Special Conditions
- Hosting services
Hosting services
1. Services
The provision and use of the Services are governed in particular by these and all other conditions referred to herein, as well as all information communicated to the Customer at the time of the Order (the "Terms of Service").
The use and/or download of the Third Party Products constitutes acceptance by the Customer of the Third Party Product Terms. The Terms and Conditions of the Third Party Products supplement these.
VALUE IT provides the Customer with resources in reference to its business proposal. These resources may include (a) information about the different features, configurations, options and ranges available, and (b) documentation, technical guides or examples (or “use case”) Use of the Services for a better understanding and use of the Services. The Customer may obtain additional information concerning the Services by contacting VALUE IT Support under the conditions provided for in the article "VALUE IT Support" below.
When VALUE IT offers Services in accordance with recognized standards or specific regulations applicable to certain activities, VALUE IT communicates its scope of responsibility and the conditions under which VALUE IT complies with said standards or regulations.
VALUE IT undertakes to take all the care and diligence necessary to provide Quality Services, in accordance with the characteristics, terms and levels of Services provided for in the Agreement. VALUE IT undertakes to have a competent team in charge of Customer support and Incident management (the "VALUE IT Support"), and to ensure the availability and security of the Services in accordance with the terms and performance levels provided for in the applicable Terms of Service. VALUE IT is subject to an obligation of means.
Subject to the specific conditions set out in the Commercial and Technical Proposal, VALUE IT is authorised to subcontract all or part of the Services entrusted to it under this Agreement. VALUE IT may freely have recourse, within the framework of the performance of this Agreement, to Third Party Suppliers, without having to inform the Customer or to seek its prior consent. VALUE IT will in any event remain responsible for the subcontractors it engages in the performance of the Contract.
2. Terms Service use
The Customer undertakes to order and use the Services in accordance with this Agreement. The Services must be used with good intelligence. In particular, the Customer undertakes to take note of and comply with the applicable Third Party Product Terms and Conditions and with all information communicated to the Customer. the Customer uses the Services on behalf of third parties, or authorizes third parties to use the Services, the Customer undertakes, before any use of the Service(s) by these third parties, to communicate to them and have them validate the conditions in force and guarantees VALUE IT of the respect of these conditions.
Before ordering and using the Services, the Customer undertakes to be aware of all the Terms of Service (in particular Third Party Product Conditions) and to study all documentation, configurations, options and ranges of services available in order to select Services and features adapted to its needs and those of third parties by or on whose behalf the Services are used. In particular, the Customer ensures that the Services are adapted to the legal and regulatory requirements applicable to the activities carried out in connection with the use of the Services. To obtain information about the Services, the Customer may contact VALUE IT Support under the conditions set out in the "VALUE IT Support" article below. The conditions and characteristics of the Services evolve regularly.
To use the Services, the Customer must have, at its own expense and under its responsibility, a remote connection (such as the Internet or private network). The Customer is informed that the Internet network presents technical hazards and security risks outside the technical means implemented by VALUE IT within the framework of the Services. VALUE IT is not responsible for the failures of Internet Service Providers or other third party data transmission network operators (in particular the failure of connection line reliability, bandwidth fluctuations, interruptions, etc.), including the consequences of such failures, particularly when they result in unavailability and/or discontinuity of the Services.
The Customer is responsible for the management and confidentiality of its authentication, which are necessary to connect and use the Services. The Customer ensures that Users are aware of and comply with the best practices to preserve the confidentiality of their authentications. The Customer held the consequences that may result from the loss, disclosure, or fraudulent or unlawful use of the authentications provided to the Users, the liability of VALUE IT cannot be incurred as such. The Customer undertakes to inform VALUE IT without delay of any loss or possible disclosure of the authentications, and to proceed immediately with the renewal of said authentications.
Subject to the information made available by VALUE IT, VALUE IT does not intervene in the management of the Content and is prohibited from accessing the said Content for purposes other than for the purposes of performing the Services. VALUE IT does not carry out any control, validation or update of these Contents. In the same way, and subject to any provisions to the contrary, VALUE IT does not make any specific backup of the Content stored as part of the Services. So, it is up to the Customer to take all necessary measures to safeguard its Content in order to protect itself against the risks of loss or deterioration, whatever the cause. The Content must be lawful and used in accordance with best practices and applicable laws and regulations. Any use of Illicit Content (for example, dissemination, publication, storage or transmission of Child Pornography Content, Content promoting or inciting crimes against humanity, acts of terrorism, pedophilia, anti-Semitism, racism or other acts, or Content inciting hatred towards persons by reason of their sex, religion, sexual orientation or identity or disability) or illicit or abusive use of Content (for example, fraudulent use of content or use of Content in violation of third party rights such as personality rights, copyright, patents or trademarks, or other intellectual property rights) within the framework of the Services is prohibited and may give rise, at the VALUE IT ‘s discretion, to the immediate suspension of all or part of the Services provided in performance of the Agreement, to the deactivation of the Customer’s Account and/or to the termination of the Agreement to the Customer’s detriment, without prejudice to the lawsuits and claims for compensation that VALUE IT reserves the right to make.
The Services must be used in a reasonable manner and in compliance with the legal and regulatory provisions in force. In particular, without this list being exhaustive, (a) abusive or fraudulent uses of the Services and Resources made available to the Customer are prohibited, in particular uses likely to jeopardize the stability and security of VALUE IT systems or which may lead to a deterioration in the performance of the Services provided to other VALUE IT customers, (b) intrusion or attempted intrusion activities from the Services (on a non-exhaustive basis: port scans, sniffing, spoofing, and more generally outbound attacks from resources made available by VALUE IT) with the exception of Intrusion Tests specifically authorized by VALUE IT within the framework of the present document, (c) any use or attempt to use SPAM or any other technique similar to "spamming", and (d) Uses of Illegal or Prohibited Content as provided for in the above paragraph.
VALUE IT reserves the right to suspend all or part of the Services, in the event of (a) an established risk to the stability and/or security of the VALUE IT systems and environments, the Services and/or the Customer’s data, (b) planned maintenance, (c) a request from a competent administrative or judicial authority, (d) a notification from a third party within the meaning of Article 6 of the Digital Economy Trust Act (“DETA”) or (e) failure to comply with all or part of the conditions of use of the Services provided for in the Agreement. Such a suspension may take place immediately and without notice in the event of an emergency or necessity, and in particular in the cases described in (a), (c) and (d) above, and in the event of illicit or fraudulent use of the Services, Any use made in violation of the rights of a third party, and more generally, any use on the basis of which the liability of VALUE IT would be challenged. As far as possible, and subject to judicial and administrative requisitions and non-compliance with these Terms of Service, VALUE IT will ensure to limit the impact of the suspension on the normal functioning of the Services. The aforementioned suspensions do not relieve the Customer of its obligation to pay in full the amounts due to VALUE IT under the Contract, without prejudice to the possibility, for the Customer, of incurring VALUE IT liability under the conditions provided for in the article "Liability" Below in the event that such suspensions result from a failure of VALUE IT to perform its obligations.
In the event that they result from a failure of the Customer to perform its obligations, the aforementioned suspensions take place without prejudice to the right for VALUE IT to terminate the Contract under the conditions provided for in the article "Termination for failure" The Court of First Instance held that the Court of First Instance had failed to find a satisfactory solution to the problem. Subject to cases of termination or non-renewal of the Services, suspensions of the Services do not result in the deletion of the Customer’s data. Unless they result exclusively from a failure of VALUE IT to perform its obligations, the aforementioned suspensions cannot be considered as the time of unavailability of Services in the context of the implementation of the Services commitments provided for in the Agreement.
