Master Service Agreement (MSA)

LEGAL

Please direct all legal correspondence to the following:

Zebrahost LLC

6165 NW 86th ST, STE 2348 Johnston, IA 50131

Phone 515.418.9339

This Master Service Agreement (“MSA”) shall constitute a binding contractual agreement between Zebrahost LLC, an Iowa corporation, ("Zebrahost"), and the subscriber of services ("Customer"). The MSA shall include the Terms of Service (“TOS”), Acceptable Use Policy (“AUP”), Service Level Agreement (“SLA”), Privacy Agreement (“PA”), and any applicable addendum. Customer agrees to be bound to all agreements in this MSA.

Note: Zebrahost reserves the right to supplement and/or amend, at any time, the terms and conditions of its MSA, including the TOS, AUP, SLA, PA, and any applicable addendum. Zebrahost will notify its Customers through the customer portal of any changes affecting cancellation, payment of fees, or the SLA. It is the Customer’s responsibility to review Zebrahost’s policies on a frequent basis to ensure compliance because the MSA in place during your most current month applies, not the MSA which was in place when you registered. Changes requested by Customer to any of these agreements or to the MSA must be agreed to in writing by Zebrahost.

Terms of Service (TOS)

1. Term and Termination: Unless requesting Hourly Services (as defined in paragraph 4 below) or otherwise agreed to by the parties in writing, Customer agrees to a month-to-month contract term for services. The month-to-month contract for services is automatically renewed each month in perpetuity subject to written cancellation by (a) Customer in accordance with this MSA and (b) Zebrahost upon providing Customer with notice of non-renewal at least ten (10) days prior to the expiration of any renewal term. Please carefully review Zebrahost’s cancellation policy set forth in Paragraph 9 below. Zebrahost may terminate this MSA and any related services (1) immediately (a) upon non-payment as set forth in paragraph 11 below, (b) if Customer violates paragraph 15 (Permitted Use) of the TOS, or (c) if Customer violates any terms and conditions of the AUP or (2) upon any other breach of this MSA that is not cured upon receiving notice.

2. Monthly Service Fees: Fees for service(s) ordered by the Customer shall begin on the date of the initial order and that date shall serve as the monthly anniversary date (“Anniversary Billing Date”) for all future billings including one time fees, upgrades, additional services, cancellations and service credits. Fees are due in advance of the monthly service cycle and will be billed on the anniversary date of each month.

3. Upgrade Fees: Upgrades ordered on the Anniversary Billing Date will be billed for a full month service and will continue each month on the Anniversary Billing Date. Upgrades ordered after the normal Anniversary Billing Date will be pro-rated to the next anniversary date and billed as a one-time pro-rata charge. Future charges will appear as full monthly fees added to your existing Anniversary Billing Date.

4. Hourly Service Fees: For any services offered by Zebrahost on an hourly basis (“Hourly Services”), Customer shall specify the period of time for which the Hourly Services are requested, or cancel at any time. The minimum period of time for which Hourly Services may be requested is one (“1”) hour and Customer will be billed in full hourly increments, and no breakdown by minutes shall be permitted. Unless otherwise specifically stated in the MSA, Customers who request Hourly Services agree to all terms and conditions in Zebrahost’s MSA, including but not limited to these TOS and the AUP. Customers will be billed for Hourly Services and receive any SLA credits, if applicable, on the Anniversary Billing Date (as set forth and defined in paragraph 2 above).

5. Additional Service Fees: Additional services, not including Hourly Services, ordered on the Anniversary Billing Date will be billed for the full month service and will continue each month on the Anniversary Billing Date. Additional services ordered after the normal Anniversary Billing Date will be pro-rated to the next anniversary date and billed as a one-time pro-rata charge. Future charges will appear as full monthly fees added to your existing Anniversary Billing Date.

6. One Time Fees: One time fees, such as setup fees, administrative fees and late fees are due and payable at the time they are incurred, and/or agreed upon in writing or via ticket with Zebrahost’s approval. One time fees, such as bandwidth overages and Storage overages are due and payable upon an invoice following the billing cycle in which they are incurred, and are based on standard rates, or as otherwise agreed upon in writing or via ticket with Zebrahost’s approval.

7. Taxes: All prices and fees specified in or referred to in this MSA are stated exclusive of any tax, including withholding tax, sales, use, value added, levies, import and custom duties, excise or other similar or equivalent taxes imposed on the supply of services. Any taxes, sales, use, levies, excise, withholding taxes or similar charges, direct or indirect, applicable or to become applicable, which are levied as a result of the supply of the services shall be borne by the Customer. Neither party shall be liable for the other party’s taxes based on income. If withholding tax applies to any payments for services made under this MSA, the Customer may withhold that element that is required under the applicable legislation but must pay an additional amount to ensure that the full value of the invoice is remitted and must notify Zebrahost prior to payment that withholding tax is required to be paid. The parties undertake to co-operate, where possible, to minimize the amount of withholding tax due by making advance clearance applications under the relevant double taxation treaties (where applicable) to the relevant tax authority to reduce the rate of withholding tax or exempt entirely this amount if applicable. In any event, the Customer undertakes to account for any tax withheld to the tax authorities on a timely basis.

8. Service Credits: SLA credits will be issued to your Customer account and shall be used to offset future billable services. SLA credits shall not be issued as cash back to the Customer nor shall the service credits be transferable to other account holders. SLA credits shall expire if Customer’s account is fully terminated.

9. Cancellation: Because cancellation is automated, Zebrahost requires a written cancellation notice via the customer portal, a minimum of twenty-four (“24”) hours prior to 00:00:01 CST (GMT-6) on the Anniversary Billing Date for discontinuance or downgrades of month-to-month services. Failure to supply the requisite twenty-four (“24”) hours written notice of cancellation will result in a full billable monthly cycle prior to cancellation. Any server cancellation prior to the minimum deadline will remain online until the automated process reclaims your server on the Anniversary Billing Date. Notice of written cancellation is required through the online customer portal located at https://portal.zebrahost.com. All Customer data remaining after the cancellation date will be destroyed for security and privacy reasons, unless otherwise required by law.

