September 1, 2023
PLEASE READ THIS TERMS AND CONDITIONS AGREEMENT CAREFULLY, AS IT CONTAINS IMPORTANT INFORMATION REGARDING YOUR LEGAL RIGHTS AND REMEDIES.
These Terms and Conditions (“Terms and Conditions”) are a legal agreement (“Agreement”) between you, either an individual or a single legal entity (“You” or “Client”), and Bwired Technologies, Inc. d/b/a Rhyno Cybersecurity a subsidiary of Bwired Technologies, Inc. (“Rhyno” or the “Company”, together with its Affiliates, collectively the “Rhyno Party”).
This Agreement sets forth the legally binding terms and conditions for your use of the various services and websites owned and operated by Company, including, without limitation, the rhyno.io, support.rhyno.io, blog.rhyno.io and bwired.ca websites and domain names (“Sites”), and any other features, content, or applications offered from by Company in connection therewith, including, but not limited to, website integrity, monitoring, alerting, and cleanup. (Collectively “Service”).
By clicking on the “I agree” button, completing the registration process, and/or using the Sites or Service in any manner, including but not limited to visiting or browsing the Sites, you represent that (1) you have read, understand, acknowledge, and agree to be bound by this Agreement, (2) you are of legal age to form a binding contract with the company, and (3) you have the authority to enter into this Agreement personally or on behalf of the company you have named as the customer, and to bind that company to these terms.
This Agreement applies to all users of the Sites or Service, including users who are also contributors of content, information, and other materials or services on the sites. If you do not agree to be bound by this Agreement, you may not access or use the Sites or the Service.
If, after your electronic acceptance of this Agreement, Company finds that you do not have the legal authority to bind such corporate entity, you will be personally responsible for the obligations contained in this Agreement, including, but not limited to, the payment obligations. Company shall not be liable for any loss or damage resulting from Company’s reliance on any instruction, notice, document or communication reasonably believed by Company to be genuine and originating from an authorized representative of your corporate entity. If there is reasonable doubt about the authenticity of any such instruction, notice, document or communication, Company reserves the right (but undertakes no duty) to require additional authentication from you. You further agree to be bound by the terms of this Agreement for transactions entered into by you, anyone acting as your agent and anyone who uses your account or the Service, whether or not authorized by you.
Acceptance of Terms
The Service is offered subject to acceptance without modification of the Terms and COnditions and all other operating rules, policies and procedures that may be published from time to time on the Sites by Company.
In addition, some services offered through the Service may be subject to additional terms and conditions promulgated by Company from time to time (the “Supplemental Terms”); your use of such services is subject to those Supplemental Terms, which are incorporated into these Terms and Conditions by this reference and are referred to collectively as the “Terms.”
If these Terms and Conditions are inconsistent with the Supplemental Terms for any Service, the Supplemental Terms will control with respect to that Service.
Modification
Company may, in its sole and absolute discretion, change or modify this Agreement, and any policies or agreements which are incorporated herein, at any time, and such changes or modifications shall be effective immediately upon posting on the Sites. Your use of the Sites or the Service after such changes or modifications have been made shall constitute your acceptance of this Agreement as last revised. If you do not agree to be bound by this Agreement as last revised, do not use (or continue to use) the Sites or the Service. In addition, Company may occasionally notify you of changes or modifications to this Agreement by email. It is therefore very important that you keep your Account information current. Company assumes no liability or responsibility for your failure to receive an email notification if such failure results from an inaccurate email address.
Customer Account and Registration
As a Registered User, you are required to establish an Account and receive or establish a password (“Password”) which can be used by each of your employees and consultants who are authorized by you to use the Service on your behalf. In registering for the Service, you agree to provide true, accurate, current and complete information about yourself as prompted by our registration form (the “Registration Data”) and to maintain and promptly update the Registration Data to keep it true, accurate, current and complete.
If you provide any Registration Data that is untrue, inaccurate, not complete or incomplete, or Company has reasonable grounds to suspect that such information is untrue, inaccurate, not current or incomplete, Company has the right to suspend or terminate your Account and to refuse any and all current or future use of the Service (or any portion thereof) by you. You are responsible for all activities that occur under your Account and your Password. You agree to notify Company immediately of any unauthorized use of your Account or Password or any other breach of security and to exit from your Account at the end of each session. You agree that you are responsible for any losses arising out of the unauthorized use of your Account.
Affiliate Assignment
Rhyno reserves the right, under its sole discretion, to (1) assign the Sites or Service to any of its Affiliates, including under any services agreement; and (2) change the Rhyno Party providing Service. For the purposes of this Agreement, “Affiliate” means with respect to a party, any entity that directly or indirectly controls, is control by, or is under common control with that party.
Electronic Communications
When you visit the Sites or send e-mails to us, you are communicating with us electronically. By doing this, you consent to receive communications from us electronically. We will communicate with you via e-mail or by posting notices on the Sites. You agree that all agreements, notices, disclosures and other communications that we provide to you electronically satisfy any legal requirement that such communications be in writing.
NOTWITHSTANDING THE FOREGOING, YOU UNDERSTAND AND AGREE THAT E-MAIL COMMUNICATION IS NOT SECURE, AND THEREFORE YOU AGREE THAT YOU WILL USE THE COMPANY’S TICKETING SYSTEM TO EXCHANGE ALL CREDENTIALS, TECHNICAL INFORMATION AND SERVICE SPECIFIC SUPPORT REQUESTS (INCLUDING BUT NOT LIMITED TO ANY HOSTING, WEB SECURITY, BACKUP, WEB MAINTENANCE OR TECHNICAL REQUESTS FOR COVERED ACCOUNT(S).
We will provide you with Web hosting services on Amazon Web Services (AWS) cloud network. This type of Web hosting is often called “Cloud Web Hosting” because it uses the resources of several virtual clustered servers. On average, Rhyno sustains a 99.99 percent level of availability for all Web hosting services; we do not, however, guarantee this level of availability. The applicable Web hosting are limited to:
Rhyno will, from time to time, scheduled maintenance on its equipment and software. During these times, one or more of the above services may become unavailable. In general, we have very few maintenance outages and we work diligently when such an incident occurs, usually before customers know.
Planned maintenance outages are scheduled for times that will affect the fewest number of customers. We recognize, and you should recognize, that we cannot pick a time that will affect no customers. Scheduled outages for maintenance are not included in Rhyno availability statistics.
Usage Policy
We reserve the right to suspend or cancel a Client’s access to any or all services we provided when we decide that the account has been inappropriately used. In short we do not allow certain activities hosted on our servers relating to:
Server abuse
Any attempt to undermine or cause harm to a server, or customer of ours is strictly prohibited.
Ownership of Customer Data and Domains
Rhyno makes no claim or representation of ownership over your files stored on our servers. You retain full ownership of your data.
Rhyno makes no claim or representation of ownership over your domain name(s) as registered on our servers or those of our domain registry service. You retain legal title to your domain name(s).
Unauthorized use of other people’s accounts or computers
We will strongly react to any use or attempted use of an Internet account or computer without the owner’s authorization. Such attempts include “internet scamming” (tricking other people into releasing their passwords), password robbery, security hole scanning etc.
Any unauthorized use of accounts or computers by a customer, whether or not the attacked account or computer belongs to us, will result in action against the attacker. Possible actions include warnings, account suspension or cancellation, and civil or criminal legal action, depending on the seriousness of the attack.
Fees and Payment
You will be responsible for payment of the applicable fee (the “Service Subscription Fee”) at the time you create your Account and select your annual package (the “Service Commencement Date”). All fees will be billed to the credit card or PayPal account you designate during the registration process.
If you want to designate a different credit card or if there is a change in your credit card or PayPal account status, you must send an e-mail to [email protected].
