printer-friendly

Sample Business Contracts

Symantec Service Provider Agreement - Symantec Corp., Symantec Ltd. and Brightmail Inc.

Sponsored Links

AMENDED AND RESTATED

SYMANTEC SERVICE PROVIDER AGREEMENT


THIS AMENDED AND RESTATED SYMANTEC SERVICE PROVIDER AGREEMENT (the “Agreement”) is entered into by and between Symantec Corporation, a Delaware corporation maintaining its principal place of business at 20330 Stevens Creek Boulevard, Cupertino, California 95014, and Symantec Limited, an Irish corporation maintaining its principal place of business at Ballycoolin Industrial Park, Blanchardstown, Co. Dublin 15, Ireland (collectively, “Symantec”) and Brightmail, Inc., a California corporation maintaining its principal place of business at 301 Howard Street, Suite 1800, San Francisco, California 94105 (“Brightmail”) (the parties collectively referred to herein as the “Parties” and individually as a “Party”).


In consideration of the mutual covenants which follow, Symantec and Brightmail agree:


I.DEFINITIONS

The capitalized terms below shall have the following meanings when used in this Agreement:


“Affiliate(s)” shall mean any wholly owned, meaning one hundred percent (100%) stock ownership, subsidiary of an Authorized Sublicensee. Brightmail covenants that it will enforce on Symantec’s behalf, the terms of this Agreement as to all Affiliates under Existing Business agreements that Brightmail has in place on the Effective Date of this Agreement that do not meet this definition. All renewals or extensions of Existing Business agreements and all New Business must comply with this definition.


“Amended Date” means the date on which the original Agreement was amended and restated, which is March 28, 2003.


“Americas” means both North America and South America geographical regions.


“Application Service Providers or “ASP” means an entity that provides application services remotely for a fee or other consideration to its Authorized Users, none of whom are under the ASP’s immediate employ or the employ of any parent or subsidiary, except in the situation where the employee purchases or subscribes to the Service as an Authorized User outside of its normal business usage, but not in the case where the ASP utilizes its own email system internally as the default option for all employees, which scenario then requires the ASP to obtain an enterprise, internal use license from Symantec.


“AsiaPac/EMEA” means both the Asian Pacific rim countries and EMEA which consists of Europe, Middle East and Africa geographical regions.


“Authorized Users” means and is calculated as follows: (A) for all New Business and Internal Users, each and every (i) unique consumer or (ii) home office at a residential address, (iii) small businesses which are up to one hundred (100) Authorized Users, but not including any medium or large Enterprises of one hundred (100) or more Authorized Users, except where allowed for under the license grant Section III(2)(v), and (iv) each Internal User of an Authorized Sublicensee, per the license grant set forth in Section III(2)(vi), wherein in each of the foregoing, the Authorized User is either counted as an unique mailbox being scanned and protected using the Licensed Product, or as an email address, or an account that is subscribing to, the Licensed Product, which is active at any time during the Term, and which is as clearly indicated in the reporting to Symantec, and (B) for all Existing Business and Enterprises, each and every unique e-mail box being scanned and protected using the Licensed Product, or as an email address, or an account that is subscribing to, the Licensed Product, which is active at any time during the Term or as determined by an


1


alternative definition which was approved in writing by Symantec prior to the Effective Date and specifically detailed on Exhibit B.


“Authorized Sublicensee” means a firm, company, organization, or other third party that provides, for a fee or in certain situations, for no fee but pursuant to some other subscription arrangement or agreement, Internet services, online application hosting services, or similar on-line electronic services to its Authorized Users, which may include ISPs, ASPs, and wireless operators that offer Internet access and other similar Services to its own Authorized Users but only pursuant to its right to use the Licensed Products on such Authorized Sublicensee’s own servers subject to and in accordance with the terms of this Agreement. All Authorized Sublicensees are Service Providers. Authorized Sublicensee shall include its Affiliates.


“BMI Product” means Brightmail’s own Antivirus scanning and Antivirus cleaning components and analysis and filtering systems that enhance the integrity and security of electronic mail systems for the benefit of the Authorized Users.


“BMI Service” means the service provided by which consists of incorporating the Licensed Product with Brightmail’s own anti-virus product and providing support for the same which is for the ultimate benefit of the Authorized Users as provided by the Authorized Sublicensees and is run on servers owned or maintained by the Authorized Sublicensee.


“Converted Business” means those certain Authorized Sublicensees under existing contracts prior to the Effective Date, which are set forth in Exhibit F, and only consists of business wherein Brightmail generates thirty percent (30%) or less on the margin (or as otherwise specifically approved by an officer of Symantec in writing as indicated on Exhibit F) based upon the royalty schedule set forth in the Prior Agreement as of the Effective Date and which royalty schedule is restated and set forth in Exhibit A of this Agreement.


“Documentation” means written guides describing the use and operation of the Licensed Product provided by Symantec to Brightmail.


“Effective Date” means July 1, 2002.


“Enterprise” means individually and collectively those legal entities which are commercial businesses, other than ISPs, ASP and wireless operators, that would use the Licensed Product for its own internal use only, in conjunction with that entity’s internal business needs and are typically consisting of one hundred (100) or more Authorized Users.


“Existing Business” means (i) all Authorized Sublicensees that provide the Licensed Product to Authorized Users or (ii) all Enterprises, which were counted and defined as “Mailboxes” under an agreement pursuant to the Prior Agreement and existing prior to the Effective Date, to receive the BMI Services. Such existing agreements were entered into as a result of either a direct sale from Brightmail or one of its authorized Resellers, under the Prior Agreement and prior to the Effective Date of this Agreement. This definition excludes all Converted Business, New Business and all accounts listed in Exhibit B.


“First Date of Use” means the first date after the termination of the Evaluation Period if the Authorized Sublicensee accepts the BMI Service and commercially deploys the BMI Product which incorporates the Licensed Product.


“Internal User(s)” means for purposes of Section III(1), only those employees, consultants and/or contractors who work, and board members of Brightmail, located within the Territory, not to exceed a total of one twenty-five hundred (125) employees initially, with a twenty percent (20%) increase per every twelve


2


(12) months of the Term, starting on the first anniversary date of the Term and for purposes of Section III(2)(vi) those employees, consultants and/or contractors who work for the Authorized Sublicensee, wherein in both cases, each Internal User is counted as a single Authorized User.


“Internet Service Provider” or “ISP” is an entity that provides Internet access and messaging services for a fee or other consideration to its Authorized Users, none of whom are under its immediate employ or the employ of any parent or subsidiary, except in the situation where the employee purchases or subscribes to the Service as an Authorized User outside of its normal business usage, but not in the case where the ISP utilizes its own email system internally as the default option for all employees, which scenario then requires the ISP to obtain an enterprise, internal use license from Symantec.


“Licensed Product” means the proprietary antivirus scanning and decomposition software code and program(s) as described in Exhibit A and all versions and updates thereto, and includes any corrections, bug fixes, enhancements, virus definitions, anti-virus rules or other modifications, in each case as made generally available by Symantec to its customers during the Term.


“Minimum Commitment” means both the Minimum Commitment Payments for Existing Business and the Minimum Commitment Payments for New Business, as outline in Exhibit A, under Section III.2.


“New Business” means and includes (i) all Authorized Sublicensees with agreements to provide the Licensed Product to their Authorized Users under an agreement with Brightmail or Reseller that is entered into on or after the Effective Date of this Agreement, (ii) all renewals, amendments that extend the time period of the agreement with the Authorized Sublicensees and extensions for Authorized Users and Authorized Sublicensees receiving BMI Services after the Effective Date, and (iii) all Converted Business.


“Payment(s)” means all amounts due under the terms of this Agreement, which include any Minimum Commitment Payments, any license and other fees related to the Licensed Products, as calculated based upon the number of Authorized Users and any other prices for the Licensed Product(s) and support, as indicated in Exhibit A hereto.


