General terms and conditions for provisioning of services by Patronusec

Whenever in document is stated:

PATRONUSEC we mean Patronusec Sp. z o.o. with its registered office in Poznań, ul. Św. Marcin 29/8, entered into the register of entrepreneurs – National Court Register kept by the District Court Poznań-Nowe Miasto i Wilda in Poznań, VIII Commercial Division of the National Court Register under (KRS) number 0001039087, holding EU VAT ID PL7831881739

You or Client we mean legal entity seeking services from PATRONUSEC.

§1. Subject matter of Services

  1. The Subject Matter of document is to set out the framework terms and conditions for the provision of services by PATRONUSEC to the Client against remuneration (hereinafter referred to as the “Services”). The detailed scope of Services provided by PATRONUSEC will be each time determined by the Parties in the content of the order or proposal.
  2. In the performance of the duties set forth in this paragraph, PATRONUSEC has independence and autonomy.
  3. The Parties undertake to cooperate fully based on mutual trust.
  4. Subject to the provisions of § 6 clause 3 below, the Parties agree that PATRONUSEC shall not commence providing the Services until the Order or proposal is signed by an authorised representative in a documentary form is received from the Client.

§2. Representations and obligations of the Client

  1. In order to enable PATRONUSEC to properly perform the Service, insofar as this is necessary for the proper performance of the Service, the Client hereby undertakes to:
    • provide, whenever requested by PATRONUSEC, all information, materials in its possession, including in particular agreements and supplier documentation, the format and timing of which will be agreed by the Parties from time to time;
    • provide PATRONUSEC with access to the Client’s office premises and other premises where the Client’s equipment is located.
    • provide PATRONUSEC with access to telecommunications and IT infrastructure,
    • provide PATRONUSEC with support of the Client’s team in order to fulfil the assurances referred to above,
    • promptly inform PATRONUSEC of any circumstance’s material to the proper performance of the Services by PATRONUSEC;
    • pay the remuneration in a timely manner.
  2. Due to the fact that the Services will be provided by PATRONUSEC:
    • on the basis of data and information received from the Client and its employees/co-workers, as well as on the basis of data and information publicly available and
    • assuming that all provided documents, copies thereof and information provided by the Client or its employees/ co-workers, are reliable, complete, up-to-date and true, including in particular, compliant with factual and legal status,
  3. The Client agrees at all times to provide PATRONUSEC with comprehensive explanations relevant to the Services to be provided and to provide documents in support thereof (insofar as the Client is in possession of such documents).
  4. The Client represents and warrants that all documents, materials, designs provided to PATRONUSEC in connection with the Service provisioning and for the purpose of its proper performance are the property of the Client and shall in no way infringe the rights of any third party. In the event that any third party files any claim against PATRONUSEC in connection with PATRONUSEC’s use of such material provided by the Client, the Client shall be solely responsible in this regard and agrees to indemnify PATRONUSEC for such infringement, to enter into any legal proceedings or, if such entry is not possible, to pay all dues that PATRONUSEC will be obliged to pay, as well as to pay in full the costs of legal services and legal representation. PATRONUSEC is obliged to inform the Client of such a claim without delay.
  5. In the event that the performance of the Services requires access to and processing by PATRONUSEC of personal data of which the Controller will be the Client, the Parties shall enter into an appropriate data processing agreement specifying in particular the scope and purpose of processing of personal data, as well as other elements required by applicable regulations on personal data protection. PATRONUSEC undertakes, prior to the processing of personal data, to take the technical and organisational security measures set out in the data protection legislation.
  6. For the performance of technical Services such as vulnerability scans (external or internal), penetration testing, application testing, application scans etc. the Client:
    • confirms that it is the rightful owner of the IT system/IP address(es) defined in the Order and is therefore entitled to grant PATRONUSEC the consent referred to third point below. Furthermore, the Client assures that all applications, IP addresses, servers tested by PATRONUSEC are in the legitimate possession of the Client and that it is entitled to grant PATRONUSEC with accesses.
    • acknowledges that it is aware that the due performance of the Services may require interference with the IT system specified in the Order by PATRONUSEC and/or its subcontractors, as well as a breach of the system’s security,
    • at the same time grants PATRONUSEC the right to access the IT system, IP addresses, domains indicated in the Order, for the purpose of fulfilling this Order and to the extent indicated therein.
    • declares that it is aware that in the course of proper performance of services covered by the Statement of Work or proposal by PATRONUSEC, the access to data of the IT system may be (temporarily and unintentionally) blocked, accepts this risk, and agrees not to assert any claims on this account against the PATRONUSEC.
  7. In the event that the Client changes the date or venue of a previously agreed meeting, the Client is obliged to cover all costs that PATRONUSEC has incurred in connection with such a change – this applies in particular to the costs of accommodation, travel and other charges that cannot be cancelled at no cost. The amount of costs actually incurred by PATRONUSEC will be documented by invoices and receipts confirming the bookings in question.
  8. In the event that the Client changes the date of a previously agreed service, the Client is obliged to:
    • pay 50% of the Order value in case of change of date earlier than 30 days before the agreed service performance date,
    • pay 75% of the Order value in case of change of date between 30 and 14 days before the agreed service performance date,
    • pay 100% of the Order value if the date is changed less than 14 days before the agreed service performance date.