10. Refunds & Disputes: All products or services rendered by Zebrahost are non-refundable. This includes, but is not limited to: setup fees, one time fees, monthly service fees, upgrade fees, additional service fees, administrative fees, and late fees. Customers seeking to resolve billing errors are instructed to open an accounting ticket inside the Customer portal located at https://portal.zebrahost.com. Customer agrees not to chargeback any credit card payments for services rendered. A chargeback of payment for services rendered will result in an additional charge of one hundred fifty dollars (“$150”) and will be subject to collection by an authorized collection agency. Customer is responsible for any fees and costs (including, but not limited to, reasonable attorneys’ fees, court costs and collection agency fees) incurred by Zebrahost in enforcing collection.

11. Non-Payment: All payments are due in full on the Anniversary Billing Date. Failure to remit payment for services on the Anniversary Billing Date is a violation of the TOS. Failure to remit payment for five (“5”) consecutive days, including the Anniversary Billing Date, shall result in a termination of public access to Customer services. Customer acknowledges and agrees that Zebrahost may invoice for products and services in accordance with Zebrahost’s business policies or procedures. Customer will, however, be permitted access to data and services through the service network. Failure to remit payment for services within seven (“7”) consecutive days, including the Anniversary Billing Date, shall result in termination of access to the service network and all services shall be reclaimed. A late fee of twenty dollars (“$20”) will be incurred for failure to remit payment for services on or before the monthly Anniversary Billing Date. A fifty dollar (“$50”) reconnect fee will be incurred for failure to remit payment for services after public access has been disconnected. All Customer data remaining after seven (“7”) days of non- payment will be destroyed for security and privacy reasons, unless otherwise required by law.

12. Data: Zebrahost agrees to use best efforts and commercially reasonable best practices when deploying services related to data integrity, backup, security, and retention. These services include, but are not limited to: hard drive storage, raid hard drive arrays, network attached storage, storage area networks, operating system installs, operating system reloads, customer portal information, and other situations involving customer data. Customer assumes ultimate responsibility for data integrity, retention, security, backup, and ownership. In the event that Zebrahost handles Customer data, i.e., when replacing hard drives, Zebrahost will act in accordance with PCI guidelines to ensure data is securely handled. If Customer is involved in any data transfer(s) (whether in connection with its business or otherwise), then Customer must ensure that it complies with any applicable rules, laws, regulations, or the like in any and all applicable regions or countries.

13. International Data Privacy: Customer is responsible for any processing or international transfer of personal information included in the Customer data and agrees to comply with any rules, laws, regulations or the like in any and all applicable regions or countries in this respect. To the extent personal information is subject to rules, laws, regulations or the like implementing the EU Data Protection Directive 95/46/EC, Zebrahost will be considered a "data processor" and will as such act on Customer's instructions and implement security measures in accordance to the TOS and other applicable contracts between parties.

14. Identity Use: Customer agrees to use the Zebrahost logo, Zebrahost information, and/or related services in accordance with Zebrahost’s approved marketing guidelines. Zebrahost agrees not to use Customer logos without prior written consent of Customer.

15. Permitted Use: By accepting the MSA, Customer agrees to use Zebrahost’s services solely for their intended purposes. CUSTOMER SPECIFICALLY AGREES NOT TO TAMPER WITH, MAKE DERIVATIVE WORKS OF, REVERSE COMPILE, REVERSE ENGINEER AND/OR DISASSEMBLE ANY OF ZEBRAHOST’S SOFTWARE OR FILES. If Customer violates or exceeds the Permitted Use, Zebrahost reserves the right to immediately terminate Customer’s account and will pursue any and all legal remedies available.

16. LAWS: CUSTOMER AGREES TO ABIDE BY ALL LOCAL, STATE, AND FEDERAL LAWS PURSUANT TO SERVICES DELIVERED IN WEST DES MOINES, IOWA, UNITED STATES OF AMERICA. THIS AGREEMENT IS MADE UNDER AND WILL BE CONSTRUED IN ACCORDANCE WITH THE LAWS OF THE STATE OF IOWA, WITHOUT REGARD TO CONFLICT OF LAW PRINCIPLES. EXCLUSIVE VENUE AND JURISDICTION FOR ANY AND ALL LEGAL REMEDIES ARISING OUT OF OR RELATED TO THIS AGREEMENT SHALL BE POLK COUNTY, WEST DES MOINES, IOWA. EACH PARTY IRREVOCABLY CONSENTS TO THE FOREGOING JURISDICTION AND VENUE REQUIREMENTS AND WAIVES ANY AND ALL OBJECTIONS TO SUCH REQUIREMENTS.

17. INDEMNIFICATION: CUSTOMER AGREES TO INDEMNIFY AND HOLD HARMLESS ZEBRAHOST, ZEBRAHOST’S AFFILIATES, AND ITS RESPECTIVE OFFICERS, DIRECTORS, ATTORNEYS, AGENTS, AND EMPLOYEES FROM AND AGAINST ANY AND ALL CLAIMS, DEMANDS, LIABILITIES, OBLIGATIONS, LOSSES, DAMAGES, PENALTIES, FINES, PUNITIVE DAMAGES, AMOUNTS IN INTEREST, EXPENSES AND DISBURSEMENTS OF ANY KIND AND NATURE WHATSOEVER (INCLUDING REASONABLE ATTORNEYS' FEES) BROUGHT BY A THIRD PARTY UNDER ANY THEORY OF LEGAL LIABILITY ARISING OUT OF OR RELATED TO CUSTOMER’S CONTENT, ILLEGAL ACTIVITY AND/OR ACTUAL OR ALLEGED INFRINGEMENT OR MISAPPROPRIATION OF A THIRD PARTY'S COPYRIGHT, TRADE SECRET, PATENT, TRADEMARK, OR OTHER PROPRIETARY RIGHT.

