GENERAL TERMS AND CONDITIONS
of j2 GLOBAL IRELAND LIMITED (TRADING AS VIPRE® Security) AND VIPRE SECURITY LIMITED (in each case as specified in the Order Form and referred to herein as “VIPRE”).
These General Terms and Conditions are effective for each Customer and User that enters into the Agreement on or after 22 April 2019;
For any Agreements entered into before 22 April 2019, the previous version of these terms and conditions are available on request.
This Agreement (the “Agreement”) comprises the following documents, which shall have precedence in the following order:
1. The Order Form
2. These general terms and conditions including Schedule A (Data Processing Terms) hereto
3. The Service Level Agreement
4. VIPRE Endpoint Security License Terms (applicable to VIPRE Endpoint Security – Cloud Edition)
5. Acceptable Use Policy
1. Definitions and Interpretation
In this Agreement, unless the context clearly requires otherwise, the following terms have the following meanings, and all other capitalized terms have the meaning ascribed elsewhere in this Agreement
“Acceptable Use Policy” means VIPRE’s Acceptable Use Policy as available on VIPRE’s website, as may be amended from time to time by VIPRE in its sole discretion.
“Additional Services” means any services purchased by the Customer during the Term other than those set out in the Order Form (including any additional Users).
“Order Form” means the Order Form signed by the Customer and VIPRE and which details the Services purchased by the Customer.
“Customer Data” means electronic mail, messages, and other data and information accessible, communicated, obtained, received or transmitted by Customer or
Users through or using the Services.
“Data Processing Terms” means the terms set out in Schedule A to this Agreement which relate to the processing of personal data by VIPRE pursuant to the Services.
“Effective Date” means the date on which the Customer has signed the Order Form (unless otherwise stated on the Order Form).
“Fees” means Initial Fees, Monthly Fees and the fees to be paid by Customer for Additional Services.
“Initial Fees” means the fees and expenses payable by Customer to VIPRE for initial setup and installation services (if any) and where the Customer is paying an upfront fee, the upfront fee, in each case as indicated in the Order Form.
“Initial Term” means the initial term of this Agreement as set out in the Order Form.
“Monthly Fees” means monthly fees and expenses payable by Customer to VIPRE for the Services as indicated in the Order Form.
“Service Level Agreement” means VIPRE’s service level agreement as provided to the Customer.
“Services” means the services as set out in the Order Form and any Additional Services.
“Software” means the online software applications provided by VIPRE as part of the Services.
“Term” has the meaning specified in Clause 10.1.
“Third Party Services” means the Services in respect of which VIPRE acts as a value added distributor on behalf of a Third Party Provider.
“Third Party Provider” means the provider of the relevant Third Party Service.
“Users” means an individual employee or representative of Customer, either at the Effective Date or at any time thereafter, who uses the Services for Customer’s business purposes.
“VIPRE End Point Security Licence Terms” means the end user license agreement relating to the VIPRE End Point Security as available on VIPRE’s website and as may be modified from time to time.
INTERPRETATION
2. Services
2.1 Services. VIPRE will provide the Services as indicated on the Order Form and in accordance with the relevant description of the Services on its website, provided that any Third Party Services shall be provided as described in and limited by the applicable end-user license agreement and the applicable service level agreement (if any) published by Third Party Provider from time to time.
2.2 Technical Support Services. VIPRE will use commercially reasonable efforts to make available and provide technical support to Customer in accordance with its Service Level Agreement (subject to Clause 2.1). VIPRE will provide technical support only to Customer’s Mail Administrator, as defined in Clause 4.3. Initial requests for technical support may be made by telephone, facsimile or email using the Technical Support contact information indicated from time to time on VIPRE’s website www.VIPRE.com. Technical support is subject to the limitation that not all technical problems can or will be corrected or resolved.
3. FEES
3.1 Fees and Taxes. As payment for the Services, Customer will pay the Fees to VIPRE. Fees are quoted exclusive of taxes, which are the sole responsibility of Customer. Taxes include but are not limited to national, state, provincial, municipal or any other governmental tax, fee or assessment. VIPRE may automatically increase the Fees by up to 10% upon and with effect from renewal of a Term. Without limiting the foregoing, VIPRE may increase the prices by more than 10% with effect from the renewal of a Term, provided that it has notified the Customer of the price increase at least 30 days in advance of renewal of the Term and Customer shall be deemed to have accepted such price increase if it does not object within 30 days of the notice. If the Customer objects to such price increase within such 30 days of the notice, VIPRE shall have the right to elect to renew the Contract on the existing terms (subject to any automatic increase of up to 10% upon renewal as provided herein) or terminate the contract with effect from the end of the then current Term.
3.2 Accounts and Users. Fees are calculated on the basis of the number of Users set out in the Order Form (the “Minimum User Number”). Customer may add additional Users during the Term, any such additional Users in excess of the Minimum User Number, as declared or created by the Customer, or otherwise identified shall be charged at the price per User set out in the Order Form. It is the Customer’s responsibility, as stated in Clause 4.8 to bring increases in the number of Users to the attention of VIPRE without undue delay. Customer may not reduce the Minimum User Number without the written agreement of VIPRE.
