These Customer Terms of Service (the “Customer Terms”) represent a Service Level Agreement and describe your rights and responsibilities when using our Velocity risk assessment platform (the “Services”). The goal of these Customer Terms is to obtain mutual agreement for use of the Services between the Service Provider, Stern Security LLC, and the Customer. Please read these Customer Terms carefully. If you are a Customer (defined below) or are invited to use the Services by the Customer, these Customer Terms govern your access and use of our Services.
These “Customer Terms” Form a Part of a Binding “Contract”:
These Customer Terms (or, if applicable, your written agreement with us) and any Order Form(s) (defined below) together form a binding “Contract” between Customer and us. “We,” “our” and “us” refers to Stern Security LLC.
If you purchase subscription(s), create a workspace (i.e., a digital space where a group of users may access the Services), invite users to that workspace, or use or allow use of that workspace after being notified of a change to these Customer Terms, you acknowledge your understanding of the then-current Contract and agree to the Contract on behalf of Customer. Please make sure you have the necessary authority to enter into the Contract on behalf of Customer before proceeding.
Who is “Customer”?
“Customer” is the organization that you represent in agreeing to the Contract. If your workspace is being set up by someone who is not formally affiliated with an organization, Customer is the individual creating the workspace. For example, if you signed up using a personal email address and invited a couple of friends to work on a new startup idea but haven’t formed a company yet, you are the Customer.
If you signed up for a plan using your corporate email domain, your organization is Customer, and Customer can modify and re-assign roles on your workspace (including your role) and otherwise exercise its rights under the Contract. If Customer elects to replace you as the representative with ultimate authority for the workspace, we will provide you with notice following such election and you agree to take any actions reasonably requested by us or Customer to facilitate the transfer of authority to a new representative of Customer.
Individuals invited or authorized by Customer to access the Services (an “Authorized User”) may submit content or information to the Services, such as messages or files (“Customer Data”), and Customer may exclusively provide us with instructions on what to do with it.
Customer will (a) inform Authorized Users of all Customer policies, practices and obligations that are relevant to their use of the Services and of any settings that may impact the processing of Customer Data; and (b) ensure the transfer and processing of Customer Data under the Contract is lawful.
A subscription allows an Authorized User to access the Services. Other than vendor accounts, a subscription is required for each Authorized User. A subscription may be procured through the Services interface, or in some cases, via an order form entered into between Customer and us (each, an “Order Form”). Each Authorized User must agree to abide by all terms and obligations applicable to Customer, and Customer is responsible for the use by each of its Authorized Users. Subscriptions commence when we make them available to Customer and continue for the term specified in the Services “check-out” interface or in the Order Form, as applicable. Each subscription is for a single Authorized User for a specified term and is personal to that Authorized User. We sometimes enter into other kinds of ordering arrangements, but that would need to be spelled out and agreed to in an Order Form. During an active subscription term, adding more subscriptions is fairly easy. Unless the Order Form says otherwise, Customer may purchase more subscriptions at the same price stated in the Order Form and all will terminate on the same date.
We may share information about our future product plans because we like transparency. Our public statements about those product plans are an expression of intent, but do not rely on them when making a purchase. If Customer decides to buy our Services, that decision should be based on the functionality or features we have made available today and not on the delivery of any future functionality or features.
Occasionally, we look for beta testers to help us test our new features. These features will be identified as “beta” or “pre- release,” or words or phrases with similar meanings (each, a “Beta Product”). Beta Products may not be ready for prime time so they are made available “as is,” and any warranties or contractual commitments we make for other Services do not apply. Should Customer encounter any faults with our Beta Products, we would love to hear about them; our primary reason for running any beta programs is to iron out issues before making a new feature widely available.
The more suggestions our customers make, the better the Services become. If Customer sends us any feedback or suggestions regarding the Services, there is a chance we will use it, so Customer grants us (for itself and all of its Authorized Users and other Customer personnel) an unlimited, irrevocable, perpetual, sublicensable, transferable, royalty-free license to use any such feedback or suggestions for any purpose without any obligation or compensation to Customer, any Authorized User or other Customer personnel. If we choose not to implement the suggestion, please don’t take it personally. We appreciate it nonetheless.
