Terms & Conditions

Please read these Terms and Conditions carefully before using this site

Business Terms (CybSafe Lite)

This agreement is a legal document between you (the Customer) and CYBSAFE LIMITED incorporated and registered in England and Wales with company number 9642350 whose registered office is at Windmill Hill Business Park, Whitehill Way, Swindon SN5 6QR (CybSafe) for the provision of free trial access to the CybSafe Lite service. Cybsafe grants access to the CybSafe Lite service on the basis of the terms set out in this agreement.


Agreed Terms



1.1 The definitions and rules of interpretation in this clause apply in this agreement.

Authorised Users:

those employees, agents and independent contractors of the Customer who are authorised by the Customer to use the Services and the Documentation, as further described in clause 2.2(d).

Business Day:

a day other than a Saturday, Sunday or public holiday in England when banks in London are open for business.


a complaint or request relating to either party’s obligations under Data Protection Laws relevant to this Agreement, including any compensation claim from a Data Subject or any notice, investigation or other action from a Supervisory Authority;

Confidential Information:

information that is proprietary or confidential and is either clearly labelled as such or identified as Confidential Information in clause 8.5.

Core Hours:

6.00am to 9.00pm local UK time, each Business Day

Customer Data:

the data inputted by the Customer, Authorised Users, or CybSafe on the Customer’s behalf for the purpose of using the Services or facilitating the Customer’s use of the Services.

Data Controller:

has the meaning set out in the Data Protection Laws;

Data Processor:

has the meaning given to that term (or to the term ‘processor’) in the Data Protection Laws;

Data Protection Laws:

(a) the Data Protection Act 1998 and the Privacy and Electronic Communications (EC Directive) Regulations 2003, SI 2003/2426, and any laws or regulations implementing Directive 95/46/EC (Data Protection Directive) or Directive 2002/58/EC (ePrivacy Directive); and/or

(b) the General Data Protection Regulation (EU) 2016/679 (GDPR), once applicable, and/or any corresponding or equivalent United Kingdom national laws or regulations (Revised UK DP Law);

(c) and, in either case any judicial or administrative interpretation of any of the above, any guidance, guidelines, codes of practice, approved codes of conduct or approved certification mechanisms issued by any relevant Supervisory Authority

Data Subject:

has the meaning set out in the Data Protection Laws;

Data Subject Request:

a request made by a Data Subject to exercise any rights of Data Subjects under Data Protection Laws;


the document made available to the Customer by CybSafe online via https://cybsafe.com or such other web address notified by CybSafe to the Customer from time to time which sets out a description of the Services and the user instructions for the Services.

Effective Date:

the date the Customer is given access to CybSafe Lite.

Free Trial Term:

the period of 90 days from the Effective Date.

Normal Business Hours:

8.00 am to 6.00 pm local UK time, each Business Day.

Personal Data:

has the meaning given to that term in the Data Protection Laws and relates only to personal data, or any part of such personal data, in respect of which the Customer is the Data Controller and in relation to which Cybsafe is providing services under this Agreement (but does not, in particular, include personal data provided by an Authorised User or the Customer to a third party acting in the capacity of a data controller);

Personal Data Breach:

a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, any Personal Data;


the subscription service to CybSafe Lite provided by CybSafe to the Customer under this agreement via https://cybsafe.com or any other website notified to the Customer by CybSafe from time to time, as more particularly described in the Documentation.


the online software applications provided by CybSafe as part of the Services.

Supervisory Authority:

any local, national or multinational agency, department, official, parliament, public or statutory person or any government or professional body, regulatory or supervisory authority, board or other body responsible for administering Data Protection Laws

User Subscriptions:

the user subscriptions granted to the Customer by CybSafe which entitle Authorised Users to access and use the Services and the Documentation in accordance with this agreement.


any thing or device (including any software, code, file or programme) which may: prevent, impair or otherwise adversely affect the operation of any computer software, hardware or network, any telecommunications service, equipment or network or any other service or device; prevent, impair or otherwise adversely affect access to or the operation of any programme or data, including the reliability of any programme or data (whether by re-arranging, altering or erasing the programme or data in whole or part or otherwise); or adversely affect the user experience, including worms, trojan horses, viruses and other similar things or devices.

1.2 Clause, schedule and paragraph headings shall not affect the interpretation of this agreement.

1.3 A person includes an individual, corporate or unincorporated body (whether or not having separate legal personality) and that person’s legal and personal representatives, successors or permitted assigns.

