-
General provisions
- Access to the service is granted to the ordering party after signing the contract in accordance with
the provisions of clause 10.
- Aspects related to the privacy policy are specified in the document available at the following link:
https://okkoala.com/cookies-and-privacy-policy.
- The subject of this Agreement is to perform by the Contractor an IT security audit consisting in
testing the resistance of the Customer's company e-mails to phishing attacks carried out by the
Contractor and the performance of online training.
- Necessary data for the audit / training are provided by the Principal through the client's panel.
- The Contractor's accession to the Agreement shall take place after the Agreement is signed.
- The IT security audit shall be performed on the date agreed by the Parties by electronic means, through
the customer's panel, but not later than twelve months from the date of signing the Agreement.
- Trainings purchased by the Principal shall supply its pool of available trainings to be performed and
they shall be possible to be completed within twelve months of purchase, by ordering an audit in the
Customer's panel.
-
Scope of the audit
-
The scope and subject matter of the IT security audit shall include:
- Assessment of the potential threat to the company by phishing attacks through emails,
- Examination of employees' susceptibility to the above mentioned form of attack, their awareness
and foresight related to the security of Internet correspondence,
- Educate workers in relation to the form of risk being investigated and increase their knowledge
of safety,
- Identify measures and possible actions in the field of IT security,
- Indication of the directions of the company's security policy and the strategy of its
implementation.
-
The detailed scope of the IT security audit shall be specified by the Contracting Authority by means of
a user panel made available on the Contractor's website.
-
Statements and obligations of the Contractor
- The Contractor undertakes to perform the Contract with due diligence and professionalism resulting from
the
professional nature of the business.
- The Contractor shall conduct an IT security audit in close cooperation with the Principal.
- The Contractor undertakes that the works, materials and information performed as part of the IT
security audit and
the software used by it do not violate the rights of third parties, in particular copyrights and
related rights.
- The Contractor declares that during the audit the analysis of the Customer's devices does not change
their
configuration and does not affect their functioning.
- Accidental failures that may occur in connection with the performance of this Agreement shall not give
rise to any
liability on the part of the Contractor.
- Unless necessary, the Principal shall not provide the Contractor with access passwords.
- In the event of failure of the Commissioning Party's equipment resulting from an IT security audit, the
Contractor
shall not be liable for it.
- The Contractor declares that the data collected by the auditing software are sent via an encrypted
protocol to the
Contractor's server. After completion of the audit, the data collected are permanently deleted by the
Contractor.
-
The Contractor reserves the right to examine samples of training messages created by the Principal to
avoid
infringement of intellectual property rights of third parties at any time. At the same time, the
Contractor has the
right to cancel the audit submitted by the Principal, if it finds that the used message templates
infringe the property
rights of third parties and the Principal does not provide documents that state otherwise.
-
Obligations and declarations of the Principal
-
The Principal undertakes to immediately transmit in person or through a designated employee, within no
more than 3
working days, the information requested by the Contractor necessary to perform the Agreement, including
the list of the
Principal's company e-mails subject to IT security audit. The Commissioning Party hereby declares that
it has the right
to dispose of the information referred to in the previous sentence and authorizes the Contractor to use
such
information in order to perform the Agreement.
-
Failure to submit the aforementioned information may result in failure to perform the audit to the
extent covered
by the lack of information.
-
In the event of obstacles on the part of the Principal in performing the subject of the Agreement, the
Principal
shall inform the Contractor about this immediately in writing or via e-mail to the address indicated in
the Agreement.
The period of time impediment in the performance of the Agreement arising on the part of the
Commissioning Party causes
the postponement of the deadline for the performance of the Agreement by the number of days during
which the
Contractor, through no fault of his own, could not perform the Agreement.
-
The Commissioning Party agrees to perform activities by the Contractor in the scope covered by the
audit,
including granting the Contractor permission to process the data collected during the audit.
-
The Principal declares that in the event of a failure of computer hardware or software during the
audit, the
Contractor shall not be held liable for any such failure unless the failure was caused by the following
actions
Contractors.
-
By creating his own training e-mail templates, the Principal declares that he has the rights to all
multimedia
materials, trademarks, logotypes etc. used by him and uses them in accordance with copyright law.
-
Confidentiality
-
The Parties undertake to keep secret all information received directly or indirectly during the audit
and after
its completion, unless such information constitutes public information (protection of confidentiality
obtained during
the audit), in particular it concerns templates used by the Contractor during the audit.
-
Termination of the Agreement
-
In the event of an obstacle on the part of the Principal exceeding 30 days in the performance of the
Agreement,
the Contractor shall be entitled to withdraw from the Agreement without setting an additional deadline,
while retaining
the right to remuneration in the full amount.
-
In the event of withdrawal from the Agreement, the Contractor shall provide a partial report on the
scope of the
audit conducted until the date of withdrawal from the Agreement within 14 days from the date of
withdrawal from the
Agreement.
-
The Principal shall have the right to withdraw from the Agreement in the event of delay exceeding 30
days, after
having previously called upon the Contractor to perform the subject of the Agreement in the following
manner the time
limit it sets itself, not shorter than 7 days under pain of withdrawal.
-
Force majeure
-
During the period of force majeure, the parties to the Agreement shall be released from any liability
for
non-performance of the Agreement if the circumstances of force majeure constitute an obstacle to the
performance of the
Agreement.
-
Force majeure shall be understood as an external event which could not have been foreseen and
prevented, in
particular flooding, burglary, long-term loss of electricity caused by the failure of the energy
supplier, damage to
computer equipment.
-
A party is entitled to invoke force majeure only if it informs the other party immediately, no later
than on the
day following the day on which the event preventing the performance of the contract occurred.
Contracts.
-
Final provisions
-
The parties agree to conclude an agreement in the form of a document with the use of software to accept
the
content of documents. Therefore, in order to conclude the agreement, the parties shall indicate the
e-mail addresses of
the representatives authorized to represent them, using personal addresses maintained in company
domains, the agreement
shall be concluded in a documentary form.
-
The Parties agree that declarations of will concerning the conclusion of an agreement made with the use
of
software to accept the content of documents shall be disclosed on the confirmation of the conclusion of
the agreement
in the form of appropriate records containing data describing the circumstances in which the
declaration of will was
made on the last image card of the document, in the content of an electronic document or in an
electronic attachment to
the Agreement document.
-
The Agreement is effectively concluded at the moment of submission of a declaration of its acceptance
in a
documentary form by the last of the parties to the activities.
-
The Parties agree that the form of contact binding for the performance of the Agreement is written
contact (to the
addresses given in the Agreement) and contact through e-mail.
-
Any amendments to the provisions of the Agreement must be made in writing otherwise they shall be null
and void.
-
In matters not regulated by this Agreement, the provisions of the Civil Code shall apply.
-
Any disputes that may arise in connection with the performance of this Agreement, the parties shall
first submit
to mediation. In case of lack of agreement, the competent court for the settlement of disputes shall be
the Court
competent according to the registered office of the Contractor.
-
The Agreement has been drawn up in three identical copies for the purpose; two copies for the Principal
and one
copy for the Contractor.
-
The appendices constitute an integral part of the Agreement.