24x7 continuous auditing that monitors your network
Instant, no obligation spot audit
These general conditions of use are concluded between the company PROHACKTIVE, a simplified joint stock company with a share capital of 1642.00 euros, registered with the R.C.S of GAP under the number 835 267 246, and whose registered office is located at 8 rue des métiers, 05000 GAP, France, represented by Mr Benoit MALCHROWICZ, acting in his capacity as legal representative (hereinafter referred to as the "representative");(hereinafter referred to as the "Customer") and the legal entity under private law as identified in the Order Form (hereinafter referred to as the "Customer"), excluding any natural person. ProHacktive and the Customer hereinafter referred to as the "Parties".
Warning: The Customer declares and acknowledges that he/she has read and understood these general terms and conditions of use when subscribing to a Subscription to the Services for the purpose of operating the Solution. The signing of the Order Form automatically entails full acceptance of the present terms and conditions and takes precedence over all other general terms and conditions of purchase, which the Customer expressly acknowledges.
Subscription: means the method of subscription to the Services and payment of the Price as negotiated with a Prescriber.
Order Form: dés the form provided by the Prescriber, attached to the Prescriber's general terms and conditions of sale specifying the nature and Price of the Services subscribed to by the Customer under the Subscription. The Order Form forms an integral part of the Contract.
Customer: means the legal entity identified in the Order Form and subscribing, for its own needs and in direct relation to its professional activity, a Subscription with a Prescriber for the purpose of using the Services.
General Terms and Conditions of Use: hereby signs this document.
Contract: désign together the Order Form, the General Terms and Conditions of Sale of the Prescriber as well as its appendices provided by the latter to the end customer. The Customer's agreement to the General Terms and Conditions of Use is a condition of the signing of the Contract.
The Customer shall be responsible for the performance of the Contract.
Equipment: means all the equipment, as defined in the User Manual in Appendix 1, made available to the Customer by ProHacktive for the purpose of providing the Services, and including in particular the box and its accessories.
Upgrade(s): means the operation(s) to upgrade, update or replace all or part of the Solution, whether it be the Equipment and/or the embedded software.
Prescriber : A person or company in direct relation with the Customer benefiting from the service.
Price: means the amount of the financial consideration for the Subscription to the Services, which is the subject of the Contract between the Client and the Prescriber and defined in the Order Form.
Solution: means all the Equipment provided by ProHacktive as well as the software embedded in the latter, activated according to the terms and conditions described in the User Guide attached as Appendix 2, and operated through the provision of the Services.
Services: means all services provided by ProHacktive as described in Article 3 of the Agreement, and enabling the implementation of the Solution.
Computer Workstation: means the point of access to all the functionality of a computer application and operating system, in particular to computer resources.
User: means the natural person who uses a Computer Workstation.
The purpose of the Agreement is to set out the legal and technical conditions under which ProHacktive, on the one hand, provides the Customer with the Services enabling the Solution to be operated, and on the other hand, concèto the Customer, who accepts it, a personal, non-transferable and non-exclusive right to use the Solution, the description and specifications of which are set out in the user manual attached in Appendix 1.
The Services include:
i. The provision of the Equipment necessary for the implementation of the Solution as detailed in the User Manual in Appendix 1;
ii. The provision of a non-exclusive licence to use the Solution as framed within Article 5 of the Agreement allowing the protection of the Customer's network vulnerabilities;
iii. The maintenance and updating services of the Solution.
Any use of the Services is subject to the Customer's compliance with the stipulations of the Contract. At the request of the Prescriber, in the event of a breach of the provisions of the Agreement, ProHacktive may cease the provision of the Services.
At the request of the Prescriber, ProHacktive may cease the provision of the Services.
Firstly, it is recalled that the Services, including the provision of the Equipment, are conditional upon the subscription to a Subscription and the Customer's agreement to the General Conditions of Use. The Customer may only use the Services on a single network of which he is the owner, system master and/or authorised administrator. If the Customer wishes to extend the benefit of the Services beyond a single network, as many Subscriptions must be taken out as there are networks considered to be owned by a Prescriber.
The Customer is responsible for the use of the Services.
Access to the Services requires at a minimum the existence of i) a telephone line, ii) an internet subscription, and iii) the connection of the Equipment to a compatible IP network via an Ethernet connection (an RJ45 cable being provided for this purpose).The Customer is hereby informed that.
The Customer is informed that connection via the Wi-Fi antenna of the Solution only is advised by ProHacktive. As this feature is mainly used for the isolation of specific stations on the Customer's network, its use other than on a one-off basis may cause bandwidth problems affecting the normal operation of the Solution and the Customer's network.
