CYBERSEC AT HAND’s

General terms and conditions

Valid from 2024-01-01, until further notice.

1. General 

1.1. These general terms and conditions apply to the DOReAdy services, DOReAdy consulting products and similar services and products provided at any given time by CYBERSEC AT HAND, Dubai corporate registration no. 1298211 (“C A H Cyber security consultancy est”).

1.2. CYBERSEC AT HAND continuously updates its range of services and products and reserves the right to amend, delete or add information in the services and products offered and to cease providing them.

1.3. Agreements on access to services and products provided by CYBERSEC AT HAND are entered into by a company or other legal entity (the “Licensee”) for use of the services and products by its employees [and contractors] (the “Users”). All Users must accept these general terms and conditions when first logging into the Services (defined below).

1.4. A subscription agreement between CYBERSEC AT HAND and the Licensee (the “Subscription Agreement”) covers the services and products included in the Subscription Agreement (the “Services”) at any given time and they are provided on the financial terms agreed by the parties in the Subscription Agreement and in accordance with these general terms and conditions.

1.5. The Licensee may not grant the use of or transfer its rights under the Subscription Agreement to a third party without CYBERSEC AT HAND's written permission given in advance. In the event of a transfer allowed by CYBERSEC AT HAND, the new party to the Agreement must confirm in writing that it accepts the provisions of the Subscription Agreement and these general terms and conditions.

1. Grant of use and rights 

2.1. All rights to the Services and their contents, including copyright and all other intellectual property rights, are the property of CYBERSEC AT HAND. Information on copyright and other notices regarding right of ownership contained in the Services or on a supplied product and in documentation relating thereto must be retained by the Licensee and may not be removed or rendered illegible.

2.2. The Licensee and the Users receive no right to the Services over and above what is expressly set out in the Subscription Agreement and in these general terms and conditions.

2.3. CYBERSEC AT HAND grants the Licensee a non-exclusive, non-assignable and non-transferable right to allow the Users to use the Services during the term of the Subscription Agreement in accordance with the Subscription Agreement and these general terms and conditions and, in connection therewith, to copy, process or produce summaries of the contents of the Services such as lists of laws and other similar work products that are wholly or partly based on the Services (“Results”), all for the Licensee's internal use and in accordance with the Subscription Agreement and these general terms and conditions.

2.4. “The Licensee's internal use” means use of the Services and the Results for the Licensee's own activities, but not that the Licensee grants the use of the Services or makes them available to a third party. Further details regarding the boundaries between permitted and prohibited use of the Services and the Results are set out below.

1. More details regarding use of the Services

3.1. The Services may only be used by the Users for the purpose for which they have been produced and only for lawful purposes. The Users may not grant the use of or transfer their right to use the Services or parts thereof or otherwise dispose of the Services. If a User ceases to be an employee or contractor of the Licensee, its right to use the Services in connection therewith ceases.

3.2. The Users are responsible for storing passwords or other user authorisations in a secure manner. The Users can ask CYBERSEC AT HAND to block the Services for their account.

3.3. The Users may not transfer, grant the use of or otherwise disseminate passwords or other user authorisations required for the Users' own use of the Service.

3.5. When using the Services, the Users are also required to comply with the other regulations, instructions and restrictions applying to each Service and the other instructions issued by CYBERSEC AT HAND or a third party with which CYBERSEC AT HAND has entered into an agreement.

3.6. CYBERSEC AT HAND is entitled to suspend a User from further use of the Services without prior warning if the User is suspected of using the Services in breach of these general terms and conditions.

3.7. The Users may store Results and documents uploaded by the User with CYBERSEC AT HAND within the framework of the Services and subject to the more detailed restrictions issued by CYBERSEC AT HAND. The Licensee is responsible for ensuring that all such storage and processing of the material takes place in accordance with legislation in force at any given time. CYBERSEC AT HAND must keep such material confidential. The Licensee must indemnify CYBERSEC AT HAND for all claims for compensation, costs and any other damages that such material may cause CYBERSEC AT HAND. CYBERSEC AT HAND reserves the right to delete any User if it is suspected that it has not stored and/or processed in accordance with applicable legislation and if the Users' right to use the Services ceases. The User is responsible for backing up the Results and documents uploaded by the User.

