STANDARD TERMS AND CONDITIONS FOR THE SUPPLY OF SERVICES
1. Interpretation
1.1 The definitions and rules of interpretation in this condition apply in these terms and conditions (“Conditions”).
Contract any contract between the Supplier and the Client for the supply and purchase of the Services formed in accordance with Condition 2
Client a Customer whose order for the Services is accepted by the Supplier in accordance with Condition 2; unless otherwise agreed in writing, this will be the entity to whom all correspondence and Quotations have been addressed.
Ultimate Client the end Customer of our Client
Commencement date agreed date for the start of the service as defined in Schedule 6 or 7(If relevant).
Confidential Information all information disclosed (whether in writing, orally or by another means and whether directly or indirectly) by a party (“Disclosing Party”) to the other party (“Receiving Party”) whether before or after the date of the Contract including, but not limited to, information relating to the Disclosing Party’s products, operations, processes, plans or intentions, product information, know-how, Intellectual Property Rights, trade secrets, market opportunities and/or business affairs.
Deliverables all Documents, products and materials developed by the Supplier solely in relation to a Contract in any form, including computer programs, data, reports and specifications;
Document includes any document in writing, any drawing, map, plan, diagram, design, picture or other image, tape, disk, digital or digitally created file or other device or record embodying information in any form;
Equipment the computer hardware (including operating system software) listed in Schedule 6 (If relevant).
Exhibits all Documents, information and materials required by the Supplier so as to enable the Supplier to carry out the Services including, computers, phones, computer programs, data, reports and specifications, original evidential material and any other material and/or items appropriate to the investigation and required by the Supplier so as to enable the Supplier to provide the Services;
Force Majeure any cause preventing the Supplier from performing its obligations which arises from or is attributable to acts, events, omissions or accidents beyond its control, including, without limitation, strikes, lock-outs or other industrial disputes (whether involving the workforce of the Client, Supplier or any other party), failure of a utility service, failure of IT systems and/or equipment, or transport network, act of God, war, terrorism, riot, civil commotion, malicious damage, compliance with any law or governmental order, rule, regulation or direction, accident, breakdown of plant or machinery, fire, flood, storm or default of suppliers or sub-contractors;
Initial Period any initial period as specified in Schedule 3,6 or 7 of this agreement (if relevant).
Intellectual Property Rights all patents, rights to inventions, utility models, copyright and related rights, trademarks, service marks, trade names, business and domain names, rights in trade dress or get-up, rights in goodwill or to sue for passing off, unfair competition rights, rights in designs, rights in computer software, database rights, topography rights, moral rights, rights in confidential information (including know-how and trade secrets) and any other intellectual property rights, in each case whether registered or unregistered and including all applications for and renewals or extensions of such rights, and all similar or equivalent rights or forms of protection in any part of the world;
Location the physical situation of the equipment as described in Schedule 6 (if relevant)
Normal Working Hours 09:00 until 17:30 on a Working Day;
Quotation a written quotation given by the Supplier to the Client setting out, amongst other things, the scope of the Services and an estimate of the charges payable by the Client in respect of such Services. All quotations are provided on the basis of information provided by the Client to the Supplier but due to the nature of the Services cannot be expected to be prescriptive and Charges may vary in accordance with these Terms and Conditions after commencement of the Services.
Services the services to be provided by the Supplier under the Contract in accordance with these Conditions, Quotation and the Supplier’s obligations under the Contract, as may be amended from time to time in accordance with these Conditions;
Supplier CY4OR LEGAL Limited incorporated and registered in England and Wales with company number 06295131 whose registered office is at 7 St Petersgate, Stockport, Cheshire, SK1 1EB; CY4OR LEGAL Limited also trading as CYFOR and CYFOR SECURE
VAT value added tax chargeable under English law for the time being and any similar additional tax;
Working Day any day other than Saturday or Sunday or a bank or statutory holiday in England.
1.2 Condition headings shall not affect the interpretation of these Conditions.
1.3 A person includes a natural person, corporate or unincorporated body (whether or not having separate legal personality) and that person’s legal and personal representatives, successors and permitted assigns.
1.4 Words in the singular shall include the plural and vice versa.
1.5 A reference to a statute or statutory provision is a reference to it as it is in force for the time being, taking account of any amendment, extension, or re-enactment and includes any subordinate legislation for the time being in force made under it.
1.6 A reference to writing or written includes, but is not limited to, verbal, letters, faxes, emails and text messages.
1.7 Where the words include(s), including or in particular are used in these Conditions, they are deemed to have the words without limitation following them and where the context permits, the words other and otherwise are illustrative and shall not limit the sense of the words preceding them.
1.8 An obligation in a Contract on a person not to do something includes an obligation not to agree, allow, permit or acquiesce in that thing being done.
2 Application of Conditions
2.1 These Conditions shall:
- apply to and be incorporated into every Contract;
- prevail over any terms or conditions (whether inconsistent or not) contained, or referred to, in any proposal, confirmation of order, specification or other Document, or implied by law, trade custom, practice or course of dealing;
- be also be subject to the terms and conditions set out in any supplier Quotation (to the extent that there is any conflict or additional terms); and
- exclude any terms and conditions of purchase submitted at any time by the Client and whether printed or sent with any order form or otherwise
2.2 No addition to, variation of, exclusion or attempted exclusion of any term of the contract shall be binding on the supplier unless in writing and signed by a duly authorised representative of the Supplier.
2.3 Each order will be deemed to be an offer by the Client to purchase the Services upon these Conditions. A Contract is formed when the order is accepted by the Supplier by way of written acknowledgement of order or by commencement of the Services. No Contract will come into existence until a written acknowledgement of order is issued by the Supplier or until the Supplier commences the provision of the Services, whichever occurs earlier.
2.4 Quotations are given by the Supplier on the basis that no Contract shall come into existence except in accordance with Condition 2.2. Any Quotation is valid for a period of 30 days from its date, provided that the Supplier has not previously withdrawn it. The Supplier reserves the right to withdraw or revise a Quotation at any time prior to accepting the order from the Client.
3 Supplier’s obligations
3.1 The Supplier shall provide the Services and deliver the Deliverables to the Client.
3.2 The dates mentioned in a Contract and/or any Quotation and/or any order are approximate only and time will not be of the essence as to any performance of the Services and/or delivery of the Deliverables, but the Supplier will use reasonable efforts to fulfil its obligations under a Contract in a timely manner. Additionally, the Supplier will not be liable for any delay in performing the Services and/or delivering the Deliverables that results from any delay or other failure by the Client in providing any Exhibits and/or Documents and/or other information as may be required by the Contract.
3.3 The Services supplied under a Contract shall continue to be supplied until, in the opinion of the Supplier, the project is completed or until the relevant Contract is terminated in accordance with Condition 11 herewith and condition 5 of the Product specific Terms and Conditions in Schedules 1-7.
3.4 The Supplier shall provide the Services from such premises as it deems appropriate from time to time.
3.5 The Services shall be provided during Normal Working Hours. In the event that any additional support is required outside the Normal Working Hours, such support shall be provided at the Supplier’s standard rate, as notified to the Client from time to time.
3.6 Notwithstanding the foregoing, the Supplier does not warrant that the Services will be uninterrupted or error free.
3.7 The Client acknowledges and agrees that the Supplier is only able to provide the Services based on the information and documents disclosed to it and the Supplier shall not be responsible for any errors when undertaking work on the Client’s behalf. It is the Client’s responsibility to check all Deliverables produced by the Supplier
3.8 The Supplier will, and usually only if requested to, by the Client, conduct a Conflict Check. This Conflict Check is conducted on a best endeavours basis and will be conducted using information provided to it by the Client. The Client warrants that it will ensure the information it provides to the Supplier is free of errors and indemnifies the Supplier and its agents against any errors or omissions howsoever caused. CYFOR provides no warranties and accepts no liability whatsoever should a conflict be identified at any stage.
3.9 To fulfil the Client’s requirements, the supplier reserves the right to deviate from its routine methodologies
4 Client’s obligations
4.1 The Client shall (and to the extent necessary to enable the Supplier to perform the Services, shall procure that its Ultimate Client (“Ultimate Client”) shall):
- co-operate with the Supplier in all matters relating to the Services and/or Deliverables;
- provide such access to the Client’s and/or the Ultimate Client’s premises and data, and such office accommodation and other facilities as may reasonably be required by the Supplier for the purposes of the Services and/or Deliverables;
- provide such access to appropriate numbers of the Client’s and/or the Ultimate Client’s suitably qualified personnel as may reasonably be required by the Supplier for the purposes of the Services and/or Deliverables (including without limitation, the provision of personnel to assist with the extraction of data from network or email servers and assist the Supplier in respect of complex IT infrastructures);
- provide in a timely manner such other information as the Supplier may request (or which the Client and/or the Ultimate Client knows or ought reasonably to have known that the Supplier would require) in order to carry out the Services and/or deliver the Deliverables, and ensure that it is accurate in all material respects; and
- inform the Supplier of all health and safety rules and regulations and any other reasonable security requirements that apply at any of the Client’s and/or the Ultimate Client’s premises.
