Contract
1. AGREEMENT
1.1 The “Agreement” means: (i) the applicable purchase order issued by Accenture; (ii) these General Terms and Conditions of Purchase (“General Terms”); and (iii) additional written agreements, if any, relating to the transaction signed by Accenture and the indicated provider such as a master agreement, statement of work or letter agreement (“Additional Agreements”). The Agreement is the sole and exclusive agreement between the indicated provider (“Supplier”) and Accenture with respect to the goods and/or services provided by Supplier under the applicable purchase order (collectively, “Deliverables”). By providing any Deliverables to Accenture, Supplier agrees it is bound by the Agreement. Supplier and/or Accenture may be referred to as a “Party” or “Parties” in these General Terms. “Accenture” means the Accenture entity that is a party to the Agreement and its Affiliates (collectively, “Accenture”).
1.2 In the event of any conflict among the terms of the Agreement, the following order of precedence will apply: (i) the applicable purchase order issued by Accenture; (ii) the Additional Agreements; and (iii) these General Terms.
1.3 An “Affiliate” means any entity, whether incorporated or not, that is controlled by or under common control with Accenture plc, a public limited company incorporated in Ireland with its registered office at 1 Grand Canal Square, Grand Canal Harbour, Xxxxxx 0, Xxxxxxx (registration number 471706) and its successors, where "control" means the ability, whether directly or indirectly, to direct the management and policies of another entity by means of ownership, contract or otherwise.
2. THE OBJECT OF THE AGREEMENT
Providing goods/services defined in the Purchase Order.
3. PERFORMANCE/ WARRANTIES
Supplier warrants and undertakes that the Deliverables will be free from defects in material and workmanship and will conform to any specifications or requirements in the Agreement or agreed upon by the Parties in writing. Supplier warrants that if any Deliverable(s) fails to meet any such specifications or requirements or is otherwise nonconforming, Supplier will, at its own cost and expense and within 10 days of its receipt of written notice of such failure, either correct such deficiency or provide a plan acceptable to Accenture for correcting such deficiency. If such deficiency is not corrected within such 10-day period or a corrective plan is not accepted by Accenture, Accenture will have the option to require Supplier to: (i) provide a full refund; or (ii) promptly replace or reperform the Deliverable(s) at no charge. All Deliverables will be subject to an inspection and acceptance by Accenture, even if the Parties have not set forth any specifications or requirements regarding the Deliverables in the Agreement.
4. DELIVERY
5. PAYMENT, INVOICING, AUDIT AND TAXES
5.1 All prices are exclusive of VAT or similar taxes and will be stated in Hungarian Forint (HUF).
5.2 Supplier is entitled to invoice Accenture after delivery has taken place in accordance with Section 3 above. Invoices shall be issued in electronic form and sent to the following e-mail address of the ordering Accenture entity: (i) Accenture Kft.: xxxxxxx.xxxxxxx@xxxxxxxxx.xxx; Accenture Industrial Software Solutions Kft.: Xxxxxxx.XXXX.XXXXXXX@xxxxxxxxx.xxx. All invoices submitted to
Accenture must include adequate documentation, including, as applicable: (i) a statement that the Deliverables comply with the provisions of the Agreement; (ii) an explanation of the Deliverables provided during the period covered by the invoice, including applicable purchase order number, invoice number, invoice date, name of the requestor, description of the Deliverables and the corresponding price; and (iii) if expense reimbursement is provided for in the Agreement in relation to Supplier’s services, itemized expenses with receipts or other documentation if a receipt is unavailable. Invoices are accepted by Accenture only if both the Supplier’s and Accenture’s VAT ID is indicated on it. In case any VAT ID is missing the invoice will be rejected and resent to the Supplier for modification.
5.3 Accenture will make payment within 30 days after issuance date of Supplier’s valid invoice in accordance with the Agreement. Payment of an invoice (in whole or in part) will not be deemed acceptance of any Deliverables.
5.4 Accenture is entitled to postpone and/or offset payment if the Supplier owes Accenture money for any reason or if Accenture disputes the amount due in good faith or if Supplier does not provide Accenture with any documents [when requested by Accenture] confirming the payment of salaries and other due remuneration, and any severance pay as well as payment of social security contributions payable with regard to the Supplier’s and its sub-contractor’s employees as per the local regulations.
