US

Solis Standard Terms of Business

 

These Master Service Terms and Conditions (including the schedule to these Terms and Conditions), together with the letter of engagement, and any applicable Statement(s) of Work agreed in writing from time to time (each a “Statement of Work”) and incorporated herein (collectively, the “Agreement”), made by and between the company identified in the Statement of Work (the “Client” or “you”) and CFC Security, Inc. DE file. No 7451204 doing business as Solis  (“Solis”, “we”, “us”, “our”), are effective on the earlier of: (i) the date Solis commences work for you, or (ii) the date set out in the initial Statement of Work (the “Effective Date”).

 

The Client and Solis are each referred to in this Agreement as a “Party” and collectively as the “Parties”. An “Affiliate” is an entity that directly or indirectly Controls, is Controlled by, or is under common Control with that party from time to time. “Control” means, possession of more than 50% of the issued share capital of a company or the possession of more than 50% of the voting rights of an entity or the legal power to direct or cause the direction of the general management of an entity, and Controls and Controlled shall be construed accordingly

1.            Services

1.1.            Solis shall perform the requested consulting and technical services as set out in each Statement(s) of Work (the “Services”) and in accordance with the terms of this Agreement.

1.2.          This Agreement will commence on the Effective Date and will continue in force until all Statements of Work signed by the Parties have been completed or terminated.

1.3.          In the event of any conflict between any Statement(s) of Work, any mutually agreed change to a Statement of Work and/or the terms of this Agreement, each a “Change Order”, and these Terms and Conditions, these Terms and Conditions shall prevail.

2.          Termination of Our Services

2.1.        The Services shall commence on the Effective Date for the period of time specified in the Statement of Work (the “Initial Term”), unless terminated earlier as provided in this Agreement. Upon expiry of the Initial Term, the Agreement shall automatically renew for such periods as specified in the Statement of Work (the “Renewal Term”).

2.2.      Either party may elect not to renew this Agreement by providing the other party with written notice of non-renewal at least 30 days’ prior to the beginning of the upcoming Renewal Term.

2.3.      Solis has the right to terminate or withdraw the Services at any time if:

2.3.1.      the Client fails to comply with the terms of this Agreement;

2.3.2.    any fact or circumstance occurs that we believe would render our continuing Services unlawful or unethical or contravene legal or regulatory requirements; or

2.3.3.    the Client fails to pay Solis’s invoices within the due period or a requested refresher of a retainer in a timely manner.

2.4.      The Services will be considered terminated at the earlier of the Client’s or our termination of the Services.

2.5.      Notwithstanding the termination of this Agreement, the Client will remain obliged to pay for all Services rendered and costs and expenses paid or incurred on Client’s behalf up to and including the date of termination and which are reasonably necessary after such termination.  Upon termination, Solis will have no further duty to the Client with respect to the Services unless otherwise specified in writing by us.

 

3.          Respective Responsibilities

Solis:

3.1.        Solis will exercise reasonable skill, care and diligence in the provision of the Services and provide the Service in all material respects in accordance with the Statement of Work(s).

3.2.      Solis will use reasonable endeavors to meet any performance dates for the Services specified in the Statement of Work(s), but any such dates shall be estimates only and time shall not be of the essence for the performance of the Services.  

3.3.      Solis will use reasonable endeavors to ensure that all information we provide to the Client, including, without limitation, the summary report, is true, accurate and complete in all material respects.

Client:

3.4.      The Client is responsible for ensuring that the information provided to Solis for the provision of the Services is accurate and complete.  Client also agrees to co-operate with Solis in the provision of the Services.

3.5.      Whenever Solis’s performance of the Services is dependent upon Client's furnishing Solis with a Client managed application, Client interfaces, connectivity, data, documents, information, materials or approvals, Client shall furnish such items in a timely fashion in a reasonable format specified by Solis, or such other format as mutually agreed by the parties in writing.

3.6.      Failure to provide Solis with accurate and complete information in a co-operative manner, or access to personnel, could impact Solis’s ability to provide any Services and could mean that the Services provided are not complete or do not appropriately take into account the Client’s specific circumstances.

3.7.       Client acknowledges that this Agreement is entered into between the Client and Solis and that Solis shall have no liability of whatsoever nature to any third party including but not limited to those designated by or engaged by the Client in relation to the Services and/or the Agreement.  Client shall be liable for acts and/or omissions of any such third party as if they were acts and/or omissions of the Client.

3.8.      Client shall at all times be responsible for the decision to implement any recommendations provided by Solis. Client understands that Solis is relying upon the information and decisions that Client provides in order to provide the Services.

3.9.      Further Client responsibilities may be specified in the relevant Statement(s) of Work or may be agreed between the parties in writing from time to time.

3.10.  Client will identify in writing to Solis the location (including by managed application, if applicable) of any Client Data that is subject to privacy laws, specifying the law or regulation applicable to such Client Data.

