Terms of use

These terms of use (“Terms of Use”) govern the use of the Cyber Range software (as defined below) and associated materials to be delivered to Customer by Field Effect (as defined below) and as specified in an Order Form. By executing an Order Form referencing these Terms of Use and/or by using Cyber Range and the Field Effect Content Library, as permitted under these Terms of Use, Customer agrees to be bound by these Terms of Use, the Privacy Policy (as defined below) and any additional terms that may be incorporated by reference (collectively, the “Agreement”).

1. Definitions

1.1 “Account” has the meaning defined in Section 2.7.1;

1.2 “Administrator” means an individual employed by Customer and identified to Field Effect, who is authorized by Customer to have administrative rights in addition to rights granted to a User;

1.3 “Business Day” means any day other than a Saturday, Sunday, or statutory holiday in the Province of Ontario;

1.4 “Confidential Information” means any data, documentation, or other information of a proprietary or confidential nature, whether or not identified as being confidential or proprietary, which is disclosed or made available by a party to the other party in connection with this Agreement. With the exception of Personal Information, Confidential Information does not include information that the receiving party can establish, with reasonable evidence, that: (i) the receiving party already knew; (ii) becomes public through no fault of the receiving party; (iii) was independently developed by the receiving party without use of or reference to the disclosing party’s confidential information; or (iv) was rightfully given to the receiving party by a third party without any obligation of confidentiality.

1.5 “Custom Content” means any course, assessment or scenario authored for Customer by Field Effect and uploaded to Customer’s personal library on their Cyber Range instance;

1.6 “Customer” means the customer identified in the applicable Order Form, including, as applicable, Users who gain access to Cyber Range and the Field Effect Content Library through Customer;

1.7 “Customer Data” means any data or other information provided, transmitted, displayed or made available to Field Effect by Customer or Users by or through the use of the Hosted Model or the Field Effect Content Library;

1.8 “Customer-Provided Content” means content that Customer (i) creates without use of Field Effect Confidential Information or the Field Effect Content Library; and/or (ii) obtains from a third party, and uploads to Customer’s personal library on their Cyber Range instance;

1.9 “Cyber Range” means Field Effect’s Cyber Range software that is made available to Customer under either the On-Premise Model or the Hosted Model, as specified in the Order Form;

1.10 “Effective Date” means the “Effective Date” specified in an Order Form or, if no “Effective Date” is specified, then the date that Customer signs an Order Form;

1.11 “Fees” means the fees and charges specified in the Order Form;

1.12 “Field Effect” means Field Effect Software Inc., 207-825 Exhibition Way, Ontario, Canada K1S 5J3, except as otherwise provided in Section 12.9;

1.13 “Field Effect Content Library” means any course, assessment, scenario or event provided by Field Effect to Customer and accessed either through the Customer’s Cyber Range instance or through the Learning Management System (the “LMS”);

1.14 “High Risk Activity” means activities with a likelihood of injury or death, including but not limited to, controlling aircraft or other modes of human mass transportation, nuclear or chemical facilities, life support systems, weaponry systems or any similar scenario where failure could lead to personal injury, death or environmental damage;

1.15 “Hosted Model” means a Cyber Range installation hosted by Field Effect with access by Customer and its Users in accordance with the terms and conditions herein;

1.16 “Intellectual Property Rights” means any right that is or may be granted or recognized under any Canadian or foreign legislation regarding patents, copyrights, neighbouring rights, moral rights, trade-marks, trade names, service marks, industrial designs, mask work, integrated circuit typography, privacy, publicity, celebrity or personality rights and any other statutory provision or common or civil law principle regarding intellectual and industrial property, whether registered or unregistered, and including rights in any application for any of the foregoing;

1.17 “Learning Management System” means the learning management system used by Field Effect to deliver certain content to Customers under the terms of this Agreement;

1.18 “On-Premise Model” means the Customer installs and maintains, using a license key provided by Field Effect, Cyber Range, and the Field Effect Content Library available via Cyber Range, on its network, in accordance with the terms and conditions herein;

1.19 “Order Form” means an order form for Cyber Range entered into between Field Effect and Customer, and which incorporates these Terms of Use by reference;

1.20 “Personal Information” means information about an identifiable individual as contemplated under applicable privacy laws;

1.21 “Support Services” means the support services for Cyber Range and the LMS (provision of accounts to students) described in Section 2.8.2;

1.22 “Third Party Materials” means data, services, content, software, hardware, add-ons and applications provided by a third party that interoperate with or are complementary to Cyber Range and the Field Effect Content Library. Third Party Materials may include an application that is listed in a catalog or package offered by Field Effect; and

1.23 “User” means any individual who uses or gains access to Cyber Range or the Learning Management System either through Customer’s Account or through access provided by Customer.

2. Use of Cyber Range and Field Effect Content Library

Customer may only receive or access and use, Cyber Range and the Field Effect Content Library: (i) during the Term; (ii) for the business purposes identified in the Order Form; (iii) in accordance with this Agreement; and (iv) subject to any restrictions or limits on the number of Administrators and/or Users or other usage limits set out in the Order Form. An Administrator can manage and configure the Customer’s instance of Cyber Range and the Field Effect Content Library, excluding content in the LMS, but including creation and management of Customer content. Customer is responsible for ensuring that all Users and Administrators comply with Customer’s obligations under this Agreement. If Customer does not understand these Terms of Use or any part of this Agreement or does not agree to any part of these Terms of Use or the Agreement, Customer must not use Cyber Range and the Field Effect Content Library.

