This is the Subscription Agreement for Software as a Service dated the date that the last party signs (Subscription Agreement) between the parties identified in the Subscription Order form, for the right to access and use the SCW Learning Platform.
The Subscription Agreement (including the SLAs and Subscription Order Form) sets out the Terms and Conditions between SCW and the Customer and when executed by both parties forms a legally binding and enforceable agreement between them.
SCW and the Customer shall hereinafter be defined as the “Party” and collectively as the “Parties”.
The following words shall have the meaning stipulated herein below:
Affiliates means a company in which either party either wholly owns or has a controlling interest, and includes subsidiaries as that term is commonly applied and Related Body Corporate as defined in the Corporations Act 2001(Cth);
Applicable Data Protection Legislation means any data protection or privacy legislation which applies, respectively to the activities of the Customer and SCW, including, where applicable the European General Data Protection Regulation Act 2016 (GDPR), the UK Data Protection Act 2018, the Australian Privacy Act (cth) 1988, and any other applicable legislation
Confidential Information means any information, maintained in confidence by the disclosing Party, communicated in written or oral form, marked as proprietary, confidential or otherwise so identified, and/or any information that by its form, nature, content or mode of transmission would, to a reasonable recipient, be deemed confidential or proprietary, including, without limitation, each party, employees, business plans, methods of operation, SCW Offerings, including the SCW Learning Platform. Confidential Information will also include, without limitation:
(a) certain confidential and/ or proprietary financial, sales and distribution, marketing, research and development, organizational, technical and other business information, policies or practices, related information; and
(b) any information disclosed by a Party which relates to an actual or potential End User, vendor or third party with which the disclosing Party is in a confidential relationship
Consent means consent, permission, agreement or approval which meets the requirements for the consent of the Applicable Data Protection Legislation
Controller has the meaning as defined by Regulation (EU) 2016/679 with obligations as set forth in the regulation
Customer means the party which acquires a Subscription on execution of this Subscription Agreement, and, if applicable, End Users(s)
Customer Data means all information, including any personal information provided by the Customer to SCW to enable SCW to provide the Customers and its End Users access to and use of the SCW Learning Platform.
Defect means a defect, error or bug having a materially adverse effect on the appearance, operation or functionality of the SCW Learning Platform, but excluding any defect, error or bug caused by or arising as a result of an act or omission of the Customer, any failures of the internet or part of the internet or other mechanism designed or used to disable, erase, alter or harm the SCW Learning Platform
Device means a single personal computer, workstation, mobile phone, tablet, or other electronic devices.
End Date is the date set out in the Subscription Order Form
End User means a person or persons employed and / or otherwise authorised by the Customer, or where applicable the Customer’s group, and who is provided with a subscription by the Customer to access and use the SCW Learning Platform, and excludes any person or persons who is employed by or contracted to a competitor to SCW
Force Majeure means any circumstances which are outside the parties’ control and which prevent or delay SCW providing the Service and SCW’s Materials (or any of them), any strike, lock-out or other industrial dispute (involving SCW workforce or not), the failure of any utility service or transport or telecommunications network, any bug, defect, error, fault or deficiency in any software or data not provided by SCW, any act of God, war, riot, civil commotion, malicious damage, compliance with any law or governmental order, rule, regulation, or direction, accident, breakdown of place, machinery or equipment fire, flood or storm.
Insolvency Event means a situation where in respect to either party (1) a party is unable to pay its debt as and when they fall due; (2) a receiver or administrator is appointed over the party or any part of their respective undertakings or assets; (3) a resolution for winding up the party is proposed (or ordered), with the expectation of such an order being proposed for the purpose of a bona fide reconstruction; (4) a court of competent jurisdiction makes an order to that effect; (5) it becomes subject to an order of administration; (6) it enters into any scheme of arrangement with credits or any similar process to any of the above is begun in any jurisdiction, or if it ceases or threatens to cease to carry on business
Intellectual Property means all intellectual property rights wherever in the world, whether registered or unregistered, including patents, rights to any invention, copyrights and related rights, moral rights, rights in computer software, trademarks, service marks, trade names, domain names, rights in any goodwill and the right to sue for passing off or unfair competition, registered designs, other rights in designs any application or right of application of such rights, including codes, sequences, derivative works, copyrights, data-base rights, trade secrets, know-how, business names, trade names, trademarks, service marks, patents, petty patents, utility models, rights in design, organisation, structure, interfaces, any documentation (including the SCW Materials), data and other related rights
Personal Data has the meaning given to it according to Regulation (EU) 2016/679 and Directive 95/46/EC, as amended from time to time, and includes the definition of Personal Information as provided in the Privacy Act 1988 (Cth)
Processor has the meaning as defined by Regulation (EU) 2016/679 with obligations as set forth in the regulation
SCW means Secure Code Warrior Limited, and its related/ affiliate entities
SCW Learning Platform means computer software developed and owned by SCW Limited made available to the Customer as a service via the internet, including Documentation, updates, supplements, modification, addition and/or adaptation of the SCW Learning Platform to enable or include certain features and/or functionality, under the terms and conditions of this Subscription Agreement
SCW Materials means any electronic or written aids, manuals, user instructions, technical literature, training material, demo material, specifications and all other related materials, which may be accessible by the Customer in the SCW Learning Platform
SLAs means the Service Level Schedule attached as Attachment A to this Subscription Agreement
Start Date means the date set out in the Subscription Order Form.
