service Provider agrees to flow down the relevant terms and conditions contained herein to such subcontractor and enter into an agreement with such subcontractor that is substantially similar and at least as restrictive as the terms of this Agreement and respective Order.
Service Provider represents and warrants that Service Provider and its Representatives have not been and are not debarred, suspended or otherwise excluded from performing an Order. Such exclusions include, but are not limited to the United States Generic Drug Enforcement Act of 1992 (21 U.S.C. § 335(a)), as amended, exclusions from participating in any United States federal or state health care program pursuant to United States 42 U.S.C. § 1320a-7, et seq., as amended, Sections 306(a) or (b) of the U.S. Federal Food, Drug & Cosmetic Act, or in each case pursuant to any other equivalent or successor statutes, rules or regulations. If the Service Provider becomes aware that it, or any of its Representatives, become debarred or is the subject of an investigation that could cause it to be debarred, it represents and warrants that it shall immediately notify Science Exchange and Requester in writing.
6.1 Standard of Care.
Each Party agrees, during the term of the Order and thereafter: (I) to maintain the Confidential Information provided to it directly or indirectly by a Disclosing Entity in strict confidence, using at least the same standard of care that it, the Receiving Party, uses in protecting its own Confidential Information of a similar nature, which in no event shall be less than reasonable care; (II) not to disclose Confidential Information of the Disclosing Entity to any third party without first obtaining the Disclosing Entity’s prior written consent to such disclosure; (III) in the case of Service Provider, not to use Confidential Information of Requester for any purpose except to perform the Order in accordance with this Agreement; (IV) to maintain reasonable security measures to protect the Disclosing Entity’s Confidential Information against loss, theft or destruction; and (V) to return or (at the Disclosing Entity’s direction) destroy all Confidential Information of the Disclosing Entity (including the Materials or modified versions or derivatives thereof, in the event Service Provider is the returning Party) upon notice, completion, or abandonment of an Order or the earlier termination of this Agreement.
Confidential Information will not include any information, to the extent the Receiving Party can evidence through written record: (I) is now or hereafter becomes generally known or available to the public through no act or omission on the part of the Receiving Party; (II) was in Receiving Party’s possession prior to receiving such information from the Disclosing Entity; (III) is rightfully acquired by the Receiving Party from a third party who did not obtain it directly or indirectly from the Disclosing Entity and who has the right to disclose it to the Receiving Party; or (IV) is independently developed by the Receiving Party without access to any Confidential Information of the Disclosing Entity. Notwithstanding the foregoing and understood and agreed to by the Parties, the following shall in any event be deemed Requester’s Confidential Information: (I) any Materials (and any modified version and/or derivative thereof), (II) Work Product, Deliverables, or Request (III) all information relating to the identity, characteristics, or other activity of Materials, the uses to which Materials have been or may be put, and all related information obtained by virtue of access to any Materials.
A Party may disclose Confidential Information to its Representatives who have a bona fide need to know such Confidential Information in order to perform the Order in accordance with this Agreement, provided, however, that it has executed appropriate written agreements that are substantially similar to the Confidentiality provisions of this Agreement. Receiving Party will notify the Disclosing Entity of any unauthorized transfer, disclosure, loss, or use of any Confidential Information of the Disclosing Entity. If the Receiving Party is required or requested to disclose Confidential Information by judicial or administrative process, it shall promptly notify the Disclosing Entity and allow the Disclosing Entity a reasonable time and opportunity to oppose such process and/or seek a protective order. The Receiving Party shall disclose only the minimum Confidential Information required to be disclosed in order to comply, whether or not Disclosing Entity obtains a protective order or other similar order. Notwithstanding anything in this Agreement to the contrary, Science Exchange and Requester shall have the right to disclose any Confidential Information to a regulatory agency to the extent required or requested by such agency in connection with any regulatory filing, inspection or otherwise.
6.4 Unauthorized use.
Receiving Party agrees that Disclosing Entity may have the right to seek immediate equitable relief to enjoin any unauthorized use or disclosure of its Confidential Information, in addition to any other rights and remedies that it may have at law or otherwise. The Receiving Party understands and agrees that any unauthorized use or disclosure of the Disclosing Entity’s Confidential Information shall constitute a material breach of this Agreement. Such unauthorized use or disclosure will cause the Disclosing Entity irreparable harm leaving it without sufficient legal remedy and in addition to all other remedies, shall entitle the Disclosing Entity to seek injunctive relief.
6.5 Proprietary rights.
Receiving Party acknowledges and agrees that Disclosing Entity retains all proprietary rights to the Confidential Information. Nothing in this Agreement shall be construed to grant any rights, express or implied, by license or otherwise, in or to any Confidential Information of Disclosing Entity, or any intellectual property or proprietary rights of Disclosing Entity, except as specified in this Agreement.
7. Intellectual Property.
7.1 Work Product.
Without limiting any other remedies available in law or equity, Service Provider agrees that anything resulting from an Order, including, without limitation, any and all intellectual property is Work Product. Service Provider acknowledges and agrees that all right, title and interest in and to any Work Product shall be the sole property of Requester whether the Services to be performed are completed or not. Service Provider hereby assigns to Requester all of Service Provider’s right, title and interest in the Work Product. Service Provider shall ensure that, at no cost to Requester, all of Service Provider’s Representatives that contribute to any Work Product have agreed in advance in writing that all right, title and interest in such contributions is assigned and will be assigned to Requester or Service Provider, and that they waive any droit moral or similar rights to object to modifications, adjustments or additions to their contributions. If any agreements with any of Service Provider’s Representatives provide such rights in and to Work Product to Service Provider rather than to Requester, Service Provider shall acquire all such rights in such Representatives’ contributions by operation of this provision. All Work Product and any reproductions thereof shall be surrendered to Requester by Service Provider upon completion of the related Order or termination of an Order, whichever occurs first. Work Product may be used by Requester without restriction and may not be used by Service Provider or its Representatives, if any, without Requester’s prior written consent.
Requester will have the sole right to determine the treatment of any Work Product, including with respect to intellectual property or proprietary rights therein, to file and execute patent applications, to use and disclose them, or to take any other action that Requester deems appropriate. Service Provider agrees to cooperate with and assist Requester during and after the term of this Agreement to apply for, and to execute any applications, assignments, or other documents reasonably necessary to obtain, protect, evidence, or enforce any intellectual property rights or other statutory protection for Work Product, as Requester deems appropriate.
Service Provider agrees that if, in the course of performing the Services, Service Provider or Service Provider’s Representatives’ incorporates into any Work Product, or utilizes in the performance of the Services, any pre-existing invention, discovery, original works of authorship, development, improvements, trade secret, concept, or other proprietary information or intellectual property right owned by Service Provider or Service Provider’s Representative(s) or in which Service Provider or Service Provider’s Representative(s) has an interest (“Prior Inventions”), Service Provider hereby (I) grants to Requester a nonexclusive, royalty-free, perpetual, irrevocable, transferable, worldwide license (with the right to grant and authorize sublicenses) under such Service Provider Prior Inventions to make, have made, use, import, offer for sale, sell, reproduce, distribute, modify, adapt, prepare derivative works of, display, perform, and otherwise exploit the Work Product and Deliverables and (II) ensures that, at no cost to Requester, that Service Provider’s Representatives grant to Requester a nonexclusive, royalty-free, perpetual, irrevocable, transferable, worldwide license (with the right to grant and authorize sublicenses) under such Service Provider Representative’s Prior Inventions to make, have made, use, import, offer for sale, sell, reproduce, distribute, modify, adapt, prepare derivative works of, display, perform, and otherwise exploit the Work Product and Deliverables. Service Provider will not and shall ensure Service Provider’s Representatives will not incorporate any invention, improvement, development, concept, discovery, work of authorship or other proprietary information owned by any third party into any Work Product or Deliverables without Requester’s prior written authorization.
