Terms and Conditions for Professional Services

Version May 25, 2022

Customer may request Professional Services from GitHub. The parties will first agree on a Statement of Work (“SOW”) describing the Professional Services that GitHub will perform, fees and other obligations. These Terms and Conditions for Professional Services, together with the SOW, constitute the agreement for Professional Services (“Agreement”).

1. Customer Responsibilities

Prior to the start of the Professional Services, Customer will identify a primary responsible person who will have the authority to act on Customer’s behalf in all matters regarding the work performed under an SOW (“Primary Responsible Person”). The Primary Responsible Person will serve as the interface between GitHub’s project team and all Customer departments participating in the Professional Services. The Primary Responsible Person will:

• Obtain and provide correct and applicable information, data, consents, decisions and approvals without delay as required by GitHub to perform the Professional Services;
• Promptly provide access, workspace and connectivity to the systems and other facilities necessary for GitHub’s personnel while working at the Customer location, and help resolve and escalate Professional Services issues within Customer’s organization, as necessary; and
• Identify all Customer team members with appropriate systems access who will act as GitHub’s hands-on-keyboard during Professional Services, and otherwise make personnel available to assist GitHub in the performance of its responsibilities.

2. SOW Changes and Cancellation

Changes to the SOW must be made in writing (email accepted) and should be provided by Customer to GitHub no less than fourteen (14) days before date of delivery. If the request for change is provided later, the previously agreed terms of the SOW regarding Fees, Payment Schedule and Travel and Lodging actuals incurred by GitHub apply.

3. Personal Data

Customer and GitHub will comply with applicable data protection laws.

4. Customer Security Regulations

Customer will be responsible for securing the privacy of its data, including personal data, and for controlling access by GitHub personnel or subcontractors, including conducting security check-in and providing badges and personal escort for all on-site engagements.

• Customer will not share administrative credentials with GitHub employees and/or personnel.
• Customer will create temporary access credentials for use by GitHub employees and/or personnel valid on the start date and automatically expiring upon completion of the Professional Services.
• Customer shall provide its security regulations to GitHub, and GitHub shall ensure that its personnel or subcontractors make commercially reasonable efforts to comply with Customer’s security regulations in their activities at Customer sites or in connection with Customer systems.
• Unless otherwise agreed to in advance by the written consent of GitHub’s Director of Services Delivery (email accepted), GitHub’s personnel (including its subcontractors) will observe the working hours, working rules and holiday schedules of Customer while working on Customer’s premises.

5. Professional Services Providers

Primary Professional Services providers may be accompanied by additional GitHub employees based on engagement circumstances or for professional development purposes. All participant names will be provided to Customer in written form (this can be via email) prior to engagement delivery.

GitHub may perform its obligations under this Agreement through its Affiliates and/or use subcontractors to provide certain services. GitHub remains fully responsible for their performance.

6. Verification Checks

GitHub has performed the following verification checks on its employees prior to hire:

• Validation of employment history;
• Confirmation of claimed academic and professional qualifications where required by company policy and/or employee job description;
• Independent identity verification (passport or similar document); and
• Where required by employee role, more detailed checks, such as credit checks or checks of criminal records.

GitHub may, at Customer’s request and expense, prior to permitting its personnel to provide onsite Professional Services at Customer’s facility for a period of longer than five (5) consecutive days, require that such personnel has successfully passed a drug screen profile, subject to the requirements and/or limitations of applicable law.

7. Pricing and Payment

Fees. Fees are either fixed or based on GitHub hourly rates. Customer agrees to pay fees as set forth in the SOW within thirty (30) days of the invoice date or as otherwise agreed in the SOW. Unused Professional Service hours and fees are non-refundable.

Late Payment. If Customer fails to pay fees on time, GitHub has the right to charge 2% monthly interest on past due amounts as allowed by law. GitHub also has the right to charge Customer for all expenses of recovery, to terminate the applicable order or SOW and to take any other action at law.

Taxes. Customer is solely responsible for all taxes, fees, duties and governmental assessments (except for taxes based on GitHub’s net income) that are imposed or become due in connection with this Agreement. If any taxes are required to be withheld on payments invoiced by GitHub, Customer may deduct such taxes from the amount owed and pay them to the appropriate taxing authority, but only if Customer promptly provides GitHub an official receipt for those withholdings and other documents reasonably requested to allow GitHub to claim a foreign tax credit or refund. Customer will ensure that any taxes withheld are minimized to the extent possible under applicable law.

