RISK I/O INC ("RISK I/O") LICENSES THIS SOFTWARE PRODUCT TO YOU SUBJECT TO THE TERMS CONTAINED IN THIS END USER LICENSE AGREEMENT (THIS "AGREEMENT" or "EULA"). READ THE TERMS AND CONDITIONS OF THIS AGREEMENT CAREFULLY BEFORE USING THIS COMPUTER SOFTWARE AND THE ACCOMPANYING DOCUMENTATION (THE "SOFTWARE"). THE SOFTWARE IS LICENSED TO YOU UNDER THIS EULA, NOT SOLD TO YOU. BY USING THE SOFTWARE, YOU AGREE TO BE BOUND BY THE TERMS OF THIS EULA. IF YOU ARE NOT WILLING TO BE BOUND BY THE TERMS OF THIS EULA, DO NOT USE THE SOFTWARE
THIS EULA IS A LEGAL AGREEMENT CONCERNING THE SOFTWARE BETWEEN YOU, AS EITHER AN INDIVIDUAL OR A SINGLE BUSINESS ENTITY AND RISK I/O. THIS AGREEMENT SUPERSEDES AND REPLACES ANY PRIOR PROPOSAL, REPRESENTATION, OR UNDERSTANDING YOU MAY HAVE HAD WITH RISK I/O RELATING TO THE SOFTWARE.
Assent to Be Bound
By clicking the "I accept the terms..." checkbox on the account activation page, by executing a written copy of this Agreement, or by installing, copying or otherwise using this Software, you agree to be bound by the terms of this Agreement. If you do not agree with any term or condition, do not download, order, open, install or use the Software or product package. Contact Risk I/O to arrange the removal of access to the Software and accompanying materials at no charge to you.
You agree that, unless otherwise specifically provided herein or agreed by Risk I/O in writing, the Software and the Documentation, including the specific design and structure of individual programs and the Software, provided to you by Risk I/O constitute confidential proprietary information of Risk I/O. You shall permit only authorized users, who possess rightfully, obtained license keys, to use the Software or to view the Documentation. You agree not to transfer, copy, disclose, provide or otherwise make available such confidential information in any form to any third party without the prior written consent of Risk I/O. You agree to implement reasonable security measures to protect such confidential information, but without limitation to the foregoing, shall use best efforts to maintain the security of the Software provided to you by Risk I/O. You will use your best efforts to cooperate with and assist Risk I/O in identifying and preventing any unauthorized use, copying, or disclosure of the Software, Documentation, or any portion thereof.
It is expressly understood, acknowledged and agreed that you shall, regardless of whether or not formally requested to do, provide to Risk I/O reasonable suggestions, comments and feedback regarding the Software, including but not limited to usability, bug reports and test results, with respect to Software testing (collectively, "Feedback"). If you provide such Feedback to Risk I/O, you shall grant Risk I/O the following worldwide, non-exclusive, perpetual, irrevocable, royalty free, fully paid up rights: (i) to make, use, copy, modify, sell, distribute, sub-license, and create derivative works of, the Feedback as part of any Risk I/O product, technology, service, specification or other documentation (individually and collectively, "Risk I/O Products"); (ii) to publicly perform or display, import, broadcast, transmit, distribute, license, offer to sell, and sell, rent, lease or lend copies of the Feedback (and derivative works thereof) as part of any Risk I/O Product; (iii) solely with respect to Licensee's copyright and trade secret rights, to sublicense to third parties the foregoing rights, including the right to sublicense to further third parties; and (iv) to sublicense to third parties any claims of any patents owned or licensable by Licensee that are necessarily infringed by a third party product, technology or service that uses, interfaces, interoperates or communicates with the feedback or portion thereof incorporated into a Risk I/O Product, technology or service. Further, you warrant that your Feedback is not subject to any license terms that would purport to require Risk I/O to comply with any additional obligations with respect to any Risk I/O Products that incorporate any Feedback.
Grant of License
Subject to the terms and conditions of this Agreement, Risk I/O hereby grants to you a non-exclusive, non-transferable license (without the right to sublicense) (i) to use the Software in accordance with the Documentation solely for purposes of internal testing and evaluation.