“Prior Agreement” means that agreement superseded by this Agreement, known as the Software Manufacturer License and Reseller Agreement by and between Symantec Corporation and Brightmail, Inc., effective April 3, 2000, as amended thereafter by Amendment One, with an effective date of July 31, 2000, Amendment Two with an effective date of August 31, 2000 and Amendment Three with an effective date of December 6, 2001.


“Reseller(s)” means those authorized resellers of Brightmail that have (i) entered into the standard reseller agreement with Brightmail, a copy of which is attached hereto as Exhibit G or an equivalent agreement with substantially the same terms as the copy attached hereto as Exhibit G, (ii) an agreement with Brightmail that requires the reseller to comply with same terms that Brightmail is required to comply with under this Agreement, in all respects, including but not limited to, reporting and protection of Symantec’s intellectual property rights, and (iii) an agreement with Brightmail that names Symantec as a third party beneficiary; and is an authorized Reseller of Brightmail wherein Brightmail agrees to fully enforce all of the foregoing requirements set forth in this provision on Symantec’s behalf.


“Service” means the service provided by Authorized Sublicensees as a Service Provider to its Authorized Users, using the Licensed Product provided pursuant to Brightmail’s own service (as defined in the “BMI Service” definition) for the ultimate benefit of the Authorized Users and are run on servers owned or maintained by the Authorized Sublicensee.


3


“Service Provider” means a firm, company, or organization that provides, for a fee or in certain situations, for no fee but pursuant to some other subscription arrangement or agreement, Internet services, online application hosting services or similar on-line electronic services to its Authorized Users or other hardware or software products or applications and related support, which can be utilized therein. This definition excludes entities that are providing such Internet services solely to persons under the entity’s immediate employ or the employ of any parent, subsidiary, or affiliate firm, company, or organization of the entity. This definition specifically includes all franchise arrangements wherein franchisees are provided Services by franchisors.


“Term” means the time period in which the arrangement between the Parties is in place, as determined and defined in Section IX of the Agreement.


“Territory” means world-wide.


II.BRIGHTMAIL OBLIGATIONS

1. Other Products.


During the Term of this Agreement, Brightmail shall not market or sell as part of its BMI Service any products that provide anti-virus scanning or repair services other than those which are Symantec products or contain the Licensed Products.


2. Term or Subscription License, Reseller Rights.


Brightmail specifically represents and acknowledges that any use by any third party of any Licensed Product must be pursuant to the terms under the license grant set forth in Section III and the related Payment terms and cannot be handled as an actual sale of a perpetual license under a Reseller transaction.


3. No Further Sublicensing.


Brightmail may not authorize, and must contractually prohibit all Authorized Sublicensees and Authorized Users from further sublicensing the Licensed Products to another third party other than as specifically allowed in the grant of license Section III, below.


III.GRANT OF LICENSE AS SERVICE PROVIDER FOR SERVICES

Brightmail represents and warrants (and hereby acknowledges that the following licenses are conditioned upon the following representations and warranties) that Brightmail is, as of the Effective Date and during the Term of the Agreement will be, a Service Provider and a “Licensee” under the terms of this Agreement.


1. Internal Use. In accordance with the terms of this Agreement, Symantec grants to Brightmail, and Brightmail accepts from Symantec, a limited, nonexclusive, non-transferable license to use the object code version of the Licensed Product consisting of Norton Antivirus scanning and decomposition libraries for the Term of this Agreement only, without Payment, solely to provide the BMI Service to the Internal Users. This internal use license shall not be assignable; and any transfer is void in the event of an acquisition, merger, any type of change of control or sale of all or substantially all the assets of Brightmail, regardless of whether or not Symantec agrees to the assignment of this Agreement pursuant to Section X.11.e. hereof. Brightmail must report any usage over the allowed number of Internal Users and any failure to do so will result in this license being automatically rescinded and this license shall become void and null. Any usage above the allowed number of Internal Users will be at the then current Enterprise license rates set forth herein.


4


2. Service Provider Use.


In accordance with the terms of this Agreement, Symantec grants to Brightmail, and Brightmail accepts from Symantec, a limited, nonexclusive, non-transferable license to use the object code version of the Licensed Product consisting Norton Antivirus scanning and decomposition libraries for the Term of this Agreement only, for the purpose of sublicensing an integrated product with the BMI Product solely to provide the BMI Service through Authorized Sublicensees to Authorized Users located in the Territory as follows: (i) to create an antivirus module from the Norton Antivirus scanning and decomposition libraries, and upload this antivirus module, in executable form only, on Brightmail’s own servers to detect messages containing viruses and separate infected messages, (ii) to create an antivirus cleaning component that attempts to clean the infected messages using the Norton Antivirus scanning and decomposition libraries of the Licensed Product, (iii) obtain antivirus updates from Symantec Security Response ftp servers when available by automatic download into Brightmail’s BLOC, which can automatically test it for consistency and then encrypt and distribute the updates to the Authorized Sublicensees (all of the foregoing collectively referred to as the Licensed Product), (iv) directly or through Resellers, allow Authorized Sublicensees to upload the Licensed Product, in executable form only, onto its own servers to provide the Service, (v) as of the Effective Date, with Payments starting from the Amended Date, for a period of one (1) year from the Amended Date, unless renewed per the renewal terms in Section IX, allow Authorized Sublicensees to provide the Licensed Product to Enterprises where the Authorized Sublicensees hosts the email services of the Enterprise and Enterprise is not hosting any part of the Service and has no access to the actual Licensed Product software itself, and (vi) as of the Effective Date, with Payments starting from the Amended Date, for a period of one (1) year from the Amended Date, unless renewed per the renewal terms in Section IX, allow all Authorized Sublicensees to use the Licensed Products for the benefit of their Internal Users. The Service will be deemed to be provided in the countries in which the Authorized Sublicensee’s servers are located for purposes of Payments and Taxes under the terms of this Agreement. Brightmail is further granted a license to use the Documentation solely in its capacity as a Service Provider to provide the BMI Service to Authorized Sublicensees and to allow Authorized Sublicensees to use the Documentation to provide the Service to its own Authorized Users, including product support, as necessary. Brightmail may make copies of the Licensed Product and the Documentation solely for the purpose of providing the BMI Service to its Authorized Sublicensees, either directly or through Resellers, as authorized in this Section. Brightmail and the Authorized Sublicensees are authorized to run the Licensed Product on the mail STMP operating systems and platforms of Win2000 and Solaris, only. If and only if Symantec ever supports NAV API, Decomposer and the definition set on AIX or specific variations of Linux operating systems for SMTP gateways under Symantec’s standard support programs, then Brightmail will be given the right to leverage those environments. The foregoing shall only be distributed through a Reseller if the following conditions precedent are met: (i) the Reseller and Brightmail have executed a reseller agreement in a form substantially similar to the one attached hereto as Exhibit G with Brightmail, (ii) Brightmail has contractually obligated the Reseller to comply with the terms of this Agreement as they are applicable to Brightmail in regards to all sales of BMI Product which incorporate the Licensed Product, and that such Resellers have contractually agreed to and possess a copy of the redacted version of this Agreement, attached hereto as Exhibit H, which Brightmail agrees to so provide and document as part of a formal notice to the Reseller, (iii) Brightmail names Symantec as a third party beneficiary to its agreements with the Reseller and (iv) Brightmail hereby covenants and warrants to Symantec that it will enforce the terms of this Agreement on Symantec’s behalf as to such Reseller.


