Legal Information

G-CORE COLOCATION SERVICES SPECIFICATION

Last updated: July 25, 2018

G-Core Labs S.A. (“G-Core”) and the Customer of G-Core (“Customer”) will comply with the following Colocation Services Specification (“Specification”) with respect to Customer’s use of the Services provided by G-Core pursuant to the G-Core Master Services Agreement (“MSA”) and any Service Order thereunder concluded between G-Core and Customer.

The Colocation Services Specification is part of the MSA. Terms not defined herein shall have the same definition as within the MSA.

1.Definitions

Accompanying Person(s) means any person(s) other than Authorized Personnel accompanying Customer while at a G-Core Data Center.

Authorized Personnel means any member of staff of G-Core, G-Core’s affiliates or subcontractors that is providing Escorted Access to Customer and/or who is otherwise in charge or entitled to give instructions to customers at the respective G-Core Data Center.

Cross Connect means a physical or wireless interconnection within a G-Core Data Center that (i) exits Customer's cage or (ii) connects Customer to another G-Core customer.

Customer Cross Connect means a physical interconnection, including cables, connections, and other wiring, that (i) does not exit Customer's cage; (ii) does not connect Customer to another G-Core customer; and (iii) interconnects (a) Customer’s Equipment or (b) G-Core-provided SDP Equipment in Customer's cage with Customer's Equipment.

Customer’s Equipment means all network, computer and other equipment provided, leased, owned or otherwise directly or indirectly controlled by Customer, Customer’s affiliates or subcontractors or Accompanying Persons (including wiring and connections between such equipment and Customer’s demarcation equipment) located at a G-Core Data Center, excluding Cross Connects and G-Core’s SDP Equipment.

Limit means for any power circuit, the lesser of (i) the power rating for such power circuit stated in the respective Service Order (80% of the rated capacity for power circuits in G-Core Data Centers in the Asia Pacific region) or (ii) the rated capacity pursuant to the applicable local codes.

Service Delivery Point Equipment or SDP Equipment means (1) patch panels, DSX panels for category 5 twisted pair, co-axial, single and multi-mode fiber, or (2) other appropriate (as reasonably determined by G-Core) point of demarcation for interconnection or power distribution equipment.

Ports mean all wiring, connections, circuitry and utility ports at the SDP Equipment.

Redundant Power Circuit Pair means two identical power circuits installed in the same cabinet or rack (neither of which are part of another pair of circuits in the same cabinet or rack) that are fed from diverse power busses and are powering only equipment with redundant power supplies capable of auto-failover.

Unordered Service means a G-Core service used by Customer without coverage by an Service Order for such service.

G-Core Data Center means the data centers of G-Core, G-Core’s Affiliates or subcontractors in which Customer receives Services from G-Core pursuant to an Service Order.

G-Core Data Center Property means the real property on which, and the building in which, a G-Core Data Center is located.

G-Core Power Distribution System means any and all Hendry panels (or other data center distribution panels that are compliant with G-Core specifications), locks, and power strips and electrical, utility, or power distribution systems and items that are installed by G-Core.

2.Scope of Colocation Services

2.1 G-Core provides Customer with space, facilities and services necessary to install and operate Customer’s equipment and/or equipment of G-Core rented by Customer at the data center(s) of G-Core, G-Core’s Affiliates or G-Core’s subcontractors, including security control, environmental control, connectivity and power supply (including back-up power) (“Colocation Services”).

2.2 A Service Order will usually set forth the following: (a) the Colocation Services to be provided, (b) any Specifications pertaining to such Colocation Services, including the location where the Colocation Services will be provided at and the areas within that location (together the “Licensed Space”), (c) the term for the Colocation Services, (d) the Fees for the Colocation Services and (e) any other terms mutually agreed upon by the Parties.

2.3 G-Core shall provide the Colocation Services in accordance with the Service Levels set out in the SLA, provided by G-Core to Customer.

2.4 Physical access to the Licensed Space is restricted to G-Core personnel and designated personnel of Customer. G-Core personnel will accompany and supervise the designated personnel of Customer at all times during access to the Licensed Space (“Escorted Access”). G-Core will provide Escorted Access to Customer only for the purpose of removing Customer’s equipment from the Licensed Space and/or for testing, resetting, modifying and/or configuring the Customer’s equipment and/or equipment of G-Core rented by Customer located within the Licensed Space. During Escorted Access, Customer must comply (i) with all rules and procedures applicable to the Licensed Space, in particular any applicable acceptable use policy, and (ii) with all related orders and directions of G-Core’s personnel. Escorted Access will be charged with G-Core’s then current hourly rates (depending on the level of technical qualification of G-Core’s personnel to accompany and supervise Customer) and has to be requested by Customer at least five Days in advance. Instead of G-Core personnel, G-Core may also use personnel of G-Core’s subcontractors to provide Escorted Access to Customer and may charge G-Core’s respective expenses to Customer.

2.5 G-Core will provide Colocation Services only up to the relevant location at which G-Core’s responsibility to provide equipment and Services ends and where Customer’s responsibilities begin (“Service Delivery Point”), as identified within the Specifications, and shall not be responsible for providing any Colocation Services on Customer’s side of the Service Delivery Point or for providing in-house cabling or conduits unless agreed otherwise in the Service Order.

2.6 Unless agreed otherwise in the Service Order, Customer is solely responsible for providing and maintaining all necessary electronic communications required to linking the Colocation Services, including wiring, communication line access and networking devices.

2.7 The Colocation Service shall be provided subject to G-Core’s Acceptable Use Policy, available at https://gcorelabs.com/legal. Customer agrees to use the Colocation Services only in compliance with Acceptable Use Policy.

2.8 The Parties agree that if G-Core, in its sole discretion, determines that an emergency action is necessary to protect G-Core’s network, G-Core may block any path over G-Core’s network used by Customer.

2.9 While Customer has no right to use the Colocation Services after the Service Order expires or terminates, if G-Core permits Customer to do so in its sole discretion, Customer will remain bound by the terms of the MSA, including, without limitation, all payment obligations and such continued use may be terminated by G-Core immediately upon notice.

3.Delay of Colocation Services

3.1 Any tentative commencement date for provision of the Colocation Services (e.g. the Estimated Delivery Date) or lead-time provided by G-Core to Customer which is not specified as “Committed Commencement Date” by G-Core shall be deemed a target date for commencement of the Colocation Service and shall not be binding on or create any liability for G-Core.

4.Service Delivery

The ready for service date (“RFS Date”) for a Colocation Service shall be the date (a) on which G-Core sends a notification via email to Customer, confirming that the respective Licensed Space is ready for Customer’s use as agreed in the applicable Service Order, or (b) on which Customer starts using the Colocation Service without such notification by G-Core, whichever (a) or (b) is earlier.

5.Removal of Customer’s Property

Customer will remove all of Customer’s property, in particular any of Customer’s equipment, from the Licensed Space on or before the expiry or termination of the Service Order. Unless G-Core otherwise agrees in writing, failure to remove Customer’s property within seven Days from the expiry or termination of the Service Order or within twenty Days if the Service Order is terminated due to G-Core’s material breach, will be deemed an abandonment of Customer’s property and G-Core will be entitled to pursue all available legal remedies, including, without limitation and at Customer’s risk and costs, (i) immediately removing Customer’s property and storing it at Customer’s costs at another location of G-Core’s reasonable choice, (ii) shipping Customer’s property to Customer, or (iii) upon thirty calendar days prior written notice to Customer liquidating Customer’s property and retaining the proceeds.

6.Remote Hands Services

6.1 With respect to any hardware and/or hardware components and/or any other integral or ancillary technical equipment (including any storage media) and/or Colocation Services and/or Connectivity Services which are located at and/or provided at the Licensed Space of Customer, G-Core will provide upon request by Customer the following Services (together “Remote Hands Services”): (a) the installation and setup of new equipment for operational use by Customer, including the installation of software, drivers or firmware necessary for operational use of such new equipment, (b) the modification, (re-)configuration, resetting and/or power cycling of equipment, Colocation Services and/or Connectivity Services, including respective cabling and/or connections, and (c) exchanging removable storage media (e.g. hard drives etc.).