5 Change, Variation and Extension to the scope
5.1 If either party wishes to change the scope or execution of the Services and/or Deliverables, it shall submit details of the requested change to the other in writing.
5.2 If the Client requests a change to the scope or execution of the Services and/or Deliverables:
- the Supplier shall, within a reasonable time (and in any event not more than five Working Days after receipt of the Client’s request), provide a written estimate to the Client of:
- the likely time required to implement the change;
- any necessary variations to the Supplier’s charges arising from the change; and
- any other impact of the change on the terms of the Contract.
- if the Client does not wish to proceed, there shall be no change to the Contract; and
- if the Client wishes the Supplier to proceed with the change, the Supplier shall do so after written agreement on the necessary variations to its charges, the Services, the Deliverables and any other relevant terms of the Contract to take account of the change and the Contract shall be varied in accordance with Condition 13.
5.3 If the Supplier requests a change to the scope of the Services and/or Deliverables (whereupon to the extent the Supplier deems it appropriate, it shall provide the Client with the information set out at Condition 5.2(a)), the Client shall not unreasonably withhold or delay consent to it.
5.4 In the event that the Client requires an extension and/or variance to the scope of the Services and/or Deliverables (whether requested by the Client or reasonably deemed to be necessary by the Supplier) and due to time constraints or other factors, it is impractical for the procedure set out Condition 5.2 to be followed then, upon acceptance (whether by communicating such acceptance or by commencing its performance) of such extension by the Supplier the Contract shall be varied in accordance with Condition 15 and the Supplier’s standard rates as set out in the Quotation shall apply in respect of the additional Services and/or Deliverables.
6 Charges and payment
6.1 Invoices will be raised as agreed and/or at appropriate intervals. For the avoidance of doubt, Invoices will be addressed to the Client (the entity to whom the Quotation was addressed) who will be responsible for Payment under the Contract. For the avoidance of doubt, changes to the Client cannot be made without the Suppliers express permission and the provision of a new Quotation, after work has commenced in accordance with the Quotation or after an invoice has been raised.
6.2 Subject to Conditions 6.3 and 6.4, the total price for the provision of the Services and delivery of the Deliverables shall be the amount set out in the Quotation as amended in accordance with any scope extension, variance or changes as set out in Condition 5. The supplier will amend the Invoice and/or reissue an invoice to reflect any errors or omissions as appropriate in the Quotation.
6.3 Unless otherwise stated the Supplier’s charges exclude the cost of hotels, subsistence, travelling and any other ancillary expenses reasonably and properly incurred by the Supplier in connection with the Services and/or Deliverables, and the costs of any materials or services reasonably and properly provided by third parties that are required by the Supplier for the supply of the Services and/or Deliverables. Such expenses, materials and third-party services shall be invoiced by the Supplier at cost price plus an administration charge of 5% of the total amount provided they have been agreed in advance with the Client.
6.4 The Supplier may at any time:
- withdraw any discount from its normal prices; and
- revise prices to take account of increases in costs including, without limitation, the cost of any goods, raw materials, transport, labour or overheads, the increase or imposition of any tax, duty or other levy and any variation in exchange rates; and
- revise prices to take account of increases in costs resulting from unforeseen circumstances (including unforeseen technical difficulties with respect to the Services, difficulties with extracting data from network or email servers, the nature of the work (including value), time spent, urgency, a greater number of Exhibits being the subject of the Services than was contemplated in the Quotation and/or increases in the data size contemplated in the Quotation and the other factors which may also be taken into consideration when arriving at our fees) and/or an extension of the scope of Services and/or Deliverables in accordance with Condition 5.
6.5 The Supplier shall (if applicable) add to the price for the Services, and the Client shall pay an amount equal to any VAT or other sales tax or duty applicable from time to time to the sale or supply of such Services.
6.6 Without Prejudice to condition 6.8, the supplier reserves the right to raise an administration invoice to the Supplier for late payment of invoices. The administration fee will be notified to the Client in advance but, in any event, will not be less then £50.
6.7 The Client is not entitled to withhold payment of any amount due to the Supplier by way of any set-off or counterclaim.
6.8 If the Client fails to pay any amount due to the Supplier under any Contract on the due date, notwithstanding the provisions of Condition 6.8, the Supplier reserves the right to add interest to such amount at the rate of 8% over the base rate for the time being of The Bank of England for the period from the due date until and including the date of receipt (whether before or after judgment).
6.9 Without prejudice to the Supplier’s other rights and remedies, if the Client fails to pay any amount due to the Supplier under any Contract on the due date, the Supplier shall be entitled, upon notification to the Client, to remove the Client’s data (and Exhibits) and destroy or permanently erase the same.
6.10 The Supplier reserves the right to alter or withdraw at any time any credit allowed to the Client.
6.11 The Supplier may offset any amount owing to it from the Client against any amount owed to the Client by the Supplier.
7 Quality of Services
7.1 The Supplier warrants that the Services will be performed (and the Deliverables provided) with reasonable care and skill and that the Services will for a period of 30 days from performance substantially conform with any descriptions and specifications provided to the Client by the Supplier.
7.2 The warranties in Condition 7.1 are given on the following conditions:
- the Supplier is not liable for any defect in the Services (or Deliverables) caused by any act, neglect or default of the Client or a third party; and
- the Supplier is not liable for a defect in the Services (or Deliverables) unless it is notified to the Supplier in writing within 7 Working Days of the date of performance or, if the defect would not be apparent upon reasonable inspection, within 60 days of the date of performance.
7.3 The Supplier is not liable for non-performance of any Services unless the Client notifies the Supplier of the claim within 7 Working Days of the date of the alleged non-performance.
8 Intellectual Property Rights
8.1 The Supplier acquires title in and to all of the Intellectual Property Rights arising as a result of the Supplier performing the Services along with all other rights in and to the products of the Services (including the Deliverables) (“Services IPR”). Subject to receipt by the Supplier of payment in full of all amounts due under the Contract and subject to Condition 11, the Supplier hereby grants to the Client a perpetual, non-exclusive, non-transferable right to use the Services IPR solely for the purpose of receiving the benefit of the Services. For the avoidance of doubt this refers to the processes themselves and not the data.
8.2 Save for the rights granted pursuant to Condition 8.1, the Client shall not acquire any right, title, and/or interest in and to the Services IPR whether by virtue of the Contract or otherwise.
9 Exclusion of Liability
9.1 The Supplier does not exclude its liability (if any) to the Client:
- for breach of the Supplier’s obligations arising under section 12 Sale of Goods Act 1979 or section 2 Sale and Supply of Goods and Services Act 1982;
- for personal injury or death resulting from the Supplier’s negligence;
- for any matter which it would be illegal for the Supplier to exclude or to attempt to exclude its liability; or
- for fraud.
9.2 Except as provided in Condition 9.1, the Supplier will be under no liability to the Client or any 3rd party whatsoever (whether in contract, tort (including negligence), breach of statutory duty, restriction or otherwise), for any of the following losses or damages whether direct, indirect or consequential:
- pure economic loss;
- Consequential loss;
- loss of actual or anticipated profits;
- loss of anticipated savings;
- loss of business;
- Loss of goods;
- Loss of use;
- Loss of contract;
- Loss caused due to use by the Supplier of Exhibits;
- Loss or corruption of data or information;
- loss caused by viruses, trojans, worms, logic bombs, denial of service attack or other material that is malicious or technologically harmful;
- Loss caused by a GDPR breach in Family and Children court proceedings, where the Ultimate Client as data controller has released personal identifiable information in contravention of current legislation.
- depletion of goodwill and like loss; and
- injury to reputation, howsoever caused arising out of or in connection with:
- any of the Services or Deliverables, or the manufacture or sale or supply, or failure or delay in supply, of any of the Services or Deliverables by the Supplier or on the part of the Supplier’s personnel, agents or sub-contractors;
- any breach by the Supplier of any terms of the Contract; or
- any statement made or not made, or advice given or not given, by or on behalf of the Supplier, or otherwise in connection with the Services or Deliverables.
9.3 Except as set out in Condition 9.1, the Supplier hereby excludes to the fullest extent permissible in law, all conditions, warranties and stipulations, express (other than those set out in these Conditions) or implied, statutory, customary or otherwise which, but for such exclusion, would or might subsist in favour of the Client.
