SEKURO MASTER TERMS AND CONDITIONS
Last updated 6th October 2022.
PARTIES
SEKURO OPERATIONS PTY LTD (ABN 52 652 187 785) (Supplier)
[FULL COMPANY NAME] [ABN NUMBER] (Customer)
BACKGROUND
The Supplier is in the business of providing Information Technology Services.
The Customer wishes to obtain, and the Supplier wishes to provide, the Services on the terms set out in this agreement.
GENERAL TERMS
1. Definitions and interpretation
1.1 Capitalised terms or expressions used in this agreement have the meanings set out in this clause.
APP: means an Australian Privacy Principle as defined in the Privacy Act.
APP Entity: has the meaning given in the Privacy Act.
Business Day: a day on which banks are open for business in Sydney, New South Wales, Australia, other than a Saturday, Sunday or public holiday in that city.
Business Hours: the period from 9.00 am to 5.00 pm on any Business Day.
Commencement Date: the date when the agreement has been signed by all the parties.
Consumer Price Index: the Consumer Prices Index (All Groups) (Australia) published by the Australian Bureau of Statistics.
Control: the definition given to that term in section 50AA of the Corporations Act, and the expression change of control shall be construed accordingly.
Corporations Act: the Corporations Act 2001 (Cth).
Customer’s Equipment: any equipment, including tools, systems, cabling or facilities, provided by the Customer, its agents, subcontractors or consultants which is used directly or indirectly in the supply of the Services.
Customer Materials: all documents, information, items and materials in any form, whether owned by the Customer or a third party, which are provided by the Customer to the Supplier in connection with the Services.
Customer’s Representative: has the meaning given in clause 5.1(b).
Data Breach Investigation: an investigation as required to be carried out in accordance with clause 12.3(c).
Data Incident: an Eligible Data Breach that has, or is reasonably suspected to have, occurred in respect of any Personal Information the Supplier has collected, held, used or disclosed in the course of or relating to this agreement.
Deliverables: any output of the Services to be provided by the Supplier to the Customer as specified in an Order and any other documents, products and materials provided by the Supplier to the Customer in relation to the Services (excluding Hardware and Software and the Supplier’s Equipment).
Eligible Data Breach: an eligible data breach as that term is defined in the Privacy Amendment (Notifiable Data Breaches) Act 2017 (Cth), occurring on or after 22 February 2018.
GST: goods and services tax chargeable under A New Tax System (Goods and Services Tax) Act 1999 (Cth).
GST Law: has the same meaning as “GST Law” in the A New Tax System (Goods and Services Tax) Act 1999 (Cth).
Hardware: any physical product sold to the Customer by the Supplier.
Intellectual Property Rights: patents, rights to inventions, copyright and related rights, trade marks, business names and domain names, technology and all other intellectual property rights, whether registered or unregistered.
Managed Security Services: a managed service that provides certain security activity and responses as described in a SoW and provided subject to the terms and conditions set out under Schedule 5.
Milestone: a date by which a part or all of the Services is to be completed, as set out in a Quote, Proposal or SoW.
Personal Information: has the meaning given in the Privacy Act.
Privacy Act: the Privacy Act 1988 (Cth) as amended from time to time.
Professional Services: the provision of information technology professionals for consulting, design, development, implementation or training projects as described in a Quote, Proposal or SoW.
Proposal: a document describing the Services to be provided by the Supplier, and applicable pricing and charges.
Order: means either:
a Customer’s request for Services based on a valid Quote that has subsequently been accepted by the Supplier (which may be made via the Supplier’s online quotation system); or
a SoW / Proposal for the provision of Services that has been signed by the Parties.
Quote: a quotation for Services to be provided, including applicable Service Charges.
Sensitive Information: has the meaning given in the Privacy Act.
Services: the services to be provided to the Customer as set out in a Quote, Proposal or SoW which may include the provision of Hardware, Software, Professional Services, Managed Security Services or any other services offered by the Supplier and agreed to be supplied under an Order.
Software: any software licenced to the Customer by the Supplier under resale from a third-party vendor.
Service Charges: the amounts payable for the Services as set out in the relevant Quote, Proposal or SoW.
Statement(s) Of Work (SoW(s)): a document describing the Services to be provided by the Supplier, and applicable pricing and charges.
Supplier’s Equipment: any equipment (other than Hardware), including tools, systems, cabling or facilities, provided by the Supplier to the Customer and used directly or indirectly in the supply of the Services.
1.2 In this agreement the following rules of interpretation apply, unless the contrary intention appears or context otherwise requires:
(a) headings and subheadings are for convenience only and do not affect the interpretation of this agreement;
(b) a reference to a body (other than a party to this agreement), whether statutory or not, that ceases to exist or has its powers or functions transferred to another body is a reference to the body that replaces it or that substantially succeeds to its powers or functions;
(c) no provision of this agreement will be construed adversely to a party because that party was responsible for the preparation of that provision or this agreement;
(d) specifying anything in this agreement after the terms “include”, “including”, “includes”, “for example”‘, “such as” or any similar expression does not limit the sense of the words, description, definition, phrase or term preceding those; and
(e) this agreement includes all Schedules and attachments to it.
2. Commencement and term
2.1 This agreement starts on the Commencement Date and, unless terminated earlier in accordance with clause 15, ends when either party gives to the other party 30 days’ written notice to terminate, such notice to terminate only taking effect on the completion of all Orders entered into before the date on which the notice to terminate is served (the Term).
2.2 If there are no uncompleted Orders as at the date notice to terminate is served under clause 2.1, such notice will terminate this agreement with immediate effect.
