Supplemental - Hosted SOC

Where a Customer purchases hosted security operations centre services from Trustack (Hosted SOC Service), these Supplemental Terms shall apply, in addition to those in the Agreement.

 

Interpretation

 

These additional definitions apply:

Affiliate

any entity, now or hereafter existing that directly or indirectly, through one or more intermediaries, controls, is controlled by, or is under common control with the subject entity.  For purposes of this definition, “control” means direct or indirect possession of the power to direct or cause the direction of the management and policies of an entity, whether through the ownership of voting securities, by contract or otherwise.  An entity shall be considered an “Affiliate” only so long as that entity meets the foregoing definition.

Commencement Date

the date outlined in the Quotation.

Device

an endpoint or application which transfers data to the security operations centre.

Documentation

the online user instructions and help files made available for use with the Hosted SOC Service, as may be updated from time to time and notified to the Customer.

Excessive Usage

when the combined data usage of the Customer and/or Customer Affiliate(s) materially exceeds the per user parameters as set out in the Quotation or the Documentation (as the case may be).

Hosted SOC Service

the hosted security operations centre services and any related support services provided to the Customer.

Subscription Term

the subscription period for the customer’s use of the service set forth in the Quotation.

Users

Customer’s or its Affiliates’ employees, consultants, contractors, agents and third parties with whom the Customer may transact business and (a) for whom access to the Hosted SOC Services during the Subscription Term have been purchased pursuant to the Quotation, (b) who are authorised by the Customer or its Affiliates to access and use the Hosted SOC Service, and (c) who have been supplied User identifications and passwords for such purpose.

 

1. Term

These Supplemental Terms commence on the Commencement Date and will continue for the Subscription Term, after which they will remain in force and, unless otherwise agreed, shall automatically renew for successive 12 (twelve) calendar month periods (or such other period as agreed between the parties) (Renewal), subject to then current prices, until terminated by either party. Either party can terminate providing at least 60 (sixty) days’ notice to terminate, to expire no earlier than the expiry date of the Subscription Term or Renewal.

 

2. Orders, licenses, and restrictions

2.1 Subject to the terms of these Supplemental Terms, the Customer may purchase subscriptions for Devices to use the Hosted SOC Services pursuant to the Quotation. Unless otherwise specified in the Quotation:

2.1.1 the Hosted SOC Services may be used by no more than the number of Devices specified in the Quotation;

2.1.2 an unlimited number of additional Device subscriptions may be added at any time during the applicable Subscription Term, pro-rated for the remainder of the Subscription Term in effect at the time the additional Device subscriptions are added and invoiced separately from the then-existing Device subscriptions for the remainder of such Subscription Term; and

2.1.3 the added Device subscriptions shall terminate on the same date as the pre-existing Device subscriptions.

2.2 Device subscriptions are for designated Devices only and cannot be used by more than one Device, but may be reassigned to new Devices replacing former Devices that no longer require ongoing use of the Hosted SOC Services.

2.3 The Customer agrees that its purchases hereunder are neither contingent on the delivery of any future functionality or features nor dependent on any oral or written public comments made by Trustack regarding any future functionality or features. The per Device pricing references above are subject to Excessive Usage adjustments and any limitations indicated in the Quotation.

2.4 Subject to the Customer’s compliance with the terms of these Supplemental Terms, Trustack hereby grants to the Customer, during the relevant Subscription Term, a limited, non-exclusive, non-transferable:

2.4.1 right for its and any of its Affiliates’ Users to access and use the Hosted SOC Service in accordance with the Documentation; and

2.4.2 license to download any software offered to the Customer and required for access and use of the Hosted SOC Service (Downloadable Software), in each case solely for the Customer’s and its Affiliates’ internal business purposes and not for the benefit of any other person or entity.

2.5 The Customer’s use of the Hosted SOC Service may be subject to certain limitations, such as, for example, limits on storage capacity for Customer data. Any such limitations shall have no effect unless specified either in the Quotation or in the Documentation. All references to the Hosted SOC Services shall include Downloadable Software.

