Installation Guide
accidental or unauthorized modification, disclosure, transfer or destruction. Anyone who has been convicted of any felony or
misdemeanor offense related to computers, theft, or information security, will not be allowed to serve as a Supplier Guardian Point of
Contact ("SGPOC"). The SGPOC will manage Supplier's access to the Systems by granting and removing individual user access, and
working with HDPA to resolve any Systems-related issues that may arise.
b. Supplier shall be liable at all times for its employees, agents and subcontractors (collectively, "Users") use, misuse or access to
the Systems. Supplier's Users will: (i) access the Systems only in the manner prescribed by HDPA; (ii) be assigned a separate and
unique User ID by Supplier and will use only that ID when logging on to the Systems; (iii) log off the Systems immediately upon
completion of each session of service; (iv) not allow unauthorized individuals to access the Systems; (v) keep strictly confidential the
User ID and password and all other information that enables such access; (vi) not reuse a compromised password (e.g. a password that
has become known to anyone else at any time, including in an emergency); (vii) only utilize such access to perform its obligations to
HDPA; (viii) comply with all service and information protection policies instituted by HDPA; (ix) not perform any unauthorized exploring
or mining of the Systems; and (x) access only the portion of the Systems necessary to perform the Supplier's obligations. The
obligations of this SBA extend to Supplier's Users, and Supplier shall inform such persons of their obligations hereunder. Supplier is
solely responsible for obtaining the hardware and software necessary to properly access the Systems.
c. If Supplier discovers or is notified of a breach or a potential breach of security relating to the Systems, any data or information
contained therein, including derivatives thereof ("Systems Information"), or any Applicable Laws and Standards, the SGPOC will (i)
promptly notify HDPA of such breach or potential breach and (ii) if the applicable Systems Information was in the possession of Supplier
at the time of such breach or potential breach, Supplier, with HDPA's consent, shall (1) investigate and use commercially reasonable
efforts to mitigate the effects of the breach or potential breach and (2) provide HDPA with assurance reasonably satisfactory to HDPA
that such breach or potential breach will not recur. No independent action to correct a security issue should be taken unless failure to
immediately respond will result in irreparable harm to Supplier or HDPA. d. Supplier will not introduce any malicious code that can or
will record or erase data or programming, infect, disrupt, damage, disable, or shut down the Systems or any component of the Systems.
In the event any malicious code is found to have been introduced into the Systems by Supplier, Supplier shall, at its sole cost and
expense, (i) report it immediately to HDPA, (ii) use commercially reasonable efforts to reduce or eliminate the effects of the malicious
code, and (iii) if the malicious code causes a loss of operational efficiency or loss of data, mitigate and restore such losses as approved
by HDPA. e. Except as otherwise expressly provided herein, HDPA retains all right, title and interest in and to the Systems and the
Systems Information. Upon termination of this SBA or upon HDPA's request, Supplier will promptly return to HDPA all tangible items
containing any Systems Information, including all copies, abstractions and compilations thereof. Supplier will certify in writing that it has
fulfilled its obligations under this Section.
12. Confidentiality
12.1 Supplier acknowledges that performance under this SBA will give Supplier and its employees and agents access to certain
information which is considered by HDPA to be confidential or proprietary information about HDPA or its business ("Confidential
Information"). Confidential Information includes, but is not limited to, (i) the terms of this SBA; (ii) any electronic data accessed through
the Systems; and (iii) any other information, communication or data, in any form, including, but not limited to oral, written graphic or
electronic forms, which HDPA identifies as confidential or which is of such a nature that Supplier should reasonably understand that
HDPA desires to protect such information against unrestricted disclosure or use, including, without limitation, business information,
financial data, marketing data and all material and reports prepared for HDPA hereunder. Supplier agrees that it will keep all Confidential
Information in strict confidence and not disclose or use the Confidential Information other than to fulfill its obligations to HDPA as long
as such information is protected under law.Supplier shall safeguard all Confidential Information using the same reasonable degree of
care with which it protects its own confidential information. Supplier shall strictly limit access to any Confidential Information to its
employees, subcontractors and/or agents on a need-to-know basis who are bound by obligations of nondisclosure and limited use at
least as stringent as those contained in this provision. Supplier is responsible for any breach or alleged breach of the confidentiality
obligations of this SBA by its employees, subcontractors and/or agents.
12.2 In the event Supplier is required to disclose any Confidential Information by order of a court or any government agency, by law,
regulation, judicial or administrative process, or in accordance with applicable professional standards or rules, Supplier shall: (i) give
prior written notice of such disclosure to HDPA (if legally permitted to do so) together with a copy of the material proposed to be
disclosed; (ii) reasonably cooperate with HDPA at its request and expense to resist or limit such disclosure or to obtain a protective
order; and (iii) in the absence of a protective order or other remedy, disclose only that portion of the Confidential Information that is
legally required to be disclosed and assure that, if applicable, confidential treatment will be accorded the disclosed information.
13. In-Store Services
13.1 In the event Supplier provides in-store services to HDPA at any The Home Depot retail location ("In-Store Services"), Supplier
agrees that the In-Store Services shall be performed in a good and workmanlike manner with the skill and care to comply with all
Applicable Laws and Standards and any additional requirements of HDPA.
14. Miscellaneous Provisions
14.1 Time is of Essence. Time is of the essence of any PO.
14.2 Use of Name and Publicity. Supplier will not use HDPA's name, HDPA IP, or make a claim that HDPA endorses Supplier or the
Merchandise or put forth any press release or public statement regarding HDPA or this SBA without HDPA's prior written consent
14.3 Assignment. Supplier shall not assign any of its rights, nor delegate any of its duties, under this SBA without the prior written
consent of HDPA. A stock sale, reorganization, merger, consolidation or other form of corporate transaction which results in the
shareholders of Supplier prior to such event not owning at least fifty percent (50%) of the voting power of Supplier after such event shall
be considered an assignment of this SBA subject to the written consent of HDPA. This SBA will be binding upon and will inure to the
benefit of Supplier, HDPA and their respective successors and permitted assigns.
14.4 Waiver. No provision of this SBA or any PO hereunder shall be deemed waived unless such waiver is in writing and signed by the
waiving Party. The failure of a Party to exercise any of its rights, remedies, or options under this SBA, or the failure of a Party to insist
upon another Party's compliance with any provision under this SBA, shall not constitute a waiver of any Party's right to demand
Invitation Type:New Vendor 12/23/20 19:44:50
SBA# 48946_1
Page 15 of
17