Synchronized security conditions
- Definitions
- Scope
- Intellectual property rights and ownership
- License entitlement and usage
- Rights and restrictions
- Maintenance and support
- Warranty
- Indemnity
- Disclaimer of warranties
- Limitation of liability
- Product changes
- Third party software
- Compliance with applicable laws
- Term and termination
- Confidentiality and data protection
- General provisions
- Hardware
- Employee personal use
- Free trials
1. Definitions
| Affiliates | With respect to each party, entities that control, are controlled by, or are under common control with such party. For the purposes of this definition, “control” means the beneficial ownership of more than fifty per cent (50%) of the voting power or equity in an entity. |
| Agreement | The agreement between Licensee and edpnet under which edpnet makes the Service available to Licensee, and to which these Synchronized Security Terms and Conditions apply. |
| Computer | Any device or computing environment which benefits from the Licensed Product (for example but without limitation, workstations, personal computers, laptops, netbooks, tablets, smartphones, and environments connected to an email server, an internet proxy or a gateway device, or a database). The Licensed Product does not have to be physically installed on the computer environment to provide benefit, nor is there a requirement for the computing hardware to be owned by the Licensee. The term Computer as defined herein includes, without limitation, nonpersistent deployments, electronic devices that are capable of retrieving data, and virtual machines. |
| Documentation | The formal Product documentation (whether electronic or printed) published by Sophos for each Product. |
| edpnet | EDPNET Belgium bv, with registered offices at 9100 Sint-Niklaas, Van Landeghemstraat 20, VAT number BE 0799.091.641. |
| Fee, Fees | The amount of money payable for the Product. |
| Hardware | The physical Product itself, being a Sophos XG Firewall, a Sophos Remote Ethernet Device (RED) or a Sophos Access Point (AP), including the Software. |
| Installation Address | The physical address where the Licensee will use the Service. |
| License Details | Overview of the Product(s) licensed by Licensee and the corresponding Product Term, License Entitlement and license credentials, and which forms part of this Agreement. |
| Licensed Products | All or each (as the context so allows) of those software programs which are installed on a Computer, Server or any other physical device by or on behalf of Licensee, together with the Documentation and any of the Upgrades and Updates to those programs, but excluding any third party software as described in Clause 12. |
| Licensee | The legal person to whom license rights have been granted under this License Agreement. |
| Maintenance | Collectively Upgrades and/or Updates (where applicable to the Product) and technical support as further described in Clause 5. |
| Managed Services | An agreement between edpnet and Licensee whereby arrangements are made between both parties about the management and ownership of the Hardware. |
| Outsourced Provider | A third party to whom Licensee or Licensee’s Affiliates have outsourced their information technology functions. |
| Partner | The party from which Licensee obtains Sophos Products, being edpnet. |
| Product | The Licensed Product, media and/or Hardware, as applicable. |
| Product Term | Has the meaning set out in Clause 14 of this Agreement. |
| Reporting | A day between the 20th and the 25th of the month on which an inventory of the License Entitlement is made. |
| Sanctions and Export Control Laws | Any law, regulation, statute, prohibition, or wider measure applicable to Products and/or to either party relating to the adoption, application, implementation and enforcement of economic sanctions, export controls, trade embargoes or any other restrictive measures. |
| Server | A Computer upon which the Licensed Product is installed and from which other Computers receive or retrieve data. If the data is solely generated by the Licensed Product, then the Computer is not considered a Server. |
| Service | The Sophos XG Firewall device and the Software installed thereon, provided via Managed Services by edpnet. |
| Service Level Agreement | An agreement between edpnet and Licensee in which agreements are made between both parties regarding the level of service. |
| Software | All the elements that are contained in the Hardware and that are protected by intellectual property rights. |
| Sophos | Sophos Limited (a company registered in England and Wales number 02096520) with its registered office at The Pentagon, Abingdon Science Park, Abingdon, Oxfordshire, OX14 3YP, UK. |
| Update | An update to the library of rules and/or identities and/or other updates to the detection data or software (excluding Upgrades) made available to End-User by Sophos at its sole discretion from time to time, but excluding any updates marketed and licensed by Sophos for a separate Fee. |
| Upgrade | Any enhancement or improvement to the functionality of the Product, Product version or Product feature made available to Licensee by Sophos at its sole discretion from time to time, but excluding any software and/or upgrades marketed and licensed by Sophos for a separate Fee. |
| User | An employee, consultant or other individual who benefits from the Product licensed to Licensee. |
2. Scope
2.1 These Synchronized Security Terms and Conditions, hereinafter Security Conditions, are an addition to the General Business Conditions that regulate the legal relationship between edpnet and Licensee in the context of the installation, activation and maintenance of the Service at the Installation Address.