4.         Charges and payment

4.1.        In consideration for the provision of the Services, the Client must pay Solis the fees and charges for the Services as specified in (or calculated by reference to) each applicable Statement of Work. (“Fees”) 

4.2.      Unless specified otherwise in the applicable Statement(s) of Work payment shall be made in US$ and shall be deemed to be exclusive of any sales tax, which will be payable in addition where applicable. 

4.3.      Solis’s rates are subject to periodic review.  We will inform you of any changes proposed.

4.4.      Solis reserves the right to propose an uplift in its fees if the circumstances justify this.

4.5.      Solis charges separately for expenses and disbursements such as travelling, accommodation, couriers and out-of-pocket expenses.  Disbursements and expenses may be subject to sales tax, which will be payable in addition where applicable. 

4.6.      Solis shall submit invoices for the Fees on a monthly basis unless a Statement of Work sets out that invoices will be submitted periodically. 

4.7.      Client shall pay each invoice submitted to it by Solis, within thirty (30) days of receipt of invoice, to the bank account specified on the invoice.

4.8.      If Client fails to make any payment due to Solis under the Agreement by the due date for payment (the “Due Date”), then, without prejudice to Solis’s remedies under section 2 (Termination of Our Services):

4.8.1.     Unpaid amounts will accrue interest at the rate of 1.5% per month or the maximum amount permitted by applicable law, which is lower; and

4.8.2.   Solis may suspend all Services until payment has been made in full.

4.9.      All amounts due under the Agreement and payable by the Client to Solis shall be paid in full without any set-off, counterclaim, deduction or withholding (other than any deduction or withholding of tax as required by law).

4.10. In the case of overseas clients, where our fees are paid subject to any deduction or withholding in respect of tax, Solis reserves the right to charge Client an additional amount which will, after any deduction or withholding has been made, leave us with the same amount as we would have received in the absence of any such deduction or withholding.

4.11.     If Client has a bona fide dispute regarding any invoiced amount, Solis and Client shall work in good faith to resolve the disputed amount, provided that Client remits any undisputed invoice amount in full by the relevant Due Date. Client’s failure to pay undisputed charges amounts to Solis will be considered a material breach of the Agreement.

4.12.   Client further agrees to pay all costs of collection, including reasonable attorneys’ fees, incurred by Solis under this Agreement.

5.          Confidentiality

5.1.        The information provided by Solis under this Agreement and/or in connection with the Services (including any report or other work product prepared by Solis for you) contains and comprises confidential and proprietary information, which is the property of Solis. For the avoidance of doubt, information provided by the Client shall remain the property of the Client.

5.2.      The information provided by one Party (the “Disclosing Party”) under the Agreement to the other (the “Recipient”) may contain confidential and proprietary information, which is the property of the Disclosing Party. The Recipient shall, for the duration of this Agreement and for two years thereafter, maintain the confidentiality of any Confidential Information disclosed to it by the Disclosing Party for the purposes of this Agreement.  “Confidential information” includes, but is not limited to, the Agreement and all information that is designated as confidential or that reasonably should be understood to be confidential given the nature of the information, including, but not limited to, personally identifiable information, proprietary information, business and marketing plans, technical information, trade secrets, know-how, product plans and designs, business processes, and other non-public information.

5.3.      By receiving Confidential Information from the Disclosing Party, the Recipient agrees:

5.3.1.      not to use the Confidential Information other than for the purposes of this Agreement;

5.3.2.    to maintain adequate security measures to safeguard the Confidential Information from unauthorized disclosure, access, use, misappropriation or exploitation, and in no event use less than the same degree of care as the Recipient uses to safeguard its own Confidential Information; and

5.3.3.    keep in confidence all Confidential Information received and not make copies of, reproduce any copies of it, in whole or in part, distribute, disclose or disseminate to anyone except those officers, employees and professional advisers of the Recipient (the “Representatives”) with a need to know, provided however that such persons have been advised of the obligation to protect the Confidential Information, and its Representatives are bound by enforceable undertakings to keep the Confidential Information confidential in terms at least as onerous as the terms of this section.

5.4.      Confidential Information shall not include information which a Recipient can prove falls within one of the following categories:

5.4.1.     the information has come within the public domain through no fault of or action by the Recipient or its Representatives;

5.4.2.    the information was in the lawful possession of the Recipient prior to its disclosure under this Agreement; or

5.4.3.   the Information became lawfully available to the Recipient from a third party (other than a Representative) under no obligation of confidentiality to the Disclosing Party and who has not otherwise gained the information through improper means.

5.5.      If any portion of any disclosed Confidential Information falls within any of the above exceptions the remainder of the Confidential Information shall continue to be subject to the requirements of this Agreement.

