***IMPORTANT READ CAREFULLY***
TERMS OF SERVICE FOR COFENSE PHISHME FREE
Updated February 26, 2018
THESE TERMS OF SERVICE (“TERMS”) GOVERN YOUR ACCESS TO COFENSE PHISHME FREE PROVIDED BY COFENSE INC., AND/OR ITS AFFILIATES (“COFENSE”). PLEASE READ THESE TERMS CAREFULLY. CLICKING ON THE “YES” OR “I ACCEPT” BUTTON (OR OTHER BUTTON OR MECHANISM DESIGNED TO ACKNOWLEDGE AGREEMENT TO THESE TERMS), ACCESSING, OR USING COFENSE PHISHME FREE CONSTITUTES ACCEPTANCE OF THESE TERMS.
IF YOU AGREE TO THESE TERMS ON BEHALF OF A BUSINESS, GOVERNMENT, OR OTHER ENTITY, YOU REPRESENT AND WARRANT THAT YOU HAVE THE POWER AND AUTHORITY TO BIND SUCH BUSINESS, GOVERNMENT, OR OTHER ENTITY TO THESE TERMS, AND YOUR AGREEMENT TO THESE TERMS WILL BE TREATED AS THE AGREEMENT OF SUCH BUSINESS, GOVERNMENT, OR OTHER ENTITY.
IF YOU ARE UNWILLING TO AGREE TO THESE TERMS, OR YOU DO NOT HAVE THE RIGHT, POWER AND AUTHORITY TO ACT ON BEHALF OF A BUSINESS, GOVERNMENT OR OTHER ENTITY, DO NOT CLICK ON THE BUTTON AND DO NOT ACCESS OR USE COFENSE PHISHME FREE.
IF YOU RECEIVE COFENSE PHISHME FREE THROUGH A COFENSE AUTHORIZED RESELLER, PARTNER OR DISTRIBUTOR (COLLECTIVELY, “AUTHORIZED PARTNER”), ALL FEES AND OTHER PROCUREMENT AND DELIVERY TERMS WILL BE AGREED BETWEEN YOU AND THE AUTHORIZED PARTNER; HOWEVER, THE TERMS AND CONDITIONS SET FORTH IN THESE TERMS REGARDING YOUR ACCESS TO COFENSE PHISHME FREE REMAIN APPLICABLE. FOR CLARIFICATION, YOUR AGREEMENT WITH THE AUTHORIZED PARTNER IS BETWEEN YOU AND THE AUTHORIZED PARTNER, AND IS NOT BINDING ON COFENSE.
“Authorized Users” means your authorized employees, agents or independent contractors with an assigned unique email address, who (i) may access Cofense PhishMe Free; and/or (ii) receive or send email messages with respect to Cofense PhishMe Free.
“Your Data” means the information submitted or provided by you and your Authorized Users for use with Cofense PhishMe Free.
“Documentation” means the applicable Cofense PhishMe Free user manuals provided by Cofense to its customers (which may be in electronic format), as amended from time to time by Cofense.
“Intellectual Property Rights” means copyrights (including, without limitation, the exclusive right to use, reproduce, modify, distribute, publicly display and publicly perform the copyrighted work), trademark rights (including, without limitation, trade names, trademarks, service marks, and trade dress), patent rights (including, without limitation, the exclusive right to make, use and sell), trade secrets, moral rights, right of publicity, authors’ rights, contract and licensing rights, goodwill and all other intellectual property rights as may exist now and/or hereafter come into existence and all renewals and extensions thereof, regardless of whether such rights arise under the law of the United States or any other state, country or jurisdiction.
“Cofense IP” means all Cofense proprietary materials, including without limitation, Cofense PhishMe Free, software, subscriptions, materials, Cofense’s Confidential Information, threat intelligence and threat indicators, intelligence alerts and reports, and/or investigation tools, Aggregate Data, Documentation, proprietary processes and methods, and any Cofense templates and/or forms.