7.4 Science Exchange Platform.
Notwithstanding anything to the contrary, Science Exchange shall solely own all right, title and interest in and to the Platform and any improvements thereof, and all associated intellectual property rights.
8. Material Transfer.
8.1 To the extent that any Order provides that Requester supply Materials, Service Provider acknowledges and shall inform all personnel responsible for performing the Order or handling the Materials that; ALL SUCH MATERIALS ARE PROVIDED AS IS WITH NO WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. REQUESTER DOES NOT WARRANT OR MAKE ANY REPRESENTATION REGARDING THE USE, RESULTS OF THE USE, OR APPROPRIATENESS OF THE USE OF THE MATERIAL IN ACCORDANCE WITH AN ORDER. REQUESTER DOES NOT WARRANT THAT USE OF ANY MATERIAL WILL NOT INFRINGE ANY PATENT, COPYRIGHT, TRADEMARK, OR OTHER PROPRIETARY RIGHTS OF ANY THIRD PARTY.
8.2 Service Provider represents and warrants that it and its Representatives will (I) use the Materials solely for performance of the corresponding Order as set forth in the applicable Order and not for any other purpose; (II) store, handle, use and maintain the Materials in accordance with the applicable Order, industry best practices and any Applicable Laws; and (III) not use the Materials for any experiments in human subjects, clinical trials, or diagnostic purposes involving human subjects.
8.3 Service Provider and its Representatives shall not (I) provide or describe the Materials to any third-parties other than as necessary to perform the Order; (II) attempt to reverse engineer any of the Materials; (III) perform any studies to determine the structure, chemical composition, or other makeup of the Material; or (IV) make any derivatives or progeny of the Materials. The Materials are made available only for laboratory-testing purposes as expressly agreed in this Agreement and shall not be used in animals intended for food use. Upon the sooner to occur of (I) the completion of the applicable Order; (II) the expiration or termination of the applicable Order; or (III) the written request of Requester, Service Provider shall return any unused Materials to Requester or destroy Materials as directed by Requester.
8.4 All right, title, and interest to all Materials and any patent and intellectual property rights therein to all Materials shall remain in Requester. Nothing in this Agreement or any Order grants Service Provider or its Representatives, any rights in or to Materials, except the limited right to use such Materials or Requester Confidential Information as necessary to perform the corresponding Order (and as described therein).
Service Provider shall prepare and maintain complete and accurate Records relating to the performance of this Agreement and all costs, liabilities, and obligations incurred hereunder, including without limitation those relating to the Fees, until the expiration of five (5) years after completion of the applicable Order, or such longer period as required by Applicable Laws. All Records and accounts relating to financial matters must be in a format consistent with Generally Accepted Accounting Practices. Prior to destroying Records relating to any Order, Service Provider shall give at least thirty (30) days’ prior written notice to Requester. If requested by Science Exchange or Requester, Service Provider shall continue to retain Records, provided that Science Exchange agrees to pay the reasonable costs of retention during such additional period, or at Requester’s request and to the extent permitted by Applicable Laws, shall forward the Records to Requester. Should Service Provider fail to maintain such Records as required hereunder, Service Provider shall provide its good faith assistance and reimburse Science Exchange for its reasonable costs in recreating such Records. Requester and its Representatives, may, upon request, but not more than once every six (6) months, during normal business hours and after reasonable advance notice by Requester, inspect Service Provider’s facilities for quality assurance purposes, and inspect, copy, and audit their Records. In the event of Audit for Cause, Requester and its Representatives (during normal business hours and reasonable prior notice to Service Provider) shall be allowed to inspect or audit Service Provider’s facilities. To the extent applicable, at either Party or Requester’s request, an exit meeting shall be held to discuss Requester’s audit findings. In such event, Requester shall provide Service Provider with a written report summarizing its findings, and consequently, Service Provider shall provide Requester with a response to such findings, which shall include a plan for corrective and preventative actions designed to address reasonable concerns and shortcomings documented in the audit report. To the fullest extent possible, Service Provider shall endeavor to remedy such violations that relate to Service Provider’s compliance with the Order.
During the Term, Requester shall be entitled to access Service Provider’s facilities where the Order is performed and Records are being stored. Service Provider shall give Requester access to items such as standard operating procedures, policies and procedures, laboratory notebooks, or any other relevant information to evaluate the performance of the Order. Service Provider shall ensure that personnel able to address concerns are available during the visit. Service Provider agrees to notify Science Exchange and Requester within one (1) business day after it receives notice of a pending inspection/audit from a regulatory agency such as the FDA, which relates to an Order or Service Provider’s ability to perform an Order and to provide to Science Exchange and Requester copies of any documents provided to any inspector or auditor. Service Provider will forward to Science Exchange and Requester any written communication received from the regulatory agency as a result of the inspection/audit within one (1) business day of receipt from such agency. Written communication may include any audit report or findings that could have a direct or indirect impact on Service Provider’s ability to perform the Order, regardless if such written communication is for a specific Order. Service Provider agrees to allow Science Exchange and Requester to assist in responding to any citation issued by a regulatory agency that relates to an Order, and to cooperate with all reasonable requests of Science Exchange and Requester with respect to any such citation. Service Provider will give Science Exchange and Requester at least five (5) business days to review any response to a citation before it is forwarded to a regulatory agency. Service Provider shall respond to any citation within two (2) weeks of issuance or within an earlier deadline set by the issuing regulatory authority. In the event the FDA or other regulatory agency requests or requires any action to be taken, Service Provider will consult with Science Exchange and Requester, and will thereafter take, at Service Provider’s cost and expense, such reasonable action as necessary to address the issues raised in any citation or inspection.
11. WARRANTY DISCLAIMER.
SCIENCE EXCHANGE MAKES NO REPRESENTATIONS OR WARRANTIES, OF ANY KIND, EITHER EXPRESS OR IMPLIED, AS TO THE QUALITY OR RELIABILITY OF ANY INFORMATION PROVIDED BY ANY PARTY INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY, ACCURACY, FITNESS FOR A PARTICULAR PURPOSE, TITLE, AND NON-INFRINGEMENT, WHETHER ARISING OUT OF STATUTE, IN LAW OR FROM A COURSE OF DEALING OR USAGE OR TRADE, OR AS TO THE ACCURACY OF THE POSTINGS MADE ON THE PLATFORM BY ANY PARTY.
