Effective January 17, 2023
This Enterprise Subscription Agreement (this “Agreement”) is entered into by and between Cloudflare, Inc. a Delaware company with its principal office at 101 Townsend Street, San Francisco, CA 94107 (“Cloudflare”) and the entity or person agreeing to the Agreement (“Customer”), each a “Party” and collectively the “Parties.” The Agreement is effective as of the earlier of the date of last signature of the Parties on the initial Order Form (“Effective Date”).
Capitalized terms will have the meanings set forth in this Section 1, or in the section where first used in this Agreement.
1.1. “Affiliate” means any person, corporation, or other entity which controls, is controlled by, or is under common control with a Party, where “control” means control of more than fifty percent (50%) of the voting stock or other ownership interest.
1.2. “Administrative Users” means Customer’s and its Affiliates’ employees, agents, directors, contractors, or other representatives who are authorized to administer Customer’s and/or its Affiliates’ use of such Services.
1.3. “Cloudflare Technology” means the Service, Documentation, Network Data, and any of Cloudflare’s proprietary technology, including any software, processes, scripts, algorithms, user interfaces, know-how, technologies, data, designs, and/or other tangible or intangible technical material or information, together with all updates thereto and all Intellectual Property Rights therein.
1.4. “Confidential Information” means any non-public information disclosed by one Party (“Disclosing Party”) to the other Party (“Receiving Party”) which is labeled as proprietary or confidential at the time of disclosure or by its nature is confidential and would be judged so under a reasonableness standard, or is disclosed or provided under circumstances reasonably indicating it is confidential or proprietary. Confidential Information does not include information that (a) is independently developed by the Receiving Party; (b) is rightfully given to the Receiving Party by a third party without confidentiality obligation; (c) was known to the Receiving Party at the time of disclosure, without confidential or proprietary restriction; or (d) becomes public through no fault of the Receiving Party.
1.5. “Customer Account Information” means the information Customer provides upon subscribing to the Service, audit logs, and Customer account settings.
1.6. "Customer Content” means any files, software, scripts, multimedia images, graphics, audio, video, text, data, or other objects originating or transmitted from or processed by any Internet Properties owned, controlled or operated by Customer or uploaded by Customer through the Service, and routed to, passed through, processed and/or cached on or within, Cloudflare’s network or otherwise transmitted or routed using the Service by Customer.
1.7. “Customer Data” means collectively, Customer Account Information, Customer Content and Customer Logs.
1.8. “Customer Logs” means any logs of End Users’ and Administrative Users’ interactions with Customer’s Internet Properties and the Service that are made available to Customer via the Service dashboard or other online interface during the Term by Cloudflare.
1.9. “Customer Support and Service Level Agreement” or "SLA" means the then current customer support terms and service level agreement at https://www.cloudflare.com/enterprise_support_sla/.
1.10. “Damages” means any (i) settlement amounts approved by the indemnifying Party; and (ii) damages and costs finally awarded against the indemnified Party by a court of competent jurisdiction.
1.11. “Data Processing Addendum” or DPA means the then current data processing addendum at https://www.cloudflare.com/cloudflare-customer-dpa/.
1.12. “Documentation” means all online user manuals, developer documentation, and other technical materials relating to the Services made available to Customer by Cloudflare, as may be updated from time to time.
1.13. “End User” means a third-party visitor to Customer’s Internet Properties and Customer’s employees, agents, or contractors who access or use the Services.
1.14. “Fees” means any payment due by Customer to Cloudflare under this Agreement.
1.15. “InformationSecurity Exhibit” means the then current information security exhibit at https://www.cloudflare.com/security-exhibit/.
1.16. “Initial Term” means the initial term of a Subscription to Service(s) as specified in the initial Order Form, beginning on the Service Date.
1.17. “Intellectual Property Rights” means any and all now known or hereafter existing worldwide: (a) rights associated with works of authorship, including copyrights, mask work rights, and moral rights; (b) trademark or service mark rights; (c) trade secret rights; (d) patents, patent rights, and industrial property rights; (e) layout design rights, design rights, and other proprietary rights of every kind and nature other than trade dress, and similar rights; and (f) all registrations, applications, renewals, extensions, or reissues of the foregoing.
1.18. “Internet Properties” means a website, including any subdomain thereof, network, or any Internet connected application.
1.19. “Laws” means any domestic, foreign, local, state, national and supranational laws, including without limitation EU and UK Data Protection Laws, regulations and treaties applicable to the respective Party.
1.20. “Malicious Code” means viruses, worms, time bombs, Trojan horses, and other malicious code, files, scripts, software agents and programs.
1.21. “Network Data” means all models, observations, reports, analyses, statistics, databases and other information created, compiled, analyzed, generated or derived by Cloudflare from server, network or traffic data generated by Cloudflare in the course of providing the Service.
1.22. “Order Form” means an order form and/or insertion order for Subscription Services executed by Cloudflare and Customer and governed by this Agreement.
1.23. “Renewal Term” means each recurring twelve (12) month period following expiration of the Initial Term, unless a different time period is specified in an applicable Order Form.
1.24. “Service(s)” means all Cloudflare services and products listed at www.cloudflare.com, along with any software made available by Cloudflare in connection with such services, including software development kits and application programming interfaces.
1.25. “Service Date” means the service date specified in an Order Form on which the Initial Term or a Renewal Term of a Subscription starts.
1.26. “Subscription” means a subscription to the Services specified in one or more Order Forms.
1.27. “Subscription Services” areServices ordered by Customer as part of a Subscription as specified in an Order Form.
1.28. “Subscription Term” means the period of time from the Service Date, including the Initial Term and all Renewal Terms, until the expiration or termination of a Subscription.