3.3 Invoices and Payment. VIPRE will invoice Customer for all Fees. Invoices may be delivered to Customer by email to the Customer Representative’s email address, and are due and payable immediately upon receipt by Customer. In order to avoid interruptions in the Services caused by rejected credit or debit card charges, VIPRE reserves the right to update Customer’s credit or debit card details (such as expiration dates or new card numbers) where this is not prohibited by law. Customer understands and agrees that VIPRE is entitled to obtain such updated card details, store them and use them to bill charges.
3.4 Interest. Payment will be overdue if not paid within 30 days of the date of the applicable invoice. Overdue payments will be subject to interest of one and one-half percent (1½%) for each month (18% per annum) or fraction thereof that the invoice is overdue, or the highest interest rate permitted by applicable law. Customer will reimburse VIPRE for all costs incurred in collecting overdue payments, including all of VIPRE’s legal fees, disbursements and expenses.
4. CUSTOMER OBLIGATIONS
4.1 Equipment and Services. Customer is solely responsible for obtaining, provisioning, configuring, maintaining and paying for all equipment (including without limitation computer hardware, software and telephone lines) and services necessary for Customer and Users to access and use the Services.
4.2 Customer Representative. Customer will designate from time to time an individual (the “Customer Representative”) who will act as its primary contact regarding the performance of this Agreement. The current Customer Representative is identified on the Order Form. Customer may change the Customer Representative from time to time upon written notice to VIPRE.
4.3 Customer’s Email Administrator. Customer will designate one (1) User as its mail administrator (the “Mail Administrator”) who is responsible for Customer’s technical installation and use of the Services and is authorized by Customer to request and receive from VIPRE technical support regarding Services. Customer may change the Mail Administrator from time to time upon written notice to VIPRE. Customer will ensure that the Mail Administrator has suitable qualifications and expertise regarding computer software and electronic mail systems.
4.4 Permitted Users: Customer will restrict access to and use of the Services to its Users, and at all times maintain a record of the number of Users in order to disclose same in accordance with Clause 4.8.
4.5 Acceptable Use: Customer is solely responsible and liable for Customer’s and Users’ use of the Services and any and all acts and omissions by Customer and Users. Customer will ensure that all use of the Services by Customer and Users complies with all applicable laws, this Agreement and the Acceptable Use Policy, and does not infringe third party rights.
4.6 Security and Passwords. Customer and its Users are required to use a user name and password. User names and passwords may not be shared with other persons. Customer is solely responsible for all Users’ use and misuse of user names and passwords. Customer must immediately notify VIPRE if Customer discovers or suspects any unauthorized use of the Services or that any of its Users’ user names or passwords have been lost or stolen or become known to any unauthorized person. VIPRE is not obligated to verify the actual identity or authority of the user of a user name or password. If VIPRE, in its absolute discretion, considers a password to be insecure or to have been used inappropriately, then VIPRE may immediately cancel the password without notice.
4.7 Content and Export Laws. Customer is solely responsible and liable for the content of communications sent or received by Customer and Users using the Services. Customer will comply with and ensure that its Users comply with all applicable Canadian, US, UK, EU and other applicable export laws concerning the transmission of technical data and other regulated materials using the Services.
4.8 Customer Information and Assistance. Customer will promptly notify VIPRE if it exceeds the number of Users set out in the Order Form, and will provide to VIPRE all information requested by VIPRE regarding performance of the Services or to verify the number of Accounts or Users. Customer will reasonably assist VIPRE to provide the Services and will perform such tasks as VIPRE may reasonably request, such as recording error information and installing software updates.
5. CONFIDENTIAL INFORMATION
5.1 Definition. “Confidential Information” means all non-public information, in any form and on any medium, disclosed by a Party (the “Disclosing Party”) to the other Party (the “Receiving Party”) under this Agreement, regardless of the form of disclosure, and includes without limitation and without the need to designate as confidential: (a) Customer Data (which is Customer’s Confidential Information); and (b) VIPRE’s computer software, technologies, and related documents and information (which is VIPRE’s Confidential Information); BUT DOES NOT INCLUDE any information to the extent, but only to the extent, that such information is: (a) already known to or in the possession of the Receiving Party free of any restriction at the time it is obtained from the Disclosing Party; (b) subsequently learned by the Receiving Party from a third party and without breach of this Agreement or any agreement with such third party; (c) becomes publicly available through no wrongful act of the Receiving Party; or (d) independently developed by the Receiving Party without reference to any Confidential Information.
5.2 Duty to Protect; Permitted Disclosures. The Confidential Information will only be used by a party for the purposes of carrying out the obligations of, or as otherwise contemplated by this Agreement. Notwithstanding the foregoing, the Receiving Party may disclose the Disclosing Party’s Confidential Information to the extent such disclosure is required by a valid order of a court, tribunal or governmental body or institution of competent jurisdiction and authority or by applicable law, provided that before making any such disclosure the Receiving Party gives reasonable notice to the Disclosing Party of the potential disclosure and reasonably assists the Disclosing Party in seeking a protective order preventing or limiting the potential disclosure or use of the Confidential Information. VIPRE may disclose Customer Data and personally identifiable information regarding Customer and Users to a governmental body or institution if VIPRE has reasonable grounds to believe the information could be useful in the investigation of unlawful activity.