Auto-Renewal
IN ORDER TO ENSURE THAT YOU DO NOT EXPERIENCE AN INTERRUPTION OR LOSS OF SERVICE, ALL SERVICES ARE OFFERED ON AUTOMATIC RENEWAL. EXCEPT FOR REASONS DESCRIBED BELOW IN THIS SECTION, AUTOMATIC RENEWAL AUTOMATICALLY RENEWS THE APPLICABLE SERVICE UPON EXPIRATION OF THE THEN CURRENT TERM FOR A RENEWAL PERIOD EQUAL IN TIME TO THE MOST RECENT SERVICE PERIOD. FOR EXAMPLE, IF YOUR LAST SERVICE PERIOD IS FOR ONE YEAR, YOUR RENEWAL PERIOD WILL TYPICALLY BE FOR ONE YEAR. HOWEVER, IN THE EVENT RENEWAL WITH THE PAYMENT METHOD ON FILE FAILS, COMPANY MAY ATTEMPT TO RENEW THE APPLICABLE SERVICE FOR A PERIOD LESS THAN THE ORIGINAL SUBSCRIPTION PERIOD TO THE EXTENT NECESSARY FOR THE TRANSACTION TO SUCCEED.
UNLESS YOU DISABLE THE AUTOMATIC RENEWAL OPTION, COMPANY WILL AUTOMATICALLY RENEW THE APPLICABLE SERVICE WHEN IT COMES UP FOR RENEWAL (“RENEWAL COMMENCEMENT DATE”) AND WILL TAKE PAYMENT FROM THE PAYMENT METHOD YOU HAVE ON FILE WITH COMPANY AT COMPANY’S THEN CURRENT RATES, WHICH YOU ACKNOWLEDGE AND AGREE MAY BE HIGHER OR LOWER THAN THE RATES FOR THE ORIGINAL SERVICE PERIOD. IF YOU DO NOT WISH FOR ANY SERVICE TO AUTOMATICALLY RENEW, YOU MAY ELECT TO CANCEL RENEWAL, IN WHICH CASE, YOUR SERVICES WILL TERMINATE UPON EXPIRATION OF THE THEN CURRENT TERM, UNLESS YOU MANUALLY RENEW YOUR SERVICES PRIOR TO THAT DATE (IN WHICH CASE THE SERVICES WILL AGAIN BE SET TO AUTOMATIC RENEWAL). IN OTHER WORDS, SHOULD YOU ELECT TO CANCEL YOUR PRODUCT AND FAIL TO MANUALLY RENEW YOUR SERVICES BEFORE THEY EXPIRE, YOU MAY EXPERIENCE AN INTERRUPTION OR LOSS OF SERVICE, AND COMPANY SHALL NOT BE LIABLE TO YOU OR ANY THIRD PARTY REGARDING THE SAME.
Termination
You will have thirty (30) days from the Service Commencement Date or any Renewal Commencement Date to cancel the Service (the “Cancellation Period”), in which case the Company will refund your Service Subscription Fee for the applicable Service Term provided that you have not submitted a Malware Removal Request during the Cancellation Period.
You agree that you will make any cancellation request by way of a general request ticket that you submit through the Company’s ticketing system. In the event that you are using a PayPal account to make payments hereunder, you must also log in and cancel your recurring payments via your PayPal interface. Except as set forth above, your Service Subscription Fee shall be non-refundable.
Intellectual Property
Except with respect to the Content, including Your Content, you agree that Company and its suppliers own all rights, title and interest in the Sites, the Service and the Company Materials. You will not remove, alter or obscure any copyright, trademark, service mark or other proprietary rights notices incorporated in or accompanying the Sites, the Service or the Company Materials. Bwired, Rhyno Cybersecurity, the Rhyno logo, and/or other Rhyno products referenced herein are trademarks of Bwired Technologies Inc. may be registered in certain jurisdictions, and may not be used without permission in connection with any third party products or services. Other trademarks, service marks and trade names that may appear on the Sites or in connection with the Service are the property of their respective owners.
By submitting ideas, suggestions, documents and/or proposals to Company through its suggestion, feedback, wiki, forum or similar web pages (“Feedback”), you agree that (1) your Feedback does not contain the confidential or proprietary information of third parties; (2) Company is not under any obligation of confidentiality, express or implied, with respect to the Feedback; (3) Company shall be entitled to use and disclose such Feedback for any purpose, in any way, worldwide; and (4) you are not entitled to any compensation or reimbursement of any kind from Company for the Feedback under any circumstances.
Limited Warranty
If at any time during the Service Term, you submit a Malware Removal Request for a Covered Website that Company determines is infected, Company will use reasonable commercial efforts to clean the infected Covered Website. In the event that Company is unable, for any reason, to clean the infected Covered Website, Company will, as its sole and exclusive remedy, refund to you the annual fee you paid to the Company for the clean up of that Covered Website.
EXCEPT AS SET FORTH ABOVE, THE SERVICE (INCLUDING, WITHOUT LIMITATION, ANY CONTENT OR COMPANY MATERIALS) IS PROVIDED “AS IS” AND “AS AVAILABLE” AND WITHOUT WARRANTY OR CONDITION OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OR CONDITIONS OF TITLE, NON-INFRINGEMENT, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE, AND ANY WARRANTIES OR CONDITIONS IMPLIED BY ANY COURSE OF PERFORMANCE OR USAGE OF TRADE, ALL OF WHICH ARE EXPRESSLY DISCLAIMED. COMPANY, AND ITS DIRECTORS, EMPLOYEES, AGENTS, SUPPLIERS, PARTNERS AND CONTENT PROVIDERS (THE “COMPANY PARTIES”) DO NOT WARRANT THAT: (A) THE SERVICE WILL PREVENT THE INFECTION, OR RE-INFECTION, OF THE COVERED WEBSITES; (B) THE COVERED WEBSITE WILL OPERATE AFTER IT HAS BEEN CLEANED BY COMPANY; (C) THE SERVICE WILL BE SECURE OR AVAILABLE AT ANY PARTICULAR TIME OR LOCATION; (D) ANY DEFECTS OR ERRORS WILL BE CORRECTED; (E) ANY CONTENT OR SOFTWARE AVAILABLE AT OR THROUGH THE SERVICE IS FREE OF VIRUSES OR OTHER HARMFUL COMPONENTS; OR (F) THE RESULTS OF USING THE SERVICE WILL MEET YOUR REQUIREMENTS.
ANY CONTENT DOWNLOADED FROM OR OTHERWISE ACCESSED THROUGH THE SITES OR THE SERVICE IS ACCESSED AT YOUR OWN RISK, AND YOU SHALL BE SOLELY RESPONSIBLE FOR ANY DAMAGE TO YOUR PROPERTY OR PERSON, INCLUDING, BUT NOT LIMITED TO, YOUR COMPUTER SYSTEM, ANY DEVICE YOU USE TO ACCESS THE SITES OR THE SERVICE, AND ANY COVERED WEBSITES, OR ANY OTHER LOSS THAT RESULTS FROM ACCESSING SUCH CONTENT.
YOU UNDERSTAND AND AGREE THAT YOU USE THE SITES AND THE SERVICE AT YOUR OWN DISCRETION AND RISK AND THAT YOU WILL BE SOLELY RESPONSIBLE FOR ANY DAMAGES TO YOUR COMPUTER SYSTEMS, THE COVERED WEBSITES, OR LOSS OF DATA THAT RESULTS FROM USE OF THE SITES AND THE SERVICE.
