Read full document below or click on the button to download the PDF version.Download PDF
This is the Subscription Agreement for Software as a Service dated the date that the last party signs (Subscription Agreement) between the parties identified in the Subscription Order form, for the right to access and use the SCW Learning Platform.
The Subscription Agreement (including the SLAs and Subscription Order Form) sets out the Terms and Conditions between SCW and the Customer and when executed by both parties forms a legally binding and enforceable agreement between them.
SCW and the Customer shall hereinafter be defined as the “Party” and collectively as the “Parties”.
The following words shall have the meaning stipulated herein below:
Affiliates means a company in which either party either wholly owns or has a controlling interest, and includes subsidiaries as that term is commonly applied and Related Body Corporate as defined in the Corporations Act 2001 (Cth);
Applicable Data Protection Legislation means any data protection or privacy legislation which applies, respectively to the activities of the Customer and SCW, including, where applicable the European General Data Protection Regulation Act 2016 (GDPR), the UK Data Protection Act 2018, the Australian Privacy Act (Cth) 1988, and any other applicable legislation
Confidential Information means any information, maintained in confidence by the disclosing Party, communicated in written or oral form, marked as proprietary, confidential or otherwise so identified, and/or any information that by its form, nature, content or mode of transmission would, to a reasonable recipient, be deemed confidential or proprietary, including, without limitation, each party, employees, business plans, methods of operation, SCW Offerings, including the SCW Learning Platform. Confidential Information will also include, without limitation:
Consent means consent, permission, agreement or approval which meets the requirements for the consent of the Applicable Data Protection Legislation
Controller has the meaning as defined by Regulation (EU) 2016/679 with obligations as set forth in the regulation
Customer means the party which acquires a Subscription on execution of this Subscription Agreement, and, if applicable, End Users(s)
Customer Data means all information, including any personal information provided by the Customer to SCW to enable SCW to provide the Customers and its End Users access to and use of the SCW Learning Platform
Defect means a defect, error or bug having a materially adverse effect on the appearance, operation or functionality of the SCW Learning Platform, but excluding any defect, error or bug caused by or arising as a result of an act or omission of the Customer, any failures of the internet or part of the internet or other mechanism designed or used to disable, erase, alter or harm the SCW Learning Platform
Device means a single personal computer, workstation, mobile phone, tablet, or other electronic devices.
End Date is the date set out in Item 2 of the Subscription Order Form
End User means a person or persons employed and / or otherwise authorized by the Customer, or where applicable the Customer’s group, and who is provided with a subscription by the Customer to access and use the SCW Learning Platform, and excludes any person or persons who is employed by or contracted to a competitor to SCW
Force Majeure means any circumstances which are outside the parties’ control and which prevent or delay SCW providing the Service and SCW’s Materials (or any of them), including the failure of any utility service or transport or telecommunications network, any bug, defect, error, fault or deficiency in any software or data not provided by SCW, any act of God, war, riot, civil commotion, malicious damage, compliance with any law or governmental order, rule, regulation, or direction, accident, breakdown of place, machinery or equipment fire, flood or storm.
Insolvency Event means a situation where in respect to either party (1) a party is unable to pay its debt as and when they fall due; (2) a receiver or administrator is appointed over the party or any part of their respective undertakings or assets; (3) a resolution for winding up the party is proposed (or ordered), with the expectation of such an order being proposed for the purpose of a bona fide reconstruction; (4) a court of competent jurisdiction makes an order to that effect; (5) it becomes subject to an order of administration; (6) it enters into any scheme of arrangement with credits or any similar process to any of the above is begun in any jurisdiction, or if it ceases or threatens to cease to carry on business Intellectual Property means all intellectual property rights wherever in the world, whether registered or unregistered, including patents, rights to any invention, copyrights and related rights, moral rights, rights in computer software, trademarks, service marks, trade names, domain names, rights in any goodwill and the right to sue for passing off or unfair competition, registered designs, other rights in designs any application or right of application of such rights, including codes, sequences, derivative works, copyrights, data-base rights, trade secrets, know-how, business names, trade names, trademarks, service marks, patents, petty patents, utility models, rights in design, organisation, structure, interfaces, any documentation (including the SCW Materials), data and other related rights
Personal Data has the meaning given to it according to Regulation (EU) 2016/679 and Directive 95/46/EC, as amended from time to time, and includes the definition of Personal Information as provided in the Privacy Act 1988 (Cth)
Processor has the meaning as defined by Regulation (EU) 2016/679 with obligations as set forth in the regulation
SCW means Secure Code Warrior Limited, and its related/ affiliate entities
SCW Learning Platform means computer software developed and owned by SCW Limited made available to the Customer as a service via the internet, including Documentation, updates, supplements, modification, addition and/or adaptation of the SCW Learning Platform to enable or include certain features and/or functionality, under the terms and conditions of this Subscription Agreement
SCW Materials means any electronic or written aids, manuals, user instructions, technical literature, training material, demo material, specifications and all other related materials, which may be accessible by the Customer in the SCW Learning Platform
SLAs means the Service Level Schedule attached as Attachment A to this Subscription Agreement
Start Date means the date set out in Item 2 of the Subscription Order Form.
