SECURE CODING VULNERABILITY SCANNING SUBSCRIBER AGREEMENT
IMPORTANT—PLEASE READ THESE TERMS CAREFULLY BEFORE APPLYING FOR, ACCEPTING, OR USING THE SECURE CODING VULNERABILITY SCANNING SERVICE.
BY USING, APPLYING FOR, OR ACCEPTING THE VULNERABILITY SCANNING SERVICE OR BY CLICKING ON “I
ACCEPT” BELOW, YOU (THE “SUBSCRIBER”) ACKNOWLEDGE THAT YOU HAVE READ THIS AGREEMENT, THAT YOU UNDERSTAND IT, AND THAT YOU AGREE TO AND ACCEPT THE TERMS AS PRESENTED HEREIN. IF YOU DO NOT AGREE TO THE TERMS AND CONDITIONS OF THIS AGREEMENT, DO NOT APPLY FOR, ACCEPT, OR USE SECURE CODING ’S VULNERABILITY SCANNING SERVICE OR WEBSITE.
The terms and conditions set forth below constitute a binding agreement between you (the “Subscriber” or “you”) and FourSecureCoding Ltd trading as Secure Coding (“Secure Coding”), which has its principal place of business at 30 Tavistock Road, Fleet, Hampshire, GU51 4EJ, United Kingdom (the “Agreement”). Any failure to abide by this Agreement shall void Secure Coding ’s obligations hereunder.
1. Use of the Services
Secure Coding grants to you a revocable, non-exclusive, non-transferable license to use the vulnerability scanning service select during the registration process, including the security scans, logos, audits, and reports (the “Services”) to identify areas of insecurity or vulnerability on a scanned network server, personal computer, or other internet-connected device (each a “System”).
You authorise Secure Coding to perform the Service on the specified Systems.
In order to receive the Services, you must register for an account with Secure Coding. Subscriber shall provide full and accurate information in all electronic or hardcopy documents submitted to Secure Coding. This information must be promptly updated if any information changes or ceases to remain accurate. Failure to promptly update information shall be deemed a material breach of this Agreement.
The account shall be protected by a username and password which are confidential information. You are fully responsible for any activities that occur through your account. You must notify Secure Coding immediately if you suspect any unauthorized use of your account.
The Service serves only as a passive conduit to provide the scan and recommended fixes and are not intended to fix, remedy, prevent, or eliminate any vulnerabilities or insecurities.
You are solely responsible for securing and protecting your system. The Services only scan for major known vulnerabilities. A successful scan does not guarantee or ensure that the System is free of all vulnerabilities or insecurities.
The number of scans performed depends on the subscription selected during the registration process.
1.6. Changes in Services
Secure Coding may modify the Service in its sole discretion, including removing, modifying, or updating the specific scans performed. These modifications may be made without notice from Secure Coding.
1.7. Trial Accounts
Subscribers who register with:
2. Subscriber Obligations
(i) Be responsible for the compliance with all laws, regulations, and other restrictions on the distribution or use of the software, including the export laws of the United Kingdom;
(ii) Be responsible of all equipment and services necessary to receive the Service;
(iii) Maintain any confidential information disclosed by Secure Coding; and
(iv) Pay all charges resulting from the use of the Services.
Subscriber shall not
(i) Use the Service to engage in any unlawful or prohibited activity;
(ii) Use the Service to infringe on the intellectual property rights of a third party;
(iii) Interfere or disrupt networks or third parties;
(iv) Bypass or violate any policies and procedures of networks connected to the Service;
(v) Directly or indirectly, reproduce, sell, lease, rent, transfer, or exploit the Service;
(vi) Use the Service to scan domains or attempt to gain access to Secure Coding’s or a third party’s Systems without the express permission of Secure Coding or the relevant third party;
(vii) Represent that Secure Coding guarantees any of your products or services
(viii) Use a report generated by the Service for any reason other than obtaining PCI compliance, remedying vulnerabilities on the scanned system, or other internal business purposes; or
(ix) Reverse engineer or otherwise derive the processes and source code by which the Service is provided or by which the reports are generated.
3. Fees and Payment
3.1. Subscriber shall pay all fees resulting from Services ordered under Subscriber’s account, regardless of any actual use of the Services or if Subscriber’s site passes the vulnerability scans. Prices for the Service are posted on the Secure Coding website at www.securecoding.co.uk. Secure Coding may revise its fees at any time by posting an amended fee schedule on the website. Continued use of the Services after an amendment constitutes Subscriber’s acceptance of the amendment.
3.2. Fees must be paid in advance and are non-refundable. Monthly account billing starts at midnight on the first of every month. Payment must be made by credit or debit card designated by the Subscriber during the account registration. The Subscriber authorises Secure Coding to charge all agreed fees to this card. Accounts designated as group invoice billing account must be approved by Secure Coding and will be invoiced on a monthly basis.
3.3. Questions regarding fees and charges must be made to Secure Coding within thirty (30) days of such charge. Failure to use the account is not a basis for refusing to pay any charges. Billing corrections shall be made by providing a credit to Subscriber’s account for future monthly fees or for the purchases of service upgrades. Secure Coding may deactivate any account that has a disputed charge until Secure Coding, in its sole discretion, determines the dispute resolved.
3.4. If a fee is rejected by your card issuer (or its agent or affiliate), Secure Coding may deactivate your account and prevent access to the Services until the fee has been successfully processed.
4.1. “Confidential Information” means all material, data, systems and other information concerning Secure Coding’s business operations that is not known to the general public, including:
(a) information about the software used to perform each parties’ respective obligations hereunder (such as personal identification numbers and passwords); and
4.2. Each party shall ensure that any person to whom Confidential Information is disclosed by it complies with the restrictions set out in this section as if such person were a party to the Agreement.
4.3. Notwithstanding the previous provisions of this section, either party may disclose Confidential Information if and to the extent required by law, for the purpose of any judicial proceedings or any securities exchange or regulatory or governmental body to which that party is subject, wherever situated, whether or not the requirement for information has the force of law, and if and to the extent the information has come into the public domain through no fault of that party. Should a party be required to disclose Confidential Information pursuant to this section, the party shall promptly give notice of such requirement to the other party prior to disclosing the Confidential Information.
4.4. The restrictions contained in this section shall continue to apply to each party for the duration of the Agreement and for the period of 5 years following the termination of the Agreement.
5.2. As a subscriber, you are given the opportunity to ‘opt-out’ of having information used for purposes not directly related to the Services ordered. This application notifies you that you may ‘opt out’ by emailing a clear notice to support [at] SecureCoding [dot] co [dot] uk.
5.3. Although Secure Coding has taken steps to reduce risk by building systems with high levels of security to ensure the privacy of all transaction data and the safe transmission of credit card information, risks remain due to factors beyond the reasonable control of Secure Coding. Your use of the Service is subject to those risks which you agree to bear.