2.1 As part of or through Customer’s use of Cyber Range and the Field Effect Content Library, Customer may receive or have access to Third Party Materials. Customer is responsible for complying with any terms or conditions applicable to such Third-Party Materials. Except as may be expressly provided, Third Party Materials are available “AS IS” without indemnification, support, or warranty or condition of any kind from Field Effect.

2.2 Field Effect may provide Cyber Range and the Field Effect Content Library with the assistance of its affiliates, subcontractors, or suppliers. Notwithstanding the foregoing, Field Effect will remain responsible to Customer for delivery of Cyber Range and the Field Effect Content Library.

2.3 Customer may upload Customer-Provided Content to its instance of Cyber Range solely for Customer’s internal use, provided that:

(a) Customer has obtained all necessary rights, licenses and permissions to use, upload and store such Customer-Provided Content;

(i) Customer’s use, uploading and/or storage of the Customer-Provided Content does not infringe, misappropriate or otherwise violate any third party’s intellectual property rights or applicable laws;

(ii) Field Effect assumes no responsibility or liability for any Customer-Provided Content uploaded by Customer; and

(iii) Customer will defend, indemnify, and hold harmless Field Effect and its affiliates from and against any claims, liabilities, losses, or expenses arising from the Customer’s upload or use of Customer-Provided Content.

2.4 For clarity, Field Effect does not claim ownership of any Customer-Provided Content uploaded by Customer and has no responsibility for maintaining or supporting the Customer-Provided Content, but Customer grants Field Effect a limited license to host, transmit and display such content solely as necessary for use with Customer’s instance of Cyber Range. Customer must comply with all laws, rules, and regulations applicable to their use of Cyber Range and the Field Effect Content Library and to any Custom Content, Customer-Provided Content or Customer Data, including but not limited to import and export controls and economic sanctions. Customer agrees that the sale, supply, delivery, servicing, export, re-export and/or use of Cyber Range and the Field Effect Content Library is subject to applicable export controls, economic sanctions, customs, import, and export laws and regulations promulgated and enforced by Canada, the United States, the United Kingdom, European Union, Australia, Customer’s and Users’ country of residence and any other governmental body having jurisdiction over the parties to this Agreement (“Trade Controls”). Customer shall not and shall use commercially reasonable efforts to ensure that is Users do not, permit any third party to directly or indirectly, export, re-export or release Cyber Range, the Field Effect Content Library or any related technical information or materials in violation of any applicable Trade Controls. Customer shall be responsible for any breach of this Section by its Users. Field Effect will not be liable to Customer or User for any loss or expense if Customer fails to comply with any Trade Controls. Customer shall indemnify and hold Field Effect and its affiliates and each of their directors, officers, employees, agents, subcontractors, successors and permitted assigns (collectively, the “FES Parties”) harmless from any claims, fees, expenses or damages related to Customer’s violation of any Trade Controls or this Section 2.4. Upon request, Customer will complete and provide an end use certificate in the form requested by Field Effect. Field Effect may suspend and/or cancel the sale, supply, delivery, servicing, export, and/or re-export of Cyber Range and the Field Effect Content Library, if: (i) Field Effect has not received requested end-user certifications; (ii) the parties have not received required government approvals to comply with Trade Controls; or (iii) Field Effect believes that any sale, supply, delivery, servicing, export, re-export and/or use of Cyber Range and the Field Effect Content Library may violate any Trade Controls. If Cyber Range and/or the Field Effect Content Library are resold or transferred in violation of any Trade Controls or the provisions of this Agreement, Field Effect shall not be obligated to undertake any further activities related to Cyber Range or the Field Effect Content Library.

2.5 Cyber Range and the Field Effect Content Library are licensed, not sold. Field Effect and its licensors own and shall retain all right, title and interest (including without limitation all Intellectual Property Rights) in and to Cyber Range and the Field Effect Content Library and any corrections, bug fixes, enhancements, modifications or new versions thereof, all of which shall be deemed part of Cyber Range and the Field Effect Content Library and subject to all the provisions of this Agreement. As between Field Effect and Customer, Field Effect owns all Intellectual Property Rights in Cyber Range and the Field Effect Content Library.

2.6 Field Effect may update and otherwise modify the Cyber Range and Field Effect Content Library, at its sole discretion, provided such changes do not materially diminish the quality or level of Cyber Range and the Field Effect Content Library.

2.7 Hosted Model – Specific Terms. If Customer has purchased the Hosted Model:

2.7.1 Account - Customer must have an account (“Account”) and is responsible for the information provided to create that Account, the security and passwords for that Account, and for a User’s or Administrator’s use of that Account in accordance with the terms of this Agreement. Administrators and Users must keep login credentials confidential. If Customer believes its Account has been compromised, or if Customer becomes aware of any unauthorized use of its Account, Customer will notify Field Effect by e-mail as promptly as possible at security@fieldeffect.com. The Customer will not permit more Users to access or use the Hosted Model than the number of User licenses specified in the applicable Order Form. If Field Effect determines that the number of actual Users exceeds the licensed quantity, Field Effect may invoice Customer for additional user licenses at the then-current rates and Customer will pay such fees in accordance with the payment terms of this Agreement.

