NOTICE TO ALL USERS: PLEASE READ THIS AGREEMENT CAREFULLY.
IF YOU DO NOT AGREE WITH THESE TERMS AND CONDITIONS DO NOT INITIATE THE MDR SERVICES. BY SELECTING "I ACCEPT", "OK", "CONTINUE", "YES" OR BY INITIATING THE MDR SERVICES IN ANY WAY, YOU INDICATE YOUR COMPLETE UNDERSTANDING AND ACCEPTANCE OF THESE TERMS WHICH TOGETHER WITH THE PRIVACY POLICY AND ANY COMMERCIAL DOCUMENTS PRESENTED TO YOU CONSTITUTE THE AGREEMENT (COLLECTIVELY, THE “AGREEMENT”). IF YOU DO NOT AGREE TO ALL OF THESE TERMS OR IF YOU DO NOT HAVE THE AUTHORITY TO BIND THE COMPANY, SELECT THE REJECTING OPTION AND DO NOT INITIATE THE MDR SERVICES.
YOU REPRESENT AND AGREE ON BEHALF OF YOUR COMPANY THAT YOU HAVE THE CAPACITY AND AUTHORITY TO BIND YOUR COMPANY TO THIS AGREEMENT AND THAT YOU HAVE READ ALL TERMS AND CONDITIONS, UNDERSTAND THEM, AND AGREE TO BE BOUND BY THEM.
YOU HAVE THE OBLIGATION TO INFORM AND OBTAIN YOUR CUSTOMERS’ ACCEPTANCE ON THE TERMS OF THIS AGREEMENT.
THIS AGREEMENT IS BINDING AS OF THE EARLIEST OF: THE DATE YOU ACCEPT IT OR THE DATE SET FORTH ON THE ORDER.
This Agreement covers the entire portfolio of the Bitdefender MDR Services.
1. DEFINITIONS.
1.1.“Affiliate” means any entity in which You, as applicable, owns or controls, directly or indirectly, and any parent company that owns or controls, and any of the companies the parent company controls. For purposes of this definition, “control” means the direct or indirect beneficial ownership of over fifty percent (50%) of the voting interests (representing the right to vote for the election of directors or other managing authority) in an entity.
1.2.“Agreement” is a legal agreement between Bitdefender and You, for use of the MDR Services.
An employee or other agent, including an MSP, reseller or contractor that installs or registers MDR Services on behalf of an entity, must be a representative of such entity and must accept this Agreement on behalf of the entity before MDR Services may be used. Please print this Agreement and save a copy electronically.
This Agreement is the entire legal agreement between You and Bitdefender for the initialization and use of the MDR Services. This Agreement supersedes all agreements, understandings, and communications, whether written or oral between You and Bitdefender. Any of Your affiliates purchasing hereunder or using or accessing MDR Services hereunder, or benefitting from Your use of MDR Services, all listed herein, will be bound by, and comply with all terms and conditions of this Agreement. The entity accepting this Agreement will remain responsible for its Affiliates’ acts and omissions unless otherwise agreed.
1.3. “Beta Solution/ Early Access Solution/ Evaluation Solution” means any trial of MDR Services. and any solution marked or otherwise designated as a beta, test version, early access or other evaluation form, irrespective of whether any payment has been made.
1.4. “Documentation” means the applicable end user technical documentation that may include written directions, explanatory materials, policies, or associated media relating to the MDR Services, which may be made available on Bitdefender websites or electronic format.
1.5.“MDR Services” means the entire Bitdefender managed detection and response services portfolio as presented on Bitdefender websites or in other relevant service descriptions campaigning the transaction documents and may include associated media, printed materials and Documentation, and any Updates and technical support as stated herein. To the extent permitted by applicable law, Bitdefender can modify its features, description and/or minimum system requirements, in order to continuously improve the quality and content of MDR.
1.6. “MDR Portal” means an online portal which provides access to Your MDR Services.
1.7. “Professional Services” means any professional services performed by Bitdefender for You pursuant to a separate SOW or other Order. Professional Services may include, without limitation, incident response, investigation and forensic services related to cyber-security adversaries, tabletop exercise and next generation penetration tests related to cyber-security.
1.8. “Update” means an update to the detection data or software made available to You, or any correction, update, upgrade, patch, or other modification or addition at Bitdefender’s sole discretion, from time to time, but excluding any updates marketed and licensed for a separate fee.
1.9. “User” means Your employees, independent consultants or any other individual of Your organization who uses or has access to or benefits from Bitdefender MDR Services granted to You.
1.10. “You” or “Your” refers to any individual or legal entity as an end customer or MSP as Your contractors that has accepted this Agreement and it has placed an order for MDR Services from Bitdefender or its authorized resellers or distributors, and as well Your Affiliates that places an Order under these Terms and Conditions, uses or accesses any MDR Services hereunder.
1.11. “Your Contractor” means any services provider as individual or legal entity that has access or use of the MDR Services under this Agreement solely on Your behalf and for Your internal use, (ii) has an agreement to provide You the MDR services, and (iii) is subject to confidentiality obligations and the terms of this Agreement.
2. ORDERS. PAYMENTS. RIGHTS GRANT.
2.1. Orders.
Only those purchase orders with transaction-specific terms stating the MDR Services ordered, quantity, price, payment terms, term, and billing/provisioning contact information (and for the avoidance of any doubt, specifically excluding any pre-printed terms on You or Your Contractors) will have any force or effect unless a particular Order is executed by an authorized signer of Bitdefender and returned to You or the applicable reseller. If any such Order is so executed and delivered, then only those specific terms on the face of such Order that expressly identify those portions of this Agreement that are to be superseded will prevail over any conflicting terms herein but only with respect to those MDR Services ordered on such Order. The Orders are non-cancellable. Any Order through a reseller is subject to, and Bitdefender’s obligations to You are governed by this Agreement.
2.2. Payment and Taxes.
You will pay the fees for MDR Services directly or indirectly through Bitdefender channel resellers as set forth in the applicable Order. Unless otherwise expressly set forth on the Order, You will pay the fees and amounts stated on each Order within 30 days after receipt of the applicable invoice. Except as otherwise expressly provided in this Agreement, all fees and other amounts are non-refundable. Fees are exclusive of any applicable sales, use, value added, withholding, and other taxes, however designated. You shall pay all such taxes levied or imposed and the transactions hereunder, except for taxes based on Bitdefender’s/its channel partners’ income or with respect to Bitdefender’s employment of its employees.
2.3. Rights of Usage.
Subject to the terms and conditions of this Agreement, Bitdefender grants You a limited, non-exclusive, non-transferable right to access and use MDR Services in accordance with any applicable Documentation solely for Your internal use during the applicable subscription term. The internal use will be limited to access and use by Your employees, Your Affiliates’ employees and Your Contractors in either event, solely on Your behalf and for Your benefit. For clarification purposes, internal use does not include access or use: (i) for the benefit of any person or entity other than You or Your Affiliates or (ii) in any event, for the development of any product or service. Your access and use is limited to the quantity in the applicable Order.
You may allow Your Users to use MDR Services as per this Agreement and are responsible for their compliance with this Agreement in such use.
During the installation process, MDR Services may uninstall or disable other security products if such products or features are incompatible with Bitdefender Solution.
MDR Services are protected by copyright laws, international and copyright treaties, and other intellectual property laws and treaties and trade secrets. You have the right to use MDR Services as per the provisions of this Agreement.
2.4. Term of Usage.
The MDR Services validity period is limited, as stated in the MDR documentation, starting from the activation of the GravityZone license (“Validity Period”). After the specified MDR Services Validity Period has expired, You have no further right to receive any MDR Services without purchasing a new MDR Services subscription.