2. Grant of Limited License
Cofense grants you a limited, nontransferable, non-assignable, non-sublicensable right to access Cofense PhishMe Free, along with any other related materials, content, Documentation and services provided by Cofense hereunder (collectively, the “Cofense PhishMe Free”) for your own internal business purposes, subject to these Terms. You may only use Cofense PhishMe Free from the earlier of (a) the date these Terms are accepted by you, or (b) the date in which you first accessed Cofense PhishMe Free, until the expiration date set forth in applicable activation email, or, if no expiration date is set forth in the applicable activation email, five (5) years after the earlier of either (a) or (b) herein (the “License Period”). Any licenses granted herein will terminate automatically on expiration of the License Period or termination of these Terms, and you will receive no further access to Cofense PhishMe Free unless you and Cofense have otherwise agreed in writing to extend the License Period. Notwithstanding anything in the foregoing to the contrary, this license shall terminate immediately upon Cofense’s provision to you of a Cofense PhishMe subscription. For clarification, Cofense PhishMe Free may not be licensed concurrently with Cofense PhishMe. Cofense may, at its sole discretion, provide maintenance and support for Cofense PhishMe Free during the License Period from Cofense’s Community portal.
3. Your Responsibilities
a. You (i) are responsible for the use of Cofense PhishMe Free by you and your Authorized Users in compliance with these Terms, including the Cofense PhishMe Free Acceptable Use Policy, Documentation and applicable laws and government regulations; (ii) are responsible for the accuracy, quality and legality of Your Data, including the lawful use and transmission of Your Data provided by you and your Authorized Users in connection with Cofense PhishMe Free; (iii) will obtain all rights, permissions or consents from Authorized Users and other personnel that are necessary to grant the rights and licenses in these Terms; and (iv) will use commercially reasonable efforts to prevent unauthorized access to or use of Cofense IP, and will notify Cofense promptly of such unauthorized use.
b. You acknowledge and agree that the maximum number of Authorized Users will not exceed the number of Authorized Users set forth in the applicable activation email. At the beginning of the License Period, you will designate and allocate the Authorized Users and will not reassign or replace such Authorized Users prior to the expiration of the License Period (except for administrators).
c. Only one Authorized User may act as an administrator for your subscription of Cofense PhishMe Free.
d. You may only designate Authorized User’s email addresses with Internet domain names that you own or are authorized by the Internet domain name owner to use for the purposes contemplated herein.
4. Terms and Termination
Unless otherwise terminated in accordance with this Section, these Terms will remain in effect until the expiration of the License Period. Either party may terminate these Terms (i) for material breach, upon written notice to the other party, subject to a ten (10) day cure period; or (ii) for convenience, for any or no reason at all, upon fifteen (15) days’ prior written notice. Notwithstanding anything in these Terms to the contrary, any breach by you and your Authorized Users of Section 3, Section 6 and Section 7 will result in the immediate suspension of you and your Authorized Users’ access to Cofense PhishMe Free and/or the immediate termination of these Terms. Upon expiration or termination of these Terms: (a) all licenses granted herein will automatically terminate and Cofense will disable your (and your Authorized Users’) access to Cofense PhishMe Free; and (b) within ten (10) business days of the termination of these Terms or upon Cofense’s written request, you will promptly destroy or return all Cofense IP in your possession. Upon Cofense’s written request, you will provide a certification, signed by your officer, as to the destruction or return of Cofense IP.
5. Disclaimer; Limitation of Liability
a. COFENSE PHISHME FREE IS PROVIDED TO YOU “AS IS”, AND ANY USE BY YOU AND YOUR AUTHORIZED USERS OF COFENSE PHISHME FREE WILL BE AT YOUR SOLE RISK. COFENSE MAKES NO WARRANTIES RELATING TO COFENSE PHISHME FREE AND EXPRESSLY DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING WITHOUT LIMITATION ANY WARRANTIES AGAINST INFRINGEMENT OF THIRD PARTY RIGHTS, MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, ACCURACY, OR ARISING FROM COURSE OF PERFORMANCE, DEALING, USAGE OR TRADE. COFENSE ALSO MAKES NO WARRANTY REGARDING NONINTERRUPTION OF USE OR FREEDOM FROM BUGS, AND MAKES NO WARRANTY THAT COFENSE PHISHME FREE WILL BE ERROR-FREE. COFENSE DOES NOT GUARANTEE ANY SPECIFIC RESULTS FROM USING COFENSE PHISHME FREE.
b. LIMITATION OF LIABILITY. IN NO EVENT SHALL COFENSE BE LIABLE FOR ANY INCIDENTAL, SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES WHATSOEVER, INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOSS OF PROFITS, LOSS OF DATA, BUSINESS INTERRUPTON OR ANY OTHER COMMERCIAL DAMAGES OR LOSSES, ARISING OUT OF OR RELATED TO THESE TERMS. THE FOREGOING LIMITATIONS ON COFENSE’S LIABILITY SHALL APPLY WHETHER OR NOT COFENSE WAS ADVISED OF THE POSSIBILITY OF SUCH LOSS OR DAMAGES. THE TOTAL LIABILITY OF COFENSE ARISING OUT OF OR RELATED TO THESE TERMS WILL NOT EXCEED USD $100.
