Terms of Service

Lavawall® agreement

Between

ThreeShield Information Security Corporation (“ThreeShield”)

a Canadian Federal Corporation located in Calgary, Alberta

and

you (the “Client”)

Recitals

  1. The Client has asked ThreeShield to provide access to Lavawall®, which is briefly described as a Software As A Service (SAAS) tool that includes external network, domain, email, and web scanning in addition to information related to the security and reliability of Windows, Linux, and Mac computers. The services that this tool collection provides together are a Vulnerability Assessment, which is briefly described as automated audit of the security of a computer system to identify possible configuration errors and vulnerability to attacks such as computer viruses and unwanted information gathering (the “Vulnerability Assessment”).
  2. ThreeShield has agreed to provide access to the Lavawall® tools and related Vulnerability Assessments for the computer systems to be tested, which include those with Internet Protocol (“IP”) addresses and domains specified within the Lavawall® tool, and/or on computers running the Windows, Linux, and/or Mac Lavawall® software.

    (the Computer System) in accordance with this Agreement.

    Therefore, the parties agree as follows:

    Description of Services

    1. As a part of the Vulnerability Assessment, ThreeShield may use and access proprietary scripts and commands.

    Scope Limitations

    1. The Client understands that information security depends on a combination of external and internal controls and that an assessment cannot fully expose vulnerabilities that could be exploited by malware or access gained through a likely attack scenario that includes phishing, malware, damaged hardware, password weaknesses, or vulnerable third-party applications.

    Role of the Client

    1. The parties acknowledge and agree that ThreeShield requires cooperation from the Client to carry out the Vulnerability Assessment. The Client is responsible for installing the agent software on Windows, Apple, and Linux devices that the Client would like assessed as part of the Computer System.  
    2. The Client hereby agrees to provide ThreeShield with necessary access to the Computer System. Although ThreeShield has endeavoured to ensure compatibility with most security software, the Client may need to make changes to firewall, antivirus, and other system settings to allow the Lavawall® system to access and assess the Computer System.
    3. The Client agrees to back up its data and to maintain a copy of its data as a part of facilitating and co-operating with the Vulnerability Assessment.
    4. During the Vulnerability Assessment the Client will:
      1. Refrain from notifying any authorities or service providers of any scans performed as part of the Vulnerability Assessment.  On request, ThreeShield will provide the IP address for the Vulnerability Assessment so that the Client can determine whether any connection attempts are from Lavawall®. The Lavawall® Vulnerability Assessment is non-intrusive and does not attempt to bypass authentication restrictions.
      2. Make allowances for the possibility of not being able to carry on work with the Computer Systems and the potential loss of productivity during the Vulnerability Assessment.
    5. The Client shall permit ThreeShield to use its name, together with any logo or trademark that belongs to the Client, in its lists of customers for marketing purposes.

    Payment

    1. The Client shall pay ThreeShield the amount indicated in the Current Investment section of the Lavawall® billing page at https://lavawall.com/billing.php in Canadian currency plus the applicable Goods and Services Taxes (GST) for the Vulnerability Assessment (the “Initial Payment”).   Theese amounts are due and payable in advance.
    2. If the Client increases the number of assessed Computers, Domains, and/or Integrations, the Client shall pay ThreeShield for the maximum number of Additional Computers, Additional Domains, and Additional Integrations used in the preceding month at the prices indicated in the Current Investment section of the Lavawall® billing page at https://lavawall.com/billing.php in Canadian currency plus the applicable Goods and Services. If the Client has selected annual payments, the additional costs will be pro-raed for the remainder of the remaining period. For example, if the additional annual amount increased by $120 in the 12th month, ThreeShield will charge the Client's credit card $10+GST.
    3. If the Client does not select a Lavawall® plan before adding a payment card, the "Minimal Pay-as-you-go" plan will be selected by default. This plan does not have a minimum or base cost and will bill the Client on usage only.
    4. ThreeShield reserves the right to pricing thirty (30) days after sending the Client a notification by email.