9.4 Each of the Supplier’s personnel, agents and sub-contractors may rely upon and enforce the exclusions and restrictions of liability in Conditions 9.2 and 9.3 in that person’s own name and for that person’s own benefit, as if the words “its personnel, agents and sub-contractors” followed the word “Supplier” wherever it appears in those Conditions.
9.5 Subject to Conditions 9.1 and 9.2, the entire liability of the Supplier arising out of or in connection with the Contract or supply, non supply or delay in supplying any of the Services or Deliverables, or otherwise in connection with the Services or Deliverables, whether in contract, tort (including negligence or breach of statutory duty) or otherwise, is limited to the price of the Contract.
9.6 The Client acknowledges that the above provisions in Conditions 9.1 to 9.5 and this Condition 9.6 are reasonable and reflected in the price which would be higher without those provisions, and the Client will accept such risk and/or insure accordingly.
10 Confidentiality
10.1 During the term of the Contract and after termination or expiry of the Contract for any reason, the Receiving Party:
- shall not use Confidential Information of the Disclosing Party for any purpose other than for the performance of its obligations under the Contract;
- shall not disclose Confidential Information of the Disclosing Party to any person except with the prior written consent of the Disclosing Party or in accordance with Condition 10.3; and
- shall make every effort to prevent the use or disclosure of Confidential Information of the Disclosing Party.
10.2 During the term of the Contract, the Receiving Party may disclose Confidential Information of the Disclosing Party to any of its directors, other officers, employees, sub-contractors and Clients (“Recipient”) to the extent that disclosure is necessary for the purpose of the Contract and provided that such persons are placed under written obligations of confidentiality equivalent to those contained in this Condition 10 (save that any Recipient shall not be entitled to further disclose any Confidential Information of the Disclosing Party unless it is required to be disclosed by law or unless the Disclosing Party expressly agrees to such disclosure).
10.3 Condition 10.2 does not apply to Confidential Information which:
- is at the date that the Contract is formed or becomes at any time after that date publicly known other than by the Receiving Party’s or Recipient’s breach of the Contract;
- can be shown by the Receiving Party to the Disclosing Party’s reasonable satisfaction to have been known by the Receiving Party before disclosure by the Disclosing Party to the Receiving Party;
- is or becomes available to the Receiving Party or a Recipient otherwise than pursuant to the Contract and free of any restrictions as to its use or disclosure; and
- is required to be disclosed by law, but then only to the extent so required.
- is required to be disclosed to regulatory bodies as part of the organisation’s ongoing accreditations and certifications.
11 Termination
11.1 Without prejudice to any other rights or remedies which may arise, the Supplier may terminate the Contract immediately on giving notice if:
- the Client commits a material breach of any of the terms of the Contract and, where the breach is remediable, fails to remedy that breach within 14 days of being notified in writing of the breach; or
- an order is made, or a resolution is passed for the winding up of the Client, or circumstances arise which entitle a court of competent jurisdiction to make a winding up order of the Client; or
- an order is made for the appointment of an administrator to manage the affairs, business and property of the Client, or documents are filed with a court of competent jurisdiction for the appointment of an administrator of the Client, or notice of intention to appoint an administrator is given by the Client or its directors or by a qualifying floating charge holder (as defined in paragraph 14 of Schedule B1 to the Insolvency Act 1986); or
- a receiver is appointed of any of the assets of the Client or undertaking, or circumstances arise which entitle a court of competent jurisdiction or a creditor to appoint a receiver or manager of the Client, or if any other person takes possession of or sells the assets of the Client; or
- the Client makes any arrangement or composition with its creditors, or makes an application to a court of competent jurisdiction for the protection of its creditors in any way; or
- the Client ceases, or threatens to cease, to trade; or
- the Client suspends, or threatens to suspend, payment of its debts or is unable to pay its debts as they fall due or admits inability to pay its debts or is deemed unable to pay its debts within the meaning of section 123 of the Insolvency Act 1986;or
- the Client takes or suffers any similar or analogous action in any jurisdiction in consequence of debt; or
- there is a change of control of the Client (as defined in section 574 of the Capital Allowances Act 2001).
11.2 On termination of a Contract for any reason, any indebtedness of the Client to the Supplier pursuant to that Contract shall become immediately due and payable and the Supplier is relieved of any further obligations to the Client pursuant to that Contract.
11.3 Any provision of this agreement that expressly or by implication is intended to come into or continue in force on or after termination or expiry of this agreement shall remain in full force and effect.
11.4 Termination of the Contract, however it arises, shall not affect or prejudice the accrued rights of the parties as at termination or the continuation of any provision expressly stated to survive, or implicitly surviving termination. For the avoidance of doubt, upon termination of the Contract the licence granted pursuant to Condition 8.1 shall terminate.
12 Erasing of Data
12.1 The Supplier will ensure, as far as is reasonably practicable, that all data from it’s normal operating systems, including any independent archives, is securely erased and irretrievable. The supplier is not able to erase data from media that is used for the purposes of its Infrastructure backup and disaster recovery purposes. As these archives are superseded, previous archives will be securely erased and ultimately the data will be securely erased.
13 Marketing and Public Relations
13.1 Without prejudice to condition 10, the Supplier reserves the right to use generic and appropriately sanitised references to the services it has supplied in its Marketing and Public Relations collateral.
14 Force Majeure
14.1 The Supplier shall not be deemed to be in breach of the Contract or otherwise liable to the Client in any manner whatsoever for any failure or delay in performing its obligations under the Contract due to Force Majeure.
15 Employment Restriction
15.1 During the term of this agreement (including any renewals and extensions) and for a period of one year after it’s termination (for whatever reason) the Ultimate Client will not solicit or hire either directly or through any associated company, firm or person any personnel of the supplier engaged in the performance of this agreement at any time during the previous twelve months. If the Ultimate Client is in breach of this condition, the Ultimate Client, recognising that the supplier will suffer substantial damage, will pay to the supplier by way of liquidated damages (and not as penalty) a sum equal to the annual salary for the immediately preceding twelve months of the person concerned.
15.2 During the term of this agreement (including any renewals and extensions) and for a period of one year after it’s termination (for whatever reason) the supplier will not solicit or hire either directly or through any associated company, firm or person any named contact of the Ultimate Client who had been named at any time during the previous twelve months. If the supplier is in breach of this condition, the supplier, recognising that the Ultimate Client will suffer substantial damage, will pay to the Ultimate Client by way of liquidated damages (and not as penalty) a sum equal to the annual salary for the immediately preceding twelve months of the person concerned.
16 Variation
16.1 Subject to Condition 5, no variation of a Contract and/or these Conditions shall be valid unless it is in writing and signed by or on behalf of each of the parties.
17 Waiver
17.1 A waiver of any right under a Contract is only effective if it is in writing and it applies only to the party to whom the waiver is addressed and the circumstances for which it is given.
17.2 Unless specifically provided otherwise, rights arising under a Contract are cumulative and do not exclude rights provided by law.
17.3 No failure or delay by a party to exercise any right or remedy provided under this agreement or by law shall constitute a waiver of that or any other right or remedy, nor shall it prevent or restrict the further exercise of that or any other remedy. No single or partial exercise of such right or remedy shall prevent or restrict the further exercise of that or any other right or remedy.
18 Assignment and sub-contracting
18.1 The Client shall not, without the prior written consent of the Supplier, assign, transfer, charge, sub-contract or deal in any other manner with all or any of its rights or obligations under any Contract.
18.2 The Supplier is entitled at any time to assign, transfer, charge, sub-contract or deal in any other manner with all or any of its rights under any Contract and may sub-contract or delegate in any matter any or all of its obligations under any Contract.
19 No partnership or agency
19.1 Nothing in a Contract is intended to, or shall operate to, create a partnership between the parties, or to authorise either party to act as agent for the other, and neither party shall have authority to act in the name or on behalf of or otherwise to bind the other in any way (including the making of any representation or warranty, the assumption of any obligation or liability and the exercise of any right or power).
20 Rights of third parties
20.1 Subject to Condition 9.4, a person who is not a party to a Contract shall have no rights under the Contract (Rights of Third Parties) Act 1999 to enforce any terms of such Contract.
21 Invalidity
21.1 If any Condition is held by any court, tribunal or administrative body of competent jurisdiction to be wholly or partly illegal, invalid or unenforceable in any respect then this shall not affect any other Conditions of the Contract, which shall remain in full force and effect.
22 Whole Agreement
22.1 These Conditions and any Contract constitute the whole agreement between the parties relating to the subject matter they cover and supersede any arrangements, understanding or previous agreements between the parties relating to such subject matter.