2.6 The Customer shall not, directly or indirectly, and the Customer shall not permit any User or third party under the Customer’s control to:

2.6.1 reverse engineer, decompile, disassemble or otherwise attempt to discover the object code, source code or underlying ideas or algorithms of the Hosted SOC Service;

2.6.2 modify, translate, or create derivative works based on any element of the Hosted SOC Service or any related Documentation;

2.6.3 rent, lease, distribute, sell, resell, assign, or otherwise transfer its rights to use the Hosted SOC Service;

2.6.4 use the Hosted SOC Service for any third party or otherwise for the benefit of any person or entity other than for the benefit of the Customer, its’ Affiliates and Users;

2.6.5 remove any proprietary notices from the Documentation;

2.6.6 publish or disclose to third parties any evaluation of the Hosted SOC Service without Trustack’s prior written consent;

2.6.7 use the Hosted SOC Service for any purpose other than its intended purpose as set out in the Documentation;

2.6.8 interfere with or disrupt the integrity or performance of the Hosted SOC Service;

2.6.9 introduce any open source software into the Hosted SOC Service; or

2.6.10 attempt to gain unauthorised access to the Hosted SOC Service or Trustack’s related systems or networks.

2.7 Except as expressly granted in these Supplemental Terms, there are no other licenses granted to the Customer, express, implied or by way of estoppel.  All rights not granted in these Supplemental Terms are reserved by Trustack.

 

3. Charges and payment terms

3.1 Unless expressly agreed to the contrary, the Customer will be invoiced either:

3.1.1 annually in advance; or

3.1.2 monthly in advance;

for the Subscription Term.

3.2 If a Customer needs to adjust the number of Devices linked to the Hosted SOC Services, then it shall contact Trustack in the first instance to discuss the type of Device, and any associated increase in costs, which shall be invoiced to the Customer accordingly.

 

4. Passwords and Security

4.1 Trustack will, on request, issue to the Customer (or each of its Affiliates designated on the Quotation, user logins and passwords for each of their Users authorised to access and use the Hosted SOC Service Administration Portal.

4.2 The Customer shall be and shall ensure that each of their Affiliates and their respective Users are, responsible for maintaining the confidentiality of all user logins and passwords and for ensuring that each user login and password is used only by the User to which it was issued.

4.3 The Customer is solely responsible for any and all access and use of the Hosted SOC Services that occurs using logins and passwords Trustack issues to any of the Customer and the Customer’s Affiliates.  The Customer shall, and shall ensure that the Customer’s Affiliates, advise its Users not to share passwords. The Customer agrees to immediately notify Trustack of any unauthorised use of any account or login and password issued to the Customer’s Users or the Customer’s Affiliates’ Users, or any other breach of security known to the Customer.  Trustack shall have no liability for any loss or damage arising from the Customer’s negligent failure to comply with the terms set forth in this paragraph 4.

4.4 Neither the Customer nor any of the Customer’s Affiliates nor any User may circumvent or otherwise interfere with any user authentication or security of the Hosted SOC Service. The Customer will as soon as is reasonably practicable notify Trustack of any breach, or attempted breach, of security known to the Customer.

4.5 Trustack will use commercially reasonable efforts to maintain appropriate administrative, physical and technical safeguards for protection of the security, confidentiality and integrity of Customer logs.

4.6 Notwithstanding the foregoing, the Customer acknowledges that, notwithstanding any security precautions deployed by Trustack, the use of, or connection to, the internet provides the opportunity for unauthorised third parties to circumvent such precautions and illegally gain access to the services and customer logs. Trustack cannot and does not guarantee the privacy, security, integrity or authenticity of any information transmitted over or stored in any system connected to or accessible via the internet or otherwise or that any such security precautions will be adequate or sufficient.

4.7 Trustack shall not:

4.7.1 modify Customer logs;

4.7.2 disclose Customer logs except as compelled by law or as expressly permitted in writing by the Customer; or

4.7.3 access Customer logs except to provide the Hosted SOC Services and prevent or address Hosted SOC Service or technical problems, or at the Customer’s request in connection with support matters.