    Client Warranties

    1. The Client hereby represents and warrants that:
      1. It has full authority to retain ThreeShield to enter into this agreement, install Lavawall® agents, scan the selected domains, and do the Vulnerability Assessment.
      2. It is the owner of the Computer System, or in the alternative, that it has permission in writing from the owner to access and use the Computer Systems and to do the Vulnerability Assessment.
      3. It has obtained the consent of all third parties as required or necessary for the Vulnerability Assessment, including but not limited to customer service providers.
      4. It owns its name and its logo or trademark and has the authority to give ThreeShield permission to use its name and logo or trademark in its customer list for marketing purposes. In the alternative, it has consent in writing from the owner of its name and logo or trademark to authorize ThreeShield to use these in its customer list.

    ThreeShield Warranties

    1. ThreeShield warrants that it will conduct the Vulnerability Assessment in good faith and not for any other purpose other than to assess the vulnerability of the Computer Systems.
    2. ThreeShield will use client email addresses, phone numbers, and other contact information for authentication and notification purposes only.  ThreeShield will not sell or trade Client Emails, Client Cell Phone numbers, or postal addresses.

    Disclaimer

    1. The parties acknowledge and agree that ThreeShield does not and cannot guarantee that it will discover all the vulnerabilities that the Computer Systems has at the time the Vulnerability Assessment is done.  It also does not guarantee that there will not be undiscovered vulnerabilities in the future.
    2. New installations or software may cause or reveal other or further vulnerabilities.

    Confidentiality and Non-Disclosure

    1. The parties acknowledge and agree that it is in their best interests to keep certain information that they may acquire through negotiating and entering this Vulnerability Assessment Agreement or during the Vulnerability Assessment confidential and to refrain from disclosing such information to third parties.
    2. The Client hereby agrees not to disclose any of the following information:
      1. the proprietary scripts and commands used by ThreeShield for the Vulnerability Assessment or any aspect of it;
      2. the IP addresses that the Vulnerability Assessment was conducted from, as provided to the Client; and
      3. any other details regarding the Vulnerability Assessment process used by ThreeShield;
    3. ThreeShield hereby agrees not to disclose confidential information that it may acquire as a part of the Vulnerability Assessment except to its authorized employees, associates, agents, and subcontractors as necessary, such as follows:
      1. the details regarding the Client’s Computer Systems;
      2. the aspects of the operation of the Client’s business that are not generally available to its customers and the general public;
      3. the Client’s data;
      4. the names and other details about the Client’s employees, associates, subcontractors, and third-party service providers that are not generally known to its customers and the general public.
    4. ThreeShield stores Client data in Montréal, Québec and Calgary, Alberta. However, we send emails through servers in Canada and Ireland; text messages may be sent through Twilio in the United States; and executables are stored in Cloudflare around the world. Information passes through Cloudflare at your nearest edge location, which may leave Canada.

    No Liability

    1. The parties hereby agree that ThreeShield shall not liable for any losses or damages reasonably related to the Vulnerability Assessment.  Without limiting the generality of this statement, ThreeShield shall not be liable for losses or damages related to:
      1. any failure to detect an external or internal vulnerability during the Vulnerability Assessment;
      2. any loss of the Client’s data or any third-party data that occurs as a result of the Vulnerability Assessment;
      3. any lack of consent for the Vulnerability Assessment (The Client must obtain all necessary consents);
      4. the inadvertent sharing of the Client’s data or confidential information, notwithstanding that ThreeShield has taken reasonable steps to protect the same; 
      5. any loss of productivity or income that the Client or any third-party experiences as a result of the Vulnerability Assessment or the simulated attacks that are part of the Vulnerability Assessment;
      6. any lack of consent for adding the Client name and logo or trademark to its customer list for marketing purposes once Client provides written approval;
      7. any business interruption, data loss, excessive systems recovery costs, or other adverse consequences of not maintaining backups or a copy of its data; or
      8. the security configuration, backup, or failure to provide any computer system backup.
    2. In the event that the Client does establish that it has a claim against ThreeShield, its damages shall be limited to a refund of any amounts paid for the Vulnerability Assessment.