5.6.      A Party may also disclose Confidential Information that is responsive to any discovery requests, subpoenaed by any individual or entity, or required to be produced by operation of law or court order, provided that:

5.6.1.      any privileged information is not disclosed;

5.6.2.    to the extent legally permissible, the disclosing Party provides notice to the other Party to whom the Confidential Information belongs as soon as practicable and no later than 72 hours prior to the disclosure, to provide an opportunity for that other Party to seek and injunction or other protection order allowing the Confidential Information to be regarded as confidential,

5.6.3.    the disclosing Party otherwise restricts such disclosure to the maximum extent legally permissible; and

5.6.4.    subject to such disclosure, such disclosed Confidential Information shall in all respects remain subject to the restrictions set out in this Agreement.

5.7.       In addition, the Client agrees and acknowledges that Solis may disclose the Client’s Confidential Information to certain Affiliates, officers, agents, subcontractors and employees of Solis and to insurers/reinsurers:

5.7.1.       as necessary to perform the Services or in connection with the administration of Client’s service (where applicable) and so long as such other persons are subject to confidentiality obligations no less restrictive than those under this Agreement; and

5.7.2.    on an anonymized basis, for the purpose of compiling internal statistical information and reporting statistics in promotional or advertising material.

6.          Data protection

6.1.        Parties shall at all times comply with all laws and regulations applicable to any data shared under this Agreement, including  “personal data,” “personally identifiable information,” “personal information,” or similar term under applicable privacy and data protection laws (“Personal Data”) and Confidential Information, and confirm they have implemented and will continue to maintain appropriate protections and measures in relation to such data.

 

6.2.      This section 6 together with Solis’s privacy notice (together our “Data Protection Notice”) provides detailed information about how Solis processes personal data.  A copy of CFC’s Response’s privacy notice is available here. Such data may relate to Client or Client’s personnel, which is required for administration of the Services, and may include Personal Data recovered from hard drives or computer systems which we will process. Where Client provides such information to Solis, Client warrants that it has the right to use and process such information for the purposes of this Agreement. Client warrants that (a) Client has the necessary consent and authority to provide Personal Data, Confidential Information, or other data to Solis; and (b) to Client’s knowledge, providing Personal Data, Confidential Information, or other data to Solis will not violate any applicable law or regulation or any agreements with a third party.  If Client becomes subject to any change in applicable law or regulation that restricts or prohibits the performance of the Services, Client shall promptly provide Solis with written notice of such change.  If Solis reasonably believes that such change in applicable law or regulation may materially impair its performance of the Services, the Parties will negotiate in good faith and shall mutually agree upon any necessary modifications to Solis’s obligations to perform the Services as set forth in the attached Statement(s) of Work.

 

6.3.      Solis may share personal data with other members of its Affiliates and/or external forensic vendors where necessary in connection with any services delivered to you.

6.4.      Where the Client has shared personal data with a third party, the Client agrees that such personal data may be shared by that third party with Solis in connection with the provision of the Services.

 

6.5.      Client has a right to approach Solis with questions concerning the data protection measures Solis has in place.  Solis will provide reasonable cooperation with Client designed to comply with these standards.

 

6.6.      Where necessary, Parties shall assist one another to comply with data protection requirements regarding international transfer, including where necessary, assisting one another to enter into such agreements, or documentation as may be required in order to ensure that the data protection law obligations regarding international transfers are met.

 

6.7.      If required by applicable law upon termination of this Agreement, Solis shall return to the Client or destroy any Personal Data it still has in its possession, or inform the Client of any obligation to retain Personal Data.

 

CCPA compliance

 

6.8.      Where a project is subject to state or federal privacy data protection laws in the United States, including but not limited to the California Consumer Privacy Act, Cal. Civ. Code. 1798.100, as amended, or equivalent state laws that would regulate Solis’s processing of Personal Data, clauses 6.8 to 6.16 will apply to Solis’s processing of Personal Data.

 

6.9.      For the purposes of this section of the Agreement, Client shall be deemed a “business” or a “controller” as those terms are defined by applicable privacy and data protection laws, and Solis shall be the “service provider” or processor.

 

6.10. The performance of services under the Agreement shall deemed to be the documented instructions of Client. Solis shall process Personal Data only in furtherance of its scope of work and may not sell or share such data (as such activities are defined by law) with third parties.

 

6.11.    Solis may not use or disclose Personal Data for any purpose other than the performance of the services. Solis may disclose Personal Data to its own service providers, subprocessors, or subcontractors on conditions no less restrictive than those here.

 

6.12.  In the event that Solis determines that it cannot observe the restrictions in this Agreement or under applicable privacy and data protection laws, it shall promptly inform client.

 

6.13.  Client may request information reasonably necessary to verify Solis’s compliance with the terms of the Agreement.

 

6.14.  Upon the notice provided above or otherwise, Client may take such steps as reasonably necessary to prevent the processing of Personal Data in violation of this Agreement or applicable privacy and data protection laws.

