PCI DSS for Large Organizations

Please enter your details below to register for your company for the PCI DSS for Large Organizations SIG.


Fields marked * are required.

Details


Company Name: *
Address Line 1: *
Address Line 2:
City: *
State/Province:
Zip / Postal Code: *
Country: *
First Name: *
Last Name: *
Job Title:
Phone #: *
Email: *

Agreement

PCI SSC GROUP PARTICIPATION AGREEMENT

BEFORE CLICKING ON THE “I ACCEPT” BUTTON BELOW, CAREFULLY READ ALL OF THE TERMS AND CONDITIONS OF THIS PCI SSC GROUP PARTICIPATION AGREEMENT (THE “AGREEMENT”). BY CLICKING ON THE “I ACCEPT” BUTTON: (I) YOU ARE AGREEING TO THE TERMS AND CONDITIONS OF AND ARE BECOMING A PARTY TO THIS AGREEMENT WITH PCI SECURITY STANDARDS COUNCIL, LLC (“PCI SSC”); (II) THE SIGNATORY (DEFINED BELOW) REPRESENTS AND WARRANTS TO PCI SSC THAT S/HE IS YOUR EMPLOYEE AND IS AUTHORIZED TO LEGALLY BIND YOU TO THE TERMS AND CONDITIONS OF THIS AGREEMENT AND (III) YOU ACKNOWLEDGE, AGREE, AND REPRESENT AND WARRANT TO PCI SSC THAT: (A) YOU HAVE READ AND UNDERSTAND THIS AGREEMENT; (B) PCI SSC MAY REJECT OR TERMINATE THIS AGREEMENT IF YOU FAIL TO SATISFY ANY OF THE TERMS OR CONDITIONS HEREOF; AND (C) THIS AGREEMENT IS A LEGALLY BINDING CONTRACT BETWEEN YOU AND PCI SSC EFFECTIVE AS OF THE DATE PCI SSC PROVIDES YOU WITH ACCESS TO THE PORTAL (DEFINED BELOW).

IF YOU DO NOT AGREE TO ALL OF THE TERMS AND CONDITIONS OF THIS AGREEMENT, YOU ARE NOT AUTHORIZED TO PARTICIPATE IN THE GROUP (DEFINED BELOW) OR ACCESS THE PORTAL AND SHOULD CLICK “DO NOT ACCEPT” BUTTON TO EXIT THIS WEB PAGE.

FOR GOOD AND VALUABLE CONSIDERATION, THE RECEIPT AND SUFFICIENCY OF WHICH IS HEREBY ACKNOWLEDGED, YOU AND PCI SSC HEREBY AGREE TO THE FOREGOING AND AS FOLLOWS:

1. GROUP ACTIVITIES; PARTICIPATION.

A. GROUP ACTIVITIES. PCI SSC HAS ESTABLISHED THE TASK FORCE, WORKING GROUP, SPECIAL INTEREST GROUP, RFC PROCESS OR OTHER GROUP OR INITIATIVE SPECIFIED ON THE SIGNATURE PAGE HERETO (THE “GROUP”), AS A CONVENIENCE TO YOU AND THE OTHER COMPANIES OR INDIVIDUALS DESIGNATED OR INVITED BY PCI SSC TO PARTICIPATE IN THE GROUP (YOU AND SUCH OTHER GROUP PARTICIPANTS (EXCLUDING PCI SSC STAFF AND REPRESENTATIVES (“PCI SSC PERSONNEL”)), COLLECTIVELY, THE “PARTICIPANTS”). SUBJECT TO THE TERMS AND CONDITIONS OF THIS AGREEMENT, PCI SSC AUTHORIZES YOU TO PARTICIPATE IN SUCH MEETINGS, DISCUSSIONS, CALLS, COMMUNICATIONS, EMAIL EXCHANGES AND OTHER ACTIVITIES AS PCI SSC MAY FROM TIME TO TIME PROVIDE OR MAKE ACCESSIBLE OR AVAILABLE TO THE OTHER PARTICIPANTS IN CONNECTION WITH THE GROUP (COLLECTIVELY, THE “ACTIVITIES”), THROUGH THOSE OF YOUR EMPLOYEES WHO YOU HAVE DESIGNATED TO PARTICIPATE IN THE GROUP ON YOUR BEHALF.

B. PARTICIPATION. YOU HEREBY AGREE TO PARTICIPATE IN THE GROUP AND ACTIVITIES IN ACCORDANCE WITH THIS AGREEMENT, AND THAT ALL INFORMATION YOU PROVIDE (OR HAVE PROVIDED) IN CONNECTION WITH REGISTERING FOR THE GROUP (IF APPLICABLE) WILL BE (AND HAS BEEN) TRUE, ACCURATE AND COMPLETE.