Subscription means the subscription for the right to access and use the SCW Learning Platform according to this Subscription Agreement
Subscription Fee means the fee payable by the Customer for SCW for access to and use of the SCW Learning Platform, the amount of which is set out in Item 3 of the Subscription Order Form.
Subscription Order Form means the Subscription Order Form between the Parties and attached to this Subscription Agreement
Subscription Term means the term specified in Item 2 of the Subscription Order Form
Sub Processor means a 3rd party processor selected by SCW for a specific set of processing needed by the SCW Learning Platform.
The SCW Learning Platform provides an integrated suite of secure code training and tools that moves the focus from reaction to prevention. SCW’s Learning Platform includes hands-on training, team tournaments, real time coaching plug-in, self-paced learning for every skill level and online assessments.
The SCW Learning Platform is made available through an account set up for the Customer. The Customer’s right to access and use the Subscription for the SCW Learning Platform is web based only pursuant to the terms of this Subscription Agreement.
The initial term of this Subscription Agreement is set out in Item 2 of the Subscription Order Form (Initial Term).
This Subscription Agreement will automatically renew for successive 12-month periods, unless either party provides the other with a minimum of sixty (60) days written notice.
On termination or expiration of the Subscription Agreement, the Customer´s access to and use of the SCW Learning Platform will no longer be available, neither the Customer or the End User(s), will have access to or use of the SCW Learning Platform and applicable data or Services therein.
The Customer (including its End Users) is granted a limited, non-transferable, non-exclusive subscription to access and use the SCW Learning Platform on Devices via any standard web browser during the Subscription Term.
Neither Customer nor any End User are permitted to frame, reproduce, or otherwise re-publish, re-sell or re-distribute the SCW Learning Platform, or any part thereof.
The Customer agrees, and will procure that its End Users, will only access and use the SCW Learning Platform for its internal business use.
The Customer acknowledges and agrees that the subscriptions are for designated End Users and cannot be shared or used by more than one End User and may only be reassigned to new End Users replacing former End Users who have left the Customer’s business or otherwise with the express consent of Secure Code Warrior.
The Customer is entitled to add additional End Users during the Subscription Term, following which the Customer will be invoiced for the additional End Users, prorated to the end of the relevant Subscription Term (or renewal term as may be appropriate).
If the Customer exceeds the number of End Users (and has not gone through the process outlined in clause 4.6 above), SCW reserves the right to charge the Customer for each of the additional End Users. The Customer will be invoiced for the number of additional End Users, as outlined in clause 4.6 above, prorated to the end of the relevant Subscription Term (or renewal term as may be appropriate).
The Customer acknowledges and agrees that the SCW Learning Platform may include certain software which is incorporated in the SCW Learning Platform for no additional fee (Open Source Software). Access to the Open Source software is provided subject to the terms provided for such access. A link to the relevant terms is https://license-list.securecodewarrior.com/. The Customer herein agrees that such terms are incorporated into this Subscription Agreement.
SCW does not make any representation, endorsement, guarantee or assurance of the suitability of the SCW Learning Platform for the Customer.
SCW will maintain the SCW Learning Platform and provide all support services on terms set out in the Service Level Schedule.
The Customer agrees to pay SCW a subscription fee for the right to access and use the SCW Learning Platform (Subscription Fee). The amount of the Subscription Fee and payment terms are set out in the Subscription Order Form.