22.2 Each party acknowledges that in entering into these Conditions and any Contract (including the appropriate Quotation) it does not rely on any representation or warranty (whether made innocently or negligently) that is not set out in these Conditions and any Contract (including the appropriate Quotation). Each party agrees that its only liability in respect of those representations and warranties that are set out in these Conditions and any Contract (including the appropriate Quotation) (whether innocently or negligently) shall be for breach of contract.
22.3 Nothing in this Condition shall limit or exclude any liability for fraud.
23 Notices
23.1 Notice given under the Contract shall be in writing, and sent to the registered office of the other party (or such other address, or person as the relevant party may notify to the other party) and shall be delivered personally, or email, or sent by pre-paid, first-class post or recorded delivery. A notice is deemed to have been received, if delivered personally, at the time of delivery, in the case of email, at the time of transmission, in the case of pre-paid first class post or recorded delivery, 48 hours from the date of posting and, if deemed receipt under this Condition 23 is not within business hours (meaning 9.00am to 5.00pm Monday to Friday on a day that is a Working Day), at 9.00am on the first Working Day following delivery. To prove service, it is sufficient to prove that the notice, in the case of post, that the envelope containing the notice was properly addressed and posted.
24 Governing law and jurisdiction
24.1 The Contract and any dispute or claim arising out of or in connection with it or its subject matter or formation (including non-contractual disputes or claims), shall be governed by, and construed in accordance with English law.
24.2 The parties irrevocably agree to submit to the exclusive jurisdiction of the courts of England and Wales.
PRODUCT SPECIFIC TERMS & CONDITIONS (IN ADDITION TO STANDARD TERMS AND CONDITIONS)
SCHEDULE 5 – CYBER SOFTWARE LICENCE AGREEMENT
- Definitions
- “Confidential Information” means information that is designated in writing as “confidential” at the time of disclosure, or which constitutes the trade secrets of a party under the governing law of this Agreement. Confidential Information also includes the Object Code of the Software, the pricing structure for the Software and Services provided to the client and any other proprietary information provided by the supplier and which is provided or disclosed to the client at any time. Notwithstanding the foregoing, Confidential Information does not include information that the receiving party can demonstrate: (a) is in the public domain or is generally publicly known through no improper action by the receiving party; (b) was rightfully in the receiving party’s possession or known by it prior to receipt from the disclosing party; (c) is rightfully disclosed without restriction to the receiving party by a third party without violation of any confidentiality covenant by such third party; or (d) is independently developed by the receiving party without use of the Confidential Information of the disclosing party.
- “Client Data” means any and all of the clients and its User’s data, information, and materials that are uploaded by or on behalf of the client or that are accessed by the supplier in connection with clients or its User’s use of the Software.
- “Documentation” means any documentation distributed by the supplier or its authorised resellers pertaining to the Software, including without limitation any accompanying or online user guides, technical information relating to the Software, user documentation, and technical data sheets in effect on the Effective Date, in each case, as may be updated or amended by or on behalf of the supplier from time to time. Documentation also includes any applicable Order Form and SOW.
- “Fees” means the subscription and other fees set forth in this Agreement or any Order Form or SOW for the purchase of Software licenses, Hardware, or Services.
- “Object Code” means computer programming code in the form not readily perceivable by humans and suitable for machine execution without the intervening steps of interpretation or compilation.
- “Order Form” or “Quote Form” means any supplier form detailing an order or a quote which is incorporated into and becomes a part of this Agreement. Depending on the Software ordered, the Order or Quote Form may be completed online or may take the form of a written order form, invoice, quote, billing statement, or SOW. In the event of any discrepancy between this Agreement and an Order Form, this Agreement shall govern.
- “Professional Services” means implementation and other services requested by the client with respect to the Software or the Service.
- “the provider” means the owner of the Software
- “Service” means the use of the Software as offered by the supplier on a hosted basis.
- “Software” means the Object Code form of the supplier software licensed under this Agreement, including any updates, upgrades, or other modifications thereof delivered or made accessible to the client as part of the Services or otherwise pursuant to this Agreement.
- “SOW” means a supplier-originated, mutually executed statement of work, work order, or other similar document that references this Agreement and which, upon its mutual execution by supplier and client, will be automatically incorporated by reference into, and governed under, this Agreement.
- “Term” has the meaning set forth in Section 10.0.
- “Third Party Materials” means software, interfaces, and firmware, licensed by supplier from third parties and which are incorporated into and/or distributed as part of the Software.
- “User” means an individual who is authorised by the client to use the Software within its organisation or, if applicable, within a multi-tenant or managed services environment, and to whom the client has supplied a user identification and password. Users may include, for example, clients employee’s, consultants and contractors
2.0 Grant of Limited License (the “License”).
Subject to the terms of this Agreement, including any restrictions set forth in the applicable Order Form and the payment of Fees in accordance with the applicable Order From, the supplier grants the client during the Term, a non-sublicensable, nonexclusive, revocable, non-transferable right to use the Software in Object Code as provided by supplier or the Service as made available by supplier, for the number of authorised Users (or “Seats”) as specified on the applicable Order Form. Such use shall be limited to authorised Users, shall not exceed the number of purchased Seats, and shall be used for the client’s internal business purposes only. If the Software is authorised to be used in a multi-tenant environment or as part of a managed services solution (a “Managed Service”), then the client hereby agrees that the Software will be used solely in furtherance of clients provision of the Managed Service and not for any other purpose by any unauthorised third party and, if required by supplier from time to time in the suppliers sole discretion, each User shall accept the terms of an end user license agreement for the Software.
- Except for one copy made solely for back-up or test purposes with respect to on-premises Licenses, the client may deploy or possess only the number of copies of the Software as expressly specified on the Order Form, and only in accordance with the applicable Documentation; otherwise, the client shall not copy or distribute the Software, the Documentation or any other written materials accompanying the Software. The client will be responsible for ensuring that any use of the Software by its Users is permitted by this Agreement. The Software licensed or the Service provided hereunder is licensed or provided, as applicable, solely for use in connection with the clients internal business requirements, or the provision of any permitted MSP services provided by clients to its customers (the “Customers Clients”) and may not be used for any other purpose, and any and all such uses shall be subject to all of the terms and conditions of this Agreement applicable to The client.
- Restrictions. The client will not remove, alter, or obscure proprietary notices that appear on or in the Software and Documentation, and will reproduce them on or in any copies. The client will not (and will not allow any User or other third party, including The client’s Clients, to) (i) decompile, disassemble, reverse compile, or reverse engineer or attempt to discover any source code or underlying ideas or algorithms of any Software (except to the extent that applicable law prohibits such restrictions), (ii) modify, or create derivative works based on the Software (iii) provide, sell, give, rent, lease, lend, loan, distribute, transfer, use for timesharing or service bureau purposes or otherwise use or allow others to use the Software for the benefit of any third party (except to the extent that the Software forms part of the services being provided by clients to the customers Clients), (iv) use any Software, or allow the transfer, transmission, export, or re-export of any Software or portion thereof, in violation of any United Kingdom or any other applicable export control laws or regulations, (v) develop keys or license codes other than license keys provided by the supplier for the Software or attempt to defeat or circumvent any such keys or any other access restrictions included in the Software or determine how any such keys are developed, or (vi) use or copy the Software except as expressly permitted in Section 2. All the limitations and restrictions on Software in this Agreement also apply to Documentation
The client’s usage of the Software is subject to usage limits, including, for example, the quantities specified in an Order or Quote Form. Unless otherwise specified, (a) a quantity in a Quote/ Order Form may refer to sets, users, devices, storage or other metrics as applicable to the Software or Service, and such usage of the Software or Service may not exceed the applicable usage metric, (b) a User’s password may not be shared with any other User or person, or used simultaneously with multiple instances of the Software, and (c) a User identification may be reassigned to a new individual replacing one who no longer requires use of the Software or Service. If The client exceeds a contractual usage limit, The client will execute an Order Form for additional quantities of the applicable Software promptly upon The Supplier’s request, and/or pay any invoice for excess usage in accordance with the payment terms and pricing set forth in this Agreement and any Order Form.
The client will (a) be responsible for its Users’ compliance with this Agreement, (b) be responsible for the accuracy, quality and legality of Client Data and the means by which The client acquires and uses any Client Data, (c) use commercially reasonable efforts to prevent unauthorised access to or use of the Software, Services and Client Data, and notify THE SUPPLIER promptly of any such unauthorised access or use, (d) use the Software only in accordance with its Documentation and applicable laws and government regulations, and (e) comply with terms of service of the supplier as published from time to time on the supplier’s website(s), which are hereby incorporated into this Agreement by reference.
Some Third-Party Materials may be subject to other terms and conditions, which may be found in a “Read Me” or “About” or similar file in the Software or Software documentation. If The client does not agree to such terms, The client agrees not to use the Software or any Third-Party Materials.