3. Evaluation Licenses.


In addition, Symantec grants Brightmail, a limited, nonexclusive, non-transferable license to sublicense during the Term of this Agreement, only, the Licensed Product as incorporated into the BMI Product to the Authorized Sublicensee, which will not cumulatively exceed ninety (90) days, which period starts on completion of installation of the Licensed Product for evaluation and ends on the designated ending date of evaluation which requires Brightmail to ensure that all use is completely terminated by Brightmail actively


5


stopping the virus and rules definitions; and such time period again shall resume on the signing of a contract for the BMI Services and ending on the completion of the installation (the “Evaluation Period”). The evaluation of such BMI Product may be provided in a pre-production testing or production environment; provided that Brightmail operates the evaluation as follows: (i) a standard written evaluation license protecting the intellectual property rights and interests of all licensors (including Symantec) of the product provided under the Service is fully executed in each case, and (ii) such an evaluation agreement requires either the return of the evaluated software product or a signed certification of destruction under penalty of perjury of the evaluated software product, and (iii) continued use after the Evaluation Period is under a final agreement to receive the BMI Service having been executed and a final version of the BMI Product containing the Licensed Product is then provided for continued Service (the “Evaluation(s)”). At the end of the Evaluation Period, Brightmail will require Authorized Sublicensee to remove or Brightmail shall disable the BMI Product which incorporates Licensed Product in its entirety, unless such Authorized Sublicensee has agreed to purchase the BMI Service from Brightmail or a Reseller and Brightmail makes the applicable Payments to Symantec. If an Evaluation continues past the allowed Evaluation Period, Brightmail will be fully responsible for Payment to Symantec in accordance with Exhibit A. Brightmail shall not authorize more than one (1) Evaluation or any extended Evaluation Period per Authorized Sublicensee, per each version of the Licensed Product. Brightmail must provide Symantec with monthly reports which indicate the (i) date and identity of an Authorized Sublicensee who is under Evaluation, (ii) date and identity of an Authorized Sublicensee who has just ended an evaluation with a total of time such entity was under Evaluation, (iii) the date and identity of any Authorized Sublicensee who has signed an agreement for BMI Services and has the Licensed Product for installation and (iv) the date and identity any Authorized Sublicensee who has signed an agreement for BMI Services and has completed the Licensed Product installation and identify the total Evaluation Period applied to such Authorized Sublicensee (the “Evaluation Report”). Such Evaluation Report shall be sent to such address and person as Symantec provides via the notice provisions of this Agreement, which may change from time to time.


4. Restrictions Applicable to License Grants.


Symantec will deliver to Brightmail the non-serialized copy of the Licensed Product in an acceptable form. Brightmail is obligated to create a reliable tracking system for tracking and reporting to Symantec the worldwide usage of the Licensed Products by all Authorized Sublicensees and their provision of the Service to the Authorized Users, including those who are Authorized Users receiving the Service from Authorized Sublicensees of Brightmail that are Service Providers and receive a copy of the Licensed Product, and including all Evaluations and all distributions of the foregoing through Resellers. Such tracking system may consist of manual tracking of contracts and their reporting requirements, audit rights and other contractual provisions which Brightmail shall enforce. In accordance with the requirements of Exhibit E, Brightmail shall require the same reporting requirements set forth in this Agreement in its agreements with the Authorized Sublicensees and Resellers, and obtain reports from the Authorized Sublicensees and Resellers meeting the requirements of the terms of this Agreement and provide reports setting forth such information received from the Authorized Sublicensees and Resellers to Symantec.


Brightmail agrees that it will contractually bind the Authorized Sublicensees to (i) de-install the Licensed Product when: (a) the Authorized Sublicensee discontinues the Service using the Licensed Product, and/or (b) the related BMI Service agreement between Brightmail and the Authorized Sublicensee concerning the BMI Service is terminated for any reason whatsoever, and/or (c) this Agreement terminates and (ii) comply with the terms and conditions of this Agreement surrounding the use of the Licensed Product, including but not limited to, those provisions concerning the protection of Symantec’s proprietary rights in the Licensed Products, but not including terms concerning the pricing and license fees to be paid to Brightmail, which is set solely by Brightmail. Brightmail will enforce as to Authorized Sublicensees and Resellers, on Symantec’s behalf as a third party beneficiary, (i) the contractual provisions of this Agreement that indicate that Licensee


6


must require contractual compliance of the Authorized Sublicensees and Reseller with certain terms of this Agreement and elsewhere in this Agreement which generally concern either the use of the Licensed Product, the protection of Symantec’s proprietary rights in the Licensed Product and such other intellectual property of Symantec, such as trademarks, but not concerning the terms concerning pricing charged by Brightmail, which is set solely by Brightmail, and (ii) those in the agreement Brightmail enters into with the Authorized Sublicensees and Resellers concerning the use of the Licensed Products to provide Services to its Authorized Users and of the use of the Licensed Product, which are the license grant language and all protective provisions which relate to the proprietary rights of the Licensed Product.


If Brightmail elects to distribute the Licensed Product via electronic download or physical media, or under such other arrangements as allowed herein where Brightmail gives access to the Licensed Product to an Authorized Sublicensee or the Licensed Product otherwise leaves the sole control of Brightmail, Brightmail must provide a secure infrastructure for the process and for the protection of Symantec’s intellectual property rights in the Licensed Product that meets the requirements listed herein, which requirements may be modified, from time to time by Symantec upon written notice to Brightmail, as well as any further guidelines that Symantec may provide to Brightmail from time to time. If at any time during the Term of this Agreement, Symantec determines Brightmail’s security policies are not sufficient to comply with the standards that Symantec requires or otherwise determines they are inadequate to protect Symantec’s intellectual property rights in the Licensed Products, Symantec will have the right to terminate Brightmail’s ability to distribute the Licensed Product in that manner. Brightmail agrees to comply with the following security guidelines, as modified and added to, from time to time:


1) All servers hosting the Licensed Products for download must be secure from both internal and external exploits and/or hackers and the servers must meet the requirements set forth in Exhibit C, which Symantec can change from time to time in its sole discretion, and which Symantec shall provide Brightmail notice of such changes pursuant to the notice provisions of this Agreement. Brightmail must contractually require Authorized Sublicensees and Resellers contractually, and enforce the same on Symantec’s behalf, to meet the foregoing requirements if they host the Licensed Product for download. Symantec agrees that Brightmail shall not be required to expend more than Ten Thousand Dollars ($10,000) annually to comply with the audit requirements set forth in Exhibit C.


2) Brightmail must ensure each Authorized Sublicensee is actually under a contractual arrangement with Brightmail and that the access to the download of the BMI Product is protected by such other technology and other measures designed to prevent unauthorized downloads and copying of the Licensed Products.


3) When providing the Licensed Products to an Authorized Sublicensee via physical media, Brightmail must contractually require the Authorized Sublicensee receiving the physical media read and fully understand the applicable licensing usage terms. Brightmail is responsible for contractually requiring that Authorized Sublicensees and Resellers to not abuse Symantec’s licensing terms when receiving and using the Licensed Products in any form, which includes but is not limited to, unauthorized copying and/or distribution and enforce the foregoing on Symantec’s behalf. Brightmail has no authorization to duplicate its own CD-roms containing only the Licensed Product.


Brightmail is not allowed to transfer or otherwise sublicense the Licensed Product(s) to any Enterprise or third party, including but not limited to, any non ISP or non ASP entity that procure the Licensed Product for use in conjunction with the entities’ internal needs, other than as specifically provided for in this section of this Agreement. This Agreement specifically prohibits Brightmail from authorizing or to knowingly allowing any Authorized Sublicensee to utilize the Licensed Product(s) to provide Services as a Service Provider, except as specifically provided for in this Section III of the Agreement. All such licenses and authorizations provided by Brightmail under the terms of this Agreement must be obtained pursuant to a direct, written end


7


user license agreement between Brightmail and the Authorized Sublicensee and/or a direct, written and fully executed agreement with the Authorized Sublicensee and/or Reseller, authorizing such use of the Licensed Product(s) as a Service Provider or End User or otherwise and requiring full compliance with the applicable terms of this Agreement, including but not limited to, those protecting Symantec’s intellectual property rights and meeting all the requirements set forth in Section III. Brightmail must promptly notify Symantec of the name of each Authorized Sublicensee, Enterprise and each Reseller in its reporting that is granted a license and also promptly notifies Symantec of any improper use of the Licensed Product(s) by any Authorized Sublicensee, Enterprise or Reseller.


