Effective July 2, 2023 – CyberHeed Terms and Conditions

Note : Please note that these Terms and Conditions may be amended from time to time. It is important for the customer to regularly review the most up-to-date version of the Terms and Conditions provided by Cyberheed to stay informed about any changes or updates.

CYBERHEED SAAS TERMS AND CONDITIONS

This Agreement is the entire agreement of the parties regarding the Services, and it includes the Order, all exhibits attached to these Terms, and all of the other terms and conditions incorporated into this Agreement by reference. This Agreement supersedes all prior or contemporaneous agreements, proposals, negotiations, conversations, discussions, and understandings, written or oral, with respect to the Services and all past dealings or industry customs. In the event of a conflict between the terms of these Terms and the terms and conditions of the applicable Order, the terms of these Terms will govern. Capitalized terms utilized but not defined in these Terms are defined in the Order.

1. Cyberheed Offerings.

1.1 Services and Support. Cyberheed provides cybersecurity services as further described in each Order. During each Subscription Period, Cyberheed will use its best efforts to (a) provide (or otherwise make available) the Services (as defined herein), and (b) provide the Consulting Support (as defined herein).
1.2 Orders. Each Order outlines (a) the specific services (including, the Data Outputs (as defined below)) to be provided (or otherwise made available) by Cyberheed (collectively, the “Services”), (b) the period the Services will be provided (each, a “Subscription Period”), (c) the fees for the Services per Subscription Period (“Subscription Fees”), (d) whether the Services will be accessed via an API, and (e) the applicable support for the Services (“Support”).
1.3 Grant and Data Outputs.
1.3.1 During the term of this Agreement, Cyberheed grants to Customer a non-exclusive, worldwide, non-sublicensable, and non-transferable license to (a) access (via API or otherwise) and use the Services, including granting Customer’s full-time employees (each, a “User”) the right to access and use the Services, and (b) access and download the outputs and related tangible data (“Data Outputs”) generated by the Services for the purpose of analyzing, reporting, and making informed business decisions.
1.3.2 During the term of this Agreement, Cyberheed grants to Customer a non-exclusive, worldwide, non-sublicensable, and non-transferable license to (a) use the Data Outputs (and any image, Demand Expressions™ number or a photograph contained within the Data Outputs) solely for Customer’s internal business purposes, and (b) share insights based on the Data Outputs with third parties; provided, that (i) Customer provides attribution to Cyberheed, and (ii) in no event may Customer use, disclose or grant access to any raw data derived in connection with the Services unless Customer obtains Cyberheed’s prior written consent. For avoidance of doubt, Customer may share the insights from the Data Outputs with others only with attribution to Cyberheed.
1.4 Consulting Support. Prior to the commencement of any Consulting Support custom analysis, request or project, parties will agree the scope and hours.
1.5 Customer Data. Customer owns all right, title and interest in and to the data or information provided by Customer to Cyberheed via the Services, and otherwise accessed from Customer by the Services (collectively, the “Customer Data”), except that, during the term of this Agreement, Customer grants to Cyberheed a non-exclusive, royalty-free, worldwide, and sub-licensable right and license to reproduce, modify, and store all Customer Data in connection with the Services including but not limited to the following:

    • Use of Aggregated and Anonymized Data: the Service Provider may share aggregated and anonymized data about the client with third parties, without requiring explicit consent from the customer. The Service Provider shall take reasonable measures to ensure that the shared data is securely transmitted and protected by appropriate confidentiality obligations imposed on the third parties involved in the data sharing process.
    • Confidentiality and Protection of Client Data: The Service Provider agrees to maintain the confidentiality of the Client Data and take all necessary measures to protect it from unauthorized access, disclosure, or use. The Service Provider shall employ industry-standard security practices to safeguard the Client Data and ensure that its employees or any third parties involved in providing the services under this agreement are bound by appropriate confidentiality obligations.
    • Sale of Aggregate Data and Insights: the Service Provider may use the aggregated and anonymized Client Data to derive insights and conduct analysis. The Service Provider is permitted to sell or otherwise monetize such aggregated data or insights, provided that individual client identities or confidential information are not disclosed. The Service Provider shall take reasonable measures to ensure the confidentiality of the customer is protected while selling or sharing the aggregated data or insights.
    • Data Sharing with Third Parties: Service Provider may share non-aggregated data about the client with third parties, including but not limited to insurers, if explicit consent is obtained from the customer. The shared data shall be limited to the extent necessary for the specific purpose outlined in the consent provided by the customer. The Service Provider shall take reasonable measures to ensure that the shared data is securely transmitted and protected by appropriate confidentiality obligations imposed on the third parties involved in the data sharing process.
    • Personalized Recommendations: By agreeing to this agreement, the client provides consent for the Service Provider to provide personalized recommendations or advertisements based on their data. The recommendations or advertisements shall be limited to the extent necessary for the specific purpose outlined in this agreement and shall be relevant, non-intrusive, and aligned with the client’s preferences.