Our Services include a platform that third parties may use to develop applications and software that complement Customer’s use of the Services (each, a “Non-Stern Security Product”). THESE ARE NOT OUR SERVICES, SO WE DO NOT WARRANT OR SUPPORT NON-STERN SECURITY PRODUCTS, AND, ULTIMATELY, CUSTOMER (AND NOT US) WILL DECIDE WHETHER OR NOT TO ENABLE THEM. ANY USE OF A NON-STERN SECURITY PRODUCT IS SOLELY BETWEEN CUSTOMER AND THE APPLICABLE THIRD PARTY PROVIDER.
If a Non-Stern Security Product is enabled for Customer’s workspace, please be mindful of any Customer Data that will be shared with the third party provider and the purposes for which the provider requires access. We will not be responsible for any use, disclosure, modification or deletion of Customer Data that is transmitted to, or accessed by, a Non-Stern Security Product.
Customer must comply with the Contract and ensure that its Authorized Users comply with the Contract and the User Terms. We may review conduct for compliance purposes, but we have no obligation to do so. We are not responsible for the content of any Customer Data or the way Customer or its Authorized Users choose to use the Services to store or process any Customer Data. The Services are not intended for and should not be used by anyone under the age of 18. Customer must ensure that all Authorized Users are over 18 years old. Customer is solely responsible for providing high speed internet service for itself and its Authorized Users to access and use the Services.
Customer and Authorized Users also agree to the following in use of the Services:
If we believe that there is a violation of the Contract that can simply be remedied by Customer’s removal of certain Customer Data or Customer’s disabling of a Non-Slack Product, we will, in most cases, ask Customer to take direct action rather than intervene. However, we may directly step in and take what we determine to be appropriate action, if Customer does not take appropriate action, or if we believe there is a credible risk of harm to us, the Services, Authorized Users, or any third parties.
For Customers that purchase our Services, fees are specified at the Services interface “check-out,” in an Order Form(s) or in an invoice — and must be paid in advance. Payment obligations are non- cancelable and, except as expressly stated in the Contract, fees paid are non-refundable. For clarity, in the event Customer downgrades any subscriptions from a paid plan to a free plan, Customer will remain responsible for any unpaid fees under the paid plan, and Services under the paid plan will be deemed fully performed and delivered upon expiration of the initial paid plan subscription term. If we agree to invoice Customer by email, full payment must be received within thirty (30) days from the invoice date. Fees are stated exclusive of any taxes, levies, duties, or similar governmental assessments of any nature, including, for example, value-added, sales, use or withholding taxes, assessable by any jurisdiction (collectively, “Taxes”). Customer will be responsible for paying all Taxes associated with its purchases, except for those taxes based on our net income. Should any payment for the Services be subject to withholding tax by any government, Customer will reimburse us for such withholding tax.
We will (a) make the Services available to Customer and its Authorized Users as described in the Contract; and (b) not use or process Customer Data for any purpose other than in providing the Services in this Contract or without Customer’s prior written instructions; provided, however, that “prior written instructions” will be deemed to include use of the Services by Authorized Users and any processing related to such use or otherwise necessary for the performance of the Contract.
Our responsibilities and/or requirements in support of this Contract include (a) meeting response times associated with service-related incidents, (b) providing a Dedicated Product Support Expert, (c) proving appropriate notifications to Customer for all scheduled maintenance windows and system down times, (d) communicating product enhancement requests from Customer to the product development team,
and (e) subject to the “Non-Stern Security Products” and “Downgrade for Non-Payment” sections, we will not materially decrease the functionality of a Service during a subscription term. For any breach of a warranty in this section, Customer’s exclusive remedies are those described in the sections titled “Termination for Cause” and “Effect of Termination”.