18. LIMITATION OF LIABILITY: EXCEPT AS DESCRIBED IN THE SLA, ZEBRAHOST SHALL NOT BE LIABLE TO CUSTOMER FOR HARM CAUSED BY OR RELATED TO CUSTOMER'S SERVICES OR INABILITY TO UTILIZE THE SERVICES UNLESS CAUSED BY GROSS NEGLIGENCE OR WILLFUL MISCONDUCT. ZEBRAHOST SHALL NOT BE LIABLE TO CUSTOMER FOR LOST PROFITS, INDIRECT, SPECIAL OR INCIDENTAL, CONSEQUENTIAL OR PUNITIVE DAMAGES. NOTWITHSTANDING ANYTHING ELSE IN THIS MSA, THE MAXIMUM AGGREGATE LIABILITY OF ZEBRAHOST AND ANY OF ITS EMPLOYEES, AGENTS OR AFFILIATES, UNDER ANY THEORY OF LAW SHALL NOT EXCEED THE AMOUNT PAID BY THE CUSTOMER FOR HOSTING SERVICES FOR THE SIX MONTHS PRIOR TO THE OCCURRENCE OF THE EVENT(S) GIVING RISE TO THE CLAIM. EXCEPT AS OTHERWISE PROVIDED IN THIS MSA, ZEBRAHOST PROVIDES ALL PRODUCTS AND SERVICES “AS IS”, WITHOUT WARRANTY OF ANY KIND, WHETHER EXPRESS, OR IMPLIED AND DISCLAIMS ALL IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABIILTY OF FITNESS FOR A PARTICULAR PURPOSE. CUSTOMER SHALL BE SOLELY RESPONSIBLE FOR THE SELECTION, USE, AND SUITABILITY OF THE PRODUCT AND SERVICES, AND ZEBRAHOST SHALL HAVE NO LIABILITY ASSOCIATED WITH THE FOREGOING.

19. Arbitration: Any controversy or claim arising from service or related to this MSA or breach therein in excess of five hundred dollars (“$500”) shall be settled by arbitration in accordance with the commercial arbitration rules of the American Arbitration Association. The venue and jurisdiction requirements set forth above apply to any arbitration proceedings. The resulting judgment rendered by a licensed arbitrator may be entered in any court having valid jurisdiction.

20. Waiver: Except as otherwise provided in this MSA, no failure or delay by either party to enforce any right or remedy available under this MSA shall constitute a waiver of such right or remedy or a waiver of any other right or remedy.

21. Language: The official language of this MSA shall be the English language and no translation into any other language may be used in its interpretation. All services, support, notices, designations, specifications, and communications will be provided in the English language.

22. Third Party Beneficiary: Except for Customer, Zebrahost or an affiliated entity of Zebrahost, or Apple and Apple’s subsidiaries as provided in paragraph 8 of the “Note” section in the TOS, a person who or which is not a party to this MSA shall have no right to enforce any term of this MSA.

23. Force Majeure: A party is not liable for non-performance or delay in performance of this MSA, other than payment obligations, if the non-performance or delay is due to any occurrence or contingency beyond its reasonable control including but not limited to acts of God, insurrection or civil disorder, war or military operations, national or local emergency, acts of government having general affect, changes of the regulatory environment, industrial disputes of any kind, tsunami, flood, landslide, earthquake, fire, explosion, civil commotion, blockade, terrorism, revolution, sabotage, piracy, epidemic, quarantine restrictions, import or export delays beyond that which is considered reasonable, or defaults of Zebrahost’s suppliers or subcontractors due to any of the above causes.

24. Severability: If any provision of this MSA shall be held to be illegal, void, invalid, or unenforceable under the laws of any jurisdiction, the legality, validity, and enforceability of the remainder of this MSA in that jurisdiction shall not be affected, and the legality, validity, and enforceability of the whole of this MSA in any other jurisdiction shall not be affected.

25. Assignment: Zebrahost shall have the full right to assign, transfer, and/or subcontract any of its rights and obligations under the MSA.

26. Legal Compliance: By accepting this MSA, Customer represents and warrants that (i) he/she is not located in a country that is subject to a U.S. Government embargo, or that has been designated by the U.S. Government as a “terrorist supporting” country; and (ii) he/she is not listed on any U.S. Government list of prohibited or restricted parties. Customer further represents and warrants that he/she has full authority and power to execute this Agreement on behalf of the Company he/she represents, if any. Additionally, Customer warrants that he/she is at least eighteen (“18”) years of age or older and are not otherwise legally incapacitated to execute this Agreement.

27. Electronic Signature: Acceptance by Customer of the MSA incorporating the TOS, AUP, SLA, PA, and any applicable addendum hereby initiates billable services and is deemed complete by agreement to the terms as described on the online signup form(s) and completion of the ordering process. NOTE: If Customer downloads or uses any Zebrahost applications (“Licensed Application”) that run on the Apple Inc. (“Apple”) operating system (“iOS”), such as with the iPhone, iPod touch, iPad or other related device using such iOS, the following terms apply and Customer must agree to and acknowledge these terms in addition to those contained in Zebrahost’s Master Service Agreement:

1. Acknowledgement: Zebrahost and Customer acknowledge that the Master Service Agreement (“MSA”), also commonly referred to as the End User License Agreement (“EULA”), is concluded between Zebrahost and Customer only, and not with Apple Inc. (“Apple”), and Zebrahost, not Apple, is solely responsible for the Licensed Application and the content thereof. Zebrahost’s MSA requirements and usage rules for Licensed Applications are not less restrictive than the Usage Rules set forth for Licensed Applications in, and are not otherwise in conflict with, the App Store terms of service as of the Effective Date, which Zebrahost and Customer acknowledge having had the opportunity to review.

2. Scope of License: The license granted to Customer for the Licensed Application is limited to a non-transferable license to use the Licensed Application on any iOS that Customer owns or controls and as permitted by the Usage Rules set forth in the App Store terms of service (http://www.apple.com/legal/itunes/appstore/dev/stdeula/).

