Get the latest & greatest cybersecurity insights straight to your inbox:
Menu
CybeReady Terms of Service
HOME > terms of use
These Terms of Service govern Customer’s access and use of the Cybeready platform
WHEREAS
the Company is the developer and proprietor of an online platform in the field of cyber security awareness, which is offered on a software-as-a-service (SaaS) basis. The Company’s platform uses advanced automation and data science technology for the purpose of planning, executing and measuring cybersecurity training programs, and including any object code, dashboard, algorithms, utility, application software interfaces, tools, reports, analytics capabilities, any services provided via the platform and the Documentation (as defined below) shall be collectively referred to herein as the “Platform”. The Company shall provide the Customer with access to the Platform (“Access”) and additional services, if any, as specified in the order form attached as Exhibit A hereto (“Order Form”);
WHEREAS
the Customer wishes to access and use the Platform; and
WHEREAS
the Company agrees to grant the Customer the right and license to access and use the Platform, all subject to the terms of this Agreement.
NOW, THEREFORE, the Parties desire to set forth herein their agreements with respect thereto and agree as follows:
1. The Platform.
- 1. License. The Company hereby grants to Customer, and Customer hereby accepts, a limited, personal, non-exclusive, non-sublicensable, non-transferable and revocable license to access and use the Platform, during the Term (as defined below), solely for Customer’s internal business purposes, all in accordance with and subject to the terms set forth in this Agreement. Access to the Platform will be granted by remote means on a Software-as-a-Service (SaaS) basis. Unless context otherwise requires, the term “Platform” shall include any API, updates, upgrades, modifications, customizations or new versions and the Documentation.
- 2. Use by Affiliates. If the Order Form explicitly provides Customer with the right to allow its Affiliate to access and use the Platform, Customer shall: (i) provide each such Affiliate with a copy of this Agreement; (ii) ensure that each such Affiliate complies with the terms and conditions therein; and (iii) be responsible for any breach of these terms and conditions by any such Affiliate. “Affiliate” means any entity that Controls, is Controlled by, or is under common Control with Customer, where “Control” means ownership, directly or indirectly, of 50% or more of the voting interest.
- 3.Documentation. The Company may make available certain Documentation (which shall be considered part of the Company’s Confidential Information (as defined below)) to Customer to be used by Customer for its internal business purposes and solely in connection with Customer’s use of the Platform during the Term. “Documentation” means Company’s standard user documentation, whether in hard copy, or in any electronic form or other media, describing the use, features and terminate the relevant Order Form and issue a refund for the portion of pre-paid fees for the non-conforming professional services.
- 4. Access. During the Term, the Company shall provide the Customer with Access to the Platform as specified in the Order Form, for the fees described therein. The Access does not require any on-site activities. Professional services that are not identified herein or in the Order Form are subject to additional fees, in accordance with the Company’s then current rates. Unless explicitly stated herein and/or in the Order Form, the Company is under no obligation to provide professional services, modifications or customizations of the Platform under this Agreement.
- 5. Maintenance and Support. 1.5.The Company will provide to Customer support and maintenances services with respect to the Platform, in accordance with the service level agreement (“SLA”) attached as Exhibit B hereto.
- 6. Professional Services. Customer may purchase additional professional services, as detailed in the Order Form, including without limitation, implementation, installation, managed services, consultancy services customization, additional maintenance and support and training, for additional fees. Company warrants that the professional services will be provided in a professional, workmanlike manner consistent with this Agreement. Customer must notify Company of any breach of this warranty within thirty (30) days of discovery of the breach. Customer’s sole and exclusive remedy, and Company’s sole and exclusive liability, for a breach of the foregoing warranty will be for Company, in its sole discretion, either to use reasonable efforts to re-perform the professional services or to
- 7. Smishing campaign. Notwithstanding to the above, as part of the services the Company may send certain SMS messages directly to the Customer’s employees, on behalf of the Customer (the “Smishing campaigns”). The Customer represents and warrants that (i) the Company is authorized to send such SMS messages to Customer’s employees, on behalf of the Customer, as part of the provision of the Services; (ii) the Customer shall comply with all applicable laws relating to such SMS messages services and shall be solely responsible for obtaining all employees’ consents and approvals required under applicable laws; and (iii) the Customer shall refrain from utilizing the Platform and the Smishing campaigns to send private SMS messages to its employees or consultants. The Customer is permitted to use the SMS messaging functionality and the Platform solely for the purposes outlined in this Agreement and for the Company’s business purposes
- 6. Professional Services. Customer may purchase additional professional services, as detailed in the Order Form, including without limitation, implementation, installation, managed services, consultancy services customization, additional maintenance and support and training, for additional fees. Company warrants that the professional services will be provided in a professional, workmanlike manner consistent with this Agreement. Customer must notify Company of any breach of this warranty within thirty (30) days of discovery of the breach. Customer’s sole and exclusive remedy, and Company’s sole and exclusive liability, for a breach of the foregoing warranty will be for Company, in its sole discretion, either to use reasonable efforts to re-perform the professional services or to
2. Fees; Payment Terms.
2.1 Fees. Customer shall pay all fees specified in the relevant Order Form and such fees are non-refundable. Unless explicitly stated in the Order Form, (i) set-up fees (if any) and annual subscription fees will be paid in advance, no later than thirty (30) days following the Effective Date or each renewal date of the subscription, as applicable; and (ii) all other amounts invoiced hereunder are due and payable within thirty (30) days of the date of the invoice, unless otherwise noted in the Order Form.
