DATTO SAAS PROTECTION AND DATTO SAAS DEFENSE TERMS OF USE

Updated as of November 21, 2024.

These Datto SaaS Protection and Datto SaaS Defense Product Terms of Use (“Terms of Use”) govern your use of Datto SaaS Protection (“SaaS Protection”) and/or Datto SaaS Defense (“SaaS Defense”) Products and Services (collectively referred to herein as the “Products“).  By purchasing or using the Products, you agree to be bound by the Kaseya Master Agreement entered into by you, Kaseya US, LLC or another Kaseya affiliate depending on your location and as described therein (“Kaseya,” “us,” or “we”) as well as these Terms of Use which are incorporated into the Kaseya Master Agreement (collectively, the “Agreement”).   Capitalized terms not defined in these Terms of Use have the meaning given to them in the Agreement.

If You do not agree to the Agreement, you may not register, access or use the Products.

1.  USE OF PRODUCTS

a.   Right to Use. Subject to your compliance with the Agreement and the receipt by us of all fees applicable to the Product, we grant you a limited, revocable, non-sublicensable, non-exclusive right and license to access and use the Product in accordance with the Product Documentation for the number of licenses and/or the applicable data storage entitlement (“Licenses”) purchased.  Unless otherwise specified, you will receive the current standard Product features and functionality (such as number and frequency of backups) for the applicable Retention Plan and for the number of Licenses in each Product account (“Product Account”).

b. Product Accounts and Licenses. The term “Third-Party Tenant” means the third-party website or web-based application or service (such as, for example, Microsoft 365 or Google Workplace) with which the Product interacts. Each Product Account backs up data (with respect to SaaS Protection) or protects data (with respect to SaaS Defense) of individual users associated with an existing Third-Party Tenant account (each a “User”).  A Product License is required for each User regardless of status (e.g., active, paused, archived or other specified usage) in accordance with the Documentation, provided however that for SaaS Defense, Licenses are not required for Users with an archived status.

c.   Active and Archive Licenses.  There are two types of Licenses available for purchase, an Active License and an Archive License.  “Active Licenses” are needed for Users that have an active license to the applicable Third-Party Tenant, and take backups of that User’s Content on the Third-Party Tenant.  Upon termination of the User’s license to the Third-Party Tenant (for example, if the User leaves the employment of a Customer organization) SaaS Protection will automatically move that User to an “Archive License” and status, and if no Archive License has been purchased and is available for use, SaaS Protection will automatically add an Archive License to your Product Account.  Under an Archive License, no new backups are taken, but old backups are accessible.  The number of Active Licenses can be increased, but cannot be decreased during a Committed Service Term.  Archive Licenses, however, may be increased or decreased during a Committed Service Term, provided that they may never decrease below any “Committed Minimum Quantity” as set forth on the applicable Order form.

d.  Product Account Registration/Set up. You are required to set up each Product Account in accordance with the Product Documentation. During set up, you agree to provide accurate and complete information, and to promptly update this information should it change. All Users added to a Product Account, either manually or through an enabled automatic add feature, will automatically use an available Product License that has already been purchased or, if no such License is available, will automatically provision an additional Active License.  You acknowledge that you are responsible for any additional Licenses or features you enable for each Product Account, including automatic License add or License cap features.

e.  Authentication using Oauth.  If you authenticate use of a Product through an oauth technology, the Product will access your Third-Party Tenant account and use data from such account (such as User security data, file data, location data and device data) for authentication purposes.

f. SaaS Protection Backup Process.  SaaS Protection interact with the Third-Party Tenant to obtain copies of Content that exists on the Third-Party Tenant.  We will use commercially reasonable efforts to save a copy of the Content that you have designated for backup to a server operated by us.  In accordance with the Order and Documentation, we will automatically poll the API of the Third-Party Tenant for changes or additions to the Content and periodically re-save a copy of a modified file or create a copy of a newly designated file.  You, on behalf of Users, hereby authorize us to access and interact with the Third-Party Tenants to provide the Products.

g.   Rights and Responsibilities Regarding Content and Product Use.

