Evaluation EULA

BEFORE USING APPDYNAMICS LITE, NODETIME, APPDYNAMICS PRO ON A LIMITED 15-DAY TRIAL BASIS OR ANY OTHER PRODUCTS THAT MAY BE MADE AVAILABLE BY APPDYNAMICS ON AN EVALUATION OR EARLY ACCESS BASIS, OR OTHERWISE, UNDER THESE TERMS (AS APPLICABLE, WHETHER DOWNLOADED OR AVAILABLE ONLINE, THE “SOFTWARE”), PLEASE READ THIS EVALUATION END USER LICENSE AGREEMENT (THIS “EVALUATION EULA”), WHICH CONSTITUTES A BINDING AND EXECUTED WRITTEN AGREEMENT BETWEEN THE COMPANY OF WHICH YOU ARE A DULY AUTHORIZED EMPLOYEE OR AGENT AS THE PARTY ACCESSING THE SOFTWARE (“END USER”) AND APPDYNAMICS, INC. (“APPDYNAMICS”).

PLEASE NOTE: IF YOU HAVE AN EXISTING, SEPARATE AGREEMENT WITH APPDYNAMICS WITH RESPECT TO ANY APPDYNAMICS’ PRODUCTS OR SERVICES, THIS EVALUATION EULA DOES NOT SUPERSEDE SUCH AGREEMENT WITH RESPECT TO THOSE PRODUCTS OR SERVICES.

1. Access to Software; Term.

(a) Subject to the terms and conditions of this Evaluation EULA, AppDynamics hereby grants End User, during the Term (as defined below), a non-exclusive, non-transferable, non-sublicenseable, limited right to use and/or access the Software for its internal business purposes only, solely in accordance with the License Key (as defined below) provided to End User. End User may use the number and type of licenses authorized in writing by AppDynamics or indicated on AppDynamics’ website prior to End User’s downloading or accessing the Software, which will be enabled by End User’s specific license key provided by AppDynamics to End User for the Software (“License Key”). AppDynamics has the right to immediately revoke and terminate this Evaluation EULA at any time. This Evaluation EULA does not entitle End User to any technical support with respect to the Software, but any such support provided by AppDynamics in its sole discretion shall be subject to this Evaluation EULA. AppDynamics shall have the right to downgrade, limit or otherwise modify Software provided for alpha, beta or other no-fee evaluation use at any time without notice.

(b) The “Term” (unless earlier terminated in accordance with this Evaluation EULA) is either (a) if End User is using AppDynamics Lite, that period of time from End User’s download of AppDynamics Lite until End User receives written notice of termination of this Evaluation EULA from AppDynamics; (b) if End User is using AppDynamics Pro on a limited 15-day trial basis, that period of time from End User’s download of AppDynamics Pro until 15 days after such download; or (c) with respect to any other product, for the period enabled by the License Key for the Software provided by AppDynamics.