Restrictions on Grant
Except as otherwise specifically permitted in this Agreement, you may not: (a) modify or create any derivative works of any Software or documentation, including translation or localization; (code written to published APIs (application programming interfaces) for the Software shall not be deemed derivative works); (b) copy the Software except as provided in this Agreement or elsewhere by Risk I/O; (c) separate Software, which is licensed as a single product, into its component parts. (d) sublicense or permit simultaneous use of the Software by more than one user; (e) reverse engineer, decompile, or disassemble or otherwise attempt to derive the source code for any Product the Software (except to the extent applicable laws specifically prohibit such restriction); (f) redistribute, encumber, sell, rent, lease, sublicense, use the Software in a timesharing or service bureau arrangement, or otherwise transfer rights to any Software. You may NOT transfer the Software under any circumstances; (g) remove or alter any trademark, logo, copyright or other proprietary notices, legends, symbols or labels in the Product(s); (h) publish any results of benchmark tests run on any Software to a third party without Risk I/O prior written consent.
Trial Software Product Support
Risk I/O is under no obligation to provide technical support under the terms of this license, and provides no assurance that any specific errors or discrepancies in the Software will be corrected.
Ownership and Copyright of Software
Title to the Software and all copies thereof remain with Risk I/O and/or or its suppliers. Licensee agrees to prevent any unauthorized copying of the Software. Except as expressly provided herein, Risk I/O does not grant any express or implied right to you under Risk I/O patents, copyrights, trademarks, or trade secret information.
Term Of This Agreement
Your rights with respect to the Software will terminate upon the end of the free trial period or upon the contract termination date if you enter into a paid agreement.
THE SOFTWARE AND DOCUMENTATION ARE LICENSED "AS IS", AND RISK I/O DISCLAIMS ANY AND ALL OTHER WARRANTIES, WHETHER EXPRESS OR IMPLIED, INCLUDING, WITHOUT LIMITATION, ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE, TO THE EXTENT AUTHORIZED BY LAW. WITHOUT LIMITATION OF THE FOREGOING, RISK I/O EXPRESSLY DOES NOT WARRANTS THAT THE SOFTWARE WILL MEET YOUR REQUIREMENTS OR THAT OPERATION OF THE SOFTWARE WILL BE UNINTERRUPTED OR ERROR FREE. YOU ASSUME RESPONSIBILITY FOR SELECTING THE SOFTWARE TO ACHIEVE YOUR INTENDED RESULTS, AND FOR THE RESULTS OBTAINED FROM YOUR USE OF THE SOFTWARE. YOU SHALL BEAR THE ENTIRE RISK AS TO THE QUALITY AND THE PERFORMANCE OF THE SOFTWARE.
Limitation of Liability
Provision of any Software under this Agreement is experimental and shall not create any obligation for Risk I/O to continue to develop, productize, support, repair, offer for sale or in any other way continue to provide or develop Software either to Licensee or to any other party.
RISK I/O CUMULATIVE LIABILITY TO YOU OR ANY PARTY RELATED TO YOU FOR ANY LOSS OR DAMAGES ARISING OUT OF OR RELATING TO THIS AGREEMENT, OR INSTALLATION OR USE OF THE SOFTWARE SERVICE AND DOCUMENTATION SHALL NOT EXCEED THE AMOUNT OF LICENSE FEES PAID TO RISK I/O BY YOU UNDER THIS AGREEMENT. THIS LIMITATION APPLIES TO ALL CAUSES OF ACTION OR CLAIMS IN THE AGGREGATE, INCLUDING, WITHOUT LIMITATION, BREACH OF CONTRACT, BREACH OF WARRANTY, INDEMNITY, NEGLIGENCE, STRICT LIABILITY, MISREPRESENTATION, AND OTHER TORTS. IN NO EVENT SHALL RISK I/O BE LIABLE TO YOU OR ANY PARTY RELATED TO YOU FOR ANY INDIRECT, INCIDENTAL, CONSEQUENTIAL, SPECIAL, EXEMPLARY, OR PUNITIVE DAMAGES OR LOST PROFITS, EVEN IF RISK I/O HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
United States Government Restricted Rights
The Software and Documentation are provided with Restricted Rights. Use, duplication, or disclosure by the government is subject to restrictions as set forth in subparagraph (c)(f)(ii) of the Rights in Technical Data and Computer Software clause at DFARS 252.227-7013 or subparagraphs (c) (1) and (2) of the Commercial Computer Software-Restricted Rights at 48 C.F.R. S:52.227-19, as applicable.
Governing Law and Choice of Forum
This Agreement shall be governed by and interpreted in accordance with the laws of the State of Delaware, without regard to the conflicts of law rules thereof. Any claim or dispute arising in connection with this EULA shall be resolved in the federal or state courts situated within the State of Delaware. To the maximum extent permitted by law, you hereby consent to the jurisdiction and venue of such courts and waive any objections to the jurisdiction or venue of such courts.