1.29. “Supplemental Terms” means additional terms of use pertaining to certain individual Cloudflare Services as set forth at https://www.cloudflare.com/supplemental-terms/.
1.30. “Third-Party Proceeding” means any formal legal proceeding filed by an unaffiliated third party before a court (including an arbitral body) or a government tribunal (including any appellate proceeding).
2.1. Provision of Services; Subscription. During the Subscription Term, Customer may access and use the Subscription Services in accordance with the Agreement. Customer may add additional Services to their Subscription by entering into an Order Form for such additional Services. Any terms set out in an Order Form only apply to the Subscription Services referenced in such Order Form.
2.2. Use by Affiliates. If Customer’s Affiliates access and use the Services under Customer’s Subscription, Customer will remain liable for payment of all Fees and its indemnification obligations under Section 10 (Indemnification). Customer will cause such Affiliates to comply with the Agreement as if they were Customer and any reference to “Customer” will be read to include such Affiliates. Any breach of the Agreement by an Affiliate of Customer or their respective Administrative Users, or other representatives will be deemed a breach by Customer of the Agreement and Customer will be liable for such breach as if itself had breached the Agreement. If a Customer’s Affiliate and Cloudflare execute a separate Order Form stating to be governed by the terms of this Agreement (“Affiliate Order Form”), such Affiliate and Cloudflare are deemed (a) to have entered into a separate enterprise subscription agreement containing the terms of this Agreement with any reference to “Customer” meaning only such Affiliate (“Affiliate Agreement”) and (b) the Affiliate Order Form being governed by such Affiliate Agreement.
2.3. Restrictions and Acceptable Use. Customer must not: (a) use the Services other than solely for its internal business purposes, (b) modify, copy, or create derivative works based on, the Service or Documentation; (c) license, sublicense (except to Affiliates), sell, resell, rent, lease, transfer, assign, distribute, or make the Service available to any third parties; (d) reverse-engineer the Service; (e) interfere with, or create an undue burden on the Service or Cloudflare’s network in a manner that poses or has the potential to pose significant harm to Cloudflare’s other customers or internal systems; (f) send or store infringing, obscene, threatening, or otherwise unlawful or tortious material, including material that violates privacy rights, through the Service; (g) use the Service in violation of any Laws; (h) act in a manner intended to circumvent Service-specific usage limits or quotas; (i) send or store Malicious Code in connection with the Service (j) probe, scan or test any vulnerability of the Services, including, without limitation, performing penetration, stress or load testing, including by introducing software or automated agents or scripts, other than those expressly permitted by the Documentation or as explicitly set forth in the Order Form, without prior written consent from Cloudflare; or (k) perform or publish any performance or benchmark tests or analyses relating to the Service, other than solely for Customer’s internal use.
2.4. Credentials. Customer is responsible for maintaining the confidentiality of all usernames and passwords to access Customer’s account (“Credentials”) and is solely responsible for all activities that occur under such Credentials. Cloudflare may deactivate Credentials that Cloudflare reasonably determines may have been used by an unauthorized party. Cloudflare will promptly replace such Credentials upon request. Credentials may not be shared or used by more than one individual, but may be reassigned.Upon termination or expiration of the Subscription, all Credentials will be deactivated.
2.5. Third-Party Products and Services. Customer may access or use, at Customer’s sole discretion, certain third-party products and services that interoperate with the Services including, but not limited to: third-party apps found on the Cloudflare Apps store located at www.cloudflare.com/apps/, third-party service integrations made available through the Cloudflare Service dashboard or APIs, and third-party products or services that Customer authorizes to access Customer’s Cloudflare account using OAuth or other Credentials (collectively, “Third-Party Products”). Each Third-Party Product is governed by the terms of service, end user license agreement, privacy policies, and/or any other applicable terms and policies of the third party provider. Customer’s access or use of Third-Party Products is solely between Customer and the applicable Third-Party Products provider. Cloudflare does not make any representations, warranties, or guarantees regarding the Third-Party Products or the providers thereof, including, but not limited to, the Third-Party Products’ continued availability, security, and integrity. Third-Party Products are made available by Cloudflare on an “AS IS” and “AS AVAILABLE” basis, and Cloudflare may cease providing them in the Cloudflare Apps Store at any time without entitling Customer to any refund, credit, or other compensation. Unless otherwise specified in writing by Cloudflare, Cloudflare will not be directly or indirectly responsible or liable in any manner, for any harms, damages, loss, lost profits, special or consequential damages, or claims, arising out of or in connection with the installation of, use of, or reliance on the performance of any of the Third-Party Products.
2.6. Beta Services. Cloudflare may make non-production Services (“Beta Services”) available to Customer upon Customer’s request. All Beta Services will be clearly designated as Beta Services in any Order Form or the Service’s dashboard. Beta Services are intended for testing purposes only, and may be accessed by Customer at Customer’s sole discretion. Cloudflare may, but is not obligated to, provide support for the Beta Services or correct any bugs, defects, or errors in the Beta Services. Regardless of whether Cloudflare provides technical support for the Beta Services, the SLA will not apply to the Beta Services unless specified otherwise in the applicable Order Form. Cloudflare may discontinue, suspend, or remove Beta Services (including any Customer Data stored as part of the Beta Services) or Customer’s access thereto at any time in Cloudflare’s sole discretion and has no obligation to make them generally available. Customer understands that any information regarding Beta Services is Cloudflare’s Confidential Information, and agrees not to disclose such information unless a Beta Service becomes generally available, except as required by law, and to only use such information in connection with Customer’s use of the Beta Services. Notwithstanding Section 10.1, Cloudflare will have no liability for any harm or damage arising out of or in connection with any Beta Services, including any obligation or liability with respect to Customer Data. Any configurations or Customer Data entered into Beta Services, and any customizations made to Beta Services by or for Customer, may be permanently lost.