SOME JURISDICTIONS DO NOT ALLOW THE EXCLUSION OF CERTAIN WARRANTIES, REPRESENTATIONS OR CONDITIONS, THE LIMITATION OR EXCLUSION OF IMPLIED WARRANTIES, OR LIMITATIONS ON HOW LONG AN IMPLIED WARRANTY MAY LAST, SO SOME OF THE ABOVE LIMITATIONS MAY NOT APPLY IN FULL TO YOU. WHERE LEGISLATION IN A JURISDICTION IMPLIES IN THESE TERMS ANY CONDITION OR WARRANTY THAT CANNOT BE EXCLUSIVE, COMPANY’S LIABILITY FOR BREACH THEREOF SHALL BE LIMITED, AT COMPANY’S OPTION, TO THE SUPPLY OF SERVICES AGAIN, OR THE PAYMENT OF THE COST OF HAVING THEM SUPPLIED AGAIN.
Limitation of Liability
IN NO EVENT SHALL COMPANY, ITS OFFICERS, DIRECTORS, EMPLOYEES, AGENTS, AND ALL THIRD PARTY SERVICE PROVIDERS, BE LIABLE TO YOU OR ANY OTHER PERSON OR ENTITY FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, PUNITIVE, OR CONSEQUENTIAL DAMAGES WHATSOEVER, INCLUDING ANY THAT MAY RESULT FROM (I) THE ACCURACY, COMPLETENESS, OR CONTENT OF THIS SITE, (II) THE ACCURACY, COMPLETENESS, OR CONTENT OF ANY SITES LINKED (THROUGH HYPERLINKS, BANNER ADVERTISING OR OTHERWISE) TO THIS SITE, (III) THE SERVICES FOUND AT THIS SITE OR ANY SITES LINKED (THROUGH HYPERLINKS, BANNER ADVERTISING OR OTHERWISE) TO THIS SITE, (IV) PERSONAL INJURY OR PROPERTY DAMAGE OF ANY NATURE WHATSOEVER, (V) THIRD-PARTY CONDUCT OF ANY NATURE WHATSOEVER, (VI) ANY UNAUTHORIZED ACCESS TO OR USE OF OUR SERVERS AND/OR ANY AND ALL CONTENT, PERSONAL INFORMATION, FINANCIAL INFORMATION OR OTHER INFORMATION AND DATA STORED THEREIN, (VII) ANY INTERRUPTION OR CESSATION OF SERVICES TO OR FROM THIS SITE OR ANY SITES LINKED (THROUGH HYPERLINKS, BANNER ADVERTISING OR OTHERWISE) TO THIS SITE, (VIII) ANY VIRUSES, WORMS, BUGS, TROJAN HORSES, OR THE LIKE, WHICH MAY BE TRANSMITTED TO OR FROM THIS SITE OR ANY SITES LINKED (THROUGH HYPERLINKS, BANNER ADVERTISING OR OTHERWISE) TO THIS SITE, (IX) ANY USER CONTENT OR CONTENT THAT IS DEFAMATORY, HARASSING, ABUSIVE, HARMFUL TO MINORS OR ANY PROTECTED CLASS, PORNOGRAPHIC, “X-RATED”, OBSCENE OR OTHERWISE OBJECTIONABLE, AND/OR (X) ANY LOSS OR DAMAGE OF ANY KIND INCURRED AS A RESULT OF YOUR USE OF THIS SITE OR THE SERVICES FOUND AT THIS SITE, WHETHER BASED ON WARRANTY, CONTRACT, TORT, OR ANY OTHER LEGAL OR EQUITABLE THEORY, AND WHETHER OR NOT COMPANY IS ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
IN ADDITION, YOU SPECIFICALLY ACKNOWLEDGE AND AGREE THAT ANY CAUSE OF ACTION ARISING OUT OF OR RELATED TO THIS SITE OR THE SERVICES FOUND AT THIS SITE MUST BE COMMENCED WITHIN ONE (1) YEAR AFTER THE CAUSE OF ACTION ACCRUES, OTHERWISE SUCH CAUSE OF ACTION SHALL BE PERMANENTLY BARRED.
IN ADDITION, YOU SPECIFICALLY ACKNOWLEDGE AND AGREE THAT IN NO EVENT SHALL COMPANY’S TOTAL AGGREGATE LIABILITY EXCEED $10,000.00 CANADIAN DOLLARS.
THE FOREGOING LIMITATION OF LIABILITY SHALL APPLY TO THE FULLEST EXTENT PERMITTED BY LAW, AND SHALL SURVIVE ANY TERMINATION OR EXPIRATION OF THIS AGREEMENT OR YOUR USE OF THIS SITE OR THE SERVICES FOUND AT THIS SITE.
Third Party Sites
The Sites or the Service may permit you to link to other websites or resources on the Internet, and other websites or resources may contain links to the Sites. When you access third party websites, you do so at your own risk. These other websites are not under Company’s control, and you acknowledge that Company is not responsible or liable for the content, functions, accuracy, legality, appropriateness or any other aspect of such websites or resources. The inclusion of any such link does not imply endorsement by Company or any association with its operators. You further acknowledge and agree that Company shall not be responsible or liable, directly or indirectly, for any damage or loss caused or alleged to be caused by or in connection with the use of or reliance on any content, goods or services available on or through any such website or resource.
Indemnification
BY USING THE SITES AND/OR THE SERVICE, YOU AGREE TO INDEMNIFY AND HOLD COMPANY PARTIES HARMLESS WITH RESPECT TO ANY CLAIMS ARISING OUT OF YOUR BREACH OF THIS AGREEMENT, YOUR USE OF THE SERVICE, OR ANY ACTION TAKEN BY COMPANY AS PART OF ITS INVESTIGATION OF A SUSPECTED VIOLATION OF THIS AGREEMENT OR AS A RESULT OF ITS FINDING OR DECISION THAT A VIOLATION OF THIS AGREEMENT HAS OCCURRED. THIS MEANS THAT YOU CANNOT SUE OR RECOVER ANY DAMAGES FROM COMPANY PARTIES AS A RESULT OF COMPANY’S DECISION TO REMOVE OR REFUSE TO PROCESS ANY OF YOUR CONTENT, TO SUSPEND OR TERMINATE YOUR ACCESS TO THE SERVICE, OR TO TAKE ANY OTHER ACTION DURING THE INVESTIGATION OF A SUSPECTED VIOLATION OR AS A RESULT OF COMPANY’S CONCLUSION THAT A VIOLATION OF THIS AGREEMENT HAS OCCURRED. THIS PROVISION APPLIES TO ALL VIOLATIONS DESCRIBED IN OR CONTEMPLATED BY THIS AGREEMENT.
Submissions
You acknowledge and agree that all information, data, text, software, music, graphics, video, messages, tags or other materials submitted by users of the Sites or the Service (“Content”) is the sole responsibility of the party from whom such Content originated. This means that you, and not Company, are entirely responsible for all Content that you upload, post, e-mail, transmit or otherwise make available (“Make Available”) through the Sites or the Service (“Your Content”), and other users of the Service and not Company are similarly responsible for all content they Make Available through the Sites or the Service. You also agree that you have obtained all necessary rights and licenses, and agree that Your Content shall be considered non-confidential. You agree to provide accurate and complete information in connection with your submission of Your Content on the Service. You hereby grant Company a worldwide, irrevocable, royalty-free, nonexclusive license to use Your Content as part of the Service, without any compensation or obligation to you. Company reserves the right to not use or publish Your Content, and to remove or edit any Your Content, at any time in its sole discretion without notice or liability.
Company has the right, but not the obligation, to monitor any of Your Content that you Make Available on the Sites or the Service, to investigate any reported or apparent violation of this Agreement, and to take any action that Company in its sole discretion deems appropriate, including, without limitation, termination.
