Search
Login or Sign up
SpectraCare Effective Date June 1, 2026
Master Certification Services Agreement and Limited Performance Warranty:
Service Schedule
Firewall/DDoS | Endpoint Protection | Business Email Compromise | Backup | Managed Detection and Response |Disaster Recovery
SpectraCare Prior to June 1, 2026

Master Certification Services Agreement and Limited Performance Warranty

This Master Certification Services Agreement and Limited Service Performance Warranty (the “Agreement”) states the terms, limitations and conditions upon which Spectra Cyber Group Ltd. (DBA Spectra), a Delaware Corporation (or one of its affiliates named in the applicable SCRF) (the “Company”), will provide its third-party Certification of Resilience Services and warrant such certification to the customer specified in the online Service Certification Request Form (“SCRF”) (the “Customer”).  This Agreement applies with respect to the cyber security threat(s) (the “Included Threats”) listed in the Schedule of Services (the “Service Schedule”) for which the Certified Managed Service Provider (the “CMSP”) specified in the SCRF is providing cyber protective services (the “Services”) to the Customer.

The CMSP, is an authorized reseller of the Company’s Certification of Resilience, but the certification and related warranty (the “CR”) are made by the Company directly to the Customer. The cost of the CR is included in the billing by the CMSP, as reseller, to the Customer, but that certification and warranty are the direct responsibility of the Company, not the CMSP. 

The Certification Process

In order to obtain CR, including the applicable warranty, the CMSP must register the Customer and upload the SCRF and all required and requested information and, as to each Included Threat, applicable documentation as to the Customer and the Service implementation. The Customer must confirm the SCRF registration online and click that it accepts the terms of this Agreement. Once the form is complete the Company will review the information and undertake the certification process.  If additional Included Threats are thereafter added to the Services, the process must be reconfirmed as to the added Included Threats. 

Normally, if all of the necessary information and documentation is provided, the CR will be issued within 3 days. If there are any deficiencies, the Company will provide the CMSP with a list of such deficiencies and, when advised by the CMSP that remediation has occurred, will undertake an additional certification review.  

Once approved, the Customer will receive an electronic registration code at the contact email address specified in the SCRF, confirming the issuance of the CR. The warranty will become effective upon the Activation Date. Until the warranty is effective, the Company will have no liability to make any payments under its warranty.

Warranty Duration

Company will monitor the CMSP’s performance of the Services in accordance with its policies and procedures and reserves the right to request updated information/documentation from the Customer and CMSP, related to the Service, at any time.  If, at any time, the information provided indicates that the service is not being performed by the CMSP in according to certification standards, or the CMSP is in violation of its agreement(s) with the Company (including non-payment) for its certification services, the Company may give the Customer and CMSP notice of suspension of the certification/warranty renewal.  In such event, effective upon 30 days after issuance of the notice of suspension, unless the issue(s) identified in the notification is/are resolved in accordance with the certification standard to Company’s satisfaction prior to the suspension date, the certification and warranty will automatically be terminated as of the suspension effective date until such time as recertification is granted.  Recertification will not cover any failure that was in any way related, in whole or in part, to technical incidents discovered or actions taken by threat actors during the period between the suspension and recertification.

The warranty will automatically terminate if the Customer discontinues the Service from the CMSP or Customer breaches or terminates this Agreement or its agreement for the Service with the CMSP. The warranty will be suspended during any period when the Customer fails to implement or allow/facilitate implementation of any important or critical aspect of the Service (including patches and upgrades) in accordance with the recommendations of the CMSP. In the event that the fee for the CR is not paid within 10 days written notice to the CMSP (not the Customer), the CR and related warranty will be suspended immediately upon notice to the Customer of such non-payment until such time as the payment is received and the suspension is lifted.

Limited Warranty

Subject to the terms and conditions below, once the certification is issued, the Company warrants that the Service shall perform upon the occurrence of a Covered Event in accordance with the Performance Metric specified in the Service Level Specification (“SLS”) referenced in the Service Schedule with respect to each Included Threat.  If there is any failure of the Performance Metric due to a Covered Event, other than a failure attributable to one or more Excluded Causes, Company will pay an amount equal to the Warranty Amount as stated in the Service Schedule.

Notice of Claim.  In order to obtain the warranty payment, Customer must report the service outage within 10 business days in accordance with the Company’s procedures.  The warranty amount is only payable to the extent that (i) the eligible Service did not perform in accordance with the Performance Metric when the Service was invoked due to a Covered Event; (ii) the Customer makes a written request for the warranty amount in accordance with the CMSP procedures for incident reporting as defined in the Service agreement, supplying necessary specifics of the outage/failure; and (iii) logs or other computer forensic evidence is made available within 30 days of the service outage/failure to confirm the service outage/failure and that it was not the result of an Excluded Cause. 

Payment.  Any warranty payment will be made by the Company directly to the Customer within 30 days of the final submission of all necessary information and evidence.  If a claim arises out of a Covered Event that is later determined (i) to be inconsistent with the definition of such Covered Event, or (ii) relates to any Excluded Cause, Customer will reimburse the Company in full for all warranty payments.

Limitation of Liability as other Non-warranty aspects of the Service.  For all aspects of the Service that do not directly relate to Performance Metric, the Customer’s remedy will be limited to whatever remedy is available under its agreement with the CMSP.  Company shall have no liability whatsoever, directly or indirectly, for any such failure or fault. 

This is a LIMITED warranty. Except and unless expressly set out in this section, ALL WARRANTIES, CONDITIONS AND OTHER TERMS IMPLIED BY STATUTE OR COMMON LAW ARE, TO THE FULLEST EXTENT PERMITTED BY LAW, EXCLUDED FROM THIS AGREEMENT, INCLUDING, WITHOUT LIMITATION, ANY WARRANTY OF FITNESS FOR A PARTICULAR PURPOSE OR MERCHANTABILITY. Without limiting the generality of the foregoing, under no circumstances whatsoever shall Company be liable for any: (i) misrepresentation (other than fraudulent misrepresentation); (ii) loss of profits; (iii) loss of business; (iv) depletion of goodwill and similar losses; (v) loss of goods or property; (vi) loss or corruption of data; (vii) loss of contract, business or business opportunity (whether direct or indirect); (viii) loss of use (whether direct or indirect); (ix) special, indirect or consequential loss or damage suffered by the Customer or CMSP in connection with this Agreement; (x) personal or bodily injury or death; or (xi) fraud or criminal conduct by one of the Company’s employees or agents. The limitations on potential liabilities as stated herein are an essential element in setting consideration under the agreements between the Company and Customer. Because the warranty only applies the Services effectiveness in addressing and Included Threat, it should not viewed a substitute for adequate insurance.  If Customer wishes or requires first or third-party loss protection broader in scope or in higher amounts than provided for by the limited warranty provided hereby, Customer should take out and maintain an adequate business interruption/cyber liability/crime insurance policy and comply with the applicable terms and conditions of such policy. This Agreement and the warranty hereunder constitute the entire agreement between the Company and the Customer concerning the Service and it supersedes any prior or concurrent proposals, agreements, understandings, or other communications between the parties, oral or written, regarding such subject matter. 

Applicable Law, Jurisdiction, Venue and Service of Process

Applicable law.  The Parties agree that any dispute related to the formation, enforceability, performance, breach or termination of this Agreement shall be governed by the internal laws of the Jurisdiction stated in the Service Schedule (the applicable “Jurisdiction”), without regard to conflicts of law.

Jurisdiction and venue.  To the fullest extent allowed, each party hereby agrees to submit to the exclusive in personam and subject matter jurisdiction of the Courts and other legal tribunals seated in the venue location stated in Service Schedule and the parties agree to waive any objection they may have to the venue of such courts, including any claims of inconvenient forum.  

Service.  In the event of any such dispute, the parties agree that legal process may be served by a recognized international courier service with copies by email to the service email address and email address stated at the end of this agreement as the same may be amended from time to time by written notice.

Limited Data Sharing 

In order to provide this warranty, from time-to-time the Company and the CMSP may need to share information with respect to Customer’s systems, equipment and historic performance, failure and claims Information to obtain or maintain certifications or for the receipt of insurance or insurance benefits related to the warranty. Such collection and use is hereby authorized. Whenever reasonably possible, Customer data will be anonymized.

No Personally Identifiable Information (PII) or Personal Data (as defined under applicable data protection laws) shall be shared, processed, or stored under this Agreement, beyond basic business contact information. If PII is inadvertently disclosed, both Parties agree to notify each other and the receiving part to take reasonable steps to remove this data and mitigate any associated risks.

Solely to the extent that “Personal Data” or “Personal Identifiable Information” (“PII”), as those terms are used in the law, is subject to protection special under the laws the applicable Jurisdiction, the additional terms of the Privacy Rider (if any) applicable to that Jurisdiction (in Schedule 1), shall govern, but said provisions may be subject to amendment, by notice, without any additional consideration, whenever the Company believes such amendment is necessary or desirable in order to address changes in the law or relevant technology. 

Definitions applicable to the Warranty

To the extent used in this Agreement, including the Service Schedule and the referenced SLS capitalized terms shall have the following meanings:

Activation Date means the date at which a Certification of Resilience has been issued by the Company to the Customer under the terms of a Certification Agreement, at which point the related Warranty becomes effective.

Business Email Account means an email account maintained or supported by the CMSP and covered by the Service.  Both the domain and the specific user account must be registered and covered by the Service for the account to constitute a covered Business Email Account.  Attachments to emails will be considered part of the email only while they remain attached to the email.

Cyber Operation means the use of a computer system by, at the direction of, or under the control of a State to: (i) disrupt, deny access to or, degrade functionality of a computer system, and/or (ii) copy, remove, manipulate, deny access to or destroy information in a computer system.

Communicable Disease means any disease which can be transmitted by means of any substance or agent from any organism to another organism where: 

  • the substance or agent includes, but is not limited to, a virus, bacterium, parasite or other organism or any variation thereof, whether deemed living or not; and 

  • the method of transmission, whether direct or indirect, includes but is not limited to, airborne transmission, bodily fluid transmission, transmission from or to any surface or object, solid, liquid or gas or between organisms; and 

  • the disease, substance or agent can cause or threaten damage to human health or human welfare or can cause or threaten damage to, deterioration of, loss of value of, marketability of or loss of use of property.

Covered Event means is defined separately as to each Included Threat in the applicable SLS. 

Computer System means any computer, hardware, software, communications system, electronic device (including but not limited to, smart phone, laptop, tablet, wearable device), server, cloud infrastructure or microcontroller including any similar system or any configuration of the aforementioned and including any associated input, output, data storage device, networking equipment or back up facility. 

Currency means the fiat currency stated in Service Schedule and any amounts stated in this Agreement shall be interpreted as being in such currency. To the extent the Warranty Amount may be stated in some other currency it shall be converted to the Currency based on recognized international exchange rates as of the date of this Agreement.

Customer Network means any Computer System that is intended to be protected by a Service based on the Service design and representations with respect thereto. 

Endpoint means a Customer-owned or leased computer (laptop or desktop), server or storage device (or a protected partition thereof) that is enrolled and covered by the Service, but does not include cellular or satellite phones, portable tablets, communications equipment (including routers and switches) or printers, scanners or other I/O devices. 

Essential Service means a service that is essential for the maintenance of vital functions of a state including but not limited to, financial institutions and associated financial market infrastructure, health services or utility services. 

Excluded Cause means any service failure, resulting or arising, directly or indirectly, in whole or in part, from, or otherwise materially contributed to any of the following: (1) with respect to the CMSP’s delivery of the Service, (a) any natural disasters/a force majeure, (b) War, (c) a Cyber Operation that is carried out as part of a War, or the immediate preparation for a War, (d) a Cyber Operation that causes a State to become an Impacted State, (e), invasion, acts of foreign enemies, hostilities or war-like operations (whether war be declared or not), (f) civil war, rebellion, revolution, insurrection, civil commotion, military or usurped power (g) strike, riot, vandalism, malicious mischief and/or (h) any total or partial interruption or reduction in performance or use of power, heating, lighting, water, electricity, utility, internet or any other telecommunication including cable or satellite; (2) radioactive, toxic, explosive or other hazardous or contaminating properties of any radioactive matter or any nuclear installation, reactor or other nuclear assembly or nuclear component thereof, including any weapon or device employing atomic or nuclear fission and/or fusion or other like reaction or radioactive force or matter or any chemical, biological, bio-chemical or electromagnetic weapon or any Communicable Disease or the fear or threat (whether actual or perceived) of a Communicable Disease; (3) any failure or outage which Company determines (i) has occurred as a result of the acts or omissions of Customer or Customer’s agents, contractors, or vendors, or anyone gaining access to the Company’s network or Customer’s network by means of the Customer’s passwords or equipment (or the passwords or equipment of the Customer’s employees, agents, contractors, or vendors),whether or not authorized; or (ii) is attributable to Customer’s content, including but not limited to software, or applications on websites; (4) events that took place before the issuance of the Certification or occurred after the expiry or termination of such; (5) failure that is (i) a result of compliance with applicable law, governmental order or court decree or (ii) due to non-compliance with the applicable law by Customer; (6) failure of equipment or software other than CMSP Managed Equipment; (7) a Service Window; or (8) any breach of the agreement between the CMSP and the Customer by the Customer. 

