Information Technology Service Agreement between LINE Corporation and NBP
Table of Contents
Exhibit 10.4
CONFIDENTIAL TREATMENT REQUESTED
Information Technology Service Agreement between LINE Corporation and NBP
April 1, 2013
1
Table of Contents
3 | ||||
3 | ||||
3 | ||||
3 | ||||
3 | ||||
3 | ||||
4 | ||||
5 | ||||
5 | ||||
5 | ||||
5 | ||||
6 | ||||
6 | ||||
6 | ||||
6 | ||||
7 | ||||
7 | ||||
Article 14. Managing the Provider’s Workforce and Operation Authority of the Work |
7 | |||
7 | ||||
7 | ||||
8 | ||||
8 | ||||
8 | ||||
Article 19.Use of Intellectual Property Rights of the third Party |
8 | |||
8 | ||||
9 | ||||
10 | ||||
10 | ||||
11 | ||||
11 | ||||
11 | ||||
12 | ||||
12 | ||||
12 | ||||
13 | ||||
13 | ||||
13 | ||||
13 | ||||
13 | ||||
13 |
2
Table of Contents
Information Technology Service Agreement
LINE Corporation (hereinafter “Client”) and NHN Business Platform Corporation (hereinafter “Provider”) hereby enter into Information Technology Service (hereinafter “IT Service”) Agreement (hereinafter “Agreement”) regarding the service that the Provider provides to the Client under the following terms and conditions.
The purpose of this Agreement is to set forth the terms and conditions under which Provider will provide Client with IT Service and Client will pay the payment to Provider accordingly.
(1) | IT Service refers to a service of establishing, operating and managing Client’s Information System by Provider through utilizing IT resource of Client or Provider. |
(2) | Information System refers to all operating system and computer facilities of Client utilized for the provision of IT Service by Provider. |
(3) | Computer Facilities refer to all hardware, software and network utilized by Provider in performing IT Service. |
(4) | Use of Facilities refers to providing Computer Facilities that Provider has purchased, leased or rented to be used in Client’s work. |
(1) | IT Service agreement is consisted of the Agreement and Annex. Annex includes statement of work for each service and it may be added upon mutual written agreement between the parties. |
(2) | Should above agreement document conflict with one another, this Agreement shall prevail. |
This Agreement shall become effective from April 1, 2013 and continue to be effective until July 31, 2014 (“Initial Term”) and unless the Client or Provider wishes to change of the conditions herein or to terminate the Agreement three (3) months before the Initial Term ends in writing to its counterpart, the Agreement shall be extended automatically for one (1) year under the same conditions (however, the service fees shall be recalculated in a method that the Provider estimates a price, followed by Client’s acceptance.)
(1) | “Confidential Information” refers to technical information, business information and other information provided by one party (the “Disclosing Party”) to the other party (the “Receiving Party”) in any form, written, electronic, oral, visual and etc., and the Agreement herein falls under the category of Confidential Information. |
(2) | If the Confidential Information is provided in a written form, it must be labeled or referred to as “Confidential” at all times and when rendered in other methods, it must be identified as confidential and when delivered orally, a written document marking such information as confidential shall be delivered within thirty (30) days since the oral delivery. |
3
Table of Contents
(3) | The obligations of this Article will not apply to information that: |
A) | becomes public after or before signing this Agreement, through no fault of the Receiving Party; |
B) | was in the Receiving Party’s possession before the information was provided to the Receiving Party as a Confidential Information, without any restrictions of use or disclosure from the Disclosing Party; |
C) | the Receiving Party has duly acquired from the third party who possess the right to expose the information without limits to the use or disclosure; |
D) | the Receiving Party acquires from its own development, independent of any Confidential Information of the Disclosing Party; |
(4) | The Receiving Party shall treat the Confidential Information as confidential and must not copy, use or disclose the information without authority and the Confidential Information can only be used for the purpose of the Agreement. |
(5) | The Receiving Party shall protect the Confidential Information in compliance with the confidentiality protection standard of the Disclosing Party and agrees to exercise at least the same degree of care and procedure as it uses with regard to preserving and protecting its own Confidential Information in protecting the confidentiality of the Disclosing Party’s Confidential Information. |
(6) | The Receiving Party shall not disclose the Confidential Information to a third party without prior written approval of the Disclosing Party. However, if the cases fall under the purview of below items, it shall be considered as an exception: |
A) | If required by the purpose of the Agreement herein, the information can be disclosed to staff, employees, agents, contractor and consultants of the Receiving Party, provided that the staff, employees, agents, contractor and consultants of the Receiving Party must make a separate agreement which is substantially similar to this clause to protect the Confidential Information of the Disclosing Party. |
B) | Confidential Information can be disclosed in a case where such disclosure is demanded by an applicable ordinance or legislation, provided that the Receiving Party notifies the Disclosing Party of such required disclosure, promptly and in writing in prior, however if the situation requires urgency, then a post notice is allowed immediately after the information is disclosed. |
C) | All Confidential Information shall be exclusively owned by the Disclosing Party and the disclosure of the information to the Receiving party does not mean that it provides license, intellectual property right or copyright, unless agreed otherwise. |
Article 6. Protection of Personal Information
(1) | Client and Provider shall mutually cooperate with one another to protect Personal Information of the employees of both Parties and the business customers (hereinafter “Personal Information”). |
(2) | In case the Provider needs to deal with Personal Information to provide IT Service, the Client shall make every necessary measure in order for Provider to handle Personal Information in a legitimate manner, such as securing consent from personal information holder for the provision of personal information from the Client to the Provider or taking measure to make sure that the agent of the personal information cannot be identified and the Provider, too, must fully cooperate with the measures taken by the Client and secure a strict security measures to ensure that the personal information is not infringed upon. |
4
Table of Contents
Article 7. Scope of IT Service
(1) | The IT Service that the Provider provides to the Client is as follows and the details and procedure of each service are defined in <Annex. Service Statement>. |
A) | IT Infrastructure Operation Service: |
• | Services in regards to establishing and operating IDC |
• | Services in regards to acquisition, installation, operation and management of servers |
• | Services in regards to acquisition, installation, management and operation of storage as well as data management utilizing DB and data backup/ restoration |
• | Services as to procurement of network equipment for the in-house and external communication, network establishment and provision of network environment for servicing domestic and foreign users. |
• | Procurement of facility and network to deliver internet content to its users as well as provision of service racks and network for maintenance and network environment. |
B) Security service: Services as to the protection of facility and information assets from internal/external infiltration when it comes to providing internet service as well as vulnerability analysis
C) Additional infrastructure service: Additional services that are not included aforementioned items but are mutually agreed by the Client and Provider
(2) | The Client may use any or all IT Service stipulated in Section 1, Article 7 upon mutual written agreement with the Provider. The Client and Provider shall sign <Annex. Service Statement> for the services that Client wishes to use. |