Protection of Your Data
Services available to You that may involve the submission, collection and/or use of personally identifying or identifiable information about you and your own customers (“Your Data”) in the course of your use of these Services. Your Data, for the purpose of this Section, excludes any Content. Our Data Processing Addendum (“DPA”), which is hereby incorporated by reference and applicable to Services, is meant to provide you contractual assurance that we have robust mechanisms to ensure the transfer of Your Data, including transfers of Your Data from the EEA to the Services, meets with compliance under applicable data privacy laws.
For the purposes of the DPA and the Standard Contractual Clauses attached to the DPA (when and as applicable), you (and your applicable affiliates) are considered the Data Controller/Data Exporter, and your acceptance of this Agreement at the time of purchase of Services or use of our free products, will also be treated as your acknowledgment and acceptance of the DPA and its appendices (including the Standard Contractual Clauses and its appendices, as applicable).
Rules and Conduct
As a condition of your use of the Service, you agree that (a) you will follow Company’s guidelines and recommendations on how to prevent reinfection of the Covered Websites, and (b) you will not use the Service for any purpose that is prohibited by the Terms or by applicable law. The Service (including, without limitation, any advertisements, advice, suggestions, videos, audio clips, written forum comments, information, data, text, photographs, software, scripts, graphics and interactive features generated, provided or otherwise made accessible by Company or its partners on or though the Service or the Sites (“Company Materials”) is provided only for your own personal, non-commercial use. You are responsible for all of your activity in connection with the Service. By way of example, and not as a limitation, you shall not (and shall not permit any third party to) either (a) take any action or (b) Make Available any of Your Content on or through the Service, that:
You shall not attempt or engage in potentially harmful acts that are directed against the Sites or Service including, without limitation, the following: (a) Using the Sites or Service in contravention of any other agreement to which you are a party, including without limitation any employment agreement to which you may be a party; (b) causing, allowing, or assisting any other person to use your Account(s) or impersonate you; (c) sharing your password or login with any other person; (d) logging onto a server or Account(s) that you are not authorized to access; (e) forging user names, manipulating identifiers, or otherwise impersonating any other person or misrepresenting your identity or affiliation with any person or entity; (f) emulating or faking usage of the Sites or the Service; (g) violating or attempting to violate any security features of the Sites or the Service; (h) using manual or automated software, devices, scripts, robots, or other means or processes to access, “scrape,” “crawl,” or “spider” any pages contained in the Sites; (i) intentionally introducing viruses, worms, software, Trojan horses, or other similar harmful code into the Sites or the Service, outside of the infected Covered Websites; (j) interfering or attempting to interfere with the use of the Sites by any other user, host, or network, including without limitation by means of submitting a virus, overloading, “flooding,” “spamming,” “mail bombing,” “pinging,” “hacking,” “phishing,” or “crashing” the Sites or the Service; (k) causing, allowing or assisting machines, bots, or automated services to access or use the Sites or the Service without the express written permission of Company; (l) tampering with the operation, functionality, or the security of the Sites or the Service; (m) attempting to override or circumvent any security or usage rules embedded into the Sites or the Service that permit digital materials to be protected; (n) attempting to probe, scan, or test the vulnerability of the Sites or the Service, or any associated system or network, or breach any security or authentication measures; (o) misusing, tricking, disrupting, or otherwise interfering with the functioning of the Sites or the Service; (p) harvesting or collecting e-mail addresses or other contact information of other users or clients from the Sites or the Service by electronic or other means; (q) reverse engineering, decompiling, disassembling, deciphering, or otherwise attempting to derive the source code for any underlying intellectual property used to provide the Sites or the Service; (r) engaging in “framing,” “mirroring,” or otherwise simulating the appearance or function of the Sites or the Service; (s) forging any TCP/IP packet header or any part of the header information in any e-mail or newsgroup posting; (t) modifying, translating, or otherwise creating derivative works of any part of the Sites or the Service; or (u) copying, renting, leasing, distributing, or otherwise transferring any or all of the rights that you receive hereunder.
Violations of system or network security may result in civil or criminal liability. You acknowledge and agree that it is your responsibility to install anti-virus software and related protections against viruses, Trojan horses, worms, time bombs, cancelbots, or other computer programming routines or engines that are intended to damage, destroy, disrupt, or otherwise impair a computer’s functionality or operation.
You further acknowledge and agree that in the event that Company determines, in its sole discretion, that any of the Covered Websites include explicit pornography, bestiality, human trafficking, child pornography or violate any local, state, national or international law or regulation, Company may immediately terminate this Agreement and refund a prorated portion of the Service Subscription Fee for the remainder of the Service Term.
Company reserves the right to remove any Content, including Your Content, from the Sites or the Service at any time, for any reason (including, but not limited to, upon receipt of claims or allegations from third parties or authorities relating to such Content or if Company is concerned that you may have violated these Terms), or for no reason at all.
Notwithstanding any other provision of these Terms or the Privacy Policy, Company reserves the right, but has no obligation, to disclose any information that you submit or that Company discovers in performing the Service, if in its sole opinion, Company suspects or has reason to suspect, that the Covered Websites are involved in any way in activities that violate any local, state, national or international law or regulation. Information may be disclosed to authorities that Company, in its sole discretion, deems appropriate to handle such disclosure. Appropriate authorities may include, without limitation, law enforcement agencies, child protection agencies or court officials. You hereby acknowledge and agree that Company is permitted to make such disclosure.
DISPUTES, BINDING INDIVIDUAL ARBITRATION AND WAIVER OF CLASS ACTIONS AND CLASS ARBITRATIONS. PLEASE READ THIS SECTION CAREFULLY. FOLLOW THE INSTRUCTIONS BELOW IF YOU WISH TO OPT OUT OF THE PROVISIONS REQUIRING YOU TO RESOLVE DISPUTES THROUGH INDIVIDUAL ARBITRATION.
(A) Disputes. The terms of this Section shall apply to all Disputes between you and Company, except for disputes governed by the Uniform Domain Name Dispute Resolution Policy. For the purposes of this Section, “Dispute” shall mean any dispute, claim, or action between you and Company arising under or relating to any Services, Sites, these Terms, or any other transaction involving you and Company, whether in contract, warranty, misrepresentation, fraud, tort, intentional tort, statute, regulation, ordinance, or any other legal or equitable basis, and shall be interpreted to be given the broadest meaning allowable under law. YOU AND COMPANY AGREE THAT “DISPUTE” AS DEFINED IN THESE TERMS SHALL NOT INCLUDE ANY CLAIM OR CAUSE OF ACTION BY YOU OR COMPANY FOR (i) TRADE SECRET MISAPPROPRIATION, (ii) PATENT INFRINGEMENT, (iii) COPYRIGHT INFRINGEMENT OR MISUSE, AND (iv) TRADEMARK INFRINGEMENT OR DILUTION. Moreover, notwithstanding anything else in these Terms, you agree that a court, not the arbitrator, may decide if a claim falls within one of these four exceptions.
(B) Binding Arbitration. You and Company further agree: (i) to arbitrate all Disputes between the parties pursuant to the provisions in these Terms; (ii) these Terms memorialize a transaction in Canadian commerce; and (iii) this Section shall survive termination of these Terms. ARBITRATION MEANS THAT YOU WAIVE YOUR RIGHT TO A JUDGE OR JURY IN A COURT PROCEEDING AND YOUR GROUNDS FOR APPEAL ARE LIMITED. The arbitrator may award you the same damages as a court sitting in proper jurisdiction, as limited by the Limitation of Liability set forth and may award declaratory or injunctive relief only in favor of the individual party seeking relief and only to the extent necessary to provide relief warranted by that party’s individual claim. In addition, in some instances, the costs of arbitration could exceed the costs of litigation and the right to discovery may be more limited in arbitration than in court. The decision of the arbitrator shall be final and enforceable by any court with jurisdiction over the parties.
(C) Small Claims Court. Notwithstanding the foregoing, you may bring an individual action in the small claims court of your state or municipality if the action is within that court’s jurisdiction and is pending only in that court.