2.2 Licensee may not change or replace any of the provisions of these Security Conditions, unless otherwise mutually agreed in writing.
2.3 General and/or Special Conditions from Licensee are expressly rejected by edpnet.
3. Intellectual property rights and ownership
3.1The Products, including without limitation all know-how, concepts, logic and specifications, are proprietary to Sophos and its licensors and are protected throughout the world by copyright and other intellectual property rights.
3.2 Licensee hereby agrees not to remove any product identification or notices of proprietary restrictions.
3.3 Further, Licensee hereby acknowledges and agrees that the right, title and interest in the Products and in any modifications made by Licensee to the Products, as provided for below in this Agreement, is retained by Sophos.
3.4 No license, right or interest in Sophos’s logos or trademarks is granted to Licensee under this Agreement.
3.5 Licensed Products are licensed, not sold.
3.6 Except as expressly stated in this Agreement, no license or right is granted directly or by implication, inducement, estoppel, or otherwise.
4. License entitlement and usage
4.1 The Products are licensed by User, Computer, Server or other applicable units.
4.2 Unless otherwise agreed, Licensee is the sole responsible for the purchase of Licensed Products. At any moment Licensee can add or remove Licensed Products. Edpnet shall monitor Licensee’s usage of Licensed Products.
4.3 The License Details specifies the number of applicable units that Licensee has ordered for each Product (the “License Entitlement”). If Licensee’s usage of the Products exceeds the units purchased, Licensee must immediately purchase additional units.
4.4 Edpnet will cease Licensee’s access and/or use of the Products if this Agreement is terminated.
5. Rights and restrictions
5.1 Licensee is permitted to:
(a) Except in relation to any use of the Products under Clause 18, use the Products for the internal business purposes of Licensee and its Affiliates, relating specifically to the integrity of their systems, networks, documents, emails and other data;
(b) Make a reasonable number of copies of the Licensed Products or any part thereof for backup or disaster recovery purposes provided that Licensee reproduces Sophos’s proprietary notices on any such backup copy of the Licensed Products. Such restriction shall not prevent Licensee from backing up or archiving Licensee’s data.
5.2 Licensee is not permitted to:
(a) Modify or translate the Products:
(i) Except as necessary to configure the Licensed Products using the menus, filters, options and tools provided for such purposes and contained in the Product and;
(ii) In relation to the Documentation, except as necessary to produce and adapt manuals and/or other documentation for Licensee’s internal business purposes;
(b) Reverse engineer, disassemble (including without limitation, removing the covering plates which bar access to the Hardware ports and/or accessing internal components of the Hardware) or decompile the Products or any portion thereof or otherwise attempt to derive or determine the source code or the logic therein except to the extent that such restriction is prohibited by applicable law;
(c) Except to the extent expressly stated otherwise in this Agreement, use Products for which Licensee has not paid and edpnet has not received the applicable Fee;
(d) Sub-license, rent, sell, lease, distribute, transfer, transmit, embed, provide access to, or otherwise use the Products for the benefit of third parties as part of a service bureau arrangement or otherwise, except as expressly provided under this Agreement and/or unless Licensee enters into a separate agreement with edpnet for such purposes;
(e) Use the Products other than in the course of business unless and to the extent that such Products have been expressly licensed for employee personal use in accordance with Clause 18;
(f) Use the Products in or in association with safety critical applications where the failure of the Products to perform can reasonably be expected to result in a physical injury, or in loss of property, or loss of life. Any such use is entirely at Licensee’s own risk, and Licensee agrees to hold edpnet and Sophos harmless from and hereby releases edpnet and Sophos from any and all claims or losses relating to such unauthorized use and/or;
(g) Use the Products for the purposes of competing with edpnet and / or Sophos, including without limitation competitive intelligence (except to the extent that this restriction is prohibited by applicable law).
5.3 Permitted Third Party Usage:
(a) Licensee may permit its Affiliates and Outsourced Providers to use the Products provided that: (i) Licensee shall provide prior written notice to edpnet;
(ii) The Affiliates and Outsourced Providers shall only use and/or operate the Products for the internal business purposes of Licensee and its Affiliates;
(iii) The actual usage of the Products by Licensee, Licensee’s Affiliates and Outsourced Providers in aggregate shall not exceed the License Entitlement purchased by Licensee;
(iv) Licensee shall ensure that its Affiliates and the Outsourced Providers are aware of and comply with the terms and conditions of this Agreement and;
(v) Licensee shall be responsible for, and hold edpnet and Sophos harmless from, the acts and omissions of its Affiliates and Outsourced Providers relating to use of the Products.