2.3 The parties will not enter into any further Orders after the date on which notice to terminate is served under clause 2.1.
3. Orders
3.1 If, during the Term, the parties enter into an Order for Services the Parties agree that the provision of the Services will be governed by the terms of this agreement.
3.2 Once an Order has been agreed no amendment will be made to it except in accordance with clause 8.
3.3 Each Order will be part of this agreement and will not form a separate contract to it.
3.4 Each Quote, Proposal or SoW will specify the Services to be provided. The Schedules to this agreement set out terms that will apply to the provision of specific types of Services in addition to these General Terms.
3.5 If there is an inconsistency between the terms set out in this document and the terms set out in a Quote, Proposal or SoW the terms shall be applied in this order of precedence:
(a) the terms of the Schedule(s) related to the Service(s);
(b) these General Terms; then
(c) the terms of the Quote, Proposal or SoW
4. Supplier’s obligations and warranties
4.1 The Supplier will endeavour to provide the Services at a professional standard to the Customer in accordance with a Quote, Proposal or SoW in all material respects.
4.2 The Supplier will endeavour to meet any delivery, performance dates or Milestones specified in a Quote, Proposal or SoW but any such dates will be estimates only. Supplier will be excused from any failure to supply which was contributed to by causes beyond its reasonable control (including delay in supply from third parties) and the time specified for completion of supply will be extended commensurately.
4.3 The Supplier will abide by the relevant information security laws and regulations applicable in the countries in which it operates.
4.4 The Supplier makes no additional warranty in relation to the Services other than those prescribed by law.
4.5 The Supplier does not represent or guarantee that the outcome of the Services will meet the Customer’s expectations or objectives. The Customer must make independent enquiries about the suitability of the Services for their requirements.
5. Customer’s obligations and warranties
5.1 The Customer must:
(a) provide assistance to the Supplier (including access to physical sites, networks, infrastructure, documentation, licence information, Customer Material and employees and contractors) to the extent reasonably necessary to enable the Supplier to perform the Services;
(b) must identify a manager who is appointed in respect of the relevant Services to be performed (Customer’s Representative); and
(c) warrants that the Customer’s Representative has authority to contractually bind the Customer on all matters relating to the relevant Services under an Order (including by signing Change Orders).
5.2 The Customer shall indemnify and hold the Supplier harmless from and against any expense, loss, claim, judgment, award or order (including settlement of any claim entered into upon legal advice) suffered by or made against the Supplier arising from or incidental to compliance by the Supplier with any instruction, specification or direction of the Customer.
5.3 The Customer warrants that throughout the term of this agreement that:
(a) there are no legal restrictions preventing compliance with the terms of this agreement;
(b) it will cooperate with the Supplier and provide all information that is reasonably necessary to enable satisfactory performance of the Services;
(c) the information provided to the Supplier is true, correct and complete;
(d) it has obtained any consents, licences and permissions from other parties necessary for the Services to be provided, at the Customers cost; and
(e) consent is given for the use of the Customer’s name and Intellectual Property in relation to the Services.
5.4 The Customer acknowledges by entry into this agreement that no promise, representation, guarantee or undertaking has been made or given by the Supplier or any person on its behalf in relation to the capacity, uses or benefits to be derived from use, profitability of or any other results to be obtained from the provision of the Services, except as set out in this agreement. The Customer has relied on its own skill and judgment in deciding to acquire the Services and acknowledges that the Supplier does not and cannot warrant that any services will be uninterrupted, error free, or free of harmful components, or that any content will be secure or not otherwise lost or damaged.
6. Professional Services
6.1 The Service in an Order may include Professional Services either as part of another Service or as a stand-alone Service.
7. Non-solicitation
7.1 From the date of an Order until 12 months after its completion, neither party will, without the prior written consent of the other party, employ or engage or attempt to employ or engage any employee or contractor of the other party involved in the provision of the Services.
8. Change control
8.1 Either party may propose changes to the scope or delivery of the Services but no proposed changes shall come into effect until a relevant amendment has been signed by both parties (Change Order). A Change Order is a document which sets out the proposed changes and the effect that those changes will have on:
(a) the Services;
(b) the Service Charges;
(c) the timetable for the Services; and
(d) any of the other terms of the Order.
8.2 If the parties agree to a Change Order, they must sign it and that Change Order will amend the Order.
9. Charges and payment
9.1 In consideration of the provision of the Services by the Supplier, the Customer must pay the Service Charges. The Customer will also pay any reasonable additional expenses incurred by the Supplier in performing the Services. The amount and nature of those expenses are to be advised to the Customer prior to those expenses being incurred.
9.2 The Supplier will invoice the Customer for the Service Charges at the times specified, or on the achievement of Milestones. If no times are specified, the Supplier will invoice the Customer at the end of each month for Services delivered during that month.
9.3 The Customer must pay each invoice submitted to it by the Supplier within 14 days of the date of invoice to a bank account nominated in writing by the Supplier from time to time.
9.4 The Supplier may increase any ongoing Service Charges on an annual basis with effect from each anniversary of the relevant Proposal / SoW in line with the percentage increase in the Consumer Price Index in the preceding 12-month period.
9.5 Except for any amounts in dispute under clause 9.8, Supplier will be entitled to charge interest on any amount due and not paid the Customer in accordance with clause 9.3 at the rate of 5% p.a. plus the then current published CBA Bank Bill Rate, calculated monthly. In addition, the Supplier is entitled to be reimbursed by the Customer for the full costs of recovery of overdue amounts on an indemnity basis.