2.5. Usage Restrictions.
You will not use MDR Services (or any portion thereof) to: (i) alter, publicly display, translate, create derivative works of or otherwise modify MDR Services and Bitdefender Solution; (ii) transfer, distribute or otherwise transfer MDR Services and Bitdefender Solutions to any third party, or employ or authorize a third party to use, benefit or view the MDR Services, or to provide management, hosting, or support for an MDR Services, except as expressly permitted herein; (iii) allow third parties to access or use MDR Services and Bitdefender Solutions except for as expressly permitted herein; (iv) create public Internet links to MDR Services or frame or mirror any MDR Services content on any other server or wireless or Internet-based device; (v) reverse engineer, decompile, disassemble or otherwise attempt to derive the source code (if any) for MDR Services and Bitdefender Solutions (except to the extent that such prohibition is expressly precluded by applicable law), circumvent its functions, or attempt to gain unauthorized access to MDR Services or its related systems or networks; (vi) use MDR Services to circumvent the security of another party’s network/information, develop malware, unauthorized surreptitious surveillance, data modification, data exfiltration, data ransom or data destruction; (vii) remove or alter any notice of proprietary right appearing on MDR Services and Bitdefender Solutions; (viii) conduct any stress tests, competitive benchmarking or analysis on, or publish, provide any performance data of MDR Service; (ix) cause, encourage or assist any third party to do any of the foregoing.
2.6. You agree to use MDR Services in accordance with laws, rules and regulations and acknowledge that You are solely responsible for determining whether a particular use of MDR Services is compliant with such laws. You must obtain all necessary rights and permissions from Your Users to use MDR Services.
You are liable and responsible for all actions and omissions occurring under Your and Your Customers’ user accounts.
2.7. Bitdefender reserves the right to improve or change various features of its Solutions or functionalities and features and to offer, from time to time, migration to the new available versions. Also, Bitdefender, at its sole discretion may modify certain features of the MDR Services, such modifications will not materially affect the security offered by Bitdefender. You expressly understand and accept that these changes / modifications / migrations can be made unilaterally by Bitdefender, the only obligation of the latter being to notify the change (including by way of in-app or in-console notifications) in advance.
3. SERVICES DESCRIPTION:
3.1. Prerequisites. Service Setup Phase. For Users: For using MDR Services, You need to have a valid activated license to a Bitdefender Solutions and a valid MDR Services subscription.
3.2. Onboarding, Deployment & Configuration
The onboarding process is deemed finalized when You or Your Contractor (i) have enabled MDR Services for Yourself or an User in GravityZone, (ii) installed and enabled Bitdefender solution on all endpoints, and (iii) You have set up Emergency Contacts, Previously Authorized Actions, and Notifications preferences in the MDR Portal (“Onboarding”).
Onboarding is followed by Deployment & Configuration phase, in which You are responsible for deploying, installing, and configuring the endpoint detection and response feature in the GravityZone console. Bitdefender shall have no liability towards You with respect to the Previously Authorized Actions and / or their consequences.
Note that for certain MDR Services, according to the specifications in the Documentation related to the respective service may include Professional Services support, during the Solution Setup Phase.
3.3. Active 24/7 Monitoring Service Delivery Phase
a) Monitoring potential attacks: Only after the completion of the Solution Setup Phase, devices having the GravityZone agent installed shall be monitored, as per reasonable commercial diligence, 24x7 during the Validity Period. However, the parties acknowledge and agree that interruptions may occur outside of Bitdefender’s control, such as those due to internet provider outages and the like.
b) Notifications and Updates. Once a security incident has been identified in Your Environment, which could be either of the following cases: i) an attacker is active on a device conducting malicious activity, ii) successful malware installation or iii) vulnerability exploitation that leads to additional activity on the endpoint ( “Incident”),Bitdefender will provide an initial notification through the agreed communication contacts provided by You or Your Contractor and provide subsequent updates in the following timeframes based upon our determination of the applicable severity level. Bitdefender will notify and update You or Your Contractor through agreed communication channels depending upon the severity of the situation and consistent with any procedures that have been established and documented with You.
The notification times stated below start from the moment when MDR Services has: i) identified a potential Incident, and/or (ii) if the case, requested for more information from You or Your Contractor. For the avoidance of any doubt, Bitdefender shall use all commercial reasonable efforts to notify You or Your Contractor as stated in the below response timetable, which does not apply until You or Your Contractor receive notice that an Incident has occurred and that we have assigned the said incident a severity level.
Critical and High priority severity levels are not available for non-production systems. You hereby acknowledge and agree that Bitdefender may add additional notification methods in the future.
SLAs:
Service Level (example incidents) |
| Initial Notification (from event identification) |
| Update Frequency (after Initial Notification) |
|
|
|
|
|
Critical Advanced or Interactive Attacker. Advanced Persistent Threat (APT): Nation-State Threat Group or Advanced Cyber-Crime Organization. Data staged for exfiltration. Confirmed data exfiltration. |
| 30 Minutes
|
| Every Hour |
|
|
|
|
|
High High confidence intelligence-driven detections. Command line activity spawned by a suspicious process. Web exploits. Privilege escalation. Credential theft. |
| 30 Minutes |
| Every Hour |
|
|
|
|
|
Medium High confidence known malware. High confidence malicious document. Social engineering of binary files. |
|
Notification Not Required. |
|
Notify customer if mitigation recommendations require customer approval. |
|
|
|
|
|
Low Low confidence known malware (commodity malware or adware) Low confidence malicious documents Command line activity used for common administrative purposes and lateral movement or reconnaissance activity |
|
Notification Not Required. Recommendation is posted in the MDR Portal |
|
Notify customer if mitigation recommendations require customer approval. |
For Your Contractors: YOUR CONTRACTORS WILL RESPECT THE ABOVE-MENTIONED SLA FOR NOTIFYING THEIR CUSTOMERS AND FOR RESPONDING BACK TO BITDEFENDER REPRESENTATIVES. BITDEFENDER WILL NOT BE HOLD LIABLE FOR ANY CLAIMS OR LOSSES RESULTED FROM BREACHING THE SLAs OF NOTIFING AND RESPONSE BY YOUR CONTRACTORS.
c) Alert review and validation initiated by You: You can access Support channels 24x7 and inquire about the validity of an incident seen by You in GravityZone. You or Your Contractor will be notified through agreed communication channels that the investigation request has been received and the investigation has started. Bitdefender can ask for additional information if needed for the assessment. Once an investigation has been concluded, You or Your Contractor will be notified of the completion of the investigation.
NOTE: Forensic analysis of the attack is not included in the MDR Services
3.4. Reporting.
MDR Services will provide standard information and reports to You or Your Contractor as part of normal business operations including the following types of reports in Your covered environment:
Realtime Dashboard for Users – A summary of all security events seen in Your covered environment over the last day, week, or month.
Monthly Report – Monthly reports include a summary of all security events seen in Your covered environment for the previous month, including threat hunting and incident summaries.
Flash Report – The Flash reports generated immediately after incidents are provided to provide You with initial findings and containment actions taken, if applicable.
After Action Report – After Action Reports are generated for completed incident investigations. They contain the complete details of the attack, a summary of the actions taken and any recommendations on changes in the Environment to help prevent similar incidents in the future.