8. Intellectual Property Rights

When GitHub provides Professional Services to Customer, each party owns its Pre-Existing Work. GitHub has a right to use Customer’s Pre-Existing Work solely to provide Professional Services under this Agreement.

Each party will exclusively own all Improvements to that party’s Pre-Existing Work. Each party therefore assigns to the other party all rights, title, and interest to any Improvements it makes to the other party’s Pre-Existing work. Each party grants the other party a worldwide, non-exclusive, fully paid-up license to use, reproduce, distribute and create derivative works of Improvements. However, Customer only grants this license to GitHub for Improvements that are generic solutions or services.

All Developments will be owned by GitHub. Customer assigns to GitHub all rights, title, and interest to any Developments it makes. GitHub grants Customer a worldwide, non-exclusive, fully paid-up license to use, reproduce, and create derivative works of Developments, but not distribute or transfer them to a third party. If GitHub releases Improvements or Developments to Customer as open source software, the open source terms will apply instead of this license grant.

9. Warranties

(a) General. GitHub warrants that it will perform Professional Services with professional care and skill. If it does not, and Customer notifies GitHub within 90 days of the date the Professional Services were performed, GitHub will at its option and expense either: (i) re-perform the Professional Services or (ii) except for dedicated resources (such as, but not limited to, Premium Services and Services Account Engineers), return the price Customer paid for the faulty deliverables part of the Professional Services. Each party also represents and warrants that it will secure the permission of the other party prior to providing any source code in a manner that would subject the other party’s technology or intellectual property to any other license terms or require the other party to distribute source code to any of its technologies.

The remedies above are Customer’s sole remedies for breach of the warranties. Customer waives any warranty claims not made during the warranty period.

(b) Exclusions. The warranties in this Agreement do not apply to problems caused by accident, abuse, or use inconsistent with this Agreement, including failure to meet minimum system requirements. These warranties do not apply to a Product or Professional Services made available by GitHub for free.

(c) Disclaimer. Except for the limited warranties above and subject to applicable law, GitHub provides no other warranties. It disclaims any other express, implied or statutory warranties, including warranties of quality, title, non-infringement, merchantability, and fitness for a particular purpose.

10. Third Party Claims

(a) The parties will defend each other against third party claims described in this section and will pay the amount of any resulting adverse final judgment or approved settlement, but only if the defending party is promptly notified in writing of the claim and has the right to control the defense and any settlement of it.

(b) The party being defended must provide the defending party with all requested assistance, information and authority. The defending party will then reimburse the other party for reasonable out-of-pocket expenses it incurs in providing such assistance.

(c) This section describes the parties’ sole remedies and entire liability for such claims.

• By GitHub. GitHub will defend Customer against any third-party claim that a Product or Professional Services made available by GitHub for a fee and used within the scope of this Agreement (unmodified as provided by GitHub and not combined with anything else), misappropriated a trade secret or directly infringes a patent, copyright, trademark, or other proprietary right of a third party. If GitHub is unable to resolve a claim of misappropriation or infringement, it may, at its option, either (1) modify or replace the Product or Professional Services with a functional equivalent or (2) terminate Customer’s license and refund any license fees, including amounts paid in advance for any usage period after the termination date. GitHub will not be liable for any claims or damages due to Customer’s continued use of a Product or Professional Services after being notified to stop due to a third-party claim.

• By Customer. To the extent permitted by applicable law, Customer will defend GitHub and its Affiliates against any third-party claim that: (1) any content that Customer creates, owns, or to which Customer holds the rights misappropriated a trade secret or directly infringes a patent, copyright, trademark, or other proprietary right of a third party; or (2) Customer’s use of any Product, alone or in combination with anything else, violates the law or harms a third party.

11. Limitation of Liability

GitHub’s maximum liability to Customer for any incident giving rise to a claim will not exceed the amount Customer paid for the Professional Services during the 12 months before the incident.

Exclusions. In no event will either party be liable for indirect, incidental, special, punitive, or consequential damages, or loss of use, loss of profits, or interruption of business; however caused or on any theory of liability.

Exceptions. No limitation or exclusions will apply to liability arising out of either party’s (1) confidentiality obligations; (2) defense obligations above; or (3) violation of the other party’s intellectual property rights.

12. Confidentiality

Existing NDA. If the parties have entered into a Non-Disclosure Agreement, those terms apply instead of this confidentiality section.

Confidential Information. “Confidential Information” is non-public information in any form that is marked as “confidential” or that a reasonable person should understand is confidential. Confidential Information does not include information that: (a) becomes publicly available without a breach of a confidentiality obligation; (b) was received lawfully from another source without a confidentiality obligation; (c) is independently developed; or (d) is Feedback.

