Common use of TERMS OF USE – EVALUATION SERVICES Clause in Contracts

TERMS OF USE – EVALUATION SERVICES. 4.1 Customer will: (i) use the Evaluation Services for its own internal business purposes; (ii) use the Evaluation Services as reasonably directed by Mimecast; (iii) allow only the agreed number of Permitted Users access and use the Evaluation Services; (iv) implement and maintain reasonable and appropriate controls to ensure that user accounts are used only by the Permitted Users to whom they are assigned and to manage and monitor Permitted Users, including designating one or more administrators responsible for access control; (v) obtain and maintain any Equipment needed to connect to, access, or otherwise use the software and software services (“Equipment” shall include equipment and ancillary service including, but not limited to, modems, hardware, services, software, operating systems, networking, web services, and the like); (vi) ensure the Evaluation Service meet Customer’s regulatory requirements including, without limitation, requirements and obligations with regards to data privacy and employment laws; (iii) obtaining all necessary consents, permissions and authority from individuals or regulators in respect of all Customer Data, including, where applicable, Personal Data transferred, processed and/or analysed in the use of the Evaluation Services including the right for Mimecast to use such data in the preparation of reports and analysis. 4.2 Customer will not: (i) transfer, resell, license or otherwise make available the Evaluation Services to third parties; (ii) use the Evaluation Services in any manner that violates any applicable law or regulation (including but not limited to where Customer is required to obtain permissions or authorizations to permit Mimecast to perform its obligations hereunder); (iii) use the Evaluation Services in a manner that violates any industry standards concerning unsolicited email; (iv) not share any user authentication information and/or any user password with any third party; (v) use the Evaluation Services in a manner that introduces any viruses, malicious code, or any other items of a harmful nature; or (vi) engage in any activity that could reasonably be expected to interfere with or disrupt the Evaluation Services (for example, an activity that causes Mimecast to be blacklisted by any internet service provider). 4.3 Customer is solely responsible for the acts or omissions of any user or Permitted User who obtains access to the Evaluation Services through Customer or Customer’s systems. Customer will notify Mimecast promptly if it becomes aware of any unauthorized access or use. If applicable, Customer will be granted a “Super Administrator” role for Customer’s Mimecast account, which will allow Customer full access to the Customer Data and the ability to configure the relevant account. Customer may assign a role to Mimecast which will allow Mimecast to access the Customer Data. In the event that such delegated access is provided, Customer will ensure that all necessary consents and authorisations have been obtained. 4.4 Customer will defend and indemnify Mimecast in the event of any third-party claim or regulatory action arising out of (i) Customer’s breach (or alleged breach) of the terms of Section 4.1, 4.2 and 4.3 herein; and/or (ii) Mimecast’s compliance with any Instructions or directions provided by Customer. 4.5 If Mimecast is prevented from or delayed in the performance of its obligations by any act or omission of Customer that is outside of Mimecast’s reasonable control, Mimecast shall not be deemed in breach of its obligations, but only to the extent that the basis for Mimecast’s breach arises directly or indirectly from such prevention or delay.

TERMS OF USE – EVALUATION SERVICES. 4.1 Customer will: (i) use the Evaluation Services for its own internal business purposes; (ii) use the Evaluation Services as reasonably directed by Mimecast; (iii) allow only the agreed number of Permitted Users access and use the Evaluation Services; (iv) implement and maintain reasonable and appropriate controls to ensure that user accounts are used only by the Permitted Users to whom they are assigned and to manage and monitor Permitted Users, including designating one or more administrators responsible for access control; (v) obtain and maintain any Equipment needed to connect to, access, or otherwise use the software and software services (“Equipment” shall include equipment and ancillary service including, but not limited to, modems, hardware, services, software, operating systems, networking, web services, and the like); (vi) ensure the Evaluation Service meet Customer’s regulatory requirements including, without limitation, requirements and obligations with regards to data privacy and employment laws; (iii) obtaining all necessary Evaluation Terms online 12th May 2021 Page 1 of 7 consents, permissions and authority from individuals or regulators in respect of all Customer Data, including, where applicable, Personal Data transferred, processed and/or analysed in the use of the Evaluation Services including the right for Mimecast to use such data in the preparation of reports and analysis. 4.2 Customer will not: (i) transfer, resell, license or otherwise make available the Evaluation Services to third parties; (ii) use the Evaluation Services in any manner that violates any applicable law or regulation (including but not limited to where Customer is required to obtain permissions or authorizations to permit Mimecast to perform its obligations hereunder); (iii) use the Evaluation Services in a manner that violates any industry standards concerning unsolicited email; (iv) not share any user authentication information and/or any user password with any third party; (v) use the Evaluation Services in a manner that introduces any viruses, malicious code, or any other items of a harmful nature; or (vi) engage in any activity that could reasonably be expected to interfere with or disrupt the Evaluation Services (for example, an activity that causes Mimecast to be blacklisted by any internet service provider). 4.3 Customer is solely responsible for the acts or omissions of any user or Permitted User who obtains access to the Evaluation Services through Customer or Customer’s systems. Customer will notify Mimecast promptly if it becomes aware of any unauthorized access or use. If applicable, Customer will be granted a “Super Administrator” role for Customer’s Mimecast account, which will allow Customer full access to the Customer Data and the ability to configure the relevant account. Customer may assign a role to Mimecast which will allow Mimecast to access the Customer Data. In the event that such delegated access is provided, Customer will ensure that all necessary consents and authorisations have been obtained. 4.4 Customer will defend and indemnify Mimecast in the event of any third-party claim or regulatory action arising out of (i) Customer’s breach (or alleged breach) of the terms of Section 4.1, 4.2 and 4.3 herein; and/or (ii) Mimecast’s compliance with any Instructions or directions provided by Customer. 4.5 If Mimecast is prevented from or delayed in the performance of its obligations by any act or omission of Customer that is outside of Mimecast’s reasonable control, Mimecast shall not be deemed in breach of its obligations, but only to the extent that the basis for Mimecast’s breach arises directly or indirectly from such prevention or delay.

