Terms of Service

3.1 Grant

Subject to the terms of this Agreement and timely payment of applicable fees, Pvotal grants Customer a limited, non-exclusive, non-transferable, non-sublicensable license to:
‍
(a) Access Infrastream Hub for the purpose of managing licenses, downloading Software Artifacts, and administering deployment upgrades
‍
(b) Download, install, and operate Infrastream Software Artifacts within Customer Infrastructure for Customer's internal business operations
‍
(c) Access and use Pvotal's documentation at docs.infrastream.io

3.2 License Key

Pvotal will issue Customer a License Key tied to the cloud organization identifier(s) specified in the Order Form. The License Key:
‍
● authorizes Infrastream to run within the designated Customer Infrastructure
● is non-transferable; it must not be used in any environment other than that specified in the Order Form without prior written consent from Pvotal
● may be remotely revoked in accordance with Section 14 by Pvotal upon termination of the Subscription or material breach of this Agreement

3.3 Restrictions

Customer shall not, and shall not permit any third party to:
‍
(a) Reverse engineer, decompile, or disassemble any compiled Infrastream binary or container image, except where expressly permitted by applicable open-source licenses
‍
(b) Remove, alter, or obscure cryptographic signatures, license key validation routines, or proprietary notices embedded in Software Artifacts
‍
(c) Redistribute, resell, sublicense, rent, or otherwise transfer Software Artifacts or License Keys to any third party without Pvotal's prior written consent
‍
(d) Use Infrastream to build a directly competing infrastructure automation product
‍
(e) Use Infrastream Hub in a way that interferes with or degrades Pvotal's infrastructure or other customers' access
‍
(f) Share License Keys or Hub authentication credentials outside of Customer's organization
‍
(g) Use Software Artifacts outside the Customer Infrastructure scope specified in the Order Form

4.1 Hub Access

Infrastream Hub is accessed by Authorized Users via OpenID Connect (OIDC) using Customer's configured identity provider. Customer is responsible for:
‍
● Configuring and maintaining the OIDC integration with Customer's identity provider
● Managing Authorized User access, including prompt revocation upon role change or employment termination
● Ensuring Authorized Users comply with this Agreement

4.2 Hub Features

Infrastream Hub provides:
‍
● License Management: View, validate, and manage License Keys
● Artifact Downloads: Access signed Software Artifacts, release notes, and changelogs
● Upgrade Management: Initiate and monitor version upgrades to Customer's Infrastream deployment from within the Hub
● Account Management: Billing, subscription, and organizational settings

4.3 Hub Availability

Pvotal will use commercially reasonable efforts to maintain Hub availability per the SLA referenced in the applicable Order Form. Hub downtime does not affect Customer's running Infrastream deployment, which operates independently within Customer Infrastructure.
‍
Pvotal will not materially reduce the uptime commitments or service credit structure applicable to Customer under the SLA during the then‑current Subscription Term, except as required by applicable law or agreed in writing with Customer.
‍
For Subscription Terms governed by an executed Order Form, the SLA referenced in such Order Form (or as attached to it) will apply for that Subscription Term, subject to the preceding sentence.

4A.1 Availability and Access

Paid customers are provided access to the Infrastream Onboarding Portal at onboard.pvotal.tech as part of their subscription or a separately contracted onboarding engagement. Access is project-scoped and limited to named Customer stakeholders invited by Pvotal.

4A.2 Rocketlane-Powered Delivery

The Onboarding Portal is delivered using Rocketlane, a third-party project management and client onboarding platform. Customer acknowledges that:
‍
● Project data, milestones, communications, and uploaded documents are processed by Rocketlane as a Pvotal sub-processor
● Rocketlane's platform terms apply at the infrastructure layer; Pvotal remains the data controller for Customer data in the portal
● Customer stakeholders will interact directly with the Rocketlane-hosted interface under invitation from Pvotal

4A.3 Scope of Onboarding Services

Onboarding Portal communications and deliverables constitute Professional Services unless otherwise specified. The portal does not replace or supersede SLA commitments for Infrastream Hub or the Software. Milestone commitments and deliverables are binding only as specified in a separately executed Statement of Work (SOW) or Order Form.