2. Restrictions.

(a) End User shall not (and shall not permit any third party to): (a) sublicense, sell, resell, transfer, assign, distribute, share, lease, rent, make any external commercial use of, outsource, use on a timeshare or service bureau, or use in an application service provider or managed service provider environment, or otherwise generate income from the Software; (b) copy the Software onto any public or distributed network, except for an internal and secure cloud computing environment; (c) cause the decompiling, disassembly, or reverse engineering of any portion of the Software, or attempt to discover any source code or other operational mechanisms of the Software (except where such restriction is expressly prohibited by law without the possibility of waiver, and then only upon prior written notice to AppDynamics); (d) modify, adapt, translate or create derivative works based on all or any part of the Software; (e) use any Third Party Software (as defined below) provided with the Software other than with the Software; (f) modify any proprietary rights notices that appear in the Software or components thereof; (g) publish the results of any benchmarking tests run on any Third Party Software; (h) use any Software in violation of any applicable laws and regulations (including any export laws, restrictions, national security controls and regulations) or outside of the license scope set forth in Section 1.1; (i) use the Software in support of any nuclear proliferation, chemical weapon, biological weapon or missile proliferation activity; (j) configure the Software to collect any (1) social security numbers or other government-issued identification numbers, (2) passwords or other authentication credentials, (3) health information, biometric data, genetic data, or payment/financial information, (4) any data relating to a person under the age of 13 years old, or (5) any other data that is subject to regulatory or contractual handling requirements (e.g., PCI, HIPAA, or state and federal data security laws) (collectively, “Prohibited Data”); or (k) use the Software to (1) store, download or transmit infringing, libelous, or otherwise unlawful or tortious material, or malicious code or malware, or (2) engage in phishing, spamming, denial-of-service attacks or other fraudulent or criminal activity, (3) interfere with or disrupt the integrity or performance of third party systems, or the Software or data contained therein, or (4) attempt to gain unauthorized access to the Software or AppDynamics' systems or networks, or (5) perform, or engage any third party to perform, authenticated or unauthenticated penetration testing, vulnerability assessments or other security assessments on the SaaS version of the Software. End User shall not export or re-export, directly or indirectly, any Software or technical data or any copy, portions or direct product thereof (i) in violation of any applicable laws and regulations, (ii) to any country for which the United States or any other government, or any agency thereof, at the time of export requires an export license or other governmental approval, including Cuba, Libya, North Korea, Iran, Iraq, or Rwanda or any other Group D:1 or E:2 country (or to a national or resident thereof) specified in the then current Supplement No. 1 to part 740 of the U.S. Export Administration Regulations (or any successor supplement or regulations, without first obtaining such license or approval) or (ii) to anyone on the U.S. Treasury Department’s list of Specially Designated Nationals or the U.S. Commerce Department’s Table of Denial Orders. End User shall, at its own expense, obtain all necessary customs, import, or other governmental authorizations and approvals.

(b) End User shall notify AppDynamics promptly of any unauthorized use of any password or account or any other known or suspected breach of security or misuse of the Software. End User is responsible for use of the Software by any and all employees, or other users that it allows to access the Software.

3. Training and Enablement Services. Subject to the terms hereof (including payment of any applicable fees set forth in the Order Form), AppDynamics will provide the training, enablement and/or other services described in an Order Form (or statement of work referencing this Agreement), if any (“Services”). All Services will be rendered on a time and materials basis. AppDynamics will not exceed the total time purchased without prior written approval from End User. If the Services purchased have been consumed, AppDynamics will stop the Services until additional Services have been purchased. If End User elects not to purchase additional Services, then the Services will be deemed complete. If not used, pre-purchased Services and expenses expire twelve (12) months after the date purchased (unless otherwise set forth in the applicable Order Form). End User agrees to provide reasonable cooperation and information as necessary to permit AppDynamics to perform the Services. End User will reimburse AppDynamics for travel and expenses (at cost) incurred in connection with the Services (if any) by the Invoice Due Date (as defined below). Services will be performed on business days (a business day means Monday through Friday, excluding national holidays, during working hours, in the location where the Services are delivered). Saturday Services, and hours worked during the week that exceed the local working hours in a week, will be charged at the agreed rate x 1.5. Services performed on Sundays or national holidays will be charged at 2 x the agreed rate. If End User cancels or delays any scheduled Services less than ten (10) business days before the start date of such Services, then AppDynamics will deduct from End User's account (or End User will pay for) the amount of Services that were scheduled in any of the ten (10) business days following the date of cancellation (or notification of the delay, as applicable), and End User will fully reimburse AppDynamics for any reasonable travel and expenses incurred by AppDynamics for such Services (and for any Services rescheduled by End User) for which AppDynamics is unable to obtain a refund. During the License Term (for Subscription Licenses) or during the Maintenance and Support Term (for perpetual licenses), and in each case for a period of twelve (12) months thereafter, without AppDynamics’ prior written approval, End User will not solicit for employment or consultancy any AppDynamics’ employees who participated in the performance of Services.