Impacted State means any state where a cyber operation has a major detrimental impact on: (i) the functioning of that state due to disruption to the availability, integrity, or delivery of an essential service in that state, and/or (ii) the security or defence of that state. 

Managed Equipment means all and any equipment operated by CMSP in connection with the Services

Performance Metric is defined separately as to each Included Threat in the applicable SLS. 

Ransomware means software or firmware introduced to customer equipment or cloud resources that performs an unauthorized process that will have adverse impact on the confidentiality, integrity, or availability of an information system where the purpose is to induce the Customer to pay anything of value or do or refrain from doing any act that it is lawfully entitled and otherwise would be able to do but for the unauthorized process initiated by the software or firmware in exchange for the threat actor removing or suspending the action of the software or firmware.

Service Window means failures or outages related to (i) regularly scheduled maintenance or (ii) installation of network or service upgrades in accordance with the CMSP’s regular policies and procedures with respect to such activities. 

State means sovereign country or political subdivision thereof, such as a Provence, territory, autonomous region or a State of the United States or other nation that has political subdivisions called states. 

Suspicious Activity means log-on attempts from unknown machines or unfamiliar locations (or from disparate locations in an unreasonably close periods), log-on attempts from locations known to be sites for malicious actors, sending large volumes of duplicative emails (i.e., to spam or phish via the Business Email Account) or the attempted exfiltration of substantial volumes of data from the Business Email Account, provided that to the extent that the services agreement between the CMSP and Customer provides the Customer with the opportunity to allow one or more Suspicious Activity and the Customer elects to allow the Suspicious Activity then such activity will not be deemed a Suspicious Activity.

War means armed conflict involving physical force: (i) by a state against another state, or (ii) as part of a civil war, rebellion, revolution, insurrection, military action, or usurpation of power, in either event whether war be declared or not.

This Agreement will be deemed formed upon its electronic approval by the Customer and acceptance by the Company via the issuance of a confirmatory acknowledgement email.

|

Service Schedule (United States)

CMSP:_________________________________

Customer: _________________________________

This Schedule forms an integral part of the Agreement and related warranty by the Company with respect to the CMSP and Customer stated above.

Warranty Amount means the Specified Covered Contract Value or $500,000 per annum, whichever is smaller. In addition, in the event of multiple warranties with respect to one or more Included Threats, or multiple events triggering separate warranty payments to the Customer, the maximum total Warranty Amount is limited so that the maximum dollar amount recoverable in any contract year by a given Customer under all warranties issued by the Company (regardless of the number of Services) cannot exceed the lesser of two times the Specified Covered Contract Value for all Included Threats or $1 million. For the purpose of this limitation, the contract year for all warranties issued to a Customer begins on the effective date of the first warranty obtained by the Customer from the Company and runs for 12 consecutive months.

Specified Covered Contract Value means, with respect to each Included Threat, the annual covered contract value (including the applicable warranty value) specified by the CMSP in its written service agreement with the Customer for the applicable Services. As part of the Certification Process, the CMSP shall upload or otherwise provide such written service agreement to Company together with the SCRF and any other required documentation. Issuance of the CR (including the applicable warranty) is expressly conditioned upon Company’s review and written approval of (i) such CMSP–Customer service agreement and (ii) the Specified Covered Contract Value stated therein. For clarity, no CR shall be issued and no warranty shall be effective or in force unless and until such written approval has been granted by Company in accordance with the Certification Process, and the warranty shall only become effective upon the Activation Date.

Applicable Jurisdiction means the internal laws of the State of New York and applicable US federal laws.

Applicable Venue: The parties agree to the exclusive in personam and subject matter jurisdiction of the State and Federal Courts sitting in New York County, New York.

Currency: United States Dollars

Included Threat(s):

Threat Applicable Service Level Specification Number
Firewall/DDoS FW25.01
Business Email Compromise  BEC25.01 
Backup Data Loss Prevention BU25.01 
Disaster Recovery  DR25.01 
Managed Detection and Response MDR25.01 
Endpoint Protection  EP25.01 

Service Level Specification (“SLS”) FW25.01

This Service Level Specification is applicable if the Firewall /DDoS Services is in the Included Threats covered by the Service Schedule. If such services is not within the Included Threat, then this SLS is inapplicable. The CR certifies that the Company has determined that a solution has been implemented by the CMSP with respect to the Included Threat such that if a Covered Event occurs, as defined below, the CMSP solution will be able to address the Included Threat in accordance with the Performance Metric stated herein.

Covered Event means a malicious attempt to disrupt normal traffic on a targeted server or servers (servicing the Customer’s Network), by flooding the target server(s) with internet traffic to prevent users from accessing connected online services and sites, where the attack does prevent or significantly slows access to or the functioning of such Customer devices, data or software, provided that a “Covered Event” must also be of a type and duration that would trigger the Service under the CMSP’s written service level agreement with Customer.

Performance Metric means upon detection of the Covered Event (whether reported by the Customer or via network monitoring tools operated by the CMSP), the network operations centre will (i) establish an a viable internet pathway for the genuine user traffic to the targeted server(s) within four (4) hours and (ii) black hole or otherwise mitigate the DDoS attack such that the targeted server(s) are able to respond to genuine user traffic. The Service level commitment excludes all time where an outage or failure results from an Excluded Cause or Service Window. 

Service Level Specification (“SLS”) EP25.01

This Service Level Specification is applicable if the Endpoint Protection Services is in the Included Threats covered by the Service Schedule. If such services is not with in the Included Treats, then this SLS is inapplicable. The CR certifies that the Company has determined that a solution has been implemented by the CMSP with respect to the Included Threat such that if a Covered Event occurs, as defined below, the CMSP solution will be able to address the Included Threat in accordance with the Performance Metric stated herein.

Covered Event means that greater than 10% of the Endpoints or 10 Endpoints (whichever figure is smaller) are infected by a successful Ransomware attack, provided that a “Covered Event” relates only to the Endpoint and data on such Endpoint (or particular partition of an Endpoint) to the extent the service level agreement with the CMSP requires that such Endpoint/partition and the data on it is covered by the Service.

Performance Metric means that the data and software/configurations (if applicable) will be available and restoration will begin (subject to a suitable Customer host environment being established/re-established), within four (4) hours of the declaration of a Covered Event and a request, to the CMSP, by the Customer, to initiate restoration. If recovering from backup, the backup version that will be restored will be current as of the last scheduled backup to be completed prior to the conditions causing the Covered Event commencing. The Service level commitment excludes all time where an outage or failure results from an Excluded Cause or Service Window or times when no suitable host environment is available to receive the backup.

Service Level Specification (“SLS”) BEC25.01

This Service Level Specification is applicable if the Business Email Compromise Services is in the Included Threats covered by the Service Schedule. If such services is not with in the Included Treats, then this SLS is inapplicable. The CR certifies that the Company has determined that a solution has been implemented by the CMSP with respect to the Included Threat such that if a Covered Event occurs, as defined below, the CMSP solution will be able to address the Included Threat in accordance with the Performance Metric stated herein.

Covered Event means that a Customer’s Business Email Account has been compromised by a malicious third-party actor such that the third-party (i) deletes or encrypts (ii) accesses or (iii) exfiltrates emails sent or received on the account or (iv) uses the account to send out malicious emails to others, provided that a “Covered Event” must also be of a type and duration that would trigger the Service under the CMSP’s written service level agreement with Customer.

Performance Metric means that for compromised Business Email Account, the CMSP successfully detects the Covered Event and commences Defensive Measures against the compromise within 1 hour of the Suspicious Activity by the malicious actor attempting to exfiltrate Customer data or utilize the account to access other non-email accounts/facility or send malicious emails to third-parties.

Defensive Measures means to trigger multi-factor reauthentication of the Business Email account and or to lock the account until such time as the activity can be investigated and/or the user can be contacted by outside means to confirm the attempted access was authentic. 

Service Level Specification (“SLS”) BU25.01

This Service Level Specification is applicable if the Backup Services are in the Included Threats covered by the Service Schedule. If such services is not within the Included Threats, then this SLS is inapplicable. The CR certifies that the Company has determined that a solution has been implemented by the CMSP with respect to the Included Threat such that if a Covered Event occurs, as defined below, the CMSP solution will be able to address the Included Threat in accordance with the Performance Metric stated herein.

Covered Event means any intentional or negligent interference with the Customer’s devices, software (if applicable) or data or a fortuitous or accidental event, including any physical casualty at the Customer’s in house or cloud data center facility, that corrupts, erases or render inaccessible data or software (if applicable), provided that a “Covered Event” must also be of a type and duration that would trigger the Service under the CMSP’s written service level agreement with Customer and relates only to the data or software to the extent such service level agreement with the CMSP requires that such data or software is covered by the backup.

Performance Metric means that the backup data and software/configurations (if applicable) will be available and restoration will begin (subject to a suitable Customer host environment being established/re-established), within four (4) hours of the declaration of a Covered Event and a request, to the CMSP, by the Customer, to initiate the backup restoration Service. The backup version that will be restored will be current as of the last scheduled backup to be completed prior to the conditions causing the Covered Event commencing. The Service level commitment excludes all time where an outage or failure results from an Excluded Cause or Service Window or times when no suitable host environment is available to receive the backup.

Service Level Specification (“MDR”) MDR25.01

This Service Level Specification is applicable if the Managed Detection and Response Services is in the Included Threats covered by the Service Schedule. If such services is not within the Included Treats, then this SLS is inapplicable. The CR certifies that the Company has determined that a solution has been implemented by the CMSP with respect to the Included Threat such that if a Covered Event occurs, as defined below, the CMSP solution will be able to address the Included Threat in accordance with the Performance Metric stated herein.

Covered Event means that the Customer Network is impacted by a successful Ransomware attack, provided that a “Covered Event” relates only to the extent the service level agreement with the CMSP requires that impacted Computer Systems in the Customer Network are covered by the Service (“Covered Customer Resource”). Without limiting the generality of the foregoing, Covered Customer Resource does not related to any third party cloud service used by the Customer to store, transmit or process data. Customer’s remedy with respect to such cloud service is governed by the agreement with respect to that cloud service and not the CR.

Performance Metric means that for Covered Customer Resources affected by a Covered Event, the CMSP successfully detects the existence of Ransomware and implements Authorized Response and Remediation within one (1) hour of the Covered Event commencing.

Authorized Response and Remediation means, for the purposes of the SLS, any activities the CMSP Security Operating Center is authorized to perform as defined in the service level agreement between the Customer and CMSP that results in the containment and/or mitigation of the Covered Event, but such authorization shall, in all events including (but not limited to) the following activities:

  • Detection, investigation, and alerting Customer of the occurrence of a Covered Event

  • Termination or blocking of computer services or programs

  • Quarantining of files

  • Host isolation or removal from the network

  • Removal of malware, viruses, or threats

Service Level Specification (“SLS”) DR25.01

This Service Legel Specification is applicable if the Disaster Recovery is in the Included Threats covered by the Service Schedule. If such services is not with in the Included Threats, then this SLS is inapplicable. The CR certifies that the Company has determined that a solution has been implemented by the CMSP with respect to the Included Threat such that if a Covered Event occurs, as defined below, the CMSP solution will be able to address the Included Threat in accordance with the Performance Metric stated herein.

Covered Event means any intentional or negligent interference with the Customer’s devices, software, data or connectivity, by a third party (including but not limited to Ransomware), or a fortuitous disaster scenario, including any physical casualty at the Customer’s in house or cloud data center facility, that prevents access to or the functioning of such Customer devices, data or software, provide that a “Covered Event” must also be of a type and duration that would trigger the Service under the CMSP’s written service level agreement with Customer.

Performance Metric means that the disaster recovery virtual server(s) of the speed and capacity stated in the service agreement between Customer and the CMSP is operating, network connected, and able to serve requests within four (4) hours of the declaration of a Covered Event and a request, to the CMSP, by the Customer, to initiate the disaster recovery solution supplied under the Service. The Service level commitment excludes all time where an outage or failure results from an Excluded Cause or Service Window.

