Terms of Service Summary
The following summary highlights are intended for informational purposes only. Terms are further defined herein, see below.
Changelog (2024-07-16)
The terms were most recently updated to increase clarity and make them easier to read and understand.
Ownership & Access:
- Customer Data Ownership: The Customer, as the Information System Owner, holds ownership of data they input.
- License to Use Data: Customers grant us a license to use their data to support our platform.
- Data Management: Customers are responsible for all data management.
- User Access: Customers are responsible for managing user access.
Security and Data Management:
- User Authentication: Customers manage passwords and account security.
- Authorization Records: Customers must maintain accurate authorization lists.
- Accounting Records: We keep usage records, which are our property but may be available to Customers.
Platform Licensing:
- Platform Ownership: We own all services and components of our platform.
- Use License: We grant a non-transferable license for platform use to customers.
- Feedback: Product feedback provided becomes exclusive property of Us, including all associated intellectual property rights.
Availability and SLA:
- 1000% SLA Guarantee: Service credits are available for unplanned downtime of our proprietary platform.
- Availability Warranty: We reserve the right to alter services and do not guarantee availability or fitness for any purpose.
FortMesa Marketplace:
- Vendor Collaboration: We partner with vendors to offer complementary products.
- Warranty and Support: These products are sold “as-is,” with no warranties or support from us.
Confidentiality:
- Definition: Confidential information is proprietary unless specified otherwise.
- Use Restrictions: Confidential information must be protected and used only for contract purposes.
- Survival: Confidentiality obligations continue after the agreement ends.
- Remedies: Breach of confidentiality entitles the owner to injunctive relief and damages.
Orders & Payment:
- Orders: Customers are responsible for User usage.
- Terms: Invoices are due immediately. Unpaid balances may accrue interest and result in service downgrades or data deletion.
- Taxes: Fees exclude taxes unless otherwise stated.
Term and Termination:
- Renewal: The agreement renews automatically until terminated.
- Termination: Either party can terminate with 30 days’ notice. Obligations continue post-termination.
Liability and Indemnification:
- Limitation: Liability is limited to fees paid in the prior 12 months.
- Indemnification: Each party will defend and hold the other harmless from specific claims.
- Special Damages: Neither party is liable for special or consequential damages.
- Force Majeure: Neither party is liable for failure to perform due to uncontrollable factors.
General Provisions:
- Independence: This agreement does not create a partnership or employment relationship.
- Notices: Must be sent via email or certified post.
- Governing Law: Governed by New York State laws with disputes handled in specific courts.
- Assignment: Requires written consent from both parties.
- Supersession: This agreement replaces all prior agreements.
Policy: Usage of our services is also subject to our privacy policy.
Terms of Service
Last Updated: July 16th, 2024.
Introduction and Agreement
These Terms form a binding contract between FortMesa, Inc. (“FortMesa,” “We,” “our,” or “us”) and You, the Customer and User. “Platform” or “Services” refer to any web property, software application, professional services, or communications provided by us.
Platform and Scopes
Our products enable Customers to manage multiple instances of our software (“Scopes”), each representing an individual security boundary, even if the Customer remains the same. Users may be associated with multiple Scopes or even multiple Customers.
Acceptance of Terms
By logging into our platform, using our services, or accepting an invitation to join a Customer’s Scope, you agree to these Terms for both yourself and the Customer. You acknowledge and understand all current and future Terms posted on our website. We will notify you of any changes; if you continue to use our platform or request removal of your Scope within 14 days of notification, you accept the revised Terms. Ensure you are authorized to accept these Terms before proceeding.
Data Ownership & Management
Customer Ownership
The Customer, identified as the Information System Owner (“Scope Owner”) on our platform, holds all ownership rights. Users, including time-limited consultants, managed services contractors, or value-added resellers, act on behalf of the Scope Owner as per NIST publication SP800-18. The Customer owns all data created, input, or imported by Users.
User Access
The Customer can assert ownership or revoke User access at any time. We retain the right to interpret Scope Owner definitions and determine Customer identity. If you use a corporate email domain owned by a Customer, we may at our option assume you own it and are authorized to represent the Customer.
Data Management
Customers can create, read, update, or delete data created by the User. Customers are responsible for managing User access to data by inviting, granting, suspending, or removing them via the FortMesa platform. Customers are informed that it is their responsibility to maintain copies or back up all platform data.
