1.1 These Terms of Use (“ToU”) apply to the contracts between Monitrd AG and its Customers. By accepting the offer, the Customer acknowledges these Terms of Use. The ToU is an integral part of all contracts between Monitrd AG and the Customer. They take precedence over any General Terms and Conditions of the Customer.
1.2 These Terms of Use may be amended by Monitrd AG at any time. If the Customer does not reject the new ToU within a period of 30 days after notification, they shall be deemed to have been approved. The current version of the ToU will be published on the Provider’s website (scanmeter.io).
Monitrd AG: The company providing the services described in this document (hereinafter referred as “Provider”).
Customer: The individual or entity that has entered into a contract with the Provider for the use of its services.
scanmeter: The service(s) offered by the Provider, which helps identify software vulnerabilities, including the software, the platform, the scanmeter.io app and associated products and devices. The Customer needs a login to use scanmeter (customer portal).
Service(s): The services provided by Monitrd AG, including scanmeter to help identify vulnerabilities in software.
Target: A unit which is under assessment by scanmeter, such as asingle IP address or domain name, such as ‘example.com’ or ‘1.2.3.4’. Each Target may be monitored or assessed separately to help identify vulnerabilities.
Tenant: A separated environment within scanmeter allocated to a specific Customer, allowing for the separation and management of data and services.
Contract/Agreement: The agreement between Monitrd AG and the Customer, which includes this ToU.
Contract Period: The duration of time during which the contract between the Provider and the Customer is in effect, starting from the acceptance of the offer or the use of services and ending upon termination by either party as outlined in this ToU.
Subscription term: The specific period during which the Customer is entitled to receive the Services as specified in the Contract, e.g. monthly or yearly. At the end of the subscription term, the contract is automatically renewed for the same term, unless cancelled by either party.
Business Days / Working Hours: Monday to Friday, 9:00–12:00 and 13:00–17:00 CET, during which Monitrd AG provides customer support. Support is not available on public or bank holidays in Zurich, Switzerland.
3.1. This ToU governs the use of all Services that the Provider offers to the Customer, primarily including scanmeter to help identify vulnerabilities in software and digital infrastructure. Within scanmeter the Customers can manage all aspects of their vulnerability management. Each Customer has their own separated tenant within scanmeter, where they can define targets. The Provider can also provide related or additional services in various areas. For the scope and conditions of these services, please refer to the current service description on the Provider’s website.
3.2. scanmeter is primarily offered on a Software as a Service (“SaaS”) basis. Upon request and for an additional service fee agreed upon beforehand, scanmeter can be installed locally on the Customer’s premises. In such cases, the Provider must have access to the system to perform necessary updates. Update fees must be agreed upon in advance. If the Provider is not provided access for updates, functionalities cannot be maintained and all liability is waived.
4.1. During the term of the contract, the Customer is granted a limited, non-transferable, non-exclusive, revocable license to use the Services solely for its internal business purposes. This license does not grant the Customer any ownership rights or rights to sublicense, modify, copy, distribute, share with third parties or create derivative works from the services or any components thereof. The Customer may not provide direct access to scanmeter to any other entity, client or affiliate, unless explicitly authorized by the Provider. The intellectual property rights of the Provider as set out in Section 11 shall not be infringed.
5.1. Upon entering into a contract with the Provider, the Customer will receive an onboarding guide outlining the steps required to initiate the scanmeter Service. This process includes setting up access credentials, adding Targets to be assessed, and configuring any necessary settings to facilitate the assessment process. The Provider will provide onboarding support during working hours to ensure a smooth service initiation.
6.1. The Provider aims to provide Services without interruptions but may need to carry out maintenance, updates, or take measures to ensure the security of the infrastructure. Whenever possible, the Provider will schedule interruptions during times that minimize the impact on Customers. Customers will be informed in advance when feasible.
6.2. The Provider’s Services may have (temporary or permanent) impacts on the Customer’s systems. These impacts could include, but are not limited to:
6.3. The Customer acknowledges that such impacts are a normal part of the assessment process and agrees to accept these (temporary or permanent) effects in the interest of improving overall system security. The Provider will take reasonable measures to minimize these impacts where possible. The Customer is responsible for taking adequate precautions (e.g. data backups according to section 8.3, using a test environment).
7.1. During Working Hours, Customers can contact the Provider’s support according to the information on the website. The Provider aims to respond to support requests within one business day. In cases of critical issues affecting service availability, Customers can indicate the priority level when contacting support.
8.1. Customers are entitled to use the Services of the Provider, including scanmeter, as defined in their contract and the present ToU. The Services must be used in a lawful and appropriate manner.