3. Maintenance and Support: Zebrahost is solely responsible for providing any maintenance and support services with respect to the Licensed Application, as specified in the EULA, or as required under applicable law. Zebrahost and Customer acknowledge that Apple has no obligation whatsoever to furnish any maintenance and support services with respect to the Licensed Application.

4. Warranty: Zebrahost is solely responsible for any product warranties, whether express or implied by law, to the extent not otherwise disclaimed. In the event of any failure of the Licensed Application to conform to any applicable warranty, Customer may notify Apple, and Apple will refund the purchase price for the Licensed Application to Customer; and that, to the maximum extent permitted by applicable law, Apple will have no other warranty obligation whatsoever with respect to the Licensed Application, and any other claims, losses, liabilities, damages, costs or expenses attributable to any failure to conform to any warranty will be Zebrahost’s sole responsibility.

5. Product Claims: Zebrahost and Customer acknowledge that Zebrahost, not Apple, is responsible for addressing any claims of Customer or any third party relating to the Licensed Application or Customer’s possession and/or use of that Licensed Application, including, but not limited to: (i) product liability claims; (ii) any claim that the Licensed Application fails to conform to any applicable legal or regulatory requirement; and (iii) claims arising under consumer protection or similar legislation. Zebrahost’s MSA does not limit its liability to Customer beyond what is permitted by applicable law.

6. Intellectual Property Rights: Zebrahost and Customer acknowledge that, in the event of any third party claim that the Licensed Application or Customer’s possession and use of that Licensed Application infringes that third party’s intellectual property rights, Zebrahost and/or Customer, not Apple, will be solely responsible for the investigation, defense, settlement and discharge of any such intellectual property infringement claim.

7. Contact Information: Any Customer questions, complaints or claims with respect to the Licensed Application should be directed to:

ZebraHost LLC
6165 NW 86th ST, STE 2348
Johnston, IA 50131
Phone: 515.418.9339

8. Third Party Beneficiary: Zebrahost and Customer acknowledge and agree that Apple, and Apple’s subsidiaries, are third party beneficiaries of the EULA, and that, upon Customer’s acceptance of the terms and conditions of the EULA, Apple will have the right (and will be deemed to have accepted the right) to enforce the EULA against Customer as a third party beneficiary thereof.

Service Level Agreement (SLA)

The SLA is incorporated into the MSA and applicable to all services delivered directly to Customers of Zebrahost. The SLA is not applicable to unrelated third parties or third parties lacking privacy of contract with Zebrahost. The uptime guarantees and the resulting SLA credits are applied in monthly terms unless specified otherwise. To ensure that Zebrahost is providing optimal services to its Customers, Zebrahost is required to perform scheduled maintenance, from time to time, on the network, customer portal, and hardware. Any downtime resulting from any such scheduled maintenance or any event of Force Majeure does not qualify for SLA credit(s). All SLA guarantees and information listed below are made in good faith and are subject to standard contract remedies. Note: SLA credits for Hourly Services will be calculated and applied based on the same monthly calculation used for the month-to-month contracts.

SLA Credit Claim: To properly claim an SLA credit due, the Customer’s master administrative user must open an SLA ticket located inside the Customer portal at https://portal.zebrahost.com within seven (“7”) days of the purported outage. Customer must include service type, IP Address, contact information, and full description of the service interruption including logs, if applicable. The SLA claim will be researched by the appropriate Zebrahost department manager and any credit issued will be issued to accounting and the ticket will be updated. SLA credits are issued as service credits on future billing cycles. SLA credits shall not be bartered or traded with other Zebrahost customers. Please allow up to fourteen (“14”) days for the process of SLA claims. Customer acknowledges that the maximum amount of SLA credit that may be used for any particular month cannot exceed the total monthly service fee amount for such month.

SLA Claim Fault: Customers currently in arrears for monthly services do not qualify for SLA claims. Customers who have been in payment arrears three (“3”) or more times in the previous twelve (“12”) months do not qualify for SLA claims. Valid SLA claims will not be credited to the Customer’s accounts until all abuse issues are resolved. Any Customer making false or repetitive claims will incur a one-time charge of fifty dollars (“$50”) per incident for such claims. False or repetitive claims are also a violation of the TOS and may be subject to service suspension. Customers participating in malicious or aggressive internet activities, thereby causing attacks or counter-attacks, do not qualify for SLA claims and shall be deemed in violation of the AUP.

Public Network: Zebrahost guarantees one hundred percent (“100%”) uptime on all Public Network services to Customers located in our data centers. Except for service downtimes resulting from Customer’s fault, and provided Customer follows the proper procedures for service credit claims as set forth in this SLA, for each continuous, uninterrupted thirty (“30”) minute interval of Public Network service downtime that Customer experiences during an applicable month, Zebrahost agrees to grant to Customer a SLA credit equal to five percent (“5%”) of the Customer’s monthly service fees for that month. Public Network service downtimes of less than thirty (“30”) continuous, uninterrupted minutes do not qualify for this service credit, and the Customer cannot combine or augment Public Network or other service-related downtimes to satisfy such downtime requirement. All Public Network services include redundant carrier grade internet backbone connections, traffic analysis, and detailed bandwidth graphs.

Private Network: Zebrahost guarantees one hundred percent (“100%”) uptime on the Private Network services to Customers located in our data centers. Except for service downtimes resulting from Customer’s fault, and provided Customer follows the proper procedures for service credit claims as set forth in this SLA, for each continuous, uninterrupted thirty (“30”) minute interval of Private Network service downtime that Customer experiences during an applicable month, Zebrahost agrees to grant to Customer a SLA credit equal to five percent (“5%”) of the Customer’s monthly service fees for that month. Private Network service downtimes of less than thirty (“30”) continuous, uninterrupted minutes do not qualify for this service credit, and the Customer cannot combine or augment Private Network or other service-related downtimes to satisfy such downtime requirement. All Private Network services include access to the secure VPN connection, unlimited bandwidth between servers, unlimited uploads/downloads to servers, access to contracted services, traffic analysis, and detailed bandwidth graphs.

