Join our Mailing list!
Get all the latest news, exclusive deals, and feature updates.
This End User Assessment Agreement (“Agreement”) is entered into by and between Appsec
Phoenix, Inc., a Company incorporated in England and Wales with offices at 152 124 City
Road, EC1V 2NX London, UK, (“Appsec Phoenix”) and the Customer entity identified on an
order referencing this Agreement (“Customer”). The parties to this Agreement may be
referred to as a “Party” singularly or the “Parties” collectively. In consideration of the
promises and mutual agreements contained herein, and other good and valuable
consideration, the receipt and sufficiency of which are hereby acknowledged, and intending
to be legally bound hereby, Appsec Phoenix and Customer agree as follows:
“Affiliate” means an entity controlled by, controlling, or under common control by a Party
during the period such control exists. For the purposes hereof “control” means the power to
direct the operation, policies, and management of an entity through the ownership of more
than fifty percent (50%) of the voting securities of such entity, by contract, or otherwise.
“Aggregated Data” means Statistical Data that is aggregated with Assessment results of other
parties and does not allow for the identification of an Application or Customer.
“Application(s)” means a supported software application, owned by Customer and/or its
Affiliates (provided that the Application may contain third party software components
licensed by Customer and/or its Affiliates) or (ii) an Application licensed by Customer from a
third party, which is designated for Assessment by Customer and composed of one or
“Components(s)” means a supported software element (repository, web api…), owned by
Customer and/or its Affiliates (provided that the Application may contain third party software
components licensed by Customer and/or its Affiliates) or (ii) an Application licensed by
Customer from a third party, which is designated for Assessment by Customer.
“Assess(es)(ed)(ment)” means the analysis performed by Appsec Phoenix on an Application,
Components or a portion of an Application as part of a particular Solution.
“Authorized Recipient” means an entity, only as designated by Customer, to receive the
summary results of an Assessment via an electronic prompt in the Solution Platform.
“Available” or “Availability” is expressed as the number of minutes during a particular
calendar month, as calculated by Appsec Phoenix, that the Solution Platform was available
for Customer to successfully transmit data to, and receive data from Appsec Phoenix using
the Solution Platform, excluding maintenance time.
“Availability Percentage” is expressed as the percentage defined as (i) the Availability less
any Unavailability during any particular calendar month, divided by (ii) the total number of
minutes in such calendar month.
“Business Day(s)” means Monday through Friday, GMT, excluding Appsec Phoenix
“Confidential Information” means any information, whether disclosed in written, oral,
electronic or visual form, which is identified as confidential at the time of disclosure or
should reasonably be understood to be confidential given the nature of the information and
the circumstances surrounding the disclosure, including without limitation business,
operations, finances, technologies, products and services, pricing, personnel, customer and
suppliers, other proprietary information and (i) with regard to Customer, Customer Data,
Customer Components, Business application, threat intelligence, Credentials and Keys, the
Customer Applications, and information regarding the specific security vulnerabilities of the
Customer Applications, Components, Cloud environments, infrastructure environments and,
subject to Appsec Phoenix’s ownership of the Appsec Phoenix Property, the Reports and
Document Output. The existence of this Agreement shall not be considered Confidential
Information; however, the economic terms of this Agreement, inclusive of pricing, discounts,
shall be considered Confidential Information.
“Customer Data” means any Customer data, information, or content (including the
Applications, Component, Cloud elements and any Assessment including the individual
vulnerabilities results thereof) provided by, or on behalf of, Customer to Appsec Phoenix in
connection with its use of a Solution but excludes personal data. It is agreed and
acknowledged that Customer owns and retains all rights, inclusive of all intellectual property
rights, to all Customer Data.
“Document Output” means any type of Solution output, other than a Report, which may
include but is not limited to presentations, slide decks, or other document provided or made
available by Appsec Phoenix, through the Solution Platform, or otherwise.
“Documentation” means any user guides, help windows, Solution descriptions and other
documents relating to the use, performance, or technical information, of a Solution made
available via the Solution Platform by Appsec Phoenix at https://kb.appsecphoenix.com/ or
via e-mail at firstname.lastname@example.org .