2. PORTAL; ACCOUNT AND PASSWORDS; ACCEPTABLE USE.

A. IN CONNECTION WITH THE GROUP, PCI SSC MAY FROM TIME TO TIME MAINTAIN ONE OR MORE WEB PORTALS AND/OR OTHER ONLINE AREAS, SITES OR PAGES ACCESS TO WHICH IS RESTRICTED TO PARTICIPANTS AND PCI SSC PERSONNEL (THE FOREGOING, COLLECTIVELY, THE “PORTAL”). YOU ACKNOWLEDGE THAT THE PORTAL AND ALL OTHER MATERIALS AND INFORMATION MADE AVAILABLE ON OR THROUGH THE PORTAL (THE “CONTENTS”) ARE PROVIDED AS A COURTESY TO YOU AND THE OTHER PARTICIPANTS. FOR PURPOSES OF THIS AGREEMENT, THE PORTAL (IF ANY) IS CONSIDERED A PART OF THE PCI SSC WEB SITE AT WWW.PCISECURITYSTANDARDS.ORG (SUCH WEB SITE AND EACH WEB PAGE THEREOF, THE “WEB SITE”), AND YOUR USE OF THE PORTAL OR ANY PORTION THEREOF CONSTITUTES YOUR UNCONDITIONAL AGREEMENT TO FOLLOW AND BE BOUND BY THE “TERMS AND CONDITIONS” AND “PRIVACY POLICY” AVAILABLE ON THE WEB SITE, AS PCI SSC MAY AMEND THE FOREGOING FROM TIME TO TIME.

B. YOU HEREBY ACKNOWLEDGE THAT YOU MAY NEED TO REGISTER WITH PCI SSC IN ORDER TO OBTAIN A PORTAL ACCOUNT, USERNAME AND/OR PASSWORD, ACCESS THE PORTAL, AND/OR PARTICIPATE IN THE GROUP OR ACTIVITIES. YOU AGREE THAT YOU ARE SOLELY RESPONSIBLE FOR MAINTAINING THE CONFIDENTIALITY OF YOUR PORTAL ACCOUNT(S), USERNAME(S) AND PASSWORD(S) (IF ANY) AND FOR ALL ACTIVITIES AND LIABILITIES ASSOCIATED WITH OR OCCURRING AS A RESULT OF YOUR USE OF SUCH ACCOUNT(S), USERNAME(S) AND PASSWORD(S), YOUR PERMITTING OR ENABLING SOMEONE ELSE TO ACCESS OR USE SUCH ACCOUNT(S), USERNAME(S) OR PASSWORD(S), AND YOUR FAILURE TO MAINTAIN SUCH CONFIDENTIALITY. YOU AGREE TO (I) NOTIFY PCI SSC IMMEDIATELY OF ANY UNAUTHORIZED USE OF SUCH ACCOUNT(S), USERNAME(S) OR PASSWORD(S) AND ANY OTHER BREACH OF SECURITY OF THE PORTAL OF WHICH YOU BECOME AWARE AND (II) ENSURE THAT YOU EXIT FROM SUCH ACCOUNT(S) AT THE END OF EACH PORTAL SESSION. PCI SSC CANNOT AND WILL NOT BE RESPONSIBLE FOR ANY LOSS OR DAMAGE ARISING FROM YOUR FAILURE TO COMPLY WITH THE FOREGOING REQUIREMENTS OR AS A RESULT OF ANY USE OF SUCH ACCOUNT(S), USERNAME(S) OR PASSWORD(S), EITHER WITH OR WITHOUT YOUR KNOWLEDGE, AND YOU AGREE THAT YOU ARE SOLELY LIABLE FOR ANY AND ALL LOSSES INCURRED BY PCI SSC OR ANY OTHER PERSON OR ENTITY DUE TO SOMEONE ELSE USING YOUR ACCOUNT(S), USERNAME(S) OR PASSWORD(S) AS A RESULT OF YOUR FAILURE TO COMPLY WITH THE FOREGOING REQUIREMENTS. YOU MAY NOT (AND AGREE NOT TO) TRANSFER YOUR PORTAL ACCOUNT(S), USERNAME(S) OR PASSWORD(S) TO ANOTHER PERSON OR ENTITY, OR USE ANYONE ELSE’S PORTAL ACCOUNT(S), USERNAME(S) OR PASSWORD(S) AT ANY TIME. TO THE EXTENT PCI SSC PROVIDES ANY PORTAL ACCOUNT, USERNAME OR PASSWORD TO ANY INDIVIDUAL WHO IS YOUR EMPLOYEE, YOU AGREE TO NOTIFY PCI SSC IMMEDIATELY IF SUCH INDIVIDUAL CEASES TO BE YOUR EMPLOYEE OR IF YOU NO LONGER AUTHORIZE OR DESIGNATE SUCH INDIVIDUAL TO PARTICIPATE IN THE ACTIVITIES ON YOUR BEHALF.

