Terms & Additional Conditions
Terms and Conditions for Binary Defense Products and Services
These Terms and Conditions for Binary Defense Services (the “Terms and Conditions”) govern the purchase and use of Binary Defenses’ services, software (“Software”), equipment (“Equipment”), and any other product (collectively, “Services”) from Binary Defense and from Binary’s authorized resellers and channel partners. These Terms and Conditions are incorporated into each Statement of Work (“SOW”) with Binary Defense and any and all orders for the purchase of Services (“Order”) from Binary Defense and/or its resellers or channel partners. “Client” for purposes of these Terms and Conditions shall mean the party listed on the applicable SOW and/or Order.
1. Client Responsibilities
Client represents and warrants that it: (i) is responsible for the use and misuse of the Services by Client and its users, including maintaining strict compliance with this SOW, Master Services Agreement (“MSA”), if any, and all applicable laws, rules, and regulations; (ii) owns, has the necessary rights, power and authority, and is responsible for the accuracy, quality and legality of Client’s data and information (“Client Data”), including the lawful use and transmission of Client Data collected or provided by Client in connection with the Services, including data included in summaries, analyses and reports generated in connection with the Services; (iii) will obtain all rights, permissions or consents from any personnel that are necessary to allow Binary Defense to perform the Services; (iv) will use commercially reasonable efforts to maintain security controls according to industry best practices and prevent unauthorized access to or use of Binary Defense’s intellectual property or any of the Services, and will notify Binary Defense promptly of any breach of this SOW or an MSA, if applicable. Client is solely responsible for (1) any authorized or unauthorized access to, or acts or omissions by any person affecting Client’s data or the Services, (2) Client’s actions and failures to take required actions with respect to the Services and its users, or (3) acts or omissions by Client’s authorized users or any other third party.
Client will provide Binary Defense with the cooperation, access and detailed information as reasonably necessary or requested by Binary Defense, for Binary Defense to implement and deliver the Services, including, without limitation: (i) test time on Client’s computer systems and networks sufficient for Binary Defense to provide the Services, and (ii) direct access to and cooperation on an as needed basis upon the reasonable request of Binary Defense from at least one employee of Client who has substantial computer system, network and project management experience reasonably satisfactory to Binary Defense to act as project manager and as a liaison between Client and Binary Defense. Binary Defense will be excused from its failure to perform its obligations under these Terms and Conditions to the extent such failure is caused by Client’s delay in performing or its failure to perform its responsibilities under these Terms and Conditions.
Client (i) will use the Services for Client’s internal security purposes only, and (ii) will not, by or for itself, any Affiliate (as defined below) of Client, or any third party (a) sell, rent, license, assign, distribute, perform, or transfer any of the Services; (b) decipher, decompile, disassemble, reconstruct, translate, reverse engineer, or discover any source code of the Software; (c) copy any Software or Documentation, except that Client may make a reasonable number of copies of the Documentation for its internal use only ; or (d) remove from any Service any language or designation indicating the confidential nature thereof or the proprietary rights of Binary Defense or its suppliers. In addition, Client will not, and will not permit third parties to, (1) use any Service for the benefit of any third party, including but not limited to, on a time-sharing, outsourcing, service bureau, hosting, application service provider or managed service provider basis; (2) alter any aspect of any Service, except as expressly permitted under this SOW or an MSA; or (3) assign, transfer, distribute, or otherwise provide access to any of the Services unless pre-approved in writing by Binary Defense.
Client will treat Binary Defense’s Confidential Information as confidential and will not disclose to others or use it for any purpose except to comply with these Terms and Conditions and the SOW. “Confidential Information” includes, without limitation, whether in writing or not, these Terms and Conditions, information not generally known to the public, Services, strategies, pricing, trade secrets, know-how, financial information, sales and distribution information, actual and potential customers or vendors. Client is responsible for any disclosure of Confidential Information under its possession or control. To the extent that an MSA of confidentiality agreement contains more restrictive terms, those more restrictive terms apply with respect to obligations of confidentiality.
2. CounterIntelligence Further Investigations
Subscribers of CounterIntelligence services will be allocated 5% of their annual subscription fee for further investigations of requested Intel briefs. Hourly rates will be $350/hour. Balance will be communicated on a per use basis. Any unused allocation will expire at the end of each subscription term.
3. Threat Hunting Investigations
The Threat Hunting phase is the main focus of the threat hunt. This phase determines if the hypothesis can be proven using the detection methods documented during the research phase. It is possible that during the Hunt phase evidence of malicious activity will be found. When this occurs, Binary Defense will communicate what was found and it will be the responsibility of the Client to enact their incident response process. Subscribers of Threat Hunting services over their subscription fee will be billed at an hourly rate of $350/hour. Balance will be communicated on a per use basis.