License to Use Customer Data
The Customer grants us a non-exclusive, worldwide, term-restricted license to use, copy, process, distribute, or export all Customer data for providing, maintaining, improving, and supporting our Platform. This license remains effective as long as Customer Scopes are provisioned for use.
Security and Data Management
User Authentication
FortMesa does not manage User authentication data such as passwords. The Customer is solely responsible for managing passwords, account security features, and User access to our Platform.
Authorization Records
While we maintain authorization lists within our application, the Customer must review, amend, correct, or remove authorization records for their provisioned Scopes. We do not guarantee the accuracy or integrity of these lists, except for ensuring that Your Scope is restricted to Your associated Users.
Accounting Records
We may record and maintain extensive accounting records of product usage. You accept full responsibility for auditing these records. Although we strive for comprehensive reporting, our accounting reports may not always be exhaustive or complete.
Accounting Retention & Ownership
All accounting records are retained according to our internal policies, potentially including permanent storage. These records are solely our property and are not considered Customer data. They are not subject to the same removal policies or confidentiality agreements as Customer-provisioned data.
Platform Licensing
We own all services, software components, and processes utilized by our Platform. We grant the Customer a non-transferable, non-exclusive, non-assignable, term-restricted license to use our Platform. This license is intended for the Customer and User solely for using our Services. We retain all rights not explicitly stated herein.
Platform Feedback
We value Feedback and use it to enhance our platform. By providing Feedback, You agree it becomes our exclusive property. You assign all worldwide rights, including copyrights, trademarks, patents, and other intellectual property rights, to us, including rights to any derived works or improvements based on the Feedback.
Availability and Service Level Agreement (SLA)
1000% SLA Guarantee
If we acknowledge fault for unplanned downtime of our proprietary Platform or System without prior notification, Customers can request a service credit within 30 days of the incident. The credit will be ten times the prorated service charge for the outage period, up to one month’s service credit per impacted month. This guarantee applies only to incidents created by failure of FortMesa’s Platform or System and excludes third-party platform infrastructure failures.
Availability Warranty
We reserve the right to disable functions, de-provision services, remove data, or suspend access at our discretion. You waive all rights to implied, inferred, or explicit warranties regarding availability or fitness for any purpose and any claims for incidental, special, or consequential damages related to availability or fitness failures of our product or Platform.
FortMesa Marketplace
Vendor Collaboration
We collaborate with top vendors to offer the FortMesa Marketplace, a curated collection of products and solutions that complement our platform.
Marketplace Warranty and Support
While we endorse these solutions, we do not provide warranties or support for them, nor guarantee their merchantability or performance. Resold products from the FortMesa Marketplace are sold “as-is.” Customers should direct any issues with these products to the original manufacturer, distributor, or provider.
Confidentiality
Definition of Confidential Information
“Confidential Information” includes all information disclosed by the Data Owner to the Data Recipient during this Agreement, in any form. It does not include information that:
- Was already known to the Data Recipient at the time of disclosure, as evidenced by documentation.
- Becomes publicly known through no wrongful act of the Data Recipient.
- is material provided to Customer as a professional services deliverable pursuant to the Agreement;
- Is designated as non-confidential by written consent of the Data Owner.
- Is independently developed by the Data Recipient, as evidenced by documentation.
- Must be disclosed by the Data Recipient due to a court order or governmental requirement, provided the Data Owner is notified and given a chance to seek a protective order.
- Is retained for data aggregation by FortMesa, provided it is de-identified before use or disclosure.
Ownership and Return of Confidential Information
All Confidential Information remains the property of the Data Owner unless otherwise specified. Confidential Information must be returned or destroyed within 30 days of a written request or the termination of this Agreement. The Data Recipient may retain Confidential Information only if required by law or regulation.
Use and Disclosure Restrictions
The Data Recipient shall:
- Not disclose Confidential Information to anyone except employees or subcontractors who need to know and are bound by these confidentiality terms.
- Use Confidential Information solely for the purpose of this contract.
- Exercise at least the same degree of care to protect Confidential Information as it does for its own confidential information, and at a minimum, exercise reasonable care.
- Store Confidential Information securely.
- Be responsible for any unauthorized use or disclosure of Confidential Information by its employees, agents, or representatives.
