- Corporate Security
- Governance, Risk & Compliance
- Information Security
Resolver RiskVision End User Software License Agreement
This Resolver RiskVision (“RiskVision”) End User Software License Agreement (“Agreement”) is a legal agreement between you individually if you are agreeing to it in your own capacity, or if you are authorized to acquire the Software on behalf of your company or another organization, between the company or organization for whose benefit you act (“Customer”), and Resolver SOAR LLC (“Company”).
BY CLICKING ON THE “ACCEPT” BUTTON OR DOWNLOADING OR USING THE SOFTWARE YOU ARE CONSENTING TO BE BOUND BY THIS AGREEMENT. IF YOU DO NOT AGREE TO ALL OF THE TERMS AND CONDITIONS OF THIS AGREEMENT, CLICK THE “DO NOT ACCEPT” BUTTON AND THE INSTALLATION PROCESS WILL NOT CONTINUE, AND DO NOT DOWNLOAD OR USE THE SOFTWARE.
CUSTOMER MAY HAVE A SIGNED WRITTEN AGREEMENT DIRECTLY WITH COMPANY (E.G., AN ENTERPRISE OR MASTER LICENSE AGREEMENT) THAT SUPPLEMENTS OR SUPERSEDES ALL OR PORTIONS OF THIS AGREEMENT.
1.1 “Application” means the RiskVision software designed to perform specific security risk management tasks and actions and present interfaces and views on top of the RiskVision Platform.
1.2 “Asset” means every physical or virtual entity object that is imported by the Software from any source, and utilized by the Software for any reason, such as assessing, linking to other objects, monitoring and/or reporting, whether or not the assets, entity or object has an IP or MAC address.
1.3 “Asset Type” means the type of an Asset. Each Asset has one and only one Asset Type:
1.4 “Attestation User” means a user who can only read policies and provide indication (attest) the policy has been read. Attestation Users cannot perform any other tasks with the Software.
1.5 “Documentation” means RiskVision’s Software user manual(s) furnished to Customer by Company in soft copy format.
1.6 “Effective Date” means the earlier of: (i) the effective date identified as such on the applicable ordering document(s), or if not so identified, the date on which such documents are signed by Company or its reseller, or (ii) the date that Customer is given the URL and password that enables Customer to access or download the Software.
1.7 “Health Report” means an administrator-run technical checkup of the RiskVision Platform. The following “Asset States” are defined and recorded in the Health Report:
1.8 “Platform” means the RiskVision three-tier purpose-built security risk management software system under which the various RiskVision Applications are designed to run.
1.9 “Practitioner User” means every user who accesses RiskVision functionalities and performs general tasks. Such general tasks include but are not limited to answering assessments, making configuration changes, authoring or reviewing policies, providing approval or opinion, performing mitigation tasks, viewing or authoring reports.
1.10 “Software” means the specific quantity and part number of the RiskVision proprietary software products in object code form described in the applicable ordering document(s) and delivered by Company to Customer by electronic download or otherwise. Software also includes without limitation the Documentation any and all third-party software and third-party content (for example, content packs or policy framework information) that is furnished by Company for use in conjunction with the Software.
1.11 “Users” means the total number of Customer’s Practitioner Users and Attestation Users.
2.1 Grant. Subject to the terms and conditions of this Agreement and timely payment of all fee(s) described in the applicable ordering document(s), Company hereby grants to Customer a nonexclusive, non-sublicenseable, nontransferable license, during the Term specified in the applicable ordering document(s), to: (a) install the number of permitted copies of Software on the computer hardware specified in the applicable ordering documents(s); (b) use, perform and display each permitted copy of the Software in accordance with the Documentation for Customer’s internal purposes only, subject to the usage metrics and limitations described in the applicable ordering document(s) (e.g., the maximum number of Assets or Users); and (c) make one (1) backup or archival copy of the Software. Delivery is deemed to have occurred when Customer is given the URL and password that enables Customer to access or download the Software.
2.2 Restrictions. Customer acknowledges and agrees that the Software is the trade secret and confidential information of Company and its suppliers, and Customer agrees to maintain all of the foregoing in strict confidence. Customer agrees not to (a) modify, adapt, alter, translate, or create derivative works from the Software; (b) reverse-engineer, decompile, disassemble, or attempt to derive the source code for the Software; (c) distribute, sublicense, lease, rent, loan, or otherwise transfer the Software to any third party; (d) use the Software other than as described in the Documentation; (e) merge or use the Software with any software or device for which they were not intended (as described in the Documentation); (f) extract or use any third party software or third-party content (for example, content packs or policy framework information) that is furnished by Company in conjunction with the Software, with any software or application other than the Software; (g) use the Software in any time-sharing, outsourcing, service bureau, hosting, application service provider or managed service provider environment; or (h) use the Software for any unlawful purpose. Customer will not remove, alter, or obscure in any way the proprietary rights notices (including copyright, patent, and trademark notices and symbols) of Company or its suppliers contained on or within any copies of the Software. Customer acknowledges that the Software may contain license keys to activate the Software and to limit the uses of the Software as described in the applicable ordering document(s).