4. Confidentiality

(a) Scope and Restrictions. "Confidential Information" means all information of a party ("Disclosing Party") disclosed to the other party ("Receiving Party") that is designated in writing or identified as confidential at the time of disclosure or should be reasonably known by the Receiving Party to be confidential due to the nature of the information disclosed and the circumstances surrounding the disclosure. This Evaluation EULA, the Software, any technical or other documentation relating to the Software, logins, passwords and other access codes and any and all information regarding AppDynamics’ business, products and services are the Confidential Information of AppDynamics. The Receiving Party will: (i) not use the Disclosing Party’s Confidential Information for any purpose outside of this Evaluation EULA; (ii) not disclose such Confidential Information to any person or entity, other than its affiliates, employees, consultants, agents, and professional advisers, who have a “need to know” for the Receiving Party to exercise its rights or perform its obligations hereunder provided that such employees, consultants, and agents are bound by agreements or, in the case of professional advisers, ethical duties respecting such Confidential Information in accordance with the terms of this Section 4; and (iii) use reasonable measures to protect the confidentiality of such Confidential Information. If the Receiving Party is required by applicable law or court order to make any disclosure of such Confidential Information, it will first give written notice of such requirement to the Disclosing Party, and, to the extent within its control, permit the Disclosing Party to intervene in any relevant proceedings to protect its interests in its Confidential Information, and provide full cooperation to the Disclosing Party in seeking to obtain such protection. Further, this Section 4 will not apply to information that the Receiving Party can document: (i) was rightfully in its possession or known to it prior to receipt; (ii) is or has become public knowledge or publicly available through no fault of the Receiving Party; (iii) is rightfully obtained by the Receiving Party from a third party without breach of any confidentiality obligation; or (iv) is independently developed by employees of the Receiving Party who had no access to such information.

(b) Equitable Relief. The Receiving Party acknowledges that unauthorized disclosure of the Disclosing Party’s Confidential Information could cause substantial harm to the Disclosing Party for which damages alone might not be a sufficient remedy and, therefore, that upon any such disclosure by the Receiving Party the Disclosing Party will be entitled to appropriate equitable relief in addition to whatever other remedies it might have at law or equity.

5. Proprietary Rights. AppDynamics and its suppliers own and shall retain all proprietary rights, including all copyright, patent, trade secret, trademark and all other intellectual property rights, in and to the Software. End User acknowledges that the rights granted under this Evaluation EULA do not provide End User with title to or ownership of the Software. Certain “free” or “open source” based software (the “FOSS Software”) and third party software (the “Third Party Software”) is shipped with the Software but is not considered part of the Software hereunder. A list of the FOSS Software and Third Party Software is set forth on the webpage located here. With respect to Third Party Software included with the Software, such Third Party Software suppliers are third party beneficiaries of this Evaluation EULA. End User’s use of such FOSS Software is subject to the terms of the licenses set forth on such webpage. The Software and Third Party Software may only be used by End User as prescribed by the AppDynamics documentation located at http://docs.appdynamics.com (as it may be updated from time to time, the “Documentation”). Further, if End User provides AppDynamics any feedback, ideas, concepts or suggestions about the Software or AppDynamics’ business, technology or Confidential Information (“Feedback”), End User grants AppDynamics, without charge, the fully paid-up, irrevocable right and license to use, share, commercialize and otherwise fully exercise and exploit such Feedback and all related rights (and to allow others to do so) in any way.

