Privacy Policy and EULA
END USER LICENSE AGREEMENT AND PRIVACY POLICY
PLEASE READ THESE TERMS CAREFULLY BEFORE ATTEMPTING TO USE THE STRATEGIX APPLICATION SOLUTIONS’ PLATFORM OR XGRC SOFTWARE. BY USING OUR PLATFORMS OR SOFTWARE, YOU AGREE TO BE BOUND BY THESE TERMS. IF YOU DO NOT AGREE TO THE TERMS OF THIS AGREEMENT, PLEASE DO NOT PROCEED.
This End User License Agreement (“EULA”), together with our Privacy Policy, is a legal agreement (collectively referred to as the “Agreement”) between either you as an individual or an entity which you represent (“you”) and Strategix Application Solutions Proprietary Limited (“Strategix”, “we” or “us”) for use of our XGRC product range, which comprise of computer software, associated hardware, media, and “online” or electronic documentation and services (collectively referred to as “Software”).
END USER LICENSE AGREEMENT
GENERAL
This EULA shall be governed by and interpreted in accordance with the laws of South Africa. The courts of South Africa shall have exclusive jurisdiction in respect of all proceedings arising out of or pursuant to this EULA.
Suppose any provision contained herein is or becomes unenforceable for any reason. In that case, such a provision will then be treated as if it had not been included and shall not affect the validity of the remaining provisions of the EULA.
We reserve the right to amend this EULA at any time by publishing the amended and restated EULA on our website at https://xgrcsoftware.com/privacy-policy-and-eula. You will be prompted to accept such terms upon accessing your account or user profile. Continuing to use the Software will constitute acceptance of the amended terms. Should you not accept the amended terms, you must terminate this Agreement by providing 30 (thirty) days’ written notice. Please note that you can obtain more information on our approach to Data Security at https://xgrcsoftware.com/cyber-security.
SCOPE OF LICENSE
The license granted to you to use the Software on your computer or mobile device is limited, personal, revocable, non-exclusive, non-sublicensable, and non-transferable. The Software is licensed, not sold, and is only for use under this EULA.
RESTRICTIONS OF USE
Any use of the Software not permitted by this EULA is prohibited. You may not, alone or in conjunction with others: (a) license, sub-license, sell, rent, lease, assign, distribute, transmit, host, outsource, disclose or otherwise commercially exploit the Software or make the Software available to any third party; (b) share or disclose your login details thereby allowing someone else access to your account, or do anything else that might jeopardise the security of your account; (c) copy, modify, reverse compile, reverse engineer or extract source codes from the Software; (d) use any spider, virus, worm, trojan-horse, time bomb or any other codes or instructions that are designed to distort, delete, damage or disassemble the Software; or (e) remove, alter or obscure any proprietary notice (including any notice of copyright or trademark) contained in the Software. Any attempt to do so will be a violation of our rights.
INTELLECTUAL PROPERTY
All rights and titles in and to the Software, including, without limitation, all copyright and any other intellectual property rights provided to you, shall be and remain the sole property of Strategix. Strategix reserves all rights not expressly granted.
You acknowledge that all intellectual property rights subsisting in or used in connection with the Software, including all documentation, updates, upgrades, enhancements, new developments, and improvements, are and shall remain the sole property of Strategix.
This Agreement does not in any way grant, assign, transfer, or license any of either party’s intellectual property rights to the other party.
You will maintain ownership of any original content or data you may upload, transmit, or store while utilising our Software. Upon termination of this Agreement, you must extract all necessary Customer Data through the Excel export function provided in each module of our Software. You must complete this extraction before the termination of services. Please note that after the service termination date, we will initiate our data destruction protocol, which includes the removal of all Customer Data from backups and other storage within 30 (thirty) days. A written certification from us will confirm the completion of the data destruction process, signifying that all Customer Data has been permanently deleted and cannot be recovered. We will own all compilations, collective works, or derivative works we create that may incorporate your content.
VIOLATION OF THE EULA
We reserve the right, without incurring any liability, to disable or terminate the use of your license if you: (a) fail to pay applicable fees; (b) provide false or inaccurate information; or (c) breach any term of this EULA.