 

5. Customer obligations

5.1 The Customer is responsible for:

5.1.1 managing the Customer system (unless Trustack manage the system on the Customer’s behalf under separate Supplemental Terms), and all computer hardware, software, modems, routers and other communications equipment necessary for the Customer, its Affiliates and their respective Users to access and use the Hosted SOC Services via the internet;

5.1.2 contracting with third party ISP, telecommunications and other service providers to access and use the Hosted SOC Services via the internet; and

5.1.3 paying all third party fees and access charges incurred in connection with the foregoing;

5.2 Except as specifically set forth in these Supplemental Terms or the Quotation or otherwise agreed in writing, Trustack shall not be responsible for supplying any hardware, software or other equipment to the Customer.

5.3 The Customer shall be solely responsible for its actions and the actions of its Users while using the Hosted SOC Service. The Customer acknowledges and agrees to:

5.3.1 abide by all local, national, and international laws and regulations applicable to the Customer’s use of the Hosted SOC Service, including but not limited to limiting the provision and storage of Customer data;

5.3.2 not to send or store data on or to the Hosted SOC Service which violates the rights of any individual or entity established in any jurisdiction;

5.3.3 not to upload in any way any information or content that contain malicious code or data that may damage the operation of the Hosted SOC Services or another’s computer or mobile device;

5.3.4 not to upload in any way any data regarding an individual’s financial or economic identity, sexual orientation, religious beliefs, medical or physical identity, including any information comprised of either special category data (as defined in the Data Protection Legislation);

5.3.5 not to use the Hosted SOC Service for illegal, fraudulent, unethical or inappropriate purposes;

5.3.6 not to interfere or disrupt networks connected to the Hosted SOC Service or interfere with other ability to access or use the Hosted SOC Service;

5.3.7 not to distribute, promote or transmit through the Hosted SOC Service any unlawful, harmful, obscene, pornographic or otherwise objectionable material of any kind or nature;

5.3.8 not to transmit or post any material that encourages conduct that could constitute a criminal offence or give rise to civil liability;

5.3.9 not to interfere with another customer’s use and enjoyment of the Hosted SOC Service or another person or entity’s use and enjoyment of similar services;

5.3.10 not to knowingly use the Hosted SOC Service in any manner that impairs the Hosted SOC Service, including without limitation to the servers and networks on which the Hosted SOC Service is provided;

5.3.11 to comply with all regulations, policies and procedures of networks connected to Hosted SOC Service and Trustack’s service providers to the extent that Trustack informs it of such regulations, policies and procedures; and

5.3.12 to use the Hosted SOC Service only in accordance with the Documentation.

5.4 The Customer acknowledges and agrees that Trustack neither endorses the contents of any Customer communications, Customer data, or other information nor assumes any responsibility for any offensive material contained therein, any infringement of third-party intellectual property rights arising therefrom, or any crime facilitated thereby. Trustack may remove any violating content posted or stored using the Hosted SOC Service or transmitted through the Hosted SOC Service, without notice to the Customer.

5.5 Notwithstanding the foregoing, Trustack does not guarantee, and does not and is not obligated to verify, authenticate, monitor or edit the Customer data, other information, or any other information or data input into or stored in the Hosted SOC Service for completeness, integrity, quality, accuracy or otherwise.  The Customer shall be responsible and liable for the completeness, integrity, quality and accuracy of Customer data and other information it provides to Trustack (directly or indirectly).

5.6 Trustack reserves the right acting reasonably to amend, alter, or modify the Customer’s conduct requirements as set forth in these Supplemental Terms at any time.  Trustack may deliver notice of such updated requirements to the Customer via e-mail or through the Hosted SOC Services.  The Customer’s continued access to and use of the Hosted SOC Service following issuance of such updated Customer requirements shall constitute the Customer’s acceptance thereof.

5.7 The Customer agrees to provide accurate, current and complete information as necessary for Trustack to communicate with Customer from time to time regarding the Hosted SOC Services. The Customer agrees to accept emails from Trustack at the e-mail addresses specified by its Users for login purposes. In addition, the Customer agrees that Trustack may rely and act on all information and instructions provided to Trustack by Users from the above-specified e-mail address.