6. Fees: To the extent the Software or any portion thereof is made available for any fee (for example, subscriptions to Nodetime), End User will be required to select a payment plan and provide AppDynamics information regarding End User’s credit card or other payment instrument. End User represents and warrants to AppDynamics that such information is true and that End User is authorized to use the payment instrument. End User will promptly update its account information with any changes (for example, a change in billing address or credit card expiration date) that may occur. End User agrees to pay AppDynamics the amount that is specified in the payment plan in accordance with the terms of such plan and this Evaluation EULA. If use of the Software requires payment of any fees, then End User hereby authorizes AppDynamics to bill End User’s payment instrument in advance on a periodic basis in accordance with the terms of the applicable payment plan until this Evaluation EULA is terminated or expires, and End User further agrees to pay any charges so incurred. If End User disputes any charges End User must let AppDynamics know within thirty (30) days after the date that AppDynamics charges End User. AppDynamics reserve the right to change AppDynamics’ prices at the end of End User’s applicable subscription term. If AppDynamics does change prices, AppDynamics will update the prices on the AppDynamics’ website or provide notice by email to End User, at AppDynamics’ option, before the change is to take effect. End User’s continued use of the Software after the price change becomes effective constitutes End User’s agreement to pay the changed amount. AppDynamics may choose to bill through an invoice, in which case, full payment for invoices issued in any given month must be received by AppDynamics thirty (30) days after the date of the invoice, or use of the Software may be terminated. Unpaid invoices are subject to a finance charge of 1.5% per month on any outstanding balance, or the maximum permitted by law, whichever is lower, plus all expenses of collection. End Users who pay any fees for the Software shall pay invoices in full without any set-off, counterclaim, deduction or withholding (other than any deduction or withholding of tax as required by law). If requested by AppDynamics, End User will obtain and furnish to AppDynamics tax receipts or other certificates issued by the competent taxation office showing the payments of the withholding tax within a reasonable time after payment. End Users who pay any fees for the Software shall be responsible for all taxes, levies, or duties imposed by taxing authorities, if any, associated with such use of the Software, other than U.S. taxes based on AppDynamics’ net income.

7. Termination. Upon expiration or termination of the Term for any reason, (i) End User shall cease any further use of the Software and destroy any copies of the Software and Documentation within End User’s possession or control and (ii) each Receiving Party will return or destroy, at the Disclosing Party’s option, the Disclosing Party’s Confidential Information in the Receiving Party’s possession or control. End User represents and warrants that (i) s/he has not previously evaluated the Software, and (ii) will not attempt to, by any means, evaluate the Software again without payment. End User agrees that breach of this provision or this Evaluation EULA may subject End User to monetary penalties, including payment of all applicable fees as though the Software were licensed for payment. In addition to any other rights set forth herein, unless End User has purchased a subscription to the Software (such as Nodetime), AppDynamics may in its sole discretion immediately restrict, suspend, revoke, or terminate End User’s access to the Software, in whole or in part and without notice. If End User has purchased a subscription to Software pursuant to this Evaluation EULA, then if either party commits a material breach of this Evaluation EULA, and such breach has not been cured within thirty (30) days after receipt of written notice thereof, the non-breaching party may terminate this Evaluation EULA, except that AppDynamics may immediately terminate this Evaluation EULA upon End User’s breach of Section 2(a). Note that AppDynamics may delete any account and all data contained therein, without notice, if such account is inactive for ninety (90) days or more. Sections 2 through 13 of this Evaluation EULA will survive any expiration or termination hereof.

