Thru Software Usage Licensing Agreement (SULA)

The service, usage and licensing Agreement (the “Agreement”) is made and entered into by and between (“The Customer”),and Thru, INC. (“Thru”), 909 Lake Carolyn Parkway, Suite 1500, Irving, TX 75039.

Overview

Purpose

This Agreement outlines the performance, security, and licensing terms under which Thru provides its Managed File Transfer Service to Customers and Affiliates.

Services

Thru shall deliver:

(i) Software Licensing - Usage rights to the Thru software, upgrades, fixes, and releases.

(ii) Cloud Hosting - Platform hosting services for the Thru environment.

(iii) Technical Support - Ongoing support for the software and hosting capabilities.

These together constitute the Thru Services.

Applicability

The Thru Services and Software are available to Customer Affiliates under the same terms herein. Affiliates are entities controlling, controlled by, or under common control with Customer, where control equates to 50%+ direct/indirect ownership.

PRIVACY

Thru’s Privacy Policy can be viewed at http://www.Thruinc.com/privacy-policy/

SERVICE LEVEL AGREEMENT

Thru shall comply with its Service Level Agreement, is hereto attached as Exhibit “B”

GRANT OF LICENSE & RESTRICTIONS

Subject to applicable restrictions herein, in partial consideration for Customer’s payment of the fees for provided products and services set forth in the Service Plan attached hereto as Exhibit “A” (the “Service Plan”), Thru hereby grants Customer a limited and non-exclusive, non-transferable license, to use Thru Software as defined in Section 6, and all terms and conditions contained in this Agreement. The following are impermissible, whether done directly or indirectly, and/or wholly or partially: use or resale for use in connection with actual construction, maintenance, and/or operation of any nuclear facility, aircraft, aircraft communication or aircraft ground support system, or life support system (“High Risk Use”), for which the Thru Software is neither designed nor intended; making the Thru Software available in any way on an application service provider basis, as a sublicense, or as a bureau service; any attempt to derive source code to the Thru Software; disturbance of any notices of intellectual property or other proprietary rights; and, except as to on-line documentation copied for archival purposes, any copying of documentation. Thru TRANSFERS NO OWNERSHIP INTEREST IN Thru SOFTWARE. Thru may, at its sole discretion, determine which of its Thru Products to continue to make available and/or support over time, provided that it will provide Customer with at least 180 days prior written notice before discontinuing availability or support. Thru reserves all rights not expressly granted.

BILLING

Thru will invoice the Customer on a [monthly/quarterly/annual] basis for:

SaaS Subscription Fees
- Based on the plan(s) and unit volumes purchased by Customer
- Prorated from service activation date if mid-billing cycle
Usage-Based Overage Fees
- If actual usage exceeds subscribed amounts (bandwidth, storage etc.)
Professional Service Fees
- Consulting, integration work if purchased separately

Invoices are due net 30 days from the invoice date. All fees are exclusive of taxes, which will be added as applicable. Non-payment beyond 10 days after due date may result in suspension of services. Any disputed charges must be notified within 7 days of the invoice date.

TERM

The initial term of this Agreement (“Initial Term”) commences on the Service Plan Start Date and continues through the Service Plan End Date, as set forth in the Service Plan.

TERMINATION UPON EXPIRATION

This Agreement may be terminated, as follows: (a) by either party upon 30 days written notice specifying breach if the other party fails to comply with any of the material terms or conditions of this Agreement unless, within the period of notice, all specified breaches have been cured; or (b) without notice if either party has a receiver, administrator or liquidator appointed to the whole or any substantial part of its assets or if an order is made or resolution passed for the winding up of the party, which is not revoked within 7 days; or (c) pursuant to the provisions of Section 7 of this Agreement (Customer’s rejection of price increase). In the event this Agreement is terminated for any reason, Thru will make available Customer Data within 30 days of termination if Customer so requests during such 30-day period. Customer agrees and acknowledges that Thru has no obligation to retain the Customer Data, and may delete such Customer Data, more than 30 days after termination.