2.7 Trial Services (Previews). Cloudflare may offer trial versions of the Services at no cost (“Trial Services”) from time to time. With respect to each such Trial Service, Cloudflare will make each such Trial Service available to Customer free of charge until the earlier of (a) the end of the free trial period (if applicable) for which Customer registered to use the Trial Service; (b) the Service Date of Customer's paid Subscription for such Services; or (c) termination of the Trial Service by Cloudflare in Cloudflare's sole discretion.
2.8. Purchase Through Reseller. If Customer subscribes to Services from an authorized Cloudflare reseller or partner (“Reseller”), and notwithstanding anything set forth otherwise in this Agreement: (a) in addition to Customer’s compliance with the Agreement, Customer’s right to access and use such Services is subject to the terms and conditions of Customer’s written agreement with the Reseller (the “Reseller Agreement”), including Customer’s obligation to timely pay Fees to the Reseller; (b) Customer will execute all Order Forms directly with the Reseller and not Cloudflare; and (c) the terms and conditions of Section 3 (Fees and Payment) do not apply. Any refund, payments and service credits which Cloudflare may or must provide to Customer in accordance with the terms of the Agreement, including, without limitation, the SLA, will be provided by Cloudflare to Reseller and Customer acknowledges that it must seek such refunds, payments and credits from Reseller only. Furthermore, Customer’s right to terminate or cancel its Subscription to any Service is solely as set forth in the Reseller Agreement, provided that nothing herein shall be interpreted as permitting Reseller to offer terms inconsistent with the remainder of this Agreement. If the Reseller ceases at any time to be an authorized Reseller, including for a failure to pay for any Services, Customer’s continued use of Services may be conditioned upon Customer executing a written agreement for such Services directly with Cloudflare, and paying the outstanding Fees, if any, that Reseller did not remit to Cloudflare on Customer’s behalf. Resellers are not authorized to modify the Agreement or make any promises or commitments on Cloudflare’s behalf, and Cloudflare is not bound by any obligations to Customer other than as set forth in the Agreement. Cloudflare may temporarily suspend or terminate delivery of Services to Customer upon notice upon the written direction of Reseller.
2.9. Modifications. Cloudflare may make commercially reasonable updates and improvements to the Services and the Documentation from time to time. Cloudflare may sunset, retire or replace any Service or feature thereof at any time, provided that Cloudflare makes a substantially similar Service or feature available to Customer for the remainder of Customer's then current Subscription Term at no additional charge. If Cloudflare is unable or unwilling to provide a substantially similar Service or feature then Cloudflare will issue Customer a credit for the unused portion of any pre-paid Fees that are attributable to the discontinued Service or feature. This Section 2.9(Modifications) will not apply to any modifications to Services or features that are made by Cloudflare to comply with applicable law or address a material security risk.
3.1. Invoicing and Payment. Unless otherwise specified in an Order Form, Cloudflare will invoice Customer annually in advance for the Subscription. If Customer adds any Services to the Subscription at a later time, Cloudflare will invoice Customer for Fees resulting from such addition. Each invoice will be due and payable upon receipt by Customer (“Payment Due Date”). Payment may be made via ACH, wire transfer, or credit card, however a convenience fee will be added to all credit card payments. Cloudflare may invoice Customer separately for any Fees related to Customer’s use of the Services exceeding the usage caps set out in the Order Form. Cloudflare’s measurement of Customer's use of the Services is final. Customer's obligation to pay all Fees is non-cancellable and except as explicitly set forth in this AgreementFees are non-refundable. No form requirements or requirements to include a purchase order number on the invoice or otherwise delay or limit Customers obligations to pay all undisputed Fees by the Payment Due Date.
3.2. Delinquent Payments. After the Payment Due Date, invoiced Fees may bear interest at the rate of 1.5% per month (or the highest rate permitted by law, if less) compounded daily from the Payment Due Date until paid in full. Customer will be responsible for all reasonable expenses (including attorneys' fees) incurred by Cloudflare in collecting past-due Fees. If Customer has not paid the Fees within thirty (30) days of the Payment Due Date, Cloudflare may (a) suspend Customer’s access to the Service until all undisputed and past-due Fees are paid in full; and (b) turn Customer over for collection to a third-party agency, if Customer fails to pay all undisputed past-due Fees within thirty (30) days after Cloudflare notifies Customer of non-payment of such undisputed past-due Fees.
3.3 Fee Disputes. If Customer disputes all or some of the invoiced Fees (“Fee Dispute”), Customer will provide a written notice to Cloudflare that reasonably describes the nature of the Fee Dispute within thirty (30) days from receiving the applicable invoice. The Parties will use good faith efforts to resolve the Fee Dispute. If the Parties are unable to resolve the Fee Dispute within sixty (60) days of Customer’s receipt of the disputed invoice, then the Parties will be free to exercise any legal or contractual remedies available to them.
3.4. Taxes. The Fees do not include, and may not be reduced to account for, any taxes, levies, duties or similar governmental assessments, including value-added, sales, use or withholding taxes assessable by any local, state, provincial, or national jurisdiction (whether domestic or foreign) (collectively “Taxes”). Customer is responsible for paying all Taxes imposed on the Services provided under this Agreement. If Cloudflare is found to have a legal obligation to pay or collect Taxes for which Customer is responsible under the Agreement, the appropriate amount will be invoiced to and paid by Customer, unless Customer provides Cloudflare with a valid tax exemption certificate authorized by the appropriate taxing authority.