6. Confidentiality and Data Privacy.
a. “Confidential Information” means any non-public, confidential, or proprietary information of a disclosing party (“Discloser”) that should reasonably be understood by the receiving party (“Recipient”) to be confidential because of (i) legends or other markings; (ii) the circumstances of disclosure; or (iii) the nature of the information, which may be disclosed either directly or indirectly, in writing, visual, orally or by inspection of tangible objects (including without limitation documents, prototypes, samples, products, software, product specifications and white papers) or other means. Confidential Information includes but is not limited to technology and technical information, promotional and marketing activities, inventions, finances and financial plans, customers, business and product plans, know-how, source code, data, algorithms, methods and processes, trade secrets, designs, techniques, analyses, models, strategies and objectives, and any third-party information that Discloser is otherwise obligated to keep confidential.
b. Recipient will: (i) not use any Confidential Information for any purpose except to evaluate and engage in discussions concerning a potential business relationship between the Parties and/or to fulfill its obligations under these Terms; (ii) use at least the same degree of care as Recipient uses to protect its own confidential information from unauthorized use, access or disclosure, but in no event less than a reasonable degree of care; (iii) limit disclosure of Confidential Information to those persons within Recipient’s organization who have a need to know and who have previously agreed in writing, prior to the receipt of Confidential Information, to be bound by confidentiality obligations similar to those set forth in these Terms; (iv) not disclose any Confidential Information to third parties without Discloser’s prior written consent; (v) not copy, reverse engineer, disassemble, create any works from, or decompile any prototypes, software or other tangible objects which embody Discloser’s Confidential Information; and (vi) comply with, and obtain all required authorizations arising from, all U.S. and other applicable export control laws or regulations. Any reproduction of Confidential Information requires Discloser’s prior written consent and will remain the property of Discloser. Any reproductions will contain any and all notices of confidentiality contained on the original Confidential Information.
c. The foregoing confidentiality obligations will not apply to information that Recipient can demonstrate: (i) is publicly known and made generally available through no improper action or inaction of Recipient; (ii) was already in the possession of, or known by Recipient prior to the time of disclosure by Discloser through no fault or breach of these Terms by Recipient; (iii) was rightfully obtained by, or disclosed to, Recipient from a third party without any obligation to maintain the Confidential Information as proprietary or confidential; or (iv) is independently developed by Recipient without use of or reference to Discloser’s Confidential Information. Recipient may disclose Confidential Information to the extent such disclosure is required to comply with applicable law or a valid order or requirement of a governmental or regulatory agency or court of competent jurisdiction, provided that Recipient (a) restricts such disclosure to the maximum extent legally permissible; (b) notifies Discloser as soon as practicable of any such requirement to the extent such provision of prior notice is permitted by applicable law; and (c) that subject to such disclosure, such disclosed materials will in all respects remain subject to the restrictions set forth in these Terms.
d. Within ten (10) business days of the termination of these Terms or upon Discloser’s written request, Recipient will promptly, at Recipient’s election, destroy or return all of Discloser’s Confidential Information in Recipient’s possession or in the possession of any representative of Recipient; provided, however, that Recipient will not, in connection with the foregoing obligations, be required to delete Confidential Information held electronically in archive or back-up systems, and such Confidential Information will in all respects remain subject to the restrictions set forth in these Terms. Upon Discloser’s written request, Recipient will provide a certification, signed by an officer of Recipient, as to the destruction or return of Discloser’s Confidential Information.
e. Discloser retains all right, title and interest to its Confidential Information. Recipient acknowledges that the disclosure of Confidential Information may cause irreparable injury to Discloser. Discloser will, therefore, be entitled to seek injunctive relief upon a disclosure or threatened disclosure of any Confidential Information, without a requirement that Discloser prove irreparable harm and without the posting of a bond. This provision will not in any way limit such other remedies as may be available to Discloser at law or in equity. ALL CONFIDENTIAL INFORMATION IS PROVIDED “AS IS.” DISCLOSER MAKES NO WARRANTIES, EXPRESS, IMPLIED OR OTHERWISE, REGARDING ITS ACCURACY, COMPLETENESS OR PERFORMANCE.