The Customer is hereby informed that the use of the Wi-Fi antenna only is recommended by ProHacktive.
Therefore, it is up to the Customer to check the compatibility of its information system with the Equipment prior to subscribing to the Services.
Activation of the Solution requires following the steps for connecting the Equipment as set out in the User Guide in Appendix 2.
The Customer's contact will receive, by email or by SMS according to the indications provided on the Order Form when subscribing to the Services, which are transmitted to ProHacktive by the Prescriber, a connection link (URL) allowing access to the home page of the user interface of the Solution. The Customer undertakes to provide a mobile phone number or a valid email address in order to obtain communication of a single-use access code enabling him to connect to the Solution.
From the activation of the Solution and throughout the term of the Agreement, ProHacktive may deploy an Update, on a discrete basis and in order to ensure the continuity of the provision of the Services.
Updating the Solution is necessary for its effective operation and, in particular, to keep the catalogue of vulnerabilities potentially encountered during the analysis of the Client's network by the Solution up to date for the purpose of determining the associated risks.
Each Update may add or remove features and/or components of the Solution at ProHacktive's discretion and shall be considered an integral part of the Solution for purposes of these Terms of Service.
The Customer shall not be entitled to refuse or postpone its installation.
The disruption of the Upgrade may result in a disruption of the operation of the Solution, the Customer will notify ProHacktive of any disruption of this process or disablement of the Solution by the contact means in Article 13 of these Terms and Conditions so that ProHacktive can remedy the disruption.
ProHacktive undertakes to exercise due care and diligence in the provision of the Services in accordance with the state of the art and the usual practices of the profession. In this respect, ProHacktive is bound by an obligation of means (Article 7).
The Customer is responsible for the performance of the Services.
The Client acknowledges and agrees that:
- Having been fully informed by the Prescriber of the characteristics of the Solution and the nature of the Services;
- Having subscribed to the Subscription with full knowledge of the facts and consenting without conditions or reservations to the terms of these General Terms of Use.
ProHacktive makes available to the Customer for the entire duration of the Subscription the Equipment which remains its full and complete property.
The installation of the Equipment is carried out under the sole and exclusive responsibility of the Customer and the Customer undertakes to comply with all the regulations relating to its installation and use (in particular the conditions of use and product specifications indicated in Appendix 1 and Appendix 2).
The Customer shall not be liable for any loss or damage arising from the installation of the Equipment.
The purpose of the Solution that is the subject of these General Terms of Use, as well as the Services that enable its implementation, is to assist the Client in theidentification and evaluation of the potential vulnerabilities of its computer network, strictly for the purpose of enabling it to prevent potential risks to its security.
The Solution performs an analysis of the Customer's network and allows for intrusion testing, which the Customer expressly acknowledges and authorises.
The analysis and intrusion test methods are described in the user manual in Appendix 1 and on the technical support for the solution (available at the following URL: https://prohacktive.io/en/support
The Customer, having sole and complete control of the Solution, expressly acknowledges that ProHacktive does not access, maintain, or infringe upon its network as part of the analysis and intrusion operations implemented by the Customer.
The Customer consents to the implementation of the Services by ProHacktive and shall not institute any legal proceedings against ProHacktive as a result of the security tests;The Customer shall not be liable to ProHacktive for any legal action arising out of the security testing (including any unauthorized access to, or retention in, the Customer's network) performed by the Customer using the Solution.
The Customer undertakes to use the Solution and the Equipment for non-commercial and reasonable purposes, and in all cases:
i. in accordance with current French and European legislation, their functions and destinations.
ii. on the only proprietary computer network where the Solution was initially connected and deployed.
ProHacktive shall not be liable for any non-conforming use of the Solution by the Customer, who shall indemnify ProHacktive against any claim or action by a third party in this respect.
The Customer undertakes to use its best efforts to apply the User Charter and the minimum security policy communicated by ProHacktive in Appendix 3, in order to fully benefit from the capabilities of the Solution.
The Customer undertakes to take all necessary precautions to protect its data, applications and information systems, prior to the deployment of the Solution and throughout the contractual relationship between the Parties, in particular by means of regular backups.
The conservation of the audit reports of the vulnerabilities managed by the Solution is the exclusive responsibility of the Customer. ProHacktive shall not access or collect these reports, which shall therefore not be subject to any restitution at the end of the contractual relationship between the Parties.