12. LIMITATION OF LIABILITY.
IN NO EVENT SHALL SCIENCE EXCHANGE INC., OR OUR LICENSORS OR THIRD-PARTIES BE LIABLE TO SERVICE PROVIDER OR ITS REPRESENTATIVES FOR ANY SPECIAL, INDIRECT, CONSEQUENTIAL, INCIDENTAL, OR PUNITIVE DAMAGES ARISING OUT OF OR RELATED TO THIS AGREEMENT OR THE PLATFORM, INCLUDING BUT NOT LIMITED TO, LOSS OF PROFITS, LOSS OF BUSINESS OPPORTUNITIES, OR LOSS OF GOODWILL, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. IN NO EVENT WILL REQUESTER OR ITS REPRESENTATIVES BE LIABLE TO SERVICE PROVIDER OR ANY THIRD PARTY FOR DAMAGES OF ANY KIND (WHETHER DIRECT OR INDIRECT) ARISING OUT OF OR RELATED TO EXPERIMENTAL SERVICES OR SERVICE CONTRACTS ENTERED INTO WITH RESPECT TO SUCH SERVICES. NOTWITHSTANDING ANYTHING TO THE CONTRARY STATED IN THIS AGREEMENT, IN NO EVENT WILL SCIENCE EXCHANGE’S, REQUESTER’S, OR THEIR REPRESENTATIVES’ AGGREGATE LIABILITY TO SERVICE PROVIDER ARISING OUT OF OR RELATED TO THIS AGREEMENT OR THE PLATFORM, WHETHER BASED ON CONTRACT, TORT, NEGLIGENCE, OR ANY OTHER THEORY OF LIABILITY, EXCEED THE LESSER OF (A) $1,000,000 OR (B) THE AGGREGATE AMOUNT OF FEES ACTUALLY COLLECTED BY SCIENCE EXCHANGE FROM REQUESTER FOR THE SERVICES TO WHICH THE LIABILITY RELATES DURING THE SIX (6) MONTH PERIOD IMMEDIATELY PRECEDING THE DETERMINATION OF SUCH LIABILITY.
13.1 Indemnification. Service Provider will, at its expense, indemnify, defend and hold harmless Science Exchange and Requester, its officers, directors, employees, and agents, against any claims, liabilities, losses, damages, expenses, charges and fees (including reasonable attorneys’ fees) arising out of or attributable to: (I) any breach of this Agreement by Service Provider or its Representatives, (II) any negligence or willful misconduct by Service Provider or its Representatives in the performance of this Agreement, (III) any breach of Applicable Laws by Service Provider or its Representatives, or (IV) any allegations that the Services and/or Work Product infringes any third-party’s intellectual property right, including without limitation, a copyright, patent or a trademark.
13.2 Indemnification Procedure.
13.2.1 Notice. In the event any such claim contemplated in Section 13 (Indemnification) is made, or action initiated, Science Exchange, Requester or their Representatives, officers, directors or employees (the “Indemnified Party”) shall promptly notify Service Provider (the “Indemnifying Party”) in writing of such actual or threatened claim to enable the Indemnifying Party to arrange for the defense of such claim, provided, however that failure to give prompt written notice shall not limit the rights to indemnification hereunder except to the extent that the Indemnifying Party is materially prejudiced by such failure.
13.2.2 Cooperation. The Indemnified Party shall cooperate with the Indemnifying Party in the investigation, defense and settlement of any claims when the Indemnifying Party controls the defense of any such claims. The Indemnifying Party shall provide a diligent defense against and/or final settlement of any claims brought or actions filed for the loss which is the subject of the foregoing indemnity.
13.2.3 Control of Defense. The Indemnifying Party shall have sole control over the defense and the right to enter into a full and final monetary settlement of the claims, at the Indemnifying Party’s sole expense and discretion, provided that the Indemnifying Party shall not agree to any settlement which imposes injunctive relief on, requires an admission of fault by, or does not include a complete release of the Indemnified Party without the consent of the Indemnified Party. In any such proceeding, the Indemnified Party shall have the right to retain its own counsel and participate in the defense of the claims, at the Indemnified Party’s expense, provided that the Indemnified Party shall not consent to the entry of any judgment or enter into any settlement with respect to the claims without the prior written consent of the Indemnifying Party, which consent must not be unreasonably withheld.
13.2.4 Non-exclusivity. The indemnification provided by this Agreement shall not be deemed exclusive of any other rights to which the Indemnified Party may be entitled to under this Agreement, any other agreement, applicable law, or otherwise.
14. Resolution of Disputes between Service Provider and Science Exchange.
If a dispute arises between Service Provider and Science Exchange, Parties agree that any claim or controversy at law or equity that arises out of or relates to this Agreement or an Order will be resolved in accordance with the terms of Section 15 of this Agreement. Before resorting to these alternatives, Service Provider agrees to first contact Science Exchange directly to seek dispute assistance via email at [email protected].
In the event that a dispute cannot be amicably resolved, each Party agrees to resolve any claim, dispute, or controversy between the Parties (excluding claims for injunctive or other equitable relief) arising out of or in connection with or relating to this Agreement, or the breach or alleged breach thereof (collectively, “Claims”), by binding arbitration by the American Arbitration Association (“AAA”) under the Commercial Arbitration Rules and Supplementary Procedures for Consumer Related Disputes then in effect for the AAA, except as provided herein. The arbitration will be conducted in the County of Santa Clara, CA. Each Party will be responsible for paying any AAA filing, and administrative and arbitrator fees in accordance with AAA rules. The award rendered by the arbitrator shall include costs of arbitration, reasonable attorneys’ fees and reasonable costs for expert and other witnesses, and any judgment on the award rendered by the arbitrator may be entered in any court of competent jurisdiction. Nothing in this Section shall prevent a Party from seeking injunctive or other equitable relief from the courts for matters related to data security, intellectual property, or unauthorized access to Science Exchange, Inc. ALL CLAIMS MUST BE BROUGHT IN THE PARTIES’ INDIVIDUAL CAPACITY, AND NOT AS A PLAINTIFF OR CLASS MEMBER IN ANY PURPORTED CLASS OR REPRESENTATIVE PROCEEDING, AND, UNLESS THE PARTIES AGREE OTHERWISE, THE ARBITRATOR MAY NOT CONSOLIDATE MORE THAN ONE PERSON’S CLAIMS. THE PARTIES AGREE THAT, BY ENTERING INTO THIS AGREEMENT, THE PARTIES ARE EACH WAIVING THE RIGHT TO A TRIAL BY JURY OR TO PARTICIPATE IN A CLASS ACTION. Notwithstanding the foregoing, if a Party is entering into this Agreement on behalf of a Government-Affiliated Entity (as defined below), and any Applicable Laws or governing policy restricts a Party from resolving Claims by binding arbitration as set forth above, then the Parties agree to submit their dispute to a mutually acceptable mediator to help them resolve their differences utilizing non-binding mediation. If after non-binding mediation occurs, the dispute is not resolved, the Parties are free to exercise all other legal and equitable rights.
16. Term & Termination.
Service Provider’s continued use of the Platform for the performance of Services via any Order(s) constitutes its acceptance of the Science Exchange, Inc. Service Provider Agreement, as updated from time to time. If Service Provider does not agree to any of these terms or any future changes thereto, Service Provider shall not use or access or, continue to access the Platform and shall not perform Services via any Order. At its sole discretion, Science Exchange may permanently or temporarily terminate or suspend User’s access to the Service without notice and liability for any reason, including if in our sole determination User has violated any provision of these Terms, or for no reason. Upon termination for any reason or no reason, User continues to be bound by this Agreement, and any Terms of this Agreement, which by their nature should survive termination, shall do so.