5.3 Return and Destruction of Confidential Information: Upon termination of this Agreement or at any time upon request by the Disclosing Party, the Receiving Party will promptly deliver to the Disclosing Party all originals and copies of the Disclosing Party’s Confidential Information and delete all the Disclosing Party’s Confidential Information from any and all of the Receiving Party’s sources, or systems.
5.4 Monitoring Service Use; Disclosure of Aggregated Data: Notwithstanding any other provision of this Agreement, VIPRE may in its absolute discretion (i) monitor the use of the Services by Customer and Users without any further notice or any liability to Customer or any other person; and (b) disclose to other persons aggregated, non-identifiable information regarding the use of the Services by Customer and Users.
6. PROPRIETARY RIGHTS
6.1 VIPRE Ownership: As between the Parties, VIPRE owns and retains all right, title and interest (including without limitation all copyrights, patents, moral rights, trademark rights and other intellectual property and industrial property rights) in, to and associated with the Services and all Software and technology used to provide the Services and related documents and information. Customer and Users will not acquire any right, title or interest in or to any software or technology provided by VIPRE for use by Customer or Users as part of the Services.
6.2 Customer Ownership: As between the Parties, Customer owns and retains all right, title and interest in, to and associated with Customer Data, except that Customer grants to VIPRE a non-exclusive, royalty free, non-transferable license during the Term to access, copy, and otherwise use Customer Data for the purpose of providing the Services and fulfilling its obligations under this Agreement. Customer is solely responsible for, and bears all risks and liabilities associated with, all Customer Data. Customer and VIPRE agree that the Data Processing Terms are incorporated and form part of this agreement.
7. REPRESENTATIONS, DISCLAIMERS AND REMEDY
7.1 Mutual Representations and Warranties. Each Party represents and warrants that it has all requisite power, authority and approvals to enter into, execute and deliver this Agreement and to perform fully its obligations under this Agreement, and its entering into this Agreement and performance of this Agreement will not conflict with, or result in the breach of, any express or implied obligation or duty (contractual or otherwise) that it now or in the future owes to any other person.
7.2 NO OTHER WARRANTIES. EXCEPT FOR THE EXPRESS REPRESENTATIONS AND WARRANTIES SET FORTH IN CLAUSE 7.1, THE SERVICES ARE PROVIDED ON AN “AS IS” AND “AS AVAILABLE” BASIS, AND WITHOUT ANY REPRESENTATIONS, WARRANTIES, CONDITIONS OR GUARANTEES OF ANY NATURE OR KIND WHATSOEVER, WHETHER EXPRESS, IMPLIED OR STATUTORY, OR ARISING FROM CUSTOM OR TRADE USAGE OR BY ANY COURSE OF DEALING OR COURSE OF PERFORMANCE, INCLUDING, WITHOUT LIMITATION, ANY WARRANTY OF FITNESS FOR A PARTICULAR PURPOSE, LACK OF NEGLIGENCE, OR MERCHANTABILITY, ALL OF WHICH ARE HEREBY DISCLAIMED BY VIPRE TO THE FULLEST EXTENT PERMITTED BY LAW. WITHOUT LIMITING THE GENERALITY OF THE FOREGOING, VIPRE DOES NOT REPRESENT, WARRANT, OR GUARANTEE THAT THE SERVICES WILL MEET CUSTOMER’S OR ANY USER’S NEEDS OR BE FREE FROM ERRORS OR THAT THE SERVICES WILL BE UNINTERRUPTED.
7.3 GENERAL DISCLAIMER. USE OF THE SERVICES IS AT CUSTOMER’S AND USERS’ OWN RISK. THE SERVICES MAY BE AFFECTED BY NUMEROUS FACTORS BEYOND VIPRE’S CONTROL, AND MAY NOT BE CONTINUOUS OR UNINTERRUPTED OR SECURE. SECURITY AND PRIVACY RISKS CANNOT BE ELIMINATED. PASSWORD PROTECTION MAY NOT PREVENT UNAUTHORIZED ACCESS TO CUSTOMER DATA OR OTHER INFORMATION CUSTOMER OR USERS MAY USE IN CONNECTION WITH THE SERVICES. CUSTOMER WILL REMAIN SOLELY AND EXCLUSIVELY RESPONSIBLE FOR CUSTOMER’S AND USERS’ USE OF THE SERVICES AND THE CONTROL, SECURITY AND CONFIDENTIALITY OF CUSTOMER DATA. VIPRE IS NOT OBLIGATED TO VERIFY THE IDENTITY OF USERS. NOR IS VIPRE RESPONSIBLE OR LIABLE FOR UNAUTHORIZED ACCESS TO OR ALTERATION, THEFT OR DESTRUCTION OF CUSTOMER DATA THROUGH ACCIDENT, FRAUDULENT MEANS OR DEVICES, OR ANY OTHER METHOD. CUSTOMER HEREBY ACKNOWLEDGES THAT THE INTERNET IS NOT A SECURE MEDIUM, MAY BE INHERENTLY UNRELIABLE AND SUBJECT TO INTERRUPTION OR DISRUPTION, AND MAY BE SUBJECT TO INADVERTENT OR DELIBERATE BREACHES OF SECURITY.