2.7.2 Compliance and Monitoring - Field Effect may monitor use of Cyber Range and the Field Effect Content Library to verify Customer’s and Users’ compliance with this Agreement. Monitoring for compliance may include the collection of configuration, performance, usage, and consumption data, in order to: (i) facilitate or improve Cyber Range and the Field Effect Content Library; and (ii) improve Field Effect’s products and services. Field Effect will not access any Customer Data except for these reasons. Field Effect may request information from Customer to assist with such verification, and Customer shall provide such information to Field Effect. If Field Effect reasonably believes that a problem with Cyber Range or the Field Effect Content Library may result from Customer Data or the use of Cyber Range and the Field Effect Content Library by Customer or Users, Customer will cooperate with Field Effect to identify and resolve the problem; and

2.7.3 Connectivity - Customer is responsible for maintaining a suitable connection to Cyber Range and the Field Effect Content Library and for ensuring that Customer contacts identified in the Order Form are available and responsive when contacted by Field Effect to address and resolve access-related incidents, and to permit Field Effect to carry out support or other services or tasks.

2.8 On-Premises Model – Specific Terms. If Customer has purchased the On-Premises Model:

2.8.1 Scope of License - Subject to the terms and conditions of this Agreement, Field Effect grants to Customer, during the Term, a limited, non-exclusive, non-transferable, non-assignable, revocable and royalty-free license to install, access and use Cyber Range and the Field Effect Content Library on its network (which includes, for greater certainty, secure space within a third party hosted environment) solely for Customer’s internal business purposes as described in an Order Form. Such license grant will be subject to any restrictions or limits on the number of Users, or other usage limits set out in an Order Form. Customer shall not, except with prior written approval of Field Effect, use Cyber Range or the Field Effect Content Library for the benefit of, or disclose the Cyber Range or Field Effect Content Library to, any other agency, department, person, company or other entity. Nothing in this Agreement constitutes a transfer of any Intellectual Property Rights in the Cyber Range or the Field Effect Content Library.

2.8.2 Support Services – Field Effect support hours for core technical support, such as basic troubleshooting and configuration guidance, are Monday to Friday 9:00 a.m.- 5:00 p.m. Eastern time excepting Ontario statutory holidays. During those hours, Field Effect technical staff are available to directly assist Customer with support requests. Support is available through the following methods:

Phone: Canada and the United States: +1.800.299.8986

Email: support@fieldeffect.com

Support tickets will be viewed and promptly acknowledged by Field Effect within twenty-four hours of the submitted support request. The Technical Contact listed on the Order Form will be contacted during Support Hours for questions related to Customer’s support ticket.

2.8.3 Updates and Upgrades – During the Term, Field Effect may make available to Customer, from time to time, updates and upgrades to Cyber Range and the Field Effect Content Library.

2.9 Modification of Cyber Range and Field Effect Content Library. Field Effect may, from time to time: (i) change, update or upgrade (a) Cyber Range and the Field Effect Content Library, (b) the terms governing Customer’s use of Cyber Range or the Field Effect Content Library (including the Privacy Policy), or (c) any portion of the documentation relating to Cyber Range or the Field Effect Content Library; or (ii) elect to cease providing any aspect of Cyber Range or the Field Effect Content Library. Field Effect will give Customer prior notice of any such changes, and the effective dates of such changes, by posting a notice at https://support.fieldeffect.com, or via email or other communications Field Effect typically uses to notify Customer of changes. The modifications will become effective on the date specified in such notice. Customer’s continued use of Cyber Range or the Field Effect Content Library after such effective date will be deemed acceptance of the modified terms. If Field Effect makes a material or detrimental change to Cyber Range and the Field Effect Content Library, the terms governing Customer’s use of Cyber Range and the Field Effect Content Library, or to any part of the Cyber Range and Field Effect Content Library documentation that affects Customer’s use or ability to use Cyber Range or the Field Effect Content Library, Customer may terminate this Agreement by notifying Field Effect no later than thirty (30) days after the effective date of the change. If Customer terminates this Agreement pursuant to this Section 2.9, the termination will be effective as of: (i) the date Field Effect receives Customer’s notice, or (ii) any later date specified in such notice. Customer will be responsible for all Fees incurred up to and including the effective date of any termination pursuant to this Section 2.9.

2.10 Training. Field Effect will provide the training purchased by Customer as set out in the applicable Order Form. Customer may purchase additional training at Field Effect’s standard rates by submitting a request to Field Effect and which may require an additional Order Form.

2.11 Custom Content. Customer may request, and Field Effect may provide, consulting services for the development of Custom Content. Such services shall be delivered pursuant to a statement of work as agreed upon by the parties and additional fees will be applicable.