The protection of Customer Data is a top priority for us so we will maintain administrative, physical, and technical safeguards at a level not materially less protective than we do for our own information. Those safeguards will include measures for preventing unauthorized access, use, modification, deletion and disclosure of Customer Data by our personnel. Customer (not us) bears sole responsibility for adequate security, protection and backup of Customer Data when in Customer’s or its representatives’ or agents’ possession or control. We are not responsible for what Customer’s Authorized Users or Non-Stern Security Products do with Customer Data. That is Customer’s responsibility.
As between us on the one hand, and Customer and any Authorized Users on the other, Customer will own all Customer Data. Subject to the terms and conditions of the Contract, Customer (for itself and all of its Authorized Users) grants us a worldwide, non-exclusive, limited term license to access, use, process, copy, distribute, perform, export and display Customer Data, and any Non-Stern Security Products created by or for Customer, only as reasonably necessary (a) to provide, maintain and update the Services; (b) to prevent or address service, security, support or technical issues; (c) as required by law; and (d) as expressly permitted in writing by Customer. Customer represents and warrants that it has secured all rights in and to Customer Data from its Authorized Users as may be necessary to grant this license.
We own and will continue to own our Services, including all related intellectual property rights. We may make software components available, via app stores or other channels, as part of the Services. We grant to Customer a non-sublicensable, non-transferable, non-exclusive, limited license for Customer and its Authorized Users to use the object code version of these components, but solely as necessary to use the Services and in accordance with the Contract and the User Terms. All of our rights not expressly granted by this license are hereby retained.
As further described below, a paid subscription has a term that may expire or be terminated. The Contract remains effective until all subscriptions ordered under the Contract have expired or been terminated or the Contract itself terminates. Termination of the Contract will terminate all subscriptions and all Order Forms.
Unless an Order Form says something different, (a) all subscriptions automatically renew (without the need to execute a renewal Order Form) for additional periods equal to one (1) year or the preceding term, whichever is shorter; and (b) the per- unit pricing during any automatic renewal term will remain the same as it was during the immediately prior term. Either party can give the other notice of non-renewal at least thirty (30) days before the end of a subscription term to stop the subscriptions from automatically renewing.
We or Customer may terminate the Contract on notice to the other party if the other party materially breaches the Contract and such breach is not cured within thirty (30) days after the non-breaching party provides notice of the breach. Customer is responsible for its Authorized Users, including for any breaches of this Contract caused by its Authorized Users. We may terminate the Contract immediately on notice to Customer if we reasonably believe that the Services are being used by Customer or its Authorized Users in violation of applicable law.
Upon any termination for cause by Customer, we will refund Customer any prepaid fees covering the remainder of the term of all subscriptions after the effective date of termination. Upon any termination for cause by us, Customer will pay any unpaid fees covering the remainder of the term of those subscriptions after the effective date of termination. In no event will any termination relieve Customer of the obligation to pay any fees payable to us for the period prior to the effective date of termination.
We are custodians of Customer Data. During the term of a workspace’s subscriptions, Customer will be permitted to export or share certain Customer Data from the Services; provided, however, that because we may have different products with varying features and Customer may have different retention options, Customer acknowledges and agrees that the ability to export or share Customer Data may be limited or unavailable depending on the type of Services plan in effect and the data retention, sharing or invite settings enabled. Following termination or expiration of a workspace’s subscriptions, we will have no obligation to maintain or provide any Customer Data and may thereafter, unless legally prohibited, delete all Customer Data in our systems or otherwise in our possession or under our control.
Customer represents and warrants that it has validly entered into the Contract and has the legal power to do so. Customer further represents and warrants that it is responsible for the conduct of its Authorized Users and their compliance with the terms of this Contract and the User Terms.