REPRESENTATION & WARRANTIES

Each party represents and warrants that it has the legal power and authority to enter into this Agreement. Thru represents and warrants that: (a) it will provide the Service(s) in a manner consistent with general industry standards reasonably applicable to the provision thereof; (b) that the Service(s) will perform substantially in accordance with the Thru documentation under normal use and circumstances; (c) no claim, lien, or action exists or is threatened against Thru that would interfere with Customer’s rights under this Agreement; (d) the deliverables under this Agreement do not contain harmful code; (e) it will not use, disclose, or transfer to any third party or across international borders any information that is processed for Customer that may identify an individual (“Personal Data”) or any Confidential Information, except as expressly provided herein; and (f) it will comply with all applicable data privacy laws and regulations, will implement and maintain appropriate technical and other protections for the Personal Data, and will cooperate fully with Customer requests for access to, correction of, and destruction of Personal Data or Confidential Information (defined below) in Thru ’s possession. Customer represents and warrants that Customer has not falsely identified itself or provided any false information to gain access to the Service(s) and that as of the Effective Date the Customer billing information set forth in Exhibit “A” is correct.

CONFIDENTIAL INFORMATION

“Confidential Information” means any and all information disclosed by either party to the other which is marked “confidential” or “proprietary”, or which the recipient knows or has reason to know is regarded by the disclosing party as such, including oral information. “Confidential Information” does not include any information that the receiving party can demonstrate by its written records: (a) was known to it prior to its disclosure hereunder by the disclosing party; (b) is or becomes known through no wrongful act of the receiving party; (c) has been rightfully received from a third party authorized to make such a disclosure; (d) is independently developed by the receiving party; (e) has been approved for release with the disclosing party’s prior written authorization; or (f) has been disclosed by court order or as otherwise required by law, provided that the party required to disclose the information provides prompt advance notice to enable the other party to seek a protective order or otherwise prevent such disclosure.

OBLIGATION

Neither party will use any Confidential Information of the disclosing party except as necessary to exercise its rights or perform its obligations pursuant to this Agreement or as expressly authorized in writing by the other party. Each party shall use the same degree of care to protect the disclosing party’s Confidential Information as it uses to protect its own confidential information of like nature, but in no circumstances less than reasonable care. Neither party shall disclose the other party’s Confidential Information to any person or entity other than its officers, employees, consultants and legal advisors who need access to such Confidential Information in order to effect the intent of the Agreement and who have entered into written confidentiality agreements with it as least as restrictive as those this Section 5. Upon any termination of this Agreement, the receiving party will promptly return to the disclosing party or destroy, at the disclosing party’s option, all of the disclosing party’s Confidential Information.

JOINT PROMOTION

The parties may mutually agree to engage in joint marketing promotions to drive awareness, interest, and adoption for the SaaS platform. These joint promotions could include but are not limited to:

Webinars showcasing product capabilities
Publication of case studies documenting customer success
Referencing each other in respective marketing communications
Social media cross-promotion of announcements and news
Event sponsorship of conferences attended by the other
Contribute blog submissions to each other's websites
Participate in interviews for the other's marketing assets
Quote each other in press releases or reports

If pursuing any joint promotion, both parties should mutually agree via email on the details of the campaign including roles, responsibilities, usage rights procedures, and measures of success. Neither party is bound to participate unless expressly confirming based on the specifics of that marketing collaboration.

EFFECT OF TERMINATION

Upon expiration or termination of this Agreement, Customer shall cease all use of the Services, and shall promptly return all copies of the User Guide to Thru or else destroy those copies and provide assurances (signed by an officer of Customer) to Thru that it has done so.

MUTUAL INDEMNIFICATION

Indemnification “A”. Customer shall indemnify and hold Thru, its licensors and each such party's parent organizations, subsidiaries, affiliates, officers, directors, employees, attorneys and agents harmless from and against any and all third party claims, costs, damages, losses, liabilities and expenses (including attorneys' fees and costs) arising out of or in connection with a claim alleging that any Product infringes the rights of, or has caused harm to, a third party if Customer used the Product in violation of the instructions. Thru will (a) give written notice of the claim promptly to Customer; provided, however, that the failure to give such notice promptly to Customer shall not relieve Customer of its indemnification liability hereunder unless Customer is materially prejudiced in asserting any defense, counter-claim or cross-claim to such claim; (b) give Customer control of the defense and settlement of the claim (provided that Customer may not settle or defend any claim without Thru’s written consent and Thru may participate in the defense of such claim at its own expense); and (c) provide to Customer all information reasonably requested by Customer and reasonable assistance.