NO WARRANTY
You expressly acknowledge and agree that use of the Software is at your own risk. To the maximum extent permitted by law, the Software is provided “as is” and without warranty of any kind to the extent permitted by law.
Strategix disclaims all warranties concerning the Software, either express, implied, or statutory, including but not limited to the implied warranties of merchantability, fitness for a particular purpose, accuracy, and non-infringement of third-party rights.
While we endeavour to ensure that the Software is always available as stated in this End-User License Agreement (EULA), we acknowledge that specific service level commitments and corresponding responses to support requests are detailed in our Software as a Service (SaaS) Agreement.
Therefore, although we shall not be liable if, for any reason, the Software is unavailable at any time or for any period, in the event of any discrepancies between the general availability provisions of this EULA and the service level terms in the SaaS Agreement, the stipulations of the SaaS Agreement will take precedence.
Access to the Software may be suspended temporarily and without notice in the case of system failure, maintenance, or repair or for reasons beyond our control.
You acknowledge that Software, in general, is not defect-free and agree that the existence of such defects shall not constitute a breach of this Agreement.
Discover a material defect which substantially affects your use of the Software. We shall use all reasonable endeavours to correct such deficiencies, provided that such faults have not been caused by (a) your incorrect use, abuse, or corruption of the Software; (b) use of the Software with other products or Software; or (c) use of the Software on equipment with which the Software is incompatible.
Although we have used all commercially reasonable efforts to check for the most commonly known viruses, we do not warrant that the Software shall be free from all known viruses. You are, therefore, solely responsible for virus scanning the Software.
We furthermore do not endorse, monitor, verify or validate any content provided or created by you in the Software.
LICENSE FEES
A license fee shall be payable in arrears for the licence granted to you to use the Software.
All charges relating to the Software are exclusive of VAT and net of any taxes, duties or other additional sums including, but not limited to, excise tax, import or other duties, and whether levied regarding this EULA or the use of the Software.
All payments shall be made into such account as elected by us unless payments are processed via a third-party service provider.
No amounts paid will be refundable under any circumstances.
For adjustments of any fees related to the Software, please refer to the terms outlined in the corresponding Software as a Service (SaaS) Agreement. Fee increases, if any, will be conducted in accordance with the provisions outlined in the SaaS Agreement, ensuring that all changes are communicated with appropriate notice as detailed therein. The terms of the SaaS Agreement regarding fee adjustments will take precedence and govern over the terms of this End-User License Agreement (EULA).
TERMINATION
This Agreement will remain in force until it expires or is terminated by either party upon 30 days written notice. This Agreement may be terminated immediately should you be in breach of this Agreement.
Upon termination, you must destroy all copies of the Software. We request that you provide us with a written declaration confirming that all copies of the Software have been destroyed.
THIRD-PARTY SERVICES
The Software may include third-party content such as data, information, Software and other products or services or may provide links to third-party websites or services.
We do not control or verify the quality or level of services provided by third parties, and we are not responsible for or make any representations or warranties concerning third parties’ privacy practices or services. Your use of such third-party service providers is subject to the applicable third party’s terms and conditions and is at your own risk.
LIMITATION OF LIABILITY
We shall not be liable for personal injury or any incidental, special, indirect or consequential damages whatsoever, including, without limitation, damages for loss of profits, loss of data, business interruption or any other commercial damages or losses arising out of this Agreement or related to your use or inability to use the Software, however, caused, regardless of the theory of liability (contract, tort or otherwise) and even if we have been advised of the possibility of such damages.
You agree to indemnify, defend and hold Strategix and our directors, partners and affiliates harmless from and against any liability and costs, including attorneys’ fees incurred by the parties, in connection with or arising out of your: (a) violation or breach of any term of this Agreement or any applicable law or regulation; (b) violation of any rights of any third party; (c) use or misuse of the Software; or (d) communication spread through the use of the Software.
In no event shall our total liability to you exceed the fees you paid for the particular Software.
DISPUTES
Should any dispute, disagreement, or claim arise, the parties’ respective managing directors (or their designated nominees) shall endeavour to resolve the dispute in good faith and with due willingness and intention to determine a solution.