§3. Representations and obligations of PATRONUSEC

  1. PATRONUSEC hereby represents and warrants that it possesses the qualifications, skills, and experience necessary to perform Services properly and professionally.
  2. PATRONUSEC undertakes to:
    • provide the Services with due diligence, in accordance with the applicable legislation, and undertake to provide all explanations at the request of the Client during the performance of the Services.
    • inform the Client of circumstances affecting the performance of the Services.keep confidential the information communicated to it by the Client with a duty of confidentiality.
    • uphold the reputation of the Client.

§4. Communication

  1. The Parties represent that the persons responsible for the proper performance of the Services, including those authorised to contact, email approval of materials, etc. are listed in proper statement of work or proposal.
  2. A change of the persons and contact details shall not constitute a change to the word order, and only requires that the other Party be notified by email immediately, but no later than within 3 business days of the occurrence of the change, otherwise any and all notifications relating to the Services made to the addresses indicated in the recitals of the Services shall be deemed effective.
  3. Any arrangements made during the course of the Service delivery relating to its performance shall at least be in documentary form. Due to the need to ensure efficiency of the service, it is permissible to make ongoing arrangements between the Parties orally or by means of remote information transfer devices, however PATRONUSEC is obliged to confirm such arrangements with the Client immediately by email.
  4. The Client hereby represents that it is aware of and accepts the risks associated with communicating with PATRONUSEC via email and, consequently, responsibility for the risks associated with conducting communications via the Internet.

§5. Remuneration

  1. The amount of remuneration due to PATRONUSEC for the proper performance of the Services, as well as the method and dates of payment shall be specified each time in the content of the Order or proposal.
  2. PATRONUSEC’s remuneration shall each time be increased by the applicable VAT at the rate in force at the time of invoicing.
  3. In the event that the Parties have stipulated in the content of the Order that the Client is obliged to pay PATRONUSEC an advance payment of the remuneration, such advance payment shall be payable within 7 days of the date of the Work Order signature and, in the case of each subsequent Order, within 7 days of its submission by the Client. If the Client fails to pay the advance payment on time, PATRONUSEC shall be entitled to withdraw from the performance of the given Order to which the advance payment relates within 21 days counting from the date of ineffective expiry of the deadline for its payment.
  4. The remuneration will be paid to PATRONUSEC on the basis of a VAT invoice duly issued and delivered to the Client.
  5. Subject to separate arrangements between the Parties, the remuneration shall be payable by bank transfer to the bank account indicated in the VAT invoice, within 15 days of its delivery to the Client.
  6. The Client hereby agrees that PATRONUSEC may issue VAT invoices and other accounting documents, if any, in electronic form and send them in PDF format using email to the address indicated in the recitals of the Statement of Work.
  7. The payment date shall be the date of crediting the bank account of PATRONUSEC.
  8. In the event of late payment, PATRONUSEC will be entitled to charge statutory interest for late payment in commercial transactions.
  9. In each case, PATRONUSEC’s remuneration set out in the Order is calculated on the assumption that the performance of the Services covered by it will be completed no later than by the final date indicated in that Order. 
  10. In the event that in the course of the performance of the Services covered by a particular Order it becomes apparent that PATRONUSEC’s remuneration has become materially inadequate for the engagement, as well as in the event that the Order is not completed by the final date referred to in clause 9 above due to circumstances for which PATRONUSEC is not responsible, the Parties undertake – acting in good faith – to enter into negotiations aimed at amending the terms of remuneration.