(3) | Should the Client exceeds the range of services set forth in this Agreement or request for additional tasks that do not belong to the scope of the Agreement, the level of cost as well as the scope shall be calculated additionally by mutual agreement. |
(4) | If the service representative of the Client designated and agreed by both Client and Provider requests for an increase or decrease of the IT Service via email, such request shall be considered as that of a Client. If there is a change to the service representative, the Client shall immediately notify of such matter to the Provider in writing and any consequences that arise due to the notification negligence shall be borne by the Client. |
(1) | Unless a technical or other reasons hinder, the Provider shall provide the service 24 hours a day, 365 days a year (including holidays) in principle |
(2) | The day or time during which service was not provided as agreed upon between Provider and Client shall not be included in the service hours defined in Section 1, Article 8. |
Article 9. Restoration during Emergency Failures
(1) | If the Provider notices the occurrence of accident or failure which could trigger interruption to the execution of IT Service, it shall notify the Client in no time regardless of the responsibility and take swift emergency measures first and report on the reasons and measures taken afterwards in a written form. However, in the occurrence of the emergency case, the notice to the Client can be made afterwards after an appropriate measure has been taken first. |
5
Table of Contents
(2) | Regardless of the responsibility and compensation of damage, the Client and Provider shall be concerned with restoration from the failure or damage over others and make utmost efforts in minimizing the damage. |
(3) | The Provider may limit the use of information resource, under the permission of the Client, for the preventive maintenance purpose, in order to ensure the improvement of efficiency and normal operation as well as the protection of device from calamity. |
Article 10. Obligation of Provider
(1) | The Provider shall implement the service defined herein with sincerity to enable the information system task of Client to be handled seamlessly. |
(2) | If a system which could deteriorate a stable operation of information system needs to be changed, the Provider shall do so upon notifying to Client in prior. |
(3) | If required for implementing the provisions herein, the Provider may utilize a third party to perform low ranking duties. In such case, the Client and Provider shall abide by the measures set in “Article 6. Protection of Personal Information” as in the relations with the third party defined herein as well. |
Article 11. Obligation of Client
(1) | If requested by Provider with respect to the service execution, the Client shall provide necessary data or document within reasonable scope and guarantee an entrance to a location required for work purpose. |
(2) | The Client shall provide information system for Provider so that the Provider can conform to the obligations defined hereunder. |
(3) | The Client shall designate a representative in related team who will take part in the operation and development of the information system for a close cooperation with Provider and shall notify of such fact to the Provider. |
(4) | Unless otherwise defined hereunder, the Client must notify the Provider, within seven (7) days from the receipt of the report that the Provider submits, of whether the Client approves or not and the Client will be deemed to have approved of the report if it failed to notify the Provider. However, the Client may extend the notification period upon consultation with the Provider within aforementioned 7-day period. |
(5) | The Client shall acquire all necessary consent or approval from the third party (including consent and approval on the intellectual property rights of the third party) to enable the Provider to use client’s information system as well as the rights for the purpose of executing the IT Service and render such to the Provider. The Cost arisen while acquiring such consent or approval shall be borne by the Client. |
(6) | The Client may not employ either the staff belonging to the Provider or its subcontractor who has been or is committed to the execution of the Agreement without a prior written consent from the Provider during the Agreement period as well as for 24 months after the termination of the Agreement. |
Chapter 3. Payment of the Service Fees for the IT Service
Article 12. Payment of the Service Fees for the IT Service
(1) | The Service Fees for using the IT Service that the Provider renders to the Client shall be defined specifically for each service in <Annex. Service Statement> according to Article 7. (“Service Fees”) |
(2) | The Provider shall issue an invoice to the Client for Service Fees as stipulated in <Annex. Service Statement> by the last date of the month the service rendered. |
6
Table of Contents
(3) | Once reviewing the invoice issued by Provider, the Client shall pay the Service Fees in cash to the Provider by the last date of month that follows the invoice issuance month, if there seems to be no problem to the invoice. However, the Service Fees shall be calculated using the standard exchange rate of the 1 business day prior to the payment date in Korean Won currency. |
(4) | If the Provider failed to pay the Service Fees until the payment due date, the Provider must pay a delay fee for the number of delayed days, with 5% annual interest rate on top of corporate bond current yield (3-year corporate bond unsecured A+ grade, posted in Korea Financial Investment Association) on the first day of the month when the payment was claimed. However when applying corporate bond yield, if the first day of the relevant month is holiday or a day-off, the applicable rate shall be the corporate bond current yield of the following business day. |
(5) | The Client shall be responsible for all tax (excluding tax imposed on the net profit of Provider) imposed on all the Service Fees paid to Provider according to the IT Service and the Agreement. |
Chapter 4. Management of IT Service Execution
(1) | The Provider provides the IT Service in the IDC (Internet Data Center) of the Provider, in principle, and may provide the service in other location upon selecting an area appropriate for seamless performance and management of IT Service, when exceptionally requested by Client in a written form and deemed that such need is markedly existent, Provider may provide the service in such selected location upon mutual agreement with the Client. |
(2) | Should the Provider need to change the location of service provision, it shall consult with the Client by one (1) month before the expected date of changing the service location. |
Article 14. Managing the Provider’s Workforce and Operation Authority of the Work
(1) | All rights as well as operation authority to the IT Service provision according to the provisions hereunder vest in the Provider and the Provider may operate the workforce at its free will in providing mutually agreed service with the Client. |
(2) | The rights to command and manage the workforce injected by the Provider such as the authority for resource operation for and service execution vest in the Provider. |
Article 15. Management of IT Service Execution
(1) | For a seamless execution of the IT Service, the Client and Provider shall appoint respective responsible person (hereinafter “Responsible Person”). The Client and Provider shall notify each Responsible Person of the counterpart of the matters required for the execution of IT Service and all actions that require agreement of both parties for the execution of service (excluding changing the details of provision hereof) shall reach an agreement through a written form by and between the Responsible Person of Client or the one designated by the Client’s Responsible Person, or Responsible Person of Provider or the one designated by the Provider’s Responsible Person. |
(2) | Both parties may call for document and data required for the execution and confirmation of work and the counterpart shall submit such document within requested date unless special reason hinders the provision. |
Article 16. Transaction with the third Party
The Provider may receive assistance, resources and subcontracting from the third party when necessary for the execution of work defined hereunder.