VALUE IT may at any time and by its own right modify the Services, including adding, modifying or deleting ranges, options or features and changing their performance. Regarding its Services in use, the Customer will be informed by e-mail of any substantial change likely to degrade these Services, at least thirty (30) calendar days before the implementation of the change. However, changes to Third-Party Products and emergencies (such as security risks or legal or regulatory compliance) may result in immediate changes to the Services. In the event of a change degrading a Service in use (removal of functionality, decrease in performance, etc.), the Customer may terminate these Service by registered mail with acknowledgement of receipt, within a period of thirty (30) days from the implementation of the evolution.
All elements (software, Infrastructures, documentation, etc.) made available to the Customer by VALUE IT in the context of the Services and the performance of the Agreement remain the exclusive property of VALUE IT or the third parties who have granted it the right to use them. VALUE IT grants the Customer the right to use these elements made available to it, on a non-exclusive basis, only in connection with the use of the Services and within the limits of the applicable contractual provisions and during the term of this Agreement. Subject to these elements, made available to the Customer by VALUE IT within the framework of the Services, the Customer remains responsible for acquiring all authorisations and rights to use the elements and Content (such as data, software, applications, systems, websites, etc.) that it uses and operates as part of the Services. The Customer and the Users remain the owners of their Content, VALUE IT not using it for any purpose other than those provided for in the Agreement. Subject to the legal provisions of public policy in force, the Customer is not authorised to decompile the software, codes and algorithms used in connection with the Services, in particular for the purpose of reverse engineering.
Subject to the restrictions on use (a) provided for under the provisions of the Agreement or (b) specific to the Customer’s activities, VALUE IT ensures that the Services can be marketed and used within the European Union and in the countries in which the Data Centers used to provide the Services are located. If the Customer uses the Services or authorises third parties to use the Services from a geographical area outside the country in which these Data Centers are located, it is up to the Customer to verify that this use is not subject to any restrictions under the applicable legislation or regulations, and in particular with regard to Council Regulation EC No. 428/2009 of 5 May 2009 as it stands at the date of the document, establishing a Community system for the control of exports, transfers, brokering and transit of dual-use goods, as well as United States of America regulations such as EAR (Export Administration Regulations) and ITAR (International Traffic In Arms Regulations), VALUE IT commercializing third-party solutions provided by publishers subject to the regulations of the United States of America. VALUE IT reserves the right to refuse orders placed (a) from countries subject to trade restrictions or other sanctions, or (b) by nationals of such countries or persons subject to sanctions. In this context, VALUE IT may carry out checks on the Customer, in particular in terms of solvency and/or presence on the Sanctions Lists, such as, for example, the single list of Treasury Board freezes. Following these verifications, VALUE IT reserves the right to automatically terminate the Agreement without having to justify the reasons for doing so.
Subject to any specific commitments that may be made in the Commercial and Technical Proposal, (a) VALUE IT is not responsible for Third Party Products made available in connection with the Services, which may in particular contain technical errors, security vulnerabilities, incompatibilities or instabilities and gives no warranty on the Third Party Products made available in connection with the Services (including any information and related elements such as software, systems, applications, etc.) and (b) the Customer is only authorised to use the Third Party Products made available to him by VALUE IT, within the framework of the Services, excluding in particular any possibility of decompiling, of accessing sources, reinstalling on other infrastructures the Third Party Products software or systems made available to it. The Customer uses the Third Party Products under its own responsibility, in compliance with the provisions of the Agreement, and in particular ensures that they are adapted to its needs and the purposes for which they are used.
Unless otherwise applicable, termination of the Services for any reason (including termination of the Agreement, non-renewal, termination of Services by the Customer, non-compliance with the provisions of the Agreement, etc.), as well as certain operations to update and reinstall the Services, result in the automatic and irreversible deletion of all Content (including information, data, files, systems, applications, websites and other elements) reproduced, stored, hosted, collected, transmitted, disseminated, published, and more generally used and/or exploited by the Customer within the framework of the Services, including any backup thereof. Before the termination date of the Services, as well as before any operations to delete, update or reinstall the Services, it is the Customer’s responsibility to perform any operation (such as backup, transfer to third-party solution, Snapshot, etc.) necessary to preserve its Content. At the request of the Customer, and subject to the stipulations of the article "Confidentiality" below, VALUE IT will communicate to him any technical information relating to the Services likely to facilitate the operations of reversibility and recovery of its Contents. These assistance services may give rise to additional invoicing for time spent. However, VALUE IT does not carry out any retrieval or migration of the Customer’s Content, which is the Customer’s responsibility. Subject to the data that VALUE IT must keep in accordance with the regulations in force, the data referred to in article "VALUE IT Processing" below, and the data necessary to defend its rights, VALUE IT undertakes, following the termination of the Services, and unless otherwise agreed between the Parties or specific provisions applicable, to keep no copy of the Customer’s data.
The Customer is authorised to carry out by itself, or by a third-party auditor of its choice duly mandated, intrusion testing operations on the Services (hereinafter "Intrusion Test(s)"). Completion of these operations requires notification of VALUE IT. These intrusion tests must be carried out in accordance with the regulations in force. The Customer must obtain the authorization of the Users and the beneficiaries of the scope targeted by the test. The conditions under which the Customer entrusts the performance of the Intrusion Tests to the third-party auditor are the subject of a separate contract between the Customer and the auditor, and include all the conditions of this article. In this respect, the Customer guarantees to VALUE IT that all the conditions for the performance of the Intrusion Tests stipulated will be respected, including by the auditor who acts under the Customer’s responsibility.
The Intrusion Tests must in no case (a) target other VALUE IT Infrastructures and Infrastructures than those used exclusively by the Customer (in particular the infrastructures, networks and shared services of VALUE IT), (b) disrupt the proper functioning of the Services, and VALUE IT infrastructures and networks and/or (c) have any impact on the Services, resources, networks and infrastructures provided by VALUE IT to other customers. Any intrusion into environments or systems used by other VALUE IT customers is expressly prohibited.
The Customer is responsible for all consequences that may result from the performance of the Intrusion Tests, including when performed by a third party auditor. In particular, it is the Customer’s responsibility to carry out or have carried out in advance, under its responsibility, all the safeguards necessary to enable, in the event of an incident occurring during the performance of the Intrusion Tests, restore and be able to continue to use the target elements of Intrusion Tests (systems, applications, data, etc.).
The Customer is informed that if, within the framework of the Services, protection mechanisms, such as systems for combating the sending of fraudulent or massive mails (SPAM) or against computer attacks by denial of service (DOS or DDOS), have been put in place, these mechanisms will not be deactivated as part of the Intrusion Tests, and may therefore lead to unavailability of the Services. The Customer takes charge of the information of any person likely to be impacted by such unavailability.
After the Intrusion Tests, a written audit report is prepared. The audit report is sent to VALUE IT at the first request or when it is of interest to VALUE IT (in particular, in the event of a failure or vulnerability of the VALUE IT Services or Infrastructures, or which may impact other VALUE IT clients).
The audit report, its contents, and more generally all information disclosed or collected during the audit and concerning, directly or indirectly, VALUE IT, will be considered as strictly confidential, and may not under any circumstances be published or disclosed to third parties without the prior written consent of VALUE IT.
In the event of non-compliance by the Customer and/or the third party auditor with all or part of the terms of this article, VALUE IT reserves the right to immediately suspend access to its Services, without prejudice to any damages that VALUE IT may claim.
3. VALUE IT Support
The VALUE IT Support team is in charge of managing Incidents encountered within the framework of the Services and providing the Customer, on request, with information concerning the conditions and characteristics of the Services. Subject to the other levels of Support available referred to in point 4.4 below, VALUE IT Support is provided in French only, and information services concerning the Services are provided in business hours only. The functioning of the Infrastructures is monitored in 365/24/7. In order to ensure the continuity of the management of Incidents, VALUE IT reserves the right to subcontract part of the Support under the conditions provided for in the "Subcontracting" article hereof.