3.5. Responses to live attackers
Bitdefender can identify whether there is an attack or not and You can decide how Bitdefender is to react, as per the Pre-Approved Actions (PAAs) that You or Your Contractor have previously envisaged. PAAs are enabled by default but can be toggled on or off directly in the MDR Portal (please find herein the relevant location: bitdefender.com/business/support/en/124809-151519-pre-approved-actions.html). Please note that turning off a PAA will inhibit timely actions by Bitdefender. In addition, You understand and hereby expressly allow and agree that Bitdefender shall be entitled to create a remote shell on devices to further investigate or limit the impact of attacks. The ability to create a remote shell is essential to the MDR Services, and its main purpose is to obtain otherwise unobtainable necessary information during an investigation and to properly contain attackers. All actions performed by an analyst via remote shell are stored in the GravityZone console for You to audit. You hereby expressly authorize any activity taken by the Bitdefender analyst while the remote shell feature is used, provided however that such activity will be limited to the purpose of providing MDR Services. Additional information on remote shell sessions and SOC may be found here: https://www.bitdefender.com/business/support/en/77209-151142-edr-investigating-incidents.html.
For the avoidance of any doubt, Bitdefender shall be entitled to perform (i) the PAAs previously detailed and explained to You, both with respect to the timeframe for taking such action(s) as well as with respect to all consequences of taking the said actions (including unforeseen consequences which You hereby expressly agree upon); (ii) any other action that You expressly authorize, once You or Your Contractor have been notified with respect to an incident. In addition, You expressly acknowledge and agree that Bitdefender has no obligations (including no liabilities and no damages payment) towards You (nor towards Your Contractors or any of its Users) for any and all repercussions in connection with taking any of the (i) or (ii) actions, provided that Your express consent was previously obtained, except, for Users, in the case of usage of remote shell feature.
3.6. Delivery Channels.
Bitdefender may choose to provide MDR Services using the following delivery channels: phone, email or remotely accessing Your GravityZone Console. During the delivery of MDR Services, Bitdefender may, at its sole discretion and without any obligation, capture MDR Services sessions in different forms (such as, but not limited to: voice recording, written recording, database monitoring) for quality improvement purposes and/or market research purposes. By accepting this Agreement, You agree to allow Bitdefender to perform such captures, including recordings of any type and to use and process any information resulted from such recordings for MDR Services improvement purposes, for marketing research or training purposes and in order to respond to any legal or regulatory requirements, in compliance with the applicable laws.
3.7. MDR Services Availability.
Bitdefender will make operationally and commercially reasonable efforts to make MDR Services available on a 24x7basis. However, MDR Services delivery may be limited to some geographic regions or may suffer interruptions due to technical maintenance or Internet provider issues, independent of Bitdefender’s control. By accepting this Agreement, You agree to grant Bitdefender’s representatives the following rights: (i) to use whatever support or remote access tools are necessary to investigate the incident(s); (ii) to install Bitdefender proprietary or third party licensed remote access tools, for the sole scope of providing MDR Services; (iii) to access Your computer remotely and modify settings and configurations, including installing or removing specific items, in order to solve a problem or diagnose more complex problems, either as a result of a pre-approved action or as a direct response to Your indications; (iv) to gather data from Your/ its devices only for the purpose of providing MDR Services and as a part of problem diagnosis process.
As a result of using MDR Services, including specific MDR Services support sessions, Bitdefender can remove any remote access tools software installed on Your/ its End Customer computer for the scope of providing MDR Services; however, by accepting this Agreement You are informed and expressly accept the fact that there might be residual files left on Your computer as a consequence of usage of the support and/or remote tools.
In addition, it is Your sole responsibility to check whether any residuals impact You in any way and to resolve any and all potential consequences of such residuals. Bitdefender hereby accepts no liability whatsoever with respect to any residuals.
For MDR Services requiring user accounts, only the single individual user assigned to a user account may access or use it. You are liable and responsible for all actions and omissions occurring under Your and Your user accounts for MDR Services.
3.8. Professional Services.
Professional Services will commence on a mutually agreed upon date as stated in a SOW signed by the parties. Estimates provided for Professional Services performed on a time and material basis are estimates only and not a guaranteed time of completion. Professional Services performed on a fixed fee basis are limited to the scope of services stated in the SoW. Professional Services hours prepaid under a retainer must be used within one year from the date of the SoW or Order. Additional blocks of hours purchased under the retainer will expire one year from the date of the corresponding Order or SoW for additional hours.
Professional Services do not constitute “works for hire,” “works made in the course of duty,” or similar terms under laws where the transfer of intellectual property occurs on the performance of services to a payor. The only deliverable arising from the Professional Services is a report consisting primarily of the findings, recommendations, and adversary information. You own the copy of the report (including without limitation, all Your Confidential Information therein) delivered to You (“Deliverable”), subject to Bitdefender’s ownership of the Bitdefender Materials. You agree that relative to You, Bitdefender exclusively owns any and all software (including object and source code), flow charts, algorithms, documentation, adversary information, report templates, know-how, inventions, techniques, models, ideas and any and all other works and materials developed by Bitdefender in connection with performing the Professional Services as well as the trademark Bitdefender (including without limitation all intellectual property rights therein and thereto) (collectively, the “Bitdefender Materials”) and that title shall remain with Bitdefender. For the avoidance of doubt, the Bitdefender Materials do not include any Your Confidential Information or any other materials or data provided by You. Upon payment in full of the amounts due hereunder for the applicable Professional Services and to the extent the Bitdefender Materials are incorporated into the Deliverable(s), You shall have a perpetual, non-transferable, non-exclusive license to use the Bitdefender Materials solely as a part of the Deliverable(s) for Your Internal use only.
4. EVALUATION/ BETA/TRIAL/EARLY ACCESS SUBSCRIPTIONS.
4.1. If MDR Services is provided to You for evaluation, beta, trail or early access purposes ( “Evaluation”), Your rights to evaluate MDR Services will be pursuant to the terms of such evaluation and the rights granted are the following : Bitdefender grants to You a nonexclusive, temporary, royalty-free, non-assignable right to use MDR Services solely for evaluation purposes for internal use in a non-production environment for a pre-determined period as stated in the commercial documentation. MDR Services evaluation right shall terminate at the latest: (i) on the end date of the pre-determined evaluation period, if an evaluation period is pre-determined in MDR Services or (ii) within thirty (30) days from the date of Your initial activation of MDR Services, (“Evaluation Period”). MDR Services may not be transferred and is provided “AS IS” without warranty of any kind. You are solely responsible to take appropriate measures to back up Your system and take other measures to prevent any loss of files or data. MDR Services may contain an automatic disabling mechanism that prevents its use after a certain period.
4.2. During the Evaluation Period, You can receive web or email based technical support in the country where You are located and Updates, if applicable, without any guarantee or warranty of any kind.
4.3. THE PROVISIONS OF THE SECTION APPLY IN LIEU OF SECTION WARRANTIES WITH RESPECT TO ANY EVALUATION SERVICE OR SOLUTIONS
TO THE FULLEST EXTENT PERMITTED BY APPLICABLE LAW, MDR SERVICES USED FOR EVALUATION PURPOSES ARE PROVIDED TO YOU "AS IS" WITHOUT WARRANTIES OF ANY KIND.
EVALUATION DISCLAIMER
THE EVALUATION SOLUTION GRANTED HEREUNDER IS BELIEVED TO CONTAIN DEFECTS AND A PRIMARY PURPOSE OF THIS BETA TESTING SUBSCRIPTION IS TO OBTAIN FEEDBACK ON SOLUTION PERFORMANCE AND THE IDENTIFICATION OF DEFECTS. YOU ARE ADVISED TO SAFEGUARD IMPORTANT DATA, TO USE CAUTION AND NOT TO RELY IN ANY WAY ON THE CORRECT FUNCTIONING OR PERFORMANCE OF THE SOLUTION AND/OR ACCOMPANYING MATERIALS.
