- The Customer as defined below.
- Defense.com Cyber Limited trading as Bulletproof incorporated and registered in England and Wales with company number 05490180 whose registered office is at Unit 13, Gateway 1000, Whittle Way, Stevenage, Herts, SG1 2FP (‘Bulletproof’)
“Appendix” means a document attached to this Contract which contains additional Service related terms and conditions.
“Billing Frequency” means the agreed frequency billing as specified on the Order Form.
“Confidential Information” means any information supplied or made available in any form by either party to the other under or in connection with this agreement and includes (but is not limited to) information relating to software and hardware products, IT infrastructure, samples, equipment, drawings, specifications, customer characteristics and identities, trade secrets, technical information and know-how, performance or process data, cost and financial information, market opportunities, business affairs, methods of doing business, strategic marketing, business plans and any information, reports or analysis derived from the Confidential Information.
“Contract” means this MSA, the Order Form and each Appendix.
“Customer” means the party referred to as the Customer on the Order Form and any persons, third party, agents, sub-contractors, consultants, employees and those acting on their behalf.
“Data Protection Legislation” means unless and until the GDPR is no longer directly applicable in the UK, the General Data Protection Regulation ((EU) 2016/679) and any national implementing laws, regulations and secondary legislation, as amended or updated from time to time, in the UK and then any successor legislation to the GDPR.
“Data Subject” means an individual who is the subject of Personal Data.
“Features” means an individual feature that is provided as part of the Package selected by the Customer, as specified on the Order Form.
“Fees” means the applicable fees payable by the Customer in accordance with the Order Form.
“Force Majeure” means an event affecting the performance by a party of its obligations under this MSA which is caused by acts, events, omissions, happenings or non- happenings beyond the reasonable control of the affected party including strikes, lockouts and other industrial disputes (except in relation to that party’s own staff), acts of terrorism, war, riot or civil commotion;
“Good Industry Practice” means the exercise of that degree of skill, diligence and foresight which would reasonably and ordinarily be expected from a skilled and experienced service provider engaged in the provision of services similar to the Services under the same or similar circumstances as those applicable to the Contract and which are in accordance with any codes of practice published by relevant trade associations;
“Intellectual Property Rights” means patents, designs, trademarks and trade names (whether registered or unregistered), copyright and related rights, moral rights, database rights, know-how and all other intellectual property rights and similar or equivalent rights anywhere in the world which currently exist or are recognised in the future;
“Master Services Agreement or MSA” means these terms and conditions;
“Normal Business Hours” means between 09:00 hrs and 17:30 hrs on any day except a Saturday, Sunday or public or bank holiday in England and Wales;
“Order Form” means an ordering document for Services signed by an authorised representative of Bulletproof and completed by the Customer or the online request from Customer for Services and Bulletproof’s acceptance to supply those Services;
“Package” means the available Defense.com™ cyber security SaaS packages, each made up of various Features to suit specific Customer requirements;
“Party” means Bulletproof and/or the Customer;
“Penetration Test/s” means the process of testing the System as described in the Proposal made by Bulletproof to the Customer;
“Permitted Sub-contractor” means any third party used by Bulletproof in providing the Services;
“Personal Data” means any information relating to an identified or identifiable natural person that is processed by the Provider as a result of, or in connection with, the provision of the services under the Master Agreement; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;
“Personal Data Breach” means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, Personal Data transmitted, stored or otherwise processed;
“Scope” means the agreed scope of works for applicable Features that form part of the Services;
“Services” means cyber security related services that make up the Defense.com™ product as described on the Order Form;
“System(s)” means the systems, premises, applications and networks operated by the Customer which form the scope of the Services;
Clause, and paragraph headings shall not affect the interpretation of this agreement.
- A person includes a natural person, corporate or unincorporated body (whether or not having separate legal personality).
- Each Appendix form part of this agreement and shall have effect as if set out in full in the body of this agreement. Any reference to this agreement includes each Appendix.
- A reference to a company shall include any company, corporation or other body corporate, wherever and however incorporated or established.
- Unless the context otherwise requires, words in the singular shall include the plural and in the plural shall include the singular.
- Unless the context otherwise requires, a reference to one gender shall include a reference to the other gender.
