ACCENTURE’S GENERAL TERMS AND CONDITIONS OF PURCHASE – Russia

(Revised March 2018)

signed by Accenture and the indicated provider such as a master agreement,

statement of work or letter agreement (“Additional Agreements”). The

Agreement is the sole and exclusive agreement between the indicated provider

(“Supplier”) and Accenture with respect to the goods and/or services provided by

Supplier under the applicable purchase order (collectively, “Deliverables”). By

providing any Deliverables to Accenture, Supplier agrees it is bound by the

Agreement. Supplier and/or Accenture may be referred to as a “Party” or

“Parties” in these General Terms. “Accenture” means the Accenture entity that is

a party to the Agreement ( “Accenture”).

1.2 In the event of any conflict among the terms of the Agreement, the following

its successors, where "control" means the ability, whether directly or indirectly,

to direct the management and policies of another entity by means of ownership,

contract or otherwise.

2. PERFORMANCE/ WARRANTIES

Supplier warrants and undertakes that the Deliverables will be free from defects

in material and workmanship and will conform to any specifications or

requirements in the Agreement or agreed upon by the Parties in writing. Supplier

warrants that if any Deliverable(s) fails to meet any such specifications or

requirements or is otherwise nonconforming, Supplier will, at its own cost and

and acceptance by Accenture, even if the Parties have not set forth any

specifications or requirements regarding the Deliverables in the Agreement.

3. DELIVERY

Prices will be based on delivery at the location specified by Accenture, with all

duties, tariffs, freight, insurance and other costs related to transportation and

delivery being the responsibility of Supplier. Title to and risk of loss/damage for

goods remain with Supplier until the goods have been delivered, inspected and

accepted by Accenture. Supplier is the importer and exporter of record. Supplier

agrees to provide free replacement of goods lost or damaged in transit, at no

4.1 All prices are exclusive of VAT or similar taxes and will be in the official

currency of the country where the Accenture entity in the Agreement is located.

4.2 Supplier is entitled to invoice Accenture after delivery has taken place in

accordance with Section 3 above. Invoices will be addressed in original to the

invoicing department of the Accenture entity in the Agreement. All invoices

submitted to Accenture must include adequate documentation, including, as

applicable: (i) a statement that the Deliverables comply with the provisions of the

Agreement; (ii) an explanation of the Deliverables provided during the period

covered by the invoice, including applicable purchase order number, invoice

number, invoice date, name of the requestor, description of the Deliverables and

whole or in part) will not be deemed acceptance of any Deliverables.

Accenture will have the right, at its expense, to audit the books and records of

Supplier related to Supplier’s activities under the Agreement.

4.6 Applicable taxes will be billed as a separate item or line item. Accenture will

pay sales, use, value added, goods and services, and all other similar taxes

imposed by any official, authorized governmental entity for Deliverables provided

under the Agreement, excluding taxes based solely on Supplier's income or

property. Accenture will pay such tax(es) in addition to the sums due under the

Agreement provided that Supplier itemizes them on a proper invoice. Accenture

reserves the right to request proof of payment if previously paid by Supplier. If

Accenture is required to withhold or deduct any taxes from any payment,

provided Accenture furnishes Supplier with a copy of a resale exemption

certificate, no sales taxes will be billed to Accenture.

5. OWNERSHIP OF DELIVERABLES & INTELLECTUAL PROPERTY RIGHTS

5.1 Supplier hereby assigns and grants to Accenture all rights and licenses

necessary for Accenture to access, use, transfer, and sell the Deliverables and to

exercise the rights granted under the Agreement, and pass-through the same to

its Affiliates and designated users, for the use and benefit of Accenture and in

providing services to Accenture’s clients and business partners. Except with

respect to any proprietary materials, programs, and documentation provided by

5.2 Supplier hereby assigns and grants to Accenture an irrevocable, non-

exclusive, worldwide, perpetual and fully paid-up right and license to use and

modify the Pre-Existing Materials to the extent necessary for Accenture to use

the Deliverables as provided for in Section 5.1 above. Pre-Existing Materials or

open source software will not be incorporated into any Deliverable without

Accenture’s prior written approval.

