Common use of Security Obligations Clause in Contracts

Security Obligations. Oracle’s obligations under Section 6.8 (Security), and Section 7.4 (Handling of Customer Data Upon Termination/Expiration), of the SSA do not apply to the NetSuite POS Module or the Store Data. Additionally, notwithstanding anything to the contrary in the SSA, the separate liability cap regarding a breach of Oracle’s confidentiality obligations shall not apply to Store Data and instead, such liability shall not exceed the equivalent of twelve (12) months of subscription fees applicable to the NetSuite POS Module at the time of the event. The NetSuite POS Module shall be compliant with the Payment Application Data Security Standard (PA-DSS) in effect at the time the NetSuite POS Module is initially made available to Customer. A required PCI SSC disclosure pertaining to PA-DSS certification of the NetSuite POS Module may be found at: ▇▇▇▇://▇▇▇.▇▇▇▇▇▇▇▇.▇▇▇/portal/resource/terms-of- service.shtml, which may be updated by PCI SSC from time to time. Any changes made to the NetSuite POS Module may affect such compliance and Customer shall be solely responsible for ensuring that any customization, changes or modifications made to the NetSuite POS Module are compliant with the PA- DSS.

Security Obligations. OracleNetSuite’s obligations under Section 6.8 (Security), and Section 7.4 (Handling of Customer Data Upon Termination/Expiration), of the SSA do not apply to the NetSuite POS Module or the Store Data. Additionally, notwithstanding anything to the contrary in the SSA, the separate liability cap regarding a breach of OracleNetSuite’s confidentiality obligations shall not apply to Store Data and instead, such liability shall not exceed the equivalent of twelve (12) months of subscription fees applicable to the NetSuite POS Module at the time of the event. The NetSuite POS Module shall be compliant with the Payment Application Data Security Standard (PA-DSS) in effect at the time the NetSuite POS Module is initially made available to Customer. A required PCI SSC disclosure pertaining to PA-DSS certification of the NetSuite POS Module may be found at: ▇▇▇▇://▇▇▇.▇▇▇▇▇▇▇▇.▇▇▇/portal/resource/terms-of- service.shtml, which may be updated by PCI SSC from time to time. Any changes made to the NetSuite POS Module may affect such compliance and Customer shall be solely responsible for ensuring that any customization, changes or modifications made to the NetSuite POS Module are compliant with the PA- DSS.