Subscription means the subscription for the right to access and use the SCW Learning Platform according to this Subscription Agreement
Subscription Fee means the fee payable by the Customer for SCW for access to and use of the SCW Learning Platform, the amount of which is set out in the Subscription Order Form.
Subscription Order Form means the Subscription Order Form between the Parties and attached to this Subscription Agreement
Subscription Term means the term specified in the Subscription Order Form
Sub Processor means a 3rd party processor selected by SCW for a specific set of processing needed by the SCW Learning Platform
2.1 The SCW Learning Platform provides an integrated suite of secure code training and tools that moves the focus from reaction to prevention. SCW’s Learning Platform includes hands-on training, team tournaments, real time coaching plug-in, self-paced learning for every skill level and online assessments.
2.2 The SCW Learning Platform is made available through an account set up for the Customer. The Customer’s right to access and use the Subscription for the SCW Learning Platform is web based only pursuant to the terms of this Subscription Agreement.
3.1 The initial term of this Subscription Agreement is set out in the Subscription Order Form (Initial Term).
3.2 This Subscription Agreement will renew for successive 12-month periods, with the parties’ express consent.
3.3 On termination or expiration of the Subscription Agreement, the Customer´s access to and use of the SCW Learning Platform will no longer be available, neither the Customer or the End User(s), will have access to or use of the SCW Learning Platform and applicable data or Services therein.
4.1 The Customer (including its End Users) is granted a limited, non-transferable, non-exclusive subscription to access and use the SCW Learning Platform on Devices via any standard web browser during the Subscription Term.
4.2 Neither Customer nor any End User are permitted to frame, reproduce, or otherwise re-publish, re-sell or re-distribute the SCW Learning Platform, or any part thereof.
4.3 The Customer agrees, and will procure that its End Users, will only access and use the SCW Learning Platform for its internal business use.
4.4 The Customer must not, and will procure that it’s End Users do not:
(a) access or use the SCW Learning Platform in any way that causes or may cause damage to the SCW Learning Platform or impairment of the availability or acessibility of the SCW Learning Platform or any of the areas of or services on the SCW Learning Platform;
(b) access or use the SCW Learning Platform in any way that is unlawful, illegal, fraudulent or harmful or in connection with any unlawful, illegal, fraudulent unethical, immoral, inappropriate or harmful activity, including but not limited to, to exploiting or acquiring skills for illegal or malicious attacks;
(c) allow its End Users or any third party to attempt, to copy, modify, duplicate, create derivative works, mirror, republish, reverse compile, disassemble, reverse engineer, download, transmit, or distribute all or any portion of the SCW Learning Platform, including but not limited to the object code and the source code, in any form or media or by any means;
(d) rent, lease, distribute, sell, sublicense, transfer or provide access to or use of the SCW Learning Platform to any third party; or
(e) access or use the SCW Learning Platform for any commercial purpose or for any public display, whether commercial or non-commercial, without the prior written approval of SCW.
4.5 The Customer acknowledges and agrees that the subscriptions are for designated End Users and cannot be shared or used by more than one End User and may only be reassigned to new End Users replacing former End Users who have left the Customer’s business or otherwise with the express consent of Secure Code Warrior.
4.6 The Customer is entitled to add additional End Users during the Subscription Term, following which the Customer will be invoiced for the additional End Users, pro-rated to the end of the relevant Subscription Term (or renewal term as may be appropriate).