2.2 Payment Terms. Any amount not paid when due shall accrue interest on a daily basis until paid in full at the lesser of: (i) the rate of one and a half percent (1.5%) per month; or (ii) the highest amount permitted by applicable law. All amounts payable under this Agreement are exclusive of all sales, use, value-added, withholding, and other direct or indirect taxes, charges, levies and duties. All taxes, withholdings and duties of any kind payable with respect to Customer’s use of the Platform under this Agreement, other than taxes based on Company’s net income, shall be borne and paid by Customer.
2.3 Channel Partners.In the event Customer acquires Access through an authorized reseller, distributor, or managed service provider (“Channel Partner”), all payment-related terms will be set forth in the applicable agreement between such Channel Partner and Customer. Any agreements Customer enters into with a Channel Partner shall be between Customer and the Channel Partner and shall not be binding upon the Company.
2.2 Payment Terms. Any amount not paid when due shall accrue interest on a daily basis until paid in full at the lesser of: (i) the rate of one and a half percent (1.5%) per month; or (ii) the highest amount permitted by applicable law. All amounts payable under this Agreement are exclusive of all sales, use, value-added, withholding, and other direct or indirect taxes, charges, levies and duties. All taxes, withholdings and duties of any kind payable with respect to Customer’s use of the Platform under this Agreement, other than taxes based on Company’s net income, shall be borne and paid by Customer.
2.3 Channel Partners.In the event Customer acquires Access through an authorized reseller, distributor, or managed service provider (“Channel Partner”), all payment-related terms will be set forth in the applicable agreement between such Channel Partner and Customer. Any agreements Customer enters into with a Channel Partner shall be between Customer and the Channel Partner and shall not be binding upon the Company.
3. Account
An account will be created in connection with Customer’s use of the Platform (the “Account”), to be accessed and/or used solely by Customer’s employees or service providers who are explicitly authorized by Customer to use the Platform (each, a “Permitted User”). Customer hereby acknowledges and agrees: (i) to keep, and ensure that the Permitted Users keep the Account login details and passwords secured at all times, and otherwise comply with the terms of this Agreement; (ii) to remain solely responsible and liable for the activity that occurs in the Account and for any breach of this Agreement by a Permitted User; and (iii) to promptly notify Company in writing if Customer becomes aware of any unauthorized access or use of the Account or the Platform.
4. Prohibited Uses
Users may only access the Platform via the Account. Except as expressly permitted herein, without the prior written consent of Company, Customer must not, and shall not allow any Permitted User or any other third party to, directly or indirectly: (i) modify, incorporate into or with other software, or create a derivative work of any part of the Platform; (ii) sell, license (or sub-license), lease, assign, transfer, pledge, or share Customer’s rights under this Agreement with or to anyone else; (iii) copy, distribute or reproduce the Platform for the benefit of third parties; (iv) disclose the results of any testing or benchmarking of the Platform to any third party, or use such results for Customer’s own competing software development activities or use the Platform in order to build or support, and/or assist a third party in building or supporting, products or services which are competitive to Company’s business; (v) modify, disassemble, decompile, reverse engineer, revise or enhance the Platform or attempt to discover the Platform’s source code or the underlying ideas or algorithms of the Platform; (vi) use the Platform in a manner that violates or infringes any rights of any third party, including but not limited to, right of privacy, proprietary rights or intellectual property rights of any third parties including without limitation copyright, trademarks, designs, patents and trade secrets; (vii) remove or otherwise modify any of the Company’s trademarks, logos, copyrights, notices or other proprietary notices or indicia, if any, fixed, incorporated, included or attached to the Platform nor copy any local agent, the Documentation or any written materials accompanying the Platform; (ix) use the Platform for any purpose other than for the purpose for which the Platform is designated, which is security and privacy training, or other than in compliance with the terms of this Agreement; (x) circumvent, disable or otherwise interfere with security-related features of the Platform or features that enforce limitations on the use of the Platform; (xi) use any automated means to access the Platform; (xii) use the Platform under all applicable privacy laws; (xiii) integrate the Platform (or any part thereof) into Customer’s hardware or systems other than as instructed by the Company; (xviii) ship, transfer, or export the Platform into any country, or make available or use the Platform in any manner, prohibited by applicable laws (including without limitation export control laws, as applicable); (xiv) violate or abuse log-in and/or password protections governing access to the Platform; (xv) allow any third party other than the Permitted Users to use the Platform; (xvi) access, store, distribute, or transmit during the course of its use of the Platform any malicious code (i.e., software viruses, Trojan horses, worms, malware or other computer instructions, devices, or techniques that erase data or programming, infect, disrupt, damage, disable, or shut down a computer system or any component of such computer system), or unlawful, threatening, obscene or infringing material; and/or (xvii) use the Platform in any other unlawful manner.