You acknowledge that Software is of U. S. origin. Recipient agrees to comply with all applicable international and national laws that apply to the Software, including the U. S. Export Administration Regulations, as well as end-user, end-use and destination restrictions issued by U.S. and other governments.
This Agreement constitutes the complete and exclusive agreement between you and Risk I/O with respect to the subject matter hereof, and supersedes all prior or contemporaneous oral or written communications, proposals, representations, understandings, or agreements not specifically incorporated herein. This Agreement may not be amended except in a writing duly signed by you and an authorized representative of Risk I/O.
Perimeter Scanning Service
Qualys is an intended third party beneficiary to these terms and conditions and as such may assert any applicable rights set forth herein as may be necessary to protect its intellectual property or other confidential or proprietary material the service provider (Risk I/O) to end customer (End User) hereunder.
User Name and Password
End User will be responsible for keeping logins and passwords confidential and required to keep its user name and password confidential. Upon learning of any unauthorized use of a user name or password, End User will promptly notify Risk I/O or Qualys. Such compromised login will be terminated and provide the End User with new ones. End User agrees to defend, indemnify and hold Risk I/O and Qualys harmless from and against any and all losses Risk I/O or Qualys may suffer as a result of any unauthorized disclosure or use by of a user name or password.
End User acknowledges that the Qualys Scanning Service, the software that provides the Service and its structure, organization, and source code constitute valuable trade secrets of Qualys and its suppliers. Except as expressly permitted under this Agreement, the rights granted to End User hereunder are subject to the following restrictions and End User agrees not to: (a) integrate the software that provides the Service with other software or services, or frame the Service within another user interface or application; (b) distribute, sublicense, lease, rent, loan, or otherwise transfer the Service to any third party or permit any third party to benefit from the use or functionality of the Service via timesharing, service bureau arrangements or otherwise; (c) use the Scanners, Service, Reports, API or any data or information contained in any of the foregoing, except for the limited purpose of vulnerability management or malware detection with regard to the Assets for which the End User has purchased a subscription package; (d) open, disassemble, or tamper with a Scanner in any fashion; (e) transfer possession of a Scanner to any third party other than an End User; (f) reverse engineer, decompile, disassemble, or otherwise attempt to derive the source code of the software that is embedded in the Scanner , or that provides the Service; or (g) charge any fee for the use or results of a trial subscription. If applicable law mandates that a licensee of software will be lawfully entitled to decompile such software for the purpose of obtaining the information necessary to achieve the interoperability of an independently created computer program with such licensed program, provided, among other things, that such information has not previously been readily available, and that such decompilation is confined to the parts of the licensed program which are necessary to achieve such interoperability, Qualys, upon the request of End User, will make such information available to the End User so that the End User will not need to claim or exercise any such right of decompilation. End User must not remove, alter, or obscure in any way all proprietary rights notices (including copyright notices) of Qualys or its suppliers on or within the copies of the Service, Scanner, Reports or Scan Data.
The design and function of the Scanner, the Service, the API, the Scan Data and the Reports, and in each case all data and information contained therein (excluding subscription specific factual data gathered from the End Users Assets, the software that provides the Service, the software related to or embedded in the Scanner, and any worldwide copyrights, trademarks, trade secrets, patents, patent applications, moral rights, contract rights, and other proprietary rights relating thereto (“Intellectual Property Rights”) are the exclusive property of Qualys and its suppliers and licensors. All rights not expressly granted in this Agreement to End User are reserved by Qualys.
End User agrees that Qualys and its licensors provide the scanner, Service, API, Scan Data and Reports “AS IS,” without any warranty of any kind, and to the maximum extent permitted by applicable law, Risk I/O and Qualys expressly disclaims all representations and warranties regarding this Agreement, the Scanner Service, Scan Data and Reports, whether express, implied or statutory, and including any warranties of merchantability, fitness for a particular purpose, title, quality, accuracy and noninfringement of third party rights. Risk I/O and Qualys does not warrant that the Scanner or Service will be continuously available; that use of the Scanner or Service will be uninterrupted or error-free; that the Scanner or Service will detect every vulnerability of an End User or consulting customer’s network; that information available through the scanner, Service or Reports will be accurate, complete, or current; or that errors or defects will be corrected. The Service may become unavailable due to any number of factors including scheduled or unscheduled maintenance, technical failure of the software, telecommunications infrastructure, or the Internet. End Users should not rely on a “Pass” designation in a Report or the statements of Qualys personnel regarding a PCI program as an indication that End User’s network is secure. End User acknowledges that a scanner will interact with End user’s technology, including networking and telecommunications systems, and End User must accordingly take appropriate steps to back up and protect its technology and the data contained in or available through such technology. End User understands and agrees that the disclaimer of warranties in this agreement is fair and reasonable and a fundamental part of this Agreement and that Qualys would not agree to enter this Agreement without such disclaimer. The parties acknowledge and agree that the foregoing provisions shall be enforced to the maximum extent permitted under applicable law.