Should the parties fail to resolve the dispute within 15 business days of having declared such a dispute, the matter can be referred to the Arbitration Foundation of Southern Africa (“AFSA”) for a ruling to be made.
The arbitration shall be held in Johannesburg, informally, in the English language and otherwise in accordance with the rules of AFSA, with the intention that, if possible, it shall be held and concluded within 30 business days after it has been demanded.
The parties agree that the type of arbitrator to be appointed shall be based on the relevant matter.
The provisions set out above shall not prevent either party from approaching any court of competent jurisdiction to obtain interim or other relief in cases of urgency.
Any notice relating to this Agreement must be sent to the following address by registered mail: York House, Block A Unit 5, Tybalt Place, Waterfall Park, Bekker Road, Vorna Valley, Midrand, 1685. We shall, where required, send you notices to the address you supplied in the Software.
Each party hereby irrevocably agrees that a decision of the arbitrator in the arbitration proceedings: (a) shall be final and binding on each of them; (b) will be carried into effect; and (c) be made an order of any court to whose jurisdiction the parties are subject.
PRIVACY POLICY
We understand the importance of protecting your personal information and data. As such, this Privacy Policy describes how we collect and use your personal information and data, who we share it with, and your choices and rights in relation to your personal information and data.
PRIVACY STATEMENT
To comply with the Protection of Personal Information Act 4 of 2013 (“POPIA”) as well as the General Data Protection Regulations 2016/679 (“GDPR”) (in the case of European Union citizens or residents), the following specific provisions are brought to your attention.
The term “Personal Information” refers to any private information about an identifiable living natural person or an identifiable existing juristic person (company).
DATA STORAGE AND PROCESSING LOCATIONS
The data provided by the end-user is stored and processed in the Microsoft Azure Europe-West Data Centre located in the Netherlands. We ensure that our data storage and processing facilities adhere to the highest data protection standards and comply with applicable legislation.
DATA ENCRYPTION
We are committed to protecting the security of your data. All user data is encrypted in transit and at rest using a 256-bit SALT encryption framework. This robust security measure is designed to protect your data against unauthorised access and ensure the confidentiality and integrity of your personal information.
INTERNATIONAL DATA TRANSFER CLAUSE
We recognise the importance of protecting personal information when transferring across international borders. As such, we take careful steps to ensure that such transfers comply with the Protection of Personal Information Act 4 of 2013 (‘POPIA’) and the General Data Protection Regulation 2016/679 (‘GDPR’). We commit to processing your data with the same degree of security and privacy as stipulated by these regulations, and we shall take all necessary measures to mitigate any potential risks associated with data transfer.
USER CONSENT FOR DATA TRANSFER
By accepting the terms of this EULA and Privacy Policy, you expressly consent to transfer your data to the Microsoft Azure Europe-West Data Centre in the Netherlands for storage and processing. You acknowledge that you understand the risks and regulations associated with international data transfer and agree to the transfer of your data in accordance with this policy.
PERSONAL INFORMATION WE COLLECT
Strategix provides Software to the industry that addresses broad issues of corporate governance, enterprise risk management and corporate compliance. As such, Personal Information captured within the Software generally includes but is not limited to:
Company names, company registration numbers, telephone numbers, physical addresses, and email addresses; Individuals’ names, identity numbers, contact numbers and email addresses;
Compliance documentation, including company registration certificates, tax compliance documentation and letters of Good Standing as issued by the Department of Labour, The Federated Employers Mutual Assurance Company or Rand Mutual Assurance;
Employee records, medical and training records;
Any other Personal Information as provided by you in the Software; and Special Personal Information such as gender, biometric information or information about criminal offences or convictions.
PURPOSES OF COLLECTING PERSONAL INFORMATION
Personal information is used for the following purposes: (a) to enable the effective use of the Software; (b) to enable effective planning, monitoring and reporting on any aspect of risk and compliance; (c) to process orders and payment transactions; (d) to establish, manage, and maintain our business relationship with you; (e) carry out administrative and business functions; (f) fulfil legal and contractual obligations; (g) to market our solutions and services to you; (h) to update our records and keep contact details up to date; and (i) to communicate with you in terms of any aspect of this Agreement.