Survival of Confidentiality Obligations
Confidentiality obligations remain in effect even after the termination of this Agreement for any Confidential Information disclosed before termination.
Remedies for Breach
In the event of a breach or threatened breach of this Confidentiality provision, the Data Owner is entitled to injunctive relief, in addition to any other legal or equitable remedies, including monetary damages. The parties acknowledge that Confidential Information is valuable and unique, and its disclosure would cause irreparable harm to the Data Owner.
Orders & Payment
Subscriptions and Orders
All orders or subscriptions belong to Customers, not Users. Subscriptions based on User counts are tied to named Users associated with the Customer’s Scope. A User account may be linked to multiple Customer organizations or Scopes, requiring a subscription for each associated Customer Scope. Users may incur usage charges billable to Customers based on Scope Ownership.
Payment Terms & Late Payment
Invoices are due immediately unless stated otherwise. Unpaid balances may accrue an 18% APR default rate and may be sent to collections at our discretion. Failure to pay on time may lead to service downgrades or disablement. Non-payment could result in loss of service availability or deletion of Customer-owned data.
Taxes
Quoted fees exclude taxes such as VAT, sales tax, or use tax, unless stated otherwise.
Term and Termination
Period & Renewal
This Agreement will automatically renew until terminated by either party.
Termination
Either party may terminate this Agreement at any time with at least 30 days notice. Rights and obligations under this Agreement will continue after termination and bind the parties, their legal representatives, successors, heirs, and assigns.
Liability and Indemnification
Liability Limitation
Except where otherwise stated, the liability of both the Customer and FortMesa is limited to the cumulative subscription and non-FortMesa Marketplace order fees paid in the prior twelve (12) months.
Indemnification
Each Party agrees to indemnify, defend, and hold harmless the other Party, along with its officers, directors, employees, and agents, from all claims, damages, liabilities, costs, or expenses arising from:
- A Party’s material breach of this Agreement.
- Supplying information or materials that infringe on any third party’s Intellectual Property Rights.
- Any actions taken or permitted by the other Party in good faith based on information received from the Party in connection with the Agreement’s performance obligations and responsibilities.
Intellectual Property Rights include all patent, copyright, trademark, trade secret, Internet domain name, and other intellectual and intangible property rights. An indemnified party may choose its own counsel at its own cost. An indemnified party must approve any settlements related to indemnification.
Exclusion of Special Damages
Neither Party will be liable for special or consequential damages (including lost profits or savings) or incidental damages, even if they were informed of their possibility.
Force Majeure
A Party will not be considered in breach of this Agreement if their failure to perform any obligation is caused by factors beyond their reasonable control, such as governmental restrictions, labor disputes, emergencies, or other unavoidable causes, provided the Party exercised due care to avoid such issues.
General Provisions
Independence
This Agreement shall not render FortMesa or its affiliates, officers, directors, employees, agents, or contractors (each, an “FortMesa Affiliate”), an employee, partner, agent of, or joint venture with the Customer for any purpose. A FortMesa affiliate is and will remain an independent contractor in their relationship to the Customer.
Notices
Notices to the Customer will use the organizational information recorded in the platform. Notices to FortMesa will use the contact method specified herein:
- For administrative purposes all notices or contact attempts must be by email with a written confirmation by the recipient, or certified post with delivery receipt.
- Email: admin-ops@fortmesa.com
- USPS: FortMesa, Inc., PO Box 262, 60 Elm Street, Spencertown, NY 12165
Governing Law and Jurisdiction
This Agreement is governed by New York State laws. Disputes will be exclusively handled by the courts in Albany or Columbia County, or the federal court in Albany if there is federal jurisdiction. Both parties consent to these courts’ jurisdiction and venue.
Assignment, Waivers & Delays
Neither party can assign this Agreement without the written consent of the other party. Any delay or failure to enforce the Agreement does not waive or limit the rights of either party.
Supersession, Severability & Entire Agreement
This Agreement replaces all prior arrangements, agreements, and understandings between the parties. If any part of this Agreement is found invalid or unenforceable, the rest of the Agreement remains valid and enforceable. This Agreement is the complete agreement between the parties and can only be amended in writing, signed by both parties.
Policy
Your usage of our website, platform, or service may make you subject to the terms of our privacy policy posted at https://fortmesa.com/privacy.