Common use of CYBERSECURITY SERVICES Clause in Contracts

CYBERSECURITY SERVICES. a. With respect to any cybersecurity-related Services, Software, SaaS or related hardware (“Cybersecurity Deliverables”), Honeywell may provide professional judgment, technical expertise, and advice regarding Buyer’s cyber risk management program. As system performance and security are subject to multiple factors outside of Honeywell’s control, Honeywell does not warrant or guarantee that Cybersecurity Deliverables will prevent or mitigate acts or attempts to disrupt, misuse, or gain unauthorized access to any system or electronic facilities or operations that results in a loss, alteration or disclosure of data, system downtime or degradation or loss of operation or services (an “Event”). Honeywell will use industry standard virus detection software designed to protect against viruses. Buyer or any End User is responsible for its own cyber risk management program and must participate in Buyer’s or End User’s own defense and manage cyber risk throughout Buyer’s or End User’s own cyber risk management program. Honeywell shall have no liability in connection with any Event, except to the extent the Event was caused by failure of a Honeywell Product, Software, or Services provided by Honeywell to materially perform in accordance with the written specifications and any related documentation (including any technical or legal requirements) specifically provided with a Cybersecurity Deliverable or specifically referenced in a Proposal (but excluding marketing materials, customer correspondence and similar collateral), in which case Honeywell’s sole liability and Buyer’s or End User’s exclusive remedy in respect of an Event, is the replacement, repair or re-performance of, or refund of the portion of the fees paid and attributable to, the defective Deliverables in accordance with the terms and conditions of the applicable warranty for the defective Deliverable. This Clause shall take precedence over any other Clause in this Agreement. b. Buyer represents and warrants that, to the extent it is using the Cybersecurity Deliverables, it will (i) use commercially reasonable administrative, physical and technical safeguards to protect Buyer’s systems, facilities, operations or data or follow industry-standard or other mutually agreed upon security practices; (ii) update to the latest version of relevant Software and follow the current Documentation for the same; (iii) make no modifications or alterations to any hardware or Software comprising the Cybersecurity Deliverables without Honeywell’s express written permission; (iv) designate two (2) or more employees, executives, or agents who will respond to any Events and take recommended actions to mitigate harm to Buyer’s network; (v) develop and adopt a written governance, risk and compliance policy or policies, approved by a senior officer or Buyer’s board of directors (or an appropriate committee thereof) or equivalent governing body, setting forth Buyer’s policies and procedures for the protection of its information systems and nonpublic information stored on those information systems (the “Cybersecurity Policy”); (vi) develop and adopt a written incident response plan (“IRP”) that is exercised and/or practiced with key scenario driven evaluations on at least an annual basis; and (vii) provide Honeywell with copies of Buyer’s Cybersecurity Policy, IRP, and business continuity or disaster recovery plans upon Honeywell’s request.