2.3 Ownership. Notwithstanding anything to the contrary, the Software is licensed, not sold. There are no implied licenses under this Agreement, and except for the nonexclusive licenses expressly granted to Customer in this Agreement, Company and its suppliers retain all right, title and interest in and to the Software, and any modifications, improvements, enhancements, customizations, updates, revisions or derivative works thereof.
2.4 Third Party Content. Certain third party content furnished by Company to Customer requires licenses from those third parties. It is Customer’s responsibility to secure the required license from such third parties and pay the required third party fees for such content, whether included in Company content packs or otherwise.
3. Maintenance and Support Services
Company will provide RiskVision Maintenance and Support services from the Effective Date as described in this section, subject to Customer’s obligation to pay for the applicable RiskVision Maintenance and Support subscription.
3.1 Maintenance. Company will provide all commercially reasonable assistance necessary to ensure that the Software continues to perform in substantial conformance with the Documentation. During Customer’s subscription to RiskVision Maintenance and Support services, Company shall make available to Customer revisions of the Software or Documentation at no extra charge when Company makes such revisions generally available to its other RiskVision Maintenance and Support subscribers.
3.2 Support. Company offers two Support Services levels, Standard and Extended. Standard Support is included with a RiskVision Maintenance and Support subscription, and Extended Support is available for an additional fee.
3.3 Renewal. A RiskVision Maintenance and Support subscription is required for the first year from the Effective Date. The RiskVision Maintenance and Support subscription will automatically renew each year on the anniversary of the Effective Date (“Renewal Date”), unless either party provides written notification of cancellation to the other party at least thirty (30) days prior to the Renewal Date.
4. Term and Termination
4.1 Term. This Agreement will commence on the Effective Date and will continue for the Term identified in the applicable ordering document(s), or until earlier terminated by either party as expressly permitted by this Agreement.
4.2 Termination for Breach. Each party will have the right to terminate this Agreement immediately upon written notice if the other party breaches a material term of this Agreement (including the obligation to make payments when due) and fails to cure such breach within thirty (30) days after written notice of breach by the non-breaching party. Notwithstanding the foregoing, Company will have the right to terminate this Agreement immediately upon written notice if Customer breaches Section 2 (License).
4.3 Effect of Termination. Upon any termination of this Agreement, all licenses granted hereunder will immediately terminate and Customer will return or destroy all copies of the Software. Section 1 (Definitions), 2.2 (Restrictions), 2.3 (Ownership), 4.3 (Effect of Termination), 5.2 (Disclaimer), 6 (Limitation of Liability), 7 (Miscellaneous), and any payment obligations that accrued prior to termination of this Agreement, will survive any such termination.
5.1 Performance Warranty. For a period of ninety (90) days after initial delivery of the Software (“Warranty Period”), Company warrants that the Software, when used as permitted under this Agreement and in accordance with the Documentation, will operate substantially as described in the Documentation. If the Software fails to conform to the foregoing warranty, Company will, at its own expense and as its sole obligation, and as Customer’s sole and exclusive remedy for breach of this warranty, correct any reproducible nonconformity in the Software reported in writing to Company by Customer during the Warranty Period. The provision of any bug fix, patch, error correction or new release by Company to Customer will not operate to extend the original Warranty Period.
5.2 DISCLAIMER. EXCEPT TO THE EXTENT EXPRESSLY SET FORTH IN SECTION 5.1, COMPANY EXPRESSLY DISCLAIMS ALL REPRESENTATIONS, WARRANTIES AND CONDITIONS WITH RESPECT TO THE SOFTWARE AND ALL OTHER MATERIALS OR SERVICES PROVIDED UNDER THIS AGREEMENT, WHETHER IMPLIED, EXPRESS, OR STATUTORY, INCLUDING THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE, NONINFRINGEMENT OF THIRD-PARTY RIGHTS, QUIET ENJOYMENT, AND ACCURACY. COMPANY DOES NOT WARRANT THAT THE SOFTWARE WILL IN EVERY CASE PROCESS ALL DATA CORRECTLY, OR THAT OPERATION OF SAME WILL BE SECURE, ERROR-FREE, OR UNINTERRUPTED. COMPANY DISCLAIMS THE ACCURACY OF ANY SCORES OR METRICS PROVIDED BY THE SOFTWARE. NEITHER COMPANY NOR ANY SYSTEM, SERVICES, DOCUMENTATION, DATA, OR MATERIALS PROVIDED BY COMPANY WILL BE CONSTRUED AS PROVIDING ACCOUNTING, TAXATION, FINANCIAL, INVESTMENT, LEGAL OR OTHER ADVICE TO CUSTOMER, END USERS, OR ANY THIRD PARTY. THE RESULTS OF THE SOFTWARE ARE NOT EVIDENCE OF COMPLIANCE WITH ANY PRIVACY, SECURITY OR OTHER STANDARD, FOR EXAMPLE, HIPAA, PCI, SOX, PIPEDA OR EUDPD. EACH PARTY WILL BE SOLELY AND INDIVIDUALLY RESPONSIBLE TO COMPLY WITH ALL LAWS AND REGULATIONS RELATING TO ITS RESPECTIVE BUSINESS OPERATIONS.