C. YOU AGREE THAT YOU WILL ONLY ACCESS AND USE THE PORTAL AND PARTICIPATE IN THE ACTIVITIES FOR LAWFUL PURPOSES AND IN ACCORDANCE WITH SUCH POLICIES AS PCI SSC MAY ESTABLISH FROM TIME TO TIME REGARDING ACCEPTABLE USE. YOU ARE SOLELY RESPONSIBLE FOR UNDERSTANDING AND ADHERING TO ANY AND ALL LAWS, RULES, AND REGULATIONS PERTAINING TO YOUR USE OF THE PORTAL AND/OR PARTICIPATION IN THE ACTIVITIES. YOU SHALL NOT USE THE PORTAL OR PARTICIPATE IN THE ACTIVITIES IN ANY MANNER THAT IS, AND YOU SHALL NOT UPLOAD TO, DISTRIBUTE THROUGH, OR OTHERWISE PUBLISH OR PROVIDE THROUGH THE PORTAL OR YOUR PARTICIPATION IN THE ACTIVITIES ANY CONTENT, MATERIALS OR OTHER INFORMATION THAT YOU DO NOT HAVE THE RIGHT TO TRANSMIT OR PROVIDE, OR THAT IS, LIBELOUS, DEFAMATORY, OBSCENE, PORNOGRAPHIC, THREATENING, INVASIVE OF PRIVACY OR PUBLICITY RIGHTS, ABUSIVE, ILLEGAL, OTHERWISE OBJECTIONABLE, OR THAT COULD CONSTITUTE OR ENCOURAGE A CRIMINAL OFFENSE, VIOLATE THE RIGHTS OF ANY PARTY, OR OTHERWISE GIVE RISE TO LIABILITY OR VIOLATE ANY LAW. YOU AGREE THAT YOU WILL NOT IN ANY WAY: (I) INTERFERE WITH THE ABILITY OF OTHERS TO ACCESS OR USE THE PORTAL OR PARTICIPATE IN THE ACTIVITIES; (II) DISRUPT THE NORMAL FLOW OF COMMUNICATION OR OTHERWISE ACT IN A MANNER THAT NEGATIVELY AFFECTS OTHERS' ABILITY TO USE THE PORTAL; (III) INTERFERE WITH OR DISRUPT THE PORTAL OR RELATED SERVERS OR NETWORKS, OR DISOBEY ANY REQUIREMENTS, PROCEDURES, POLICIES, OR REGULATIONS OF NETWORKS CONNECTED TO THE PORTAL, OR (IV) ATTEMPT TO CIRCUMVENT ANY SECURITY ASSOCIATED WITH THE PORTAL OR ANY NETWORKS OR SERVERS CONNECTED THERETO.

3. CONFIDENTIAL INFORMATION.

A. FOR PURPOSES OF THIS AGREEMENT, “CONFIDENTIAL INFORMATION” MEANS THE PORTAL, THE CONTENTS, ALL OTHER MATERIALS OR INFORMATION PROVIDED, COMMUNICATED OR OTHERWISE MADE ACCESSIBLE (BY PCI SSC OR OTHERWISE) TO ANY OF THE PARTICIPANTS OR PCI SSC PERSONNEL IN CONNECTION WITH THE GROUP AND/OR ACTIVITIES (WHETHER THROUGH THE PORTAL, ACTIVITIES OR OTHERWISE), AND ALL MATERIALS OR INFORMATION GENERATED THROUGH OR AS A RESULT OF THE ACTIVITIES. YOU ARE HEREBY AUTHORIZED TO ACCESS AND REVIEW THE PORTIONS OF THE CONFIDENTIAL INFORMATION MADE GENERALLY ACCESSIBLE TO THE PARTICIPANTS, SOLELY FOR THE PURPOSE OF PARTICIPATING IN THE ACTIVITIES AND PROVIDING RELATED FEEDBACK (DEFINED BELOW) TO THE GROUP AND PCI SSC (THE “PERMITTED PURPOSE”).

B. YOU HEREBY AGREE TO KEEP ALL CONFIDENTIAL INFORMATION STRICTLY CONFIDENTIAL, THAT YOU WILL ONLY USE THE CONFIDENTIAL INFORMATION FOR THE PERMITTED PURPOSE, AND THAT YOU WILL NOT DISCLOSE, PUBLISH, DISSEMINATE OR OTHERWISE MAKE ACCESSIBLE THE CONFIDENTIAL INFORMATION (OR ANY PORTION THEREOF) TO ANYONE OTHER THAN OTHER PARTICIPANTS, PCI SSC OR THOSE OF YOUR EMPLOYEES WHO (I) YOU HAVE DESIGNATED TO PARTICIPATE IN THE ACTIVITIES ON YOUR BEHALF, (II) NEED TO KNOW THE CONFIDENTIAL INFORMATION FOR THE PERMITTED PURPOSE AND (III) ARE BOUND BY A WRITTEN AGREEMENT THAT PROHIBITS DISCLOSURE AND USE OF THE CONFIDENTIAL INFORMATION ON TERMS CONSISTENT WITH THE RESTRICTIONS OF THIS AGREEMENT AS THEY APPLY TO YOU (COLLECTIVELY “PERMITTED EMPLOYEES”). YOU SHALL USE BEST EFFORTS TO ENSURE COMPLIANCE WITH THE RESTRICTIONS SET FORTH HEREIN BY ALL PERMITTED EMPLOYEES, AND YOU AGREE THAT YOU ARE SOLELY RESPONSIBLE AND LIABLE FOR ANY FAILURE TO COMPLY WITH SUCH RESTRICTIONS BY YOU, YOUR PERMITTED EMPLOYEES OR ANY OTHER PERSON OR ENTITY WITH WHICH YOU OR YOUR EMPLOYEES SHARE CONFIDENTIAL INFORMATION. THE RESTRICTIONS SET FORTH IN THIS PARAGRAPH SHALL NOT APPLY TO (AND THE TERM “CONFIDENTIAL INFORMATION” SHALL NOT INCLUDE) ANY INFORMATION THAT OTHERWISE WOULD CONSTITUTE CONFIDENTIAL INFORMATION BUT THAT: (A) IS NOW OR SUBSEQUENTLY BECOMES GENERALLY AVAILABLE TO THE PUBLIC THROUGH NO FAULT OR BREACH ON YOUR PART; (B) YOU CAN DEMONSTRATE TO HAVE HAD RIGHTFULLY IN YOUR POSSESSION WITHOUT RESTRICTION PRIOR TO DISCLOSURE BY PCI SSC OR DISCLOSURE IN CONNECTION WITH THE GROUP OR ITS ACTIVITIES; (C) YOU INDEPENDENTLY DEVELOP WITHOUT THE USE OF ANY OTHER CONFIDENTIAL INFORMATION; OR (D) YOU OBTAIN FROM A THIRD PARTY THAT IS NOT UNDER AN OBLIGATION OF CONFIDENTIALITY WITH RESPECT TO SUCH INFORMATION. ADDITIONALLY, YOU MAY DISCLOSE THE CONFIDENTIAL INFORMATION TO THE EXTENT REQUIRED BY APPLICABLE LAW, REGULATION, COURT ORDER, SUBPOENA OR OTHER LEGAL PROCESS, PROVIDED THAT YOU GIVE PCI SSC PROMPT NOTICE OF SUCH REQUIREMENT TO ALLOW PCI SSC A REASONABLE OPPORTUNITY TO OBTAIN A PROTECTIVE ORDER WITH RESPECT TO SUCH CONFIDENTIAL INFORMATION.

