Sidechain MDP Terms of Service
Sidechain Managed Data Protection Services
These Terms are intended to explain our obligations as the provider of the Service and the Client’s obligations as a customer or user of the Service and form the basis of a legal contract between Client and Sidechain. Please read them carefully.
These Terms are binding on any use of the Service and apply to and are deemed to have been accepted by Client from the time that Sidechain first provides the Client with access to the Service or when an Agreement or Service Order is signed.
The Service will evolve over time based on user feedback and ongoing product development. These Terms are not intended to answer every question or address every issue raised by the use of the Service. Sidechain reserves the right to change the Service and these terms at any time, effective upon the posting of modified terms to the Website, and Sidechain will make every effort to communicate these changes to Clients via email or notification via the Website. It is likely these Terms will change over time. It is the Client’s obligation to ensure that they have read, understood and agree to the most recent terms available on the Website.
“Agreement” means the contract formed between You and Sidechain.
“CipherTrust” means the software used by Sidechain as part of it’s Managed Data Protection offering.
“Client” means the person or organization engaging the Sidechain services
“Confidential Information” means all confidential information exchanged between the parties to this Agreement, whether in writing, electronically or orally (including, in relation to Sidechain, the Service and the Sidechain IP), and all other information that is confidential in nature, marked as confidential or disclosed in circumstances such that it could reasonably be considered confidential
“Fees” means the fee (excluding any taxes and duties) payable by You in accordance with the agreed upon contractual rate and may include onboarding, monthly support and agent license fees and support. Please contact Sidechain directly for a quote.
“Intellectual Property Right” means any patent, trademark, service mark, copyright, moral right, right in a design, know-how and any other intellectual or industrial property rights, anywhere in the world whether or not registered.
“Sidechain” means Sidechain Security, a limited liability company incorporated in Oregon, United States.
“Sidechain IP” means all Intellectual Property Rights in the Services, the Website, and any documentation relating to the Services, including in all content, information, data, text, graphics, artwork, photographs and/or logos displayed on or contained on the Website as well as the look and feel of the Service Website.
“Service Level Agreement (SLA)” means the agreed upon Service Level monitoring and support provisions which are negotiated on a case-by-case basis.
“Terms” means these Terms as amended from time to time.
“Website” means the internet site at the domain Sidechainsecurity.com or any other site operated by Sidechain.
Sidechain will provide the services (the “Services”) described in one or more Statements of Work (each, an “SOW”) or Service Orders. In the event of any conflict between the terms of the Service Order or SOW and the terms of the Agreement, the terms of the Service Order or SOW shall control.
If either party wishes to make a change to any of the Services or the Deliverables, or the method or timing of performance of the Services or take any action that shall impact on the performance or delivery of the Services or the Deliverables or the total cost to Client of the Services, such party shall present the proposed change to the other party, in writing (a “Change Order”). No Change Order will take effect unless signed by both parties.
The following Services tiers are available for purchase:
- Sidechain Managed Data Protection – Multi-tenant (includes licensing to CipherTrust Transparent Encryption in addition to the Services)
- Sidechain Managed Data Protection – Dedicated (includes licensing to CipherTrust Transparent Encryption in addition to the Services)
- Sidechain Managed Data Protection – Dedicated BYOL (Bring your Own License)
Sidechain’s support and monitoring services may be negotiated on a case-by-case basis but typically support is available 24×7, 365 days a year.
PROCESS: Sidechain will receive calls or emails from client with information about incidents, changes and or other support requests. Client will be provided with email and phone numbers for both Service Desk and Service Management contact levels. Escalation to the management level is indicated when (1) Sidechain and Client have not agreed that a resolution has been reached, (2) the respective contact person could not be reached in time, or (3) the Client believes there is a risk that the error cannot be eliminated within the agreed time frame.
|Client Personnel contact details (email and phone)||Service requests/incident announcement and change requests||Sidechain’s 1st level support contact details (email and phone)|
|Client Personnel contact details (email and phone)||Sidechain’s Service Management contact details (email and phone)|
UPDATES: Sidechain shall provide information about the expected duration of the error and its foreseeable effects for the Client’s business as soon as possible. Information shall include precautionary and remedial measures. If known, Sidechain shall inform the Client of the reason for the error. Sidechain shall provide information about the expected duration of the error and its foreseeable effects for the Client’s business as soon as possible. Information shall include precautionary and remedial measures.