5.5 During the term of the Agreement and for a period of 3 years thereafter, Accenture will have the right, at its expense, to audit the books and records of Supplier related to Supplier’s activities under the Agreement.
5.6 Applicable taxes will be billed as a separate item or line item. Accenture will pay sales, use, value added, goods and services, and all other similar taxes imposed by any official, authorized governmental entity for Deliverables provided under the Agreement, excluding taxes based solely on Supplier's income or property. Accenture will pay such tax(es) in addition to the sums due under the Agreement provided that Supplier itemizes them on a proper invoice. Accenture reserves the right to request proof of payment if previously paid by Supplier. If Accenture is required to withhold or deduct any taxes from any payment, Accenture will not be required to “gross up” the amount of such payment and will pay the total amount reflected on the invoice less the applicable withholding taxes. The Parties will cooperate in good faith to minimize taxes to the extent legally permissible. Each Party will provide and make available to the other Party any resale certificates, treaty certifications and other exemption information reasonably requested by the other Party. Notwithstanding the foregoing, provided Accenture furnishes Supplier with a copy of a resale exemption certificate, no sales taxes will be billed to Accenture.
6. OWNERSHIP OF DELIVERABLES & INTELLECTUAL PROPERTY RIGHTS
6.1 Supplier hereby assigns and grants to Accenture all rights and licenses necessary for Accenture to access, use, transfer, and sell the Deliverables and to exercise the rights granted under the Agreement, and pass-through the same to its Affiliates and designated users, for the use and benefit of Accenture and in providing services to Accenture’s clients and business partners. Except with respect to any proprietary materials, programs, and documentation provided by Supplier or its suppliers and in existence prior to the services being performed under the Agreement (“Pre-Existing Materials”), all right, title and interest in the Deliverables, including all intellectual property rights, will be the exclusive property of Accenture, to the extent permitted by applicable law. Supplier hereby assigns to Accenture ownership of all right, title and interest in the Deliverables (excluding Pre-Existing Materials) and waives any moral rights therein.
6.2 Supplier hereby assigns and grants to Accenture an irrevocable, non- exclusive, worldwide, perpetual and fully paid-up right and license to use and modify the Pre-Existing Materials to the extent necessary for Accenture to use the Deliverables as provided for in Section 6.1 above. Pre-Existing Materials or open source software will not be incorporated into any Deliverable without Accenture’s prior written approval.
6.3 To the extent the Deliverables consist of software, Accenture will be entitled to install and use the software on equipment owned or controlled by Accenture or on cloud platforms provided by third parties. For avoidance of doubt, to the
extent that any Deliverables consist of cloud-based services, such cloud-based services may be used by Accenture as provided for in Section 6.1 above.
6.4 Supplier agrees to defend, hold harmless and indemnify Accenture from any claim that a Deliverable (or any portion thereof) infringes or misappropriates any intellectual property right of a third party. In addition, if a claim of infringement is made, Supplier will, at its own expense, promptly exercise the first of the following remedies that is practicable: (i) obtain for Accenture the rights granted under the Agreement; (ii) modify the Deliverable so it is non-infringing and in compliance with the Agreement; (iii) replace the Deliverable with a non-infringing one that complies with the Agreement; or (iv) accept the return or cancellation of the infringing Deliverable and refund any amount paid.
7. COMPLIANCE WITH LAWS
7.1 Supplier represents and warrants that it is aware of, understands, has complied with, and will comply with, all laws applicable to Supplier in the performance of the Agreement, including but not limited to: (i) anti-corruption laws such as the U.S. Foreign Corrupt Practices Act, the U.K. Bribery Act and other local anti-corruption laws; (ii) data privacy laws, regulations and regulatory guidance, such as the EU’s General Data Protection Regulation 2016/679 of 27 April 2016 (“GDPR”); (iii) export/import and economic sanctions laws (“Trade Control Laws”); (iv) immigration, labor and employment laws; (v) employment opportunity and anti-discrimination laws; and (vi) environmental laws. Supplier will not provide any Deliverables to Accenture that would cause a violation of any such laws.