1.6 Customer will have sole responsibility for the accuracy, quality, integrity, legality, reliability, and appropriateness for all the Customer Data, and Cyberheed will not be responsible or liable for the deletion, correction, destruction, damage, loss, or failure to store any Customer Data.

2. Use Requirements.

Customer is responsible for maintaining the confidentiality of its User passwords, IDs, and other credentials and login information (collectively, “Passwords”), and Customer agrees that Cyberheed has no liability with respect to the use of any Passwords. Customer must notify Cyberheed immediately if Customer has reason to believe that the security of Customer’s account has been compromised or if any of the Services have been accessed by any unauthorized individuals.

3. Fees and Payment Terms.

3.1 Subscription Fees. In exchange for Customer’s right to use the Services, Customer will pay to Cyberheed the Subscription Fees set forth in the applicable Order. The Subscription Fees do not include taxes. Cyberheed, at its sole discretion, may modify its pricing during any Subscription Period, provided that (a) Cyberheed notifies Customer of such modifications no less than 60-days prior to the close of the then current Subscription Period, and (b) such modifications will only be effective as of the directly subsequent Subscription Period.
3.2 Payment Terms. Customer will pay the Subscription Fees for the Services set forth in the applicable Order in accordance with the payment terms set forth in such Order. Unless otherwise set forth in an Order, the initial payment of the Subscription Fees with respect to an Order must be paid by Customer to Cyberheed within 30 days of the Effective Date of such Order. Unless Cyberheed states otherwise, all payments must be made (a) in US dollars unless otherwise stated in the Order, and (b) by bank wire transfer in immediately available funds to an account designated by Cyberheed.
3.3 Interest and Additional Terms. Interest on any late payments will accrue at the rate of 0.75 % per month, or the highest rate permitted by law, whichever is lower, from the date such amount is due until the date such amount is paid in full. Customer will be responsible for, and will pay all sales and similar taxes on, all license fees and similar fees levied upon the provision of the Services, excluding only taxes based solely on Cyberheed’s net income. Notwithstanding any terms to the contrary in this Agreement, Cyberheed will not be obligated to issue any refunds for Subscription Fees paid.

4. Term, Termination and Effects of Termination.

4.1 Term. Unless terminated as set forth in this Agreement, the term of this Agreement commences upon the Effective Date and continues until the end of the Subscription Period
4.2 Termination and Suspension. Either party may terminate this Agreement, for cause, if the other party breaches this Agreement and does not remedy such breach within 30 days after its receipt of written notice of such breach. Further, notwithstanding any terms to the contrary in this Agreement, Cyberheed may suspend use of the Services (or any portion thereof) with notice to Customer and without liability (a) if it appears that Cyberheed may be required by any applicable laws to suspend the Services, or (b) for any other reason.
4.3 Effects of Termination. Upon any expiration or termination of this Agreement (a) all rights and licenses granted to Customer under this Agreement will immediately terminate, (b) each party will promptly provide the other party with all confidential information of such other party then in its possession or destroy all copies of such other party’s confidential information, at such other party’s sole discretion and direction; (c) Customer must immediately pay to Cyberheed all amounts due and payable up to the effective date of termination of this Agreement. Notwithstanding any terms to the contrary in this Agreement, (i) Sections 3, 4.3, 6, 7, 8, 9, 10,11,12,13, and 14 will survive any termination or expiration of this Agreement, and (ii) no refunds will be issued.