 

6.15.  In the event that Solis receives a data subject request related to data being processed under the Agreement, it shall refer such request without undue delay to Client. Client shall be solely responsible for evaluating any data subject rights. Solis will provide reasonable cooperation, where necessary, to execute on Client’s handling of data subject requests.

 

6.16.  To the extent that the performance of services requires the handling of Protected Health Information (PHI) as defined by the Health Insurance Portability and Accountability Act of 1996, the parties shall enter a Business Associate Agreement. Identification of such a requirement is the sole responsibility of Client, and to the extent that HIPAA compliance incurs additional expenses, Solis reserves the right to bill Client for those.

7.          Intellectual Property Rights

7.1.         The Client acknowledges that Solis may use Solis’s intellectual property to provide the Services to other clients, and Client may obtain access to certain Solis intellectual property as a result of Solis’s performance of the Services. 

7.2.       Each Party acknowledges that all rights, title, and interest in any copyright and all other intellectual property rights (“Intellectual Property Rights”) owned or licensed by the other Party up until the Effective Date and any modifications made to such intellectual property rights shall remain the property of that Party.

7.3.       Subject to section 7.2, Intellectual Property Rights developed or created by or on behalf of Solis or any agent or employee of Solis (or its Affiliates) in relation to the provision of the Services under this Agreement, and all derivative works thereof shall vest in Solis.  For the avoidance of doubt, this includes: any processes, instructions, methods, techniques, reports and other work products created or developed by Solis and or its licensors. 

7.4.      Solis hereby licenses such Intellectual Property Rights to the Client on a revocable, non-exclusive, non-transferable, limited basis, subject to:

7.4.1.      payment of the Fees as specified in the applicable Statement(s) of Work;

7.4.2.    payment of such fees or royalties as shall be necessary to comply with any relevant legislation; and

7.4.3.    such reasonable terms, of which Solis will notify the Client, as may be necessary to protect such Intellectual Property Rights.

7.5.       The Client shall not sub-license, assign or otherwise transfer the rights granted by section 7.4.

7.6.       The Client agrees to grant Solis a revocable, non-exclusive, royalty-free right and license to copy, configure, access, operate and use:

7.6.1.       any Personal Data relating to the Client or the Client’s personnel;

7.6.2.    the Client's systems, software, online mailboxes, hardware, computers, networks, virtual machines, equipment, on premise and cloud servers and/or any other data storage systems owned or operated by or on behalf of the Client ("Client Systems") and any network and security documentation concerning Client Systems (including the Client's asset and network repositories, network topology, security configuration, server log files, email servers, registry keys, audit logs and other business information and account login credentials or passwords),

 

in each case, during the course of and for the purpose of providing the Services.

 

7.7.       The Client agrees to defend, release, and hold Solis harmless, and to reimburse and indemnify Solis, against all loss and damage suffered, paid or incurred by Solis as a result of any claim that the use or access to any of the Client Systems or the transmission, storage, disclosure, access, processing or use of Personal Data by Solis infringes the Intellectual Property Rights or other rights of any person or breaches any applicable law.

8.         Warranties

8.1.        Solis warrants to the Client that the Services will be provided using reasonable care and skill.

8.2.      TO THE FULLEST EXTENT PERMITTED BY APPLICABLE LAW, THE SERVICES AND ANY ITEMS PRODUCED UNDER THIS AGREEMENT, INCLUDING, BUT NOT LIMITED TO, DATA, REPORTS, DOCUMENTATION, DELIVERABLES, HARDWARE, AND SOFTWARE OF ANY KIND, AND ANY RECOMMENDATIONS OR CONCLUSIONS CONTAINED THEREIN, ARE PROVIDED “AS IS.”

8.3.      SAVE AS EXPRESSLY WARRANTED HEREIN SOLIS MAKES NO OTHER WARRANTY, EXPRESS OR IMPLIED, THAT THE SERVICES WILL RENDER CLIENT’S NETWORK AND SYSTEMS SAFE FROM MALICIOUS CODE, INTRUSIONS, OR SECURITY BREACHES OR THAT THE SERVICES WILL BE UNINTERRUPTED OR ERROR-FREE.

8.4.      TO THE FULLEST EXTENT PERMITTED BY LAW AND REGULATION, SOLIS EXPRESSLY DISCLAIMS ALL REPRESENTATIONS, WARRANTIES AND CONDITIONS, EITHER EXPRESS OR IMPLIED, IN RELATION TO THE SERVICES AND SPECIFICALLY EXCLUDES ALL OTHER WARRANTIES.

8.5.      Client’s sole and exclusive remedy (and Solis’s sole obligation) for breach of warranty in this section 8 is for Solis to re-perform that portion of the Services that did not comply with the warranty.  However, Client must notify Solis of the breach of warranty within thirty (30) days of delivery of the Services at issue.  If, after using reasonable endeavors, Solis is unable to correct the Services that breached the warranty, Solis’s sole remaining obligation and Client’s sole remaining remedy will be a refund to the Client of the fees paid by Client to Solis for that portion of the Services that did not comply with the warranty.