Indemnification “B”. Thru shall indemnify and hold Customer and Customer’s parent organizations, subsidiaries, affiliates, officers, directors, employees, attorneys and agents harmless from and against any and all claims, costs, damages, losses, liabilities and expenses (including attorneys' fees and costs) arising out of or in connection with: (i) a claim, which if true, would constitute a violation by Thru of its representations or warranties; or (ii) a claim arising from breach of this Agreement by Thru; provided that Customer (a) promptly gives written notice of the claim to Thru; provided that the failure to give such notice promptly to Thru shall not relieve Thru of its indemnification liability hereunder unless Thru is materially prejudiced in asserting any defense, counter-claim or cross claim to such claim; (b) gives Thru control of the defense and settlement of the claim (provided that Thru may not settle or defend any claim without Customer’s written consent and Customer may participate in defense of such claim at its own expense);and (c) provide to Thru all information reasonably requested by Thru and reasonable assistance and (d) Thru has not compromised or settled such claim. Except as provided below, Thru agrees to indemnify, defend and hold harmless Customer from and against any and all claims that the Products infringe the intellectual property rights of a third party. In the event of such third party claims of infringement, Thru shall have the option, at its expense, to (i) modify the Product to be non-infringing; or (ii) obtain for Customer a license to continue use of the Product. If it is not commercially reasonable to perform either of the above options, then Thru may terminate the right to use the Product and refund the fees paid for such Product.

DISCLAIMER OF WARRANTIES

EXCEPT AS SET FORTH SPECIFICALLY HEREIN, THE LICENSED PRDUCT IS “AS IS,” WITHOUT EXPRESS, IMPLIED, OR STATUTORY WARRANTY OR CONDITION OF ANY KIND, INCLUDING WITHOUT LIMITATION ANY WARRANTY OR CONDITION OF MERCHANTABILITY, SATISFACTORY QUALITY, AND FITNESS FOR A PARTICULAR PURPOSE. Thru makes no representations or warranties to Partner concerning the Products except as expressly set forth in this section.

INTERNET DELAYS

Thru’s SERVICE(S) MAY BE SUBJECT TO LIMITATIONS, DELAYS, AND OTHER PROBLEMS INHERENT IN THE USE OF THE INTERNET AND ELECTRONIC COMMUNICATIONS. Thru IS NOT RESPONSIBLE FOR ANY DELAYS, DELIVERY FAILURES, OR OTHER DAMAGE RESULTING FROM SUCH PROBLEMS UNLESS CAUSED BY Thru.

LIMITATION OF LIABILITY

WITH THE EXCEPTION OF A PARTY’S OBLIGATION TO PROVIDE INDEMNIFICATION UNDER THIS AGREEMENT AND EACH PARTY’S CONFIDENTIALITY OBLIGATIONS, IN NO EVENT SHALL EITHER PARTY, OR ITS LICENSORS OR SUPPLIERS BY VIRTUE OF THIS AGREEMENT, HAVE ANY LIABILITY TO ANY OTHER PARTY FOR ANY LOST PROFITS OR COSTS OF PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES, OR FOR ANY INCIDENTAL, PUNITIVE, INDIRECT, SPECIAL OR CONSEQUENTIAL DAMAGES, HOWEVER CAUSED AND UNDER ANY THEORY OF LIABILITY (INCLUDING NEGLIGENCE) AND WHETHER OR NOT SUCH PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. THE LIMITATIONS SET FORTH IN THIS SECTION 17 DO NOT APPLY TO ANY INFRINGEMENT OR MISAPPROPRIATION BY EITHER PARTY OR ITS CONTRACTORS OF THE OTHER PARTY’S INTELLECTUAL PROPERTY RIGHTS. IN NO EVENT SHALL Thru, ITS AFFILIATES OR ITS OR THEIR OFFICERS, DIRECTORS, EMPLOYEES, AGENTS, LICENSORS OR SUPPLIERS BE LIABLE TO PARTNER FOR MORE THAN THE AMOUNT OF ANY ACTUAL DIRECT DAMAGES UP TO THE GREATER OF U.S. $100,000.00 (OR EQUIVALENT IN LOCAL CURRENCY) OR THE CHARGES FOR THE SERVICES THAT ARE THE SUBJECT OF THE CLAIM, WHICHEVER IS LESSER, REGARDLESS OF THE CAUSE AND WHETHER ARISING IN CONTRACT, TORT (INCLUDING NEGLIGENCE) OR OTHERWISE. THE FOREGOING LIMITATION ON DIRECT DAMAGES SHALL NOT APPLY TO ANY BREACH BY Thru OF ITS CONFIDENTIALITY OBLIGATIONS OR Thru’s INTELLECTUAL PROPERTY INDEMNIFICATION OBLIGATIONS UNDER SECTION 14 THE PARTIES AGREE THAT THIS SECTION 17 REPRESENTS A REASONABLE ALLOCATION OF RISK