ProHacktive undertakes to use its best efforts to ensure that the Solution is available 24 hours a day, 7 days a week. However, access to the Solution may be temporarily unavailable for technical reasons. ProHacktive disclaims all responsibility for, but not limited to, the following
- Interruption of the Solution for technical maintenance operations or updating of published information.
- In the event of the impossibility of accessing the Solution (and/or the websites and applications linked to it) due to technical problems, whatever their origin and provenance.
- Unavailability or overloading or any other cause preventing the normal operation of the mobile telephone network used to access the Solution.
- From contamination by possible computer viruses circulating on the bucket.
- Direct or indirect damage caused by the Client, whatever its nature, resulting from access to, or use of, the Solution (and/or the websites and applications linked to it).
- Abnormal use or unlawful exploitation of the Solution (and/or the websites and applications linked to it).
- From the loss by the Customer of his login and/or password or any physical or virtual means (mobile phone, email identifiers) necessary to connect to the Solution (and/or to the websites and applications linked to it) or in the event of usurpation of his identity.
ProHacktive provides the Customer with an online support service at the following address: https://prohacktive.io/en/support, or by email, during working hours, to the Contact address given in section 13 below.
These General Terms of Use do not transfer to the Customer any proprietary rights, or any other intellectual property rights, including but not limited to copyrights, trademarks, patents, know-how relating to the Solution and any documentation transmitted by ProHacktive to the Customer. Consequently, the Solution remains, in all circumstances, the exclusive property of ProHacktive.
In accordance with Article 2 of these General Terms of Use, the license granted by ProHacktive concèto the Customer, who accepts it, a personal, non-exclusive, non-transferable right of use, and without the possibility of sub-licensing, for the duration of the Agreement.
The licence to use is granted on the Customer's site as defined in the Order Form.
The rights granted to the Customer for the use of the Solution do not imply any assignment or authorisation to exploit or use any of the elements that make up the Solution. The Solution remains the exclusive property of ProHacktive and/or the authors of the bricks that compose it.
Any representation or reproduction, re-distribution, adaptation, translation and/or transformation, whether partial or complete, use of all or part of the elements of the Solution, by any means whatsoever, without the authorisation of the author, is prohibited; The use of the Solution, in whole or in part, for training purposes, by any means whatsoever, without the express authorization of ProHacktive, is prohibited and would constitute, in particular, but not exclusively, an infringement punishable by the provisions of the Code of intellectual property likely to engage the civil and criminal liability of the infringer. Accordingly, the Customer shall refrain from any action and any act likely to infringe directly or indirectly the intellectual property rights of ProHacktive.
The Customer agrees to comply with the terms of this Agreement.
The Customer agrees in particular not to make any modification, alteration, translation or arrangement of the Solution made available to him, without the prior written consent of ProHacktive.
Any breach of these obligations will result in the termination of this Agreement by operation of law, to the detriment and grievance of the Customer and under the conditions set forth in Article 12 hereof.
ProHacktive shall have the sole right to exercise the rights set forth in the first and second paragraphs of Article L.122-6 of the Intellectual Property Code.
The Customer shall not be entitled to any other rights than those set forth in this Agreement.
In the event that the Customer wishes to exercise any of the rights set out in Article L.122-6-1-IV of the French Intellectual Property Code, the Customer shall be deemed to have exercised the rights set out in that Article.IV of the Intellectual Property Code, ProHacktive will provide the Customer with the necessary equipment to exercise these rights at the rate in force on the day of the request.
Some of the tools or software bricks used by and/or forming an integral part of the Solution are distributed by ProHacktive under the terms of their own licenses.
ProHacktive makes these free software components available to the Customer on an "as is" basis, without any representation or warranty of any kind, express, implied, statutory or otherwise (in addition to the statutory warranty for latent defects). In particular, warranties regarding the marketability, conformity, and apparent defects of these items are excluded.
The list of tools and equipment and their use is not binding.
The list of tools and software bricks concerned, as well as the links allowing access to and consultation of the licences governing their distribution, are communicated to the Client via the user interface of the Solution. The list and said licenses can be consulted on the ProHacktive website at the following address:https://prohacktive.io/en/support.
The Customer undertakes to take cognisance of and comply with the stipulations of the applicable licences for these elements of the Solution. Any use of any of these elements makes the Customer unconditionally accept the terms of the license applicable to him.
The Customer agrees to comply with the terms of the license applicable to him.
The Solution is used under the sole direction, control and responsibility of the Customer, who is responsible for taking all appropriate measures to protect himself against any harmful consequences arising from its use.
ProHacktive makes no warranty as to the ability of the Solution to meet the Customer's needs, nor as to its compatibility with any computer program used in conjunction with it, or as to the load imposed on the Customer's information system and/or network by use of the Solution.