Unless otherwise set out in the Subscription Order Form, SCW may revise the Subscription Fee with effect from the end of the Initial Term or, in the case of a Term which is longer than 12 months but where the Customer is paying on an annual basis, with effect from the end of each 12 month period by giving the Customer not less than 30 days’ notice, provided that (with the exception of any increase in the Fee which relates to an increased number of End Users during any Subscription Term) the percentage increase in the Subscription Fee does not exceed 2% above the percentage increase as follows:
The Subscription Fee does not include any applicable taxes including but not limited to goods and services tax (GST), value added tax (VAT) which will be added on top of the fee as applicable, and as otherwise set out in the Subscription Order Form.
The Customer is responsible for payment of any applicable taxes as may be owed by the Customer due to entering into this Subscription Agreement.
If the Customer wishes to dispute any part of an invoice, the Customer must notify SCW, in writing, within five (5) business days after receipt of the invoice, explaining the reason for the dispute and the amount disputed (a Disputed Invoice). If SCW is not notified that an invoice is disputed within that time, the invoice will be deemed undisputed and will be due and payable in accordance with the terms of this Subscription Agreement. The Parties will work together to resolve any Disputed Invoice expeditiously. Where only part of the invoice is disputed, the Customer will pay the undisputed amount on the due date for payment.
Each party recognises and agrees that the Subscription Agreement, including the terms and negotiations leading up to its execution, create a confidential relationship between them, and that all information disclosed between them is Confidential Information. Each party agrees to protect Confidential Information disclosed to it to the same extent and in the same manner that it would protect its own Confidential Information. Each party further agrees to bind their respective employees, agents and subcontractors to the confidentiality and other terms and conditions of the Agreement and to be liable for their compliance therewith. In no event shall either parties’ practices and/ or policies fall below a level of reasonable and due care, which includes each party limiting reproduction, access, disclosure and use to those personnel who have a need to know for the purposes of performing the services in this Agreement, and who are made aware of and agree to comply with the terms of the Confidentiality obligations herein.
The Customer may receive User-specific information and may export and use that information in order to monitor the End Users’ use, results and performance in regard to the individual performance of the End User and as a part of internal use as applicable and desirable by the Customer for, including but not limited to, reports, campaigns and examination.
SCW owns and retains all right, title, interest and ownership to the SCW Learning Platform including without any limitation all Intellectual Property rights in and to the SCW Learning Platform, SCW Materials, and Learning materials. Accordingly, the Customer acknowledges and agrees that this Subscription Agreement and its access and use of the SCW Learning Platform transfers no title or ownership of the SCW Learning Platform either to it or any of its End Users.
The Customer acknowledges and agrees that SCW has a royalty-free, worldwide, transferable, irrevocable, perpetual license to use or incorporate into the SCW Learning Platform any suggestions, enhancement requests, recommendations or other feedback provided by Customer, including Users, relating to the operation of the SCW Learning Platform.
Each party agrees during the Subscription Term to maintain appropriate insurances as required by applicable law and which include all insurance as required by all applicable laws and regulations and employers’ liability insurance, Public / Products Liability, and Professional Indemnity.
The Subscription Agreement will only terminate on the End Date if the Customer provides the notice as described in clause 3.2 above.
Either party may terminate the Subscription Agreement and any applicable Subscription Order by notice in writing to the other and with immediate effect if:
(a) the other party commits a material breach, incapable of remedy;
(b) the other party fails to remedy a breach within 10 business days of receiving written notice by the other party, provided that, in each instance of a claimed breach: (i) the non-breaching Party notifies the breaching Party in writing of such breach; and (ii) the breaching Party fails to either cure such breach within ten (10) days (or such other period as mutually agreed by the Parties) from receipt of such notice;
(c) an Insolvency Event occurs in relation to either party; or
(d) any law enforcement agency or court requires or requests SCW to do so.
SCW may terminate the Subscription Agreement at any time in circumstances where there are technical and or security issues caused by the Customer that directly impact (or may impact) either of (a) the business operations of SCW or any of its customers; (b) the integrity of the SCW Learning Platform. For clarity, SCW will provide the Customer with a period of 14 days to respond to and or resolve any issues or concerns that Secure Code Warrior identifies in writing to the Customer, but the decision will otherwise be exercised by Secure Code Warrior in its absolute discussion.