IV.PRICES, PAYMENTS, AUDIT AND ORDER PROCEDURE

1. Tax Issues and Other Fees for Licensed Product(s) as Service Provider. The prices for the Licensed Products, and, therefore Payments, do not include any state or federal (U.S. or foreign government) taxes or fees. Brightmail is responsible for any and all such Payments due to Symantec and any and all taxes and fees imposed upon Brightmail. Except for Symantec’s income taxes, Brightmail agrees to pay any and all sales, use, value added, withholding, excise and similar taxes on Payments under this Agreement (the “Taxes”). Symantec will be responsible for its own income tax and fee obligations. If Brightmail claims an exemption from Taxes, Brightmail will provide to Symantec an acceptable copy of all documentation showing the legal exemption from such Taxes. If a foreign government requires Brightmail to withhold Taxes on Payments to Symantec, then Brightmail must: 1) provide Symantec with official receipts for reflecting the actual amount of Taxes withheld, which are adequate to meet the needs of Symantec, in order for Symantec to receive credit for such Taxes paid; and 2) minimize withholdings to the extent possible. The minimization requirement is to protect Symantec’s exposure to the limitation imposed by the Irish Commissioners of Revenue for such credit.


2. Payment Terms.


a. By Brightmail as a Licensee and Service Provider. All Payments for Licensed Products are non-refundable and due regardless of Brightmail’s ability to collect from its Authorized Sublicensees and Resellers. Brightmail will receive an invoice for all Payments related to the Licensed Product(s). Payments are due when specified in Exhibit A regardless of receipt of invoice. If any Payment is not received within net thirty (30) calendar days after the end of each calendar quarter or in accordance with the terms of the Minimum Commitment Payment, by the specified Payment date in Exhibit A, Symantec may impose interest and late charges of one and one half percent (1-1/2%) per month until all Payments are current. Brightmail may charge its Authorized Sublicensees such license fees as it so determines for the BMI Services incorporating the Licensed Products. Brightmail must pay all Payments which represent license fees for the Licensed Products net thirty (30) days from the last Friday of the calendar quarter in arrears for BMI Services provided to the Authorized Sublicensees which are Existing Business, which timing does not apply to Minimum Commitments. The Payment and terms for the Bulk License, Minimum Commitment Payments and Existing Business are set forth in Exhibit A.


b. Currency and Place of Payment. All of the foregoing described Payments due to Symantec will be paid in the appropriate currency to the appropriate region. Payments will be made to Symantec Corporation in US Dollars, free of any withholding tax, currency control, or other restrictions for all transactions in the Americas. Payments will be to Symantec Limited in U.S. Dollars, free of any withholding tax, currency control, or other restrictions for all transactions in AsiaPac/EMEA. As to any portion of the Payments for the Bulk License which are for future Authorized Users and not actual Authorized Users, Brightmail shall pay the unknown Authorized Users portion as if they were Authorized Users within the Americas and pay in U.S. Dollars. All Payments and reports for the Americas region should be sent to Symantec Corporation, Revenue Manager, 20330 Stevens Creek Boulevard, Cupertino, CA 95014. All


8


Payments and reports for the AsiaPac/EMEA region should be sent to Symantec Limited, Revenue Manager, Ballycoolin Industrial Park, Blanchardstown, Co. Dublin 15, Ireland.


3. Audit and Records.


Brightmail will maintain its records relating to the provision of BMI Services with the Licensed Products as a Service Provider for at least three (3) years after their creation. Brightmail agrees to permit an independent third party (“Auditor”), to be mutually agreed upon by both parties, to examine such records upon reasonable notice, but not more often than once every twelve (12) months, during all normal business hours during the Term of this Agreement and for twelve (12) months after expiration or any termination of this Agreement. Symantec (or an independent third party representative), upon reasonable written notice of no less than ten (10) calendar days, will have the right to conduct an audit of Brightmail’s books of account, records, contracts or other information which relate to this Agreement and the Licensed Products, in order to verify compliance with this Agreement. Brightmail will immediately pay any overdue Payments revealed by such audit(s). Symantec will bear the costs of the audit; provided, however, if the audit reveals overdue Payments in excess of five percent (5%) of the Payments owed for any six (6) month period, Brightmail will pay the costs of such audits(s). All information obtained by Symantec (or its independent third party representative) during any such audit will be confidential and Symantec (and its independent third party representatives) will keep it confidential, except to the extent it is reasonably necessary to disclose such information to enforce this Agreement or as otherwise required by law.


V.NOTIFICATIONS AND REPORTING

1. Notification. Brightmail will notify Symantec in writing of any claim or proceeding involving Licensed Product(s) and/or the BMI Service within ten (10) days after Brightmail learns of such claim or proceeding. Brightmail will report promptly to Symantec all claimed or suspected product defects in the Licensed Product. Brightmail will also notify Symantec in writing not more than thirty (30) days after any change in control of Brightmail or any transfer of more than twenty-five percent (25%) of Brightmail’s voting control or a transfer of substantially all its assets.


2. Reporting. At the end of every calendar quarter, Brightmail agrees to provide Symantec with a preliminary quarterly report in the same format as the Regional Report, as detailed below, for the estimated total number of Authorized Users as totaled on the last Friday of the calendar quarter under (i) New Business, with a break out of the subtotal for the Converted Business and Evaluations, and (ii) Existing Business with a break out for the subtotal for Enterprises. In addition, Brightmail agrees to furnish Symantec with a final total quarterly “sell through” report in an electronic format but in Excel only, meeting all the content and format requirements set forth in Exhibit E, attached hereto and incorporated by reference: (i) by Authorized Sublicensee, showing the names of each Authorized Sublicensee, and if through a Reseller, categorized by Reseller with the name and address of each Reseller, and the number of Authorized Users for each Authorized Sublicensee; (ii) reporting each geographic country and by region which consists of the (a) Americas for Symantec Corporation, and (b) AsiaPac/EMEA for Symantec Limited; (iii) the total number of Authorized Users as totaled on the last Friday of the calendar quarter shall also be set forth under (a) New Business, with a break out of the subtotal for the Converted Business and Evaluations, and (b) Existing Business per Authorized Sublicensee and with a break out for the subtotal of Enterprises per Enterprise; and (iv) the total of Internal Users (the “Regional Report”). The final Regional Report is due no later than thirty (30) calendar days from the end of the last Friday of the previous calendar quarter. While Brightmail shall require Authorized Sublicensees and Resellers to comply with the Regional Report requirements in all New Business and all extensions or renewals of Existing Businesses, Brightmail shall use reasonable commercial efforts to obtain the by country reporting for the Regional Report for all Existing Business.


9


VI.SUPPORT

Brightmail shall provide all support to the (i) Authorized Sublicensees and require the Authorized Sublicensees to provide support to their own Authorized Users (including Evaluations), and (ii) Internal Users for Licensed Products and under no condition shall Symantec take any calls from any of the foregoing. Symantec will refer the Authorized Users back to the Authorized Sublicensee and refer the Authorized Sublicensees to Brightmail for support at (1-800-453-2577). Symantec shall provide separate support to Brightmail pursuant to a separate agreement.


VII.NON-DISCLOSURE

1.Agreement.

Both Parties covenants and agrees not to disclose the terms of this Agreement or any other details as to its relationship with the other to any third party without Symantec’s prior written consent.