(D) Dispute Notice. In the event of a Dispute, you or Company must first send to the other party a notice of the Dispute that shall include a written statement that sets forth the name, address and contact information of the party giving it, the facts giving rise to the Dispute, and the relief requested (the “Dispute Notice”). The Dispute Notice to Company must be addressed to: Bwired Technologies, Inc. d/b/a Rhyno Cybersecurity, 283 Duke St W, Suite 301, Kitchener, ON, N2H 3X7, Canada, Attn.: Legal Department (the “Bwired Notice Address”). The Dispute Notice to you will be sent by certified mail to the most recent address we have on file or otherwise in our records for you. If Company and you do not reach an agreement to resolve the Dispute within sixty (60) days after the Dispute Notice is received, you or Company may commence an arbitration proceeding pursuant to this Section. Following submission and receipt of the Dispute Notice, each of us agrees to act in good faith to seek to resolve the Dispute before commencing arbitration.
(E) WAIVER OF CLASS ACTIONS AND CLASS ARBITRATIONS. YOU AND COMPANY AGREE THAT EACH PARTY MAY BRING DISPUTES AGAINST THE OTHER PARTY ONLY IN AN INDIVIDUAL CAPACITY, AND NOT AS A PLAINTIFF OR CLASS MEMBER IN ANY PURPORTED CLASS OR REPRESENTATIVE PROCEEDING, INCLUDING WITHOUT LIMITATION FEDERAL OR STATE CLASS ACTIONS, OR CLASS ARBITRATIONS. NEITHER YOU NOR COMPANY WILL SEEK TO HAVE ANY DISPUTE HEARD AS A CLASS ACTION, PRIVATE ATTORNEY GENERAL ACTION, OR IN ANY OTHER PROCEEDING IN WHICH EITHER PARTY ACTS OF PROPOSES TO ACT IN A REPRESENTATIVE CAPACITY. NO ARBITRATION OR OTHER PROCEEDING WILL BE COMBINED WITH ANOTHER WITHOUT THE PRIOR WRITTEN CONSENT OF ALL PARTIES TO ALL AFFECTED ARBITRATIONS OR PROCEEDINGS.
(F) Claims or Disputes Must be Filed Within One Year. To the extent permitted by law, any claim or dispute to which this Section applies must be filed within one year in small claims or in arbitration. The one-year period begins when the claim or Notice of Dispute first could be filed. If not filed within one year, the claim or dispute will be permanently barred.
(G) 30-Day Opt-out Period. IF YOU DO NOT WISH TO BE BOUND BY THE ARBITRATION PROVISION IN THIS DISPUTES SECTION, YOU MUST NOTIFY COMPANY BY E-MAILING [email protected] WITHIN 30 DAYS OF THE DATE THAT YOU ACCEPT THESE TERMS (UNLESS A LONGER PERIOD IS REQUIRED BY APPLICABLE LAW). In the e-mail, you must provide your (a) first name, (b) last name (c) address, (d) phone number, and (e) account number(s) and state the following: “I wish to opt out of the arbitration provision contained in Rhyno’s Terms and Conditions.” By providing your information in the method above, you are opting out of the agreement to arbitrate contained in Company’s Terms and Conditions. Your opt-out request will only be valid if made within thirty (30) days of first accepting the Terms and Conditions. In the event that you opt-out consistent with the procedure set forth above, all other terms shall contained herein shall continue to apply, including those related to the applicable governing law and the court(s) in which legal disputes may be brought.
(H) Amendments to this Section. Notwithstanding any provision in these Terms to the contrary, you and Company agree that if Company makes any future amendments to the dispute resolution procedure and class action waiver provisions (other than a change to Company’s address) in these Terms, Company will notify you and you will have thirty (30) days from the date of notice to affirmatively opt-out of any such amendments. If you affirmatively opt-out of any future amendments, you are agreeing that you will arbitrate any Dispute between us in accordance with the language of this Section as stated in these current Terms, without any of the proposed amendments governing. If you do not affirmatively opt-out of any future amendments, you will be deemed to have consented to any such future amendments.
(I) Severability. If any provision in this Section is found to be unenforceable, that provision shall be severed with the remainder of these Terms remaining in full force and effect. The foregoing shall not apply to the prohibition against class or representative actions; if the prohibition against class or representative actions is found to be unenforceable, this entire Section shall be null and void. The terms of this Section shall otherwise survive any termination of these Terms.
(J) Exclusive Venue for Other Controversies. Company and you agree that any controversy excluded from the dispute resolution procedure and class action waiver provisions in this Section (other than an individual action filed in small claims court) shall be filed only in the Province of Ontario, and each party hereby irrevocably and unconditionally consents and submits to the exclusive jurisdiction of such courts for any such controversy. You also agree to waive the right to trial by jury in any such action or proceeding.
Integration and Severability
The titles and headings of this Agreement are for convenience and ease of reference only and shall not be utilized in any way to construe or interpret the agreement of the parties as otherwise set forth herein. Each covenant and agreement in this Agreement shall be construed for all purposes to be a separate and independent covenant or agreement. If a court of competent jurisdiction holds any provision (or portion of a provision) of this Agreement to be illegal, invalid, or otherwise unenforceable, the remaining provisions (or portions of provisions) of this Agreement shall not be affected thereby and shall be found to be valid and enforceable to the fullest extent permitted by law.
General
International Users. The Sites can be accessed from countries around the world and may contain references to services and content that are not available in your country. These references do not imply that Company intends to announce such services or content in your country. The Sites and the Service are controlled and offered by Company from its facilities in the United States of America. Company makes no representations that the Sites or the Service are appropriate or available for use in other locations. Those who access or use the Sites or the Service from other jurisdictions do so at their own volition and are responsible for compliance with local law.
Notice. Where Company requires that you provide an e-mail address, you are responsible for providing Company with your most current e-mail address. In the event that the last e-mail address you provided to Company is not valid, or for any reason is not capable of delivering to you any notices required/permitted by the Terms, Company’s dispatch of the e-mail containing such notice will nonetheless constitute effective notice. You may give notice to Company addressed to the attention of Chief Technology Officer 283 Duke St W, Suite 301, Kitchener, ON, N2H 3X7, Canada. Such notice shall be deemed given when received by Company by letter delivered by nationally recognized overnight delivery service or first class postage prepaid mail.
Waiver. Any waiver or failure to enforce any provision of this Agreement on one occasion will not be deemed a waiver of any other provision or of such provision on any other occasion.
Assignment. These Terms, and your rights and obligations hereunder, may not be assigned, subcontracted, delegated, or otherwise transferred by you without Company’s prior written consent, and any attempted assignment, subcontract, delegation or transfer in violation of the foregoing will be null and void.
Dispute Resolution. This Agreement shall be governed by and construed in accordance with the federal law of Canada and the Province of Ontario, whichever is applicable, without regard to conflict of laws principles. You agree that any action relating to or arising out of this Agreement shall be brought in the province or federal courts of Kitchener, Ontario, and you hereby consent to (and waive all defenses of lack of personal jurisdiction with respect to) jurisdiction and venue in the provincial and federal courts of Kitchener, Ontario. You agree to waive the right to trial by jury in any action or proceeding that takes place relating to or arising out of this Agreement.