- This agreement shall be binding on, and endure to the benefit of, the parties to this agreement and their respective personal representatives, successors and permitted assigns, and references to any party shall include that party’s personal representatives, successors and permitted assigns.
- A reference to a statute or statutory provision is a reference to it as amended, extended or re-enacted from time to time.
- A reference to a statute or statutory provision shall include all subordinate legislation made from time to time under that statute or statutory provision.
- A reference to writing or written includes fax and email.
- A reference to this agreement or to any other agreement or document referred to in this agreement is a reference of this agreement or such other agreement or document as varied or novated (in each case, other than in breach of the provisions of this agreement) from time to time.
- References to clauses and Appendices are to the clauses and Appendices of this agreement and references to paragraphs are to paragraphs of the relevant Appendix.
Any words following the terms including, include, in particular, for example or any similar expression shall be construed as illustrative and shall not limit the sense of the words, description, definition, phrase or term preceding those terms. In the event of any ambiguity or conflict, the following order of precedence shall apply:
- The Order Form;
- The Appendices; and
- This MSA
STRUCTURE OF AGREEMENT
- This MSA provides the general terms and conditions governing any Order Form entered into between Bulletproof and Customer for the provision of Services by Bulletproof.
- The Parties will enter into the Order Form by a duly authorised representative of each party signing the Order Form, and it shall become binding only upon countersignature by Bulletproof and will continue thereafter unless terminated earlier in accordance with clause 14.
BULLETPROOF’S RIGHTS AND OBLIGATIONS
In consideration of the Fees and subject to earlier termination in accordance with the terms of this MSA and each Appendix, Bulletproof will provide the Services:
- with reasonable care and skill in accordance with Good Industry Practice;
- in accordance with any specific conditions that appear on the Order Form.
- Notwithstanding the above, Bulletproof cannot however, guarantee that Services will be uninterrupted, error-free or completely secure.
- Bulletproof will use encrypted channels using strong authentication mechanisms to deliver sensitive information to the Customer.
- Bulletproof disclaims and excludes any and all warranties, terms or conditions not expressly stated in the Contract as permitted by law, including implied warranties, terms or conditions relating to the satisfactory quality and fitness for purpose. The Customer is solely responsible for the suitability of the Services chosen.
- Bulletproof will maintain an up-to-date business continuity and disaster recovery plan.
- Bulletproof may on occasions use a Permitted Sub-Contractor to assist with the Services and will carry out the appropriate due diligence to ensure the assigned tester has the required qualifications to complete the work to a high standard.
- Bulletproof will sign and return a non-disclosure agreement to the Customer if required.
- Bulletproof ensures that all equipment and software that are to be used for any applicable Tests are checked for malware.
- For Penetration Tests Bulletproof responsibilities are limited to the work defined in the agreed Scope. Any changes to the Scope must be agreed prior to the start of the Test Start Time, due to the fact that any modification might change the time allotted/resources needed and may incur additional charges.
- For any undesired adverse events caused by Bulletproof whilst carrying out the Services, Bulletproof will provide assistance to the Customer to minimise the impact caused.
THE CUSTOMER’S OBLIGATIONS
The Customer agrees that any fault with the Services which the Customer detects must be reported to Bulletproof as soon as possible either:
- by using the Defense.com™ live chat; or
- by telephone on the number listed on the contact section of the website, or
- to such other telephone number as Bulletproof may notify to the Customer from time to time for this purpose.
- Unless otherwise directed in writing by Bulletproof, the Customer shall raise any critical issues in relation to the Services by telephone.
The Customer represents and warrants:
- it has the full capacity and authority to enter into and perform this Contract and that this Contract is executed by a duly authorised representative of the Customer;
- it has the appropriate knowledge to use the Services and will be responsible for any problems resulting from any interference by the Customer;
- the performance of its obligations and use of the Services will not violate any applicable laws, rules or regulations or the rights of any third party, or cause a breach of any agreements with any third parties or unreasonably interfere with the Customers’ use of Bulletproof services;
- it is using the Services for its own or group use and will not resell the Services to any third party without the prior authorisation from Bulletproof;
- it acknowledges the Service does not include any warranty or guarantee by Bulletproof as to the security of the Systems;
with respect to pen testing the Customer acknowledges
- that it is the owner of all systems, applications, networks, premises and any other asset that are set out in the Scope section of the Contract; and
- it has the full capacity and authority to instruct Bulletproof to perform Tests on the Systems and/or applications as set out in the Scope of the Contract and will not hold Bulletproof liable for any violation of the computer misuse act 1990 nor any other local applicable laws, rules or regulations.