“Force Majeure Event” means any act or event, or circumstances beyond a Party’s
reasonable control, which prevents a Party from performing its obligations under this
Agreement, including but not limited to acts of God, epidemic, pandemic, terrorist acts, acts
of war labor strikes and other labor disturbances, or power surges or failures.
“Internal Use” means customary business use and not use for compensation of any kind.
“Order Form(s)” means a sales order and/or statement of work referencing this Agreement,
which has been mutually agreed to by the Parties either (i) in a mutually signed writing or
explicitly agreed via the Platform or Software (ii) by a Customer issued purchase order
expressly referencing a Appsec Phoenix provided sales order, that describes the particular
Solution(s) ordered, the quantity of Solution(s) ordered, the fees for the Solution(s) and the
Subscription Term. If Customer licenses the Solution(s) through a Appsec Phoenix
authorized reseller, an Order may be entered into between Appsec Phoenix and the authorized
reseller for Customer’s use.
“Report(s)” means any report (or any portion of a report) accessible through the Solution
Platform (or provided by such other means as mutually agreed by the Parties), that provides
the results of an Assessment relating to an Application.
“Software” means any software provided by Appsec Phoenix which and may be used by
Customer in conjunction with a licensed Solution, such as agents, APIs, virtual appliances,
and certain e-Learning course content, and which may be subject to separate terms.
“Solution(s)” means the particular security related solution(s) stated in an Order or order
(including, in the case of any Solution provided on a software as a service basis, the Solution
Platform and any Appsec Phoenix content provided as a part thereof), the Software, the
Documentation, and any updates to the particular Solution made available by Appsec
Phoenix from time to time, in its sole discretion. As used herein, the term Solution
specifically excludes all Applications.
“Statistical Data” means high level, anonymized statistical information that Appsec Phoenix
has complied relating to Assessments, which does not identify an Application or Customer.
“Subscription Term” means the time period during which Customer has access to certain
Solution(s) and/or support as set forth in an applicable Order.
“Support Package” means the technical assistance described in the Appsec Phoenix
Technical Support Services and Service Levels page posted
at https://appsecphoenix.com/terms-of-support/ . The document posted at such link shall be
effective for the entirety of a Subscription Term.
“Third Party” means a third-party software provider that designates an Application for
Assessment by Appsec Phoenix.
“Unavailable” or “Unavailability” is expressed as the number of minutes during a particular
calendar month that the Solution Platform was not Available to Customer, but expressly
excludes any time the Solution Platform was not Available as a result of (i) any planned
maintenance and support (which Appsec Phoenix shall endeavor to post notice of on the
Solution Platform at least one (1) Business Days in advance); or (ii) any unanticipated
maintenance; or (iii) a Force Majeure Event as described in the Agreement.
“Users” means anyone granted access to a Solution by Customer as permitted under this
“Appsec Phoenix Property” means any Appsec Phoenix technical information, e- Learning
or other course content, techniques, ideas, methods, processes, software, interfaces, utilities,
data, documents, directories, designs, user interfaces, know-how, intellectual property,
information or materials of any kind (regardless of form) which has been or is acquired,
created, developed or licensed by Appsec Phoenix prior to or outside the scope of this
Agreement and any improvement, modification or other derivative works thereof and all
intellectual property rights therein; and expressly includes, without limitation, the Solution,
Solution Platform, Reports and Document Output templates.
Forms which reference this Agreement, each of which shall be incorporated herein by
reference. An Affiliate may enter into an Order Form pursuant to this Agreement, and by
doing so, agrees to be bound to the terms of this Agreement. Customer shall be responsible
for the compliance of its Affiliates with the terms and conditions of this Agreement.
Phoenix. All rights and licenses granted herein are subject to the terms of this Agreement.