WHERE LEGAL LIABILITY CANNOT BE EXCLUDED BY THIS DISCLAIMER, BUT MAY BE LIMITED, BITDEFENDER’S LIABILITY AND THAT OF ITS SUPPLIERS/LICENSORS/RESELLERS UNDER THIS AGREEMENT RELATED TO MDR SERVICES, SHALL BE LIMITED IN THE AGGREGATE TO THE SUM OF TEN DOLLARS (USD$10.00) OR THE EQUIVALENT IN THE LOCAL CURRENCY.
4.4. Your right to use MDR Services or Bitdefender Solution ends when the Evaluation Period ends or if You violate any term of this Agreement or in case You will not respect or abuse in any way the usage rights that were granted to You. Upon termination of the Evaluation Period, You must delete or destroy all copies of the Documentation and stop using MDR Services. Your obligations and rights under this Agreement will continue to apply after the end of the Evaluation Period.
5. SYSTEM REQUIREMENTS. YOUR OBLIGATONS.
5.1. You and Your Contractors are responsible for middleware, miscellaneous software, and software applications installation. This responsibility covers correct licensing, configurations control, administration, and operations readiness. You and Your Contractors are responsible for the installation, operation, maintenance, and support of any software that is not expressly under the sole responsibility of Bitdefender. You and Your Contractors agree to inform Bitdefender via email about the progress of the site preparation, delivery, installation, configuration, and completion of the tests of the configuration.
5.2. You acknowledge that technologies are not universally compatible and that there may be limitations. You and Your Contractors understand and agree that You have the sole responsibility for maintaining and backing up Your data. In all cases, You agree to hold Bitdefender harmless from any losses resulting from the loss of data during performance of MDR Services or otherwise. In addition, You and Your Contractors are solely responsible for the protection of your passwords and Bitdefender shall in no way be responsible for any password loss, password change or password incompatibility, even if such password was initially generated by Bitdefender or any third-party software. Please be advised that in such scenario (i.e. a generated password), we strongly advise You to change such automatically generated password after first introducing it along with any other credentials into any piece of software.
5.3. Your Obligations.
You, along with Your Contractors and Your Affiliates, represents and warrants that: (i) own or have a right of use from a third party, and controls, directly or indirectly, all of the software, hardware and computer systems (collectively, “Systems”) where the MDR Services or Bitdefender Solutions will be installed or that will be the subject of, or investigated during validity period of the MDR Services (ii) to the extent required under any federal, state, or local U.S. or non-US laws You authorized Bitdefender to access these Systems and process and transmit data through in accordance with this Agreement and as necessary to provide and perform the MDR Service, (iii) have a lawful basis in having Bitdefender investigate the Systems, process the Your Users’ Data and the Personal Data; (iv) that it is and will at all relevant times remain duly and effectively authorized to instruct Bitdefender to provide the MDR Services, and (v) You have made all necessary disclosures, obtained all necessary consents and government authorizations required under applicable law to permit the processing and international transfer of Your Users Data and Personal Data from each User or Affiliate, to Bitdefender .
6. SPECIAL TERMS FOR MSPs/YOUR CONTRACTORS
6.1. You authorize Bitdefender to give Your Contractors the rights and privileges to MDR Services necessary to enable and provide for Your use and receipt of its services to You. If at any time You will revoke this authorization, then You are responsible for taking the actions necessary to revoke such access and use in Bitdefender Solutions and MDR Services and You will disable its access to Bitdefender Solutions and MDR Services within a reasonable period of time. If You would need Bitdefender assistance, please contact Bitdefender support.
6.2. Disclaimer.
You as well as Your Contractors remain responsible for their acts and omissions during such time. MDR Services are not conditional upon Your Contractor’s usage. Bitdefender is not responsible or liable for any loss, costs or damages arising out of their actions or inactions in any manner, including but not limited to, for any disclosure, transfer, modification, or deletion of your data. Bitdefender: (i) does not control, monitor, maintain or provide support for Your Contractors, (ii) disclaims all warranties of any kind, indemnities, obligations, and other liabilities in connection with Your Contractors services provided to You, and any of Your Contractors’ interface or integration with the MDR Services. You hereby acknowledge and agree that Bitdefender cannot be held liable for any services and related features provided by Your Contractors, which might no longer be available to You for any reason.
You should not give or allow Your Contractors access to, or use of, intelligence reports provided by, or made accessible in the Bitdefender Solutions or MDR Services.
7. INTELECTUAL PROPERTY RIGHTS.
7.1. MDR Services is protected by copyright and trade-secret laws and international treaty provisions. Therefore, You must treat Bitdefender like any other copyrighted material. You may not copy the printed materials accompanying Bitdefender MDR Services or Solutions. You must produce and include all copyright notices in their original form for all copies created, irrespective of the media or form in which Bitdefender exists. You may not reverse engineer, de/recompile, disassemble, create derivative works, modify, translate, or make any attempt to reconstruct or to discover the source code for MDR Services or Bitdefender Solutions or underlying ideas, algorithms, file formats, programming or functionality of MDR Services, unless otherwise allowed under the local legislation applicable to You.
All rights, titles and interest in and to MDR Services and all copyrights in and to MDR Services (including but not limited to know- how, images, photographs, logos, data, deliverables, animations, video, audio, music, text, "applets" incorporated into MDR Services), the accompanying printed materials are owned by Bitdefender or its licensors, with the understanding that rights, titles and interest in and to certain third-party software identified in the accompanying Third-Party License Terms as published in the About section and they are owned by their respective owners. In respect of these Third-Party or open-source software, the following representations and liabilities clauses shall apply to the extent expressly required by the licenses, the terms of relevant licenses (including, in particular, the scope of license as well as disclaimers of warranties and liabilities) to the respective Third-Party software shall apply in lieu of this Agreement. Such Third-Party License Terms relating to respective software are located in the About section.
You may not remove any proprietary notices or labels on Bitdefender or its lawful owners. All rights not expressly set forth hereunder are reserved by Bitdefender or its lawful owners.
7.2. You acknowledge that the applicable Third-Party vendors are solely responsible for its offerings and Bitdefender makes no representations or warranties concerning those offerings and accepts no liability with respect to them, and if You use any of these third-party offerings, the offerings and Your use of them will be governed by any license agreements, terms of use, privacy policies and/or other terms and conditions required by the third-party.
7.3. OPEN-SOURCE SOFTWARE IS PROVIDED BY BITDEFENDER “AS IS, WITH ALL FAULTS, AS AVAILABLE” WITHOUT (AND BITDEFENDER SPECIFICALLY DISCLAIMS) ANY GUARANTEE, CONDITION, OR WARRANTY (EXPRESSED, IMPLIED, OR OTHERWISE) OF ANY KIND OR NATURE, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, SATISFACTORY QUALITY, TITLE, AND/OR NON-INFRINGEMENT. NOTWITHSTANDING ANYTHING TO THE CONTRARY IN THIS AGREEMENT, AS IT RELATES TO ANY AND ALL CLAIMS ARISING OUT OF OR IN CONNECTION WITH OPEN SOURCE SOFTWARE, BITDEFENDER SHALL HAVE NO LIABILITY FOR ANY DIRECT, INDIRECT, INCIDENTAL, PUNITIVE, SPECIAL OR CONSEQUENTIAL DAMAGES, HOWSOEVER CAUSED AND/OR OTHERWISE BASED ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF OPEN SOURCE SOFTWARE, EVEN IF YOU OR BITDEFENDER HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
7.4. Feedback.
You may, from time to time, voluntarily elect to provide ideas, suggestions, comments, including without limitation ideas for new products, technologies, case studies, testimonials, promotions, product names, product feedback and product improvements ("Feedback") to Bitdefender with respect to MDR Services and Bitdefender Solution and You give Bitdefender, without charge, royalties or other obligation to You, the right to make, have made, create derivative works, use, share and commercialize Your Feedback in any way and for any purpose. You will not give Feedback that is subject to a license that requires Bitdefender to license its software, technologies, or documentation to any third party because Bitdefender includes Your Feedback in them.