NOTIFICATION, UPDATES AND RESOLUTION TIME: Sidechain will respond to, update, and resolve incidents, and change and support requests within the time frames indicated.
|Severity Level||Initial Notification||Update Frequency||Resolution Time|
Loss of data access or use of production software/service; errors which make effective use of the Software impossible; and errors which severely impact business critical operations of the Software during production use.
|60 minutes from identification of issue by Client||Every hour after Initial Notification||As early as possible but not longer than twelve (12) hours from receipt of the fault reported by Sidechain whereby the Parties agree that the timely implementation of a work-around by Sidechain which reduces the error from Priority 1 to Priority 2 shall suffice for the purposes of the Priority 1 error resolution. (A priority 1 error allows Sidechain to shut down the service for maintenance).|
Severely degraded performance of applications or production software/service.
|120 minutes from identification of issue by Client||Every 2 hours after Initial Notification||Within forty-eight (48) hours from receipt of the fault report by Sidechain or the implementation of a work-around for a Priority 1 error. (If the fault is reported outside support times, then the time for resolving counts from the beginning of the next support time)|
Use of the Sidechain Data Protection results in substandard or erratic performance of the Covered Environment.
|4 Normal Business Hours from Client’s ticket request.||Notify Client if remediation recommendations require Client approval||Sidechain is obligated to eliminate system faults or malfunctions during the maintenance of the system. For this purpose, Sidechain provides standby support on weekdays (i.e., not on Saturdays/Sundays and/or Public Holidays) during reachable working hours with the intention of providing a reaction time as defined by the error priorities.|
Minor performance issues, Critical/High/Medium Severity Level issue which can be addressed with a workaround, or product questions or issues which do not result in reduced functionality or performance
|8 Normal Business Hours from Client’s ticket request.||Notify Client if remediation recommendations require Client approval||Sidechain is obligated to eliminate system faults or malfunctions during the maintenance of the system. For this purpose, Sidechain provides standby support on weekdays (i.e., not on Saturdays/Sundays and/or Public Holidays) during reachable working hours with the intention of providing a reaction time as defined by the error priorities.|
Availability: Sidechain warrants that the software is fully functional and free of interruptions and errors for 98.5% of the time per year of the respective Order, other than for planned and authorized downtime for maintenance. Availability shall be defined as any and all times where no Priority 1 error occurs. Sidechain does not provide any further representations, warranties and/or guarantees in regard to the availability of the Software.
Backups: Sidechain is obliged to provide backup services for storage and security of the systems on a daily basis. Backups are secured and encrypted both at file level and at rest. Sidechain ensures that the data can be restored with a reasonable and justifiable effort at any time. The Client remains the sole owner of the data processed on the Sidechain’s systems and is solely entitled to its disposal.
Down time: Sidechain shall inform the Client of any planned downtime with at least three (3) days advance notice. Downtime with a duration of longer than one (1) hour shall be arranged outside of the agreed support time. Planned downtimes are as follows: Jointly agreed downtime for the deployment of updates and new releases Downtime during planned emergency exercises on the side of the Client Planned and jointly agreed shutdown of Sidechain’s infrastructure.
Exclusions: Service Level assurances and remedies do not apply to any Software, equipment or services not purchased via and managed by the Sidechain or an authorized Sidechain reseller. Additionally, SLAs do not apply when:
- The problem has been caused by using equipment, software or service(s) in a way that is not recommended.
- The Client has made unauthorized changes to the configuration or set up of affected equipment, software, or services.
- The Client has prevented the supplier from performing required maintenance and update tasks.
- The issue has been caused by unsupported equipment, software, or other services.
- In circumstances that could be reasonably said to be beyond Sidechain’s control. For instance: floods, war, acts of god and so on.
- If the Client is in breach of its contract with the Sidechain or its reseller for any reason (e.g., late payment of fees).