The Customer undertakes that:
- it will apply an appropriate level of risk management in relation to the advice or information provided by Bulletproof employees or subcontractors before taking any decisions in implementing changes to their business strategy, practices or infrastructure and will not hold Bulletproof liable in relation to any advice provided;
- it will inform Bulletproof forthwith if any of the Services are subject to interference or malfunction;
- it will provide Bulletproof with reasonable notice of any circumstances that the Customer has prior knowledge of that may affect the normal operation of the Services provided;
- it will not by any of its acts or omissions disrupt or interfere with Bulletproof’s business or the business of any of Bulletproof’s customers business;
in respect to Penetration Testing the Customer:
- acknowledges that the Tests are a snapshot in time and that it is limited to the actions set out in the Scope;
- will inform Bulletproof forthwith if any of the Systems are subject to interference or malfunction;
- will provide Bulletproof with reasonable notice of any circumstances that the Customer has prior knowledge of, that may affect the delivery of the Test;
- where such Tests are taking place on the Customer’s premises and where applicable, the Customer must ensure that there is a working space and necessary access provided to the Bulletproof’s penetration tester(s); and
- will make all necessary preparations that Bulletproof requires to enable Bulletproof to commence any applicable Penetration Tests on the Test Start Time. Where a Penetration Test is cancelled or there are delays in starting the Penetration Test through no fault of Bulletproof, Bulletproof may at its discretion charge the Customer an administration fee. Such administration fee shall include but not limited to, all unavoidable third-party costs and Bulletproof’s costs for cancellation;
The Customer prior to any Tests commencing must:
- proactively and appropriately backup all critical data from Systems that will form part of the Tests, as they may be affected during such Tests; and,
- provide any resources (such as VPN access, IP whitelisting, etc.) prior to the Penetration Test to ensure no delays during the provision of the Penetration Test.
- In the event of a breach of any of the Customer warranties or undertakings set out about, Bulletproof reserves the right to suspend the Services in accordance with clause 12 of this MSA.
- Customer agrees to provide, at the reasonable request of Bulletproof, a review of the Services for use by Bulletproof.
- This MSA shall not be deemed to assign to any party any Intellectual Property Rights belonging to the other.
- Each party retains all of its own Intellectual Property Rights, whether owned or licensed, in any documents, data, text, trademarks, brands, logos, information, specifications, drawings or other materials as one party may provide to the other parties from time to time.
- Bulletproof may use the trademark or logo of the Customer without the prior permission of the Customer.
- The Customer may use the trademark or logo of Bulletproof with the prior written permission of Bulletproof.
For the avoidance of doubt, the delivery of the Services does not and will not transfer to the Customer any right, title or interest in and to:
- any Bulletproof equipment used in providing the Services; or
- any Bulletproof proprietary technology, including services, software tools, hardware designs, algorithms, software (in source and object forms), user interface designs, architecture, class libraries, objects and documentation (both printed and electronic), network designs, know-how, trade secrets and any related intellectual property rights throughout the world (whether owned by or licensed to Bulletproof), including but not limited to any derivative works, improvements, enhancements or extensions of that proprietary technology.
- Each party agrees not to use the other’s Confidential Information except solely in connection with the performance or use of Services. Neither party shall, without the prior written consent of the other party, use or disclose the Confidential Information of the other party following completion of the Services. Each party will take all reasonable precautions to protect the other party’s confidential information, using at least the same standard of care and security measures as it uses to maintain the confidentiality of its own confidential information.
Notwithstanding the foregoing, a party (“Recipient”) may disclose the other party’s (“Discloser’s”) Confidential Information:
- to any consultants, contractors, advisers and insurers (“Representatives”) who have a need to know in connection with this Contract and who are under binding obligations of confidence; subject to clause 6.3 below; or
- to the extent required by any governmental or other regulatory authority or by a court or other authority of competent jurisdiction; provided that, the disclosing party shall, unless legally prohibited, provide the non-disclosing party with reasonable prior written notice sufficient to permit it an opportunity to contest such disclosure.