4A.4 Customer Onboarding Responsibilities

Customer agrees to:
‍
● Designate a named internal project lead with authority to make onboarding decisions
● Respond to Pvotal requests for context, access approvals, or stakeholder availability within agreed timelines
● Not upload cloud credentials, secrets, private keys, or data classified above "Confidential" to the portal without prior written agreement

4B.1 Nature of Community Support

Pvotal operates an Infrastream developer community on Discord at discord.gg/infrastream. The Community Platform provides:
‍
● Peer-to-peer support among Infrastream users and evaluators
● Official release announcements and changelog discussions
● Best-effort engagement from Pvotal engineering and developer relations staff
‍
Community Platform support is not covered by any SLA. Responses from Pvotal staff in Discord channels are goodwill-based and are not contractual commitments. Customers requiring guaranteed response times must use official support channels as defined in their Order Form.

4B.2 Community Conduct

All participants in the Infrastream Discord agree to:
‍
● Treat all members and Pvotal staff with respect; harassment, discrimination, and abusive conduct are strictly prohibited and will result in immediate removal
● Not share Pvotal Confidential Information, proprietary source code, or unreleased documentation in any channel
● Not post cloud credentials, API keys, secrets, or Customer Infrastructure data in any channel
● Not use the server for commercial advertising, recruitment, or promotion of competing products
● Not impersonate Pvotal staff, engineers, or other community members
● Comply with Discord's Terms of Service and Community Guidelines
‍
Pvotal reserves the right to remove any participant from the Discord server for conduct violations without prior notice and without liability.

4C.1 Responsible Disclosure Program

Pvotal operates a responsible disclosure program for security vulnerabilities affecting Pvotal-operated surfaces: Infrastream Hub (hub.infrastream.io), the Onboarding Portal (onboard.pvotal.tech), and the Pvotal artifact registry.
To report a vulnerability:
‍
● Email report-vulnerabilities@pvotal.tech
● Encrypt your report with Pvotal's public GPG key available on keys.openpgp.org and keyserver.ubuntu.com (search fingerprint for report-vulnerabilities@pvotal.tech)
● Include: affected surface and URL, reproduction steps, potential impact assessment, and your contact information

4C.2 Safe Harbor

Pvotal will not initiate civil or criminal proceedings against security researchers who:
‍
● Discover and report vulnerabilities in good faith in accordance with this policy
● Do not access, exfiltrate, modify, or destroy data beyond the minimum necessary to demonstrate the vulnerability
● Do not disrupt Hub availability or degrade service for other users
● Do not exploit the vulnerability or disclose it publicly before Pvotal has had reasonable time to remediate (90 days maximum from the moment Pvotal acknowledges having received the vulnerability report)
‍
This safe harbor does not apply to vulnerabilities in Customer-operated Infrastream deployments, which run entirely within customer infrastructure and are not operated by Pvotal.

4C.3 Response Commitments

4C.4 Scope and Rewards

In scope: Infrastream Hub, onboard.pvotal.tech, artifact registry (hub-hosted)
Out of scope: Customer-operated Infrastream deployments, denial-of-service attacks, social engineering, physical security, and findings in third-party components without a demonstrated impact on Pvotal-operated surfaces

Pvotal publicly acknowledges confirmed reporters in our security hall of fame. Monetary rewards are evaluated on a case-by-case basis depending on severity and impact.

4D.1 Security Standards

Infrastream Hub is designed and operated using security controls that are intended to align with the following standards and frameworks

These descriptions are provided for informational purposes only and do not create any additional warranties beyond those expressly set forth in Section 11

4D.2 Data Residency

Infrastream Hub data is hosted on Google Cloud Platform in the United States (multi-region). Enterprise customers requiring data residency in the EU or specific regions should contact legal@pvotal.tech to discuss available options.