1.4 A reference to a company shall include any company, corporation or other body corporate, wherever and however incorporated or established.

1.5 Unless the context otherwise requires, words in the singular shall include the plural and in the plural shall include the singular.

1.6 Unless the context otherwise requires, a reference to one gender shall include a reference to the other genders.

1.7 A reference to a statute or statutory provision is a reference to it as it is in force as at the date of this agreement.

1.8 A reference to a statute or statutory provision shall include all subordinate legislation made as at the date of this agreement under that statute or statutory provision.

1.9 A reference to writing or written includes e-mail.

1.10 References to clauses are to the clauses of this agreement.

1.11 A reference to a holding company or a subsidiary means a holding company or a subsidiary (as the case may be) as defined in section 1159 of the Companies Act 2006. In the case of a limited liability partnership which is a subsidiary of a company or another limited liability partnership, section 1159 of the Companies Act 2006 shall be construed so that: (a) references in sections 1159(1)(a) and (c) to voting rights are to the members’ rights to vote on all or substantially all matters which are decided by a vote of the members of the limited liability partnership; and (b) the reference in section 1159(1)(b) to the right to appoint or remove a majority of its board of directors is to the right to appoint or remove members holding a majority of the voting rights.



2.1 In consideration of the Customer agreeing to abide by the terms of this agreement and subject to the restrictions set out in this clause 2 and the other terms and conditions of this agreement, CybSafe hereby grants free of charge to the Customer a non-exclusive, non-transferable right to permit the Authorised Users to use the Services and the Documentation during the Free Trial Period solely for the Customer’s internal business operations.

2.2 In relation to the Authorised Users, the Customer undertakes that:

(a) the maximum number of Authorised Users that it authorises to access and use the Services and the Documentation shall not exceed 250;

(b) it will not allow or suffer any User Subscription to be used by more than one individual Authorised User;

(c) each Authorised User shall keep a secure password for his use of the Services and Documentation, and that each Authorised User shall keep his password confidential;

(d) it shall maintain a written, up to date list of current Authorised Users and provide such list to CybSafe within 5 Business Days of CybSafe’s written request at any time or times;

(e) it shall permit CybSafe to audit the Services in order to establish the name and password of each Authorised User. Such audit may be conducted no more than once per quarter, at CybSafe’s expense, and this right shall be exercised with reasonable prior notice, in such a manner as not to substantially interfere with the Customer’s normal conduct of business; and

(f) if any of the audits referred to in clause 2.2(e) reveal that any password has been provided to any individual who is not an Authorised User, then without prejudice to CybSafe’s other rights, the Customer shall promptly disable such passwords and CybSafe shall not issue any new passwords to any such individual.

2.3 The Customer shall not:

(a) except as may be allowed by any applicable law which is incapable of exclusion by agreement between the parties:

(i) and except to the extent expressly permitted under this agreement, attempt to copy, modify, duplicate, create derivative works from, frame, mirror, republish, download, display, transmit, or distribute all or any portion of the Software and/or Documentation (as applicable) in any form or media or by any means; or

(ii) attempt to reverse compile, disassemble, reverse engineer or otherwise reduce to human-perceivable form all or any part of the Software; or

(b) access all or any part of the Services and Documentation in order to build a product or service which competes with the Services and/or the Documentation; or

(c) use the Services and/or Documentation to provide services to third parties; or

(d) subject to clause 13.1, license, sell, rent, lease, transfer, assign, distribute, display, disclose, or otherwise commercially exploit, or otherwise make the Services and/or Documentation available to any third party except the Authorised Users, or

(e) attempt to obtain, or assist third parties in obtaining, access to the Services and/or Documentation, other than as provided under this clause 2; and

2.4 The Customer shall use all reasonable endeavours to prevent any unauthorised access to, or use of, the Services and/or the Documentation and, in the event of any such unauthorised access or use, promptly notify CybSafe.

The rights provided under this clause 2 are granted to the Customer only, and shall not be considered granted to any subsidiary or holding company of the Customer unless the Agreed Terms specifies otherwise.



3.1 CybSafe shall, during the Free Trial Period, provide the Services and make available the Documentation to the Customer on and subject to the terms of this agreement, however CybSafe makes no warranty or commitment that the Services will be available at any particular times.