SCW agrees to indemnify, defend and/or, at its option, settle any third-party claims that Customer’s (including affiliates and authorized users) (each an “Indemnified Party”) brought against or suffered by any Indemnified Party, alleging that any of the SCW Materials or the Indemnified parties’ access to and use of the SCW Learning Platform infringes any valid patent, copyright, trademark, trade secret or other intellectual property rights in the relevant territory. At its option and expense, SCW may either: (i) procure for Customer the right to continue to access and use the SCW Offerings; (ii) repair, modify or replace the SCW Offerings so that it is no longer infringing; and in circumstances where neither (i) or (ii) are possible (iii) provide a prorated refund of the fees paid for the SCW Offerings which gave rise to the indemnity calculated against the remainder of term for the applicable SCW Offerings from the date it is established that SCW is notified of the third party claim.
This indemnity is subject to: (i) the Indemnified Party providing prompt notice of any claim of infringement and assistance in the defense thereof, (ii) the Indemnifying Party’s sole right to control the defense or settlement of any such claim, provided that the settlement does not require a payment or admission of liability on the part of the other Party, and (iii) the indemnified Party not taking any actions or failing to take actions that hinder the defense or settlement process as reasonably directed by the indemnifying Party.
The Customer which for the purpose of this indemnity (includes its Affiliates and their respective employees, contractors and End Users’), is responsible for compliance with this Subscription Agreement. Without prejudice to SCW’s right to take action against any of the Customer’s Affiliates in relation to any breach of this Subscription Agreement, will be liable to and indemnifies SCW for all loss, cost, liability and/ or and damages (including legal fees) arising from or related to Customer's failure to comply with clauses 4, 7 and 8 of this Subscription Agreement.
Other than as provided in section 13 above, the maximum liability of SCW to the Customer will in no circumstances exceed an amount equal to or more than the Subscription Fee paid or payable to SCW for access to and use of the SCW Learning Platform, in any 12 month period.
Notwithstanding the above, neither Party will be liable to the other, whether in contract or tort, or otherwise for any incidental, indirect, punitive, exemplary, special, consequential or unforeseeable loss, damage or expense, loss of profits, loss of business, loss of opportunity, loss or corruption of data, however arising, even if advised of the possibility of such loss or damages being incurred.
Entire liability. The provisions in sections 13 and 14 state the exclusive remedy of the Customer with respect to any infringement and/or misappropriation claims.
This Subscription Agreement and any disputes arising out of or in connection with access to and use of the SCW Learning Platform under the terms of the Subscription Agreement will be governed and interpreted by the non-exclusive jurisdiction of the laws as follows:
The parties agree that if a dispute arises out of or in connection with the performance of the parties’ rights and obligations under the Subscription Agreement (Dispute), that each of them will adhere to the following process before initiating any court action. The language to be used in the proceedings will be English, and the dispute resolution process is agreed as follows:
This Subscription Agreement and the Customer’s right to access and use the SCW Learning Platform does not establish any relationship of partnership, joint venture, employment, franchise or agency between the Customer and SCW.
16.2 Neither party will use and/or display the other’s name and logo on its website and marketing or other collateral, without the other’s express prior consent.
Assignment. Neither party may assign the Subscription Agreement or its rights and obligations under the Subscription Agreement without the prior written consent of the other party, whose consent will not be unreasonably withheld or delayed. Notwithstanding the foregoing, neither party is entitled to withhold or delay its consent for any complete or partial assignment made by, or between their respective corporate structure
Survival. Sections of this Subscription Agreement that, by their terms, require performance after the termination or expiration of this Subscription Agreement will survive as permitted by local law. These sections include section 1 (Definition), section 7 (Confidentiality), section 8 (Intellectual property), section 10 (Warranties), section 13 (Indemnities) and section 16 (Miscellaneous)
Entire agreement. This Subscription Agreement (including the Service Level Schedule), the Subscription Order Form and where relevant, any Data Processing Agreement constitutes the entire agreement between SCW and the Customer. It supersedes any prior or contemporaneous communications, and any prior agreement between the Parties regarding its subject matter, and cannot be amended or updated other than by a written agreement signed by both Parties. In the event of a conflict between the terms of this Subscription Agreement and a subsequent written agreement, this Subscription Agreement shall prevail.