3.1. Appsec Phoenix Solution License. Appsec Phoenix grants Customer a non- exclusive,
non-transferable right and license, during the Subscription Term, to (i) access and use the
Solution(s) stated in an Order Form solely for Customer’s Internal Use; (ii) access and use
Software, if any, solely at a Customer owned or controlled site; and (iii) access and use each
Report and/or the Document Output made available via the Solution Platform subject to the
terms of this Section 3
3.2. Appsec Phoenix Report and Document Output License. For each Application, Cloud
Components, Application Component, Infrastructure Asset Assessed or derived from third
party scanner assessment as part of the Solution, Appsec Phoenix will make available to
Customer a Report containing the results of the Assessment with recommendations on what
to fix first. The recommendation are subject to threat intelligence and are to be considered
only a suggestion. As Such Appsec Phoenix shall not undergo any liability as consequence of
decisions taken as consequence of the suggestions. Customer shall own all right, title, and
interest to each Report, subject to Appsec Phoenix’s ownership of any Appsec Phoenix
Property contained therein. Appsec Phoenix grants Customer an exclusive, transferable,
perpetual, worldwide license to access, use and reproduce each of the Report and Document
Output, and any Appsec Phoenix Property incorporated therein, solely for Internal Use.
Customer grants Appsec Phoenix the right to provide Authorized Recipients with high level
status updates regarding the status of the Assessment and the availability of the Report solely
upon Customer request.
3.3. Customer Applications and Customer Data License. Customer grants Appsec Phoenix
a limited, non-exclusive right and license, during the Subscription Term, to (i) use, access,
reproduce, and store each Application and use the Customer Data solely to the extent
necessary to provide the Solution and/or perform its obligations under this Agreement; (ii) create, reproduce, store, make available and transfer Reports; (iii) collect, modify and analyze
meta data and/or operations data which does not contain any Customer Data, such as log files
and transaction counts; and (iv) create Statistical Data and Aggregated Data, each of which
shall be anonymized. Customer grants Appsec Phoenix, for a perpetual license term
thereafter, the right to use, reproduce, store, publish, license, and transmit the Statistical Data
included within the Aggregated Data. Appsec Phoenix will not expose or attempt to derive
the source code of any Application. Except as expressly licensed herein, (i) Customer and its
Affiliates (and/or their licensors) shall retain all right, title and/or interest to the Applications
and Customer Data and all intellectual property rights therein, and (ii) Appsec Phoenix shall
obtain no right or license thereto.
3.4. Third Party Application Assessments and Reports. If Customer chooses to have an
Application Assessed that is owned or licensed by a Third Party, Appsec Phoenix will only
perform such Assessment if Appsec Phoenix and such Third Party enter into a separate
written, signed agreement in a form acceptable to Appsec Phoenix. Customer hereby grants
Appsec Phoenix the right to use Customer’s name in Appsec Phoenix’s communications to
such Third Party for such purpose. Upon completion of such Assessment, such Third Party
shall own the detailed Report relating to the Assessed Application, Cloud, Components and
Infrastructure assets, and Appsec Phoenix shall make available to Customer a summary
version of the Report containing the results of the Assessment. Customer is hereby granted a
non-exclusive, non- transferable, perpetual, worldwide license to access, use and reproduce
the summary version of such Report and any Appsec Phoenix Property contained therein,
solely for Customer’s and its Affiliates’ Internal Use.
4.1. Access to Applications. Customer agrees to make the Applications to be Assessed
available to Appsec Phoenix in accordance with Appsec Phoenix’s submission specifications.
Each Application shall be provided in a form mutually agreed to by the parties, including, but
not limited to, executable object code form (unless the particular Application is only
deployed in source, in which case Customer will provide source) or, in the case of a web
Application, by providing the URL. Customer is responsible for providing the systems,
servers, software and network and communications necessary to connect to and utilize the
4.2. Solution and Solution Platform Access. Customer will register a primary
administrative User. Such administrative User is authorized to set up Customer’s account,
including creating subaccounts for additional Users, each of which shall have unique login
IDs and passwords. Customer shall be responsible for the acts or omissions of all of its Users.