6.2 During the Service Times and via the means of communications as set forth in the Service Order, Customer may contact G-Core to issue a request for particular Remote Hands Services (each a “Service Request”). A Service Request shall include (a) Customer name and on-site technical contact information (telephone number, email address and hours of operation of the responsible Customer contact), (b) the specific date and time at which Customer wants G-Core to perform the requested Remote Hands Service, (c) any available serial numbers of the installed and/or new components to be installed, removed or otherwise modified or (re-)configured during the requested Remote Hands Service, and (d) a reasonably detailed description of the requested Remote Hands Service, together with any supporting information that Customer’s engineers believe will assist G-Core in its fulfillment of the Service Request.

6.3 Following G-Core’s receipt of the Service Request, G-Core will commence Remote Hands Services by analyzing the Service Request and providing Customer with the estimated time frame to complete the necessary Remote Hands Services. Any date and time specified by Customer for G-Core to perform the requested Remote Hands Service shall only be an Estimated Delivery Date.

6.4 Customer acknowledges that the timely and successful fulfillment of a Services Request requires good faith cooperation and frequent communication between the Parties as well as precise technical directions and orders by Customer. Remote Hands Services will be performed by G-Core solely as instructed by Customer. Further, Customer will furnish all information reasonably requested by G-Core to provide the respective Remote Hands Service, including provision of access to all relevant technical information, competent and qualified Customer personnel, facilities, equipment and software that G-Core or its personnel or subcontractors may reasonably request. Upon Customer’s request, G-Core will keep Customer informed on the progress regarding any Service Request.

6.5 G-Core reserves the right to reject a Service Request submitted by Customer, in particular if, in G-Core’s sole judgment, (a) G-Core lacks sufficient facilities, material, equipment, capacity or regulatory authority to fulfill the Service Request, (b) the requested Remote Hands Service would endanger technical equipment of G-Core or any third party, and/or (c) Customer does not provide sufficient information in accordance with subsection 6.4 above for G-Core to fulfill the respective Service Request.

6.6 After completion of a Service Request, G-Core shall notify Customer thereof via email. The date of that email shall be the RFS Date with respect to the Remote Hands Services provided when processing that Service Request.

6.7 G-Core will only provide Remote Hands Services as instructed by Customer. G-Core therefore does not make and disclaims (i) all warranties that the Remote Hands Services will be performed defect-free or completely secure, and (ii) the implied warranties of merchantability and fitness for a particular purpose. All Remote Hands Services are provided on an “as is” basis and Customer’s use of the Remote Hands Services is solely at its own risk. Section 11 of the MSA remains unaffected.

7.Conduct within G-Core Data Centers

7.1 Customer will:

(a) comply with all rules, regulations and procedures in effect at the G-Core Data Center;

(b) comply with all applicable laws in its use of its Licensed Space and its activities in the G-Core Data Center, and comply with all signs posted at any time (including changes in such signs) at the G-Core Data Centers concerning security procedures relating to the G-Core Data Centers;

(c) have full responsibility and liability for all acts or omissions of the designated personnel of Customer, including, as the case may be, any Accompanying Persons, and all such acts or omissions will be attributed to Customer for all purposes, including for the purposes of determining whether Customer has breached (i.e. failed to abide by) the MSA. Without limiting the foregoing, Customer is responsible and must ensure that Customer’s designated personnel, including, as the case may be, any Accompanying Persons, do not take any actions that Customer is prohibited from taking under the Policies;

(d) be responsible for and will use its Licensed Space only for configuring, providing, placing, installing, upgrading, adding, maintaining, repairing and operating Customer’s own technical equipment, or, as the case may be, rented hardware from G-Core, in a safe and lawful manner to the extent permitted by and subject to the terms of the MSA and any applicable Service Order concluded thereunder;

(e) use the restrooms, any shared work area, and any other common spaces in the G-Core Data Centers and the parking areas outside of the G-Core Data Centers in accordance with the terms of the MSA and any applicable Service Order concluded thereunder, and any rules or signs then posted in or near such areas in the respective G-Core Data Center;

(f) maintain its Licensed Space in an orderly and clean manner and in good repair and condition (reasonable wear and tear only excepted);

(g) deposit litter in designated receptacles or in appropriate locations outside the G-Core Data Centers;

(h) behave in a courteous and professional manner within the G-Core Data Centers and the G-Core Data Center Properties;

(i) immediately notify G-Core of any damage or risk of damage to the G-Core Data Centers or the G-Core Data Center Properties, or damage to any equipment or property of any person in the G-Core Data Centers or the G-Core Data Center Properties;

(j) comply with all applicable property control procedures, which may include providing Authorized Personnel with a description and the serial numbers of items brought into an G-Core Data Center that are valued by the Authorized Personnel at more than EUR 1,000 (or equivalent local currency) and/or providing the Authorized Personnel with the name, contact number and signature of the person removing such items;

(k) if applicable, be responsible for maintaining the confidentiality of Customer’s account numbers and passwords for using G-Core’s customer care website and for restricting and granting access thereto. Notwithstanding anything to the contrary, Customer is responsible and liable for all activities that occur under Customer’s account (including all payments owed for any orders for Services that are placed under Customer’s account), regardless of whether such activities are conducted by Customer or any other third party, and regardless of whether such orders are authorized by Customer. G-Core does not have any obligation to verify that anyone using Customer’s account and password has Customer’s authorization.

7.2 Customer will ensure that it does not do any of the following:

(a) install, touch, access, tamper with, damage, adjust, repair, interfere with, or breach the security of, the Licensed Space of other customers of G-Core or the equipment, property or services of any other customers, vendors, contractors or other parties that license, sublicense, lease or sublease space or otherwise utilize space at the G-Core Data Center or the G-Core Data Center Properties, or provide services or products to those who do;

(b) alter, tamper with, damage, adjust, repair, interfere with, or breach the security of Customer’s Licensed Space, the G-Core Data Centers or the G-Core Data Center Properties (including, without limitation, the electrical and other building systems of the G-Core Data Centers or the G-Core Data Center Properties), or any equipment or property leased, licensed or owned by G-Core (including, without limitation, any Cross Connects and the G-Core Power Distribution System, which only G-Core will install, repair or alter);

(c) install or otherwise perform any Cross Connects;

(d) affix or maintain labels to any Ports or any SDP Equipment that connects Customer’s Equipment to equipment belonging to other customers (G-Core will affix and maintain such labels, which will contain information as determined by G-Core, including circuit identification and other information needed to identify each G-Core-provided Port);

(e) encumber or obstruct the pathways, driveways, yards, entrances, hallways, stairs or any common areas in or around the G-Core Data Centers or the G-Core Data Center Properties;

(f) unless G-Core expressly consents, use any common areas at the G-Core Data Centers or the G-Core Data Center Properties (other than a shared work area where G-Core permits customers to repair their equipment) for any purpose other than access and exit to and from its Licensed Space;

(g) use a shared work area that G-Core permits customers to use for any purpose other than to repair their equipment;

(h) use the Services to compete with any services offered by G-Core, G-Core’s affiliates or G-Core’s subcontractors who operate, as the case may be, the specific G-Core Data Center;

(i) create any nuisances at the G-Core Data Centers or the G-Core Data Center Properties;

(j) manufacture, generate, treat, transport, dispose of, release, discharge, or store on, under or about the G-Core Data Centers, the G-Core Data Center Properties or any surrounding properties, any hazardous materials;

(k) eat, drink or use tobacco products within the G-Core Data Centers except within areas designated for such purposes;

(l) bring recording equipment in, or take photographs of (whether by use of a camera, video camera, cell phone, wireless handset or otherwise), any part of the G-Core Data Centers;

