Terms of Service
The agreement that governs your use of the VigilChain platform.
The agreement that governs your use of the VigilChain platform.
If you signed a separate Order Form to access VigilChain with the same account, and that agreement has not ended, the terms below do not apply to you. Instead, your separate Order Form applies to your use of the Product.
This Agreement is between VigilChain, Inc., a Delaware corporation ("Provider," "VigilChain," "we," "us," or "our") and the company or person accessing or using the Cloud Service. This Agreement consists of: (1) the Order Form below and (2) the Framework Terms defined below.
If you are accessing or using the Cloud Service on behalf of your company, you represent that you are authorized to accept this Agreement on behalf of your company. By signing up, accessing, or using the Product, Customer indicates its acceptance of this Agreement and agrees to be bound by the terms and conditions of this Agreement.
Framework Terms. This Order Form incorporates and is governed by the Framework Terms, which consist of the Key Terms below and the Common Paper Cloud Service Standard Terms Version 2.1, which are incorporated by reference. Any modifications to the Standard Terms made in the Cover Page below will control over conflicts with the Standard Terms. Capitalized words have the meanings given in the Cover Page or the Standard Terms.
Cloud Service. The Cloud Service is VigilChain's Application Security Posture Management (ASPM) service, which ingests customer-connected source code repositories and cloud environment metadata, scans for security findings using static analysis and AI-assisted vulnerability triage, traces findings from code to cloud, and reports findings through the VigilChain web platform and API.
Order Date. The date Customer first accepts this Agreement.
Subscription Period. One month.
Cloud Service Fees. The Product is currently offered at no cost during the beta period. See Provider's pricing page at vigilchain.com/pricing for Fee details that will apply when the Product exits beta. Provider will give at least 30 days' notice before the Product exits beta and Fees begin to apply.
Payment Process. No payment method is required during the beta period. When the Product exits beta, Customer will be required to provide a payment method that Provider is authorized to charge monthly for immediate payment or deduction without further approval.
Non-Renewal Notice Period. At least 30 days before the end of the current Subscription Period.
Customer. The company or person who accesses or uses the Product. If the person accepting this Agreement is doing so on behalf of a company, all use of the word "Customer" in the Agreement will mean that company.
Provider. VigilChain, Inc., a Delaware corporation.
Effective Date. The date Customer first accepts this Agreement.
Governing Law. The laws of the State of Delaware, without regard to its conflict of laws provisions.
Chosen Courts. The state and federal courts located in the State of Delaware.
Covered Claims.
General Cap Amount. The greater of (a) fifty thousand U.S. dollars (US$50,000) or (b) 1x the Fees paid or payable by Customer to Provider in the 12 month period immediately before the claim.
Notice Address.
legal@vigilchain.comDPA. Customers subject to the GDPR, UK GDPR, or similar data protection regulations may execute a Data Processing Agreement with Provider. Provider's DPA template is available upon request by contacting legal@vigilchain.com.
Security Policy. Provider will use commercially reasonable efforts to secure the Cloud Service from unauthorized access, alteration, or use and other unlawful tampering, including maintaining an information security program consistent with industry standards for B2B SaaS.
Changes to the Standard Terms. The following modifications to the Standard Terms apply to this Agreement:
Acceptable Use Policy. In addition to the Restrictions on Customer set forth in Section 2.1 of the Standard Terms, Customer agrees to comply with Provider's Acceptable Use Policy, available at vigilchain.com/acceptable-use-policy, which is incorporated by reference into this Agreement. Provider may update the Acceptable Use Policy from time to time on the same notice terms that apply to updates of these Terms of Service.
Modification of Section 1.6 (Machine Learning). Section 1.6 of the Standard Terms is replaced in full with the following:
Provider will not use Customer Content to train, fine-tune, or enhance artificial intelligence or machine learning models owned or operated by Provider, without Customer's prior written consent. Provider may process Customer Content through third-party artificial intelligence and machine learning services solely as necessary to provide the Cloud Service, subject to the terms of those third-party services as disclosed in Provider's Privacy Policy and Subprocessor List. Provider may collect and analyze Usage Data and, once Usage Data is aggregated and de-identified such that it cannot reasonably be used to identify Customer, Users, or Customer Content, Provider may use such aggregated and de-identified Usage Data to maintain, improve, enhance, and promote Provider's products and services. Nothing in this section will reduce or limit Provider's obligations regarding Personal Data under Applicable Data Protection Laws. Due to the nature of artificial intelligence and machine learning, information generated by these features may be incorrect or inaccurate. Product features that include artificial intelligence or machine learning models are not human and are not a substitute for human oversight.
Beta Product Designation. During the beta period identified on Provider's website or in communications to Customer, the Cloud Service is a Beta Product as defined in Section 12.7 of the Standard Terms. Section 6.3 (Representations & Warranties From Provider) does not apply while the Cloud Service is a Beta Product. Provider will give Customer reasonable notice when the Cloud Service is no longer a Beta Product.
Modification of Section 12.8 (Logo Rights). Section 12.8 of the Standard Terms is replaced in full with the following:
Provider may identify Customer and use Customer's name and logo in marketing to identify Customer as a user of Provider's products and services only with Customer's prior written consent. Customer may revoke such consent at any time by giving notice to Provider, in which case Provider will cease new uses of Customer's name and logo within a reasonable period.