7
Table of Contents
Article 17. The Use and Management of Computer Facilities
(1) | The computer facilities shall only be used for the Client, in principle. However, it may be defined otherwise upon mutual agreement by relevant parties. |
(2) | The Client and Provider shall attach respective markers to each computer facility of their own for identification. |
(3) | The Client and Provider shall mutually cooperate, if necessary for an appropriate maintenance and management of the computer facilities. |
(4) | The Client or Provider shall not allow any other third party to use counterpart’s computer facilities without the consent of the other party or dispose of such facilities including provide as collateral, transfer or rental. |
(5) | In the event that abnormal situations, such as bills or checks of the Client being bounced, seizure, injunction, enforcement, bankruptcy, application for corporate rehabilitation proceedings/ liquidation or labor disputes, are likely to occur or have already occurred and thus have the possibility to affect each other’s ownership of the computer facilities, the Client or Provider shall notify of such fact immediately to the counterpart and take an appropriate action such as handing the facilities over to the counterpart. |
(6) | Computer facilities can be additionally or newly adopted or the installation location of such can be changed for the convenience of the Client under the agreement of mutual parties, the Provider and Client, and expenses generated by such action shall vest in the Client accordingly. |
Article 18. Intellectual Property Rights
(1) | Each party acknowledges that the intellectual property rights including patent and copyright that each party has previously possessed (including the right to receive patent) (hereinafter “Intellectual Property Rights”) shall vest in each relevant party. |
(2) | In the case where creation including invention and authoring, in the course of executing IT Service, has been performed by either Client or Provider, the Intellectual Property Rights of the relevant creation shall vest in the party who has performed the creation and each party shall grant the irrevocable, non-exclusive, non-transferable, global license to the other party at free of charge to use, duplicate and distribute such creation within the scope necessary for the implementation of the provisions herein. |
Article 19. Use of Intellectual Property Rights of the third Party
(1) | In the event where the use of Intellectual Property Rights of the third party is required in the course of executing the IT Service, the Client and Provider shall agree on the handling of such rights and take a necessary measure such as signing a license agreement with the third party. |
(2) | Issues that arise from the Intellectual Property Rights of the third party or the infringement thereof shall be handled in accordance with the agreement on the use of Intellectual Property Rights of the third party and the Provider shall not be liable for the issues occurring. |
(1) | If the use of IT Service by Client falls under purview of the following items, Provider may restrict all or parts of the Client’s IT Service or suspend the service. |
A) | When the Client fails to comply with obligation stipulated herein; |
8
Table of Contents
B) | When a suspension of service has been requested by related organizations including The Korea Communications Standards Commission or the Korea Internet & Security Agency; |
C) | If Client attempts to use Provider’s IT Service for illegal activities; |
D) | If Client infringes the third parties’ intellectual property; |
E) | If Client spreads computer virus program that causes malfunction of information and communication equipment or destruction of information; |
F) | If Client poses threat to the Provider’s IT Service or inhibit a sound use of IT Service; |
G) | If there is a possibility of trouble on other Clients’ and Provider’s network due to an abnormality occurring in the Client’s information system; |
H) | If the use of service is temporarily suspended due to a traffic surge or emergency maintenance of IT Service; |
I) | If the use is suspended for the maintenance and repair due to a server breakdown or failure; |
J) | If the service is suspended due to a failure occurred in facilities or service of key telecommunications business which is not directly run by Provider; |
K) | If an infiltration incident from the outside may adversely affect Provider’s network and the Client’s Information System; |
L) | The Agreement for IT Service use is deemed difficult to maintain because a Client is involved in bankruptcy, insolvency, application for composition and etc.; |
M) | If Provider determines that normal IT Service is impossible to be rendered. |
(2) | The Provider may limit all or part of the IT Service or suspend the service if a serious damage is expected to be caused to unspecified Clients of Provider due to the state of emergency, service equipment failures, congestions or hacking/virus attempts. |
(3) | The Client may not perform business activities which are identical or similar to Provider’s IT Service by using the Service of Provider without signing an agreement of resale or commercial use through a separate consultation with Provider. |
Article 21. Procedure of Limitation on Use
(1) | Should the Provider wish to restrict the use of IT Service according to the Agreement, it may notify the relevant Client or its agent of the reason, date, restriction details via written form or phone immediately once such pertaining reason is detected. However, Provider may take such limitation measure first without prior consent from the clients if the situation does not allow for such consent under any of the following cases: |
A) | If the Client cannot be reached at the address or telephone number it provided |
B) | If it is deemed that the situation and time does not allow for such prior consent considering the dissemination speed of the abnormality occurred due to electronic infiltration incident. |
C) | There is a national emergency and a nationwide network trouble. |
(2) | Upon receiving the notice of suspension according to the provision in Section 1, a Client or its agent may file an objection with Provider in writing within 7 days of the date the notice was served. |
(3) | The Provider may extend the period of use until the filed objection according to the provision defined in Section 2 is confirmed and it shall notify of the result thereof to the Client or its agent in writing or by phone. |
9
Table of Contents
(4) | Once the reasons for suspension of IT Service are resolved, or if an objection is deemed appropriate, Provider shall immediately withdraw its decision to suspend the service. |
Article 22. Provider’s Responsibility to Compensate
(1) | In the event where a damage has been inflicted upon the Client by violating the conditions herein due to Provider’s intent or gross negligence while performing the IT Service, the Provider shall be responsible for the damage. However, it shall be excluded from the responsibilities for the damage occurred from Force Majeure Events including natural disasters and damage occurred from Client’s failure to perform measures that corresponds to a case when the Provider has already reported for damage and risk in prior to the Client for reasons that are not recognized as the Provider’s responsibilities including communication line failure due to external factor, error in information resource itself and the Client’s mis-operation. |
(2) | In case the Provider fails to provide service for longer than 3 hours from the time a Client issues a notice of service unavailability through no fault of its own, Provider shall be held liable to indemnify the Client as requested considering the moment Provider learned about the problem for the first time or when the cumulative trouble time exceeds 24 hours and consequently causes damage or loss to the Client. Cumulative trouble time shall be calculated per service used by Client. |
(3) | For the amount of indemnification as per Section 2, Article 22, Provider shall negotiate with the Client using as reference the set amount of money based on three times the amount calculated by multiplying the number of hours during which the service was unavailable by the average amount per hour obtained from the daily average of the service charge for the past 3 months divided by 24 (in case the time value is larger than 1/2, it shall be considered 1 hour). |
(4) | The Provider shall stipulate the level of key service quality that it provides as well as the compensation method for services that failed to meet up to a certain criteria in <Annex. Service Statement> upon agreeing additionally with the Client. |
(5) | In regards to a transaction defined in “Article 16. Transaction with the 3rd Party,” should damage occur to the Client for an attributable reason of the third party, the Provider shall claim for damage to the third party and compensate for the damage to the Client within the scope of amount received by the third party. |
(6) | [***]* |
(7) | [***]* |
(1) | If the IT Service trouble occurred for any of the following reasons, Provider shall not be held liable to indemnify the Client; |
A) | The service trouble occurred due to the defects of a terminal or device purchased by the Client himself/herself; |
B) | The service trouble occurred for reasons such as accident or due to the intention of the Client; |
C) | The service trouble such as long-term service suspension of the infrastructural business is inevitable owing to the characteristics of the telecommunications service; |
D) | If an infiltration incident has occurred due to neglect in the management of security for the Client’s information system; |
* | Note: Confidential treatment has been requested with respect to the information contained within the [***] marking. Such portions have been omitted from this filing and have been filed separately with the Securities and Exchange Commission. |
10
Table of Contents
E) | If accident has occurred due to an issue in device installed as a replacement of the device rendered by the Provider, under the necessity of the Client; |
F) | If a trouble has arisen due to force majeure reason such as warfare or equivalent national emergencies. |
(2) | The responsibilities of the Provider are only confined to the device or facilities in regards to the provision of IT Service and the Provider hall be exempted from any liability as to the contents or value of the data that the Client has posted, transmitted or received. |
(3) | The Client shall perform a periodic data backup for the Client’s server in preparation for a failure in data storage device and the Provider shall be exempt from any liabilities for damages that occur due to Client’s negligence to do so. |
(1) | Each party shall not be liable for failure to abide by contractual obligations to the counterpart due to natural disasters, government actions, riots, military actions, labor disputes and other reasons that cannot be reasonably controlled (hereinafter referred to as “Force Majeure Event”). However, if the reasons to the Force Majeure Event last for more than two (2) months, the Client and Provider mutually hold the right to terminate this Agreement. |
(2) | Even though the Provider cannot provide normal service due to Force Majeure reasons, both parties shall cooperate reasonably to minimize the damage from service failure or suspension. |
Article 25. Amendment of Agreement
In the event that Provider and Client wish to change the conditions of the Agreement or the details of the service, this Agreement may be amended by a written instrument signed by the parties.