Redundant Infrastructure: Zebrahost guarantees one hundred percent (“100%”) uptime on the power and HVAC services to Customers located in our data centers. All computer equipment and related services are served by redundant UPS power units with backup onsite diesel generators. Except for service downtimes resulting from Customer’s fault, and provided Customer follows the proper procedures for service credit claims as set forth in this SLA, for each continuous, uninterrupted thirty (“30”) minute interval of power and HVAC service downtime that Customer experiences during an applicable month, Zebrahost agrees to grant to Customer a SLA credit equal to five percent (“5%”) of the Customer’s monthly service fees for that month. Power and HVAC service downtimes of less than thirty (“30”) continuous, uninterrupted minutes do not qualify for this service credit, and the Customer cannot combine or augment power and HVAC or other service-related downtimes to satisfy such downtime requirement.

Hardware: Zebrahost guarantees the replacement of failed hardware and hardware components located within our data centers. Zebrahost guarantees a failed hardware component will be replaced within two (“2”) hours of Customer notification in the trouble ticketing system. Replacement of failed hardware does not include time required to reload the operating system or applications. Specific guarantees with SLA information are listed in Table A below.

Hardware Upgrades: Zebrahost guarantees hardware upgrades will commence and complete within two (“2”) hours of scheduled hardware upgrade maintenance windows. Hardware upgrades must be scheduled and confirmed in advance through the online ticketing system. Failure to install the hardware within the two (“2”) hour time will result in a waiver of any onetime installation fees. Extended hardware installation times from initial upgrade commencement shall result in SLA credits for the recurring fee associated with the hardware upgrade. These time and SLA credits are listed in Table B below.

Acceptable Use Policy (AUP)

General Statement: Zebrahost is dedicated to the unrestricted free transmission of information via the internet and its many resources. Our goal is to deliver enterprise quality on-demand IT services to all of our Customers while serving as the medium of exchange for transmission of all information. The storage, distribution, and exchange of information (content) are the internet's single most valuable feature. Zebrahost is dedicated to protecting the source and distribution of information and protecting the rights and privileges of those utilizing it. Zebrahost does not purport to be the content police; our duty in the process of information dissemination is simply to act as conduit between interested parties. Zebrahost follows all local, state and federal laws pursuant to the services delivered over the internet and directly related to our network and internal systems. The purpose of this AUP is to inform all Customers of acceptable, anticipated Customer use. Due to the myriad of possibilities in maintaining a network comprised of thousands of servers, this AUP is intended to act as a guideline to service and not to be all encompassing.

Public Network: The primary purpose of the Zebrahost Public Network is to transmit information (packets) to and from Customer servers and data storage services. Proper use of the Public Network is to utilize the network in any way so long as Customer does not violate any local, state, or federal laws or generate harm to the network or interfere with the use of services of other users utilizing the same network. All Customers are granted equal access to the Public Network. Violation, misuse, or interference of the public network shall be considered a violation of the AUP and shall trigger the Methods of Resolution under this AUP as set forth below in Table C.

Private Network: The primary purpose of the Zebrahost Private Network is to allow secure private network connectivity to the private backend network directly connecting Customer servers and Zebrahost delivered services. Proper use of the Private Network is the upload/download of content, server administration, transmission of information between servers, transmission of information between servers and Zebrahost servers, secure private administration of services, data retrieval, console access, and true out of band management of their entire IT environment. The Private Network can also be utilized for service access during periods of non-payment, copyright infringement, spam abuse, service interruption or other instances requiring server administration. All Customers are granted equal access to the private secure network to securely manage their services. Connectivity to the Private Network is granted on an unrestricted basis in eight (8) hour increments. Dedicated connections to the Private Network are available through the sales team. Violation, misuse, or interference of the Private Network shall be considered a violation of the AUP and shall trigger the Methods of Resolution under this AUP as set forth below in Table C.

Security Services: The primary purpose of the Zebrahost standard security services is to assist the Customer in the protection, management, update, and overall stability of the outsourced IT environment. Zebrahost also monitors all aggregate network traffic via Arbor networks and router netflow statistics for traffic analysis. Zebrahost also supplies Microsoft update servers and Red Hat update servers located on the Private Network for private secure update services. These services are included free of charge and are intended to assist Customers in the OS management of their servers. Other security services offered for a fee are covered via the terms of the individual services. These services include, but are not limited to: firewalls, host IDS, service monitors and other similar type products and services. Outside of the global network security services described above, Customers are required and obligated to maintain security related to Customer managed servers. The management of dedicated servers requires basic security management including password management, port management, OS updates, application updates, security policy settings and more. The Customer is ultimately responsible for individual server security unless contracted security services are purchased. Any violation of the security services included in basic services will be addressed pursuant to the Methods of Resolution under this AUP as set forth below in Table C.

Server Content: Zebrahost does not actively monitor dedicated server content for review. Zebrahost believes in the free dissemination of information via our services. Dedicated server content will only be reviewed upon complaint by verified third parties. Content that does not violate local, state and federal law or the AUP is deemed in compliance and shall remain intact. Legal adult content is allowed on Zebrahost dedicated servers. Content deemed in violation will be addressed pursuant to the Methods of Resolution under this AUP as set forth below in Table C.

DNS Services: Zebrahost supplies redundant domain names services for all Customers purchasing dedicated services. These services include the use of authoritative name servers for public resolution of domain names and private domain name resolvers located on the private service network. The DNS services are fully managed and maintained by Zebrahost with Customer specific domain name management through the online Customer portal. In rare instances, where extreme intensive loads (DNS lookups) utilize disproportionate resources of the redundant DNS systems, Zebrahost will notify Customer of potential violation of this AUP. Customers requiring such DNS services will be instructed to perform dedicated DNS services on Customer- managed equipment. Violation of DNS services shall trigger the Methods of Resolution under this AUP as set forth below in Table C.