Waiver. No waiver of any breach of this Subscription Agreement shall be a waiver of any other breach, and no waiver will be effective unless made in writing and signed by an authorized representative of the waiving Party.
Severability. If a court holds any provision of this Subscription Agreement to be illegal, invalid or unenforceable, the remaining provisions will remain in full force and effect and the Parties will amend this Subscription Agreement to give effect to the stricken section to the maximum extent possible.
Non-Solicitation. Each party and their respective Affiliates (referred to as party/ parties in this clause) acknowledge and agree that each of them spend significant time and money to recruit and train their staff and that, were either party to hire an employee of the other, that party may suffer loss, including incurring significant time and money in finding, hiring, training and onboarding of suitable replacement staff. Therefore if, at any time during the Subscription Term or within 12 months after the end of the Subscription Term, either party hires an employee, the hiring party will pay the other an amount equal to that member of staff’s salary, bonuses and benefits during the 12 months immediately preceding that member of staff ceasing to be a member of staff of that party. For clarity this clause does not apply in circumstances where an employee of one party applies for a bona fide advertised position vacant for the other entity.
The SIGNATURES below confirm the agreement of both parties to the terms and conditions of the Subscription Agreement above. When signed by authorized signatories, each party agrees that the terms of Subscription Agreement constitute a legally binding and enforceable agreement between them:
Service Level Schedule
This schedule describes the scope and functionality of the Services to be provided by SCW to the Customer under this Subscription Agreement. It also specifies certain of the obligations of each party in the delivery of the Services.
Each Service has, where specified, an associated Service Level.
2. SERVICE OVERVIEW
SCW shall supply Customers with an online security training service incorporating the following production environment services:
(a) Online Access: On-line access to the Service during the Service Hours excluding scheduled downtime as defined in this schedule or as otherwise agreed in writing between the parties.
(b) Maintenance and Support Services during the Service Hours.
(c) Data back-ups in accordance with section 5.
(d) Application management: (1) application upgrades, (2) delivery of
application maintenance updates
SCW shall monitor and manage all components used to deliver the Service during the Service Hours throughout the Term.
SCW shall ensure appropriate capacity planning of the Services to ensure there is always sufficient capacity to provide the Service at the Service Levels. This shall require Customer to advise SCW of any anticipated material changes to the use of the Service.
3. MAINTENANCE AND SUPPORT SERVICES
(a) SCW will inform Customer regularly of the timing and contents of new releases to the Service. Customer may provide suggestions and input to SCW regarding any planned or requested new features. SCW shall, at its sole discretion, consider whether Customer’s suggestions shall be included in a subsequent release as part of the
Maintenance and Support Services.
(b) Except where a product enhancement cost has been agreed with the Customer, such new releases to the Service shall be made at no cost to the Customer.
(c) SCW shall document any such changes in release notes which shall be made available to the Customer as soon as possible, but no later than the date any new release is issued.
Support Services & Responsibilities
(a) SCW shall provide the support services in English.
(b) SCW shall notify Customer of all material incidents that have an impact on the Service provided to the Customer
(c) SCW shall be responsible for:-
(i) The availability of the Service.
(ii) Solving incidents and problems raised by the Customer Help Desk.
(iii) Implementing changes to the Service required as a result of solving incidents.
(iv) Communicating the status of incidents to the Customer Help Desk.
(v) Communicating information about planned system changes of outages to Customer and the subsidiaries in a timely manner.
(vi) Responding to each incident in line with the specified actions for each incident class.
(d) Customer is responsible for:
(i) Raising incidents to the SCW help desk through a centralized Customer Help Desk.
(ii) The Customer must nominate at least 2 authorized Support Contacts and notify SCW of their names and contact details immediately following the date of the Agreement.
(iii) Incidents and service requests must be reported via any of the supported service channels.
(iv) No phone support is provided directly to Users.
(v) The Customer must not publish SCW’s contact details on their intranet, website, or anywhere else.
The Customer Help Desk shall provide the following items when notifying SCW of an incident:
(i) incident time, duration, and location.
(ii) User ID and contact details.
(iii) Incident description.
(iv) Category of the incident, to be mutually agreed between the parties.
SCW can adjust the severity of reported issues if our investigations have shown the severity to be incorrect.