4. Payment & Pricing Terms
100% of total fees and expenses shall be due and payable for each year of the subscription term before Binary Defense shall have any obligation to perform Services for the Client. For subsequent years of the subscription term, Services may be suspended by Binary Defense by notice to Client until payment in full of all fees and expenses is made. Payment terms are due upon receipt and payable in US Dollars, without the right to set-off or deduction. If any undisputed amount payable to Binary Defense is in arrears for more than thirty (30) days from the date of invoice receipt, Binary Defense reserves the right, in addition to any other remedy, to (a) charge interest on such overdue amount on a day to day basis from the invoice date until paid in full at the rate of the lesser of one and a half percent (1.5%) per month, or the maximum rate permissible under applicable law; and (b) suspend the provision of the Services until such time as payment is received; provided that Binary Defense shall not suspend the provision of Services without first providing at least five (5) business days advance notice to Client. Binary Defense shall provide at least five (5) business days advance notice to Client in the event that Binary Defense intends to initiate litigation to collect undisputed amounts owed by Client. Client shall be responsible for payment or reimbursement of reasonable attorneys’ fees and court costs and other expenses incurred by Binary Defense to collect amounts owed by Client.
On an annual basis, a four percent increase will be applied to all annual recurring services including licensing, maintenance and support fees. Professional security service hours expire 12 months from date of execution. Unless Client otherwise provides Binary Defense a valid exemption certification from the applicable taxing authority, Client shall reimburse Binary Defense and hold Binary Defense harmless for all taxes arising out of any SOW, including, but not limited to, any sales, use, value-added or import taxes, customs duties or similar taxes assessed in accordance with applicable law with respect to the provision of the Services except for taxes imposed on Binary Defense’s net income. Binary Defense will audit and report to Client any use it may have incurred over the contracted amount of use. Such overages will be invoiced to Client provided, however, if the overage is more than the contracted amount of use, then Binary Defense reserves the right to invoice Client for the overage on a more frequent basis. If Client uses the Services in excess of the contracted use, Binary Defense may require Client to increase the contracted use amount to more accurately reflect Client’s actual usage in the form of a change order.
Binary Defense’ fees for the Services are set forth on each applicable SOW, which does not include all reasonable expenses, including but not limited to shipping, travel expense, hotel and meals incurred by Binary Defense and will be invoiced as incurred. If Client would like to make any changes to a SOW, including to any Services, Binary Defense will provide pricing to Client for such changes on Binary Defense’s change order process (“Change Order”), which will be subject to mutual agreement. Binary Defense will not be obligated to perform any Services until a Change Order has been mutually agreed to and signed by Client and Binary Defense. Any changes to the agreed upon schedule for on-site work that requires travel will incur a re-scheduling fee equal to all out-of-pocket expenses for modifying the travel arrangements.
Upon termination for any reason, on the effective date of termination, Client agrees to pay to Binary Defense all unpaid fees accrued or incurred as of such termination date, including but not limited to, immediate payment of all fees in relation to the Services and fees for which have been prorated through the end of the subscription term as if the SOW(s) remained in full force and effect and were fully performed by Binary Defense. Prepaid fees are not refundable.
5. Shipping Terms
Physical shipments of Services are FOB Point of Shipment unless otherwise specified. Freight charges may be prepaid by Binary Defense and will be invoiced to the Client.
6. Limitations of Liability
BINARY DEFENSE’S TOTAL LIABILITY FOR ALL CLAIMS AND DAMAGES ARISING OUT OF THESE TERMS AND CONDITIONS AND THE SOW(S), WHETHER IN CONTRACT, TORT OR OTHERWISE, WILL NOT EXCEED THE AMOUNT OF FEES PAID BY CLIENT TO BINARY DEFENSE UNDER THE APPLICABLE SOW GIVING RISE TO THE CLAIM DURING THE TWELVE (12) MONTHS PRIOR TO WHEN THE CLAIM FIRST AROSE. CLIENT IS REQUIRED TO FILE ANY CLAIM OR ACTION IN A COURT OF COMPETENT JURISDICTION WITHIN SIX (6) MONTHS AFTER THE CLAIM FIRST AROSE OR SUCH CLAIM OR ACTION IS FOREVER BARRED.
