Last Update: 2 August 2023
1. Terminology 1.1 Within this Contract, the subsequent terms will have the interpretations as mentioned:
- “Agreement” refers to these conditions combined with the Purchase Order, its annexes, schedules, and all related documents.
- “Business Day” is any day excluding Saturdays, Sundays, or bank and public holidays in England.
- “Confidential Information” encompasses all non-public data or details related to either Party, regardless of the medium of conveyance.
- “Client User” denotes any representative, agent, or consultant of the Client who accesses the Services on the Client’s behalf.
- “Effective Date” is the day the Purchase Order is approved by ResilientX Security.
- “End Clients” are the Client’s consumers for whom the Client might use the Services.
- “Fees” refer to the charges for the Services as detailed in the chosen Plan.
- “Force Majeure” pertains to uncontrollable events that impact a Party’s contractual obligations.
- “Intellectual Property Rights” encompasses all proprietary rights, registered or otherwise, globally.
- “ResilientX Dashboard” is the online interface where Clients can manage their Target Systems and review vulnerabilities.
- “Order” is the specified service request approved by ResilientX Security.
- “Party” or “Parties” pertains to either ResilientX Security or the Client, as context dictates.
- “Plan” is the selected service package by the Client, specifying Fees and Term.
- “Platform” denotes the software infrastructure of ResilientX Security, including the ResilientX Dashboard.
- “Platform Data” refers to aggregated, anonymized data derived from Platform usage.
- “Services” means the solutions provided by ResilientX Security as detailed in the Order.
- “Target System” refers to individual digital systems identified for vulnerability assessments.
- “Term” is the duration specified in the Plan or Order.
- “Vulnerability” indicates any detected potential threats to the Target System.
1.2 Structural Conventions
(a) Headings in this Contract are for convenience and do not influence its interpretation. (b) Words in singular or plural, or of any gender, are interchangeably valid. (c) Expressions like “including” or “especially” should be understood expansively. (d) All references in this Contract pertain to these Terms and Conditions unless explicitly stated otherwise.
2. The Service
2.1 Upon ResilientX Security’s acknowledgment of a pertinent Purchase Order and receipt of the associated Fees, and the Client’s compliance with this Contract, ResilientX Security pledges to provide the stated Services to the Client.
2.2 Clients can: (a) Use the Services for internal corporate purposes. (b) Extend the Services to its End Clients, incorporating their systems in the Target Systems.
2.3 Clients must prevent direct access of End Clients to the Services or Platform. Services should be used on behalf of End Clients by the Client only.
2.4 The Client assumes responsibility for any access to the Service via their or their users’ credentials.
2.5 Data processing requirements will be governed by Schedule 1 – the Data Processing Agreement.
3. Client’s Digital Systems and Obligations
3.1 The Client must fulfill its responsibilities, understanding that ResilientX Security’s service provision depends on the Client’s commitment.
3.2 ResilientX Security is granted access to the Client’s digital infrastructure for services under legal frameworks.
3.3 Clients must ensure they possess permissions for any systems they add to the Service.
3.4 Outside the UK, Clients must ensure Service usage compliance with local regulations.
3.5 Clients should not misuse or allow Platform or Service misuse.
4. Safeguarding and Limitations
4.1 The Client acknowledges that ResilientX Security will use testing techniques to detect vulnerabilities.
4.2 ResilientX Security will maintain system integrity and prevent unauthorized access during its assessments.
4.3 Services are general and may not detect all vulnerabilities.
4.4 ResilientX Security is not liable for any damages or losses arising from Service provision or undetected vulnerabilities.
5. Intellectual Property
5.1 ResilientX Security has independently funded, licensed, and developed the Services, inclusive of the technology and systems that constitute parts of the Services.
5.2 All Intellectual Property Rights in the Services, the Platform, and Platform Data are exclusively owned by ResilientX Security.
5.3 This Agreement doesn’t transfer any Intellectual Property Rights of the Services or Platform to the Client. The Client’s rights are strictly limited to those detailed in Clause 2.
6. Payment Terms
6.1 The Fee must be paid by the Client on the Effective Date and on the first day of each subsequent Year or Month, prior to accessing the Services. If paying by card, the Client authorizes automatic renewals until notified otherwise.