7.2 Unless otherwise agreed in writing, the Supplier will not provide any Deliverables to Accenture that require an export license or other form of government authorization under applicable Trade Control Laws to transfer or use in connection with the Agreement. Upon request, the Supplier will provide Accenture with the export control classification under applicable Trade Control Laws of any Deliverables provided in the performance of the Agreement.
7.3 Supplier will promptly notify Accenture of its violation of any applicable laws in its performance of the Agreement, and will defend, hold harmless and indemnify Accenture for any violation of such laws or a breach of Section 15.
8. LIABILITY AND INSURANCE
8.1 To the extent permitted by law, in no event will Accenture be liable for any lost revenues, lost profits, incidental, indirect, consequential, special or punitive damages. To the extent permitted by law, in no event will Accenture’s aggregate liability to Supplier for all claims exceed the total price payable by Accenture to Supplier under the Agreement.
8.2. The Supplier shall be obliged to fully compensate Accenture for any damages that it may suffer either by the Supplier and any subcontractor appointed by the Supplier or their personnel.
The Supplier and any subcontractor of the Supplier shall comply with the provisions of labour and insurance/social security legislation, health and safety legislation for workers and legislation for the prevention of occupational risk of Hungary, as well as with the provisions of the Law.
The Supplier shall hold harmless Accenture to the extent that Accenture shall be held liable [indicatively mentioned] either through the imposition of an administrative fine, the imposition of taxes or social security contributions, penalties, interests and or other relevant charges or through the raise of a civil claim against Accenture, as a result of relevant acts or omissions of Supplier or any subcontractor and/or their personnel and violations of the provisions of the applicable legislation and the employment agreements of the Supplier or subcontractor with their personnel.
Finally, the Supplier shall hold harmless Accenture for any judicial fees and legal costs it shall incur for the above reasons.
Accenture reserves the right of recourse and to seek full compensation from the Supplier and any subcontractor for any relevant amount that Accenture will be summoned to pay.
8.3 Supplier will obtain and maintain all applicable and appropriate insurance, (including, without limitation, business, workers' compensation, auto, errors and
omissions, professional and commercial general and liability insurance) in an amount consistent with Supplier's industry practice. If Supplier will have any access to personal data under the Agreement, such insurance will include cyber liability (data privacy) coverage.
9. TERMINATION
Accenture may immediately terminate the Agreement for its convenience (for any or no reason) at any time, in whole or in part, by providing written notification to Supplier. Unless expressly provided for in the Agreement, Accenture will have no obligation to pay any early termination fee or extra charges in relation to such termination.
10. CONFIDENTIALITY AND PUBLICITY
10.1 Supplier will keep the existence, nature and the content of the Agreement, the Accenture Data (as defined in Section 15.1), and any other information of Accenture, confidential and will not disclose it to any other person. Supplier will ensure that its personnel, contractors and agents (collectively, “Personnel”) are aware of, and have committed to, confidentiality and legal obligations with respect to such information. Supplier will not make any reference to the Agreement, its terms, business information, or use Accenture’s name, logo or trademark in any public announcements, promotions or any other communication without Accenture’s prior written consent.
10.2 Supplier may only use such confidential information for the purpose of performing its obligations under the Agreement.
10.3 Upon: (i) expiration or termination of the Agreement; or (ii) the request of Accenture; Supplier will return all confidential information of Accenture and Accenture Data or delete such information.
11. ASSIGNMENT AND SUBCONTRACTING
11.1 Supplier is engaged as an independent contractor. Nothing in the Agreement will be deemed or construed to create a joint venture, partnership or employment relationship between Accenture and Supplier (including its Personnel). Accenture will have no liability or responsibility for Supplier’s Personnel. Supplier will remove Personnel from any assignment under the Agreement, for any lawful reason at Accenture’s sole and reasonable discretion.
11.2 Supplier will not assign, transfer or subcontract the Agreement or its rights or obligations (including its data privacy obligations) to any third party (whether resulting from a change of control, merger or otherwise) without Accenture’s prior written consent. In any event Supplier will remain solely responsible for any and all acts, errors or omissions of its subcontractors (including its sub- processors).