4.3. Acceptable Use. Customer and its User shall not:
contemplated by this Agreement;
damage to the Solution(s) (including but not limited to malicious code and malware);
except as expressly permitted by the Agreement;
licensors’ proprietary rights;
which forms a part of the Solution(s), or Software;
associated infrastructure: network discovery, port and service identification, vulnerability
scanning, password cracking, remote access testing, penetration testing or any other test or
procedure not authorized in the Documentation;
of the Solution or Solution Platform that imposes specific data security obligations for the
processing of such data unless it is a supported feature in the Documentation of the applicable
in a manner that effects the stability or accessibility of the Solutions.
Customer agrees that it, and its Users shall, if notified by Appsec Phoenix that such Customer
or User utilization has been determined by Appsec Phoenix to be the cause of stability or
accessibility issues, immediately cease such usage. Customer further agrees to promptly
notify Appsec Phoenix upon learning of any unauthorized use of Customer’s accounts or any
other breach of security related to the rights granted under this Agreement. Upon such
notification, or if Appsec Phoenix learns of any malicious activity associated with any
Customer or User account, Appsec Phoenix may temporarily suspend such accounts to
mitigate the effects of any security event or malicious activity, and when reasonably
practicable and lawfully permitted, will provide Customer with notice of any such
suspension. Appsec Phoenix will use reasonable efforts to re- establish any temporarily
suspended account promptly after the issue causing the suspension has been resolved.
Appsec Phoenix reserves the right to refuse registration of, or to cancel login IDs of any
Users who violate the terms of this Agreement; and/or limit or remove Customer access to
the Solution or Solution Platform for usage of quantities in excess of the quantity stated in an
Order. Customer is responsible for payment of fees for any use of the Solution(s) in excess of
the quantity stated in an Order Form.
4.4 Appsec phoenix reserve the right to suspend the accounts for in case
thecase the user has more asset than authorized (after expiration of
licence over the grace period). After Expiration of licence and grace period
the user are transitioned to a standard account and if the asset limit areis
not rectified Appsec Phoenix reserves the right to suspend the account
after 30 days from the downgrade.
Appsec Phoenix reserves the right to change the terms and conditions and
offers 1 week notice to users to disconnect from the service if not in
4.5 Appsec Phoenix reserve the right to contact and suspend the accounts to
professional license or standard license if trial period is over and the
usage is still above the allowed
5.1. Maintenance. Appsec Phoenix shall endeavor to post all scheduled maintenance
periods notified on the platform banner, no less than forty-eight (48) hours prior to such
scheduled maintenance. There may be instances where Appsec Phoenix must perform
unanticipated maintenance on a Solution or the Solution Platform to maintain the stability or
accessibility of the Solution or Solution Platform for all customers and users. In such cases,
Appsec Phoenix will post a notice of such maintenance period as soon as practicable and may
temporarily suspend access to the Solutions and/or the Solution Platform during such
maintenance period. Such suspension for such unanticipated maintenance period shall not be
considered Unavailability. Appsec Phoenix shall immediately restore access upon completion
of such unanticipated maintenance.
5.2. Modifications. Appsec Phoenix reserves the right to modify the Solutions and Solution
Platform from time to time in an effort to improve the functionality of the Solutions and
Solution Platform, however such changes shall not materially reduce the functionality
provided during the Subscription Term.
5.3. Solution Platform Availability. Appsec Phoenix shall maintain the Availability
Percentage of the Solution Platform at or above ninety-nine percent (98.99%) during every
calendar month of the Term.in line with the service level described in the
5.4. Service Levels. Service levels associated with support response times are described at
the page posted at https://appsecphoenix.com/terms-of-support/ . The content posted at such
page is effective as posted for entirety of a Subscription Term on the Order Form.