5.3 To the extent the Deliverables consist of software, Accenture will be entitled

to install and use the software on equipment owned or controlled by Accenture

or on cloud platforms provided by third parties. For avoidance of doubt, to the

extent that any Deliverables consist of cloud-based services, such cloud-based

under the Agreement; (ii) modify the Deliverable so it is non-infringing and in

compliance with the Agreement; (iii) replace the Deliverable with a non-infringing

one that complies with the Agreement; or (iv) accept the return or cancellation

of the infringing Deliverable and refund any amount paid.

6. COMPLIANCE WITH LAWS

6.1 Supplier represents and warrants that it is aware of, understands, has

complied with, and will comply with, all laws applicable to Supplier in the

performance of the Agreement, including but not limited to: (i) anti-corruption

laws such as the U.S. Foreign Corrupt Practices Act, the U.K. Bribery Act and other

such laws.

6.2 Unless otherwise agreed in writing, the Supplier will not provide any

Deliverables to Accenture that require an export license or other form of

ACCENTURE’S GENERAL TERMS AND CONDITIONS OF PURCHASE – Russia

(Revised March 2018)

6.3 Supplier will promptly notify Accenture of its violation of any applicable laws

in its performance of the Agreement, and will defend, hold harmless and

indemnify Accenture for any violation of such laws or a breach of Section 14.

7. LIABILITY AND INSURANCE

7.1 To the extent permitted by law, in no event will Accenture be liable for any

lost revenues, lost profits, incidental, indirect, consequential, special or punitive

damages. To the extent permitted by law, in no event will Accenture’s aggregate

liability to Supplier for all claims exceed the total price payable by Accenture to

Supplier under the Agreement.

the Russian Federation in the event that, following the results of a tax audit in

respect of Accenture solely in connection with the performance of this

Agreement, the authorized tax authority will prosecute Accenture or its officials

and / or make additional tax payments, accrual of penalties and all other

payments in use of the budget, the Supplier, on the basis of the written request

of Accenture, undertakes to reimburse such property losses to Accenture as a

result of the Supplier’s guilty actions. Property losses include the amount of

administrative fines for engaging Accenture to tax liability, the amount of

additional tax payments, penalties, as well as the amount of all other

documented costs of Accenture made at the request of the authorized tax

no obligation to pay any early termination fee or extra charges in relation to such

termination.

9. CONFIDENTIALITY AND PUBLICITY

9.1 Supplier will keep the existence, nature and the content of the Agreement,

Accenture Data (as defined in Section 14.1), and any other information of

Accenture, any commercial, financial, technical and other information and / or

material that is not available to the general public, which is formed, collected, or

used by Accenture and is related to the activities of the Accenture, research and

development, customers and other Accenture business partners or employees of

business information, or use Accenture’s name, logo or trademark in any public

announcements, promotions or any other communication without Accenture’s

prior written consent.

9.2 Supplier may only use such confidential information for the purpose of

performing its obligations under the Agreement.

9.3 Upon: (i) expiration or termination of the Agreement; or (ii) the request of

Accenture; Supplier will return all confidential information of Accenture and

Accenture Data or delete such information.

10. ASSIGNMENT AND SUBCONTRACTING

10.2 Supplier will not assign, transfer or subcontract the Agreement or its rights

or obligations (including its data privacy obligations) to any third party (whether

resulting from a change of control, merger or otherwise) without Accenture’s

assigned or transferred to any Affiliate. Supplier hereby provides its consent in

advance for such assignment or transfer.

11. SUPPLIER STANDARDS OF CONDUCT

Accenture is committed to conducting its business free from unlawful, unethical

or fraudulent activity. Supplier will act in a manner consistent with the ethical and

professional standards of Accenture as described in the Accenture Supplier

Standards of Conduct, including prompt reporting of unlawful, fraudulent or

unethical conduct. A copy of these standards can be found at accenture.com/us-

en/company-ethics-code.

12.2 The Agreement and any dispute or matter arising under it will be governed

by the laws of the country where the Accenture entity in the Agreement is

located, without giving effect to conflict of laws rules. Subject to Section 12.1,

the Arbitration Court of Moscow will have exclusive jurisdiction. The United

Nations Convention on Contracts for the International Sale of Goods does not

apply.