The Customer can contact VALUE IT Support by email, the Management Interface or by phone at +33 (0)9 70 24 01 80. However, during non-working hours, VALUE IT Support may only be contacted by email or via the Management Interface for Incidents’s resolution.
Each request or declaration gives rise to the recording, by VALUE IT, of a ticket (or "Incident Ticket"). The Customer is informed by e-mail of the creation of the Incident Ticket and the corresponding number. The Customer accesses the status and history of its requests and Incident reports on its Management Interface. The Customer undertakes not to misuse the VALUE IT Support. The Customer does not (i) contact VALUE IT Support for services or products that it has not ordered directly from VALUE IT, or (ii) Connect IT VALUE Support teams with its own customers or any other third parties to the Agreement without accepting invoicing for the time spent in resolving these incidents. VALUE IT reserves the right to refuse to accept requests that do not comply with these conditions. The Customer undertakes to take appropriate, cordial and respectful conduct in its dealings with VALUE IT Support. VALUE IT reserves the right to no longer answer to the Customer’s requests and immediately terminate the Agreement in the event of abusive, excessive or degrading behaviour. In addition, such conduct may be the subject of legal proceedings against the Customer, VALUE IT may, within this framework, resort to any means of evidence it deems useful and appropriate (excerpts from communications with the Customer, screenshots, emails, telecommunications recordings...).
In the event of a Services malfunction, the Customer first performs the technical tests by the VALUE support team. If these tests do not resolve the Incident, the Customer declares it to VALUE IT Support under the conditions described above, providing the maximum information
In the event of an Incident report, the IT VALUE Support carries out the necessary investigations to identify the cause of the malfunction encountered and establish a diagnosis. The Customer undertakes to remain permanently available in order to collaborate with VALUE IT in the diagnosis and resolution of the Incident, in particular by providing it with any additional information, and by carrying out all necessary tests and verifications. As part of the management of Incidents, VALUE IT and its subcontractors are expressly authorised by the Customer to connect to the Customer’s Services, both hardware and software level, and to perform any operation necessary for the development of the diagnosis. This connection may require Customer intervention on its Service. VALUE IT undertakes to keep the Customer informed of the progress of the Operations. If VALUE IT finds that its Services are available and in good working order, that the existence of the Incident cannot be confirmed or that the Incident is not the responsibility of VALUE IT, VALUE IT informs the Customer accordingly. In this case, the time spent by VALUE IT to carry out the diagnosis and assist the Customer may be invoiced as additional services. VALUE IT reserves the right to refuse any intervention if it finds during its research that the Customer uses the Service in violation of the Agreement or the laws or regulations in force.
If it appears that the Incident falls under its responsibility, VALUE IT finalizes the diagnosis and works to restore the availability of the impacted Services. In this case, the intervention of VALUE IT does not give rise to any additional invoicing. The diagnosis is made by VALUE IT by all means, and in particular on the basis of exchanges between the Parties and data from the VALUE IT information system (such as connection data), which, by express agreement, are admissible. Subject to the other applicable stipulations relating to the Support levels, VALUE IT gives no guarantee of intervention time and resolution of Incidents within the framework of VALUE IT Support.
In addition to the VALUE IT Support described above, VALUE IT offers other levels of Support allowing the Customer to benefit from additional services and levels of commitment. These Support levels are described in the Commercial and Technical Proposal.
4. Liability
Each of the Parties represents and guarantees to have the authority and capacity necessary for the conclusion of the Agreement and the performance of these obligations. In particular, the Customer and VALUE IT declare and guarantee that they have all the authorisations, skills and knowledge (including technical knowledge), enabling them respectively to use and provide the Services in accordance with the conditions set out in the Contract.
WHERE THE APPLICABLE SPECIAL SERVICE PROVISIONS PROVIDE FOR SERVICE LEVEL COMMITMENTS, THE CORRESPONDING PENALTIES OR CREDITS WHICH MAY BE DUE TO THE CUSTOMER BY VALUE IT WILL CONSTITUTE A LUMP SUM COMPENSATION FOR ALL PREJUDICES RESULTING FROM THE FAILURE OF VALUE IT TO COMPLY WITH THE SERVICE LEVEL COMMITMENTS IN QUESTION; THE CUSTOMER RENOUNCING TO THIS TITLE, TO ALL OTHER APPLICATION, RECLAMATION AND/OR ACTION.
IN THE ABSENCE OF AN APPLICABLE SERVICE LEVEL AGREEMENT, THE TOTAL CUMULATIVE AMOUNT OF COMPENSATION THAT VALUE IT (INCLUDING SUBCONTRACTORS AND SUPPLIERS) MAY BE LIABLE FOR IN THE EVENT OF A BREACH OR DEFAULT BY VALUE IT SHALL BE LIMITED, FOR ALL BREACHES COMBINED, TO: (A) THE AMOUNT OF THE SUMS PAID BY THE CUSTOMER TO VALUE IT IN CONSIDERATION OF THE SERVICES AFFECTED DURING THE SIX (6) MONTHS PRECEDING THE CUSTOMER'S REQUEST FOR COMPENSATION OR (B) THE DIRECT DAMAGE SUFFERED BY THE CUSTOMER IF IT IS LESS. UNDER PENALTY OF FORECLOSURE, THE TIME LIMIT FOR ACTION AGAINST VALUE IT WILL NOT EXCEED TWO YEARS FROM THE DATE OF KNOWLEDGE OF THE DAMAGE.
THE RESPONSIBILITY OF VALUE IT CANNOT BE COMMITTED UNDER ANY CIRCUMSTANCES ON THE FOLLOWING BASES:
(A) USE OF SERVICES NOT IN ACCORDANCE WITH THE CONTRACT;
(B) INEXECUTION, DEFAULT, MALFUNCTION OR UNAVAILABILITY OF SERVICES RESULTING FROM A THIRD PARTY (EXCLUDING VALUE IT SUBCONTRACTORS), THE CUSTOMER; A THIRD PARTY PRODUCT, OR A CUSTOMER’S FAILURE TO ITS OBLIGATIONS;
(C) INDIRECT DAMAGES SUCH AS, IN PARTICULAR, PREJUDICE OR COMMERCIAL DISTURBANCE, LOSS OF ORDERS, LOSS OF OPERATIONS, DAMAGE TO BRAND IMAGE, LOSS OF BENEFITS OR CUSTOMERS (FOR EXAMPLE, IMPROPER DISCLOSURE OF CONFIDENTIAL INFORMATION DUE TO SYSTEM FAILURE OR HACKING, THIRD PARTY ACTION AGAINST THE CUSTOMER, ….);
(D) LOSS, DISCLOSURE OR ILLICIT OR FRAUDULENT USE OF USER AUTHENTICATION BY THE CUSTOMER OR THIRD PARTIES;
(E) SUSPENSION OF ACCESS OR TEMPORARY OR DEFINITIVE SUSPENSION OF SERVICES PROVIDED UNDER ARTICLE 3 OF THESE GENERAL CONDITIONS (IN PARTICULAR THE RESULT OF A REQUEST FROM A COMPETENT ADMINISTRATIVE OR JUDICIAL AUTHORITY, OR NOTIFICATION OF A THIRD PARTY WITHIN THE MEANING OF ARTICLE 6 OF THE LCEN OR EQUIVALENT);
(F) LOSS, ALTERATION OR DESTRUCTION OF ALL OR PART OF THE CONTENTS (INFORMATION, DATA, APPLICATIONS, FILES OR OTHER ELEMENTS) OF THE INFRASTRUCTURE, TO THE EXTENT THAT VALUE IT IS NOT IN CHARGE OF MANAGING THE
CONTINUATION OF THE CUSTOMER’S ACTIVITIES AND IN PARTICULAR THE SAFEGUARD OPERATIONS;
(G) INADEQUACY OF THE SERVICES TO THE CUSTOMER’S NEEDS (IN PARTICULAR IN RELATION TO THE SENSITIVITY OF THE DATA CONCERNED);
(H) SECURITY INCIDENTS RELATED TO THE USE OF THE INTERNET, IN PARTICULAR IN THE EVENT OF LOSS, ALTERATION, DESTRUCTION, DISCLOSURE OR ACCESS NOT-AUTHORISED TO CUSTOMER DATA OR INFORMATION ON OR FROM THE INTERNET NETWORK; AND
(I) DETERIORATION OF SYSTEMS, APPLICATIONS AND OTHER ELEMENTS INSTALLED BY THE CUSTOMER ON THE INFRASTRUCTURE.