The client hereby grants to the supplier a nonexclusive, worldwide, royalty-free, fully-paid, transferable license to host, cache, record, copy, view, and display Client Data for the purpose of providing the Software and Services to The client: (a) internal use by the supplier and its affiliates; (b) any purpose related to the billing, activation, provision, maintenance, upgrades, updates, deactivation and/or use of the Service or the Software and/or related products and/or services; (c) any purposes permitted by any applicable law. Except as set forth in this Agreement, as between the supplier and the client, The client retains all right, title, and interest in and to Client Data. The client shall have sole responsibility for the accuracy, quality, integrity, legality, reliability, appropriateness, and right to use Client Data, and the client agrees that, except for the supplier’s gross negligence or wilful misconduct, the supplier shall not be responsible or liable for the unauthorised access to, alteration of, or deletion, correction, destruction, corruption, damage, loss or failure to secure or store Client Data. The client acknowledges and agrees that it bears sole responsibility for adequately controlling, processing, storing and backing up its Client Data. The Supplier reserves the right, but not the obligation, to refuse to post or to remove any information or materials, in whole or in part, that the Supplier believes to be unacceptable, undesirable, or in violation of this Agreement or the rights of third parties. The client represents, warrants, and covenant that: (a) it is the owner or authorised the client of Client Data and has the right to grant the rights set forth herein; (b) it has obtained all consents necessary under applicable law to disclose Client Data to the supplier; and (c) it will not publish, post, upload, record, or otherwise distribute or transmit any data or other material that: (i) infringes or would infringe any copyright, patent, trademark, trade secret or other proprietary right of any party, or any rights of publicity or privacy of any party; (ii) violates any law, statute, ordinance, or regulation; (iii) is inappropriate, profane, defamatory, libellous, obscene, indecent, threatening, harassing, or otherwise unlawful; (iv) is harmful to minors or otherwise pornographic; (v) contains any viruses, Trojan horses, worms, time bombs, cancelbots, corrupted files, or any other similar software, data, or programs that may damage, detrimentally interfere with, surreptitiously intercept, or expropriate any system, data, Personal Information, or property of another; (vi) is materially false, misleading, or inaccurate; and/or (vii) contains information for which The client does not have the right to permit the Supplier to access and process any Client Data.
While the license for Software remains effective and the applicable fees have been paid in accordance with this Agreement, the Supplier or any of its affiliates will use commercially reasonable efforts to provide the client with the support and maintenance services for the Software or the Service as described in The Supplier’s then-current support and maintenance program, a copy of which is located on The provider’s web site (“Support Services”). The Supplier may elect to change the fees for and the terms of its Support Services or terminate Support Services for the Software or the Service.
The Software is licensed, not sold, to the client. Similarly, the Services are provided on a subscription basis only, and are not sold to the client. The Supplier and its affiliates, suppliers and licensors own and retain all right, title and interest in and to:
(a) the Software, Service, and Documentation (including all copies, components thereof and all upgrades, modifications, enhancements and derivative works thereof); and,
(b) all copyrights, patent rights, trade secret rights, trademark and other intellectual property and other proprietary rights embodied in or relating to the Software, Service or Documentation. The client acknowledges and agrees that it shall have no rights with respect to any of the foregoing other than the limited rights expressly set forth in this Agreement. The Supplier expressly reserves all rights in the Software, Service and Documentation not specifically granted to The client. It is acknowledged that all right, title and interest in and to the Software, Service and Documentation will remain vested exclusively with the Supplier.
- Payment Terms.The client shall pay to the Supplier the Fees due for the Software, including VAT, in accordance with terms of this Agreement and any applicable Order Form. Except as otherwise specified herein or in an Order Form, (a) fees are based on Software licensed and Services purchased and not actual usage, (b) all payment obligations under this Agreement are non-cancellable and non-refundable, and (c) quantities purchased cannot be decreased during the relevant subscription term. Any payments more than thirty (30) days overdue will bear a late payment fee of 8.0% per month, or, if lower, the maximum rate allowed by law. All amounts payable by the client are exclusive of any import taxes, fees, duties, shipping, or other charges, however designated, now or hereafter levied. The client will be responsible for all import taxes, fees, duties, shipping or other such charges under this Agreement. The client agrees to be responsible for payment for all activity by third parties who access or use the Software through the client’s account regardless of whether such activity was authorised by the client or not. The client is responsible for all incidental charges related to using the Software such as charges for Internet access, third party software licenses, text messaging, or other data transmission.
- Payment method; Standing order. The client agrees to pay monthly charges, including VAT, on the 1st of the month, and to keep the standing order in place for the duration of the contract.
- Payment method; Credit Card Authorisation.Use of this method carries a 2.5% surcharge. Until all amounts due have been paid in full, the client agrees to keep its payment information current at all times and authorises the Supplier to charge such payment method (including but not limited to credit card or debit card) provided by the client, all amounts due under this Agreement, including without limitation, usage beyond the amount specified in the applicable Order Form. All prices are given and must be paid in the currency listed on the applicable Order Form.
- The Supplier may invoice the client electronically or by paper invoice. The client must notify the Supplier within 7 days (7) days of the receipt of the invoice of any billing errors thereon. If The client does not notify the Supplier within this time, the Supplier will not be required to correct the error or make adjustments to the client’s account and the client hereby waives any claim, allegation or contention with respect to such invoice.
- time of payment is of the essence of each Contract and the Supplier reserves the right to suspend the provision of Services and delivery of Deliverables to the Client where any amounts are overdue under any Contract until all such amounts have been paid in full
- Term; Termination; Suspension.
- License Fee. The Licensed Software is offered on a subscription basis (“License Fee”). The client agrees by accessing the Licensed Software to be responsible for all License Fees associated with said software. Unless the published terms specify otherwise, initial purchases of Licensed Software and renewals thereof are sold by subscription for a 1-year or 3-year term based on the client’s selection at time of order (even when paid for monthly, up-front annually or by some other payment plan) and may not be resold, shared, or distributed to other resellers, companies, or end-users. On renewal, Licensed Software will renew on the same payment terms (i.e. monthly or annual) as the original purchase unless you notify the Supplier of your intent to change payment plans, which is your option. The client cannot terminate a subscription that is paid for on a monthly basis until the end of the subscription period.
- Term. The client will be bound for the minimum Term of this Agreement. “Term”, defined as the period of time beginning on the Effective Date to 12 months after the anniversary of the Effective Date. Subscriptions will automatically renew on the anniversary of the Effective date unless either party gives the other party thirty (30) days notice of termination in writing.
- Termination; Suspension.This Agreement and all rights and licenses granted hereunder will automatically terminate upon the earlier of (a) the date that is thirty (30) days following a party’s receipt of written notice of any material breach delivered by either party to the other party provided that any such breach remains uncured at the end of such notice period or immediately in the case of any breach of Sections 2 or 3 by The client and (b) the end of a Term that is not renewed. Furthermore, and without derogating from any rights or remedies of the Supplier, the Supplier shall be entitled to suspend any Service and the use of the Software by The client should The client breach any term of this Agreement, including without limitation failing to pay any amounts due in a timely manner, or if continued provision of Services poses a risk to the Supplier in its sole discretion. Upon termination of this Agreement, or if the license ceases to be effective, The client shall immediately cease all use of all Software and Documentation and return or (upon the Supplier’s request) destroy all copies of all Software and Documentation and all portions thereof and so certify in writing to the Supplier and immediately pay all amounts due to the Supplier hereunder. Except as otherwise expressly provided herein, the terms of Sections 2, 9, 10, 13 and 14 shall survive any termination or non-renewal of this Agreement. Termination is not an exclusive remedy and all other remedies available under applicable law or in equity will be available to the Supplier whether or not termination occurs.
-
- THE SUPPLIER Indemnification.The Supplier shall defend the client against any third party claims that the Software infringes any UK or US patent or UK or US copyright or misappropriates any trade secret (to the extent it qualifies as a trade secret under New York law), and pay any costs and damages finally awarded by a court of competent jurisdiction or agreed upon in settlement with respect to such claims, provided the Supplier is promptly notified of any and all threats, claims and proceedings related thereto and given reasonable assistance and sole control over defense and settlement. The Supplier will not be responsible for any settlement it does not approve in writing. The foregoing obligations do not apply with respect to Software or portions or components thereof (a) not supplied by The Supplier, (bi) made in whole or in part in accordance to The client’s specifications, (c) that are modified after delivery by the Supplier, (d) combined with other products, processes or materials where the alleged infringement relates to such combination, (e) where The client continues allegedly infringing activity after being notified thereof or after being informed of modifications that would have avoided the alleged infringement, or (f) where The client’s use of the Software is not strictly in accordance with this Agreement or with the Documentation.