I.   License to Content. On behalf Users, you (i) represent and warrant that you and the User have sufficient rights and all required third party consents, permissions or licenses in and to the Third-Party Tenant account and Content as may be necessary and appropriate for use to provide the Product to you; and (ii) hereby authorize us to access and interact with the Third-party Tenant to retrieve Content and, with respect to SaaS Defense, scan Content for ransomware, malware, spam, phishing, viruses and other malicious materials (“Malicious Code”); and (iii) hereby grant to us a limited, royalty-free, non-exclusive, assignable license to copy, reformat, disclose, transmit, scan, display and otherwise use the Content as necessary or desired, in each case solely for the purposes of providing the Product, comply with Applicable Law, or as otherwise necessary for us to exercise its rights under these Terms of Use. You and/or the applicable User is responsible for the accuracy, quality and legality of the Content, and the means by which rights to the Content for use with the Product were acquired.

II.    You must maintain authorization and access to the Third-Party Tenants and the Third-Party Tenant APIs so that we are regularly able to access it for purposes of providing the Product. You agree and acknowledge that Content may not be available or restorable a) if our access authority to a Third-Party Tenant is changed or otherwise restricted; b) due to unavailability of the Third-Party Tenant, or any portion thereof; c) if the Third-Party Tenant provider amends its API guidelines in such a way that affects our ability to access the Third-Party Tenant; and/or d) with respect to modifications to the Content that are not captured in the backup frequency or retention schedule for the Retention Plan chosen.

III.   Third Party Administrator Responsibilities Regarding Content and Product Use. If you are a third-party Administrator (for example, an MSP) managing or using the Product on behalf of another entity such as a client (a “Client”), you represent and warrant that you are acting as an agent on behalf of the Client and that you are acting within the scope of your agency. Accordingly, you agree to obtain the Client’s authorization and comply with Client’s instructions at all times with respect to use of the Product and access to Content, including but not limited to: backup settings, access controls, management, retention and deletion of Content, transition of a Product Account or Content to a different Administrator, and transition assistance and cooperation upon termination or expiration of any relationship between or among an Administrator, Client and/or us. We may rely on the authorization with respect to access and control of a Product Account or Content.

IV.   Kaseya’s Use of Content. Except for the limited license granted hereunder, you, your Client or the User (as applicable) retains all of its existing rights in and to Content. We will use and process the Content only as necessary to provide and support the Products or comply with Applicable Law, and will not otherwise access Content other than as permitted under the Agreement, these Terms of Use, or as authorized by you for support.

V.  Kaseya’s Use of Malicious Code.  If you have a Service Subscription for SaaS Defense, we will compile and provide threat information regarding Malicious Code (“Threat Information”).  We may retain a copy of the Malicious Code and use information about the Malicious Code for any purpose, including, but not limited to, the improvement of its Products, research and analysis, and cooperation with others regarding Malicious Code.

VI.   Client Terms for Managed Accounts. If you resell a Product to a Client, act as a Product Administrator for a Client or if you authorize a Client  to directly use or support a Product, you must ensure that the Client agrees to the Saas Protection and SaaS Defense Client Terms in substantially the form attached as Exhibit A hereto as part of a valid, enforceable contract between you and the Client.

2.  SERVICE SUBSCRIPTIONS and RETENTION

a.  Service Subscription Required.   To receive Product services, Product Licenses must be included in a valid Product subscription (“Subscription”) for which we receive timely payment.  A Subscription covers a pool of Licenses that have the same Committed Service Term and Retention Plan.

b.  SaaS Protection Retention Plan. Each SaaS Protection Service Subscription requires a particular Retention Plan.  Content associated will be retained for a time period selected by you, provided that the Product Account has appropriate Licenses provisioned to it and payments are current.   Backups are taken, rolled-up and pruned as follows:

• Up to 3X daily backups are retained for 30 days.

• Daily backups are kept after 30 days.

• Weekly backups are kept after 90 days.