During the Subscription Term, Cloudflare will provide support for Subscription Services in accordance with the SLA. If Cloudflare fails to meet the service levels set forth in the SLA (each such failure, a “Service Level Failure”), then as Customer’s sole and exclusive remedy for any Service Level Failure, Cloudflare will provide, at Customer’s written request, Service Credits in accordance with the SLA. Unless otherwise specified in the Order Form, the “Standard Plan” set out in the SLA applies. The SLA does not apply to Services that Cloudflare makes available to Customer free of charge or on a trial basis, including any Beta Services.
5.1. General Customer Obligations. Customer will: (a) be responsible for configuring the encryption for all Customer Data (excluding Customer Account Information) that it transmits through the Service; (b) take commercially reasonable efforts to prevent unauthorized access to, or use of, the Service; (c) notify Cloudflare promptly in writing of any unauthorized access or use of the Service or Credentials; and (d) be solely responsible for Customer-devised or Customer-implemented rules (and associated misconfigurations and outages) and actions taken by Customer that might result in denial of service, availability issues, or performance degradation.
5.2. Customer Data Responsibility. Except for Customer Account Information, Customer is solely responsible for keeping and maintaining its own copies of Customer Data. Cloudflare is not obligated to Customer to maintain any copies thereof, and may delete Customer Data at any time after seventy-two (72) hours from the time such Customer Data is captured by Cloudflare, except for any Customer Account Information included therein that is reasonably required for the operation of the Services during the Term. EXCEPT WITH RESPECT TO CLOUDFLARE’S CONFIDENTIALITY OBLIGATIONS UNDER SECTION 12.7, UNDER NO CIRCUMSTANCE WILL CLOUDFLARE BE LIABLE FOR ANY LOSS OR DELETION OF CUSTOMER DATA.
5.3. Use of Customer Data. The ordinary operation of the Services requires Customer Data to pass through Cloudflare’s network. The Agreement does not transfer or convey to Cloudflare or any third party any right, title or interest in and to the Customer Data, or any associated Intellectual Property Rights, except for a worldwide, non-exclusive, limited right of use (including to store, copy, transmit and display) solely as permitted under the Agreement and as required to provide the Services, revocable in accordance with the terms of the Agreement. To the extent that Cloudflare processes Customer Data on behalf of Customer that includes Personal Data, Cloudflare will handle such Personal Data in compliance with the DPA.
5.4. Network Data. Cloudflare retains all right, title, and interest in the Network Data, and shall have the right to use Network Data for purposes of providing, maintaining, developing, and improving its Services. Cloudflare may monitor and inspect the traffic on the Cloudflare network, including any related logs as necessary to perform the Services and to derive and compile Network Data. To the extent Network Data includes any Personal Data, Cloudflare will handle such Personal Data in compliance with applicable data protection laws. Cloudflare may use and retain Customer Account Information for business purposes related to the Agreement and to the extent necessary to meet Cloudflare’s legal compliance obligations (including, for audit and anti-fraud purposes).
5.5. Emergency Suspension. Notwithstanding anything to contrary in this Agreement, Cloudflare may immediately suspend all or part of the Services if Cloudflare reasonably believes (a) Customer's use of the Services adversely impacts other customers' use of the Services or the Cloudflare network; or (b) that immediate suspension is required to comply with Laws. Cloudflare will lift any such suspension when the circumstances giving rise to the suspension have been resolved. Unless prohibited by applicable law, Cloudflare will notify Customer of the basis for the suspension.
6.1. Proprietary Rights. Except for the limited rights expressly stated in this Agreement, this Agreement does not grant either party any rights, implied or otherwise, to the other's intellectual property. As between the Parties, Customer owns all Intellectual Property Rights in Customer Data, and Cloudflare owns all Intellectual Property Rights in Cloudflare Technology.
6.2. Account Data. Cloudflare may use and retain information Customer provides upon subscribing to Services, audit logs generated while using the Services, and Customer account settings for business purposes related to the Agreement, and to the extent necessary to meet Cloudflare’s legal compliance obligations (including, for audit and anti-fraud purposes).
6.3. Feedback. If Customer chooses to provide feedback, suggestions, or recommendations for improvement to the Services (“Feedback”), Cloudflare may use Feedback without restrictions and without obligations to Customer.
6.4. Marks. Cloudflare®, and any other product and service names and logos used or displayed in or on the Services are registered or unregistered trademarks of Cloudflare (collectively, “Cloudflare Marks”), and may not be used by Customer without Cloudflare’s prior written consent. Customer must not attempt, now or in the future, to claim any rights in the Cloudflare Marks or use the Cloudflare Marks to disparage or misrepresent Cloudflare, or the Services.
7.1. Mutual Warranties. Each Party warrants that it has the authority to enter into the Agreement and, in connection with its performance of the Agreement and/or its use of the Services, will comply with all Laws including, but not limited to, Laws related to data privacy, international communications and the transmission of technical or Personal Data (as defined in the DPA).
7.2. Limited Warranty. Cloudflare warrants to Customer that the Subscription Services will materially conform to the Documentation and Cloudflare will not knowingly introduce any Malicious Code into the Services (“Limited Warranty”). If Customer notifies Cloudflare of a breach of the Limited Warranty, Cloudflare will either: (a) correct the nonconformity in the Subscription Services; or (b) issue Customer a credit or refund of a portion of the Fees paid by Customer for the nonconforming or affected Subscription Service that fairly reflects (at Cloudflare’s reasonable determination) the diminished value of the nonconforming or affected Subscription Service. Service Level Failures do not constitute a breach of this Limited Warranty and are exclusively addressed by the SLA. The foregoing constitutes Customer’s sole and exclusive remedy for any breach of theLimited Warranty. The Limited Warranty will not apply: (i) unless Customer makes a claim within thirty (30) days of the date on which Customer first noticed the non-conformity; or (ii) if the non-conformity was caused by misuse, unauthorized modifications or third-party products, software, services or equipment.