6. Limitation of Liability
6.1 DAMAGES. IN NO EVENT WILL COMPANY OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, CONSEQUENTIAL, INCIDENTAL, SPECIAL OR EXEMPLARY DAMAGES ARISING OUT OF THE USE, INABILITY TO USE, OR PERFORMANCE OF THE SOFTWARE, INCLUDING WITHOUT LIMITATION DAMAGES FOR LOSS OF BUSINESS PROFITS, LOSS OF DATA OR BUSINESS INTERRUPTION, BASED UPON PRINCIPLES OF CONTRACT, WARRANTY, NEGLIGENCE, STRICT LIABILITY OR OTHER TORT, BREACH OF ANY STATUTORY DUTY, PRINCIPLES OF INDEMNITY OR CONTRIBUTION, EVEN IF COMPANY OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
6.2 DAMAGE CAP. IN NO EVENT SHALL COMPANY’S TOTAL CUMULATIVE LIABILITY ARISING FROM OR RELATED TO THIS AGREEMENT, WHETHER IN CONTRACT OR TORT OR OTHERWISE, EXCEED A SUM EQUAL TO THE TOTAL OF ALL FEES PAID BY CUSTOMER TO COMPANY FOR THE SOFTWARE DURING THE TWELVE (12) MONTH PERIOD IMMEDIATELY PRECEDING THE EVENT FIRST GIVING RISE TO LIABILITY. THIS LIMITATION IS CUMULATIVE AND WILL NOT BE INCREASED BY THE EXISTENCE OF MORE THAN ONE INCIDENT OR CLAIM.
6.3 EXCLUDED USES. THE SOFTWARE IS NOT INTENDED FOR USE IN CONNECTION WITH ANY NUCLEAR, AVIATION, MASS TRANSIT, OR MEDICAL APPLICATION OR ANY OTHER INHERENTLY DANGEROUS APPLICATION THAT COULD RESULT IN DEATH, PERSONAL INJURY, CATASTROPHIC DAMAGE, OR MASS DESTRUCTION, AND CUSTOMER AGREES THAT COMPANY WILL HAVE NO LIABILITY OF ANY NATURE AS A RESULT OF ANY SUCH USE OF THE SOFTWARE.
7.1 Governing Law; Arbitration; Venue. The validity, construction and interpretation of this Agreement will be governed by the internal laws of the State of California, excluding its conflict of laws provisions. Except for the right of either party to apply to a court for a temporary restraining order, a preliminary injunction, or other equitable relief, any controversy, claim or action arising out of or relating to this Agreement will be settled by binding arbitration in Santa Clara County, California, under the rules of the American Arbitration Association by 3 arbitrators appointed in accordance with such rules. The parties consent to the exclusive jurisdiction and venue of the federal and state courts located in Santa Clara County, California for any action permitted under this Section, challenge to this Section, or judgment upon the award entered.
7.2 Assignment. This Agreement may not be assigned by Customer by operation of law or otherwise, without the prior written consent of Company, which will not be unreasonably withheld.
7.3 Equitable Relief. Customer acknowledges that Company would suffer immediate and irreparable harm for which monetary damages would be an inadequate remedy if Customer were to breach its obligations under Section 2 (License) or exceed the scope of a license granted herein. Customer therefore expressly agrees that Company will be entitled to obtain equitable relief, including injunctive relief, from any court having jurisdiction, in order to protect rights and interests in connection with Section 2 (License) of this Agreement or in connection with any license restriction contained herein. Such remedy shall be in addition to such other remedies as may be available at law or in equity.
7.4 Government Users. The Software is comprised of “commercial items”, “commercial computer software”, and “commercial computer software documentation” as such terms are as defined in FAR 2.101 and DFARS 252.227-7014(a)(1). The Software is provided to any federal, state or local government agency only subject to the terms and conditions of this Agreement and such additional terms as are agreed by the parties in a properly executed writing and that are consistent with (a) the policies set forth in 48 C.F.R. 12.212 (for federal, state and local civilian agencies); or (b) the policies set forth in 48 C.F.R. 227.7202-1 and 22.7202-3 (for units of the Department of Defense).