C. WITHIN TEN (10) BUSINESS DAYS OF RECEIPT OF PCI SSC’S WRITTEN REQUEST, YOU WILL RETURN TO PCI SSC ALL CONFIDENTIAL INFORMATION AND COPIES THEREOF IN YOUR POSSESSION OR CONTROL, OR AT PCI SSC’S ELECTION, DESTROY THE SAME AND CERTIFY TO PCI SSC AS TO SUCH DESTRUCTION; PROVIDED THAT YOU MAY RETAIN A REASONABLE NUMBER OF COPIES FOR ARCHIVAL PURPOSES, SUBJECT TO YOUR CONTINUED COMPLIANCE WITH THE CONFIDENTIALITY AND USE RESTRICTIONS SET FORTH HEREIN.

D. YOU ACKNOWLEDGE THAT PCI SSC SHALL NOT HAVE AN ADEQUATE REMEDY IN THE EVENT THAT YOU BREACH OR THREATEN TO BREACH THE TERMS OF THIS AGREEMENT AND THAT PCI SSC WILL SUFFER IRREPARABLE DAMAGE AND INJURY IN SUCH EVENT, AND YOU AGREE THAT PCI SSC, IN ADDITION TO ANY OTHER AVAILABLE RIGHTS AND REMEDIES, SHALL BE ENTITLED TO SEEK EQUITABLE RELIEF AND AN INJUNCTION RESTRICTING YOU FROM COMMITTING OR CONTINUING ANY SUCH BREACH OR THREATENED BREACH.

4. INTELLECTUAL PROPERTY.

A. GENERAL. YOU ACKNOWLEDGE AND AGREE THAT, AS BETWEEN YOU AND PCI SSC, THE PORTAL, THE CONTENTS, ALL CONFIDENTIAL INFORMATION, ALL OTHER MATERIALS OR INFORMATION PROVIDED, COMMUNICATED OR OTHERWISE MADE ACCESSIBLE BY PCI SSC TO ANY OF THE PARTICIPANTS IN CONNECTION WITH THE GROUP AND/OR ACTIVITIES (WHETHER THROUGH THE PORTAL, ACTIVITIES OR OTHERWISE), AND ALL MATERIALS OR INFORMATION GENERATED THROUGH OR AS A RESULT OF THE ACTIVITIES (COLLECTIVELY, “PCI MATERIALS”), SHALL AT ALL TIMES BE THE EXCLUSIVE PROPERTY OF PCI SSC, AND NOTHING IN THIS AGREEMENT SHALL BE CONSTRUED TO CONVEY TO YOU ANY OWNERSHIP INTEREST IN ANY PCI MATERIALS OR ANY RIGHTS OTHER THAN THOSE EXPRESSLY GRANTED HEREIN. WITHOUT LIMITING THE FOREGOING, EXCEPT FOR THE RIGHTS EXPRESSLY GRANTED HEREIN, NEITHER THIS AGREEMENT NOR ANY DISCLOSURE OF PCI MATERIALS SHALL BE CONSTRUED TO GRANT ANY RIGHT OR LICENSE, BY IMPLICATION OR OTHERWISE, WITH RESPECT TO ANY PCI MATERIALS OR UNDER ANY OF PCI SSC’S COPYRIGHTS, TRADEMARKS OR OTHER INTELLECTUAL PROPERTY RIGHTS, AND ALL SUCH RIGHTS ARE EXPRESSLY RESERVED. UNLESS OTHERWISE EXPRESSLY AGREED BY PCI SSC IN WRITING, NO RIGHTS ARE GRANTED OR CONVEYED PURSUANT TO THIS AGREEMENT TO CREATE ANY DERIVATIVE WORK BASED UPON PCI MATERIALS OR ANY PORTION THEREOF, OR TO SUBLICENSE OR MODIFY PCI MATERIALS OR ANY PORTION THEREOF, OR TO OTHERWISE USE ANY PCI MATERIALS FOR ANY PURPOSE WHATSOEVER, EXCEPT FOR THE PERMITTED PURPOSE.