7.5. You expressly confirm that You have understood, acknowledged and agreed that if You provide such Feedback to Bitdefender, You shall grant Bitdefender the following worldwide, exclusive, perpetual, irrevocable, royalty free, fully paid up rights: (i) to make, use, copy, modify, sell, distribute, sub-license, and create derivative works of, the Feedback as part of any MDR Services and Bitdefender Solution, technology, service, specification or other documentation; (ii) to publicly perform or display, import, broadcast, transmit, distribute, license, offer to sell, and sell, rent, lease or lend copies of the Feedback (and derivative works thereof) as part of any Bitdefender Solution and MDR Services; (iii) to sublicense to third parties the foregoing rights, including the right to sublicense to further third parties; and (iv) to sublicense to third parties any claims of any patents owned or licensable by You that are necessarily infringed by a third party product, technology or service that uses, interfaces, interoperates or communicates with the feedback or portion thereof incorporated into a MDR Services and Bitdefender Solution, technology or service. Further, You warrant that your Feedback is not subject to any license terms that would purport to require Bitdefender to comply with any additional obligations with respect to any MDR Services and Bitdefender Solutions that incorporate any Feedback. “Confidential Information” means non-public information in any form that is in the Recipient’s possession regardless of the method of acquisition that the Discloser designates as confidential to Recipient or should be reasonably known by the Recipient to be Confidential Information due to the nature of the information disclosed and/or the circumstances surrounding the disclosure.
8. CONFIDENTIALITY.
8.1. Neither Party shall disclose any confidential and/or proprietary information belonging to the other party unless agreed in writing by the said party and other than to its employees, and contractors, including without limitation, counsel, accountants, and financial advisors (collectively, “Representatives”), its Affiliates and their Representatives, subject to the other terms of this Agreement, and in each case who need to know such information and who are bound by restrictions regarding disclosure and use of such information comparable to and no less restrictive than those set forth herein. Confidential information shall be limited to the terms and conditions of this Agreement, including its pricing provision, and all information clearly identified as confidential.
8.2. This obligation shall not apply to information received which: (i) is or becomes known by the recipient without an obligation to maintain its confidentiality; (ii) is or becomes generally known to the public through no act or omission on the part of the recipient; or (iii) is independently developed by the recipient without the use of confidential or proprietary information; (iv) must be disclosed to any government authority or court of law as a result of a court order. If either Party is required to disclose confidential and proprietary information pursuant to law, recipient shall, to the extent legally permitted: (a) give discloser prompt written notice of such requirement or request prior to such disclosure; and (b) at discloser’s cost, a reasonable opportunity to review and comment upon the disclosure and request confidential treatment or a protective order pertaining thereto prior to recipient making such disclosure. If the recipient is legally required to disclose the discloser’s Confidential Information as part of: (a) a legal proceeding to which the discloser is a party but the recipient is not; or (b) a government or regulatory investigation of the discloser, the discloser shall pay all of the recipient’s reasonable and actual out of pocket legal fees and expenses (as evidenced by reasonably detailed invoices) and will reimburse the recipient for its reasonable costs and fees of compiling and providing such Confidential Information, including, a reasonable hourly rate for time spent preparing for, and participating in, depositions and other testimony.
8.3. Each Party agrees to hold each other’s confidential information in confidence for three years from the date of disclosure.
8.4. You acknowledge that a breach of this “Confidentiality” section shall cause Bitdefender irreparable injury and damages. Therefore, You agree that such breach may be stopped through injunctive proceedings in addition to any other rights and remedies which may be available to Bitdefender at law or in equity.
8.5. Upon discloser’s written request, recipient shall use commercially reasonable efforts to destroy the Confidential Information and any copies or extracts thereof. Upon discloser’s request, recipient will provide Discloser with written confirmation of destruction in compliance with this provision. However, recipient, its Affiliates and their Representatives may retain any Confidential Information that: (i) they are required to keep for compliance purposes under a document retention policy or as required by applicable law, professional standards, a court, or regulatory agency; or (ii) have been created electronically pursuant to automatic or ordinary course archiving, back-up, security, or disaster recovery systems or procedures; provided, however, that any such retained information shall remain subject to this Agreement.
9. WARRANTIES.
9.1. Bitdefender warrants that MDR Services will be performed in a professional and workmanlike manner consistent with generally accepted industry standards. You must notify Bitdefender of any warranty claim for MDR Services during the period the MDR Services are being performed or within 30 days after the conclusion of the non-conforming services (“Warranty Period”). Your sole and exclusive remedy and the entire liability of Bitdefender for its breach of this warranty will be for Bitdefender, at its option and expense, to (a) use commercially reasonable efforts to re-perform the non-conforming services, or (b) refund the portion of the fees paid attributable to the non-conforming services accompanied by proof of purchase.
YOU ACKNOWLEDGE, UNDERSTAND, AND AGREE THAT BITDEFENDER DOES NOT GUARANTEE THAT IT WILL FIND, LOCATE, OR DISCOVER ALL OF YOUR OR YOUR AFFILIATES’ SYSTEM THREATS, VULNERABILITIES, INCIDENTS, MALWARE, AND MALICIOUS SOFTWARE, AND YOU AND YOUR AFFILIATES WILL NOT HOLD BITDEFENDER RESPONSIBLE THEREFORE.
9.2. In addition to the other exclusions stated in the Agreement, also warranty shall not apply if (i) the MDR Services and/or Bitdefender Solution has not been used in accordance with the terms and conditions of this Agreement and the Documentation; (ii) the issue has been caused by Your failure to apply Updates or any other action or instruction recommended by Bitdefender, (iii) the issue results from any cause outside of Bitdefender’s reasonable control, (iv) in the event of failure of MDR Services and/or Bitdefender Solution arising or resulting from improper installation or any modification, alteration, or addition thereto, or any problem or error in the operating system software with which the software is installed and is designed to operate; (iv) if any problem or error in MDR Services and/or Bitdefender Solution has resulted from improper use, misapplication or misconfiguration, or the use of MDR Services and/or Bitdefender Solution with other programs or services that have similar functions or features which are incompatible with MDR Services and/or Bitdefender Solution; (v) if MDR Services and/or Bitdefender Solution is licensed or used as any evaluation, beta or trial version or for which Bitdefender does not charge a royalty or license fee; or (vi) if Bitdefender does not receive notice of a non-conformity within the applicable warranty period.
9.3. EXCEPT AS STATED IN SECTION 9.1, MDR SERVICES AND BITDEFENDER SOLUTION ARE PROVIDED ON AN "AS IS" AND "AS AVAILABLE" BASIS. BITDEFENDER DOES NOT WARRANT THAT MDR SERVICES AND BITDEFENDER SOLUTION WILL MEET YOUR REQUIREMENTS. BITDEFENDER DOES NOT GUARANTEE THAT THE PROGRAMS WILL PERFORM ERROR-FREE OR UNINTERRUPTED OR THAT BITDEFENDER WILL CORRECT ALL PROGRAM ERRORS. TO THE EXTENT PERMITTED BY LAW, THESE WARRANTIES ARE EXCLUSIVE AND THERE ARE NO OTHER EXPRESS OR IMPLIED WARRANTIES OR CONDITIONS, INCLUDING WARRANTIES OR CONDITIONS OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE WITH RESPECT TO ANY RECOMMENDATION, THE SERIVCES AND SOLUTIONS, ENHANCEMENTS, MAINTENANCE OR ADVICE, SUPPORT RELATED THERETO, OR ANY OTHER MATERIALS (TANGIBLE OR INTANGIBLE) OR SERVICES SUPPLIED BY BITDEFENDER.