12.3 The Party which intends to submit a lawsuit to the Arbitration Court shall

notify in a written form the other Party about the subject of the dispute 2 (two)

weeks prior filing a claim to court.

unenforceable then such part will be severed from the remainder of the

Agreement which will continue to be valid and enforceable to the fullest extent

permitted by law.

13.3 Any changes to the Agreement will be valid and binding only if such changes

are set forth in a written agreement signed by Supplier and Accenture. Any click-

through, online or other terms or licenses accompanying any Deliverables are null

and void and will not bind Accenture. The Parties expressly agree that any counter

offer by Supplier or terms contained in the Supplier's response to, or

acknowledgment or acceptance of, the Agreement, if any, that are additional to,

or different from, the terms set forth in the Agreement will not apply and are

14.1 In addition to Supplier’s obligations under Sections 6, 9, 10, and 15, Supplier

will comply with this Section 14 when processing Accenture Personal Data.

"Accenture Personal Data" means personal data owned, licensed, or otherwise

controlled or processed by Accenture including personal data processed by

Accenture on behalf of its clients. “Accenture Data” means all information, data

stored, hosted, processed, received and/or generated by Supplier in connection

with providing the Deliverables to Accenture, including Accenture Personal Data.

14.2 If Supplier processes Accenture Personal Data in the course of providing

Deliverables to Accenture or fulfilling its obligations under the Agreement,

with such laws; (iii) make all reasonable efforts to ensure that Accenture Personal

Data is accurate and up-to-date at all times while in its custody or under its

control, to the extent Supplier has the ability to do so; (iv) fully assist and

ACCENTURE’S GENERAL TERMS AND CONDITIONS OF PURCHASE – Russia

(Revised March 2018)

applicable laws, and allow for and contribute to audits and inspections conducted

by Accenture; (v) not retain any Accenture Personal Data for longer than is

necessary for the performance of the Agreement or as required by applicable law;

bound by a written agreement that includes the same data protection obligations

as set out in the Agreement.

14.3 “Security Incident” means a known, or reasonably suspected, accidental or

unauthorized loss, acquisition, disclosure, access, use or other form of

compromise of Accenture Data. Supplier will implement and maintain

commercially reasonable and appropriate physical, technical and organizational

including cooperating with Accenture’s remediation efforts, mitigating any

damage, and developing and executing a plan, subject to Accenture´s approval,

that promptly reduces the likelihood of a recurrence of the Security Incident.

14.4 Supplier will notify Accenture promptly in writing of any investigation,

litigation, arbitrated matter or other dispute relating to Supplier’s or its sub-

contractors' information security or privacy practices.

14.5 Supplier will not transfer, access or otherwise process Accenture Personal

Data which originates from the EEA to/from jurisdictions outside of an Approved

Jurisdiction, without first entering into a legally valid data transfer mechanism(s)

and/or additional agreement(s) with Accenture. “Approved Jurisdiction” means

applicable goods, services, equipment, software systems and platforms that

Supplier uses to access, process and/or store Accenture Data. “Industry

Standards” means security measures that are commercially reasonable in the

information technology industry and that are designed to ensure the security,

integrity, and confidentiality of Accenture Data, and to protect against Security

Incidents.

15.2 Illicit Code. Except for the functions and features expressly disclosed in

Supplier's documentation made available to Accenture, Deliverables will be free

of any programs, subroutines, code, instructions, data or functions, (including but

not limited to viruses, malware, worms, date bombs, time bombs, shut-down

such inventory to Accenture upon request. Supplier will assess whether any such

components have any security defects or vulnerabilities that could lead to a

Security Incident. Supplier will perform such assessment prior to providing

Accenture with access to such software components and on an on-going basis

thereafter during the term of the Agreement. Supplier will promptly notify

Accenture of any identified security defect or vulnerability and remediate same

in a timely manner. Supplier will promptly notify Accenture of its remediation

plan. If remediation is not feasible in a timely manner, Supplier will replace the

subject software component with a component that is not affected by a security

defect or vulnerability and that does not reduce the overall functionality of the

representatives, to assess Supplier’s security-related activities that are relevant

to the Agreement; and (iii) timely complete a security questionnaire from

Accenture on a periodic basis upon Accenture’s request. Security issues identified

Agreement in accordance with Section 8 above.