SpectraCare Prior to June 1, 2026
All Certification Services and Limited Service Performance Warranty Agreements:
Backup | Business Email Compromise Protection | Disaster Recovery | Endpoint Protection | Firewall/DDoS |

Backup
Certification Services and Limited Service Performance Warranty Agreement

 

This Certification of Resilience and Limited Service Performance Warranty Agreement (the “Agreement”) states the terms, limitations and conditions upon which Resilient Services Ltd. (DBA SPECTRA), a Bermuda Limited Liability Company (the “Company”), will provide its third-party Certification of Resilience and warrant such certification of the Backup Services, equipment and software (the “Service”) provided by the Certified Managed Service Provider (the “CMSP”) specified in the online Service Certification Request Form (“SCRF”). The CMSP, is an authorized reseller of the Company’s Certification of Resilience, but the certification and related warranty (the “CR”) are made by the Company directly to the customer specified in the SCRF (the “Customer”). The cost of the CR is included in the CMSP’s billing to the Customer, but that certification and warranty are the direct responsibility of the Company, not the CMSP.

 The Certification Process 

 

In order to obtain CR, including the applicable warranty, the CMSP must register the Customer and upload the SCRF and all required and requested information and documentation as to the Customer and the Service implementation. The Customer must confirm the SCRF registration online and click that it accepts the terms of this Agreement. Once the form is complete the Company will review the information and undertake the certification process. Normally, if all of the necessary information and documentation is provided, the CR will be issued within 3 days. If there are any deficiencies, the Company will provide the CMSP with a list of such deficiencies and, when advised by the CMSP that remediation has occurred, will undertake an additional certification.

Once approved, the Customer will receive an electronic registration code at the contact email address specified in the SCRF, confirming the issuance of the CR. The warranty will become effective upon the Activation Date. Until the warranty is effective, the Company will have no liability to make any payments under this warranty.

 

Warranty Duration

 

Company will monitor the CMSP’s performance of the Services in accordance with its policies and procedures and reserves the right to request updated information/documentation related to the Service at any time. If, at any time, the information provided indicates that the service is not being performed by the CMSP in according to certification standards, or the CMSP is in violation of its agreement(s) with the Company (including non-payment) for its certification services, the Company may give the Customer and CMSP notice of suspension of the certification/warranty renewal. In such event, effective upon 30 days after issuance of the notice of suspension, unless the issue(s) identified in the notification is/are resolved in accordance with the certification standard to Company’s satisfaction prior to the suspension date, the certification and warranty will automatically be terminated as of the suspension effective date until such time as recertification is granted.

The warranty will automatically terminate if the Customer discontinues the Service from the CMSP or Customer breaches or terminates this Agreement or its agreement for the Service with the CMSP. The warranty will be suspended during any period when the Customer fails to implement or allow/facilitate implementation of any important or critical aspect of the Service (including patches and upgrades) in accordance with the recommendations of the CMSP. In the event that the fee for the CR is not paid within 10 days written notice to the CMSP (not the Customer), the CR and related warranty will be suspended immediately upon notice to the Customer of such non-payment until such time as the payment is received and the suspension is lifted.

Limited Warranty

 

Subject to the terms and conditions below, once the certification is issued, the Company warrants that the Service shall perform upon the occurrence of a Covered Event in accordance with the Performance Metric. If there is any failure of the Performance Metric due to a Covered Event, other than a failure attributable to one or more Excluded Causes, Company will pay an amount equal to the Warranty Amount as stated in the annexed Schedule 1.

Notice of Claim. In order to obtain the warranty payment, Customer must report the service outage within 10 business days in accordance with the Company’s procedures. The warranty amount is only payable to the extent that (i) the eligible Service did not perform in accordance with the Performance Metric when the Service was invoked due to a Covered Event; (ii) the Customer makes a written request for the warranty amount in accordance with the CMSP procedures for incident reporting as defined in the Service agreement, supplying necessary specifics of the outage/failure; and (iii) logs or other computer forensic evidence is made available within 30 days of the service outage/failure to confirm the service outage/failure and that it was not the result of an Excluded Cause.

Payment. Any warranty payment will be made by the Company directly to the Customer within 30 days of the final submission of all necessary information and evidence. If a claim arises out of a Covered Event that is later determined (i) to be inconsistent with the definition of such Covered Event, or (ii) relates to any Excluded Cause, Customer will reimburse the Company in full for all warranty payments.

Limitation of Liability as other Non-warranty aspects of the Service. For all aspects of the Service that do not directly relate to Performance Metric, the Customer’s remedy will be limited to whatever remedy is available under its agreement with the CMSP. Company shall have no liability whatsoever, directly or indirectly, for any such failure or fault.

 

This is a LIMITED warranty. Except and unless expressly set out in this section, ALL WARRANTIES, CONDITIONS AND OTHER TERMS IMPLIED BY STATUTE OR COMMON LAW ARE, TO THE FULLEST EXTENT PERMITTED BY LAW, EXCLUDED FROM THIS AGREEMENT, INCLUDING, WITHOUT LIMITATION, ANY WARRANTY OF FITNESS FOR A PARTICULAR PURPOSE OR MERCHANTABILITY. Without limiting the generality of the foregoing, under no circumstances whatsoever shall Company be liable for any: (i) misrepresentation (other than fraudulent misrepresentation); (ii) loss of profits; (iii) loss of business; (iv) depletion of goodwill and similar losses; (v) loss of goods or property; (vi) loss or corruption of data; (vii) loss of contract, business or business opportunity (whether direct or indirect); (viii) loss of use (whether direct or indirect); (ix) special, indirect or consequential loss or damage suffered by the Customer or CMSP in connection with this Agreement; (x) personal or bodily injury or death; or (xi) fraud or criminal conduct by one of the Company’s employees or agents. The limitations on potential liabilities as stated herein are an essential element in setting consideration under the agreements between the Company and Customer. If Customer wishes or requires the limits to be higher than stated herein, Customer should take out and maintain an adequate business interruption/cyber liability/crime insurance policy and comply with the applicable terms and conditions of such policy. This Agreement and the warranty hereunder constitute the entire agreement between the Company and the Customer concerning the Service and it supersedes any prior or concurrent proposals, agreements, understandings, or other communications between the parties, oral or written, regarding such subject matter.

 

Applicable Law, Jurisdiction, Venue and Service of Process

 

Applicable law. The Parties agree that any dispute related to the formation, enforceability, performance, breach or termination of this Agreement shall be governed by the internal laws of the Jurisdiction stated in Schedule 1 (the applicable “Jurisdiction”), without regard to conflicts of law.

Jurisdiction and venue. To the fullest extent allowed, each party hereby agrees to submit to the exclusive in personam and subject matter jurisdiction of the Courts and other legal tribunals seated in the venue location stated in Schedule 1 and the parties agree to waive any objection they may have to the venue of such courts, including any claims of inconvenient forum.

Service. In the event of any such dispute, the parties agree that legal process may be served by a recognized international courier service plus email on the service address and email stated at the end of this agreement as the same may be amended from time to time by written notice.

Limited Data Sharing

In order to provide this warranty, from time-to-time the Company and the CMSP may need to share information with respect to Customer’s systems, equipment and historic performance, failure and claims Information to obtain or maintain certifications or for the receipt of insurance or insurance benefits related to the warranty. Such collection and use is hereby authorized. Whenever reasonably possible, Customer data will be anonymized.

No Personally Identifiable Information (PII) or Personal Data (as defined under applicable data protection laws) shall be shared, processed, or stored under this Agreement, beyond basic business contact information. If PII is inadvertently disclosed, both Parties agree to notify each other and the receiving part to take reasonable steps to remove this data and mitigate any associated risks.

Solely to the extent that “Personal Data” or “Personal Identifiable Information” (“PII”), as those terms are used in the law, is subject to protection special under the laws the applicable Jurisdiction, the additional terms of the Privacy Rider (if any) applicable to that Jurisdiction (in Schedule 1), shall govern, but said provisions may be subject to amendment, by notice, without any additional consideration, whenever the Company believes such amendment is necessary or desirable in order to address changes in the law or relevant technology.

Definitions applicable to the Warranty

 

Activation Date means the date at which a Certification of Resilience has been issued by the Company to the Customer under the terms of a Certification Agreement, at which point the related Warranty becomes effective.

 

Cyber Operation means the use of a computer system by, at the direction of, or under the control of a State to: (i) disrupt, deny access to or, degrade functionality of a computer system, and/or (ii) copy, remove, manipulate, deny access to or destroy information in a computer system.

 

Communicable Disease means any disease which can be transmitted by means of any substance or agent from any organism to another organism where:

  • the substance or agent includes, but is not limited to, a virus, bacterium, parasite or other organism or any variation thereof, whether deemed living or not; and

  • the method of transmission, whether direct or indirect, includes but is not limited to, airborne transmission, bodily fluid transmission, transmission from or to any surface or object, solid, liquid or gas or between organisms; and

  • the disease, substance or agent can cause or threaten damage to human health or human welfare or can cause or threaten damage to, deterioration of, loss of value of, marketability of or loss of use of property.

Covered Event means any intentional or negligent interference with the Customer’s devices, software (if applicable) or data or a fortuitous or accidental event, including any physical casualty at the Customer’s in house or cloud data centre facility, that corrupts, erases or render inaccessible data or software (if applicable), provided that a “Covered Event” must also be of a type and duration that would trigger the Service under the CMSP’s written service level agreement with Customer and relates only to the data or software to the extent such service level agreement with the CMSP requires that such data or software is covered by the backup.

Computer System means any computer, hardware, software, communications system, electronic device (including but not limited to, smart phone, laptop, tablet, wearable device), server, cloud infrastructure or microcontroller including any similar system or any configuration of the aforementioned and including any associated input, output, data storage device, networking equipment or back up facility.

Currency means the fiat currency stated in Schedule 1 and any amounts stated in this Agreement shall be interpreted as being in such currency. To the extent the MRC may be stated in some other currency it shall be converted to the Currency based on recognized international exchange rates as of the date of this Agreement.

Customer Network means any Computer System that is intended to be protected by a Service based on the Service design and representations with respect thereto.

Essential Service means a service that is essential for the maintenance of vital functions of a state including but not limited to, financial institutions and associated financial market infrastructure, health services or utility services.

Excluded Cause means any service failure, resulting or arising, directly or indirectly, in whole or in part, from, or otherwise materially contributed to any of the following: (1) with respect to the CMSP’s delivery of the Service, (a) any natural disasters/a force majeure, (b) War, (c) a Cyber Operation that is carried out as part of a War, or the immediate preparation for a War, (d) a Cyber Operation that causes a State to become an Impacted State, (e), invasion, acts of foreign enemies, hostilities or war-like operations (whether war be declared or not), (f) civil war, rebellion, revolution, insurrection, civil commotion, military or usurped power (g) strike, riot, vandalism, malicious mischief and/or (h) any total or partial interruption or reduction in performance or use of power, heating, lighting, water, electricity, utility, internet or any other telecommunication including cable or satellite; (2) radioactive, toxic, explosive or other hazardous or contaminating properties of any radioactive matter or any nuclear installation, reactor or other nuclear assembly or nuclear component thereof, including any weapon or device employing atomic or nuclear fission and/or fusion or other like reaction or radioactive force or matter or any chemical, biological, bio-chemical or electromagnetic weapon or any Communicable Disease or the fear or threat (whether actual or perceived) of a Communicable Disease; (3) any failure or outage which Company determines has occurred (i) as a result of the acts or omissions of Customer or Customer’s agents, contractors, or vendors, or anyone gaining access to the Company’s network or Customer’s network by means of the Customer’s passwords or equipment (or the passwords or equipment of the Customer’s employees, agents, contractors, or vendors),whether or not authorized; or (ii) is attributable to Customer’s content, including but not limited to software, or applications on websites; (4) events that took place before the issuance of the Certification or occurred after the expiry or termination of such; (5) failure that (i) is a result of compliance with applicable law, governmental order or court decree or (ii) is due to non-compliance with the applicable law by Customer; (6) is failure of equipment or software other than CMSP Managed Equipment; ( 7)is a Service Window; or (8) is any breach of the agreement between the CMSP and the Customer by the Customer.

Impacted State means any state where a cyber operation has a major detrimental impact on: (i) the functioning of that state due to disruption to the availability, integrity, or delivery of an essential service in that state, and/or (ii) the security or defence of that state.

Managed Equipment means all and any equipment operated by CMSP in connection with the Services.