11.3 Accenture's rights, benefits and/or obligations under the Agreement may be assigned or transferred to any Affiliate. Supplier hereby provides its consent in advance for such assignment or transfer.
12. SUPPLIER STANDARDS OF CONDUCT
Accenture is committed to conducting its business free from unlawful, unethical or fraudulent activity. Supplier will act in a manner consistent with the ethical and professional standards of Accenture as described in the Accenture Supplier Standards of Conduct, including prompt reporting of unlawful, fraudulent or unethical conduct. A copy of these standards can be found at xxxxxxxxx.xxx/xx- en/company-ethics-code.
13. GOVERNING LAW AND DISPUTES
13.1 The Parties will make good faith efforts to resolve, in a confidential manner, any dispute which may arise under the Agreement, by escalating it to higher levels of management, prior to resorting to litigation or other legal process.
13.2. In the event of any dispute arising from or in connection with the present contract, so especially with its breach, termination, validity or interpretation, the parties exclude the state court procedure and agree to submit the matter to the exclusive and final decision of the Permanent Arbitration Court attached to the Hungarian Chamber of Commerce and Industry (Commercial Arbitration Court
Budapest). The Arbitration Court proceeds in accordance with its own Rules of Proceedings (supplemented with the provisions of the Sub-Rules of Expedited Proceedings). The number of arbitrators shall be 3 (three) and the language to be used in the arbitral proceedings shall be Hungarian. The parties exclude the possibility of the retrial of the proceedings as regulated in Section IX of Act no. LX of 2017 on Arbitration. In order to settle the legal dispute, the Hungarian substantive law shall apply, excluding its private international law rules. The United Nations Convention on Contracts for the International Sale of Goods does not apply.
14. GENERAL
14.1 No delay or failure by either Party to exercise any of its powers, rights or remedies under the Agreement will operate as a waiver of them. For purpose of the Agreement an email will be deemed to be “written” or a “writing”.
14.2 If any part of the Agreement is found to be invalid, unlawful or unenforceable then such part will be severed from the remainder of the Agreement which will continue to be valid and enforceable to the fullest extent permitted by law.
14.3 Any changes to the Agreement will be valid and binding only if such changes are set forth in a written agreement signed by Supplier and Accenture. Any click- through, online or other terms or licenses accompanying any Deliverables are null and void and will not bind Accenture. The Parties expressly agree that any counter offer by Supplier or terms contained in the Supplier's response to, or acknowledgment or acceptance of, the Agreement, if any, that are additional to, or different from, the terms set forth in the Agreement will not apply and are hereby expressly rejected by Accenture.
14.4 The provisions of these General Terms, which by their nature survive termination or expiration, including but not limited to provisions 1, 5, 6, 7, 8, 10, 13, 14, 15 and 16, will survive any termination or expiration of the Agreement.
15. DATA PROTECTION AND PRIVACY
15.1 In addition to Supplier’s obligations under Sections 7, 10, 11, and 16, Supplier will comply with this Section 15 when processing Accenture Personal Data. "Accenture Personal Data" means personal data owned, licensed, or otherwise controlled or processed by Accenture or by Accenture’s Affiliates, including personal data processed by Accenture on behalf of its clients. “Accenture Data” means all information, data and intellectual property of Accenture or its clients or other suppliers, collected, stored, hosted, processed, received and/or generated by Supplier in connection with providing the Deliverables to Accenture, including Accenture Personal Data.
