CxSAST End User License Agreement
END USER LICENSE AGREEMENT
PLEASE READ THE TERMS AND CONDITIONS OF THIS END USER LICENSE AGREEMENT (“EULA”) CAREFULLY BEFORE INSTALLING OR USING THE CHECKMARX SOFTWARE (“SOFTWARE”) AND ACCOMPANYING DOCUMENTATION (“DOCUMENTATION”). UNLESS YOU HAVE A SEPARATE WRITTEN LICENSE AGREEMENT WITH CHECKMARX GOVERNING YOUR USE OF THE SOFTWARE AND DOCUMENTATION, THIS EULA REPRESENTS A BINDING LEGAL AGREEMENT BETWEEN YOU AND THE CHECKMARX ENTITY IDENTIFIED BELOW (“CHECKMARX“).
THIS LICENSE IS VALID ONLY FOR THE LICENSE TERM SET FORTH IN YOUR QUOTE, UNLESS TERMINATED EARLIER IN ACCORDANCE WITH THE TERMS OF THIS EULA. THE SOFTWARE IS ACTIVATED BY A LICENSE KEY WHICH EXPIRES AT THE END OF THE LICENSE TERM. AS A RESULT, THE SOFTWARE WILL BE INOPERATIVE UPON THE EXPIRATION OF THE LICENSE TERM. YOU ARE ONLY AUTHORIZED TO USE THE SOFTWARE UNDER THIS EULA IF YOU HAVE ACQUIRED THE SOFTWARE FROM CHECKMARX OR AN AUTHORIZED RESELLER.
IF YOU ARE INSTALLING, DOWNLOADING, ACCESSING, OR OTHERWISE USING THE SOFTWARE ON BEHALF OF A COMPANY OR OTHER LEGAL ENTITY, YOU HEREBY ACCEPT THIS EULA ON BEHALF OF SUCH ENTITY, YOU ACKNOWLEDGE THAT SUCH ENTITY IS LEGALLY BOUND BY THIS EULA, AND YOU REPRESENT AND WARRANT THAT YOU HAVE THE RIGHT, POWER AND AUTHORITY TO ACT ON BEHALF OF AND BIND SUCH ENTITY. YOU MAY NOT ACCEPT THIS EULA ON BEHALF OF AN ENTITY UNLESS YOU ARE AN EMPLOYEE OR OTHER AUTHORIZED AGENT OF SUCH ENTITY WITH THE RIGHT, POWER AND AUTHORITY TO BIND AND ACT ON BEHALF OF SUCH ENTITY.
IF YOU DO NOT AGREE TO THIS EULA, YOU ARE NOT AUTHORIZED TO INSTALL AND/OR USE THE SOFTWARE OR DOCUMENTATION.
- License Grant. If you have purchased a license to use the Software and Documentation from Checkmarx or an authorized reseller, then subject to the terms and conditions of this EULA and your timely payment of the applicable license fees, Checkmarx hereby grants to you during the License Term (defined below) a limited, personal, non-exclusive, non-transferable, non-sublicensable right to install and use the Software in object code form, solely for your internal business purposes and subject to the license quantities purchased by you as set out in an authorized quotation document provided by Checkmarx or an authorized reseller (the “Quote”). You may make one (1) copy of the Software for archival and backup purpose and a reasonable number of copies of the Documentation to enable your use of the Software. All copies of the Software and Documentation are subject to this EULA. This license does not grant any rights whatsoever to the source code of the Software.
- Trial Use (POC) License Grant. If you have been provided with a Software trial use (POC) license by Checkmarx, then you are hereby granted a limited, personal, non-exclusive, non-transferable, non-sublicensable right to install and use the Software in object code form, solely for your internal evaluation purposes, during the evaluation period authorized by Checkmarx. If no evaluation period is specified by Checkmarx, then the evaluation license is valid for fourteen (14) days from the date the Software is initially made available to you. Evaluation Software is not licensed for production use. You may not distribute the evaluation Software, or any results generated by the evaluation Software, to any third party. All evaluation Software is licensed on an “AS-IS” basis without warranty of any kind, express or implied. Checkmarx does not assume any liability arising from any use of the Software for evaluation purposes.