4.7 If the Customer exceeds the number of End Users (and has not gone through the process outlined in clause 4.6 above), SCW reserves the right to charge the Customer for each of the additional End Users. The Customer will be invoiced for the number of additional End Users, as outlined in clause 4.6 above, pro-rated to the end of the relevant Subscription Term (or renewal term as may be appropriate).
4.8 The Customer acknowledges and agrees that the SCW Learning Platform may include certain software which is incorporated in the SCW Learning Platform for no additional fee (Open Source Software). Access to the Open Source software is provided subject to the terms provided for such access. A link to the relevant terms is https://license-list.securecodewarrior.com/. The Customer herein agrees that such terms are incorporated into this Subscription Agreement.
5.1 SCW does not make any representation, endorsement, guarantee or assurance of the suitability of the SCW Learning Platform for the Customer.
5.2 SCW will maintain the SCW Learning Platform and provide all support services on terms set out in the Service Level Schedule.
6.1 The Customer agrees to pay SCW a subscription fee for the right to access and use the SCW Learning Platform (Subscription Fee). The amount of the Subscription Fee and payment terms are set out in the Subscription Order Form.
6.2 Unless otherwise set out in the Subscription Order Form, SCW may revise the Subscription Fee with effect from the end of the Initial Term or, in the case of a Term which is longer than 12 months but where the Customer is paying on an annual basis, with effect from the end of each 12 month period by giving the Customer not less than 30 days’ notice, provided that (with the exception of any increase in the Fee which relates to an increased number of End Users during any Subscription Term) the percentage increase in the Subscription Fee does not exceed 2% above the percentage increase as follows:
(a) Where the SCW entity is Secure Code Warrior Pty Limited: the Consumer Price Index published by the Australian Bureau of Statistics
(b) Where the SCW entity is Secure Code Warrior, Inc: the Consumer Price Index published by the US Bureau of Statistics; and
(c) Where the SCW entity is Secure Code Warrior Ltd: in the UK Consumer Price Index published by the UK Office for National Statistics from time to time or, failing such that publication, such other index as SCW may determine most closely resembles that index, measured over the period starting (in the case of the first revision of the Subscription Fee) on the date of this Subscription Agreement or (in the case of any later revision of the Fee) the date 12 months before the date of SCW’s notice of given under this Clause and, in each case, ending on the date of that notice.
6.3 The Subscription Fee does not include any applicable taxes including but not limited to goods and services tax (GST), value added tax (VAT) which will be added on top of the fee as applicable, and as otherwise set out in the Subscription Order Form.
6.4 The Customer is responsible for payment of any applicable taxes as may be owed by the Customer due to entering into this Subscription Agreement.
6.5 If the Customer wishes to dispute any part of an invoice, the Customer must notify SCW, in writing, within five (5) business days after receipt of the invoice, explaining the reason for the dispute and the amount disputed (a Disputed Invoice). If SCW is not notified that an invoice is disputed within that time, the invoice will be deemed undisputed and will be due and payable in accordance with the terms of this Subscription Agreement. The Parties will work together to resolve any Disputed Invoice expeditiously. Where only part of the invoice is disputed, the Customer will pay the undisputed amount on the due date for payment.
7.1 Each party recognises and agrees that the Subscription Agreement, including the terms and negotiations leading up to its execution, create a confidential relationship between them, and that all information disclosed between them is Confidential Information. Each party agrees to protect Confidential Information disclosed to it to the same extent and in the same manner that it would protect its own Confidential Information. Each party further agrees to bind their respective employees, agents and subcontractors to the confidentiality and other terms and conditions of the Agreement and to be liable for their compliance therewith. In no event shall either parties’ practices and/ or policies fall below a level of reasonable and due care, which includes each party limiting reproduction, access, disclosure and use to those personnel who have a need to know for the purposes of performing the services in this Agreement, and who are made aware of and agree to comply with the terms of the Confidentiality obligations herein.
7.2 The Customer may receive User-specific information and may export and use that information in order to monitor the End Users’ use, results and performance in regard to the individual performance of the End User and as a part of internal use as applicable and desirable by the Customer for, including but not limited to, reports, campaigns and examination.
8.1 SCW owns and retains all right, title, interest and ownership to the SCW Learning Platform including without any limitation all Intellectual Property rights in and to the SCW Learning Platform, SCW Materials, and Learning materials. Accordingly, the Customer acknowledges and agrees that this Subscription Agreement and its access and use of the SCW Learning Platform transfers no title or ownership of the SCW Learning Platform either to it or any of its End Users.