9.4. BITDEFENDER HEREBY EXPRESSLY DISCLAIMS ANY IMPLIED OR EXPRESS WARRANTIES AND CONDITIONS, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF MERCHANTABILITY, DAMAGES FOR LOSS OF GOODWILL, WORK STOPPAGE, LOSS OF DATA, FALSE POSITIVES OR FALSE NEGATIVES, DEVICE FAILURE OR MALFUNCTION FITNESS FOR A PARTICULAR PURPOSE, TITLE, NON-INTERFERENCE, TIMELINESS, COMPLETENESS, CURRENTNESS, RELIABILITY ACCURACY OF INFORMATIONAL CONTENT, SYSTEM INTEGRATION, AND NON-INFRINGEMENT OF THIRD PARTY RIGHTS BY FILTERING, DISABLING, OR REMOVING SUCH THIRD PARTY’S SOFTWARE, SPYWARE, ADWARE, COOKIES, EMAILS, DOCUMENTS, ADVERTISEMENTS OR THE LIKE, NOR THAT MDR SERVICES OR SOFTWARE WILL DETECT ANY OR ALL SECURITY INCIDENTS, SECURITY OR MALICIOUS CODE THREATS OR USE OF MDR SERVICES AND BITDEFENDER SOLUTIONS AND OTHER SERVICE, FUNCTIONALITIES, FEATURES, ENHANCEMENTS, MAINTENANCE OR SUPPORT RELATED THERETO, OR ANY OTHER MATERIALS (TANGIBLE OR INTANGIBLE) AND UPDATES SUPPLIED BY BITDEFENDER WILL KEEP YOUR NETWORK, CLOUD OR ENDPOINTS OR ANY SYSTEMS AND DEVICES FREE FROM MALWARE OR OTHER MALICIOUS OR UNWANTED CONTENT OR SAFE FROM INTRUSIONS OR OTHER SECURITY ATTACKS/SCAMS/BREACHES.
9.5. YOU UNDERSTAND AND AGREE THAT BITDEFENDER CANNOT, AND DOES NOT HEREIN, PROVIDE ANY WARRANTY, GUARANTEE, CONDITION, OR ASSURANCE THAT THE DEPLOYMENT/USE OF ANY MDR SERVICES AND BITDEFENDER SOLUTION (EITHER BY ITSELF OR IN COMBINATION WITH OTHER BITDEFENDER SOLUTIONS) WILL BE ERROR FREE, NOR WILL GUARANTEE COMPLETE PROTECTION FROM AND AGAINST ALL PRESENT AND FUTURE SECURITY THREATS TO YOUR NETWORKS, SYSTEMS, DEVICES, SERVERS OR DATA AND NOTHING HEREIN SHALL BE DEEMED TO IMPLY SUCH A WARRANTY, GUARANTEE, CONDITION, OR ASSURANCE.
9.6. MDR SERVICES AND BITDEFENDER SOLUTION IS NOT FAULT-TOLERANT AND IS NOT DESIGNED OR INTENDED FOR USE IN ANY HAZARDOUS ENVIRONMENT REQUIRING FAIL-SAFE PERFORMANCE OR OPERATION. BITDEFENDER SOLUTION IS NOT FOR USE IN THE OPERATION OF AIRCRAFT NAVIGATION, NUCLEAR FACILITIES, OR COMMUNICATION SYSTEMS, WEAPON SYSTEMS, DIRECT OR INDIRECT LIFE-SUPPORT SYSTEMS, AIR TRAFFIC CONTROL, OR ANY APPLICATION OR INSTALLATION WHERE FAILURE COULD RESULT IN DEATH, SEVERE PHYSICAL INJURY OR PROPERTY/ENVIRONMENTAL DAMAGES.
9.7. Due to the continual development of new techniques for attacking endpoints, networks, systems, Bitdefender does not represent, warrant or guarantee: (1) that MDR Services and Bitdefender Solution will detect, block, or completely remove, or clean any or all applications, routines, and files that are malicious, fraudulent or unwanted; or (2) that any product or any data, equipment, system or network on which a MDR Services and Bitdefender Solution is used (or protects) will be free of vulnerability to intrusion or attack.
9.8. You agree that protection of Your endpoints, servers, cloud, networks, servers and data are dependent on factors solely under Your control and responsibility, including, but not limited to: (a) the design, implementation, deployment, and use of hardware and software security tools in a coordinated effort to manage security threats; (b) the selection, implementation, and enforcement of appropriate internal security policies, procedures and controls regarding access, security, encryption, use, and transmission of data or PPAs; (c) development of, and ongoing enforcement of, processes and procedures for the backup and recovery of any system, software, database, and any stored data; and (d) diligently and promptly downloading and installing all Updates made available by Bitdefender.
9.9. YOU SHALL BE SOLELY RESPONSIBLE FOR THE PROPER BACK-UP OF ALL DATA AND YOU SHALL TAKE APPROPRIATE MEASURES TO PROTECT SUCH DATA. BITDEFENDER ASSUMES NO LIABILITY OR RESPONSIBILITY WHATSOEVER IF DATA IS LOST OR CORRUPTED.
10. INDEMNITIES.
10.1. You shall indemnify, defend, and hold Bitdefender and its directors, officers, employees, agents and attorneys harmless from and against any and all third-party claims, actions, demands, liabilities, losses, damages, judgments, or settlements, including all reasonable attorney’s fees, and expenses related thereto, directly or indirectly resulting from, relating to, arising out of, or attributable to or based upon, Your miss-use of MDR Services and/or Bitdefender Solution./
10.2. Bitdefender shall defend You against indemnify and keeps You harmless from any claim by a third party, that Your use of MDR Service, in accordance with the terms and conditions of this Agreement infringes that third party’s intellectual property rights, and against the resulting costs and damages finally awarded against You to such third party by a court of competent jurisdiction or agreed in a settlement.
10.3. The foregoing obligation of Bitdefender does not apply with respect to software, services or portions or components thereof: (i) not supplied by Bitdefender; (ii) used in a manner not expressly authorized by this Agreement or the accompanying Documentation (iii) made in accordance with Your specifications; (iv)modified by anyone other than Bitdefender, if the alleged infringement relates to such modification; (v) combined with other products, processes or materials where the alleged infringement would not exist but for such combination; (vi) any third party software or services or (vii) where You continue the allegedly infringing activity after being notified thereof and provided with modifications that would have avoided the alleged infringement.
10.4. In the event the MDR Services is held by a court of competent jurisdiction to constitute an infringement Bitdefender shall, at its sole option, do one of the following: (i) procure the right to continued use; (ii) modify MDR Services so that their use becomes non-infringing; (iii) replace the MDR Services with substantially similar products in functionality and performance; or (iv) if none of the foregoing alternatives is reasonably available to Bitdefender, Bitdefender shall refund the pro-rata unused portion of the MDR Services .