5. Representations, Warranties, and Remedies.

5.1 General. Each party represents and warrants that (a) it is validly existing and in good standing under the laws of the place of its establishment or incorporation, (b) it has full corporate power and authority to execute, deliver, and perform its obligations under this Agreement, (c) the person signing this Agreement on its behalf has been duly authorized and empowered to enter into this Agreement, (d) this Agreement is valid, binding, and enforceable against it in accordance with its terms, and (e) it will perform its obligations and exercise its rights under this Agreement in accordance with all applicable laws.
5.2 Specific. Cyberheed represents and warrants that it will perform the Support and Consulting Support (if any) in a professional and workmanlike manner. Further, Customer represents and warrants that (i) it possesses the necessary rights and consents to grant Cyberheed the rights set forth in this Agreement with respect to Customer Data, and (ii) none of the Customer Data (or the use of the Customer Data by Cyberheed) will infringe, misappropriate, or violate any Intellectual Property Rights (as defined below), rights of privacy, rights of publicity, or any other rights of any individuals or entities.

6. Warranty and Disclaimer.

6.1 EXCEPT AS SET FORTH IN SECTION 5, THE SERVICES ARE PROVIDED ON AN “AS IS” AND “AS AVAILABLE” BASIS WITHOUT ANY REPRESENTATIONS, WARRANTIES, COVENANTS, OR CONDITIONS OF ANY KIND (EXPRESS OR IMPLIED, STATUTORY OR OTHERWISE), INCLUDING, BUT NOT LIMITED TO, WARRANTIES OF MERCHANTABILITY, TITLE, FITNESS FOR A PARTICULAR PURPOSE, OR NONINFRINGEMENT.
6.2 CUSTOMER-SIDE BREACHES: THE SERVICE PROVIDED BY CYBERHEED IS INTENDED TO OFFER INSIGHTS AND ADVICE ON HOW TO IMPROVE VARIOUS ASPECTS OF CYBER SECURITY. HOWEVER, IT DOES NOT GUARANTEE THE PREVENTION OF BREACHES OR SECURITY INCIDENTS ON THE CUSTOMER’S SIDE. CYBERHEED SHALL NOT BE HELD LIABLE FOR ANY BREACHES, LOSSES, DAMAGES, OR LIABILITIES ARISING FROM CUSTOMER-SIDE BREACHES, INCLUDING BUT NOT LIMITED TO NEGLIGENCE, INADEQUATE SECURITY MEASURES, OR ACTIONS OF THIRD PARTIES.

7. Indemnification.

7.1 Cyberheed Indemnification. Cyberheed, at its sole expense, will defend Customer from and against any and all third-party claims, suits, actions, or proceedings (each a “Claim”), and indemnify Customer from any related damages, payments, deficiencies, fines, judgments, settlements, liabilities, losses, costs, and expenses (including, but not limited to, reasonable attorneys’ fees, costs, penalties, interest, and disbursements) that are awarded by a court of competent jurisdiction or included in a settlement approved, in advance, and in writing, by Cyberheed resulting from or arising in connection with the exercise of any of the rights granted to Customer under Section 1 with respect to the Services (excluding the Data Outputs) infringing any Intellectual Property Rights (as defined below) of any third party. Cyberheed’s indemnification obligations do not extend to Claims arising from or relating to (a) any negligent or willful misconduct of Customer or any of Customer’s employees, contractors, and/or service providers (collectively, the “Customer Personnel”) or any third party, or (b) the use of the Services by any of the Customer Personnel or any third party in a manner contrary to the terms of this Agreement where the infringement would not have occurred but for such use. For the purpose of this Agreement, “Intellectual Property Rights” means all patent rights, copyrights, moral rights, trademark rights, trade secret rights, and any other form of Intellectual Property Rights recognized in any jurisdiction, including applications and registrations, for any of the foregoing.
7.2 Customer Indemnification. Customer, at its sole expense, will defend Cyberheed from and against any and all Claims and indemnify Cyberheed from any related damages, payments, deficiencies, fines, judgments, settlements, liabilities, losses, reasonable costs, and expenses (including, but not limited to, reasonable attorneys’ fees, costs, penalties, interest, and disbursements) that are awarded by a court of competent jurisdiction or included in a settlement approved, in advance, and in writing, by Customer resulting from or arising in connection with the alleged or actual breach of any of Customer’s representations or warranties, or any negligence or willful misconduct by Customer (including, but not limited to, any of the Users) or any party acting on behalf of Customer.
7.3 Procedures. The indemnifying party’s indemnification obligations under this Section 7 are conditioned upon the indemnified party: (a) giving prompt written notice of the Claim to the indemnifying party once the indemnified party becomes aware of the Claim (provided that failure to provide written notice within a reasonable time to the indemnifying party will not alleviate an indemnifying party’s obligations under Section 7 to the extent any associated delay does not materially prejudice or impair the defense of the related Claims); (b) granting the indemnifying party the option to take sole control of the defense (including granting the indemnifying party the right to select and use counsel of its own choosing), and settlement of the Claim (except that the indemnified party’s prior written approval will be required for any settlement that reasonably can be expected to require an affirmative obligation of the indemnified party); and (c) providing reasonable cooperation to the indemnifying party and, at the indemnifying party’s request and expense, assistance in the defense or settlement of the Claim.

