Last update: 2024.09.30
1.1. Terms used in the agreement are defined in these Terms, Special Terms, the DPA, or the CyberUpgrade service order form (“OF”).
1.2. Any entity that is directly or indirectly controlled, managed, or jointly controlled by the Client (“Client Affiliate”) and wishes to receive services under the Agreement must either (i) be specified in the OF and must adhere to the terms of the Agreement (in which case any reference to “Client” in the Agreement refers to the relevant Client Affiliate); or (ii) enter into a separate agreement with terms substantially similar to those set out in the Agreement. If a Client Affiliate is specified in the OF, the Client is responsible for any action or inaction of the relevant Client Affiliate that breaches the Agreement.
2.1. CyberUpgrade offers automated cybersecurity consulting services using the CyberUpgrade or partner systems, add-ons, and platforms (“CyberUpgrade platform” or “Platform”), which allows the Client to (i) assess their cybersecurity status; (ii) receive recommendations for necessary actions, cybersecurity measures, etc.; (iii) receive continuous improvement tasks; and (iv) perform other tasks to increase cybersecurity, as detailed in the Special Terms (hereinafter collectively and individually referred to as “Service” or “Services”). By signing the Agreement or using the CyberUpgrade platform, the Client agrees to adhere to the Agreement.
2.2. The scope of Services agreed upon by the parties is specified in the OF. Services may have technical limitations or be limited in scope, as specified in the Special Terms and OF.
2.3. CyberUpgrade has the right to entrust another entity to provide all or part of the Services under this Agreement. Any subcontracting agreement entered into or granted by CyberUpgrade does not release CyberUpgrade from any of its obligations under this Agreement, and any act or omission of a CyberUpgrade subcontractor is considered an act or omission of CyberUpgrade under this Agreement.
2.4. Services operate at all hours, but there may be periods of Service unavailability. However, CyberUpgrade makes every effort to ensure that Services are available 24/7/365.
2.5. Upon signing the Agreement and the Client adhering to the terms of this Agreement, including Chapter 4 (Representations and Warranties), CyberUpgrade will provide the Client with access to the CyberUpgrade platform to use the Services.
3.1. CyberUpgrade may occasionally amend the Agreement to reflect technical progress in services and to ensure continuous compliance with applicable mandatory laws (including, but not limited to, applicable data protection laws) (“Amendments”). Information about such Amendments will be provided by CyberUpgrade within a reasonable period (but no later than thirty (30) days before the planned effective date of the change). The amended Terms will come into effect upon being published on CyberUpgrade’s website and/or being notified to the Client by email, as specified in the OF. The Client acknowledges and agrees that using any Service after the effective date of the Amendments implies that the Client agrees with the Amendments. It is the Client’s duty and responsibility to familiarize themselves with the Amendments.
3.2. If the Amendments negatively affect the Client’s reasonable interests and it is no longer reasonable to expect the Client to adhere to the amended Agreement, the Client, having thoroughly described such impact, may terminate the Agreement.
4.1. The Client is responsible for any use of the login information for the CyberUpgrade platform. The Client must provide correct, accurate, up-to-date, and comprehensive data in their account on the CyberUpgrade platform (hereinafter referred to as “Access Data”). Except as provided in Chapter 13 (Assignment), the Client’s account may not be transferred or otherwise conveyed unless agreed to in writing by CyberUpgrade. The Client shall immediately inform CyberUpgrade of any misuse or unauthorized use of their Access Data or Client account and is responsible for their account on the CyberUpgrade platform. CyberUpgrade has the right to temporarily block the Client’s access to the CyberUpgrade platform and prevent the Client from using the Services if CyberUpgrade reasonably believes there are signs of misuse of the access data. Access will be restored to the Client as soon as such suspicions are removed and/or additional security measures are implemented (e.g., change of Access Data).
4.2. The Client is always responsible for the accuracy and correctness of their settings and information provided on the CyberUpgrade platform.
4.3. The Client acknowledges and agrees that they may have to adhere to certain third-party service provider policies, which will be presented in the CyberUpgrade platform’s user interface (hereinafter referred to as “UI”), sent to the Client’s specified email, and/or presented to the Client at the time of ordering such third-party services.
4.4. In using the Services, the Client may not (i) copy, decompile, reverse-engineer, or otherwise alter all or part of the CyberUpgrade platform, Services, accessible technical specifications and documentation (hereinafter referred to as “CyberUpgrade Material”) or create derivative works (except as permitted by law); (ii) use the Services in violation of applicable laws or transmit content (including data) that is illegal or infringes any intellectual property rights or other rights of third parties; and (iii) interfere with the operation or security of the Services and the CyberUpgrade platform. Notwithstanding the foregoing, CyberUpgrade Material may be copied to the extent necessary to use the Services.