MRC means the Monthly recurring charge for the Service, but MRC does not include installation, or one time set up, special projects, consulting or hourly charges and does not include any equipment or software acquisition costs.

Performance Metric means that the backup data and software/configurations (if applicable) will be available and restoration will begin (subject to a suitable Customer host environment being established/re-established), within four (4) hours of the declaration of a Covered Event and a request, to the CMSP, by the Customer, to initiate the backup restoration Service. The backup version that will be restored will be current as of the last scheduled backup to be completed prior to the conditions causing the Covered Event commencing. The Service level commitment excludes all time where an outage or failure results from an Excluded Cause or Service Window or times when no suitable host environment is available to receive the backup.

Service Window means failures or outages related to (i) regularly scheduled maintenance or (ii) installation of network or service upgrades in accordance with the CMSP’s regular policies and procedures with respect to such activities.

State means sovereign country or political subdivision thereof, such as a Provence, territory, autonomous region or a State of the United States or other nation that has political subdivisions called states.

War means armed conflict involving physical force: (i) by a state against another state, or (ii) as part of a civil war, rebellion, revolution, insurrection, military action, or usurpation of power, in either event whether war be declared or not.

Warranty Amount means the Annual Contract Value or $500,000 per annum, whichever is smaller.   In addition, in the event of multiple warranties or events triggering a warranty payment to the Customer, the maximum total Warranty Amount is limited so that the maximum dollar amount recoverable in any contract year by a given Customer under all warranties issued by the Company (regardless of the number of services) cannot exceed $1 million. By way of numerical example, if the Annual contract value for a Customer is $400,000 the Warranty Amount for the first two warranty events in a contract year would be $400,000 but if a third warranty event occurred then the Warranty amount for that third event would be limited to $200,000 and would be zero in the event of a fourth warranty event during that contract year. For the purpose of this limitation, the contract year for all warranties issued to a Customer begins on the effective date of the first warranty obtained by the Customer from the Company.

Annual Contract Value shall be calculated as to 100% of the MRC Fees paid (or payable) to the CMSP for the Service under the terms of the agreement between the CMSP and Customer equal to the 12-month period from its inception or most recent renewal if within 12 months. If the MRC changes during the term of the contract year because, for example, of the addition of more users or end-points, the Annual Contract Value shall be computed based on the average MRC during that contract year times 12 months.

Applicable Jurisdiction means the internal laws of the State of New York and applicable US federal laws.

Applicable Venue the parties agree to the exclusive in personam and subject matter jurisdiction of the State and Federal Courts sitting in New York County, New York.

Currency United States Dollars

Business Email Compromise Protection
Certification Services and Limited Service Performance Warranty Agreement

 

This Certification of Resilience and Limited Service Performance Warranty Agreement (the “Agreement”) states the terms, limitations and conditions upon which Resilient Services Ltd. (DBA SPECTRA), a Bermuda Limited Liability Company (the “Company”), will provide its third-party Certification of Resilience and warrant such certification of the Business Email Compromise Services, equipment and software (the “Service”) provided by the Certified Managed Service Provider (the “CMSP”) specified in the online Service Certification Request Form (“SCRF”). The CMSP, is an authorized reseller of the Company’s Certification of Resilience, but the certification and related warranty (the “CR”) are made by the Company directly to the customer specified in the SCRF (the “Customer”). The cost of the CR is included in the CMSP’s billing to the Customer, but that certification and warranty are the direct responsibility of the Company, not the CMSP.

 The Certification Process

 

In order to obtain CR, including the applicable warranty, the CMSP must register the Customer and upload the SCRF and all required and requested information and documentation as to the Customer and the Service implementation. The Customer must confirm the SCRF registration online and click that it accepts the terms of this Agreement. Once the form is complete the Company will review the information and undertake the certification process. Normally, if all of the necessary information and documentation is provided, the CR will be issued within 3 days. If there are any deficiencies, the Company will provide the CMSP with a list of such deficiencies and, when advised by the CMSP that remediation has occurred, will undertake an additional certification.

Once approved, the Customer will receive an electronic registration code at the contact email address specified in the SCRF, confirming the issuance of the CR. The warranty will become effective upon the Activation Date. Until the warranty is effective, the Company will have no liability to make any payments under this warranty.

 

Warranty Duration

 

Company will monitor the CMSP’s performance of the Services in accordance with its policies and procedures and reserves the right to request updated information/documentation related to the Service at any time. If, at any time, the information provided indicates that the service is not being performed by the CMSP in according to certification standards, or the CMSP is in violation of its agreement(s) with the Company (including non-payment) for its certification services, the Company may give the Customer and CMSP notice of suspension of the certification/warranty renewal. In such event, effective upon 30 days after issuance of the notice of suspension, unless the issue(s) identified in the notification is/are resolved in accordance with the certification standard to Company’s satisfaction prior to the suspension date, the certification and warranty will automatically be terminated as of the suspension effective date until such time as recertification is granted.

The warranty will automatically terminate if the Customer discontinues the Service from the CMSP or Customer breaches or terminates this Agreement or its agreement for the Service with the CMSP. The warranty will be suspended during any period when the Customer fails to implement or allow/facilitate implementation of any important or critical aspect of the Service (including patches and upgrades) in accordance with the recommendations of the CMSP. In the event that the fee for the CR is not paid within 10 days written notice to the CMSP (not the Customer), the CR and related warranty will be suspended immediately upon notice to the Customer of such non-payment until such time as the payment is received and the suspension is lifted.

Limited Warranty

 

Subject to the terms and conditions below, once the certification is issued, the Company warrants that the Service shall perform upon the occurrence of a Covered Event in accordance with the Performance Metric. If there is any failure of the Performance Metric due to a Covered Event, other than a failure attributable to one or more Excluded Causes, Company will pay an amount equal to the Warranty Amount as stated in the annexed Schedule 1.

Notice of Claim. In order to obtain the warranty payment, Customer must report the service outage within 10 business days in accordance with the Company’s procedures. The warranty amount is only payable to the extent that (i) the eligible Service did not perform in accordance with the Performance Metric when the Service was invoked due to a Covered Event; (ii) the Customer makes a written request for the warranty amount in accordance with the CMSP procedures for incident reporting as defined in the Service agreement, supplying necessary specifics of the outage/failure; and (iii) logs or other computer forensic evidence is made available within 30 days of the service outage/failure to confirm the service outage/failure and that it was not the result of an Excluded Cause.

Payment. Any warranty payment will be made by the Company directly to the Customer within 30 days of the final submission of all necessary information and evidence. If a claim arises out of a Covered Event that is later determined (i) to be inconsistent with the definition of such Covered Event, or (ii) relates to any Excluded Cause, Customer will reimburse the Company in full for all warranty payments.

Limitation of Liability as other Non-warranty aspects of the Service. For all aspects of the Service that do not directly relate to Performance Metric, the Customer’s remedy will be limited to whatever remedy is available under its agreement with the CMSP. Company shall have no liability whatsoever, directly or indirectly, for any such failure or fault.

 

This is a LIMITED warranty. Except and unless expressly set out in this section, ALL WARRANTIES, CONDITIONS AND OTHER TERMS IMPLIED BY STATUTE OR COMMON LAW ARE, TO THE FULLEST EXTENT PERMITTED BY LAW, EXCLUDED FROM THIS AGREEMENT, INCLUDING, WITHOUT LIMITATION, ANY WARRANTY OF FITNESS FOR A PARTICULAR PURPOSE OR MERCHANTABILITY. Without limiting the generality of the foregoing, under no circumstances whatsoever shall Company be liable for any: (i) misrepresentation (other than fraudulent misrepresentation); (ii) loss of profits; (iii) loss of business; (iv) depletion of goodwill and similar losses; (v) loss of goods or property; (vi) loss or corruption of data; (vii) loss of contract, business or business opportunity (whether direct or indirect); (viii) loss of use (whether direct or indirect); (ix) special, indirect or consequential loss or damage suffered by the Customer or CMSP in connection with this Agreement; (x) personal or bodily injury or death; or (xi) fraud or criminal conduct by one of the Company’s employees or agents. The limitations on potential liabilities as stated herein are an essential element in setting consideration under the agreements between the Company and Customer. If Customer wishes or requires the limits to be higher than stated herein, Customer should take out and maintain an adequate business interruption/cyber liability/crime insurance policy and comply with the applicable terms and conditions of such policy. This Agreement and the warranty hereunder constitute the entire agreement between the Company and the Customer concerning the Service and it supersedes any prior or concurrent proposals, agreements, understandings, or other communications between the parties, oral or written, regarding such subject matter.

 

Applicable Law, Jurisdiction, Venue and Service of Process

 

Applicable law. The Parties agree that any dispute related to the formation, enforceability, performance, breach or termination of this Agreement shall be governed by the internal laws of the Jurisdiction stated in Schedule 1 (the applicable “Jurisdiction”), without regard to conflicts of law.

Jurisdiction and venue. To the fullest extent allowed, each party hereby agrees to submit to the exclusive in personam and subject matter jurisdiction of the Courts and other legal tribunals seated in the venue location stated in Schedule 1 and the parties agree to waive any objection they may have to the venue of such courts, including any claims of inconvenient forum.

Service. In the event of any such dispute, the parties agree that legal process may be served by a recognized international courier service plus email on the service address and email stated at the end of this agreement as the same may be amended from time to time by written notice.

Limited Data Sharing

In order to provide this warranty, from time-to-time the Company and the CMSP may need to share information with respect to Customer’s systems, equipment and historic performance, failure and claims Information to obtain or maintain certifications or for the receipt of insurance or insurance benefits related to the warranty. Such collection and use is hereby authorized. Whenever reasonably possible, Customer data will be anonymized.

No Personally Identifiable Information (PII) or Personal Data (as defined under applicable data protection laws) shall be shared, processed, or stored under this Agreement, beyond basic business contact information. If PII is inadvertently disclosed, both Parties agree to notify each other and the receiving part to take reasonable steps to remove this data and mitigate any associated risks.

Solely to the extent that “Personal Data” or “Personal Identifiable Information” (“PII”), as those terms are used in the law, is subject to protection special under the laws the applicable Jurisdiction, the additional terms of the Privacy Rider (if any) applicable to that Jurisdiction (in Schedule 1), shall govern, but said provisions may be subject to amendment, by notice, without any additional consideration, whenever the Company believes such amendment is necessary or desirable in order to address changes in the law or relevant technology.

Definitions applicable to the Warranty

 

Activation Date means the date at which a Certification of Resilience has been issued by the Company to the Customer under the terms of a Certification Agreement, at which point the related Warranty becomes effective.

Business Email Account means an email account maintained or supported by the CMSP and covered by the Service. Both the domain and the specific user account must be registered and covered by the Service for the account to constitute a covered Business Email Account. Attachments to emails will be considered part of the email only until while the remain attached to the email.

Cyber Operation means the use of a computer system by, at the direction of, or under the control of a State to: (i) disrupt, deny access to or, degrade functionality of a computer system, and/or (ii) copy, remove, manipulate, deny access to or destroy information in a computer system.

Communicable Disease means any disease which can be transmitted by means of any substance or agent from any organism to another organism where:

  • the substance or agent includes, but is not limited to, a virus, bacterium, parasite or other organism or any variation thereof, whether deemed living or not; and
  • the method of transmission, whether direct or indirect, includes but is not limited to, airborne transmission, bodily fluid transmission, transmission from or to any surface or object, solid, liquid or gas or between organisms; and
  • the disease, substance or agent can cause or threaten damage to human health or human welfare or can cause or threaten damage to, deterioration of, loss of value of, marketability of or loss of use of property.

Covered Event means that a Customer’s Business Email Account has been compromised by a malicious third-party actor such that the third-party (i) deletes or encrypts (ii) accesses or (iii) exfiltrates emails sent or received on the account or (iv) uses the account to send out malicious emails to others, provided that a “Covered Event” must also be of a type and duration that would trigger the Service under the CMSP’s written service level agreement with Customer.

Computer System means any computer, hardware, software, communications system, electronic device (including but not limited to, smart phone, laptop, tablet, wearable device), server, cloud infrastructure or microcontroller including any similar system or any configuration of the aforementioned and including any associated input, output, data storage device, networking equipment or back up facility.

Currency means the fiat currency stated in Schedule 1 and any amounts stated in this Agreement shall be interpreted as being in such currency. To the extent the MRC may be stated in some other currency it shall be converted to the Currency based on recognized international exchange rates as of the date of this Agreement.

Customer Network means any Computer System that is intended to be protected by a Service based on the Service design and representations with respect thereto.