8.2. scanmeter resources are intended for average usage (“Fair Use”). If a Customer exceeds normal resource use (e.g., storage, network traffic, or support), the Provider may offer an upgraded usage agreement. If this offer is not accepted or the Customer uses scanmeter excessively to the detriment of the Provider, the Provider reserves the right to restrict Services or terminate the contract according to Section 14.4.
8.3. The Customer is solely responsible for data backups (i) before starting the assessment process with scanmeter, (ii) during the contractual relationship and (iii) after termination of this Agreement. The Provider does not provide backups of the Customer’s data and is entitled to irrevocably delete all existing data one month after termination of the Agreement.
8.4. The Customer is responsible for all systems submitted for assessing via scanmeter. The Customer confirms that he is authorised to carry out the assessing process and ensures that no third-party rights are infringed.
8.5. The Customer acknowledges that the Provider may conduct software updates or hardware upgrades which may require adjustments at the Customer’s end to maintain compatibility.
8.6. The Customer must keep its contact details and account information up to date. The Provider may not consider and is not responsible for verifying outdated contact information.
8.7. The Customer must use strong passwords, keep them confidential, and notify the Provider immediately of any account misuse.
8.8. Customers do not have physical access to server rooms or infrastructure operated by the Provider or its partners.
8.9. If the Customer violates any obligations under these ToU or other contractual provisions, if the software being tested is not owned by or under control of the Customer, the Provider is authorized to temporarily or permanently restrict or block the access to scanmeter and all Services of the Provider. The Provider may charge any costs related to these actions and may request a security deposit to cover future expenses. If this deposit is not paid, or the requests are ignored, the Provider may suspend services or terminate the contract without notice.
9.1. The Customer is responsible for implementing appropriate measures to back up their data and ensure recovery in case of loss or unauthorized alteration. The Provider recommends regular data backups.
9.2. The Provider conducts data backups based on the service package selected by the Customer. In some cases, such as maintenance, system issues, or infrastructure upgrades, it may be impossible for the Provider to perform backups or restore data within certain time frames. Temporary data, such as files stored temporarily, are excluded from recovery.
10.1. The Provider may hire subcontractors/third parties for the fulfilment of the contractual Services, e.g. for software programming. In the case of subcontracting, the Provider shall be responsible for the careful instruction of the subcontractors.
10.2. The warranty and liability for subcontractors/third parties are excluded as far as legally permissible according to Section 13.4.
11.1. All intellectual property rights to the Provider’s Services – including software, templates, data, algorithms, reports, models, and all accompanying documentation, as well as all hardware components utilized in delivering the Services – shall remain the sole and exclusive property of the Provider or its partners.
11.2. This also includes any updates, modifications, enhancements, or improvements made during the contract period, whether initiated by the Provider or resulting from Customer feedback, suggestions, or collaboration. The Customer shall have no right to compensation or ownership of any such derivative improvements.
11.3. The Customer shall not, under any circumstances (i) attempt to reverse engineer, decompile, disassemble, or derive source code from any software or service components provided by the Provider, (ii) attempt to modify, adapt, or create derivative works from the services or intellectual property without prior written consent, or (iii) use any information or software to develop or create a competing product.
12.1. The Customer agrees to pay to the Provider the fee agreed for the Services ordered in accordance with its subscription. The value-added tax (VAT) shall be charged additionally.
12.2. The fee is to be paid in advance, unless otherwise agreed in writing. The Provider typically invoices Customers in advance for the chosen subscription term. Unless otherwise stated, invoices are payable within 30 days.
12.3. If the payment deadline is missed, the Customer is in default, and the Provider may charge 5% interest per year and a fee of CHF 20.- per reminder starting from the second notice.
12.4. In the event of a delay in payment, the Provider is entitled to temporarily block the Customer’s account, thereby blocking access to all Services of the Provider. In this case, the agreed fee shall remain fully payable, even during the time that the account is blocked. Access will be reactivated after the outstanding invoices have been paid. Section 14.4. remains reserved.
12.5. Customers cannot offset their claims against claims from the Provider without prior written consent.
13.1. The Provider aims to provide Services with care and expertise. However, uninterrupted availability or timely, accurate data cannot be guaranteed. The Customer acknowledges that the Provider’s Services do not guarantee the achievement of specific business goals. If an issue arises, the Customer must submit a notice (written or via email). The Provider will be given a reasonable period of time (at least 30 days) to resolve the issue.
13.2. The Customer undertakes to indemnify the Provider against all third-party claims arising from their actions or those of users under their control, as well as based on the data stored by the Customer and to reimburse the Provider for all costs incurred by the Provider due to possible infringements of rights.