EXCEPT AS SPECIFICALLY PROVIDED IN THESE TERMS AND CONDITIONS, EACH PARTY AND THEIR LICENSORS AND SUPPLIERS EXPRESSLY DISCLAIM ALL WARRANTIES OF ANY KIND, EXPRESS OR IMPLIED, TO THE FULLEST EXTENT PERMITTED BY LAW, INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, ACCURACY, NON-INFRINGEMENT, RESULTS TO BE DERIVED FROM THE USE OR INTEGRATION WITH ANY SERVICES PROVIDED UNDER THESE TERMS AND CONDITIONS OR AN APPLICABLE SOW, OR THAT THE OPERATION OF ANY SERVICES WILL BE SECURE, UNINTERRUPTED, ERROR-FREE, OR CAN OR WILL PREVENT A SECURITY BREACH OR UNAUTHORIZED ACCESS TO OR LOSS OF, OR DAMAGE TO CLIENT DATA, SERVERS, NETWORKS, OR SYSTEMS. Client agrees that it is not relying on delivery of future functionality, public comments or advertising of Binary Defense or product roadmaps in entering into these Terms and Conditions and the applicable SOW(s).
IN NO EVENT WILL EITHER PARTY BE LIABLE TO THE OTHER PARTY FOR ANY SPECIAL, INCIDENTAL, CONSEQUENTIAL, PUNITIVE OR INDIRECT DAMAGES ARISING FROM OR IN RELATION TO THIS SOW, ANY MSA, ANY THIRD PARTY’S ACTS, OMISSIONS OR TERMS AND CONDITIONS, OR THE USE OR DELIVERY OF THE SERVICES HOWEVER CAUSED AND REGARDLESS OF THEORY OF LIABILITY. THIS LIMITATION WILL APPLY EVEN IF SUCH PARTY HAS BEEN ADVISED OR IS AWARE OF THE POSSIBILITY OF SUCH DAMAGES. IN NO EVENT SHALL EITHER PARTY HAVE ANY LIABILITY FOR THE FOLLOWING: (A) LOSS OF REVENUE, INCOME, PROFIT, OR SAVINGS, (B) LOST OR CORRUPTED DATA OR SOFTWARE, LOSS OF USE OF SYSTEM(S) OR NETWORK(S), OR THE RECOVERY OF SUCH, (C) LOSS OF BUSINESS OPPORTUNITY, (D) BUSINESS INTERRUPTION OR DOWNTIME, (E) ANY COMPUTER OR OTHER VIRUS OR OTHER FEATURE DESIGNED TO DAMAGE OR DEGRADE IN ANY MANNER THE PERFORMANCE OF THE SOFTWARE, SERVICES, OR OTHER DEVICE OR SYSTEM, (F) ANY COMMUNICATION LINE FAILURE, (G) ANY THEFT, OR (H) DESTRUCTION, ALTERATION OF OR MALFUNCTION OF THE SOFTWARE, SERVICES, OR CLIENT SYSTEMS AND DATA. IF CLIENT IS DISSATISFIED WITH THE SOFTWARE OR SERVICES, THE SOLE AND EXCLUSIVE REMEDY SHALL BE TO DISCONTINUE USE OF THE SOFTWARE OR SERVICES.
Certain Services that Binary Defense performs for its clients follow a defined methodology, rather than being driven by a specific end result or deliverable. Due to the inherent nature of such Services, Binary Defense cannot guarantee the outcome of its testing, assessment, forensics, or remediation methods as all such methods have reliability limitations including but not limited to, (i) results produced differing from initial Client expectations, (ii) missing compliance gaps, and (iii) missing security gaps. NOTWITHSTANDING ANYTHING TO THE CONTRARY CONTAINED IN THESE TERMS AND CONDITIONS OR ANY APPLICABLE SOW(S), THE PARTIES ACKNOWLEDGE AND AGREE THAT BINARY DEFENSE CANNOT UNDER ANY CIRCUMSTANCES GUARANTEE THAT, DOES NOT REPRESENT, WARRANT OR COVENANT THAT, SHALL NOT BE RESPONSIBLE TO ENSURE THAT, AND HEREBY DISCLAIMS ANY EXPRESS OR IMPLIED REPRESENTATION, WARRANTY, COVENANT OR CONDITION THAT, A WEAKNESS, NONCOMPLIANCE ISSUE OR VULNERABILITY WILL BE DISCOVERED IF EVIDENCE OF SUCH IS NOT ENCOUNTERED BY BINARY DEFENSE DURING THE PERFORMANCE OF THIS SOW. BINARY DEFENSE USES A SAMPLING METHODOLOGY THAT ATTEMPTS TO REDUCE THE COST TO THE CLIENT WHILE MINIMIZING THE IMPACT TO THE ACCURACY AND RELIABILITY OF THE RESULTS. CLIENT ACKNOWLEDGES AND ACCEPTS THAT LIMITATIONS AND INHERENT RISKS EXIST FROM APPROACHES USED BY BINARY DEFENSE TO DELIVER THE CONSULTING SERVICES.