Defensive Measures means to trigger multi-factor reauthentication of the Business Email account and or to lock the account until such time as the activity can be investigated and/or the user can be contacted by outside means to confirm the attempted access was authentic.

Essential Service means a service that is essential for the maintenance of vital functions of a state including but not limited to, financial institutions and associated financial market infrastructure, health services or utility services.

Excluded Cause means any service failure, resulting or arising, directly or indirectly, in whole or in part, from, or otherwise materially contributed to any of the following: (1) with respect to the CMSP’s delivery of the Service, (a) any natural disasters/a force majeure, (b) War, (c) a Cyber Operation that is carried out as part of a War, or the immediate preparation for a War, (d) a Cyber Operation that causes a State to become an Impacted State, (e), invasion, acts of foreign enemies, hostilities or war-like operations (whether war be declared or not), (f) civil war, rebellion, revolution, insurrection, civil commotion, military or usurped power (g) strike, riot, vandalism, malicious mischief and/or (h) any total or partial interruption or reduction in performance or use of power, heating, lighting, water, electricity, utility, internet or any other telecommunication including cable or satellite; (2) radioactive, toxic, explosive or other hazardous or contaminating properties of any radioactive matter or any nuclear installation, reactor or other nuclear assembly or nuclear component thereof, including any weapon or device employing atomic or nuclear fission and/or fusion or other like reaction or radioactive force or matter or any chemical, biological, bio-chemical or electromagnetic weapon or any Communicable Disease or the fear or threat (whether actual or perceived) of a Communicable Disease; (3) any failure or outage which Company determines has occurred (i) as a result of the acts or omissions of Customer or Customer’s agents, contractors, or vendors, or anyone gaining access to the Company’s network or Customer’s network by means of the Customer’s passwords or equipment (or the passwords or equipment of the Customer’s employees, agents, contractors, or vendors),whether or not authorized; or (ii) is attributable to Customer’s content, including but not limited to software, or applications on websites; (4) events that took place before the issuance of the Certification or occurred after the expiry or termination of such; (5) failure that is (i) is a result of compliance with applicable law, governmental order or court decree or (ii) is due to non-compliance with the applicable law by Customer; (6) failure of equipment or software other than CMSP Managed Equipment; (7) a Service Window; or (8) any breach of the agreement between the CMSP and the Customer by the Customer.

Impacted State means any state where a cyber operation has a major detrimental impact on: (i) the functioning of that state due to disruption to the availability, integrity, or delivery of an essential service in that state, and/or (ii) the security or defence of that state.

Managed Equipment means all and any equipment operated by CMSP in connection with the Services.

MRC means the Monthly recurring charge for the Service, but MRC does not include installation, or one time set up, special projects, consulting or hourly charges and does not include any equipment or software acquisition costs.

Performance Metric means that for compromised Business Email Account, the CMSP successfully detects the Covered Event and commences Defensive Measures against the compromise within 1 hour of the Suspicious Activity by the malicious actor attempting to exfiltrate Customer data or utilize the account to access other non-email accounts/facility or send malicious emails to third-parties.  

Service Window means failures or outages related to (i) regularly scheduled maintenance or (ii) installation of network or service upgrades in accordance with the CMSP’s regular policies and procedures with respect to such activities.

State means sovereign country or political subdivision thereof, such as a Provence, territory, autonomous region or a State of the United States or other nation that has political subdivisions called states.

Suspicious Activity means log-on attempts from unknow machines or unfamiliar locations (or from disparate locations in an unreasonably close periods) without second-factor authentication, logon attempts from locations that know to be sites for malicious actors, sending large volumes of duplicative emails (i.e., to spam of phish via the Business Email Account) to the attempted exfiltration of substantial volumes of data from the Business Email Account, provided that to the extent that the services agreement between the CMSP and Customer provides the Customer with the opportunity to allow one or more Suspicious Activity and the Customer elects to allow the Suspicious Activity then such activity will not be deemed a Suspicious Activity.

War means armed conflict involving physical force: (i) by a state against another state, or (ii) as part of a civil war, rebellion, revolution, insurrection, military action, or usurpation of power, in either event whether war be declared or not.

Warranty Amount means the Annual Contract Value or $500,000 per annum, whichever is smaller.   In addition, in the event of multiple warranties or events triggering a warranty payment to the Customer, the maximum total Warranty Amount is limited so that the maximum dollar amount recoverable in any contract year by a given Customer under all warranties issued by the Company (regardless of the number of services) cannot exceed $1 million. By way of numerical example, if the Annual contract value for a Customer is $400,000 the Warranty Amount for the first two warranty events in a contract year would be $400,000 but if a third warranty event occurred then the Warranty amount for that third event would be limited to $200,000 and would be zero in the event of a fourth warranty event during that contract year. For the purpose of this limitation, the contract year for all warranties issued to a Customer begins on the effective date of the first warranty obtained by the Customer from the Company.

Annual Contract Value shall be calculated as to 100% of the MRC Fees paid (or payable) to the CMSP for the Service under the terms of the agreement between the CMSP and Customer equal to the 12-month period from its inception or most recent renewal if within 12 months. If the MRC changes during the term of the contract year because, for example, of the addition of more users or end-points, the Annual Contract Value shall be computed based on the average MRC during that contract year times 12 months.

Applicable Jurisdiction means the internal laws of the State of New York and applicable US federal laws.

Applicable Venue the parties agree to the exclusive in personam and subject matter jurisdiction of the State and Federal Courts sitting in New York County, New York.

Currency United States Dollars

Disaster Recovery
Certification Services and Limited Service Performance Warranty Agreement

 

This Certification of Resilience and Limited Service Performance Warranty Agreement (the “Agreement”) states the terms, limitations and conditions upon which Resilient Services Ltd. (DBA SPECTRA), a Bermuda Limited Liability Company (the “Company”), will provide its third-party Certification of Resilience and warrant such certification of the Disaster Recovery Services, equipment and software (the “Service”) provided by the Certified Managed Service Provider (the “CMSP”) specified in the online Service Certification Request Form (“SCRF”). The CMSP, is an authorized reseller of the Company’s Certification of Resilience, but the certification and related warranty (the “CR”) are made by the Company directly to the customer specified in the SCRF (the “Customer”). The cost of the CR is included in the CMSP’s billing to the Customer, but that certification and warranty are the direct responsibility of the Company, not the CMSP.

 The Certification Process

 

In order to obtain CR, including the applicable warranty, the CMSP must register the Customer and upload the SCRF and all required and requested information and documentation as to the Customer and the Service implementation. The Customer must confirm the SCRF registration online and click that it accepts the terms of this Agreement. Once the form is complete the Company will review the information and undertake the certification process. Normally, if all of the necessary information and documentation is provided, the CR will be issued within 3 days. If there are any deficiencies, the Company will provide the CMSP with a list of such deficiencies and, when advised by the CMSP that remediation has occurred, will undertake an additional certification.

Once approved, the Customer will receive an electronic registration code at the contact email address specified in the SCRF, confirming the issuance of the CR. The warranty will become effective upon the Activation Date. Until the warranty is effective, the Company will have no liability to make any payments under this warranty.

 

Warranty Duration

Company will monitor the CMSP’s performance of the Services in accordance with its policies and procedures and reserves the right to request updated information/documentation related to the Service at any time. If, at any time, the information provided indicates that the service is not being performed by the CMSP in according to certification standards, or the CMSP is in violation of its agreement(s) with the Company (including non-payment) for its certification services, the Company may give the Customer and CMSP notice of suspension of the certification/warranty renewal. In such event, effective upon 30 days after issuance of the notice of suspension, unless the issue(s) identified in the notification is/are resolved in accordance with the certification standard to Company’s satisfaction prior to the suspension date, the certification and warranty will automatically be terminated as of the suspension effective date until such time as recertification is granted.

The warranty will automatically terminate if the Customer discontinues the Service from the CMSP or Customer breaches or terminates this Agreement or its agreement for the Service with the CMSP. The warranty will be suspended during any period when the Customer fails to implement or allow/facilitate implementation of any important or critical aspect of the Service (including patches and upgrades) in accordance with the recommendations of the CMSP. In the event that the fee for the CR is not paid within 10 days written notice to the CMSP (not the Customer), the CR and related warranty will be suspended immediately upon notice to the Customer of such non-payment until such time as the payment is received and the suspension is lifted.

Limited Warranty

Subject to the terms and conditions below, once the certification is issued, the Company warrants that the Service shall perform upon the occurrence of a Covered Event in accordance with the Performance Metric. If there is any failure of the Performance Metric due to a Covered Event, other than a failure attributable to one or more Excluded Causes, Company will pay an amount equal to the Warranty Amount as stated in the annexed Schedule 1.

Notice of Claim. In order to obtain the warranty payment, Customer must report the service outage within 10 business days in accordance with the Company’s procedures. The warranty amount is only payable to the extent that (i) the eligible Service did not perform in accordance with the Performance Metric when the Service was invoked due to a Covered Event; (ii) the Customer makes a written request for the warranty amount in accordance with the CMSP procedures for incident reporting as defined in the Service agreement, supplying necessary specifics of the outage/failure; and (iii) logs or other computer forensic evidence is made available within 30 days of the service outage/failure to confirm the service outage/failure and that it was not the result of an Excluded Cause.

Payment. Any warranty payment will be made by the Company directly to the Customer within 30 days of the final submission of all necessary information and evidence. If a claim arises out of a Covered Event that is later determined (i) to be inconsistent with the definition of such Covered Event, or (ii) relates to any Excluded Cause, Customer will reimburse the Company in full for all warranty payments.

Limitation of Liability as other Non-warranty aspects of the Service. For all aspects of the Service that do not directly relate to Performance Metric, the Customer’s remedy will be limited to whatever remedy is available under its agreement with the CMSP. Company shall have no liability whatsoever, directly or indirectly, for any such failure or fault.

 

This is a LIMITED warranty. Except and unless expressly set out in this section, ALL WARRANTIES, CONDITIONS AND OTHER TERMS IMPLIED BY STATUTE OR COMMON LAW ARE, TO THE FULLEST EXTENT PERMITTED BY LAW, EXCLUDED FROM THIS AGREEMENT, INCLUDING, WITHOUT LIMITATION, ANY WARRANTY OF FITNESS FOR A PARTICULAR PURPOSE OR MERCHANTABILITY. Without limiting the generality of the foregoing, under no circumstances whatsoever shall Company be liable for any: (i) misrepresentation (other than fraudulent misrepresentation); (ii) loss of profits; (iii) loss of business; (iv) depletion of goodwill and similar losses; (v) loss of goods or property; (vi) loss or corruption of data; (vii) loss of contract, business or business opportunity (whether direct or indirect); (viii) loss of use (whether direct or indirect); (ix) special, indirect or consequential loss or damage suffered by the Customer or CMSP in connection with this Agreement; (x) personal or bodily injury or death; or (xi) fraud or criminal conduct by one of the Company’s employees or agents. The limitations on potential liabilities as stated herein are an essential element in setting consideration under the agreements between the Company and Customer. If Customer wishes or requires the limits to be higher than stated herein, Customer should take out and maintain an adequate business interruption/cyber liability/crime insurance policy and comply with the applicable terms and conditions of such policy. This Agreement and the warranty hereunder constitute the entire agreement between the Company and the Customer concerning the Service and it supersedes any prior or concurrent proposals, agreements, understandings, or other communications between the parties, oral or written, regarding such subject matter.

 

Applicable Law, Jurisdiction, Venue and Service of Process

 

Applicable law. The Parties agree that any dispute related to the formation, enforceability, performance, breach or termination of this Agreement shall be governed by the internal laws of the Jurisdiction stated in Schedule 1 (the applicable “Jurisdiction”), without regard to conflicts of law.

Jurisdiction and venue. To the fullest extent allowed, each party hereby agrees to submit to the exclusive in personam and subject matter jurisdiction of the Courts and other legal tribunals seated in the venue location stated in Schedule 1 and the parties agree to waive any objection they may have to the venue of such courts, including any claims of inconvenient forum.

Service. In the event of any such dispute, the parties agree that legal process may be served by a recognized international courier service plus email on the service address and email stated at the end of this agreement as the same may be amended from time to time by written notice.

Limited Data Sharing

In order to provide this warranty, from time-to-time the Company and the CMSP may need to share information with respect to Customer’s systems, equipment and historic performance, failure and claims Information to obtain or maintain certifications or for the receipt of insurance or insurance benefits related to the warranty. Such collection and use is hereby authorized. Whenever reasonably possible, Customer data will be anonymized.