4.5. Each Party represents and warrants that (i) it is and will be duly authorized to enter into and perform the Agreement; (ii) it can legally receive and/or provide Services under this Agreement; (iii) it will perform Services diligently, in compliance with all applicable laws and industry standards; (iv) the Services provided comply with applicable laws; and (v) there are no ongoing (or imminent) legal actions, claims, or court proceedings against it that would have a substantial negative impact on its ability to perform its obligations under the Agreement.
4.6. Each Party represents and warrants that it understands that the provided Services are of an advisory nature, and therefore CyberUpgrade assumes no responsibility if the Client experiences a cyberattack, data security breach, leak, etc. The Client confirms that they understand that it is impossible to provide any cybersecurity guarantees, as even the most advanced cybersecurity measures cannot ensure 100% protection from cyber threats. CyberUpgrade provides its recommendations based on the best industry standards and the current cybersecurity situation of the Client, and therefore does not guarantee that the Client will be 100% protected from cyber threats. The Client is solely responsible for implementing or installing CyberUpgrade’s recommendations (including recommended security actions and tools).
5.1. Certain personal data of the Client will be processed while using the services. In doing so, CyberUpgrade acts only as authorized by the Client in the Agreement and the DPA. CyberUpgrade implements and maintains technical and organizational measures related to the security of Personal Data processing.
6.1. The Client agrees that CyberUpgrade owns and retains all rights, title, and interest in the Services (or lawfully uses rights granted by third parties), including all software, databases, and other aspects and technologies related to the CyberUpgrade platform, any enhancements, modifications, or derivative works thereof, any material provided by CyberUpgrade to the Client through the CyberUpgrade platform, such as through relevant user interfaces (UI) or other means, and all intellectual property rights therein. Subject to the terms of this Agreement, CyberUpgrade grants the Client a limited, non-exclusive, non-transferable, revocable right and license to use the Services solely for activities related to this Agreement during its term. All rights not expressly granted here are reserved to CyberUpgrade or third parties owning rights in parts of the Services or Platform. The Client must use the CyberUpgrade platform only according to the instructions provided by CyberUpgrade and CyberUpgrade’s standard security procedures, about which CyberUpgrade will inform the Client.
6.2. The parties agree that the Client shall have the right to use certain material (documentation provided during the provision of Services) obtained in the course of providing Services even after the expiration of the Agreement. However, the parties agree that such use shall be solely for the Client’s needs and shall not be resold or otherwise transferred to third parties.
6.3. The Client shall not allow (and shall not permit any third party to): (a) copy or duplicate the Services; (b) reverse engineer, decompile, disassemble, or otherwise attempt to discover the source code, object code, or underlying structure, ideas, or algorithms of the Services; (c) modify or create derivative works based on the Services; (d) rent, lease, distribute, sublicense, resell, pledge, transfer or otherwise convey rights to the Services; or (e) remove or otherwise alter any proprietary notices or labels from the Services or any part thereof. Furthermore, the Client may not resell the Services.
6.4. CyberUpgrade has the right to use all data collected in the course of providing Services or related to them: (a) to fulfill its obligations under this Agreement; (b) to optimize and improve its services; (c) for analysis and general reporting purposes. If any part of the data belongs to the Client, the Client grants CyberUpgrade a non-exclusive, royalty-free license valid for the duration of the Agreement to use all such data for the purposes stated in the preceding sentence.
7.1. The fees, their application, and calculation method are described in the OF or on the website, which can be found at www.cyberupgrade.net.
7.2. All agreed fees for Services do not include value-added tax, goods and services tax, excise duty, import duties, consumption, digital, and all other taxes. The Client assumes full responsibility for the payment of all taxes from their funds.
7.3. CyberUpgrade will provide the Client with an invoice specifying the amount(s) the Client must pay for the Services provided each calendar month. Invoices will be issued no later than ten (10) calendar days from the start of the specific calendar month, unless otherwise agreed in writing by the parties.
7.4. The Client shall pay invoices into CyberUpgrade’s bank account specified in the invoice or OF, adhering to the payment terms set in the OF. Payment terms are calculated from the date of invoice issuance and presentation to the Client. Non-payment of any CyberUpgrade invoice according to the payment terms is a material breach of the Agreement.
7.5. In the event of late payment of amounts according to issued invoices, CyberUpgrade has the right to suspend the provision of Services until payment is received and to charge interest at a rate of two (2) percent per month or the highest rate permitted by law, whichever is lower. The Client will also be responsible for all reasonable costs incurred by CyberUpgrade in collecting any overdue amounts from the Client and/or Client Affiliate(s).