1. Trial period

4.1. If CYBERSEC AT HAND and the Licensee have entered into a specific agreement on a trial period for the Services, the following applies.

4.2. Agreed and named Users may have access to the Services for the limited period specified in the agreement (the “Trial Period”) for the purpose of trying them out. No amount is payable to CYBERSEC AT HAND for such use of the Services.

4.3. These general terms and conditions apply mutatis mutandis to all use of the Services during the Trial Period, except for the payment provision, paragraph 9.

1. Processing of personal data 

5.1. CYBERSEC AT HAND is the data controller for the personal data provided by the Licensee and/or the Users when ordering and/or using the Services. More detailed information on how CYBERSEC AT HAND processes personal data is provided in CYBERSEC AT HAND's privacy policy.

5.2. In accordance with the General Data Protection Regulation, CYBERSEC AT HAND will have a role as a data processor in relation to the Licensee, as the data controller, in the event that CYBERSEC AT HAND and the Licensee have agreed that personal data may be stored in the Services. In such cases, Annex 1, Data Processing Agreement, applies if CYBERSEC AT HAND processes personal data on behalf of the Licensee.

1. Technical requirements

6.1. See the CYBERSEC AT HAND website [www.cybersecathand.com] for technical requirements applicable at any given time that must be met in order for the Users to access the Services and the proper functioning of the Services.

6.2. The Licensee and the User are liable for compliance with the technical requirements and the existence of a working connection between the User and the Connection Point (see the definition below). Furthermore, the Licensee and the User are liable for the associated costs and for installation of any required software.

1. Delivery and support

7.1. The Services are provided at the connection point designated by CYBERSEC AT HAND (the “Connection Point”). Unless otherwise agreed by the parties, the Connection Point is the point or points where CYBERSEC AT HAND connects the Services and the internet.

7.2. See the CYBERSEC AT HAND website [www.cybersecathand.com] for the opening hours etc. of the Service. During the term of the Agreement, CYBERSEC AT HAND is entitled to close down one or more Services in full or in part in order to carry out updates, maintenance and similar operations (see the CYBERSEC AT HAND website [www.cybersecathand.com] for more detailed information on scheduled maintenance operations).

7.3. Technical support and user support, (collectively referred to as “Support”) for the Services is provided by CYBERSEC AT HAND or by a third party on behalf of CYBERSEC AT HAND on weekdays and during office hours (see the CYBERSEC AT HAND website [www.cybersecathand.com] for the contact details of the local support). Until CYBERSEC AT HAND states otherwise, Support is provided without any specific payment.

7.4. Support does not include support, maintenance, troubleshooting remedying of faults or similar actions regarding the Licensees' or the Users' software or hardware, internet connections and/or products/services that have not been provided by CYBERSEC AT HAND or for which CYBERSEC AT HAND is not expressly responsible. Nor does Support include questions regarding the application of the legislation and other regulations involved in the delivery of the Services.

1. Faults or defects

8.1. In the event of a fault or defect in the Services at the Connection Point, the Licensee must contact CYBERSEC AT HAND for action to be taken (see the CYBERSEC AT HAND website [www.cybersecathand.com] for contact details for fault reporting).

8.2. CYBERSEC AT HAND is responsible for faults or defects in the Services that mean that the contents or functioning of the Services substantially fail to comply with CYBERSEC AT HAND's service descriptions applied at any given time and that the fault or defect is attributable to CYBERSEC AT HAND. CYBERSEC AT HAND is not liable for faults or defects attributable to the Licensee, the Users or third parties for which CYBERSEC AT HAND is not expressly liable.

8.3. Since the Services are dependent on the internet, the Licensee acknowledges that interruptions, delays, bugs and similar obstacles between the Services and the Users, such as on the internet, do not constitute a fault in the Services.