8.2 The Customer acknowledges and agrees that SCW has a royalty-free, worldwide, transferable, irrevocable, perpetual license to use or incorporate into the SCW Learning Platform any suggestions, enhancement requests, recommendations or other feedback provided by Customer, including Users, relating to the operation of the SCW Learning Platform.
9.1 Each party agrees during the Subscription Term to maintain appropriate insurances as required by applicable law and which include all insurance as required by all applicable laws and regulations and employers’ liability insurance, Public / Products Liability, and Professional Indemnity
10.1 Each party represents and warrants that:
10.2 they are duly authorised to enter into the Subscription Agreement;
10.3 they will each execute their respective obligations under the Subscription Agreement with due care, skill and professionalism;
10.4 they will not hold themselves out as being an employee or any other association with the other than as provided in the Subscription Agreement
10.5 The Customer acknowledges and agrees that:
10.6 SCW makes no representation regarding the SCW Learning Platform other than as stated in this Subscription Agreement;
10.7 it has relied on its own skill and judgment or that of its advisers in entering to enter into this Subscription Agreement; and
10.8 the SCW Learning Platform including all SCW Materials comprise a standard service and materials provided to SCW’s customers generally and they have not been developed to meet the Customer’s or any of the Subsidiaries’ requirements; and it is the Customer’s and the Affiliates responsibility to check that the features, facilities and functions of the Service meet its requirements.
11.1 SCW reserves the right to suspend the Customers access to and use of the SCW Learning Platform in circumstances set out in clause 12.2(b) below and if:
11.2 there has been, or if SCW has reasonable grounds to suspect that there may have been, a breach of security (including the introduction of any Malicious Code), a breach of this Subscription Agreement, or any unlawful or illegal use of the Service and the SCW Materials (or any of them;
11.3 SCW knows or has reasonable grounds to suspect that any of the Customer Data infringes the Intellectual Property Rights or other rights of any third party, or is in any way unlawful, or is likely to lead to any third party instituting or threatening legal proceedings against SCW or any other person;
11.4 the Customer or any of the Affiliates cause, or SCW has reasonable grounds to suspect that the Customer, its End Users, other employees including those of any of its Affiliates has caused any technical or security issue which affects the Service or other customers of SCW or of any SCW Affiliate; and/ or
11.5 in circumstances set out in clause 12.3 below.
12.1 Unless renewed by agreement between the parties, and otherwise in accordance with the terms of clause 3 above, the Subscription Agreement will terminate on the End Date.
12.2 Either party may terminate the Subscription Agreement and any applicable Subscription Order by notice in writing to the other and with immediate effect if:
(a) the other party commits a material breach, incapable of remedy;
(b) the other party fails to remedy a breach within 10 business days of receiving written notice by the other party, provided that, in each instance of a claimed breach: (i) the non-breaching Party notifies the breaching Party in writing of such breach; and (ii) the breaching Party fails to either cure such breach within thirty (30) days (or such other period as mutually agreed by the Parties) from receipt of such notice;
(c) An Insolvency Event occurs in relation to either party; or
(d) any law enforcement agency or court requires or requests SCW to do so.
12.3 SCW may terminate the Subscription Agreement at any time in circumstances where there are technical and or security issues caused by the Customer that directly impact (or may impact) either of (a) the business operations of SCW or any of its customers; (b) the integrity of the SCW Learning Platform. For clarity, SCW will provide the Customer with a period of 14 days to respond to and or resolve any issues or concerns that Secure Code Warrior identifies in writing to the Customer, but the decision will otherwise be exercised by Secure Code Warrior in its absolute discussion.
13.1 SCW agrees to indemnify, defend and/or, at its option, settle any third-party claims that Customer’s (including affiliates and authorized users) (each an “Indemnified Party”) brought against or suffered by any Indemnified Party, alleging that any of the SCW Materials or the Indemnified parties’ access to and use of the SCW Learning Platform infringes any valid patent, copyright, trademark, trade secret or other intellectual property rights in the relevant territory. At its option and expense, SCW may either: (i) procure for Customer the right to continue to access and use the SCW Offerings; (ii) repair, modify or replace the SCW Offerings so that it is no longer infringing; and in circumstances where neither (i) or (ii) are possible (iii) provide a pro-rated refund of the fees paid for the SCW Offerings which gave rise to the indemnity calculated against the remainder of term for the applicable SCW Offerings from the date it is established that SCW is notified of the third party claim.