The Customer assumes all risks and perils related to its activities and is in particular responsible for the use of the Services made available to it by VALUE IT and for compliance with the provisions of the Agreement, including when the Services made available to it are used by or on behalf of third parties. In particular, the Customer remains responsible for (a) the adequacy of the Services ordered to its needs and to the third partiies’s needs by or on whose behalf they are used, (b) Content such as information, data, files, systems, applications, software, websites and other materials reproduced, hosted, installed, collected, transmitted, disseminated or published, and more generally used and/or used in connection with the Services, as well as (c) the management and use of said Content (in particular their control, validation, updating, deletion, backup, as well as any measure likely to protect against losses and alterations of Content)including when they belong to third parties or are used or exploited by or on behalf of third parties, and (d) compliance with applicable laws and regulations. When the Customer uses the Services in the context of a professional activity, or when acting on behalf of third parties, it undertakes to subscribe, with a reputable organization, a third party liability insurance covering all damages liable to be charged to it, and undertakes to maintain this insurance (or any other equivalent insurance) for the duration of the Contract.
Each Party guarantees to carry out its activities in accordance with the regulations in force. The Customer guarantees VALUE IT against all consequences resulting from (a) the use or exploitation of Unlawful Content within the framework of the Services, (b) fraudulent use of the Services or non-conformity with the laws and regulations in force, (c) the use of the Services made in violation of the rights of third parties, (d) the inadequacy of the selected Services to its needs or the third parties ‘s needs, and (e) the loss or unauthorized or fraudulent use of the Users' means of authentication. The Customer undertakes to intervene in the context of all requests, claims and/or actions of third parties involving the Contents and/or the provisions of the Agreement, including the administrative and judicial authorities, and to indemnify VALUE IT for all damages resulting therefrom (including conviction, reasonable defence costs, etc.).
Under this Agreement, VALUE IT makes no commitment to third parties, and in particular to the Users, no stipulation may be interpreted as creating third parties beneficiaries of this Agreement. The Customer is in charge of the relationship he has with third parties, in particular with the Users of the Services, and guarantees VALUE IT against all requests, claims and/or actions of third parties, involving VALUE IT Services. The Customer undertakes to notify VALUE IT in writing as soon as possible, all requests, complaints and/or actions of third parties involving the VALUE IT Services, specifying the purpose of the request as well as any useful information so that VALUE IT can communicate to the Customer the useful elements in its possession.
5. Financial terms
The prices of the Services invoiced to the Customer are those in force at the time of invoicing, as validated in the VALUE IT commercial proposal. Prices are also communicated on request to VALUE IT Support. Unless otherwise stipulated, prices are in euros. Depending on the type of Services, VALUE IT offers different types of rates (monthly fixed price, annual fixed price, …) to which may be associated, as the case may be, a commitment period and/or a specific billing method. When several types of rates are available for the same Service, the Customer selects the one of its choice at the time of the Order. When they are indicated excluding taxes (in particular concerning Services for professionals), VAT as well as any other tax applicable to Services (excluding taxes and taxes on VALUE IT income) are added to the price of the Services and are due by the latter without this being considered as a price change within the meaning of the article below. Unless specifically provided for, the price of the Services will include the cost of acquiring licences and rights to use the tools, Software and Operating Systems used by VALUE IT and/or, where applicable, made available to the Customer by VALUE IT as part of the Services. It is the Customer’s responsibility to acquire and pay for any license or right of use necessary for the use of the Content it uses in connection with the Services. The methods of calculation of the prices of the Services and the units of work are defined in the commercial proposal of VALUE IT and in the specific provisions applicable. Each unit of work started is invoiced and due in full, even if it is not fully used. Some Services are subject to additional installation or commissioning charges.
VALUE IT reserves the right to change its prices at any time. Price changes are applicable immediately. For Services in use, in the event of a price increase, the Customer will be informed with thirty (30) calendar days' notice by e-mail. In this case, the Customer will have, from this information, a period of thirty (30) calendar days to terminate the impacted Services without penalty, by registered mail with acknowledgement of receipt. Otherwise, the Customer will be deemed to have accepted the new rates. This option of termination is not applicable in case of price increase resulting from unforeseeable circumstances within the meaning of Article 1195 of the Civil Code.
The Services are invoiced on the basis of the Customer’s Orders recorded by VALUE IT, which is binding and fully enforceable against the Customer. The frequency (monthly, annual, or other) and timing (at the Order or due date) of invoicing varies from one Service to another. The conditions for invoicing the prices of the Services are defined on the commercial proposal of VALUE IT and in the special provisions of Service. It is up to the Customer to read it before placing an order. After each payment, VALUE IT sends the Customer an invoice. The Customer expressly agrees that the invoice will be transmitted electronically. The invoice is communicated to the Customer by e-mail and/or made available to the Customer in the Management Interface. It is the Customer’s responsibility to keep a copy in accordance with the regulations in force. The invoices made available to the Client in the Management Interface remain there for a period of twelve (12) months following their availability date.
Prices are due in full. Consequently, (1) the Customer may not claim any refund in the event of non-use, partial use, suspension or cessation of use of the Services before the end of the Period of Use (2) in the case of a payment method divided into several times (monthly payment, annuity or other) the Customer remains liable for payment of the sums due for the entire commitment period subscribed at the time of the Order. This is without prejudice to the possibility for the Customer to incur the liability of VALUE IT under the conditions provided for in the article "Liability" below, if this situation results from a failure of VALUE IT to perform its obligations.
In the event of default or late payment, including partial payment, the Customer is liable for late penalties due on the day following the settlement deadline, and whose interest rate is equal to three times the legal interest rate. In addition, any default or late payment (even partial) of the sums due by the Customer in performance of the Agreement, persisting more than (4) four calendar days after notification of default or late payment sent to the Customer by email, entails as of right and without the need for further notification or formal notice (a) the immediate payment of all sums remaining due by the Customer under the Agreement, regardless of the method of settlement provided for, and (b) the possibility for VALUE IT immediately and without notice to suspend all or part of the Customer’s Services (including those that have been settled), to refuse any new Order or renewal of Services, and to terminate, as of right, by email, the Agreement in whole or in part.
In the event of default or late payment, professional Customers are liable for a rate recovery fee of forty (40) euros, without prejudice to the possibility for VALUE IT to request, upon justification, additional compensation where the recovery costs incurred are greater than the amount of such lump sum compensation.
Any disagreement concerning the invoicing and the nature of the Services must be notified to the VALUE IT Customer Service within one (1) month after the invoice has been issued. Failing this, and without prejudice to the possibility for the Customer to subsequently contest the invoicing, the Customer is bound to pay the unpaid invoices in the conditions provided for in the Contract. In the event of invoicing default, VALUE IT is authorised to regularize said invoices within the limits of the rules of prescription in force.