4D.3 Penetration Testing

Pvotal conducts periodic third-party penetration tests against Infrastream Hub. Executive summaries are available to Enterprise customers under a non-disclosure agreement. Contact info@pvotal.tech to request the latest report.

4D.4 Security Documentation

Additional information about Pvotal’s security controls and architecture is available in the Security Framework documentation at docs.infrastream.io/architecture/security-framework. Such documentation is provided for informational purposes only and does not form part of this Agreement, except to the extent expressly referenced in a mutually executed Order Form or Statement of Work.

5.1 Customer Ownership and Control

Customer is solely responsible for:
‍
● Provisioning, securing, and operating all Customer Infrastructure components on which Infrastream runs
● Managing GCP (or other cloud) credentials, Workload Identity configurations, and service accounts used by the Infrastream Engine
● The configuration and security of Customer VCS, including branch protection and access controls
● All costs incurred on Customer's cloud accounts resulting from Infrastream operations

5.2 Manifest Responsibility

Infrastream executes infrastructure operations based on Customer Manifests. Customer acknowledges and agrees that:
‍
● Customer Manifests are authored, version-controlled, and maintained exclusively by Customer
● Pvotal has no visibility into, or responsibility for, the content of Customer Manifests
● A git push to Customer's designated branch triggers real API calls against Customer's cloud accounts that create, modify, or destroy cloud resources
● Customer is solely responsible for the correctness, authorization, and consequences of all Customer Manifests

5.3 AI Agent

Where Customer uses Infrastream's AI Agent feature (operating within Customer Infrastructure):
‍
● The AI Agent proposes manifest changes based on in-context analysis within Customer Infrastructure
● All AI-proposed changes require explicit Human-in-the-Loop (HITL) approval by an Authorized User before execution
● Pvotal has no visibility into AI Agent prompts, proposals, or HITL decisions
● Customer assumes all responsibility for infrastructure changes resulting from AI Agent proposals that are reviewed and approved by Customer's Authorized Users

5.4 VCS and GitHub/GitLab Integration

Customer's Infrastream deployment connects to Customer VCS (GitHub, GitLab, or equivalent) using credentials configured and controlled by Customer. This connection is direct from Customer Infrastructure to Customer VCS — it does not route through Pvotal systems. Pvotal has no access to Customer repositories, commits, pull requests, or CODEOWNERS configurations.

5.5 Security Within Customer Infrastructure

The security posture of Customer's Infrastream deployment is Customer's responsibility. Pvotal's Security Framework documentation at docs.infrastream.io/architecture/security-framework provides recommended controls and best practices. Customer is encouraged to implement:
‍
● CODEOWNERS enforcement in Customer VCS for manifest governance
● MFA for all Authorized Users
● Least-privilege IAM policies within Customer's cloud organization

6.1 Artifact Integrity

All Software Artifacts distributed via Infrastream Hub are cryptographically signed by Pvotal. Customer should verify artifact signatures before deploying into Customer Infrastructure. Signature verification instructions are provided in the Documentation.

6.2 Updates and Upgrades

During the Subscription Term, Pvotal will make available via Infrastream Hub:
‍
● Bug fix releases
● Security patches
● Feature releases and major version upgrades
‍
Pvotal strongly recommends that Customers apply security patches promptly. Pvotal is not responsible for vulnerabilities arising from Customer's failure to apply available patches.

6.3 End of Life

Pvotal will provide at least 180 days' written notice before ending support for any major version of Infrastream. End-of-life versions will no longer receive security patches after the stated date.

7.1 Fees

Customer agrees to pay fees as specified in the applicable Order Form. Unless otherwise stated:
‍
● Subscription fees are invoiced annually in advance
● Professional Services fees are invoiced monthly in arrears

7.2 Payment Terms

Payment is due within 30 days of the invoice date. Overdue amounts accrue interest at 1.5% per month or the maximum rate permitted by law, whichever is lower.