7.5 Export Control. Customer will comply with all applicable export control laws, rules, and regulations, including without limitation the United States Bureau of Industry and Security’s Export Administration Regulations. Without limiting the foregoing, Customer will not export or re-export any Software or Documentation without first making any filings or obtaining any licenses required under applicable export law.
7.6 Payment Terns. Based on the terms of this Agreement, Customer will have an irrevocable obligation to make the payments that are specified in the applicable ordering document(s). If the applicable ordering document(s) are between Customer and Company, all fees payable by Customer to Company shall be paid within 30 days of the invoice date and are nonrefundable. All payments will be made in the currency and by the method stated in the applicable ordering document(s).
7.7 Audit. For the duration of this Agreement and the license granted hereunder, Customer will keep and maintain all books and records relating to all use of the Software and the fees payable under this Agreement, including without limitation recording, as applicable, the total number of Assets or Users in existence at any time. At any time, upon request from Company, Customer will access and provide Company with a copy of the complete, unmodified and most recent “Health Report” from Customer’s production instance of the RiskVision Platform. In addition, and no more than once per calendar year, Company may audit such books and records in order to verify the calculation and payment of fees under this Agreement. Any such audit shall be conducted during normal business hours at Customer facilities, and on no less than ten (10) days’ prior written notice.
7.8 Confidentiality. “Confidential Information” means any and all information related to a party’s business that is labeled or identified as “confidential” or “proprietary”; or otherwise is of such a type or disclosed in such a way that a reasonable person would understand that the information disclosed is confidential or proprietary, including without limitation software, source code and specifications, trade secrets, development plans, technical information, business forecasts and strategies, and information regarding personnel, customers and suppliers. Without limiting the foregoing, all Software and related documentation will be deemed the “Confidential Information” of Company. Each party agrees (i) to hold the other party’s Confidential Information in strict confidence, (ii) not to disclose such Confidential Information to any third parties, except as described below and (iii) not to use any Confidential Information except for the purposes of this Agreement. Each party may disclose the other party’s Confidential Information to its responsible employees and contractors with a bona fide need to know, but only to the extent necessary to carry out the purposes of this Agreement, and only if such employees and contractors are subject to a nondisclosure agreement sufficient to protect the other party’s Confidential Information hereunder. The restrictions set forth in this section will not apply to any Confidential Information that the receiving party can demonstrate (a) was known to it prior to its disclosure by the disclosing party; (b) is or becomes publicly known through no wrongful act of the receiving party; (c) has been rightfully received from a third party authorized to make such disclosure without restriction; or (d) is independently developed by the receiving party without reference to the disclosing party’s Confidential Information. The parties agree that a breach of this section may cause irreparable damage which money cannot satisfactorily remedy and therefore, the parties agree that in addition to any other remedies available at law or hereunder, the disclosing party will be entitled to seek injunctive relief for any threatened or actual disclosure by the receiving party.
7.9 Force Majeure. Notwithstanding any provision contained in this Agreement, neither party will be liable to the other to the extent fulfillment or performance of any terms or provisions of this Agreement is delayed or prevented by revolution or other civil disorders; wars; strikes; labor disputes; electrical equipment or availability failure; fires; floods; acts of God; government action; or, without limiting the foregoing, any other causes not within its control, and which by the exercise of reasonable diligence it is unable to prevent. This clause will not apply to the payment of any sums due under this Agreement by either party to the other.
7.10 Notices. All notices or reports permitted or required under this Agreement will be in writing and will be delivered by personal delivery, telegram, telex, telecopier, facsimile transmission, or by certified or registered mail, return receipt requested, and shall be deemed given upon personal delivery, five (5) days after deposit in the mail, or upon acknowledgment of receipt of electronic transmission.
7.11 Construction. This Agreement, including any exhibits, attachments and addenda, constitutes the complete agreement between the parties with respect to its subject matter and supersedes all prior or contemporaneous discussions, representations, and proposals, written or oral, with respect to the subject matters discussed herein. No modification of this Agreement will be effective unless contained in writing and signed by an authorized representative of each party. This Agreement will take precedence over any conflicting or inconsistent terms and conditions accompanying any purchase order or similar document submitted by Customer to Company. In the event that any provision of this Agreement is found invalid or unenforceable, it will be enforced to the extent permissible and the remainder of this Agreement will remain in full force and effect. The failure of a party to prosecute its rights with respect to a breach hereunder will not constitute a waiver of the right to enforce its rights with respect to the same or any other breach.