f. You understand and acknowledge that all Authorized User accounts will be provisioned on Cofense’s U.S. based instance. If use of Cofense PhishMe Free includes the processing of personal data (as described in the EU Data Protection Directive 95/46/EC), when performing its obligations under these Terms, the following will apply:
1. your will ensure that: (i) you are entitled to transfer the relevant personal data to Cofense so that Cofense may lawfully use, process and transfer the personal data on your behalf and in accordance with these Terms; and (ii) the relevant third parties have been informed of, and have given their consent to, such use, processing, and transfer as required by all applicable data protection laws.
2. Cofense will: (i) process personal data in compliance with and subject to these Terms and any lawful and reasonable instructions received from you; (ii) not use or process or permit any Cofense subcontractors to use or process, any personal data except to the extent necessary to perform its obligations under these Terms; (iii) implement and maintain adequate and reasonable technical and organizational safeguards designed to protect against the unauthorized or accidental access, loss, alteration, disclosure or destruction of personal data in Cofense’s possession or control; (iv) ensure that it has appropriate procedures in place designed to comply with applicable data protection laws and will take all reasonable steps to ensure that persons employed by it, and other persons engaged at its place of work, are aware of and comply with.
3. Cofense may process or otherwise transfer personal data in or to any country outside the European Economic Area or any country not deemed adequate by the European Commission pursuant to Article 25(6) of the EU Data Protection Directive 95/46/EC to the extent necessary for the provision of Cofense PhishMe Free. If required, Cofense will enter into the EU Standard Contractual Clauses as approved by the European Commission for ensuring an adequate level of data protection in respect of the personal data that will be processed or transferred.
7. Intellectual Property.
a. Intellectual Property of Cofense; Restrictions. All Intellectual Property Rights in the Cofense IP belong exclusively to Cofense or its licensors. You acknowledge and agree that you will not (and will not allow any third party), in whole or in part, to directly or indirectly: (i) disassemble, decompile, reverse compile, reverse engineer or attempt to discover any source code or underlying ideas or algorithms of any Cofense IP (except to the limited extent that applicable law prohibits reverse engineering restrictions solely for interoperability purposes), (ii) sell, resell, distribute, sublicense or otherwise transfer, the Cofense IP, or make the functionality of the Cofense IP available to any other party through any means (unless Cofense has provided prior written consent), or (iii) reproduce, alter, modify or create derivatives of the Cofense IP (unless as expressly permitted in these Terms). You will maintain the copyright notice and any other notices that appear on Cofense IP, including any interfaces related to Cofense PhishMe Free.
b. Aggregate Data; Feedback. Notwithstanding the foregoing, Cofense owns all Intellectual Property Rights in and to Aggregate Data, and may use, reproduce, sell, publicize or otherwise exploit Aggregate Data in any way, in its sole discretion. “Aggregate Data” refers to Your Data that is de-identified (stripped of any information used to identify you or your Authorized Users, including personal data). Aggregate Data will also include statistical information related to the use and performance of Cofense PhishMe Free, provided that such statistical information is de-identified. You grant to Cofense a worldwide, perpetual, irrevocable, royalty-free, fully paid-up license to use and exploit any suggestion, enhancement request, recommendation, correction or other feedback (“Feedback”) provided by you or your Authorized users relating to Cofense PhishMe Free. Feedback will not include Confidential Information.
c. Cofense Templates and Formats. You acknowledge that Cofense may provide certain Cofense templates and formats to you with your use of Cofense PhishMe Free, and you will have a non-exclusive, nontransferable, non-sublicenseable right to use, modify, display and reproduce such templates and formats for your internal use with Cofense PhishMe Free, subject to the restrictions set forth in these Terms. To the extent that any such modified templates and/or formats do not embody or otherwise include your Confidential Information and Your Data, Cofense owns and holds all right, title and interest in and to such templates and/or formats.