15.2 If Supplier processes Accenture Personal Data in the course of providing Deliverables to Accenture or fulfilling its obligations under the Agreement, Supplier will: (i) only process Accenture Personal Data in accordance with the written instructions of Accenture or to the extent reasonably necessary for the performance of the Agreement, and at all times in compliance with applicable laws; (ii) provide full cooperation and assistance to Accenture in ensuring that rights of individuals under applicable laws (including GDPR) are timely and appropriately addressed, for the fulfilment of Accenture’s obligations to comply with such laws; (iii) make all reasonable efforts to ensure that Accenture Personal Data is accurate and up-to-date at all times while in its custody or under its control, to the extent Supplier has the ability to do so; (iv) fully assist and cooperate with Accenture and its clients in ensuring their compliance with applicable laws, including Articles 32 to 36 of GDPR where applicable. Supplier will make available to Accenture and/or any supervisory authority all information necessary to demonstrate Supplier’s compliance with the Agreement and applicable laws, and allow for and contribute to audits and inspections conducted by Accenture; (v) not retain any Accenture Personal Data for longer than is necessary for the performance of the Agreement or as required by applicable law; and (vi) ensure that any sub-processor(s) (approved under Section 12.2) must be bound by a written agreement that includes the same data protection obligations as set out in the Agreement.
15.3 “Security Incident” means a known, or reasonably suspected, accidental or unauthorized loss, acquisition, disclosure, access, use or other form of
compromise of Accenture Personal Data. Supplier will implement and maintain commercially reasonable and appropriate physical, technical and organizational security measures, including those set out in Section 16 below, to protect Accenture Data against a Security Incident and all other unauthorized or unlawful forms of processing. Supplier will (i) notify Supplier’s point of contact at Accenture in writing and without undue delay, and any event within 48 hours of Supplier’s discovery of the Security Incident; and (ii) investigate the Security Incident, taking all necessary steps to eliminate or contain the Security Incident, including cooperating with Accenture’s remediation efforts, mitigating any damage, and developing and executing a plan, subject to Accenture´s approval, that promptly reduces the likelihood of a recurrence of the Security Incident.
15.4 Supplier will notify Accenture promptly in writing of any investigation, litigation, arbitrated matter or other dispute relating to Supplier’s or its sub- contractors' information security or privacy practices.
15.5 Supplier will not transfer, access or otherwise process Accenture Personal Data which originates from the EEA to/from jurisdictions outside of an Approved Jurisdiction, without first entering into a legally valid data transfer mechanism(s) and/or additional agreement(s) with Accenture. “Approved Jurisdiction” means a member state of the European Economic Area (EEA) or any other jurisdiction or sector as may be approved by the European Commission as ensuring adequate legal protections for personal data.
16. INFORMATION SECURITY
16.1 Industry Standards. Supplier will implement appropriate technical and organizational security measures that comply with Industry Standards in all applicable goods, services, equipment, software systems and platforms that Supplier uses to access, process and/or store Accenture Data. “Industry Standards” means security measures that are commercially reasonable in the information technology industry and that are designed to ensure the security, integrity, and confidentiality of Accenture Data, and to protect against Security Incidents.
16.2 Illicit Code. Except for the functions and features expressly disclosed in Supplier's documentation made available to Accenture, Deliverables will be free of any programs, subroutines, code, instructions, data or functions, (including but not limited to viruses, malware, worms, date bombs, time bombs, shut-down devices, keys, authorization codes, back doors or passwords allowing Supplier access) that may result in any inoperability, damage, interruption, or interference of the Deliverables or any equipment on which the Deliverables reside or with which the Deliverables are capable of communicating.
16.3 Security of All Software Components. Supplier will inventory all software components (including open source software) used in Deliverables, and provide such inventory to Accenture upon request. Supplier will assess whether any such components have any security defects or vulnerabilities that could lead to a Security Incident. Supplier will perform such assessment prior to providing Accenture with access to such software components and on an on-going basis thereafter during the term of the Agreement. Supplier will promptly notify Accenture of any identified security defect or vulnerability and remediate same in a timely manner. Supplier will promptly notify Accenture of its remediation plan. If remediation is not feasible in a timely manner, Supplier will replace the subject software component with a component that is not affected by a security defect or vulnerability and that does not reduce the overall functionality of the Deliverable(s).