7.3. Customer Warranties. Customer represents and warrants that to the best of Customer’s knowledge, the information Customer provides to Cloudflare regarding its and its Affiliates’ network usage (including but not limited to bandwidth usage, number of domains, geographic location of users, and SSL requirements) to obtain any price quote which forms the basis of the Agreement, is truthful, accurate, and complete, to the best of its knowledge.
7.4. Disclaimer. EXCEPT FOR THE WARRANTIES SET FORTH IN THE AGREEMENT, CLOUDFLARE MAKES NO, AND HEREBY DISCLAIMS ALL WARRANTIES, REPRESENTATIONS, OR CONDITIONS, WHETHER WRITTEN, ORAL, EXPRESS, IMPLIED OR STATUTORY, PAST OR PRESENT, OR FROM A COURSE OF DEALING OR USAGE OF TRADE, INCLUDING, WITHOUT LIMITATION, ANY IMPLIED WARRANTIES OF MERCHANTABILITY, TITLE, NON-INFRINGEMENT, OR FITNESS FOR A PARTICULAR PURPOSE, WITH RESPECT TO THE USE, OR INABILITY TO USE THE SERVICE (IN WHOLE OR IN PART). CLOUDFLARE CANNOT AND DOES NOT WARRANT THAT ALL ERRORS CAN BE CORRECTED, OR THAT OPERATION OF THE SERVICE WILL BE UNINTERRUPTED OR ERROR-FREE. THE SERVICE MAY BE SUBJECT TO LIMITATIONS, DELAYS, AND OTHER PROBLEMS INHERENT IN THE USE OF THE INTERNET AND ELECTRONIC COMMUNICATIONS. CLOUDFLARE IS NOT RESPONSIBLE FOR ANY DELAYS, DELIVERY FAILURES OR OTHER DAMAGES RESULTING FROM SUCH PROBLEMS OUTSIDE CLOUDFLARE’S REASONABLE CONTROL.
The Receiving Party will use the Disclosing Party's Confidential Information only as permitted by the Agreement or required to provide the Services and will use the same standards to protect the Confidential Information of the Disclosing Party as it affords its own such information, but in no event less than a commercially reasonable degree of care. Additionally, the Receiving Party may disclose Confidential Information to its Affiliates, employees, agents, or professional advisors (“Representatives”) with a need to know and who have agreed in writing (or in the case of professional advisors are otherwise bound) to keep it confidential. The Receiving Party will ensure that its Representatives use the received Confidential Information only to exercise rights and fulfill obligations under this Agreement. Notwithstanding anything to the contrary, Receiving Party may disclose Confidential Information pursuant to the order or requirement of a court, administrative agency, or other governmental body; provided, that Receiving Party provides (a) reasonable notice thereof to Disclosing Party prior to such disclosure and (b) reasonably cooperates with Disclosing Party in any efforts opposing such disclosure; except that subsections (a) and (b) will not apply if the Receiving Party reasonably determines that complying with (a) and (b) could (i) result in a violation of applicable law or (ii) obstruct a governmental investigation. Any unauthorized access or use of Confidential Information resulting from a security breach does not constitute a violation of this Section 8.
9.1. Types of Damages. TO THE EXTENT LEGALLY PERMITTED, IN NO EVENT WILL CLOUDFLARE BE LIABLE TO CUSTOMER OR TO ANY THIRD PARTY FOR ANY DAMAGES FOR ANY LOSS OF SALES, PROFIT, GOODWILL, OR BUSINESS, THE COST OF PROCURING SUBSTITUTE PRODUCTS OR SERVICES, OR SPECIAL, INDIRECT, PUNITIVE, INCIDENTAL, OR CONSEQUENTIAL DAMAGES RESULTING FROM OR IN CONNECTION WITH THE AGREEMENT OR CUSTOMER’S USE, OR INABILITY TO USE THE SERVICE OR OTHER PRODUCTS OR SERVICES HEREUNDER, REGARDLESS OF THE CAUSE OF ACTION OR THE THEORY OF LIABILITY, WHETHER IN TORT, CONTRACT, STRICT LIABILITY OR OTHERWISE, EVEN IF CLOUDFLARE HAS BEEN NOTIFIED OF THE POSSIBILITY OF SUCH DAMAGES.
9.2. Amount of Damages. THE MAXIMUM LIABILITY OF CLOUDFLARE ARISING OUT OF OR IN ANY WAY CONNECTED TO THE AGREEMENT WILL BE LIMITED TO AND WILL NOT EXCEED IN THE AGGREGATE THE FEES PAID BY CUSTOMER TO CLOUDFLARE DURING THE TWELVE (12) MONTHS IMMEDIATELY PRECEDING THE FIRST CLAIM TO ARISE UNDER THE AGREEMENT. THE EXISTENCE OF ONE OR MORE CLAIMS UNDER THE AGREEMENT WILL NOT INCREASE CLOUDFLARE’S LIABILITY. EXCEPT WHERE PROHIBITED BY LAW, NO CLAIM REGARDLESS OF FORM, WHICH IN ANY WAY ARISES OUT OF THE AGREEMENT MAY BE MADE, NOR ACTION BASED UPON SUCH CLAIM BE BROUGHT BY CUSTOMER, MORE THAN ONE (1) YEAR AFTER THE TERMINATION OR EXPIRATION OF THE AGREEMENT.