8.6.      Client warrants that all information that it has provided and will provide to Solis is, and will be, to the best of the Client’s knowledge, true, accurate and complete in all material respects.

9.          Indemnification

9.1.        Solis agrees to defend and indemnify Client from and against any third-party claim that Solis’s Services infringe any copyright and all other relevant third-party intellectual property rights issued as of the Effective Date and will pay Client any finally awarded actual costs or damages actually paid by the Client, or agreed to in settlement by Solis, provided that:

9.1.1.        Solis is promptly notified in writing of such claim;

9.1.2.      the Client grants Solis sole control of the defense and any related settlement negotiations in respect of such third-party claim; and

9.1.3.      the Client cooperates with Solis in defense of such claim.

9.2.      Solis may mitigate its responsibility under this section 9 by:

9.2.1.      replacing or modifying the Services to provide replacement Services which are functionally equivalent;

9.2.2.    obtaining the right for the Client to continue the use of the Services; or

9.2.3.    if neither section 9.2.1 or 9.2.2 are possible, then demanding the return of any infringing portion of the Services, and returning the applicable fees paid by Client for the infringing portion of the Services.

9.3.      Solis will have no obligation hereunder for any claims which arise out of or result from:

9.3.1.      the Client’s use of the Services in a manner not otherwise agreed upon or contemplated under this Agreement, where the infringement would not have occurred but for such use;

9.3.2.    the modification of the Services by Client, where the infringement would not have occurred but for the modification; or

9.3.3.    Confidential Information or materials provided by Client that are used or included in the Services.

9.4.      The rights and obligations set forth herein are Solis’s sole obligation and Client’s exclusive remedy for any infringement claim.

9.5.      Save for any infringement claim to which the indemnity in section 9.1 applies, Client agrees to defend, release, and hold Solis harmless and indemnify Solis against all third-party claims, liabilities, actions, damages, losses and costs and expenses (including reasonable professional costs and expenses) relating to, in connection with, or arising out of the Agreement, except to the extent that such claims result from Solis’s gross negligence, willful misconduct or violation of law provided that the foregoing excepted conduct was not at the direction or instructions of the Client. 

10.     Limitation of Liability – general

10.1.    PROVIDER SHALL NOT BE LIABLE TO ANY PARTY FOR INCIDENTAL, INDIRECT, CONSEQUENTIAL, SPECIAL, PUNITIVE, OR EXEMPLARY DAMAGES OF ANY KIND (INCLUDING LOST REVENUES OR PROFITS, LOSS OF BUSINESS OR LOSS OF DATA) IN ANY WAY RELATED TO THIS AGREEMENT WHETHER IN CONTRACT OR IN TORT, REGARDLESS OF WHETHER SUCH PARTY WAS ADVISED, HAD OTHER REASON TO KNOW, OR IN FACT KNEW OF THE POSSIBILITY THEREOF. PROVIDER SHALL HAVE NO LIABILITY TO CLIENT OR ANY THIRD PARTY FOR ANY FAILURE TO PERFORM THE SERVICES WHERE SUCH FAILURE OCCURS AS A RESULT OF THE ACTIONS OR INACTIONS OF CLIENT OR ANY THIRD PARTY AND/OR ANY CAUSES OUTSIDE OF PROVIDER’S DIRECT CONTROL AND NOTWITHSTANDING THE FAILURE OF ESSENTIAL PURPOSE OF ANY REMEDY.

10.2.  PROVIDER’S LIABILITY UNDER THIS AGREEMENT, WHETHER ARISING OUT OF BREACH OF CONTRACT, TORT OR OTHERWISE, WILL NOT EXCEED THE TOTAL FEES ACTUALLY PAID TO PROVIDER UNDER THE APPLICABLE ORDER FORM THAT GAVE RISE TO THE DAMAGES DURING THE 12 MONTH PERIOD PRECEDING THE DATE ON WHICH THE CLAIM AROSE AND NOTWITHSTANDING THE FAILURE OF ESSENTUAL PURPOSE OF ANY REMEDY. EXCEPT AS EXPRESSLY SET FORTH HEREIN, PROVIDER WILL NOT BE LIABLE UNDER ANY CIRCUMSTANCES FOR LOSS OF DATA OR ITS USE. CLIENT ACKNOWLEDGES THAT THE SYSTEMS, WHEN FUNCTIONING AS DESIGNED AND INTENDED, WILL NOT PREVENT OR DISABLE EVERY UNAUTHORIZED INTRUSION OR DENIAL OF SERVICE ATTACK AGAINST CLIENT’S NETWORK OR COMPUTER SYSTEMS