Science Exchange or Requester may terminate an Order at any time (I) by giving at least ten (10) days’ prior written notice to Service Provider, or (II) immediately by giving written notice to Service Provider, if termination is for safety or regulatory reasons, including but not limited to a request from the FDA or other regulatory authority or breach (or threatened breach) of the Confidentiality provisions. Upon the receipt of notice of termination of an Order from Science Exchange or Requester, Service Provider shall immediately cease performance of the Order, and comply with all reasonable requests and instructions of Science Exchange and Requester to wind down the Order in an orderly and safe manner while minimizing additional costs to Requester. Science Exchange’s sole obligation to Service Provider in the event of termination of an Order by Science Exchange or Requester shall be to pay any monies due and owing for Services properly performed and all reasonable expenses properly incurred in accordance with the applicable Order through the effective date of termination, provided that in the event of termination for default by Service Provider, Science Exchange shall not be obligated to make any further payments to Service Provider until Science Exchange and Requester have been fully compensated for damages suffered as a result of Service Provider’s default. Service Provider shall deliver to Requester within thirty (30) days from the effective date of termination all completed Deliverables, Work Product, work in process, Materials, results, information, data, reports, tables, graphs, programs, or other documents pertaining to the Order, unless otherwise directed by Science Exchange or Requester in writing.
17. Governing Law.
This Agreement and any action related thereto will be governed by the laws of the State of California without regard to its conflict of laws principles. Notwithstanding the foregoing, if a Party is entering this Agreement on behalf of a government-affiliated university, institute, organization, or other government-affiliated entity (a “Government-Affiliated Entity”), and any Applicable Laws or governing policy restricts such Party from entering into agreements governed under the laws of the State of California, then the Parties agree that the laws of the defendant shall govern the interpretation of this Agreement. Any suit, action, or proceeding to enforce the provisions of this Agreement shall be brought in the courts of the defendant and each Party hereby submits and consents to the exclusive personal jurisdiction of, and waives any objection to the laying of venue or claim of inconvenient forum in such court for the purpose of any such suit, action, or proceeding. For the avoidance of doubt, nothing in this Section 17 will preclude a Party from taking immediate steps to seek urgent equitable relief before an appropriate court.
18. Anti-Bribery Laws.
Service Provider, its Representatives, and anyone acting on its/their behalf shall not offer, make or promise any payment, either directly or indirectly, of money or other assets (“Payment”) to an official of any government, political party or international organization, or to any candidate for political office, or to any person acting on behalf of any of the foregoing (collectively, “Officials”), if such Payment is, or may be construed as being paid, for the purpose of influencing decisions or actions with respect to the subject matter of this Agreement or any other aspect of Science Exchange or Requester’s business, or would otherwise constitute a violation of any Applicable Laws. Furthermore, Service Provider represents and warrants on behalf of it and its Representatives that it will not commit any act or omission which causes or could cause it, Requester, Science Exchange or any Affiliates to breach, or commit an offence under, any Applicable Laws (including the Foreign Corrupt Practices Act) relating to anti-bribery and/or anti-corruption. Upon request, Service Provider shall provide written documentation to Science Exchange, which shows its conformance to this Section 18. The Parties agree that a breach of this Section 18 shall constitute a breach of this Agreement.
19. Employment Law.
For any performance required under this Agreement (I) between two business entities based in the United States of America and (II) being performed in the United States of America and/or its territories, Service Provider agrees that this Agreement shall be performed in compliance with the following, if applicable to Service Provider: the employee notice and related obligations found at 29 C.F.R. Part 471, Appendix A to Subpart A, Title VII of the Civil Rights Act of 1964; sections (1) and (3) of Executive Order No. 11625 relating to the promotion of Minority Business Enterprises; 41 CFR §§ 60-1.4(a); Americans with Disabilities Act; Age Discrimination in Employment Act; Fair Labor Standards Act; Family Medical Leave Act; and all corresponding implementing rules and regulations, all of which, including without limitation the contract clauses required and regulations promulgated thereunder, are incorporated herein by reference. Service Provider agrees to support the policy of not discriminating on the basis of age, sex, race, religion, color, national origin, physical or mental disability, or veteran status and abide by all laws, rules, and executive orders governing equal employment opportunity. Service Provider also agrees to make available to Science Exchange, upon reasonable request, proof of its efforts to comply with this Section.
No amendment or modification of this Agreement or any Order will be effective unless it is in writing and approved by Science Exchange. Notwithstanding the foregoing, Science Exchange shall have the right to update this Agreement as it sees fit. To the extent possible Science Exchange will provide notice to Service Provider of the changes to this Agreement; notwithstanding the foregoing, Service Provider warrants that it will review the terms and conditions on each Order to ensure compliance.
21. Use of Name.
The Parties shall not use the name of Requester or its Affiliates without the express written consent from Requester.
This Agreement, and any rights and licenses granted hereunder, may not be transferred or assigned by a Party without prior written consent of the respective Party, except that Requester may assign its rights under this Agreement, without the other Party’s consent, to an Affiliate or to a successor or acquirer, as the case may be, in connection with a merger, acquisition, or the sale of all or substantially all of Requester’s assets. Any attempted transfer or assignment in violation hereof shall be null and void. The Parties acknowledge and agree that the Requester is hereby an express intended third-party beneficiary to the terms and conditions of this Agreement, with full rights to enforce the terms herein.
23. Independent Contractor.
Service Provider is an independent contractor. Nothing contained in this Agreement creates a partnership, joint venture, employer/employee, principal-and-agent, or any similar relationship between the Service Provider and Science Exchange or Requester. Service Provider has no authority to, and shall not, act as agent for or on behalf of Science Exchange or Requester or represent or bind it in any manner. Service Provider will not be entitled to any of the benefits afforded to Science Exchange or Requester employees.
24. Human Subject Consent.
To the extent that Service Provider is required to provide Requester with cells, tissue, blood or any other bodily fluids collected from human subjects (“Donors”) as well as any derivatives thereof (“Human Substances”), Service Provider represents and warrants that to the extent any consent or authorization is required by Applicable Laws, or by applicable policy or other approval authority, (i.e. from the applicable Research Ethics Committee and/or Institutional Review Boards, HIPAA or GDPR), to be obtained in connection with the collection, maintenance or transfer of the Human Substances, such informed consent from Donors or authorization was or will be obtained as required, prior to transfer to Requester, for Requester’s use and/or the further use of such Human Substances in research projects such as the Services hereunder. Service Provider represents and warrants to Requester and Science Exchange that the provision of Human Substances and any Personal Data that is linked or linkable to a Donor, to Requester for research purposes is consistent with the signed informed consent or authorization previously secured, or to be secured. Accordingly, Service Provider represents and warrants that each Donor from whom Requester shall receive Human Substances has signed a valid consent form and such consent form shall (I) be in compliance with all Applicable Laws, (II) ensure that consent is freely given, specific and informed and (III) be stored by Service Provider for a period as required by Applicable Laws. Such consent forms shall be provided to Requester and/or Science Exchange upon request. Furthermore, Service Provider represents and warrants that (I) it has the right to transfer the Human Substances to Requester; (II) there are no third party claims of ownership or other rights to the Human Substances; (III) the Human Substances were and/or will be collected, and have been and/or will be maintained in accordance with all Applicable Laws, including laws relating to the acquisition of informed consent or authorization, and in accordance with all applicable regulations; (IV) to the extent that the collection of such Human Substances was or will be funded in whole or in part with funds from a third party (e.g., a government agency, a commercial sponsor), the transfer of the Human Substances to Requester is not inconsistent with the terms of any agreement between the Service Provider and such third party; and (V) the Human Substances will be provided in an anonymized manner and Service Provider will not disclose or otherwise make available to Requester any Personal Data of Donors (including, without limitation, any medical, physical, mental, genetic, biometric, social, mental, health or sexual data), give access to Requester to any code allowing identification of Donors or upload any Personal Data of Donors to the Platform. In the event that Requester provides Human Substances to Service Provider, Service Provider represents and warrants that it will not undertake any actions to determine Personal Data and it will handle, maintain and store Human Substances in accordance with this Agreement and all Applicable Laws.