3.2 CybSafe shall provide access to help desk technicians to help identify and resolve most support issues relating to the Services. Such support may be accessed by completing a support request form on the helpdesk support page. .



4.1 The Customer shall own all right, title and interest in and to all of the Customer Data and shall have sole responsibility for the legality, reliability, integrity, accuracy and quality of the Customer Data.

4.2 CybSafe shall follow its archiving procedures for Customer Data and the Analytical Data as set out in its Back-Up Policy available at https://cybsafe.com or such other website address as may be notified to the Customer from time to time, as such document may be amended by CybSafe in its sole discretion from time to time. In the event of any loss or damage to Customer Data or Analytical Data, the Customer’s sole and exclusive remedy shall be for CybSafe to use reasonable commercial endeavours to restore the lost or damaged Customer Data or Analytical Data from the latest back-up of such Customer Data or Analytical Data maintained by CybSafe in accordance with the archiving procedure described in its Back-Up Policy. CybSafe shall not be responsible for any loss, destruction, alteration or disclosure of Customer Data caused by any third party (except those third parties sub-contracted by CybSafe to perform services related to Customer Data maintenance and back-up).

4.3 CybSafe shall, in providing the Services, comply with its Privacy Policy relating to the privacy of the Customer Data available at https://cybsafe.com or such other website address as may be notified to the Customer from time to time, as such document may be amended from time to time by CybSafe in its sole discretion.

4.4 If CybSafe processes any Personal Data on the Customer’s behalf when performing its obligations under this agreement, the parties record their intention that the Customer shall be the data controller and CybSafe shall be a data processor.

4.5 Cybsafe shall comply with all Data Protection Laws (which apply to it in its capacity as a data processor) in connection with the processing of Personal Data in respect of the delivery of the Services and the exercise and performance of its rights and obligations under this Agreement.

4.6 The Customer shall comply with all Data Protection Laws (which apply to it in its capacity as a data controller) in connection with the processing of Personal Data in respect of the exercise and performance of its rights and obligations under this Agreement, and to enable Cybsafe to deliver the Services.

4.7 Instructions and details of processing – Insofar as Cybsafe processes Personal Data on behalf of the Customer:

4.7.1 unless required to do otherwise by applicable laws, Cybsafe shall (and shall ensure each person acting under its authority shall) process the Personal Data only on and in accordance with the Customer’s documented instructions as set out in this clause 4 and the Schedule (Data Processing Details), and as updated from time to time by the written agreement of the parties (Processing Instructions); and

4.7.2 if any applicable laws require it to process Personal Data other than in accordance with the Processing Instructions, Cybsafe shall notify the Customer of any such requirement before processing the Personal Data (unless any of the applicable laws prohibit such information on important grounds of public interest).

4.8 Technical and organisational measures – Cybsafe shall implement and maintain, at its cost and expense (taking into account those factors which it is entitled to take into account pursuant to the Data Protection Laws) appropriate technical and organisational measures in relation to the processing of Personal Data by Cybsafe:

4.8.1 so as to ensure a level of security in respect of the Personal Data processed by Cybsafe is appropriate to the risks that are presented by the processing, in particular from accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to Personal Data transmitted, stored or otherwise processed; and

4.8.2 without prejudice to clause 4.11, insofar as is possible, to assist the Customer in the fulfilment of the Customer’s obligations to respond to Data Subject Requests relating to Personal Data.

4.9 Using staff and other processors – Cybsafe shall not engage another Data Processor for carrying out any processing activities specifically for the Customer in respect of the Personal Data without the Customer’s prior written consent.

4.10 Cybsafe shall ensure that all Cybsafe personnel processing Personal Data:

4.10.1 are subject to obligations of confidentiality which apply, generally or specifically, to the Personal Data; and

4.10.2 are reliable and have received appropriate training on compliance with the Data Protection Laws.

4.11 Assistance with Customer’s Compliance with Data Subject Rights – Cybsafe shall:

4.11.1 record and then refer all Data Subject Requests it receives to the Customer, without undue delay;

4.11.2 provide such assistance to the Customer as the Customer reasonably requests in relation to a Data Subject Request; and

4.11.3 not respond to any Data Subject Request or Complaint without the Customer’s prior written approval.