9.3. Exceptions To Limitation of Liability. NOTHING IN THE AGREEMENT EXCLUDES OR LIMITS CLOUDFLARE’S LIABILITY FOR (A) ITS INDEMNIFICATION OBLIGATIONS UNDER SECTION 10 OR (B) MATTERS FOR WHICH LIABILITY CANNOT BE EXCLUDED OR LIMITED UNDER APPLICABLE LAW.
10.1. Indemnification By Cloudflare. Cloudflare will defend Customer and its Affiliates authorized to use the Subscription Services under this Agreement, and their respective officers, directors, and employees, and indemnify them against Damages in Third-Party Proceedings to the extent arising from an allegation that the Subscription Services when used in accordance with the Documentation and this Agreement infringe any third party’s United States Intellectual Property Right.
10.2. Indemnification Exclusions. Cloudflare will have no obligation under Section 10.1 to the extent the underlying allegation arises from: (a) any use of the Services not in accordance with the Agreement or the Documentation; (b) Cloudflare’s conformance to Customer’s unique specifications performed at Customer’s request; (c) any use of the Services in combination with third-party products, equipment, software or content not supplied by Cloudflare, unless the combination is required by the Agreement; (d) any modification of the Services by any person other than Cloudflare or its authorized agents; or (e) any Services provided by Cloudflare free of charge and Beta Services
10.3. Indemnification By Customer. Customer will defend Cloudflare and its Affiliates, licensors, suppliers, officers, directors, employees and agents and indemnify them against Damages in Third-Party Proceedings arising from or that are based upon: (a) Customer’s use of the Service in a manner not permitted by the Agreement and the Documentation; and (b) Customer Data or Customer’s Internet Properties (including without limitation any activities or aspects thereof or commerce conducted thereon).
10.4. Procedure. The indemnifying Party’s obligations as set forth above are expressly conditioned upon each of the following: (a) the indemnified Party will promptly notify the indemnifying Party in writing of any threatened or actual Third-Party Proceeding; provided, that failure to provide such prompt notice will not release the indemnifying Party from its indemnity obligations except to the extent the indemnifying Party is materially prejudiced thereby; (b) the indemnified Party will tender sole control of the defense or settlement of the indemnified portion of a Third-Party Proceeding to the indemnifying Party; (c) the indemnified Party will cooperate with the indemnifying Party (at the indemnifying Party’s expense) to facilitate resolving any allegations and the settlement or defense of the indemnified portion of a Third-Party Proceeding; and (d) the indemnifying Party will not settle the indemnified portion of a Third-Party Proceeding without the indemnified Party’s prior written consent in a manner which (x) results in an admission of liability by the indemnified Party, (y) requires payment of monies by the indemnified Party, or (z) requires indemnified Party to take or refrain from taking an action.
10.5. Infringement Remedies. If Cloudflare believes a Subscription Service infringes third-party Intellectual Property Rights, Cloudflare may, at Cloudflare’s option, in regard to the affected Subscription Service: (a) procure for Customer the right to continue using the Service; (b) replace the Service with non-infringing services which do not materially impair the functionality of the Service for Customer; (c) modify the Service so that it becomes non-infringing; or (d) terminate the Subscription to the impacted Service and provide a pro rata refund of any Fees paid by Customer to Cloudflare for the remainder of the Subscription Term for the affected Service.
10.6. Sole Rights and Obligations. EXCEPT FOR A PARTY’S TERMINATION RIGHTS SET OUT IN SECTION 11, THIS SECTION 10 STATES CLOUDFLARE’S SOLE AND EXCLUSIVE OBLIGATIONS, AND CUSTOMER’S SOLE AND EXCLUSIVE REMEDIES, WITH RESPECT TO CLAIMS OF INFRINGEMENT OR MISAPPROPRIATION OF THIRD-PARTY INTELLECTUAL PROPERTY RIGHTS.
11.1. Agreement Term; Expiration. The Agreement will enter into effect on the Effective Date and continue until it is terminated or expires in accordance with this Section 11 (“Agreement Term”). Unless earlier terminated, this Agreement expires one year after the end of the last Subscription governed by this Agreement.
11.2. Subscription Term; Renewal. Unless a Party provides written notice of its intent not to renew a Subscription at least two (2) months prior to the expiration of the Initial Term or the then-current Renewal Term, a Subscription will automatically renew for a successive Renewal Term thereafter. The mutual execution of any additional Order Form with a term ending after the then-current Subscription Term will extend the Subscription Term and all of the Subscription Services until the end of such additional Order Form’s term (“Order Form Term”). Each Order Form Term is measured from such Order Form’s Service Date. Subscription Services set out in previous Order Forms will therefore be renewed in the quantities set out in such previous Order Forms and at the prices valid at the time of such renewal.
11.3. Termination. Either Party may at any time terminate a Subscription or the Agreement, in whole or in part, upon written notice to the other Party, if: (a) the other Party has materially breached any provision of the Agreement, and such breach cannot be cured, or, if curable, such breach remains uncured thirty (30) days after receipt of notice from the non-breaching Party specifying such breach in reasonable detail; (b) the other Party becomes the subject of a petition in bankruptcy or any other proceeding relating to insolvency, receivership, liquidation or assignment for the benefit of creditors; or (c) the other Party becomes generally unable or fails to pay its debts as they come due.