25. Personal Data.
Collection, use, disclosure, retention and other processing of Personal Data may be regulated by certain privacy and data security laws. When collecting, using, disclosing, retaining or otherwise processing Personal Data pursuant to the Agreement, Service Provider agrees to comply with all applicable privacy and data security laws, rules and regulations and to collect, use, disclose or otherwise process Personal Data in compliance with the Agreement. For purposes of this Section, applicable privacy and data security laws, rules, and regulations include, but are not limited to, any applicable law related to the transmission, processing, communication or storage of Personal Data.
25.1 Handling of Personal Data.
To the extent that any Personal Data is transferred to, processed or accessed by Service Provider in the course of this Agreement, Service Provider shall process such Personal Data as a Data Processor on behalf of Science Exchange or Requester (as appropriate) as Data Controller, and in accordance with the following:
(a) Service Provider shall process Personal Data (I) to provide the Services as set out in this Agreement; (II) relating to the categories of Data Subjects instructed by Science Exchange or Requester in writing; and (III) in accordance with Applicable Laws.
(b) Service Provider will implement and maintain commercially reasonable, appropriate technical and organizational measures to protect Personal Data it processes against any attempted or actual unauthorized, accidental or unlawful processing, destruction, loss, damage, alteration, access or disclosure (each a “Security Incident”), including by compliance with Section 30 below. Additionally, such technical and organizational measures that Service Provider implements will reasonably and appropriately protect the confidentiality, integrity, availability, and security of Personal Data. Such safeguards shall include the encryption of sensitive Personal Data including, but not limited to, United States Social Security numbers (or the comparable identifiers in other countries), Driver’s License numbers, medical information, health insurance information, financial account information, Personal Data that is subject to Section 1798.150 of the California Consumer Privacy Act (“CCPA”), as well as special categories of Personal Data as defined in the General Data Protection Regulation (“GDPR”) when such data is transmitted or at rest, including but not limited to data located on laptops, back-up tapes, USB flash drives and other portable devices. For purposes of this Section, Service Provider shall consider the standards set forth in ISO/IEC 27002:2005 as commercially reasonable data protection controls and safeguards unless and until other such standards are supplied to Service Provider by Science Exchange from time to time.
(c) Service Provider shall ensure that any person it authorizes to process the Personal Data (including its Representatives) shall be subject to a strict duty of confidentiality (whether a contractual or statutory duty) and shall not permit any person to process the Personal Data who is not under such duty of confidentiality.
(d) Where Service Provider engages a subcontractor pursuant to Section 4 above to process the Personal Data, Service Provider must impose by binding contract the same data protection obligations upon such subcontractor as those set out in this Agreement. Service Provider shall remain fully liable for any acts or omissions of the subcontractor that leads to a breach of any data protection obligations set forth in this Agreement.
(e) Upon becoming aware of any Security Incident, Service Provider will immediately and no less than within five (5) days from the date of the Security Incident, notify Science Exchange in writing. Science Exchange and/or Requester have the right to control the Security Incident notification process. Service Provider shall take any and all appropriate steps to remedy or mitigate the effects or damage resulting from the Security Incident (including at the request or direction of Science Exchange and/or Requester). In addition, Service Provider shall provide Science Exchange and/or Requester with such further information, assistance or cooperation as they may require regarding the Security Incident and any dispute, inquiry, investigation or claim concerning the Security Incident upon request.
(f) Service Provider commits to cooperate and assist Science Exchange and/or Requester with regard to: (I) Science Exchange’s right to monitor processing operations; (II) the exercise of data subjects’ rights relating to their Personal Data (e.g., access, correction, erasure, etc.); and (III) any compliance obligations that Science Exchange and/or Requester may have under Applicable Laws including, but not limited to, to those under Articles 35 and 36 of the GDPR.
(g) Service Provider will promptly notify Science Exchange and Requester in the event that it receives any enquiry, communication or complaint from a Data Subject, regulator or other person relating to its processing of Personal Data under this Agreement. Service Provider will not respond directly to such enquiry, communication or complaint without Science Exchange and/or Requester’s express prior written consent and shall provide all reasonable and timely assistance in relation to such inquiry, communication or complaint.
(h) In the event of expiry or termination of the Agreement, Service Provider will, at Science Exchange’s option, delete or return all Personal Data to Science Exchange or Requester (as appropriate), save where Service Provider is required to retain copies under Applicable Laws in which case it will isolate and protect that Personal Data from any further processing except to the extent required by such Applicable Laws. Service Provider shall promptly send Science Exchange a written certification acknowledging that all Personal Data has been returned and/or destroyed;
(i) When collecting, using, disclosing, retaining or otherwise processing Personal Data for or on behalf of Science Exchange or Requester, Service Provider will use reasonable efforts to comply with Science Exchange privacy policies and any other applicable policies, including, without limitation, ones related to confidentiality and data security supplied by Science Exchange from time to time.
(j) Any collection, use, disclosure, retention and other processing of the Personal Data other than as contemplated by this Section and the Agreement will be deemed a material breach of the Agreement.
25.2 Standard Contractual Clauses.
If Service Provider or its subcontractors process Personal Data originating in the European Economic Area, Switzerland, and/or the United Kingdom in a country that has not been found to provide an adequate level of data protection under applicable privacy and data security laws, rules, and regulations, the Parties agree that the terms of the Standard Contractual Clauses attached hereto as Exhibit 1 shall apply. Each Party’s agreement to these terms and conditions shall be considered a signature to the Standard Contractual Clauses (including the appendices) to the extent that the Standard Contractual Clauses apply hereunder. Notwithstanding anything to the contrary, this Section 25.2 and Exhibit 1 may be amended by Science Exchange to address changes in applicable privacy and data security laws, rules, and regulations with fifteen (15) days’ notice to Service Provider.
25.3 Personal Data Audits.
Service Provider shall: (I) make available to Science Exchange and/or Requester all information necessary to demonstrate compliance with the data protection obligations set forth in this Agreement; and (II) permit Science Exchange and/or Requester to audit Service Provider’s compliance with this Section upon reasonable notice and during regular business hours.