Therefore, it is up to the Client to accurately assess its needs, to learn the suitability of the Solution; They will also ensure that they have the necessary skills to use it and a compatible environment.The technical service of the company is responsible for the implementation of the project.
ProHacktive's technical service is available during business hours by the means of contact detailed in Article 13 hereof in order to provide the Customer with any additional information required. Thus, the Customer acknowledges having received all necessary information from ProHacktive.
ProHacktive makes no warranty that it owns all rights in the Solution, the license being taken at the Customer's risk.
With the exception of the public order guarantees imposed by the applicable law, ProHacktive will not be held liable to the Customer, on the basis of any legal theory, nor for any direct, indirect, material or moral prejudice, resulting from the performance of the Solution;cution of this Agreement or the use of the freely licensed materials, the communication of which is provided for in Article 5 hereof, even if ProHacktive was aware of the possible existence of such a prejudice.
- On the ability of the Solution to detect an attack from an internal enterprise resource, or from partners with access to the enterprise's information system,
- On the consequences of using the Solution outside the company's network or for malicious purposes (exploitation of identified vulnerabilities),
- The export of data from the Solution or user login information,
- In the event of modifications to the Equipment, the opening of the box or an attempt to repair the embedded software,
- In the event of resale or transfer of the Solution to a third party.
ProHacktive is subject to an obligation of means. ProHacktive's liability is limited to direct material damages, excluding indirect, incidental or consequential damages, such as loss of data, loss of turnover, loss of profits, loss of customers, loss of business or loss of profits;exploitation or loss of profit or loss of opportunity, moral prejudice or damage to brand image and legal or administrative action by third parties, suffered by the Customer in the context of the provision of the Services and the use of the Solution.
ProHacktive is responsible for the proper performance of its contractual obligations, however its liability shall not be engaged for any damage resulting from any of the following cases:
i. The instability of the Client's Internet connection, making it difficult or impossible to access the Services;
ii. The tampering with the Customer's connection identifiers making the Services accessible to an unauthorised third party;
iii. The misuse of the Solution and/or the Services by the Client;
iv. The non-performance or poor performance of the General Conditions of Use attributable to the impregnable and insurmountable act of a third party to the Contract;
v. The failure of the Client to comply with the instructions and recommendations given by the Prescriber making it difficult or impossible to provide the Services and/or to operate the Solution, including the incorrect installation and connection of the solution;
vi. The defect caused by another application not provided by ProHacktive and making it difficult or impossible to provide the Services and/or operate the Solution;
vii. The malfunctioning of the Client's computer equipment, and in particular the Users' Computer Workstations and locally installed software or software packages;
viii. The presence of any form of malicious software on the Computer Workstations of Users of the Customer's network;
ix. Modification or alteration of the Equipment and/or the Solution by the Customer, in breach of the provisions of these presents;
x. The cessation of the supply of any of the Services constituting an incident having the characteristics of force majeure or act of God and passing the countermeasures commonly accepted in the profession.
In any case, the total amount of damages paid by ProHacktive shall not exceed the amount of the payments made by the Customer and actually lost;The Customer shall be responsible for the payment of the fees paid by ProHacktive to the Prescriber for the four (4) months of the Subscription prior to the date of the event for which the Prescriber is responsible. The Customer declares and acknowledges that the agreed prices reflect the division of risk between the parties and the resulting limitation of liability.
The Customer undertakes to collect and process any personal data in accordance with the regulations in force applicable to the processing of such data, and in particular the Law relating to information technology, files and freedoms no. 78-17 of 6 January 1978 as amended;e and the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data (hereinafter referred to as the "GDPR").
The Customer remains the sole and exclusive controller and retains full control over its own personal data files as well as the purpose of the processing operated by the Solution and the personal data that will be processed.
ProHacktive does not participate in the data processing operated by the Customer.
No personal data is accessed or stored by ProHacktive in the course of providing the Services.
Only the information required to complete the initial configuration (name, surname, email and mobile of the contractual tool administrator) and the information required for billing (billing details and contractual administrator details) are retained, for the purpose of the proper performance of the Services.
In addition, anonymous statistical data are sent back by the Equipment (IP of the box, evolution of the number of objects connected to the network, evolution of the number of objects connected to the network by criticality level, etc.);(e.g., network by criticality level, number of vulnerabilities by criticality level, overall safety rating of ProHacktive, version of the Update).
Over and above these events, the only data exchanges between ProHacktive and the Solution are the regular Updates performed through a secure VPN channel and a signal (Ping) sent by the Solution to signal its proper functioning.