Severity readjustment is commonly used in circumstances where a ticket is submitted as Class A or Class B but contradicts the definition above.
SCW may also increase the level of severity if the issue is considered to be more serious than initially reported
Before closing an incident, the SCW help desk will seek confirmation from the Customer that the incident has been resolved.
4. SERVICE LEVELS
General Description of Service Levels
(a) Unless otherwise specified, the measurement period for the Service Levels is each Service Period.
(b) Where Service Levels are described as “targeted”, such targeted Service Level measurements represent the expected performance levels of the Service under normal operating conditions, but such targeted measurements are for guidance only and do not constitute any obligations or liabilities on the part of SCW and any failure to meet such targeted Service Levels shall not be construed in any way as a breach by SCW of this Agreement.
(c) In the event that Service Levels fail to meet the targeted Up Time and/or the targeted System Response Time metrics in any Service Period, SCW’s obligations are limited to providing analysis and explanation of the reason(s) and proposed reasonable measures to eliminate the undershoot. Such measures may require changes either in the usage of the Services by the Customer or of the Services by SCW.
(d) Where Service Levels are described as ‘contracted’, such contracted Service Level measurements represent the actual performance
levels of the Service under normal operating conditions and a failure to meet such contracted Service Levels will result in Service Credits being calculated.
4.2. Uptime and Performance Service Levels
(a) The Service Levels apply to the SCW learning platform and shall be measured over the Service Hours except for scheduled
(b) The metrics used to measure performance of the Service are as follows:
(i) System Response Time
(ii) Up Time
(iii) Maintenance Window
(c) The point of measurement for all Services monitoring with respect to System Response time shall be the servers at the SCW sub-processor data center. Response times exclude the transaction cycle times on communication links from the data center to the Customer’s end-user
(d) The System Response metric shall be calculated over a Service Period.
(e) Measurement methods and targets for Service Up Times shall be as follows:
(i) Service Up Time shall be calculated at the end of each Service Period. The Contracted Service level for Service Up Times in any service period shall be 99.75%. The targeted Service Level for Services Up Times in any Services Period shall be 99.9%.
(ii) Up Time shall be expressed in percent and is defined as the time period during which the Service is available to the
(iii) Up Time is calculated as follows:-
Service Up Time in % = means total number of minutes in
the calendar month minus scheduled downtime minus the
number of minutes of downtime suffered in a calendar
month, divided by the total number of minutes in a
calendar month minus scheduled maintenance windows
(iv) Service Up Time is continuously monitored via the following status page: https://status.securecodewarrior.com
(f) Service Credits shall apply for failure to meet the contracted Service Levels and shall be as follows:
(i) For Uptime Percentage less than 99.75% but equal to or greater than 99.0%, you will be eligible for a 10% Service Credit of the Service fee for the applicable month.
(ii) For Uptime Percentage less than 99.0%, you will be eligible for a 20% Service Credit.
(iii) The Service Fee shall be the total service fee paid divided by the number of months of subscription to the service during a Term.
(iv) SCW shall provide the Service Credit to the Customer in the month following the Service Period in which the Service
Level Failure occurred.
4.3. Maintenance Windows
(a) The provisions for scheduled maintenance are as follows :
Unplanned maintenance including corrective actions to be taken by SCW to resolve an incident
Service Level Exclusions
The parties agree that the Service Levels shall not apply if one or more of the following exists:
(a) Suspension of the Service to carry out planned or routine maintenance.
(b) Adverse impact on Up Times or Response Times due to the malfunction of Customer-owned or controlled firewalls, networks, or connectivity.
(c) Adverse impact on Up Times or Response Times due to a Force Majeure event(s)
(a) SCW shall take a backup of all Customer data:-
(i) Incremental Backup: Every Minute, retained for 24 hours
(ii) Full backup: Every 6 hours, retained for 2 calendar days.
(iii) Full backup: Every day retained for 7 calendar days.
(iv) Full backup: Every week retained for 4 calendar weeks.
(v) Full backup: Every month retained for 13 months.
(b) Such backup shall be stored at a separate, secure, location to the production environment.
(c) Backup data shall only be used for resolving incidents in the SCW Platform. Backup data is not intended to be used (and in most cases won't be able to be used) to recover data accidentally deleted by Customer. Accidentally deleted data does not classify as an incident.