The provisions of this clause 6 shall not apply to any Confidential Information that:
- is or becomes generally freely available to the public (other than as a result of its disclosure by the Recipient or its Representatives in breach of this clause 6);
- was available to the Recipient on a non-confidential basis before disclosure by the Discloser;
- was, is or becomes available to the Recipient on a non-confidential basis from a person who, to the receiving party’s knowledge, is not bound by a confidentiality agreement with the disclosing party or otherwise prohibited from disclosing the information to the Recipient;
- was known to the Recipient before the information was disclosed to it by the Discloser;
Each party shall keep the other party’s Confidential Information confidential and shall not:
- use such Confidential Information except for the purpose of exercising or performing its rights and obligations under this agreement; or
- disclose such Confidential Information in whole or in part to any third party, except as expressly permitted by this clause 6.
- Each party shall take all reasonable steps to ensure that the other’s Confidential Information to which it has access is not disclosed or distributed by its Representatives in violation of the terms of this agreement. Notwithstanding the terms herein, the Recipient shall be fully responsible for any unauthorised disclosure or use of the Discloser’s Confidential Information by any of its Representatives.
- Notwithstanding the terms herein, the Recipient agrees not to use any of the Confidential Information or any data or information derived by the Recipient in connection with this agreement for its own use or for any commercial advantage whatsoever.
- The terms of this clause 6 shall survive termination or expiry of this agreement.
- Each party agrees to comply with all applicable requirements of the Data Protection Legislation.
- This Clause 7 is in addition to, and does not relieve, remove or replace, a party’s obligations under the Data Protection Legislation.
Where Bulletproof processes data for the Customer, Bulletproof shall be the Data Processor and the Customer shall be the Data Controller (as defined by Data Protection Legislation) and shall:
- process that Personal Data only on the written instructions of the Customer;
- ensure that it has in place appropriate technical and organisational measures, reviewed and approved by the Customer, to protect against unauthorised or unlawful processing of Personal Data and against accidental loss or destruction of, or damage to, Personal Data, appropriate to the harm that might result from the unauthorised or unlawful processing or accidental loss, destruction or damage and the nature of the data to be protected, having regard to the state of technological development and the cost of implementing any measures (those measures may include, where appropriate, pseudonymising and encrypting Personal Data, ensuring confidentiality, integrity, availability and resilience of its systems and services, ensuring that availability of and access to Personal Data can be restored in a timely manner after an incident, and regularly assessing and evaluating the effectiveness of the technical and organisational measures adopted by it);
- ensure that all personnel who have access to and/or process Personal Data are obliged to keep the Personal Data confidential; and
not transfer any personal Data outside of the European Economic Area unless the prior written consent of the Customer has been obtained and the following conditions are fulfilled:
- Bulletproof has provided appropriate safeguards in relation to the transfer;
- the data subject has enforceable rights and effective legal remedies;
- Bulletproof complies with its obligations under the Data Protection Legislation by providing an adequate level of protection to any Personal Data that is transferred; and
- Bulletproof complies with reasonable instructions notified to it in advance by the Customer with respect to the processing of the Personal Data.
- assist the Customer, at the Customer’s cost, in responding to any request from a Data Subject and in ensuring compliance with its obligations under the Data Protection Legislation with respect to security, breach notifications, impact assessments and consultations with supervisory authorities or regulators;
- notify the Customer without undue delay on becoming aware of a Personal Data breach
- at the written direction of the Customer, delete or return Personal Data and copies thereof to the Customer on termination of the Contract unless required by applicable Data Protection Legislation to store the Personal Data; and
- maintain complete and accurate records and information to demonstrate its compliance with this clause 7.3 and allow for audits by the Customer or the Customer’s designated auditor, subject to the Customer providing reasonable notice. The right to audit shall be limited to once annually, except in the case of suspected fraud or regulatory requirements.
