Terms & Policies

CHAINGUARD MASTER SERVICES AGREEMENT

Please read these Terms carefully before purchasing and/or using software or services offered by Chainguard, inc. (“Chainguard” or “Company”). By mutually executing one or more Order Forms with Chainguard which reference these Terms (each, an “Order”) or by accessing or using the Software or Services in any manner, you (“You” or “Customer”) agree to be bound by these Terms (together with all Order Forms, the “Agreement”) to the exclusion of all other terms. If you do not agree to all of the following, you may not use or access the Software or Services in any manner.

This Agreement governs your use of software applications provided by Chainguard, such as Chainguard Images and any related source code or compiled binaries, patches, updates, upgrades, corrections, security advisories, and bug fixes, which may include multiple open source software components (“Software”), and services provided by Chainguard, such as assessment, training, integration, consulting, and technical support (“Services”). The Software and/or Services made available to Customer are set forth in the applicable Order Form.

1.ACCESS TO SERVICES AND SOFTWARE, RESTRICTIONS, AND RIGHTS RESERVED

1.1. Access to Services. This Agreement and relevant Orders are premised on the understanding that Customer will access the Services solely for Customer’s internal business needs, and the Customer agrees not to access the Services for any other purpose, unless otherwise permitted in the Order. Customer may access and use the Services during the period specified in the applicable Order, and Chainguard will make the Services available to Customer as set forth in the Service Level Agreement and Support Policy applicable to the Services purchased in the Order. Chainguard may suspend Customer’s access to or use of the Services immediately if Chainguard reasonably believes Customer’s use of the Services may pose a security risk to or may adversely impact the Service.

1.2. License Granted. Chainguard grants you a limited license to make, use, modify, and sell the Software for the purposes of this Agreement, subject to the below restrictions. All third-party Software are licensed by its maintainer under the applicable license that is located in the source code provided to you. Customer is granted a perpetual and worldwide license to any modifications to the Software that are authored by Chainguard. Each software component that makes up the Software is governed by a license that permits you to run, copy, modify, and redistribute (subject to certain obligations) the software component. Nothing in this Agreement is intended to limit your rights under, or grant you rights that supersede, the terms of a free and open source software license of any particular component, including your rights to use, copy, modify, or distribute the software component.

1.3. Restrictions. Customer agrees not to (and will not allow any third party to): (i) remove or otherwise alter any proprietary notices or labels from the Software or Service or any portion thereof; (ii) rent, resell, or otherwise provide the Services, in whole or in part, to third parties; (iii) use the Services in connection with any redistribution of Software; (iv) use or access the Software or Services for the purpose of developing or offering competitive products or services; or (v) violate Chainguard’s Acceptable Use Policy (https://www.chainguard.dev/acceptable-use-policy). Customer’s violation of this Section will constitute a breach of this Agreement, but will not affect Customer’s rights under the free and open source software licenses that govern the Software.

1.4. Feedback. Customer may from time to time provide suggestions, comments, or other feedback to Chainguard with respect to the Software or Services (“Feedback”). Customer hereby grants to Chainguard a non-exclusive, worldwide, perpetual, irrevocable, transferable, sublicensable, royalty- free, fully paid up license to use and exploit the Feedback for any purpose.

1.5. Free Trials. Chainguard may make Software and Services available to Customer on a no-fee basis for a 30 day period (“Free Trial”). Chainguard reserves the right to terminate Customer’s Free Trial, in Chainguard’s sole discretion, prior to the Free Trial expiration date. Upon the termination of the Free Trial, Customer will no longer have access to the Software and the Services unless Customer executes an Order with Chainguard. Free Trials are provided for Customer’s evaluation purposes only. Customer acknowledges and agrees that Free Trials are provided on an “as-is” basis, with no express or implied warranties, and Chainguard shall not have any indemnification or support obligations. Free Trials may be subject to additional terms and conditions that may be presented to Customer upon Free Trial registration.

1.6. Data Collected. Chainguard will process and store Customer personal information in accordance with its Privacy Notice (https://www.chainguard.dev/privacy-notice). Chainguard will only process data that is minimally necessary in order to provide the Services to you and authenticate your access to the Chainguard Registry.

2.FEES AND PAYMENT

2.1. Fees. Customer shall pay to Chainguard all fees as set forth in each applicable Order(s) (collectively, the “Fees”). Fees are non-refundable.

2.2. Payment Terms. Chainguard will invoice Customer in accordance to the billing frequency stated in the applicable Order. All amounts payable to Chainguard under this Agreement shall be paid in United States dollars and shall be due thirty (30) days from the date of invoice. Notwithstanding any other rights of Chainguard, in the event of late payment by Customer (other than late payment as a result of a bona fide dispute between the parties), Chainguard shall be entitled to interest on the amount owed at a rate of 1% per month or the highest rate allowed by applicable law, whichever is less, compounded on a daily basis from the due date of payment until the date of actual payment.