- License Conditions. Your right to use the Software is conditioned upon your timely payment of the full amount of the license fees and other charges due set out in the Quote as well as your full compliance with the terms of this EULA. In addition, your use of the Software is subject to the applicable license type definitions and restrictions set out on https://checkmarx.com/legal/software-license-types-and-restrictions/ (the “License Type”) for the licenses purchased by you. In the event additional license types are set out in the Quote, your use of the Software shall be subject to those license type restrictions, as applicable.
- Prohibited Uses. Other than the rights explicitly granted in this EULA, you shall have no other rights, express or implied, in the Software or the Documentation, and all such rights are reserved by Checkmarx. Without limiting the generality of the foregoing, you agree and undertake not to, directly or indirectly, or permit others to: (a) use the Software in excess of the License Type restrictions or license quantities purchased; (b) attempt to circumvent any license restrictions or License Type limitations; (c) reverse engineer, decompile, disassemble, modify or create derivative works of the Software or Documentation; (d) attempt to derive the source code of the Software; (e) reproduce, publish, distribute, transfer, publicly display, resell, rent, lease, sublicense, loan, or lend the Software or Documentation to any third party; (f) use the Software to provide services to a third party, including but not limited to commercial code scanning or audit services; (g) make the Software available in a service bureau or any similar commercial time-sharing arrangement; (h) transfer, assign or permit the sharing of license keys or product codes to a third party; (i) make available to any third party any output of the Software, including but not limited to benchmarking results; (j) distribute, resell, sublicense or otherwise provide third party access to the Software or Documentation; or (k) otherwise provide access to the Software or the output generated by the Software to any individual in violation of the Named User License Conditions set out above. Additional restrictions may be set out in in the Quote or ordering document.
- Term and Termination. This EULA shall automatically terminate upon the expiration of the license term set forth in the Quote (the “License Term”). Evaluation licenses will automatically terminate upon expiration of the evaluation period specified in Section 2 of this EULA. Either party may terminate this EULA: (a) upon thirty (30) days written notice in the event of a material breach of this EULA by the other Party which has not been cured after the expiration of thirty (30) days from the breaching party’s receipt of written notice of the breach; (b) if the other party becomes the subject of any voluntary or involuntary petition pursuant to applicable bankruptcy or insolvency laws, or request for receivership, liquidation, or composition for the benefit of creditors and such petition, request or proceeding is not dismissed within sixty (60) days of filing; or (c) immediately upon written notice in the event that either party reasonably believes that this EULA or a party’s performance thereunder will result in any violation of applicable law, and such violation cannot be promptly corrected to the party’s reasonable satisfaction or is incurable as a matter of law, for example in the event that a party becomes a Restricted Party (defined below). Promptly upon termination, all rights and licenses granted under this EULA will cease and you will immediately cease all use of the Software and Documentation, destroy all copies of the Software and Documentation in your possession or control, and, upon request of Checkmarx, certify such destruction. Checkmarx’s termination of this EULA will not limit any of Checkmarx’s other rights or remedies at law or in equity.
- Title & Ownership. The Software and Documentation is licensed, not sold. The Software and Documentation is protected by copyright and other intellectual property laws and treaties. All right, title and interest in and to the Software and Documentation, any derivatives thereof and modifications thereto, including associated intellectual property rights, evidenced by or embodied in and/or attached/connected/related to the Software and Documentation, are owned by and will remain with Checkmarx and/or its licensors. This EULA does not convey to you any right, title or interest in or to the Software or Documentation, except for the limited right of use in accordance with the terms herein. Nothing in this EULA constitutes a waiver of Checkmarx’s and/or its licensors’ intellectual property rights. You may not remove, modify or obscure any Checkmarx logos or proprietary notices from any Software, Documentation, or reports generated by the Software, or any copies thereof.
- Feedback. In the event you provide Checkmarx with feedback regarding its products or services (“Feedback”), you hereby grant Checkmarx a perpetual, irrevocable, worldwide, sub-licensable, royalty-free license to use, modify, create derivative works, distribute and otherwise exploit the Feedback without further compensation to you.
- Payment. All purchases are final and non-refundable, and any early termination of this EULA shall not affect your payment obligations to Checkmarx or its authorized reseller. For Software orders placed directly with Checkmarx, Checkmarx shall deliver to you an invoice stating the fees and, where applicable, sales, use, value-added or other similar taxes. You are responsible for the payment of all taxes and duties, however designated, which are paid or payable, based on the fees or on your use or possession of the Software under this EULA. If you are required to withhold or deduct any amount from the fees on account of taxes, you will pay Checkmarx the additional amount necessary to ensure that the net amount received by Checkmarx after withholding or deduction of such taxes is equal to the gross amount of the fees in the absence of any such withholding or deduction. Except as otherwise provided in this EULA, all amounts are non-refundable and are payable in U.S. Dollars unless a different currency is specified in the Quote.