EXCEPT AS EXPRESSLY PROVIDED FOR HEREIN, THE SERVICES AND ALL RELATED COMPONENTS AND INFORMATION ARE PROVIDED ON AN “AS IS” AND “AS AVAILABLE” BASIS WITHOUT ANY WARRANTIES OF ANY KIND, AND WE EXPRESSLY DISCLAIM ANY AND ALL WARRANTIES, WHETHER EXPRESS OR IMPLIED, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY, TITLE, FITNESS FOR A PARTICULAR PURPOSE, AND NON- INFRINGEMENT. CUSTOMER ACKNOWLEDGES THAT WE DO NOT WARRANT THAT THE SERVICES WILL BE UNINTERRUPTED, TIMELY, SECURE, OR ERROR-FREE.
OTHER THAN IN CONNECTION WITH A PARTY’S INDEMNIFICATION OBLIGATIONS HEREUNDER, IN NO EVENT WILL EITHER CUSTOMER’S OR OUR LIABILITY ARISING OUT OF OR RELATED TO THE CONTRACT OR THE USER TERMS (WHETHER IN CONTRACT OR TORT OR UNDER ANY OTHER THEORY OF LIABILITY) EXCEED THE TOTAL AMOUNT PAID BY CUSTOMER HEREUNDER IN THE TWELVE (12) MONTHS PRECEDING THE LAST EVENT GIVING RISE TO LIABILITY. THE FOREGOING WILL NOT LIMIT CUSTOMER’S PAYMENT OBLIGATIONS UNDER THE “PAYMENT TERMS” SECTION ABOVE.
IN NO EVENT WILL EITHER CUSTOMER OR US HAVE ANY LIABILITY TO THE OTHER PARTY OR TO ANY THIRD PARTY FOR ANY LOST PROFITS OR REVENUES OR FOR ANY INDIRECT, SPECIAL, INCIDENTAL, CONSEQUENTIAL, COVER OR PUNITIVE DAMAGES HOWEVER CAUSED, WHETHER IN CONTRACT, TORT OR UNDER ANY OTHER THEORY OF LIABILITY, AND WHETHER OR NOT THE PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. THE FOREGOING DISCLAIMER WILL NOT APPLY TO THE EXTENT PROHIBITED BY APPLICABLE LAW.
The Services require logins using two-factor authentication (“2FA”), which is known to reduce the risk of unauthorized use of or access to the Services. We therefore will not be responsible for any damages, losses or liability to Customer, Authorized Users, or anyone else if any event leading to such damages, losses or liability would have been prevented by the use of 2FA. Additionally, Customer is responsible for all login credentials, including usernames and passwords, for administrator accounts as well the accounts of your Authorized Users. We will not be responsible for any damages, losses or liability to Customer, Authorized Users, or anyone else, if such information is not kept confidential by Customer or its Authorized Users, or if such information is correctly provided by an unauthorized third party logging into and accessing the Services.
The limitations under this “Limitation of Liability” section apply with respect to all legal theories, whether in contract, tort or otherwise, and to the extent permitted by law. The provisions of this “Limitation of Liability” section allocate the risks under this Contract between the parties, and the parties have relied on these limitations in determining whether to enter into this Contract and the pricing for the Services.
We will defend Customer from and against any and all third party claims, actions, suits, proceedings, and demands alleging that the use of the Services as permitted under the Contract infringes or misappropriates a third party’s intellectual property rights (a “Claim Against Customer”), and will indemnify Customer for all reasonable attorney’s fees incurred and damages and other costs finally awarded against Customer in connection with or as a result of, and for amounts paid by Customer under a settlement we approve of in connection with a Claim Against Customer; provided, however, that we will have no liability if a Claim Against Customer arises from (a) Customer Data or Non-Sternstein Security Products; and (b) any modification, combination or development of the Services that is not performed by us, including in the use of any application programming interface (API). Customer must provide us with prompt written notice of any Claim Against Customer and allow us the right to assume the exclusive defense and control, and cooperate with any reasonable requests assisting our defense and settlement of such matter. This section states our sole liability with respect to, and Customer’s exclusive remedy against us for any Claim Against Customer.