1. DEFINITIONS
1.1. “Vulnerability Assessment and/or Penetration Test Authorization Form” means the Company’s form to be signed by the Client and submitted to Company when ordering the Security Testing;
1.2. “Client” means the individual(s) and/or organization(s) to whom the Company is providing Security Testing and who has signed and completed a Vulnerability Assessment and/or Penetration Test Authorization Form;
1.3. “Company” means Rhyno Cybersecurity, a Bwired Technology division;
1.4. “Conditions” means the terms and conditions set out in this Contract;
1.5 “Vulnerability Assessment and Penetration Testing” means the Company will conduct Security Testing on the Client’s network;
1.6. “Confidential Information” means all tangible and intangible information designated as confidential by any party in writing together with all other information which may reasonably be regarded as confidential including, but not limited to, details of the Clients’ System, procedures, network configuration and topology, passwords, private encryption keys and details of the Company’s methodologies;
1.7. “Consultant” means the individual(s) provided by Company for the performance of the Security Testing;
1.8. “Contract” means the contract formed by these Terms and Conditions together with the Proposal and the Penetration Test Authorization Form;
1.9. “Fees” means Company’s fees for the Security Testing as detailed in the Proposal, and all reasonable expenses incurred by the Consultant in carrying out the Security Testing which will be agreed in advance with the Client;
1.10. “Force Majeure” means any cause preventing either Party from performing any or all of its obligations under these Conditions which arises from or is attributable to acts, events, omissions or accidents beyond the reasonable control of the Party so prevented;
1.11. “Intellectual Property Rights” (IPR) means any copyright, patent, design patent, registered design and design rights, utility models, trademarks, service marks, an application for any of these or the right to supply for the same, trade secrets, know-how, database rights, moral rights, confidential information, trade or business names and any other industrial and proprietary and other similar protected rights in any country and any licenses under or in respect of such rights;
1.12. “Party” means any party to, or the parties to, this Contract;
1.13. “Personal Data” has the meaning given to that term in Data Protection Laws;
1.14. “Proposal” means the proposal for the Security Testing provided by Company to the Client detailing the scope of work all or some of which may be accepted by the Client in their purchase order;
1.15. “Security Testing” means the provision of services as described in the Proposal made by the Company to the Client;
1.16. “Start Date” means the date the Security Testing will start to be provided as confirmed by the Company in writing to the Client;
1.17. “System” means the systems, networks, processes and policies, whether technical or not, which the Client requires to be security tested described in the Proposal made by the Company to the Client and pursuant to this Contract;
1.18. “Test Report” means the report produced by the Company detailing the results of the Security Testing;
1.19. “TAX” means value added tax as defined under the Value Added Tax Act 1994.
2. COMPANY’S DUTIES
2.1. The Company shall perform the Security Testing for the Client using reasonable skill and care and in a professional, timely manner. Time for provision or completion of the Security Testing or any part of it shall not be of the essence.
2.2. Where a Test Report is required it shall, unless otherwise agreed, be produced by the Consultant within ten (10) working days or as agreed with the Client on completion of the Security Testing and sent to the Client.
2.3. While the Company will use reasonable endeavors to ensure that the same Consultant will continue throughout the Security Testing, it reserves the right to replace that Consultant if necessary at its reasonable discretion by notifying the Client.
2.4. The Company shall, where the Consultant is present on the Client’s premises, ensure that the Consultant complies with such reasonable site rules and procedures as are prior notified to the Company.
3. THE CLIENT AGREES
3.1. To obtain appropriate consent from its ISP (Internet Service Provider), only where the ISP is hosting services on behalf of the Client and any other relevant third party supplier of the System, only where the third party supplier is hosting services on behalf of the Client for the Security Testing to be carried out and, when requested by the Company, to provide evidence of such consent and to notify relevant employees that the Security Testing has been scheduled and that they may be monitored;
3.2. To arrange a mutually convenient time with the Company for the performance of the Security Testing and to inform its ISP of the date agreed with Company in accordance 3.1;
3.3. To make appropriate backups of the System prior to the commencement of the Security Testing;
3.4. That, where the Security Testing is to take place on the Client’s premises, the Client shall ensure that suitable accommodation is provided for the Consultant which shall include network access and, where necessary, access to data centers, server rooms and/or switch rooms;
3.5. That should the Client require a laptop or Personal Digital Assistant (PDA) to be security tested by the Company it will deliver the laptop and/or PDA to the Company’s registered address and collect it from those premises or authorize other means of delivery and return at the Client’s own risk. The Company shall not be liable for the laptop or PDA during transit to or from its offices;
3.6. The Client will compensate the Company for any direct losses incurred as a result of a claim from a third party arising out of any failure of the Client to comply with clauses 3.1, 3.2 and 3.3 provided always that the Company shall mitigate any and all losses and provide written notice of any claim to the Client within 10 working days;
3.7. To provide the Company with at least one employee who shall have substantial computer systems, network and project management experience of the Client’s Systems to act as liaison between the Client and the Company;
3.8. To co-operate with the Company and to provide it promptly with such information about its Systems, network, premises, equipment, data structures, protocols, software, hardware and firmware as are reasonably required by the Company;
3.9. To ensure that, where the Security Testing is taking place on its premises, the premises are safe;
3.10. That, by signing the Penetration Test Authorization Form, the Client consents, for itself and on behalf of all group companies, to the Company performing the Security Testing and that it has procured, where necessary, the consent of all its (and its group companies) employees, agents and sub-contractors that the Company shall be permitted to carry out the Security Testing. The Company will be carrying out the Security Testing in the belief that it has all appropriate consents, permits and permissions from the Client and its group companies (and their employees, agent and sub-contractors);
3.11. That, whilst the Company will conduct all Security Testing in line with accepted best practice and make all reasonable efforts to avoid disruption of the Client’s network, the tools and techniques used may cause disruption to the Client’s Systems and/or possible loss of or corruption to data and the Client agrees to take such backups and provide such redundant systems as are prudent in the circumstances. The Company will notify the Client in the event where activity would lead to loss of service or data before proceeding where this is known to the Company;
3.12. To notify the Company immediately if there are any periods during Security Testing when the Company should stop work due to critical business processes (such as batch runs) or if any part of the System is business critical so that the Company can, if needs be and with the Client’s consent, modify its testing approach;
3.13. That, where the Company supplies any software as part of the Security Testing, it shall only use such software for lawful purposes;
3.14. That, during the performance of the Security Testing and for a period of 6 months after completion of the Security Testing, it will not recruit any employees or personnel of the Company which it met or was introduced to through its relationship under this Contract without the prior written consent of the Company;
4. FEES AND PAYMENT
4.1. Subject to 4.2 below and unless otherwise agreed, the Fees payable under this Contract shall be paid prior to the Test Report or, if none is to be provided, on completion of the Security Testing. Invoices are due for payment immediately upon the date of the invoice. All payments due under this Contract shall become due immediately upon termination of this Contract despite any other provision in this Contract. All payments due under this Contract shall be made without any deduction by way of set off, counterclaim, discount or abatement or otherwise.
4.2. The Company shall be entitled to interest on any payment not paid when properly due pursuant to the terms of these conditions, calculated from day to day at a rate per annum equal to 5%.
4.3. All sums under the Contract are unless otherwise stated, exclusive of HST or tax. Any tax payable in respect of such sums shall be payable in addition to such sums and shall be payable in addition to such sums, at the rate from time to time prescribed by law on delivery of a valid taxed invoice.
4.4. The Company reserves the right to invoice the Client upon acceptance of the order an amount of 100% of the estimated Fees that will be charged for the performance for the Security Testing to cover the costs of initiating and preparing for the performance of the Security Testing. The Initial Fee will be treated as a payment on account of the total Fees charged for the Security Testing.
4.5. Upon confirmation by the Company in writing to the Client of the Start Date, the Company will immediately start to allocate resources and facilities and commit to third party expenditure to fulfil its contractual commitments. The Company may at its absolute discretion allow the Security Testing to be re-scheduled or cancelled, but if it does so allow, the Client agrees that it will be committed to paying the Company a proportion of the Fees as genuinely pre-estimated liquidated damages to reflect the losses which it will incur as a result of such cancellation or re-scheduling, as follows:
4.5.1. cancellation or re-schedule request within 120 hours of the start date and where the Company is unable to utilize the committed resources up to 100% of the Fees will be payable; and
4.5.2. this applies to each delay separately. Where the Company permits a re-booking, in addition to the proportion of the Fees incurred above, the full Fees will also be payable for the Security Testing as re-booked.