d. Your Intellectual Property; Restrictions. Cofense acknowledges that you own all right, title, and interest in and to Your Data (excluding Aggregate Data). You grant to Cofense the worldwide right to use, access, host, copy, transmit and display Your Data, as reasonably necessary for Cofense to perform its obligations in accordance with these Terms. Cofense may disclose Your Data to its third-party contractors and service providers (including cloud service providers) to the extent necessary to provide Cofense PhishMe Free in accordance with these Terms; provided that such third-party contractors and service providers are bound by confidentiality obligations similar to the provisions of these Terms. Cofense expressly disclaims Your Data which you have generated for use with Cofense PhishMe Free, and you agree to indemnify, hold harmless and, at Cofense’s option, to defend Cofense, its officers, directors, employees, contractors and agents from and against any losses, liabilities, damages, costs and expenses (including reasonable attorneys’ fees) incurred as a result of any alleged or actual violations of any third-party rights arising out of Your Data
e. U.S. GOVERNMENT RESTRICTED RIGHTS. Cofense PhishMe Free and Cofense IP are “commercial items”, “commercial computer software” and “commercial computer software documentation,” pursuant to DFARS Section 227.7202 and FAR Sections 12.211-12.212, as applicable. Cofense PhishMe Free and Cofense IP were developed solely at private expense and the use of Cofense PhishMe Free and Cofense IP by the United States Government are governed solely by these Terms and are prohibited except to the extent expressly permitted by these Terms.
You will comply with all applicable laws. You will not assign this Agreement or any right or delegate any performance without Cofense’s prior written consent. This Agreement is the complete statement of the agreement of the parties with regard to the subject matter hereof and may be modified only by a writing signed by both parties. This Agreement is governed by the laws of the State of Virginia, excluding its conflict of law rules and The U.N. Convention on Contracts for the International Sale of Goods. Section 2 and Sections 4 through 8 will survive any termination or expiration of this Agreement.
ACCEPTABLE USE POLICY ADDENDUM FOR
COFENSE PHISHME FREE
By using Cofense PhishMe Free, you are agreeing to this Acceptable Use Policy Addendum (this “Policy”). Please read this carefully.
You and your Authorized Users may not:
- post or transmit unlawful materials, e-mail or information;
- post or transmit harassing, threatening or abusive materials, e-mail or information;
- post or transmit defamatory, libelous, slanderous or scandalous materials, e-mail or information;
- post or transmit obscene, pornographic, profane or otherwise objectionable information of any kind;
- post or transmit materials, e-mail or information that would constitute an infringement upon the patents, copyrights, trademarks, trade secrets or other intellectual property rights of others;
- post or transmit materials constituting or encouraging conduct that would constitute a criminal offence, give rise to civil liability, or otherwise violate any local, state, national or international law, including without limitation, the U.S. export control laws and regulations;
- post or transmit materials that would give rise to liability under the Computer Fraud and Abuse Act;
- use Cofense PhishMe Free to commit fraud or engage in other misleading or deceptive activities;
- upload to, or transmit from Cofense PhishMe Free any viruses, worms, defects, Trojan horses, time-bombs, malware, spyware, or any other computer code of a destructive or interruptive nature;
- share Cofense PhishMe Free, Cofense IP and Cofense Confidential Information with any third-parties, except as expressly authorized in advance by Cofense in writing;
- use Cofense PhishMe Free and Cofense IP in any way to provide services to any third-party;
- disassemble, decompile, reverse compile, reverse engineer or attempt to discover any source code or underlying ideas or algorithms of Cofense PhishMe Free and any Cofense IP (except to the limited extent that applicable law prohibits reverse engineering restrictions solely for interoperability purposes);
- sell, resell, distribute, sublicense or otherwise transfer, Cofense PhishMe Free and any Cofense IP, or make the functionality of Cofense PhishMe Free available to any other party through any means (unless Cofense has provided prior written consent); and
- reproduce, alter, modify or create derivatives of the Cofense IP (unless as expressly permitted in these Terms).
Authorized Users must comply with any Intellectual Property Rights asserted in any Cofense IP provided to you and your Authorized Users for the purposes of using with Cofense PhishMe Free. Authorized Users will maintain and not remove or obscure any proprietary notices on Cofense IP.
Remedies. Violation of this Policy may result in civil or criminal liability, and Cofense may, in addition to any other remedy that Cofense may have at law or in equity, terminate any permission for you and any Authorized User to access Cofense PhishMe Free or immediately remove the offending material. In addition, Cofense may investigate incidents that are contrary to this Policy.
Cofense reserves the right to update and modify this Policy at any time from time-to-time. Continued use of Cofense PhishMe Free by you and your Authorized Users after such update or modification will indicate your acceptance of the updates and/or modifications to this Policy.