11.4. Effect of Termination. Upon expiration or termination of a Subscription: (a) Customer’s right to use and access the Subscription Services ends; (b) Customer will immediately pay all outstanding Fees due to Cloudflare through the date of termination or expiration; and (c) each Party will upon request of the other Party promptly return or destroy all Confidential Information of the other Party. Notwithstanding the foregoing, the Receiving Party may retain any Confidential Information that cannot feasibly be returned or destroyed, and a copy of any Confidential Information required for compliance with its internal record keeping requirements or automatic archival activities, provided that Section 8 shall continue to apply to such retained Confidential Information until it is deleted or returned. .
11.4. Access to Logs On Termination. For up to seventy-two (72) hours following expiration or termination of Customer’s access to the Service, Cloudflare will use reasonable efforts to continue to make available to Customer the Customer Logs. Other than as set forth in this Section 11.4, upon termination of the Agreement, Customer’s right to access or receive log data via the Service will immediately cease.
12.1. Governing Law and Venue. The Agreement and any action related thereto will be governed and interpreted by and under the laws of the State of California, without giving effect to any conflicts of laws principles that require the application of the law of a different jurisdiction. Customer hereby expressly consents to the exclusive, personal jurisdiction of, and venue in, the state and federal courts of San Francisco, California. The Parties agree that the United Nations Convention on Contracts for the International Sale of Goods does not apply to the Agreement.
12.2. Compliance with Laws. Customer agrees that it is responsible for determining whether use of the Service(s) will satisfy Customer's individual compliance obligations and for ensuring that its use of the Service(s) is compliant with all Laws as well as any and all privacy policies, agreements or other obligations Customer may maintain or enter into. Customer will not use the Service(s) for any reason if Customer or any party that owns or controls Customer, are subject to sanctions or otherwise designated on any list of prohibited or restricted parties, including but not limited to the lists maintained by the U.S. Government (e.g., the Specially Designated Nationals List and Foreign Sanctions Evaders List of the U.S. Department of Treasury, and the Entity List of the U.S. Department of Commerce), the European Union or its Member States, the United Kingdom, or other applicable government authority. Customer will not use the Service(s) to export or re-export any information or technology to any country, individual, or entity to which such export or re-export is restricted or prohibited. Customer further acknowledges that performance of the Agreement may be subject to U.S. and non-U.S. anti-corruption and anti-bribery laws, rules, and regulations. Customer therefore covenants that it will make no payments, including charitable donations, of money or anything of value, nor will such be offered, promised or paid, directly or indirectly, to any person or entity (a) to improperly influence the acts of such person or entity, (b) to induce such person or entity to use its influence with a government to obtain or retain business, or (c) to gain an improper advantage in connection with any business venture or contract in which Cloudflare is a participant.
12.3. Severability. If any provision of the Agreement is invalid, illegal or unenforceable, the other provisions of the Agreement will remain enforceable and the invalid or unenforceable provision will be deemed modified so that it is valid and enforceable to the maximum extent permitted by law.
12.4. Waiver. Any waiver or failure by a Party to enforce any provision of the Agreement on one occasion will not be deemed a waiver of that or any other provision on that occasion, nor any other occasion.
12.5. Remedies. Nothing in this Agreement will limit either Party's ability to seek equitable relief. Unless otherwise stated herein, all remedies are cumulative and not to the exclusion of any other rights and remedies available at law or in equity. If any legal action is brought to enforce the Agreement, the prevailing Party will be entitled to receive its attorneys’ fees, court costs, and other collection expenses from the non-prevailing Party, in addition to any other relief the prevailing Party may receive.
12.6. No Assignment. Customer will not assign, subcontract, delegate, or otherwise transfer the Agreement or its rights and obligations herein, in whole or in part, by operation of law or otherwise, without obtaining the prior written consent of Cloudflare, which consent may be withheld at Cloudflare’s sole discretion, and any attempted assignment, subcontract, delegation, or transfer in violation of the foregoing will be null and void, ab initio. Notwithstanding the foregoing, however, either Party may upon written notice to the other Party, assign the Agreement in its entirety without the requirement to obtain consent, in connection with a merger, acquisition, reorganization or sale of all or substantially all of its assets of that Party. In the event Customer acquires or is acquired by another existing Cloudflare customer (“Customer Acquirer”) during the Agreement Term, the respective Agreements, Subscriptions, and Fees applicable to Customer and Customer Acquirer will remain unchanged and unaffected unless and until otherwise agreed to by all affected parties. The Agreement will be binding upon the Parties and their respective successors and permitted assigns.
12.7. Interpretation. Headings are for convenience only and do not impact the construction of this Agreement; “including” means “including but not limited to;” and “will” and “shall” have the same meaning. All amounts are in United States dollars.
12.8. Competing Products. Cloudflare is constantly enhancing its Services and may enhance Services in a way that is competitive with Customer’s products, services, or ideas, regardless of whether they have been shared with Cloudflare. Customer acknowledges that Cloudflare has the right to make, use, develop, acquire, license, market, promote, or distribute products, software, or technologies that perform the same or similar functions as, or otherwise compete with, any of Customer’s products, software, or technologies that Customer may develop, produce, market, or distribute now or in the future, provided that by doing so Cloudflare does not breach Section 8 or violate any of Customer’s Intellectual Property Rights
12.9. Force Majeure. Any delay in the performance of any duties or obligations of a Party (except the payment of money owed) will not be considered a breach of the Agreement if such delay is caused by events beyond the reasonable control of that Party (a “Force Majeure Event”); provided, that the delayed Party uses reasonable efforts, under the circumstances, to notify the other Party of the existence of the Force Majeure Event and works to resume performance as soon as possible.
12.10. Independent Contractors. The relationship of the Parties is that of independent contractors, neither Party is an agent or partner of the other. Neither Party will have, and will not represent to any third party that it has, any authority to act on behalf of or bind the other Party.
