Please note that this is only one part of a model contract and does not cover topics such as privacy, etc., that would be covered under other addendums.
This is not legal advice. We highly recommend working with your own legal team to determine how to best employ the model language and modify it to suit your particular needs. Every security program has different challenges and risks, and we hope this is a useful starting recipe.
This was forked from Dropbox's Vendor Security Model Contract: see https://blogs.dropbox.com/tech/2019/03/towards-better-vendor-security-assessments/ for more information.