B. FEEDBACK. YOU HEREBY ACKNOWLEDGE AND AGREE THAT FROM TIME TO TIME YOU MAY (WHETHER DIRECTLY OR INDIRECTLY) PROVIDE, CONTRIBUTE, SUBMIT OR OTHERWISE MAKE AVAILABLE TO PCI SSC OR THE GROUP FEEDBACK, MATERIALS, COMMENTS, RECOMMENDATIONS, SUGGESTIONS, COMMUNICATIONS, IDEAS AND/OR OTHER MATERIALS OR INFORMATION RELATING TO CONFIDENTIAL INFORMATION, PCI MATERIALS, THE ACTIVITIES OR OTHER MATTERS PRESENTED TO OR ADDRESSED IN CONNECTION WITH THE GROUP OR THE ACTIVITIES (COLLECTIVELY, “FEEDBACK”). YOU SHALL RETAIN OWNERSHIP IN YOUR FEEDBACK, AND HEREBY GRANT TO PCI SSC A ROYALTY-FREE, FULLY PAID UP, NON-EXCLUSIVE, WORLDWIDE, PERPETUAL, IRREVOCABLE, TRANSFERRABLE, RIGHT AND LICENSE TO USE ANY AND ALL FEEDBACK (AND ALL INTELLECTUAL PROPERTY RIGHTS THEREIN) FOR ANY PURPOSE AND WITHOUT RESTRICTION, INCLUDING WITHOUT LIMITATION, THE RIGHT TO REPRODUCE, CREATE DERIVATIVE WORKS BASED UPON, DISCLOSE, DISTRIBUTE AND SUBLICENSE THE FEEDBACK OR ANY PORTION THEREOF FOR ANY PURPOSE AND WITHOUT RESTRICTION. YOU ALSO HEREBY ACKNOWLEDGE AND AGREE THAT (I) ALL STANDARDS, SPECIFICATIONS, MATERIALS OR OTHER WORKS DEVELOPED, DISCOVERED, GENERATED OR OTHERWISE CREATED BY PCI SSC, THE GROUP OR OTHERWISE AS PART OF THE ACTIVITIES (COLLECTIVELY, “WORK PRODUCT”) SHALL BE OWNED EXCLUSIVELY BY PCI SSC, (II) PCI SSC SHALL OWN THE COPYRIGHT IN SUCH WORK PRODUCT AND ANY AND ALL OTHER RIGHTS ASSOCIATED THEREWITH, INCLUDING WITHOUT LIMITATION, RIGHTS OF DISTRIBUTION, WHETHER OR NOT SUCH WORK PRODUCT MAY CONSTITUTE A DERIVATIVE WORK BASED UPON SUCH FEEDBACK, (III) PCI SSC SHALL HAVE THE RIGHT TO REGISTER THE COPYRIGHT IN ANY WORK PRODUCT IN ITS OWN NAME AND TO SUBLICENSE SUCH COPYRIGHTS TO OTHERS, IN EACH CASE, WITHOUT ANY NEED FOR ATTRIBUTION, ACCOUNTING OR REMUNERATION OF ANY KIND, (IV) AT THE REQUEST AND SOLE EXPENSE OF PCI SSC, YOU WILL COOPERATE WITH PCI SSC IN: (A) SEEKING OR INVOKING PROTECTION FOR THE APPLICABLE WORK PRODUCT’S COPYRIGHT UNDER APPLICABLE LAWS AND REGULATIONS RESPECTING THE REGISTRATION OF COPYRIGHTS AND (B) FILING OR CAUSING TO BE FILED A REGISTRATION OF THE COPYRIGHT OF SUCH WORK PRODUCT, IN THE PCI SSC’S NAME, TO ESTABLISH OR MEMORIALIZE PCI SSC’S OWNERSHIP THEREOF, AND (V) PCI SSC MAY, IN ITS SOLE DISCRETION, PROVIDE AUTHORSHIP ATTRIBUTION BY LISTING YOUR NAME IN CONNECTION WITH ANY FEEDBACK THAT YOU PROVIDE.