2. Confidential Information.


a. The Parties acknowledge that in the course of performing their obligations hereunder each may receive information (“Information”), which is confidential and proprietary to the other. Such Information includes non-public information or materials, including without limitation written or printed documents and computer disks or tapes, whether machine or user readable containing such information, that: (i) relates to released or unreleased Symantec software products or processes, including updates, patches, bug fixes or other modifications; the marketing or promotion of any Licensed Product or Symantec product or BMI Product; and either Party’s business policies or practices, (ii) is disclosed by one Party to the other in tangible or written form and clearly marked “Confidential” (or with a similar proprietary legend), or is of a nature that a reasonable business person would know or suspect it is of a confidential nature or (iii) is disclosed by one Party to the other in confidence in connection with this Agreement and the Parties’ performance hereunder.


b. Information does not include information or materials that the receiving Party can demonstrate (i) is on the date hereof, or hereafter becomes, through no act or failure to act or violation of this Agreement on the part of the receiving Party, generally known or available to the public, (ii) was known or possessed by the receiving Party before its receipt from the disclosing Party, (iii) is hereafter rightfully obtained by the receiving Party from a third party, without breach of any obligation to the disclosing Party, or (iv) is independently developed by the receiving Party, without use of or reference to the Information, by persons who had no access to the Information.


c. Each Party covenants and agrees that neither it nor its agents, employees, officers, directors or representatives will (i) use any of the Information except in performance of this Agreement or (ii) disclose any Information to third parties other than Authorized Sublicensees and/or Resellers, as necessary to sublicense the Licensed Product from the Effective Date of this Agreement and during the Term and for a period of five (5) years from the termination of this Agreement, whether terminated by Symantec or by Brightmail, unless required to be disclosed by law or a judicial authority. Each Party further covenants and agrees to protect the Information obtained from the other with the same degree of care as it uses to protect its own confidential information of like importance, but in no event less than reasonable care. The receiving Party may disclose Information only to its employees and contractors having a “need-to-know” for the purposes of this Agreement. The receiving Party will notify and inform those employees and contractors of the receiving Party’s obligations regarding use of Information and will obtain or have obtained from its employees and contractors agreements requiring them to comply with these obligations. Each Party will


10


provide notice to the other Party immediately after learning of or having reason to suspect a breach of any of the confidentiality obligations set forth in this Agreement.


IX.TERM OF AGREEMENT

This Term of this Agreement shall commence on the Effective Date and shall continue for a period of three (3) years (the “Term”). This Agreement shall automatically expire at the end of the Term and nothing contained herein shall be interpreted as requiring either Party to renew or extend this Agreement, and neither Party expects this Agreement to be renewed; provided, however, that this Agreement may be terminated prior to the expiration of its stated Term as set forth below. This Agreement may be extended by an amendment extending the Term and updating the Price, which is signed by the authorized signatory of each Party. There are limited Run Off Periods provided for in this Agreement and therefore, Brightmail is advised to negotiate its renewal and extension of the Term, pursuant to an amendment, in sufficient advance of its needs for its Authorized Sublicensees. The license grants in Section III(2)(v) & (vi) are for one (1) year from the Amended Date, and shall automatically renew unless cancelled by Licensee, which can only be done by providing Symantec a written notice of non-renewal which must be received no later than March 26, 2004; and thereafter, on an annual basis, Brightmail may provide a notice of non-renewal to Symantec no later than by the last Friday of the calendar quarter.


X.TERMS AND CONDITIONS

1. Restrictions on Use.


a. Allowed Business Use of the Licensed Products. Brightmail covenants and agrees to use the Licensed Product only with BMI Products as part of the BMI Services as provided to Authorized Sublicensee for making the Service available to Authorized Users in accordance with the terms of the Agreement. Brightmail shall not permit any person or party other than Authorized Sublicensees to use the Licensed Product; provided, however, that Brightmail may use the Licensed Product internally for testing purposes and to provide support to Authorized Sublicensees.


b. Modifications, Reverse Engineering. Brightmail covenants and agrees that only Symantec shall have the right to alter, maintain, enhance or otherwise modify the Licensed Products, and all of the related Documentation, except as specifically provided for in this Agreement. Brightmail shall not disassemble, decompile, decrypt, reverse engineer, or create derivative works based upon, or make any attempt to discover the source code of, the Licensed Product or any portion thereof. Brightmail shall not adapt, modify, translate, distribute, duplicate, copy, transfer possession of, loan, lease, or resell for profit the Licensed Product except as specifically provided for in this Agreement. Brightmail shall immediately report to Symantec and halt unauthorized copying, use, distribution, installation, or transfer of possession of the Licensed Product, by any person or entity of which Brightmail has knowledge. Prior to disposing of any media or apparatus containing the Licensed Product or any part thereof, Brightmail will ensure that any Licensed Product contained on such media or stored in such apparatus has been completely erased or otherwise destroyed.


c. Protection of Information. Brightmail acknowledges that the Licensed Product and all related Documentation are proprietary to Symantec and comprise (i) works of original authorship, including compiled information containing Symantec’s selection, arrangement, and co-ordination and expression of such information or pre-existing material it has created, gathered or assembled, (ii) confidential trade secret information, and (iii) information that has been created, developed and maintained by Symantec at great expense of time and money such that misappropriation or unauthorized use by others would unfairly and irreparably harm Symantec. In addition to Brightmail’s obligations outlined in Section VII, Brightmail shall


11


not commit or permit any act or omission that would impair Symantec’s proprietary and intellectual property rights in the Licensed Products, and all of the Documentation.


d. Trademarks, Trade Names and Copyrights.


(i) Trademark Use and Co-branding Guidelines. At all times in every advertisement, promotion and branding of the BMI Service, Brightmail will do the following and contractually require the Authorized Sublicensee to do the same in regards to the Service, and enforce the same on Symantec’s behalf, to do the following: (i) use either or both: (a) the trademark “Powered by Symantec” including any related logos, or (b) the Symantec logos and trademarks associated with the Licensed Products; and (ii) ensure that all statements (written or oral) concerning the Licensed Product shall be strictly in accordance with the Documentation or otherwise be approved by Symantec in writing prior to distribution in any form. Brightmail’s use, (and Brightmail shall contractually require and enforce the same with the Authorized Sublicensee’s use) the of such trademarks and logos will be in accordance with Symantec’s trademark policies and usage guidelines in effect from time to time. Brightmail is obligated to comply with the following and to contractually require its Authorized Sublicensees to do the following, and shall name Symantec as a third party beneficiary of these contractual requirements and enforce the following provisions on behalf of Symantec: (i) Any co-branding of products, marketing materials or other communications that refer to the functionality or the existence of the Licensed Product shall state “Powered by Symantec” and be subject to the co-branding guidelines that Symantec provides to Brightmail, as modified, from time to time, in Symantec’s sole discretion, as well as Symantec’s general trademark guidelines, attached hereto as Exhibit D, both as modified, from time to time, in Symantec’s sole discretion; provided that any Authorized Sublicensee shall have up to thirty (30) business days after receipt by Brightmail of updated guidelines to update any marketing materials and to cease distributing marketing materials that are no longer in compliance with such new guidelines, (ii) the initial user interface in the version of the Brightmail’s software offering, provided as part of its BMI Service (or Service in reference to an Authorized Sublicensee), must contain the words “Powered by Symantec” and the wording “Powered by Symantec” will be present in the footer of all warning pages or messages concerning notice of virus detection in all versions of Brightmail’s software offering as part of the BMI Service (or Service in reference to an Authorized Sublicensee), and (iii) Authorized Sublicensee shall not make any false representations as to the relationship of Symantec to the Authorized Sublicensee, concerning the Licensed Product, or concerning the source of the Services offered by the Authorized Sublicensee. Further, if any Authorized Sublicensee has any concerns about compliance, Brightmail should inform them that they may contact Symantec’s Legal Department directly to obtain review and approval. Notwithstanding the foregoing, Brightmail and its Authorized Sublicensees may do general marketing using common industry descriptive words that indicate the existence of virus detection, but which are general references to the Service and/or BMI Service and do not mention or otherwise reference the components, features or technical aspects of the Licensed Products, such as, but not limited to, “Internet services with virus detection”, “e-mail virus scanning”, “e-mail virus filter services” and/or “e-mail protection and such others as fall within the foregoing requirements, without including the Symantec logos and trademarks, as required above. Brightmail agrees and acknowledges that no description of any BMI Service provided or offered by Brightmail or Service by its Authorized Sublicensees shall in any sense mislead the consumer into believing that the Licensed Product portion of such BMI Service and/or Service is created or owned by any party other than Symantec and that Symantec shall make the final determination of such on any such issues, in its sole discretion. Brightmail shall contractually require its Authorized Sublicensees to comply with all of the foregoing obligations and name Symantec as a third party beneficiary of the contracts it enters into with Authorized Sublicensee. Symantec shall solely control all litigation matters and related decisions, and be responsible for such costs, in regards to the subject matter of this provision.