8.4. In the event of a fault or defect in the Services that is not remedied within a reasonable time and that means that the Users' use of the Services is adversely affected to a substantial extent, the Licensee is entitled to receive a reasonable price reduction from when the fault is reported until the fault or defect has been corrected. If the fault or defect is substantial and is not corrected within a reasonable deadline, the Licensee is entitled to terminate all or the relevant parts of the Subscription Agreement. This, together with the provisions of paragraph 11, comprehensively governs CYBERSEC AT HAND's liability in the event of a fault or defect in the Services.

1. Payment

9.1. The Licensee is obliged to pay fees agreed or otherwise applicable at any given time for all use of the Services.

9.2. CYBERSEC AT HAND is entitled to increase the fee with immediate effect if the increase is directly attributable to external factors such as changes in exchange rates, tax or similar general duties and in other similar circumstances of economic significance for the Service beyond CYBERSEC AT HAND's control and which affect the cost of providing the Service. Unless otherwise is stated in these general terms and conditions CYBERSEC AT HAND must give notice of changes in fees that are not attributable to external factors no later than thirty (30) days before the changes in fees enter into force, whereupon the Licensee has the option of terminating the Subscription Agreement by giving thirty (30) days' notice.

9.3. The fee for a subscription is paid in advance against an invoice subject to payment terms of thirty (30) days net from the invoice date. Any special fees for connection to and use of certain types of Services are paid in arrears against an invoice, subject to the aforesaid payment terms.

9.4. In the event of a delay, statutory interest on overdue payment is charged from the due date. A reminder fee will be charged if a payment reminder is issued. In the event of a delay in payment, CYBERSEC AT HAND is entitled to temporarily suspend a User’s access to the Services until all amounts due have been paid and/or give notice of termination of the Subscription Agreement with effect fourteen (14) days after a payment reminder.

9.5. All amounts in the Subscription Agreement and CYBERSEC AT HAND's price list exclude VAT. The Customer is responsible for payment of VAT, other taxes and public charges payable or that may be payable in respect of the Services.

9.6. In the event of termination, no fixed fees already paid are refunded except in the event of termination in accordance with paragraphs 8.4, 14.3 and 16. Upon termination, the Customer is obliged to pay CYBERSEC AT HAND any special expenses invoiced in arrears in accordance with paragraph 9.3.

1. 10.Force majeure

10.1. Neither Party is liable vis-à-vis the other Party for the fulfilment of obligations under the Subscription Agreement or these general terms and conditions when such is prevented by circumstances beyond the control of a party or its suppliers (“Force Majeure”), including but not limited to war and mobilisation, natural disasters, epidemics, lockouts or other labour conflicts, lack of natural resources, fire, damage to equipment used, amended public authority regulations, intervention by a public authority, interruption of public transport including, inter alia, energy supply and computer viruses in the Services as well as import and export prohibitions and other prohibitions beyond a Party’s control.

10.2. The Party wishing to cite Force Majeure is required to notify the other Party in writing without delay when such a circumstance arises and when it ceases.

10.3. If the performance and fulfilment of these general terms and conditions for the Subscription Agreement are rendered impossible for ninety (90) days due to Force Majeure, either Party is entitled to cancel the Subscription Agreement by giving notice in writing to the other Party.

1. Limitation of liability and claims

11.1. The Licensee must compensate CYBERSEC AT HAND for any damages sustained by CYBERSEC AT HAND as a result of use of the Services by the Licensee and/or a User in breach of the Subscription Agreement and these general terms and conditions or in any way that causes damage to CYBERSEC AT HAND.

11.2. Except as set out above in paragraph 8, CYBERSEC AT HAND is not liable for the functioning or quality of the Services. CYBERSEC AT HAND is not liable for factual errors in the Services or for any damages that may arise as a result thereof. Nor will CYBERSEC AT HAND be liable for any advice or information that the Licensee or a User has been given the opportunity to obtain from a consultant employed by CYBERSEC AT HAND or a third party in connection with the Services.

11.3. CYBERSEC AT HAND is not liable for loss of production, loss of profits, loss of income, consequential damages or other indirect damage or loss.