No Personally Identifiable Information (PII) or Personal Data (as defined under applicable data protection laws) shall be shared, processed, or stored under this Agreement, beyond basic business contact information. If PII is inadvertently disclosed, both Parties agree to notify each other and the receiving part to take reasonable steps to remove this data and mitigate any associated risks.

Solely to the extent that “Personal Data” or “Personal Identifiable Information” (“PII”), as those terms are used in the law, is subject to protection special under the laws the applicable Jurisdiction, the additional terms of the Privacy Rider (if any) applicable to that Jurisdiction (in Schedule 1), shall govern, but said provisions may be subject to amendment, by notice, without any additional consideration, whenever the Company believes such amendment is necessary or desirable in order to address changes in the law or relevant technology.

Definitions applicable to the Warranty

 

Activation Date means the date at which a Certification of Resilience has been issued by the Company to the Customer under the terms of a Certification Agreement, at which point the related Warranty becomes effective.

Cyber Operation means the use of a computer system by, at the direction of, or under the control of a State to: (i) disrupt, deny access to or, degrade functionality of a computer system, and/or (ii) copy, remove, manipulate, deny access to or destroy information in a computer system.

Communicable Disease means any disease which can be transmitted by means of any substance or agent from any organism to another organism where:

  • the substance or agent includes, but is not limited to, a virus, bacterium, parasite or other organism or any variation thereof, whether deemed living or not; and

  • the method of transmission, whether direct or indirect, includes but is not limited to, airborne transmission, bodily fluid transmission, transmission from or to any surface or object, solid, liquid or gas or between organisms; and

  • the disease, substance or agent can cause or threaten damage to human health or human welfare or can cause or threaten damage to, deterioration of, loss of value of, marketability of or loss of use of property.

Covered Event means any intentional or negligent interference with the Customer’s devices, software, data or connectivity, by a third party (including but not limited to Ransomware), or a fortuitous disaster scenario, including any physical casualty at the Customer’s in house or cloud data centre facility, that prevents access to or the functioning of such Customer devices, data or software, provide that a “Covered Event” must also be of a type and duration that would trigger the Service under the CMSP’s written service level agreement with Customer.

Computer System means any computer, hardware, software, communications system, electronic device (including but not limited to, smart phone, laptop, tablet, wearable device), server, cloud infrastructure or microcontroller including any similar system or any configuration of the aforementioned and including any associated input, output, data storage device, networking equipment or back up facility.

Currency means the fiat currency stated in Schedule 1 and any amounts stated in this Agreement shall be interpreted as being in such currency. To the extent the MRC may be stated in some other currency it shall be converted to the Currency based on recognized international exchange rates as of the date of this Agreement.

Customer Network means any Computer System that is intended to be protected by a Service based on the Service design and representations with respect thereto.

Essential Service means a service that is essential for the maintenance of vital functions of a state including but not limited to, financial institutions and associated financial market infrastructure, health services or utility services.

Excluded Cause means any service failure, resulting or arising, directly or indirectly, in whole or in part, from, or otherwise materially contributed to any of the following: (1) with respect to the CMSP’s delivery of the Service, (a) any natural disasters/a force majeure, (b) War, (c) a Cyber Operation that is carried out as part of a War, or the immediate preparation for a War, (d) a Cyber Operation that causes a State to become an Impacted State, (e), invasion, acts of foreign enemies, hostilities or war-like operations (whether war be declared or not), (f) civil war, rebellion, revolution, insurrection, civil commotion, military or usurped power (g) strike, riot, vandalism, malicious mischief and/or (h) any total or partial interruption or reduction in performance or use of power, heating, lighting, water, electricity, utility, internet or any other telecommunication including cable or satellite; (2) radioactive, toxic, explosive or other hazardous or contaminating properties of any radioactive matter or any nuclear installation, reactor or other nuclear assembly or nuclear component thereof, including any weapon or device employing atomic or nuclear fission and/or fusion or other like reaction or radioactive force or matter or any chemical, biological, bio-chemical or electromagnetic weapon or any Communicable Disease or the fear or threat (whether actual or perceived) of a Communicable Disease; (3) any failure or outage which Company determines has occurred (i) as a result of the acts or omissions of Customer or Customer’s agents, contractors, or vendors, or anyone gaining access to the Company’s network or Customer’s network by means of the Customer’s passwords or equipment (or the passwords or equipment of the Customer’s employees, agents, contractors, or vendors),whether or not authorized; or (ii) is attributable to Customer’s content, including but not limited to software, or applications on websites; (4) events that took place before the issuance of the Certification or occurred after the expiry or termination of such; (5) failure that (i) is a result of compliance with applicable law, governmental order or court decree or (ii) is due to non-compliance with the applicable law by Customer; (6) is failure of equipment or software other than CMSP Managed Equipment; (7) a Service Window; or (8) any breach of the agreement between the CMSP and the Customer by the Customer.

Impacted State means any state where a cyber operation has a major detrimental impact on: (i) the functioning of that state due to disruption to the availability, integrity, or delivery of an essential service in that state, and/or (ii) the security or defence of that state.

Managed Equipment means all and any equipment operated by CMSP in connection with the Services.

MRC means the Monthly recurring charge for the Service, but MRC does not include installation, or one time set up, special projects, consulting or hourly charges and does not include any equipment or software acquisition costs.

Performance Metric means that the disaster recovery virtual server(s) of the speed and capacity stated in the service agreement between Customer and the CMSP is operating, network connected, and able to serve requests within four (4) hours of the declaration of a Covered Event and a request, to the CMSP, by the Customer, to initiate the disaster recovery solution supplied under the Service. The Service level commitment excludes all time where an outage or failure results from an Excluded Cause or Service Window.

Ransomware means software or firmware introduced to customer equipment or cloud resources that performs an unauthorized process that will have adverse impact on the confidentiality, integrity, or availability of an information system where the purpose of the is to induce the Customer to pay anything of value or do or refrain from doing any act that it is lawfully entitled and otherwise would be able to do but for the unauthorized process initiated by the software or firmware in exchange for the threat actor removing or suspending the action of the software or firmware.

 

Service Window means failures or outages related to (i) regularly scheduled maintenance or (ii) installation of network or service upgrades in accordance with the CMSP’s regular policies and procedures with respect to such activities.

 

State means sovereign country or political subdivision thereof, such as a Provence, territory, autonomous region or a State of the United States or other nation that has political subdivisions called states.

 

War means armed conflict involving physical force: (i) by a state against another state, or (ii) as part of a civil war, rebellion, revolution, insurrection, military action, or usurpation of power, in either event whether war be declared or not.

 

Warranty Amount means the Annual Contract Value or $500,000 per annum, whichever is smaller.   In addition, in the event of multiple warranties or events triggering a warranty payment to the Customer, the maximum total Warranty Amount is limited so that the maximum dollar amount recoverable in any contract year by a given Customer under all warranties issued by the Company (regardless of the number of services) cannot exceed $1 million. By way of numerical example, if the Annual contract value for a Customer is $400,000 the Warranty Amount for the first two warranty events in a contract year would be $400,000 but if a third warranty event occurred then the Warranty amount for that third event would be limited to $200,000 and would be zero in the event of a fourth warranty event during that contract year. For the purpose of this limitation, the contract year for all warranties issued to a Customer begins on the effective date of the first warranty obtained by the Customer from the Company.

 

Annual Contract Value shall be calculated as to 100% of the MRC Fees paid (or payable) to the CMSP for the Service under the terms of the agreement between the CMSP and Customer equal to the 12-month period from its inception or most recent renewal if within 12 months. If the MRC changes during the term of the contract year because, for example, of the addition of more users or end-points, the Annual Contract Value shall be computed based on the average MRC during that contract year times 12 months.

 

Applicable Jurisdiction means the internal laws of the State of New York and applicable US federal laws.

 

Applicable Venue the parties agree to the exclusive in personam and subject matter jurisdiction of the State and Federal Courts sitting in New York County, New York.

 

Currency United States Dollars

Endpoint Protection
Certification Services and Limited Service Performance Warranty Agreement

 

This Certification of Resilience and Limited Service Performance Warranty Agreement (the “Agreement”) states the terms, limitations and conditions upon which Resilient Services Ltd. (DBA SPECTRA), a Bermuda Limited Liability Company (the “Company”), will provide its third-party Certification of Resilience and warrant such certification of the Endpoint Protection Services, equipment and software (the “Service”) provided by the Certified Managed Service Provider (the “CMSP”) specified in the online Service Certification Request Form (“SCRF”). The CMSP, is an authorized reseller of the Company’s Certification of Resilience, but the certification and related warranty (the “CR”) are made by the Company directly to the customer specified in the SCRF (the “Customer”). The cost of the CR is included in the CMSP’s billing to the Customer, but that certification and warranty are the direct responsibility of the Company, not the CMSP.

 The Certification Process

 

In order to obtain CR, including the applicable warranty, the CMSP must register the Customer and upload the SCRF and all required and requested information and documentation as to the Customer and the Service implementation. The Customer must confirm the SCRF registration online and click that it accepts the terms of this Agreement. Once the form is complete the Company will review the information and undertake the certification process. Normally, if all of the necessary information and documentation is provided, the CR will be issued within 3 days. If there are any deficiencies, the Company will provide the CMSP with a list of such deficiencies and, when advised by the CMSP that remediation has occurred, will undertake an additional certification.

Once approved, the Customer will receive an electronic registration code at the contact email address specified in the SCRF, confirming the issuance of the CR. The warranty will become effective upon the Activation Date. Until the warranty is effective, the Company will have no liability to make any payments under this warranty.

 

Warranty Duration

 

Company will monitor the CMSP’s performance of the Services in accordance with its policies and procedures and reserves the right to request updated information/documentation related to the Service at any time. If, at any time, the information provided indicates that the service is not being performed by the CMSP in according to certification standards, or the CMSP is in violation of its agreement(s) with the Company (including non-payment) for its certification services, the Company may give the Customer and CMSP notice of suspension of the certification/warranty renewal. In such event, effective upon 30 days after issuance of the notice of suspension, unless the issue(s) identified in the notification is/are resolved in accordance with the certification standard to Company’s satisfaction prior to the suspension date, the certification and warranty will automatically be terminated as of the suspension effective date until such time as recertification is granted.

The warranty will automatically terminate if the Customer discontinues the Service from the CMSP or Customer breaches or terminates this Agreement or its agreement for the Service with the CMSP. The warranty will be suspended during any period when the Customer fails to implement or allow/facilitate implementation of any important or critical aspect of the Service (including patches and upgrades) in accordance with the recommendations of the CMSP. In the event that the fee for the CR is not paid within 10 days written notice to the CMSP (not the Customer), the CR and related warranty will be suspended immediately upon notice to the Customer of such non-payment until such time as the payment is received and the suspension is lifted.

Limited Warranty

 

Subject to the terms and conditions below, once the certification is issued, the Company warrants that the Service shall perform upon the occurrence of a Covered Event in accordance with the Performance Metric. If there is any failure of the Performance Metric due to a Covered Event, other than a failure attributable to one or more Excluded Causes, Company will pay an amount equal to the Warranty Amount as stated in the annexed Schedule 1.

 Notice of Claim. In order to obtain the warranty payment, Customer must report the service outage within 10 business days in accordance with the Company’s procedures. The warranty amount is only payable to the extent that (i) the eligible Service did not perform in accordance with the Performance Metric when the Service was invoked due to a Covered Event; (ii) the Customer makes a written request for the warranty amount in accordance with the CMSP procedures for incident reporting as defined in the Service agreement, supplying necessary specifics of the outage/failure; and (iii) logs or other computer forensic evidence is made available within 30 days of the service outage/failure to confirm the service outage/failure and that it was not the result of an Excluded Cause.

Payment. Any warranty payment will be made by the Company directly to the Customer within 30 days of the final submission of all necessary information and evidence. If a claim arises out of a Covered Event that is later determined (i) to be inconsistent with the definition of such Covered Event, or (ii) relates to any Excluded Cause, Customer will reimburse the Company in full for all warranty payments.

Limitation of Liability as other Non-warranty aspects of the Service. For all aspects of the Service that do not directly relate to Performance Metric, the Customer’s remedy will be limited to whatever remedy is available under its agreement with the CMSP. Company shall have no liability whatsoever, directly or indirectly, for any such failure or fault.