(ii) No Rights in Trademarks or Copyrights. Brightmail has paid no consideration for the use of Symantec’s trademarks, logos, copyrights, trade names or designations, and nothing contained in this


12


Agreement will give Brightmail any interest in any of the foregoing. Brightmail acknowledges that Symantec owns and retains all copyrights and other proprietary rights in all Licensed Products and documentation including patent, copyright, trade secret, trademark and other proprietary rights, in and to the Licensed Products and the Documentation and any corrections, bug fixes, enhancements, updates or other modifications, including custom modifications, to the Licensed Products, whether made by Symantec or any third party, and Brightmail shall have no right, title or interest in such proprietary rights. Brightmail agrees that it will not at any time during or after this Agreement assert or claim any interest in or do anything that may adversely affect the validity or enforceability of any trademark, trade name, copyright or logo belonging to or licensed to Symantec (including, without limitation, any act, or assistance to any act, which may infringe or lead to the infringement of any copyright in the Licensed Products). Brightmail agrees not to attach any additional trademarks, logos or trade designations to Licensed Product or BMI Products which violate any terms of this Agreement. Brightmail further agrees not to affix any Symantec trademark, logo or trade name to any non-Symantec product and/or non-Symantec service, except as provided for in this Agreement. Brightmail shall contractually require the Authorized Sublicensees to comply with the foregoing requirements, and enforce the same on Symantec’s behalf.


(ii) Obligation to Protect. Brightmail agrees to use reasonable efforts to protect Symantec’s proprietary rights and to cooperate without charge in Symantec’s efforts to protect its proprietary rights. Brightmail agrees to notify Symantec of any known or suspected breach of Symantec’s proprietary rights that comes to Brightmail’s attention.


(iii) Transfers. Except as specifically provided for under the terms of this Agreement, under no circumstances shall Brightmail sell, license, publish, distribute, or otherwise transfer to a third party the Licensed Product or the Documentation or any copy thereof, in whole or in part, without Symantec’s prior written consent.


e. Obligation to Use Most Current Version of Licensed Product. Brightmail acknowledges that Symantec may, from time to time, release updated versions of the Licensed Product. Brightmail covenants and agrees, within thirty (30) days after written notification by Symantec of the release of any such updated version for the operating platform(s) utilized by Brightmail, to upgrade to, and use exclusively, the updated version of the Licensed Product in its BMI Product to provide the BMI Service and provide the updated BMI Product to the Resellers. Brightmail will use commercially reasonable efforts to notify and request its Authorized Sublicensees to use the latest version of the Licensed Product as it is incorporated into the BMI Product. Brightmail acknowledges that it understands that support services are only available to customers of Symantec who have purchased support and are on a particular version of the Licensed Product for a time period of one (1) full year after the date of the next “Major Release” which is defined as any new version of the Licensed Product that contains features or capabilities that are different from the current version (typically denoted with a new version number in front of the decimal point such as 5.0, 6.0, 7.0, or a year number such as 2001, 2002, 2003 but it could be designated otherwise) as opposed to an in-line update or modification or patch that is designed only to improve the current version of the Licensed Product, and that Symantec licenses to its licensees and customers generally for a fee as opposed to the free update, modification or patch. Brightmail agrees that the support services will end one (1) year after the next Major Release of the Licensed Product and thereafter in order to obtain support services, Brightmail must upgrade to the most current version of the Licensed Product, (i.e. the Major Release) as outlined above.


f. Obligation to Update. If the Licensed Product requires updates such as new virus definitions, new content filtering lists or new rules of any type, Brightmail and Authorized Sublicensee shall update its copies of the Licensed Product used to provide the BMI Service and/or Service, respectively, at least once daily.


13


2. Disclaimer of Warranties; Limitation of Liability and Related Matters.


a. Special Warranty and General Disclaimer of Warranties. SYMANTEC WARRANTS THAT THE LICENSED PRODUCT WILL SUBSTANTIALLY COMPLY WITH THE SPECIFICATIONS SET FORTH IN THE CURRENT APPLICABLE DOCUMENTATION PUBLISHED GENERALLY WITH RESPECT THEREOF. IF AT ANY TIME DURING THE TERM OF THIS AGREEMENT, BRIGHTMAIL CAN SHOW A DEFECT IN THE LICENSED PRODUCT SUCH THAT THE LICENSED PRODUCT DOES NOT SUBSTANTIALLY COMPLY WITH THE DOCUMENTATION, SYMANTEC SHALL WITHIN THE TIME PERIOD AGREED BETWEEN THE PARTIES, OR IF NO TIME PERIOD, WITHIN A REASONABLE TIME, EITHER REMEDY THE DEFECT OR REPLACE THE LICENSED PRODUCT, WHICH CHOICE IS IN SYMANTEC’S SOLE DISCRETION AND WHICH IS THE SOLE REMEDY FOR THIS BREACH OF WARRANTY. IF SYMANTEC HAS PROVIDED IN ADVANCE ANY BETA OR OTHER TEST VERSIONS OF THE LICENSED PRODUCT TO BRIGHTMAIL AND HAS NOT AUTHORIZED BRIGHTMAIL TO RELEASE SUCH AS FINAL LICENSED PRODUCT, THEN THIS WARRANTY IS VOID IF BRIGHTMAIL RELEASES ANY BMI PRODUCT CONTAINING SUCH LICENSED PRODUCT THAT SYMANTEC HAS NOT GENERALLY AND PUBLICLY RELEASED TO ITS OTHER CUSTOMERS. SYMANTEC MAKES NO WARRANTY THAT ALL ERRORS OR FAILURES WILL BE CORRECTED.


b. Limited Liability. EXCEPT AS SET FORTH ABOVE, THE LICENSED PRODUCT AND DOCUMENTATION ARE PROVIDED “AS IS” AND WITHOUT WARRANTY OF ANY KIND. ALL WARRANTIES, WHETHER EXPRESS OR IMPLIED, ARE DISCLAIMED AND EXCLUDED, INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND INFRINGEMENT. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF LICENSED PRODUCT IS WITH BRIGHTMAIL.


c. No Warranty. Brightmail will make no warranty, guarantee or representation, whether written or oral, on Symantec’s behalf.


d. Breach of Warranty. If Symantec is not able to cure any breach of the warranty section set forth in subsection (a) above within the allowed cure period set forth in the termination provisions of this Agreement, then Brightmail may terminate this Agreement.


3. Limitation of Liability.


NEITHER PARTY SHALL BE LIABLE TO THE OTHER OR ANY OTHER PERSON OR ENTITY FOR INCIDENTAL, SPECIAL OR CONSEQUENTIAL DAMAGES OR THE LOSS OF ANTICIPATED PROFITS ARISING FROM ANY PERFORMANCE UNDER, OR BREACH OF, THIS AGREEMENT EVEN IF NOTICE IS GIVEN OF THE POSSIBILITY OF SUCH DAMAGES. IN ADDITION, THE LIABILITY OF SYMANTEC FOR ANY DAMAGES RELATING TO ANY LICENSED PRODUCT SHALL BE LIMITED AS SET FORTH HEREIN. SYMANTEC’S LIABILITY HEREUNDER OTHER THAN RELATING TO AMOUNTS DUE UNDER THE INDEMNITY PROVISIONS SET FORTH IN SECTION 5A, SHALL BE LIMITED TO THE TOTAL PAYMENTS RECEIVED FROM BRIGHTMAIL PURSUANT TO THIS AGREEMENT DURING THE TWELVE (12) MONTHS PRIOR TO THE EVENT GIVING RISE TO SUCH LIABILITY. IN ADDITION, THE TOTAL LIABILITY OF BRIGHTMAIL FOR ANY DAMAGES DUE UNDER THIS AGREEMENT, BUT NOT INCLUDING RELATING TO ANY PAYMENT OBLIGATIONS OR PROVISIONS, AMOUNTS DUE UNDER THE INDEMNITY PROVISIONS SET FORTH IN SECTIONS 5A AND 5 B BELOW, AND DAMAGES FOR ANY BREACH OF THE GRANT OF LICENSES PROVISIONS SET FORTH IN SECTION III, SHALL BE LIMITED TO THE TOTAL OF SEVEN MILLION DOLLARS.


