Common use of LICENSE RESTRICTIONS AND REQUIREMENTS Clause in Contracts

LICENSE RESTRICTIONS AND REQUIREMENTS. Licensee shall: i. keep all copies of the Licensed Code and Documentation in the possession of Licensee and not make available or provide the Licensed Code and/or Documentation to any third parties unless expressly permitted herein; ii. not remove from any copies of the Licensed Code or Documentation any product identification, copyright or other notices; iii. not disseminate performance information or analysis (including, without limitation, benchmarks) from any source relating to the Licensed Code or Documentation; iv. only install the Licensed Code on password protected servers; v. only disclose the Licensed Code and Documentation to Licensee employees and third party consultants who have a need to know such information in order for Licensee to exercise its rights under this agreement are who are bound by enforceable confidentiality obligations no less restrictive than the terms of this Agreement; vi. maintain complete and accurate logs of all modifications to the Licensed Code and supply such records to BigCommerce upon request; vii. ensure that all modifications to the Licensed Code performed by, for or on behalf of Licensee conform to BigCommerce’s approved threat modeling framework/vulnerability management framework and to the secure coding practices published by the Open Web Application Security Project: ▇▇▇▇▇://▇▇▇.▇▇▇▇▇.▇▇▇/index.php/OWASP_Secure_Coding_Practices_- _Quick_Reference_Guide; viii. adhere to all implementations of code integrity checking required by BigCommerce, such as issuing a verifiable digital signature at the end of each code change; and immediately notify BigCommerce of any compromise or suspected compromise to Licensee’s digital identity; ix. provide BigCommerce, upon request, with such evidence as is deemed necessary by BigCommerce to demonstrate that (i) Licensee has established minimum acceptable levels of security in accordance with the BigCommerce Data Protection Addendum entered into by the parties in connection with this Agreement; and (ii) Licensee has performed sufficient testing to ensure that common security vulnerabilities have been mitigated; and x. adhere to all regulatory and compliance requirements, including but not limited to the Payment Card Industry Data Security Standard, ISO 27001, and the General Data Protection Regulation, applicable to Licensee’s use of the Licensed Code.

LICENSE RESTRICTIONS AND REQUIREMENTS. Licensee shallThe rights and licenses granted in Section 3.1 GIC are expressly limited and restricted by the following: i. keep (a) GUPTA's Intellectual property and Proprietary Rights (1) GUPTA and/or its licensors shall retain all copies of the Licensed Code and Documentation sole right, title and interest in the possession of Licensee and not make available or provide the Licensed Code and/or Documentation to any third parties unless expressly permitted herein; ii. not remove from any copies of the Licensed Code or Documentation any product identification, copyright or other notices; iii. not disseminate performance information or analysis (including, without limitation, benchmarks) from any source relating to the Licensed Code or Documentation; iv. only install the Licensed Code on password protected servers; v. only disclose the Licensed Code and Documentation to Licensee employees and third party consultants who have a need to know such information in order for Licensee to exercise its rights under this agreement are who are bound by enforceable confidentiality obligations no less restrictive than the terms of this Agreement; vi. maintain complete and accurate logs of all modifications to the Licensed Code and supply such records to BigCommerce upon request; vii. ensure that all modifications to the Licensed Code performed by, for or on behalf of Licensee conform to BigCommerce’s approved threat modeling framework/vulnerability management framework and to the secure coding practices published programs. (2) Other than for exercising the rights expressly granted to UPS hereunder, UPS shall not, nor shall UPS cause a third party (except as required by law with written notice to GUPTA) to, copy, manufacture, adapt, rent, lease, lend, trade-in, translate, reverse engineer, disassemble or decompile or otherwise modify the Programs. (3) UPS must ensure that the End User License Agreement contains a provision prohibiting End Users from using a UPS Product or any components thereof for general purpose application development. (4) UPS shall not, nor shall UPS cause a third party to, delete GUPTA's copyright notice as it appears anywhere in the Programs. (5) UPS agrees to sublicense the Programs to End Users directly and through Distributors only under an End User License Agreement, which may be shrinkwrapped (or which may be posted and distributed electronically in the event that UPS elects to distribute the UPS Products and the Programs in an electronic format, e.g., via a bulletin board), between UPS and End Users, which (i) acknowledges GUPTA's (and/or any of GUPTA's licensors') intellectual property and proprietary rights and title to the Programs, and (ii) which contains a provision that expressly prohibits the End User from using the Programs for any purpose other than that permitted by the Open Web Application Security Project: ▇▇▇▇▇://▇▇▇UPS Product. UPS_____ GUPTA_____ (6) UPS agrees to provide reasonable assistance to GUPTA, at GUPTA's sole expense, in protecting the Marks and GUPTA's copyrights in the Programs. UPS further agrees that it will, at GUPTA's request, execute any documents reasonably required by GUPTA in perfecting its intellectual and proprietary rights in the Marks. UPS agrees to promptly notify GUPTA of any improper or unlawful use of the Marks or any intellectual property rights of GUPTA in the Programs which comes to the attention of UPS.▇▇▇▇▇.▇▇▇/index.php/OWASP_Secure_Coding_Practices_- _Quick_Reference_Guide; viii. (7) The use of the Marks by UPS and Distributors shall strictly adhere to all implementations the terms and conditions of code integrity checking required by BigCommerceGUPTA's Trademark Use Policy attached hereto as Exhibit A, such and to reasonable written instructions GUPTA may issue from time to time. UPS will not in any way identify itself as issuing a verifiable digital signature at the end of each code change; and immediately notify BigCommerce of owner of, or register or attempt to register the Marks in UPS's name or any compromise or suspected compromise other namet. GUPTA reserves the right to Licensee’s digital identity; ix. provide BigCommerce(i) review, upon request, with such evidence as is deemed necessary by BigCommerce UPS's use of the Marks in advertising and other materials, and (ii) revoke UPS's license to demonstrate use the Marks, at GUPTA's sole discretion. (8) UPS acknowledges GUPTA's representation that (i) Licensee has established minimum acceptable levels Quest, SQLBase, SQLGateway, SQLRouter, SQLHost, and SQLTalk are registered trademarks of security in accordance with the BigCommerce Data Protection Addendum entered into by the parties in connection with this Agreement; and GUPTA Corporation, (ii) Licensee has performed sufficient testing to ensure that common security vulnerabilities have been mitigated; and x. adhere to all regulatory SQL/API, SQLNetwork and compliance requirements, including but not limited to the Payment Card Industry Data Security Standard, ISO 27001GUPTA logo are trademarks of GUPTA Corporation, and the General Data Protection Regulation(iii) SQLWindows is a registered trademark and TeamWindows, applicable to Licensee’s ReportWindows and EditWindows are trademarks exclusively used and licensed by GUPTA Corporation. UPS agrees that all use of the Licensed CodeMarks by UPS or its Distributors will inure to the benefit of GUPTA.