- The client Indemnification.The client agrees to defend, indemnify, and hold harmless each of the Supplier, its affiliates and respective officers, employees, consultants, shareholders and representative from and against any and all claims, liabilities, damages, and/or costs (including attorneys’ and expert witness fees, costs and other expenses) arising out of or related to: (a) any actual or alleged violation of this Agreement or applicable law, rule or regulation by The client or any person accessing or using the Software or services by or through the client; (b) any actual or alleged infringement or misappropriation by the client, or any person accessing or using the Software by or through The client, of any intellectual property or privacy or other right of any person or entity (except claims of infringement or misappropriation arising solely from use of the Software as provided under this Agreement); (c) any claims by any of the client’s Clients (except claims of infringement or misappropriation arising solely from use of the Software as provided under this Agreement), or arising out of or relating to the client’s relationship with any of the client’s Clients; or (d) Client Data.
12.0 Limited Warranty and Disclaimer.
The Supplier warrants to the client for a period of thirty (30) days from The client’s first use of the Software (the “Warranty Period”) that the Software will operate substantially pursuant to the Documentation for the Software. This warranty covers only problems reported to THE SUPPLIER in writing during the Warranty Period, and which are capable of being observed or reproduced by the Supplier. SOFTWARE OR ANY PART THEREOF WHICH HAS BEEN SUBJECT TO ABUSE, MISUSE, ACCIDENT, ALTERATION, MODIFICATION, NEGLECT, OR UNAUTHORISED REPAIR OR INSTALLATION IS NOT COVERED BY THIS WARRANTY. ANY LIABILITY OF THE SUPPLIER UNDER THIS WARRANTY WILL BE LIMITED EXCLUSIVELY TO REPAIR OR REPLACEMENT OF THE SOFTWARE OR, IF REPAIR OR REPLACEMENT IS INADEQUATE AS A REMEDY OR, AT THE SUPPLIER’S DETERMINATION, IMPRACTICAL, TO REFUND OF THE LICENSE FEE PAID FOR SUCH SOFTWARE. EXCEPT FOR THE FOREGOING, ALL SOFTWARE IS PROVIDED “AS IS” WITHOUT WARRANTY OF ANY KIND INCLUDING WITHOUT LIMITATION, ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE, OR NONINFRINGEMENT. FURTHER, THE SUPPLIER DOES NOT WARRANT RESULTS OF USE, THAT THE SOFTWARE IS BUG FREE OR THAT THE SOFTWARE WILL PROVIDE ANY PROTECTION AGAINST VIRUSES OR ANY NETWORK INTRUSION OR SECURITY BREACH, OR THAT THE USE OF SOFTWARE WILL BE UNINTERRUPTED OR ERROR FREE. THE SOFTWARE AND/OR SERVICE ARE NOT FAULT TOLERANT AND ARE NOT DESIGNED, MANUFACTURED, OR INTENDED FOR USE IN LIFE-DEPENDENT OR HAZARDOUS ENVIRONMENTS REQUIRING FAIL-SAFE PERFORMANCE, SUCH AS IN THE OPERATION OF NUCLEAR FACILITIES, AIRCRAFT NAVIGATION OR COMMUNICATIONS SYSTEMS, AIR TRAFFIC CONTROL, DIRECT LIFE SUPPORT MACHINES, OR WEAPONS SYSTEMS, IN WHICH THE FAILURE OF THE SOFTWARE OR SERVICE COULD LEAD TO DEATH, PERSONAL INJURY OR PHYSICAL OR ENVIRONMENTAL DAMAGE. TO THE EXTENT THE CLIENT USES THE SOFTWARE OR SERVICE IN SUCH ENVIRONMENT, IT EXPRESSLY ASSUMES ALL RISK THEREFORE.
NOTWITHSTANDING ANYTHING ELSE IN THIS AGREEMENT OR OTHERWISE, AND EXCEPT FOR BODILY INJURY CAUSED BY GROSS NEGLIGENCE OR WILLFUL MISCONDUCT BY THE SUPPLIER’S EMPLOYEES, AND TO THE FULLEST EXTENT PERMITTED UNDER APPLICABLE LAW, THE SUPPLIER AND ITS SUPPLIERS AND LICENSORS SHALL NOT BE LIABLE OR OBLIGATED WITH RESPECT TO THE SUBJECT MATTER OF THIS AGREEMENT (INCLUDING WITHOUT LIMITATION INDEMNIFICATION OBLIGATIONS) OR UNDER ANY CONTRACT, NEGLIGENCE, STRICT LIABILITY OR OTHER LEGAL OR EQUITABLE THEORY (I) FOR ANY AMOUNTS IN EXCESS IN THE AGGREGATE OF THE FEES PAID TO IT BY THE CLIENT FOR THE SOFTWARE LICENSED HEREUNDER DURING THE SIX MONTH PERIOD PRIOR TO THE CAUSE OF ACTION, (II) FOR ANY COST OF PROCUREMENT OF SUBSTITUTE GOODS, TECHNOLOGY, SERVICES OR RIGHTS, OR (III) FOR ANY INCIDENTAL, INDIRECT, SPECIAL, PUNITIVE OR CONSEQUENTIAL DAMAGES (INCLUDING, WITHOUT LIMITATION, LOSS OF PROFITS, LOSS OF USE OR DATA, DAMAGE TO SYSTEMS OR EQUIPMENT, BUSINESS INTERRUPTION OR COST OF COVER) IN CONNECTION WITH OR ARISING OUT OF THE DELIVERY, PERFORMANCE OR USE OF THE SOFTWARE, DOCUMENTATION, ANY OTHER MATERIALS PROVIDED BY THE SUPPLIER OR OTHER SERVICES PERFORMED BY THE SUPPLIER, WHETHER ALLEGED AS A BREACH OF CONTRACT OR TORTIOUS CONDUCT, INCLUDING NEGLIGENCE AND STRICT LIABILITY, EVEN IF THE SUPPLIER HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES). YOU ACKNOWLEDGE AND AGREE THAT THE SUPPLIER WOULD NOT ENTER INTO THIS AGREEMENT UNLESS IT COULD RELY ON THE LIMITATIONS DESCRIBED IN THIS PARAGRAPH.
13.0 The client Representations.
The client represents and warrants that: (a) the individual signing or accepting this Agreement has all necessary corporate or other authority to bind the entity that it purports to make party hereto, (b) The client has all necessary corporate or other authority or licenses to perform its obligations hereunder.
14.0 Legal & Insurance Disclaimer.
Licensed Software is not an insurance policy and is not a substitution or replacement for Errors and Omissions (E&O) insurance or other professional liability insurance. The Supplier makes no claims of efficacy or ability of the client to use the Company software products sold or promoted on the providers website, nor does it warrant any claims of others that may be presented in video, audio, blogs, forums, or any other portal available within or through the providers website. The licensed products are software tools for assisting in IT and security assessments and for use with compliance reporting. They are not intended to provide legal advice nor are they a replacement or substitute for legal counsel. The issues discovered through use of the tools and the recommendations expressed in the accompanying reports are the opinions of provider and may not reflect your own best practices. The client should review the reports and forms in consultation with your legal counsel and make any necessary changes to ensure that they suit your business needs. In addition, the Supplier via the provider can provide sample managed service agreements, business associate agreements, legal templates and other self-help services as a convenience with your subscription. We are not a law firm or substitute for your own counsel. The client should consult with your law firm and have these sample documents reviewed and evaluated before using.
Each party agrees to hold the other party’s Confidential Information in confidence and not to use it for any purpose other than the purposes permitted under this Agreement. Each party agrees to use the same standard of care to protect Confidential Information as it uses to protect its own similar confidential and proprietary information, but not less than a reasonable standard of care. The terms of this Agreement constitute Confidential Information. Confidential Information of the other party may only be disclosed to those Affiliates, employees, contractors and advisors of Company or of the Supplier, as applicable, on a need-to-know basis and who agree to be bound by confidentiality restrictions at least as restrictive as those contained in this Agreement; provided, that nothing shall prevent or prohibit a party from using or disclosing Confidential Information as may be required by law, rule, regulation or legal process. Confidential Information remains at all times the property of the disclosing party. Unless otherwise explicitly set forth herein, no licenses or rights under any patent, copyright, trademark, or trade secret are granted or are to be implied with respect to Confidential Information. The Supplier may identify the client as a Client when referring to lists of Clients. Furthermore, the Supplier may automatically extract and use the client’s data and information internally for the limited use of its research and analysis as may be necessary to enhance and improve the software and services it provides to its Clients, provided always that any such retained data or information of the client shall be for internal use only and shall be used in a de-identified manner only.