- The Customer shall not, without the prior written consent of Bulletproof, at any time from the date on which any Services commence to the expiry of six months after the completion of such Services, solicit or entice away from the Bulletproof or employ or attempt to employ any person who is, or has been, engaged as an employee, consultant or subcontractor of the Bulletproof in the provision of such Services.
- Any consent given by Bulletproof in accordance with clause 8.1 shall be subject to the Customer paying to Bulletproof a sum equivalent to 20% of the then current annual remuneration of Bulletproof’s employee, consultant or subcontractor or, if higher, 20% of the annual remuneration to be paid by the Customer to that employee, consultant or subcontractor.
- The billing commencement date for the Services shall be the date the Order Form is executed between Bulletproof and the Customer.
Bulletproof will invoice the Customer in accordance with the agreed Fees and Billing Frequency subject to the following provisions:
- where the Billing Frequency has been specified as monthly, an invoice will be raised on a monthly basis, with the first invoice raised on execution of the Contract.
- where the Billing Frequency has been specified as annual, an initial invoice will be raised for 12 months of the agreed Fees and thereafter will be invoiced on an annual basis.
- all payments made are non-refundable.
The Customer agrees:
- at the request of Bulletproof, to sign and maintain in force, a direct debit mandate to permit Bulletproof to collect any Fees due, with payments taken 30 days from invoice date. If payment date falls on a weekend or bank holiday, payment will be taken on the first working day after the original payment date;
- that Bulletproof may charge daily interest at a rate of 8% above the Bank of England base rate on any overdue payments that have passed the 30 day payment term;
- Bulletproof shall be entitled to reimbursement of all costs and expenses incurred in connection with the recovery of any sum overdue;
- Bulletproof may issue a suspension notice if the Customer fails to pay any Bulletproof invoices more than 45 days after the invoice date. If payment is not received within 7 days of the date of issue of Bulletproof’s suspension notice Bulletproof may suspend the Services in accordance with clause 12. Without prejudice to any other remedies Bulletproof may have, Bulletproof may commence such action as is necessary to recover the debt, including termination for material breach in accordance with clause 13.3(a).
- that Bulletproof reserves the right to request upfront advanced payment where the Customer’s credit score is insufficient to meet the total value of the contract. Should the Customer not agree to an advanced payment, Bulletproof reserves the right to terminate the Contract with immediate effect.
Subject to clause 10.2 and clause 10.3, Bulletproof’s total liability to the Customer for direct loss or damages whether in contract, tort (including, without limitation, negligence or breach of statutory duty), and howsoever arising including in connection with the performance, non-performance or delayed performance of this Contract shall be limited to and shall not exceed:
- where Billing Frequency is monthly an amount that is twelve (12) times the Fees; or
- where Billing Frequency is annual, the total annual Fees as listed on the Order Form.
Bulletproof shall not be liable whether in contract, tort (including for negligence or breach of statutory duty), misrepresentation (whether innocent or negligent), restitution or otherwise for any:
- loss of profits
- loss of revenues, loss of goodwill;
- loss of contracts, loss of business opportunity
- loss of data;
- loss of business;
- depletion of goodwill or similar losses;
- pure economic loss; or
- for any indirect or consequential loss, costs, damages, charges or expenses however arising.
Nothing in this Contract limits or excludes either Party’s liability for any loss or damages resulting from:
- death or personal injury caused by its negligence; and
- any fraud or fraudulent misrepresentation.
- As the Fees for the Services properly reflect the delineation of risk between the Parties, each Party agrees to ensure that it will be responsible for making its own arrangements for the insurance of any loss in excess of its accepted legal liability as necessary.
If Bulletproof, its affiliates, or any Bulletproof employees, agents, Permitted Sub-contractors or suppliers (the “Indemnitees”) receives a claim or action by a third party arising from:
- the Customer’s actual or alleged negligence or breach of law,
- the Customer’s failure to comply with any security or access policies provided by Bulletproof under this Contract;
- breach of the Customer’s agreement with its own customers or end users,
- any damage or destruction to Bulletproof premises, any Bulletproof equipment used in providing the Services or Bulletproof network arising from the acts or omissions of the Customer; or
- any damage or destruction to the Customer equipment or the Customer data arising from the acts or omissions of the Customer.