(m) place furniture in its Licensed Space except as permitted by the G-Core Data Center site manager in his/her reasonable discretion. In the event that Customer places furniture G-Core may at any time thereafter notify Customer that the furniture must be removed within three Days following such notice. If Customer fails to remove the furniture within that period, G-Core may remove the furniture, charge Customer Remote Hands Service rates for doing so, and store the furniture at Customer's expense;

(n) install any surveillance cameras or other surveillance equipment without G-Core's prior consent. G-Core reserves the right to require Customer to remove or relocate any surveillance cameras or surveillance equipment that G-Core deems to threaten or impede the security of the G-Core Data Center (including the security of other G-Core customers);

(o) block any exit route or aisle way or create a fire hazard;

(p) use VRLA (valve-regulated lead-acid) batteries within the G-Core Data Centers, unless the batteries are a manufacturer-installed and integrated part of equipment that is an express exception to this rule according the applicable G-Core Data Center rules;

(q) use circuit splitters on any G-Core-provided power circuit;

(r) use UPS (uninterrupted power supply) systems that are not provided by G-Core;

(s) use 48v DC rectifiers that are not provided by G-Core without obtaining advance approval from G-Core;

(t) connect a power circuit to a cabinet other than the cabinet specified by G-Core for such power circuit;

(u) consume power beyond the Limit of any power circuit or Redundant Power Circuit Pair.

7.3 Redundant Power Circuit Policy: A power circuit is a redundant power circuit only if at all times it meets both of the following conditions: (a) It is part of a Redundant Power Circuit Pair, and (b) The aggregate draw of such Redundant Power Circuit Pair does not exceed the Limit of one of the power circuits in the Redundant Power Circuit Pair. Accordingly, if a power circuit is originally a redundant power circuit but subsequently fails to meet conditions a and b simultaneously, such power circuit will thereafter be deemed a primary power circuit that will be treated as an Unordered Service.

7.4 Use of Unordered Services: In the event that Customer uses an Unordered Service, G-Core will so notify Customer (which notification may be delivered only by e-mail or regular mail as indicated in the relevant Service Order, notwithstanding anything to the contrary in the MSA) and provide Customer with a Service Order which lists the Unordered Service. If Customer does not execute such Service Order and return it to G-Core within five Days of the date of such notification, in addition to all other remedies available to G-Core, G-Core may charge Customer for such Unordered Service at its then current list price commencing on the date Customer began using the Unordered Service. Use of a power circuit beyond its Limit and use of a Redundant Power Circuit Pair beyond the Limit of one of the circuits in such Redundant Power Circuit Pair shall be considered an Unordered Service.

8.Handling of Customer Equipment

8.1 Customer will ensure that:

(a) all Customer’s Equipment will be installed, operated, maintained and repaired in compliance with all applicable laws and manufacturer specifications and requirements;

(b) the installation and use of Customer’s Equipment complies with applicable safety codes and product safety agency listings;

(c) all of the cables and wiring (including Customer Cross Connects and Customer power cords) in its Licensed Space, other than any Cross Connects or G-Core’s SDP Equipment, are neatly wrapped and tied together (if Customer fails to do so, G-Core may at its sole option neatly wrap and tie such wires and cables, and G-Core may charge Customer Remote Hands Service rates for doing so);

(d) Customer’s Equipment is not stacked or resting on any other equipment;

(e) all of Customer’s Equipment is securely fixed onto a cabinet or rack in a manner reasonably satisfactory to G-Core. If Customer’s Equipment is too large or heavy for a rack or cabinet, including but not limited to large servers, G-Core may affix such equipment directly to the floor, and G-Core may charge Customer Remote Hands Service rates for doing so;

(f) appropriate air management products (including, but not limited to, blanking plates, grommets and brushes) are installed in cabinets to minimize any potential mixing of cold and hot air between a cabinet and any source of cooling to that cabinet and, where these have not been installed, G-Core may install or replace (as appropriate) such air management products;

(g) where practical, the heaviest and/or hottest (when in operation) of Customer’s Equipment is installed in the lower sections of a cabinet to make the most effective use of the supplied cooling system;

(h) where practical, cables and wiring (including Customer Cross Connects and Customer power cords) should only run from Customer’s Equipment out of the back of the cabinet or rack. If this is unavoidable, Customer will ensure that appropriate air management products are installed to make the most effective use of the supplied cooling system.

8.2 Customer may install and maintain Customer Cross Connects. G-Core has no obligation to install, maintain or repair any Customer Cross Connects.

8.3 G-Core may require Customer to remove from any G-Core Data Center Customer’s Equipment that, in G-Core’s sole discretion, (i) causes a threat to safety (including any risk of fire or other hazard) to the operations of the G-Core Data Center or the G-Core Data Center Property, or (ii) unreasonably interferes with the operations of G-Core, another customer or any other person or entity that is licensing, sublicensing, leasing or subleasing space or otherwise utilizing any portion of the G-Core Data Center or the G-Core Data Center Property.

8.4 If Customer wants to identify Customer’s Equipment or its Licensed Space, the means of identification will be subject to G-Core’s prior approval before Customer uses such means of identification. G-Core will not identify the location of Customer’s Equipment in the G-Core Data Center, and G-Core will not be responsible for labeling Ports except that G-Core is responsible for connecting Customer’s Equipment to equipment belonging to other G-Core customers at a G-Core Data Center.

8.5 G-Core will not touch, maintain, use, upgrade, repair or operate Customer’s Equipment, except in an emergency, or where explicitly or implicitly authorized by Customer’s use of Remote Hands Service, or as otherwise agreed in the MSA.

8.6 Customer is solely responsible for any loss or theft of or damage to Customer’s Equipment left unattended outside of the Licensed Space in a shared cage.

8.7 G-Core is not responsible for any electronic interference that may occur with respect to Customer’s use of wireless communications equipment.

9.Shipping Policy

9.1 Customer will comply with the shipping and receiving policies in effect at the G-Core Data Center.

9.2 Customer will ensure that all shipments (including the boxes) are clearly labeled with the company name and/or identifier of Customer (as required by the G-Core Data Center) and with a reference to G-Core and the licensed space. Customer will not list G-Core as a recipient of any shipment or identify G-Core as a recipient to any shipping carrier. Unidentified packages or packages that list G-Core as the recipient may be rejected.

9.3 G-Core reserves the right to visually and/or physically inspect any and all shipments to or from the G-Core Data Centers when such shipments arrive at the shipping/receiving area. Shipments containing liquids, combustibles and any hazardous materials are prohibited, and, to the extent G-Core is so aware of the contents of such shipments, will not be accepted at any time.

9.4 At the time of G-Core’s inspection of any shipments to or from the G-Core Data Centers, G-Core may record serial numbers for Customer’s Equipment. Accordingly, when packing Customer’s Equipment for shipping, Customer should be aware that G-Core personnel may need access to the serial numbers on Customer’s Equipment being shipped, prior to the boxes being sealed.

9.5 Customer is responsible for moving its shipments from the shipping/receiving area to its Licensed Space and from its Licensed Space to the shipping/receiving area, and Customer’s failure to do so in accordance with the shipping/receiving policies applicable to the G-Core Data Center may result in charges as set forth in such policies.

9.6 Unless prior arrangements are made with G-Core by Customer in accordance with the shipping/receiving policies applicable to the G-Core Data Center, G-Core reserves the right to ship the shipment back to the “shipped from” address, at Customer’s expense.

9.7 G-Core is not responsible or liable for any missing or damage to Customer’s Equipment which may occur during the packaging and/or shipment of such equipment.

9.8 Customer is responsible for all duties, charges, fees, taxes and customs requirements associated with international shipments.

10.Network System Numbers

10.1 G-Core strongly encourages Customer to have its own autonomous system number as designated by the American Registry of Internet Numbers, the Réseaux IP Européens (RIPE), or the Asia Pacific Network Information Centre or their successors.