§6. Additional costs

  1. In the event that PATRONUSEC provides the Services to the Client outside of Poznań and subject to details in Proposal or Statement of Work, PATRONUSEC will be entitled to claim reimbursement from the Client for travel expenses, per diems, if any, and accommodation costs (if necessary) subject to their prior approval by the Client.
  2. In addition, PATRONUSEC is also entitled to demand an advance payment from the Client for any additional costs referred to in clause 1 above.
  3. The costs referred to in clause 1 above shall be payable to PATRONUSEC together with the remuneration referred to in § 5 clause 1 provided that PATRONUSEC attaches to the issued invoice copies of bills, receipts, invoices or other source documents confirming the fact that these costs were incurred directly by PATRONUSEC.

§7. Company Secret

  1. The Parties agree that for the purposes of the Service delivery, the company secret of each of them shall mean all marketing, strategic, artistic, financial, commercial, technical, technological, organisational or other information of economic value not disclosed to the public, as to which the disclosing Party has taken the necessary measures to maintain its confidentiality, in particular, all information and knowledge of a financial, commercial, technical, sales, business, marketing, technical, technological, economic and legal nature, know-how, operational, public relations information, as well as research, analyses, studies, plans, sales plans, customer and contractor lists, commission systems, specifications, samples, databases, drawings, software, prototypes and other strategic information, marketing plans, information on ongoing and planned campaigns, how work is organised, information on the disclosing Party’s contract templates, information on the disclosing Party’s activities and those of its customers and partners, information on working and pay conditions, personal data, information collected through correspondence including electronic correspondence, information contained in files stored on the hard disk of computers, information constituting access passwords, access codes, software licence codes, PIN codes and the like, as well as all other news and information relating to the disclosing Party, regardless of the form in which it is transmitted or its source (collectively referred to as “Confidential Information”).
  2. Company secret of the disclosing Party also covers all Confidential Information disclosed or provided by shareholders, officers, managers, representatives as well as employees, accountants, attorneys-in-fact, advisers, consultants, subcontractors, contractors and other persons having access to Confidential Information provided in connection with the proper performance of Services.
  3. The Parties agree that for the purposes of the Service delivery, “information” shall mean any message expressed in any manner that will contain Confidential Information.
  4. The receiving Party undertakes:
    • to keep confidential (secret) Confidential Information which it has acquired in connection with the Agreement,
    • not to use Confidential Information or any part or derivative thereof for any purpose other than in connection with the proper performance of the Service, whether during the term of the Service delivery or after its termination, dissolution or expiry.
  5. The disclosing Party shall only disclose Confidential Information to the other Party in connection with the conclusion of the Service delivery and for the Service delivery.
  6. All information, messages and materials provided to the receiving Party by the disclosing Party or its representatives which constitute Confidential Information, regardless of the form in which they are recorded, may only be used, disseminated, transmitted, or disclosed with the express prior written (under pain of nullity) consent of the disclosing Party. The obligation to obtain the consent referred to in the preceding sentence shall not apply if the use, dissemination, transmission, or disclosure of Confidential Information takes place in accordance with the provisions of clause 8 below.
  7. For the purpose of the Service delivery, dissemination shall be deemed to be making available of Confidential Information, as well as the failure to protect it from access by third parties or its loss.
  8. The Parties agree that the receiving Party is released from its obligation to maintain the confidentiality of Confidential Information:
    • which has become generally known in a manner other than as a result of a breach of this document,
    • known by the receiving Party prior to its disclosure by the disclosing Party,
    • which has been disclosed with the disclosing Party’s written consent,
    • which has been disclosed in accordance with the requirements of the law or the provisions of a court decision or a decision of the competent state or local authorities,
    • in the case of performance of obligations relating to the maintenance of licences, permits. This applies in particular to the transmission of the required information to card organisations, the PCI SSC (Payment Card Industry Security Standard Council) or other participants of the PCI programs. In this case, PATRONUSEC may disclose confidential information, reports or confirmations of compliance without additional consent from the Client.
  9. The receiving Party when making the disclosure is obliged to:
    • in the case referred to in clause 8 point 4 above, immediately inform the disclosing Party of the obligation to disclose Confidential Information and of the persons or entities to whom the disclosure is to be or has been made, subject to clause 8 point 5.
    • disclose only as much of Confidential Information as it is required,
    • take all practicable steps to ensure that disclosed Confidential Information will be treated confidentially and used only for the purposes justifying its disclosure.
  10. Upon termination or expiry of the Services, on any legal basis, each receiving Party shall, at the request of the disclosing Party, return or cause to be returned or destroy or cause to be destroyed (certified in writing) any documents containing or derived from Confidential Information, within the time specified by the disclosing Party. In addition, in these circumstances, the receiving Party shall delete (and confirm such deletion in writing) any Confidential Information from any computer, storage medium, or other device containing such information not owned by the disclosing Party.
  11. Point 10 is not applicable to PATRONUSEC, which has obligation to keep assessment evidence as required to maintain PCI QSA licenses. In such case Client acknowledge that PATRONUSEC is not obliged to delete any confidential information after termination of agreement or after provision of services.
  12. The obligation of confidentiality set out in this paragraph shall apply for the entire duration of the Agreement as well as for five (5) years from the date of its termination, expiry or end on any legal basis.
  13. Notwithstanding the foregoing, during the term of the Agreement, as well as after its termination, expiration or end on any legal basis, PATRONUSEC shall be entitled to publicise the fact that it has established a relationship with the Client, including in particular the presentation of the Client in its portfolio.
  14. Upon completion of the Order, the Client, at the express request of PATRONUSEC, may provide PATRONUSEC with testimonials describing the manner of cooperation and the quality of the services provided by PATRONUSEC. If issued, the testimonials may be made available by PATRONUSEC to third parties, including posting on the PATRONUSEC website – subject to any agreement to the contrary between the Parties.

§8. Limitation of liability

  1. The Parties agree that PATRONUSEC’s total liability for damages caused in connection with the performance of Services (regardless of the legal basis) is limited to direct damages (excluding lost profits) and to a maximum amount equivalent to 50% of the net remuneration specified in a given order.
  2. For the avoidance of any doubt, the Parties agree that PATRONUSEC shall not be liable in any way for the content, correctness or completeness of any information, materials, documents provided by the Client, including, in particular, in accordance with § 1 clause 3 letter (a).
  3. PATRONUSEC shall not be liable in any way for any delay in the performance of individual Services if such delay is caused by an act or omission on the part of the Client or its representatives.
  4. PATRONUSEC shall not be responsible for delays or improper performance of the Services, caused in particular by:
    • failure by the Client to provide access to information, documentation, persons or infrastructure required to provide the Services,
    • providing by the Client information which is false, incomplete or misleading.

§9. Severability Clause. Force Majeure.