Then the Customer will indemnify the Indemnitees and pay the cost of defending the claim or action (including reasonable legal fees) and any costs, damages award, fine or other amount that is imposed on or incurred by the Indemnitees as a result of the claim. the Customer’s obligations to indemnify the Indemnities under this clause include claims arising out of the acts or omissions of the Customer’s employees or agents, any other person to whom the Customer has given access to the Services, and any person who gains access to the Services as a result of the Customer’s failure to use reasonable security precautions, even if the acts or omissions of such persons were not authorised by the Customer.
SUSPENSION OF SERVICES
- Bulletproof may suspend the Services for non-payment of Fees in accordance with clause 9.3.5.
- If the Customer does not make payment in full of all overdue sums within 7 days of Bulletproof’s suspension of Services, the same shall constitute a non-remediable material breach of the Contract and may terminate the Contract on written notice of the Customer with immediate effect.
In addition to any other remedies available under this Contract, at law or otherwise however, Bulletproof may, in its reasonable discretion, suspend the Services with immediate effect:
- in the event of any breach by the Customer of this Contract (other than non-payment); or
- where Bulletproof has the right to terminate this Agreement;
- where Bulletproof has an express right in any Appendix to suspend all or part of the Services.
Bulletproof may at its discretion provide notice and a reasonable opportunity for the Customer to rectify the breach if practicable to do so.
- Once the Customer has rectified the breach, and provided Bulletproof has not first terminated the suspended Services, Bulletproof will promptly restore the suspended Service(s).
- Bulletproof reserves the right to recharge the Customer for any expenses incurred in reinstatement of Services once payment is received.
The Customer may terminate this agreement at the end of the Initial Term subject to the following provisions:
- 30 days written notice of termination is provided;
- all outstanding invoices are paid up-to-date; and
where Billing Frequency is monthly and the Penetration Test has been carried out, Bulletproof reserve the right to invoice a percentage of the monthly fees multiplied by twelve (“Annual Equivalent Fees”) as defined in the table below. This will also apply to each anniversary from the date of the execution of the Contract.
Time or Termination Annual Equivalent Fees 3 months or less 50% 3 – 6 months 30% 6 – 9 months 15% 9 – 12 months 0%
Either party may immediately terminate the Contract without payment of compensation or other damages caused to the other solely by such termination by giving notice to the other if any one or more of the following events happens:
- the other party commits a material breach of any term of this agreement and such breach is irremediable or (if such breach is remediable) fails to remedy that breach within a period of 30 days after being notified in writing to do so;
- the other party suspends, or threatens to suspend, payment of its debts or is unable to pay its debts as they fall due or admits inability to pay its debts or (being a company or limited liability partnership) is deemed unable to pay its debts within
- the other party commences negotiations with all or any class of its creditors with a view to rescheduling any of its debts, or makes a proposal for or enters into any compromise or arrangement with any of its creditors other than for the sole purpose of a scheme for a solvent amalgamation of that other party with one or more other companies or the solvent reconstruction of that other party;
- a petition is filed, a notice is given, a resolution is passed, or an order is made, for or in connection with the winding up of that other party (being a company) other than for the sole purpose of a scheme for a solvent amalgamation of that other party with one or more other companies or the solvent reconstruction of that other party;
- an application is made to court, or an order is made, for the appointment of an administrator, or if a notice of intention to appoint an administrator is given or if an administrator is appointed, over the other party (being a company);
- the holder of a qualifying floating charge over the assets of that other party (being a company) has become entitled to appoint or has appointed an administrative receiver;
- a person becomes entitled to appoint a receiver over all or any of the assets of the other party or a receiver is appointed over all or any of the assets of the other party;
- a creditor or encumbrancer of the other party attaches or takes possession of, or a distress, execution, sequestration or other such process is levied or enforced on or sued against, the whole or any part of the other party’s assets and such attachment or process is not discharged within 14 days;
- any event occurs, or proceeding is taken, with respect to the other party in any jurisdiction to which it is subject that has an effect equivalent or similar to any of the events mentioned in clause 13.1(b) to clause 13.1(h) (inclusive); or
- the other party suspends or ceases, or threatens to suspend or cease, carrying on all or a substantial part of its business.