10.2 Customer will be responsible for obtaining telecommunications services as needed from the carrier of its choice. G-Core will not be responsible for providing or installing such services except as otherwise agreed upon in any Service Order.

11.Data Traffic

11.1 Unless agreed otherwise by the Parties in writing, billing of traffic is based on the metered data traffic model. Customer is offered a traffic package for a server as part of the monthly server charge. If the traffic package amount is exceeded, either as inbound or outbound traffic, then Customer shall pay for each GB in excess of the package. Data usage in excess of the traffic package will be billed at the end of the month.

G-CORE HARDWARE RENTAL SPECIFICATION

Last updated: April 28, 2017

G-Core Labs S.A. (“G-Core”) and the Customer of G-Core (“Customer”) will comply with the following Hardware Rental Specification (“Specification”) with respect to Customer’s use of the Services provided by G-Core pursuant to the G-Core Master Services Agreement (“MSA”) and any Service Order thereunder concluded between G-Core and Customer.

Hardware Rental Specification is part of the MSA. Terms not defined herein shall have the same definition as within the MSA.

1. Scope of Hardware Rental

1.1 This Specification sets forth the terms and conditions for the rental of hardware and/or hardware components and/or other integral or ancillary technical equipment by Customer from G-Core (“Hardware Rental”).

1.2 The Service Order will usually set forth the following: (a) the equipment which G-Core will rent to Customer (“Rented Hardware”), (b) the Fees (i.e. the rental fees and any additional costs) for the Hardware Rental, (c) the destination at which the Rented Hardware shall be set up and used (“Setup Location”), (d) the term of the Service Order, and (e) any other terms mutually agreed upon by the Parties.

1.3 G-Core rents the Rented Hardware to Customer for Customer’s use for the duration of the service term. Upon expiry or termination of the Service Order, Customer immediately has to return the Rented Hardware to G-Core and Customer has to bear any shipping costs that accrue.

1.4 Insofar as the Setup Location is situated on the premises of G-Core, G-Core’s affiliate(s) or G-Core’s subcontractor(s), physical access to the Setup Location is restricted to G-Core personnel and designated personnel of Customer. G-Core personnel will accompany the designated personnel of Customer at all times during access to the Setup Location (“Escorted Access”). G-Core will provide Escorted Access to Customer only for the purpose of testing, resetting, modifying and/or configuring the Rented Hardware. During Escorted Access, Customer must comply (i) with all rules and procedures applicable to the Setup Location, in particular any applicable acceptable use policy, and (ii) with all related orders and directions of G-Core’s personnel. Escorted Access are subject to an additional agreement of the Parties and will be charged with G-Core’s then current hourly rates (depending on the level of technical qualification of G-Core’s personnel to accompany and supervise Customer) and has to be requested by Customer at least five Days in advance. Instead of G-Core personnel, G-Core may also use personnel of G-Core’s subcontractors to provide Escorted Access to Customer.

1.5 The Parties agree that if G-Core, in its sole discretion, determines that insofar as an emergency action is necessary to protect G-Core’s network, G-Core may block any path over the Rented Hardware.

1.6 Unless agreed otherwise in the Service Order, Customer is solely responsible (i) for procuring, providing and maintaining, at its own expense, the space, the level of power (including the necessary grounding as is required for the installation), heating and air conditioning, and humidity levels necessary to maintain the proper environment for any Rented Hardware, and (ii) for providing and maintaining all necessary electronic communications required to linking the Rented Hardware, including wiring, communication line access and networking devices.

1.7 While Customer has no right to use the Rented Hardware after the Service Order expires or terminates, if G-Core permits Customer to do so in its sole discretion, Customer will remain bound by the terms of the MSA, including, without limitation, all payment obligations and such continued use may be terminated by G-Core immediately upon notice.

2. Delay of Hardware Rental

2.1 Any tentative commencement date for the Hardware Rental (e.g. the Requested Delivery Date) or lead-time provided by G-Core to Customer which is not specified as “Committed Commencement Date” by G-Core shall be deemed a target date for commencement of the Hardware Rental and shall not be binding on or create any liability for G-Core.

3. Acceptance

3.1 The date on which the Rented Hardware has been delivered to the Setup Location (and, as the case may be, has been set up as ready for use by G-Core) shall be the ready for acceptance date (“RFA Date”). In case the Setup Location is located at premises of G-Core or G-Core’s Affiliates or G-Core’s subcontractors, G-Core will send a notification via email to the Customer contact designated in the relevant Service Order confirming that the Customer may now use the Rented Hardware. The ready for service date (“RFS Date”) for the Hardware Rental provided by G-Core shall be the earlier of (a) two Days after the RFA Date, (b) the date on which Customer notifies G-Core of its acceptance of the Hardware Rental, or (c) the date on which Customer begins using the Rented Hardware. Unless Customer notifies G-Core in writing within such two Day period that the Rented Hardware is not in compliance with the specifications, Customer shall be deemed to have accepted the Rented Hardware.

3.2 In case of rejection of acceptance, Customer has to detail in its notification in which way the relevant Rented Hardware has failed to meet the acceptance criteria. G-Core shall then rectify the problem and notify Customer of a new RFA Date. Subsection 3.1 above applies accordingly.

3.3 In case Customer rejects acceptance only regarding parts of the Hardware Rental and partially accepts the remaining Hardware Rental, Fees for the Hardware Rental shall be reduced on a pro-rata basis to apply only to the Hardware Rental accepted by Customer.

3.4 Customer may not reject acceptance by reason of minor cases of non-compliance of a Service with the applicable acceptance criteria.

4. Retention of title

4.1 G-Core always retains title to the entire Rented Hardware, unless expressly agreed otherwise in the Service Order.

4.2 Customer is obliged to handle the Rented Hardware with care and only within the scope of the Service Order.

4.3 Customer is obliged to inform G-Core of any third-party access to the Rented Hardware, as in the case of a seizure or any damage to or destruction of the Rented Hardware. Customer is not allowed to remove the Rented Hardware from the current Setup Location without G-Core’s prior written approval. Any change in title regarding the current Setup Location must be reported to G-Core immediately.

5. Defects

5.1 A “Defect” occurs each time the Rented Hardware becomes defective and such defect materially limits Customer’s use of the Rented Hardware during the service term. In the event of a Defect, Customer’s sole remedy and G-Core’s sole obligation is that G-Core shall use its best efforts to remedy the Defect, either by repair or replacement of the Rented Hardware, whereas such remedying may be provided at the Setup Location or via remote access to the Rented Hardware. If, in G-Core’s view and at its sole discretion, remedying of the Defect is or becomes technically impossible and/or commercially unreasonable, then either G-Core or Customer may insofar terminate the Service Order in writing. In such case, (a) G-Core will refund any respective prepaid Fees on a pro-rata basis, and (b) in case the Setup Location is at the premises of Customer or at the premises of Customer’s subcontractor(s), Customer will, at G-Core’s discretion and at the cost of Customer, return to G-Core or dispose of the defective Rented Hardware; otherwise, G-Core will remove the defective Rented Hardware.

5.2 In addition to Excluded Causes stated in subsection 6.4 of the MSA, G-Core is not obliged to remedy Defects caused by any use of the Rented Hardware other than agreed with G-Core, in particular any use at or any relocation of the Rented Hardware to a location other than the Setup Location.

G-CORE CDN SERVICE LEVEL AGREEMENT

Last updated: April 28, 2017

G-Core Labs S.A. (“G-Core”) and the Customer of G-Core (“Customer”) will comply with the following Service Level Agreement with respect to Customer’s use of the CDN Services provided by G-Core pursuant to the G-Core Master Services Agreement (“MSA”) and any Service Order thereunder concluded between G-Core and Customer.

The SLA is part of the MSA. Terms not defined herein shall have the same definition as within the MSA.