Customer will defend us and the members, employees and independent contractors of Stern Security LLC (collectively, the “Stern Security Indemnified Parties”) from and against any and all third party claims, actions, suits, proceedings, and demands arising from or related to Customer’s or any of its Authorized Users’ violation of the Contract or the User Terms (a “Claim Against Us”), and will indemnify the Stern Security Indemnified Parties for all reasonable attorney’s fees incurred and damages and other costs finally awarded against a Stern Security Indemnified Party in connection with or as a result of, and for amounts paid by a Stern Security Indemnified Party under a settlement Customer approves of in connection with a Claim Against Us. We must provide Customer with prompt written notice of any Claim Against Us and allow Customer the right to assume the exclusive defense and control, and cooperate with any reasonable requests assisting Customer’s defense and settlement of such matter. This section states your sole liability with respect to our and the Stern Security Indemnified Parties’ exclusive remedy against Customer for any Claim Against Us.
Notwithstanding anything contained in the two preceding sections, (a) an indemnified party will always be free to choose its own counsel if it pays for the cost of such counsel; and (b) no settlement may be entered into by an indemnifying party, without the express written consent of the indemnified parties (such consent not to be unreasonably withheld), if (i) the third party asserting the claim is a government agency, (ii) the settlement arguably involves the making of admissions by the indemnified parties, (iii) the settlement does not include a full release of liability for the indemnified parties, or (iv) the settlement includes terms other than a full release of liability for the indemnified parties and the payment of money.
Each party (“Disclosing Party”) may disclose “Confidential Information” to the other party (“Receiving Party”) in connection with the Contract, which is anything that reasonably should be understood to be confidential given the nature of the information and the circumstances of disclosure including all Order Forms, as well as non-public business, product, technology and marketing information. Confidential Information of Customer includes Customer Data. If something is labeled “Confidential,” that’s a clear indicator to the Receiving Party that the material is confidential.
Notwithstanding the above, Confidential Information does not include information that (a) is or becomes generally available to the public without breach of any obligation owed to the Disclosing Party; (b) was known to the Receiving Party prior to its disclosure by the Disclosing Party without breach of any obligation owed to the Disclosing Party; or (c) is received from a third party without breach of any obligation owed to the Disclosing Party.
The Receiving Party will (a) take at least reasonable measures to prevent the unauthorized disclosure or use of Confidential Information, and limit access to those employees, affiliates and contractors who need to know such information in connection with the Contract; and (b) not use or disclose any Confidential Information of the Disclosing Party for any purpose outside the scope of this Contract. Nothing above will prevent either party from sharing Confidential Information with financial and legal advisors; provided, however, that the advisors are bound to confidentiality obligations at least as restrictive as those in the Contract.
The Receiving Party may access or disclose Confidential Information of the Disclosing Party if it is required by law; provided, however, that the Receiving Party gives the Disclosing Party prior notice of the compelled access or disclosure (to the extent legally permitted) and reasonable assistance, at the Disclosing Party’s cost, if the Disclosing Party wishes to contest the access or disclosure. If the Receiving Party is compelled by law to access or disclose the Disclosing Party’s Confidential Information, the Disclosing Party will reimburse the Receiving Party for its reasonable cost of compiling and providing access to such Confidential Information as well as the reasonable cost for any support provided in connection with the Disclosing Party seeking a protective order or confidential treatment for the Confidential Information to be produced.
The sections titled “Feedback is Welcome,” “Non-Stern Security Products,” “Our Removal Rights,” “Use of the Services,” “Payment Terms,” “What’s Yours is Yours…,” “And What’s Ours is Ours,” “Effect of Termination,” “Data Portability and Deletion,” “Representations; Disclaimer of Warranties,” “Limitation of Liability,” “Our Indemnification of Customer,” “Customer’s Indemnification of Us,” “Limitations on Indemnifications,” “Confidentiality” and “Survival,” as well as all of the provisions under the general heading “General Provisions,” will survive any termination or expiration of the Contract.
Neither us nor Customer will be liable by reason of any failure or delay in the performance of its obligations on account of events beyond the reasonable control of a party, which may include denial-of-service attacks, a failure by a third party hosting provider or utility provider, strikes, shortages, riots,
fires, acts of God, war, terrorism, and governmental action.