C. DEVELOPMENT GROUPS. TO THE EXTENT PCI SSC OR THE GROUP DEVELOPS OR MODIFIES ANY TECHNICAL STANDARD, SPECIFICATION OR SIMILAR WORK PRODUCT (EACH A “STANDARD”), YOU HEREBY: (I) IRREVOCABLY COVENANT AND AGREE NOT TO ASSERT OR SEEK TO ENFORCE ANY OF YOUR “NECESSARY CLAIMS” (DEFINED BELOW) AGAINST (A) PCI SSC FOR ANY REASON OR (B) AGAINST ANY PERSON OR ENTITY WITH RESPECT TO THOSE PORTIONS OF ANY PRODUCT OR SERVICE THAT IMPLEMENTS ANY VERSION OF THE STANDARD, PROVIDED THAT SUCH PRODUCT OR SERVICE HAS BEEN DEVELOPED BY A PERSON OR ENTITY THAT HAS ENTERED INTO, AND IS IN COMPLIANCE WITH, A LICENSE OR OTHER COMMITMENT, UNDERTAKING OR AGREEMENT WITH PCI SSC CONTAINING A SIMILAR COVENANT NOT TO ASSERT PATENT CLAIMS; AND (II) AGREE TO PROMPTLY NOTIFY PCI SSC IF YOU BECOME AWARE OF ANY (A) INFRINGEMENT OR POTENTIAL INFRINGEMENT BY ANY THIRD PARTY OF ANY COPYRIGHT IN ANY FEEDBACK THAT YOU PROVIDE OR ANY CORRESPONDING STANDARD, GIVING DETAILS OF THE INFRINGEMENT OR (B) THIRD PARTY CLAIM OF INFRINGEMENT BY SUCH FEEDBACK, ANY CORRESPONDING STANDARD, OR THE USE OR IMPLEMENTATION OF ANY OF THE FOREGOING; AND (III) FOR PURPOSES OF THE FOREGOING: (A) “NECESSARY CLAIMS” MEANS THOSE CLAIMS UNDER PATENTS, PATENT APPLICATIONS, CONTINUATIONS, DIVISIONALS, REEXAMINATIONS, REISSUES AND CONTINUATIONS-IN-PART THAT WOULD BE NECESSARILY INFRINGED (DEFINED BELOW) BY THE IMPLEMENTATION OF ANY ELEMENT OF THE STANDARD IN QUESTION, EXCLUDING (1) CLAIMS COVERING REFERENCE IMPLEMENTATIONS OR IMPLEMENTATION EXAMPLES; (2) CLAIMS THAT WOULD BE INFRINGED ONLY BY ANY ENABLING TECHNOLOGY THAT MAY BE NECESSARY TO MAKE OR USE ANY IMPLEMENTATION OF THE STANDARD IN QUESTION, BUT IS NOT EXPRESSLY SET FORTH IN SUCH STANDARD; AND (3) CLAIMS THAT WOULD BE INFRINGED ONLY BY AN IMPLEMENTATION THAT COMPLIES WITH A SPECIFICATION, REQUIREMENT OR STANDARD NOT DEVELOPED BY OR ON BEHALF OF PCI SSC BUT WHICH IS MERELY INCORPORATED BY REFERENCE INTO SUCH STANDARD; AND (B) “NECESSARILY INFRINGED” MEANS INFRINGEMENT BY AN IMPLEMENTATION OF AN ELEMENT OF THE STANDARD IN QUESTION, THERE BEING NO COMMERCIALLY AND TECHNICALLY REASONABLE ALTERNATIVE WAY TO IMPLEMENT THAT ELEMENT WITHOUT RESULTING IN SUCH INFRINGEMENT.

5. SUPPORT AND MAINTENANCE. PCI SSC SHALL HAVE NO OBLIGATION TO YOU OR TO ANY THIRD PARTY TO SUPPORT OR MAINTAIN THE GROUP, THE PORTAL, OR ANY ACTIVITIES, CONFIDENTIAL INFORMATION OR PCI MATERIALS.

6. NO WARRANTIES. THE CONFIDENTIAL INFORMATION, THE CONTENT, THE PORTAL, THE ACTIVITIES, AND ALL OTHER INFORMATION OR MATERIALS PROVIDED BY PCI SSC IN CONNECTION WITH THE GROUP OR THE ACTIVITIES ARE PROVIDED “AS IS”, AND PCI SSC HEREBY EXPRESSLY DISCLAIMS ANY AND ALL REPRESENTATIONS AND WARRANTIES OF ANY KIND RELATING TO ANY OF THE FOREGOING, WHETHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE, AND ANY WARRANTIES OF ACCURACY, COMPLETENESS, TITLE OR NONINFRINGEMENT OF THIRD PARTY RIGHTS. IN NO EVENT SHALL PCI SSC, ITS STATUTORY LIMITED LIABILITY COMPANY MEMBERS (“MEMBERS”), EMPLOYEES, REPRESENTATIVES, CONTRIBUTORS OR AGENTS BE LIABLE TO YOU OR ANY THIRD PARTY FOR ANY CLAIM, OR ANY DIRECT, SPECIAL, INDIRECT, INCIDENTAL, CONSEQUENTIAL, PUNITIVE OR OTHER DAMAGES WHATSOEVER, RESULTING FROM OR ARISING OUT OF OR IN CONNECTION WITH THIS AGREEMENT, THE GROUP, THE ACTIVITIES, THE PORTAL, THE CONTENTS, THE CONFIDENTIAL INFORMATION, OR ANY USE OR PORTION OF ANY OF THE FOREGOING, WHETHER IN AN ACTION OF TORT, CONTRACT, NEGLIGENCE, OTHER TORTIOUS ACTION OR OTHERWISE, AND REGARDLESS OF WHETHER PCI SSC HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. WITHOUT LIMITING THE GENERALITY OF THE FOREGOING, PCI SSC ASSUMES NO RESPONSIBILITY TO COMPILE, CONFIRM, UPDATE OR MAKE PUBLIC ANY THIRD PARTY ASSERTIONS OF PATENT OR OTHER INTELLECTUAL PROPERTY RIGHTS THAT MIGHT BE INFRINGED BY THE USE OR IMPLEMENTATION OF ANY OF THE CONFIDENTIAL INFORMATION, THE CONTENT, THE PORTAL, THE ACTIVITIES, OR ANY OTHER INFORMATION OR MATERIALS PROVIDED BY PCI SSC OR ANY OTHER PERSON OR ENTITY IN CONNECTION WITH THE GROUP OR THE ACTIVITIES. WITHOUT LIMITING THE FOREGOING, YOU ACKNOWLEDGE AND AGREE THAT SOME OR ALL OF THE CONFIDENTIAL INFORMATION MAY NOT HAVE NOT BEEN APPROVED FOR PUBLIC RELEASE, MAY BE IN DRAFT FORM, AND ULTIMATELY MAY DIFFER FROM THE FINAL VERSION(S) (IF ANY) RELEASED TO THE PUBLIC BY PCI SSC. ACCORDINGLY, YOU AGREE THAT YOU WILL NOT RELY ON THE CONFIDENTIAL INFORMATION FOR ANY PURPOSE WHATSOEVER.