1. Definitions

"Base Fee" consists solely of the committed base monthly fee paid by Customer for the Services and excludes all other fees that might be paid by Customer including, but not limited to, charges for additional services, incremental bandwidth usage and any other type of optional additional services.

"Customer Content", for purposes of this SLA, means objects delivered from a Delivery Server.

"Delivery Server" means G-Core-owned or operated servers for delivering Customer Content located on the CDN at G-Core’s Points of Presence (each, a “POP”).

"Downtime" means complete unavailability of transmission of Customer Content through CDN Services covered by the uptime guarantee for more than fifteen consecutive minutes.

"Origin Server" means either G-Core’s or Customer’s server, where Customer Content is stored for retrieval by Delivery Servers.

2. Guarantee of Uptime

Subject to the SLA exceptions set forth in the MSA, G-Core provides a 99.99% uptime guarantee to Customer. Availability in this SLA is calculated based on the cumulative Downtime for a given calendar month. Subject to the terms and conditions of this SLA and the MSA, G-Core shall issue to Customer a credit for a Downtime (“Service Credit”) based on the percentage availability in a given monthly billing period as follows (credit amounts expressed as a percentage of the fee for the affected Service).

The following time periods do not count as Downtime:

· Non-compliance of Services with the Service Levels due to any Excluded Cause according to the MSA, available at https://gcorelabs.com/legal;

· Time spent by G-Core resolving reports by Customer which do not specify a Defect.

3. Service Credits

To receive Service Credit under this Services SLA, Customer must submit a request in writing via e-mail to support@gcorelabs.com. The request must include Customer’s (a) company name, (b) contact name, (c) e-mail address and (d) phone number, as well as (e) the date of the suspected Downtime and (f) a reasonably detailed description of the reason for the Service Credit request. G-Core must receive the Service Credit request within 30 Days after the suspected Downtime has occurred. The suspected Downtime must be capable of confirmation by G-Core’s measurement tools. Any issued Service Credit shall be applied to Customer’s next applicable invoice after G-Core initially received and reviewed the Service Credit request. Service Credits are exclusive of any Taxes charged to Customer or collected by G-Core.

4. Miscellaneous

Service Credits shall not entitle Customer to any refund, reimbursement or other payment from G-Core. Service Credits shall not be applied or transferred to other accounts of the Customer or of third parties. A Service Credit will be applicable and issued only if the credit amount for the applicable monthly period is greater than twenty five euros (EUR 25.00).

Notwithstanding anything in this SLA to the contrary, total Service Credits issued to Customer in connection with any calendar month shall not exceed the Base Fee paid by Customer for such month. All Service Credit is calculated on the basis of a 30-day month. To be eligible for Service Credit, Customer must follow G-Core’s published instructions for use of Services and the MSA; improper use shall result in ineligibility. Service Credit shall not be issued if Customer is in breach of the MSA or the applicable Service Order, including breach for non-payment. Service Credit will only be issued if Customer has paid in full for Services covering the time period within which the Service Credit is requested. G-Core reserves the right to periodically change the measurement points and methodologies it uses. This SLA sets forth Customer’s sole and exclusive remedy for a Downtime or other service outage.

G-CORE HOSTING SERVICE LEVEL AGREEMENT

Last updated: September 22, 2017

G-Core Labs S.A. (“G-Core”) and the Customer of G-Core (“Customer”) will comply with the following Service Levels Agreement with respect to Customer’s use of the Hosting Services provided by G-Core pursuant to the G-Core Master Services Agreement (“MSA”) and any Service Order thereunder concluded between G-Core and Customer.

The SLA is part of the MSA. Terms not defined herein shall have the same definition as within the MSA

1.Reporting of Defects

Customer shall report to G-Core any Defect as soon as possible. When reporting a Defect to G-Core, Customer will send a Defect report (“Defect Report”) to G-Core that includes (a) Customer name and on-site technical contact information (telephone number, e-mail address and hours of operation of the responsible Customer contact), (b) any available serial numbers of the defective components of the Service, (c) a reasonably detailed description of the Defect, together with any supporting information that Customer’s engineers believe will assist G-Core in its diagnostic process (including e.g. time of first occurrence of Defect, affected systems, error messages etc.), and (d) the date and time that the Defect Report is submitted to G-Core.

Customer may contact G-Core for submission of Defect Reports during the following service times (“Service Times”):

24/7/365

Customer shall contact G-Core for submission of Defect Reports during the Service Times in any case via email in order to provide G-Core with a text version of the Defect Report. After reporting the Defect via email to G-Core, Customer may also contact G-Core via phone or other voice service for any follow-up queries or updates regarding the reported Defect. G-Core’s contact details are as follows:

email: support@gcorelabs.com

For the purposes of this SLA, Availability is calculated as follows, subject to specific provisions outlined further below:

Downtime is calculated as the time from G-Core receiving a Defect Report from Customer via email on non-compliance of the Services with the Service Levels specified below and G-Core’s subsequent confirmation of a Defect until remedying of this respective Defect.

The following time periods do not count as Downtime:

· Non-compliance of Services with the Service Levels due to any Excluded Cause according to the MSA, available at https://gcorelabs.com/legal;

· Time spent by G-Core resolving reports by Customer which do not specify a Defect.

2.Specific Availability

Hardware Replacement

G-Core will repair or replace the failed hardware components provided by G-Core upon identification of the hardware fault by G-Core. Hardware is defined as the hardware: (i) switches, firewalls, load balancers and servers; (ii) direct attached storage devices; (iii) network attached storage devices; and (iv) storage area networks (“SAN”). Hardware repair or replacement will begin within two (2) hours of problem identification for switches, firewalls, load balancers, servers and direct attached storage devices, and within five hours of problem identification for network attached storage devices. For SAN hardware failures, G-Core guarantee that we will have a technical specialist and necessary parts onsite to begin repairs within eight hours of problem identification. This commitment does not include the time required to rebuild the Customer’s system, such as the time required to configure a replacement device, rebuild a RAID array, reload the operating system, reload and configure applications, and/or restore from backup (if necessary).

If G-Core fails to meet the required commitment for Hardware Replacement and the failure materially and adversely affects the performance of the Customer’s servers, then the Customer shall be entitled to a Service Credit as set forth below. Any Service Credit issued will be calculated as follows: 5% of the monthly recurring fee for the affected server(s) per 30 minutes of additional hour of Downtime (after the initial two hours or five hours for repair or replacement, as applicable, or, for SAN, the additional hour of delay in beginning repairs)

Colocation

G-Core will ensure Colocation Availability in the form of A/C power available to the outbound port on the Customer’s serving power distribution unit (PDU) 100% of the time. Power includes UPSs, PDUs and cabling, but does not include the power supplies on the Customer’s servers. Colocation Downtime exists when a particular server is shut down due to power problems. This Availability is calculated monthly beginning with the first full calendar month of provision of Services.

If G-Core fails to meet the required Colocation Availability in a particular calendar month and the failure materially and adversely affects the performance of the Customer’s servers, Customer shall be entitled to a Service Credit as set forth below (each a “Service Credit”). Any Service Credit issued will be calculated as a percentage of the monthly recurring fee for the affected server(s) for such month and will be determined as follows:

Network

G-CORE will ensure a 99% Network Availability for Customer per calendar month. “Network” means the portion of the network extending from the outbound port on the Customer’s edge device to the outbound port on the border router and includes G-Core managed switches, routers, and cabling. “Network Availability” is defined as the ability to pass TCP/IP traffic with less than 3% packet loss and less than 50ms latency across the specific data center network. This Availability is calculated monthly beginning with the first full calendar month of provision of Services.