6.1. Confidentiality. During the term of this Agreement and continuing for a period of
twelve (12) months after termination of this Agreement, unless superseded by an NDA, each
Party shall retain in confidence, and not use except for the purposes described in this
Agreement, the Confidential Information of the other Party disclosed by such Party or its
Affiliates or made available in connection with this Agreement. The receiving party will use
the same degree of care and discretion (but not less than reasonable care) to avoid disclosure,
publication, or dissemination of the disclosing party’s Confidential Information as it uses
with its own information of a similar nature. Except as authorized in this Agreement, the
receiving party will not disclose the Confidential Information of the disclosing party to a third
party other than to its or its Affiliates’ employees, contractors, agents or advisors in
connection with its performance of this
Agreement and the receiving party shall be liable to the disclosing party for any violation of this
Agreement by such persons. Confidential Information shall not include information that (a) is
publicly known at the time of disclosure, (b) is lawfully received from a third party not bound
in a confidential relationship with the disclosing party, (c) is published or otherwise made
known to the public by the disclosing party, or (d) was or is generated independently without
use of the disclosing party’s Confidential Information. The receiving party may disclose
Confidential Information as required to comply with orders of governmental entities that have
jurisdiction over it or as otherwise required by law, provided that the receiving party (i) to the
extent permitted by the governmental order or law, gives the disclosing party reasonable
advance written notice to allow the disclosing party to seek a protective order or other
appropriate remedy , (ii) discloses only that portion of the Confidential Information as is
required, and (iii) uses commercially reasonable efforts to obtain confidential treatment for
any Confidential Information so disclosed. Notwithstanding anything herein to the contrary,
provided that Appsec Phoenix does not use or disclose Customer Confidential Information,
Appsec Phoenix shall be free to use, exploit and disclose its general skills, concepts, ideas,
know-how, and expertise gained or learned during the course of this Agreement, and Appsec
Phoenix shall not be restricted from creating output for other customers which is similar to
that provided to Customer. Each Party owns and retains all rights, inclusive of all intellectual
property rights, to their respective Confidential Information. In case there is an NDA the
NDA agreement will take precedence over this Agreement
6.2. Security. Appsec Phoenix shall maintain, use, and process any Customer Confidential
Information in compliance with all applicable laws. Appsec Phoenix shall establish and
maintain administrative, physical and technical safeguards designed to guard against the
destruction, loss, or alteration of Customer Confidential Information. Without limiting the
foregoing, Appsec Phoenix shall at all times in connection with this Agreement: (i) maintain
and enforce security measures and procedures with respect to its processing of Customer
Data and Customer Confidential Information consistent with commercially reasonable
industry practices and standards;
(ii) provide technical and organizational safeguards designed to protect against accidental,
unlawful or unauthorized access to or use, destruction, loss, alteration, disclosure, transfer,
commingling or processing of such information and ensure a level of security appropriate to
the risks presented by the processing of such information and the nature of such information,
consistent with commercially reasonable industry practice and standards;
(iii) take commercially reasonable measures to secure the Solution Platform against
“hackers” and others who may seek, without authorization, to disrupt, damage, modify,
access or otherwise use the Solution Platform or the information found therein; (iv) take
commercially reasonable measures to logically separate Customer Confidential Information
from that of other customers. Appsec Phoenix shall periodically test and continuously
monitor its systems for potential areas where security could be breached and shall also
periodically conduct security testing, including penetration testing. Appsec Phoenix shall be
solely responsible for its information technology infrastructure, including all computers,
software, databases, electronic systems and networks that are owned or controlled by Appsec
Phoenix that may be used by Appsec Phoenix to access Customer’s systems or otherwise in
connection with the Solutions. To the extent that Appsec Phoenix utilizes service providers or
subcontractors in connection with the performance of the Solutions, Appsec Phoenix
acknowledges that this provision applies equally to any such service provider or
subcontractor, such service provider or subcontractor will possess a level of security and data
protection equal to Appsec Phoenix and Appsec Phoenix shall be responsible for such service
providers and subcontractors in accordance with the terms of this Agreement.
7.1. General Warranties. Each Party represents and warrants to the other party that (i) it has
and shall have all the necessary rights, approvals, consents and permissions to enter into this
Agreement and to grant the rights and licenses herein, and (ii) the execution, delivery and
performance of this Agreement does not and will not conflict with any agreement,
instrument, judgment or understanding, oral or written, to which it is a party or by which it may
7.2. Customer Data Warranty. Customer represents and warrants that it has the right to
disclose all Confidential Information Customer provides to Appsec Phoenix for the purpose
of enabling Appsec Phoenix to perform its obligations under this Agreement.