• Monthly backups are kept after a year, then stored for selected retention period.

c.  SaaS Defense Retention.  With respect to SaaS Defense, the retention period of Threat Information is set by Kaseya, and shorter than the retention period of backed up data under a SaaS Protection Retention Plan.  Please consult the current SaaS Defense product documentation for the current retention period for Threat Information.

d. Storage Entitlement For SaaS Protection.  Unless another amount is set forth on your Product Order, SaaS Protection provides for an initial storage entitlement of sixty gigabytes (60GB) per License, averaged across all SaaS Protection Licenses (“Storage Entitlement”); if a different Storage Entitlement amount is set forth on the initial Order, then that Storage Entitlement shall apply unless later modified through another Order.  The Storage Entitlement may be increased during a Committed Service Term by purchasing additional storage, which is an Add-On, and which cannot be decreased during a Committed Service Term.  If your Product Account exceeds the then-current Storage Entitlement during any monthly period, you will automatically be charged and invoiced for such excess storage at the end of that monthly period at the then-current prices for such excess storage (unless another price is listed on the initial Order).  For any later monthly period where storage remains below the then-current Storage Entitlement throughout the entire period, there will be no excess storage invoiced for that period.  In addition to Storage Entitlements, the Fair Use policies of Kaseya, as described in the Master Agreement, shall apply.

e.   Term Length.   A Product Subscription shall commence on the date the first Product License in the Subscription is provisioned for an Account or the date as set forth on the Order, whichever is sooner.  A Subscription always ends on the last day of a calendar month.  For invoicing and renewal purposes, a Committed Service Term will commence on the first of the month following the start of the Subscription and will remain in effect for the defined number of consecutive months.

f.  Committed Service Term and High Watermark.  If Product Licenses are purchased for a Committed Service Term, that Committed Service Term will apply for the initial Licenses and for any Licenses added to the same Subscription. The number of Active Licenses as well as Storage Entitlement, including any increase in the Storage Entitlement made after the initial purchase, may not be decreased during the then-current Committed Service Term.  We reserve the right to monitor usage and retroactively invoice for actual use that was not properly reflected on invoices.

g.   Renewals, Cancellation and Adjustments.  Unless timely cancelled or adjusted by you, the term of any Subscription will automatically renew for a Committed Service Term and for the number of licenses as of the “license count date” immediately preceding the renewal date. The license count date shall be the date on which we measure the number of licenses in each Service Subscription.  This date will be the same each month but is subject to change at our sole discretion.

h.  Export and Deletion of Content.   At any time prior to the termination of a Product Account, you may export Backups from your Product Account via download, pursuant to the Product Documentation.  An active Subscription is required for export.  We reserve the right to permanently delete Content thirty (30) days after termination of a Subscription.  We may delete SaaS Defense Threat Information immediately upon termination of a SaaS Defense account.

i.  Invoicing and Financial Terms.  Subscription fees for Product are invoiced in advance, either monthly or annually.  Overages are typically invoiced in arrears.   Payments for Subscriptions will be charged to the applicable payment method indicated.  We may terminate any Subscription for non-payment that is not cured within thirty (30) days after our sending written notice.

j.  Special Pricing.  If you purchase a Product with special pricing that Kaseya makes available to organizations based on a certain status or eligibility (such as the CORE Program), you hereby represent that you meet such eligibility requirements.   Kaseya has the right to verify your eligibility and status and you hereby agree to provide all reasonable cooperation to Kaseya with respect to such efforts.  Should you fail to promptly provide such cooperation, or if the requirements are not met in Kaseya’s reasonable determination, you agree that Kaseya has the right to: (i) suspend or terminate the applicable Services; (ii) charge you for Product at the non-discounted pricing going forward, and/or: (iii) require that you promptly repay the difference between the discounted and non-discounted pricing for past Product purchases and use.  Eligibility for the CORE Program is available by clicking here

Exhibit A

SaaS Protection and SaaS Defense Client Terms

These Client Terms (“Terms”), apply to you as the entity that owns, licenses, or lawfully controls the content that is held for backup purposes or scanned for protection (“Content”) in a Datto SaaS Protection or Datto SaaS Defense (“Product”) account. Kaseya does not provide the Product directly to you. The Product is sold and provided by Kaseya or one of its subsidiaries or affiliates (“Kaseya”) directly to the reseller/managed service provider (“Administrator”) who will (a) use and manage the Product on your behalf with your Content; or who may  (b) authorize you to access, use or manage the Product yourself,  in which case you will be considered Client Administrator of the Product.

THE PRODUCT

Rights to the Product.  You acknowledge that Kaseya and its licensors own all intellectual property rights in and to the Product. You will not engage in or authorize any activity that is inconsistent with such ownership.