- FEES AND PRICING
Sidechain Data Protection is priced as indicated in the Service Order or SOW with pricing based on the following Services elements:
- Onboarding – the one-time onboarding Fee will be based upon a one-time fee (per agent).
- Licensing – the license Fee includes licensing to CipherTrust Transparent Encryption for:
Sidechain Managed Data Protection – Multi-tenant, and
Sidechain Managed Data Protection – Dedicated.
- Base Monthly Fee. A fixed monthly fee applicable to the environment.
- Per Agent Fee. A per agent monthly fee variable based upon number of agents required.
ADDITIONAL AGENTS: Initial pricing will be based on the number of licensed agents identified in the Service Order or SOW. If additional agents are added to the Client configuration, Client may be charged an additional onboarding and license Fee and Client will then be subject to the new per agent monthly fee for the remainder of the Service Order or SOW term.
PRICING: Notwithstanding anything to the contrary, the Sidechain Services will be provided to Client pursuant to the pricing and terms indicated in the Agreement. This pricing will remain in effect for one year from the effective date of the Agreement. Thereafter, upon at least ninety (90) days’ notice to Client, Sidechain may increase the price up to 3% per year.
PAYMENT TERMS: Upon execution of an Agreement, Service Order or a subsequent SOW, Sidechain shall be entitled to invoice the Client for the entire amount due under the SOW or as determined by a payment schedule. Unless otherwise stated in the SOW, Sidechain’s invoices must be paid by the Client within thirty (30) days. Late payments will accrue interest at a rate of 1.5% per month.
EXPENSES: Unless otherwise specified in the SOW, the Client shall pay Sidechain’s reasonable pre-approved out-of-pocket expenses, with receipt, and third-party charges within thirty (30) days of the date on the applicable invoice.
INVOICING: One-time Fees will be invoiced upon commencement of Services onboarding, and monthly recurring Fees, per Client’s Licensed Usage, will be invoiced monthly in arrears. Client agrees that all Fees are non-refundable and are payable in accordance with the terms of the Agreement.
ERRORS AND DISPUTES: If there is an error in Client’s invoice related to the Services, Client shall (i) notify Sidechain of the error within 5 days of invoice receipt or Client will be deemed to have conclusively waived its right to dispute the Fees, and (ii) pay any such disputed invoice as due. Provided Client has given timely notification of a disputed invoice error, Sidechain will work with Client in good faith to correct the error. In the event Client is owed a refund or credit, Sidechain will remit such refund or credit to Client’s account, in a reasonably timely manner. If it is determined that Client owes Fees in excess of Client’s initial invoice, Client agrees to pay Sidechain accordingly. In addition to any other rights and remedies Sidechain may have under the Agreement, Sidechain may deduct any outstanding debit and any applicable Fees from future transaction proceeds.
TAXES: The Client shall be responsible for any and all applicable taxes, however designated, incurred as a result of or otherwise in connection with this Agreement, including but not limited to state and local income, privilege, excise, sales, and use taxes and any taxes or amounts in lieu thereof paid or payable by Sidechain, but excluding taxes based upon the net income of Sidechain.
- TERM AND TERMINATION
TERM: The term of this Agreement will be an initial twelve (12) month term that upon expiration of the Initial Term, and except as indicated otherwise in the Service Order or SOW, Services shall renew for successive renewal terms (“Renewal Terms”) of no less than 12 months each, per the then-current pricing, unless and until either party provides notice of non-renewal at least ninety (90) days prior to start of the Renewal Term. However, specific SOWs may have lesser or greater terms. If a particular SOW extends beyond the term of this Agreement, then this Agreement shall automatically extend through the duration of that SOW.
TERMINATION: Subject to the consequences specified below, either party may terminate this Agreement for any reason upon giving ninety (90) business days’ prior written notice to the other. Termination (but not expiration) of this Agreement will effectively terminate any and all outstanding SOWs. Specific SOW’s may have their own termination terms. The terms that, by their nature, should survive expiration or termination of this Agreement shall do so.