13.2 This indemnity is subject to: (i) the Indemnified Party providing prompt notice of any claim of infringement and assistance in the defense thereof, (ii) the Indemnifying Party’s sole right to control the defense or settlement of any such claim, provided that the settlement does not require a payment or admission of liability on the part of the other Party, and (iii) the indemnified Party not taking any actions or failing to take actions that hinder the defense or settlement process as reasonably directed by the indemnifying Party.
13.3 The Customer which for the purpose of this indemnity (includes its Affiliates and their respective employees, contractors and End Users’), is responsible for compliance with this Subscription Agreement. Without prejudice to SCW’s right to take action against any of the Customer’s Affiliates in relation to any breach of this Subscription Agreement, will be liable to and indemnifies SCW for all loss, cost, liability and/ or and damages (including legal fees) arising from or related to Customer's failure to comply with clauses 4, 7 and 8 of this Subscription Agreement.
14.1 Other than as provided in section 13 above, the maximum liability of SCW to the Customer will in no circumstances exceed an amount equal to or more than the Subscription Fee paid or payable to SCW for access to and use of the SCW Learning Platform, in any 12 month period.
14.2 Notwithstanding the above, neither Party will be liable to the other, whether in contract or tort, or otherwise for any incidental, indirect, punitive, exemplary, special, consequential or unforeseeable loss, damage or expense, loss of profits, loss of business, loss of opportunity, loss or corruption of data, however arising, even if advised of the possibility of such loss or damages being incurred.
14.3 Entire liability. The provisions in sections 13 and 14 state the exclusive remedy of the Customer with respect to any infringement and/or misappropriation claims
15.1 This Subscription Agreement and any disputes arising out of or in connection with access to and use of the SCW Learning Platform under the terms of the Subscription Agreement will be governed and interpreted by the non-exclusive jurisdiction of the laws as follows:
15.2 where the SCW entity is Secure Code Warrior Pty Limited: the laws of New South Wales;
15.3 where the SCW entity is Secure Code Warrior, Inc: the laws of the state of New York; and
15.4 where the SCW entity is Secure Code Warrior Ltd: the laws of England and Wales.
15.5 The parties agree that if a dispute arises out of or in connection with the performance of the parties’ rights and obligations under the Subscription Agreement (Dispute), that each of them will adhere to the following process before initiating any court action. The language to be used in the proceedings will be English, and the dispute resolution process is agreed as follows:
15.6 The party alleging the Dispute will provide the other party with written notice of the Dispute (Dispute Notice) and include in such Dispute Notice relevant facts and circumstances giving rise to the Dispute.
15.7 The parties will, within a reasonable time but no less than ten (10) business days from receipt of the Dispute Notice, convene a meeting between senior representatives of each party with authority to resolve the Dispute (Dispute Meeting).
15.8 Unless agreed otherwise the Dispute Meeting has thirty (30) days to resolve the Dispute and may meet as many times that it is able and considers reasonable.
16.1 This Subscription Agreement and the Customer’s right to access and use the SCW Learning Platform does not establish any relationship of partnership, joint venture, employment, franchise or agency between the Customer and SCW.
16.2 Neither party will use and/or display the other’s name and logo on its website and marketing or other collateral, with the other’s express prior consent.
16.3 Assignment. Neither party may assign the Subscription Agreement or its rights and obligations under the Subscription Agreement without the prior written consent of the other party, whose consent will not be unreasonably withheld or delayed. Notwithstanding the foregoing, neither party is entitled to withhold or delay its consent for any complete or partial assignment made by, or between their respective corporate structure.
16.4 Survival. Sections of this Subscription Agreement that, by their terms, require performance after the termination or expiration of this Subscription Agreement will survive as permitted by local law. These sections include section 1 (Definition), section 7 (Confidentiality), section 8 (Intellectual property), section 10 (Warranties), section 13 (Indemnities) and section 16 (Miscellaneous).
16.5 Entire agreement. This Subscription Agreement (including the Service Level Schedule), the Subscription Order Form and where relevant, any Data Processing Agreement constitutes the entire agreement between SCW and the Customer. It supersedes any prior or contemporaneous communications, and any prior agreement between the Parties regarding its subject matter, and cannot be amended or updated other than by a written agreement signed by both Parties. In the event of a conflict between the terms of this Subscription Agreement and a subsequent written agreement, this Subscription Agreement shall prevail.
16.6 Waiver. No waiver of any breach of this Subscription Agreement shall be a waiver of any other breach, and no waiver will be effective unless made in writing and signed by an authorized representative of the waiving Party.