9.6 Supplier reserves the right to charge a cost recovery fee in circumstances where services work is delayed, postponed or cancelled, by the Customer, with less than 5 business days’ notice, and it is not able to redeploy the scheduled consultants onto other billable engagements. If a Cost Recovery Rate is not specified in a Proposal or SoW, AUD $2,500 per-person, per-day or part thereof, will be the default charge, up to a maximum of 5 days.
9.7 Without limiting the Supplier’s rights to terminate or take other action under this agreement, if the Customer fails to pay any amount due in accordance with clause 9.3 which are not legitimately in dispute under clause 9.8, the Supplier may cease or suspend providing a Service and any credit facility to the Customer.
9.8 If the Customer disputes the whole or any portion of an invoice:
(a) the Customer will pay any amount in the invoice which is not in dispute;
(b) within 5 Business Days of receipt of the invoice, the Customer will notify the Supplier in writing of the reasons for disputing the remainder of the invoice; and
(c) within 5 Business Days of that notification, the parties must meet with a view to resolving the dispute.
9.9 All sums payable to the Supplier under this agreement:
(a) are exclusive of GST (unless expressly stated otherwise), and the Customer must in addition pay an amount equal to any GST chargeable on those sums on delivery of a GST invoice; and
(b) must be paid in full without any set-off, counterclaim, deduction or withholding (other than any deduction or withholding of tax as required by law).
10. Intellectual Property Rights
10.1 Each party retains ownership of all its pre-existing Intellectual Property Rights.
10.2 Unless the contrary is expressly set out in the relevant Order:
(a) the Supplier and its licensors will retain ownership of all Intellectual Property Rights in the Deliverables (except to the extent of any Customer Materials contained therein); however
(b) the Supplier grants to the Customer a non-exclusive, royalty-free licence during the term of this agreement to use the Deliverables for the sole purpose of receiving and using the Services.
11. Insurance
11.1 During the term of this agreement the Supplier will have and maintain the following insurances:
(a) Public Liability Insurance up to $20,000,000;
(b) Professional Indemnity Insurance up to $10,000,000; and
(c) Workers Compensation Insurance in accordance with applicable law.
12. Privacy
12.1 If the Supplier collects, holds, uses or discloses Personal Information in the course of or relating to this agreement, the Supplier must:
(a) handle all Personal Information in accordance with the Supplier’s privacy policy;
(b) only use Personal Information for the purpose of performing its obligations under this agreement; and
(c) not disclose Personal Information to any third party (including any subcontractor) without the Customer’s prior written consent or as required by law.
12.2 The Customer warrants that it:
(a) will not provide any Sensitive Information to the Supplier unless that information is necessary for the Supplier to perform its obligations under the agreement and then only with the Supplier’s specific written consent; and
(b) has:
(i) made all necessary notifications required by APP 5, on behalf of itself and the Supplier to; and
(ii) obtained all necessary consents required by APP 6 from,
the individuals whose Personal Information it is disclosing to the Supplier in the course of this agreement to enable to the Supplier to lawfully use the Personal Information and perform its obligations in accordance with this agreement.
12.3 If the Supplier becomes aware, or there are reasonable grounds to suspect, that a Data Incident has occurred, the Supplier must:
(a) immediately take reasonable steps to contain the Data Incident and prevent any further serious harm to affected individuals;
(b) immediately notify the Customer in writing stating the:
(i) nature and details of the Data Incident;
(ii) specific Personal Information affected; and
(iii) actions taken by the Supplier at clause 12.3(a);
(c) identify whether the Data Incident is an Eligible Data Breach by conducting a thorough investigation of the Data Incident within 20 days of becoming aware of the Data Incident (Data Breach Investigation);
(d) provide a copy of the report of the Data Breach Investigation in clause 12.3(a) to the Customer on completion;
(e) engage in discussions with the Customer regarding:
(i) the conduct and outcomes of the Data Breach Investigation; and
(ii) in the case of an Eligible Data Breach, whether the Customer or the Supplier will make the relevant notifications under the Privacy Act; and
(f) where it is agreed by the parties that the Supplier is making the relevant notifications, the Customer must approve the notifications before they are made (such approval to be given promptly and not to be unreasonably withheld).
12.4 The Customer:
(a) acknowledges that the Supplier is reliant on the Customer for direction as to the extent to which the Supplier is entitled to use Personal Information disclosed to it in the course of and for the purpose of this agreement;
(b) indemnifies the Supplier for any claim brought by any third party in connection with any act or omission by the Supplier in relation to a third party’s Personal Information to the extent that such act or omission resulted directly from the Customer’s instructions or the Customer’s breach of this agreement; and
(c) acknowledges that from time to time it may provide information to third parties in order to assess the Customer’s credit standing, credit history and financial capacity.
13. Confidentiality
13.1 Each party (Recipient) must keep secret and confidential and not disclose any information relating to another party or its business (which is or has been disclosed to the Recipient by the other party, its representatives or advisers) or the terms of this agreement, except:
(a) where the information is in the public domain as at the date of this agreement (or subsequently becomes in the public domain other than by breach of any obligation of confidentiality binding on the Recipient);
(b) if the Recipient is required to disclose the information by applicable law or the rules of any recognised securities exchange, provided that the Recipient has to the extent practicable having regard to those obligations and the required timing of the disclosure consulted with the provider of the information as to the form and content of the disclosure;
(c) where the disclosure is expressly permitted under this agreement;
(d) if disclosure is made to its officers, employees and professional advisers to the extent necessary to enable the Recipient to properly perform its obligations under this agreement or to conduct their business generally], in which case the Recipient must ensure that such persons keep the information secret and confidential and do not disclose the information to any other person;
(e) where the disclosure is required for use in legal proceedings regarding this agreement; or
(f) if the party to whom the information relates has consented in writing before the disclosure.