 

This is a LIMITED warranty. Except and unless expressly set out in this section, ALL WARRANTIES, CONDITIONS AND OTHER TERMS IMPLIED BY STATUTE OR COMMON LAW ARE, TO THE FULLEST EXTENT PERMITTED BY LAW, EXCLUDED FROM THIS AGREEMENT, INCLUDING, WITHOUT LIMITATION, ANY WARRANTY OF FITNESS FOR A PARTICULAR PURPOSE OR MERCHANTABILITY. Without limiting the generality of the foregoing, under no circumstances whatsoever shall Company be liable for any: (i) misrepresentation (other than fraudulent misrepresentation); (ii) loss of profits; (iii) loss of business; (iv) depletion of goodwill and similar losses; (v) loss of goods or property; (vi) loss or corruption of data; (vii) loss of contract, business or business opportunity (whether direct or indirect); (viii) loss of use (whether direct or indirect); (ix) special, indirect or consequential loss or damage suffered by the Customer or CMSP in connection with this Agreement; (x) personal or bodily injury or death; or (xi) fraud or criminal conduct by one of the Company’s employees or agents. The limitations on potential liabilities as stated herein are an essential element in setting consideration under the agreements between the Company and Customer. If Customer wishes or requires the limits to be higher than stated herein, Customer should take out and maintain an adequate business interruption/cyber liability/crime insurance policy and comply with the applicable terms and conditions of such policy. This Agreement and the warranty hereunder constitute the entire agreement between the Company and the Customer concerning the Service and it supersedes any prior or concurrent proposals, agreements, understandings, or other communications between the parties, oral or written, regarding such subject matter.

 

Applicable Law, Jurisdiction, Venue and Service of Process

 

Applicable law. The Parties agree that any dispute related to the formation, enforceability, performance, breach or termination of this Agreement shall be governed by the internal laws of the Jurisdiction stated in Schedule 1 (the applicable “Jurisdiction”), without regard to conflicts of law.

Jurisdiction and venue. To the fullest extent allowed, each party hereby agrees to submit to the exclusive in personam and subject matter jurisdiction of the Courts and other legal tribunals seated in the venue location stated in Schedule 1 and the parties agree to waive any objection they may have to the venue of such courts, including any claims of inconvenient forum.

Service. In the event of any such dispute, the parties agree that legal process may be served by a recognized international courier service plus email on the service address and email stated at the end of this agreement as the same may be amended from time to time by written notice.

Limited Data Sharing

In order to provide this warranty, from time-to-time the Company and the CMSP may need to share information with respect to Customer’s systems, equipment and historic performance, failure and claims Information to obtain or maintain certifications or for the receipt of insurance or insurance benefits related to the warranty. Such collection and use is hereby authorized. Whenever reasonably possible, Customer data will be anonymized.

No Personally Identifiable Information (PII) or Personal Data (as defined under applicable data protection laws) shall be shared, processed, or stored under this Agreement, beyond basic business contact information. If PII is inadvertently disclosed, both Parties agree to notify each other and the receiving part to take reasonable steps to remove this data and mitigate any associated risks.

Solely to the extent that “Personal Data” or “Personal Identifiable Information” (“PII”), as those terms are used in the law, is subject to protection special under the laws the applicable Jurisdiction, the additional terms of the Privacy Rider (if any) applicable to that Jurisdiction (in Schedule 1), shall govern, but said provisions may be subject to amendment, by notice, without any additional consideration, whenever the Company believes such amendment is necessary or desirable in order to address changes in the law or relevant technology.

Definitions applicable to the Warranty

 

Activation Date means the date at which a Certification of Resilience has been issued by the Company to the Customer under the terms of a Certification Agreement, at which point the related Warranty becomes effective.

Cyber Operation means the use of a computer system by, at the direction of, or under the control of a State to: (i) disrupt, deny access to or, degrade functionality of a computer system, and/or (ii) copy, remove, manipulate, deny access to or destroy information in a computer system.

Communicable Disease means any disease which can be transmitted by means of any substance or agent from any organism to another organism where:

  • the substance or agent includes, but is not limited to, a virus, bacterium, parasite or other organism or any variation thereof, whether deemed living or not; and
  • the method of transmission, whether direct or indirect, includes but is not limited to, airborne transmission, bodily fluid transmission, transmission from or to any surface or object, solid, liquid or gas or between organisms; and
  • the disease, substance or agent can cause or threaten damage to human health or human welfare or can cause or threaten damage to, deterioration of, loss of value of, marketability of or loss of use of property.

Covered Event means that greater than 10% of the Endpoints or 10 Endpoints (whichever figure is smaller) are infected by a successful Ransomware attack, provided that a “Covered Event” relates only to the Endpoint and data on such Endpoint (or particular partition of an Endpoint) to the extent the service level agreement with the CMSP requires that such Endpoint/partition and the data on it is covered by the Service.  

Computer System means any computer, hardware, software, communications system, electronic device (including but not limited to, smart phone, laptop, tablet, wearable device), server, cloud infrastructure or microcontroller including any similar system or any configuration of the aforementioned and including any associated input, output, data storage device, networking equipment or back up facility.

Currency means the fiat currency stated in Schedule 1 and any amounts stated in this Agreement shall be interpreted as being in such currency. To the extent the MRC may be stated in some other currency it shall be converted to the Currency based on recognized international exchange rates as of the date of this Agreement.

Customer Network means any Computer System that is intended to be protected by a Service based on the Service design and representations with respect thereto.

Endpoint means a Customer-owned or leased computer (laptop or desktop), server or storage device (or a protected partition thereof) that is enrolled and covered by the Service, but does not include cellular or satellite phones, portable tablets, communications equipment (including routers and switches) or printers, scanners or other I/O devices.

Essential Service means a service that is essential for the maintenance of vital functions of a state including but not limited to, financial institutions and associated financial market infrastructure, health services or utility services.

Excluded Cause means any service failure, resulting or arising, directly or indirectly, in whole or in part, from, or otherwise materially contributed to any of the following: (1) with respect to the CMSP’s delivery of the Service, (a) any natural disasters/a force majeure, (b) War, (c) a Cyber Operation that is carried out as part of a War, or the immediate preparation for a War, (d) a Cyber Operation that causes a State to become an Impacted State, (e), invasion, acts of foreign enemies, hostilities or war-like operations (whether war be declared or not), (f) civil war, rebellion, revolution, insurrection, civil commotion, military or usurped power (g) strike, riot, vandalism, malicious mischief and/or (h) any total or partial interruption or reduction in performance or use of power, heating, lighting, water, electricity, utility, internet or any other telecommunication including cable or satellite; (2) radioactive, toxic, explosive or other hazardous or contaminating properties of any radioactive matter or any nuclear installation, reactor or other nuclear assembly or nuclear component thereof, including any weapon or device employing atomic or nuclear fission and/or fusion or other like reaction or radioactive force or matter or any chemical, biological, bio-chemical or electromagnetic weapon or any Communicable Disease or the fear or threat (whether actual or perceived) of a Communicable Disease; (3) any failure or outage which Company determines has occurred (i) as a result of the acts or omissions of Customer or Customer’s agents, contractors, or vendors, or anyone gaining access to the Company’s network or Customer’s network by means of the Customer’s passwords or equipment (or the passwords or equipment of the Customer’s employees, agents, contractors, or vendors),whether or not authorized; or (ii) is attributable to Customer’s content, including but not limited to software, or applications on websites; (4) events that took place before the issuance of the Certification or occurred after the expiry or termination of such; (5) failure that is (i) is a result of compliance with applicable law, governmental order or court decree or (ii) is due to non-compliance with the applicable law by Customer; (6) failure of equipment or software other than CMSP Managed Equipment; (7) a Service Window; or (8) any breach of the agreement between the CMSP and the Customer by the Customer.

Impacted State means any state where a cyber operation has a major detrimental impact on: (i) the functioning of that state due to disruption to the availability, integrity, or delivery of an essential service in that state, and/or (ii) the security or defence of that state.

Managed Equipment means all and any equipment operated by CMSP in connection with the Services.

MRC means the Monthly recurring charge for the Service, but MRC does not include installation, or one time set up, special projects, consulting or hourly charges and does not include any equipment or software acquisition costs.

Performance Metric means that the data and software/configurations (if applicable) will be available and restoration will begin (subject to a suitable Customer host environment being established/re-established), within four (4) hours of the declaration of a Covered Event and a request, to the CMSP, by the Customer, to initiate restoration. If recovering from backup, the backup version that will be restored will be current as of the last scheduled backup to be completed prior to the conditions causing the Covered Event commencing. The Service level commitment excludes all time where an outage or failure results from an Excluded Cause or Service Window or times when no suitable host environment is available to receive the backup.

Ransomware means software or firmware introduced to customer equipment or cloud resources that performs an unauthorized process that has adverse impact on the confidentiality, integrity, or availability of an information system where the purpose of the is to induce the Customer to pay anything of value or do or refrain from doing any act that it is lawfully entitled and otherwise would be able to do but for the unauthorized process initiated by the software or firmware in exchange for the threat actor removing or suspending the action of the software or firmware.

 

Service Window means failures or outages related to (i) regularly scheduled maintenance or (ii) installation of network or service upgrades in accordance with the CMSP’s regular policies and procedures with respect to such activities.

 

State means sovereign country or political subdivision thereof, such as a Provence, territory, autonomous region or a State of the United States or other nation that has political subdivisions called states.

 

War means armed conflict involving physical force: (i) by a state against another state, or (ii) as part of a civil war, rebellion, revolution, insurrection, military action, or usurpation of power, in either event whether war be declared or not.

 

Warranty Amount means the Annual Contract Value or $500,000 per annum, whichever is smaller.   In addition, in the event of multiple warranties or events triggering a warranty payment to the Customer, the maximum total Warranty Amount is limited so that the maximum dollar amount recoverable in any contract year by a given Customer under all warranties issued by the Company (regardless of the number of services) cannot exceed $1 million. By way of numerical example, if the Annual contract value for a Customer is $400,000 the Warranty Amount for the first two warranty events in a contract year would be $400,000 but if a third warranty event occurred then the Warranty amount for that third event would be limited to $200,000 and would be zero in the event of a fourth warranty event during that contract year. For the purpose of this limitation, the contract year for all warranties issued to a Customer begins on the effective date of the first warranty obtained by the Customer from the Company.

 

Annual Contract Value shall be calculated as to 100% of the MRC Fees paid (or payable) to the CMSP for the Service under the terms of the agreement between the CMSP and Customer equal to the 12-month period from its inception or most recent renewal if within 12 months. If the MRC changes during the term of the contract year because, for example, of the addition of more users or end-points, the Annual Contract Value shall be computed based on the average MRC during that contract year times 12 months.

 

Applicable Jurisdiction means the internal laws of the State of New York and applicable US federal laws.

 

Applicable Venue the parties agree to the exclusive in personam and subject matter jurisdiction of the State and Federal Courts sitting in New York County, New York.

 

Currency United States Dollars

Firewall/DDoS
Certification Services and Limited Service Performance Warranty Agreement

 

This Certification of Resilience and Limited Service Performance Warranty Agreement (the “Agreement”) states the terms, limitations and conditions upon which Resilient Services Ltd. (DBA SPECTRA), a Bermuda Limited Liability Company (the “Company”), will provide its third-party Certification of Resilience and warrant such certification of the Firewall/DDoS Services, equipment and software (the “Service”) provided by the Certified Managed Service Provider (the “CMSP”) specified in the online Service Certification Request Form (“SCRF”). The CMSP, is an authorized reseller of the Company’s Certification of Resilience, but the certification and related warranty (the “CR”) are made by the Company directly to the customer specified in the SCRF (the “Customer”). The cost of the CR is included in the CMSP’s billing to the Customer, but that certification and warranty are the direct responsibility of the Company, not the CMSP.

The Certification Process

 

In order to obtain CR, including the applicable warranty, the CMSP must register the Customer and upload the SCRF and all required and requested information and documentation as to the Customer and the Service implementation. The Customer must confirm the SCRF registration online and click that it accepts the terms of this Agreement. Once the form is complete the Company will review the information and undertake the certification process. Normally, if all of the necessary information and documentation is provided, the CR will be issued within 3 days. If there are any deficiencies, the Company will provide the CMSP with a list of such deficiencies and, when advised by the CMSP that remediation has occurred, will undertake an additional certification.

Once approved, the Customer will receive an electronic registration code at the contact email address specified in the SCRF, confirming the issuance of the CR. The warranty will become effective upon the Activation Date. Until the warranty is effective, the Company will have no liability to make any payments under this warranty.

 

Warranty Duration

Company will monitor the CMSP’s performance of the Services in accordance with its policies and procedures and reserves the right to request updated information/documentation related to the Service at any time. If, at any time, the information provided indicates that the service is not being performed by the CMSP in according to certification standards, or the CMSP is in violation of its agreement(s) with the Company (including non-payment) for its certification services, the Company may give the Customer and CMSP notice of suspension of the certification/warranty renewal. In such event, effective upon 30 days after issuance of the notice of suspension, unless the issue(s) identified in the notification is/are resolved in accordance with the certification standard to Company’s satisfaction prior to the suspension date, the certification and warranty will automatically be terminated as of the suspension effective date until such time as recertification is granted.