7.3 Taxes

Fees are exclusive of applicable taxes. Customer is responsible for all sales, use, VAT, GST, withholding, or similar taxes, excluding taxes on Pvotal's net income.

7.4 Fee Adjustments

Pvotal may adjust fees at renewal on 90 days' written notice prior to the renewal term start date.

7.5 Refunds

Fees are non-refundable except: (a) material breach by Pvotal that gives rise to Customer’s termination rights under Section 14.2; (b) SLA credits as specified in the applicable SLA; or (c) as required by applicable law.
Any service credits issued under an applicable SLA are Customer’s sole and exclusive remedy for the performance issues covered by that SLA and will in no event exceed, in aggregate for any billing period, the fees paid or payable by Customer for the affected Services for that billing period.

8.1 Pvotal's Data Access

For purposes of this Agreement, “Hub Data” means account information, authentication and usage metadata, billing details, and other data that Customer or its Authorized Users submit to or generate within Infrastream Hub. Pvotal’s data access is limited to data processed through Infrastream Hub as described in the Pvotal Privacy Policy available at pvotal.tech/privacy. Pvotal does not receive, access, or process Customer Manifests, infrastructure state, deployment data, or any data processed by Infrastream within Customer Infrastructure.
‍
Data subject requests (such as access, correction, or deletion) relating to Hub Data will be handled by Pvotal in accordance with its Privacy Policy and applicable data protection laws. Customer is responsible for responding to any such requests relating to personal data within Customer Infrastructure.

8.2 Roles of the Parties

For Hub Account Data and other personal data that Pvotal determines the purposes and means of processing (for example, billing contact data and product usage metadata at the Hub level), Pvotal acts as an independent controller. For any personal data that Pvotal processes solely on behalf of Customer and in accordance with Customer’s documented instructions (if any), Pvotal acts as a processor. For enterprise customers in the EEA or UK, a Data Processing Agreement (DPA) for Hub Account Data is available upon request at legal@pvotal.tech.

8.3 Data Processing Agreement

Where and to the extent Pvotal processes personal data as a processor on behalf of Customer subject to GDPR, UK GDPR, or similar data protection laws, the parties agree that the Pvotal Data Processing Agreement (“DPA”), available upon request at legal@pvotal.tech and, where applicable, at pvotal.tech/legal/dpa (or such other URL as Pvotal may designate), is hereby incorporated by reference and will govern such processing. In the event of conflict between the DPA and this Agreement with respect to such processing, the DPA will control. Customer may request to execute the then‑current DPA once, and such executed DPA will govern all processing of personal data where Pvotal acts as a processor for Customer unless the parties agree otherwise in writing.
‍
For Subscription Terms governed by an executed Order Form, the version of the DPA referenced in that Order Form or executed between the parties will continue to apply for that Subscription Term, unless the parties agree otherwise in writing or an update is required to comply with applicable law.

8.4 Security Incidents

Pvotal will maintain commercially reasonable administrative, technical, and physical safeguards designed to protect Hub Data against unauthorized access, use, or disclosure. In the event Pvotal becomes aware of any unauthorized access to Hub Data stored on Pvotal‑controlled systems that results in actual or reasonably suspected compromise of such data (a “Security Incident”), Pvotal will: (a) notify Customer without undue delay after confirmation of the Security Incident; (b) describe, to the extent known, the nature of the Security Incident and the categories of Hub Data affected; and (c) take commercially reasonable steps to contain, investigate, and remediate the Security Incident. Pvotal’s obligations under this Section 8.4 do not apply to incidents limited to Customer Infrastructure, which remains Customer’s responsibility.