13.2 Each Recipient must ensure that its directors, officers, employees, agents, representatives and related bodies corporate comply in all respects with the Recipient’s obligations under this clause 13.
13.3 This clause 13 survives termination or expiry of this agreement.
13.4 The obligations of confidentiality in this clause 13 are not affected by the expiry or termination of this agreement.
14. Limitation of remedies and liability
14.1 Nothing in this agreement limits or excludes the Supplier’s liability:
(a) for death or personal injury; or
(b) for fraud or wilful misconduct by it or its employees.
14.2 Subject to clause 14.1, the Supplier excludes any liability to the Customer, whether in contract, tort (including negligence) or otherwise, for any special, indirect or consequential loss arising under or in connection with this agreement, including any loss of profits, loss of sales or business, loss of production, loss of agreements or contracts, loss of business opportunity, loss of anticipated savings, loss of or damage to goodwill, loss of reputation, loss of use or corruption of software, data or information.
14.3 In the event that the supply of any goods or services under this agreement constitutes a supply of goods or services to a consumer as defined in the Competition and Consumer Act 2010 (Cth), as amended or replaced, or relevant State or Territory legislation (“the Acts”), nothing contained in this agreement excludes, restricts or modifies any condition, warranty or other obligation where to do so is unlawful. Where permitted, the Supplier’s liability for breach of any such condition, warranty or other obligation, including any consequential loss which the Customer may sustain or incur, shall be limited to:
(a) In relation to goods:
i. the replacement of the goods or the supply of equivalent goods or payment of the cost of replacing the goods or acquiring equivalent goods; or
ii. the repair of the goods or payment of the cost of having the goods repaired;
(b) In relation to services:
i. the supplying of the services again; or
ii. the payment of the cost of having the services supplied again.
14.4 Subject to clause 14.1 and 14.3, the Supplier’s aggregate liability in respect of claims based on events in any calendar year arising out of or in connection with an Order under this agreement, whether in contract or tort (including negligence) or otherwise, will in no circumstances exceed 100% of the total charges payable by the Customer to the Supplier under that Order in that calendar year. While the Supplier will take all reasonable measures to preserve the Customer’s data to which the Supplier may have access to in the course of provision of the Services, the Supplier cannot accept any responsibility in the event that any data is corrupted or erased for any reason. The Customer accepts that it must maintain backup data in order to avoid any loss or damage arising from such corruption or erasure and will indemnify and hold the Supplier and its employees harmless from any claims, loss or damage arising as a result of failing to successful restore the Customer’s data.
14.5 The Supplier will not be liable in relation to any proceeding or claim which:
(a) was caused by any act or omission of the Customer or its employees or agents; or
(b) relates to actions of the Supplier which were expressly or impliedly authorised by the Customer, or by the Customer’s employees or agents.
15. Termination
15.1 Without affecting any other right or remedy available to it, either party may terminate this agreement with immediate effect by giving written notice to the other party if:
(a) the other party fails to pay any amount due under this agreement on the due date for payment and remains in default not less than seven days after being notified in writing to make such payment;
(b) the other party commits a material breach of any term of this agreement which breach is irremediable or (if such breach is remediable) fails to remedy that breach within a period of 14 days after being notified in writing to do so;
(c) the other party becomes, threatens or resolves to become or is in jeopardy of becoming subject to any form of insolvency, administration, receivership or liquidation.
On termination of this agreement under this clause 15:
(d) all existing Orders will terminate automatically;
(e) the Customer must immediately pay to the Supplier all of the Supplier’s outstanding unpaid invoices and interest and, in respect of the Services supplied but for which no invoice has been submitted, the Supplier may submit an invoice (including for Hardware and Software orders placed that cannot be cancelled by the Supplier in the ordinary course of business), which shall be payable in accordance with clause 9.3
(f) the Customer must, within a reasonable time, return all of the Supplier’s Equipment. If the Customer fails to do so, then the Supplier may enter the Customer’s premises and take possession of the Supplier’s Equipment. Until the Supplier’s Equipment has been returned or repossessed, the Customer shall be solely responsible for its safe keeping;
(g) the Supplier must on request return any of the Customer Materials not used up in the provision of the Services; and
(h) the following clauses will continue in force: clause 1 (Interpretation), clause 7 (Non-solicitation), clause 10 (Intellectual property rights), clause 13 (Confidentiality), clause 14 (Limitation of remedies and liability), this clause 15 (Termination), clause 20 (Waiver), clause 21 (Severability) and clause 26 (Governing law and jurisdiction).
16. Force Majeure
16.1 Neither party is in breach of this agreement or is liable to the other party for any loss incurred by that other party as a direct result of a party (Affected Party) failing or being prevented, hindered or delayed in the performance of its obligations under this agreement where such prevention, hindrance or delay results from events, circumstances or causes beyond the Affected Party’s reasonable control (Force Majeure Event).
16.2 The Affected Party will be entitled to a reasonable extension of time for performing its obligations under the agreement, however, the Affected Party must continue to use all reasonable endeavours to perform those obligations.
16.3 The performance of the affected obligations must be resumed as soon as practicable after such Force Majeure Event is removed or has ceased.