Article 26. Termination of Agreement
(1) | Either party shall have the right to terminate this Agreement by notifying the other party in writing upon the following. The termination of the Agreement shall take effect from the time when the termination notification reaches the other party. |
A) | If one party experiences bankrupt securities to checks or promissory notes issued or endorsed by oneself. |
B) | In case a procedure such as corporate rearrangement and insolvency has been requested for or initiated according to Debtor Rehabilitation and Bankruptcy Act. |
C) | In case there is a ruling of provisional attachment, injunction, seizure, public disposition or commencement of auction on key assets. |
D) | If there is an important transfer of key asset, part or all of the business. |
E) | If the force majeure event lasts for more than two (2) months |
F) | If the Client has delayed the settlement of the Service Fees for the use for more than two (2) months without justifiable reason. |
(2) | In the event that there is any material breach of any terms and conditions in this Agreement by either the Client or the Provider, and the affected party may request for the correction within thirty (30) days in a written notice to the other party, however the correction has failed to be made, the affected party may terminate the Agreement through a written notice. However, if the violating party initiates correction measures within thirty (30) days and if it is reasonably accepted that the violation cannot be |
11
Table of Contents
corrected within 30 days, there will be an additional 30-day correction period. In this case, the effect of termination to the other party shall take effect from the time the termination notice has reached the counterpart. |
Article 27. Pullout of Equipment
(1) | A Client may pull out its equipment only when all Service Fees up to the time of contract termination have been cleared. |
(2) | A Client who terminated the Agreement or whose Agreement has been terminated shall pull out all the equipment from IDC within 7 days. Otherwise, the Client shall pay the Client equipment storage fee to the Provider for the period starting from the termination date to the pullout date upon calculating the prorated fee. |
(3) | As for the Section 2, if a Client does not pull out its equipment within 7 days of termination, the Provider shall notify the Client of its decision to pull out the Client’s equipment and move the equipment to a location specified by Provider and store them at its discretion, exercising its due fiduciary duty. In this case, the Client may not request for indemnification for any resulting data loss, unless the Client demonstrates that there lies an intent or gross negligence to the Provider. |
(4) | Pursuant to Section 3, Article 27, when the storage period of Provider exceeds one month, Provider may request the Client who terminated the Agreement or whose Agreement has been terminated to move the equipment within one month. In case the Client fails to comply with such request by the specified date, the Provider may put the equipment on an auction or sell them at its discretion and use the proceeds to pay for the account receivables, surcharges, and storage fee. In case the total amount of the account receivables, surcharges, and storage fee exceeds the value or price of the equipment, they may be appropriated as Provider’s property, and the Provider may request the Client to pay for the outstanding account receivables, etc. |
Article 28. The Effect of Termination
(1) | In the event of the termination or expiration of the Agreement, the Provider may cooperate with the Client, in migrating the Client data, system and the data that the Provider has provided to its Client according to the Agreement, to the Client or the third party designated by the Client and the matters required by the migration work as well as accompanied cost shall be consulted by and between the Client and Provider additionally. |
(2) | In the event that the Agreement is expired or otherwise terminated, the Client shall pay the Service Fees for all services that the Provider renders as well as the migration expense paid to the third party in relation to the data, equipment and software that are agreed to be migrated to the Client. |
(3) | If the Client ceases the use of computer facilities that the Provider has purchased, leased or rented on the premise that the Client would use for a certain period of time according to the request made by the Client due to reasons including termination of the Agreement, the Client shall pay the penalty prorated to the number of months remaining as detailed in <Annex. Service Statement> in order to compensate for the damage inflicted upon the Provider with respect to the suspension of use of the equipment. |
(4) | The Client shall pay all the relevant amount stipulated in Article 28, in cash within thirty (30) days from the date of the Provider asks for it. |
Neither party shall assign, transfer or otherwise dispose all or any portion of its rights or obligation of this Agreement to any other third party without prior written approval of the other Party.
12
Table of Contents
Article 30. Compliance with Legislation
Each Party shall comply with laws and regulations associated with the service. Thus, each Party shall not be liable for the incompliance of the obligation if such compliance would result in the violation of legislation.
Article 31. Dispute Resolution and Jurisdiction
(1) | Any dispute that may arise in connection with the interpretation of each provision hereunder, or for matters that are not specified herein shall be governed by and construed in accordance with the laws of Republic of Korea and commercial practice. |
(2) | The parties hereto irrevocably submit to the exclusive jurisdiction of the Seoul Central District Court for the purpose of any suit, action, or other proceedings arising out of this Agreement. |
This Agreement and Annex constitute the entire agreement between the Parties and supersedes all previous agreement, oral or written, between the Parties.
If any provision of this Agreement is held to be invalid or unenforceable, the remainder of this Agreement shall continue in full force and effect.
Article 34. Independent Contractor
Each Party is independent contractor and nothing in this Agreement shall be interpreted to constitute a joint venture, partnership, and representative or employment relationship of the both Parties.
Article 35. Effectiveness of the Agreement
This Agreement is effective as of the date signed by both Parties. However, if the Provider has initiated the IT Service in compliance with the provisions hereunder by mutual consultation of both Parties before the effective date, the Agreement shall take effect retroactively starting from the day when Provider has provided the IT Service to the Client for the first time.
13
Table of Contents
IN WITNESS WHEREOF, the Client and Provider hereto have executed the Agreement as of the effective date below.
April 1, 2013
Client: LINE Corporation Japan CEO (Seal) |
Provider: NAVER Business Platform Corporation 9 Fl., First Tower, 266-1 Seohyun-dong, Bundang-gu, Seongnam-si, Gyeonggi-do CEO Hui-young Xxxx (Seal) |
14
Table of Contents
Information Technology Service
Between LINE Corporation &
NHN Business Platform (NBP)
Annex
Service Statement
April 1, 2013
15
Table of Contents
17 | ||||
17 | ||||
17 | ||||
17 | ||||
17 | ||||
17 | ||||
17 | ||||
18 | ||||
18 | ||||
18 | ||||
18 | ||||
18 | ||||
19 | ||||
19 | ||||
19 | ||||
20 | ||||
20 | ||||
20 | ||||
21 |
16
Table of Contents
This Service Statement describes the detailed matters of the provided service, as the annex document to Information Technology (hereinafter “IT”) Service Agreement (“Agreement”) signed on April 1, 2013 by and between LINE Corporation (“Client”) and NHN Business Platform Corporation (“Provider”).