CLIENT’S EARLY TERMINATION: If the Client terminates this Agreement or any SOW without Sidechain’s material breach, and prior to the expiration of the term or completion of the Services, then any sums already paid by the Client to Sidechain shall be non-refundable. If Sidechain has provided Services that have not been invoiced, then the Client shall pay Sidechain for such Services. If Services are terminated by Client for cause or for convenience prior to the expiration of any then-active term, Client must pay an early termination Fee equal to the monthly recurring Fee times the number of months remaining in the then-active Initial Term or Renewal Term, as applicable. At Sidechain’s election, non-payment by the Client for a cumulative period of more than thirty (30) days without Sidechain’s fault or material breach shall be considered an election by the Client to terminate this Agreement within the meaning of this subsection.
CLIENT’S TERMINATION FOR BREACH: In order to terminate this Agreement due to Sidechain’s material breach, the Client must give Sidechain written notice detailing the nature of Sidechain’s material breach and give Sidechain thirty (30) days to cure. Termination by the Client without giving Sidechain such notice and cure period shall be considered “early termination” by the Client as described above. If, after thirty (30) days, Sidechain fails to cure such breach, this Agreement will be effectively terminated and Sidechain shall, in its sole discretion, determine the percentage of completion of any outstanding SOWs and issue the Client a final invoice or statement, as well as any refund due for any prepaid amounts proportionate to Sidechain’s estimated completion percentage, minus any costs incurred by Sidechain.
SIDECHAIN’S TERMINATION FOR BREACH: If the Client materially breaches of this Agreement (which includes late payment) Sidechain may terminate this Agreement for cause effective immediately or suspend performance until such breach is cured.
- RESTRICTIONS AND REQUIREMENTS
COMPLIANCE WITH TERMS: Client shall ensure that all its end users comply with the Sidechain Terms and with these Product Terms and it shall be responsible for enforcing all terms to the extent of its reasonable control. In the event Client becomes aware that Client or its end user has breached any such terms and conditions, Client will promptly notify Sidechain and will exercise all reasonable efforts to enforce Sidechain’s rights under such terms.
USE RESTRICTIONS: Sidechain Data Protection is provided for Client’s internal use only and Client may not resell, sublicense, rent, lease or otherwise distribute the Services to any third party. Client is prohibited from acting as a services bureau, ISV, VAR or OEM with respect to Sidechain Data Protection.
SOFTWARE RESTRICTIONS: If the Sidechain Data Protection includes software, Client may only use the software as described in the Agreement and for Client’s internal use only. Except as expressly authorized in these Product Terms, Client shall not cause or permit any of the following: (i) translating, transmitting, modifying, or copying of the software; (ii) use of the encryption agent(s) on operating systems or platforms other than those designated by Sidechain; (iii) making copies of the encryption software; (iv) distributing, sublicensing, renting, or transferring software to any third party; or (v) removing, deleting, or altering any copyright, trademark, or proprietary notices, labels, or marks on the software documentation provided to Client in connection with the Services.
REVERSE ENGINEERING: Client shall not, nor shall Client assist, any third party to reverse engineer, decompile, disassemble, or in any other manner attempt to derive the source code of any component of the software for any purpose. Client shall notify Sidechain if Client becomes aware of any person or entity attempting to reverse engineer, reverse compile, or disassemble any of the software.
SYSTEM RESTRICTIONS: Infrastructure and architecture modifications, including OS alterations, may not be made without consulting, and informing Sidechain. Client will comply with best practices and guidance from Sidechain to access data. The use of admin or root privileges to switch between users must not be used. Client acknowledges that if Client modifies the encryption keys/passwords, encrypted data may become permanently inaccessible.