8. Limitation of Liability.

8.1 Consequential Damages Waiver. EXCEPT FOR (A) BREACHES OF SECTION 9, (B) INFRINGEMENT, MISAPPROPRIATION, OR VIOLATION OF ANY INTELLECTUAL PROPERTY RIGHT OF A PARTY, OR (C) EACH PARTY’S INDEMNIFICATION OBLIGATIONS AS SET FORTH IN SECTION 7, NEITHER PARTY WILL BE LIABLE FOR ANY LOSS OF PROFITS OR ANY INDIRECT, SPECIAL, INCIDENTAL, RELIANCE, OR CONSEQUENTIAL DAMAGES OF ANY KIND, REGARDLESS OF THE FORM OF ACTION, WHETHER IN CONTRACT, TORT (INCLUDING NEGLIGENCE), STRICT LIABILITY, OR OTHERWISE, EVEN IF INFORMED OF THE POSSIBILITY OF SUCH DAMAGES IN ADVANCE.
8.2 Liability Cap. EXCEPT FOR (A) BREACHES OF SECTION 9, (B) INFRINGEMENT, MISAPPROPRIATION, OR VIOLATION OF ANY INTELLECTUAL PROPERTY RIGHT OF A PARTY, OR (C) EACH PARTY’S INDEMNIFICATION OBLIGATIONS AS SET FORTH IN SECTION 7, EACH PARTY’S ENTIRE LIABILITY TO THE OTHER PARTY WILL NOT EXCEED THE SUBSCRIPTION FEES ACTUALLY PAID BY CUSTOMER TO CYBERHEED DURING THE SUBSCRIPTION PERIOD WITHIN WHICH THE DAMAGES OCCURRED. FURTHER, NOTWITHSTANDING ANY TERMS TO THE CONTRARY IN THIS AGREEMENT, (I) CYBERHEED WILL NOT BE LIABLE FOR ANY DISCLOSURE OF, UNAUTHORIZED USE OF AND/OR UNAUTHORIZED ACCESS TO ANY CUSTOMER DATA OR OTHER DATA UNLESS SUCH DISCLOSURE, UNAUTHORIZED USE OF AND/OR UNAUTHORIZED ACCESS SOLELY AND DIRECTLY RESULTS FROM CYBERHEED’S GROSS NEGLIGENCE.
8.3 Failure of Essential Purpose. MULTIPLE CLAIMS WILL NOT EXPAND THIS LIMITATION. THIS SECTION 8 WILL BE GIVEN FULL EFFECT EVEN IF ANY REMEDY SPECIFIED IN THIS AGREEMENT IS DEEMED TO HAVE FAILED OF ITS ESSENTIAL PURPOSE.