5. Customer Data; Analytics Information.
5.1. Customer Data. The operation of the Platform and the provision of the Access require the Company to monitor, copy, use, analyze, modify and process certain data provided to the Company by the Customer (collectively, the “Customer Data”). The Company will extract Customer Data only to the extent relevant in order to provide the Customer with Access to the Platform. The Customer shall have sole responsibility for the accuracy, quality and legality of the Customer Data and the means by which Customer acquired such Customer Data, including any personal data included therein. The Customer hereby grants the Company with a right to access the Customer Data and use the information included therein to provide Access to the Platform and warrants that: (i) it is the rightful owner of such Customer Data; (ii) it is permitted to grant the Company with such access and use rights and that such access will not conflict or otherwise breach the Customer Data’ legal terms; (iii) the Customer Data do not include any materials or content which would be unlawful for the Company to store or process; and (iv) all Customer Data has been collected, processed and transferred to the Company in accordance with applicable laws, including if required by applicable law, the Customer has provided the required notice and received all required consents from its data subjects for the processing of their personal data by the Company, including with respect to the transfer of their data to a third country (including outside of the EU/EEA). The collection, use, and disclosure of Customer Data in connection with Customer’s use of the Platform is subject to the Company Privacy Policy. By using the Platform, Customer and each user acknowledge that the Customer Data will be processed in accordance with both the Company Privacy Policy and this Agreement
5.2. Ownership of Customer Data. The Customer agrees that the Company will collect, monitor, store, analyze, process and use the Customer Data, on the Customer’s behalf, in order to provide the Access offered to the Platform. As between Company and Customer, the Intellectual Property Rights (as such term is defined below) and all other right, title and interest of any nature in and to the Customer Data, which may be stored on the Company’s database, are and shall remain the exclusive property of Customer and its licensors. The Company shall be considered granted a non-revocable, non-exclusive, assignable, sub-licensable, royalty-free and fully paid-up license to use the Customer Data, in order to provide the Platform. Except as set forth herein, nothing in this Agreement shall be construed as transferring any right, title or interests in the Customer Data to the Company or any third party. Company will delete Customer Data and all user information within 45 days after the termination of this Agreement.
5.3. Results. The Platform includes a dashboard that provides the Customer, inter-alia, with access to reports which are comprised of the results of processing the Customer Data by the Platform (“Output Data”). The Customer is solely and exclusively responsible: (i) for all actions it takes in response to the Output Data; (ii) to thoroughly review the Output Data, check for any alerts or warnings issued by the Platform, address the findings specified in the Output Data, and determine what actions are appropriate in light thereof; and (iii) to carry out such actions as the Customer deems appropriate as a result of the Output Data. The Company is not responsible or liable for the Customer’s reliance upon and use of the Output Data.
5.4. Anonymous Non-identifiable Analytics. The Company may collect, disclose, publish and use in any other manner anonymous information which is derived from the use of the Platform and/or the Customer Data (i.e., non-identifiable information, aggregated and analytics information that does not identify an individual person) (collectively, “Analytics Information”), in order to provide and improve the Company’s Platform, for R&D purposes and for any other legitimate business purpose. The Company is and shall remain the sole owner of the Analytics Information.
5.2. Ownership of Customer Data. The Customer agrees that the Company will collect, monitor, store, analyze, process and use the Customer Data, on the Customer’s behalf, in order to provide the Access offered to the Platform. As between Company and Customer, the Intellectual Property Rights (as such term is defined below) and all other right, title and interest of any nature in and to the Customer Data, which may be stored on the Company’s database, are and shall remain the exclusive property of Customer and its licensors. The Company shall be considered granted a non-revocable, non-exclusive, assignable, sub-licensable, royalty-free and fully paid-up license to use the Customer Data, in order to provide the Platform. Except as set forth herein, nothing in this Agreement shall be construed as transferring any right, title or interests in the Customer Data to the Company or any third party. Company will delete Customer Data and all user information within 45 days after the termination of this Agreement.
5.3. Results. The Platform includes a dashboard that provides the Customer, inter-alia, with access to reports which are comprised of the results of processing the Customer Data by the Platform (“Output Data”). The Customer is solely and exclusively responsible: (i) for all actions it takes in response to the Output Data; (ii) to thoroughly review the Output Data, check for any alerts or warnings issued by the Platform, address the findings specified in the Output Data, and determine what actions are appropriate in light thereof; and (iii) to carry out such actions as the Customer deems appropriate as a result of the Output Data. The Company is not responsible or liable for the Customer’s reliance upon and use of the Output Data.
5.4. Anonymous Non-identifiable Analytics. The Company may collect, disclose, publish and use in any other manner anonymous information which is derived from the use of the Platform and/or the Customer Data (i.e., non-identifiable information, aggregated and analytics information that does not identify an individual person) (collectively, “Analytics Information”), in order to provide and improve the Company’s Platform, for R&D purposes and for any other legitimate business purpose. The Company is and shall remain the sole owner of the Analytics Information.
5.5. Customer Created Content, LMS.
5.5.1. Depending on the Access purchased, Customer may use the Platform to host its assets, content, and other materials, such as training materials, documents, manuals, photos, video and audio files (“Customer Content”) to make available to its users on or through the Platform or the Company’s learning management system (“LMS”). Customer shall retain ownership of the Customer Content. Subject to, and conditioned on, Customer’s and its users’ compliance with the terms and conditions of this Agreement, during the applicable Term, Company may provide Customer remote electronic access to the Customer Content through the Platform in accordance with this Agreement. Company has the right to: (a) take any action with respect to Customer Content that it deems necessary or appropriate, in Company’s sole discretion, including if Company reasonably believes that such Customer Content violates this Agreement, infringes any intellectual property right or other right of any person or entity, threatens the personal safety of any person, or creates potential liability for Company; (b) take appropriate legal action including, without limitation, referral to law enforcement related to any illegal or unauthorized Customer Content provided by Customer; or (c) terminate or suspend Customer’s access to the Platform for violation of this Agreement. Customer grants Company and each of its licensees, successors, and assigns the right to use, reproduce, modify, perform, display, distribute, and otherwise disclose the Customer Content as necessary to make the Customer Content available to Customer and its users through the Platform.