7. TERMINATION. PCI SSC MAY SUSPEND OR TERMINATE THE GROUP, THE ACTIVITIES, THE PORTAL, YOUR ACCESS TO AND/OR PARTICIPATION IN ANY OF THE FOREGOING, AND/OR THIS AGREEMENT, UPON NOTICE AT ANY TIME AND FOR ANY OR NO REASON, AND NOTHING IN THIS AGREEMENT IS INTENDED OR SHOULD BE CONSTRUED TO GRANT TO YOU ANY RIGHT TO SUCH ACCESS OR PARTICIPATION. YOU MAY TERMINATE THIS AGREEMENT AND YOUR PARTICIPATION IN THE GROUP AND THE ACTIVITIES AT ANY TIME UPON WRITTEN NOTICE TO PCI SSC. UPON TERMINATION OF THIS AGREEMENT, THE PARTIES’ RESPECTIVE RIGHTS AND OBLIGATIONS PURSUANT TO SECTIONS 2B THROUGH 12 HEREOF SHALL SURVIVE.

8. INDEMNIFICATION. YOU SHALL INDEMNIFY, DEFEND AND HOLD HARMLESS PCI SSC AND ITS MEMBERS, AND THE OFFICERS, DIRECTORS, EMPLOYEES, REPRESENTATIVES AND AGENTS OF EACH OF THE FOREGOING, FROM AND AGAINST ANY AND ALL LOSSES, COSTS, DAMAGES, CLAIMS AND OTHER EXPENSES (INCLUDING REASONABLE ATTORNEYS' FEES) ARISING OUT OF ANY CLAIM BY ANY THIRD PARTY IN CONNECTION WITH YOUR USE OR DISCLOSURE OF THE CONFIDENTIAL INFORMATION IN BREACH OF THIS AGREEMENT.

9. EXPORT REGULATIONS. THE TECHNICAL DATA AND TECHNOLOGY INHERENT IN THE CONFIDENTIAL INFORMATION MAY BE SUBJECT TO U.S. OR FOREIGN EXPORT CONTROL LAWS, INCLUDING THE U.S. EXPORT ADMINISTRATION ACT AND ITS ASSOCIATED REGULATIONS, AND MAY BE SUBJECT TO EXPORT OR IMPORT LAWS AND/OR REGULATIONS IN OTHER COUNTRIES. YOU AGREE TO COMPLY STRICTLY WITH ALL SUCH LAWS AND REGULATIONS TO THE EXTENT APPLICABLE IN CONNECTION WITH YOUR USE OF THE CONFIDENTIAL INFORMATION, AND YOU ACKNOWLEDGE THAT YOU ARE SOLELY RESPONSIBLE FOR OBTAINING ALL LICENSES, PERMITS AND OTHER AUTHORIZATIONS TO THE EXTENT REQUIRED IN ORDER FOR YOU TO COMPLY WITH SUCH LAWS AND REGULATIONS OR EXPORT, RE-EXPORT OR IMPORT CONFIDENTIAL INFORMATION IN CONNECTION WITH SUCH USE.

10. GOVERNMENT RESTRICTIONS. WITHOUT LIMITING THE RESTRICTIONS SET FORTH HEREIN, THE USE, DUPLICATION OR DISCLOSURE OF THE CONFIDENTIAL INFORMATION BY THE UNITED STATES GOVERNMENT MAY FURTHER BE SUBJECT TO RESTRICTIONS SET FORTH IN THE RIGHTS IN TECHNICAL DATA AND COMPUTER SOFTWARE CLAUSES IN DFARS 252.227-7013(C)(1)(II) AND/OR FAR 52.227-19(A) THROUGH (D) AS APPLICABLE (AND/OR SIMILAR OR SUCCESSOR REGULATIONS OR REQUIREMENTS), AND YOU AGREE TO COMPLY WITH ALL SUCH REGULATIONS AND REQUIREMENTS TO THE EXTENT APPLICABLE.