11.        Limitation of liability –Security Services

11.1.       Solis may provide on request by the Client the Forensics and Security Information Response Services, or any similar service provided by Solis which includes data mining, penetration testing and/or access to hard drives, servers, network and/or computer systems (together the “Security Services”).  If the Client requests in writing for the Security Services to be performed against or in relation to any systems, servers, network and/or hard drive, subject to Solis complying with its obligations under this Agreement, the Client warrants and represents that the Client has the express authority to permit Solis, its agents and contractors to perform the Security Services in relation to such systems, servers, networks and/or hard drives.  The Client will not request Security Services to be performed that would constitute any attack, hack or unauthorized access, malicious usage or unlawful activity.  The Client shall indemnify Solis, against any costs, expenses, liabilities, claims, losses and damages incurred, suffered by or claimed against Solis in relation to or in connection with the provision of the Security Services except to the extent such claim results from a breach by Solis of this Agreement.

11.2.     Solis will use commercially reasonable endeavors to: 

11.2.1.     ensure that the Security Services as specified in a Statement of Work are: performed in a timely fashion (subject to Client’s fulfilment of its obligations under this Agreement); and

11.2.2.   in the event of responding to a ransomware attack, in good faith negotiate the ransom as required and procure a means of decrypting Client’s property (the “Decryption Tool”),

in each case, subject to applicable laws,

Time shall not be of the essence for the purposes of this Agreement.

11.3.     Notwithstanding section 11.2, Solis makes no warranties in respect of the outcome of such negotiations, and the Client agrees that Solis will not be liable to the Client for any losses or damages suffered by the Client as a result of:

11.3.1.     any delay in Solis’s procurement of the Decryption Tool or failure to procure the Decryption Tool;

11.3.2.   the Decryption Tool not working as intended; or

11.3.3.   the use of any security tools, including, without limitation, any penetration tests or vulnerability scans, to detect, contain, analyze, or eradicate a security incident, including, without limitation, any ransomware or other malware infection.

11.4.     In addition, Solis is not liable for any loss of, or damage to, any data (including any Personal Data)  or systems of the Client (including the Client Systems) as a result of any existing, continuing, or new security incident, including, without limitation, a malware infection prior to Solis commencing the Services.

11.5.     The Client acknowledges that digital/computer equipment, drives, data and media may be damaged, infected, or corrupted prior to any Services (including forensic analysis) being performed, and that Solis is not responsible or liable for existing damage or further damage resulting from the Services.  Any data, especially data restored after a security incident, may contain malware and Solis recommends and Client acknowledges that it should protect itself during such restoration including advising its agents and any other recipients to take similar precautions to protect themselves. 

11.6.     Client represents and warrants that:

11.6.1.     it has the right to be in possession of, or is the owner of, all equipment, data and/or media provided to Solis hereunder,

11.6.2.   such equipment, data or media is provided for a lawful purpose, and

11.6.3.   where applicable, Client’s collection, possession, processing and transfer of such equipment, data, or media is in compliance with any and all applicable law and regulation.

11.7.     The Client acknowledges that:

11.7.1.     certain Services (including Forensics and Security Incident Response Services) are intended to probe and exploit system weaknesses which may damage vulnerable systems (including the Client systems, software, online mailboxes, hardware, computers, networks, virtual machines, equipment, on premise and cloud servers and/or any other data systems owned or operated by or on behalf of the Client (the “Client Systems”)); and.

11.7.2.   that Solis is not liable for any resulting damage to, or in connection with, any such systems (including the Client Systems) and Client should backup systems and data and take other measures it deems appropriate to protect itself as deemed necessary.

12. IT Recovery Services

12.1.    Solis will provide such IT Recovery Services to the extent set out in the Statement of Work. 

12.2.   Solis will only modify the Client's access or login credentials and/or account details in accordance with and pursuant to the Client's written instructions.

12.3.   Solis has no obligation to provide any encryption of any systems of the Client (including the Client Systems) and/or implement any data integrity, data governance, application build automation and deployment, identity and access review or data loss prevention measures or services in the course of the provision of the IT Recovery Services, except as expressly specified in a Statement of Work.

12.4.   Where expressly set out in a Statement of Work, Solis will use reasonable endeavors to restore the Client's data (including Personal Data) following a security incident if Solis has informed the Client that restoration is viable.  Except where Solis is expressly required to backup the Client's data (including Personal Data) in accordance with a Statement of Work, Solis has no other obligation to backup any of the Client's data (including any Personal Data).

12.5.   To the fullest extent permitted by law, Solis is not responsible for loss, destruction, alteration or unauthorized disclosure of any of the Client's data (including Personal Data) caused by the Client, any third party or a force majeure event (as described in section 16.116.1).