1. | Agreement Details |
(1) | Contracted Price |
[Rounding down to 1000 KRW] | ||
Service Use Fee (month) |
[***] KRW (VAT excluded)* |
(2) | Standard for Calculating Price |
(A) | The amount of infrastructure resource usage shall be calculated with client’s ESM code on benchmark CMDB on the twentieth of corresponding month. |
(B) | The price for each item shall be renewed on a 6-month basis and should an adjustment to the price is necessary before such renewal time arrives, it can be done upon mutual consultation. |
(C) | The cost calculated on a monthly basis shall be executed based on the service actually provided in the relevant month and the details therein shall be set in the billing statement, transaction statement and review confirmation form of the relevant month. |
(D) | Project work can be executed upon consultation after calculating the expense for each task respectively. |
(E) | The details of use for each claiming item shall be calculated on a method defined in below table. |
(F) | Expense for consumables which is not defined in below table shall be claimed for additionally base on the actual expense. |
(G) | The unit price for each item below shall be defined in <Attachment 2. Unit Price>. |
[***]*
(3) | Standard for Operating Engineer Fee |
[***]*
2. | Service Details |
(1) | Infrastructure Provision Service |
A) | IDC |
| Provider shall establish IDC facility and be responsible for operation and maintenance of the facility. |
‚ | Provider shall arrange a manager for providing a ceaseless service in each IDC to guarantee seamless monitoring and response. |
ƒ | Provider shall limit the number of servers and equipment so that the power consumption of a standard rack provided by Provider does not exceed the standard power level per rack in order for a standard operation of IDC facility and protection of entire Client facility. |
* | Note: Confidential treatment has been requested with respect to the information contained within the [***] marking. Such portions have been omitted from this filing and have been filed separately with the Securities and Exchange Commission. |
17
Table of Contents
„ | Provider may request for a rearrangement of Client device for an effective operation of internal thermohygrostat, network and power and Client shall comply with such request. |
… | IDC shall only be entered according to the procedure set by Provider. |
(A) | Client must make a prior reservation if he/she wishes to visit IDC. |
(B) | IDC entrance can only be materialized once the visitor is issued with entrance pass upon reservation confirmation process and the pass must be returned upon leaving the property. |
(C) | When the Client enters IDC upon receiving entrance authority, he/she must only access permitted areas at all time. |
(D) | When Client enters IDC, Client must abide by the relevant IDC entrance policy. |
B) | Infrastructure Solution |
| Provider shall provide the provision, installation and operation of infrastructure solution for a seamless infrastructure management of Client. |
‚ | Provider allows the installation and operation of Provider’s infrastructure solution on Client’s device. |
ƒ | Provider shall make efforts to secure stability in the solution so that the provided infrastructure solution does not interfere with Client’s service. |
C) | Common Infrastructure |
| Provider shall provide affiliated network and facility/equipment for the Client during operation of service based on IDC. |
‚ | Provider shall secure the common infrastructure beforehand depending on the service size of the Client and may suggest and change the configuration of such infrastructure to guarantee a stable and effective operational setting. |
D) | Security Infrastructure |
| Provider shall be in charge of acquisition, installation and operation of security solution as well as equipment so that the Client’s service could be provided in a stable manner. |
‚ | Provider shall be in charge of security review and abusing response and also respond to the security breaches. |
(2) | Circuit Service |
A) | Network Circuit |
| Provider shall prepare the circuit and unit equipment set forth herein this Agreement in accordance with the schedule and standard. |
‚ | Provider shall be in charge of network establishment as well as acquisition, installation, operation and maintenance of the device. |
ƒ | Provider may set an additional standard upon mutual agreement with Client for the quality of the circuit provided to Client. |
„ | Provider must check the entire network system 24-7 to provide a stable Service to Client and may run regular and irregular operation maintenance for such checkup. |
18
Table of Contents
B) | CDN Circuit |
| Provider shall be in charge of acquisition, installation, operation and maintenance of network for delivering contents. |
‚ | Client shall provide information including service method and scope to Provider and select an optimal contents provision method for operation. |
(3) | Equipment Provision Service |
A) | Equipment Rental |
| Provider may install and provide equipment according to Client’s service request and therefore be in charge of acquisition, installation, management/operation and maintenance of such equipment. |
‚ | Provider shall back up important data upon a request by Client before returning the rented server and once the return procedure is complete, the system shall be formatted and retrieved. Should there be a loss of data following above process; Client shall not hold Provider responsible for any damage or loss. |
B) | Management of Spare Equipment |
| Upon the request by Client to calculate the capacity, if the required specification meets with the equipment of Provider, the reservation shall be made from spare equipment pool and if not, notify Client of the number of equipment that needs to be purchased. |
‚ | Provider may compose the spare equipment pool upon the request by Client and should Client uses the device within spare equipment pool, the fee thereafter shall be claimed for. |
ƒ | If the amount is below the level agreed upon mutually, notify Client of the necessity to purchase equipment while sharing the information on Provider’s standard equipment. |
„ | Provider shall manage the status of spare equipment pool and share the information with Client. |
… | Client shall perform assets and reserved component count. |
† | Spare component shall be managed according to the Provider’s guideline on component management procedure. |
‡ | The storage or termination of unused equipment can be provided by Provider upon the request made by Client. If a cost is inflicted in the course of doing so, it can additionally be claimed. |
(4) | Operation Service |
A) | Provider shall provide operation service stipulated in [Attachment 1. Operation Service Statement]. |
B) | Client shall provide the configuration guidelines required during configuring new system to Provider. |
C) | Client shall provide information and access authority to Provider for a stable service operation. |
D) | Provider shall provide the service that Client has requested in a stable and continuous manner and should there be an occurrence of error, Provider shall make its utmost efforts to guarantee a stable service operation through immediate restoration. |
E) | Client shall prepare components for fixing so that Provider could take a swift measure against error in case such error occurs to the equipment owned by Client. Any delay in processing the fault that occurs due to Client’s failure of preparing components for fixing, shall not be included to the time when Provider failed to deliver service. Also, if the component is owned by Client, cooperate actively so that a support by the supplier could be done seamlessly. |
19
Table of Contents
F) | Client shall inform Provider of a contact point as well as the contact information required when Provider performs the operation service. |
G) | Provider may install/operate operation solution for operating Client’s service. |
(5) | Software |
A) | Provider may install below software to equipment set forth in Agreement as well as the Statement of Work that is attached thereto, if Client requests during equipment rental and shall claim for the concerned license fee. |
B) | If an installation of software stated in above provision A is necessary on Client’s own asset, Client shall send an additional written request to Provider. |
C) | Provider shall not be liable for any damage inflicted upon Client from the use of Software provided by Provider in accordance with this Article. |
D) | Client shall not use the software for purposes other than the purpose defined in Agreement and the statement attached thereto and in the violation of such matter, Client shall be liable for all civil and criminal responsibilities and shall indemnify of Provider at its own cost in the occurrence of conflict. |
3. | Payment of Service Reward |
| The service fee shall be calculated upon applying the unit price defined in ‘1. Agreement Details’ based on the list of service provided to Client on a monthly basis. |
‚ | The period for calculating the use volume in order to claim for the service fee shall be from 21st of a month prior to the claim until 20th of the claiming month. |
ƒ | Provider shall issue tax invoice along with review confirmation form (or confirmation form made by staff in charge if necessary) as well as the billing statement by the last date of the corresponding moth to claim for service fee. |
„ | The calculation method for the usage volume per service that Provider provides is as follows: |
(a) | The calculation of the server in use shall be based on the data in CMDB. The standard for identifying the servers used as a resource for Client’s service shall be ‘Attachment 3. Service Code (ESM)’ and the calculation shall target the servers that are ‘operating’ on 20th of the claiming month. However if Client has requested for a spare equipment, the fee for spare equipment shall also be charged. |
(b) | The number of server shall be the total number of physically rented server and virtual server. |
… | The service fee for internet circuit shall be based on monthly usage and calculated upon below standard. |
(a) | The traffic for internet line shall be based on nFAS data calculated in Provider’s equipment. However, if Client raises an objection, both parties may mutually consult for a common ground. |
(b) | The daily maximum traffic shall be the peak value measured among traffics recorded every minute. |
(c) | The charged traffic every month shall be an average of maximum traffic values provided by Provider recorded every day (MRTG) of the relevant month. |
4. | Service Provision Procedure and Change |
| Provider shall provide the service by the establishment completion date, designated through a consultation with Client who applied for use, unless other special reason hinders. |
‚ | Client shall request for service expansion and change through Provider’s IT Service Operation Management System (NTREE) and follow the standard procedure presented by Provider then after. |
20
Table of Contents
ƒ | If the provision of service is confirmed by Provider’s approval to the service provision, Provider shall deliver the service on a date agreed mutually with Client. |
„ | However, if an emergency installation is required in 3 days, Provider may claim for additional cost upon Client for the emergency installation. |
… | Below is the service provision procedure. |
5. | Person in Charge & Contact Info |
Client and Provider shall assign a responsible staff as below for a close partnership and if a contact information of the staff changes, both parties shall inform its counterpart of such change.