5.5.2. Customer represents and warrants that: (a) Customer owns all rights in and to the Customer Content and/or has the right to grant the licenses granted herein to Company and each of its licensees, successors, and assigns; and (b) all Customer Content does and will continue to comply with this Agreement; (c) all Customer Content does and will continue to comply with all applicable laws and regulations; and (d) the Customer Content does not and will not: (i) contain any material which is defamatory, obscene, indecent, abusive, offensive, violent, hateful, inflammatory, or otherwise objectionable; (ii) promote sexually explicit or pornographic material, violence, or discrimination based on race, sex, religion, nationality, disability, sexual orientation, or age; (iii) infringe any patent, trademark, trade secret, copyright, or other intellectual property or other rights of any person; (iv) violate the legal rights (including the rights of publicity and privacy) of others or contain any material that may give rise to any civil or criminal liability under applicable laws or regulations or that otherwise may be in conflict with this Agreement; (v) promote any illegal activity or advocate, promote, or assist in any unlawful act; (vi) intentionally create unreasonable disturbances to any other person or organization; or (vii) contain any: (A) viruses, trojan horses, worms, backdoors, or other software or hardware devices, the effect of which would permit unauthorized access to, or disable, erase, or otherwise harm any computer, systems, software, or content; or (B) time bombs, drop dead devices, or other software or hardware devices designed to disable a computer program automatically with the passage of time or under the positive control of any person, or otherwise deprive Company, or its customers/users, of its lawful rights. In addition to Customer’s indemnification obligations contained in this Agreement, Customer will defend and indemnify Company and hold it harmless from any and all claims, losses, deficiencies, damages, liabilities, costs, and expenses (including, but not limited to, reasonable attorneys’ fees) incurred by Company as a result of any claim by a third party arising from Company’s hosting or distribution of the Customer Content as authorized under this Agreement. The procedure for indemnification will be as set forth in the Section covering Customer’s indemnification obligations
5.5.3. Use of Third Party LMS. In the event Customer uses its own or a third party’s LMS for hosting content provided by Company, Customer will ensure strict compliance in accordance with this Agreement and will ensure an agreement is in place with any such LMS third party provider that contains substantially the same level of protection for the content provided by the Company. After the termination or expiration of the applicable Term, Customer will ensure all content of the Company is removed from any LMS system.
5.5.2. Customer represents and warrants that: (a) Customer owns all rights in and to the Customer Content and/or has the right to grant the licenses granted herein to Company and each of its licensees, successors, and assigns; and (b) all Customer Content does and will continue to comply with this Agreement; (c) all Customer Content does and will continue to comply with all applicable laws and regulations; and (d) the Customer Content does not and will not: (i) contain any material which is defamatory, obscene, indecent, abusive, offensive, violent, hateful, inflammatory, or otherwise objectionable; (ii) promote sexually explicit or pornographic material, violence, or discrimination based on race, sex, religion, nationality, disability, sexual orientation, or age; (iii) infringe any patent, trademark, trade secret, copyright, or other intellectual property or other rights of any person; (iv) violate the legal rights (including the rights of publicity and privacy) of others or contain any material that may give rise to any civil or criminal liability under applicable laws or regulations or that otherwise may be in conflict with this Agreement; (v) promote any illegal activity or advocate, promote, or assist in any unlawful act; (vi) intentionally create unreasonable disturbances to any other person or organization; or (vii) contain any: (A) viruses, trojan horses, worms, backdoors, or other software or hardware devices, the effect of which would permit unauthorized access to, or disable, erase, or otherwise harm any computer, systems, software, or content; or (B) time bombs, drop dead devices, or other software or hardware devices designed to disable a computer program automatically with the passage of time or under the positive control of any person, or otherwise deprive Company, or its customers/users, of its lawful rights. In addition to Customer’s indemnification obligations contained in this Agreement, Customer will defend and indemnify Company and hold it harmless from any and all claims, losses, deficiencies, damages, liabilities, costs, and expenses (including, but not limited to, reasonable attorneys’ fees) incurred by Company as a result of any claim by a third party arising from Company’s hosting or distribution of the Customer Content as authorized under this Agreement. The procedure for indemnification will be as set forth in the Section covering Customer’s indemnification obligations
5.5.3. Use of Third Party LMS. In the event Customer uses its own or a third party’s LMS for hosting content provided by Company, Customer will ensure strict compliance in accordance with this Agreement and will ensure an agreement is in place with any such LMS third party provider that contains substantially the same level of protection for the content provided by the Company. After the termination or expiration of the applicable Term, Customer will ensure all content of the Company is removed from any LMS system.
6. Warranties.
- 6.1. Customer represents and warrants that: (i) it will use the Platform in compliance with any applicable laws, including without limitation privacy protection laws; and (ii) Customer has informed its employees and any other person as applicable about the use of the Platform prior to its initial use, and Customer, its employees and any other person to whom phishing simulation emails are sent at the request of Customer will not have any claim or demand against Company in connection thereto.
- 6.2. The Company shall comply with the written instructions of the Customer as to (i) data required from Customer, (ii) the way users’ data is processed in the Platform, so that the process of matching messages sent to different user groups will be optimized according to their performance, (iii) the display of user performance data in the readiness report and matching data to small organizational units so that individual users cannot be identified, (iv) whether to automatically receive an email notification on a specific user’s click.
- 6.3. The Company undertakes to comply with information security guidelines provided by the Customer.
- 6.4. When Customer updates its users list, the Platform identifies users who do not exist and automatically deletes their data.
7. Mutual Warranties.
Each Party represents and warrants (a) that it is duly organized, validly existing and in good standing (if applicable) under the laws of its jurisdiction of incorporation or organization; and (b) that the execution and performance of this Agreement will not conflict with any obligations it has towards third parties, or violate any provision of any applicable law.