8.5 Subprocessors

Pvotal may engage third‑party service providers (“Subprocessors”) to process Hub Data in connection with providing the Services. Pvotal shall remain responsible for the performance of its Subprocessors and will impose data protection obligations on Subprocessors that are materially no less protective than those set out in this Agreement. Upon request, Pvotal will provide Customer with a list of then‑current Subprocessors for Hub Data and, where available, will maintain a current list at pvotal.tech/legal/subprocessors (or such other URL as Pvotal may designate). Pvotal will provide notice (which may be via Infrastream Hub or email) of any addition of a new Subprocessor that will process Hub Data. Customer may object on reasonable data protection grounds by providing written notice within 30 days, and the parties will work in good faith to address Customer’s concerns.

8.6 Security Assurance

Upon Customer’s written request no more than once per twelve (12) month period, Pvotal will make available to Customer (or Customer’s independent, confidentially bound auditor) then‑current information reasonably necessary to demonstrate Pvotal’s compliance with its security obligations under this Agreement, which may include summary audit reports (such as SOC 2) or third‑party penetration test summaries, subject to reasonable confidentiality restrictions. Any additional audits or assessments requested by Customer beyond the provision of such information will be subject to Pvotal’s prior written consent and may be conditioned on reimbursement of Pvotal’s reasonable costs.

8.7 Regulatory Cooperation

To the extent required by applicable law and subject to confidentiality obligations, each party will reasonably cooperate with the other in connection with any inquiries or investigations by a competent data protection authority or other regulatory body that relate primarily to the Services and Customer’s use of them. Nothing in this Section 8.7 requires either party to disclose information that is legally privileged or competitively sensitive.

9.1 Pvotal IP

Pvotal retains all right, title, and interest in and to: Infrastream software (source code, compiled binaries, container images), the JIT DAG resolution engine, the Manifest Driven Secure Execution (MDSE) model, Infrastream Hub, all documentation, trademarks, and proprietary methodologies ("Pvotal IP"). This Agreement grants Customer only the limited license in Section 3 and no other rights in or to Pvotal IP.

9.2 Customer IP

Customer retains all right, title, and interest in and to Customer Manifests, Customer VCS content, and all infrastructure definitions authored by Customer. Pvotal claims no rights whatsoever in Customer Manifests or Customer Infrastructure.

9.3 Feedback

If Customer provides Feedback (suggestions, bug reports, feature requests), Customer grants Pvotal a perpetual, irrevocable, royalty-free license to use such Feedback to improve the Services, without obligation of confidentiality or compensation.

9.4 Open Source Components

Portions of Infrastream may include open-source software components. A list of open-source dependencies and their applicable licenses is provided in the Documentation and distributed with each Software Artifact release. Nothing in this Agreement restricts Customer's rights under applicable open-source licenses.

9.5 Professional Services Deliverables

Unless otherwise specified in an applicableStatement of Work or Order Form, Pvotal retains all right, title, and interestin and to any deliverables, configurations, templates, or other materialscreated or provided in connection with Professional Services, including anyimprovements to Pvotal IP (“PS Deliverables”). Subject to Customer’s payment ofapplicable fees, Pvotal grants Customer a non‑exclusive, worldwide,royalty‑free, non‑transferable license (without right to sublicense) to use PSDeliverables during the Subscription Term solely in connection with Customer’sauthorized use of the Services. Customer retains all right, title, and interestin and to its pre‑existing materials and Customer Manifests used in connectionwith the Professional Services.

10.1 Definition

"Confidential Information" means non-public information disclosed by one party to the other that is designated as confidential or should reasonably be understood to be confidential given the context. Pvotal's Confidential Information includes pricing, product roadmaps, and source code. Customer's Confidential Information includes Hub account details and the terms of any Order Form.
‍
Note: Customer Manifests are not disclosed to Pvotal; they are Customer property residing entirely within Customer systems and are therefore not subject to Pvotal's confidentiality obligations.