Category |
NBP |
Line Corp. | ||
Person in charge |
Keun-joo Han | |||
Xxxne |
000-000-0000 | |||
|
Xxxxx.xxx@xxx.xxx |
21
Table of Contents
[Attachment 1] Operation Service Statement
[Attachment 1-1 Server Operation Service]
1. | Server Platform Assistance Service |
(1) | Architecture & design |
A) | Analyze Client’s requirements. |
Analyzing the requirements of Client is investigating and analyzing the crucial and overall needs of Client necessary for deciding the technical design of client service.
B) | System design of Client’s service |
Client service design includes an activity of organizing the Client’s requirements into a detailed and technical system design statement and covers the following activities.
| Calculate number of servers and specification |
‚ | Calculate the maximum network bandwidth based on Client’s documentation |
ƒ | Check whether to backup or not based on service importance |
„ | Redundant server rack design depending on the service importance |
… | Categorize network depending on service importance |
(2) | Installation & Setting |
A) | Server Hardware Installation |
Perform basic activities for installing and configurating server hardware in compliance with the Provider’s standard policy as well as Client’s service needs.
B) | Server OS and Software Installation |
| OS shall be in compliance with Provider’s standard OS installation policy. The task also includes additional installation, deletion and upgrade of application which is included in OS distribution edition. |
‚ | Client shall install application other than OS. |
ƒ | Distribute/install/upgrade Provider’s distribution system and library management agent. |
C) | Server OS and System Setting |
Server OS and system setting shall be in compliance with Provider’s standard OS installation policy. The task also includes the following activities.
| OS kernel parameter setting |
‚ | Set up NFS mount when using NAS |
ƒ | Set up FUSE mount when using OwFS |
„ | Server Static Route setting |
… | Loopback Address setting |
† | Disk RAID setting |
D) | Server redundancy |
Server redundancy configuration includes L4 redundancy, server Loopback Address creation and network redundancy between server and switch and covers the following activities.
‡ | L4 Loopback setting |
ˆ | Server NIC redundancy |
22
Table of Contents
2. | Server Operation and Management Service |
(1) | Regular Operation |
A) | Server Console Monitoring |
Server console monitoring is performed by installing monitoring agent to server and monitoring on the console through setting the monitoring target on the server, based on a request made by Client. (Provider provides basic monitoring setting which is already agreed and Client shall directly perform additional monitoring.)
B) | Server Failure Response and Management |
For server failure response and management, Provider visually checks the server equipment for the target devices and performs the following activities upon a request by Client.
| Warm reboot |
‚ | Cold reboot |
ƒ | Physical On/Off |
C) | Server Change Management |
Server change management is based on Client’s request and covers the following activities.
| Server/component replacement and expansion |
‚ | Server return and migration |
ƒ | Change server host name and IP address |
„ | Server access authentication management |
… | Change L4 binding |
† | Change DNS and GTM |
‡ | Reinstall OS |
D) | Server Issue Management |
Perform the following activities when a troubleshooting is required if it is required by Client or based on Provider’s own checkup or failure.
| Manage server equipment (H/W) issue |
‚ | Manage OS issue (need to define the expense inflicted when requesting to vendor) |
E) | Server Capacity Management |
Perform the following activities for server capacity management.
| Set critical point per server group and monitor based on the critical point. |
‚ | Analyze the critical point and trend and suggest whether to expand or return the servers. |
F) | Server Performance Management |
Perform the following activities for server performance management.
| CPU, I/O Wait, Load Average index review |
‚ | Suggest idea if improvement is needed based on the review result. |
G) | Server Equipment Configuration Management |
Performs configuration management and update for equipment of Client as well as Provider.
23
Table of Contents
H) | Server Security Management |
Server security management covers the following activities to prevent failure and maintain security level.
| Server system firmware upgrade |
‚ | OS security update |
I) | Server Operation Management |
Server operation management covers the following activity.
| Draft operation report to submit to Client. |
[Attachment 1-2 Network Operation Service]
1. | Configuration Management |
(1) | Provider performs the following. |
A) | Select network equipment OS and standard configuration |
B) | Backup network equipment configuration information |
C) | Manage network configuration chart |
(2) | Client performs the following. |
A) | Provide requirements for selecting network equipment OS |
B) | Comply with security requirements related to network equipment configuration |
2. | Change Management |
(1) | Provider performs the following. |
A) | Establish the procedure that handles all changes including planned and emergency changes that could affect network setting (ex: review, approval, exchange of thoughts, documentation) together with Client. |
B) | Inform changes that could affect network setting according to proper procedure. |
C) | Record and track authorized change request |
D) | Evaluate planned change for network setting and inform the requirement necessary for supporting the change to Client |
E) | Set and manage schedule for testing and implementing the authorized change |
F) | Record and track managed resource change |
(2) | Client performs the following. |
A) | Cooperate with Provider when establishing the procedure that handles all changes including planned and emergency changes that could affect network setting (ex: review, approval, exchange of thoughts, documentation) |
B) | Notify Provider of a planned and emergency change of Client’s IT environment that could affect Provider’s provision of service |
24
Table of Contents
3. | Performance Management |
(1) | Provider performs the following. |
A) | Monitor network equipment’s performance |
B) | Take relevant measure when the performance of network device is affected (ex: inform Client’s network manager of the performance issue and adjust mutually for resolution) |
C) | Deliver network configuration and changes to Client that Provider needs to fulfill a certain service quality. |
(2) | Client performs the following. |
A) | Cooperate with Provider when the Provider establishes schedule for network maintenance, modification and improvement |
B) | Suggest a change on network configuration to Provider for performance improvement |
4. | Failure Management |
(1) | Provider performs the following. |
A) | Failure management including real-time network monitoring, error detection, report, record, tracking, solution, network, failure report and failure management |
B) | Define emergency contact process and procedure including the reporting process with Client’s support |
C) | Restore network damage from unplanned operational failure (ex: device breakdown, temporary error, abnormal operation). |
(2) | Client performs the following. |
A) | Provide the list of employees on Client’s end to Provider when it is necessary for resolving and reporting failure and notify of any changes made to the employees. |
B) | The manager on Client’s end shall cooperate with Provider when handling failure in order to resolve complex issue including network, server and software that affects Provider’s service delivery. |
5. | Capacity Management |
(1) | Provider performs the following. |
A) | Monitor current use volume of Client and document the record in order to provide information to Client with which the Client could decide future use. |
(2) | Client performs the following. |
A) | Forecast capacity which will be needed for a new service and provide the capacity information appropriate for service to Provider |
6. | Availability Management |
(1) | Provider performs the following. |
A) | Cooperate with Client when defining Client’s availability requirement |
B) | Provide hardware maintenance based on the equipment manufacturer’s specification |
C) | Recommend availability improvement ideas to Client |
25
Table of Contents
(2) | Client performs the following. |
A) | Define availability requirements under the support of Client |
B) | Rexxxxxxx xxxxxxxxlity improvement ideas |
7. | Asset Management |
(1) | Provider performs the following. |
A) | Request for Client’s asset and cooperate with Client to establish receipt process |
B) | Cooperate with Client during asset count/discard owned by Client |
C) | Track and report regularly any changes made to servicing network equipment |
(2) | Client performs the following. |
A) | Provide supply plan of Client’s asset |
B) | Count and discard property owned by Client |
[Attachment 1-3 DBMS Operation Service]
1. | DBMS Management Service |
(1) | Architecture & Design |
A) | Analyze Client’s needs |
Analyzing the requirements of Client is investigating and analyzing the crucial and overall needs of Client necessary for deciding the technical design of Client service.