- WORK PRODUCT, OWNERSHIP, LICENCES
INTELLECTUAL PROPERTY: All intellectual property rights, including copyrights, patents, patent disclosures and inventions (whether patentable or not), trademarks, service marks, trade secrets, know-how and other confidential information, trade dress, trade names, logos, corporate names and domain names, together with all of the goodwill associated therewith, derivative works and all other rights (collectively, “Intellectual Property Rights”) in and to all documents, work product and other materials that are delivered to the Client under this Agreement or prepared by or on behalf of Sidechain in the course of performing the Services, except for any Confidential Information of the Client or Client materials (collectively, the “Deliverables”) shall be owned by Sidechain. Sidechain hereby grants Client a license to use all Intellectual Property Rights in the Deliverables free of additional charge and on a non-exclusive, worldwide, non-transferable, non-sublicensable, fully paid-up, royalty-free and perpetual basis to the extent necessary to enable Client to make reasonable use of the Deliverables and the Services.
- REPRESENTATIONS, WARRANTIES, AND INDEMNITIES
CLIENT REPRESENTATIONS: The Client agrees, warrants, and represents that:
- It has the right and power to enter into and fully perform this Agreement.
- It will fully cooperate with Sidechain to best allow Sidechain to provide the Services, including allowing Sidechain access to its property, employees, and facilities, as needed, and assisting Sidechain with getting necessary releases from the Client and its agents and employees.
- The ideas, concepts, materials, logos, names and other assets and collateral provided by the Client to Sidechain for the Services (“the Client Materials”) will be suitable, technically and in subject matter, for all uses contemplated hereunder; and
- The Client Materials may be used pursuant to this Agreement and any applicable SOW without violating applicable laws and without violating or infringing upon the rights of third parties.
SIDECHAIN REPRESENTATIONS. Sidechain represents and warrants to Client as follows:
- Sidechain will perform its services in a professional and workmanlike manner and in accordance with the highest industry standards.
- Sidechain does and will comply with, and the Services will comply and be conducted in accordance with, all applicable federal, state and local laws, rules and regulations and Sidechain will provide the Client with all data, documents, reports and/or certifications reasonable requested by the Client to evidence the foregoing.
- Services (including without limitation any software or other content, element or portion thereof) and any and all other content, services or Intellectual Property that it provides or otherwise makes available to the Client, will not infringe upon, misappropriate or otherwise violate the Intellectual Property of any third party.
- All deliverables will conform with their specifications as set forth in the relevant Service Order or SOW.
NO WARRANTY: EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, SIDECHAIN MAKES NO WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY IMPLIED WARRANTIES OF MERCHANTABILITY, NONINFRINGEMENT, OR FITNESS FOR A PARTICULAR PURPOSE OR ANY WARRANTIES ARISING AS A RESULT OF USAGE IN TRADE OR BY COURSE OF DEALING.
LIMITATION OF LIABILITY: SIDECHAIN’S MAXIMUM LIABILITY UNDER ANY SOW, WHETHER ARISING UNDER CLAIM OF TORT (INCLUDING NEGLIGENCE), CONTRACT OR OTHERWISE, WILL NOT EXCEED THE TOTAL AMOUNT OF CONSIDERATION TO BE RECEIVED BY SIDECHAIN THEREUNDER. NEITHER PARTY SHALL BE RESPONSIBLE FOR DELAYS OR LACK OF PERFORMANCE RESULTING FROM CAUSES BEYOND EITHER PARTY’S REASONABLE CONTROL, INCLUDING DELAYS AND NON-PERFORMANCE CAUSED BY THIRD-PARTY ACTS OR OMISSIONS (INCLUDING WITHOUT LIMITATION INTERNET SERVICE PROVIDERS, CLIENT OR CLIENT’S CONTRACTORS), STRIKES, LOCKOUTS, WORK SLOWDOWNS OR STOPPAGES, FIRES, ACTS OF GOD OR TERRORISM. NEITHER PARTY WILL BE LIABLE TO THE OTHER, WHETHER IN TORT, CONTRACT OR OTHER CLAIMS IN LAW OR EQUITY, FOR ANY INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, EXEMPLARY OR PUNITIVE DAMAGES ARISING OUT OF THIS AGREEMENT, REGARDLESS OF WHETHER EITHER PARTY HAS BEEN ADVISED OF SUCH DAMAGES.