3. Customer Obligations and Restrictions on Use

3.1 Customer and Users must not: (i) resell, sublicense, or distribute any aspect of Cyber Range or the Field Effect Content Library; (ii) copy, modify, or create derivative works of, reverse engineer, decompile, translate, disassemble, or otherwise attempt to extract any source code of Cyber Range, except to the extent permitted by applicable law; (iii) use Cyber Range or the Field Effect Content Library to directly or indirectly create, train, or improve a substantially similar service or product; (iv) use Cyber Range in connection with any High Risk Activity; (v) access Cyber Range and the Field Effect Content Library in a manner intended to avoid incurring Fees or accepting this Agreement or any other applicable terms; (vi) engage in, promote or encourage illegal activity; (vii) use Cyber Range for any unlawful, invasive, infringing, defamatory or fraudulent purpose (e.g., phishing); (viii) use Cyber Range to intentionally distribute viruses, worms, Trojan horses, corrupted files, hoaxes, or other items of a destructive or deceptive nature; (ix) disable, interfere with or circumvent any aspect of Cyber Range or the Field Effect Content Library; (x) use Cyber Range for purposes of benchmarking or other competitive analysis; (xi) remove any trademarks, copyright notices, restricted rights legends or proprietary markings on the copy of Cyber Range or the Field Effect Content Library originally provided to Customer; or (xii) use Cyber Range or any interfaces provided by or through Cyber Range in any manner or for any purpose not authorized by this Agreement or to access any other Field Effect product or service in a manner that violates or avoids the terms with respect to such other Field Effect product or service. Customer acknowledges Cyber Range is not designed or intended for High Risk Activities, and Field Effect disclaims any liability arising from such prohibited uses.

3.2 If Customer becomes aware of any actual or suspected violation of Section 3.1, Customer must take prompt action to remove applicable Customer Data and/or Custom Content, and/or suspend use of Cyber Range or the Field Effect Content Library. Field Effect may require that Customer take the foregoing or other actions within a specified period of time. If Customer fails to comply with any such request, Field Effect may take steps to suspend or terminate Customer’s use of Cyber Range and the Field Effect Content Library pursuant to Sections 7 or 8.

4. Payment Terms

4.1 Customer will be responsible for paying the applicable Fees for Cyber Range and the Field Effect Content Library as set out in an Order Form. Fees do not include any applicable commodity taxes, or other taxes levied or assessed by any local and/or government authority, or any applicable withholding taxes (collectively “Taxes”) and Customer will be responsible for paying such Taxes. Field Effect will invoice Customer in advance for Fees and Taxes as specified in the Order Form. Unless otherwise expressly set out in an Order Form, payment obligations are non-cancellable, and all Fees are non-refundable. If Customer exceeds applicable limits on the number of licenses or Users, or other usage limits set out in the Order Form, then such overage will be treated as an additional order for such additional licenses, Users, or other usage permissions for the balance of the Term, as determined by Field Effect in its sole discretion, and shall be charged to Customer in accordance with the Fees set out in the Order Form.

4.2 Payment. Payment may be made by credit card, cheque, electronic funds transfer or wire transfer. Field Effect, in its sole discretion, reserves the right to change acceptable methods of payment upon prior notice to Customer. Customer must pay all Fees owing to Field Effect, in the amount and currency, and on the date specified on the applicable invoice. Payment will be due no later than thirty (30) days from the date of the invoice. If any legislation authorizes Customer to purchase Cyber Range or other Field Effect products without payment of commodity taxes, Customer must supply Field Effect, in advance, with sufficient documentary evidence of such authorization. Fees and Taxes are subject to a late payment charge of the lesser of 1.5% per month (18% per annum) or the maximum rate permitted by law, calculated from the invoice date, if Fees and Taxes are not paid when due. Customer will not withhold, set off, or deduct any amounts, except as required by law. If any withholding is required, Customer will gross up payments so that Field Effect receives the full amount it would have received absent such withholding.

4.3 Disputed Charges. Customer shall notify Field Effect within thirty (30) days of the date of the applicable invoice of any charges that Customer disputes and Customer shall provide Field Effect with sufficient detail supporting the basis of the dispute. If Field Effect determines that the basis for the dispute is correct, Field Effect will, at its option, either issue a corrected invoice or a credit memo for the incorrect amount.

5. Proprietary Rights, Access and Privacy

5.1 Ownership of Cyber Range and Field Effect Content Library. As between the parties, Field Effect owns and retains all right, title and interest, and all Intellectual Property Rights in and to Cyber Range, Field Effect Content Library, and Custom Content, including all improvements, enhancements, and modifications thereto or thereof. This includes any information (other than Customer Data) that Field Effect collects and analyzes in connection with Cyber Range, any reports generated by Field Effect, and any suggestions, comments or ideas that Customer contributes to or discloses to Field Effect with respect to Cyber Range, the Field Effect Content Library and Custom Content. Customer’s rights to use Cyber Range, the Field Effect Content Library and Custom Content are limited to those expressly granted in this Agreement. No other rights with respect to Cyber Range or any related Intellectual Property Rights in the Field Effect Content Library or Custom Content are granted or implied.

5.2 Data Ownership. As between the parties, Customer retains all right, title and interest in and to (i) any Customer Data; ii) any proprietary information of Customer included in Custom Content, and any Customer-Provided Content (subject to applicable third-party rights), including all associated Intellectual Property Rights. However, ownership of the Custom Content as a whole, and all Intellectual Property Rights therein (excluding Customer’s proprietary information), will remain with Field Effect. Field Effect’s rights to access and use Customer Data are limited to those expressly set out in these Terms of Use. Unless otherwise specified in an agreed statement of work, Field Effect may include Custom Content in the Field Effect Content Library and make it accessible to other Cyber Range customers, provided that inclusion does not affect Customer’s underlying rights in its proprietary information.

5.3 Privacy; Data Protection. Field Effect may collect, use, process, transfer, store and disclose Customer Data, including Personal Information, as required to provide Cyber Range and the Field Effect Content Library, and in accordance with applicable privacy laws, Section 2, and Field Effect’s privacy policy, found at https://fieldeffect.com/terms-privacy (“Privacy Policy”). Customer warrants and represents that it has obtained all required consents and/or provided all required notifications, including from Users, to allow Field Effect to collect, use, process, transfer and disclose Customer Data, including Personal Information, as contemplated by and under this Agreement and the Privacy Policy.