  1. If any provision of the Agreement is to any extent found to be invalid or unenforceable, this shall not affect the validity of the remaining provisions of the Agreement, which shall notwithstanding the foregoing be binding on the Parties in the same manner as if the invalid or unenforceable part of the Agreement had been excluded and deleted.  In such cases, the Parties undertake to replace these provisions with others that most closely express the economic and legal sense of the replaced provisions.
  2. The Parties shall be released from liability in the event of total or partial non-performance of any of their obligations if this is caused by force majeure, by which the Parties understand a sudden event of an external nature which could not have been foreseen at the time the Agreement was concluded and the consequences of which could not have been prevented.
  3. In the event of a force majeure event, the Party which such a circumstance prevents from or impedes the proper performance of the obligations set out in the Agreement shall notify the other Party of such circumstances and their cause immediately, but no later than within 3 calendar days.
  4. In the event of force majeure circumstances preventing the performance of either Party’s obligations, the period of obligations under the Agreement shall be extended by the duration of such force majeure.

§10. Additional undertaking of the Client

  1. In view of the fact that PATRONUSEC will appoint specialists of the highest standard of work to serve the Client, being the key personnel resource of PATRONUSEC, the Client hereby undertakes:
    • not to take any action aimed at inducing any member of the PATRONUSEC team (employed by PATRONUSEC on the basis of an employment contract and/or permanently cooperating with PATRONUSEC on the basis of a civil law contract) to terminate the legal relationship connecting him/her with PATRONUSEC,
    • not to solicit members of the PATRONUSEC team in any way to enter into an employment or cooperation relationship (in any form whatsoever) with the Client or its affiliates; and
    • not to employ or engage under a civil law contract member of the PATRONUSEC team.
  2. The undertaking referred to in clause 1 above shall apply to the Client during the term of the Agreement and for a period of 12 months thereafter (on any legal basis) and shall apply to members of the PATRONUSEC team dedicated to serving the Client (irrespective of the type of legal relationship between PATRONUSEC and the individual).
  3. The Client agrees not to use the results of the Services performed by PATRONUSEC in the proper performance of the subject matter of the Agreement, including in particular documentation, reports, etc. (whether or not they constitute a work within the meaning of the Copyright and Related Rights Act) for commercial purposes.
  4. In the event of a breach of any of the obligations set out in this paragraph, PATRONUSEC shall be entitled to claim from the Client a contractual penalty in the amount of EUR 50,000 (in words: fifty thousand euros) for each breach, regardless of the amount of actual damage suffered. PATRONUSEC shall be entitled to claim damages in excess of the contractual penalty.

§11. Termination of the Services

  1. Termination by notice or rescission of the Services delivery by the Client shall not affect the Order placed by the Client and accepted by PATRONUSEC prior to the date of such declaration by the Client, the confidentiality provisions and the non-compete obligation, including the provisions relating to contractual penalties, which shall remain in force despite the termination or rescission of the Agreement.
  2. For the avoidance of doubt, the Parties unanimously agree that the Client shall not be entitled to unilaterally terminate by notice or rescind the Order submitted by the Client and accepted by PATRONUSEC, unless such termination or rescission is caused by the sole action or omission of PATRONUSEC.
  3. In the event of wrongful termination by notice or rescission from the Order by the Client, PATRONUSEC shall be entitled to claim from the Client a contractual penalty equal to 100% of the remuneration that PATRONUSEC would have received had the Client not terminated by notice or rescinded the Order.

§12. Other provisions

  1. Each Party undertakes (during the term of the Service provision as well as for 5 years after its termination or expiry) to keep confidential and not to disclose, without the prior consent of the other Party, the fact of the cooperation between them or the content of the Proposal/Word order or Statement of Work, including in particular its commercial terms and conditions.
  2. Any changes to the Statement of Work shall be made in writing otherwise shall be null and void.
  3. In the event of a conflict between the provisions of this document and the work order, the contents of this document shall prevail.
  4. Provisions of the services are governed by law of Poland.
  5. Any disputes that may arise between the Parties in connection with the conclusion, interpretation or performance of the Services shall be resolved amicably. If, however, it proves impossible to reach such a solution within 30 days of the dispute arising, the dispute shall be exclusively submitted to the competent court in Poznań.
To top