16.4 Security Assessment. If Accenture reasonably determines, or in good faith believes, that Supplier’s security practices or procedures do not meet Supplier’s obligations under the Agreement, then Accenture will notify Supplier of the deficiencies. Supplier will without unreasonable delay: (i) correct such deficiencies at its own expense; (ii) permit Accenture, or its duly authorized representatives, to assess Supplier’s security-related activities that are relevant to the Agreement; and (iii) timely complete a security questionnaire from Accenture on a periodic basis upon Accenture’s request. Security issues identified by Accenture will be assigned risk ratings and an agreed-to timeframe to remediate. Supplier will remediate all the security issues identified within the
16.5 Application Hardening. Supplier will comply with this Section 16.5 if Supplier is providing Accenture with access to or the use of any software, including software-as-a-service or cloud-based software. Supplier will maintain and implement secure application development policies, procedures, and standards that are aligned to Industry Standard practices (e.g., SANS Top 35 Security Development Techniques and Common Security Errors in Programming and the OWASP Top Ten project). This applies to web application, mobile application, embedded software, and firmware development. All Personnel responsible for application design, development, configuration, testing, and deployment will be qualified to perform such activities and receive appropriate training on such policies, procedures, and standards.
16.6 Infrastructure Vulnerability Scanning. Supplier will scan its internal environments (e.g., servers, network devices, etc.) related to Deliverables monthly and external environments related to Deliverables weekly. Supplier will have a defined process to address any findings but will ensure that any high-risk vulnerabilities are addressed within 30 days.
16.7 Application Vulnerability Assessment. Supplier will comply with this Section 16.7 if Supplier is providing Accenture with access to or the use of any software, including software-as-a-service or cloud-based software. Supplier will perform an application security vulnerability assessment prior to any new release. The test must cover all application and/or software vulnerabilities defined by the OWASP or those listed in the SANS Top Cyber Security Risks or its successor current at the time of the test. Supplier will ensure all high-risk vulnerabilities are resolved prior to release. Supplier will provide a summary of the test results including any open remediation points upon request. Supplier will have a defined process to address any findings but will ensure that any high-risk vulnerabilities are addressed within 30 days
16.8 Penetration Tests and Security Evaluations of Websites. Supplier will perform a comprehensive penetration test and security evaluation of all systems and websites involved in providing Deliverables prior to use and on a recurring basis no less frequent than quarterly. Supplier will have an industry recognized independent third party perform one of the quarterly tests. Supplier will have a defined process to address any findings but any high-risk vulnerabilities must be addressed within 30 days. Supplier will provide a summary of such tests and evaluations, including any open remediation points, to Accenture upon request.
16.9 Asset Management. Supplier will: i) maintain an asset inventory of all media and equipment where Accenture Data is stored. Access to such media and equipment will be restricted to authorized Personnel; ii) classify Accenture Data so that it is properly identified and access to it is appropriately restricted; iii) maintain an acceptable use policy with restrictions on printing Accenture Data and procedures for appropriately disposing of printed materials that contain Accenture Data when such data is no longer needed under the Agreement; iv) maintain an appropriate approval process whereby Supplier’s approval is required prior to its Personnel storing Accenture Data on portable devices, remotely accessing Accenture Data, or processing such data outside of Supplier facilities. If remote access is approved, Personnel will use multi-factor authentication, which may include the use of smart cards with certificates, One Time Password (OTP) tokens, and biometrics.
16.10 Access Control. Supplier will maintain an appropriate access control policy that is designed to restrict access to Accenture Data and Supplier assets to authorized Personnel. Supplier will require that all accounts have complex passwords that contain letters, numbers, and special characters, be changed at least every 90 days, and have a minimum length of 8 characters.
16.11 Cryptography. Supplier will maintain policies and standards on the use of cryptographic controls that are implemented to protect Accenture Data.
16.12 Secure Disposal or Reuse of Equipment. Supplier will verify that all Accenture Data has been deleted or securely overwritten using Industry Standard processes, prior to disposal or re-use of equipment containing storage media.
16.13 Operations Security. Supplier must enable logging and monitoring on all operating systems, databases, applications, and security and network devices
that are involved in providing Deliverables. Supplier will maintain anti-malware controls that are designed to protect systems from malicious software, including malicious software that originates from public networks. In addition, Supplier will use anti-malware software (of Industry Standard or better quality), maintain such software at the then current major release, purchase maintenance & support available from the vendor for such software, and promptly implement new releases and versions of such software.