10.5. The Parties may request indemnification under this provision, provided they: (a) give notice within ten (10) days of any claim being made or proceedings being issued against; (b) give sole control of the defense and settlement to the indemnifying party (provided any settlement relieves the indemnified party of all liability in the matter); (c) provide all available information and reasonable assistance; and (d) have not previously compromised or settled such claim.
THIS SECTION STATES BITDEFENDER’S ENTIRE LIABILITY AND YOUR SOLE AND EXCLUSIVE REMEDY FOR INFRINGEMENT AND MISAPPROPRIATION CLAIMS.
11. LIABILITY. LIMITATION OF LIABILITY.
11.1. BITDEFENDER SHALL NOT BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, PUNITIVE, OR CONSEQUENTIAL DAMAGES, OR ANY LOSS OF PROFITS, REVENUE, DATA, OR DATA USE OR DAMAGES THAT WERE REASONABLY FORESEEABLE BY BOTH PARTIES BUT COULD HAVE BEEN PREVENTED SUCH AS, FOR EXAMPLE, LOSSES CAUSED BY VIRUSES, MALWARE, OR OTHER MALICIOUS PROGRAMS, OR LOSS OF OR DAMAGE TO CUSTOMER DATA.
11.2. THE TOTAL BITDEFENDER MAXIMUM LIABILITIES OR INDEMITIES FOR ANY DAMAGES ARISING OUT OF OR RELATED TO THIS AGREEMENT OR YOUR ORDER, WHETHER ARISING BY STATUTE, LAW, COURSE OF DEALING, CUSTOM AND PRACTICE, OR TRADE USAGE SHALL BE LIMITED AND IN NO CASE SHALL BITDEFENDER'S LIABILITY EXCEED THE FEES YOU PAID TO BITDEFENDER FOR THE DEFICIENT BITDEFENDER SOLUTIONS AND SERVICES IN THE LAST 12 MONTHS IMMEDIATELY PRECEDING THE EVENT OR CIRCUMSTANCE FIRST GIVING RISE TO A CLAIM UNDER THIS AGREEMENT.
SOME STATES DO NOT ALLOW THE LIMITATION OR EXCLUSION OF LIABILITY FOR INCIDENTAL OR CONSEQUENTIAL DAMAGES, SO THE ABOVE LIMITATION OR EXCLUSION MAY NOT APPLY TO CUSTOMER.
11.3. NOTWITHSTANDING THE FOREGOING, BITDEFENDER DOES NOT LIMIT OR EXCLUDE ITS LIABILITY FOR (i) DEATH OR PERSONAL INJURY CAUSED BY GROSS NEGLIGENCE DIRECTLY ATTRIBUTABLE TO BITDEFENDER, (ii) FRAUDULENT MISREPRESENTATION, OR (iii) ANY OTHER LIABILITY TO THE EXTENT THAT SUCH LIABILITY CANNOT BE EXCLUDED OR LIMITED BY APPLICABLE LAW.
11.4. Each Party recognizes and agrees that the waivers, warranty limitations, as well as disclaimers and exclusions from and limitations of liability and/or remedies in this Agreement are a material and essential basis of this Agreement; reflect a reasonable allocation of risk between the Parties; are fair, reasonable, and a fundamental part of this Agreement; and each has been taken into account and reflected in determining the consideration to be given by each Party under this Agreement and in the decision by each Party to enter into this Agreement. The Parties acknowledge and agree that absence of any such waivers, disclaimers, exclusions, and/or limitations of liability/remedies, the provisions of this Agreement, including the economic terms, would be substantially different, or in the alternative, this Agreement would not have been consummated.
11.5. Bitdefender is acting on behalf of its partners for the purpose of disclaiming, excluding and/or limiting obligations, warranties and liability as provided in this Agreement. The foregoing provisions shall be enforceable to the maximum extent permitted by applicable law.
12. ELECTRONIC COMMUNICATIONS
12.1. Bitdefender may send You legal notices and other communications about the subscription services or our use of the information You provide us within MDR Services ("Communications"). Bitdefender will send Communications via in-product notices or via email to the primary user's registered email address or will post Communications on its Sites. The legal basis for sending these communications is this agreement (for the transactional communications) and the legitimate interest for marketing with the current customers (for the commercial communications).
13. PRIVACY POLICY & GDPR.
13.1. All the information on how the personal data is processed during the usage of the MDR Service is specified in the Bitdefender Privacy Policy. By accepting this Agreement, You acknowledge and agree that You have been notified about how Your personal data will be processed according to the Privacy Policy for Business Solutions published on: https://www.bitdefender.com/site/view/legal-privacy-policy-for-bitdefender-business-solutions.html as well as about the Personal Data Notice for Business Contacts of the Clients/Partners published on: https://www.bitdefender.com/site/view/legal-personal-data-notice-for-business-contacts-of-the- clientsorpartners.html.
With respect to personal data collected by MDR Services from Your Users and the applicable data protection legislation governing this relationship, according to the EU applicable legislation on personal data (GDPR – General Data Protection Legislation), Bitdefender together with You are joint controllers. Bitdefender acts as a data controller in relation to the personal data collected through its products and services sold to/through business clients only for the purposes of ensuring cyber security, including support activities for this purpose (only in specific cases, when support activities are included in the specific contract with Bitdefender). The Users also act as data controllers in relation to the personal data they might have access to through Bitdefender’s products and Services, including MDR Services for purposes of ensuring information and network security. For any other potential purposes that business users may decide upon internally on their own, business clients and service providers (and their clients) act as separate and independent data controllers, collecting personal data from another source, meaning Bitdefender`s products and services.
The joint controllers will be each independently and separately responsible for respecting the GDPR provisions, including lawful processing of personal data, informing service users on the use of their personal data, the security of such personal data and making sure Service users can exercise their rights, according to the Joint Controllers Arrangement available here: https://www.bitdefender.com/media/materials/legal/Joint-Controllers-Arrangement.pdf
14. TECHNOLOGIES.
14.1. Bitdefender informs You that in certain programs or products it may use data collection technology in order to collect technical information (including suspect files), solely to (i) improve the products, (ii) provide related services, (iii) adapt them to the latest industry trends and (iv) prevent the unlicensed or illegal use of the MDR Services or the damages resulting from any malware products identified. You hereby expressly agree and accept that Bitdefender may use such data collected / resulting information as part of the MDR Services provided in relation to the detection and to prevent and stop the malware programs running on Your environment. By accepting this Agreement, You acknowledge and agree that the security technology used can scan the traffic in an impersonal mode to detect the malware and to prevent the damages resulting from the malware products.
14.2. You acknowledge and accept that Bitdefender may provide updates or additions to the services or products which automatically download to Your device. By accepting this Agreement, You agree that some of the executable files considered potentially harmful, may be submitted to Bitdefender servers for the purpose of such files being scanned.
14.3. Bitdefender reserves the right to collect certain information from the computer on which MDR Services is installed, depending on the modules and services You have activated in MDR Services. Such information may pertain to potential security risks as well as to URLs of websites visited that MDR Services deems potentially fraudulent. The URLs could contain personally identifiable information that a potentially fraudulent website is attempting to obtain without Your permission. As such, You agree that certain modules, services and components may collect pieces of data from Your systems for the purpose of evaluating and improving the ability of Bitdefender’s products to detect malicious behavior, potentially fraudulent websites and other Internet security risks. Bitdefender also employs proprietary Cloud technologies to perform scanning on certain URLs, files or emails submitted from Your systems.
More details about the technical data collected are available on Bitdefender websites.