11. PERSONAL DATA (THAT IS, INFORMATION RELATING TO AN IDENTIFIED OR IDENTIFIABLE NATURAL PERSON) (“PERSONAL DATA”) THAT YOU SUBMIT IN CONNECTION WITH THIS AGREEMENT, THE GROUP OR THE ACTIVITIES IS GOVERNED BY THE PCI SSC PRIVACY POLICY. IF YOU ARE A RESIDENT OF OR ARE LOCATED IN THE EUROPEAN UNION OR EUROPEAN ECONOMIC AREA (“EEA”), YOU MAY HAVE CERTAIN RIGHTS UNDER THE GENERAL DATA PROTECTION REGULATION (“GDPR”). CONTACT THE PCI SECURITY STANDARDS’ COUNCIL, THROUGH ITS DATA PROTECTION PROGRAM AT DATAPRIVACY@PCISECURITYSTANDARDS.ORG, IF YOU HAVE CONCERNS REGARDING YOUR PERSONAL DATA, OR WISH TO EXERCISE ANY OF YOUR RIGHTS UNDER THE GDPR.

12. MISCELLANEOUS. ALL NOTICES REQUIRED HEREUNDER MUST BE IN WRITING, AND SHALL BE DEEMED EFFECTIVE FIVE DAYS FROM DEPOSIT IN THE MAILS. NOTICES AND CORRESPONDENCE TO (A) PCI SSC MUST BE SENT TO PCI SECURITY STANDARDS COUNCIL AT 401 EDGEWATER PLACE, SUITE 600, WAKEFIELD, MA 01880, ATTENTION: CHIEF OPERATING OFFICER, AND (B) TO YOU SHALL BE SENT TO YOU AT YOUR MOST RECENT ADDRESS ON RECORD WITH PCI SSC. EITHER PARTY MAY CHANGE ITS ADDRESS OR CONTACT FOR NOTICE PURPOSES BY NOTICE IN ACCORDANCE WITH THE PRECEDING SENTENCE. NOTWITHSTANDING ANYTHING TO THE CONTRARY HEREIN, PCI SSC MAY PROVIDE ANY NOTICE TO YOU HEREUNDER EITHER BY ELECTRONIC MAIL TRANSMISSION (WHICH, SHALL BE DEEMED EFFECTIVE UPON ELECTRONIC TRANSMISSION CONFIRMATION OR DELIVERY RECEIPT) OR BY POSTING TO THE PORTAL OR YOUR PORTAL ACCOUNT (WHICH SHALL BE DEEMED EFFECTIVE UPON YOUR USE OF OR ACCESS TO THE PORTAL AFTER SUCH POSTING). THIS AGREEMENT SHALL BE CONSTRUED AND INTERPRETED UNDER THE INTERNAL LAWS OF THE STATE OF DELAWARE, WITHOUT GIVING EFFECT TO ITS PRINCIPLES OF CONFLICT OF LAW. THIS AGREEMENT, TOGETHER WITH THE TERMS AND CONDITIONS AND PRIVACY POLICY (EACH OF WHICH IS HEREBY INCORPORATED INTO THIS AGREEMENT BY REFERENCE), CONSTITUTE THE ENTIRE AGREEMENT AND UNDERSTANDING BETWEEN YOU AND PCI SSC REGARDING THE SUBJECT MATTER HEREOF. PCI SSC MAY AMEND OR MODIFY THIS AGREEMENT AT ANY TIME BY EITHER PROVIDING NOTICE BY ELECTRONIC MAIL (TO THE EMAIL ADDRESS OF YOUR PRIMARY REPRESENTATIVE IN THE GROUP) OR POSTING REVISED TERMS ON THE PORTAL, AS APPLICABLE, AND SUCH AMENDMENT OR MODIFICATION SHALL BE EFFECTIVE IMMEDIATELY UPON SUCH NOTICE OR POSTING. EXCEPT AS OTHERWISE PROVIDED IN THE PRECEDING SENTENCE, NO AMENDMENT OR MODIFICATION TO THIS AGREEMENT SHALL BE BINDING UNLESS IN A WRITING SIGNED BY BOTH PARTIES, AND NO WAIVER OF ANY TERM OR BREACH OF ANY TERM HEREOF SHALL BE EFFECTIVE UNLESS IN WRITING OR BE DEEMED TO WAIVE ANY OTHER OR SUBSEQUENT TERM OR BREACH. IF ANY PROVISION HEREOF IS HELD BY A COURT OF COMPETENT JURISDICTION TO BE INVALID, ILLEGAL OR UNENFORCEABLE, SUCH PROVISION SHALL BE OMITTED AND THE REMAINING TERMS SHALL REMAIN IN FULL FORCE AND EFFECT. TO THE EXTENT OF ANY CONFLICT BETWEEN THE EXPRESS TERMS OF THIS AGREEMENT AND THE TERMS AND CONDITIONS ON THE WEB SITE, THIS AGREEMENT SHALL PREVAIL WITH RESPECT TO MATTERS RELATING TO, AND ANY FEEDBACK OR OTHER MATERIALS OR INFORMATION MADE AVAILABLE TO OR BY YOU THROUGH OR IN CONNECTION WITH THE GROUP, THE PORTAL OR ANY OF THE ACTIVITIES. THIS AGREEMENT MAY BE EXECUTED IN ONE OR MORE COUNTERPARTS, INCLUDING EXECUTION VIA FACSIMILE, EACH OF WHICH SHALL FOR ALL INTENT AND PURPOSES BE DEEMED TO BE AN ORIGINAL AND ALL OF WHICH SHALL CONSTITUTE THE SAME INSTRUMENT.