9. Confidentiality.

9.1 Each party agrees not to disclose the terms and conditions of this Agreement to any third party; provided, however, each party may disclose the terms and conditions of this Agreement (a) in confidence to such party’s legal counsel, accountants, banks, financing sources, and their advisors, (b) in confidence in connection with the enforcement of this Agreement or rights under this Agreement, or (c) in confidence in connection with an actual or proposed merger, acquisition, or similar transaction. Each party acknowledges that any unauthorized disclosure of confidential information of the other party will result in irreparable injury to such other party, which injury could not be adequately compensated by the payment of money damages. In addition to any other legal and equitable remedies that may be available, either party will be entitled to seek and obtain injunctive relief against any breach or threatened breach by the other party of the confidentiality obligations set forth in this Agreement, from any court of competent jurisdiction, without being required to show any actual damage or irreparable harm, prove the inadequacy of its legal remedies, or post any bond or other security. The Data Outputs (not the Company Data contained in the Data Outputs) constitute Cyberheed’s confidential information.

10. Intellectual Property.

10.1 Ownership: Any pre-existing intellectual property rights, including but not limited to software, algorithms, methodologies, processes, and know-how, owned by CyberHeed shall remain the sole property of CyberHeed.
10.2 Service Provider’s Intellectual Property: The Service Provider retains all right, title, and interest in any intellectual property, including software, tools, methodologies, and proprietary processes, developed or used by the Service Provider in the course of providing the services under this agreement (“Service Provider’s Intellectual Property”).
10.3 Third-Party Intellectual Property: The Parties agree to respect the intellectual property rights of third parties. If either Party becomes aware of any infringement or potential infringement of third-party intellectual property rights in connection with the provision or use of the services, it shall promptly notify the other Party.
10.4 Survival of Rights: The provisions of this section shall survive the termination or expiration of this agreement, ensuring the ongoing protection of intellectual property rights.

11. Restrictions.

Except as expressly authorized by this Agreement, Customer may not (a) modify, disclose, alter, translate, or create derivative works of the Services (or any components thereof), (b) license, sublicense, resell, distribute, lease, rent, lend, transfer, assign, or otherwise dispose of the Services (or any components thereof), (c) use the Services to store or transmit any viruses, software routines, or other code designed to permit unauthorized access, to disable, erase, or otherwise harm software, hardware, or data, or to perform any other harmful actions, (d) copy, frame, or mirror any part or content of the Services, (e) build a competitive product or service, or copy any features or functions of the Services, (f) interfere with or disrupt the integrity or performance of the Services, (g) attempt to gain unauthorized access to the Services or their related systems or networks, (h) disclose to any third party any performance information or analysis relating to the Services, (i) remove, alter, or obscure any proprietary notices in or on the Services including copyright notices, (j) disclose or make available Passwords that Cyberheed has provided to Customer or the Users, or (k) cause or permit any User or third party to do any of the foregoing.

12. Data Protection and Privacy.

Data Collection and Usage

12.1 Personal Identifiable Information (PII): We only collect and store the necessary PII required to provide our services effectively. This may include names, email addresses, and other relevant information as required by law or for the proper functioning of the platform.
12.2 Purpose Limitation: The collected PII will be used solely for the purpose of providing and improving our services. We will not use or disclose PII for any other purposes without obtaining explicit consent from the User.
12.3 Data Minimization: We adhere to the principle of data minimization and will only collect and retain the minimum amount of PII necessary for the intended purpose.
12.4 Lawful Basis: We process PII based on a lawful basis, such as User consent, compliance with legal obligations, or the necessity for the performance of a contract.
12.5 Third-Party Processors: In certain cases, we may engage trusted third-party processors to assist in delivering our services. These processors are bound by strict confidentiality and data protection obligations.
12.6 Data Retention: We retain PII only for as long as necessary to fulfill the purposes outlined in this agreement or as required by applicable laws or regulations.

Data Security

12.7 Confidentiality: We maintain strict confidentiality of all User data, including PII, and implement appropriate security measures to protect against unauthorized access, alteration, disclosure, or destruction.
12.8 Encryption: We use industry-standard encryption techniques to secure User data during transmission and storage.
12.9 Access Controls: Access to User data is limited to authorized personnel who require it for the provision of our services, and access is granted on a need-to-know basis.

User Rights

12.10 User Consent: By using our services, users consent to the collection, processing, and storage of their PII as outlined in this agreement.
12.11 User Rights: Users have the right to access, rectify, and delete their PII, as well as to restrict or object to its processing. Requests to exercise these rights can be made through the contact details provided in this agreement.