8. Disclaimer of Warranties. THE SOFTWARE AND DOCUMENTATION IS BEING PROVIDED TO END USER WITHOUT CHARGE FOR EVALUATION PURPOSES ONLY, AND IS THEREFORE BEING PROVIDED “AS IS”. APPDYNAMICS AND ITS SUPPLIERS EXPRESSLY DISCLAIM ANY AND ALL OTHER REPRESENTATIONS AND WARRANTIES, EITHER EXPRESS, IMPLIED, STATUTORY, OR OTHERWISE, WITH RESPECT THERETO, INCLUDING ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE, NON-INFRINGEMENT, OR THE CONTINUOUS, UNINTERRUPTED, ERROR-FREE, VIRUS-FREE, OR SECURE ACCESS TO OR OPERATION OF THE SOFTWARE. APPDYNAMICS EXPRESSLY DISCLAIMS ANY WARRANTY AS TO THE ACCURACY OR COMPLETENESS OF ANY INFORMATION OR DATA ACCESSED OR USED IN CONNECTION WITH THE SOFTWARE AND DOCUMENTATION. AppDynamics is not responsible for any delays, delivery failures, or any other loss or damage resulting from the transfer of data over communications networks and facilities, including the Internet, and End User acknowledges that the Software and Documentation may be subject to limitations, delays and other problems inherent in the use of such communications facilities. The Software is not fault-tolerant and is not designed or intended for use in hazardous environments, including without limitation, in the operation of aircraft or other modes of human mass transportation, nuclear or chemical facilities, life support systems, implantable medical equipment, motor vehicles or weaponry systems, or any other application in which failure of the Software could lead to death or serious bodily injury of a person, or to severe physical or environmental damage (each, a “High Risk Use”). AppDynamics expressly disclaims any express or implied warranty or representation of fitness for High Risk Use.

9. Indemnity. End User agrees to defend, at its expense, AppDynamics, and its affiliates, its suppliers and its resellers against any third party claim to the extent such claim arises from or is made in connection with End User’s breach of Section 2(a) or End User’s negligence or willful misconduct, and End User shall pay all costs and damages finally awarded against AppDynamics by a court of competent jurisdiction as a result of any such claim.

10. Limitation of Liability. The following limit will not apply to the extent prohibited by applicable law. IN NO EVENT SHALL APPDYNAMICS BE LIABLE FOR (I) ANY INDIRECT, INCIDENTAL, PUNITIVE, SPECIAL OR CONSEQUENTIAL DAMAGES, INCLUDING DAMAGES FOR LOSS OF REVENUES OR PROFITS, LOSS OF USE, BUSINESS INTERRUPTION, OR LOSS OF DATA, WHETHER IN AN ACTION IN CONTRACT OR TORT, EVEN IF IT HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES OR (II) ANY OTHER DAMAGES IN EXCESS OF ONE HUNDRED DOLLARS (US$100).

11. Data Collection.

(a) End User acknowledges that AppDynamics’ application server and machine software agents collect metrics that relate to the performance, health and resource of an application, its components (transactions, code libraries) and related infrastructure (nodes, tiers) that service those components. In addition, AppDynamics may collect metrics on End Users’ activities, such as web pages visited, length of visit, and which features of the Software an End User uses. If End User provides AppDynamics with any personally identifiable information (“Personal Data”), End User represents and warrants that such information has been collected by End User in accordance with the provisions of all applicable data protection legislation and that End User has all right and consents necessary to provide such personal data to AppDynamics. End User will indemnify AppDynamics for reasonable costs and other amounts that AppDynamics may incur relating to any breach of this Section.

(b) If End User is subject to Regulation 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), the terms of Exhibit A (Data Protection) and its Annex A shall apply.

12. US GOVERNMENT MATTERS. As defined in FAR section 2.101, the Software and Documentation are “commercial items” and according to DFAR section 252.227 7014(a)(1) and (5) are deemed to be “commercial computer software” and “commercial computer software documentation.” Consistent with DFAR section 227.7202 and FAR section 12.212, any use modification, reproduction, release, performance, display, or disclosure of such commercial software or commercial software documentation by the U.S. Government will be governed solely by the terms of this Evaluation EULA and will be prohibited except to the extent expressly permitted by the terms of this Evaluation EULA.