IP Addresses: The IP Address Policy (“IP Policy”), which may be changed from time to time at Zebrahost’s sole discretion, is incorporated into this MSA by reference and provides additional terms and conditions relating to IP Addresses. Customer acknowledges and agrees to adhere to the IP Policy. All Internet Protocol (IP) Addresses are owned and managed by Zebrahost. IP Addresses are non-transferable from Zebrahost, and Customer retains no ownership or transfer rights to IP Addresses. All IP Addresses are assigned by the Zebrahost engineering team on a per VLAN, per server basis. Attempted use of IP addresses not originally allocated for use or IP addresses use on non-assigned VLANs or servers is a violation of this AUP. Violation of the IP Address policy shall trigger the Methods of Resolution under this AUP as set forth below in Table C. Private IP assignments are available to qualified Customers.

IRC: Zebrahost allows the use of private Internet Relay Chat (IRC) servers for communication among private parties. Zebrahost absolutely prohibits the use of IRC servers connected to public IRC networks or servers. IRC servers that result in interference of service, malicious network activity or increased demand on network security services are in direct violation of this AUP. Violation of the IRC policy shall trigger the Methods of Resolution under this AUP as set forth below in Table C.

Peer to Peer: Zebrahost allows the use of internet Peer-to-Peer software for file sharing purposes. Zebrahost highly recommends strict oversight and management of Peer-to-Peer software environments due to the propensity to violate copyright law by sharing commercial software or copyright protected material. The sharing of copyright protected software and material is NOT allowed and is in direct violation of federal law and this AUP. Violation of the Peer to Peer policy shall trigger the Methods of Resolution under this AUP as set forth below in Table C.

Bit Torrent and Point-to-Point Software: Zebrahost allows the use of Bit Torrent and Point-to-Point (“P2P”) software protocols on the public network. Zebrahost highly recommends strict oversight and management of Bit Torrent and P2P software environments due to the propensity to violate copyright law by sharing commercial software or copyright protected material. The sharing of copyright protected software and material is NOT allowed and is in direct violation of federal law and this AUP. Violation of the Bit Torrent and/or P2P policy shall trigger the Methods of Resolution under this AUP as set forth below in Table C.

The following list represents per se direct violations of this AUP and will be subject to immediate redress under one or more of the Methods of Resolution as described in this AUP and as set forth below in Table C. Note: Zebrahost is not required to follow the Methods of Resolution for Hourly Services, and reserves the right to immediately terminate Hourly Services based on violations of this AUP.

1. Copyright and Trademark Infringement: Direct copyright infringement (as defined and noted under Title 17, Section 512 of the United States Code) and trademark infringement are direct violations of Zebrahost’s AUP.

2. Unsolicited Email: The sending or receiving of mass unsolicited email (SPAM) is a direct violation of Zebrahost’s AUP. This includes the direct sending and receiving of such messages, support of such messages via web page, splash page or other related sites, or the advertisement of such services.

3. Email Bombing: The sending, return, bouncing or forwarding of email to specified user(s) in an attempt to interfere with or over flow email services is a direct violation of Zebrahost’s AUP.

4. Proxy Email (SPAM): The use of dedicated services to proxy email unsolicited users is a direct violation of Zebrahost’s AUP. Proxy email is defined as the use of dedicated services to act in concert with other services located inside and outside the network to achieve mass unsolicited email (SPAM) to unrelated third parties.

5. UseNet SPAM: The use of dedicated services to send, receive, forward, or post UseNet unsolicited email or posts is a direct violation of Zebrahost’s AUP. This includes UseNet services located within the Zebrahost network or unrelated third party networks.

6. Illegal Use: Any use of dedicated services in a manner which is defined or deemed to be statutorily illegal is a direct violation of Zebrahost’s AUP. This includes, but is not limited to: death threats, terroristic threats, threats of harm to another individual, multi-level marketing schemes, "ponzi schemes", invasion of privacy, credit card fraud, racketeering, and other common illegal activities.

7. Child Pornography: Zebrahost has a zero-tolerance policy on child pornography and related sites. The hosting of child pornography or related sites or contact information is in direct violation of federal law and Zebrahost’s AUP.

8. Threats & Harassment: The Zebrahost network can be utilized for any type of individual, organizational or business use. This does not include threats to or harassment of individuals, organizations or businesses, unless it falls within the bounds of protected free speech under the First Amendment of the United States Constitution. Zebrahost seeks to serve only as the medium of exchange for information and refrains from decisions on freedom of speech.

9. Fraudulent Activities: Zebrahost prohibits utilizing dedicated services or network services for fraudulent activities. Participation in fraudulent activities is in direct violation of state and federal law and Zebrahost’s AUP.

10. Denial of Service: Zebrahost absolutely prohibits the use of dedicated services or network services for the origination or control of denial of service attacks or distributed denial of service attacks. Any relation to DOS or DDOS type activity is a direct violation of Zebrahost’s AUP.

11. Terrorist Websites: Zebrahost prohibits the use of dedicated services for the hosting of terrorist-related web sites. This includes sites advocating human violence and hate crimes based upon religion, ethnicity, or country of origin.

12. Distribution of Malware: Zebrahost prohibits the storage, distribution, fabrication, or use of malware, including without limitation, virus software, root kits, password crackers, adware, key stroke capture programs and other programs normally used in malicious activity. Programs used in the normal ordinary course of business are deemed acceptable. Example: Security Company hosting at Zebrahost analyzes the latest root kit for new security analysis/software.

13. Phishing: Zebrahost strictly prohibits any activity associated with Phishing or systems designed to collect personal information (name, account numbers, usernames, passwords, etc.) under false pretense. Splash pages, phishing forms, email distribution, proxy email or any relation to phishing activities will result in immediate removal.

14. HYIP or Ponzi Schemes: High Yield Investment Plans or Ponzi schemes with the intent to defraud end users are illegal and not allowed on the network. This includes hosting, linking and or advertising via email websites or schemes designed to defraud.