- Limited Warranty. If you have purchased a license to use the Software and Documentation from Checkmarx or an authorized reseller, Checkmarx warrants that for a period of thirty (30) days after initial delivery of the Software to you, the Software, when properly installed and used in accordance with the Documentation, is capable of operating in substantial conformity with the Documentation. Within a commercially reasonable time after Checkmarx’s receipt of written notice from you specifying any breach of these limited warranties, Checkmarx shall, in Checkmarx’s sole discretion and as your sole and exclusive remedy and as Checkmarx’s sole and exclusive liability for breach of warranty: (a) deliver to you a workaround or correction of the non-conformity; or (b) terminate this EULA and assist with coordinating a prorated refund of license fees paid. The limited warranty set forth above shall not apply to the extent the Software: (a) is not used in accordance with the Documentation; (b) has been modified without Checkmarx’s express authorization; (c) fails to function due to a malfunction of your equipment or IT infrastructure; or (d) fails to function due to third party software and/or hardware that is not provided or approved by Checkmarx. THIS SECTION STATES YOUR SOLE AND EXCLUSIVE REMEDY AND THE ENTIRE LIABILITY OF CHECKMARX FOR BREACH OF WARRANTY. THE LIMITED WARRANTIES SET FORTH IN THIS SECTION GIVE YOU SPECIFIC LEGAL RIGHTS. YOU MAY HAVE ADDITIONAL LEGAL RIGHTS UNDER LAW WHICH VARY FROM JURISDICTION TO JURISDICTION. CHECKMARX DOES NOT SEEK TO LIMIT YOUR WARRANTY RIGHTS TO ANY EXTENT NOT PERMITTED BY LAW.
- Disclaimer of Warranties. EXCEPT FOR THE EXPRESS LIMITED WARRANTIES SET OUT ABOVE, AND TO THE MAXIMUM EXTENT PERMITTED BY LAW, THE SOFTWARE AND DOCUMENTATION ARE PROVIDED ON AN “AS IS” BASIS. TO THE MAXIMUM EXTENT PERMITTED BY LAW, ALL WARRANTIES, EXPRESS, IMPLIED, STATUTORY OR OTHERWISE ARE EXPRESSLY DISCLAIMED, INCLUDING BUT NOT LIMITED TO ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT. CHECKMARX DOES NOT WARRANT THAT THE SOFTWARE WILL MEET YOUR REQUIREMENTS, OR THAT THE OPERATION OF THE SOFTWARE WILL BE UNINTERRUPTED AND/OR ERROR-FREE. CHECKMARX DOES NOT REPRESENT OR WARRANT THAT THE USE OF THE SOFTWARE WILL BE FREE FROM ERRORS OR SAFE FROM INTRUSIONS OR ANY OTHER SECURITY EXPOSURES, OR THAT THE SOFTWARE WILL DETECT ALL ERRORS OR VULNERABILITIES IN YOUR CODE. NOTHING IN THE FOREGOING RESTRICTS THE EFFECT OF WARRANTIES OR CONDITIONS WHICH MAY NOT BE EXCLUDED, RESTRICTED OR MODIFIED AS A MATTER OF LAW.
- Limitation of Liability. TO THE MAXIMUM EXTENT PERMITTED BY LAW, IN NO EVENT WILL CHECKMARX OR ITS AFFILIATES BE LIABLE FOR LOST PROFITS, LOSS OF USE, LOSS OR DAMAGE TO DATA, COST OF PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES, OR ANY OTHER SPECIAL, INCIDENTAL, INDIRECT, OR CONSEQUENTIAL DAMAGES, HOWEVER CAUSED, AND ON ANY THEORY OF LIABILITY, WHETHER FOR BREACH OF CONTRACT, TORT (INCLUDING NEGLIGENCE AND STRICT LIABILITY), OR OTHERWISE, WHETHER OR NOT CHECKMARX HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. CHECKMARX AND ITS AFFILIATES’ LIABILITY UNDER, ARISING OUT OF OR RELATING TO THIS EULA SHALL BE LIMITED TO DIRECT DAMAGES, AND IN NO EVENT SHALL CHECKMARX’S TOTAL AGGREGATE LIABILITY UNDER, ARISING OUT OF OR RELATING TO THIS EULA, EXCEED THE AMOUNT OF LICENSE FEES PAID BY YOU TO CHECKMARX OR ITS AUTHORIZED RESELLER DURING THE PREVIOUS TWELVE (12) MONTHS PRECEDING ANY CLAIM HEREUNDER.