5.4 Licensee acknowledges and agrees that:
a) It is only entitled to use the Products listed in the License Details and;
b) It has not based its purchasing decision on the future availability of any new products and/or additional features, components or versions of the Products, nor on any oral or written public comments made by edpnet and / or Sophos regarding future functionality or features.
5.5 Licensee is solely responsible for its compliance with the applicable terms and conditions of any third party agreements for hardware, software, connectivity and any other third party products and services.
5.6 Licensee is obliged at any time to pass on correct information to edpnet and remains responsible for the information and the prompt adaptation of it when necessary.
5.7 Except in case of a move, if Licensee requests edpnet to retrospectively make documents after administrative changes were made to the originally presented information, or after Licensee has adjusted certain billing information, edpnet is entitled to charge € 12.40 administration costs.
6. Maintenance and support
6.1 Edpnet provides all Hardware via Managed Services. In the framework of Managed Services, edpnet is responsible for the installation and configuration of the provided Hardware at the Installation Address, as well as for the maintenance thereof for the duration of the Product Term.
6.2 All requests for technical support must be addressed to edpnet (and not to Sophos directly).
6.3 Any custom or sample code, files or scripts (“Fixes”) provided as part of the provision of technical support which do not form part of its standard commercial offering may only be used in conjunction with the Product for which they were developed, during the relevant Product Term, and subject to the provisions of Clause 19.
6.4 Edpnet ensures that Licensee will receive Updates and Upgrades promptly and in any event within 24 hours following Sophos making such Updates and Upgrades available.
7. Warranty
7.1 Edpnet provides all Hardware via Managed Services. In the framework of Managed Services, edpnet is responsible for the repair or replacement thereof for the duration of the Product Term.
7.2 The Service includes a Service Level Agreement that guarantees that edpnet will repair or replace faulty Hardware before the end of the Next Business Day. If Licensee concludes an agreement for an edpnet internet service together with this Agreement, and if that agreement for the edpnet internet service were also to include a Service Level Agreement, then a Service Level Agreement with the same guarantee as the edpnet internet service will automatically apply to the Service.
7.3 Licensee is to follow the procedure as described in the Service Level Agreement document that he has received upon conclusion of the Agreement. Failure to having received the Managed Services document does not affect the validity of the Managed Services agreement.
8. Indemnity
8.1Subject to Clauses 8.2 to 8.4 here below, Sophos shall defend, indemnify, and hold Licensee harmless from any claim or proceeding alleging that Licensee’s use or possession of the Licensed Product in accordance with the terms and conditions of this Agreement infringes any third party patent, trademark or copyright.
8.2 Licensee shall not be entitled to the benefit of the indemnity in Clause 8.1 if:
a) Licensee fails to notify edpnet in writing within ten (10) days of Licensee being notified of any such claim or proceeding;
b) Licensee does not at the written request of edpnet or Sophos immediately cease to use or possess the Product on any such claim being made;
c) Licensee, without the prior written consent of edpnet or Sophos, acknowledges the validity of or takes any action which might impair the ability to contest the claim or proceedings if so elected;
d) The infringement arises due to modification of the Product by anyone other than Sophos, use of the Product other than in accordance with the Documentation, or use of the Product with any hardware, software or other component not provided by Sophos, and the infringement would not have arisen without such use or modification or;
e) The claim is raised based on use or possession in a country that is not a party to the World Intellectual Property Organization (WIPO) treaties on patents, trademarks and copyrights.
8.3 If any such claim or proceeding referred to in Clause 8.1 is made against Licensee, Sophos alone shall have the right (in its sole discretion):
8.3.1 To defend and/or settle any such third party claim or proceedings and/or to initiate counter-proceedings, and to require Licensee to join and co-operate with the defense, settlement and/or counter proceedings at Sophos’s reasonable cost. If Sophos elects to not assume the defense of, settle such claims and/or initiate counterproceedings, after written approval by Sophos, Licensee may proceed with defending the claim in good faith and Sophos will reimburse all claims, damages, charges, expenses and liabilities (including reasonable counsel fees and costs) finally awarded or agreed to in a monetary settlement. Sophos shall have the right to approve Licensee’s chosen counsel under this Clause, such approval not to be unreasonably withheld.
8.3.2 To:
(i) Procure a license so that Licensee’s use, possession and distribution of the Product in accordance with the terms and conditions of this Agreement does not infringe any third party patents, trademarks or copyrights or;
(ii) Modify or replace the Product with a functionally equivalent Product so that it no longer infringes a third party’s patents, trademarks or copyrights.