10.2 Obligations

Each party shall: (a) protect Confidential Information with at least the same care used for its own confidential information (no less than reasonable care); (b) not disclose to third parties without prior written consent; and (c) use solely to exercise rights or perform obligations under this Agreement.

10.3 Exceptions

Confidentiality obligations do not apply to information that: (a) becomes publicly known through no breach of this Agreement; (b) was rightfully known before disclosure; (c) is independently developed; or (d) must be disclosed by law (with prompt notice to the other party where legally permissible).

11.1 Pvotal Warranties

Pvotal warrants that:
‍
● Infrastream Hub will materially conform to the Documentation during the Subscription Term
● Software Artifacts distributed by Pvotal are free from known malware at the time of distribution
● Pvotal has the right to grant the licenses in Section 3

11.2 Customer Warranties

Customer warrants that:
‍
● It has authority to enter into this Agreement
● Its use of the Services complies with applicable law
● Customer Manifests do not infringe third-party intellectual property rights

11.3 Disclaimer

EXCEPT AS EXPRESSLY SET FORTH IN SECTION 11.1, THE SERVICES AND SOFTWARE ARTIFACTS ARE PROVIDED "AS IS" AND "AS AVAILABLE." PVOTAL EXPRESSLY DISCLAIMS ALL WARRANTIES, EXPRESS, IMPLIED, OR STATUTORY, INCLUDING ANY IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT, AND ANY WARRANTIES ARISING FROM COURSE OF DEALING OR USAGE OF TRADE.
PVOTAL DOES NOT WARRANT THAT INFRASTREAM WILL BE ERROR-FREE OR THAT ITS OPERATION WITHIN CUSTOMER INFRASTRUCTURE WILL BE UNINTERRUPTED. CUSTOMER ASSUMES SOLE RESPONSIBILITY FOR THE OPERATION OF INFRASTREAM WITHIN CUSTOMER INFRASTRUCTURE AND ALL CONSEQUENCES OF INFRASTRUCTURE CHANGES EXECUTED BY INFRASTREAM BASED ON CUSTOMER MANIFESTS.

11.4 Insurance

During the Subscription Term, Pvotal will maintain commercially reasonable insurance coverage, which may include some or all of technology errors and omissions, cyber liability, and general commercial liability, with coverage limits appropriate for a company of its size and stage. Upon Customer’s written request and where customary in the ordinary course of business, Pvotal will provide a certificate of insurance evidencing such coverage.

12.1 Exclusion of Consequential Damages

TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, IN NO EVENT SHALL EITHER PARTY BE LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, PUNITIVE, OR EXEMPLARY DAMAGES, INCLUDING LOSS OF REVENUE, PROFITS, BUSINESS, DATA, OR COST OF SUBSTITUTE SERVICES, EVEN IF ADVISED OF THE POSSIBILITY THEREOF.

12.2 Aggregate Cap

PVOTAL'S TOTAL AGGREGATE LIABILITY ARISING OUT OF OR IN CONNECTION WITH THIS AGREEMENT SHALL NOT EXCEED THE TOTAL FEES PAID BY CUSTOMER TO PVOTAL IN THE TWELVE (12) MONTHS IMMEDIATELY PRECEDING THE CLAIM.

12.3 Exceptions

Sections 12.1 and 12.2 do not apply to:

(a) indemnification obligations under Section 13;
(b) breach of confidentiality;
(c) wilful misconduct or gross negligence; or (d) liability that cannot be excluded under applicable law.
‍
Notwithstanding the foregoing, Pvotal’s total aggregate liability arising from a Security Incident (as defined in Section 8.4) affecting Hub Data shall not exceed three (3) times the total fees paid by Customer to Pvotal in the twelve (12) months immediately preceding the Security Incident. For clarity, the exclusion of indirect and consequential damages in Section 12.1 continues to apply to Security Incidents, except for reasonable third‑party costs that Customer is required to incur by applicable law in connection with investigation, notification, and mitigation of such Security Incident, which may be recovered (if otherwise payable) within the foregoing cap.