26. Human Subject Services
In the event the Service(s) to be performed by Service Provider involve human subject interaction, the Service Provider warrants that it will report any adverse events immediately, and in no case less than twenty-four (24) hours. To the extent appropriate, the Parties will execute an amendment detailing the obligations of Service Provider regarding the human subject Service(s).
27. Payments to Covered Recipients.
In the event that the Service Provider is a Covered Entity or has a Covered Entity contribute to or perform any of Service Provider’s obligations hereunder, payments made by or on behalf of Science Exchange to each such Covered Entity or other compensation or consideration received by each such Covered Entity on account of its contributions to or performance of any of Service Provider’s obligations hereunder shall represent fair market value and comply with Applicable Laws, rules and regulations. Service Provider shall inform Science Exchange and Requester of any such payments made on behalf of Science Exchange to a Covered Entity in order to comply with Applicable Laws such as the Physician Payments Act. Service Providers understands and agrees that Science Exchange and/or Requester has a legal duty to disclose any such payments made to Covered Entities pursuant to 42 CFR 403.904 (Reports of Payments or Other Transfers of Value to Covered Recipients).
Service Provider, on behalf of itself and its Representatives, represents and warrants that it (I) has not and will not offer or give to Requester or Science Exchange gifts, entertainment, payments, loans, or other gratuities in order to or that may influence the award of a contract or obtain favorable treatment under this Agreement with Science Exchange or Requester and (II) has not and will not use federal funds to influence or attempt to influence any employee of the United States Federal government or a member of Congress in connection with this Agreement.
29. Export Control.
To comply with U.S. export control regulations, Requester may be required to obtain an export license prior to releasing certain technologies to non-US citizens depending on the person’s home country and resident status. Service Provider, and its Representatives, represents and warrants that it currently does not intend to use any person to perform Services under an Order who is a citizen of or has permanent residency in any country listed in Country Group E:1 (15 C.F.R. Part 740, Supplement No. 1) (and any amendments thereto or successor lists).
30. Information Technology Security.
30.1 Information Security.
Service Provider represents and warrants that it has an information security program that is based on industry standards applicable to its obligations hereunder such as (i) International Organization for Standardization (“ISO”) / International Electrotechnical Commission (“IEC”) ISO/IEC 2700X; (ii) American Institute of Certified Public Accountants (“AICPA”) Trust Services Principles, Criteria and Illustrations; (iii) Information Security Forum (“ISF”) Standards of Good Practice (“SoGP”) for Information Security; (iv) National Institute of Standards and Technology (“NIST”) Special Publication 800-53 - Security and Privacy Controls for Federal Information Systems and Organizations; or (v) Information Systems Audit and Control Association (“ISACA”) Control Objectives for Information and related Technology (COBIT). Science Exchange shall have the right to perform an audit of Service Provider’s IT security on an as needed basis.
30.2 Data Security.
Service Provider shall encrypt all information it transmits between Science Exchange and Requester, and their Representatives. Encryption will utilize industry standard algorithms with a minimal key length of 128 bit.
30.3 Access Control.
Service Provider shall maintain controls to prohibit third parties (other than its Representatives, who, pursuant to the terms of the Agreement, are permitted access) from accessing Confidential Information. Service Provider shall use authentication and authorization technologies for service, user and administrator level accounts in accordance with AICPA. Service Provider shall ensure procedures exist for prompt modification or termination of access rights in response to any Service Provider organizational changes. Service Provider shall ensure procedures exist for the accounts with privileged access rights (e.g., system administration privileges). Service Provider shall periodically review the necessity of privileged access accounts.
30.4 Physical Security.
Service Provider shall ensure that it has adequate processes in place to protect its devices and terminals used to support the Services hereunder from fire, theft, acts of god, or other damages whether it be by accident or deliberate means.
30.5 Risk Assessment.
Upon written request by Science Exchange, Service Provider shall, no more than once per calendar year, subject itself to a risk assessment in accordance with Science Exchange guidelines and/or Applicable Laws. The risk assessment shall be provided to Service provider by Science Exchange and shall be returned within forty-five (45) days after receipt.
30.6 Disaster Recovery and Business Continuity Plan.
During the Term, Service Provider will maintain and adequately support a disaster recovery and business continuity program (“Disaster Recovery and Business Continuity Program”) that ensures the continuous operation and, in the event of an interruption, the recovery of all material business functions needed to meet Service Provider’s obligations under this Agreement. The Disaster Recovery and Business Continuity Program will include, at a minimum, a detailed disaster recovery plan, which describes the management methodology, management team, emergency contact persons, and specific plans for potential risks that may disrupt Service Provider’s operations. The plan shall meet and be consistent with generally accepted industry standards. Upon written request, Service Provider will provide a copy and overview of the plan to Science Exchange.
Service Provider shall maintain adequate levels and types of insurance coverage appropriate to its business and profession to cover its indemnity obligations hereunder, as required by Applicable Laws, and consistent with the its performance hereunder with such coverage levels and types to include, at a minimum, and without limitation, insurance required by Applicable Laws with respect to Service Provider’s status as an employer, workers’ compensation, comprehensive general liability, employer’s liability, and automobile liability. Service Provider’s insurance coverage must be primary coverage. All insurance coverage must be in full force and effect at all times during the performance of Service Provider’s obligations hereunder. At Science Exchange’s request, Service Provider must submit to Science Exchange a certificate of insurance on the ACORD form evidencing the above coverages.
32. Force Majeure.
A Party shall not be deemed in default of this Agreement, nor shall it hold another Party responsible, for any cessation, interruption or delay in the performance of its obligations (excluding payment obligations) due to earthquake, flood, fire, storm, natural disaster, act of God, acts of government, war, terrorism, armed conflict, labor strike, lockout, boycott or other similar events beyond the reasonable control of the Party whose performance has been affected; provided, however, the affected Party shall provide prompt written notice to the other Party of such cessation, interruption or delay, and shall use commercially reasonable efforts to avoid or remove such causes of non-performance and continue its performance whenever such causes are removed.
33. No Conflict.
Service Provider represents and warrants to Science Exchange that Service Provider is not, and covenants that it will not, and is responsible for ensuring its employees and Representatives do not become, a party to any agreement or arrangement which would constitute a conflict of interest or that would conflict with the terms of this Agreement. Such a conflict includes but is not limited to a conflict with respect to ownership of Work Product, or a conflict that would prevent such Party from carrying out its obligations under this Agreement.
A Party’s failure or neglect to enforce any of its rights under this Agreement or applicable Order will not be deemed to be a waiver of that Party’s rights to enforce its rights under such Agreement or applicable Order.
35. Entire Agreement / Severability.
This Agreement, together with any amendments and any additional agreements a Party may enter into with a Party in connection with Science Exchange Inc., shall constitute the entire agreement between the Parties. If a court of competent jurisdiction deems any provision or portion of this Agreement to be invalid, the invalidity of such provision shall not affect the validity of the remaining portion of such provision and any other provisions of this Agreement, which shall remain in full force and effect.