If Sophos cannot achieve Clause 8.3.2 (i) or (ii) above on a commercially reasonable basis, Sophos may terminate the license to use the Product upon notice to edpnet, who will provide a pro rata refund of Fees paid for such Product.
8.4 Clauses 8.1, 8.2 and 8.3 set out Licensee’s sole remedy and the whole liability of edpnet and Sophos in the event that the products infringe the patents, trademarks, copyrights or other intellectual property rights of any third party. Licensee will in any event mitigate Licensee’s losses as far as possible.
9. Disclaimer of warranties
9.1 Except for the express warranties set forth in Clause 7 above, Sophos and any of its third-party licensors and suppliers and the contributors of certain included software make no warranties, conditions, undertakings or representations of any kind, either express or implied, statutory or otherwise, in relation to the product or any third party software, including without limitation any implied warranties or conditions of merchantability, satisfactory quality, fitness for a particular purpose, non-infringement or arising from course of dealing, usage or trade.
9.2 Without limitation to the foregoing, Sophos does not warrant or represent that:
a) The Product will meet Licensee’s requirements;
b) The operation of the Product will be error free or uninterrupted;
c) Defects in the Product will be corrected;
d) The Products will detect and/or correctly identify and/or disinfect all threats, applications (whether malicious or otherwise) or other components;
e) Licensee is entitled to block any third party applications or;
f) That Licensee is entitled to encrypt or decrypt any third party information.
9.3 Licensee further acknowledges and agrees that Licensee shall be solely responsible for proper back-up of all of its data and that Licensee shall take appropriate measures to protect such data. Sophos, its Partner and Sophos third party licensors assume no liability or responsibility whatsoever if data is lost or corrupted.
10. Limitation of liability
10.1 Licensee uses the Product at Licensee’s own risk. To the maximum extent permitted by applicable law, in no event shall edpnet, Sophos or any of Sophos’ third-party licensors and suppliers or the contributors of certain included software be liable to Licensee (or to those claiming through Licensee) for any indirect, consequential, incidental or special damage or loss of any kind including, but not limited to, loss of profits, loss of contracts, business interruptions, loss of or corruption of data however caused and whether arising under contract or tort, including without limitation negligence, (including without limitation any loss or damage related to any third party software) even if edpnet or Sophos has been advised of the possibility of such damages. The limitations in this Clause shall apply notwithstanding the failure of the essential purpose of any remedy.
10.2 If any limitation, exclusion, disclaimer or other provision contained in this Agreement is held to be invalid for any reason by a court of competent jurisdiction and edpnet becomes liable thereby for loss or damage that may lawfully be limited, such liability whether in contract, tort (including without limitation negligence) or otherwise, will not exceed the greater of the Fees paid by Licensee for any twelve (12) month period.
10.3 In no event shall edpnet’s aggregate liability to Licensee arising out of or in connection with this Agreement, from all causes of action and theories of liability (including without limitation negligence), exceed the sum equal to the Fees paid by Licensee for any twelve (12) month period.
10.4 Edpnet is not liable for the unavailability of the Service and/or any other failure due to circumstances reasonably not foreseeable by edpnet and circumstances beyond edpnet's control, such as, but not limited to, disruptions and/or total breakdown of the internet and internet connections, the telephone network, the telecommunications equipment of an operator, the communications connections or equipment of edpnet or third parties who deliver services to edpnet, power supply, and other disruptions beyond edpnet's control, and furthermore international conflicts, import regulations and limitations, any government measures, violent or armed actions, labor conflicts, boycotts, delays in deliveries or non-execution of deliveries under third party contracts to edpnet.
11. Product changes
11.1 Licensee acknowledges and agrees that Sophos may vary, Update or discontinue Products, Product versions, Product features, Product support, Product Maintenance, and support for third party products (including without limitation operating systems and platforms) from time to time for reasons including but not limited to changes in demand, security and technology.
11.2 Licensee will be informed of the date(s) of planned discontinuation.
11.3 Sophos recommends that Licensee always uses the latest Product, Product version and/or third party product, as applicable.
12. Third party software
12.1 The Products may operate or interface with software or other technology that is licensed to Sophos from third parties (“Third Party Licensors”), which is not proprietary to Sophos, but which Sophos has the necessary rights to license to Licensee (“Third Party Software”).