13.3. To the extent permitted by law, the Provider excludes all liability towards the Customer (or any third party), in particular for the fulfilment of its contractual and non-contractual obligations and for the loss of data (including for negligence). This exclusion of liability also applies to damage caused directly or indirectly by the use of scanmeter, including any damage or disruption caused by assessment activities.
13.4. If the Provider has engaged subcontractors/third parties to fulfil its contractual obligations, the Provider is responsible to carefully instruct the subcontractors/third parties. In all other respects, warranty and liability are fully excluded to the extent permitted by law. This exclusion of warranty and liability also applies in particular to intent and gross negligence.
13.5. In all cases, regardless of the basis of liability, the Provider’s liability is limited to direct damages up to a maximum of CHF 50,000.- per calendar year.
14.1. The contractual relationship between the Provider and the Customer begins with the acceptance of an offer or by using the Services (e.g. registration and order; activating a product in the customer portal of scanmeter).
14.2. The contractual relationship is concluded for an indefinite period, unless otherwise agreed. Consequently, the respective subscription term shall be automatically extended for another subscription term unless the contractual relationship has been terminated in accordance with this section.
14.3. The parties are entitled to terminate the contractual relationship by giving one month’s notice as of the end of the current subscription period, unless otherwise agreed. Termination must be submitted in writing by registered mail.
14.4. The parties are free to terminate the Contract immediately for good cause. A good cause for the Provider’s immediate termination of this Contract is in particular,
15.2. The Provider strives to keep its infrastructure updated to meet industry standards and security requirements. The Provider reserves the right to modify its Services and/or any parts of the Contract (including these ToU) and/or agreed fees, prices and charges, at any time. Fee adjustments will only take effect at the beginning of the next subscription term to ensure transparency and fairness for the customer. The Customer will be informed in an appropriate manner, e.g. by an in-app message, by e-mail or by writing.
15.3. If the changes represent a significant deterioration in the conditions from the Customer’s point of view, the Customer shall be entitled to terminate the Contract extraordinarily with 30 days’ notice to the date of the change.
16.1. In the event of force majeure (e.g. natural disasters, official orders in connection with an epidemic, war, etc.), the party that is unable to fulfil its contractual obligations as a result shall in no way be liable to pay damages to the other party. In such cases, the affected party will inform the other party promptly and take all reasonable steps to minimize the impact of the event on its performance under this ToU.
17.1. By accepting these ToU, the Customer simultaneously declares that he is informed about the content of the Provider’s Privacy Policy (https://scanmeter.io/privacy-policy/).
18.1. The parties undertake to maintain confidentiality regarding all confidential processes that come to its knowledge in the course of the preparation, implementation and fulfilment of this Agreement, in particular business or company secrets, and to not pass on this information to external third parties without the authorisation of the affected party. This applies to any unauthorised third party unless the disclosure of information is necessary for the proper fulfilment of the contractual obligations as well as in respect of claims against the other Party under this Agreement. Furthermore, the foregoing confidentiality obligation shall not apply to any information or facts that are or become publicly available through no fault of any Party or a Party is required to disclose information or facts pursuant to the applicable law or under legal proceedings. Provided, however, that such Party is requested or ordered to disclose any such information or facts pursuant to any government or court order or any other applicable legal procedure, such Party shall provide the other Party with prompt notice of any such request or order in time sufficient to enable the other Party to seek an appropriate protective order.
19.1. The Customer is obliged to obtain the prior written consent of the Provider for the assignment or pledging of individual rights and/or obligations under this contract to third parties.
20.1. If any provisions or clause of this Agreement shall be or become illegal, void or be held in-valid or unenforceable for any reason whatsoever, the legality, validity, and enforceability of all other provisions and clauses shall not be affected and the latter shall remain in full force and effect. Such illegal, void, invalid or unenforceable provision or clause shall be reinterpreted, supplemented or replaced in such a way that the economic purpose pursued by the invalid provision is achieved. The same applies if there are loopholes in this agreement.
21.1. This Agreement, its performance, any issue of construction or interpretation, any dispute, disagreement or claim arising out of or in connection with its subject matter, whether relating to its validity, its execution, the obligations provided herein or its performance, shall be governed by and construed in all aspects in accordance with the laws of Switzerland, to the exclusion of the conflict of law rules applicable therein as well as international and supranational law.
21.2. Any dispute, controversy or claim between the Parties arising under, out of or in connection with this Agreement or the transactions contemplated herein, including (but not limited to) conclusion, validity, invalidity, binding effect, amendment, breach or termination thereof, shall exclusively be referred to and finally determined by the competent courts of Zurich, Switzerland, which the parties irrevocably agree to be the exclusive venue for any dispute, controversy or litigation.
November, 2024
Monitrd AG
Minervastrasse 3
8032 Zürich