No Third Party Beneficiaries:
The parties are independent contractors. The Contract does
not create a partnership, franchise, joint venture, agency,
fiduciary or employment relationship between the parties. There are no third party beneficiaries to the Contract.
Except as otherwise set forth herein, all notices under the Contract will be by email, although we may instead choose to provide notice to Customer through the Services. Notices to us will be sent to [email protected] Notices will be deemed to have been duly given (a) the day after it is sent, in the case of notices through email; and (b) the same day, in the case of notices through the Services.
As our business evolves, we may change these Customer Terms and the other components of the Contract (except any Order Forms). If we make a material change to the Contract, we will provide Customer with reasonable notice prior to the change taking effect, either by emailing the email address associated with Customer’s account or by messaging Customer through the Services. Customer can review the most current version of the Customer Terms at any time by request or by visiting https://www.velocitysec.com/terms-of-service/ and by visiting the most current versions of the other pages that are referenced in the Contract. The materially revised Contract will become effective on the date set forth in our notice, and all other changes will become effective upon posting of the change. If Customer (or any Authorized User) accesses or uses the Services after the effective date, that use will constitute Customer’s acceptance of any revised terms and conditions.
No failure or delay by either party in exercising any right under the Contract will constitute a waiver of that right. No waiver under the Contract will be effective unless made in writing and signed by an authorized representative of the party being deemed to have granted the waiver.
The Contract will be enforced to the fullest extent permitted under applicable law. If any provision of the Contract is held by a court of competent jurisdiction to be contrary to law, the provision will be modified by the court and interpreted so as best to accomplish the objectives of the original provision to the fullest extent permitted by law, and the remaining provisions of the Contract will remain in effect.
Customer may not assign or delegate any of its rights or obligations hereunder, whether by operation of law or otherwise, without our prior written consent (not to be unreasonably withheld). Notwithstanding the foregoing, either party may assign the Contract in its entirety (including all Order Forms), without consent of the other party, to a corporate affiliate or in connection with a merger, acquisition, corporate reorganization, or sale of all or substantially all of its assets.
Customer will keep its billing and contact information current at all times by notifying us of any changes. Any purported assignment in violation of this section is void. A party’s sole remedy for any purported assignment by the other party in breach of this section will be, at the non-assigning party’s election, termination of the Contract upon written notice to the assigning party. In the event of such a termination by Customer, we will refund Customer any prepaid fees covering the remainder of the term of all subscriptions after the effective date of termination. Subject to the foregoing, the Contract will bind and inure to the benefit of the parties, their respective successors and permitted assigns.
The Contract, and any disputes arising out of or related hereto, will be governed exclusively by the laws of North Carolina, without regard to conflicts of laws rules. The courts located in Wake County, North Carolina will have exclusive jurisdiction to adjudicate any dispute arising out of or relating to the Contract or its formation, interpretation or enforcement. Each party hereby consents and submits to the exclusive jurisdiction of the courts in Wake County, North Carolina.
The Contract, including these Customer Terms and all referenced pages and Order Forms, if applicable, constitutes the entire agreement between the parties and supersedes all prior and contemporaneous agreements, proposals or representations, written or oral, concerning its subject matter. Without limiting the foregoing, the Contract supersedes the terms of any online agreement electronically accepted by Customer or any Authorized Users. However, to the extent of any conflict or inconsistency between the provisions in these Customer Terms and any other documents or pages referenced in these Customer Terms, the following order of precedence will apply: (1) the terms of any Order Form (if any), (2) the Customer Terms and (3) finally any other documents or pages referenced in the Customer Terms. Notwithstanding any language to the contrary therein, no terms or conditions stated in a Customer purchase order, vendor onboarding process or web portal, or any other Customer order documentation (excluding Order Forms) will be incorporated into or form any part of the Contract, and all such terms or conditions will be null and void.
Velocity is a product by Stern Security and is 100% developed and hosted within the USA. Stern Security was a finalist for the 2019 NC TECH Cyber Security Award for the Velocity product.