If G-CORE fails to meet the required Network Availability in a particular calendar month and the failure materially and adversely affects the performance of the Customer’s server(s), Customer shall be entitled to a credit as set forth below (each an “Service Credit”). Any Service Credit issued for a particular calendar month will be calculated as a percentage of the actual monthly fees of the affected Hosting Service for such month and will be determined as follows:

3.Service Level Measurement

Packet Loss and Network Latency are measured by sending approximately 1000 UDP-Datagrams with a length of 96 bytes every 10 minutes to designated servers located at IP Backbone core nodes, which are primary nodes in the network designated by G-Core or G-Core’s subcontractors. The Customer’s interface in IP Backbone routers/switches will be measured using Simple Network Management Protocol (“SNMP”). The term “UDP-Datagram” refers to the User Datagram Protocol, a connectionless transport-layer protocol in the TCP/IP protocol suite.

4.Credits

To receive Service Credits under this SLA, Customer must submit a request in writing via email to support@gcorelabs.com. The request must include Customer’s (a) company name, (b) contact name, (c) email address, and (d) phone number, as well as (e) the date of the suspected Downtime and (f) a reasonably detailed description of the reason for the Service Credit request. G-Core must receive the Service Credit request within 30 Days after the suspected Downtime has occurred. The suspected Downtime must be capable of confirmation by G-Core’s measurement tools. Any issued Service Credit shall be applied to Customer’s next applicable invoice after G-Core initially received and reviewed the Service Credit requests. Credits are exclusive of any Taxes charged to Customer or collected by G-Core.

5.Miscellaneous

Service Credits shall not entitle Customer to any refund, reimbursement or other payment from G-Core. Service Credits shall not be applied or transferred to other accounts of Customer or of third parties. A Service Credit will be applicable and issued only if the credit amount for the applicable monthly period is greater than twenty five euros (EUR 25.00).

Notwithstanding anything in this SLA to the contrary, total Service Credits issued to Customer in connection with any calendar month shall not exceed the monthly recurring fee for the affected server(s) paid by Customer for such month. All Service Credit is calculated on the basis of a 30-day month. To be eligible for Service Credit, Customer must follow G-Core’s published instructions for use of Services and the MSA; improper use shall result in ineligibility. Service Credit shall not be issued if Customer is in breach of the MSA or the applicable Service Order, including breach for non-payment. Service Credit will only be issued if Customer has paid in full for Services covering the time period within which the Service Credit is requested. G-Core reserves the right to periodically change the measurement points and methodologies it uses. This SLA sets forth Customer’s sole and exclusive remedy for a Downtime or other service outage.

G-CORE ACCEPTABLE USE POLICY

Last updated: April 28, 2017

G-Core Labs S.A. (“G-Core”) and the Customer of G-Core (“Customer”) will comply with the following Acceptable Use Policy (“AUP”) with respect to Customer’s use of the Services provided by G-Core pursuant to the G-Core Master Services Agreement (“MSA”) and any Service Order thereunder concluded between G-Core and Customer.

The AUP is part of the MSA. Terms not defined herein shall have the same definition as within the MSA.

1. General

1.1 Customer is expected to use the Services in accordance with reasonable industry standards and shall be responsible for its use of the Services as well as the activities of its subscribers, end users or customers. Customer agrees and acknowledges that the violation of this AUP by Customer’s subscribers, end-users or customers shall be deemed to be a violation by Customer of the AUP. Customer is solely responsible for the content of any postings, data, or transmissions using the Services, or any other use of the Services by Customer. Nothing in this AUP obligates G-Core to monitor, edit or censor Customer’s use of the Services and/or such respective content.

1.2 G-Core makes no guarantee regarding, and assumes no liability for, the security and integrity of any data or information Customer transmits via the Services or over the Internet.

1.3 These AUP contain provisions on Customer’s obligations to G-Core as (i) the provider of Services, (ii) the owner of equipment, or (iii) otherwise responsible for any property, subject-matters, actions or omissions relating to the Services. These obligations of Customer also extend to, as the case may be, G-Core’s Affiliates or subcontractors. However, G-Core shall serve as Customer’s point of contact for matters related to the Services. All Services provided through an Affiliate and/or subcontractor shall be subject to, and governed by, these AUP as if such Services were furnished directly by G-Core.

1.4 G-Core will use reasonable efforts to notify Customer of any violations of the AUP and to give Customer an opportunity to correct any violations before taking action, provided that G-Core shall reserve the right to suspend or block Services in cases where G-Core believes that G-Core’s property or the property of other parties, G-Core’s reputation or the integrity of its network is threatened by Customer’s violation of the AUP, including, but not limited to, cases where Customer’s violation of this AUP involves illegal activities, or cases where Customer is unavailable or there have been repeated violations of the AUP involving unsolicited commercial e-mail (“UCE”)/SPAM, mail relaying, alteration of IP address information, or denial of service attacks.

2. Limitations of use of the Services

Customer is not allowed to:

(a) Use any Service in a manner that violates any applicable law, statute, ordinance or regulation;

(b) Use any Service in a manner that infringes any third party’s copyright, patent, trademark, trade secret or other proprietary rights or rights of publicity or privacy;

(c) Use any Service to commit any act that is defamatory, discriminatory, libelous, false, fraudulent, misleading, deceptive, threatening, harassing, or obscene; use any Service to host, distribute, upload, post, transmit, disseminate, or otherwise make available information which involves excessive violence or threat or incitement of violence, sexually explicit or morally repugnant content, illegal gambling, illegal drugs, arms trafficking, or terrorism.

(d) Use the Services to distribute unsolicited emails, chain letters, mailbombs or SPAM (including in particular unsolicited bulk e-mail (“UBE”) and/or UCE);

(e) Use the Service in a manner that interferes with, disrupts, or causes an excessive or disproportionate load on the infrastructure of G-Core, G-Core’s Affiliates or subcontractors;

(f) Use the Services to commit, or attempt to commit, acts of non-authorized relays through any third party system, or otherwise violate the acceptable use policies of any network, hardware or services provider accessed through G-Core’s network;

(g) Use the Services to forge electronic mail (including the use of fraudulent “from addresses”) or to overburden a recipient or computer system by sending mass amounts of electronic mail or data with the intent to disable the recipient system or provoke a denial of service;

(h) Operate open relay/unsecure mail servers which provide SMTP functionality to third parties;

(i) Host or be involved with web sites and services sending or transmitting SPAM;

(j) Use the Services to distribute viruses, Trojan horses, worms or other similar harmful or deleterious programming routines (including portscanning);

(k) Use the Services in an effort to gain unauthorized access to, or attempt to interfere with or compromise the normal functioning, operation, or security of any network, system, account, computing facility, equipment, data, or information, or to use the Service to engage in any activities that may interfere with the ability of others to access or use the Service or the Internet;

(m) Use the Services to "mine" bitcoins and other cryptocurrencies;

(l) Use the Services in a way that creates a risk to an individual’s safety or health, public safety, or interferes with activities of law enforcement bodies.

G-CORE PRIVACY POLICY

Last updated: April 12, 2018

G-Core Labs S.A., 2 Rue Albert Borschette, 1246 Luxembourg (”We”) is committed to protecting and respecting your privacy.

This policy (together with our Master Services Agreement, available at https://gcorelabs.com/legal and any other documents referred to on it) sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it. By visiting gcorelabs.com you accept that your personal data are processed as described in this policy.

1. INFORMATION WE COLLECT FROM YOU

We may collect and process the following personal data about you:

• Information you give us. This is information about you that you give us by filling in forms on gcorelabs.com and other G-Core websites (our site) or by corresponding with us by phone, e-mail or otherwise. It includes information you provide when you register to use our site, subscribe to our service, use our services, search for a product, place an order on our site, enter a competition, promotion or survey, and when you report a problem with our site. The information you give us may include your name, address, email address and phone number, financial information, personal description and photograph, as well corporate information.

• Information we collect about you. With regard to each of your visits to our site we will automatically collect the following information, by means of cookies or similar technologies,:

• technical information, including the Internet protocol (IP) address used to connect your computer to the Internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform;

• information about your visit, including the full Uniform Resource Locators (URL), clickstream to, through and from our site (including date and time), products you viewed or searched for, page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), methods used to browse away from the page, and any phone number used to call our customer service number.