7.4 NO RESPONSIBILITY FOR THIRD PARTY CLAIMS. CUSTOMER IS SOLELY LIABLE AND RESPONSIBLE FOR ANY AND ALL CLAIMS AND PROCEEDINGS DIRECTLY OR INDIRECTLY ARISING FROM, CONNECTED WITH OR RELATING TO THE USE OF THE SERVICES BY CUSTOMER, USERS, OR ANYONE USING CUSTOMER’S OR USERS’ USER NAME OR PASSWORD, CUSTOMER’S BREACH OF THIS AGREEMENT, CUSTOMER’S VIOLATION OR INFRINGEMENT OF THE RIGHTS OF OTHER PERSONS, USERS’ VIOLATION OF THE ACCEPTABLE USE POLICY, OR CUSTOMER’S OR USERS’ VIOLATION OF ANY APPLICABLE CIVIL OR CRIMINAL LAW. VIPRE DISCLAIMS ANY AND ALL RESPONSIBILITY AND LIABILITY REGARDING ALL SUCH MATTERS TO THE FULLEST EXTENT PERMITTED BY LAW.
8. LIMITATION OF LIABILITY
8.1 LIMITATION OF LIABILITY.NOTWITHSTANDING ANY OTHER PROVISIONS OF THIS AGREEMENT TO THE CONTRARY, AND REGARDLESS OF THE FORM OF CLAIM, INCLUDING BUT NOT LIMITED TO WHETHER IN CONTRACT OR IN TORT (INCLUDING NEGLIGENCE) OR WHETHER FROM BREACH OF THIS AGREEMENT, IN NO EVENT WILL VIPRE OR ANY OF ITS AFFILIATES BE LIABLE FOR ANY INDIRECT, INCIDENTAL, CONSEQUENTIAL, EXEMPLARY OR PUNITIVE DAMAGES OF ANY PERSON OR FOR LOSS OF ACTUAL OR ANTICIPATED PROFITS, LOSS OF DATA, LOST SAVINGS OR OTHER ECONOMIC LOSS OF ANY PERSON, IRRESPECTIVE OF WHETHER VIPRE HAS BEEN ADVISED OR SHOULD BE AWARE OF THE POSSIBILITY OF SUCH DAMAGE. CUSTOMER FURTHER AGREES THAT UNDER NO CIRCUMSTANCES WILL THE TOTAL AGGREGATE LIABILITY OF VIPRE UNDER THIS AGREEMENT TO CUSTOMER OR ANY OTHER PERSON EXCEED THE SUM EQUAL TO TWELVE MONTHS OF THE FEES PAID BY CUSTOMER TO VIPRE UNDER THIS AGREEMENT. IN THIS CLAUSE, “VIPRE” INCLUDES VIPRE AND ITS AFFILIATES AND THEIR RESPECTIVE DIRECTORS, OFFICERS, EMPLOYEES, AGENTS, REPRESENTATIVES, SUBCONTRACTORS, SUCCESSORS, PERMITTED ASSIGNS AND RELATED PERSONS. NOTHING IN THIS AGREEMENT LIMITS ANY LIABILITY FOR (A) DEATH OR PERSONAL INJURY CAUSED BY NEGLIGECE OR (B) FRAUD OR FRAUDULENT MISREPRESENTATION.
8.2 FAIR ALLOCATION OF LIABILITY. THIS AGREEMENT REPRESENTS A FAIR ALLOCATION OF RISK AND LIABILITY, WHICH IS REFLECTED IN THE FEES TO BE PAID BY CUSTOMER.
9. INDEMNIFICATION
9.1 VIPRE Indemnity. VIPRE will defend, indemnify, and save and hold Customer and its past, present and future directors, officers, employees, agents, representatives, successors, permitted assigns, related persons and each of them (collectively, the “Customer’s Indemnified Representatives”) harmless from and against any and all claims and proceedings directly or indirectly arising from, connected with or relating to any proven or unproven allegation that the Services or any part thereof, when used by Customer and Users in accordance with this Agreement, infringe or violate any intellectual, industrial or proprietary rights of a third party, excluding any such actual or alleged infringement or violation resulting from: (a) the combination of any Services with software, products or services not supplied by VIPRE; or (b) any breach by Customer of its obligations under this Agreement.
9.2 Customer Indemnity. Customer will indemnify, defend and hold harmless VIPRE and its past, present and future directors, officers, employees, agents, subcontractors, representatives, successors, permitted assigns, related persons and each of them (collectively, the “VIPRE’s Indemnified Representatives”) from and against any and all claims and proceedings directly or indirectly arising from, connected with or relating to: (a) use of the Services by Customer or Users; any negligence, misconduct, breach of this Agreement or violation of the Acceptable Use Policy by Customer, Users, or any other person for whom Customer is under this Agreement or in law responsible; (c) the suspension of Services; or (d) the termination of this Agreement.
9.3 Indemnity Procedure. The Indemnifying Party’s obligations are conditional upon the Indemnified Party and its Indemnified Representatives (if applicable): (a) giving the Indemnifying Party prompt notice of the claim or proceeding; (b) granting control of the defence and settlement of the claim or proceeding to the Indemnifying Party (provided that a claim and/or proceeding will not be settled without the prior written consent of the Indemnified Party and its Indemnified Representatives (if applicable), which consent will not be unreasonably withheld or delayed); and (c) reasonably co-operating with the Indemnifying Party regarding the defence and settlement of the claim and/or proceeding at the Indemnified Party’s expense. Notwithstanding anything contained in this Agreement to the contrary, the Indemnified Party and its Indemnified Representatives (if applicable) retain the right to participate in the defence of and settlement negotiations relating to any claim or proceeding with counsel of its own selection at its sole cost and expense.