THE PARTIES ACKNOWLEDGE AND AGREE THAT NO MONITORING AND DETECTION SERVICES VENDOR, INCLUDING BINARY DEFENSE, CAN GUARANTEE THAT IT WILL BE ABLE TO DETECT EVERY THREAT AGAINST CLIENT. CLIENT ACKNOWLEDGES AND AGREES THAT BINARY DEFENSE IS LIMITED IN ITS ABILITY TO MONITOR AND DETECT THREATS ONLY TO THREATS THAT ARE PUBLICLY VISIBLE, PUBLICLY ACCESSIBLE, AND PUBLICLY DETECTABLE. BINARY DEFENSE DISCLAIMS, AND SHALL NOT HAVE ANY LIABILITY FOR FAILURE TO DETECT ALL THREATS AGAINST CLIENT INCLUDING, WITHOUT LIMITATION, THREATS THAT ARE DE-IDENTIFIED, ANONYMIZED, MASKED, HIDDEN, OBSCURED, MADE IN NON-PUBLICLY VISIBLE, NON-PUBLICLY ACCESSIBLE AND/OR NON-PUBLICLY DETECTABLE FORUMS, THREATS THAT ARE ENCRYPTED OR OTHERWISE SECURED FROM ACCESS OR DETECTION, AND OTHER SIMILAR THREATS. FURTHER, THE DECISIONS OF CLIENT, OR THE ACTIONS OR OMISSIONS OF CLIENT, BASED ON THE SERVICES PROVIDED HEREUNDER ARE CLIENT’S OWN. BINARY DEFENSE DOES NOT MAKE ANY REPRESENTATIONS, WARRANTIES ENDORSEMENTS, OR COVENANTS OF ANY KIND, EXPRESS OR IMPLIED, AND SHALL HAVE NO RESPONSIBILITY OR LIABILITY FOR THE DECISIONS MADE BY CLIENT, OR THE ACTIONS OR OMISSIONS OF CLIENT, BASED UPON THE SERVICES PROVIDED UNDER THESE TERMS AND CONDITIONS OR AN APPLICABLE SOW, OR THE RESULTS OBTAINED FROM SUCH SERVICES, OR THE ANALYSIS OR INTERPRETATION OF CONTENT OR DATA USED IN CONNECTION WITH, RESULTING FROM OR DERIVED FROM THE SERVICES PROVIDED UNDER THIS SOW. CLIENT IS SOLELY RESPONSIBLE FOR THE SELECTION AND USE OF ALL THIRD PARTY PRODUCTS, IF CLIENT ENGAGES BINARY DEFENSE TO MONITOR ANY THIRD PARTY PRODUCTS, BINARY DEFENSE DISCLAIMS ALL LIABILITY ARISING FROM THIRD PARTY PRODUCTS. CLAIMS RELATED TO THIRD PARTY PRODUCTS ARE THE SOLE RESPONSIBILITY OF THE THIRD PARTY, AND CLIENT WAIVES ANY RIGHT TI MAY HAVE TO BRING A CLAIM AGAINST BINARY DEFENSE RELATED TO THIRD PARTY PRODUCTS.
THE PARTIES ACKNOWLEDGE AND AGREE THAT THE SERVICES PROVIDED HEREUNDER ARE SUPPORTING TOOLS ONLY TO ASSIST WITH THE RECEIPT OF DATA, AND FOR THE CLASSIFICATION, PRESENTATION AND ASSESSMENT OF INFORMATION. ACCORDINGLY, NOTWITHSTANDING ANYTHING TO THE CONTRARY CONTAINED IN THIS AGREEMENT, THE PARTIES ACKNOWLEDGE AND AGREE THAT NEITHER BINARY DEFENSE, NOR ANY OF ITS OFFICERS, DIRECTORS, SHAREHOLDERS, MEMBERS, MANAGERS, EMPLOYEES, AGENTS, REPRESENTATIVES, SUCCESSORS OR ASSIGNS IS OR SHALL BE RESPONSIBLE OR LIABLE, IN ANY WAY, FOR THE DECISIONS MADE BY, OR THE ACTIONS OR OMISSIONS OF, CLIENT BASED UPON THE SERVICES PROVIDED HEREUNDER OR THE ANALYSIS OR INTERPRETATION OF CONTENT OR DATA USED IN CONNECTION WITH, RESULTING FROM OR DERIVED FROM SUCH SERVICES.