16.7 Severability. If a court holds any provision of this Subscription Agreement to be illegal, invalid or unenforceable, the remaining provisions will remain in full force and effect and the Parties will amend this Subscription Agreement to give effect to the stricken section to the maximum extent possible.
16.8 Non-Solicitation. The Customer and each of its Affiliates acknowledge and agree that SCW and its Affiliates spend significant time and money to recruit and train their staff and that, were the Customer or any of the Subsidiaries to hire SCW’s or any SCW Affiliates’ staff, SCW or that SCW Affiliate (or both) may suffer loss, including incurring significant time and money in finding, hiring, training and onboarding of suitable replacement staff. Therefore if, at any time during the Subscription Term or within 18 months after the end of the Subscription Term, the Customer or any of its Affiliates hires any staff or former staff of SCW or of any SCW Affiliate with whom the Customer or any of its Affiliates has had dealings during the Service Period, the Customer will pay SCW a sum equal to that member of staff’s salary, bonuses and benefits during the 12 months immediately preceding that member of staff ceasing to be a member of staff of SCW or any of any SCW Affiliate.
THE SERVICE LEVEL SCHEDULE
1. DEFINITIONS
Agreement
means the agreement between the parties to which this schedule is appended
Business Day
means a Day on which the Customer is open for business at an office location using the Service
Customer
includes its subsidiaries / affiliates entities
Customer Help Desk
means the internal support desk established by the Customer qualified to support the Services within the Customer’s operations
Day
means a calendar day
Down Time
means total unavailability of the service to all users due to factors within the control of SCW
Maintenance and Support Services
means the maintenance and support services to be provided by SCW as described in this Schedule
Minimum Service Level
means the minimum Service Levels to be achieved by SCW as set out in this Schedule
Response Times
means the time period commencing with notification from the Customer of an incident and ends with the initial response from SCW
Resolution Time
means the time period commencing with notification being received from the Customer and ending with a response or deemed response from the Customer Help Desk that an item has been resolved
Service
means the online security learning service to be provided by SCW to the Customer
Service Credits
means the applicable service credits as described in 2(f) of the Service Levels
Service Hours
means, in respect of each week of the Term, the period from the start of the first business day in the first location from which Customer accesses the Services to the end of the last Business day in the relevant week in the last location from which Customer accesses the Services
Service Levels
means the performance levels to which the Services shall be provided as set out in this Schedule
Service Period
means each calendar month that Customer receives the Services
Service Up Time Percentage
means the total number of minutes in a calendar month minus the number of minutes of downtime suffered in a calendar month, divided by the total number of minutes in a calendar month minus scheduled downtime
System Response Time
means the time required for the Service to respond to an input as set out in this Schedule
Term
means the term for which the Customer has subscribed to the Service
Up Time
has the meaning set out in 2(e)(iii) of the Service Levels
(a) This schedule describes the scope and functionality of the Services to be provided by SCW to the Customer under this Subscription Agreement. It also specifies certain of the obligations of each party in the delivery of the Services.
(b) Each Service has, where specified, an associated Service Level
(a) SCW shall supply Customer with an online security training service incorporating the following production environment services
(b) Online Access: On-line access to the Service during the Service Hours excluding scheduled downtime as defined in this schedule or as otherwise agreed in writing between the parties
(c) Maintenance and Support Services during the Service Hours
(d) Data back-ups in accordance with section 5
(e) Application management: (1) application upgrades, (2) delivery of application maintenance updates
(f) SCW shall monitor and manage all components used to deliver the Service during the Service Hours throughout the Term
(g) SCW shall ensure appropriate capacity planning of the Services to ensure there is always sufficient capacity to provide the Service at the Service Levels. This shall require Customer to advise SCW of any anticipated material changes to the use of the Service
a. SCW shall make available to authorized Support Contacts a monthly management report detailing the performance of the Service against the Service Levels
1. Release Strategy
(a) SCW will inform Customer regularly of the timing and contents of new releases to the Service. Customer may provide suggestions and input to SCW regarding any planned or requested new features. SCW shall, at its sole discretion, consider whether Customer’s suggestions shall be included in a subsequent release as part of the Maintenance and Support Services
(b) Except where a product enhancement cost has been agreed with the Customer, such new releases to the Service shall be made at no cost to the Customer
(c) SCW shall document any such changes in release notes which shall be made available to the Customer as soon as possible, but no later than the date any new release is issued.