10. TERM, TERMINATION AND SUSPENSION
10.1 Term. The initial term of this Agreement (the “Initial Term”) will be for the period specified on the Order Form commencing on the Effective Date, unless terminated earlier by either Party pursuant to this Agreement. This Agreement will automatically renew for additional one-year periods (each a “Renewal Term”) unless either Party gives notice of non-renewal to the other Party by no later than sixty (60) days before the end of the Initial Term or the then-current Renewal Term. For purposes of this Agreement, the Initial Term and each Renewal Term are referred to collectively as the “Term”. If this Agreement is terminated prior to completion of the then current Term for any reason other than due to VIPRE’s material breach of Agreement, Customer shall, within ten (10) days of the effective date of termination, pay VIPRE a termination charge (which Customer hereby acknowledges as liquidated damages reflecting a reasonable measure of actual damages and not a penalty) equal to 100% of the fees that would have been paid for the Service had the Service been provided for the entire duration of the then current Term.
10.2 Termination for Cause. Notwithstanding any other provision of this Agreement, either Party may terminate this Agreement for cause effective immediately upon delivery of notice of termination to the other Party if a Party materially breaches this Agreement and has not remedied the breach within thirty (30) days after receipt of a notice (the “Default Notice”) from the non-breaching Party identifying the breach and stating the non-breaching Party’s intention to terminate this Agreement if the breach is not remedied within thirty (30) days (the “Cure Period”), provided that such termination notice must be delivered no later than thirty (30) days after the end of the Cure Period. If the other Party does not give notice of termination to the breaching Party within that further 30 day period, and if the breach continues after the end of the Cure Period, the other Party may give a further Default Notice in respect of the breach, in which case the provisions of this Clause 10.2 shall apply in respect of that further Default Notice.
10.3 Suspension of Services or Termination by VIPRE. VIPRE may in its sole absolute discretion either suspend its provision of Services or terminate this Agreement for cause immediately upon delivery of notice to Customer if: (a) Customer becomes bankrupt, takes any step or proceeding available to it for the benefit of insolvent debtors, becomes insolvent or takes any step or proceeding for its liquidation, dissolution or winding up; (b) Customer violates the Acceptance Use Policy; or (c) Customer fails to pay any Fee when due.
10.4 Effect of Expiration or Termination. Immediately upon expiration or termination of this Agreement, Customer and all Users will cease using the Services and Customer will pay VIPRE all Fees accrued up to the date of termination without any right of deduction or setoff. Upon expiration or termination of this Agreement, VIPRE will co-operate with and provide reasonable assistance to Customer in transferring Customer Data currently stored in VIPRE’s systems to Customer or a different service provider, provided Customer pays all outstanding Fees and pays in advance VIPRE’s fees for all such services based upon VIPRE’s then-current fee schedule.
10.5 Survival. Notwithstanding anything herein to the contrary, the following provisions of this Agreement, and all other provisions necessary to their interpretation or enforcement, will survive the termination of this Agreement and will remain in full force and effect and be binding upon the Parties as applicable: Clauses 4, 5, 6, 7, 8, 9, 10, and Clauses 12.13 and 12.14.
11. MODIFICATIONS TO CUSTOMER AGREEMENT
VIPRE reserves the right to amend this Agreement at any time by sending information regarding the amendment to the email address you provided to VIPRE. YOU ARE RESPONSIBLE FOR REGULARLY REVIEWING YOUR EMAILS TO OBTAIN TIMELY NOTICE OF SUCH AMENDMENTS. YOU SHALL BE DEEMED TO HAVE ACCEPTED SUCH AMENDMENTS BY CONTINUING TO USE THE SERVICES AFTER INFORMATION REGARDING SUCH AMENDMENTS HAS BEEN SENT TO YOU. Otherwise, this Agreement may not be amended except in writing signed by both you and VIPRE.
12. GENERAL
12.1 Force Majeure. Notwithstanding any other provision of this Agreement, VIPRE will not be liable to Customer or any other person for any delay in performing or failure to perform any of its obligations hereunder if performance is delayed or prevented due to any cause or causes that are beyond VIPRE’s reasonable control, including without limitation: (a) acts of God, such as fire, lightning, storm, flood, earthquake or natural disaster; (b) war, terrorism, riot, civil unrest, commotion or acts of a public enemy; (c) labor shortages, strikes, lock-outs or other labor, industrial or trade action disputes, disruption or disturbances; (d) theft, sabotage, malicious damage, fraud, epidemic or quarantine restrictions; (e) material shortages; (f) general failure, malfunction or unavailability of power, utilities, telecommunications, data communications or related services; (g) action, demand, order, restraint, restriction, requirement, or prevention by any government or court; or (h) applicable law or regulation. Any delay or failure of this kind will not be deemed to be a breach of this Agreement by VIPRE, and the time for VIPRE’s performance of the affected obligation will be extended by a period that is reasonable under the circumstances.