6. Term, renewal and termination of services
The Agreement is concluded for a minimum period of 36 months and/or indefinitely and remains in force as long as the Customer uses VALUE IT Services. In the event of a lump sum or subscription payment (monthly, annual or other), the Customer agrees to use the Services for the entire corresponding period. Failing this, and in particular in the event of suspension or early termination of the use of the Services, the Customer remains bound to pay the package in its entirety and may not claim any refund in this respect.
Without prejudice to the other cases of termination provided for in the Agreement, in the event of a breach by one of the Parties of all or part of the obligations entrusted to it and in particular in the event of non-compliance with the financial terms and/or article 3 "Terms of Service Use" these conditions, the Services may be terminated by registered mail with acknowledgement of receipt after a notification of the breaches in question has been sent by registered mail with acknowledgement of receipt to the defaulting Party and has remained without effect for more than seven (7) calendar days. Notwithstanding the foregoing, in the event of malicious, illicit or fraudulent use of the Services, or use in violation of the rights of a third party, VALUE IT may, as of right, terminate the Services concerned or the Agreement in its entirety, by email and without prior notice. This paragraph does not call into question the right of VALUE IT to suspend or interrupt the Services under the conditions provided for in the Agreement, particularly in the event of non-compliance with the provisions of the Agreement. Termination for default is without prejudice to any damages that may be claimed from the defaulting Party.
7. Confidentiality
Each Party undertakes, with respect to the confidential information of the other Party of which it is the recipient or to which it has access in the performance of this Agreement: (a) to use such confidential information only for the only purpose of performing the Agreement, (b) to maintain the confidentiality of such information with the same degree of care as if it were its own confidential information, and (c) to give access to said confidential information only to those of its employees and subcontractors who need to know about it in view of their function, provided that these recipients are previously informed of the confidential nature of the said information, and are bound by a confidentiality commitment at least equivalent to this undertaking. Each Party will also be entitled to communicate confidential information of the other Party to its advisers where it is part of a regulated profession subject to professional secrecy (such as lawyers, accountants or auditors). Each Party will refrain from disclosing the confidential information of the other Party to persons other than those referred to above without the prior written consent of the other Party, and is bound to respect the confidentiality of said information by all persons to whom it discloses it. The terms of the Agreement and all information communicated between the Parties, or to which the Parties have access in connection with the performance of the Agreement, in whatever form and nature, will be considered confidential information (in particular financial and marketing information, trade secrets, know-how, security information and conditions of use of the Services
In order for information to be considered confidential, it is not necessary that its confidential nature be mentioned on the document or other medium containing that information, or that it be specified at the time the information is disclosed. Each Party undertakes to respect its obligation of confidentiality throughout the term of the Agreement and for a period of two (2) years from its end, regardless of the reason.
The confidentiality commitments defined above do not apply to information of which the Receiving Party can demonstrate that (a) the Receiving Party was legitimately aware without being obliged to keep it confidential, before the other Party discloses them to it or gives it access to them, (b) they are in the public domain other than by default of the recipient Party (or persons for which it is responsible) the obligation of confidentiality that is the subject of this Agreement, (c) they have been lawfully communicated to the Receiving Party by a third party and with permission to disclose them, (d) they result from developments carried out by the recipient Party and/or its collaborators, irrespective of the performance of the Agreement, or (e) the disclosure of said information has been authorised by the other Party under the conditions provided for in the Agreement.
Notwithstanding the foregoing, each Party reserves the right to disclose information received from the other Party (a) to the extent strictly necessary to defend its rights, it being specified that in this case, confidential information of the other Party will be kept for the legal time necessary for the administration of the evidence, and may be disclosed only to persons who need to know about it in the course of the action or procedure in question (judges, councils, etc.), which are subject to professional secrecy or, failing that, bound by a confidentiality agreement, and (b) at the request of a competent administrative or judicial authority, it being specified that in such cases, the disclosure will be strictly limited to the request of the said authority and that, subject to any legal provision or injunction to the contrary, the receiving Party shall inform the other Party of such request.
8. General provisions
The nullity of one of the clauses of the Contract subscribed to VALUE IT in application in particular of a law, a regulation or following a decision of a competent jurisdiction that has become final will not entail the nullity of the other clauses of the Contract which will keep their full effect and scope. In this case, the Parties will, to the extent possible, replace the invalidated provision with a valid provision corresponding to the spirit and purpose of the Contractual Conditions. The titles of the articles of the Contract Terms are for the purpose of facilitating references and do not by themselves have any particular contractual value or significance.
The fact that VALUE IT does not avail itself at any time of any of the present and/or tolerates a breach by the other Party of any of the obligations referred to herein cannot be interpreted as a waiver by VALUE IT to avail itself any of these conditions later.
VALUE IT may at any time and by right amend these Terms and Conditions. Such changes will apply immediately to all new Orders.
Regarding its Services in use, the Customer is notified by email or via its Management Interface of any change to the Terms of Service in force. The amendments to the Terms of Service will only come into force thirty (30) calendar days after the aforementioned notification has been sent. However, changes to Third-Party Product Conditions and changes to legal or regulatory compliance may occur immediately to the extent that VALUE IT does not control them. When new Terms of Service are unfavourable to the Customer, the Customer may terminate the impacted Services by registered mail with acknowledgement of receipt or from the form provided for this purpose in its Management Interface, within a maximum period of thirty (30) calendar days from the entry into force of the new Terms of Service.
The Parties agree that nothing in the Agreement may be interpreted as constituting a mandate, a joint venture, a de facto company, or any other form of grouping, joint venture or association. Each Party will remain fully independent, master of the management of its affairs, and responsible for all its actions, and will assume all risks related to its activity.
Neither Party is authorized to assign this Agreement, even in part, except with the prior written consent of the other Party. However, notwithstanding the foregoing, each Party may freely assign all or part of this Agreement to its Related Companies. In this case, it will notify the other Party in writing as soon as possible, and will ensure compliance with the Agreement by the Related Company(s).
The following transactions do not fall within the scope of this Article and are authorised: (a) changes in shareholdings, changes in shareholdings and changes in control of either Party, and (b) transactions such as mergers, Disposals, disposals of goodwill, disposals of business and other transactions resulting in a transfer of assets from either Party. If one of the Parties carries out one of the operations mentioned in (a) and (b) above, it will inform the other Party. If the transaction is carried out for the benefit of a direct competitor of the other Party or a company in litigation with the other Party, the latter is authorised to terminate the Agreement as of right and without compensation.
For any exchange of information by e-mail, the date and time of VALUE IT's server will be taken as proof between the Parties. This information will be kept by VALUE IT for the entire period of the contractual relationship and for the following three (3) years. Subject to the other methods of communication and recipients provided for in the Agreement, all the notifications, notices and other communications provided for in the Agreement will be deemed to have been validly issued if they are sent to:
- To VALUE IT: By registered letter with acknowledgement of receipt to the following address:
VALUE IT – 1 ALLE DE L'ELECTRONIQUE 42000 SAINT ETIENNE
- To the Customer: By registered letter with acknowledgement of receipt to the mailing address associated with Customer Account or by email.
It is expressly agreed that the data of the information system of VALUE IT or its subcontractors, such as connection logs, consumption records, order and payment summaries, incident management reports or others, are fully enforceable against the Customer and admissible including in the framework of litigation procedures.
By way of derogation from the provisions of Articles 640 and next of the Code of Civil Procedure, and subject to different stipulations of this Agreement, the time limits will be calculated in calendar days and will begin to run from the day after their triggering event.
The arrival of term or early termination of the Agreement will not affect the validity of the rights and obligations provided for in the articles "Confidentiality", "Liability", "Intellectual Property", "Communication", of the Agreement which, by their nature or by reason of specific stipulations, extends beyond the term or termination, both for the Parties and their assigns, until their respective expiry date.