7.3. Solution Performance Warranty. Appsec Phoenix represents and warrants that the
Solution will be provided as described in the applicable Order Form, by qualified personnel
in a professional manner, and will comply in all material respects with applicable
Documentation. In order to state a claim for breach of this Solution performance warranty,
Customer must provide notice of such non-compliance within the thirty (10) day period
following such non-compliance (such as, for example, within thirty (10) days from date of
performance of the part of a particular Assessment or delivery of a Report with respect to an
Assessment) specifying the details of such noncompliance. If Customer timely provides
Appsec Phoenix with the required notice, as Customer’s sole and exclusive remedy and
Appsec Phoenix’s sole and exclusive liability for breach of warranty, Appsec Phoenix shall
re-perform such portion of the Solution or otherwise use commercially reasonable efforts to
correct any such non-compliance, at its expense, within thirty (90) days of its receipt of such
notice. During any trial period, this warranty shall not apply.
7.4. Warranty Disclaimer. EXCEPT FOR THE EXPRESS REPRESENTATIONS AND
WARRANTIES STATED HEREIN, APPSEC PHOENIX DISCLAIMS ALL OTHER
REPRESENTATIONS AND WARRANTIES, EXPRESS OR IMPLIED, INCLUDING THE
IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
PURPOSE AND NON-INFRINGEMENT. WITHOUT LIMITING THE FOREGOING,
APPSEC PHOENIX DOES NOT WARRANT OR REPRESENT THAT THE SOLUTION
WILL FIND ALL SECURITY VULNERABILITIES, RISKY CAPABILITIES OR
MALICIOUS CODE. APPSEC PHOENIX DOES NOT WARRANT OR REPRESENT THE
SOLUTION WILL SUGGEST ALL OR THE MOST IMPORTANT VULNERABILITY TO
FIX AND WILL BASE DECISION ON CUSTOMER PROVIDED PROFILING.
8.1. Appsec Phoenix’s Indemnity. Appsec Phoenix shall defend and indemnify Customer and its
Affiliates and their officers, directors and employees (the “Customer Indemnitees”) against
actual damages, costs and expenses, including reasonable attorneys’ fees, suffered by the
Customer Indemnitees arising out of a third party claim that (i) the Solution infringes or
violates any valid patent, copyright, or trademark or misappropriates a third party’s trade
secret or (ii) Appsec Phoenix is not the owner or licensee of any Appsec Phoenix Property,
including without limitation the Solution and/or does not have the right, title and/or interest
to grant the license rights provided for herein and make available the Solution; provided
that, in each case, Appsec Phoenix shall not be responsible for any claim to the extent
arising from or relating to (a) Customer’s unauthorized use of the Solution; or (b) any
Applications or any Customer Data used in combination with the Solution if the claim
would not have arisen but for such combination.
8.2. Customer’s Indemnity. Customer shall defend and indemnify Appsec Phoenix and its
Affiliates and their officers, directors and employees (the “Appsec Phoenix Indemnitees”)
against any actual damages, costs and expenses, including reasonable attorneys’ fees,
suffered by the Appsec Phoenix Indemnitees arising out of any third party claim that
Customer and/or its Affiliates (i) are not the owner or licensee of each Application and any
Customer Data or (ii) do not have the right, title and/or interest to grant the license rights
provided for herein and to submit and designate for Assessment each Application and any
Customer Data for the purposes of allowing Appsec Phoenix to provide the Solution and
produce the Reports or Document Output.
8.3. Indemnity Procedures. The indemnifying party shall conduct and have sole control of
the defense and settlement of any claim for which it has agreed to provide indemnification;
provided that the indemnified party shall have the right to provide for its separate defense at
its own expense. The indemnified party shall give prompt notice of all claims for which
indemnity is sought and shall cooperate in defending against such claims, at the expense of
the indemnifying party. The rights and remedies set forth in this
Section 8 state each Party’s exclusive liability and exclusive rights and remedies with regard
to claims made by a third party for intellectual property infringement or violation of a third
party’s intellectual property rights.