6.2 Fees are exclusive of any applicable taxes or duties. These will be added as per the prevailing rates and borne by the Client.
6.3 In case of payment delays, ResilientX Security reserves the right to: (a) Restrict access to the Services. (b) Impose interest on overdue payments at 4% per annum above the Bank of England’s base rate.
7. Confidentiality
7.1 Both parties pledge to maintain the confidentiality of all sensitive information unless required for Agreement execution or with written consent. Disclosures to employees or consultants will retain the same confidentiality obligations.
7.2 Confidentiality obligations don’t apply if the information:
(a) Becomes public without breach of this Agreement.
(b) Was already documented before this Agreement without any associated confidentiality obligations.
(c) Was shared by a third party without restrictions.
(d) Must be disclosed as mandated by law or a competent authority.
7.3 The Client will ensure that all associated individuals adhere to these confidentiality clauses.
7.4 This section remains applicable post-Agreement termination.
8. Assurances and Compensations
8.1 ResilientX Security guarantees that: (a) The Service aligns materially with its Service Specification and follows best industry practices. (b) It possesses the requisite authority to formalize this Agreement. (c) To its best knowledge, the Platform and Services don’t violate any third party’s rights.
8.2 Except for the explicit mentions, all other warranties, irrespective of their origin, are excluded to the fullest permissible extent.
8.3 The Client assures that: (a) Both the entity and the signing representative have the authority to finalize this Agreement. (b) It holds all essential rights, licenses, and permissions for fulfilling this Agreement.
8.4 ResilientX Security will cover any losses or legal repercussions arising from breaching clause 8.1.
8.5 The Client will be responsible for any losses or legal actions stemming from breaches of clause 8.3 and/or clauses 3.2, 3.3, and 3.4.
8.6 Any breach of the confidentiality clause (Clause 7) will make the offending party liable for the associated damages.
8.7 Both parties must: (c) Immediately notify the other of any infringement claims. (d) Not settle or admit to claims without the other’s consent, provided the defending party actively addresses claims to protect the reputation of both parties. (e) Permit the accused party to handle legal proceedings, with certain restrictions.
9. Liability Limitations
9.1 Neither party’s liability for death, personal injuries, fraud, or misrepresentation, or any legally non-excludable liabilities, is limited by this Agreement. The Client’s obligation to pay the Fees remains unaltered.
9.2 Neither party will be liable for:
- Indirect, incidental, or consequential losses.
- Losses including, but not limited to, profit, business, revenue, savings, or goodwill.
9.3 ResilientX Security’s maximum liability for all claims under this Agreement is capped at £10,000.
9.4 ResilientX Security holds no liability towards End Customers.
10. Term, Termination, and Suspension
- Defines the duration of the contract and the conditions under which it can be renewed.
- Discusses circumstances in which the contract can be terminated by either party, such as a material breach.
- Outlines the repercussions of termination, such as the cessation of services and no refunds for unused terms.
11. Force Majeure
- Specifies conditions under which a party is not liable for failure to perform due to unforeseen circumstances beyond their control.
- Allows for termination if the Force Majeure event continues for more than 30 days.
12. Parties
- Outlines the rights and obligations of both parties and clarifies that neither party can act or make decisions on behalf of the other.
- Emphasizes that the contract doesn’t establish a partnership, joint venture, employment, or principal-agent relationship.
13. Construction
- Defines the contract as the entire agreement, overriding previous agreements or understandings.
- Addresses the validity of the contract if parts are deemed void or unenforceable.
- Discusses the waiver of rights and remedies by either party.
14. Contract Administration
- Specifies that changes to the agreement must be in writing and agreed upon by both parties.
- Establishes English as the official language for the contract and all related communications.
- Provides guidelines for serving notices and lodging complaints.
15. Applicable Law and Jurisdiction
- Governs the agreement by the laws of England.
- Sets the jurisdiction for any disputes to the English Courts.
16. Publicity
- Allows “ResilientX Security” to mention the “Customer” in its promotional materials.
- Requires the “Customer” to act as a reference for “ResilientX Security” for potential clients, under reasonable notice.