13. MISCELLANEOUS. This Evaluation EULA shall be governed by and construed under the laws of the State of California, U.S.A. The parties consent to the exclusive jurisdiction and venue of the courts located in and serving San Francisco, California. Failure by either Party to exercise any of its rights under, or to enforce any provision of, this Evaluation EULA will not be deemed a waiver or forfeiture of such rights or ability to enforce such provision. If any provision of this Evaluation EULA is held by a court of competent jurisdiction to be illegal, invalid or unenforceable, such provision will be amended to achieve as nearly as possible the same economic effect of the original provision and the remainder of this Evaluation EULA will remain in full force and effect. This Evaluation EULA represents the entire agreement between the parties and supersedes any previous or contemporaneous oral or written agreements or communications regarding the subject matter of this Evaluation EULA. The person signing or otherwise accepting this Evaluation EULA for End User represents that s/he is duly authorized by all necessary and appropriate corporate action to enter into this Evaluation EULA on behalf of End User. Any modification to this Evaluation EULA must be in writing and signed by a duly authorized agent of both parties. The Uniform Computer Information Transactions Act (UCITA) does not apply to this Evaluation EULA. For purposes of this Evaluation EULA, “including” means “including without limitation.” The rights and remedies of the parties hereunder will be deemed cumulative and not exclusive of any other right or remedy conferred by this Evaluation EULA or by law or equity. No joint venture, partnership, employment, or agency relationship exists between the parties as a result of this Evaluation EULA or use of the Software. AppDynamics reserves the right to perform its obligations from locations and/or through use of affiliates and subcontractors, worldwide, provided that AppDynamics will be responsible for such parties. End User may not assign this Evaluation EULA without the prior written approval of AppDynamics and any purported assignment in violation of this section shall be void; AppDynamics may assign, transfer, or subcontract this Evaluation in whole or in part. AppDynamics may give notice to End User by electronic mail to End User’s email address on record in End User’s account information, or by written communication sent by first class mail or pre-paid post to End User’s address on record in End User’s account information. End User may give notice to AppDynamics at any time by any letter delivered by nationally recognized overnight delivery service or first class postage prepaid mail to AppDynamics at the following address or such other address as may be notified to End User from time to time: AppDynamics, Inc., 303 Second Street, North Tower, 8th Floor, San Francisco, CA 94107, Attn: Legal Department. Notice under this Evaluation EULA shall be deemed given when received, if personally delivered; when receipt is electronically confirmed, if transmitted by email; the day after it is sent, if sent for next day delivery by recognized overnight delivery service; and upon receipt, if sent by certified or registered mail, return receipt requested.

Exhibit A

DATA PROTECTION

The terms of this Exhibit A apply only if: (a) End User is being granted evaluation access to the online software-as-a-service (“SaaS”) version of the Software; and (b) End User is subject to Data Protection Law (as defined below).

1. Definitions:

In this Exhibit, the following terms shall have the following meanings: "controller", "processor", "data subject", "personal data" and "processing" (and "process") shall have the meanings given in the Data Protection Law;

"Data Protection Law" shall mean Regulation 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation); and

“Standard Contractual Clauses” shall mean the terms at https://trust.appdynamics.com/privacy/dataprotectionclauses which form part of this Exhibit C pursuant the European Commission Decision C(2010)593 of 5 February 2010.

2. Relationship of the parties.

End User (the controller) appoints AppDynamics as a processor to process the personal data described in Annex A (the "Data"). Each party shall comply with the obligations that apply to it under Data Protection Law.

3. Purpose limitation.

AppDynamics shall process the Data as a processor as necessary to perform its obligations under this Agreement and strictly in accordance with the documented instructions of the End User (the "Permitted Purpose"), except where otherwise required by any law.

4. International transfers.

AppDynamics shall not transfer the Data (nor permit the Data to be transferred) outside of the European Economic Area ("EEA") unless (i) it has first obtained the End User's prior written consent; and (ii) it takes measures to ensure the transfer is in compliance with Data Protection Law. By agreeing to purchase the software-as-a-service version of the Software as indicated in the Order Form, End User acknowledges and agrees that any personal data it collects using the Software may be transferred outside of the EEA. The Standard Contractual Clauses will apply only to personal data that is transferred outside the EEA, either directly or via onward transfer, to any country not recognised by the European Commission as providing an adequate level of protection for personal data (as described in the Data Protection Laws). The Standard Contractual Clauses will not apply if AppDynamics has adopted Binding Corporate Rules or an alternative recognised compliance standard for the lawful transfer of personal data (as defined in the Data Protection Laws) outside the EEA.