Limitation of Liability. IN NO EVENT WILL APPSEC PHOENIX, ITS AFFILIATES
OR SUBSIDIARIES BE LIABLE TO CUSTOMER OR ANY OTHER PARTY UNDER
OR IN CONNECTION WITH THIS AGREEMENT FOR: (1) INCIDENTAL,
INDIRECT, CONSEQUENTIAL OR PUNITIVE DAMAGES, INCLUDING WITHOUT
LIMITATION LOST PROFITS, BUSINESS INTERRUPTION, LOSS OF USE, OR
LOST DATA, REGARDLESS OF THE FORM OF THE ACTION WHETHER IN
CONTRACT, TORT (INCLUDING NEGLIGENCE), STRICT PRODUCT LIABILITY
OR OTHERWISE, EVEN IF APPSEC PHOENIX HAS BEEN ADVISED OF THE
POSSIBILITY OF SUCH DAMAGES; OR (2) DAMAGES CAUSED BY
CUSTOMER’S FAILURE TO PERFORM ITS OBLIGATIONS HEREUNDER. IN NO
EVENT WILL APPSEC PHOENIX, ITS AFFILIATES OR SUBSIDIARIES BE
LIABLE, IN THE AGGREGATE, TO CUSTOMER OR TO ANY OTHER PARTY FOR
ANY AND ALL CLAIMS ARISING OUT OF OR CONNECTED WITH THIS
AGREEMENT, IN AN AMOUNT EXCEEDING THE TOTAL AMOUNT ACTUALLY
PAID TO APPSEC PHOENIX BY CUSTOMER UNDER THE TERMS OF THIS
AGREEMENT DURING THE TWELVE (12) MONTH PERIOD IMMEDIATELY
PRECEEDING APPSEC PHOENIX’S RECEIPT OF NOTICE OF AN INITIAL
CLAIM. APPSEC PHOENIX SHALL LIMIT THE CUSTOMER’S LIABILITY UNDER
THE TERMS OF THIS AGREEMENT DURING THE TWELVE (12) MONTH
PERIOD IMMEDIATELY PRECEDING APPSEC PHOENIX’S RECEIPT OF NOTICE
OF AN INITIAL CLAIM, EXCEPT FOR BREACH OF THIS AGREEMENT TERMS,
NDA BREACH, MISUSE OF THE PLATFORM LINK TO A LEGAL PROCEEDING.
Without limiting the foregoing, except to the extent arising from Appsec Phoenix’s GROSS
negligence or intentional misconduct, Appsec Phoenix shall not have any liability for losses,
claims or damages for any harm or disruption of Customer’s systems or applications arising
out of penetration tests or simulated attacks which may be provided by Appsec Phoenix as
part of a particular Solution in accordance with the terms of this Agreement.
10.1. Term of Agreement. This Agreement shall commence on the Effective Date and will
continue thereafter until sixty (60) days after the expiration of the last to expire of any
existing Order Forms which are then in effect at the time of such notice of termination (the
10.2. Termination of an Order Form for Breach. A Party may terminate this Agreement for
material breach by the other Party, provided that in each instance of a claimed breach: (i) the
non-breaching party notifies the breaching party in writing of such material breach within
thirty (30) days of its occurrence and (ii) the breach is not cured within thirty (30) days of
receipt of such notice. An Order Form may only be terminated (in whole or in part) by a
Party if the other Party fails to cure a material breach of the terms of such Order Form or of
this Agreement as it relates to the terms of such Order Form within thirty (30) days after
receiving written notice of the material breach from the non-breaching party. The termination
of a particular Order Form shall not impact the validity of other Order Forms.
10.3. Effect of Termination. Upon any termination or expiration of this Agreement, all
rights and obligations of the Parties shall end, other than the rights and obligations under
Sections 6.1, 8, 9, 10.2 hereof.