The provisions of this Agreement which expressly or by their nature survive expiration or termination of this Agreement, including, but not limited to, Sections 1 (Definitions), 2 (Scope of Services), 3 (Service Contract), 5 (Debarment), 6 (Confidentiality), 7 (Intellectual Property), 8 (Material Transfer), 9 (Records), 10 (Inspection), 11 (Warranty Disclaimer), 12 (Limitation of Liability), 13 (Indemnification), 14 (Resolution of Disputes between Service Provider and Science Exchange), 15 (Arbitration), 16 (Term & Termination), 17 ( Governing Law), 18 (Anti-Bribery Laws), 19 (Employment Law), 20 (Changes), 21 (Use of Name), 24 (Human Subject Consent), 25 (Personal Data), 26 (Human Subject Services), 27 (Payments to Covered Entities and/or Individuals), 28 (Gratuities), 29 (Export Control), 30 (Information Technology Security), 34 (Waiver), 35 (Entire Agreement/Severability ), Section 36 (Survival), and Exhibit 1 will remain in effect after the expiration or termination of this Agreement or applicable Order.
Standard Contractual Clauses (Processors)
For the purposes of Article 26(2) of Directive 95/46/EC for the transfer of personal data to processors established in third countries which do not ensure an adequate level of data protection.
Name of the data exporting organization: Science Exchange.
(the data exporter)
Name of the data importing organization: Service Provider.
(the data importer)
each a “party”; together “the parties”,
HAVE AGREED on the following Contractual Clauses (the Clauses) in order to adduce adequate safeguards with respect to the protection of privacy and fundamental rights and freedoms of individuals for the transfer by the data exporter to the data importer of the personal data specified in Appendix 1.
For the purposes of the Clauses:
(a) ’personal data’, ’special categories of data’, ’process/processing’, ’controller’, ’processor’, ’data subject’ and ’supervisory authority’ shall have the same meaning as in Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data;
(b) ’the data exporter’ means the controller who transfers the personal data;
(c) ’the data importer’ means the processor who agrees to receive from the data exporter personal data intended for processing on his behalf after the transfer in accordance with his instructions and the terms of the Clauses and who is not subject to a third country’s system ensuring adequate protection within the meaning of Article 25(1) of Directive 95/46/EC;
(d) ’the subprocessor’ means any processor engaged by the data importer or by any other subprocessor of the data importer who agrees to receive from the data importer or from any other subprocessor of the data importer personal data exclusively intended for processing activities to be carried out on behalf of the data exporter after the transfer in accordance with his instructions, the terms of the Clauses and the terms of the written subcontract;
(e) ’the applicable data protection law_ ’ _ means the legislation protecting the fundamental rights and freedoms of individuals and, in particular, their right to privacy with respect to the processing of personal data applicable to a data controller in the Member State in which the data exporter is established;
(f) ’technical and organizational security measures’ means those measures aimed at protecting personal data against accidental or unlawful destruction or accidental loss, alteration, unauthorized disclosure or access, in particular where the processing involves the transmission of data over a network, and against all other unlawful forms of processing.
Details of the transfer
The details of the transfer and in particular the special categories of personal data where applicable are specified in Appendix 1 which forms an integral part of the Clauses.
Third-party beneficiary clause
The data subject can enforce against the data exporter this Clause, Clause 4(b) to (i), Clause 5(a) to (e), and (g) to (j), Clause 6(1) and (2), Clause 7, Clause 8(2), and Clauses 9 to 12 as third-party beneficiary.
The data subject can enforce against the data importer this Clause, Clause 5(a) to (e) and (g), Clause 6, Clause 7, Clause 8(2), and Clauses 9 to 12, in cases where the data exporter has factually disappeared or has ceased to exist in law unless any successor entity has assumed the entire legal obligations of the data exporter by contract or by operation of law, as a result of which it takes on the rights and obligations of the data exporter, in which case the data subject can enforce them against such entity.
The data subject can enforce against the subprocessor this Clause, Clause 5(a) to (e) and (g), Clause 6, Clause 7, Clause 8(2), and Clauses 9 to 12, in cases where both the data exporter and the data importer have factually disappeared or ceased to exist in law or have become insolvent, unless any successor entity has assumed the entire legal obligations of the data exporter by contract or by operation of law as a result of which it takes on the rights and obligations of the data exporter, in which case the data subject can enforce them against such entity. Such third-party liability of the subprocessor shall be limited to its own processing operations under the Clauses.
The parties do not object to a data subject being represented by an association or other body if the data subject so expressly wishes and if permitted by national law.
Obligations of the data exporter
The data exporter agrees and warrants:
(a) that the processing, including the transfer itself, of the personal data has been and will continue to be carried out in accordance with the relevant provisions of the applicable data protection law (and, where applicable, has been notified to the relevant authorities of the Member State where the data exporter is established) and does not violate the relevant provisions of that State;
(b) that it has instructed and throughout the duration of the personal data processing services will instruct the data importer to process the personal data transferred only on the data exporter’s behalf and in accordance with the applicable data protection law and the Clauses;
(c) that the data importer will provide sufficient guarantees in respect of the technical and organizational security measures specified in Appendix 2 to this contract;
(d) that after assessment of the requirements of the applicable data protection law, the security measures are appropriate to protect personal data against accidental or unlawful destruction or accidental loss, alteration, unauthorized disclosure or access, in particular where the processing involves the transmission of data over a network, and against all other unlawful forms of processing, and that these measures ensure a level of security appropriate to the risks presented by the processing and the nature of the data to be protected having regard to the state of the art and the cost of their implementation;
(e) that it will ensure compliance with the security measures;
(f) that, if the transfer involves special categories of data, the data subject has been informed or will be informed before, or as soon as possible after, the transfer that its data could be transmitted to a third country not providing adequate protection within the meaning of Directive 95/46/EC;
(g) to forward any notification received from the data importer or any subprocessor pursuant to Clause 5(b) and Clause 8(3) to the data protection supervisory authority if the data exporter decides to continue the transfer or to lift the suspension;
(h) to make available to the data subjects upon request a copy of the Clauses, with the exception of Appendix 2, and a summary description of the security measures, as well as a copy of any contract for subprocessing services which has to be made in accordance with the Clauses, unless the Clauses or the contract contain commercial information, in which case it may remove such commercial information;
(i) that, in the event of subprocessing, the processing activity is carried out in accordance with Clause 11 by a subprocessor providing at least the same level of protection for the personal data and the rights of data subject as the data importer under the Clauses; and
(j) that it will ensure compliance with Clause 4(a) to (i).