- For the purposes of clause 13.3(a) material breach means a breach (including an anticipatory breach) that is serious in the widest sense of having a serious effect on the benefit which the terminating party would otherwise derive from a substantial portion of this agreement.
- Without affecting any other right or remedy available to it, Bulletproof may terminate the Contract with immediate effect by giving written notice to the Customer if the Customer fails to pay any amount due under the Contract on the due date for payment and remains in default not less than 30 days after being notified to make such payment.
CONSEQUENCES OF TERMINATION
- On termination of this MSA the following clauses shall continue in force: clause 1 (Interpretation), clause 5 (Intellectual property rights), clause 6 (Confidentiality), clause 8 (Non-solicitation), clause 10 (Limitation of liability), clause 14 (Consequences of termination), clause 18 (Waiver), clause 20 (Severance), clause 25 (dispute resolution procedure) and clause 27 (Governing law and jurisdiction).
- Termination or expiry of this agreement shall not affect any rights, remedies, obligations or liabilities of the parties that have accrued up to the date of termination or expiry, including the right to claim damages in respect of any breach of the agreement which existed at or before the date of termination or expiry.
This contract constitutes the whole agreement between the parties. Each party acknowledges that, in entering into the Contract, it has not relied on, and shall have no right or remedy in respect of, any statement, representation, assurance or warranty (whether made negligently or innocently) other than as expressly set out in the Contract. Nothing in this sub-clause shall limit or exclude any liability for fraud.
No variation of the Contract shall be effective unless it is in writing and signed by the parties (or their authorised representatives).
- The Customer shall not assign, transfer, mortgage, charge, subcontract, declare a trust over or deal in any other manner with any of its rights and obligations under this agreement.
- Bulletproof may at any time assign, mortgage, charge, declare a trust over or deal in any other manner with any or all of its rights under this agreement.
- A waiver of any right or remedy under this agreement or by law is only effective if given in writing and shall not be deemed a waiver of any subsequent breach or default.
- A failure or delay by a party to exercise any right or remedy provided under this agreement or by law shall not constitute a waiver of that or any other right or remedy, nor shall it prevent or restrict any further exercise of that or any other right or remedy. No single or partial exercise of any right or remedy provided under this agreement or by law shall prevent or restrict the further exercise of that or any other right or remedy.
RIGHTS AND REMEDIES
The rights and remedies provided under this agreement are in addition to, and not exclusive of, any rights or remedies provided by law.
If any provision or part-provision of this agreement is or becomes invalid, illegal or unenforceable, it shall be deemed modified to the minimum extent necessary to make it valid, legal and enforceable. If such modification is not possible, the relevant provision or part-provision shall be deemed deleted. Any modification to or deletion of a provision or part-provision under this clause shall not affect the validity and enforceability of the rest of this agreement.
NO PARTNERSHIP OR AGENCY
- Nothing in this agreement is intended to, or shall be deemed to, establish any partnership or joint venture between any of the parties, constitute any party the agent of another party, or authorise any party to make or enter into any commitments for or on behalf of any other party.
- Each party confirms it is acting on its own behalf and not for the benefit of any other person.
THIRD PARTY RIGHTS
Unless it expressly states otherwise, this agreement does not give rise to any rights under the Contracts (Rights of Third Parties) Act 1999 to enforce any term of this agreement.
Any notice given to a party under or in connection with this agreement shall be in writing and shall be:
- delivered by hand or by pre-paid first-class post or other next Business Day delivery service at its registered office (if a company) or its principal place of business (in any other case); or
- sent by email to the address notified by the party.
Any notice shall be deemed to have been received:
- if delivered by hand, on signature of a delivery receipt;
- if sent by pre-paid first-class post or other next Business Day delivery services, at 9.00am on the second Business Day after posting; and
- if sent by email, at 9.00am on the next Business Day after transmission.
- This clause does not apply to the service of any proceedings or any documents in any legal action or, where applicable, any arbitration or other method of dispute resolution.
This agreement may be executed in any number of counterparts, each of which when executed shall constitute a duplicate original, but all the counterparts shall together constitute the one agreement.