Client will indemnify, defend, and hold harmless Binary Defense and its Affiliates, vendors, suppliers, licensors (in the case of third party products and services being purchased by Client), directors, officers and employees from and against any Damages arising from the following: (i) the Client Data, (ii) Client’s use of the Services, Client Reports, or any property or rights of Binary Defense in a manner prohibited under this MSA, (iii) Client’s breach of payment obligations thereunder, or (iv) any data security, system or network security incident or breach in connection with the Client Data or other data, Confidential Information, personally identifiable information, protected health information, or the networks, computer, telecommunications, servers or other applications, systems, or devices of Client, its Affiliates, or their respective employees, agents, representatives, contractors, or vendors.
Binary Defense will (i) provide Client with reasonable notice after becoming actually aware of any claim, suit or proceeding for which indemnity is claimed, provided that failure to so notify will not relieve the Client’s obligations, and (ii) allow Client to solely control the defense of any claim, suit, or proceeding and all negotiations for settlement. In no event can Client enter into any third party settlement or other agreements, which would in any manner whatsoever affect, the rights or, or bind Binary Defense in any manner to such third party, without the prior written consent of Binary Defense. Binary Defense has the right, at its own cost and expense, to be represented by counsel of its choosing at any proceeding or settlement discussions related to any matter for which the Client is obligated to provide indemnification hereunder.
8. Breach Termination
Either Party may terminate this SOW if (i) the other Party materially breaches any obligation under this SOW, and such default continues un-remedied for a period of thirty (30) days following receipt of written notice of the default from the non-breaching Party, or (ii) either Party commences insolvency, receivership or bankruptcy proceedings or any other proceedings for the settlement of debts of the Party; (iii) upon the making of an assignment for the benefit of creditors by the Party; or (iv) upon the dissolution of the Party.
As used herein, the term “Affiliates” with respect to a Party means any entity that, directly or indirectly, through one or more intermediaries, controls, is controlled by or is under common control with such Party. Client acknowledges and agrees that it is responsible for any claims, liability or damages arising from its Affiliates.
Client may not assign, sublicense or transfer this SOW, or any Services, in whole or in part without the prior written consent of Binary Defense.
This SOW is governed by the laws of the State of Ohio, United States, without regard to or application of choice-of-law rules or principles. The parties agree to submit to the exclusive jurisdiction of the courts having jurisdiction over Summit County, Ohio.
Neither party shall use the name, trademarks, or logo of the other in promotional materials, publicity releases, advertising, or any other similar publications or communications without the prior consent of the other party; however, Client consents to Binary Defense’s use of Client’s logo in Binary Defense’s marketing and presentation materials.
This SOW, the MSA, if any, all exhibits, addenda, and additional Service terms and conditions, and any other linked terms (including but not limited to the service levels and Data Processing Agreement, if required) constitute the entire agreement between Binary Defense and Client with respect to the Services in this SOW. Binary Defense rejects all Client purchase orders or other Client terms. In the event of a conflict, the SOW terms govern, and second, by the MSA, if applicable. Third party Product and Service terms are separate obligations between Client and the third party only, and do not interfere with or govern this SOW or any other terms between Client and Binary Defense.
If Binary Defense is prevented from performing any of its obligations under these Terms and Conditions and/or an applicable SOW due to any cause beyond Binary Defense’s reasonable control, including, without limitation, an act of God, fire, flood, explosion, terrorism, disease, pandemic, war, embargo, government regulation, third party labor shortages, stoppages, or strikes, civil or military authority, acts or omissions of carriers, transmitters, providers, or acts of vandals, or hackers (each, a “force majeure event”), then the time for Binary Defense’s performance will be extended for the period of the delay or inability to perform due to such occurrence.
Binary Defense reserves the right to modify and make updates to these Terms and Conditions at any time. All changes will be effective immediately upon posting. Binary Defense will provide notice to Client of any material changes to these Terms and Conditions.
Binary Defense does not require the collection, use transmission, or storage of personally identifying information as defined by applicable law in order to perform most monitoring Services. In the event that Client determines that personally identifying information could be disclosed to Binary Defense, the Parties agree that such disclosure, transfer, use and storage by Binary Defense will be governed by the Data Processing Agreement located at: https://www.binarydefense.com/terms/dpa.