The client understands that the Software is programmed to track the number of deployed copies of the Software, authorised devices, users and other usage related data, and the client consents to such operations and shall not engage in any activity designed to circumvent or obstruct, or which has the effect of circumventing or obstructing, the Software’s tracking capabilities. The client grants to the Supplier the right to monitor usage by all of its users and to audit its books, records and accounts, at the Supplier’s expense, during The client’s normal business hours to verify compliance with this Agreement, and The client agrees to make available to the Supplier or its representatives any records pertaining to this Agreement. If any audit reveals that any additional amounts are owed in excess of five percent (5%) of the total Fees paid during the audited time period, then such owed amounts will be paid immediately and the cost of such audit shall be reimbursed by The client. Furthermore, in the event that the client uses any Software other than as licensed under this Agreement (or under another agreement executed by the parties), in addition to any other remedies available to the Supplier the client agrees to pay the Supplier the then current subscription Fees and any related Service fees for such unauthorised use.
Neither this Agreement nor the rights and licenses granted hereunder are assignable or transferable by the client without the prior written consent of THE SUPPLIER; any attempt to do so shall be null and void ab initio. The Supplier may assign this Agreement in whole or in part.
18.0 Notices and Electronic Communications.
The Supplier may give notice by means of a general notice on the Software, electronic mail to The client’s e-mail address on record in the Supplier’s account information, or by written communication sent by first class mail or pre-paid post to The client’s address on record in the Supplier’s account information. Such notice shall be deemed to have been given 48 hours after delivery by first class mail or pre-paid post or 12 hours after sending by email. The client shall give notice to the Supplier (such notice shall be deemed given when received by the Supplier) by confirmed mail delivery to its office at at Benjarron House, Greenside Way, Middleton, M24 1SW.
19.0 Compliance with Laws and Export Control.
The client shall abide by all applicable local, state, national and foreign laws, rules, treaties and regulations in connection with its use of the Software, including those related to data privacy, international communications and the transmission of technical or personal data. The client acknowledges that the Supplier may discontinue provision or performance of the Software or Services or terminate the license to the Software granted hereunder following any changes in any relevant applicable law, which in the sole discretion of the Supplier, makes performance impossible, or illegal. The client further acknowledges that the Software and related technology and technical data (collectively “Controlled Technology”) may be subject to the import and export laws of any country where Controlled Technology is imported or re-exported, including U.S and UK Export Administration Regulations. The client agrees not to export, re-export, import or provide any Controlled Technology to any prohibited country (such as embargoed countries), entity, or person (such as designated nationals) for which a license or other governmental approval is required or is otherwise prohibited. All Controlled Technology is prohibited for export or re-export to prohibited countries as listed at: http://www.treasury.gov/resource-center/sanctions/SDN-List/Pages/default.aspx or to any country subject to similar trade sanctions. The client further agrees that it will not use, export or sell any Controlled Technology for use in connection with chemical, biological, or nuclear weapons, or missiles, drones or space launch vehicles capable of delivering such weapons.
20.0 Governing Law; Jurisdiction.
This agreement and any dispute or claim arising out of or in connection with it or its subject matter or formation (including non-contractual disputes or claims), shall be governed by, and construed in accordance with English law. This choice of jurisdiction and venue does not prevent either party from seeking injunctive relief in connection with any breach or threatened breach of this Agreement or enforcement or recognition of any award or order in any appropriate jurisdiction. In addition, the parties agree that they may only bring claims against the other in their individual capacities and not as a plaintiff, class representative or member in any purported class or representative proceeding. The parties hereby agree that each is waiving all respective rights to a trial by jury regarding any disputes, actions, claims or causes of action arising out of or in connection with this Agreement or the Software. Any claim by either party arising out of or related to this Agreement must be brought no later than two (2) years after it has accrued. If the Supplier commences litigation in connection with this Agreement, it will be entitled to recover its reasonable attorneys’ fees, costs and other expenses.
The client acknowledges that the Software contains valuable trade secrets and proprietary information of the Supplier and are protected by applicable intellectual property laws and treaties and by international copyright law and that any actual or threatened breach of the licenses granted herein will (a) constitute infringement or misappropriation of the Suppliers intellectual property rights and (b) cause immediate, irreparable harm to the Supplier for which monetary damages would be an inadequate remedy and for which injunctive relief is an appropriate remedy, in addition to any other remedy available to the Supplier.
22.0 Entire Agreement; Severability.
Subject to the other terms and conditions of this Agreement, this Agreement is the entire agreement between the Supplier and the client regarding the client’s use of the Software, and supersedes and replaces any previous communications, representations, or agreements, or the client’s additional or inconsistent terms, whether oral or written. In the event any provision of this Agreement is held invalid or unenforceable the remainder of the Agreement will remain enforceable and unaffected thereby. This Agreement may not be modified nor any rights under it waived, in whole or in part, except in writing, signed by both parties.
24.1 The Supplier may obtain, use, process and disclose personal data about the client in order that the Supplier may discharge the services agreed under this support contract, and for other related purposes including updating and enhancing Ultimate Client records, analysis for management purposes, crime prevention and legal and regulatory compliance. The client has the right of access, under data protection legislation, to the personal data that the Supplier holds about the client
24.2 As part of the day to day monitoring of networks and devices the Supplier may become privy to personal information on work devices. When undertaking such activities the Supplier will act with due respect for the users reasonable expectation of privacy and adopt as light a touch as possible. Files and logs will not unnecessarily be browsed when looking for something specific.
24.0 Software Services provided and Cost
24.1 SOC SentinalOne Endpoint Protection Service
Description | Minimum 12-month commitment |
SOC Supported Endpoint Protection Service | Set-up fee – Complimentary due to ongoing instruction£10.00 per endpoint, per month subject to a minimum 250 endpoints.
Estimate: £2,500 + VAT per month. Please note the charge will be based upon minimum charge of 250 endpoints per month. After which you will only be charged for what you use. |
Term:- Please note this is an ongoing agreement with a minimum 12-month term, which will automatically rollover on the first-year anniversary of commencement with a one-month notice of termination.
Payment:- The client agrees to pay monthly charges, including VAT, by standing order on the 1st of the month, and to keep the standing order in place for the duration of the contract.
SOC Supported Endpoint Protection | Detail |
Initial Scoping Consultation | · Initial consultation to understand the contextual narrative regarding the requirements for CYFOR’s Endpoint Protection Service. |
Monitor & Analyse IT Environments | · To protect against threats across endpoints and networks.
|
Identify Advanced Malware | · Exploits and script-based stealth attacks, utilising attack forensics and intelligent automation.
|
Active Remediation Steps | · When confirmed malicious attacks are in progress, including scrubbing the system of any remnant of an attack. Such as malicious processes or registry keys. |
Consultancy Support | · CYFOR to conduct initial analysis of data, assessment of threats, and vulnerabilities, identify violations of policies etc.
· Provide Weekly Reports |
Perform System Rollback | · If required, to restore system and data access |
25.0 Signatures
Each of the Party’s Authorised signatories have duly executed this Agreement as of the Effective Date 13th December 2021
Signed:
Print Name:
Title:
CYFOR
Signed:
Print Name: Paul Beechinor
Title: Finance and Operations Director
APPENDIX 1
DATA PROTECTION TERMS
- DEFINITIONS AND INTERPRETATION
1.1. For the purpose of this Appendix 1, the following terms have the meanings ascribed to them (and are in addition to the definitions at condition 1.1):
“Data Controller”, “Data Processor”, “Data Subject“, “Personal Data” and “Processing” shall have the same meanings as are assigned to those terms in the Data Protection Act 2018 (the “Act”);
“Data Processing Terms” means the terms in this Appendix;
“Data Protection Legislation” means any and all data protection and / or privacy legislation, regulation and binding codes of practice applicable to the parties in the United Kingdom from time to time, including without limitation the Act, the UK GDPR (as defined in section 205(4) of the Data Protection Act 2018), and the Privacy and Electronic Communications (EC Directive) Regulations 2003 as it has effects in the UK, each as amended, supplemented and replaced from time to time;
“Personal Data” shall have the meaning ascribed to it in the Act, and includes Special Categories of Personal Data as defined therein;
“Staff” means any employee, worker or other individual or body corporate as the case may be which the Supplier uses or engages to supply, or in relation to, the Services.
- PARTIES’ ROLES UNDER THE ACT AND APPLICATION OF THESE CONDITIONS
2.1. The parties agree that, in respect of Personal Data which are provided to the Supplier by the Ultimate Client pursuant to the Contract, then, for the purposes of the Data Processing Terms, the Ultimate Client is deemed to be the Data Controller and the Supplier is deemed to be the Data Processor.