TERMS OF USE – EVALUATION SERVICES. 4.1 Customer will: (i) use the Evaluation Services for its own internal business purposes; (ii) use the Evaluation Services as reasonably directed by Mimecast; (iii) allow only the agreed number of Permitted Users access and use the Evaluation Services; (iv) implement and maintain reasonable and appropriate controls to ensure that user accounts are used only by the Permitted Users to whom they are assigned and to manage and monitor Permitted Users, including designating one or more administrators responsible for access control; (v) obtain and maintain any Equipment needed to connect to, access, or otherwise use the software and software services (“Equipment” shall include equipment and ancillary service including, but not limited to, modems, hardware, services, software, operating systems, networking, web services, and the like); (vi) ensure the Evaluation Service meet Customer’s regulatory requirements including, without limitation, requirements and obligations with regards to data privacy and employment laws; and (iiivii) obtaining obtain all necessary consents, permissions and authority from individuals or regulators in respect of all Customer Data, including, where applicable, Personal Data transferred, processed and/or analysed in the use of the Evaluation Services including the right for Mimecast to use such data in the preparation of reports and analysis. 4.2 Customer will not: (i) transfer, resell, license or otherwise make available the Evaluation Services to third parties; (ii) use the Evaluation Services in any manner that violates any applicable law or regulation (including but not limited to where Customer is required to obtain permissions or authorizations to permit Mimecast to perform its obligations hereunder); (iii) use the Evaluation Services in a manner that violates any industry standards concerning unsolicited email; (iv) not share any user authentication information and/or any user password with any third party; (v) use the Evaluation Services in a manner that introduces any viruses, malicious code, or any other items of a harmful nature; or (vi) engage in any activity that could reasonably be expected to interfere with or disrupt the Evaluation Services (for example, an activity that causes Mimecast to be blacklisted by any internet service provider), (vii). license, sell rent, lease, transfer, grant rights in, or access to the Evaluation Services for commercial gain; or (viii) copy disseminate, allow unauthorized access to, disassemble, reverse engineer, or decompile the Evaluation Services, or any components thereof. 4.3 Customer is solely responsible for the acts or omissions of any user or Permitted User who obtains access to the Evaluation Services through Customer or Customer’s systems. Customer will notify Mimecast promptly if it becomes aware of any unauthorized access or use. If applicable, Customer will be granted a “Super Administrator” role for Customer’s Mimecast account, which will allow Customer full access to the Customer Data and the ability to configure the relevant account. Customer may assign a role to Mimecast which will allow Mimecast to access the Customer Data. In the event that such delegated access is provided, Customer will ensure that all necessary consents and authorisations have been obtained. 4.4 Customer will defend defend, indemnify, and indemnify hold harmless Mimecast in the event of any third-party claim or regulatory action arising out of (i) Customer’s breach (or alleged breach) of the terms of Section 4.1, 4.2 and 4.3 herein; and/or (ii) Mimecast’s compliance with any Instructions or directions provided by Customer. 4.5 If Mimecast is prevented from or delayed in the performance of its obligations by any act or omission of Customer that is outside of Mimecast’s reasonable control, Mimecast shall not be deemed in breach of its obligations, but only to the extent that the basis for Mimecast’s breach arises directly or indirectly from such prevention or delay.