14


4. Compliance with Law.


Brightmail covenants and agrees to comply with all applicable international, national, state, regional and local laws and regulations in its performance hereunder and in any of its dealings with its Resellers, Authorized Sublicensees and Authorized Users with respect to the BMI Service. Symantec covenants and agrees to comply with all applicable international, national, state, regional and local laws and regulations in its performance hereunder and in any of its dealings with Brightmail.


5. Indemnification.


(A) Indemnification by Symantec. Notwithstanding anything contained herein to the contrary, Symantec hereby indemnifies, defends, and holds Brightmail and its officers, employees, board members, and contractors harmless from and against any and all third party claims, actions, or demands alleging that the Licensed Product and/or any update provided by Symantec infringes any patent, copyright, trademark, trade secret or other intellectual property right of any third party. Subject to Symantec receiving prompt written notice from Brightmail of any actual or threatened claim, and further subject to Brightmail providing Symantec with complete control of the settlement and defense thereof, Symantec shall pay resulting costs, damage awards, legal fees finally awarded, and any settlement amounts in such actions which are attributable to such claims. Symantec shall have no liability to Brightmail for any claim to the extent based upon modification of the Licensed Product by Brightmail or combination of the Licensed Product with the Brightmail’s own software solution or any other software or hardware not provided by Symantec, approved by Symantec for combination with the Licensed Product, or otherwise identified in the Symantec Documentation as intended for combination with the Licensed Product (if the claim would not survive but for the modification or combination). In addition, should the Licensed Product become, or is likely to become, in Symantec’s reasonable opinion, exercising sound commercial judgment, the subject of a claim of intellectual property infringement then Brightmail shall permit Symantec to replace or modify the Licensed Product so as to avoid infringement, or to procure the right for Brightmail to continue use of such items. If neither of such alternatives is reasonably possible, the infringing items shall be returned to Symantec and Symantec shall refund to Brightmail all amounts paid by Brightmail in excess of actual usage.


(B) Indemnification by Brightmail. Notwithstanding anything contained herein to the contrary, Brightmail hereby indemnifies, defends, and holds Symantec and its officers, employees, board members, and contractors harmless from and against any and all third party claims, actions, or demands arising out of this Agreement that: (i) allege that the BMI Service infringes any patent, copyright, trademark, trade secret or other intellectual property right of any third party, however excluding any and all claims based on the Licensed Product (but including claims to the extent based upon Brightmail’s modification or unapproved combination of the Licensed Product with third party products, solely to the extent such claim would not survive but for the modification or combination); or (ii) to the extent that they are due to any unauthorized warranty made by Brightmail or any Authorized Sublicensee regarding the Licensed Product. Subject to Brightmail receiving prompt written notice from Symantec of any actual or threatened claim, and further subject to Symantec providing Brightmail with complete control of the settlement and defense thereof, Brightmail shall pay resulting costs, damage awards, legal fees finally awarded, and any settlement amounts in such actions which are attributable to such claims.


6. Termination.


a. For Cause Termination. Either Party may terminate this Agreement at any time in the event that the other Party fails to perform any obligation, warranty, duty or responsibility or is in default with respect to any term or condition under this Agreement and such failure or default continues unremedied for a period of thirty (30) days (fifteen (15)) days in case of failure to make Payment) after notice of failure or default from the


15


other Party (a “For Cause Termination”) which termination shall be effective immediately after the time period to cure the default as set forth in this section has expired if the nonbreaching party has affirmatively elected to terminate the Agreement. If the resolution of the breach requires more than thirty (30) days, the breaching Party may request the other Party for additional time to remedy the breach, and both Parties agree to discuss such an extension in good faith.


b. Automatic Termination. This Agreement terminates automatically, with no further act or action of either Party, if a receiver is appointed for either Party or over either Party’s property, either Party makes an assignment for the benefit of its creditors, any proceedings are commenced by, for or against either Party under any bankruptcy, insolvency or debtor’s relief law, or either Party is liquidated or dissolved. Notwithstanding the foregoing, if Brightmail is reorganizing its entity under the bankruptcy laws and is not in breach of this Agreement, the Agreement shall not automatically terminate. If Brightmail has any change in the management or control of, or any transfer of more than twenty-five percent (25%) of Brightmail’s voting control or a transfer of substantially all its assets to a competitor of Symantec, which Symantec determines in it sole discretion is a competitor, then this Agreement shall automatically terminate on the date of a notice by Symantec of such decision as provided in writing by Symantec to Brightmail. The foregoing shall be referred to hereafter as “Automatic Termination”.


c. Disruption to Symantec’s Small Business Revenue. Symantec may terminate the Agreement, but not sooner than six (6) months from the Effective Date, if Symantec determines in its sole discretion, that Brightmail has entered into any agreement that disrupts Symantec’s anti virus small business revenue.


d. Effect of Termination.


(i) Effect on Payments and Licenses. Upon any termination of any kind and any expiration of the Term, no refunds of Payments due and/or Minimum Commitment Payments will be made to Brightmail. Further, the license granted under this Agreement to use the Licensed Product and the Documentation is immediately revoked other than subject to any applicable Run Off Periods.


(ii) Obligations of Brightmail as to Licensed Products. Brightmail, within ten (10) days, shall, at Symantec’s option, either destroy all licensed copies of the Licensed Product and Documentation, and all backups, or return them to Symantec, and certify in writing by an authorized officer of Brightmail that all copies have been destroyed and/or returned. In each instance where Brightmail has distributed the Licensed Product and/or Documentation to Authorized Sublicensees and Resellers, then Brightmail shall contractually require and enforce the requirement that the Authorized Sublicensees and Resellers destroy the Licensed Product and Documentation, and all backups, or return them to Brightmail, and certify in writing by an authorized officer of Brightmail that all copies have been destroyed and/or returned and/or that Brightmail has by way of its technology effectively prevented all further use of the Licensed Product. This obligation shall survive the termination of this Agreement.


(iii) Outstanding Invoices. The due dates of all outstanding invoices to Brightmail for Licensed Product(s) automatically will be accelerated if the termination is based on a For Cause Termination caused by Brightmail or an Automatic Termination triggered by conduct of Brightmail, so they become due and payable by immediate wire transfer on the effective date of termination or expiration, even if longer terms had been provided previously, except in the case that Symantec terminates for any disruption to its small business revenue pursuant to the terms set forth under Section X.6.c.


(iv) Cease Use of Marks and Run Off Period. Brightmail will forthwith cease, and cause each of its Authorized Sublicensees and Resellers to also cease, all use of all Symantec trademarks, and will not thereafter use any mark which is confusingly similar to any trademark associated with any Licensed


16


Product(s) with the BMI Products or BMI Service or any other products or services and contractually require the Authorized Sublicensees to do the same and also with regard to its Service and enforce the same on Symantec’s behalf. Notwithstanding the foregoing, if the Term of this Agreement expires and is not renewed, or there is any termination other than (i) an Automatic Termination for bankruptcy only or (ii) a For Cause Termination caused by Brightmail, then and only then, pursuant to the provisions set forth in this Section, Brightmail may continue for up to three (3) months after termination of this Agreement to sublicense the Licensed Product under existing agreements with Authorized Sublicensees and conditioned on the continuation of Brightmail making any Payments due to Symantec for such period of additional time, per the terms of this Agreement (the “Run Off Period”). The foregoing Run Off Period applies only if Symantec is able to deliver a functional Licensed Product and related virus definitions which shall mean for purposes of this Agreement, that the Licensed Product and the delivery of virus definitions meet the special warranty provisions set forth in this Agreement. So provided that a functional Licensed Product and virus definitions are available and Payments are current, and that no other breaches of the Agreement exist, Symantec agrees that the Run Off Period is automatically extended for another three (3) months unless Brightmail indicates it no longer needs the Run Off Period. Thereafter, given the same conditions are met again, in that a functional Licensed Product and virus definitions are available, Payments are current, and no other breach of the Agreement exists, then Symantec agrees that the Run Off Period automatically renews for yet another three (3) months, providing no more than a total of nine (9) months of Run Off Period unless Brightmail indicates it no longer needs the Run Off Period. Brightmail agrees that support is only available in any Run Off Period to Brightmail if Symantec is then supporting the Licensed Product and Brightmail is current on its support payments, if any. Brightmail agrees that the Payment obligations continue to apply to all Run Off Periods. Upon the termination of this Agreement, the Licensed Product will be promptly destroyed by Brightmail, if so approved in writing by Symantec and Brightmail will then will certify to Symantec in writing the destruction of such Licensed Product in accordance with the terms and conditions set forth in writing pursuant to which Symantec so approved such destruction. If Symantec does not approve destruction, Brightmail must return the Licensed Product at its own expense.