ASSIGNMENT

Customer may not assign any of its rights or delegate any of its obligations under this Agreement, whether by operation of law nor otherwise, without the prior express written consent of Thru, which shall not be unreasonably withheld or delayed. Notwithstanding the foregoing, Thru may assign this Agreement (including all Quotes) with notice to Customer in connection with any merger or acquisition or sale of all or substantially all of Thru’s pr any of its Affiliate’s assets or stock (such notice to be delivered within thirty (30) days of such assignment). Such assignment will not in any event relieve the assignor of any obligations that accrue under this Agreement prior to any such assignment. Subject to the foregoing, this Agreement will bind and inure to the benefit of the parties, their respective successors and permitted assigns. Any attempted assignment in violation of this Section shall be null and void.

FORCE MAJEURE

Except for each party’s obligations to pay money, neither party shall be deemed to be in breach of this Agreement for any failure or delay in performance caused by reasons beyond its reasonable control, including but not limited to acts of God, earthquakes, wars, terrorism, communication failures, strikes or shortages of materials.

NOTICE

Thru may give notice (such notice shall be deemed given when received by Customer) at any time by letter delivered by nationally recognized overnight delivery service, first-class postage prepaid mail to Customer or an e-mail to the defined party(s) in this agreement shall constitute an acceptable writing. Customer may give notice to Thru (such notice shall be deemed given when received by Thru as evidenced by confirmation or delivery receipt, as applicable) at any time by any of the following: letter sent by nationally recognized overnight delivery service, first-class postage prepaid mail to Thru at the following address: Thru, Inc., 909 Lake Carolyn Parkway, Suite 750 Irving, TX 75039 USA , or an e-mail to the defined party(s) in this agreement shall constitute an acceptable writing.

MODIFICATION OF TERMS

This Agreement may be amended at any time and from time to time, provided that amendment must be in writing and signed by each Party to be bound. Thru reserves the right to modify its policies in response to government and ruling bodies change of laws and requirements impactful to Thru and Thru’s policies at any time, effective thirty (30) days after posting of an updated version of the applicable policy on the internet and or sending email notification to Customer.

GOVERNINVING LAW/VENUE

This Agreement is Governed BY THE SUBSTANTIVE LAWS OF THE STATE OF TEXAS WITHOUT GIVING EFFECT TO ANY CHOICE-OF-LAW RULES. ANY ACTIONS OR PROCEEDINGS ARISING OUT OF THIS AGREEMENT WILL BE LITIGATED EXCLUSIVELY IN THE SUPERIOR COURT OF TEXAS, DALLAS COUNTY DIVISION, OR THE UNITED STATES DISTRICT COURT FOR THE DISTRICT OF TEXAS. The parties hereby irrevocably consent to the jurisdiction of such courts. The United Nations Convention on Contracts for the International Sale of Goods will not apply to this Agreement.

EXHIBIT A

Thru Service Plan will be inserted into this agreement here and include:

Customer Name
Customer Primary Contact
Cloud Region Selected
Service Plan Selected
Term of Agreement
Service Start Date
Service End Date

EXHIBIT B

SERVICE LEVEL AGREEMENT

This Service Level Agreement ("SLA") describes certain performance and security components regarding the operation of Thru and its secure hosted file transfer and collaboration service(s). This SLA is governed by Thru’s Service Agreements, and Thru Privacy Policy, the collection of which are designed to protect the privacy, security and best interests of (“Customer”). Thru agrees to abide by the terms of this SLA and requires its customers to do likewise. Thru shall use commercial best effort to provide continuous and consistent service with respect to this SLA. Thru reserves the right to add, subtract or amend the terms of this agreement at any time in the event of significant changes in market conditions, or otherwise initiated by major vendors, which would affect Thru ability to provide its hosting services. Such changes shall be given to the administrator via e-mail with at least 60 days’ notice.