13.1 Pvotal Indemnification - IP Infringement

Pvotal shall defend and indemnify Customer against any third‑party claim that the Software Artifacts, as distributed by Pvotal (unmodified), infringe any copyright, patent, or trade secret of such third party, and shall pay any final court‑awarded damages or settlement amounts approved by Pvotal, provided that Customer:
‍
(a) gives Pvotal prompt written notice of the claim;
(b) grants Pvotal sole control of the defense and settlement (except that Pvotal may not settle any claim that imposes a monetary obligation on Customer without Customer’s consent, not unreasonably withheld); and
(c) provides reasonable cooperation at Pvotal’s expense. Pvotal has no obligation for claims arising from: (i) Customer Manifests or Customer Infrastructure operations; (ii) Customer’s modifications to Software Artifacts; or (iii) combinations with third‑party tools not provided by Pvotal.

If a claim covered by this Section 13.1 is made or, in Pvotal’s reasonable opinion, is likely to be made, Pvotal may, at its option and expense:
‍
(1) procure for Customer the right to continue using the affected Software Artifacts;
(2) modify or replace the Software Artifacts so they are no longer infringing but are substantially functionally equivalent; or
(3) if options (1) and (2) are not commercially reasonable, terminate the applicable Order Form and refund to Customer any prepaid, unused fees for the remainder of the Subscription Term.

This Section 13.1 states Customer’s exclusive remedy and Pvotal’s sole liability for any third‑party intellectual property infringement claims relating to the Software Artifacts.

13.2 Customer Indemnification

Customer shall defend and indemnify Pvotal against third-party claims arising from: (a) Customer Manifests or Customer Infrastructure operations; (b) Customer's violation of this Agreement; (c) Customer's breach of applicable law; or (d) Customer's unauthorized use of Software Artifacts.

14.1 Term

This Agreement commences on the Effective Date and continues for the Subscription Term in the Order Form, auto-renewing for successive equal periods unless either party gives written notice of non-renewal at least 60 days before term end.

14.2 Termination for Cause

Either party may terminate immediately upon written notice if the other: (a) materially breaches and fails to cure within 30 days of written notice; or (b) becomes insolvent or subject to bankruptcy proceedings.

14.3 Termination for Convenience

Customer may terminate with 30 days' written notice (no refund of prepaid fees except per Section 7.5). Pvotal may terminate with 90 days' written notice, in which case Pvotal shall pro-rata refund prepaid, unused fees.

14.4 Effect of Termination

Upon termination or expiration of this Agreement:

(a) all licenses granted to Customer under this Agreement will terminate as of the effective date of termination, except as expressly provided in this Section 14.4;
(b) Customer must cease use of Infrastream Hub; and
(c) Pvotal will revoke the License Key following any applicable wind‑down period.
‍
Notwithstanding the foregoing, unless this Agreement is terminated by Pvotal for Customer’s uncured material breach, Pvotal will grant Customer a limited, non‑transferable, non‑sublicensable license to continue using the then‑installed Software Artifacts within Customer Infrastructure solely for transition and migration purposes for a period of up to thirty (30) days after the effective date of termination (the “Wind‑Down Period”). During the Wind‑Down Period, the limitations of liability and disclaimers in this Agreement will continue to apply, and Pvotal shall have no obligation to provide Updates, Upgrades, or Support. At the end of the Wind‑Down Period, Customer shall destroy or decommission all deployed Software Artifacts within Customer Infrastructure and certify such destruction upon Pvotal’s reasonable request. Sections 9, 10, 11, 12, 13, and 15 survive termination or expiration.

Any refunds payable to Customer in connection with termination will be issued in accordance with Section 7.5 and, where applicable, Section 13.1.