12.2 Licensee agrees that:
a) Licensee will use such Third Party Software in accordance with this Agreement;
b) No Third Party Licensor makes any warranties, conditions, undertakings or representations of any kind, either express or implied, to Licensee concerning such Third Party Software or the Products themselves;
c) No Third Party Licensor will have any obligation or liability to Licensee as a result of this Agreement or use of such Third Party Software;
d) Such Third Party Software may be licensed under license terms which grant Licensee additional rights or contain additional restrictions in relation to such materials, beyond those set forth in this Agreement, and such additional license rights and restrictions are described or linked to in the applicable Documentation, the relevant Sophos webpage, or within the Product itself.
13. Compliance with applicable laws
13.1 Licensee hereby agrees that:
a) It will comply with all applicable Sanctions and Export Control Laws;
b) It is solely responsible for ensuring that the Product is used, disclosed and/or transported only in accordance with all applicable Sanctions and Export Control Laws and;
c) It will not re-export or transfer the Product, in any form, directly or indirectly, to any person or entity based in Cuba, Iran, Syria, Sudan, South Sudan or North Korea;
d) It will immediately notify Partner to inform Sophos if it becomes aware that it or any of its personnel may have breached any applicable Sanctions and Export Control Laws.
13.2 Licensee warrants that in entering into this Agreement neither Licensee nor any of its officers, employees, agents, representatives, contractors, intermediaries or any other person or entity acting on its behalf has taken or will take any action, directly or indirectly, that contravenes any applicable anti-bribery laws or regulations anywhere in the world.
13.3 Licensee warrants that its use and possession of the Products is and will continue to be in accordance with all other applicable laws and regulations. In particular but without limitation, Licensee acknowledges and agrees that it may be necessary under applicable law for Licensee to inform and/or obtain consent from individuals before it intercepts, accesses, monitors, logs, stores, transfers, exports, blocks access to, and/or deletes their communications. Licensee is solely responsible for compliance with such laws.
13.4 Any breach or suspected breach of this Clause 13 by Licensee shall be a material breach incapable of remedy entitling edpnet to terminate this Agreement immediately upon written notice to Licensee. In addition, Licensee agrees (to the extent permitted by applicable law, and without waiver of Licensee’s constitutional, statutory, or other immunities, if any) to indemnify and hold edpnet and / or Sophos harmless from and against any claim, proceeding, loss, liability, cost or damage suffered or incurred by edpnet and / or Sophos resulting from or related to Licensee’s violation of this Clause 13.
14. Term and termination
14.1 This Agreement shall commence upon installation of the Service at the Installation Address and shall remain in force until the earlier of
a) Expiry of the Product Term of the Service or;
b) Termination of this Agreement in accordance with the terms and conditions herein.
14.2 The Agreement is concluded for a fixed Product Term of thirty six (36) months. Barring termination before the end of the initial Product Term, the Agreement will be tacitly renewed for consecutive Product Terms of twelve (12) months. The total maximum Product Term is sixty (60) months. In the event that Licensee does not wish to renew the Product Term, Licensee must notify edpnet of this in writing at least two (2) months before the end of the Product Term, without having to communicate the reason for it. In that case the Agreement will come to an end at the expiry date of the Product Term.
14.3 The unilateral termination of the Agreement by Licensee shall immediately and irrevocably trigger legal consequences. Should Licensee decide to terminate the Agreement during the Product Term, edpnet has the right to claim damages for premature termination of the Agreement. The amount of the damages shall be equal to the sum of the remaining monthly amounts until the end of the Product Term.
14.4 In case of a move to a new location, Licensee must inform edpnet of the date of the move at least one (1) month in advance so that edpnet can schedule the installation of the Hardware at the new Installation Address. Following Clause 3 of the Special Managed Services Terms and Conditions, a move falls outside the scope of Managed Services and the installation of the Hardware at the new Installation Address is therefore considered a separate order. Therefore, upon informing edpnet of the move, Licensee will receive a quotation from edpnet for the installation of the Hardware at the new Installation Address. A move will have no impact on the Product Term.
14.5 In case Licensee wishes to change the Service, this will be considered a new order by edpnet. In case of a downgrade, edpnet is entitled to charge Licensee a one-off administrative fee of € 100; in case of an upgrade, edpnet will not charge Licensee a one-off administrative fee. Unless agreed otherwise, upon the activation of the changed Service, edpnet will prepare a credit note for the excessive billed Fee in case of a downgrade, or an extra invoice for the insufficient billed Fee in case of an upgrade. If, for any reason, the change of Service requires the intervention of a technician, edpnet will provide Licensee with a quote for a field intervention. A change of Service has no impact on the Product Term as long as the Hardware remains unchanged.