INDEMNIFICATION: The Client shall defend (at its own cost and expense), indemnify, defend and hold Sidechain and its subsidiaries, affiliates, parents, partners and licensees harmless from and against any loss, cost, liability, damage or expense (including reasonable attorney’s fees and expenses) any of them may incur or be liable for to a third party arising out of any breach or alleged breach of the Client’s obligations hereunder, including but not limited to negligence, willful misconduct as well as the Client’s breach of its representations and warranties under this Agreement.
COVERAGES: Sidechain has the following insurance coverage:
- Statutory Workers’ Compensation and/or Employer’s Liability as required by state or country law with a minimum limit of $500,000 each accident / $500,000 each disease / $500,000 policy limit.
- Commercial General Liability, on an occurrence basis, including but not limited to premises-operations, product completed-operations, broad form property damage, contractual liability, independent contractors, and personal liability, with a minimum combined single limit of $1,000,000 per occurrence.
- Automobile Liability with a combined single limit of $1,000,000 each accident.
- Umbrella Liability on an occurrence basis with a minimum limit of at least $5,000,000 per occurrence.
- Tech Professional with an occurrence limit of $2,00,000
- PROTECTION OF PERSONAL DATA
“Personal Data” is any information relating to an identified or identifiable natural person (“Data Subject”)
“Processing” of Personal Data shall mean and include any operation or set of operations which is performed upon Personal Data, whether or not by automatic means, such as collection, recording, organization, storage, adaptation or alteration, retrieval, accessing, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, blocking, erasure or destruction.
Sidechain shall only Process Personal Data: (i) for the purpose of providing the Services to Client; or (ii) as otherwise expressly authorized by Client.
Sidechain shall ensure that neither it, nor its Subcontractors, nor any of their employees or agents, shall publish, divulge, disclose, or transfer any Personal Data to any third party (including a Subcontractor), even for back-up purposes, except for a disclosure or transfer: (i) made on the instructions of or with the prior written consent of Client; (ii) to any of their employees, to whom such disclosure is necessary for the performance of the Services.
Both Client and Sidechain shall implement all measures necessary to ensure compliance by their staff with their obligations relating to Personal Data under this Agreement.
Sidechain shall notify Client in the most expedient time possible under the circumstances and without unreasonable delay of any Security Breach involving any Personal Data, where “Security Breach” is defined as any event involving an actual, potential or threatened compromise of the security, confidentiality or integrity of the data, including but not limited to any unauthorized access or use, any loss of Personal Data (including any loss of a laptop or other portable media containing unencrypted Personal Data) or any broader circumstances as defined in any applicable local law.
CONFIDENTIALITY: During the term of this Agreement and for three (3) years after the expiration or termination of this Agreement, each party shall protect the Confidential Information of the other from improper disclosure and shall limit use and disclosure thereof to its own employees and subcontractors bound to maintain the confidentiality of the Confidential Information. “Confidential Information” is information that pertains to the businesses, products, technologies, ideas and customers of each party, other information which is valuable to such party or information that is marked or verbally indicated as confidential, but does not include information that (a) is public knowledge, (b) was in the recipient’s possession before receipt from the disclosing party hereunder, (c) is disclosed to Sidechain by a third party without breach of confidentiality obligations or (d) is independently developed by the recipient without reference to the Confidential Information of the disclosing party hereunder.
AGREEMENT CONFIDENTIAL: The terms and conditions of this Agreement will be deemed to be the Confidential Information of each Party and will not be disclosed without the written consent of the other Party.
- GENERAL PROVISIONS
RELATIONSHIP: Sidechain is an independent contractor, not an employee of the Client. Wherever used in this Agreement, the term “the Client” mean the Client, its parent, subsidiary, affiliated and associated companies, and their successors or assignees.
ASSIGNMENT: Sidechain reserves the right to assign any rights or delegate any duties under this Agreement.
NOTICES: All notices, requests, consents, claims, demands, waivers, and other communications hereunder (each, a “Notice”) shall be in writing and sent via e-mail to email@example.com
PUBLICITY: Client agrees to allow Sidechain to use Client’s name, logo, or marks in manner, or issue a press release or other publicity referring to Client.
AMENDMENTS: Any amendments, modifications, or alterations to an Agreement must be in writing and signed by both parties.