4.12 Without prejudice to clause 4.11 Cybsafe shall, at its cost and expense, provide such assistance to the Customer as the Customer reasonably requires (taking into account the nature of processing and the information available to Cybsafe) in ensuring compliance with such obligations as apply to the Customer under Data Protection Laws, with respect to

4.12.1 security of processing;

4.12.2 Data Protection Impact Assessments (as such term is defined in the Data Protection Laws;

4.12.3 prior consultation with a Supervisory Authority regarding high risk processing.

4.13 International Data Transfer

4.13.1 Subject to clause 4.13.2, Cybsafe shall not engage another Data Processor (Sub Processor) for carrying out any processing activities in respect of the Personal Data without the Client’s prior written consent;

4.13.2 Subject to clause 4.13.3, and without prejudice to the generality of clause 4.13.1, the Customer consents to the appointment of Sub Processors in connection with certain tools used by Cybsafe to deliver the Services, and for the purpose of some web hosting undertaken for Cybsafe in connection with the Services and to the processing of Personal Data by each of such Sub Processors in accordance with the Data Processing Instructions.

4.13.3 Cybsafe may only transfer the Personal Data to the Sub Processors and permit the processing of Personal Data outside the EU under the following conditions:

(a) the Personal Data is being processed in a territory which is subject to a current finding by the European Commission under the Data Protection Laws that the territory provides adequate protection for the privacy rights of individuals; or

(b) Cybsafe participates in a valid cross-border transfer mechanism under the Data Protection Laws, and has entered into an agreement with each Sub Processor which includes the European Commission’s Standard Contractual Clauses for the transfer of Personal Data from the European Union to processors established in third countries, as set out in the Annex to Commission Decision 2010/87/EU

4.14 Records, Information and Audit – Cybsafe shall maintain complete, accurate and up to date written records of all categories of processing activities carried out on behalf of the Customer being:

4.14.1 the name and contact details of the Data Processor(s) and (subject to the Customer providing such information) of each Data Controller on behalf of which the Data Processor is acting, and of Cybsafe’s representative and data protection officer (if any);

4.14.2 the categories of processing carried out on behalf of each Data Controller;

4.14.3 where applicable, details of transfers of Personal Data to an International Recipient; and

4.14.4 where possible, a general description of the technical and organisational security measures referred to in clause 4.8.

4.15 Cybsafe shall make available to the Customer on request in a timely manner copies of the records under clause 4.14.

4.16 Subject to clause 4.22 Cybsafe shall allow for and contribute to audits, including inspections, conducted by the Customers or another auditor mandated by the Customer, for the purpose of demonstrating compliance by Cybsafe with its obligations under Data Protection Laws and under this clause 4.

4.17 Breach notification – In respect of any Personal Data Breach, Cybsafe shall:

4.17.1 notify the Customer of the Personal Data Breach without undue delay; and

4.17.2 provide the Customer without undue delay with such details as the Customer reasonably requires regarding:

(a) the nature of the Personal Data Breach, including the categories and approximate numbers of Data Subjects and Personal Data records concerned;

(b) the likely consequences of the Personal Data Breach; and

(c) any measures taken, or that Cybsafe recommends, to address the Personal Data Breach, including to mitigate its possible adverse effects,

provided that, (without prejudice to the above obligations) if Cybsafe cannot provide all these details without undue delay it shall provide the Customer with reasons for the delay and when it expects to be able to provide the relevant details (which may be phased), and give the Customer regular updates on these matters.

4.18 Each party shall promptly inform the other party if it receives a Complaint and provide the Customer with full details of such Complaint.

4.19 Deletion or return of Personal Data and copies – Cybsafe shall without delay, at the Customer’s written request, either securely delete or securely return all the Personal Data to the Customer after the end of the provision of the relevant Services related to processing unless:

4.19.1 storage of any data is required by applicable laws and, if so, Cybsafe shall inform the Customer of any such requirement); or

4.19.2 Cybsafe requires storage of any data for the establishment, exercise or defence of legal claims.

4.20 The Customer acknowledges that Cybsafe is reliant on the Customer for direction as to the extent to which Cybsafe is entitled to use and process the Personal Data. Consequently, Cybsafe will not be liable for any claim brought by a Data Subject arising from any action or omission by Cybsafe to the extent that such action or omission resulted from the Customer’s instructions or from the Customer’s failure to comply with Data Protection Laws or its obligations under this Agreement.

4.21 Without prejudice to clause 5.5 the Customer shall:

4.21.1 establish the legal basis under Data Protection Laws for the processing of the Personal Data by Cybsafe and any third parties for the delivery of the Services (including, in the absence of any other legal basis, all necessary consents);

4.21.2 provide Cybsafe with details of such legal basis.