14.6 Licensed Products are monthly subscription licenses. Actual usage may thus vary from month to month. Following Article 4.2 Licensee is the sole responsible for the management of the number of required Licensed Products. At any time Licensee can change the number of Licensed Products. Regardless of the effective activation date, the number of active Licensed Products established during Reporting will be considered as the number of active Licensed Products for the current month and will be used as such to invoice Licensee. Via an order confirmation document, edpnet will communicate to Licensee the quantities determined during Reporting.
14.7 Edpnet may terminate this Agreement immediately upon written notice if:
a) Edpnet does not receive the Fees (in whole or in part) from Licensee in accordance with the agreed payment terms or;
b) Licensee fails to comply with any of the terms and conditions of this Agreement;
c) Licensee takes or suffers any action on account of debt or becomes insolvent.
14.8 Subject to Clauses 14.6 and 14.11, Licensee may terminate the license for the applicable Licensed Product(s) at any time by uninstalling and destroying the relevant Licensed Product and all copies of it.
14.9 Within one (1) month after the date of termination of this Agreement or the applicable Product Term, Licensee must supply edpnet with written certification of the destruction of all partial and complete copies of the applicable Licensed Product(s). In the case of encryption Products, Licensee shall decrypt all encrypted drives and data prior to uninstalling and destroying the Product.
14.10 Licensee’s right to use and access the Products will automatically terminate on expiry of the applicable Product Term or this Agreement (whichever is the earlier) unless and until Licensee renews Licensee’s license for the Products.
14.11 Except as expressly set forth herein, all Fees paid or payable are non-refundable to the maximum extent permitted by law.
14.12 Edpnet reserves the right to refuse a request the conclude an Agreement in case Licensee:
a) Or his authorized representative refuses to identify himself and present the proof of being authorized to conclude an Agreement;
b) Does not respect the obligations under other agreements concerning a service provided by edpnet or has showed such a non-respect in the past.
15. Confidentiality and data protection
15.1 Licensee may receive or have access to confidential information under or in relation to this Agreement that is secret and valuable to edpnet and / or Sophos and its licensors. Licensee is not entitled to use or disclose that confidential information other than strictly in accordance with the terms and conditions of this Agreement.
15.2 Licensee acknowledges and agrees that edpnet and Sophos may directly and remotely communicate with the Products in order to provide Maintenance and technical support, and to collect the following types of information:
a) Products, Product versions, Product features and operating systems being used by Licensee;
b) Processing times taken by the Product;
c) Licensee’s customer identification code and company name and;
d) IP address and/or ID of the machine which returns the above listed information.
Products may provide Sophos with the below information, which will be used for the purpose of improving Product stability, prioritizing feature refinements and enhancing protection:
a) Configuration and Usage Data, including without limitation:
(i) Device model, firmware and license information, such as model, hardware version, vendor, firmware version, and country;
(ii) Aggregated product usage information, such as product features in use (on/off, count), amount of configured objects, policies, managed devices, groups, templates; (iii) CPU, memory, and disk usage information; (iv) Product errors.
b) Application Usage and Threat Data, including without limitation:
(i) IPS alerts;
(ii) Virus detected and the URL where the virus was found;
(iii) Spam;
(iv) ATP threats and;
(v) Applications used and unclassified applications.
Information about unclassified applications is used to improve and enlarge network visibility and the application control library.
c) Monitoring Threshold Data includes:
(i) Monitoring threshold values per model and;
(ii) Alert threshold criteria and values per model.
Configuration and Usage Data does not include user-specific information or personal data and cannot be disabled. Application Usage and Threat Data, and Monitoring Threshold Data collection is enabled by default, but Licensee may disable collection of such data within the Product at any time.
15.3 The information collected under Clause 15.2 may be used for the purposes of:
a) Providing the Products and performing this License Agreement;
b) Verifying Licensee’s compliance with the License Entitlement;
c) Evaluating and improving the performance of the Products;
d) Preparing statistical analysis (such as malware infection rates and the usage of Products);
e) Planning development roadmaps and product lifecycle strategies;
f) Issuing alerts and notices to Licensee about incidents and product lifecycle changes which affect the Products being used by Licensee.
15.4 Edpnet may also require the Licensee’s contact details and payment information for the purposes of:
a) Providing technical support;
b) Billing;
c) Verifying Licensee’s credentials and License Entitlement;
d) Sending the order confirmation document containing the number of active Licensed Products that were established during the Reporting;
e) Carrying out compliance checks for export and sanction control purposes;
f) Performing tasks of account management.
15.5 If Licensee elects to send malware samples or any other materials to Sophos for review, Licensee shall remove all confidential data prior to submission.