12.11. No Third-Party Beneficiaries. This Agreement does not confer any benefits on any third party unless it expressly states that it does.
12.12. Publicity. Subject to Customer’s trademark usage guidelines, Customer grants Cloudflare a non-exclusive, worldwide, royalty free right to include Customer’s name and logo in any customer listing appearing on or in any Cloudflare websites, brochures, fliers, presentations, annual reports and any other marketing materials. Customer may terminate the foregoing license at any time following the termination of the Agreement, by providing Cloudflare thirty (30) days’ written notice, upon which Cloudflare will promptly remove Customer’s name and logo from its website and cease from creating any new marketing material containing the same. Notwithstanding the foregoing, Cloudflare’s right to continue to use any pre-printed marketing materials produced prior to such termination will continue until the supply of such materials is exhausted.
12.13. Notices. All notices may be sent via e-mail and will be effective when sent as set out in this Section 12.13. Any notices to Customer may be sent to the e-mail address designated by Customer as administrator in the Cloudflare dashboard. Customer is responsible for updating its information with Cloudflare, including providing Cloudflare with an up-to-date e-mail address for the provision of notices under the Agreement. Any notice provided to Cloudflare pursuant to the Agreement must be sent to the Cloudflare contact listed in the Order Form, with a copy to legal@cloudflare.com.
12.14. Commercial Communications. Customer agrees that Cloudflare may send email communications to Customers’ employee representatives in order to convey information about Cloudflare products and services, including promotional information about new or updated Cloudflare products and services, and Cloudflare events. Customer’s employee representatives may opt-out of such communications on an individual basis by managing their communication preferences.
12.15. Government Restrictions. Customer understands and agrees, that (a) the Cloudflare Technology are “Commercial Product(s)” and/or “Commercial Service(s)” as defined in FAR 2.101, consisting of “Commercial Computer Software” and “Commercial Computer Software Documentation,” as such terms are used in FAR 12.212 or DFARS 227.72, as applicable; (b) the Cloudflare Technology are being licensed to U.S. Government end users (i) only as Commercial Products or Commercial Services and (ii) with only those rights as are granted to all other end users pursuant to the terms and conditions herein, except that any provision of this Agreement that is unenforceable against the U.S. Government shall not apply to U.S. Government customers; (c) this customary commercial license is provided in accordance with FAR 12.211 (Technical Data) and FAR 12.212 (Computer Software), DFARS 252.227-7015 (Technical Data – Commercial Items), and/or DFARS 227.7202-3 (Rights in Commercial Software or Computer Software Documentation), as applicable; and (d) use of the Cloudflare Technology by any Customer is further restricted as set forth in these Terms. This provision applies in lieu of and supersedes any Federal Acquisition Regulation, Defense Federal Acquisition Regulation Supplement, or other clause or provision pertaining to the Government’s rights in technical data, computer software, and computer software documentation.
12.16. Amendment. Cloudflare may amend the Agreement at any time. Unless otherwise noted by Cloudflare, such amendment becomes effective ten (10) days after Cloudflare provides notice to Customer of such amendment. Cloudflare may provide such notice by posting an amended Agreement on https://www.cloudflare.com/enterpriseterms/ and the links referenced therein. Changes required by Laws will be effective immediately. Customer’s continued use of the Service(s) after the amendment takes effect may be relied upon by Cloudflare as Customer’s consent to the amendment. Except as stated in this Section 12.16, no modification of, amendment to, or waiver of any rights under the Agreement will be effective unless in writing and signed by an authorized signatory of each of Customer and Cloudflare.
12.17. Agreement Order of Precedence; Conflicting Terms. The Agreement consists of the following documents, listed in the order of precedence applying in case of a conflict between them: (1) the DPA and any Business Associate Agreement between the parties (if applicable); (2) the Information Security Exhibit; (3) the remainder of this Agreement other than the Supplemental Terms and the SLA; (4) the Supplemental Terms; and (5) the SLA. An Order Form will take precedence over the Agreement only in respect of the Subscription Services listed in such Order Form. The order of precedence listed herein will only apply to the extent that there is a conflict
12.18. Survival. Sections 1 (Definitions), 3(Payment Terms),6 (Intellectual Property Rights; Data Usage), 8 (Confidentiality), 9 (Limitation of Liability), 10 (Indemnification), 11.4 (Effect of Termination), and 12 (General) of this main body of the Agreement will survive any such expiration or termination of the Agreement
12.19. Entire Agreement. The Agreement, which incorporates all documents referenced herein as if set out herein in full, including those referenced via hyperlinks, is the final, complete and exclusive agreement of the Parties with respect to the subject matter hereof and supersedes and merges all prior discussions and agreements, between the Parties with respect to such subject matter, including any applicable non-disclosure agreements. In entering into this Agreement, neither Party has relied on, and neither Party will have any right or remedy based on, any statement, representation, or warranty (whether made negligently or innocently), except those expressly stated in this Agreement. After the Effective Date, Cloudflare may provide an updated URL in place of any URL in this Agreement. The Agreement may be executed electronically and in counterparts, each of which will be deemed to be an original, but all of which, taken together, will constitute one and the same agreement. Unless agreed to in writing by Cloudflare, the terms of any pre-printed purchase orders or general terms and conditions that Customer submits to Cloudflare that contains terms that are different from, in conflict with, or in addition to, the terms of the Agreement are hereby rejected by Cloudflare, and will be void and of no effect.
If you have questions about these terms or anything else about Cloudflare, please don't hesitate to contact us:
+1 (650) 319-8930
Cloudflare, Inc.
101 Townsend St,
San Francisco, CA 94107
USA