- If a dispute arises out of or in connection with this agreement or the performance, validity or enforceability of it (Dispute) then the parties shall follow the procedure set out in this clause:
- either party shall give to the other written notice of the Dispute, setting out its nature and full particulars (Dispute Notice), together with relevant supporting documents. On service of the Dispute Notice, the named contact of the Customer and a representative of Bulletproof shall attempt in good faith to resolve the Dispute;
- if the named contact of the Customer and a representative of Bulletproof are for any reason unable to resolve the Dispute within 30 days of service of the Dispute Notice, the Dispute shall be referred to the Director of the Customer and Director of Bulletproof who shall attempt in good faith to resolve it.
If any party is affected by a Force Majeure Event the affected party shall:
- promptly notify the other parties of the Force Majeure Event;
- keep that party informed of their continuance and of any relevant change of circumstances whilst such Force Majeure Event continues; and
- take reasonable steps to overcome the effects of the Force Majeure Event (except that this shall not require either party to settle industrial disputes or other claims on unreasonable terms).
- Subject to clause 26.1, a Force Majeure Event shall not entitle either party to terminate this MSA and neither party shall be in breach of this MSA, or otherwise liable to the other, by reason of any delay in performance or non-performance of any of its obligations due to such Force Majeure Event and the date for performance of the obligations affected (except for payment) will be deemed suspended only for a period equal to the delay caused by such Force Majeure Event.
- If the party affected by a Force Majeure Event fails to comply with its obligations under this clause 26 then no relief as set out in this clause shall be available to it and the obligations of each party shall continue in force.
- If (and so long as) a Force Majeure Event continues, then the Fees, or a fair proportion of the Fees according to the nature and extent of the Services the provision of which is prevented by the Force Majeure Event, will be suspended (and for the avoidance of doubt, no Fees shall be deemed to accrue during the suspension period).
- If (and so long as) a Force Majeure Event continues for more than 3 months, then the Customer at its sole discretion may terminate the affected Services on notice to Bulletproof.
GOVERNING LAW AND JURISDICTION
This Contract and any disputes arising therefrom (including non-contractual disputes) are governed by and construed in accordance with English law notwithstanding the jurisdiction where the Customer is based. The Customer irrevocably agrees that the courts of England shall have exclusive jurisdiction to settle any dispute which may arise out of, under, or in connection with this Contract and for those purposes irrevocably submit all disputes to the jurisdiction of the English courts. The place of performance shall be England.
‘Focus on our clients’ is one of our core values here at Bulletproof, and we accept that we aren’t perfect and the service you receive might not match up to your expectations.
In that event, the service you receive might not match up to you:
Step one: Raise your concerns
Expected time to resolution: Two working days
If you’re ever unhappy with any aspect of the service you’ve received, the first step is to discuss this with your assigned Customer Success Executive. They’re here to support you in getting maximum value from the services you’ve received and will be best placed to advise on any hiccups along the way.
You will have been introduced to your assigned Customer Success Executive shortly after signing your contract. They can be reached directly via the email address provided on your contract.
Alternatively, you can call 01438 500 093 and you’ll be put through to the right person.
Step two: Formalise your complaint
Expected time to resolution: Five working days
If you’ve been unable to resolve your issue by working directly with your Customer Success Executive, we ask that you formalise your concerns in writing to the following address:
To support us in reaching a resolution as quickly as possible, we kindly ask that you provide as much information as you can including:
- Names, times and dates
- Copies of any correspondence relevant to the complaint
- Details of your desired outcome
Your email will be picked up by our Customer Success Manager and acknowledged within two working days. Your concerns will be investigated and we aim to reach a full resolution within five working days.
Step Three: Take it further
Expected time to resolution: Ten working days
Should we be unable to reach a positive outcome through steps one and two, step three requires your complaint to be escalated to our senior Leadership team.
This can be done in writing, via your existing complaint and our Customer Success Manager will escalate your concerns to the appropriate organisational Director.
This escalation will be acknowledged by them within two working days and once the history of events has been fully reviewed and investigated, by them a formal response will be provided.
We aim to complete this process within ten working days, however, this may take longer depending on the nature and complexity of the complaint.
Our experts are the ones to trust when it comes to your cyber security
Get a quote today
If you are interested in our services, get a free, no obligation quote today by filling out the form below.