4.22 Each audit and inspection referred to in clause 4.16 shall be carried out:

4.22.1 during normal business hours on at least 20 Business Days’ prior written notice to Cybsafe and shall take no longer than two Business Days;

4.22.2 not more than once in any twelve month period;

4.22.3 in a manner that is limited to that which is reasonably required to demonstrate compliance with Cybsafe’s obligations under the Data Protection Laws and this clause 4, without access to Cybsafe confidential information unrelated to this Agreement (including information relating to other customers of Cybsafe); and

4.22.4 in so far as reasonably possible, in a manner that minimises disruption to Cybsafe’s business and the delivery of the Services.



5.1 CybSafe’s aim is to provide Services to the Customer that are performed substantially in accordance with the Documentation, however as this agreement is a free trial, CybSafe give no contractual commitment or warranty regarding the Services.

5.2 Notwithstanding the foregoing, CybSafe:

(a) does not warrant that the Customer’s use of the Services will be uninterrupted or error-free; or that the Services, Documentation and/or the information obtained by the Customer through the Services will meet the Customer’s requirements; and

(b) is not responsible for any delays, delivery failures, or any other loss or damage resulting from the transfer of data over communications networks and facilities, including the internet, and the Customer acknowledges that the Services and Documentation may be subject to limitations, delays and other problems inherent in the use of such communications facilities.

(c) CybSafe reserves the right to perform maintenance on the Services at any time without notice.


6.1 The Customer shall:

(a) provide CybSafe with:

(i) all necessary co-operation in relation to this agreement; and

(ii) all necessary access to such information as may be required by CybSafe;

in order to provide the Services, including but not limited to Customer Data, security access information and configuration services; Our Business Terms (CybSafe Lite)

(b) comply with all applicable laws and regulations with respect to its activities under this agreement;

(c) carry out all other Customer responsibilities set out in this agreement in a timely and efficient manner. In the event of any delays in the Customer’s provision of such assistance as agreed by the parties, CybSafe may adjust any agreed timetable or delivery schedule as reasonably necessary;

(d) ensure that the Authorised Users use the Services and the Documentation in accordance with the terms and conditions of this agreement and shall be responsible for any Authorised User’s breach of this agreement;

(e) obtain and shall maintain all necessary licences, consents, and permissions necessary for CybSafe, its contractors and agents to perform their obligations under this agreement, including without limitation the Services;

(f) ensure that its network and systems comply with the relevant specifications provided by CybSafe from time to time; and

be solely responsible for procuring and maintaining its network connections and telecommunications links from its systems to CybSafe’s data centres, and all problems, conditions, delays, delivery failures and all other loss or damage arising from or relating to the Customer’s network connections or telecommunications links or caused by the internet.



7.1 The Customer acknowledges and agrees that CybSafe and/or its licensors own all intellectual property rights in the Services and the Documentation. Except as expressly stated herein, this agreement does not grant the Customer any rights to, or in, patents, copyright, database right, trade secrets, trade names, trade marks (whether registered or unregistered), or any other rights or licences in respect of the Services or the Documentation.

7.2 CybSafe confirms that it has all the rights in relation to the Services and the Documentation that are necessary to grant all the rights it purports to grant under, and in accordance with, the terms of this agreement.



8.1 Each party may be given access to Confidential Information from the other party in order to perform its obligations under this agreement. A party’s Confidential Information shall not be deemed to include information that:

(a) is or becomes publicly known other than through any act or omission of the receiving party;

(b) was in the other party’s lawful possession before the disclosure;

(c) is lawfully disclosed to the receiving party by a third party without restriction on disclosure;

(d) is independently developed by the receiving party, which independent development can be shown by written evidence; or

(e) is required to be disclosed by law, by any court of competent jurisdiction or by any regulatory or administrative body.


8.2 Each party shall hold the other’s Confidential Information in confidence and, unless required by law, not make the other’s Confidential Information available to any third party, or use the other’s Confidential Information for any purpose other than the implementation of this agreement.

8.3 Each party shall take all reasonable steps to ensure that the other’s Confidential Information to which it has access is not disclosed or distributed by its employees or agents in violation of the terms of this agreement.

8.4 Neither party shall be responsible for any loss, destruction, alteration or disclosure of Confidential Information caused by any third party.