2. Support Services & Responsibilities
(a) SCW shall provide the support services in English
(b) SCW shall notify Customer of all incidents that may have an impact on the Service provided to the Customer
c) SCW shall be responsible for:-
i. The availability of the Service
ii. Solving incidents and problems raised by the Customer Help Desk
iii. Implementing changes to the Service required as a result of solving incidents
iv. Communicating the status of incidents to the Customer Help Desk
v. Communicating information about planned system changes of outages to Customer and the subsidiaries in a timely manner
vi. Responding to each incident in line with the specified actions for each incident class
(d) Customer is responsible for:
i. Raising incidents to the SCW help desk through a centralized Customer Help Desk
ii. The Customer must nominate at least 2 authorized Support Contacts and notify SCW of their names and contact details immediately following the date of the Agreement
iii. Incidents and service requests must be reported by email by an authorized Support Contact to support@securecodewarrior.com
iv. No phone support is provided directly to Users
v. The Customer must not publish SCW’s contact details on their intranet, website or anywhere else
3. Incident Management
(a) The Customer Help Desk shall provide the following items when notifying SCW of an incident
i. Incident time, duration and location
ii. User ID and contact details
iii. Incident description
iv. Category of incident, to be mutually agreed between the parties.
4. Incident Categorization
Class A – Severe Impact Provision of Service Failure
An incident that results in the loss of all or a significant portion of the service and impacts a majority of the users.
Class B – Major Impact Provision of Service Failure
The service is accessible by means of a workaround, or only a small number of users are impacted Or an incident which materially affects the performance of the Services in a negative manner or materially restricts the Customer’s and the Subsidiaries’ use of the Service
Class C – Moderate Impact
Incidents occur which do not individually represent a failure of the service, but are agreed as defects Or an incident which only has a minor effect on the Customer’s use of the Service or an Incident which is not a Class A or B incident
Class D – Low Impact
A general question or concern raised by the Customer concerning the use or implementation of the Service
5. Response Times
The SCW help desk will acknowledge receipt of the incident report within one hour.
6. Resolution Time
In the event of a Class A incident, the SCW help desk will acknowledge receipt of the incident report within one hour and as soon as practicable assign necessary staff to work on the incident until resolved or a workaround is provided to the Customer.
For Class B incidents, SCW and the Customer will agree an acceptable timeframe within which the incident should be resolved, such agreement to occur within 2 working days; and
For Class C and D incidents within such period of time as SCW deems appropriate given the nature of the question or concern
7. Closure of Incidents
For Class C and D incidents within such period of time as SCW deems appropriate given the nature of the question or concern
(a) Unless otherwise specified, the measurement period for the Service Levels is each Service Period.
(b) Where Service Levels are described as “targeted”, such targeted Service Level measurements represent the expected performance levels of the Service under normal operating conditions, but such targeted measurements are for guidance only and do not constitute any obligations or liabilities on the part of SCW and any failure to meet such targeted Service Levels shall not be construed in any way as a breach by SCW of this Agreement.
(c) In the event that Service Levels fail to meet the targeted Up Time and/or the targeted System Response Time metrics in any Service Period, SCW’s obligations are limited to providing an analysis and explanation of the reason(s) and proposed reasonable measures to eliminate the undershoot. Such measures may require changes either in the usage of the Services by the Customer, or of the Services by SCW.
(d) Where Service Levels are described as ‘contracted’, such contracted Service Level measurements represent the actual performance levels of the Service under normal operating conditions, and a failure to meet such contracted Service Levels will result in Service Credits being calculated.
(a) The Service Levels apply to the SCW learning platform and shall be measured over the Service Hours except for scheduled maintenance periods.
i. The metrics used to measure performance of the Service are as follows:
ii. System Response Time
iii. Up Time
iv. Maintenance Window
(b) The point of measurement for all Services monitoring with respect to System Response time shall be the servers at the SCW sub-processor data center. Response times exclude the transaction cycle times on communication links from the data center to the Customer’s end user.