5. Confidentiality of processing.

AppDynamics shall ensure that any person that it authorises to process the Data (including AppDynamics' staff, agents and subcontractors) (an "Authorised Person") shall be subject to a duty of confidentiality (whether a contractual duty or a statutory duty).

6. Security.

The processor shall implement appropriate controls, including technical, organisational, and other measures, designed to protect the Data (i) from accidental or unlawful destruction, and (ii) loss, alteration, unauthorised disclosure of, or access to the Data (a "Security Incident").

7. Subcontracting.

AppDynamics shall not subcontract any processing of the Data to a third-party subcontractor without the prior written consent of the End User. Notwithstanding this, the End User consents to AppDynamics engaging third-party subcontractors to process the Data provided that: (i) AppDynamics provides at least 7 days' notice prior to the addition or removal of any subcontractor (including details of the processing it performs or will perform), which may be given by posting details of such addition or removal at the following URL: https://trust.appdynamics.com/privacy/subprocessors; (ii) AppDynamics imposes data protection terms on any subcontractor it appoints that protect the Data to the same standard provided for by this Clause; and (iii) AppDynamics remains fully liable for any breach of this Clause that is caused by its subcontractor. A list of approved subcontractors as at the date of this Agreement is at https://trust.appdynamics.com/privacy/subprocessors. If the End User refuses to consent to AppDynamics' appointment of a third-party subcontractor on reasonable grounds relating to the protection of the Data, then End User may terminate this Agreement by giving no less than 30 days’ written notice.

8. Data subjects' rights.

AppDynamics shall provide reasonable assistance to the End User (at the End User's expense) to enable the End User to respond to any request from a data subject to exercise any of its rights under Data Protection Law (including its rights of access, correction, objection, erasure and data portability, as applicable).

9. Data Protection Impact Assessment:

If the End User reasonably believes that AppDynamics' processing of the Data will result in a high risk to the data protection rights and freedoms of data subjects, it shall promptly inform AppDynamics and AppDynamics shall, if requested by the End User, provide the End User with reasonable information to enable the End User to conduct a data protection impact assessment (taking into account the nature of the processing and the information available to AppDynamics).

10. Security incidents.

Upon becoming aware of a confirmed Security Incident, AppDynamics shall inform the End User without undue delay and shall provide all such timely information and cooperation as the End User may reasonably require in order for the End User to fulfil its data breach reporting obligations under (and in accordance with the timescales required by) Data Protection Law. AppDynamics shall further take such measures and actions as it considers necessary to remedy or mitigate the effects of the Security Incident and shall keep the End User informed in connection with the Security Incident.

11. Deletion of Data.

Upon termination or expiry of this Agreement the End User shall send AppDynamics the details of the relevant Data it wishes to be deleted. AppDynamics will effectively destroy all relevant Data along with any medium or document containing said Data within 14 days from receiving the End User's request if the End User has purchased a dedicated AppDynamics instance or within 365 days if the End User is on a shared instance. AppDynamics shall send the End User written confirmation thereof on written request.

12. End User Audit.

AppDynamics engages a qualified and independent third-party auditor to conduct semi-annual SOC 2 Type II audits in order to evaluate the adequacy of AppDynamics’ information security program. Each such audit results in the generation of an audit report (“Report”), which shall be AppDynamics’ Confidential Information. During the Licence Term, AppDynamics shall: (i) maintain SOC 2 Type II certification (or other industry-recognized successor certification); (ii) at End User’s written request, not more than once per calendar year, provide End User with the then-current Report; and (iii) at End User’s expense, promptly (taking into the nature of the request and to the extent reasonably feasible from a technical perspective) comply with any request of End User for information (including any books and/or records) relating to the Software and/or Services as necessary for End User to enable it to comply with Data Protection Law or any request from a regulator. End User agrees that any audit and inspection rights it may have under Data Protection Law shall be satisfied by the obligations in this Section 12.

