CYBERSMART END USER LICENCE AGREEMENT
- CyberSmart Active Protect: an Agent.
- Agent: a program that can be installed on a computer or mobile device and which can check and secure the configuration of the computer or device;
- Auto-Fix: refers to features which, after enabled by the Customer, can change the configuration of the Customer’s systems;
- CE: Cyber Essentials as defined in the Cyber Essentials Scheme;
- Customer: any user of the Site and/or registered user with an account on the Company’s Site that has or has not requested certification or deployed Agents through the Site, regardless of whether or not fees have been paid for any Services;
- Company: CyberSmart Ltd., company number 10088945 registered address at 68 Hanbury Street, London, E1 5JL;
- Cyber Insurance: Insurance coverage provided by Superscript, a trading name of Enro Limited, registered in England and Wales 9265254. Authorised and regulated by the Financial Conduct Authority 656459.
- Opinion: non legally binding information contained in the Company’s toolkits;
- Systems: any technology or computer infrastructure, software and hardware; and
- Website or Site: the website at www.cybersmart.co.uk and any of its sub-domains, Agents and applications.
Scope of these terms
- The agreement identified by these terms constitutes the entire agreement under which the Company’s Services and this Site may be used. Any prior communication, warranty or statement shall not apply to the contract between us.
- Headings have been inserted for convenience and may not be used to interpret the content of this agreement.
- By using this site as representative of a corporate entity, Customers warrant that they are entitled to do so.
- These terms shall only be applicable between the Company and the Customer and do not intend to benefit or confer any other right in regards to third parties.
- Any disputes shall be subject to the version of these terms and conditions in effect at the date at which the dispute was first brought to the Company’s attention in writing.
Use of Site
- The Company’s Site and all its content are owned by and under copyright of the Company and/or third-party licensors. Customers may not reproduce any written content, images or concepts without the prior written permission of the Company. Customers may not (and shall not incite or cause others to):
- modify, disassemble, decompile or reverse engineer the Website, except to the extent expressly permitted by law;
- resell, sublicense, distribute or otherwise transfer any materials from the Website to any third party;
- copy any of the Website content;
- circumvent, disable or remove any Website security features;
- interfere (or try to do so) with the proper working of the Website or any activities conducted on it.
In case of breach of this provision, the Company shall have the right to immediately terminate Your access to the Site and claim damages for the damage suffered where appropriate.
- Any data provided by Customers over the course of the Services and whilst using the Agents remain the sole property of the Customer.
- Customers will be liable for any and all loss, liability and/or damage to the Company or third parties through the use of their Website account, including any unauthorised third-party access. Customers are recommended to use strong passwords, changed in case of a suspected security breach and to enable multi-factor authentication at all times.
- In the case of a suspected security breach, Customers must inform the Company in writing immediately.
- In offering Cyber Essentials certification, the Company provides a non-exclusive, non-transferable licence to access and an easy-to-understand toolkit using the account issued to the Customer. This toolkit contains non-legally binding Opinions. Neither the Company nor any of its officers, employees or partners will be held liable for any delays in the certification process or objection to a Customer’s certification altogether as a result of the Customer using this toolkit.
- When a UK-domiciled organisation with a turnover under £20m achieves verified self-assessed Cyber Essentials certification covering their whole organisation, they are entitled to opt-in for £25,000 liability limit Cyber Insurance provided by Superscript and underwritten by Beazly. Insurance terms are detailed at https://cybersmart.co.uk/cyber-insurance-cover/
- All information entered by You onto Your account on the Company’s Site in the course of the Services is treated by the Company as confidential. You acknowledge that the Company has the right to access, monitor and modify Your account for the purpose of providing the Company’s Services.
- It is Your responsibility to provide the Company at all times with accurate contact information including, but not limited to, a valid e-mail address. You must promptly advise the Company of any changes in Your contact information.
- The Company provides “Auto-Fix” solutions, which help the Customer to implement standards more quickly. The Customer accepts that these “Auto-Fixes” are applied at its discretion and risk. The Company will not be held liable for any damage incurred by the Customer using such a function.
- The Company will not be held liable for any damage or inconvenience resulting from the Company following Opinions provided. It is recommended that Customers discuss any changes in their IT infrastructure with a professional familiar with the Customer’s Systems.
- In order to function comprehensively, the Customer installs Agents on the Customer’s Systems to facilitate certification and provide 24/7 compliance monitoring. Agents have been developed together with leading cyber security professionals and have been thoroughly and independently tested. The Customer agrees to Agents being installed on the Customers Systems and Customer will not hold the Company, its officers or employees liable for any damage, loss or inconvenience caused by any such Agents.
- The Company may make commercially reasonable changes to the Services offered to the Customer from time to time. If the Company makes a material change to the Services, the Company will notify the Customer by giving not less than 30 day’s prior notice. If the Customer notifies the Company that it does not agree with such material change, then the Customer will remain governed by the terms in effect immediately prior to the change until the end of the then-current subscription term, except where such change is required by applicable law.