8.5 The Customer acknowledges that details of the Services, and the results of any performance tests of the Services, constitute CybSafe’s Confidential Information.

8.6 CybSafe acknowledges that the Customer Data is the Confidential Information of the Customer.

8.7 This clause 8 shall survive termination of this agreement, however arising.

8.8 No party shall make, or permit any person to make, any public announcement concerning this agreement without the prior written consent of the other parties (such consent not to be unreasonably withheld or delayed), except as required by law, any governmental or regulatory authority (including, without limitation, any relevant securities exchange), any court or other authority of competent jurisdiction.



9.1 This clause 9 sets out the entire financial liability of CybSafe (including any liability for the acts or omissions of its employees, agents and sub-contractors) to the Customer:

(a) arising under or in connection with this agreement;

(b) in respect of any use made by the Customer of the Services and Documentation or any part of them; and

(c) in respect of any representation, statement or tortious act or omission (including negligence) arising under or in connection with this agreement.

9.2 Except as expressly and specifically provided in this agreement:

(a) the Customer assumes sole responsibility for results obtained from the use of the Services and the Documentation by the Customer, and for conclusions drawn from such use;

(b) all warranties, representations, conditions and all other terms of any kind whatsoever implied by statute or common law are, to the fullest extent permitted by applicable law, excluded from this agreement; and

(c) the Services and the Documentation are provided to the Customer on an “as is” basis.

9.3 Nothing in this agreement excludes the liability of CybSafe:

(a) for death or personal injury caused by CybSafe’s negligence; or

(b) for fraud or fraudulent misrepresentation.


9.4 Subject to clause 9.2 and clause 9.3:

(a) CybSafe shall not be liable whether in tort (including for negligence or breach of statutory duty), contract, misrepresentation, restitution or otherwise for any loss of profits, loss of business, depletion of goodwill and/or similar losses or loss or corruption of data or information, or pure economic loss, or for any special, indirect or consequential loss, costs, damages, charges or expenses however arising under this agreement; and

(b) CybSafe’s total aggregate liability in contract tort (including negligence or breach of statutory duty), misrepresentation, restitution or otherwise, arising in connection with the performance or contemplated performance of this agreement shall be limited to 10% of the value of the paid for product (CybSafe Pro) which is the commercial value of Services provided under this free trial agreement.



This agreement shall, unless otherwise terminated as provided in this clause 10, commence on the Effective Date and shall continue for the Free Trial Period after which period it shall terminate.

10.1 Without affecting any right or remedy available to it, either party may terminate this agreement with immediate effect by giving written notice to the other party.

10.2 On termination of this agreement for any reason:

(a) all licences granted under this agreement shall immediately terminate;

(b) CybSafe may terminate any licence granted to Authorised Users in connection with the use of a mobile application as part of the Services;

(c) each party shall return and make no further use of any equipment, property, Documentation and other items (and all copies of them) belonging to the other party;

(d) CybSafe may destroy or otherwise dispose of any of the Customer Data in its possession unless CybSafe receives, no later than ten days after the Effective Date of the termination of this agreement, a written request for the delivery to the Customer of the then most recent back-up of the Customer Data. CybSafe shall use reasonable commercial endeavours to deliver the back-up to the Customer within 30 days of its receipt of such a written request. The Customer shall pay all reasonable expenses incurred by CybSafe in returning or disposing of Customer Data or providing the Customer with a back-up copy of such data; and

(e) any rights, remedies, obligations or liabilities of the parties that have accrued up to the date of termination, including the right to claim damages in respect of any breach of the agreement which existed at or before the date of termination shall not be affected or prejudiced.


​​​​​​​11. FORCE MAJEURE

CybSafe shall have no liability to the Customer under this agreement if it is prevented from or delayed in performing its obligations under this agreement, or from carrying on its business, by acts, events, omissions or accidents beyond its reasonable control, including, without limitation, strikes, lock-outs or other industrial disputes (whether involving the workforce of CybSafe or any other party), failure of a utility service or transport or telecommunications network, act of God, war, riot, civil commotion, malicious damage, compliance with any law or governmental order, rule, regulation or direction, accident, breakdown of plant or machinery, fire, flood, storm or default of suppliers or sub-contractors, provided that the Customer is notified of such an event and its expected duration.



12.1 Conflict. If there is an inconsistency between any of the provisions in the Agreed Terms, the main body of this agreement and the Schedule, the provisions shall take precedence in the order stated in this clause 12.1.