8. Ownership.
Without prejudice to the Parties’ rights under other Sections of this Agreement:
- 8.1. The Platform. The Platform is not for sale and is and shall remain Company’s sole property. All right, title, and interest, including any Intellectual Property Rights evidenced by or embodied in, attached, connected, and/or related to the Platform and/or the Access and any and all derivative works, improvements, enhancements, updates, upgrades and customizations thereof or thereto (in each case regardless of whether specifically included in the Access ordered by the Customer or not) are and shall remain owned solely by the Company or its licensors. This Agreement does not convey to Customer any interest in or to the Platform but only, as aforesaid, a limited revocable right to use the Platform, in accordance with the terms of this Agreement, and nothing herein constitutes a waiver of the Company’s Intellectual Property Rights under any law. “Intellectual Property Rights” means: (i) patents and patent applications throughout the world, including all reissues, divisions, continuations, continuations-in-part, extensions, renewals, and re-examinations of any of the foregoing, all whether or not registered or capable of being registered; (ii) common law and statutory trade secrets and all other confidential or proprietary or useful information that has independent value, and all know-how, in each case whether or not reduced to a writing or other tangible form; (iii) all copyrights, whether arising under statutory or common law, whether registered or not; (iv) all trademarks, trade names, corporate names, company names, trade styles, service marks, certification marks, collective marks, logos, and other source of business identifiers, whether registered or not; (v) moral rights in those jurisdictions where such rights are recognized; (vi) any rights in source code, object code, mask works, databases, algorithms, formulae and processes; (vii) all other intellectual property and proprietary rights, and all rights corresponding to the foregoing throughout the world; and (viii) the unique methodology, together with the various types of email phishing messages, all learning materials, including text, illustrations and video clips, including any figures.
- 8.2. Feedback. If Customer contacts Company with feedback data (g., questions, comments, suggestions or the like) regarding the Platform (collectively, “Feedback”), such Feedback shall be deemed non-confidential, and the Company shall have a non-exclusive, royalty-free, worldwide, perpetual license to use or incorporate such Feedback into the Platform and/or other current or future products or services of the Company (without the Customer’s approval and without further compensation to the Customer).
9. Confidentiality and Sensitive Information.
- 9.1. Confidential Information. Each Party may have access to certain non-public and/or proprietary information of the other Party, in any form or media, including (without limitation) confidential trade secrets and other information related to the products, software, technology, data, know-how, or business of the other Party, whether written or oral, and any other information that a reasonable person or entity should have reason to believe is proprietary, confidential, or competitively sensitive (the “Confidential Information”). Each Party shall take reasonable measures, at least as protective as those taken to protect its own confidential information, but in no event less than reasonable care, to protect the other Party’s Confidential Information from disclosure to a third party. Neither Party shall use or disclose the Confidential Information of the other Party except as expressly permitted under this Agreement or by applicable law. For the avoidance of doubt, a recipient Party may disclose the other Party’s Confidential Information to its officers, employees, service providers or advisors solely on a “need to know” basis, and provided that they are bound by similar nondisclosure obligations as those of this Agreement. All right, title and interest in and to Confidential Information are and shall remain the sole and exclusive property of its disclosing Party.
- 9.1. Sensitive Information. The Company undertakes to protect Sensitive Information (as defined below) to which the Company and its employees will be exposed within the framework of the Access that will be provided at the Costumer, including to refrain from disclosing and transferring it to any party or using if for any purpose other than providing Access to the Consumer. “Sensitive Information” shall include personal data of the Customer’s employees which is provided by the Customer, and the results of the readiness report.
10. Reference Customer
Customer agrees that the Company may identify Customer as a user of the Platform and use Customer’s trademark and/or logo (i) in sales presentations, promotional/marketing materials, and press releases, and (ii) in order to develop a brief customer profile for use by Company on Company’s website or social media accounts for promotional purposes.
11. Limited Warranties.
- 11.1. The Company represents and warrants that, under normal authorized use, the Platform shall substantially perform in conformance with its Documentation. As the Customer’s sole and exclusive remedy and the Company’s sole liability for breach of this warranty, the Company shall repair the Platform in accordance with the SLA. The foregoing warranties shall not apply if the failure of the Platform results from or is otherwise attributable to: (i) repair, maintenance or modification of the Platform by persons other than the Company or its authorized agent; (ii) accident, negligence, abuse or misuse of the Platform; (iii) use of the Platform other than in accordance with the Documentation and/or the Company’s instructions; (iv) the combination of the Platform with equipment or software not authorized or provided by the Company or otherwise approved by the Company in the Documentation; (v) any downtime, defect or error caused by or attributable to any third party software, technology or system that is beyond the control of the Company, and/or (vi) during any evaluation or testing period.
- 11.2. OTHER THAN AS EXPLICITLY STATED IN THIS AGREEMENT, TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, THE PLATFORM (INCLUDING ANY OUTPUT DATA) AND ACCESS ARE PROVIDED ON AN “AS IS” BASIS. IN ADDITION TO OTHER DISCLAIMERS CONTAINED IN THIS AGREEMENT, THE COMPANY DOES NOT WARRANT THAT THE PLATFORM (INCLUDING THE OUTPUT DATA) WILL MEET CUSTOMER’S REQUIREMENTS, THAT THE PLATFORM’S OPERATION AND THE ACCESS WILL BE SECURED AT ALL TIMES, UNINTERRUPTED, ERROR-FREE, FALSE-POSITIVES FREE, FREE OF VIRUSES, BUGS, WORMS, OTHER HARMFUL COMPONENTS OR OTHER SOFTWARE LIMITATIONS. WITHOUT DEROGATING FROM THE FOREGOING, COMPANY SHALL NOT BE RESPONSIBLE FOR CUSTOMER’S DETERMINATION WHETHER TO ACT ON THE BASIS OF ANY OUTPUT DATA AND FOR ANY OUTCOMES OF SUCH DECISION.