ARTICLE 11 : DEFINITIONS
Term of Service : All terms and conditions of service applicable to an Order, including these Terms of Service and special provisions, in their latest versions in force and published on the VALUE IT website or available on request from VALUE IT Support.
Content : information, data, files, systems, applications, websites and other materials reproduced, hosted, collected, stored, transmitted, published, and more generally used and/or exploited by the Customer in connection with the Services.
VALUE IT Elements : All elements (including software, data, Infrastructures, documentation, etc.) made available to the Customer by VALUE IT within the framework of the Services and in execution of the Agreement.
Incidents : Events causing an interruption or malfunction of the Services provided to the Customer by VALUE IT.
Infrastructure : All physical and virtual elements belonging to or under the responsibility of VALUE IT, made available by VALUE IT within the framework of the Services, and which may in particular consist of a network, Bandwidth, physical resources and software and/or applications.
Sanctions Lists : List of persons, companies and entities sanctioned under the Directive (EU) 2015/849 on the prevention of the use of the financial system for the purposes of money laundering or terrorist financing as amended by Directive No. 2018/843 of 30 May 2018 or in application of other legislative acts in the field of counter-terrorism money laundering and terrorist financing.
Third Party Products : Any product (such as operating system, application, firewall or hardware component) developed by a third party and owned by such third party and made available to the Customer by VALUE IT, or that the Customer has directly or indirectly obtained from such third party.
Service : All services, such as products use, VALUE IT Elements (infrastructures, network, etc.) and access to support, provided by VALUE IT to the Customer as part of the performance of the Agreement.
VALUE IT Website : VALUE IT SAS company website. VALUE IT Support : VALUE IT Service in charge of Customer support and incident management.
Third Party Suppliers: Third Party to the Contract, including, but not limited to, energy suppliers, network suppliers, network connection point or colocation data centre managers, hardware suppliers, software or other carriers, Technical service providers, security.
User(s) : Customer or any other person(s) accessing or using the Services (including accessing or using any products configured within the Services by VALUE IT, the Customer, its own customers or any third party) under the Customer’s responsibility.
CHAPTER SPECIAL PROVISIONS
1. Definitions
The definitions below supplement the definitions in the Contract.
« Storage space » : Dedicated storage resource (usually a NAS-like resource presented as a datastore) provided and managed in a Customer’s Private Cloud. This resource uses Private Cloud disk space.
« Infrastructure » : A structure set up by VALUE IT to host the Customer’s Private Cloud, including the network, bandwidth, physical resources and Virtualization.
« Virtual Machine » : A non-physical server that uses Virtual Datacenter resources and is installed on the Private Cloud network. Each Virtual Machine is managed independently of the others in the Customer’s Virtual Datacenter.
« VALUE IT Connect » : Connectivity to the dedicated internal VALUE IT network (“Backbone”) provided to a Customer at one or more Points of Presence VALUE IT. VALUE IT Connect allows the Customer to connect its own Customer Network (i.e., its own infrastructure and IT resources and/or the infrastructure and third-party resources it uses) to its VALUE IT Connect.
« Customer Network» : External resources to the VALUE IT Infrastructure used by the Customer to communicate with the Resources provided by VALUE IT. These may be Cusotmer-specific resources or resources provided and/or hosted by third parties on behalf of the Customer.
« Virtualization» : Technology of running multiple operating systems, Virtual Servers or applications on the same physical server
2. Purpose
These special provisions set out the specific terms, including the terms of use and financial terms applicable to VALUE IT Private Cloud services (hereinafter the “Service(s)”). They complete the general provisions of Service VALUE IT currently in force. In case of a discrepancy, these special provisions will prevail over the terms of Service VALUE IT.
4. Services Description
As part of the Service, VALUE IT provides the Customer directly or via subcontractors with a «Private Cloud» consisting of one or more Virtual Datacenters within a secure private network. The physical resources provided in this Service are dedicated and exclusive to a Customer. The Hosted Private Cloud Premier Service is intended for business users and allows the Customer to use its own secure private network. The Service may have limitations (for example, number of Virtual Machines that can be used, usage, bandwidth, ...).
VIRTUALIZATION INTERFACE The Service is based on functionalities inherent in the Third Party Products of the VMware® Software Suite, an integrated VALUE IT partner, enabling virtualization of servers (vSphere® Hypervisors), networks (NSX® ) and storage (vSAN® servers) In accordance with the specific conditions of VMware® currently in effect. All VMware® Software Suite Third-Party Products (Virtualization Interfaces) are hosted on resources managed by VALUE IT and external Private Cloud Customer.
The Customer also acknowledges that full functionality compatibility and interoperability between Virtualization Interfaces cannot be guaranteed.
Le Service est basé sur des fonctionnalités inhérentes aux Produits Tiers de la suite logiciel VMware®, partenaire de VALUE IT, intégrés permettent la
VM Encryption uses an internal vSphere 6.5 or higher functionality to encrypt Virtual Machines data on the fly using an encryption key provided by a component external to the Private Cloud (like an encryption box) for the purpose of encrypting data stored in the Private Cloud datastore.
5. Term of service use
Eligibility Subscription to the Private Cloud Service is reserved for professionals who are not covered by the applicable Consumer Law. In addition to the chosen solution, the Customer can add additional resources and Services to the services, which may consist of a BCP/Backup and so on.
The Customer is responsible for the Services use, in particular for the management of the keys allowing to manage its identifiers/authorisation and access to the Service, the use of APIs, software and tools made available by VALUE IT, the administration of its subscriptions and the management of the Data he uses in connection with the Services. The Customer must have the necessary technical knowledge and skills and be familiar with the characteristics of the Services before their use. VALUE IT is limited to Infrastructure maintenance operations and is responsible for the provision of energy and connection to the Private Cloud network.
In order to ensure the proper functioning of the Services, VALUE IT carries out maintenance operations. The Customer will be informed of any planned maintenance operation either by e-mail to the address indicated by or by publication on the VALUE IT website, by contacting the Customer directly by telephone or by any other means.
There are three (3) types of maintenance operations that can be performed by VALUE IT
- a) Emergency changes for critical events. This type of maintenance is defined by updates, patches and/or changes to infrastructure, hardware, firmware, software or any other component. The consequences of not applying this maintenance could include: a. loss of compliance for security certifications b. endangering the security and stability of the system c. exposure to critical vulnerabilities d. loss of service to a wider customer base. Once VALUE IT becomes aware of the problem with a clear understanding of the impact, the information is shared with the Customer, indicating that VALUE IT is working on a solution. Within 24 hours, the Customer is informed of the process that will be followed, when and how it will be applied to the environment, the measures to be taken and the level of impact for the Customer, Ranging from a minor impact on a given component to a major impact causing one or all components to fall. Given the impossibility of predicting how many critical vulnerabilities will be revealed at some point in a calendar month, the number of emergency change tasks to be performed is not limited. Due to the criticality of the tasks to be performed, they may be undertaken at any time during the calendar month. In cases where we rely on the supplier to provide a patch or correction, VALUE IT will then need to extend this period to provide the full correction to include the time required for the manufacturer.
- b) Standard. These maintenance tasks are not critical or urgent. They are of medium criticality and may apply only to the Customer or to the entire company, but do not pose a safety problem or a loss of compliance. They will be communicated to the Customer at least seventy-two (72) hours in advance. These tasks may or may not trigger a downtime, but the Customer is advised to make arrangements in advance to avoid any downtime. These scheduled tasks will take place outside normal working hours (usually 9:00 - 17:00). Change Management Board approval is required and is limited to two (2) maintenance tasks per calendar month.
The Customer acknowledges that, for security reasons, some features and protocols (such as IRC or peer-to-peer file sharing) may be subject to restrictions as part of the Service. The use of proxy and anonymization services is strongly discouraged as part of the Service.