10.4. Destruction of Applications and Data. Appsec Phoenix shall destroy, using industry
standard methods, all copies of each Application, component, cloud data, and Tokens, the
results of the Assessments of each of the above, Customer Confidential Information, and all
associated documentation and related materials provided by Customer either (i) upon request
by Customer; or (ii) within ninthy (90) days following any termination or expiration of a
particular Order Form or this Agreement if such destruction has not already occurred. Upon
request, Appsec Phoenix shall confirm such destruction in writing. Upon the expiration or
termination of any Order Form granting Customer access to Software, Customer shall
promptly destroy such Software and upon request, Customer shall confirm such destruction
Subscription Term set forth on an Order Form, insurance of such type and level as is
reasonable and prudent in the industry. Such insurance shall be carried with responsible
insurance companies of recognized standing which are authorized to do business in the state
in which the Solution is rendered
12.1. Assignment and Subcontractors. Neither Party may assign this Agreement, or any of
its rights or obligations hereunder (in whole or in part) without the prior written consent of
the other Party. Notwithstanding the foregoing, either Party may assign this Agreement,
without the other Party’s consent, in whole (but not in part) to a successor in interest to the
business of such Party in connection with a merger, sale of substantially all of its assets,
change of control or by operation of law, or to an Affiliate, provided that (i) the assignee
agrees to assume the obligations under this Agreement in writing and has adequate resources
to meet its obligations hereunder; and (ii) the assignment shall not change the scope of work
to be performed under any Order Form then in effect. The terms of this Agreement shall be
binding upon the permitted successors and assigns of each Party. Appsec Phoenix may use
subcontractors and shall be responsible for the acts and omissions of its subcontractors.
12.2. Governing Law and Venue. This Agreement is governed by the laws of England and
Wales, without regard to conflict of laws principles. The Parties agree to submit to the
exclusive jurisdiction of, and venue in, the courts of London, England in any dispute arising
out of or relating to this Agreement. The United Nations Convention on Contracts for the
International Sale of Goods does not apply to the transactions contemplated by this
12.3. Notices. Notices may be sent via e-mail, which in the case of Appsec Phoenix shall be
to email@example.com, and in the case of Customer shall be to the customer’s name
and address as set forth on the Order Form. Notices may also be sent in writing to each Party
at the address first set forth above. Notices sent in writing shall be deemed to be delivered (i)
one day after delivery with a reputable overnight carrier or (ii) three days after deposit with
Royal Mail sent first class mail, return receipt requested. Any notices to Appsec Phoenix
made by Customer shall also include a copy to: Appsec Phoenix Office 124 City Road, EC1V
2NX, London, UK.
12.4. Force Majeure. Neither Party shall be liable to the other Party for any failure or delay
caused by a Force Majeure Event, provided the Party shall use reasonable efforts to remove
such causes of nonperformance. Notwithstanding the foregoing, (i) neither Party is excused
from its obligation to take reasonable steps to follow its disaster recovery procedures and (ii)
Customer is not excused from its payment obligation.
12.5. Relationship of the Parties. The relationship of the Parties is that of independent
contractors and Appsec Phoenix shall not be construed to be an employee, partner, or agent
12.6. Entire Agreement. The terms of this Agreement (including any applicable exhibits,
referenced documents, or Order Forms entered into pursuant to this Agreement) provide the
complete understanding of the Parties with regard to the subject matter hereof and supersede
all previous communications, agreements, proposals or representations related to the subject
12.7. Amendment. Except as otherwise expressly provided for herein, any waiver,
amendment, or modification of any right or remedy, in whole or in part under this
Agreement, or any additional or different terms in acknowledgments or other documents, will
not be effective unless expressly agreed to in writing and signed by the authorized
representatives the Parties.
12.8. Order of Precedence. Unless the Order Form expressly amends this Agreement and
except as otherwise expressly provided herein, the terms and conditions of this Agreement
shall take precedence over any conflicting terms in the Order Form. It is expressly agreed that
no additional terms and conditions contained in Customer’s purchase order, internet
procurement portal or other non-Appsec Phoenix document shall apply to the Solutions
12.9. Miscellaneous. This Agreement may be executed in counterparts, including
information which is incorporated by written reference, which, taken together, will constitute
one and the same instrument. The exchange of a fully executed Agreement (in counterparts or
otherwise) by electronic means or in writing shall be sufficient to bind the Parties to the terms
and conditions of this Agreement and to any Order Form.
Get all the latest news, exclusive deals, and feature updates.