CYBERSECURITY SERVICES. a. With respect to any cybersecurity-related Services, Software, SaaS or related hardware (“Cybersecurity Deliverables”), Honeywell may provide professional judgment, technical expertise, and advice regarding Buyer’s cyber risk management program. As system performance and security are subject to multiple factors outside of Honeywell’s control, Honeywell does not warrant or guarantee that Cybersecurity Deliverables will prevent or mitigate acts or attempts to disrupt, misuse, or gain unauthorized unauthorised access to any system or electronic facilities or operations that results in a loss, alteration or disclosure of data, system downtime or degradation or loss of operation or services (an a “Cyber Event”). Honeywell will use industry standard virus detection software designed to protect against viruses. Buyer or any End User is responsible for its own cyber risk management program and must participate in Buyer’s or End User’s own defense defence and manage cyber risk throughout Buyer’s or End User’s own cyber risk management program. Honeywell shall have no liability in connection with any Cyber Event, except to the extent the Cyber Event was caused by failure of a Honeywell Product, Software, or Services provided by Honeywell to materially perform in accordance with the written specifications and any related documentation (including any technical or legal requirements) specifically provided with a Cybersecurity Deliverable or specifically referenced in a Proposal (but excluding marketing materials, customer correspondence and similar collateral), in which case Honeywell’s sole liability and Buyer’s or End User’s exclusive remedy in respect of an a Cyber Event, is the replacement, repair or re-performance of, or refund of the portion of the fees paid and attributable to, the defective Deliverables in accordance with the terms and conditions of the applicable warranty for the defective Deliverable. This Clause shall take precedence over any other Clause in this Agreement. b. Buyer represents and warrants that, to the extent it is using the Cybersecurity Deliverables, it will (i) use commercially reasonable administrative, physical and technical safeguards to protect Buyer’s systems, facilities, operations or data or follow industry-standard or other mutually agreed upon security practices; (ii) update to the latest version of relevant Software and follow the current Documentation for the same; (iii) make no modifications or alterations to any hardware or Software comprising the Cybersecurity Deliverables without Honeywell’s express written permission; (iv) designate two (2) or more employees, executives, or agents who will respond to any Cyber Events and take recommended actions to mitigate harm to Buyer’s network; (v) develop and adopt a written governance, risk and compliance policy or policies, approved by a senior officer or Buyer’s board of directors (or an appropriate committee thereof) or equivalent governing body, setting forth Buyer’s policies and procedures for the protection of its information systems and nonpublic information stored on those information systems (the “Cybersecurity Policy”); (vi) develop and adopt a written incident response plan (“IRP”) that is exercised and/or practiced with key scenario driven evaluations on at least an annual basis; and (vii) provide Honeywell with copies of Buyer’s Cybersecurity Policy, IRP, and business continuity or disaster recovery plans upon Honeywell’s request.

CYBERSECURITY SERVICES. a. With respect to any cybersecurity-related Services, Software, SaaS or related hardware (“Cybersecurity Deliverables”), Honeywell may provide professional judgment, technical expertise, and advice regarding Buyer’s cyber risk management program. As system performance and security are subject to multiple factors outside of Honeywell’s control, Honeywell does not warrant or guarantee that Cybersecurity Deliverables will prevent or mitigate acts or attempts to disrupt, misuse, or gain unauthorized access to any system or electronic facilities or operations that results in a loss, alteration or disclosure of data, system downtime or degradation or loss of operation or