5. CONFIDENTIALITY
5.1. Each party will not disclose or permit its employees, agents and sub-contractors to disclose any Confidential Information entrusted to it by the other party provided always that this restriction shall not apply to information already in the receiving party’s possession, or which comes into the public domain other than by breach of this obligation by the receiving party or its employees, agents and sub-contractors, or which is disclosed to the receiving party or which is required to be disclosed pursuant to any law or regulation or by the rules of any stock exchange or by a court of competent jurisdiction. If Confidential Information is required to be disclosed pursuant to any law or regulation or by the rules of any stock exchange or by a court of competent jurisdiction then the Receiving Party shall notify the Disclosing Party prior to any disclosure.
6. INTELLECTUAL PROPERTY RIGHT
6.1. Ownership of all Intellectual Property Rights in the System remains at all times with the Client and/or its ISP or other third party supplier. For the avoidance of doubt, all Intellectual Property Rights in the materials used by the Company to carry out the Security Testing remain vested in the Company or any relevant third party owners.
6.2. All Intellectual Property Rights in the results of the testing shall belong to the Client.
6.3. Copyright in the Test Report shall also remain with the Company, but the Client is hereby granted a non-exclusive, non-transferable license to copy and use the Test Report for its own internal purposes only. The Client will need prior agreement to be sent in any form to any 3rd party. In any event this will not be given to the forwarding of a Test Report to a penetration testing company or entity.
7. LIABILITY
7.1. Nothing in this clause 7 excludes or limits the liability of the Company for fraudulent misrepresentation or for death or personal injury caused by the Company’s negligence. Save as aforesaid the following provisions set out the entire financial liability of the Company (including any liability for the acts or omissions of its employees, agents and sub-contractors) to the Client, its ISP or any third party supplier of the System to the Client.
7.2. The Company shall not be liable for any loss, damage, costs, expenses or other claims for compensation arising from any material or instruction supplied by the Client which are incomplete, incorrect, inaccurate, illegible or defective in any other way. The Company should highlight to the Client any known errors.
EXCEPT AS OTHERWISE REQUIRED BY LAW, THE LIABILITY OF COMPANY AND ITS LICENSORS TO USER OR ANY THIRD PARTY ARISING OUT OF OR IN CONNECTION WITH THIS AGREEMENT OR THE USE OF THE DEMO SOLUTION, OR FOR ANY ERROR OR DEFECT IN THE HARDWARE, SOFTWARE OR SERVICE, OR FOR THE PROVISION OF TECHNICAL SUPPORT INSTALLATION, TRAINING OR OTHER SERVICES IN CONNECTION THEREWITH, HOWEVER CAUSED, AND ON ANY THEORY OF LIABILITY, INCLUDING CONTRACT, STRICT LIABILITY, NEGLIGENCE OR OTHER TORT, SHALL BE LIMITED TO DIRECT DAMAGES NOT TO EXCEED ANY FEES PAID TO RHYNO HEREUNDER. IN NO EVENT WILL RHYNO OR ITS LICENSORS BE LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL, PUNITIVE OR CONSEQUENTIAL DAMAGES, INCLUDING DAMAGES FOR LOSS OF PROFITS, BUSINESS, REVENUE, DATA OR DATA USE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. THESE LIMITATIONS WILL APPLY NOTWITHSTANDING THE FAILURE OF THE ESSENTIAL PURPOSE OF ANY REMEDY.
7.3. The Company shall not be liable for any loss or damage caused to either the Client, its ISP or other third party supplier of the System either jointly or severally except to the extent that such loss or damage is caused by the negligent acts or omissions of or a breach of any contractual duty by the Company, its employees, agents or sub-contractors in performing the Security Testing.
7.4. The Company’s total liability in respect of all claims arising under or by virtue of this Contract or in connection with the performance of this Contract shall not exceed $1,000,000 CAD in aggregate.
7.5. The Client’s total liability in respect of all claims arising under or by virtue of this Contract or in connection with the performance of this Contract shall not exceed the amount $1,000,000 CAD in aggregate.
7.6. The Company and the Client shall not be liable to each other for any indirect or consequential loss or damage whether for loss of profit, loss of business, depletion of goodwill or otherwise whatsoever or howsoever caused which arise out of or in connection with this Contract even if such loss was reasonably foreseeable
8. TERMINATION
8.1. The Company reserves the right to withdraw or delay from Security Testing by providing 5 working days’ notice, if, in its opinion, information required for satisfactory completion of the Security Testing and requested by the Company in writing is either not provided or, if provided, is inaccurate or inadequate. The Client shall be liable for any reasonable fee and expenses incurred up to and including the date of withdrawal.
8.2. Either party may (without limiting any other remedy) at any time terminate the Contract by giving written notice to the other if the other commits any material breach of these Conditions and (if capable of remedy) fails to remedy the breach within thirty (30) days after being required by written notice from the other Party to do so, or in an Event of Insolvency.
9. EXCLUSION OF THIRD PARTY RIGHTS
A person who is not a party to this Contract shall not have any rights under the Contract to enforce any term of this Contract
10. DATA PROTECTION
10.1. In the course of providing the Security Testing, the Company may obtain Personal Data from the Client. The Client confirms that it has obtained all consents required from data subjects to enable such Personal Data to be disclosed to the Company and made all necessary registrations and notifications in accordance with applicable Data Protection Laws to enable the Company to carry out the Security Testing and the Client will ensure the same are kept accurate and up to date.
10.2. In respect of any Personal Data held or processed by the Company as a result of or pursuant to these Conditions, the Company represents to the Client that it has made all necessary registrations and notifications in accordance with applicable Data Protection Laws and that it will ensure that the same are kept accurate and up to date during the term of the agreement.
10.3. In addition to and notwithstanding any other right or obligation arising under these Conditions, the Company (and shall ensure that its Personnel shall):
a) implement appropriate technical and organizational measures to protect the Personal Data (i) from accidental or unlawful destruction, and (ii) loss, alteration, unauthorized disclosure of, or access to the Data (a “Security Incident”).
b) use the Personal Data obtained as a result of these Conditions only for the purposes of fulfilling its obligations under these Conditions and not disclose Personal Data without the written authority of the Client;
c) comply with the express instructions or directions of the Client from time to time in connection with the use of such Personal Data and the requirements of any Data Protection Laws and such Personal Data shall be treated as Confidential Information of the Client for the purposes of these Conditions;
d) not do or omit to do anything which causes the Client to breach any Data Protection Laws or contravene the terms of any registration, notification or authorization under any Data Protection Laws of the Client; and
e) not transfer Personal Data which has been obtained by or made available to the Company to any country outside the European Economic Area without the prior written consent of the Client.
10.4. The Company shall not subcontract any processing of the Personal Data to a third party subcontractor without the prior written consent of the Client. If the Client refuses to consent to the Company’s appointment of a third party subcontractor on reasonable grounds relating to the protection of the Personal Data, then the Company will not appoint the subcontractor.
10.5. The Company shall not be in breach of this Clause 10 if it acts on the instructions of the Client.
10.6. If the Company believes or becomes aware that its processing of the Personal Data is likely to result in a high risk to the data protection rights and freedoms of data subjects, it shall inform the Client as soon as reasonably practicable and provide the Client with all such reasonable assistance at the Client’s cost as the Client may reasonably require in order to conduct a data protection impact assessment.