8.1. The Client shall indemnify and ensure that CyberUpgrade will be held harmless from all claims, as well as interests, penalties, reasonable legal and other professional expenses and costs, arising from or related to (i) the Client’s breach of obligations under the applicable DPA or applicable data protection laws; and/or (ii) the Client’s infringement of CyberUpgrade and/or third-party intellectual property rights.
9.1. EXCEPT AS EXPRESSLY STATED IN THE AGREEMENT, NEITHER PARTY MAKES ANY REPRESENTATIONS OR WARRANTIES, WHETHER EXPRESS, STATUTORY, OR IMPLIED. THE SERVICE IS PROVIDED STRICTLY ON AN “AS IS” AND “AS AVAILABLE” BASIS. UNLESS OTHERWISE STATED IN THE AGREEMENT, CYBERUPGRADE MAKES NO REPRESENTATIONS OR WARRANTIES (AND EXPRESSLY DISCLAIMS ANY SUCH REPRESENTATIONS OR WARRANTIES) THAT (I) USE OF THE SERVICE WILL BE SECURE, TIMELY, UNINTERRUPTED OR ERROR-FREE OR OPERATE IN COMBINATION WITH ANY OTHER HARDWARE, SOFTWARE, SYSTEM OR DATA; (II) THE SERVICE WILL MEET CLIENT’S REQUIREMENTS OR EXPECTATIONS; (III) ANY DATA OR REPORTS PROVIDED THROUGH THE SERVICE WILL BE ACCURATE, RELIABLE OR WITHOUT LOSS; (IV) CLIENT’S INFORMATIONAL RESOURCES WILL BE 100% SECURE AND THAT THE CLIENT WILL BE PROTECTED FROM CYBER THREATS. EACH PARTY EXPRESSLY DISCLAIMS ANY OTHER REPRESENTATIONS AND WARRANTIES, WHETHER EXPRESS, STATUTORY, OR IMPLIED, INCLUDING ANY IMPLIED WARRANTIES OF FITNESS FOR A PARTICULAR PURPOSE, TITLE, MERCHANTABILITY, COURSE OF PERFORMANCE OR USAGE OF TRADE.
10.1. EXCEPT AS EXPRESSLY STATED IN THIS SECTION (AND EXCEPT WHERE OTHERWISE PROHIBITED BY LAW IN THE APPLICABLE JURISDICTION), NO PARTY SHALL BE LIABLE TO THE OTHER FOR ANY INDIRECT LOSSES OR DAMAGE SUFFERED BY THE OTHER PARTY, INCLUDING LOST PROFITS (OR SAVED FUNDS), LOSS OF BUSINESS OPPORTUNITIES, ANY ERRORS OR INTERRUPTION OF USE, LOSS OF DATA OR TECHNOLOGY, INACCURACY OR DESTRUCTION, LOSS OF GOODWILL OR REPUTATIONAL DAMAGE, WHETHER ARISING UNDER CONTRACT, TORT (INCLUDING NEGLIGENCE) OR ANY OTHER BASIS.
10.2. SUBJECT TO THIS CLAUSE, THE TOTAL LIABILITY OF CYBERUPGRADE TO THE CLIENT ARISING UNDER THE AGREEMENT, TORT (INCLUDING NEGLIGENCE) OR OTHER CAUSES THROUGHOUT THE TERM OF THE AGREEMENT SHALL BE LIMITED TO THE GREATER OF: (I) ONE THOUSAND (1000) EUROS OR (II) THE FEES PAID BY THE CLIENT TO CYBERUPGRADE FOR THE LAST TWELVE (12) MONTH PERIOD PRIOR TO THE OCCURRENCE OF THE EVENT GIVING RISE TO THE CLAIM.
10.3. THE EXCLUSIONS AND LIMITATIONS SET FORTH IN THIS SECTION AND ELSEWHERE IN THE AGREEMENT SHALL APPLY TO THE EXTENT PERMITTED BY LAW, BUT NEITHER PARTY SHALL LIMIT ITS LIABILITY FOR: (I) DEATH OR PERSONAL INJURY CAUSED BY ITS OR ITS OFFICERS’, EMPLOYEES’, CONTRACTORS’ OR REPRESENTATIVES’ NEGLIGENCE WHILE ACTING IN THE COURSE OF THEIR DUTIES; (II) FRAUD OR FRAUDULENT MISREPRESENTATION; (III) PAYMENTS UNDER SECTION 7 (PAYMENTS); OR (IV) ANY OTHER LIABILITY WHICH CANNOT BE EXCLUDED OR LIMITED UNDER APPLICABLE LAW.
11.1. Unless terminated earlier under the Agreement, the term of the Agreement is specified in the OF (“Initial Term”) from the effective date indicated in the OF. Either party may notify the other in writing of the termination of the contract at least 30 (thirty) days before the end of the term. If the Client does not terminate the Agreement at the end of the Initial Term, the Agreement is automatically extended for the same period (the number of such term extensions is unlimited, except where the Client terminates the Agreement in the manner specified therein).