15.6 In the case of personal data processed on Licensee’s behalf, Sophos acts as a Data Processor. In the case of personal data used for Sophos’s business purposes under Clauses 15.3 and 15.4, Sophos Ltd is the Data Controller. The terms “Data Processor” and “Data Controller” shall have the meanings defined in the EU Directive 95/46 EC. As a global organization, the Affiliates, subcontractors and third party licensors of Sophos may be located anywhere in the world. Edpnet has an Affiliate in Saint Petersburg, Russia. Edpnet and Sophos will process any personal data in accordance with the provisions of the EU Directive 95/46 EC and the Privacy Policy.
15.7 By installing or using the Product or accepting this Agreement, Licensee expressly confirms its consent to the use of data and information as set forth herein and in the Privacy Policy, and Licensee further warrants that it has obtained all necessary consents and provided all necessary notifications to share such data and information with edpnet and Sophos for the purposes described above.
16. General provisions
16.1 Licensee acknowledges to have taken cognizance of these Security Conditions and to have accepted them. By simple use of the Service, Licensee confirms that he has accepted them. If Licensee does not agree with the terms and conditions of this License Agreement, Licensee is not authorized to install or otherwise granted any rights to use the Products for any purpose whatsoever.
16.2 To help manage Licensee’s use of the Products and Licensee’s compliance with this Agreement, Licensee agrees to perform a self-audit upon ten (10) working days’ prior written notice from edpnet, calculating the number of Users, Computers, Servers or other applicable units benefiting from the Products. In accordance with Article 4.3, Licensee must purchase additional licenses if the self-audit reveals that the actual use exceeds the License Entitlement.
16.3 If Licensee does not perform a self-audit upon request from edpnet, or if edpnet has reason to doubt the results of such self-audit, upon prior written notice to Licensee, Licensee shall permit edpnet or an independent certified accountant appointed by edpnet to access Licensee’s premises and inspect Licensee’s books of account and records at any time during normal business hours for the purpose of inspecting, auditing, verifying or monitoring the manner and performance of Licensee’s obligations under this Agreement, including without limitation the payment of all applicable license fees. Any such audit shall minimize the disruption to Licensee’s business operations. Edpnet shall not be able to exercise this right more than once in each calendar year. If an audit reveals that Licensee has underpaid fees to edpnet, Licensee shall be invoiced for and shall pay to edpnet within thirty (30) days of the date of invoice an amount equal to the shortfall between the fees due and those paid by Licensee. If te amount of the underpayment exceeds five percent (5%) of the fees due or the audit reveals a violation of any license restrictions pursuant to this Agreement then, without prejudice to edpnet’s other rights and remedies, Licensee shall also pay edpnet’s reasonable costs of conducting the audit.
16.4 Sophos may in its sole discretion assign, novate and/or subcontract or otherwise transfer any of its rights or obligations.
16.5 Edpnet reserves the right to make changes to these Security Conditions in case such changes are imposed by a legal or government authority. In such case, edpnet will immediately apply the imposed changes without this giving any rights to Licensee. In all other cases, edpnet will inform Licensee individually in time and at least one (1) month beforehand (by e-mail or mail) of the proposed changes to the Security Conditions. Licensee will be informed of his right to terminate the Agreement in a traceable manner (e.g. by mail, fax…) at the latest on the last day of the month following the date of commencement of the changes if he does not accept the new conditions, without being due the damages as described in Clause 14.3.
16.6 Failure by either party to enforce any particular term or condition of this Agreement shall not be construed as a waiver of any of its rights under it.
16.7 The illegality, invalidity or unenforceability of any part of this Agreement will not affect the legality, validity or enforceability of the remainder.
16.8 This Agreement, the License Details and the documents and policies referenced herein constitute the entire agreement between the parties relating to the licensing and use of the Product and supersede any other oral or written communications, agreements or representations with respect to the Product, except for any oral or written communications, agreements or representations made fraudulently.
16.9 If there are any inconsistencies between the Dutch language version of these Security Conditions and any translated version, the Dutch language version shall prevail.
16.10 A person who is not a party to this Agreement has no right to enforce any term or condition of this Agreement, and the parties to this Agreement do not intend that any third party rights are created by this Agreement.
16.11 Any notices required to be given or any questions concerning this Agreement should be addressed to edpnet (and not to Sophos).
16.12 Edpnet and Licensee agree that any communication between them via the secured edpnet e-mail system has the same legal value as written and signed letters.
16.13 Edpnet and Licensee agree that the information with regard to communications, agreements and payments is being stored by edpnet on a durable and unchangeable carrier and has legal value unless proven otherwise.