2.3. Taxes. Fees payable to Chainguard in accordance with this Agreement are exclusive of taxes (including sales, use, value-added, and similar transaction based taxes) that may be imposed by any jurisdiction, and Customer shall pay or reimburse Chainguard for all such taxes. Notwithstanding any provision to the contrary, if any payment to be made in accordance with this Agreement is subject to any withholding tax, Customer may deduct and withhold from the total amount due to Chainguard an amount permitted under the laws of the applicable jurisdiction, and Customer shall remit such withheld sums to the applicable taxing authority. Customer shall obtain official receipts issued by the applicable taxing authority or other official documentation as evidence of payment and provide such documentation to Chainguard within sixty (60) days after the payment made to Chainguard from which such withholding tax was withheld.

3. TERM AND TERMINATION

3.1. Term. The term of this Agreement shall commence on the earliest of (i) the date of the last signature on this Agreement or an Order Form; (ii) the Order Effective Date on an Order Form; or (iii) when Customer first receives access to Chainguard Software or Services (“Effective Date”), and unless terminated earlier in accordance with Section 3.2, will end on the last day of the term specified in a last Order (the “Term”). Each Order will renew automatically at the end of the applicable Term unless either party provides to the other party written notice of its intention not to renew at least thirty (30) days prior to the end of the then current Term.

3.2. Termination. This Agreement and the Orders hereunder may be terminated: (i) by either party if the other has materially breached this Agreement, and has not remedied such breach within thirty (30) calendar days after written notice of such breach; or (ii) by Chainguard upon written notice to the Customer if Customer (a) has made or attempted to make any assignment for the benefit of its credits or any compositions with creditors, (b) has any action or proceedings under any bankruptcy or insolvency laws taken by or against it which have not been dismissed within sixty (60) days, (c) has effected a compulsory or voluntary liquidation or dissolution, or (d) has undergone the occurrence of any event analogous to any of the foregoing under the laws of any jurisdiction.

3.3. Effect of Termination. Upon any expiration or termination of this Agreement, Customer shall (i) immediately cease use of the Service, and (ii) return all Chainguard Confidential Information and other materials and information provided by Chainguard. Any termination or expiration shall not relieve Customer of its obligation to pay all Fees accruing prior to termination. If the Agreement is terminated by Chainguard pursuant to Section 3.2(i), Customer shall pay to Chainguard all Fees set for in the corresponding Order(s). Upon termination of this Agreement, Customer will no longer have access to the Services, but shall continue to have all applicable rights under the free and open source software licenses of any component included in the Software.

3.4. Survival. The following provisions will survive termination of this Agreement: 1.4, 3.3, 3.4, 4, 7, 8.

4. CONFIDENTIALITY

During the Term of this Agreement, either party may provide the other party with confidential and/or proprietary materials and information (“Confidential Information”). All materials and information marked by the disclosing party as confidential, and all other information that the receiving party reasonably should have known was confidential, shall be considered Confidential Information. The Receiving Party (i) will use the same degree of care that it uses to protect its own confidential information (but not less than reasonable care); (ii) will not use or disclose any Confidential Information of the disclosing party for any purpose outside the scope of this Agreement; and (iii) except as otherwise authorized by the disclosing party in writing, limit access to Confidential Information to those who need require access for purposes consistent with this Agreement and signed confidentiality agreements not materially less protective than those herein. The obligations in this Section 4 shall not apply to any information that: (a) is made generally available to the public without breach of this Agreement, (b) is developed by the receiving party independently from and without reference to the Confidential Information, (c) is disclosed to the receiving party by a third party without restriction, or (d) was in the receiving party’s lawful possession prior to the disclosure. The receiving party may disclose Confidential Information as required by law or court order; provided that, the receiving party uses reasonable efforts to give written notice prior to disclosure.

5.INDEMNIFICATION

5.1. Indemnification by Customer. Customer will defend, indemnify, and hold Chainguard, its affiliates, suppliers and licensors and each of their respective officers, directors, employees and representatives harmless from and against any claims, damages, losses, liabilities, costs, and expenses (including reasonable attorneys’ fees) arising out of or relating to any third party claim with respect to: (i) breach of this Agreement or violation of applicable law by Customer; (ii) alleged infringement or misappropriation of third-party’s intellectual property rights resulting from a modification of the Chainguard Software or Services or portions thereof that is not performed by Chainguard; or (iii) use of the Software in violation of the license or use of the Services in violation of this Agreement.