e. Limitation of Liability for Termination. Symantec shall not be liable to Brightmail on account of termination or expiration of this Agreement for reimbursement or damages for loss of goodwill, prospective profits or anticipated orders, or on account of any expenditures, investments, leases or commitments made by Brightmail based upon or growing out of such termination or expiration. Brightmail acknowledges and agrees that; (i) Brightmail has no expectation and has received no assurances that its business relationship with Symantec will continue beyond the stated Term of this Agreement or its earlier termination in accordance with this clause other than for any applicable Run Off Periods, that any investment by Brightmail in the promotion of the BMI Service, BMI Products or the Licensed Products will be recovered or recouped, or that Brightmail shall obtain any anticipated amount of profits by virtue of this Agreement; and (ii) Brightmail shall not have or acquire by virtue of this Agreement or otherwise any vested, proprietary or other right in the promotion of the BMI Service or in any goodwill created by its efforts hereunder. The Parties acknowledge that this clause has been included as a material inducement for Symantec to enter into this Agreement and that Symantec would not have entered into this Agreement but for the limitations of liability as set forth herein.


9. Survival of Warranties and Covenants.


The warranties, covenants and agreements contained in this Agreement, which by their nature should survive the termination of this Agreement, shall survive the termination of this Agreement and remain in full force and effect.


17


10. Relationship of the Parties.


Brightmail is a customer of Symantec, and will not have, and will not represent that it has, any power, right or authority to bind Symantec, or to assume or create any obligation or responsibility express or implied, on behalf of Symantec or in Symantec’s name. Nothing stated in this Agreement shall be construed as making partners of Brightmail and Symantec, or as creating the relationships of employer/employee, franchisor/franchisee, or principal/agent between the Parties. In all matters relating to this Agreement, neither Brightmail nor its employees or agents or Resellers are, or shall act as, employees of Symantec within the meaning or application of any obligations or liabilities to Symantec by reason of an employment relationship. Brightmail shall make no warranty, guarantee or representation, whether written or oral, on Symantec’s behalf, about the Licensed Product, the BMI Service, BMI Product or otherwise. Brightmail shall require, and enforce on Symantec’s behalf, that the agreements it has with the Authorized Sublicensee and/or Authorized Users and the agreements that the Authorized Sublicensees have with the Authorized Users, pursuant to which they receive the Service, contain commercially standard provisions for disclaiming warranties and limiting liability, which protect Brightmail’s licensors, including Symantec.


11. General.


a. Complete Agreement; Amendment. Each Party acknowledges that it has read this Agreement and all exhibits, understands them, and agrees to be bound by their terms, and further agrees that they are the complete and exclusive statement of the agreement and understanding of the subject matter of this Agreement between the Parties which supersedes all prior proposals, understandings, and all other agreements, oral and written, including the Prior Agreement, between the Parties relating to the subject matter of this Agreement. This Agreement and all exhibits hereto may not be modified or altered except by written instrument duly executed by the authorized signatories of both Parties.


b. Order Forms. In the event of any conflict between the terms and conditions of this Agreement and the terms and conditions of any order form, the terms and conditions of this Agreement and all exhibits shall control.


c. Governing Law; Consent to Jurisdiction; Costs. This Agreement and performance under this Agreement shall be governed by California law, without regard to its conflict of laws provisions and principles, regardless of the domicile of any Party. Brightmail hereby submits to the jurisdiction of the Courts in Santa Clara County, California and agrees that these shall be the sole fora to resolve all disputes under this Agreement. Brightmail agrees to pay all costs associated with the collection of any sums due under this Agreement, including attorney’s fees. Brightmail agrees that any export or re-export of Licensed Product shall be done in accordance with the United States Export Administration Regulations, and hereby takes full responsibility therefore and agrees to indemnify Symantec for any violations by Brightmail thereof in accordance with such terms set forth in this Agreement. Diversion contrary to U.S. Law is prohibited. The Licensed Product is prohibited for export or re-export to Cuba, North Korea, Iran, Iraq, Libya, Syria and Sudan or to any person or entity on the U.S. Department of Commerce Denied Persons List or on the U.S. Department of Treasury’s lists of Specially Designated Nationals, Specially Designated Narcotics Traffickers or Specially Designated Terrorists.


d. Severability. If any provision of, or clause within, this Agreement is deemed invalid by a court of competent jurisdiction, it is to that extent to be deemed omitted, unless the court can modify said provision or clause to make it valid and enforceable, in which case the provision or clause shall be so modified. The remainder of the Agreement shall be valid and enforceable to the maximum extent possible.


18


e. Assignment. Brightmail may not assign or sublicense, without the prior written consent of an authorized officer of Symantec, its rights, duties, or obligations under this Agreement to any person or entity, in whole or in part, and any such assignment or sublicense shall be void.


f. Waiver. The waiver or failure of Symantec to exercise in any respect any right provided for in this Agreement shall not be deemed a waiver of any further right under this Agreement.


g. Headings. The headings appearing at the beginning of the several clauses contained in this Agreement have been inserted for identification and reference purposes only and shall not be used in the construction and interpretation of this Agreement.


h. Notices. Notices shall be sent to the person at the address on the signing page, with a copy to General Counsel, Symantec Corporation, 20330 Stevens Creek Boulevard, Cupertino, CA 95014. All notices shall be written and sent by facsimile, overnight courier or first-class certified mail, and shall be deemed received on the earlier of actual receipt or seven (7) business days after being mailed by first class certified mail or one (1) business day after being dispatched by an internationally recognized express courier service.


i. Authority. Each Party warrants that the person signing below is authorized to bind that Party to this Agreement.


j. Counterparts. This Agreement may be signed in counterparts and delivered by facsimile, each of which will be deemed an original.


k. Symantec Company or Product Acquisitions. Brightmail understands and agrees that during the term of this Agreement, or its renewal, Symantec may acquire rights to additional products. In the event that Symantec acquires any company (or the products of any company) which has in force a reseller or distribution agreement or any other agreement with Brightmail, Brightmail hereby agrees that this Agreement shall automatically, without further action, supersede such other agreement with such other company in regard to such products after the time of Symantec’s acquisition of such company and/or product.


l. Release of Claims. Any and all known claims against Symantec arising under any prior agreements or understandings, whether oral or in writing, between Symantec and Brightmail are waived and released by Reseller by acceptance of this Agreement.


IN WITNESS WHEREOF, the Parties hereto have caused this Agreement to be executed on the date set forth below.



Brightmail

Signature:

 

/s/ Michael Irwin

  

Print Name:

 

Michael Irwin

Title:

 

Chief Financial Officer

Date:

 

March 28, 2003

Address:

 

301 Howard Street, Suite 1800

San Francisco, CA 94105


19


Symantec Corporation

Signature:

 

/s/ Dieter Giesbrecht

  

Print Name:

 

Dieter Giesbrecht

Title:

  



Date:

 

March 28, 2003

Address:

 

20330 Stevens Creek Blvd.

Cupertino, CA 95014


Symantec Limited

Signature:

 

/s/ Art Courville

  

Print Name:

 

Art Courville

Title:

 

Sr. VP, General Counsel

Date:

 

March 28, 2003

Address:

 

Ballycoolin Industrial Park,

Blanchardstown, Co.

Dublin 15, Ireland