HOW PERSONAL INFORMATION IS COLLECTED
The source(s) from which Personal Information can be collected is as follows: (a) by way of direct submission thereof to the Software by yourself; or (b) from third parties, including public databases, social media sites, business partners with whom we offer co-branded services or engage in joint marketing activities and third parties that provide similar or additional services.
SHARING PERSONAL INFORMATION
We may share your Personal Information for the purposes set out in this Privacy Policy (as applicable):
with our affiliates and subsidiaries for the purposes as set out herein;
with business partners with whom we offer co-branded services or engage in joint marketing activities;
with third-party service providers to provide operational services or facilitate transactions on our behalf, including but not limited to processing of orders, assisting with sales-related activities or post-sales support, client support, email delivery, data analytics and auditing;
where you consent to the sharing of your Personal Information;
In connection with any joint venture, merger, sale of company assets, consolidation or restructuring, financing, or acquisition of all or a portion of our business by or to another company, and for other legal reasons.
Any third party with whom we share Personal Information is contractually required to implement appropriate data protection and security measures to protect your Personal Information and are not permitted to use Personal Information for any purpose other than the purpose they are provided with.
SECURITY OF YOUR PERSONAL INFORMATION
We employ all reasonable efforts to ensure that your Personal Information is protected from accidental or unlawful destruction, loss, alteration, unauthorised access, or disclosure by using a combination of physical, administrative, and technical safeguards. Furthermore, we contractually require that third parties who will be exposed to your personal information employ the same data protection and security measures.
In the unlikely event that your Personal Information is compromised, we shall notify you thereof immediately. We will provide you with the following information: (a) a description of the nature of the breach, (b) the likely consequences, and (c) a description of the measures taken or proposed to be taken to address the breach, including measures to mitigate possible adverse effects.
You have the right to lodge a complaint to the Information Regulator if you believe that your rights in terms of the POPIA need to be addressed.
RETAINING YOUR PERSONAL INFORMATION
We will retain your Personal Information as long as you have a valid user license and you specifically request that your user profile be removed from the Software. Should you revoke your consent and request your profile be removed, your user profile and information will be deleted from all platforms as applicable. Upon your specific request, we will issue a declaration or certificate warranting that your profile and data have been destroyed.
We may retain your Personal Information as is necessary to fulfil the purpose for which it was collected unless a more extended retention period is required to comply with legal obligations, resolve disputes, protect our assets, or enforce agreements. The criteria we use to determine retention periods include whether:
We are under a legal, contractual, or other obligation to retain Personal Information, or as part of an investigation or for litigation purposes;
Personal information is needed to maintain accurate business and financial records;
The Personal Information is sensitive Personal Information in which event we will generally retain this for a shorter period; or
You have consented to us retaining your Personal Information for a more extended retention period, in which case, we will keep Personal Information in line with your consent.
YOUR RIGHTS
You can choose not to provide your Personal Information. In this instance, we will not be able to provide you access to use our Software, nor will we be able to carry out our obligations in terms of our business relationship.
You have the right to access your Personal Information and to maintain and keep such Personal Information updated.
HOW TO CONTACT US
If you have any questions about how we handle your personal information, or if you have a privacy concern or wish to make a request or a complaint relating to your personal information, be sure to contact us immediately via email at [email protected].
USER AUTHORISATIONS, WARRANTIES, CONSENT
By accepting these terms, I warrant that:
I have the requisite authorisation to provide and make available any data or information, including Personal Information on behalf of my company as required in terms of the purpose set out in this Agreement;
I have the requisite authorisations to provide and make available any Personal Information required in the Software relating to my company’s directors, shareholders, employees, suppliers or contractors (as the case may be), and all data, information and documentation provided in the Software is accurate, true and current. I agree to maintain my Personal Information at all times. I furthermore provide unconditional, voluntary consent to the processing of my Personal Information (and that of my company) by Strategix, its business partners or third-party service providers for the purposes as set out in this Agreement and acknowledge that I am entitled to change or revoke my consent at any time.
By clicking the accept button or continuing to use the Software, you consent to be bound by the terms contained herein. If you have any questions about this Agreement, don’t hesitate to contact us via email at [email protected].