17. Assignment and subcontracting
17.1 Neither party may assign any right arising out of this agreement, or novate the agreement, without the other party’s prior written consent, which must not be unreasonably withheld. The Supplier may subcontract any of its obligations under this agreement and remains responsible for performance of the Services under this agreement.
18. Variation
18.1 An amendment or variation of any term of this agreement must be in writing and signed by each party.
19. Modern Slavery
19.1 In this clause 19: Guiding Principles on Business and Human Rights means the United Nations’ Guiding Principles on Business and Human Rights: Implementing the United Nations “Protect, Respect and Remedy” Framework available here; and
19.2 Modern Slavery has the same meaning as it has in the Modern Slavery Act 2018 (Cth).
19.3 The Supplier must take reasonable steps to identify, assess and address risks of Modern Slavery practices in the operations and supply chains used in the provision of the Service.
19.4 If at any time the Supplier becomes aware of Modern Slavery practices in the operations and supply chains used in the performance of the Services, the Supplier must as soon as reasonably practicable take all reasonable action to address or remove these practices, including where relevant by addressing any practices of other entities in its supply chains.
20. Waiver
20.1 No party may rely on the words or conduct of any other party as being a waiver of any right, power or remedy arising under or in connection with this agreement unless the other party or parties expressly grant a waiver of the right, power or remedy. Any waiver must be in writing, signed by the party granting the waiver and is only effective to the extent set out in that waiver.
21. Severability
21.1 If the whole or any part of a provision of this agreement is or becomes invalid or unenforceable under the law of any jurisdiction, it is severed in that jurisdiction to the extent that it is invalid or unenforceable and whether it is in severable terms or not.
22. Entire agreement
22.1 This agreement states all the express terms agreed by the parties about its subject matter. It supersedes all prior agreements, understandings, negotiations, proposals and discussions in respect of its subject matter.
23. Relationship of the parties
23.1 Nothing in this agreement gives a party authority to bind any other party in any way or imposes any fiduciary duties on a party in relation to any other party.
24. Notices
24.1 All notices under this agreement must be in writing
24.2 A notice will be taken to be received:
(a) If hand delivered, on delivery; or
(b) If sent by email, on receipt of a non-automated reply or other form of communication confirming or indicating that the notice has been received.
25. Counterparts
25.1 This agreement may be executed in any number of counterparts.
26. Governing law and jurisdiction
26.1 This agreement is governed by the law in force in New South Wales, Australia.
26.2 Each party irrevocably submits to the exclusive jurisdiction of courts exercising jurisdiction in New South Wales and courts of appeal from them in respect of any proceedings arising out of or in connection with this agreement.
The following additional terms and conditions contained in this Schedule 1 apply to the provision of Services only where the Customer is acquiring Offensive Security, Penetration Testing, or Red Teaming Services or Incident Response Services (as defined below or referred to in any relevant Proposal/SoW).
- Where Supplier is providing services designed to test security of the Customer’s environment (including Penetration Testing), the Customer acknowledges that the nature of the Services is such that the Supplier will actively attempt to breach security controls in order to obtain access to the Customer systems and data and that such attempts might otherwise amount to criminal activity. Customer specifically consent to Supplier attempting to gain such access to systems and data (except for any systems or data specifically referred to as out of scope) and that if Supplier activities are identified by Customer staff and reported to any external body (including law enforcement agencies) Customer will promptly confirm to that external body that the Supplier is acting in an authorised manner.
- The Customer acknowledges that security testing is inherently risky due to potential frailties of networks and their reaction to unknown variables and that intrusion testing will largely take place over open public networks, and that a risk exists of information being accidentally disclosed to third parties.
- The Customer acknowledge that Services and Deliverables designed by the Supplier to test the security of the Customer’s environment have the potential to cause damage. The Customer shall defend, indemnify and hold the Supplier harmless from any claim, suit, damages and expenses (including, but not limited to, legal costs) arising out of (i) the misuse of the Services or Deliverables (other than by the Supplier); (ii) deploying the Services or Deliverables in accordance with the Customer’s instructions (iii) Customer’s failure to comply with applicable laws, rules, and/or regulations regarding use of the Services and Deliverables; or (iv) any negligent act or omission by the Customer in relation to the Services or Deliverables. This includes indemnifying the Supplier for any loss we suffer arising out of the above including damage to reputation.
- The Customer acknowledges and agrees that despite any other clause of this Agreement, where the Supplier is engaged to respond to an actual or potential breach of its IT security (Incident Response Services) it will conduct the services on a best efforts basis but in no circumstances will the Supplier be liable for any damage arising from its acts or omissions other than as a result of its fraudulent or unlawful activity.
- The Supplier will provide the Services referred to in this Schedule using appropriate skills, training and tools, however, the Customer acknowledges that the provision of the Services does not guarantee or represent in any way that: a. all threats will be identified; b. all damage will be prevented; or c. all responses will be effective.
The following additional terms and conditions contained in this Schedule 2 apply to the provision of Services only where the Customer is purchasing or licencing Software.
Software Vendor Terms
- Licensing of the Software (and ongoing support if included) will be subject to the Customer entering into an agreement directly with the owner, or licensee of the Software (Software Vendor) which relates to the Customer’s use of the Software (Software Vendor Terms). A Software Vendor Terms may be provided separately or be included as click through terms on use of the Software. The Customer agrees that as a condition of accepting the Software it will enter into the Software Vendor Terms with the Software Vendor and failure to do so could result in the Customer being unable to use the Software in which case the Customer will still be liable for the licence fees set out in the relevant Quote, Proposal or SoW.