5.4 Security Responsibilities. Customer is responsible for ensuring that the security of Cyber Range and the Field Effect Content Library is appropriate for Customer’s intended use. Customer is responsible for taking and maintaining appropriate steps to protect the confidentiality, integrity and security of all Customer Data, where applicable, from unauthorized access, use, loss or destruction. Those steps include, but are not limited to: (i) implementing any Field Effect guidance on deployment conditions; (ii) controlling the access that Customer provides to Users; (iii) configuring Cyber Range appropriately; (iv) ensuring the security of Customer Data while it is in transit to and from Cyber Range (if applicable); (v) using encryption technology to protect Customer Data; and (vi) backing up Customer Data. Customer is responsible for providing any necessary notices to Users, including with respect to Customer-Provided Content, and obtaining any legally required authorizations or consents from Users regarding their use of Cyber Range and the Field Effect Content Library.

6. Confidential Information

6.1 Each party will: (i) protect the other party’s Confidential Information with the same standard of care it uses to protect its own Confidential Information of similar nature (but in no event less than a reasonable standard of care); and (ii) not disclose Confidential Information, except to employees, contractors and agents who are bound by confidentiality obligations, on a need-to-know basis. Each party (and any employees, contractors and agents to whom it has disclosed Confidential Information) may use such Confidential Information only to exercise rights and fulfill obligations under this Agreement. Each party is responsible for any actions of its employees and agents in violation of this Section 6.1. Subject to section 5.3, upon termination of this Agreement, the parties will promptly either return or destroy all Confidential Information, and, upon request, provide written certification of compliance with this Section 6.1. Notwithstanding the foregoing, the parties agree that this Section 6.1 does not operate to prevent the parties from retaining the other party’s business contact information (including business email addresses) after termination of this Agreement and in accordance with applicable laws.

6.2 If the receiving party is compelled by law to disclose Confidential Information of the disclosing party, the receiving party shall provide the disclosing party with prior notice of such compelled disclosure (to the extent legally permitted) and reasonable assistance, at the disclosing party’s cost, if the disclosing party wishes to contest the disclosure.

6.3 If the receiving party discloses or uses (or threatens to disclose or use) any Confidential Information of the disclosing party in breach of this Section 6, the disclosing party will have the right, in addition to any other remedies available to it, to seek injunctive relief to enjoin such acts, it being specifically acknowledged by the parties that any other available remedies are inadequate.

6.4 Neither party will issue any press release, public announcement, or public statement regarding the existence or content of this Agreement without the other party’s prior written approval, provided that Field Effect may include Customer’s name and logo online or in promotional materials. Customer may revoke Field Effect’s right to use Customer’s name and logo under this Section 6.4 with written notice to Field Effect and a reasonable period to stop such use. Field Effect will comply with Customer’s reasonable brand guidelines and will not disclose Customer’s Confidential Information in any publicity.

7. Suspension

Field Effect may suspend Customer’s use of Cyber Range and the Field Effect Content Library if (i) Field Effect has not received payment for Cyber Range and the Field Effect Content Library within thirty (30) days after the date on which payment is due; (ii) Customer is in breach of a material term of the Agreement; (iii) Customer’s use of Cyber Range poses a security risk to the intended operation of Cyber Range or to other users of Cyber Range; or (iv) suspension is required pursuant to a court order or other legal requirement. Field Effect will give Customer notice before suspending Customer’s use of Cyber Range or the Field Effect Content Library if permitted by applicable law or unless Field Effect determines that providing notice presents a risk of harm to Cyber Range, to other users of Cyber Range, or to any person or property, in which case Field Effect will notify Customer as soon as feasible or permitted. Customer will remain responsible for all Fees incurred before or during any suspension.

8. Term and Termination

8.1 Term. This Agreement commences on the Effective Date and, unless terminated earlier as provided herein, will remain in effect for the Agreement Term specified in an Order Form (the “Initial Term”).

8.2 Renewal. Unless otherwise stated in an Order Form, this Agreement automatically renews at the end of the Initial Term for successive twelve-month terms, unless either party gives written notice of non-renewal at least sixty (60) days before the expiry of the then-current term (each a “Renewal Term”) and together with the Initial Term, the “Term”). Pricing for any Renewal Term will be calculated based on the then-current standard rates for Cyber Range. Field Effect will provide Customer with at least sixty (60) days advance notice of any increase to the Fees for a Renewal Term before the end of the then-current Initial Term or Renewal Term, as applicable. All other terms and conditions of this Agreement will remain in effect for the Renewal Term(s).

8.3 Termination for Cause. This Agreement may be terminated at any time by:

(a) either party, effective on written notice to the other party, if the other party materially breaches this Agreement, and such breach is: (i) incapable of cure; or (ii) being capable of cure, remains uncured thirty (30) days after receiving written notice of the breach;

(b) either party, effective immediately, if the other party enters into a compulsory or voluntary liquidation, or convenes a meeting of its creditors or has a receiver appointed over any part of its assets or takes or suffers any similar action in consequence of a debt, or ceases for any reason to carry on business;

(c) Field Effect, if Customer does not resolve the underlying cause resulting in a suspension pursuant to Section 7 within ten (10) days after Field Effect’s notice of suspension; and

(d) Field Effect, effective on written notice to the Customer, if Customer fails to pay any undisputed Fees, taxes or other amounts when due under this Agreement and does not cure such failure within ten (10) days after receipt of written notice.

