Active Net Gateway API Product Attachment

This document is a “Product Attachment” as defined in the General Terms entered into by Client and Active and is subject to and incorporates by reference the provisions of the General Terms. This Product Attachment is effective as of the date it is “accepted” (in accordance with the Preamble to the General Terms). Any capitalized terms not defined herein have the meaning ascribed to them in the General Terms.

1. SERVICES AND LICENSE GRANT. Active hereby grants Client a limited, non-exclusive, non-transferable, royalty free license (without the right to sublicense) to use the Active Net Gateway API, which includes access to Access Codes (as defined below), (“Service(s)”) solely for the purpose of Client’s internal development efforts to develop applications to work in conjunction with Active products. For further clarification, “API” means Active technology, which may include object code, software libraries, software tools, sample source code, published specifications and other documentation. As a part of the Service, Active will provide you with the necessary API keys, secrets, tokens, passwords and/or other credentials to access the APIs (collectively, “Access Codes”). Client fully acknowledges that the API gives Client access to data stored in the Active Net product (use thereof subject to additional terms and conditions) and that portions of that data may be sensitive (“Data”). As such, the Client understands and acknowledges that certain levels of security and privacy must be met in order to use the Service and transfer and hold any Data, and Client agrees to be fully responsible for any access to the API. While Active strives to have its APIs available continuously, it cannot guarantee any up-time or other reliability measurements. Services provided hereunder are deemed delivered when access is made available to Client.

Client is responsible for maintaining the secrecy and security of the Access Codes and is fully responsible for all activities that occur using your API or Access Codes.

Client shall not (i) license, sublicense, sell, resell, transfer, assign, distribute, disclose, or otherwise commercially exploit or make available to any third party the Service in any way without Active’s prior written consent; (ii) copy, modify, or make derivative works based upon the Service, or distribute any portion of the Service; (iii) create Internet “links” to the Service or “frame” or “mirror” any content on any other server or wireless or Internet-based device; or (iv) reverse engineer or access the Service in order to (a) build a competitive product or service, (b) build a product using similar ideas, features, functions or graphics of the Service, or (c) copy any ideas, features, functions or graphics of the Service.

2. REPRESENTATIONS AND WARRANTIES. Client is responsible for any and all access to the Service and the Access Codes. Client represents and warrants that it complies with all applicable law, that it will encrypt Data to then-current industry standard levels, and that it conducts periodic risk assessments and testing of its safeguards to ensure the security, confidentiality and integrity of its system in compliance with applicable law. Client shall: (i) use the API, Access Codes, and Data exclusively for authorized and legal purposes, consistent with all applicable laws, regulations, and the rights of others, including privacy and anti-spamming laws; (ii) not use the Service to transmit, publish, or distribute any material or information: (a) for which Client does not have all necessary rights and licenses, including any material or information that infringes, violates, or misappropriates the intellectual property rights of any third party; (b) that contains a computer virus or other code, files, or programs designed to disrupt or interfere with the functioning of the Service; or (c) that is or that may reasonably be perceived as being harmful, threatening, offensive, obscene, or otherwise objectionable; (iii) keep confidential and not disclose to any third parties, and shall ensure that users keep confidential and do not disclose any user identifications, account numbers, and account profiles; (iv) not attempt to gain access to any systems or networks that connect thereto except for the express purpose of using the Service and/or Data for their intended use; (v) not allow access to the Service by anyone other than users; (vii) not rent, lease, sublicense, resell, or provide access to the Service on a time-share or service bureau basis. Client shall notify Active immediately of any unauthorized use of the Access Codes and use best efforts to immediately stop any unauthorized access.

3. TERM. Notwithstanding Section 6.1 of the General Terms, the term of this Product Attachment shall commence on the Effective Date and shall continue in force thereafter for the duration set forth in the applicable Schedule, unless modified or terminated as provided herein.

4. INDEMNITY AND RELEASE. Client understands that it is now the holder of the Access Codes and accepts all responsibility for the same and further releases Active from any and all liability with regard to the access to the API, as well as access to the Data and any transfer thereof. Client releases, relieves, indemnifies and forever discharges Active from any and all liability whatsoever for (a) any access to the API, Access Codes or Data not authorized by Active or (b) loss of or damage to Data that Client may sustain including but not limited to claims, demands, actions, causes of action, judgments, damages, expenses and costs which arise out of, result from, occur or are connected in any manner (i) with the Data and the transfer thereof, and (ii) with any act or omission of the Client and its affiliates and the employees, representatives, agents, and independent contractors of each of them, related to this Agreement.

5. FEES. Fees, currency, and payment terms are specified in the applicable Schedule.

6. USAGE LIMITATIONS. Active may limit the number of network calls that you may make via the APIs. Usage limits are based on the subscription plan as set forth on the applicable Schedule. In addition to its other rights under this Product Attachment, Active may utilize technical measures to prevent over-usage and/or stop usage of the APIs after any usage limitations are exceeded. If no limits are stated in the Schedule, you nevertheless agree to use the APIs in a manner that, as determined by Active in our sole discretion, does not exceed reasonable request volume or does not constitute excessive or abusive usage.

7. SECURITY MEASURES. Your networks, operating system and the software of your web server(s), routers, databases, and computer systems (collectively, “System” or “Systems”) must be properly configured to Internet industry standards as required to securely operate. You agree to access and handle the Service in a secure manner. You must promptly report any security deficiencies in or intrusions to your Systems that you discover to Active in writing. You will work with Active to immediately correct any security deficiency, and will disconnect immediately any intrusions or intruder. In the event of security deficiency or intrusion involving the Service, you will make no public statements (i.e., press, blogs, bulletin boards, etc.) without prior written and express permission from Active in each instance.