- The Customer agrees that, to the extent permitted by law and without limiting the Customer’s rights against the Supplier, if it has a claim in respect of the Software under a Software Vendor Terms or otherwise as available at law (including the Competition and Consumer Act 2010 (Cth) if applicable) it will, along with any redress it chooses to seek, pursue that claim against the Software Vendor.
- A failure of the Customer to comply with its obligations under the Software Vendor Terms is grounds for the Supplier to suspend, or if irreparable, terminate the licence. In this event the Customer will remain liable for the licence fees as set out in the relevant Quote, Proposal or SoW.
- In no circumstances (other than as prescribed by law) will the Supplier be liable for any amount or provide any warranties in relation to the Software and its use that exceed the liability accepted and warranties provided by the Software Vendors in the Software Vendor Terms.
- The Supplier reserves the right to increase licence charges for Software after the initial term. This includes passing on incremental increases proportionate to increased pricing from Vendors.
- In the event that a Software Vendor conducts an audit of your use of the software and reasonably establishes that your use of the software exceeded the licence volume during any period you will be liable to promptly pay for that use. Despite anything to the contrary this clause survives termination of the agreement.
- The Software Vendor Terms will set out the scope of the licence and acceptable use of the Software. The Supplier provides the Software licence consistent with the scope and acceptable use constraints as contained in the Software Vendor Terms.
The following additional terms and conditions contained in this Schedule 3 apply to the provision of Services only where the Customer is purchasing Hardware.
Delivery
- Deliveries shall be made during normal working hours and at the cost and risk of the Customer.
- The act of receiving the Hardware onto the Customer premises will constitute acceptance of the Hardware by the Customer. In the event the Customer or the Customer’s agent is not on site to accept the delivery, then the driver’s signature denoting the time, date & place of delivery, shall be deemed to be acceptance of the said delivery by the Customer.
- The Customer acknowledges that Hardware delivered to a courier is outside the Supplier’s control and the Supplier will not be liable for any loss, damage, delay or non‐delivery of Hardware contributed to by a third party, to the extent permitted by law.
Ownership and Possession
- Notwithstanding the delivery of any Hardware, the Hardware remains the sole and absolute property of the Supplier as full legal and equitable owner until such time as the Customer has paid the Supplier the full purchase price of the Hardware. Risk in all Hardware purchases passes to the Customer on delivery.
- The Customer acknowledges that it receives possession of and holds Hardware delivered by the Supplier solely as bailee for the Supplier until such time as the full price for those Hardware has been paid to the Supplier. Until such time as the Customer becomes the owner of the Hardware, it must:
- Store them on the premises separately;
- Ensure that the Hardware are kept in good and serviceable condition;
iii. Secure the Hardware from risk, damage and theft; and
- Keep the Hardware fully insured against such risks that are usual or common to insure against in a business of a similar nature to that of the Customer.
- Should the Customer stop payment or call a meeting of its creditors or become insolvent or subject to the bankruptcy law or being a company calls a meeting for the purpose of or to go into liquidation or have a winding-‐up petition presented against it or has a receiver or administrator appointed, the Supplier may at its option notwithstanding its waiver of such default or failure and without prejudice to its other rights under this agreement suspend or cancel this agreement or require payment in cash before or on delivery or tender of Hardware or documents notwithstanding terms of payment previously specified or may, subject to the law, repossess and take over the Hardware and dispose of the same in its own interest without prejudice to any claim it may have for damages for any loss resulting from such resale.
- If the Customer does not pay for any Hardware on the due date then the Supplier is hereby irrevocably authorised by the Customer to enter the Customer’s premises (or any premises under the control of the Customer or as agent of the Customer in which the Hardware are stored at such premises) and use reasonable force to take possession of the Hardware without liability for the tort of trespass, negligence or payment of any compensation to the Customer whatsoever.
- On retaking possession of the Hardware the Supplier may elect to refund to the Customer any part payment that may have been made and to credit the Customer’s account with the value of the Hardware less any charge for recover of the Hardware, or to resell the Hardware.
Security and PPSA
- For the purposes of this clause, “PPSA” means the Personal Property Securities Act 2009 (Cth) as amended from time to time. Where a particular section or term from the PPSA is used in this agreement, it is deemed to be that section or term as defined or used in the PPSA as amended, renumbered or replaced from time to time.
- The Customer acknowledges and agrees that this agreement constitutes a security agreement in relation to the Supplier’s security interest in all present and after-‐acquired Hardware for the purposes of the PPSA. The Customer agrees to grant a “Purchase Money Security Interest” to the Supplier.
- For the avoidance of doubt, the Customer acknowledges and agrees that it grants to the Supplier a security interest in all Hardware supplied by the Supplier to the Customer (whether now or in the future) and in any proceeds from the sale of those Hardware.
- To the extent permitted by law, the following provisions of the PPSA do not apply, and for the purposes of section 115 of the PPSA are contracted out of this agreement:
- sections 95 (notice of removal of accession), to the extent that it requires the Supplier to give a notice to the Customer, 96 (retain of accession) and 125 (obligation to dispose of or retain collateral);
- section 130 (notice of disposal), to the extent that it requires the Supplier to give a notice to the Customer;
iii. section 132(3)(d) (contents of statement of account after disposal);
- section 132(4) (statement of account if no disposal);
- section 135 (notice of retention);
- section 142 (redemption of collateral); and
vii. section 143 (reinstatement of security agreement).
- For the purposes of section 14(6) of the PPSA, the Customer (and the Supplier) agree that any payments received from the Customer by the Supplier pursuant to or in any way connected with this agreement, will be applied in such order as the Supplier deems fit in its absolute discretion.