8.4 Effect of Termination. Upon the expiry or termination of this Agreement for any reason, all rights granted to Customer under this Agreement, including Customer’s right to use Cyber Range and the Field Effect Content Library, will immediately terminate and Customer must: (i) stop all use of Cyber Range and the Field Effect Content Library, (ii) return or, if Field Effect requests, destroy any Confidential Information of Field Effect, and (iii) within thirty (30) days destroy all versions of Cyber Range and the Field Effect Content Library within Customer’s and its Users’ possession or control; and (iv) pay all Fees owing as of the termination date, including any early termination fees specified in an Order Form. As between Customer and Field Effect, Customer is responsible for ensuring that Customer has the necessary copies of all Customer Data prior to the date of expiry or termination. Except to the extent permitted under Section 8.3(a) in the case of a breach by Field Effect or Section 10.3 due to a breach by Field Effect, termination of this Agreement will not entitle Customer to any refunds, credits or exchanges.

8.5 Survival. Any provision that, by its nature and context is intended to survive termination or expiration of this Agreement, including Sections 1, 4, 5, 6, 8, 9, 10, and 11 will survive.

9. Warranty and Disclaimer

FIELD EFFECT DOES NOT WARRANT THAT THE OPERATION OF CYBER RANGE AND THE FIELD EFFECT CONTENT LIBRARY WILL BE UNINTERRUPTED OR ERROR FREE, OR THAT CYBER RANGE AND THE FIELD EFFECT CONTENT LIBRARY WILL MEET (OR IS DESIGNED TO MEET) CUSTOMER’S BUSINESS REQUIREMENTS. SUBJECT TO SECTION 11.3, FIELD EFFECT IS NOT RESPONSIBLE OR LIABLE FOR THE DELETION OF OR FAILURE TO STORE ANY CUSTOMER DATA OR THE DISABLING OF OTHER COMMUNICATIONS MAINTAINED OR TRANSMITTED THROUGH CUSTOMER’S USE OF CYBER RANGE AND THE FIELD EFFECT CONTENT LIBRARY. CUSTOMER, AND ITS USERS, AS APPLICABLE, ARE SOLELY RESPONSIBLE FOR SECURING AND BACKING UP CUSTOMER DATA AT ALL TIMES. TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, FIELD EFFECT DOES NOT MAKE ANY WARRANTIES OR CONDITIONS OF ANY KIND RELATED TO CYBER RANGE AND THE FIELD EFFECT CONTENT LIBRARY, WHETHER EXPRESS, IMPLIED, STATUTORY OR OTHERWISE, INCLUDING WARRANTIES AND CONDITIONS OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT OR RELIABILITY.

10. Indemnification

10.1 Indemnification by Customer. If Field Effect or any FES Parties are subject to any third party claim or demand concerning: (i) any Customer Data; (ii) any infringement or misappropriation of any Intellectual Property Rights by Customer or any Users in connection with the use of Cyber Range, the Field Effect Content Library, Custom Content or Customer-Provided Content; (iii) any violation of law by Customer or any Users in connection with the use of Cyber Range, the Field Effect Content Library, Custom Content, or Customer-Provided Content; (iv) Customer’s or Users’ use of Cyber Range and the Field Effect Content Library in violation of this Agreement; (v) unauthorized disclosure of Customer Data or Customer-Provided Content to Field Effect or any FES Parties; or (vi) Customer’s or Users’ use of any Third Party Materials (collectively, “Claims”), Customer will defend, indemnify and hold Field Effect and the FES Parties harmless from and against any such Claims and any and all fines, losses, damages or other costs arising out of or otherwise relating to the Claims, including reasonable legal fees, disbursements and charges and costs of enforcing any right to indemnification hereunder, or agreed to in settlement of the Claims. Field Effect will: (i) notify Customer as soon as possible, in writing, of any Claim; (ii) give Customer control over the defence regarding any Claim; and (iii) reasonably cooperate in response to Customer’s requests for assistance. Subject to the foregoing, Field Effect may participate in the defence or settlement of the Claim, at its own expense. Customer will not settle any Claims, without Field Effect’s prior written consent, not to be unreasonably withheld.

10.2 Indemnification by Field Effect. Field Effect agrees to defend, indemnify and hold Customer harmless against any third party claims alleging that Cyber Range and the Field Effect Content Library (excluding Customer’s proprietary information included in Custom Content and Customer-Provided Content) or use of Cyber Range and the Field Effect Content Library (excluding Customer’s proprietary information included in Custom Content and Customer-Provided Content) for purposes authorized in this Agreement infringes any Intellectual Property Rights or other proprietary right of such third party or constitutes misuse or misappropriation of a trade secret of a third party (an “Infringement Claim”). Customer will: (i) notify Field Effect as soon as possible in writing of any Infringement Claim; (ii) give Field Effect control over the defence regarding the Infringement Claim; and (iii) reasonably cooperate in response to Field Effect’s requests for assistance. Field Effect will pay all damages finally awarded against and reasonable legal expenses incurred by Customer.