11.4. CYBERSEC AT HAND's total liability vis-à-vis the Licensee, except in cases of gross negligence or intent, is limited to the payment received by CYBERSEC AT HAND from the Licensee in accordance with the Subscription Agreement during the preceding twelve (12) months. CYBERSEC AT HAND is not liable vis-à-vis anyone other than the Licensee such as the Users, the Licensee's customers, suppliers or partners or any authority overseeing the Licensee.

11.5. Complaints and other claims must be filed in writing without undue delay from when a Party discovered or should have discovered the circumstance giving rise to the claim, though no later than within six (6) months from the occurrence of the circumstance, after which the claim otherwise expires.

1. 12.Customer data

12.1. CYBERSEC AT HAND it is not entitled to make use of any data that the Licensee, either itself or through a User, submits to CYBERSEC AT HAND or that CYBERSEC AT HAND otherwise obtains access to through the Licensee's use of the Services (“Customer Data”), unless otherwise specified in this Agreement.

12.2. CYBERSEC AT HAND may use Customer Data to carry out the assignment, for statistical purposes and to improve and develop CYBERSEC AT HAND's Services.

12.3. CYBERSEC AT HAND may also transfer Customer Data to group companies and suppliers if necessary to enable it to deliver or develop the Services.

12.4. The Licensee must ensure that Customer data is free from viruses, trojans, worms or other software or code that could damage the Services or CYBERSEC AT HAND's IT environment.

1. 13.Intellectual property rights

13.1. These general terms and conditions do not mean that copyright or other intellectual property rights to the Services are transferred to the Licensee, a User or other third party. The Licensee and the User may not copy, modify or otherwise process software or other materials associated with the Services or transfer or grant the use of the right to such software or materials to another party unless such is provided in these general terms and conditions or has otherwise been agreed in writing with CYBERSEC AT HAND.

13.2. The Licensee undertakes to defend CYBERSEC AT HAND at its own expense if a claim is filed or an action is brought against CYBERSEC AT HAND for infringement due to use of the Services by the Licensee or User in breach of these general terms and conditions. The Licensee undertakes to compensate CYBERSEC AT HAND for all costs and damages that CYBERSEC AT HAND may be required to pay due to a settlement or judgment.

1. 14.Term of the Agreement

14.1. The Subscription Agreement applies, unless otherwise agreed, from when the Agreement is signed and thereafter for twelve (12) months.

14.2. If the Subscription Agreement has not been terminated no later than sixty (60) days prior to the end of the term of the Agreement by means of notice of termination given by the Licensee to CYBERSEC AT HAND no later than that date, the Subscription Agreement is automatically extended by twelve (12) months or by the agreed extension period, with the corresponding notice period. In the event of an extension of the Subscription Agreement, CYBERSEC AT HAND's general terms and conditions and prices in force at any given time apply. The notice of termination must be given in writing.

14.3. In addition to what is otherwise specified in the Subscription Agreement and these general terms and conditions, a party is entitled to terminate the Subscription Agreement with immediate effect if the other party (a) is in breach of the Agreement and fails to adopt a remedy within twenty (20) days of receipt of a written reminder of the breach of the agreement from the other party, or (b) initiates a liquidation procedure, applies for bankruptcy or is declared bankrupt, suspends payments or may otherwise be feared to be on the way towards insolvency.

14.4. The Licensee no longer has any right to use the Services as of the date when the Subscription Agreement ceases. If CYBERSEC AT HAND has stored Results from the Users or other materials in connection with the Services, CYBERSEC AT HAND is entitled to delete such material ninety (90) days after the Subscription Agreement ceases.

1. 15.Confidentiality

15.1. “Confidential Information” means any information of an economic, technical, commercial or other nature relating to the parties and their affiliated companies, whether or not the information has been documented in writing. Nevertheless, information that is public knowledge or that has become public knowledge other than through breach of these general terms and conditions by the party receiving it must not be regarded as Confidential Information.