B) | System Design of Client Service |
Client service design includes an activity of organizing the Client’s requirements into a detailed and technical system design statement and covers the following activities.
(2) | Installation & Setting |
A) | DBMS Installation |
DBMS installation performs basic activities for installing and setting in compliance with Client’s service needs and Provider’s standard policy.
B) | DBMS Configuration |
DBMS configuration covers activities including DBMS parameter setting, backup and monitoring setting that complies with Client’s service needs and Provider’s standard policy.
C) | DBMS Monitoring System Sync |
It syncs service target equipment of Client with default monitoring system.
D) | DBMS System Security Setting |
The task includes account/authority management for Client’s service target equipment as well as DB access restriction and logging management support.
E) | DBMS Query Review and Tuning |
DB system security setting covers DB query review and tuning upon Client’s request
F) | DBMS Migration |
DBMS migration performs migration for target equipment based on Client’s request.
26
Table of Contents
2. | Regular Operation |
(1) | DBMS Failure Response and Management |
It responds to failure occurred in Client’s service target equipment.
(2) | DBMS Change Management |
DBMS change management is based on Client’s request and covers the following activities.
A) | DBMS configuration change (including DBMS parameter change) |
B) | Change DBMS redundancy |
C) | DBMS version patch |
D) | DBMS version upgrade |
E) | DBMS OBJECT creation/change |
(3) | DBMS Backup and Restoration |
DBMS backup and restoration is done upon Client’s request and the restoration is done in local server.
(4) | DBMS Performance Management |
Server performance management covers the following works.
A) | DBMS/log monitoring, DB server performance management, enhancement/maintenance of availability |
B) | Performance monitoring on DBMS resource and delayed duplication |
C) | Query monitoring/tuning |
(5) | DBMS Data Management |
DBMS data management is done upon Client’s request and covers the following activities
A) | It handles ‘Insert’ and ‘Delete’ data work as a service type that requests for data-related task. However, the data change (add/delete/change) is only confined to large change or data change at once through review that poses direct impact to service, and a minor changes for service operation as well as routine changes are not covered. |
B) | Request for data extraction/analysis from operation DB for statistical work. |
(6) | DBMS Configuration Management |
DBMS Configuration Management covers configurating and updating Client’s service DB equipment.
(7) | DBMS Security Management |
It covers DBMS access control, logging management support and diagnosis support.
(8) | DBMS Operation Management |
It covers the following task.
A) | Draft operation report to submit to Client |
27
Table of Contents
[Attachment 1-4 Security Service]
1. | Accident Response Service |
(1) | Provider performs the following. |
A) | Control events detected by security solution for entire service and office network. (24-7 supervision) |
B) | Once a security breach (including DDoS attach) is detected that is considered as infiltration attempt, send the notice to Client’s security manager and share the process details. |
C) | The response measure and level shall be dependent upon event rank. |
D) | Request for information and authority required for responsive measure. |
E) | Analyze the malicious code detected during infiltration and provide the result therein. |
F) | Share security guide for countermeasure and prevention of recurrence and deliver the result upon taking measure. |
G) | Respond to technical inquires of Client to prevent recurrence of incident. |
H) | Submit monthly hacking trend report and the report shall include infiltration attempts of the corresponding month as well as DDoS/Worm/virus occurrence status. |
(2) | Client performs the following. |
A) | Client may request for investigating the infiltration incident if such incident is suspected. |
B) | Designate contact process during infiltration event in prior and share with Provider. |
C) | Client’s security manager shall designate a staff that will cooperate with Provider in the occurrence of infiltration event, and support Provider with information necessary for countermeasure. |
D) | Grant information and authority required for Provider to respond to infiltration incident. |
2. | Comprehensive Diagnosis Service |
(1) | Provider performs the following. |
A) | Perform the comprehensive diagnosis according to the period and number of diagnosis set with Client. |
B) | Request for information and authority necessary for comprehensive security diagnosis. |
C) | Provide the result of comprehensive security diagnosis. |
(2) | Client performs the following. |
A) | Client shall designate the diagnosis target for comprehensive security diagnosis and support Provider with affiliated information required for the diagnosis. |
B) | Provide information and authority to Provider necessary for comprehensive security diagnosis. |
3. | Security Review Service |
(1) | Provider performs the following. |
A) | Provide infra security checklist for OS, WAS, DB and so on. |
B) | Check security level for areas of which the checklist had been sent and provide the following result. |
28
Table of Contents
C) | Review the security level on overall infra composition during service establishment and change and deliver the result. |
D) | Handle other requests concerning security within set deadline and consult with the requestor if there is an issue. |
E) | The security-related requests include ACL, SSL VPN, internal public IP, wireless lan router and exceptions to office security solution (vaccine, PMS, IPS, SPAM Filter and etc.). |
F) | Perform security review for web and game application service that Client provides. |
G) | Request for information and authority required for security review. |
H) | Provide security review result in a form agreed upon mutually. |
I) | Provide information on the history of security review result as well as the details of measures taken. |
(2) | Client performs the following. |
A) | Designate the target for comprehensive security diagnosis to Provider and support Provider with affiliated resources required for the analysis. |
B) | Grant information and authority required for diagnosis to Provider. |
4. | Security Solution Operation Service |
(1) | Provider performs the following. |
A) | Define and operate detection policy suitable for the security control target. |
B) | Detection policy shall be regularly renewed and in the occurrence of an issue, the policy must be renewed for an effective operation of security solution. |
C) | Define and operate infiltration blocking policy based on detection policy. |
D) | Infiltration blocking policy must be regularly renewed and in the occurrence of an issue, the policy must be renewed for an optimal performance of the detection. |
E) | Make sure the security system normally operates. |
F) | Provide quarterly report on security solution operation status. |
5. | Abusing Response Service |
(1) | Provider performs the following. |
A) | For abusing analysis request, perform the analysis and provide the result. |
B) | Request for information and authority required for abusing analysis. |
C) | Respond to technical inquiries for resolving Client’s abusing issue. |
(2) | Client performs the following. |
A) | Request for abusing analysis upon Provider if an activity suspected as abusing is spotted. |
B) | Support Provider with affiliated information necessary for abusing analysis as requested by Provider. |
C) | Grant information and authority required for abusing analysis to Provider. |
D) | Send technical inquiries to Provider to resolve abusing issue. |
29
Table of Contents
6. | Infiltration Detection/Response Service |
(1) | The scope of service shall be as follows. |
A) | Provide detection feature based on the pattern defined in infiltration detection system in prior through such system. |
B) | Do not provide the detection service for attacks of which the patterns are not defined (ex. Zero-day attach and etc.) in infiltration detection system. However, if the vendor of infiltration detection system has provided the pattern, Provider shall, in principle, apply such pattern to the system; however Provider shall not be responsible for a detection failure arising from not applying the pattern. |