15. FORCE MAJEURE.
15.1. Neither Party shall be in breach of the Agreement in the event it is unable to perform its obligations because of a natural disaster, war, emergency conditions, strikes, acts of terrorism, the substantial inoperability of the Internet, the inability to obtain supplies, or any other reason or condition beyond its reasonable control. If such reasons or conditions remain in effect for a period of more than thirty (30) calendar days, either Party may terminate the Agreement affected by such force majeure following the written notice to the other Party. Notwithstanding the aforementioned, the Parties agree that payment obligations derived from this Agreement shall not be delayed for any reason.
16. EXPORT.
16.1. Each party agrees to comply with all U.S. federal, state, local and non-U.S. laws directly applicable to such party in the performance of this Agreement, including but not limited to, applicable export and import, anti-corruption and employment laws. You acknowledge and agree the MDR Services shall not be used, transferred, or otherwise exported or re-exported to regions that the United States and/or the European Union maintains an embargo or comprehensive sanctions (collectively, “Embargoed Countries”), or to or by a national or resident thereof, or any person or entity subject to individual prohibitions under any applicable laws (e.g., parties listed on the U.S. Department of Treasury’s List of Specially Designated Nationals or the U.S. Department of Commerce’s Table of Denial Orders) (collectively, “Designated Nationals”), without first obtaining all required authorizations from the U.S. government and any other applicable government. You represent and warrant that You, Your Contractors or Affiliates are not located in, or is under the control of, or a national or resident of, an Embargoed Country or Designated National. As well Bitdefender represents and warrants that is not located in, or is under the control of, or a national or resident of, an Embargoed Country or Designated National.
You agree to indemnify and hold Bitdefender harmless from and against claims, losses, costs, or liability, arising in connection with Your breach of these obligations.
17. SUSPENSION AND TERMINATION.
17.1. This Agreement shall remain effective for the Validity Period or until termination in accordance with this section or as otherwise specified herein. Bitdefender may immediately suspend Your access to, or use of, the MDR Services if: (i) Bitdefender believes that there is a significant threat to the security, integrity, functionality, or availability of the MDR Services or Bitdefender Solutions or any content, data, or applications in thereof; (ii) You or Your Users are in breach of rights granted under the Agreement; or (iii) failure of payment to Bitdefender; provided, however, Bitdefender will use commercially reasonable efforts under the circumstances to provide You with notice and, if applicable, an opportunity to remedy such violation prior to any such suspension. Either party may terminate this Agreement upon 30 days’ written notice of a material breach by the other party, unless the breach is cured within the 30-day notice period.
17.2. Bitdefender reserves the right to stop supporting its products or a version of its products or discontinue its Solutions or Services or product features. End-of-support policies are posted on Bitdefender website and may be consulted at the following link: https://www.bitdefender.com/support/bitdefender-end-of-life-policy-statement-982.html
18. GENERALS.
18.1. If You are located in the United States or Canada, this Agreement is governed by the laws of the State of Florida, USA, with the venue in Broward County. If You are located in the UK, Australia and New Zeeland, this Agreement will be governed by the laws of UK laws, with the venue in Reading. If You are located in the Netherlands, Belgium, Denmark, Finland, Iceland, Norway, and Sweden, this Agreement is governed by the Dutch Laws with the venue in the Hague. If You are located in Germany and Austria, this Agreement is governed by the German Laws with the venue in München. If You are located in Indonesia or in Singapore, this Agreement will be governed by the laws of Singapore with the venue in the courts of Singapore. If You are located in rest of Europe, in the rest of Asia, Africa and Middle East, this Agreement will be governed by the laws of Romania with the venue in the courts of Bucharest.
18.2. In the event of invalidity of any provision of this Agreement, the invalidity shall not affect the validity of the remaining portions of this Agreement.
18.3. This Agreement describes certain legal rights. You may have other rights under the laws of Your state or country. You may also have rights with respect to the party from whom You acquired MDR Services or Bitdefender Solution. This Agreement does not change Your rights or obligations under the laws of Your state or country if the laws of Your state or country do not permit it to do so.
18.4. Bitdefender and Bitdefender logos are trademarks of BITDEFENDER. All other trademarks used in MDR Services or Bitdefender Solutions or in associated materials are the property of their respective owners.
18.5. Bitdefender retains the right to assign this Agreement in its sole discretion. You may not assign this Agreement without the prior written permission of Bitdefender, provided, however, that You shall have the right to transfer this Agreement by operation of law as part of a merger, reorganization, or sale of all or substantially all of Your assets or shares upon written notice to Bitdefender.
18.6. Either party represents and warrants that (i) in connection with this Agreement, it has not and will not make any payments or gifts or any offers or promises of payments or gifts of any kind, directly or indirectly, to any official of any foreign government or any agency or instrumentality thereof and (ii) it will comply in all respects with the Foreign Corrupt Practices Act and any other applicable laws and (iii) it will comply with the export compliance laws applicable to each party fulfilling its obligation under this Agreement. To the maximum extent permissible by written waiver, disclaimer, limitation, and/or exclusion under Applicable Laws, this Agreement is entered into solely between and for the benefit of, and may be enforced only by, the Parties hereto and no third party shall have any right/benefit hereunder, whether arising hereunder, under any statute now or enacted hereafter (such as Contracts (Rights of Third Parties) Act of 1999 in the UK and similar laws enacted in Ireland, Singapore, New Zealand, and certain states of Australia, the application of each of which is hereby barred and disclaimed), or otherwise. This Agreement does not, and shall not be deemed to, create any expressed or implied rights, remedies, benefits, claims, or causes of action (legal, equitable or otherwise) in or on behalf of any third parties including employees, independent consultants, agents, and Affiliates of a Party, or otherwise create any obligation or duty to any third party; provided, however, notwithstanding anything contained herein this Agreement to the contrary, Bitdefender’s suppliers, software licensors, and resellers shall be intended third party beneficiaries for the exclusions, limitations, and disclaimers with respect to MDR Services or Bitdefender Solutions as stated in this Agreement.
18.7. This Agreement constitutes the entire agreement between You and Bitdefender concerning the subject matter of this Agreement and it supersedes all prior and simultaneous proposals, agreements, understandings, or other communications between the parties, oral or written, regarding such subject matter. It is expressly agreed that the terms of this Agreement shall supersede any terms in any procurement Internet portal or other similar non- Bitdefender document and no such terms included in any such portal or other non- Bitdefender document shall apply to the MDR Services or Bitdefender Solutions ordered. Any Order through a reseller is subject to, and Bitdefender’s obligations and liabilities to You are governed by, this Agreement. Bitdefender is not obligated under any reseller’s agreement with You unless a legal representative of Bitdefender executes the agreement.
Bitdefender may revise these terms and conditions of the Agreement at any time and the revised terms shall automatically apply to the corresponding versions of MDR Services or Bitdefender Solution distributed with the revised Agreement. If any part of this Agreement is found void and unenforceable, it will not affect the validity of the rest of the Agreement, which shall remain valid and enforceable. In case of controversy or inconsistency between translations of this Agreement to other languages, the English version issued by BITDEFENDER shall prevail.
Any additional, conflicting, or different terms or conditions proposed by You or Your Contractors in any of Your issued documents (such as an Order/s), are hereby rejected by Bitdefender and excluded here from.
18.8. Unless You inform Bitdefender otherwise by sending an email to us at legal@bitdefender.com, at any time, You agree that Bitdefender may display Your company name and logo (in accordance with any trademark guidelines You provide) as a Bitdefender customer in a manner that does not suggest Your use or endorsement of any specific MDR Service or Bitdefender Solution.
18.9. Contact Bitdefender: https://www.bitdefender.com/business/customer-portal/enterprise-standard- support.html.
Legal Notices: legal@bitdefender.com.