• Information we receive from other sources. This is information we receive about you if you use any of the other websites we operate or the other services we provide. We are working closely with third parties (including, for example, business partners, subcontractors in technical, payment and delivery services, analytics providers, etc.). We will notify you when we receive information about you from them and the purposes for which we intend to use that information.

2. COOKIES

Our website uses cookies to distinguish you from other users of our website. This helps us to provide you with a good experience when you browse our website and also allows us to improve our site. Where required, we will ask for your consent before placing the relevant cookie. More information about the cookies used on our website is available here.

You can control and/or delete cookies as you wish – for details, see for example aboutcookies.org. Various web browsers offer ways to restrict and delete cookies. For more information, please visit the appropriate link below.

Firefox
Google Chrome
Internet Explorer
Safari

3. USES MADE OF THE INFORMATION

We use information held about you in the following ways:

• Information you give to us. We will use this information:

• to carry out our obligations arising from any contracts entered into between you and us and to provide you with the information, products and services that you request from us;

• to manage our relationship with our customers which includes processing information for the purposes of customer administration, analysis and reporting on the basis of our legitimate interest to build and maintain strong customer relationships;

• to incorporate your information in our databases for the purposes verification of customer identity and solvency, fraud detection and prevention on the basis of our legitimate interest to ensure that we only contract with trustworthy customers and/or legal obligations;

• to provide you with information about other services or products we offer that are similar to those that you have already purchased or enquired about on the basis of our legitimate interest to market our products and services;

• to provide you, or permit selected third parties to provide you, with information about services or products we feel may interest you. If you are an existing customer, we will only contact you by electronic means with information about services or products similar to those which were the subject of a previous sale or negotiations of a sale to you. If you are a new customer, and where we permit selected third parties to use your data, we (or they) will contact you by electronic means only if you have consented to this;

• to notify you about changes to our service on the basis of our legitimate interest to ensure a good client relationship or where necessary in the context of a contract entered into between you and us;

• to ensure that content from our site is presented in the most effective manner for you and for your computer on the basis of our legitimate interest to provide users with a positive user experience;

• Information we collect about you. We will use this information:

• to administer our site and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;

• to improve our site to ensure that content is presented in the most effective manner for you and for your computer;

• to allow you to participate in interactive features of our service, when you choose, and therefore consent, to do so;

• as part of our efforts to keep our site safe and secure;

• to measure or understand the effectiveness of advertising we serve to you and others, and to deliver relevant advertising to you;

• to make suggestions and recommendations to you and other users of our site about goods or services that may interest you or them.

Where required we will obtain your consent for the abovementioned purposes. Otherwise, the use of your information for the abovementioned purposes is based on our legitimate interest to ensure the good performance of our site and to display advertising.

• Information we receive from other sources. We may combine this information with information you give to us and information we collect about you. We will use this information and the combined information for the purposes set out above (depending on the types of information we receive).

4. DISCLOSURE OF YOUR INFORMATION

You acknowledge that we may share your personal information, for the abovementioned purposes, with:

• Any member of our group, which means our subsidiaries, our ultimate holding company, its subsidiaries, and other affiliates.

• Selected third parties including:

• business partners, suppliers and subcontractors for the performance of any contract we enter into with them or you;

• analytics and search engine providers that assist us in the improvement and optimisation of our site.

We will disclose your personal information to third parties:

• In the event that we sell or buy any business or assets, in which case we will disclose your personal data to the prospective seller or buyer of such business or assets.

• If G-Core Labs S.A. or substantially all of its assets are acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets.

If we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our Master Services Agreement, available at https://gcorelabs.com/legal, or to protect the rights, property, or safety of G-Core, our customers, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.

We will not sell, purchase, provide, exchange or in any other manner disclose your account or transaction data, or personal information about you as a cardholder to anyone, except, the payment intermediaries, for instance, acquirer and Visa/Mastercard Corporations. We may use SSL and other security measures to protect such information.

5. WHERE WE STORE YOUR PERSONAL DATA

The data that we collect from you may be transferred to, and stored at, a destination outside the European Economic Area (”EEA”) in the context of the processing activities described above. It will also be processed by staff operating outside the EEA who work for us or for one of our suppliers. We have staff located outside the EEA in the the Russian Federation (G-Core Rus LLC, OGRN number 1137746982966). The staff includes personnel engaged in, among other things, the fulfilment of your order, the processing of your payment details and the provision of support services. By submitting your personal data, you acknowledge that your personal data may be transferred outside of the EEA. G-Core will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this privacy policy. Furthermore, where required, G-Core will put in place appropriate safeguards such as data transfer agreements based on the EU model clauses. For further information or to obtain a copy of the EU model clauses, please contact G-Core at support@gcorelabs.com

Where we have given you (or where you have chosen) a password which enables you to access certain parts of our site, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.

Unfortunately, the transmission of information via the Internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.

6. YOUR RIGHTS

You have the right (i) to obtain confirmation whether we hold your personal data and the right to access those data; (ii) to request correction of inaccurate personal data; (iii) under the conditions provided in the General Data Protection Regulation, to ask for deletion of your personal data, to request the restriction of the processing of your personal data and to portability.

You have the right to ask us not to process your personal data for marketing purposes. We will usually inform you (before collecting your data) if we intend to use your data for such purposes or if we intend to disclose your information to any third party for such purposes. You can exercise your right to prevent such processing by checking certain boxes on the forms we use to collect your data. You can also exercise the right at any time by contacting us at support@gcorelabs.com.

Where processing is based on consent, you have the right to withdraw your consent

You also have the right to lodge a complaint with the competent data protection authority.

Our site may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.

7. HOW LONG WE KEEP YOUR DATA

We keep personal data of our customers for the term of the customer relationship and an additional period which depends on the applicable statutory retention and limitation periods.

Personal data collected by means of cookies are kept for the term indicated in the cookie table.

Other personal data is kept for the term necessary to achieve the purpose for which the personal data was collected.

For more information with regard to the retention of your data, please contact us at the email address given below.

8. CHANGES TO OUR PRIVACY POLICY

From time to time this Privacy Policy can be modified by G-Core. Such modifications will not apply retroactively.

9.CONTACT

Questions, comments and requests regarding this privacy policy are welcomed and should be addressed to support@gcorelabs.com

Exhibit 1. Cookie table.

G-CORE COPYRIGHT POLICY

Last updated: April 28, 2017

1.REPORTING CLAIMS OF COPYRIGHT INFRINGEMENT

We take claims of copyright or other intellectual property infringement seriously. We will respond to notices of alleged copyright infringement that comply with applicable law. If you believe any materials accessible through our services infringe your copyright, you may request removal of those materials (or access to them) by submitting written notification to the address designated below. (For the ease of reference, “copyrights infringement” for the purposes of this document also means violations of other intellectual property rights.)

Your written notice must include substantially the following:

1. Your physical or electronic signature.

2. Identification of the copyrighted work you believe to have been infringed or, if the claim involves multiple works, a representative list of such works.

3. Identification of the material you believe to be infringing in a sufficiently precise manner to allow us to locate that material.

4. Adequate information by which we can contact you (including your name, postal address, telephone number, and, if available, email address).

5. A statement that you have a good faith belief that use of the copyrighted material is not authorized by the copyright owner, its agent, or the law.

6. A statement that the information in the written notice is accurate.

7. A statement, under penalty of perjury, that you are authorized to act on behalf of the copyright owner.

Notices should be sent to:

G-Core Labs S.A.

2A, rue Albert Borschette

L-1246, Luxembourg, or to

abuse@gcorelabs.com

If you fail to comply with all of the requirements your notice may not be effective.

Please be aware that if you knowingly materially misrepresent that material or activity is infringing your copyright, you may be held liable for damages (including costs and attorneys' fees).