Each party (the “Disclosing Party”) may during the term of this Agreement disclose to the other party (the “Receiving Party”) certain information, which the Disclosing Party considers proprietary or confidential. “Confidential Information” means information about End Users, information about Qualys’ customers, any analytical content in the Reports, any other confidential information of either party, including software, source code, software tools, trade secrets, know-how, inventions, processes, schematics, software source documents, query fields, testing criteria, pricing, discount lists, user names, passwords, and financial information. Without limitation to the foregoing, all data and information contained within the Service or the Reports (excluding individual factual data gathered form the End User’s or Consulting Customer’s network Assets), and all information concerning or materially relating to the Scanner, are Confidential Information of Qualys. The Receiving Party will not use any Confidential Information of the Disclosing Party for any purpose not expressly permitted by this Agreement, and will disclose the Confidential Information of the Disclosing Party only to those employees who have a need to know such Confidential Information for purposes of this Agreement, and who are under a duty of confidentiality no less restrictive than the Receiving Party’s duty hereunder. The Receiving Party will protect the Disclosing Party’s Confidential Information from unauthorized use, access, or disclosure in the same manner as the Receiving Party protects its own confidential information of a similar nature, and with no less than reasonable care. Without limitation to the foregoing, End User may not access, use or refer to any information or data contained within the Service or the Reports except for the limited purpose of vulnerability management and compliance checking with regard to the Assets for which End User has purchased a subscription package. Each party will return all Confidential Information promptly to the other party after (a) the other party requests that it be returned or (b) this Agreement expires or is terminated; provided that such action may be delayed for so long as, and to the extent that, such Confidential Information relates to outstanding payment obligations or is subject to audit, reporting, or retention requirements under this Agreement or applicable law.
The Receiving Party’s obligations hereunder shall not apply to Confidential Information which: (i) is or becomes a matter of public knowledge through no fault of or action by the Receiving Party; (ii) was rightfully in the Receiving Party’s possession prior to disclosure by the Disclosing Party; (iii) subsequent to disclosure, is rightfully obtained by the Receiving Party from a third party who is lawfully in possession of such Confidential Information without restriction; (iv) is independently developed by the Receiving Party without resort to the Disclosing Party’s Confidential Information; or (v) is required by law or judicial order, provided that prior written notice of such required disclosure is furnished to the Disclosing Party as soon as practicable, and prior to disclosure occurring, in order to afford the Disclosing Party an opportunity to seek a protective order or other legal remedy to prevent such disclosure, and that if such order or remedy cannot be obtained, disclosure may be made without liability.
Both parties acknowledge that the restrictions contained in this Section are reasonable and necessary to protect their legitimate interests and that any violation of these restrictions are likely to cause irreparable damage to the other party. Each party agrees that damages are not an adequate remedy for any such violation and that the other party will be entitled to seek injunctive relief against each violation.
Limitation Of Liability
In no event will Risk I/O or Qualys be liable to End User or to any third party claiming through or under End User, for any lost profits, loss or corruption of data, equipment, or network downtime, or for any consequential, indirect, special, exemplary, or incidental damages, whether in contract, tort, or otherwise, arising from or relating to this Agreement or the use of the Scanner, Service, or Reports, even if Risk I/O or Qualys has been advised of the possibility of such damages. Risk I/O and Qualys’ total cumulative liability arising from or relating to this Agreement, whether in contract, tort, or otherwise, will be limited to the greater of (i) the aggregate amount paid by End User to Risk I/O under this Agreement during the twelve (12) months immediately preceding the filing of the first lawsuit, or (ii) one thousand U.S. Dollars (U.S. $1,000). End User understands and agrees that the limitations of Risk I/O and Qualys’ liability in this Agreement are reasonable and a fundamental part of this Agreement and that Risk I/O and Qualys would not agree to enter this Agreement without such limitations. The parties acknowledge and agree that the foregoing provisions shall be enforced to the maximum extent permitted under applicable law.