10.3 If Cyber Range and/or the Field Effect Content Library (excluding Customer’s proprietary information included in Custom Content and Customer-Provided Content) become or, in Field Effect’s opinion, is likely to become the subject of an Infringement Claim, Field Effect will, at Field Effect’s option and expense: (i) procure the rights necessary for Customer to keep using Cyber Range and the Field Effect Content Library; (ii) modify or replace Cyber Range and/or the Field Effect Content Library to make it non-infringing; or (iii) terminate this Agreement and refund any prepaid Fees for the remaining portion of the Term.

10.4 Field Effect will have no obligation under Section 10.2 or otherwise with respect to any Infringement Claim based on: (i) Third Party Materials; (ii) Customer-Provided Content; (iii) any combination of Field Effect products and services with non-Field Effect products or services, including any Third Party Materials and/or Customer-Provided Content; (iv) use of Cyber Range and the Field Effect Content Library for a purpose or in a manner not permitted by this Agreement; (v) any modification to Cyber Range and the Field Effect Content Library made without Field Effect’s express written consent or as permitted by this Agreement; (vi) the use of Custom Content not in accordance with these Terms of Use; or (vii) any aspect of Cyber Range provided on a no-charge, trial, beta or evaluation basis.

10.5 This Section 10 sets out Customer’s sole remedies and Field Effect’s sole liability and obligation for any actual, threatened or alleged claims that Cyber Range or the Field Effect Content Library infringe, misappropriate, or otherwise violate any Intellectual Property Rights of any third party.

11. Limitation of liability

11.1 LIABILITY FOR DAMAGES. THE TOTAL, CUMULATIVE, AGGREGATE LIABILITY OF FIELD EFFECT AND THE FES PARTIES TO CUSTOMER FOR DAMAGES, EXPENSES, COSTS, LIABILITY, CLAIMS OR LOSSES (COLLECTIVELY “DAMAGES”) ARISING OUT OF OR IN CONNECTION WITH THIS AGREEMENT OR THE PROVISION OF CYBER RANGE, THE FIELD EFFECT CONTENT LIBRARY AND CUSTOM CONTENT HEREUNDER, WHETHER ARISING IN NEGLIGENCE, TORT, STATUTE, EQUITY, CONTRACT, COMMON LAW, OR ANY OTHER CAUSE OF ACTION OR LEGAL THEORY EVEN IF FIELD EFFECT OR THE FES PARTIES HAVE BEEN ADVISED OF THE POSSIBILITY OF THOSE DAMAGES, IS LIMITED TO DIRECT, ACTUAL, PROVABLE DAMAGES AND WILL IN NO EVENT EXCEED THE TOTAL FEES PAID OR PAYABLE BY CUSTOMER UNDER THIS AGREEMENT FOR THE TWELVE (12) MONTH PERIOD IMMEDIATELY PRECEDING THE EVENT GIVING RISE TO THE DAMAGES (IN THE AGGREGATE FOR ALL CLAIMS). THE LIMITATIONS SET OUT IN THIS SECTION 11 WILL SURVIVE AND APPLY EVEN IF ANY LIMITED REMEDY SPECIFIED IN THIS AGREEMENT IS FOUND TO HAVE FAILED OF ITS ESSENTIAL PURPOSE.

11.2 NO LIABILITY FOR CERTAIN DAMAGES. IN NO EVENT WILL EITHER PARTY BE LIABLE FOR ANY LOST BUSINESS REVENUE, LOSS OF PROFITS, OR FAILURE TO REALIZE EXPECTED PROFITS OR SAVINGS OR ANY INDIRECT, CONSEQUENTIAL, EXEMPLARY, INCIDENTAL, SPECIAL OR PUNITIVE LOSSES OR DAMAGES REGARDLESS OF THE FORM IN WHICH ANY ACTION IS BROUGHT, WHETHER ARISING IN NEGLIGENCE, TORT, STATUTE, EQUITY, CONTRACT, COMMON LAW, OR ANY OTHER CAUSE OF ACTION OR LEGAL THEORY EVEN IF SUCH PARTY HAS BEEN ADVISED OF OR HAD KNOWLEDGE OF THE POSSIBILITY OF SUCH DAMAGES OR SUCH DAMAGES WERE OTHERWISE FORESEEABLE. FIELD EFFECT AND THE FES PARTIES WILL NOT BE LIABLE FOR ANY DAMAGES WHATSOEVER FOR DAMAGE TO CUSTOMER NETWORKS OR THE NETWORK OF ANY THIRD PARTY AS A RESULT OF THE DELIVERY OF CYBER RANGE AND THE FIELD EFFECT CONTENT LIBRARY, INCLUDING ACCESS TO CUSTOMER NETWORKS AND CUSTOMER DATA.

11.3 NOTWITHSTANDING ANYTHING IN THIS AGREEMENT, INCLUDING BUT NOT LIMITED TO THIS SECTION 11, IF ANY CUSTOMER DATA IS LOST, DAMAGED, OR CORRUPTED AS A RESULT OF FIELD EFFECT’S OR THE FES PARTIES’ GROSS NEGLIGENCE OR WILLFUL MISCONDUCT, FIELD EFFECT’S AND THE FES PARTIES SOLE LIABILITY IS, AT FIELD EFFECT’S EXPENSE, TO RESTORE CUSTOMER DATA USING THE MOST RECENT BACK-UP KEPT BY CUSTOMER. CUSTOMER IS RESPONSIBLE FOR MAINTAINING AT ALL TIMES AN ADEQUATE BACK-UP OF CUSTOMER DATA.