16.14 The following Articles and Clauses shall survive any termination or expiration of this Agreement: 3, 9, 10, 13, 14.9, 15.1, 16 and 17.5.
17. Hardware
17.1 Edpnet provides all Hardware via Managed Services, meaning that edpnet remains the owner of the Hardware. Licensee agrees to keep the Hardware free and clear of all claims, liens, and encumbrances, and any act by Licensee, either voluntary or involuntary, purporting to create a claim, lien or encumbrance on the Hardware shall be void.
17.2 In the event that Licensee fails to pay or edpnet does not receive the Fee for the Hardware, upon written notice from edpnet, Licensee shall return the Hardware to edpnet, securely and properly packaged, with carriage (and insurance at Licensee’s option) prepaid. The burden of proof for timely return is with Licensee. If Licensee fails to return the Hardware to edpnet as requested, upon written notice edpnet will be entitled to enter Licensee’s premises during normal business hours to repossess the Hardware. The sending or taking back of the Hardware does not nullify the Fee due by Licensee.
17.3 Risk of loss passes to Licensee upon installation of the Hardware by edpnet at the Installation Address. Insurance, if any, covering the Hardware shall be Licensee’s sole responsibility.
17.4 Licensee acknowledges that the Hardware is solely the medium for delivery and operation of the Products and that, unless otherwise agreed in writing, edpnet at its option may install Hardware that is either new or refurbished.
17.5 Upon termination of the Agreement, Licensee is obliged to return the Hardware to edpnet within fifteen (15) calendar days and at his own expense. The burden of proof of the timely return lies with Licensee. In the event that Licensee does not return to edpnet the Hardware within fifteen (15) calendar days, edpnet is entitled to charge the Hardware to Licensee at list price. If Sophos no longer commercializes the device at that time, edpnet is entitled to charge the market price of the successor.
18. Employee personal use
18.1 The following URL lists the Products for which employee personal use is permitted:
https://www.sophos.com/en-us/legal/employee-personal-use-policy.aspx
18.2 In addition to the rights granted in Clause 5 of this Agreement, where employee personal use is permitted, Licensee may permit its employees to use such Product at home on a (1) single workstation provided that:
a) Licensee shall be responsible for the distribution of Upgrades and Updates and the provision of technical support to such employees and;
b) Licensee’s actual usage including such employee personal usage does not exceed the License Entitlement.
18.3 Licensee shall ensure that its employees are aware of and comply with the terms and conditions of this Agreement, and, to the extent permitted by applicable law, Licensee shall be responsible for the acts and omissions of its employees relating to use of the Products.
19. Free trials
19.1 If edpnet permits Licensee to conduct a free trial of a Product (the “Free Trial”), Licensee may use the Product free of charge for evaluation purposes only for a maximum of thirty (30) calendar days, or such other duration as specified by edpnet in writing at its sole discretion (the “Trial Period”). If Licensee does not purchase the Product, the rights to use the Product will terminate immediately upon expiry of the Trial Period. Licensee must immediately uninstall and destroy the relevant Product(s) and all copies thereof.
19.2 If the Free Trial relates to Hardware, Licensee must return the Hardware to edpnet, securely and properly packaged, with carriage (and insurance at Licensee’s option) prepaid upon the expiry of the Trial Period. The burden of proof for timely return is with Licensee. Licensee is solely responsible for removing any and all of Licensee’s data from the Hardware prior to return. If Licensee fails to return the Hardware upon expiry of the Trial Period, edpnet may invoice, and Licensee shall pay for, the Hardware at market price.
19.3 If the Free Trial involves edpnet having to carry out work, such as the installation of Hardware or any other work, edpnet is entitled to charge Licensee a fee for a Technical Intervention. In case the Free Trial leads to the conclusion of an agreement, this fee will be deducted from Licensee’s 1st invoice.
19.4 Free Trial Products are provided “As is” and to the maximum extent permitted by applicable law:
a) Edpnet makes no warranties, conditions, representations or undertakings of any kind, whether express, implied, statutory or otherwise with relation to such Products;
b) In no event shall edpnet or Sophos be liable to Licensee or to those claiming through Licensee for any direct, indirect, consequential, incidental or special damage or loss of any kind including, but not limited to, loss of profits, loss of contracts, business interruptions, loss of or corruption of information or data however caused and whether arising under contract or tort (including without limitation negligence), even if edpnet and / or Sophos have been advised of the possibility of such damages. The limitations in this Clause shall apply notwithstanding the failure of the essential purpose of any remedy.
19.5 A Free Trial can only be granted by edpnet if Licensee has already concluded an agreement for an edpnet internet service.