The Customer is responsible for the use of the Service in accordance with the licenses for the use of the integrated solutions. VALUE IT reserves the right to carry out checks to ensure that the Customer complies with these Terms of Use, and to suspend the Service under the conditions provided for in the Agreement, when the Customer does not comply with the Terms of Use of the Services, the laws and regulations in force, and/or the rights of third parties. Enabling some features may require a minimum number of Host Servers.
The Customer is reminded that, unless otherwise agreed by the Parties, the Private Cloud Service does not include a Business Continuity Plan (“BCP”) or Business Recovery Plan (“BRP”). As such, the Customer is responsible for the implementation of its own BCP and/or BCP; it can order Private Cloud services in different Datacenters which will allow it to have resources in different risk environments. The Customer must then take the necessary technical and organisational measures to ensure the continuity of its business in the event of a major malfunction that could affect availability, the integrity or confidentiality of its Service or be accompanied by Value IT for its implementation.
Unless otherwise agreed by the Parties, VALUE IT makes no commitment to safeguard Customer data hosted on the Private Cloud. It is therefore the Customer’s responsibility to take all necessary measures to safeguard its data in case of loss, damage to shared data, for any reason whatsoever, including data not expressly mentioned in these Terms. The Customer may use the Backup option, the special provisions of which are attached to this document.
6. DOS (denial of service) and DDOS (dynamic denial of service) protections
VALUE IT set up safeguards against DoS and DDoS (denial of service) cyber attacks and provided that they are carried out in a massive manner. This functionality is intended to allow the Customer Service to remain in operation for the duration of the attack. This functionality consists of checking incoming traffic destined for the Customer’s Service from outside the VALUE IT network. The traffic considered illegitimate is then rejected before it can reach the Customer’s infrastructure, thus allowing legitimate users to access the applications provided by the Customer despite the cyber attack. These safeguards are not effective against cyber attacks such as SQL injections, Bruteforce or exploiting security vulnerabilities.
Due to the high complexity of the Protection Service, VALUE IT is only subject to the obligation of means. It is possible that an attack is not detected by the tools in place and that these tools cannot ensure the continuity of the Service’s operations. Due to the nature and complexity of the attack, VALUE IT will perform several levels of traffic protection in order to protect its infrastructure and the Customer's Service.
Mitigation is only activated when an attack has been detected by the VALUE IT tools. Therefore, until mitigation is activated, the Service will directly support the attack, which may result in unavailability of the service. Once the attack is identified and the mitigation is activated automatically, the mitigation cannot be deactivated before the end of the attack. Although mitigation is enabled, VALUE IT cannot guarantee the accessibility of the Customer’s applications, but will do everything possible to minimize the impact of the attack on the Service and VALUE IT Infrastructure. If, despite the activation of mitigation measures, the cyber attack is likely to undermine the integrity of the VALUE IT infrastructures or other VALUE IT cusotmers, VALUE IT will apply stricter protection measures that could lead to a reduction in the quality or unavailability of the Service. Finally, it is possible that some of the traffic generated by the cyber attack is not detected by the VALUE IT systems and thus negatively affects the Customer Service. The effectiveness of mitigation measures also depends on the configuration of the Service. As such, the Customer is required to ensure that it has the necessary skills to ensure effective administration.
7. Anti-spam measures from the Value IT network
VALUE IT implements a system of technical measures to prevent fraudulent e-mails and spam from its infrastructures. For this purpose, VALUE IT checks the outgoing traffic of the Service used by the Customer for port 25 (SMTP server). This operation consists in monitoring traffic through automatic tools. The e-mail is not filtered or intercepted, but rather monitored with a delay of a few seconds. These operations are performed in parallel, but not in front, between the server and the web-based network. Similarly, no transactions are carried out on the sent e-mails: VALUE IT does not mark (tag) the emails, and does not modify in any way the e mails sent by the Customer. No information is stored by VALUE IT during these operations outside of statistical data. This is done regularly and completely automatically. No human intervention is performed when checking traffic to port 25 (SMTP port). In case of sending emails from the Customer’s server identified as SPAM or fraudulent, VALUE IT informs the Customer by e-mail and blocks the SMTP port of the IP in question.
VALUE IT does not keep copies of e-mails sent from the SMTP port of the Service even when they are identified by SPAM. The Customer can request the unblocking of the SMTP port through its Management Interface. Any new email identified as SPAM will cause the SMTP port to be blocked again for a longer period. From the third block, VALUE IT reserves the right to refuse any new request for unblocking the SMTP port.
8. Service-level agreement
In order to benefit from the Service Level Agreement defined below, the Customer must have an outsourcing agreement with the Private Cloud solution
The monthly ALC availability rate is 99.9% for the entire Service. If it is less than 99.9%, the Customer is entitled to 10% of the price of the impacted Monthly Service. If it is less than 99%, the Customer is entitled to 30% of the price of the impacted Monthly Service.
The term "monthly availability rate" means the total number of minutes in the month concerned, less the number of minutes of unavailability for the month concerned, divided by the total number of minutes in the month concerned. To calculate penalties, downtime periods are calculated from the beginning of the incident until the failure is resolved and the resolution confirmation is communicated by VALUE IT. Unavailability means:
- For Cloud: Impossible access to (one or more) servers provided to the Customer due to a server failure or downtime. Downtimes and failures that do not prevent access to the Servers are not considered unavailable, even in cases where a reduction in the performance levels of the Infrastructure is observed. If a Server is restarted by the Customer or due to scheduled and communicated maintenance, the Server availability will resume monitoring thirty (30) minutes after the restart.
Penalties provided for in the event of non-compliance with the SLA constitute a lump sum compensation for all damages resulting from this non-compliance, the Customer renouncing in this respect, to any other request, claim and/or action. If a single event results in the non-compliance of several SLAs for the same Service, the penalties do not accumulate. In this case, the most favourable penalty is applied to the Customer. The total cumulative monthly amount (all incidents and SLA combined) of penalties that may be due by VALUE IT is capped at 30% of the impacted Service’s monthly cost. Credit notes are issued when the Customer paid all its invoices at maturity and are deducted from the invoice for the month following receipt by VALUE IT of the Customer’s claim, provided that all invoices issued by VALUE IT have been paid by the Customer. If the Customer’s intervention is necessary for the diagnosis or resolution of an incident, and the Customer is not available or does not collaborate with VALUE IT, the corresponding period is not counted as unavailability time, response or recovery.
Penalties are not due in the event that the failure to comply with the SLA results from (i) events or factors outside of cloud control such as not imitating force majeure, pandemic, done by a third party, malfunction or misuse of hardware or software under the control of the Customer, (ii) a breach by the Customer of its obligations under this Agreement (in particular a failure to cooperate in resolving the incident), (iii) Improper use or inappropriate use of the Service by the Customer (in particular, poor network configuration, saturation of Storage Spaces, inappropriate use of system elements, software or other elements used by the Customer in connection with the Services), (iv) planned maintenance, (v) suspension in accordance with Article 3 of the general provisions of Service VALUE IT or (vi) hacking. In such cases, and subject to point (iv), VALUE IT reserves the right to invoice the Customer for any intervention carried out to restore availability. This is the subject of a quote submitted for validation by the Customer. The causes of unavailability, and in particular the recognition of the exclusion cases defined above, may be established by any means, and in particular on the basis of the elements of the VALUE IT information system (such as connection data) which, by express agreement, will be admissible.
9. Term, payment, renewal and temrination of service
The Customer agrees to use the Service for the entire subscription period chosen during the order.
At the end of this initial commitment period, the user subscription is automatically renewed for consecutive periods of equal duration to the reduced price depending on the level of commitment chosen and under the same conditions as the initial contract.