13. Channel.

13.1 Payment terms for transactions with a Cyberheed channel partner will be determined and agreed upon by the CUSTOMER and the respective channel partner.

14. General Provisions.

14.1 Governing Law and Venue. This Agreement will be construed and take effect as a contract made in United States and will be governed by United States law, and the parties submit to the non-exclusive jurisdiction of the United States courts.
14.2 Feedback. Notwithstanding any terms to the contrary in this Agreement, any suggestions, comments, or other feedback provided by Customer to Cyberheed with respect to Cyberheed or the Services (collectively, “Feedback”) will constitute Confidential Information of Cyberheed. Further, Cyberheed will be free to use, disclose, reproduce, license, and otherwise distribute and exploit the Feedback provided to it as it sees fit, entirely without obligation or restriction of any kind on account of Intellectual Property Rights or otherwise.
14.3 Data and Analytics. Notwithstanding any terms to the contrary in this Agreement, Customer acknowledges and agrees that Cyberheed may monitor, collect, use, and store anonymous and aggregate statistics regarding use of the Services and/or any individuals/entities that interact with the Services and any Customer Data (collectively, “Cyberheed Analytic Data”).
14.4 Ownership. As between the parties and subject to the grants expressly set forth in this Agreement, Customer owns all right, title, and interest in and to Customer Data and any and all Intellectual Property Rights embodied in or related to the foregoing. Cyberheed, notwithstanding any terms to the contrary in this Agreement, owns all right, title, and interest in and to the Services and Cyberheed Analytic Data, together with any and all Intellectual Property Rights embodied in or related to the foregoing.
14.5 Publicity. Customer consents to Cyberheed’s use of Customer’s name and logo on Cyberheed’s web site and publicly-available printed materials, identifying Customer as a customer of Cyberheed. Within 30 days of the Effective Date, the parties will announce their relationship by issuing a mutually approved press release. If Customer does not make reasonable efforts to approve a press release within 30 days, Customer agrees that Cyberheed shall have the right, but not the obligation, to issue a release naming Customer as a client. Further, both parties will cooperate on case studies and participate in industry conferences with joint keynotes.
14.6 Force Majeure. Except for payments due under this Agreement, neither party will be responsible for any failure to perform or delay attributable in whole or in part to any cause beyond its reasonable control, including but not limited to acts of God (fires, storms, floods, earthquakes, etc.), civil disturbances, disruption of telecommunications, disruption of power or other essential services, interruption or termination of service by any service providers, labor disturbances, vandalism, cable cut, computer viruses or other similar occurrences, or any malicious or unlawful acts of any third party (a “Force Majeure Event”).
14.7 Electronic Communications. Cyberheed may choose to electronically deliver all communications with Customer, which may include email to the email address Customer provides to Cyberheed. Cyberheed’s electronic communications to Customer may transmit or convey information about action taken on Customer’s request, portions of Customer’s request that may be incomplete or require additional explanation, any notices required under applicable law, and any other notices. Customer agrees to do business electronically with Cyberheed and to receive electronically all current and future notices, disclosures, communications, and information, and that the aforementioned electronic communications satisfy any legal requirement that such communications be in writing. An electronic notice will be deemed to have been received on the day of receipt as evidenced by such email.
14.8 Assignment. Neither this Agreement nor any right or duty under this Agreement may be transferred, assigned, or delegated by a party, by operation of law or otherwise, without the prior written consent of the other party, and any attempted transfer, assignment, or delegation without such consent will be void and without effect. Notwithstanding the foregoing, either party may assign this Agreement without other party’s prior written consent to any third party that purchases all or substantially all of such party’s business or assets by merger, acquisition, sale, reorganization, or otherwise. Subject to the other terms and conditions set forth in this provision, this Agreement will be binding upon and will inure to the benefit of the parties and their respective representatives, heirs, administrators, successors, and permitted assigns.
14.9 Waiver and Severability. A party’s delay or failure to exercise a right or remedy will not result in a waiver of that right or remedy. If a court of competent jurisdiction holds any provision of this Agreement to be illegal, invalid, or unenforceable under the governing law, the remaining provisions will remain in full force and effect, and will be construed so as to most nearly reflect the parties ‘intent with respect to such provision.