ProHacktive has observed in the design of the Solution the principles of Privacy by Design and the restriction of retention periods of the latter.
Thus, ProHacktive informs the Customer that the Solution operates a personal data processing insofar as it allows the identification of the posts on the network analyzed and processes technical identifiers such as IP addresses.
The data contained in the reports is kept on the internal memory of the Solution for a period of one (1) year in order to allow the Client to check and compare the audit reports over a full fiscal year.
The processing may involve employees of the Client's company. ProHacktive draws the Client's attention to the need to consult the representative bodies of the employees before implementing the processing;ProHacktive draws the Client's attention to the need to consult the staff representative bodies before its implementation and to the need to put in place adequate information measures for the persons concerned.
ProHacktive is aware of, and complies with, the regulations in force applicable to the processing of personal data and in particular the RGPD.
In this respect, ProHacktive informs the Customer that the personal data concerning him/her are subject to automated processing in the context of the subscription to a Subscription, and this in particular in the context of the use of the Service; This processing is carried out for the purpose of creating files intended (i) to manage customers and prospects, and (ii) to monitor the resolution of Incidents. These processing operations concern in particular data relating to invoicing and the configuration of the Equipment and are necessary for the performance of the Services.
The categories of data processed are contact information and all administrative information necessary for the management of the subscription (in particular billing information such as bank details, SEPA mandate, subscription number and version of the Solution).
This data is processed for the duration of the contractual relationship and the legal services in force.
No transfer of such data outside the territory of the European Union and the European Economic Area shall be made in connection with this processing.
In respect of this processing, the Customer, or any member of his or her duly authorised staff, has the right to access, modify, rectify, oppose, limit, portability and delete data of a personal nature concerning him or her.
These rights may be exercised, at any time and under the conditions laid down by law, by the means of contact specified in Article 13 below.
Each of the Parties undertakes to keep confidential the data and information of the other Party, of whatever nature (commercial, industrial, technical, financial, etc.), including:
- The know-how and the technical characteristics of the processes of the Solution and the Equipment made available by ProHacktive,
- The characteristics of the infrastructures used by the Client as well as any information transmitted within the framework of the execution of the Services.
The information concerning the infrastructures and equipment of the Customer, as well as the information contained in the security reports issued by the Solution are not communicated to ProHacktive.
On their return the Equipment will be re-initialized and the information they contain will not be retained by ProHacktive.
ProHacktive certifies that it holds an insurance policy, with a solvent insurance company, covering its professional civil liability and its operating civil liability.
The Client undertakes to take out an insurance policy with a solvent insurance company covering all risks related to the use of the Services and all damage, material and immaterial, direct and indirect, which may occur during the contractual relationship.
The General Conditions of Use take effect from the signing of the Order Form by the Customer with the Prescriber and for the entire duration of the licence to use the Solution.
These General Terms and Conditions of Use represent the entirety of the agreement between the Customer and ProHacktive and supersede any prior agreement relating to the same subject matter.
No modification of the Terms and Conditions of Use shall be effective without the signature of an amendment by both Parties.
The fact that one or other of the Parties does not avail itself of one or more provisions of the General Conditions of Use shall in no way imply a waiver by that Party of its right to avail itself of such provision(s) at a later date.
If any provision of the Terms of Use is contrary to any applicable law or regulation, such provision shall be deemed to be waived;This does not affect the validity of the other provisions of these Terms of Use.
The language applicable to the contractual relations is French.
Any questions regarding the Box and/or Services should be addressed by:
- Mail addressed to ProHacktive's head office, 8 rue des métiers, 05000 GAP, France;
- Email to: support@prohacktive.io.
The parties agree to submit any dispute relating to the interpretation or enforcement of these General Terms and Conditions of Use to French law and to the exclusive jurisdiction of the courts within the jurisdiction of the Paris Court of Appeal.
The parties agree to submit any dispute relating to the Customer is invited to contact the services of ProHacktive in accordance with Article 13 hereof in order to reach an agreement with ProHacktive;The Customer is invited to contact ProHacktive services in accordance with Article 13 hereof with a view to reaching an amicable agreement in the event of any dispute and/or to consider whether it would be appropriate to initiate a dispute resolution procedure.
The appendices are freely available at the following URL: https://prohacktive.io/en/support
I. Appendix 1: User Manual
II. Appendix 2: Operating Instructions
III. Appendix 3: Charter for the Use of Computer Resources and Internet Services
IV. Appendix 4: Security Information Systems Policy