2.COUNTER-NOTIFICATION PROCEDURES

If you believe that material you posted though our services was removed or access to it was disabled by mistake or misidentification, you may file a counter-notification with us (“Counter-Notice”) by submitting written notification to our copyright agent (identified below). The Counter-Notice must include substantially the following:

1. Your physical or electronic signature.

2. An identification of the material that has been removed or to which access has been disabled and the location at which the material appeared before it was removed or access disabled.

3. Adequate information by which we can contact you (including your name, postal address, telephone number, and, if available, email address).

4. A statement under penalty of perjury by you that you have a good faith belief that the material identified above was removed or disabled as a result of a mistake or misidentification of the material to be removed or disabled.

5. A statement that you will consent to the jurisdiction of the competent court of Luxembourg for the judicial district in which your address is located, or if your address is outside of Luxembourg, the judicial district in which G-Core Labs S.A. is located, and will accept service of process from the claimant.

Completed Counter-Notices should be sent to:

G-Core Labs S.A.

2A, rue Albert Borschette

L-1246, Luxembourg, or to

abuse@gcorelabs.com

Please be aware that if you knowingly materially misrepresent that material or activity was removed or disabled by mistake or misidentification, you may be held liable for damages (including costs and attorneys' fees).

Last updated: March 28, 2018

Thank you for choosing the services of G-Core Labs.

Our fees will be invoiced to you with electronic billing descriptor gcorelabs.com

Notice to users from the European Union, who are subject to Consumer Rights Directive, only:

If you are not entirely satisfied with you purchase and are a consumer in the meaning of the Consumer Rights Directive 2011/83/EU, you have fourteen (14) calendar days to withdraw from the contract you have entered into with G-Core Labs. The withdraw period will start on the day of the conclusion of the contract. If the last day of the period of fourteen (14) days is a Sunday or a public holiday, the next business day shall be considered the effective last day to withdraw.

G-Core Labs will refund the amounts paid by you, without prejudice to your obligation to provide restitution for services requested and already performed and/or supplied by G-Core Labs, for the period prior to the withdrawal. The amount of the refund will be reduced in proportion to what has been supplied by G-Core Labs, in comparison with the full coverage of the contract.

We will make commercially reasonable efforts to refund through your original method of payment or otherwise will work out a reasonable alternative.

Questions, comments and requests regarding this policy and payments are welcomed and should be addressed to support@gcorelabs.com or by post to 2 Rue Albert Borschette, 1246 Luxembourg.

Last updated: May 02, 2018

WHAT IS THE PURPOSE OF THIS DOCUMENT?

G-Core Labs S.A. is a “data controller”. This means that we are responsible for deciding how we hold and use personal information about you. You are being sent a copy of this privacy notice because you are applying for work with us (whether as an employee, worker or contractor). It makes you aware of how and why your personal data will be used, namely for the purposes of the recruitment exercise, and how long it will usually be retained for. It provides you with certain information that must be provided under the General Data Protection Regulation ((EU) 2016/679) (GDPR).

DATA PROTECTION PRINCIPLES

We will comply with data protection law and principles, which means that your data will be:

• Used lawfully, fairly and in a transparent way.

• Collected only for valid purposes that we have clearly explained to you and not used in any way that is incompatible with those purposes.

• Relevant to the purposes we have told you about and limited only to those purposes.

• Accurate and kept up to date.

• Kept only as long as necessary for the purposes we have told you about.

• Kept securely.

THE KIND OF INFORMATION WE HOLD ABOUT YOU

In connection with your application for work with us, we will collect, store, and use the following categories of personal information about you:

• The information you have provided to us in website job application form, your curriculum vitae and covering letter.

• The information you have provided on our application form, including name, title, address, telephone number, personal email address, date of birth, gender, employment history, qualifications.

• Any information you provide to us during an interview.

HOW IS YOUR PERSONAL INFORMATION COLLECTED?

We collect personal information about candidates from the following sources:

• You, the candidate.

• Search consultancies, recruitment agencies or background checking agencies, from which we collect the following categories of data: contact details, curriculum vitae and cover letter

• Your named referees

HOW WE WILL USE INFORMATION ABOUT YOU

We will use the personal information we collect about you to:

• Assess your skills, qualifications, and suitability for the work or role.

• Carry out background and reference checks, where applicable.

• Communicate with you about the recruitment process.

• Keep records related to our hiring processes.

• Comply with legal or regulatory requirements.

It is in our legitimate interests to decide whether to appoint you to work since it would be beneficial to our business to appoint someone to that role or work.

We also need to process your personal information to decide whether to enter into a contract with you.

Having received your CV and covering letter or your application form, we will then process that information to decide whether you meet the basic requirements to be shortlisted for the role. If you do, we will decide whether your application is strong enough to invite you for an interview. If we decide to call you for an interview, we will use the information you provide to us at the interview to decide whether to offer you the role or work. If we decide to offer you the role or work, we will then take up references and background check before confirming your appointment.

If you fail to provide personal information

If you fail to provide information when requested, which is necessary for us to consider your application (such as evidence of qualifications or work history), we will not be able to process your application successfully. For example, if we require a credit check or references for this role and you fail to provide us with relevant details, we will not be able to take your application further.

HOW WE USE PARTICULARLY SENSITIVE PERSONAL INFORMATION

We will use your particularly sensitive personal information in the following ways:

• We will use information about your disability status to consider whether we need to provide appropriate adjustments during the recruitment process, for example whether adjustments need to be made during a test or interview.

INFORMATION ABOUT CRIMINAL CONVICTIONS

We do not envisage that we will process information about criminal convictions.

AUTOMATED DECISION-MAKING

You will not be subject to decisions that will have a significant impact on you based solely on automated decision-making.

DATA SHARING

Why might you share my personal information with third parties?

We will only share your personal information with the following third parties for the purposes of processing your application: a search consultancy, recruitment agency or background checking agency. All our third-party service providers and other entities in the group are required to take appropriate security measures to protect your personal information in line with our policies. We do not allow our third-party service providers to use your personal data for their own purposes. We only permit them to process your personal data for specified purposes and in accordance with our instructions.

DATA SECURITY

We have put in place appropriate security measures to prevent your personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal information to those employees, agents, contractors and other third parties who have a business need-to-know. They will only process your personal information on our instructions and they are subject to a duty of confidentiality.

We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.

DATA RETENTION

How long will you use my information for?

We will retain your personal information for a period of five years after we have communicated to you our decision about whether to appoint you to role or work. We retain your personal information for that period so that we can show, in the event of a legal claim, that we have not discriminated against candidates on prohibited grounds and that we have conducted the recruitment exercise in a fair and transparent way. After this period, we will securely destroy your personal information in accordance with applicable laws and regulations.

RIGHTS OF ACCESS, CORRECTION, ERASURE, AND RESTRICTION

Your rights in connection with personal information

Under certain circumstances, by law you have the right to:

• Request access to your personal information (commonly known as a “data subject access request”). This enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it.

• Request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.

• Request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing (see below).

• Object to processing of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your personal information for direct marketing purposes.

• Request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it.

• Request the transfer of your personal information to another party.

If you want to review, verify, correct or request erasure of your personal information, object to the processing of your personal data, or request that we transfer a copy of your personal information to another party, please contact us via privacy@gcorelabs.com in writing.

RIGHT TO WITHDRAW CONSENT

When you applied for this role, you provided consent to us processing your personal information for the purposes of the recruitment exercise. You have the right to withdraw your consent for processing for that purpose at any time. To withdraw your consent, please contact privacy@gcorelabs.com. Once we have received notification that you have withdrawn your consent, we will no longer process your application and, subject to our retention policy, we will dispose of your personal data securely.

I,___________________________ (candidate name), acknowledge that on _________________________ (date), I received a copy of [EMPLOYER]’s Candidate Privacy Notice and that I have read and understood it.

Signature

………………………………………………

Name

…………………………………………………