- 11.3 TO THE EXTENT PERMITTED BY APPLICABLE LAW, THE COMPANY EXPRESSLY DISCLAIMS ALL EXPRESS WARRANTIES AND ALL IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, NON-INTERFERENCE, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT AND ANY WARRANTIES ARISING OUT OF COURSE OF DEALING OR USAGE OF TRADE.
- 11.4. COMPANY SHALL NOT BE RESPONSIBLE FOR UNAUTHORIZED ACCESS TO OR ALTERATIONS OF THE CUSTOMER DATA, TO THE EXTENT THAT SUCH ACCESS OR ALTERATION IS NOT DUE TO COMPANY’S WILLFUL MISCONDUCT.
11.5 THE PARTIES ACKNOWLEDGE AND AGREE THAT USE OF THE PLATFORM BY THE CUSTOMER MAY REQUIRE INTEGRATION AND/OR USE OF THIRD PARTY SERVICES AND SYSTEMS (“THIRD PARTY SERVICES”). NOTWITHSTANDING ANYTHING TO THE CONTRARY IN THIS AGREEMENT, THE COMPANY SHALL HAVE NO RESPONSIBILITY OR LIABILITY WITH RESPECT TO THE OPERATIONS AND/OR TERMS OF SERVICES OF ANY SUCH THIRD PARTY SERVICES AND/OR THEIR INTEGRATION WITH THE PLATFORM. NOTWITHSTANDING THE ABOVE, THE COMPANY WILL UTILIZE REASONABLE COMMERCIAL EFFORTS TO ASSIST CUSTOMER, AT CUSTOMER’S REQUEST, TO ENSURE THE PROPER OPERABILITY OF THE PLATFORM”.
12. Limitation of Liability
- 12.1. TO THE FULLEST EXTENT PERMITTED BY APPLICABLE LAW, THE COMPANY, ITS LICENSORS, SUPPLIERS, AFFILIATES, DISTRIBUTORS AND RESELLERS SHALL NOT BE LIABLE WHETHER UNDER CONTRACT, TORT (INCLUDING NEGLIGENCE) OR OTHERWISE, TO CUSTOMER OR ANY THIRD PARTY FOR ANY LOSS OR DAMAGE, INCLUDING, WITHOUT LIMITATION, INDIRECT, SPECIAL, INCIDENTAL, PUNITIVE, EXEMPLARY OR CONSEQUENTIAL DAMAGES OF ANY KIND (INCLUDING BUT NOT LIMITED TO, ANY LOSS OR DAMAGE TO BUSINESS EARNINGS, LOST PROFITS OR GOODWILL AND LOST OR DAMAGED DATA OR DOCUMENTATION), SUFFERED BY ANY PERSON, ARISING FROM, RELATED TO, AND/OR CONNECTED TO, ANY USE OF OR INABILITY TO USE THE PLATFORM (INCLUDING APPLICABLE INSTALLATIONS, IF ANY) AND/OR THE OUTPUT DATA AND/OR THE ACCESS, EVEN IF THE COMPANY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
- 12.2. IN ANY CASE, WITHOUT LIMITING THE GENERALITY OF THE FOREGOING AND TO THE MAXIMUM EXTENT LEGALLY PERMISSIBLE, THE COMPANY’S, ITS LICENSORS’, SUPPLIERS’, AFFILIATES’ DISTRIBUTORS’ AND/OR RESELLERS’ TOTAL AGGREGATE LIABILITY FOR ALL DAMAGES OR LOSSES WHATSOEVER ARISING HEREUNDER OR IN CONNECTION WITH THE CUSTOMER’S USE OR INABILITY TO USE THE PLATFORM AND/OR THE OUTPUT DATA AND/OR THE ACCESS SHALL IN NO EVENT EXCEED, IN THE AGGREGATE, THE TOTAL AMOUNTS ACTUALLY PAID TO COMPANY UNDER THE APPLICABLE ORDER FORM IN THE TWELVE (12) MONTH PERIOD PRECEDING THE EVENT GIVING RISE TO SUCH CLAIM. INASMUCH AS SOME JURISDICTIONS DO NOT ALLOW EXCLUSIONS OR LIMITATIONS AS SET FORTH HEREIN, THE FULL EXTENT OF THE ABOVE EXCLUSIONS AND LIMITATIONS MAY NOT APPLY.
13. Company's Indemnification.
- 13.1. Company acknowledges and agrees to defend, at its expense, any third party action or suit brought against the Customer alleging that the Platform infringes intellectual property rights held by any third party (“IP Infringement Claim”), and the Company will pay any damages awarded in final judgment against the Customer that are attributable to any such claim, suit or proceeding; provided that (i) the Customer notifies the Company promptly in writing of such claim; and (ii) the Customer grants the Company authority to handle the defense or settlement of any such claim, suit or proceeding and provides the Company with all reasonable information and assistance, at Company’s expense. The Company will not be bound by any settlement that the Customer enters into without the Company’s prior written consent.
- 13.2. If the Platform becomes, or in the Company’s opinion is likely to become, the subject of an IP Infringement Claim, then the Company may, at its sole option and expense (a) procure for the Customer the right to continue using the Platform; (b) replace or modify the Platform to avoid the IP Infringement Claim; or (c) if options (a) and (b) cannot accomplished despite the Company’s reasonable efforts, then the Company may discontinue providing the Platform and provide the Customer a prorated refund based on the remainder of the applicable Platform subscription (license) term.