12.2 Relationship of Parties. The Parties are independent contractors, and nothing in this Agreement or done pursuant to this Agreement will create or be construed to create a partnership, joint venture, agency, employment, or other similar relationship between the parties.
12.3 Assignment. Customer may not, by operation of law or otherwise, assign, transfer, delegate, sub-license or grant all or any part of this Agreement or its rights or obligations under this Agreement to any other person without VIPRE’s prior written consent, which consent may be withheld by VIPRE in its absolute discretion. Any purported transfer in violation of the prohibitions in this Clause 12.3 will be null and void.
12.4 No Third Party Beneficiaries. Nothing herein shall be construed to confer upon or give to any person other than Customer and VIPRE, and their respective successors and permitted assigns, any rights or remedies under or by reason of this Agreement. Without limiting the generality of the foregoing, Users will not have any rights hereunder.
12.5 Lawyers’ Fees. In addition to any other relief awarded in any court proceedings arising out of or relating to this Agreement, the prevailing Party will be entitled to its reasonable lawyers’ fees, disbursements and expenses.
12.6 Anti-Bribery Provisions. The Parties hereby agree that they shall comply with all applicable anti-bribery laws as well as the U.S. Foreign Corrupt Practices Act, the U.K. Bribery Act as well as any other applicable laws and regulations.
12.7 Notices. Except for electronic notices pursuant to Clause 5.3 and invoices pursuant to Clause 3.3, any notice required or permitted to be given under this Agreement will be in writing and will be delivered by personal delivery, by overnight or express courier, or by facsimile transmission to VIPRE at its head office address indicated from time to time on its website and to Customer at the address and facsimile indicated on the Order Form (the “Customer Address”), or at such other addresses and facsimile numbers as a Party may from time to time designate in a notice to the other Party. A notice delivered personally, by courier or facsimile will be deemed to have been received on the next business day following, as applicable, the date of delivery or the fax transmission (with confirming receipt), as applicable.
12.8 No Waiver. No consent or waiver by a Party to or of any breach or Default by the other Party in its performance of its obligations hereunder will be deemed or construed to be a consent to or waiver of a continuing breach or Default or any other breach or Default of those or any other obligations of that Party. No consent or waiver will be effective unless in writing and signed by both Parties.
12.9 Remedies. Except as specifically provided herein, the specific rights and remedies of a Party hereunder are cumulative and not exclusive of any other rights or remedies to which such Party may be entitled under this Agreement or at law or equity, and the Parties will be entitled to pursue any and all of their respective rights and remedies concurrently, consecutively and alternatively.
12.10 Severability. If any provision of this Agreement is held to be invalid or unenforceable for any reason, the remaining provisions will continue in full force and effect without being impaired or invalidated in any way. It is the intention of the Parties that this Agreement would have been executed without reference to any provisions that may, for any reason, be held to be invalid or unenforceable.
12.11 Counterparts and Execution by Fax. This Agreement may be executed and delivered in one or more counterparts, which may be executed and delivered by facsimile transmission, and each counterpart when so executed and delivered will be deemed an original, and all such counterparts will together constitute one and the same document.
12.12 Complete Agreement. This Agreement sets forth the entire agreement of the Parties with respect to the subject matter of this Agreement and supersedes any and all previous communications, representations, negotiations, discussions, agreements or understandings, whether oral or written, between them with respect to the subject matter of this Agreement. There are no representations, warranties, terms, conditions, undertakings or collateral agreements, express, implied or statutory, between the Parties other than as expressly set forth in this Agreement. Save as expressly provided herein, this Agreement may be modified only by a written instrument signed by both Parties or their successors or permitted assigns.
12.13 Governing Law and Venue. This Agreement will be governed by and construed in accordance with the substantive laws of (1) Ireland, if you are a customer of j2 Global Ireland Limited (2) England and Wales if you are a customer of VIPRE Security Limited, without regard to conflict of law principles. The UN Convention on Contracts for the International Sale of Goods is expressly disclaimed.
12.14 Dispute Resolution. Any dispute between the Parties arising from, connected with, or relating to this Agreement, the subject matter of this Agreement (including the Services), or the expiration or termination of this Agreement will be determined by respective courts of the England, when the law of England and Wales applies or Ireland when Irish law applies, and each shall have jurisdiction in any dispute between the Parties and the Parties consent to venue
Schedule A
VIPRE
Data Processing Terms
These Data Processing Terms will only apply to the extent that the Data Protection Legislation applies to the processing of Customer Personal Data (each as defined herein) by VIPRE on behalf of Customer. This Schedule A forms part of and is subject to the Agreement, including the General Terms and Conditions.
Terms not defined in these Data Processing Terms shall have the meaning set out in the Agreement.
1. DEFINITIONS
In these Data Processing Terms:
“Affiliate” means an entity that directly or indirectly controls, is controlled by, or is under common control with, a party;
“Customer Personal Data” means personal data contained in the Customer Data;
“Data Processing Terms” means the terms set out in this Schedule A;
“Data Protection Legislation” means, as applicable: (a) the GDPR; and/or (b) the data protection laws applicable in England and Wales or Ireland (as applicable), in each case as may be amended or supplemented from time to time;
“GDPR” means the EU General Data Protection Regulation 2016/679;
“Sub-Processors” means third parties authorised under these Data Processing Terms to process Customer Personal Data in order to provide parts of the Services and any related technical support.