services (an “Event”). Honeywell will use industry standard virus detection software designed to protect against viruses. Buyer or any End User is responsible for its own cyber risk management program and must participate in Buyer’s or End User’s own defense and manage cyber risk throughout Buyer’s or End User’s own cyber risk management program. Honeywell shall have no liability in connection with any Event, except to the extent the Event was caused by failure of a Honeywell Product, Software, or Services provided by Honeywell to materially perform in accordance with the written specifications and any related documentation (including any technical or legal requirements) specifically provided with a Cybersecurity Deliverable or specifically referenced in a Proposal (but excluding marketing materials, customer correspondence and similar collateral), in which case Honeywell’s sole liability and Buyer’s or End User’s exclusive remedy in respect of an Event, is the replacement, repair or re-performance of, or refund of the portion of the fees paid and attributable to, the defective Deliverables in accordance with the terms and conditions of the applicable warranty for the defective Deliverable. This Clause shall take precedence over any other Clause in this Agreement. konusunda tam işbirliği yapmayı kabul eder. Honeywell tarafından gerekli görüldüğü ölçüde Alıcı, bu Sözleşmenin süresi boyunca geçerli Sistemleri ile Honeywell'in geçerli bilgisayar sunucuları/sistemleri ve/veya Honeywell bulut platformu/sistemleri arasında internet bağlantısını etkinleştirecek ve buna rıza gösterecektir. 14. Siber Güvenlik Hizmetleri. a. Honeywell, siber güvenlikle ilgili Hizmetler, Yazılımlar, SaaS veya ilgili donanımlarla ("Siber Güvenlik Teslim Kalemleri") ilgili olarak Alıcının siber risk yönetimi programına ilişkin profesyonel değerlendirme, teknik uzmanlık ve tavsiye sağlayabilir. Sistem performansı ve güvenliği Honeywell'in kontrolü dışındaki birçok faktöre tabi olduğundan, Honeywell, Siber Güvenlik Teslim Kalemlerinin veri kaybı, değiştirilmesi veya ifşası, sistem kesintisi veya bozulması veya operasyon veya hizmet kaybıyla ("Olay") sonuçlanan herhangi bir sistemi veya elektronik olanağı veya işlemi bozma, kötüye kullanma veya bunlara yetkisiz erişim sağlama eylemlerini veya girişimlerini önleyeceğini veya azaltacağını garanti veya taahhüt etmez. Honeywell, virüslere karşı koruma sağlamak üzere tasarlanmış endüstri standardı virüs tespit yazılımı kullanacaktır. Alıcı veya herhangi bir Son Kullanıcı kendi siber risk yönetimi programından sorumludur ve Alıcının veya Son Kullanıcının kendi savunmasına katılmalı ve Alıcının veya Son Kullanıcının kendi siber risk yönetimi programı boyunca siber riski yönetmelidir. Honeywell, Honeywell tarafından sağlanan bir Honeywell Ürünü, Yazılımı veya Hizmetinin, bir Siber Güvenlik Teslim Kalemi ile birlikte özel olarak sağlanan veya bir Teklifte özel olarak atıfta bulunulan yazılı şartnamelere ve ilgili belgelere (teknik veya yasal gereklilikler dâhil) uygun olarak önemli ölçüde performans göstermemesinden kaynaklanması durumu hariç olmak üzere, herhangi bir Olayla bağlantılı olarak hiçbir sorumluluğa sahip olmayacaktır (ancak pazarlama materyalleri, müşteri yazışmaları ve benzeri teminatlar hariç); bu durumda Honeywell'in tek sorumluluğu ve Alıcının veya Son Kullanıcının bir Olayla ilgili münhasır çözümü, kusurlu Teslim Kalemi için geçerli garantinin hüküm ve koşullarına uygun olarak kusurlu Teslim Kalemlerinin değiştirilmesi, onarılması veya yeniden gerçekleştirilmesi veya ödenen ve kusurlu Teslim Kalemlerine atfedilen ücretlerin bir kısmının iade edilmesidir. Bu Madde, işbu Sözleşmedeki diğer tüm Maddelere göre öncelikli olacaktır. b. Buyer represents and warrants that, to the extent it is using the Cybersecurity Deliverables, it will (i) use commercially reasonable administrative, physical and technical safeguards to protect Buyer’s systems, facilities, operations or data or follow industry-standard or other mutually agreed upon security practices; (ii) update to the latest version of relevant Software and follow the current Documentation for the same; (iii) make no modifications or alterations to any