5.2. Indemnification by Chainguard. Chainguard will defend, indemnify, and hold Customer harmless from and against any third party claims, damages, losses, liabilities, costs, and expenses (including reasonable attorneys’ fees) alleging Customer’s use of the Services directly infringes or misappropriates a third party’s intellectual property rights (an “Infringement Claim”). Notwithstanding any other provision in this Agreement, Chainguard shall have no obligation to indemnify or reimburse Customer with respect to any Infringement Claim to the extent arising from: (i) the combination of any products or services, other than those provided by Chainguard to Customer under this Agreement, with the Software or Service; or (ii) non-discretionary designs or specifications provided to Chainguard by Customer that caused such Infringement Claim. Customer agrees to reimburse Chainguard for any and all damages, losses, costs and expenses incurred as a result of any of the foregoing actions.

5.3. Notice of Claim and Indemnity Procedure. In the event of a claim for which a party seeks indemnity or reimbursement under this Section (each an “Indemnified Party”) and as conditions of the indemnity, the Indemnified Party shall: (i) notify the indemnifying party in writing as soon as practicable, but in no event later than thirty (30) days after receipt of such claim, together with such further information as is necessary for the indemnifying party to evaluate such claim; and (ii) the Indemnified Party allows the indemnifying party to assume full control of the defense of the claim, including retaining counsel of its own choosing. Upon the assumption by the indemnifying party of the defense of a claim with counsel of its choosing, the indemnifying party will not be liable for the fees and expenses of additional counsel retained by any Indemnified Party. The Indemnified Party shall cooperate with the indemnifying party in the defense of any such claim. Notwithstanding the foregoing provisions, the indemnifying party shall have no obligation to indemnify or reimburse for any losses, damages, costs, disbursements, expenses, settlement liability of a claim or other sums paid by any Indemnified Party voluntarily, and without the indemnifying party’s prior written consent, to settle a claim. Subject to the maximum liability set forth in Section 8, the provisions of this Section 5 constitute the entire understanding of the parties regarding each party’s respective liability under this Section 5, including but not limited to Infringement Claims (including related claims for breach of warranty) and each party’s sole obligation to indemnify and reimburse any Indemnified Party.

6. REPRESENTATIONS AND WARRANTIES

6.1. Chainguard Representations and Warranties. Chainguard represents and warrants that (i) it has the authority to enter into this Agreement; (ii) the Services will be performed in a professional and workmanlike manner by qualified personnel; and (iii) the Services will comply in all material respects with laws applicable to Chainguard as the provider of the Services.

6.2. Customer Representations and Warranties. Customer represents and warrants that (i) it has the authority to enter into this Agreement; and (ii) its use of Chainguard Software and Services will comply with all applicable laws, and it will not use the Chainguard Software and Services for any illegal activity.

6.3. Disclaimer of Warranty. Chainguard and its suppliers do not represent or warrant that Chainguard Software and Services will be uninterrupted, secure, error free, complete, or that the Software and Services will operate in combination with other hardware, software, systems, or data not provided by Chainguard, except as expressly specified by Chainguard. TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW AND EXCEPT AS EXPRESSLY PROVIDED HEREIN, CHAINGUARD SOFTWARE AND SERVICES ARE PROVIDED “AS IS” AND WITHOUT ANY REPRESENTATIONS OR WARRANTIES EXPRESS OR IMPLIED, AND CHAINGUARD DISCLAIMS ALL SUCH REPRESENTATIONS AND WARRANTIES, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT, AND FITNESS FOR A PARTICULAR PURPOSE, AND ANY WARRANTIES IMPLIED BY THE COURSE OF DEALING OR USAGE OF TRADE. IN THE EVENT OF A BREACH OF THE WARRANTIES SET FORTH IN SECTION 6.1, CUSTOMER’S EXCLUSIVE REMEDY, AND CHAINGUARD’S ENTIRE LIABILITY, WILL BE THE PROMPT CORRECTION OF ANY MATERIAL NON-CONFORMANCE IN ORDER TO MINIMIZE ANY MATERIAL ADVERSE EFFECT ON CUSTOMER’S BUSINESS.