Obligations of the data importer
The data importer agrees and warrants:
(a) to process the personal data only on behalf of the data exporter and in compliance with its instructions and the Clauses; if it cannot provide such compliance for whatever reasons, it agrees to inform promptly the data exporter of its inability to comply, in which case the data exporter is entitled to suspend the transfer of data and/or terminate the contract;
(b) that it has no reason to believe that the legislation applicable to it prevents it from fulfilling the instructions received from the data exporter and its obligations under the contract and that in the event of a change in this legislation which is likely to have a substantial adverse effect on the warranties and obligations provided by the Clauses, it will promptly notify the change to the data exporter as soon as it is aware, in which case the data exporter is entitled to suspend the transfer of data and/or terminate the contract;
(c) that it has implemented the technical and organizational security measures specified in Appendix 2 before processing the personal data transferred;
(d) that it will promptly notify the data exporter about:
(i) any legally binding request for disclosure of the personal data by a law enforcement authority unless otherwise prohibited, such as a prohibition under criminal law to preserve the confidentiality of a law enforcement investigation,
(ii) any accidental or unauthorized access, and
(iii) any request received directly from the data subjects without responding to that request, unless it has been otherwise authorised to do so;
(e) to deal promptly and properly with all inquiries from the data exporter relating to its processing of the personal data subject to the transfer and to abide by the advice of the supervisory authority with regard to the processing of the data transferred;
(f) at the request of the data exporter to submit its data processing facilities for audit of the processing activities covered by the Clauses which shall be carried out by the data exporter or an inspection body composed of independent members and in possession of the required professional qualifications bound by a duty of confidentiality, selected by the data exporter, where applicable, in agreement with the supervisory authority;
(g) to make available to the data subject upon request a copy of the Clauses, or any existing contract for subprocessing, unless the Clauses or contract contain commercial information, in which case it may remove such commercial information, with the exception of Appendix 2 which shall be replaced by a summary description of the security measures in those cases where the data subject is unable to obtain a copy from the data exporter;
(h) that, in the event of subprocessing, it has previously informed the data exporter and obtained its prior written consent;
(i) that the processing services by the subprocessor will be carried out in accordance with Clause 11;
(j) to send promptly a copy of any subprocessor agreement it concludes under the Clauses to the data exporter.
The parties agree that any data subject, who has suffered damage as a result of any breach of the obligations referred to in Clause 3 or in Clause 11 by any party or subprocessor is entitled to receive compensation from the data exporter for the damage suffered.
If a data subject is not able to bring a claim for compensation in accordance with paragraph 1 against the data exporter, arising out of a breach by the data importer or his subprocessor of any of their obligations referred to in Clause 3 or in Clause 11, because the data exporter has factually disappeared or ceased to exist in law or has become insolvent, the data importer agrees that the data subject may issue a claim against the data importer as if it were the data exporter, unless any successor entity has assumed the entire legal obligations of the data exporter by contract of by operation of law, in which case the data subject can enforce its rights against such entity.
The data importer may not rely on a breach by a subprocessor of its obligations in order to avoid its own liabilities.
If a data subject is not able to bring a claim against the data exporter or the data importer referred to in paragraphs 1 and 2, arising out of a breach by the subprocessor of any of their obligations referred to in Clause 3 or in Clause 11 because both the data exporter and the data importer have factually disappeared or ceased to exist in law or have become insolvent, the subprocessor agrees that the data subject may issue a claim against the data subprocessor with regard to its own processing operations under the Clauses as if it were the data exporter or the data importer, unless any successor entity has assumed the entire legal obligations of the data exporter or data importer by contract or by operation of law, in which case the data subject can enforce its rights against such entity. The liability of the subprocessor shall be limited to its own processing operations under the Clauses.
Mediation and jurisdiction
- The data importer agrees that if the data subject invokes against it third-party beneficiary rights and/or claims compensation for damages under the Clauses, the data importer will accept the decision of the data subject:
(a) to refer the dispute to mediation, by an independent person or, where applicable, by the supervisory authority;
(b) to refer the dispute to the courts in the Member State in which the data exporter is established.
- The parties agree that the choice made by the data subject will not prejudice its substantive or procedural rights to seek remedies in accordance with other provisions of national or international law.
Cooperation with supervisory authorities
The data exporter agrees to deposit a copy of this contract with the supervisory authority if it so requests or if such deposit is required under the applicable data protection law.
The parties agree that the supervisory authority has the right to conduct an audit of the data importer, and of any subprocessor, which has the same scope and is subject to the same conditions as would apply to an audit of the data exporter under the applicable data protection law.
The data importer shall promptly inform the data exporter about the existence of legislation applicable to it or any subprocessor preventing the conduct of an audit of the data importer, or any subprocessor, pursuant to paragraph 2. In such a case the data exporter shall be entitled to take the measures foreseen in Clause 5 (b).
The Clauses shall be governed by the law of the Member State in which the data exporter is established.
Variation of the contract
The parties undertake not to vary or modify the Clauses. This does not preclude the parties from adding clauses on business related issues where required as long as they do not contradict the Clause.
The data importer shall not subcontract any of its processing operations performed on behalf of the data exporter under the Clauses without the prior written consent of the data exporter. Where the data importer subcontracts its obligations under the Clauses, with the consent of the data exporter, it shall do so only by way of a written agreement with the subprocessor which imposes the same obligations on the subprocessor as are imposed on the data importer under the Clauses. Where the subprocessor fails to fulfil its data protection obligations under such written agreement the data importer shall remain fully liable to the data exporter for the performance of the subprocessor’s obligations under such agreement.
The prior written contract between the data importer and the subprocessor shall also provide for a third-party beneficiary clause as laid down in Clause 3 for cases where the data subject is not able to bring the claim for compensation referred to in paragraph 1 of Clause 6 against the data exporter or the data importer because they have factually disappeared or have ceased to exist in law or have become insolvent and no successor entity has assumed the entire legal obligations of the data exporter or data importer by contract or by operation of law. Such third-party liability of the subprocessor shall be limited to its own processing operations under the Clauses.
The provisions relating to data protection aspects for subprocessing of the contract referred to in paragraph 1 shall be governed by the law of the Member State in which the data exporter is established.
The data exporter shall keep a list of subprocessing agreements concluded under the Clauses and notified by the data importer pursuant to Clause 5 (j), which shall be updated at least once a year. The list shall be available to the data exporter’s data protection supervisory authority.
Obligation after the termination of personal data processing services
The parties agree that on the termination of the provision of data processing services, the data importer and the subprocessor shall, at the choice of the data exporter, return all the personal data transferred and the copies thereof to the data exporter or shall destroy all the personal data and certify to the data exporter that it has done so, unless legislation imposed upon the data importer prevents it from returning or destroying all or part of the personal data transferred. In that case, the data importer warrants that it will guarantee the confidentiality of the personal data transferred and will not actively process the personal data transferred anymore.
The data importer and the subprocessor warrant that upon request of the data exporter and/or of the supervisory authority, it will submit its data processing facilities for an audit of the measures referred to in paragraph 1.
APPENDIX 1 TO THE STANDARD CONTRACTUAL CLAUSES
This Appendix forms part of the Clauses and must be completed by the parties.
The Member States may complete or specify, according to their national procedures, any additional necessary information to be contained in this Appendix.
The data exporter is: Science Exchange.
The data importer is: Service Provider.
The personal data transferred concern the following categories of data subjects: Data Subjects whose Personal Data is processed pursuant to the Agreement.
Categories of data
The personal data transferred concern the following categories of data: Personal Data that is processed pursuant to the Agreement.
Special categories of data (if appropriate)
The personal data transferred concern the following special categories of data: Personal Data that is considered a special category of personal data under Applicable Laws and processed pursuant to the Agreement.
The personal data transferred will be subject to the following basic processing activities: Processing to provide the Services in accordance with the Agreement.
APPENDIX 2 TO THE STANDARD CONTRACTUAL CLAUSES
This Appendix forms part of the Clauses and must be completed by the parties.
Description of the technical and organizational security measures implemented by the data importer in accordance with Clauses 4(d) and 5(c):
Service Provider will implement and maintain appropriate technical and organizational measures to protect Personal Data in accordance with the Agreement.