hardware or Software comprising the Cybersecurity Deliverables without Honeywell’s express written permission; (iv) designate two (2) or more employees, executives, or agents who will respond to any Events and take recommended actions to mitigate harm to Buyer’s network; (v) develop and adopt a written governance, risk and compliance policy or policies, approved by a senior officer or Buyer’s board of directors (or an appropriate committee thereof) or equivalent governing body, setting forth Buyer’s policies and procedures for the protection of its information systems and nonpublic information stored on those information systems (the “Cybersecurity Policy”); (vi) develop and adopt a written incident response plan (“IRP”) that is exercised and/or practiced with key scenario driven evaluations on at least an annual basis; and (vii) provide Honeywell with copies of Buyer’s Cybersecurity Policy, IRP, and business continuity or disaster recovery plans upon Honeywell’s request.. 15. HAZARDOUS SUBSTANCES, MOLD, & UNSAFE WORKING CONDITIONS. a. No Existing Hazardous Substances or Mold. Buyer represents and warrants that it has not received notice from any source (formal or informal) of, nor is it aware of: (i) Hazardous Substances or Mold (each as defined below), either airborne or on or within the walls, floors, ceilings, heating, ventilation and air conditioning systems, plumbing systems, structure, and other components of the site(s) where Honeywell will provide Services or Products, or within furniture, fixtures, equipment, containers or pipelines in any of Worksite Location(s); or (ii) conditions that might cause or promote accumulation, concentration, growth or dispersion of Hazardous Substances or mold on or within such locations. b. Alıcı, Siber Güvenlik Teslim Kalemlerini kullandığı ölçüde, (i) Alıcının sistemlerini, tesislerini, operasyonlarını veya verilerini korumak için ticari olarak makul idari, fiziksel ve teknik önlemleri kullanacağını veya endüstri standardını veya üzerinde karşılıklı olarak mutabık kalınan diğer güvenlik uygulamalarını takip edeceğini; (ii) ilgili Yazılımın en son sürümüne güncelleme yapacağını ve aynı Yazılım için geçerli Belgeleri takip edeceğini beyan ve garanti eder; (iii) Honeywell'in açık yazılı izni olmaksızın Siber Güvenlik Teslim Kalemlerini içeren herhangi bir donanım veya Yazılımda hiçbir değişiklik veya tadilat yapmayacağını; (iv) herhangi bir Olaya yanıt verecek ve Alıcının ağına verilen zararı azaltmak için önerilen eylemleri gerçekleştirecek iki (2) veya daha fazla çalışan, yönetici veya temsilci belirleyeceğini; (v) Alıcının bilgi sistemlerinin ve bu bilgi sistemlerinde depolanan kamuya açık olmayan bilgilerin (“Siber Güvenlik Politikası”) korunmasına yönelik politika ve prosedürlerini ortaya koyan, üst düzey bir yetkili veya Alıcının yönetim kurulu (veya uygun bir komitesi) veya eşdeğer bir yönetim organı tarafından onaylanan yazılı bir yönetişim, risk ve uyum politikası veya politikaları geliştirip benimseyeceğini; (vi) en az yıllık bazda temel senaryo odaklı değerlendirmelerle tatbik edilen ve/veya uygulanan yazılı bir olay müdahale planı (“IRP”) geliştirip kabul edeceğini ve (vii) Honeywell'in talebi üzerine Honeywell'e Alıcının Siber Güvenlik Politikası, IRP ve iş sürekliliği veya felaket kurtarma planlarının kopyalarını sağlayacağını beyan ve taahhüt eder. 15. TEHLİKELİ MADDELER, KÜF VE GÜVENLİ OLMAYAN ÇALIŞMA KOŞULLARI. a. Mevcut Tehlikeli Madde veya Küf Olmaması. Alıcı, herhangi bir kaynaktan (resmi veya gayri resmi) bildirim almadığını ve bu konuda bilgi sahibi olmadığını beyan ve garanti eder: (i) Tehlikeli Maddeler veya Küf (her biri aşağıda tanımlanmıştır), havada veya duvarlarda, zeminde, tavanlarda, ısıtma, havalandırma ve iklimlendirme sistemlerinde, sıhhi tesisat sistemlerinde, yapıda ve Honeywell'in Hizmet veya Ürün sağlayacağı tesislerin diğer bileşenlerinde veya herhangi bir Şantiye Noktasındaki mobilyalarda, demirbaşlarda, ekipmanlarda, konteynerlerde veya boru hatlarında veya (ii) bu tür yerlerde veya bu yerlerin içinde Tehlikeli Maddelerin veya küfün birikmesine, yoğunlaşmasına, büyümesine veya dağılmasına neden olabilecek veya bunları teşvik b. No Obligation to Test,