13. Further Security Information.

At End User’s expense, AppDynamics shall further provide detailed written responses (on a confidential basis) to all reasonable requests for information made by End User, including responses to information security and audit questionnaires, that are necessary to confirm AppDynamics’ compliance with this Agreement.

14. Regulator Audits.

If a regulator wishes to carry out any audit or inspection of AppDynamics or its activities under this Agreement, End User shall provide AppDynamics at least 30 days’ advance notice of any audit, except where the regulator has given less notice to End User or AppDynamics. AppDynamics shall provide access for any audit or investigation by regulator(s) or law enforcement agent(s) as they require.

Annex A

Subject Matter of Processing

The extraction, collection, storage and analysis of Data generated by, and through, the use of End User’s software applications.

Further information about what processing of Data each Software product can be used for can be found at www.appdynamics.com/product and in the Documentation.

Duration of Processing

For the Licence Term of the SaaS Software licence.

Nature and Purpose of Processing

The Data will be processed by AppDynamics SaaS Software platform in order to improve the efficiency and functioning of monitored website(s), software and/or server(s) of End User.

The Software enables the End User to:

• Measure and track response time, load, error rate, slow rate, and stalls for application transactions.
• Auto-discover and map application tiers and services, and see the relationships between them.
• Learn "normal" performance behavior and "normal" code execution paths for application transactions and application services over time so that anomalies can be detected automatically.
• Follow the flow of application transactions across tiers and services (even in a highly distributed environment) to allow the identification of bottlenecks.
• Identify the root cause of errors in applications.
• View reports and obtain visibility into application performance for understanding the service levels of such applications.
• View operational dashboards to help information technology teams understand the health and performance of application environments.
• View agile release comparisons so that developers understand the business impact of application releases, for the purpose of identifying regression and learning from production deployments.

In the course of monitoring End User’s website(s), software and/or server(s), AppDynamics will necessarily ingest and process the Data described above in this Annex A for the purpose of providing the Software and its functions.

Type of Personal Data and Categories of Personal Data

Depending on the End User’s configuration of the Software the following types and categories of personal data that might be collected are:

Personal details
Included in this category are classes of data which identify the data subject and their personal characteristics. Examples are names, addresses, job title, employer, contact details, age, sex, date of birth, physical descriptions, identifiers issued by public bodies, e.g. NI number.

Family, lifestyle and social circumstances
Included in this category are any matters relating to the family of the data subject and the data subject’s lifestyle and social circumstances. Examples are details about current marriage and partnerships and marital history, details of family and other household members, habits, housing, travel details, leisure activities, membership of charitable or voluntary organisations.

Education and training details
Included in this category are any matters which relate to the education and any professional training of the data subject. Examples are academic records, qualifications, skills, training records, professional expertise, student and pupil records.

Employment details
Included in this category are any matters relating to the employment of the data subject. Examples are employment and career history, recruitment and termination details, attendance record, health and safety records, performance appraisals, training records, security records.

Financial details
Included in this category are any matters relating to the financial affairs of the data subject. Examples are income, salary, assets and investments, payments, creditworthiness, loans, benefits, grants, insurance details, pension information.

Goods or services provided
Included in this category are classes of data relating to goods and services which have been provided. Examples are details of the goods or services supplied, licences issued, agreements and contracts.

IT information
Included in this category is any information relating to an individual’s use of technology or software including IP addresses, any information about the computing or mobile device a person is using, location data gathered from such devices, usernames and passwords, social media handles.

Categories of Data Subjects

Customers and/or employees of End User depending on whether End User uses the Software to monitor customer and/or employee facing software applications.

Last updated: May 25, 2018