    Indemnity

    1. The Client hereby indemnifies ThreeShield and its employees, agents and subcontractors against all third-party actions or claims for losses or damages related to the Vulnerability Assessment. 
    2. For greater certainty, the Client indemnifies ThreeShield and its employees, agents, and subcontractors against any expenses, fines, settlements, judgments and other liabilities reasonably associated with or incurred as a result of such third-party claims.

    Right to Subcontract

    1. ThreeShield has the right to subcontract all or part of the Vulnerability Assessment. 
    2. If ThreeShield does subcontract all or part of the Vulnerability Assessment, then all subcontractors shall be bound by this Agreement and have the same rights and obligations under it as ThreeShield.
    3. For greater certainty, the Client, upon request, shall give the subcontractors the same information and access as it would to ThreeShield under this Agreement.

    Default under this Agreement

    1. ThreeShield may refuse to provide the Vulnerability Assessment if the Client fails, neglects or refuses to provide the payment and the information required under this Agreement within a reasonable period of time.
    2. If the Client provides the payment and then fails, neglects or refuses to provide ThreeShield with the Information required pursuant to this Agreement or with access to the Computer Systems, then ThreeShield may keep all or part of the payment received as an estimate of damages and not as a penalty.

    Dispute Resolution

    1. If the Client and ThreeShield have a dispute related to the Vulnerability Assessment or any aspect of this Agreement that they have not been able to resolve through negotiation, then they hereby agree to attempt to resolve it through non-binding arbitration before bringing the matter before the courts.
      1. The parties agree to choose an arbitrator who:
      2. is not related to either of them;
      3. has some training or certification in alternate dispute resolution; and
      4. has at least two years of experience related to computer systems and networks and if possible, vulnerability assessments. 

    Governing Law

    1. This Agreement shall be subject to, interpreted and construed in accordance with the laws of the Province of Alberta.

    Severability

    1. The terms of this Agreement are separate, distinct, and severable.
      1. If a court of competent jurisdiction determines that any term, clause, or paragraph is not enforceable or not valid under Alberta Law, then this Agreement shall be construed as if it did not contain that term, clause or paragraph.

    Interpretation and Headings

    1. The division of this Agreement into paragraphs and the use of the headings are for ease of reference only. 

    Entire Agreement

    1. This Agreement, including the recitals and any schedules, constitutes the entire agreement between the parties regarding the Vulnerability Assessment.
    2. This Agreement replaces all prior negotiations, proposals, and mutual understandings between the parties, whether oral or written.
    3. Any amendments to this Agreement may be made with thirty (30) days notice by email.
    4. No waiver of any term of this Agreement shall constitute a waiver of any other term.

    Miscellaneous

    1. Time shall be of the essence of this Agreement
    2. This Agreement shall be binding for the benefit of the parties and their respective successors and assigns.
    3. This Agreement may be executed in any number of counterparts (including counterparts by facsimile, email, adding a credit card, or by logging into the Lavawall® service), and all such counterparts taken together shall be deemed to constitute one and the same instrument.

     

     

Get In Touch

Have a quick question and don't want to talk? Send us a quick note with the form below and we'll reply within one business day.

NW Calgary:
(By Appointment Only)
ThreeShield Information Security Corporation
600 Crowfoot Crescent N.W., Suite 340
Calgary, Alberta
T3G 0B4
SE Calgary:
(By Appointment Only)
ThreeShield Information Security Corporation
105, 11500 - 29th St. SE
Calgary, Alberta
T2Z 3W9
Canada
Phone
+1-403-538-5053
Sales Hours:
9:00am to 5:00pm Mountain Time
Support Hours:
7:00am to 7:00pm Mountain Time
On-Call Support Hours:
24/7

Monitor the real security risks with Lavawall®