10.7. The Company will (and will ensure that its Personnel will) without undue delay notify the Client if it becomes aware of a Security Incident or if lawfully able that a disclosure of Personal Data may be required by law, or if it receives a request from an individual to access their Personal Data or to cease or not begin processing (or to rectify, block, erase or destroy Personal Data), or if it receives any communication from the Office of the Information Commissioner or similar authority relating to the Personal Data. The Company shall provide all such timely information and cooperation as the Client may reasonably require in order for the Client to fulfil its data breach reporting obligations under (and in accordance with the timescales required by) Data Protection Laws. The Company shall further take all such measures and actions as are technically practicable and within its control to remedy or mitigate the effects of the Security Incident and shall keep the Client up-to-date about all developments in connection with the Security Incident.
11. FORCE MAJEURE
11.1. Neither party to the Contract shall be deemed to be in breach of these conditions or otherwise liable to the other party in any manner whatsoever for any failure or delay in performing its obligations to the extent that the same is caused by Force Majeure. In the event the Force Majeure continues for a continuous period in excess of thirty (30) working days, either party shall be entitled to give notice in writing to the other party.
12. GENERAL
12.1. The Consultant shall have no authority to amend the terms and conditions of this Contract or to relieve the Client of any of its obligations under these conditions or to increase the Company’s obligations under these conditions or waive any of the Company’s rights under these terms and conditions. The Consultant shall have no authority to incur expenditure in the name of or an account of the Company or hold themselves out as having authority to bind the Company.
12.2. The Company does not give any warranty or undertaking or make any representation (either express or implied) as to the completeness or accuracy of any information provided to the Client prior to this Contract which relates to or is provided in respect of these terms and conditions by or on behalf of the Company.
THE SECURITY TESTING IS PROVIDED “AS-IS.” RHYNO DISCLAIMS ALL OTHER WARRANTIES, EXPRESS OR IMPLIED, INCLUDING ANY WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE OR NONINFRINGEMENT AND ANY WARRANTIES ARISING OUT OF COURSE OF DEALING OR USAGE IN TRADE.
12.3. These standard terms and conditions together with the Penetration Test Authorization Form and the Proposal, shall constitute the entire agreement between the Parties and supersede any previous agreement or understanding and may not be varied except in writing between the Parties and signed by their respective authorized signatories. All other terms and conditions express or implied by statute or otherwise, are excluded to the fullest extent permitted by law. As regards Security Testing, in the event of any conflict between any of the terms of these documents the following order shall prevail:
(1) Vulnerability Assessment and/or Penetration Test Authorization Form;
(2) the terms and conditions in this Contract; and
(3) Proposal.
12.4. Any notice sent under this Contract shall be in writing addressed to the other Party at its registered office or principal place of business or such other address as may be notified by each Party to the other time to time.
12.5. No failure or delay by either party in exercising any of its rights under this Contract shall be deemed to be a waiver of that right.
12.6. If any provision or any part of a provision of this Contract is held by any authority to be invalid and unenforceable, the validity of the other provisions and/or the remaining part of the provision shall not be affected.
12.7. This Contract shall be governed by the laws of Ontario, Canada and the Parties submit to the exclusive jurisdiction of the Canadian courts, except for enforcement proceedings where the Canadian courts shall have non-exclusive jurisdiction.
1. DEFINITIONS
1.2 Threat: Any activity identified by RhynoGUARD™ MDR service that may cause harm to an asset in a Client’s IT environment.
1.3 Investigation: A central location within the RhynoGUARD™ MDR service application that is used to collect evidence, analysis, and recommendations related to a threat that may be targeting an asset in a Client’s IT environment.
1.4 Threat Hunting: The cyclic process in which hardware, software and humans seek previously unidentified Threats within an IT environment. As these Threats are identified, they are recorded in the system to ensure that they can be detected in the future.
1.5 Security Incident: A RhynoGUARD™ MDR-generated circumstance in which a compromise or suspected compromise has occurred involving a Client.
1.6 Integration: Application Programming Interface (“API”) calls or other software scripts for conducting the agreed-upon Services for the connected technology.
1.7 Service Level Agreements (“SLAs”): A binding agreement to meet defined Service delivery standards.
1.8 Service Term: Period of time identified in the Transaction Document during which Services to Customer will be rendered.
Overview
The RhynoGUARD™ Managed Detection and Response (MDR) service (“Service”) provides Clients with 24×7 security monitoring and investigations within the client’s network via Rhyno Cybersecurity’s RhynoGUARD™ Network Intrusion Detection and Prevention System (NIDPS) server appliance. The Service includes Threat detection and Investigations, Threat response actions, 24×7 access to Rhyno Cybersecurity analysts, and additional support and features as described below.
Capabilities
Threat Detection and Investigations Rhyno Cybersecurity will review and investigate Threats detected within the network. Threats requiring further analysis as determined by Rhyno Cybersecurity will result in creation of an Investigation within the RhynoGUARD™ MDR. Rhyno Cybersecurity will notify Client through by e-mail, phone, text or supported integrations after enough evidence is collected and a Threat is deemed malicious, or if Rhyno Cybersecurity requires further input from Client to proceed with the Investigation.
Threat Response Actions Rhyno Cybersecurity will perform supported Threat response actions on behalf of Client based on recommendations from within the Client’s network, endpoints and other integrated infrastructure. Supported integrations and actions can be provided to Client upon time of service scope.
24×7 Access to Security Analysts
Security analysts are available 24×7 through chat or ticketing system, or telephone.
Additional Support and Features
The Service includes the additional support and features listed below.
Threat Hunting
Rhyno Cybersecurity will conduct Threat Hunting through both the RhynoGUARD™ NIDPS server appliance and data from supported integrations. Rhyno Cybersecuity will inspect collected Client telemetry to detect activity such as persistence mechanisms, anomalous user activity, threat actor tactics, anomalous network communications, and anomalous application usage. In addition, Rhyno Cybersecurity conducts Threat Hunting on a monthly basis across Clients’ IT environments for relevant indicators of compromise and tactics collected from current incident response engagements. Threats detected as part of the Threat Hunting process will result in creation of an Investigation and Client notification through the Rhyno Cybersecurity Helpdesk Portal, e-mail, or supported integrations.
Account Manager
An Account Manager will be assigned upon Service initiation to support Clients through continually improving Client’s security posture. The Account Manager will meet with Client remotely by teleconference or in person to review trends and notable activity observed within Client’s IT environment through the RhynoGUARD™ MDR service, and provide recommendations on how to defend against Threats during the Service stages listed below.
Stage and Activities
1) Scoping and Onboarding
2) Installation and Configuration
3) Identification and Service Baseline
4) Optimization and Operation
5) Reporting and Steady State
Remote Incident Response
Rhyno Cybersecurity will provide up to 20 hours of remote Incident Response (“IR”) assistance to Client for each Service Term quarter. Assistance can include but is not limited to the following:
Rhyno Cybersecurity Threat Intelligence
Client network and endpoint telemetry is continually compared against network, endpoint, and behavioral indicators to identify threats within Client’s IT environment.
Client Obligations
Client will perform the obligations listed below and acknowledges that the ability of Rhyno Cybersecurity to deliver the Service is dependent upon Client’s compliance with the obligations hereunder, including meeting the service levels below. Noncompliance with these obligations may result in suspension of the Service or suspension of service levels. Client will do the following:
Service Level Agreements (“SLAs”)
The ability of Rhyno Cybersecurity to perform an Investigation and decide whether a Threat is malicious is dependent on RhynoGUARD™ NIDPS being installed on the Client’s IT environment. The service levels below apply to RhynoGUARD™ NIDPS server appliances that are licensed as part of the Service and are actively communicating with the RhynoGUARD™ MDR service infrastructure.
Service Level: Threat Investigation
Service Level: Remote IR Service Requests