- Audit and Enforcement Rights. Checkmarx shall be entitled, up to one time per each twelve (12) month period during the license term, to perform a Software license audit to verify your compliance with this EULA and the number and type of licenses purchased by you. You shall be responsible to pay to Checkmarx or its authorized reseller all fees for any unauthorized use of the Software or Documentation detected during the audit. In the event an audit reveals a material underpayment of fees, you will reimburse Checkmarx for the reasonable cost of the audit, and Checkmarx shall be permitted to conduct follow-up audits as deemed reasonably necessary.
- Export Law. You acknowledge that the export, re-export, or in-country transfer of the Software and Documentation may be subject to laws and regulations promulgated by various governments, which restrict the export, re-export or in-country transfer of certain computer hardware, software media, technical data, and direct products of technical data. You agree to comply with all applicable export laws and regulations as in effect from time to time (including, without limitation, all record-keeping requirements imposed thereunder), and will not export, re-export, transfer or provide access to the Software or Documentation in violation of such laws and regulations.
- Restricted Parties. You represent and warrant that neither you, nor any of your directors, executive officers, senior management, key employees, agents, major shareholders, nor any person having a controlling interest, nor any person who you allow to use the Software is a “Restricted Party,” which shall include any person or entity: (a) who is a national of, or located or incorporated in, or an official of, owned or controlled by, or acting on behalf of the government of, a country prohibited by Checkmarx policy (based on risks including corruption, fairness and transparency of local legal process, contractual commitments imposed by financial institutions with which Checkmarx does business, and/or U.S. or Israeli embargo or trade restrictions) (a “Prohibited Territory”) (at the time of execution, Cuba, Iran, Lebanon, Libya, North Korea, Syria, and the Crimea Region), or any other region that hereinafter becomes subject to a comprehensive U.S. or Israeli trade embargo; or (b) who is on any of the following lists: the U.S. Department of Commerce Denied Person’s List, Entity List, or Unverified List; on the U.S. Department of the Treasury, Office of Foreign Assets Control’s (OFAC) list of Specially Designated Nationals and Blocked Persons; the OFAC Consolidated Non-SDN Sanctions List (including the Sectoral Sanctions Identifications List and the Foreign Sanctions Evaders List); the United States State Department’s Debarred Parties and Non-Proliferation Sanctions Lists; the United Nations Financial Sanctions Lists; the European Financial Sanctions List, or the Swiss Sanctions List maintained by the Swiss State Secretariat for Economic Affairs; or (c) persons directly or indirectly owned or controlled by, or acting on behalf of, persons identified in sub-clause (b). You shall not distribute, transfer, sublicense or permit access to any Checkmarx Software, Documentation, or services to any Restricted Party without prior, express written authorization from Checkmarx and, as appropriate, any relevant government agency. You agree that any breach of this section shall constitute a material breach of this EULA not capable of cure.
- United States Government Rights in Commercial Off-the-Shelf Software. The Software and Documentation constitute “commercial computer software,” and “commercial computer software documentation” and “technical data” as defined in FAR Section 12.212. Consistent with the applicable provisions of the applicable federal acquisition regulations, including but not limited to 48 C.F.R. §12.212 or 48 C.F.R. §227.7202-1 through 227.7202-4, as applicable, the Software and Documentation are being licensed to U.S. Government end users only as commercial items and pursuant solely to the terms and conditions herein.
- General. If a court of competent jurisdiction finds any provision of this EULA to be unenforceable, that provision shall be enforced to the maximum extent permissible so as to affect the intent of the parties, and the remainder of the EULA shall continue in full force and effect. The UN Convention on Contracts for the International Sale of Goods and the Uniform Computer Information Transaction Act shall not apply to (and are excluded from the laws governing) this EULA. You may not assign this EULA without Checkmarx’s prior written approval. Checkmarx shall be entitled to assign, novate or transfer any rights, duties or obligations under this EULA at its discretion. No waiver of any breach shall constitute a waiver of any prior, concurrent or subsequent breach of the same or any other provision, and no waiver shall be effective unless made in writing and signed by an authorized representative of the waiving party. Sections 6, 7 and 11 through 26 shall survive the termination of this EULA.