12.2 Variation. No variation of this agreement shall be effective unless it is in writing and signed by the parties (or their authorised representatives).

12.3 Waiver. No failure or delay by a party to exercise any right or remedy provided under this agreement or by law shall constitute a waiver of that or any other right or remedy, nor shall it prevent or restrict the further exercise of that or any other right or remedy. No single or partial exercise of such right or remedy shall prevent or restrict the further exercise of that or any other right or remedy.

12.4 Rights and Remedies. Except as expressly provided in this agreement, the rights and remedies provided under this agreement are in addition to, and not exclusive of, any rights or remedies provided by law.

12.5 Severance. If any provision (or part of a provision) of this agreement is found by any court or administrative body of competent jurisdiction to be invalid, unenforceable or illegal, the other provisions shall remain in force.

12.6 If any invalid, unenforceable or illegal provision would be valid, enforceable or legal if some part of it were deleted, the provision shall apply with whatever modification is necessary to give effect to the commercial intention of the parties.

12.7 Entire Agreement. This agreement, and any documents referred to in it, constitute the whole agreement between the parties and supersede any previous arrangement, understanding or agreement between them relating to the subject matter they cover.

12.8 Each of the parties acknowledges and agrees that in entering into this agreement it does not rely on any undertaking, promise, assurance, statement, representation, warranty or understanding (whether in writing or not) of any person (whether party to this agreement or not) relating to the subject matter of this agreement, other than as expressly set out in this agreement.

12.9 No Partnership or Agency. Nothing in this agreement is intended to or shall operate to create a partnership between the parties, or authorise either party to act as agent for the other, and neither party shall have the authority to act in the name or on behalf of or otherwise to bind the other in any way (including, but not limited to, the making of any representation or warranty, the assumption of any obligation or liability and the exercise of any right or power).

12.10 Third Party Rights. This agreement does not confer any rights on any person or party (other than the parties to this agreement and, where applicable, their successors and permitted assigns) pursuant to the Contracts (Rights of Third Parties) Act 1999.



13.1 The Customer shall not, without the prior written consent of CybSafe assign, transfer, charge, sub-contract or deal in any other manner with all or any of its rights or obligations under this agreement.

13.2 CybSafe may at any time assign, transfer, charge, sub-contract or deal in any other manner with all or any of its rights or obligations under this agreement.



14.1 Any notice required to be given under this agreement shall be in writing and shall be delivered by email. Notices to CybSafe shall be sent to support@cybsafe.com and notices to the Customer shall be sent to the email address given when requesting the free trial. Either party may notify to the other party an alternative address.

14.2 A notice delivered by email shall be deemed to have been received when delivered (or if delivery is not in business hours, at 9 am on the first business day following delivery).



15.1 This agreement and any dispute or claim arising out of or in connection with it or its subject matter or formation (including non-contractual disputes or claims) shall be governed by and construed in accordance with the law of England and Wales.

15.2 Each party irrevocably agrees that the courts of England and Wales shall have exclusive jurisdiction to settle any dispute or claim arising out of or in connection with this agreement or its subject matter or formation (including non-contractual disputes or claims).

THIS AGREEMENT has been entered into on the date stated at the beginning of it.



Subject matter of processing

Cybsafe is providing the Services to the Customer through a unified cyber awareness platform which educates Authorised Users via a range of modules designed to optimise behavioural change.


Duration of Processing

Personal Data will be processed for the duration of this Agreement


Nature and Purpose of Processing

Cybsafe will process the Personal Data in order to identify and authenticate Authorised Users, give the Customer and Authorised Users access to the learning modules, analyse the levels of understanding and improvements in behaviour of Authorised Users in relation to cyber security and provide analyses to the Customer.

Cybsafe will anonymise the Personal Data for use as comparative and statistical information.


Types of Personal Data to be Processed

Data of Authorised Users to be processed will be:

  • • Name
  • • Business e-mail address
  • • Personal e-mail address (if shared),
  • • Gender
  • • Age


Categories of Data Subjects

The Data Subjects will be employees, agents and independent contractors of the Customer authorised to use the Services.


Transfers of Personal Data to a country outside EU/international organisation
Some third party tools – such as Google Analytics – used by Cybsafe to deliver the Services involve personal data being processed in the USA. This is only done under the legally binding personal data protection terms of EU-US Privacy Shield Agreement.