12.6.   In the event of any loss, corruption or damage to any of the Client's data (including any Personal Data), except where the loss, corruption or damage is caused by Solis 's willful misconduct and otherwise to the fullest extent permitted by law, the Client's sole and exclusive remedy will be to request a new Statement of Work, at the Solis's cost. Solis will use reasonable endeavors to restore the lost, corrupted or damaged part of any of the Client's data (including any Personal Data) from the latest back-up of any of the Client's data (including any Personal Data) that is or has been maintained by the Client.

 

13.1.  Cyber Security Consulting Services

13.1.     Solis will provide such Cyber Security Consulting Services to the extent set out in the Statement of Work.

13.2.   If a Statement of Work specifies that Solis will provide training to the Client's personnel as part of the Cyber Security Consulting Services, Solis will provide the allocated number of days of training, to be attended by an agreed number of the Client's personnel, online or at an agreed location, on the days and hours set out in the Statement of Work.  To the extent that any training is not carried out at the premises of Solis or online, the Client will be responsible for all costs and expenses of Solis's personnel in connection with travel to and attendance at the training, including with respect to accommodation, meals and transport (which costs and expenses will, for the avoidance of doubt, be reimbursable costs for the purposes of this Agreement). 

14.      Third Party software, applications and products

14.1.     In providing the Services, Solis may recommend third party software, applications, products and/or platforms that the Client or Solis may use to collect, diagnose, secure or recover any of the Client's data or systems (including the Client Systems) or to conduct digital forensics associated with any Services and/or to produce any documentation in connection with the Services or otherwise ("Third-Party Tools").

14.2.   Except as agreed in writing between Client and Provider, Third Party Tools shall be exclusively subject to terms and conditions between the third party and the Client. Client shall look exclusively to the third-party provider for any damages or liability with respect to the provision of such Third Party Tools.

14.3.   Client warrants to Solis that it has obtained any licenses, consents, regulatory certifications or approvals required to give Solis and its subcontractors or employees such rights or licenses to access, copy, distribute, use and/or modify (including creating derivative works) or install such Third Party Tools as necessary for Solis’s performance of the Services, without infringing the ownership or license rights (including patent and copyright) of the suppliers or owners of such products.

14.4.  To the maximum amount permitted by law, Solis shall have no liability of whatsoever nature to the Client in respect of the Third Party Tools. The Client will be deemed to have irrevocably released Solis from any claims that the Client may otherwise have against Solis with respect to any loss, damage or corruption caused by Third Party Tools and/or the interfacing between any Third-Party Tools and any of the Client's data or systems (including the Client Systems).

15.      Illegal Content.

15.1.     If Solis observes or otherwise encounters during the course of providing the Services any content that may be illegal, Solis may disclose such content to the Police.  To the extent Solis reasonably believes it is permitted by applicable law, Solis will notify Client of its intention to disclose the existence and/or content to the appropriate authorities.

16.      Miscellaneous

16.1.     Force Majeure. Neither Party shall be in breach of this Agreement nor liable for damages or have the right to terminate this Agreement for any delay or default in performing, or failure to perform, any of its obligations under the Agreement (with the sole exception of the Client’s payment obligations) if such delay or failure result from events, circumstances or causes beyond that Party’s reasonable control, including, without limitation, acts of God, government restrictions (including the denial or cancellation of any export or other necessary licence), change of laws, acts of terrorism, wars or insurrections, or any epidemics, pandemics, or quarantine requirements.

16.2.   No assignment. The Client must not assign, transfer, mortgage, charge, subcontract, delegate, declare a trust over or deal in any other manner with any of the Client’s rights and obligations under the Agreement without the prior written consent of  Solis.

16.3.   Subcontracting. Solis may appoint a third-party sub-contractor to perform the Services from time to time provided always that Solis shall be responsible for the acts and omissions of that third party sub-contractor as if they were acts and omissions of Solis.

16.4.   Entire Agreement. This Agreement contains the entire understanding of the Parties with respect to the subject matter contained herein and supersedes all prior agreements and understandings between the Parties with respect to such subject matter.

16.5.   Updating Terms. Solis reserves the right to make changes to these Terms and Conditions from time to time, the latest version of which can be found on the website of Solis. Client agrees to be bound by the most recent version of the Terms and Conditions.  Any changes to the Services shall be agreed in writing.

16.6.   Law and jurisdiction. THIS AGREEMENT SHALL BE GOVERNED AND CONSTRUED IN ALL RESPECTS IN ACCORDANCE WITH THE LAWS OF THE STATE OF TEXAS, WITHOUT APPLICATION OF THE CONFLICTS OF LAWS PRINCIPLES OF ANY STATE OR JURISDICTION.  Venue for any claim or demand arising out of or related in any way to this Agreement, an Order Form, or the relationship between Provider and Client shall be exclusively in the State or Federal courts located in Austin, Texas, and the parties hereto irrevocably consent to the exclusive personal jurisdiction of such courts for such claims.