The terms “controller”, “data subject”, “personal data”, “processing”, “processor” and “supervisory authority” as used in these Data Processing Terms have the meanings given in the GDPR.
2. DURATION
These Data Processing Terms shall apply for the duration of the Agreement and until the Customer Personal Data is deleted in accordance with Clause 11.
3. NATURE AND PURPOSE OF PROCESSING
3.1 The Customer expressly acknowledges and agrees that VIPRE has no control or influence over the content of the Customer Data, which will include, among other things, personal data (including name, email address and other contact details) and may also include sensitive personal data (as defined under the GDPR), in each case relating to the Customer’s or its customer’s own clients, customers, suppliers, employees, other personnel or other data subjects within the meaning of the GDPR). The types of personal data that are part of the Customer Data and the categories of data subjects to which such personal data relate may include all of the foregoing and should the Customer wish to further categorise these for incorporation herein it can notify VIPRE at any time.
3.2 The provision of the Services will include the collecting, recording, organising, structuring, storing, altering, retrieving, using, disclosing, combining, erasing and destroying of Customer Personal Data for the purpose of providing the Services and any related technical support to Customer.
3.3 In relation to the provision of the Services by VIPRE, the Customer or its customer is and shall be a Data Controller and VIPRE is and shall be a data processor. In the event that the Customer qualifies as a Data Processor, VIPRE will act as its sub Data Processor and Customer warrants to VIPRE that Customer’s instructions and actions with respect to Customer Personal Data, including the appointment of VIPRE as another processor, has been authorised by the relevant Controller.
3.4 VIPRE shall only process the Customer Personal Data in accordance with Customer’s instructions. Customer instructs VIPRE to process the Customer Personal Data to provide the Services in accordance with the Agreement and otherwise on the instructions of the contact persons designated by the Customer or such third party as the Customer has confirmed in writing is authorised to provide such instructions (an “Authorised Agent”), taking into account the nature of the Services, in each case for the sole purpose of performing its obligations under the Agreement, including any related technical support and for the duration of the Agreement. VIPRE shall immediately inform the Customer if, in its opinion, an instruction infringes the Data Protection Legislation. The Customer remains at all times fully liable for any instructions given by its contact person(s) or an Authorised Agent.
3.5 The parties acknowledge and agree that any instructions may be given by email or orally where the Customer or Authorised Agent is using VIPRE’s technical support team, provided that VIPRE shall keep a record of such oral instructions.
3.6 The Customer further acknowledges and agrees that it (and/or its customer if its customer (also) qualifies as the Controller) is responsible for determining the purposes for and manner in which the Customer Personal Data is processed and hereby undertakes that it and, where applicable, its customer has taken, and shall, throughout the duration of the Agreement, take all measures concerning the Customer Personal Data to ensure compliance with its obligations under the Data Protection Legislation, including the processing activities carried out by the Services and any authorisations required in respect of the provision of such Services by VIPRE under these Data Processing Terms.
4. VIPRE PERSONNEL
4.1 VIPRE will impose and maintain appropriate contractual obligations regarding confidentiality on any personnel authorised by VIPRE to access the Customer Personal Data.
4.2 VIPRE will implement and maintain access controls and policies in order to restrict VIPRE personnel processing Customer Personal Data to those VIPRE personnel who need to process Customer Personal Data to provide the Services to the Customer.
5. SECURITY MEASURES
5.1 VIPRE has implemented and will maintain appropriate technical and organisational security measures to prevent unauthorised access to the Customer Personal Data, unauthorised or unlawful alteration, disclosure, destruction or unlawful processing of the Customer Personal Data or accidental loss or destruction of, or damage to, the Customer Personal Data, in each case taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of processing pursuant to the Services.
5.2 Customer is solely responsible for its use of the Services, including securing the account authentication credentials, systems and devices Customer and Users use to access the Services.
6. STORAGE AND TRANSFERS OF PERSONAL DATA
6.1 Unless otherwise agreed with the Customer, VIPRE shall only process the Customer Personal Data in the United Kingdom, the EEA or in a third country covered by Article 45, subsection 1 of the GDPR.
6.2 If and to the extent Customer authorises the transfer of Customer Personal Data to a country other than those referred to in Clause 6.1, VIPRE shall only do so in accordance with a recognised compliance standard under the Data Protection Legislation for the lawful transfer of personal data to the relevant country (including, for example, the EU Standard Contractual Clauses or Binding Corporate Rules) and shall, upon request, provide the Customer with relevant information relating to any such standard it has implemented.
6.3 VIPRE recommends all transfers of Customer Personal Data are made via a secure connection such as HTTPS or SFTP. If Customer choses another method of transfer, it shall notify VIPRE no later than the date of commencement of the Services. On termination, if Customer instructs VIPRE to provide a copy of the Customer Personal Data, it shall do so in a structured, commonly used and machine readable form (for example CSV files) and shall transfer such data via a secure connection such as HTTPS or SFTP, unless otherwise instructed by Customer. If Customer instructs VIPRE to deliver the Customer Personal Data other than via encrypted VPN, Customer is solely responsible for method and destination of the transfer of such data.