15.2. The parties undertake not to disclose, in whole or in part, Confidential Information received in connection with the Subscription Agreement and these general terms and conditions relating to the other party or to a third party unless the other party has given its prior written consent thereto or the party disclosing the Confidential Information has an obligation to do so in accordance with an applicable law, an enforceable judgment, a binding decision by a public authority or directives or applicable regulations for regulated markets. The parties may not make use of Confidential Information for any purpose other than to exercise their rights and obligations in accordance with the Subscription Agreement and these general terms and conditions. A party must adopt all necessary measures to prevent prohibited dissemination or use of Confidential Information by its employees or contractors.

15.3. The parties’ confidentiality obligations must apply without limitation in time.

15.4. CYBERSEC AT HAND may, by special agreement with the Licensee, indicate for marketing purposes that the Licensee is a user of the Services.

1. 16.Amendment of general terms and conditions

CYBERSEC AT HAND is entitled to amend these general terms and conditions without prior approval from the Licensee. The Licensee will be informed if such amendments are substantially detrimental to it and the amendments enter into force thirty (30) days after the Licensee was notified of the amendment. In the event of any amendment that is substantially detrimental to the Licensee, the Licensee is entitled to notify CYBERSEC AT HAND, no later than fourteen (14) days before the amendment enters into force, that the Licensee gives notice of termination of the Subscription Agreement from the date of entry into force of the amendment. The notice of termination must be given in writing.

1. 17.Notices

17.1. CYBERSEC AT HAND issues notices to the Licensee via the Services, by means of a letter to the address communicated by the Licensee, by email to the email address communicated by the Licensee or as otherwise agreed by the parties.

17.2. Notices to the Licensee regarding amendments to the terms and conditions and any other notices under these general terms and conditions must be considered to have been received by the Licensee no later than three (3) days after the notice was sent by post to the latest address of which CYBERSEC AT HAND was notified in writing by the Licensee. Notices issued in the Service or that are sent by email to the latest email address of which CYBERSEC AT HAND was notified by the Licensee will be considered to have been received by the Licensee immediately.

17.3. The Licensee is required to notify CYBERSEC AT HAND in the Service of updates to its address, email address or other contact details provided to CYBERSEC AT HAND.

17.4. The Licensee may issue notices to CYBERSEC AT HAND regarding these general terms and conditions by using CYBERSEC AT HAND's user support in the Services.

1. 18.Choice of law and jurisdiction 

UAE substantive law will apply to these general terms and conditions.

Annex A Security measures

Physical access control

All storage, physical servers and data are handled securely and maintain a high level of security with respect to access control systems, alarms and shell protection. No unauthorized person may stay on the premises without the company of authorized personnel.

CYBERSEC AT HAND has routines for handing out and returning codes and keys upon employment and upon termination of employment. Only authorized technical staff has access to data centers.

Access control relating to systems

Strong and complex passwords, with regular changes, are used to access systems where personal data is stored. Access to the server environment requires a VPN connection.

Access control relating to personal data

Company staff only has access to the personal data systems they need to perform their tasks. At employment termination, special procedures are followed to close access.

Access control in the case of transfers

All transfer of personal data to and from digital services are encrypted with strong encryption in accordance with current industry standards. Transfer is only done to pre-approved destinations.

Control over entry of personal data

In CYBERSEC AT HAND's digital services, logging takes place in system logs of activities such as logging in and changing information for authorization.

Accessibility control

At the system level, it is possible to restore contents of the database from daily backup files that are stored separately.

Separation control

Personal data processed for different purposes are treated separately, are logically separate and can be selected based on the source they originate from.

Storage procedures

During the term of the agreement, personal data is deleted at the request of the Personal Data Controller as soon as possible and no later than within 30 days of the Personal Data Controller requesting that the personal data be deleted.

After the Data Processing Agreement has expired, reference is made to clause 8 of the Data Processing Agreement.

Security regulations

Only trained and authorized personnel at CYBERSEC AT HAND have access to personal data. All employees are required to follow established policies for data security. Assistants are bound by the same security regulations and data security commitments as CYBERSEC AT HAND employees.

Certifications, etc.

All CYBERSEC AT HAND personnel undergo annual training in data protection and are required to follow the data protection policy that the company applies.