7. LIMITATIONS OF LIABILITY

IN NO EVENT SHALL CHAINGUARD BE LIABLE FOR ANY LOST PROFITS, BUSINESS INTERRUPTION, REPLACEMENT SERVICE OR OTHER SPECIAL, INCIDENTAL, CONSEQUENTIAL, PUNITIVE OR INDIRECT DAMAGES, HOWEVER CAUSED AND REGARDLESS OF THEORY OF LIABILITY. CHAINGUARD’S LIABILITY FOR ALL CLAIMS ARISING UNDER THIS AGREEMENT, WHETHER IN CONTRACT, TORT OR OTHERWISE, SHALL NOT EXCEED THE AMOUNT OF FEES PAID OR PAYABLE BY CUSTOMER UNDER THE APPLICABLE ORDER DURING THE TWELVE (12) MONTH PERIOD PRECEDING THE CLAIM. NOTWITHSTANDING ANYTHING TO THE CONTRARY IN THIS AGREEMENT; (i) IN NO EVENT SHALL CHAINGUARD’S TOTAL LIABILITY TO CUSTOMER FOR DAMAGES, LOSSES OR LIABILITY OF ANY KIND, OTHER THAN LIABILITY ARISING UNDER SECTION 6 (INDEMNIFICATION), EXCEED EITHER CUMULATIVELY OR IN THE AGGREGATE, THE FEES PAID BY CUSTOMER TO CHAINGUARD UNDER THIS AGREEMENT DURING THE TWELVE (12) MONTH PERIOD PRECEDING THE DATE OF THE CLAIM; AND (ii) IN NO EVENT SHALL CHAINGUARD’S TOTAL LIABILITY TO CUSTOMER IN CONNECTION WITH ITS OBLIGATIONS UNDER SECTION 6 (INDEMNIFICATION) EXCEED THE GREATER OF TWO TIMES (2X) THE FEES PAID BY CUSTOMER TO CHAINGUARD UNDER THIS AGREEMENT, OR ONE MILLION US DOLLARS ($1,000,000).

8. INTELLECTUAL PROPERTY RIGHTS

Chainguard’s marks, logos, product names, trade names, and service marks, including “Chainguard” and “Wolfi”, are owned by Chainguard in the US and other countries (“Chainguard IP”). This Agreement does not permit you to distribute the Software or Services using Chainguard IP except as required for reasonable and customary use in describing its origin.

9. MISCELLANEOUS

9.1.Use of Customer Name for Marketing Purposes. Customer hereby authorizes Chainguard to identify Customer as a Chainguard customer, and use Customer’s name, mark, and logo on Chainguard’s website and in Chainguard’s marketing materials. In addition, to the extent specified in the applicable Order, Customer agrees to participate in certain publicity activity, such as a case study, customer quote, and joint press release.

9.2.Export Control. Customer hereby certifies that Customer will comply with all current applicable export control laws. Customer agrees to defend, indemnify and hold Chainguard harmless from any liability for Customer’s violation of any applicable export control laws.

9.3.Assignment. Neither party may transfer and assign its rights and obligations under this Agreement without the prior written consent of the other party. Notwithstanding the foregoing, Chainguard may transfer and assign its rights under this Agreement without consent from the other party in connection with a change in control, merger, acquisition or sale of all or substantially all of its assets related to the Agreement.

9.4.Modifications. Either party may modify this Agreement at any time by written agreement by both parties. The modified terms will become effective upon execution.

9.5.Force Majeure. Neither party shall be liable for failure to perform any of its obligations under this Agreement (except payment obligations) during any period in which such party cannot perform due to fire, earthquake, flood, any other natural disaster, epidemic, accident, explosion, casualty, strike, lockout, labor controversy, war, embargo, riot, civil disturbance, act of public enemy, act of nature, the intervention of any government authority, any failure or delay of any transportation, power, or for any other similar cause beyond either party’s control. In the case of failure to perform, the failing party shall promptly notify the other party in writing of the reason for and the likely duration of the failure. The performance of the failing party's obligations shall be suspended during the period that the cause persists, and each party shall use commercially reasonable efforts to avoid the effect of that cause.

9.6.Notice. All notices between the parties shall be in writing and shall be deemed to have been given if personally delivered or sent by registered or certified mail (return receipt), or by recognized courier service.

9.7.No Agency. Both parties agree that no agency, partnership, joint venture, or employment is created as a result of this Agreement. Customer does not have any authority of any kind to bind Chainguard.

9.8.Governing Law. The laws of the State of California shall govern these Terms without giving effect to the choice of law provisions thereof. Any action based on or arising out of these Terms shall be brought and maintained exclusively in any state or federal court located in Santa Clara County. The provisions of the United Nations Convention on the International Sale of Goods shall not apply to these Terms.

9.9.Entire Agreement. This Agreement and exhibits constitute the entire agreement between the parties hereto with respect to the subject matter hereof, and supersedes all previous agreement, whether written or oral. If any term or provision of this Agreement is determined by a court of competent jurisdiction to be invalid, the remaining terms and provisions shall remain in effect.

VERSION 240321.

If you entered into an Order prior to March 21, 2024, you can find your applicable terms here - www.chainguard.dev/old-software-license-agreement