15.5 Application Hardening. Supplier will comply with this Section 15.5 if Supplier

is providing Accenture with access to or the use of any software, including

software-as-a-service or cloud-based software. Supplier will maintain and

implement secure application development policies, procedures, and standards

that are aligned to Industry Standard practices (e.g., SANS Top 35 Security

Development Techniques and Common Security Errors in Programming and the

OWASP Top Ten project). This applies to web application, mobile application,

embedded software, and firmware development. All Personnel responsible for

application design, development, configuration, testing, and deployment will be

vulnerabilities are addressed within 30 days.

15.7 Application Vulnerability Assessment. Supplier will comply with this

Section 15.7 if Supplier is providing Accenture with access to or the use of any

software, including software-as-a-service or cloud-based software. Supplier will

perform an application security vulnerability assessment prior to any new

release. The test must cover all application and/or software vulnerabilities

defined by the OWASP or those listed in the SANS Top Cyber Security Risks or its

successor current at the time of the test. Supplier will ensure all high-risk

vulnerabilities are resolved prior to release. Supplier will provide a summary of

the test results including any open remediation points upon request. Supplier will

independent third party perform one of the quarterly tests. Supplier will have a

defined process to address any findings but any high-risk vulnerabilities must be

addressed within 30 days. Supplier will provide a summary of such tests and

evaluations, including any open remediation points, to Accenture upon request.

15.9 Asset Management. Supplier will: i) maintain an asset inventory of all media

and equipment where Accenture Data is stored. Access to such media and

equipment will be restricted to authorized Personnel; ii) classify Accenture Data

so that it is properly identified and access to it is appropriately restricted; iii)

maintain an acceptable use policy with restrictions on printing Accenture Data

and procedures for appropriately disposing of printed materials that contain

Time Password (OTP) tokens, and biometrics.

15.10 Access Control. Supplier will maintain an appropriate access control policy

that is designed to restrict access to Accenture Data and Supplier assets to

authorized Personnel. Supplier will require that all accounts have complex

passwords that contain letters, numbers, and special characters, be changed at

least every 90 days, and have a minimum length of 8 characters.

15.11 Cryptography. Supplier will maintain policies and standards on the use of

cryptographic controls that are implemented to protect Accenture Data.

15.12 Secure Disposal or Reuse of Equipment. Supplier will verify that all

Accenture Data has been deleted or securely overwritten using Industry Standard

use anti-malware software (of Industry Standard or better quality), maintain such

software at the then current major release, purchase maintenance & support

ACCENTURE’S GENERAL TERMS AND CONDITIONS OF PURCHASE – Russia

(Revised March 2018)

Industry Standard encryption to restrict access to Accenture Data stored on

physical media that is transported outside of Supplier facilities.

15.15 Workstation Encryption. Supplier will require hard disk encryption of at

least 256-bit Advanced Encryption Standard (AES) on all workstations and/or

laptops used by Personnel where such Personnel are accessing or processing

Accenture Data.

16.1 The circumstances of the force majeure include events that the Party cannot

affect and that the Party is not responsible, including: war, of the Parties.

force majeure circumstances. In case of the Party does not fulfill its obligations as

a result of force majeure circumstances, this Party shall notify the other Party

about such circumstances and their impact on the fulfillment of obligations under

the Agreement no later than within three days.

16.2 This Agreement was prepared both in English and Russian languages. In case

of any discrepancies between the Russian and the English version, the Russian

version shall prevail.

16.3 This Agreement has been drawn up in two copies each having equal legal

force, one copy for each of the Parties.

16.4 This Agreement shall come into force as of the date of its signing by the

Accepted and Agreed to by the Parties:

Accenture LLC [Insert Legal Name of Other Party]

Name: Name:

(Printed or Typed)

(Printed or Typed)

Title: Title:

(Printed or Typed)

(Printed or Typed)