SERVICE AVAILABILITY AND PERFORMANCE

This section describes Thru's uptime and performance guarantee. Thru will use industry best practice and effort to provide customer with 99.9% availability^[1]. From time to time, Thru will perform required maintenance during Thru’s weekly maintenance window of Sunday 3:00AM to 5:00AM London Time with or without notification to Customer. If an emergency maintenance is required; Customer will receive two (2) hours advance notice. Thru Service Level Agreement only applies to unplanned service outage. In an event that an outage occurred, the following exclusions will not be used for the “99.9” percent availability calculations:

SLA Exclusions:

· Factors outside of Thru’s reasonable control, including network access or related problems beyond the demarcation point;

· Resulted from Customer’s actions or inactions;

· Resulted from Customer’s application, network, or equipment;

· Resulted from termination or suspension of service;

· Scheduled or emergency maintenance;

· Resulted from Force Majeure.

SECURITY ACCESS AND ENVIRONMENTAL CONTROL

Thru is located in SOC 2 data centers. Physical access to the data center is protected by advanced security systems and strictly limited to authorize Thru personnel. Other persons are admitted only on an as needed basis (e.g., to maintain hardware components), and only under supervision.

No single point of failure either systems, networking, environmental or power. Thru uses industry leading routers, switches and firewalls. Servers are installed in a load balanced and/or clustered configuration, as appropriate. Thru connects to multiple Internet backbones within major telecommunications hubs over 10Gbs connections in geographically diverse locations. Thru supports SSL and FTP 128-bit encryption. All customer data is encrypted with the latest encryption technology and located in secure directories that require access authentication. All customer data is replicated to disaster recoverable media.

Customers should use discretion granting administrator privileges. Users must not share their login identifier or password. We recommend that users change their passwords at least every forty-five (45) days. Users should select passwords that are six (6) to nine (9) characters. We strongly recommend that passwords include mixed alpha and numeric text.

CUSTOMER RESPONSIBILITIES:

Customers are responsible for maintaining workstations, local networks, and internet connectivity required to access the Thru service. Customers should verify ability to access mainstream websites before reporting general connectivity issues.

Customers must configure firewalls and security groups to allow required protocols, ports, and IP addresses for the Thru platform as documented.

Customers should stay updated on minimum supported browser versions required for the Thru admin interface and end-user portal through our support site.

To ensure delivery of service notifications, customers must keep contact details and notification preferences current for their designated Thru administrators.

Customers are also responsible for internally communicating any scheduled maintenance downtimes announced by Thru to their organization's end users.

CUSTOMER SUPPORT

Thru provides a variety of ways for customers to request help or otherwise make inquiries. An online Support module may be used to report and track issues. 24 x 7 toll-free telephone support (1-800-871-9316) and email.

Severity categories and response times are as follows:

Severity #1- Critical/High severity incidents

Assigned to outages that keep a business from being able to access one or all of their applications or security events to effect customers data.[IS1]

Severity #2- Medium severity incidents

Assigned to a situation that slows an organization's response time or limits the functions of one of the Thru applications.

Severity #3 Low severity incidents

Assigned to a general question or requests for enhancement.

Description	Severity 1	Severity 2	Severity 3
Status Updates	2 hours	24 hours	5 business days
Third Party Vendor Coordination	Yes	Limited	As Needed
Thru Management Elevation^[2]	Yes	As Needed	As Needed
Resolution report identifying the cause of the problem	Yes	Yes	As Needed

¹ Calculated by the number of hours the THRU service is available to Customer plus the total number of hours, if any, the service is scheduled to be unavailable, divided by the total number of hours in that month.

² THRU Management Elevation escalates customer communication responsibility, of an open item's status, through progressive levels of THRU management, for each subsequent reporting cycle as follows: 1st elevation - supervisor of help-desk support 2nd elevation – Customer Success Service Manager (department level manager) 3rd elevation - Director of Engineering (senior management representative) 4th elevation - COO (or another officer of the company)