- Jurisdiction and Choice of Law. If you are located in the United Kingdom, this EULA shall be governed by and interpreted in accordance with the laws of England and Wales, excluding its choice of law rules. In such case, the competent courts located in London, England shall have exclusive jurisdiction with respect to any matters rising out of this EULA. If you are located outside of the United Kingdom, this EULA shall be governed by New York law, and shall be deemed to have been executed and performed in the State of New York. In such case, disputes arising out of or relating to this EULA shall be governed by and interpreted in accordance with the laws of the State of New York, USA, excluding its choice of law rules and the courts in the Borough of Manhattan, New York shall have exclusive jurisdiction with respect to any matters rising out of this EULA.
- Added Services. Checkmarx or other third parties may make available optional add-ons, extensions, plug-ins or services intended to enhance the functionality of the Software (the “Added Services”). Such Added Services are subject to additional fees and governed by the applicable Add-On terms and conditions: https://www.checkmarx.com/legal/terms. By purchasing or using the Added Services, you agree to these additional terms and conditions.
- End of Life Policy. Checkmarx retains the right to discontinue (“End-of-Life”) the Software, upon twelve (12) months prior written notice to you. Following the Product End-of-Life, the Software shall not be eligible for maintenance, upgrades or support and Checkmarx shall have no further obligation to maintain, update or support the Software.
- Entire Agreement. Unless you have entered into a separate written agreement with respect to the Software and Documentation which has been signed by you and an authorized representative of Checkmarx, you agree that: (a) this EULA supersedes all prior written or oral agreements, warranties or representations with respect to your use of the Software and Documentation; and (b) you agree to be bound by the terms of this EULA, which is the complete and exclusive agreement between you and Checkmarx regarding the Software and Documentation. The provisions of this EULA shall prevail over any additional or conflicting provisions in any purchase order, acceptance notice or other document issued by you, which shall be void and of no effect.
- Partial Invalidation. In the event that any provision of this EULA shall be held by law, or found by a court or other tribunal of competent jurisdiction to be unenforceable, the unenforceable provision shall be severed and the remaining provisions of this EULA shall remain in full force and effect. In such an event, the parties agree to negotiate in good faith a substitute provision that most nearly reflects the intent of the severed provision.
- Relationship of Parties. The parties hereto are independent contractors. Nothing contained herein or done in pursuance of this EULA shall create a principal-agent, partner, or other relationship between the parties for any purpose or in any sense whatsoever, or create any form of joint enterprise whatsoever between the parties.
- No Third Party Beneficiaries. This EULA is entered into solely for the benefit of you and Checkmarx. No third party shall be deemed to be a beneficiary of this EULA, and no third party shall have the right to make any claim or assert any right under this EULA.
- Contracting Entity. If you are located in the United States of America, “Checkmarx” is defined as Checkmarx, Inc. If you are located in the United Kingdom, “Checkmarx” is defined as Checkmarx UK Ltd. If you are located in India, “Checkmarx” is defined as Checkmarx India Technology Services Private Limited. If you are located in Australia, “Checkmarx” is defined as Checkmarx Australia Pty Ltd. If you are located in France, “Checkmarx” is defined as Checkmarx France S.A.S., a Société par Actions Simplifiée incorporated under the laws of France, with a share capital of 10 000 €, registered under the number 879 773 257 RCS STRASBOURG with its Registered Office at 1 rue des Arquebusiers 67000 Strasbourg, France. For all other countries, “Checkmarx” is defined as Checkmarx Ltd. unless a different Checkmarx entity is designated in the Quote.
- Notices. All notices or demands hereunder shall be by traceable express courier service or certified or registered mail, return receipt requested, sent to the address of the receiving party, and shall be deemed complete ten (10) days after mailing. Notices to Checkmarx shall be sent to the attention of: General Counsel, with a copy to [email protected]
- Contacting Checkmarx. If you have any questions about this EULA, you should contact Checkmarx via the designated point of contact for your territory: https://www.checkmarx.com/contact-us.
Last updated: June 2, 2020