- 13.3. 13.3.Notwithstanding the foregoing, the Company shall have no responsibility for any IP Infringement Claim resulting from or based on: (i) modifications to the Platform made by any party other than the Company or its designee; (ii) the Customer’s failure to use updated or modified versions or patches provided by the Company specifically to avoid such infringement; or (iii) the combination or use of the Platform with equipment, devices or software not supplied or authorized by the Company, or not in accordance with the Company’s instructions.
- 13.4. THE FOREGOING TERMS STATE THE COMPANY’S SOLE AND EXCLUSIVE LIABILITY AND THE CUSTOMER’S SOLE AND EXCLUSIVE REMEDY FOR ANY CLAIMS OF INTELLECTUAL PROPERTY INFRINGEMENT OR MISAPPROPRIATION.
14. Customer's Indemnification
The Customer agrees to defend, indemnify and hold harmless the Company, its officers, directors, employees, agents and resellers, from and against any and all claims, damages, obligations, losses, liabilities, costs, debts, and expenses (including but not limited to attorney’s fees) arising from: (i) the Customer’s breach of its warranties, obligations and undertakings under this Agreement, (ii) a third party claim, suit or proceeding alleging that the use of the Customer Data within the scope of this Agreement infringes, or may infringe, any intellectual property, publicity or privacy right of a third party, (iii) any claim or demand by any employees of Customer and any other person to whom phishing simulation emails are sent at the request of Customer, and (iv) any third party’s claims regarding the Smishing campaigns.
15. Term and Termination.
- 15.1. Term. This Agreement shall enter into force and effect on the Effective Date and, unless earlier terminated in accordance with Section 15.2 below, or unless stated otherwise in the Order Form, shall continue for a period of twelve (12) months from the Effective Date (the “Term”)”.
- 15.2. Termination. Either Party may terminate this Agreement with immediate effect if the other Party materially breaches this Agreement and such breach remains uncured (to the extent that the breach can be cured) thirty (30) days after having received written notice thereof; except that the cure period for non-payment shall be ten (10) days following said notice. In the event that either Party becomes liquidated, dissolved, bankrupt or insolvent, whether voluntarily or involuntarily, or shall take any action to be so declared, and such event is not cancelled within 60 days, the other Party shall have the right to immediately terminate this Agreement.
- 15.3. Effects of termination. Upon termination or expiration of this Agreement: (i) Company will cease from providing the Access hereunder, the licenses granted to Customer under this Agreement shall expire, and Customer shall discontinue all further use of the Platform; (ii) Customer shall immediately permanently delete all copies of the Documentation in Customer’s or any of its representatives’ possession or control; (iii) the receiving Party shall immediately return and/or permanently delete (as instructed by the disclosing Party) the Confidential Information, other than data that the recipient is required to retain by law, regulation or governmental order; and (iv) any sums paid by the Customer until the date of termination are non-refundable, and Customer shall not be relieved of its duty to discharge in full all due sums owed by the Customer to Company under this Agreement until the date of termination or expiration hereof, which sums shall become immediately due and payable on the date of termination or expiration of the Agreement. The provisions of this Agreement that, by their nature and content, must survive the termination of this Agreement in order to achieve the fundamental purposes of this Agreement shall so survive. Termination of this Agreement shall not limit either Party from pursuing any other remedies available to it under applicable law.
16. Compliance.
- 16.1. Anti-Bribery & Corruption. Customer will not: (a) make any unlawful payments to any government official or employee; (b) make any unlawful payment to any person or unlawfully provide anything of value (whether as property, services, or in any other form) to any person for the purpose of obtaining an improper business advantage; or (c) agree, commit, or otherwise offer to undertake any of the foregoing actions in connection with this Agreement or any related activities.
- 16.2. International Trade Compliance. The sale, resale, or other disposition of Access and any related technology or documentation are subject to various economic sanctions, export control laws, and other restrictive trade measures administered by the U.S. and other applicable governments. Because these laws may have extraterritorial effect, Customer will comply with all such measures where applicable, including, without limitation: (a) the Export Administration Act of 1979, as amended (50 U.S.C. §§ 2401–2420) and the Export Administration Regulations, 15 C.F.R. §§ 730–774 (“EAR”); (b) the Arms Export Control Act, 22 U.S.C. § 2778, and the corresponding International Traffic in Arms Regulations (“ITAR”); (c) the economic sanctions laws and regulations enforced by the U.S. Department of the Treasury’s Office of Foreign Assets Control (“OFAC”), 31 C.F.R. §§ 500, et seq., and the U.S. Department of State; and (d) the anti-boycott regulations, guidelines, and reporting requirements under the Export Administration Regulations and Section 999 of the Internal Revenue Service Code. Customer understands and acknowledges that it is solely responsible for complying with such laws whenever applicable. Customer further understands and acknowledges that it will not directly or indirectly export, import, sell, disclose, or otherwise transfer any Access to any country or party subject to such restrictions, and that it is solely responsible for obtaining any license(s) to export, re-export, or import the Subscription Services that may be required.
17. Miscellaneous.
This Agreement represents the complete agreement concerning the subject matter hereof and may be amended only by a written agreement executed by both Parties. The failure of either Party to enforce any rights granted hereunder or to take action against the other Party in the event of any breach hereunder shall not be deemed a waiver by that Party as to subsequent enforcement of rights or subsequent actions in the event of future breaches. If any provision of this Agreement is held to be unenforceable, such provision shall be reformed only to the extent necessary to make it enforceable. Neither Party may assign its rights or obligations under this Agreement without the prior written consent of the other Party. Notwithstanding the foregoing, either Party may assign this Agreement without the consent of the other in connection with any merger (by operation of law or otherwise), consolidation, reorganization, change in control or sale of all or substantially all of its assets related to this Agreement or similar transaction. This Agreement shall be governed by and construed under the laws of the State of Israel or Delaware, without reference to principles and laws relating to the conflict of laws. This Agreement does not, and shall not be construed to create any relationship, partnership, joint venture, employer-employee, agency, or franchisor-franchisee relationship between the Parties. Company will not be liable for any delay or failure to provide the Access resulting from circumstances or causes beyond the reasonable control of the Company (i.e., force majeure events). This Agreement may be executed in electronic counterparts, each of which counterpart, when so executed and delivered, shall be deemed to be an original and all of which counterparts, taken together, shall constitute but one and the same instrument.