16.7.   Export Assurance Client agrees to obey all applicable export laws and regulations, including those administered by the U.S. Department of Commerce (U.S. Export Administration Regulations 15 CFR 730 et seq.), and shall not export, re-export, resell, transfer, or disclose, directly or indirectly, any Work Product, or the direct product thereof, to any proscribed person, entity, or country, or foreign national thereof, unless properly authorized by the U.S. government.

16.8.   Survival:  Sections 4, 9, 10, 11 and 16 shall survive termination of this Agreement as will any other term, which by its nature, is intended to survive termination of this Agreement

16.9.   Limitation Period: Neither party may institute any action in any form arising out of this Agreement more than two (2) years after the cause of action has arisen, or in the case of non-payment, more than two (2) years from the date of last payment.

16.10.             Dispute Resolution: A Party must not start court proceedings (except proceedings seeking interlocutory relief) unless that Party has first complied with this section 16.6.


A Party claiming that a dispute, difference or question arising in connection with this Agreement has arisen ("Dispute") must give the other Party notice of the details of the Dispute ("Dispute Notice").


When a Dispute Notice is given, the Parties must, within a reasonable period following the Dispute Notice being given, meet to attempt to resolve the Dispute (acting reasonably and in good faith).

The Parties must continue to perform their respective obligations under this Agreement pending the resolution of a Dispute.

16.11.  Severance. In the event that any provision of this Agreement is determined by a court of competent jurisdiction to be invalid, such determination shall not affect the validity of any other provisions of the Agreement, which shall remain in full force and effect. 

16.12.              Variation. Except as set out in this Agreement, no variation of a Statement of Work shall be effective unless it is in writing and signed by the Parties (or their authorized representatives).

16.13.              No Third Party. A person who is not a party to this Agreement has no right under the Contracts (Rights of Third Parties) Act 1999 to enforce any term of the Agreement.

16.14.              No Waiver. No waiver by a Party of:

16.14.1.           of any term or condition of this Agreement or any right of the Party under this Agreement shall be construed as a waiver by that Party of any other term or condition or right (as the case may be),

16.14.2.         any default of, or under this Agreement by the Party shall be construed as a waiver by that Party of any other default; and

16.14.3.         any provision of this Agreement or any right or remedy of that Party under this Agreement shall be effective unless in writing and signed by that Party.

16.15.              No delay by a Party in exercising, no course of dealing by a Party with respect to, and no partial exercise by a Party of any right or remedy of that Party under this Agreement shall constitute a waiver by that Party of any other right or remedy of that Party, or future exercise of such right or remedy.

16.16.               Notices. All notices, requests, demands and other communications under this Agreement shall be in writing and shall be directed to:

CEO

CFC Security Inc
300 E. Highland Mall Blvd,

Suite 300, Austin, Texas 78752

Or via email to: inquiries.us@solissecurity.com

With a copy to legal@cfc.com

 

Notices to Client shall be sent to the address included on the Statement of Work(s) or as otherwise provided by Client to Solis from time to time. Client agrees that such notices may be sent electronically.

A notice is deemed to be received:

a)          if delivered by hand, at the time the notice is left at the proper address;

b)          if sent by pre-paid first-class post or other next working day delivery service, at 9.00 am on the second business day after posting; or

c)          if sent by email, at the time of transmission, or, if this time falls outside business hours in the place of receipt, when business hours resume.

 

 

 

Schedule 1: Privileged Work Products and Communications

In this schedule “Counsel” shall mean a law firm appointed by you.

This schedule contains additional terms which shall apply should you appoint Counsel in connection with the subject matter of this Agreement. 

Where Counsel has been appointed, Counsel shall be deemed to be a party to this Agreement for the purposes of this Schedule 1 and section 5 (Confidentiality) of these Terms and Conditions only. Where Counsel is appointed after execution of this Agreement by Client, Counsel shall be deemed to be a party with effect from the date on which Counsel was first instructed by Client.

1.1.        The parties acknowledge and agree that Counsel is fully authorized to instruct Solis on behalf of the Client.

1.2.       Counsel shall comply with the confidentiality provisions set out in section 5 (Confidentiality) of this Agreement.

1.3.       You agree that Solis will direct all communication to Counsel and include Counsel as a recipient in all communication with Client for the purposes of providing the Services.  Such communication will be regarded as confidential and be made solely for the purpose of assisting Counsel in giving legal advice to Client and subject to this Agreement

1.4.       Solis understands and agrees that information and materials received by Solis or generated by Solis and provided to Counsel as part of the Services are subject to legal privilege, including but not limited to solicitor-client, litigation, legal advice, common-interest and any other form of privilege.

1.5.       Solis shall assert and treat all communications between Solis, Counsel, and/or the Client, either oral or written, as well as any materials or information developed or received by Solis pursuant to this Agreement as confidential and privileged.