7. SUB-PROCESSING
7.1 The Customer hereby specifically authorises the engagement of any VIPRE Affiliate as a sub-Processor.
7.2 Customer also generally authorises the use of third party sub-Processors by VIPRE, provided that:
(a) VIPRE shall restrict the sub-Processor’s processing of the Customer Personal Data to processing that is necessary to provide or maintain the Services;
(b) VIPRE shall enter into contractual arrangements with such sub-Processors requiring them to guarantee a similar level of data protection compliance and information security to that provided for herein to the extent applicable to the processing activities being provided by such sub-Processor; and
(c) if a sub-Processor fails to comply with its data protection obligations, VIPRE shall remain fully liable to the Customer for the performance (or failure of performance) of the sub-Processor’s data protection obligations.
7.3 VIPRE shall maintain an up to date list of its sub-Processors relating to any Services it provides to the Customer. VIPRE shall provide the list to the Customer upon written request.
7.4 VIPRE will, by email notification to the Customer Representative, notify the Customer if any new sub-Processor is appointed during the Term and Customer shall have the opportunity to object to the use of such sub-Processor. If the Customer:
(a) does not respond (in writing) within 30 days from the date of the notification, it will deemed to have given its authorisation to the use of such sub-Processor;
(b) responds by refusing (in writing) its authorisation and a mutually acceptable resolution to such refusal cannot be agreed, it may terminate the service or that part of the service which is provided by VIPRE using the relevant sub-Processor. This termination right is Customer’s sole and exclusive remedy if Customer objects to any new third party Sub-processor.
7.5 Notwithstanding sub-sections 7.1 to 7.4 above, and subject to applicable law, VIPRE may freely use sub-contractors or suppliers that do not qualify as processors under the Data Protection Legislation, including but not limited to energy suppliers, equipment suppliers, transport suppliers, technical service providers, hardware vendors etc.) without having to inform or seek prior authorisation from the Customer.
8. ASSISTANCE WITH DATA SUBJECT REQUESTS
8.1 The Customer acknowledges and agrees that it shall be responsible for compliance with any requests from data subjects under Data Protection Legislation.
8.2 VIPRE agrees to provide reasonable assistance to the Customer without undue delay, taking into account the nature and functionality of the Services, in respect of the Customer’s or its customers’ obligations regarding:
(a) requests from data subjects in respect of access to or the rectification, erasure, restriction, blocking or deletion of Customer Personal Data, provided that the Customer acknowledges that where the Services functionality so permits, such actions shall be performed by the Customer or an Authorised Agent on its behalf and not by VIPRE;
(b) the investigation of any incident which gives rise to a risk of unauthorised disclosure, loss, destruction or alternation of Customer Personal Data and the notification to the supervisory authority and data subjects in respect of such incidents;
(c) at the sole expense and cost of the Customer, the preparation of data protection impact assessments and, where applicable, carrying out consultations with the supervisory authority.
9. DEMONSTRATING COMPLIANCE
9.1 VIPRE may use independent third party auditors to periodically verify the adequacy of the security controls that apply to the Services.
9.2 The Customer shall have right to audit VIPRE’s compliance with these Data Processing Terms by:
(a) requesting a copy of any certificate made available pursuant to Clause 9.1; and
(b) if the Customer, acting reasonably, can show that the certificate provided under Clause 9.2 is not sufficient to demonstrate VIPRE’s compliance with these Data Processing Terms or such certificate is not made available, then VIPRE agrees at the request and sole expense of the Customer (including the reasonable costs and expenses of VIPRE) to make available such other information and documents and contribute to such audits as the Customer or its authorised representative may reasonably request in order for it to audit compliance with the obligations under the Data Processing Terms, provided that such audit shall be during regular business hours, with reasonable advance notice to VIPRE and subject to reasonable confidentiality procedures. Before the commencement of any such audit, the parties shall mutually agree upon the scope, timing, and duration of the audit. Customer may not audit VIPRE more than once annually.
9.3 VIPRE shall not be required to disclose any business confidential or commercially sensitive information, other customers’ information or information that it reasonably considers could be used to compromise the security or integrity of its systems.
10. DATA BREACH
10.1 If VIPRE becomes aware of a security breach in relation to any Customer Personal Data which results in accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to Customer Personal Data, VIPRE will notify the Customer without undue delay, providing sufficient information to enable the Customer to assess the breach and its obligations regarding notifying supervisory authorities or data subject under the Data Protection Legislation. Such notification shall be provided to the Customer Representative. For the avoidance of doubt, VIPRE shall not be required to notify Customer of any unsuccessful attempts or activities that do not compromise the security of Customer Personal Data, including unsuccessful log-in attempts, pings, port scans, denial of service attacks, and other network attacks on firewalls or networked systems.
10.2 Customer is solely responsible for complying with incident notification laws applicable to Customer under the Data Protection Legislation. Notwithstanding the foregoing, the parties will cooperate and provide all reasonable assistance with respect to complying with third party notification obligations under the Data Protection Legislation.
10.3 VIPRE’s notification of or response to a data breach incident under this Clause 10 will not be construed as an acknowledgement by VIPRE or any of its Affiliates of any fault or liability with respect to the data breach.
11. DELETION OF CUSTOMER DATA
Customer herby instructs VIPRE and any sub-processors to, within three months of the date of termination of the Agreement, delete all Customer Personal Data and upon request provide written (including email) confirmation to the Customer that it has taken such measures.