14.5 Suspension

Pvotal may temporarily suspend Customer’s access to Infrastream Hub or the validity of any License Key, in whole or in part, if: (a) Customer is more than 30 days overdue on any undisputed payment; (b) Pvotal reasonably determines that Customer’s use of the Services poses a security risk to the Services or any third party, or may subject Pvotal to liability; or (c) Customer is in material breach of this Agreement. Pvotal will use commercially reasonable efforts to provide prior notice of any suspension and to limit the suspension in scope and duration to the extent necessary to address the underlying issue. Any suspension will not relieve Customer of its payment obligations.

15.1 Governing Law

This Agreement is governed by and construed in accordance with the laws of the State of Delaware, United States, without regard to conflict of law principles. Each party submits to the exclusive jurisdiction of the state and federal courts located in Delaware, except that either party may seek injunctive relief in any court of competent jurisdiction.

15.2 Dispute Resolution

The parties agree to attempt good-faith resolution of any dispute for 30 days before initiating formal proceedings.

15.3 Export Compliance

Each party shall comply with all applicable export control and economic sanctions laws and regulations, including those of the United States (such as the Export Administration Regulations) and any other applicable jurisdictions. Customer shall not export or re‑export the Software Artifacts or access to Infrastream Hub to any prohibited country, entity, or individual, or for any prohibited end use, under such laws. Pvotal represents that, to its knowledge, the Services are not designed for use in connection with activities prohibited under applicable export control or sanctions laws.

15.4 Entire Agreement

This Agreement, together with all Order Forms, applicable SLAs, DPAs, and Statements of Work, constitutes the entire agreement between the parties and supersedes all prior proposals, negotiations, and agreements.

15.5 Order of Precedence

Pvotal may temporarily suspend Customer’s access to Infrastream Hub or the validity of any License Key, in whole or in part, if: (a) Customer is more than 30 days overdue on any undisputed payment; (b) Pvotal reasonably determines that Customer’s use of the Services poses a security risk to the Services or any third party, or may subject Pvotal to liability; or (c) Customer is in material breach of this Agreement. Pvotal will use commercially reasonable efforts to provide prior notice of any suspension and to limit the suspension in scope and duration to the extent necessary to address the underlying issue. Any suspension will not relieve Customer of its payment obligations.

15.6 Amendment

Pvotal may amend these Terms on 30 days’ written notice via Infrastream Hub or email. Material changes will not apply to active, prepaid Subscription Terms unless required by law. For Subscription Terms governed by an executed Order Form, the version of these Terms in effect as of the Order Form effective date will continue to apply for that Subscription Term, unless the parties agree otherwise in writing.

15.7 Assignment

Customer may not assign or transfer this Agreement, by operation of law or otherwise, without Pvotal’s prior written consent, except that Customer may assign this Agreement without consent to an affiliate or in connection with a merger, acquisition, corporate reorganization, or sale of all or substantially all of its assets, provided that the assignee is not a direct competitor of Pvotal and assumes all obligations under this Agreement. Pvotal may assign or transfer this Agreement, in whole or in part, without Customer’s consent in connection with a merger, acquisition, corporate reorganization, or sale of assets. Any purported assignment in violation of this Section 15.7 is void.

15.8 Force Majeure

Neither party is liable for failure to perform due to causes beyond its reasonable control (natural disasters, war, government action, significant cloud-provider outages), provided the affected party promptly notifies the other and uses reasonable efforts to mitigate.

15.9 Severability and Waiver

If any provision is held invalid or unenforceable, remaining provisions continue in force. No waiver is effective unless in writing.

15.10 Notices

All legal notices in writing to: Pvotal Technologies, Inc. Email: legal@pvotal.tech Website: https://pvotal.tech

15.11 Publicity

Pvotal may include Customer’s name and logo in its customer lists and on its websites and marketing materials to identify Customer as a customer of Infrastream, provided that any use of Customer’s logo is in accordance with any reasonable brand guidelines provided by Customer. Any other public statements or press releases regarding the parties’ relationship will require the prior written consent of the other party (email sufficient).