15. Zebrahost will comply with and respond to jurisdictionally valid (as Zebrahost determines in its sole discretion) subpoenas, warrants, and/or court orders. If allowed, Zebrahost will forward such subpoenas, warrants, and/or orders to Customer and Customer may respond; however, Zebrahost reserves the right to respond as long as it is the named party in such subpoena, warrant, and/or order.

Reporting Violation of the Acceptable Use Policy: Zebrahost accepts reports of alleged violations of this AUP via email sent to abuse@zebrahost.com. Reports of alleged violations must be verified and must include the name and contact information of the complaining party, and the IP address or website allegedly in violation, and description of the violation. Unless otherwise required by law, such as the DMCA, Zebrahost owes no duty to third parties reporting alleged violations due to lack of privacy in contract law. Zebrahost will review all verified third party reports and will take appropriate actions as described within Methods of Resolution as set forth in Table C below or within its sole discretion.

Zebrahost understands the challenges of hosting companies, resellers, businesses, organizations and other customers who may have third party violations occur due to the nature of their business. The goal of our Methods of Resolution is to mitigate service interruptions while resolving potential violations under this AUP. Our sales, support and abuse staffs are dedicated to working with the Customer in resolving potential violations, and are available via phone, ticket, or email. The Methods of Resolution below form the framework for resolving all potential violations. Timing for resolution differs according to the degree of the violation, the nature of the violation, involvement of law enforcement, involvement of third party litigation, or other related factors. Overall, Zebrahost is dedicated to working with the Customer in resolving all potential violations prior to any service interruptions.

Step 1: First alleged violation of AUP: a ticket will be generated under Zebrahost to provide the Customer’s master user with information regarding the potential violation of Zebrahost’s AUP. This is often a fact-finding email requiring further information or notifying Customer of the potential violation and the required actions to resolve the issue.

Step 2: Acknowledgement of violation of AUP: a ticket is generated under the Customer’s master user account with information specific to the violation. This ticket will also include any additional facts about the situation and will notify Customer of the action required to resolve the violation.

Step 3: Violation of AUP disregarded, not properly addressed, or continuing violation if a ticket has been disregarded, not properly addressed, or resolved by the Customer for a specified period of time: Zebrahost engineers will turn the public network port to the specified dedicated services off. Access to the dedicated services may then be achieved through the secure private service network for Customer resolution. As soon as the violation is addressed, the public access shall be restored and service will continue as normal.

Step 4: Failure to address violation and resolve violation: if Customer fails to address the violation AND fails to resolve the violation, a suspension of services shall occur. This is a last resort for Zebrahost and only results when the Customer completely fails to participate in Zebrahost’s resolution process. A permanent suspension of services includes reclamation of all dedicated services and the destruction of Customer’s data.

Disclaimer: Zebrahost retains the right, at its sole discretion, to refuse new service to any individual, group, or business. Zebrahost also retains the right to discontinue service to Customers with excessive and/or multiple repeated violations.

Privacy Agreement (PA)

Zebrahost considers user privacy paramount, and Zebrahost utilizes great care in keeping the information of the customer and/or website user (“Customer”) private and secure. To demonstrate our firm commitment to privacy, the following agreement has been created to explain our policies and procedures in relation to all data collected.

Types of Data Collected

Zebrahost collects data related to our users through the following methods:

■ Automated means such as communication protocols and cookies

■ Online registration and online signup forms

■ Sales inquiries and transactions

■ Online Customer communications

■ Offline communications and interactions

■ Third party sources of information

Depending upon the method of collection and use, the data collected may include information about the user from forms, registrations and transactions (such as name, title, address, company, phone number and e-mail address), financial/transaction information (such as credit card, card verification value (cvv), and payment information), information about use of Zebrahost web sites (such as electronic communications protocols, web pages visited, and cookies) and user preferences and privileges.

Electronic Communications Protocols and Cookies

Zebrahost may receive data from you as part of the communication connection itself through the standard electronic greeting between your computer and our servers. This information often consists of network routing (where you came from), equipment information (browser type), internet protocol address, date and time. At this time our server will also query your computer to see if there are "cookies" previously set by zebrahost.com to facilitate log in or other site navigation procedures. A "cookie" is a small piece of information sent by a web server to store in a web browser so it can later be read back from that browser.

Cookies: Some parts of the Zebrahost site use cookies (including signup forms) to collect information about visitors' use of the web site and to facilitate return visits. The information collected from cookies is tracked to enhance security and/or to improve the functionality of the web site by avoiding duplicate data entry, facilitating navigation, and increasing the relevance of content.

Cookies on the site may collect the following information: a unique identifier, user preferences and profile information used to personalize the content that is shown, and user information to access Zebrahost's user forums. Some cookies used by zebrahost.com may remain on the user's computer after they leave the web site, but the majority is set to expire within thirty (“30”) – three hundred sixty five (“365”) days. There may be some cookies on certain tools that are of longer duration. Cookies may also be of benefit to you by creating a more streamlined login process, keeping track of shopping cart additions or preserving order information between sessions. In the future, as we enable further customization of the site, cookies will help in ensuring that information provided to you will be the most relevant to your needs.

While we do not offer an opt-out on the site for cookies, browsers provide you with information and control over cookies. You can set your web browser to alert you when a cookie is being used. You can also get information on the duration of the cookie and what server your data is being returned to. You then have the opportunity to accept or reject the cookie. Additionally, you can set your browser to refuse all cookies or accept only cookies returned to the originating servers. Users can generally disable the cookie feature on their browser without affecting their ability to use the site, except in some cases where cookies are used as an essential security feature or to provide functionality necessary for transaction completion. Additionally, certain jurisdictions may require opt-in consent from Customer before Zebrahost may collect, use or disclose certain Customer information or make certain communications to the Customer, and Zebrahost will comply with this requirement based on Customer’s IP location.