Protection of Confidential Information. Each party will take reasonable steps to protect the other’s Confidential Information. A party will only use the other party’s Confidential Information as part of the parties’ business relationship. Neither party will disclose Confidential Information to third parties. A party may only share Confidential Information with a party’s Representatives on a need-to-know basis, under nondisclosure obligations at least as protective as this Agreement. Each party remains responsible for the use of Confidential Information by its Representatives. A party must promptly notify the other party if it discovers any unauthorized use or disclosure.

Disclosure required by law. A party may disclose the other’s Confidential Information if required by law, but only after it notifies the other party (if legally permissible) so that the other party can seek a protective order.

Residual information. Neither party is required to restrict its Representatives in other work assignments if they have had access to Confidential Information. Each party agrees that the use of information retained in Representatives’ unaided memories in the development or deployment of the parties’ respective products or services does not create liability under this Agreement or trade secret law.

Duration of confidentiality obligation. These confidentiality obligations apply for a period of five years after a party receives the Confidential Information.

13. Miscellaneous

Independent contractors. The parties are independent contractors. Customer and GitHub may develop products independently without using the other’s Confidential Information.

Amendments. GitHub may require Customer to accept revised or additional terms before processing a new order. Any additional or conflicting terms and conditions presented by Customer are expressly rejected and will not apply.

Order of precedence. Conflicting terms in the SOW take precedence over these Professional Services Terms. Other than that, these Professional Services Terms will take precedence over any conflicting terms in other documents.

Assignment. Either party may assign this Agreement to an Affiliate but it must notify the other party in writing of the assignment. GitHub may also assign its rights to receive payment and enforce Customer’s payment obligations. Any other assignment of this Agreement must be approved by the other party in writing.

Severability. If any part of this Agreement is held to be unenforceable, the rest of the Agreement will remain in full force and effect.

Waiver. Failure to enforce any provision of this Agreement will not constitute a waiver. Any waiver must be in writing and signed by the waiving party.

No third-party beneficiaries. This Agreement does not create any third-party beneficiary rights except as expressly provided by its terms.

Survival. All provisions survive termination of this Agreement except those requiring performance only during the term of the Agreement.

Notices. Notices to GitHub may be submitted via email to legal@support.github.com. If Customer wishes to formally service notice on GitHub, it must be made through GitHub’s registered agent:

GitHub, Inc. c/o Corporation Service Company 2710 Gateway Oaks Drive, Suite 150N Sacramento, CA 95833-3505

Applicable law and venue. This Agreement will be governed by and construed in accordance with the laws of the State of California and federal laws of the United States. Any legal action or proceeding will be brought exclusively in the federal or state courts located in the Northern District of California. The parties consent to personal jurisdiction and venue there.

If Customer’s principal office is within the European Union, European Economic Area or Switzerland, however, this Agreement will be governed by the laws of Ireland. Any legal action or proceeding will be brought exclusively in the courts located in Dublin. The parties consent to personal jurisdiction and venue there.

The above choices of venue do not prevent either party from seeking injunctive relief in any jurisdiction with respect to a violation of intellectual property rights or confidentiality obligations.

The 1980 United Nations Convention on Contracts for the International Sale of Goods and its related instruments will not apply to this Agreement.

Government procurement rules. By accepting this agreement, Customer represents and warrants that (i) it has complied and will comply with all applicable government procurement laws and regulations; (ii) it is authorized to enter into this Agreement; and (iii) this Agreement satisfies all applicable procurement requirements.

14. Definitions

“Affiliate” means any legal entity that controls, is controlled by, or is under common control with a party. In this context control means ownership of more than a 50% interest in an entity.

“Developments” means new technology, written materials, or proofs of concept under this Agreement that do not include any Pre-Existing Work or Improvements.

“Feedback” means a comment or suggestion volunteered by a party about the other party’s business, products or services.

“Improvements” means all modifications and derivative works created under this Agreement to a party’s Pre-Existing Work.

“Pre-Existing Work” means all rights, title and interest to a Party’s pre-existing technology and Confidential Information, including all intellectual property rights.

“Product” means all Software, Online Services and Additional products that GitHub offers, including Previews, updates, patches, bug fixes and support provided by GitHub.

“Professional Services” means training, consulting or implementation services. Professional Services do not include support.

“Representatives” means a party’s employees, Affiliates, contractors, advisors and consultants.