Kaseya’s Use of Content. Kaseya will use Content only as necessary to provide and support the Product, and will not access Content other than as permitted herein, as described in the Product specifications or as authorized by an Administrator for support.

Kaseya’s Rights. In the event that Kaseya reasonably believes Content or related Product use violates these terms, the applicable agreements or terms between Kaseya and the Administrator (including any Fair Use policies) (“Kaseya Terms”), may disrupt or threaten the operation or security of any computer, network, system or the Product, or may otherwise subject Kaseya to liability, Kaseya reserves the right to refuse or disable access to the Product or Content. Kaseya may also take such action pursuant to the Digital Millennium Copyright Act and/or as required to comply with law or any judicial, regulatory or other governmental order or request. Kaseya will use reasonable efforts to contact the Administrator prior to taking such action. Notwithstanding the foregoing, Kaseya may restrict access to any Product or Content without prior notice as required to comply with law or any judicial, regulatory or other governmental order or request. In the event that Kaseya takes any such action without prior notice, Kaseya will provide notice to the Administrator, unless prohibited by law.

Use of Aggregate Data. Notwithstanding anything else in these Terms or otherwise, Kaseya may evaluate and process use of the Product and Content in an aggregate and anonymous manner, meaning in such a way that the individual is not or no longer identified or identifiable and compile statistical and performance information related thereto (referred to as “Aggregate Data”). Aggregate Data includes utilization statistics, reports, and logs aggregated with data from other Kaseya customers.  Kaseya may use, process and share such Aggregate Data with third parties to improve the Products, develop new products, understand and/or analyze usage, demand, and general industry trends, develop and publish white papers, reports, and databases summarizing the foregoing, and generally for any purpose related to Kaseya’s business. Kaseya retains all intellectual property rights in Aggregate Data. For clarity, Aggregate Data does not include any personally identifiable information nor does it identify any Client or individual.

Datto SaaS Defense.  Through SaaS Defense, Kaseya will scan Content (including emails and drives) to identify and defend against spam, viruses, malware and other malicious content (“Malicious Code”).  Kaseya will compile and provide threat information regarding Malicious Code (“Threat Information”).  Kaseya may retain a copy of the Malicious Code and use information about the Malicious Code for any purpose, including, but not limited to, the improvement of its Products, research and analysis, and cooperation with others regarding Malicious Code.

Right to Change Products. Kaseya may make changes to its Products through updates and upgrades that offer new features, functionality, and efficiencies (“Enhancements”). Kaseya reserves the right to add new Products and Enhancements and to replace or discontinue Products or Enhancements at any time.

Right to Interact with Products. You agree that Kaseya may and you hereby authorize Kaseya to interact remotely with any deployed Product in order to test, troubleshoot, update, analyze use of or modify the Product or the environment in which it operates.

ADMINISTRATORS

Kaseya will interact with the Administrator(s) you appoint to operate and manage use of the Product with your Content. You are not a third-party beneficiary of the Kaseya Terms between Kaseya and an Administrator.

An Administrator is not an agent of Kaseya and is not authorized to make any representations or warranties on behalf of Kaseya regarding the Product or its use.

You are responsible for instructing and authorizing the Administrator with respect to use of the Product including backup settings, management, retention and deletion of Content, transition of Product or Content to a different Administrator, and transition assistance and cooperation upon termination or expiration of any relationship between or among Administrator, you and/or Kaseya.

You expressly agree that Kaseya may rely on the instructions and authorization of the Administrator with respect to use and support of the Product and access and control of your Content.

YOUR DIRECT USE OF A PRODUCT

If the Administrator authorizes you to access or use a Product directly, you are responsible for all actions you take with respect to use of the Product including backup settings and management, retention and deletion of Content and Kaseya may rely on your instructions as an authorized administrator of the Product.

Any support for the Product is provided to you by the Administrator and not directly by Kaseya.

SECURITY

Kaseya has implemented and maintains physical, technical and administrative measures designed to help secure Content under Kaseya’s control against accidental or unlawful loss, access or disclosure. However, no password-protected system of data storage and retrieval can be made entirely impenetrable and you acknowledge and agree that despite the reasonable measures employed, the Products and Content are not guaranteed against all security threats or other vulnerabilities.