- The Customer consents to:
- execute any other document or instrument required to give effect to the security interests created by this agreement; and
- the registration with the relevant authority or public register of any security interest created by this agreement or any other document required to give effect to a security interest created by this agreement, including without limitation the registration of a financing statement or financing change statement on the Personal Property Securities Register.
- The Customer must pay all costs of and incidental to the preparation, execution and registration of any instrument which is executed for the purposes of giving effect to this clause and must also pay all costs incidental to the withdrawal, discharge or release of such instrument.
- To the extent permissible at law, the Customer waives its right to receive notification of or a copy of any Verification Statement confirming registration of a Financing Statement or a Financing Change Statement relation to a Security Interest granted by the Customer, as Grantor to the Supplier.
Returns
- Returns on Hardware can only be accepted if authorised in writing by the Supplier (which may be given, given with conditions, or withheld in the absolute discretion of the Supplier), and the Hardware are in the same condition as delivered and within 14 days of delivery. The Supplier reserves the right to charge the Customer for any costs or losses incurred by the Supplier, in addition to any amounts charged by the third-party manufacturer or distributer of the Hardware.
Hardware Pricing
- The price of any Hardware is quoted EXW (Incoterms 2010) from the Supplier’s premises.
Installation of Hardware
- The Supplier will only be responsible for the installation of the Hardware where specified in an Order. Acceptance of the Hardware will not be contingent on installation unless explicitly set out in the terms of the Quote, Proposal or SoW and liability for payment for the Hardware will arise on delivery.
- Pricing and details of installation will be set out in the Order.
- Where Supplier personnel are required to attend the Customer’s premise to conduct the installation the Customer will ensure a safe working environment and indemnify the Supplier and its personnel for any injury or loss arising on the Customer’s premises.
Manufacturer’s terms
- Provision of the Hardware and ongoing maintenance and support (if included) may be provided on the basis of the Customer accepting end user terms directly with the Hardware manufacturer (Manufacturer). The Customer agrees that as a condition of accepting the Hardware it will enter into end user terms if provided and failure to do so could result in a failure to complete the sale and a return of goods in accordance with the above.
- The Customer agrees that, to the extent permitted by law and without limiting the Customer’s rights against the Supplier, if it has a claim in respect of the Hardware under any end user agreement or otherwise as available at law (including the Competition and Consumer Act 2010 (Cth) if applicable) it will, along with any redress it chooses to seek, pursue that claim against the Manufacturer.
The following additional terms and conditions contained in this Schedule 4 apply to the provision of Services only where the Customer is acquiring Team Augmentation under a Quote, Proposal or SoW.
For the purpose of this Schedule we, us, our is a reference to the Supplier and you, your is a reference to the Customer.
Relationships
- Whilst on an assignment, our consultant/s (Consultants) will be under your day-to-day control, and you will be responsible for their supervision.
- We reserve all other rights to control the employment or other contract relationship with our Consultants.
- If you are not satisfied with one of our Consultants and want a replacement, you will:
(a) speak to us directly about replacement of our Consultant; and
(b) not communicate anything to our Consultant indicating that their on-hire assignment will be cancelled, or words to that effect.
- If you are not satisfied with one of our Consultants, but do not want our Consultant replaced, you may speak to our Consultant in order to give any reasonable instruction, provided that you contact us as soon as reasonably practicable to discuss the matter.
Our Charges
- Consultant’s work attendance records will be emailed to you, as set out in the Order, every week through our work attendance software. You agree to ensure the approver/s respond to the previous weeks work attendance records by 5pm every Monday.
- You agree that you and your servants and agents will not disclose to the Consultant any information regarding the rates paid by you to us for the services of the Consultant, unless unavoidable in the course of the assignment.
Invoicing and Charges
- We may withdraw the services of the Consultant immediately if payment is not made within payment terms specified in the Order. Any additional costs incurred by us and/or our agents in securing payment will be charged and invoiced to you and you agree to pay any such invoice received from us in accordance.
- In addition to sums due to us in respect of invoices rendered for work carried out by the Consultant, you will pay to us all reasonable expenses incurred by the Consultant in carrying out the work for you provided that any such expenses have been authorised by you through our work attendance software, or in writing.
- In the event of the Consultant’s place of work being changed during the term of this Agreement and/or if any work is to be performed by the Consultant outside Australia, we reserve the right to alter the charges payable by you and to recover from you any additional costs including, but without limitation, the reasonable travel and accommodation costs associated with the Consultant working outside Australia.
General matters and other responsibilities
- You will:
- provide us with full and accurate information about the job requirements relevant to the assignment by means of an assignment description;
- provide the Consultant with a suitable place for the Consultant to carry out his or her work that is comparable to and of a similar standard to that provided by you for your permanent staff;
- not allocate tasks or responsibilities to our Consultants or require our Consultants to perform or participate in work, other than in accordance with the relevant assignment description;
- not request our Consultants to perform or participate in any work or use any equipment with which our Consultants, or their employees or agents, are unfamiliar or in respect of which they are unqualified or have not received adequate training;
- comply with your obligations to our Consultants pursuant to relevant legislation, including legislation relating to workplace or occupational health and safety, discrimination and harassment.
- maintain a safe work environment and safe systems of work; establish safe work practices; communicate safe work procedures to each of our Consultants; comply with safety standards; maintain plant and equipment; and provide site-specific induction, training and safety consumables to our Consultants where appropriate;
- inform our Consultants and us promptly of any unusual workplace risk or practice or of any change in site or safety conditions that may present a hazard to our Consultants.