11.2. If a party (i) materially breaches the Agreement and, if such breach is curable, fails to remedy the breach within thirty (30) days of written notice thereof; or (ii) becomes insolvent or ceases its operations, the other party may terminate the Agreement immediately, having notified the other party in writing.
11.3. CyberUpgrade may immediately and without prior notice suspend or terminate the Client’s or Client Affiliate’s access to the CyberUpgrade platform and Services if, in CyberUpgrade’s reasonable opinion, the Client or Client Affiliate materially breaches the Agreement.
12.1. In the course of providing and receiving services under the Agreement, each party may become privy to the other party’s confidential information (hereinafter referred to as “confidential information”), including but not limited to specifications, business methods, marketing strategies, pricing, and terms of the Agreement. Confidential information also means CyberUpgrade material and technical documentation that CyberUpgrade may provide and share with the Client or Client Affiliates throughout the term of the Agreement.
12.2. Information is not considered confidential if it (i) is already known to the recipient or its affiliates without any obligation to keep it confidential; (ii) is or becomes publicly known due to the recipient’s or its affiliates’ wrongful acts; (iii) is received by the recipient from a third party without any confidentiality restrictions; (iv) is independently developed by the recipient or its affiliates; (v) is disclosed by the disclosing party to third parties without any confidentiality obligations or due to a valid order, condition, regulation, or law, including in response to a valid legal process, such as a court summons, provided that the responding party informs the party disclosing the Confidential Information at least ten (10) days before such response, including the submission of the legal process (such as a court summons); or (vi) is confirmed to be disclosed with prior written consent of the disclosing party.
12.3. Each party, without the prior written consent of the other party, shall not (i) transfer or otherwise make available any of the other party’s confidential information to any third party, except to its affiliates, agents, directors, employees, and authorized representatives who need to know such information; provided that the recipient obligates these affiliates, agents, directors, employees, and authorized representatives to adhere to confidentiality obligations at least as strict as those specified in this section; or (ii) use the other party’s Confidential Information for any commercial, industrial, or other purposes, except for the use or provision of Services; or (iii) copy, adapt, or otherwise reproduce the other party’s Confidential Information, except as necessary to provide Services under the Agreement. All Confidential Information (including all copies or extracts thereof) remains the property of the disclosing party. Upon request by the disclosing party, the recipient shall: a) return such material to the disclosing party or b) destroy and confirm in writing that it has been destroyed.
The Client may not assign, sublicense, or transfer the Agreement, the Client’s account on the CyberUpgrade platform, or any right or obligation under the Agreement without CyberUpgrade’s consent. Any assignment, transfer, or attempt to assign or transfer in violation of this section shall be null and void and of no effect. CyberUpgrade and its subsequent successors may assign, delegate, sublicense, or otherwise transfer the Agreement or any rights or obligations under it, in whole or in part, to any person or entity.
The Client grants CyberUpgrade permission to use its name and logo in CyberUpgrade’s sales and marketing materials. The Client may revoke this permission at any time by emailing legal@cyberupgrade.net.
Neither party shall be liable for delay or failure to perform under the Agreement due to events beyond that party’s control (“Force Majeure”). Such force majeure events include, but are not limited to, lightning, flood, hurricane, tornado, fire, war, terrorism, decisions or inaction by government authorities, and new legislation. Any party claiming a force majeure event shall notify the other party of the occurrence of the force majeure event. If force majeure circumstances continue for more than thirty (30) days, the party claiming such circumstances shall have the right to terminate the Agreement immediately, notifying the other party in writing. If the Client exercises its right to terminate the Agreement under this section, it shall promptly pay CyberUpgrade all applicable fees that have accrued, are due, and are payable to CyberUpgrade under the terms of the Agreement up to the date of such termination.
16.1. CyberUpgrade may provide notices to the Client, at CyberUpgrade’s discretion, to the email address specified in the OF, or by posting in the Client’s account on the Platform, which the Client has access to. The Client must ensure that the email address and any other contact information provided to CyberUpgrade are updated and correct throughout the term of the Agreement. Changes in the Client’s contact information (including email address for invoices) should be sent to the designated CyberUpgrade representative. The Client may contact CyberUpgrade via email as specified in the OF.
If it is determined that any provision of the Agreement is unenforceable and/or contrary to law, such provision shall be interpreted in a manner that most closely matches the parties’ intentions, while the other provisions remain in effect.
The Agreement is governed by the laws of the Republic of Lithuania. The Client and CyberUpgrade agree to the jurisdiction and venue of the courts of the Republic of Lithuania.