2.2. These Data Processing Terms shall apply to all Personal Data provided by the Ultimate Client to the Supplier under the Contract.
2.3. The Supplier shall comply with the Act and Regulations to the extent that they are applicable to the Services provided by the Supplier.
- OBLIGATIONS OF THE DATA PROCESSOR
3.1. The Supplier shall, in relation to any Personal Data processed in connection with the performance by the Supplier of its obligations under the Contract:
(a) process that Personal Data only on the written instructions of the Client unless the Supplier is required by the laws of any member of the European Union or by the laws of the European Union applicable to the Supplier to process the Personal Data (Applicable Data Processing Laws). Where the Supplier is relying on Applicable Data Processing Laws, the Supplier shall promptly notify the Client of this before performing the processing required by the Applicable Data Processing Laws unless those Applicable Data Processing Laws prohibit the Supplier from so notifying the Client;
(b) ensure that it has in place appropriate technical and organisational measures to protect against unauthorised or unlawful processing of the Personal Data and against accidental loss or destruction of, or damage to, the Personal Data, appropriate to the harm that might result from the unauthorised or unlawful processing or accidental loss, destruction or damage and the nature of the Personal Data, having regard to the state of technological development and the cost of implementing any measures (those measures may include, where appropriate, pseudonymising and encrypting the Personal Data, ensuring confidentiality, integrity, availability and resilience of its systems and services, ensuring that availability of and access to the Personal Data can be restored in a timely manner after an incident, and regularly assessing and evaluating the effectiveness of the technical and organisational measures adopted by it);
(c) ensure that all personnel who have access to and/or process the Personal Data are obliged to keep the Personal Data confidential; and
(d) only transfer Personal Data outside of the European Economic Area (EEA) where the following conditions are fulfilled:
(i) the Client or the Supplier has provided appropriate safeguards in relation to the transfer;
(ii) the Data Subject (as defined in the Data Protection Legislation) has enforceable rights and effective legal remedies;
(iii) the Supplier complies with its obligations under the Data Protection Legislation by providing an adequate level of protection to any of the Personal Data that is transferred; and
(iv) the Supplier complies with reasonable instructions notified to it in advance by the Client with respect to the processing of the Personal Data;
(e) ensure that all its computers and portable electronic devices (including laptops, tablets, smart phones and USB sticks) that will be used for storing, sending and receiving the Personal Data are appropriately protected against unauthorised use by encryption/passwords and appropriate firewalls/anti-virus packages (with regular and frequent updates being applied) and are physically stored securely when not in use;
(f) ensure that Personal Data transported by portable storage media or by telecommunications network shall be fully encrypted or password protected or sent by a secure virtual private network (“VPN”) as appropriate and all such data must be wiped from the storage media used for transporting the data or destroyed such that it cannot be recovered once the data has been transferred to the target system;
(g) ensure that the data centre premises on which Personal Data are stored are ISO27001 compliant and compliant with other appropriate security and audit standards throughout the term of the Contract;
(h) inform the Client immediately upon becoming aware that Personal Data has been used or Processed in a manner which is not expressly permitted by these Data Processing Terms;
(i) inform the Client immediately upon becoming aware of any actual or suspected, threatened or ‘near miss’ incident of accidental or unlawful destruction or accidental loss, alteration, unauthorised or accidental disclosure of or access to the Personal Data or other data security breach in relation to the Personal Data, or if the Personal Data is lost (temporarily or permanently) or has the potential to be misused in any way.
3.2. Notwithstanding paragraph 3.1 of this Appendix 1, the Supplier shall:
3.2.1 inform the Client and the Ultimate Client within 2 (two) Working Days in the event that the Supplier receives a request from a Data Subject seeking to exercise their rights under the Act in relation to the Personal Data and not to respond to the Data Subject other than to acknowledge receipt of the request;
3.2.2 assist the Client and the Ultimate Client, at the Clients cost, with all Data Subject information requests which may be received from any Data Subject in relation to any Personal Data; or in complying with any obligations relating to security and consulting with supervisory bodies, providing reasonable prior written notice has been given.
3.2.3 allow its data processing facilities, procedures and documentation to be submitted for scrutiny, inspection or audit by the Client and/or the Ultimate Client in order to ascertain compliance with the terms of these Data Processing Terms within twenty (20) Working Days of such a request from the Client and/or the Ultimate Client and to provide reasonable information assistance and co-operation to the Client and/or the Ultimate Client if this right is exercised. In the event that the Client and/or the Ultimate Client has to come onto premises where the Personal Data is being processed in order to carry out any scrutiny, inspection or audit, the Client and/or the Ultimate Client shall reimburse any reasonable costs directly incurred by the Supplier in permitting the Client and/or the Ultimate Client to exercise their rights under this paragraph. No Client penetration testing or vulnerability scanning is allowed during any Client or Ultimate Client audits as such actions could impact the Supplier’s ability to service other Ultimate Clients; and
3.2.4 ensure that non-authorised persons are prevented from entering areas of its premises where Personal Data is stored and used. Where this is not possible, all visitors must always be escorted.
- OBLIGATIONS OF THE DATA CONTROLLER
4.1 The Client will ensure that it has all necessary appropriate consents and notices in place to enable lawful transfer of the Personal Data to the Supplier and its duly authorised sub-contractors (which the Client hereby acknowledges may be located outside of the EEA) for the duration and purposes of the Contract.
4.2 The Client will ensure that it has all necessary appropriate consents and notices in place to enable lawful transfer of the Personal Data to the Supplier and its duly authorised sub-contractors (which the Client hereby acknowledges may be located outside of the EEA) for the duration and purposes of the Contract
4.3 The Client acknowledges and agrees that details of the Client’s name, address and payment record may be submitted to a credit reference agency for the purpose of the Supplier establishing the Client’s commercial credibility and to protect the Supplier’s business interests. Such credit search results may be retained by the Supplier for the duration of the provision of the Services
4.4 The Client consents to the Supplier using 3rd party couriers, postal services, document processing and other subcontractors as third-party processors of the Personal Data under the Contract. The Supplier confirms that it has entered or (as the case may be) will enter with the third-party processor a written agreement incorporating terms which are substantially similar to those set out in this condition. As between the Client and the Supplier, the Supplier shall remain fully liable for all acts or omissions of any third-party processor appointed by it pursuant to this condition.
4.5 The Client shall indemnify the Supplier against all liabilities, costs, expenses, damages and losses (including but not limited to any direct, indirect or consequential losses, loss of profit, loss of reputation and all interest, penalties and legal costs (calculated on a full indemnity basis) and all other professional costs and expenses) suffered or incurred by the Supplier arising out of or in connection with the breach of this condition by the Clients, its employees or agents and/or the Data Protection Legislation by the Client, its employees or agents
- DATA RETENTION POLICY
5.1. The Supplier shall not retain data for longer than is necessary and shall be in accordance with agreed retention schedules and EU/UK law.
5.2. The Supplier may be required to comply with any reasonable data retention guidelines as issued by the Client and/or the Ultimate Client and as amended from time to time (additional costs may flow to the Client for non-standard retention, such costs to be agreed in writing by the parties). This may require certain data to be identified for retention and made available to the Client in electronic form by the Supplier and the Supplier shall comply with the same.
APPENDIX 2
INFORMATION SECURITY TERMS
- on or before the date on which the Supplier commences providing the Services, provide a copy of the Supplier’s information security policy (and such policy shall include as a minimum an information security breach procedure, details of encryption used and security access controls with regards to user credentials used by its staff) to the Client and shall update and maintain and abide by the such policy throughout the term of the Contract and shall provide to the Client updated versions as and when the same are created;
- remain throughout the term of the Contract ISO 27001 compliant and shall provide the Services in accordance with such standard at all times;
- ensure that all subcontractors involved in the provision of the Services adhere to the terms of these Conditions in respect of the obligations to be performed by them as if they were signatories hereto;
- conduct security testing of its information technology systems used to provide the Services (including but not limited to penetration testing and vulnerability scans) at least once each quarter during the term of the Contract and shall provide a copy of the results of such testing promptly upon completion;
- as at the date on which the Supplier commences providing the Services, be registered with the Information Commissioner’s Office as a Data Controller (as defined in Appendix 1) and shall update and maintain such registration throughout the term of the Contract;
- ensure that all hardware assets used in or to support the provision of the Services which are in any way connected to the Client’s or the Ultimate Client’s information technology hardware or network are:
- listed in an asset register (to be maintained and updated throughout the term of the Contract such updates to occur as a minimum every six months); and
- virus and malware protected in accordance with good industry practice (to be maintained and updated throughout the term of the Contract, such updates to occur as a minimum quarterly).