5.8 Trustack may temporarily suspend the Customer’s, its Affiliates’ or their respective Users’ access to the Hosted SOC Service in the event that either the Customer, its Affiliates or any of their Users is engaged in, or Trustack in good faith suspects the Customer, its Affiliates’ or any of their Users is engaged in, any unauthorised conduct. Trustack will attempt to contact the Customer prior to or contemporaneously with such suspension provided, however, that Trustack’s exercise of the suspension rights herein shall not be conditioned upon the Customer’s receipt of any notification.

5.9 A suspension may take effect for the Customer’s entire account and the Customer understands that such suspension would therefore include its Affiliates and User sub-accounts. The Customer agrees that Trustack shall not be liable to the Customer, any of its Affiliates or Users, or any other third party if Trustack exercises its suspension rights as permitted by this paragraph.

5.10 Upon determining that the Customer has ceased the unauthorised conduct leading to the temporary suspension to Trustack’s reasonable satisfaction, Trustack shall reinstate the Customer’s, its Affiliates and their respective Users’ access and use of the Hosted SOC Services.

5.11 Notwithstanding anything in this paragraph to the contrary, Trustack’s suspension of the Hosted SOC Service is in addition to any other remedies that Trustack may have under these Supplemental Terms or otherwise, including but not limited to termination.  Additionally, if there are repeated incidences of suspension, regardless of the same or different cause and even if the cause or conduct is ultimately cured or corrected, Trustack may, in its reasonable discretion, determine that such circumstances, taken together, constitute a material breach.

 

6. Availability and Support

6.1 Trustack will make Hosted SOC Service available 24 hours a day provided, however, that the following are excepted from availability commitments:

6.1.1 planned downtime (with regard to which Trustack will use commercially reasonable efforts to provide at least 120 hours advance notice and routine maintenance times currently scheduled for every month, and as otherwise specified by Trustack); and

6.1.2 any unavailability caused by circumstances beyond Trustack’s reasonable control (clause 18 of the Agreement (Force Majeure)).

6.2 Enhancements to the Hosted SOC Services (made generally available at no cost to all subscribing Customers during the applicable Subscription Term) will be made available to the Customer at no additional charge. However, the availability of some new enhancements to the Hosted SOC Services may require the payment of additional fees, and Trustack will determine at its sole discretion whether access to any other such new enhancements will require an additional fee.  These terms will apply to, and the Hosted SOC Service includes, any enhancements, updates, upgrades and new modules to the Hosted SOC Service subsequently provided by Trustack to Customer hereunder.

6.3 Trustack may make a variety of support service offerings available to its Customers and will provide Customer with the level of support to which Customer is entitled based on Customer’s purchase as set out in the Quotation.

 

7. Representations and warranties: disclaimer

7.1 Trustack does not make, and hereby disclaims, any and all other express, statutory and implied warranties, including, but not limited to, warranties of merchantability, fitness for a particular purpose, noninfringement and title, quality, suitability, operability, condition, system integration, non-interference, workmanship, truth, accuracy (of data or any other information or content), absence of defects, whether latent or patent, and any warranties arising from a course of dealing, usage, or trade practice.  Any warranties made by Trustack are for the benefit of the Customer only and not for the benefit of any third party.  Any materials provided through the Hosted SOC Service are licensed and not sold. No agent of Trustack is authorised to alter or expand the warranties of Trustack as set forth herein.

7.2 Trustack does not warrant that:

7.2.1 the use of the Hosted SOC Service will be secure, timely, uninterrupted or error-free or operate in combination with any other hardware, software, system or data;

7.2.2 the Hosted SOC Service will meet the Customer’s requirements or expectations;

7.2.3 any stored data will be accurate or reliable;

7.2.4 the quality of any information or other material obtained by customer through the Hosted SOC Service will meet customer’s requirements or expectations;

7.2.5 the Hosted SOC Service will be error-free or that errors or defects in the Hosted SOC Service will be corrected; or the server(s) that make the Hosted SOC Service available are free of viruses or other harmful components. The Hosted SOC Service may be subject to limitations, delays, and other problems inherent in the use of the internet and electronic communications. Trustack is not responsible for any delays, delivery failures, or other damages resulting from such problems.