C) | The scope of monitoring covered with infiltration detection system shall be the system within the IP bandwidth owned and designated by Client |
D) | Should an infiltration incident occur to Client’s system, Provider shall take responsive measure for the system where the incident has occurred. The information and authority that Provider asks for the measure shall be provided by Client to Provider. |
(2) | Provider shall not be liable for the failure in detecting infiltration attempt and an accident that follows from one of reasons defined below. |
A) | If it had occurred from a fault of Xxxxxx |
X) | If it had occurred by applying the security policy requested by Client |
C) | If the failure had occurred from an attachment of which the pattern had not been defined in infiltration detection system in advance, although the system was in its normal operation |
D) | If it had occurred from Client’s failure to take measure against the vulnerability reported by Provider |
E) | Provider does not warrant that the detection of all infiltration is available for Client system. |
F) | Provider only provides infiltration detection system that Provider commonly operates to Client. |
[Attachment 1-5 SIM (Service Infrastructure Manager) Service]
1. | SIM assignment |
(1) | Provider shall respond to the requirements made by the Client by assigning a responsible staff in charge of the Client’s customer service. |
(2) | Provider may assign a different manager for each service of the Client if necessary. |
(3) | SIM serves as an agent who collects and responds to the inquiry/expansion/change task required by Client. |
2. | Infrastructure Architecture Design |
(1) | Analyze the requirements of Client service |
(2) | Infrastructural preparation in advance |
A) | Check Physical Architecture (infrastructure arrangement plan) |
B) | Check Logical Architecture (service arrangement plan) |
C) | Check server setting preparation |
30
Table of Contents
D) | Check network setting preparation |
E) | Check rack setting preparation |
F) | Check DBMS setting preparation |
G) | Check storage setting preparation |
H) | Check CDN setting preparation |
I) | Check DNS (Domain Name System)/GTM (Global Traffic Manager) setting preparation |
(3) | Installation & Arrangement Management |
A) | Check warehousing |
B) | Check installation |
C) | Check setting |
3. | Regular Operation |
(1) | Client Management |
A) | Respond to Client inquiry |
B) | Check complaints |
C) | Provide regular report |
D) | Draft and deliver a quarterly report for the service provided to Client. |
(2) | Overall Operation Management |
A) | Support expansion of infrastructure during operation |
If expanding infrastructure is required while running the Client’s service, check below matters first and expand the infrastructure along with Client.
| Check Physical Architecture (infrastructure arrangement plan) |
‚ | Check Logical Architecture (service arrangement plan) |
ƒ | Check server setting |
„ | Check network setting |
… | Check rack setting |
† | Check DBMS setting |
‡ | Check storage setting |
ˆ | Check CDN setting |
‰ | Check DNS(Domain Name System)/GTM(Global Traffic Manager) setting |
B) | Support installation of infrastructure during operation |
| Check warehousing |
‚ | Check installation |
ƒ | Check setting |
C) | Be responsible for handling all the task regarding fault/change occurred during operation and share the result with Client. |
31
Table of Contents
D) | Share the requirement raised by either Client or Provider during operation and coordinate the difference of opinion. |
[Attachment 1-6 Storage/Backup Operation Service]
1. | Storage/Backup Platform Support Service |
(1) | Architecture & Design |
A) | Analyze Client’s requirements |
It investigates and analyzes key and overall requirement necessary for deciding the technical design of Client service.
B) | System design for Client service |
Client service design includes an activity of organizing the Client’s requirements into a detailed and technical system design statement and covers the following activities.
| Calculate storage capacity in consideration of Client’s need |
‚ | Calculate the number of storage and specification |
(2) | Installation & Setting |
A) | Install storage/backup hardware |
| Install storage/backup system |
B) | Compose details of storage/backup |
C) | Allocate Client volume and compose solution |
2. | Storage/Backup Operation and Management Service |
(1) | Storage/Backup System Console Monitoring |
For storage/backup system console monitoring, check whether there is any abnormalities in software and hardware.
(2) | Storage/Backup System Change Management |
Managing storage/backup system change is based on the Client’s request and covers the following activities.
A) | Volume expansion and collection |
B) | Add Client server and make change concerning reinstallation |
C) | Change duplication composition |
D) | Entirely reorganize storage/backup |
E) | Change Firmware |
F) | Replace failed part |
(3) | Issue Management |
Provider performs storage/backup issue management to the Client’s service equipment upon a request by Client or if troubleshooting is deemed necessary from Provider’s own review or fault.
(4) | Storage/Backup System Equipment Composition |
For storage/backup system equipment composition, perform composition management as well as update for the concerned device.
32
Table of Contents
(5) | Response to and Manage Storage/Backup System Error |
Handle and manage storage/backup system error based on the monitoring result.
<Attachment 2> Unit price
[***]*
* | Note: Confidential treatment has been requested with respect to the information contained within the [***] marking. Such portions have been omitted from this filing and have been filed separately with the Securities and Exchange Commission. |
33
Table of Contents
<Attachment 3> ESM Code
34
Table of Contents
35
Table of Contents
36
Table of Contents
37
Table of Contents
38
Table of Contents
39
Table of Contents
40
Table of Contents
41
Table of Contents
42
Table of Contents
43
Table of Contents
44
Table of Contents
Contract Extension Agreement
NAVER Business Platform Corporation (hereinafter referred to as ‘NBP’) and LINE Corporation (hereinafter referred to as ‘LINE’) hereby agree to extend the agreement signed previously as below.
Article 1. Purpose
The purpose of this Agreement is to change the agreement signed by and between NBP and LINE upon mutual consultation and to clearly set forth the changes, effectiveness and others.
Article 2. Details of the Changes
1. | Target agreement for change (hereinafter ‘Original Agreement’) |
A. | Agreement signing day: April 1, 2013 |
B. | Agreement title: ‘Information Technology Service Agreement’ between LINE Corporation and NAVER Business Platform (include 1 annex – IT Infra Operation Service Statement) (hereinafter referred to as ‘Target Agreement’) |
2. | Agreed Change |
A. | According to the Article 4 in the Original Agreement, both parties hereby agree that the Original Agreement to be automatically extended for one (1) year on July 31, 2015. The termination date for the Original Agreement shall be changed to July 31, 2016, accordingly. |
Article 3. Effectiveness
1. | This Agreement shall become valid from the signing day. |
2. | The ‘Original Agreement’ shall be modified according to the conditions set forth herein this Agreement from the singing day of the Agreement and matters which have not been set forth separately herein shall follow the provisions stipulated in the ‘Original Agreement.’ |
Article 4. Interpretation, etc.
Matters which have not been stipulated herein this Agreement and ‘Original Agreement’ shall be defined upon a separate mutual consultation.
Table of Contents
IN WITNESS WHEREOF, two (2) copies of the Agreement have been mutually signed and sealed, each party keeping one (1) copy at its custody.
June 30, 2015
‘NBP’ NAVER Business Platform Corporation NAVER Green Factory, 000-0, Xxxxxxx-xxxx, Xxxxxxx-xx, Xxxxxxxx-xx, Xxxxxxxx-xx, Xxxxx
CEO Weongi Park (Seal) |
‘LINE’ LINE Corporation 27F Shibuya Hikarie, 0-00-0 Xxxxxxx Xxxxxxx-xx, Xxxxx, Xxxxx
CEO IDEZAWA TAKESHI (Seal) |