System Response Time % of Service Period that Response Times will be met:
- Targeted 5 seconds 90%
- Contracted 10 seconds 99%
- Contracted 15 seconds 99.75%
(c) The System Response metric shall be calculated over a Service Period
(d) Measurement methods and targets for Service Up Times shall be as follows:
i. Service Up Time shall be calculated at the end of each Service Period. The contracted Service level for Service Up Times in any service period shall be 99.75%. The targeted Service Level for Services Up Times in any Services Period shall be 99%
ii. Up Time shall be expressed in percent and is defined as the time period during which the Service is available to the customer
iii. Up Time is calculated as follows:-
Service Up Time in % = means total number of minutes in the calendar month minus scheduled downtime minus the number of minutes of downtime suffered in a calendar month, divided by the total number of minutes in a calendar month minus scheduled maintenance windows
(e) Service Credits shall apply for failure to meet the contracted Service Levels and shall be as follows
i. For Uptime Percentage less than 99.75% but equal to or greater than 99.0%, you will be eligible for a 10% Service Credit of the Service fee for the applicable month
ii. For Uptime Percentage less than 99.0%, you will be eligible for a 20% Service Credit
iii. The Service Fee shall be the total service fee paid divided by the number of months of subscription to the service during a Term
iv. SCW shall provide the Service Credit to the Customer in the month following the Service Period in which the Service Level Failure occurred
(a) The provisions for scheduled maintenance are as follows:-
- Frequency: Weekly
- Duration: Maximum of two (2) hours)
- Time Monday 11am-1pm Sydney time (AEST/ADST)
(b) Unplanned maintenance including corrective actions to be taken by SCW to resolve an incident
(a) Suspension of the Service to carry out planned or routine maintenance
(b) Adverse impact on Up Times or Response Times due to the malfunction of Customer owned or controlled firewalls, networks or connectivity.
(c) Adverse impact on Up Times or Response Times due to a Force Majeure event(s)
(a) SCW shall take a backup of all Customer data:-
i. Incremental Backup: Every Minute, retained for 24 hour
ii. Full backup: Every 6 hours, retained for 2 calendar days
iii. Full backup: Every day retained for 7 calendar days
iv. Full backup: Every week retained for 4 calendar weeks
v. Full backup: Every month retained for 13 months
(a) Such backup shall be stored at a separate, secure, location to the production environment
(b) Backup data shall only be used for resolving an incident reported by the Customer
a. UNITED KINGDOM (incorporated in England and Wales)
Secure Code Warrior Limited
Company Number 08559432
Ironstone House
4 Ironstone Way
Brixworth, Northampton. NNG 9UD
United Kingdom
b. AUSTRALIA
Secure Code Warrior Pty Limited
ABN 97 608 498 639
c/o Vital Addition
5, 120 Sussex Street
Sydney. NSW 2000
Australia
c. BELGIUM
Secure Code Warrior BVBA
Baron Ruzettelaan 5
bus 3 8310 Brugge
Belgium
d. USA
Security Code Warrior Inc
265 Franklin Street, Suite 1702
Boston MA 02110
USA
e. ICELAND
Motherji ehf
Borgatun 24, 105,
Reykjavik,
Iceland
As a user of the Secure Code Warrior platform we will hold the following information about you
This personal information will be held about you for so long as you have access to our platform and thereafter for a further period of twelve (12) months or as specified in your employers contract with us (whichever is the lower).
As potential employee of Secure Code Warrior we hold the following information about you:
Should you be unsuccessful we will retain this data for a period of twelve (12) months so that we may contact you regarding any future opportunities, unless you request that we delete the data beforehand.
As an email contact or prospective customer to Secure Code Warrior we hold the following information about you:
We will retain this data for up to 7 years from our last contact with you, unless you request that we delete the data beforehand.
As a registrant, or participant in a tournament or competition we hold the following information about you:
This personal information will be held about you for so long as you have access to our platform and thereafter for a further period of twelve (12) months.
As a supplier to Secure Code Warrior we hold the following information about you:
Necessary to enable us to perform our contract with you:
Necessary for the performance of our contract with you where such communication relates specifically to our services, and legitimate interest to be able to handle such queries:
For legitimate interest to enable Secure Code Warrior to:
For legitimate interests to allow Secure Code Warrior to improve customer services offering:
To enable Secure Code Warrior to comply with a legal obligation:
With consent:
To enable Secure Code Warrior to recruit employees and assess potential candidates, that is to:
consider applications for roles for which you may have applied, directly or via a recruitment, and the negotiation of employment opportunities,
consider applicants for other roles within Secure Code Warrior for which they may be suited,
obtain references from former employers.
Necessary for the performance of a contract
For legitimate interests to enable Secure Code Warrior to conduct business
For legitimate interests to contact those who may benefit from our services
With consent
Necessary for the running of the competition and/ or tournament
With consent
for legitimate interests to enable Secure Code Warrior for the performance of a contract where the supplier is an individual
Legitimate interests to conduct business
Please see list of our data sub-processors here.
Contact us today and make software security an intrinsic part of your development process.