- comply with our reasonable requests to ensure the workplace health and safety of our Consultants and to promptly rectify any deficiency in the provision of a safe work environment or safe systems of work, that in our reasonable opinion would pose a threat to the safety of one of our Consultants or to any other person who may attend a place at which work is or may be performed by one of our Consultants under the assignment;
- notify us immediately of any event that may give rise to a claim under any insurance policy, statutory indemnity or self-insurance arrangement that relates to our Consultants whether such policy, indemnity or arrangement is held or established by you or by us;
- report to us any performance issues in relation to our Consultants in a written format, so that we can manage the feedback process with our Consultants;
- forward to us promptly a written notification of any workplace incident that may give rise to a claim by, against or involving our Consultants; and
- abide by all federal and state laws that cast upon you any obligation to do, or refrain from doing, anything, or to make or pay any payment, deduction, premium, levy, allowance, compensation, damages, interest or costs in respect of or in connection with the engagement of our Consultants.
Our responsibilities
- We are responsible for the following in relation to our Consultants whilst on assignment with you:
- The provision of industry specific Workplace Health & Safety training to ensure our Consultants have the means to identify and take action in an unsafe work situation;
- Establish and maintain communication methods for our Consultants to contact us if they consider that there is a risk to their health or safety;
- the payment of all amounts due to our Consultants under the terms of any relevant industrial instruments or contracts;
- if our Consultant is an employee, the payment of leave entitlements (if any), including but not limited to annual leave, sick leave, parental leave and long service leave;
- subject to the Assignment Details, the deduction and/or remittance of all appropriate Federal and State taxes, including but not limited to income tax, fringe benefits tax and payroll tax, as may be required by law;
- workers’ compensation under applicable legislation in the relevant jurisdiction, unless the legislation casts that responsibility on you;
- the payment of an amount as superannuation into a superannuation fund to avoid the imposition of any charge as may be required by law; and
- such other matters or things as may be negotiated between you and us and as are set out in the Order.
Exclusions and Indemnity
- Where they are acting under your direction we make no representation or guarantee that any of our Consultants will achieve a certain level of performance, achieve a certain outcome, solve a particular problem or attain a specific goal.
- Our Consultants may refuse work if it reasonably appears that the working environment is or has become unsafe for any reason, including but not limited to you:
- having not established safe work procedures;
- not complying with safety standards;
- not maintaining plant and equipment; or
- not complying with any relevant health or safety legislation or regulations;
- If you terminate an assignment other than for our material breach, you agree that you will indemnify us for any liability, damages, compensation, expenses, or costs that we may incur as a result of any proceedings which may be commenced or claims that may be made by one of our Consultants arising out of, or in any way related to the termination of the assignment.
Intellectual Property
- We assign the rights to any intellectual property developed by the Consultant in the course of carrying out the Assignment to you.
- We reserve the exclusive right to any pre-existing methods, techniques and processes, utilised or owned by us. These will remain our property at all times. You will maintain the confidentiality of all of our methods, techniques and processes given to you or communicated to you by us or by the Consultant and will not communicate or give any such information to any third party without our prior written consent.
The following additional terms and conditions contained in this Schedule 5 apply to the provision of Services only where the Customer is purchasing Managed Security Services under a Proposal / SoW.
Managed Security Services
- Supplier provides various forms of Information Technology security services from a Supplier operated Threat Response Intelligence and Operations Centre (TRIO), to an additional Managed Detection and Response service operated in conjunction with a specialist security vendor (MDR) to security services that involve using and managing Customer licenced security software (Customer BYO licencing). Collectively and individually these Services are Managed Security Services for the purpose of this Schedule.
- Managed Security Services incorporate other Services including Software and Offensive Security Services. The Schedules to this agreement that relate to those Services apply to those elements of the Managed Security Services.
Security Services
- Supplier will provide the Managed Security Services using appropriate skills, training and tools and will endeavour to ensure continual improvement of the Services, however, the Customer acknowledges that the provision of the Managed Security Services does not guarantee or represent in any way that:
- all threats will be identified
- all damage will be prevented
- all responses will be effective.
Customer environment
- The Customer will:
- provide the Supplier with all accesses and rights in respect to the Customers IT environment and architecture to enable the Supplier to perform the services including where necessary the necessary rights under third party licences to access and use Customer software and equipment on the Customer’s behalf;
- indemnify and hold the Supplier, its employees and related parties harmless against any claims or damages arising as a result of the Supplier’s use and access to the Customer’s IT environment or third-party software provided by the Customer;
- promptly notify the Supplier about any changes proposed or made to the Customer IT environment and architecture which may affect any aspect of the Services;
- make all reasonably requested changes required by the Supplier to the Customers IT environment to enable the proper performance of the Services; and
- ensure that it provides the Supplier with up to date contact information to allow Customer contact for all security notifications to the Customer.
Software Vendor Terms
- In providing the Managed Security Services the Customer may be required to enter into Software Vendor Terms directly with the Software Vendor (as defined in the Software Schedule 2 above). In no circumstances (other than as prescribed by law) will the Supplier be liable for any amount or provide any warranties in relation to the Software and its use as part of the Managed Security Services that exceed the liability accepted and warranties provided by the Software Vendors in the Software Vendor Terms.
Integration with ITSM
- The Supplier’s integration with the Customer’s IT Service Management platform (ITSM) requires information and access including configuration and resolver group information to be provided to the Supplier.
- Where integration with the Customer ITSM platform is not possible alternative notification processes will be established to provide notifications to the Customer which may involve email or other methods determined by the Supplier.