- The Company grants (or procures the grant of) to Customers the right to use the Company’s background IPR in the course of the Customer’s business and for any purposes reasonably incidental thereto in accordance with the terms of the EULA. The Company represents and warrants that the only license terms that are required for use of the Products and Services and/or Documentation by the Customer are included in the EULA and the EULA includes all rights and licenses necessary to enable use by Customer in case a third party is providing a managed service to Customers in connection with the Products, Services and/or Documentation or that third party is reselling the Products, Services and/or Documentation to the Customer and the end-user does not need any further licenses to use the Products, Documentation and Services.
- Cyber Essentials: Customers purchasing Cyber Essentials certification via CyberSmart will have access to the site and may submit answers to their application as many times as is necessary to achieve this certification and without further cost. All questions must have been submitted within 90 calendar days to satisfy the scheme requirements. Where a customer has breached this time limit they will be entitled to re-start their application and question set for Cyber Essentials without incurring any additional fees, provided the application is started within 1 calendar year of the date of purchase of the product.
- Cyber Essentials Plus: Customers purchasing Cyber Essentials Plus (the audited version in the Cyber Essentials scheme) must: a. have achieved their Cyber Essentials certification within 90 calendar days of the date of their Cyber Essentials Plus audit; and b. must rectify and demonstrate to the CyberSmart Assessor they have corrected any critical or high defects identified during the audit within not more than 30 calendar days from the date of the audit, and this period for correction must further fall within a period of not more than 90 days from the date of their successful Cyber Essentials Certification, in order to satisfy the scheme requirements.
- Where a customer does not meet the terms and conditions identified above to correct defects following a Cyber Essentials Plus audit, and the CyberSmart Assessor cannot confirm identified and notified defects have been corrected within the time frames, the customer will be liable for the full fee for Cyber Essentials Plus and will incur an additional fee equivalent to the initial fee to finally achieve their Cyber Essentials Plus certification.
- For the avoidance of doubt, a customer who does not meet the terms and conditions to correct defects identified and notified by a CyberSmart Assessor in sufficient time to permit the Assessor to re-audit the systems, will forfeit their initial fees and be liable to a new fee if they wish to pursue Cyber Essentials Plus certification.
- Customers may, at any time without cause terminate its contract for the provision of the Services offered by the Company. Under such circumstances, the Company will provide the Customer with an aggregation of data submitted over the course of the contractual relationship.
- Where the Customer has achieved any certification or certifications and has paid by annual subscription(s) in advance, the Customer shall not be entitled to any refund of monies paid to the Company if it terminates pursuant to clause 22.
- Where the Customer has achieved any certification or certifications and has paid by monthly subscription(s), the Customer shall remain liable on termination for a sum of the difference between their current fees paid and the sum of the value of 10 months of their subscription, with the calculation date to start from the date the certification or certifications were issued, if it terminates pursuant to clause 22. Such fees will be liable per certificate subscription terminated.
- The Website is provided on an “as is” and “as available” basis without any representation or endorsement made and the Company makes no warranties, whether express or implied, in relation to the Website or its use. You acknowledge that the Company cannot be responsible for the security or privacy of information transmitted to the Company and the Customer must bear the risk associated with the use of the internet.
- Notwithstanding any other provision in these Terms, nothing in these Terms will affect or limit any rights You may have under English Law; or exclude or limit the Company’s liability for death or personal injury caused by our negligence or for fraud or fraudulent misrepresentation or any other liability which cannot be excluded or limited under applicable law.
- In no event will the Company be liable for any indirect, special, punitive, exemplary or consequential losses or damages of whatsoever kind arising out of Customer’s use of, or access to the Website or Services, including loss of profit, whether or not in the contemplation of the parties, whether based on breach of contract, tort (including negligence), product liability or otherwise. The Company’s total aggregate liability for direct losses or damages of whatsoever kind (including loss of profits) in contract, tort (including negligence or breach of statutory duty), misrepresentation, restitution or otherwise, arising out of the delivery to You of paid-for Services, whether based on breach of contract, tort (including negligence), product liability or otherwise shall be limited to the total fees paid by You for the Services during the 12 months immediately preceding the date on which the claim arose.
- The Company may, at any time and at its own discretion, temporarily or permanently discontinue its Services where necessary as a result of any cause beyond the Company’s reasonable control including, without limitation, mechanical, electronic or communications failure. Under such circumstances, the Company shall not be liable for any damage, loss or inconvenience.
Dispute resolution and Jurisdiction
- Before instigating court proceedings, users agree to provide the Company with sufficient time and information to rectify the point in issue. Furthermore, before filing any claims users agree to provide the Company with the opportunity to engage in an alternative dispute resolution process.
- Subject to clause 30, these terms and any claims resulting from its application are subject to the laws of England and Wales. Both parties, therefore, waive any rights of claim in any other jurisdiction, except for the right of the Company which may at its discretion submit claims within the jurisdiction of the Customer.
Last updated: 29.11.2022