You acknowledge and agree that the Administrator you authorize to manage use of the Product on your behalf has access to and manages your Content. You and/or the Administrator are responsible, and in no event will Kaseya be responsible, for any physical, administrative, or technical controls related to Products or Content not under the exclusive control of Kaseya, including but not limited to, passwords or other access credentials, LAN or internet connectivity. You and/or the Administrator are responsible for the proper configuration and maintenance of security measures and for determining the security measures appropriate for the Content

INDEMNIFICATION

You will defend, indemnify and hold harmless Kaseya from and against any loss, cost, liability or damage, including attorneys’ fees, for which Kaseya becomes liable arising from any claim relating to your Content, including if it a) infringes or misappropriates the intellectual property rights or other rights of a third party; b) violates any applicable law; or c) otherwise is in violation of these Client Terms or the applicable Product terms.

LIMITATIONS OF LIABILITY

THE KASEYA PRODUCT IS PROVIDED “AS IS.” TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, KASEYA DISCLAIMS ANY AND ALL PROMISES, REPRESENTATIONS AND WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, SYSTEM INTEGRATION, DATA ACCURACY, DATA SECURITY, OR ANY WARRANTIES ARISING OUT OF ANY COURSE OF DEALING OR USAGE OF TRADE. KASEYA DOES NOT WARRANT THAT THE PRODUCT WILL MEET ANY SPECIFIC REQUIREMENTS OR THAT THE OPERATION OF ANY PRODUCT WILL BE SECURE, UNINTERRUPTED OR ERROR-FREE, OR THAT ALL ERRORS WILL BE CORRECTED.

KASEYA MAKES NO REPRESENTATIONS OR WARRANTIES ABOUT THE PRODUCT’S COMPLIANCE WITH LAWS AND REGULATIONS SPECIFICALLY APPLICABLE TO ANY USER OR INDUSTRY AND DISCLAIMS ALL LIABILITY ASSOCIATED THEREWITH.

THE PRODUCT MAY BE SUBJECT TO LIMITATIONS, DELAYS, AND OTHER RISKS INHERENT IN THE USE OF THE INTERNET AND ELECTRONIC COMMUNICATIONS. KASEYA IS NOT RESPONSIBLE FOR ANY DELAYS, DELIVERY FAILURES, OR OTHER DAMAGE RESULTING FROM SUCH PROBLEMS.

KASEYA DISCLAIMS ANY DUTIES OF A BAILEE, AND YOU HEREBY WAIVE ALL RIGHTS AND REMEDIES OF A BAILOR (ARISING UNDER COMMON LAW OR STATUTE), RELATED TO OR ARISING OUT OF ANY POSSESSION, STORAGE, TRANSMISSION OR SHIPMENT OF CONTENT BY OR ON BEHALF OF KASEYA.

TO THE FULLEST EXTENT ALLOWED BY LAW, IN NO EVENT WILL KASEYA OR ANY ITS LICENSORS OR SUPPLIERS BE LIABLE FOR ANY DIRECT, INCIDENTAL, INDIRECT, SPECIAL, CONSEQUENTIAL OR PUNITIVE DAMAGES OR COSTS, REGARDLESS OF THE NATURE OF THE CLAIM, INCLUDING, WITHOUT LIMITATION, LOST PROFITS, LOST REVENUES, COSTS OF DELAY, FAILURE OF DELIVERY, BUSINESS INTERRUPTION, COSTS OF LOST OR DAMAGED DATA OR THE COST OF RECREATING THE SAME, EVEN IF DATTO HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. IN NO EVENT WILL DATTO BE LIABLE FOR THE PROCUREMENT OF SUBSTITUTE SERVICES OR PRODUCTS.

NO ORAL OR WRITTEN INFORMATION OR ADVICE GIVEN BY KASEYA, AN ADMINISTRATOR OR OTHER PARTY WILL CREATE ANY ADDITIONAL WARRANTIES, ABROGATE THE DISCLAIMERS SET FORTH ABOVE OR IN ANY WAY INCREASE THE SCOPE OF KASEYA’S OBLIGATIONS HEREUNDER.