This Agreement, including the agreements, schedules and exhibits, incorporated by reference, contains the entire Agreement among the parties hereto with respect to the matters contemplated hereby and supersedes all agreements and undertakings between the parties with respect to such matters, including any terms and conditions in purchase orders or other documents provided by Customer.
BY PURCHASING A SUBSCRIPTION AND/OR ACCESSING AND/OR USING OF THE PLATFORM, CUSTOMER ACKNOWLEDGES THAT (A) CUSTOMER HAS READ AND REVIEWED THIS AGREEMENT IN ITS ENTIRETY, (B) CUSTOMER AGREES TO BE BOUND BY THIS AGREEMENT, (C) CUSTOMER HAS AUTHORITY AND LEGAL RIGHT TO ENTER INTO THIS AGREEMENT, AND (D) THIS AGREEMENT CONSTITUTES BINDING AND ENFORCEABLE OBLIGATIONS OF CUSTOMER.
EXHIBIT A
Service Level Agreement
This Service Level Agreement (“SLA”) is for the provisioning of support services required to support and sustain the Platform. Termination of the Agreement will result in termination of this SLA
Customer Requirements. Customer responsibilities and/or requirements in support of this SLA include: (a) Customer’s compliance with the Agreement and the applicable Order From; (b) reasonable availability of Customer’s admin and/or technical representative(s) when resolving a service-related incident or request; and (c) providing proper notice of non-compliance of the Company with any warranty in accordance with the Agreement and sufficiently detailing the non-compliance in a manner that enables the Company to properly assist with the remediation. The Company will not be responsible for delays caused by Customer’s failure to respond to requests from the Company. Customer understands that the Platform will only operate in accordance with the Company’s Documentation, as defined in the Agreement, and it is Customer’s responsibility to ensure that the Platform will be fit for its purposes and to ensure that the Platform will be supported by Customer’s technology and business environment. Customer understands that Platform is non-mission critical to Customer’s business.
In the event Customer purchases Access through an authorized Channel Partner, such Channel Partner may have its own SLA associated with the purchase. Customer acknowledges that Company is not responsible or liable for ensuring compliance with such Channel Partner SLA.
Customer Requirements. Customer responsibilities and/or requirements in support of this SLA include: (a) Customer’s compliance with the Agreement and the applicable Order From; (b) reasonable availability of Customer’s admin and/or technical representative(s) when resolving a service-related incident or request; and (c) providing proper notice of non-compliance of the Company with any warranty in accordance with the Agreement and sufficiently detailing the non-compliance in a manner that enables the Company to properly assist with the remediation. The Company will not be responsible for delays caused by Customer’s failure to respond to requests from the Company. Customer understands that the Platform will only operate in accordance with the Company’s Documentation, as defined in the Agreement, and it is Customer’s responsibility to ensure that the Platform will be fit for its purposes and to ensure that the Platform will be supported by Customer’s technology and business environment. Customer understands that Platform is non-mission critical to Customer’s business.
In the event Customer purchases Access through an authorized Channel Partner, such Channel Partner may have its own SLA associated with the purchase. Customer acknowledges that Company is not responsible or liable for ensuring compliance with such Channel Partner SLA.
CybeReady shall keep the following service level standards along this agreement:
| Severity | Description |
|---|---|
| P1 | There is a direct and immediate impact on customer’s production work. E.g. an attack sent creates an immediate reaction by most of the users and that requires immediate response of the security team |
| P2 | Indirect or low impact on customer’s users. E.g. double intensity set for users incorrectly/not intentionally |
| P3 | All others E.g. Incorrect language set for specific user |
| Email support | [email protected] |
| Open a ticket | support.cybeready.com |
| Knowledge-base Portal | support.cybeready.com |
| Issue Type | Severity | First Response | Resolution |
|---|---|---|---|
| Problem / Malfunction | p1 | 8 BH | Continuous through business hours to resolution or workaround. E.g. Specific message is removed or service is stopped until message is replaced and approved |
| p2 | NBD | By priority during business hours E.g. double intensity is disabled | |
| P3 | 2 BD | By priority during business hours E.g. Language corrected | |
| Request | P1 | NBD | By priority during business hours E.g. Remove message due to customer similar internal process (HR Survey) |
| p2 | NBD | By priority during business hours E.g. Change PII setting | |
| P3 | 2 BD | By priority / According to business limitations E.g. Update users list will not be executed during the last 3 days of a campaign |
Get the latest & greatest cybersecurity insights straight to your inbox:
Copyright © 2024 – CybeReady
Copyright © 2024 – CybeReady
You are just one step away from building employee readiness to cyber attack
We will reach out to you shortly.
In the meantime, please check out our complimentary CISO Tool Kit
You are just one step away from
redefining cyber security training for your organization
We will reach out to you shortly.
In the meantime, please check out our complimentary CISO Tool Kit, or visit Our Blog
You are just one step away from building employee readiness to cyber attack
We will reach out to you shortly.
In the meantime, please check out our complimentary CISO Tool Kit, or visit Our Blog