The warranty will automatically terminate if the Customer discontinues the Service from the CMSP or Customer breaches or terminates this Agreement or its agreement for the Service with the CMSP. The warranty will be suspended during any period when the Customer fails to implement or allow/facilitate implementation of any important or critical aspect of the Service (including patches and upgrades) in accordance with the recommendations of the CMSP. In the event that the fee for the CR is not paid within 10 days written notice to the CMSP (not the Customer), the CR and related warranty will be suspended immediately upon notice to the Customer of such non-payment until such time as the payment is received and the suspension is lifted.

Limited Warranty

 

Subject to the terms and conditions below, once the certification is issued, the Company warrants that the Service shall perform upon the occurrence of a Covered Event in accordance with the Performance Metric. If there is any failure of the Performance Metric due to a Covered Event, other than a failure attributable to one or more Excluded Causes, Company will pay an amount equal to the Warranty Amount as stated in the annexed Schedule 1.

Notice of Claim. In order to obtain the warranty payment, Customer must report the service outage within 10 business days in accordance with the Company’s procedures. The warranty amount is only payable to the extent that (i) the eligible Service did not perform in accordance with the Performance Metric when the Service was invoked due to a Covered Event; (ii) the Customer makes a written request for the warranty amount in accordance with the CMSP procedures for incident reporting as defined in the Service agreement, supplying necessary specifics of the outage/failure; and (iii) logs or other computer forensic evidence is made available within 30 days of the service outage/failure to confirm the service outage/failure and that it was not the result of an Excluded Cause.

Payment. Any warranty payment will be made by the Company directly to the Customer within 30 days of the final submission of all necessary information and evidence. If a claim arises out of a Covered Event that is later determined (i) to be inconsistent with the definition of such Covered Event, or (ii) relates to any Excluded Cause, Customer will reimburse the Company in full for all warranty payments.

Limitation of Liability as other Non-warranty aspects of the Service. For all aspects of the Service that do not directly relate to Performance Metric, the Customer’s remedy will be limited to whatever remedy is available under its agreement with the CMSP. Company shall have no liability whatsoever, directly or indirectly, for any such failure or fault.

 

This is a LIMITED warranty. Except and unless expressly set out in this section, ALL WARRANTIES, CONDITIONS AND OTHER TERMS IMPLIED BY STATUTE OR COMMON LAW ARE, TO THE FULLEST EXTENT PERMITTED BY LAW, EXCLUDED FROM THIS AGREEMENT, INCLUDING, WITHOUT LIMITATION, ANY WARRANTY OF FITNESS FOR A PARTICULAR PURPOSE OR MERCHANTABILITY. Without limiting the generality of the foregoing, under no circumstances whatsoever shall Company be liable for any: (i) misrepresentation (other than fraudulent misrepresentation); (ii) loss of profits; (iii) loss of business; (iv) depletion of goodwill and similar losses; (v) loss of goods or property; (vi) loss or corruption of data; (vii) loss of contract, business or business opportunity (whether direct or indirect); (viii) loss of use (whether direct or indirect); (ix) special, indirect or consequential loss or damage suffered by the Customer or CMSP in connection with this Agreement; (x) personal or bodily injury or death; or (xi) fraud or criminal conduct by one of the Company’s employees or agents. The limitations on potential liabilities as stated herein are an essential element in setting consideration under the agreements between the Company and Customer. If Customer wishes or requires the limits to be higher than stated herein, Customer should take out and maintain an adequate business interruption/cyber liability/crime insurance policy and comply with the applicable terms and conditions of such policy. This Agreement and the warranty hereunder constitute the entire agreement between the Company and the Customer concerning the Service and it supersedes any prior or concurrent proposals, agreements, understandings, or other communications between the parties, oral or written, regarding such subject matter.

 

Applicable Law, Jurisdiction, Venue and Service of Process

 

Applicable law. The Parties agree that any dispute related to the formation, enforceability, performance, breach or termination of this Agreement shall be governed by the internal laws of the Jurisdiction stated in Schedule 1 (the applicable “Jurisdiction”), without regard to conflicts of law.

Jurisdiction and venue. To the fullest extent allowed, each party hereby agrees to submit to the exclusive in personam and subject matter jurisdiction of the Courts and other legal tribunals seated in the venue location stated in Schedule 1 and the parties agree to waive any objection they may have to the venue of such courts, including any claims of inconvenient forum.

Service. In the event of any such dispute, the parties agree that legal process may be served by a recognized international courier service plus email on the service address and email stated at the end of this agreement as the same may be amended from time to time by written notice.

Limited Data Sharing

In order to provide this warranty, from time-to-time the Company and the CMSP may need to share information with respect to Customer’s systems, equipment and historic performance, failure and claims Information to obtain or maintain certifications or for the receipt of insurance or insurance benefits related to the warranty. Such collection and use is hereby authorized. Whenever reasonably possible, Customer data will be anonymized.

No Personally Identifiable Information (PII) or Personal Data (as defined under applicable data protection laws) shall be shared, processed, or stored under this Agreement, beyond basic business contact information. If PII is inadvertently disclosed, both Parties agree to notify each other and the receiving part to take reasonable steps to remove this data and mitigate any associated risks.

Solely to the extent that “Personal Data” or “Personal Identifiable Information” (“PII”), as those terms are used in the law, is subject to protection special under the laws the applicable Jurisdiction, the additional terms of the Privacy Rider (if any) applicable to that Jurisdiction (in Schedule 1), shall govern, but said provisions may be subject to amendment, by notice, without any additional consideration, whenever the Company believes such amendment is necessary or desirable in order to address changes in the law or relevant technology.

Definitions applicable to the Warranty

 

Activation Date means the date at which a Certification of Resilience has been issued by the Company to the Customer under the terms of a Certification Agreement, at which point the related Warranty becomes effective.

Cyber Operation means the use of a computer system by, at the direction of, or under the control of a State to: (i) disrupt, deny access to or degrade functionality of a computer system, and/or (ii) copy, remove, manipulate, deny access to or destroy information in a computer system.

Communicable Disease means any disease which can be transmitted by means of any substance or agent from any organism to another organism where:

  • the substance or agent includes, but is not limited to, a virus, bacterium, parasite or other organism or any variation thereof, whether deemed living or not; and
  • the method of transmission, whether direct or indirect, includes but is not limited to, airborne transmission, bodily fluid transmission, transmission from or to any surface or object, solid, liquid or gas or between organisms; and
  • the disease, substance or agent can cause or threaten damage to human health or human welfare or can cause or threaten damage to, deterioration of, loss of value of, marketability of or loss of use of property.

Covered Event means a malicious attempt to disrupt normal traffic on a targeted server or servers (servicing the Customer’s Network), by flooding the target server(s) with internet traffic to prevent users from accessing connected online services and sites, where the attack does prevent or significantly slows access to or the functioning of such Customer devices, data or software, provided that a “Covered Event” must also be of a type and duration that would trigger the Service under the CMSP’s written service level agreement with Customer.

Computer System means any computer, hardware, software, communications system, electronic device (including but not limited to, smart phone, laptop, tablet, wearable device), server, cloud infrastructure or microcontroller including any similar system or any configuration of the aforementioned and including any associated input, output, data storage device, networking equipment or back up facility.

Currency means the fiat currency stated in Schedule 1 and any amounts stated in this Agreement shall be interpreted as being in such currency. To the extent the MRC may be stated in some other currency it shall be converted to the Currency based on recognized international exchange rates as of the date of this Agreement.

Customer Network means any Computer System that is intended to be protected by a Service based on the Service design and representations with respect thereto.

Essential Service means a service that is essential for the maintenance of vital functions of a state including but not limited to, financial institutions and associated financial market infrastructure, health services or utility services.

Excluded Cause means any service failure, resulting or arising, directly or indirectly, in whole or in part, from, or otherwise materially contributed to any of the following: (1) with respect to the CMSP’s delivery of the Service, (a) any natural disasters/a force majeure, (b) War, (c) a Cyber Operation that is carried out as part of a War, or the immediate preparation for a War, (d) a Cyber Operation that causes a State to become an Impacted State, (e), invasion, acts of foreign enemies, hostilities or war-like operations (whether war be declared or not), (f) civil war, rebellion, revolution, insurrection, civil commotion, military or usurped power (g) strike, riot, vandalism, malicious mischief and/or (h) any total or partial interruption or reduction in performance or use of power, heating, lighting, water, electricity, utility, internet or any other telecommunication including cable or satellite; (2) radioactive, toxic, explosive or other hazardous or contaminating properties of any radioactive matter or any nuclear installation, reactor or other nuclear assembly or nuclear component thereof, including any weapon or device employing atomic or nuclear fission and/or fusion or other like reaction or radioactive force or matter or any chemical, biological, bio-chemical or electromagnetic weapon or any Communicable Disease or the fear or threat (whether actual or perceived) of a Communicable Disease; (3) any failure or outage which Company determines has occurred (i) as a result of the acts or omissions of Customer or Customer’s agents, contractors, or vendors, or anyone gaining access to the Company’s network or Customer’s network by means of the Customer’s passwords or equipment (or the passwords or equipment of the Customer’s employees, agents, contractors, or vendors),whether or not authorized; or (ii) is attributable to Customer’s content, including but not limited to software, or applications on websites; (4) events that took place before the issuance of the Certification or occurred after the expiry or termination of such; (5) failure that is (i) is a result of compliance with applicable law, governmental order or court decree or (ii) is due to non-compliance with the applicable law by Customer; (6) failure of equipment or software other than CMSP Managed Equipment; (7) a Service Window; or (8) any breach of the agreement between the CMSP and the Customer by the Customer.

Impacted State means any state where a cyber operation has a major detrimental impact on: (i) the functioning of that state due to disruption to the availability, integrity, or delivery of an essential service in that state, and/or (ii) the security or defence of that state.

Managed Equipment means all and any equipment operated by CMSP in connection with the Services.

MRC means the Monthly recurring charge for the Service, but MRC does not include installation, or one time set up, special projects, consulting or hourly charges and does not include any equipment or software acquisition costs.

Performance Metric means upon detection of the Covered Event (whether reported by the Customer or via network monitoring tools operated by the CMSP), the network operations centre will (i) establish an a viable internet pathway for the genuine user traffic to the targeted server(s) within four (4) hours and (ii) black hole or otherwise mitigate the DDoS attack such that the targeted server(s) are able to respond to genuine user traffic. The Service level commitment excludes all time where an outage or failure results from an Excluded Cause or Service Window.

Service Window means failures or outages related to (i) regularly scheduled maintenance or (ii) installation of network or service upgrades in accordance with the CMSP’s regular policies and procedures with respect to such activities.

State means sovereign country or political subdivision thereof, such as a Provence, territory, autonomous region or a State of the United States or other nation that has political subdivisions called states.

War means armed conflict involving physical force: (i) by a state against another state, or (ii) as part of a civil war, rebellion, revolution, insurrection, military action, or usurpation of power, in either event whether war be declared or not.

Warranty Amount means the Annual Contract Value or $500,000 per annum, whichever is smaller.   In addition, in the event of multiple warranties or events triggering a warranty payment to the Customer, the maximum total Warranty Amount is limited so that the maximum dollar amount recoverable in any contract year by a given Customer under all warranties issued by the Company (regardless of the number of services) cannot exceed $1 million. By way of numerical example, if the Annual contract value for a Customer is $400,000 the Warranty Amount for the first two warranty events in a contract year would be $400,000 but if a third warranty event occurred then the Warranty amount for that third event would be limited to $200,000 and would be zero in the event of a fourth warranty event during that contract year. For the purpose of this limitation, the contract year for all warranties issued to a Customer begins on the effective date of the first warranty obtained by the Customer from the Company.

Annual Contract Value shall be calculated as to 100% of the MRC Fees paid (or payable) to the CMSP for the Service under the terms of the agreement between the CMSP and Customer equal to the 12-month period from its inception or most recent renewal if within 12 months. If the MRC changes during the term of the contract year because, for example, of the addition of more users or end-points, the Annual Contract Value shall be computed based on the average MRC during that contract year times 12 months.

Applicable Jurisdiction means the internal laws of the State of New York and applicable US federal laws.

Applicable Venue the parties agree to the exclusive in personam and subject matter jurisdiction of the State and Federal Courts sitting in New York County, New York.

Currency: United States Dollars