The Data We Collect and How We Use It

Zebrahost collects data from users for the following purposes:

■ To engage in transactions for service. Name, address, email, purchase details, and credit card/payment information may be collected and stored as part of the transaction history. The majority of the data collected under this category is contact information. Zebrahost may need to share some of this data (address, payment) with credit card clearing houses, banking institutions, and other similarly situated Agents, who may require the information in order to complete the transaction (as used here, “Agents” are persons or companies who act on behalf of or under the direction of Zebrahost) . Zebrahost will not transfer information to any of its Agents unless it first either ascertains that the Agent subscribes to the Safe Harbor Principles or is subject to the EU Directive on Data Protection or another adequacy finding or enters into a written agreement with such Agent requiring that the Agent provide at least the same level of privacy protection as is required by the relevant Safe Harbor Principles.

■ To provide future service and support. Information collected for this purpose is both contact data and information related to products and service/support requested. This information is also used to provide service, product update, and similar notices.

■ To select content. Data may be collected to help create web site content and navigation that is most relevant and user friendly. This includes data collected as a result of site navigation, as well as data provided in forms.

■ To respond to user inquiries and requests for information. This data includes registrations for online newsletters, opt-in mailing lists and specific requests for further information.

■ To respond to law enforcement organizations, government officials, or third parties when compelled by subpoena, court order, or applicable law, or to report or prevent suspected fraudulent or illegal activity in the use of Zebrahost’s services. Zebrahost will notify Customer of the information request or submission as, and if, allowed.

■ To provide various Zebrahost communities, such as resellers, with relevant product alerts and updates. These updates are related to product releases, prices, terms, special offers and associated campaigns. This data is sent when the program member signs up for the relevant program or online account.

■ To better tailor marketing to user needs. We may use information from user purchases and user-specified requirements to provide you with timely and pertinent notices of Zebrahost product releases and service developments that address your needs and specified requirements and/or which are similar to products and services previously purchased by the user from Zebrahost.

■ To better respond to requests for service or quotes for product and equipment purchase. Zebrahost will pass contact information to the appropriate Zebrahost sales person, or reseller for follow-up related to Zebrahost products or services.

■ From referral "tell a friend" function. If a user elects to use our referral service for informing a friend about our site, we ask them for the friend's name and email address. Zebrahost will automatically send the friend a one-time email inviting them to visit the site and send a copy of said e-mail to the user. The e-mail(s) sent shall clearly identify the sender of such email(s).Zebrahost uses this data for the sole purpose of sending this one-time email. Such e- mail sent to a friend at user’s request will not be stored for additional processing.

■ As a result of your participation in interactive discussions and public forums. There are parts of the web site that permit you to participate in interactive discussions. Some of these are moderated; all are subject to access for technical reasons. Zebrahost does not control the content that users post and some may serve as public discussion forums. As in any interactive forum open to many users, you should carefully consider whether you wish to submit data and should tailor any other content submitted accordingly.

Customer Portal, Customer Customization, Preferences and Opt-Out

New Customers are automatically registered for access at https://portal.zebrahost.com. The Customer portal allows Customers the ability to create users, add/delete users, add/delete user privileges and opt in (or out) of services and mailing lists. The Customer portal provides the Customers with control over their preferences for electronic information delivery.

Zebrahost has also provided the Customer’s master user the ability to manage the Customer’s account or profile information. We maintain the data and allow the Customer’s master user to update it at any time. To change this information, you must be a current Customer and login with a user ID and password and follow the prompts to "update my profile." We continue to expand the profile of services and information that you may access and update.

Please note that some email communications are not subject to general opt-out. These include communications related to downloads; communications about sales transactions; information about software updates, patches and fixes; disclosures to comply with legal requirements; and network upgrades or other related service maintenance.

If an individual’s personal information is to be (a) disclosed to a third party who is not an Agent; or (b) used for a purpose that is incompatible with the purpose(s) for which it was originally collected or subsequently authorized by the individual, then the individual will be notified prior to such disclosure and may opt out of having the information disclosed by responding to the email and/or author of the notification, where such information shall be clearly set forth.

Security

Zebrahost is concerned with the security of the data we have collected and utilizes commercially reasonable measures to prevent unauthorized access to that information. These measures include policies, procedures, employee training, physical access and technical elements relating to data access controls. In addition, Zebrahost uses standard security protocols and mechanisms to facilitate the exchange and the transmission of sensitive data, such as credit card details. Zebrahost does not process personal information in a way that is incompatible with the purposes for which it has been collected or subsequently authorized by the individual.

In the event that individual personal data is acquired, or is reasonably believed to have been acquired, by an unauthorized person and applicable law requires notification, Zebrahost will notify the affected individual and customer of the breach by email or fax or, if Zebrahost is unable to contact the individual and customer by email or fax, then by regular mail. Notice will be given promptly, consistent with the legitimate needs of law enforcement and any measures necessary for Zebrahost or law enforcement to determine the scope of the breach and to ensure or restore the integrity of the data system. Zebrahost may delay notification if Zebrahost or a law enforcement agency determines that the notification will impede a criminal investigation, and in such case, notification will not be provided unless and until Zebrahost or the agency determines that notification will not compromise the investigation.

Enforcement

Zebrahost has established internal mechanisms to verify its ongoing adherence to its privacy policy, including the Safe Harbor Principles. Zebrahost also encourages individuals covered by this privacy policy to raise any concerns about our processing of personal information by contacting Zebrahost at the address below. Zebrahost will seek to resolve any concerns. Zebrahost has also agreed to participate in the dispute resolution program provided by the European Data Protection Authorities.

Policy Updates

If we are going to use your data in a manner different from that stated at the time of collection, we will notify you via email. In addition, if we make any material changes in our privacy practices that do not affect user data already stored in our database, we will notify you by email or post a prominent notice on the customer portal notifying users of the change. In some cases, when we post the notice, we will also email users who have opted to receive communications from us, notifying them of the changes in our privacy practices.

We may update this policy from time to time to describe how new site features affect our use of your data and to let you know of new control and preference features that we provide.

Contact Information and Inspection Rights

Questions, concerns or comments about this privacy policy should be addressed to:

Legal Department, Zebrahost LLC, 6165 NW 86th ST, STE 2348, Johnston, IA 50131

Phone: 515.418.9339

Email:sales@zebrahost.com