11.4 Nothing in this Agreement is intended to exclude or limit in any way the liability of either party for death or personal injury resulting from such party’s negligence or its own fraud or fraudulent misrepresentation. The limitations in Sections 11.1 and 11.2 will not apply to: (a) a party’s indemnification obligations under Section 10; (b) a breach of Section 6 (Confidential Information); (c) a party’s gross negligence or willful misconduct; or (d) amounts that cannot be excluded or limited under applicable law.

12. GENERAL

12.1 Assignment. Customer may not assign this Agreement, in whole or in part, without the prior written consent of Field Effect. Field Effect may, without the consent of Customer, assign any of its rights or delegate any of its duties under this Agreement if such assignment or delegation, or both, is to: (a) a FES Party. (b) a successor of Field Effect, by amalgamation or operation of law, (c) a purchaser of all or substantially all of Field Effect’s assets, or (d) a lender to Field Effect as collateral security. Upon the completion of a permitted assignment of rights and/or delegation of duties, obligations or liabilities by Field Effect under this Agreement, the assignee is deemed to be substituted for Field Effect as a party to this Agreement and Field Effect is released from all of its obligations and duties to perform under this Agreement. This Agreement shall bind and enure to the benefit of the parties and their respective successors and permitted assigns.

12.2 Notices. All notices and consents provided to Customer shall be given in writing and will be: (i) sent to the email address provided by Customer to Field Effect on an Order Form. All legal notices or other correspondence to Field Effect must be sent to legal@fieldeffect.com and to Field Effect Software Inc., 207-825 Exhibition Way, Ottawa, Ontario, Canada K1S 5J3, Attn: Legal. Notices are deemed given: (a) when received if sent by courier with tracking; (b) on the third Business Day after mailing by registered mail; or (c) on the day sent if by email, if sent during business hours on a Business Day (otherwise on the next Business Day), provided the sender does not receive a bounce-back. Either party may update its notice details by notice to the other party.

12.3 No waiver. No waiver of any provision of this Agreement shall bind a party unless consented to in writing by that party. No waiver of any provision of this Agreement shall be a waiver of any other provision, nor shall any waiver be a continuing waiver, unless otherwise expressly provided in the waiver.

12.4 Severability. If any provision of this Agreement is found by a court of competent jurisdiction to be invalid, illegal or unenforceable, the other provisions of this Agreement shall not be affected or impaired, and the offending provision shall automatically be modified to the least extent necessary in order to be valid, legal and enforceable.

12.5 Force Majeure. Field Effect will not be liable for any delay or failure to perform its obligations under this Agreement to the extent that the failure is caused by an Event of Force Majeure, provided that Field Effect provides notice to Customer and keeps Customer informed in such circumstances and reasonably endeavours to rectify the situation. “Event of Force Majeure” means any event beyond the reasonable control of Field Effect, including acts of God, labour issues (including disputes, walkouts and strikes), war (including civil war), acts of any state or government including promulgation of economic sanctions, acts of terrorism, fire, explosions, the elements, epidemics, pandemics, outbreak of disease or quarantine, blackout, embargo, material outage or failure of third-party hosting or telecommunications services, or any delay or interruption in third party telecommunications services. Payment obligations are suspended only to the extent performance or payment is illegal or impossible due to applicable law or sanctions.

12.6 Entire Agreement. This Agreement (including the Privacy Policy) is the entire agreement between the parties with respect to the subject matter and supersedes any and all other prior or contemporaneous discussions, negotiations, representations, agreements and understandings between the parties, whether written or oral, relating to the subject matter. In entering into this Agreement, neither party has relied on, and neither party will have any right or remedy based on any statement, representation or warranty, express or implied (including through course of dealing), except those expressly set out in this Agreement. The terms and conditions of any agreements (including purchase orders) supplied by Customer shall be void and not applicable.

12.7 Interpretation. The headings are for convenience of reference only and will not affect its construction or interpretation. The words “include” or “including” means “include without limitation” and “including without limitation,” respectively. In the event of any conflict or inconsistency between these Terms of Use and an Order Form, the Order Form will govern to the extent it expressly states a deviation for the same subject matter.

12.8 No Partnership and Third-Party Beneficiaries. This Agreement shall not be construed to and does not create a relationship of agency, partnership, employment or joint venture. Nothing in this Agreement, express or implied, shall or is intended to confer on any other person, firm or enterprise, any rights, benefits, remedies, obligations or liabilities of this Agreement, other than the parties, their respective successors or permitted assigns.

12.9 Governing Law. If the Customer is located in Canada or any country other than the United States, this Agreement is governed by the laws of the Province of Ontario, Canada and the laws of Canada applicable therein, and the parties agree to submit exclusively to the jurisdiction of the courts in Ottawa, Ontario in respect of all matters arising out of or in connection with this Agreement. If the Customer is located in the United States, then the contracting entity is Field Effect Security, Inc. and this Agreement is governed by the laws of Delaware and the courts of the State of Delaware will have exclusive jurisdiction over all matters arising out of or in connection with this Agreement. Each party irrevocably waives any right to trial by jury to the extent permitted by law.

12.10 Language. The parties have requested that this Agreement and all correspondence and all documentation relating to this Agreement be written in the English language. Les parties aux présentes ont exigé que la présente entente, de même que toute la correspondance et la documentation relative à cette entente, soient rédigées en langue anglaise.

Field Effect Software Inc. Confidential

November 14, 2025 (v. 3.0)