The Customer may choose to refuse automatic renewals, the price will be adjusted to the public price without any commitment. The Initial Period begins on the day the Service is activated. At the end of the Initial Period, the Service will be automatically renewed in successive periods of the same duration ("Renewal Period") unless the Service is renewed with a modified or terminated term in accordance with the terms and conditions set out below or in the general provisions of the Service currently in force.
The commitment does not apply to the following services: (i) Backup Service, (ii) Recovery Plan Service. In addition, the Agreement may be terminated in accordance with the general provisions of Service VALUE IT. The delivery time is established by VALUE IT on the basis of the data available in its information system, which is authoritative and which engages the Customer.
The Customer undertakes to always have sufficient funds in his bank account and in the payment method he uses so that his invoices can be paid within the agreed time. If VALUE IT is not able to collect the sum via the associated payment method, an e-mail will be sent to the Customer to pay the amount of his unpaid invoice as soon as possible. In case of non-payment, VALUE IT will automatically suspend the Service.
When the Initial Period does not begin on the first day of the calendar month (starting in the month), the renewal cycle of the Service is realigned to a calendar cycle at the time of the first renewal so that subsequent renewal periods begin on the 1st of the calendar month. (For example: for a Service subscribed for one (1) year on May 24, 2017, automatic renewal at the end of its Initial Term results in the Service being extended from May 24, 2018 to May 31, 2019). If the Client does not wish a Service to be renewed at the end of its initial Period or the current Renewal Period ("Renewal Date"), it must inform VALUE IT by Registered Mail 3 months before the contract anniversary date
If the payment by direct debit is not authorized under the conditions set out above, the Service concerned is automatically terminated and deleted at the end of the Initial Period or Current Renewal Period ("Expiry Date"), including all content and data stored by the Customer as part of the Service.
In the case of non-renewal or termination of the Private Cloud, for whatever reason, all Virtual Features, data and information contained will be automatically and irreversibly deleted (including backups and duplications).
VALUE IT erases and destroys disks at the end of the Service in accordance with established and documented procedures:
- Data deletion on the hard drive or network is done by overwriting the data (overwriting, one pass).
- Data erasure on a disk or SSD is done according to the logical erasure procedure (one-pass block erasure) or by deleting the encryption key (PSID revert).
10. Financial terms
All services are invoiced on a monthly basis, one month in advance and paid immediately by direct debit. Failure to pay on time, including partial payment, will result service interruption. If the payment reminder sent by e-mail remains unresolved four (4) days after the notification, the consequences of an unresolved payment default are as follows: 1) the Customer will not be able to add Services 2) seven (7) days after the interruption of the service, VALUE IT will have the right (i) to permanently interrupt the service and (ii) to delete all data stored on the infrastructure.
ANNEX 1 DIVISION TASKS AND RESPONSIBILITIES BETWEEN THE CUSTOMER AND VALUE IT
| Maintenance | Subcontractor | Value IT | Customer |
|---|---|---|---|
| Private Cloud Infrastructure Hardware |
X | ||
| Virtualization Interface | X | ||
| Software installed by the Customer | X | ||
| Software provided by VALUE IT | X | ||
| Backup | |||
| Virtual Machine and Customer Content |
X | ||
| Configurations provided by VALUE IT |
X | ||
| Maintenance of VEEAM Backup | X | ||
| Use of VEEAM Back-up (including guarantee of performance and integrity of the backup) |
X | ||
| Operation of the Service | |||
| Administration | X | ||
| Infrastructure availability | X | ||
| Reversibility | |||
| Data recovery if invoiced | X | ||
| Data deletion upon termination | X | ||
| Security | |||
| Private Cloud Infrastructure | X | ||
| Virtual architecture hosted in the Private Cloud |
X | X | |
| Backup of Virtual Machine content | X |
ANNEXE 2 VEEAM MANAGED BACKUP
This annex describes and sets out the specific terms and conditions applicable to the Veeam Managed Backup Service offered by VALUE IT as part of its Private Cloud (hereinafter referred to as the “Backup Option” or “Veeam Managed Backup”). It completes and forms an integral part of the special arrangements of the Private Cloud. In case of contradiction or inconsistency, this Annex shall prevail.
Description: The Backup Option allows you to backup the Virtual Machines of your Private Cloud and the data stored there (hereinafter referred to as «Backup»). The Backup Option is an optional Service that is not included by default in the Private Cloud cost. This Option must be the subject of a specific order or activation and results in additional invoicing.
Software : Software allows the Customer to use the Backup Option developed by third party suppliers (“Third Party Products”). VALUE IT does not participate in the creation and development of these Products. Consequently, VALUE IT is not responsible for the Third-Party Products made available as part of the Service, which may include technical errors, security vulnerabilities, incompatibilities or instabilities, and gives no warranty on the Third Party Products made available as part of the Service.
Storage space : The storage resources allocated to the Backup Option are shared. The storage resources allocated to the Customer are logically isolated from those allocated to other VALUE IT Customers and are physically separated from the Infrastructure in which the Customer has set up its Private Cloud. The Storage Space used for the Backup Option is located in the same Datacenter as the Private Cloud Service that is being backed up. It is Customer's responsibility to ensure that the Datacenter location meets its needs and requirements.
GIT (Guarantee of intervention time) : Maximum time that VALUE IT will take to intervene on an incident. Starts when a task is initiated by the Customer, causes an error, and ends when VALUE IT contacts the Customer with a Support Ticket ID, or when VALUE IT Support staff first responds to an incident ticket opened by the Customer. RTG (Recovery time guarantee). Maximum time for VALUE IT to resolve the incident automatically reported by the system or the Customer by creating an incident ticket. Starts when a task initiated by the Customer causes an error and ends when the incident is resolved with a status of “completed” or “cancelled” (with the Customer’s agreement).
ANNEX 3 BUSINESS RECOVERY PLAN OPTION
This annex describes and explains the specific conditions applicable to the "Business Resumption Plan" option proposed in the framework of the Private Coud Services (hereinafter referred to as "PCS"). This option is one of the possible components of a "Business Recovery Plan", which is a global business project built, tested and operated by the Customer. This annex completes and forms an integral part of the Private Cloud articulations. In case of contradiction or inconsistency, this Annex shall prevail.
Description : The "Business Recovery Plan" option allows the Customer to transfer its Virtual Machines, whether hosted on its premises or in a Private Cloud, as well as the data stored there, to another Private Cloud infrastructure. This option is an optional Service that is not included by default in the cost of the Private Cloud Service. This option must be the subject of a specific order or activation and results in additional invoicing.
Software : software allows the Customer to use this option is developed by Third Party Suppliers (“Third Party Products”). VALUE IT does not participate in the creation and development of these third-party Products made available to the Customer under the Option. Consequently, VALUE IT is not responsible for the Third-Party Products made available as part of the Service, which may include technical errors, security vulnerabilities, incompatibilities or instabilities, and gives no warranty on the Third Party Products made available as part of the Service. VALUE IT and the third party supplier reserve the right to modify the third party Products at any time.
Under this option, VALUE IT provides the Customer with the licenses to use the Third Party Product required for the use of the Service.
Option Mechanisms: Synchronization and/or copying of Virtual Machines is performed using the Third Party Product. For each Virtual Machine selected, continuous synchronization with broadband is performed. Data replication is asynchronous and continuous.
Customer data is synchronized by the VALUE IT fiber optic network between the VALUE IT Datacenters where the Private Cloud solution is present. Data is transferred by a VPN between remote sites so that any data transfer is secure. In case of an emergency, the Customer can immediately switch to the Private Cloud Backup site (the BRP site). The Customer is responsible for deciding on the “Switch” and moving to the backup site. The “VMware DRS” option available on the VMware vSphere management interface must be enabled for this option to be used. The customer is solely responsible for the decision to switch over and the effects of the edges that this can cause (loss of data, desynchronization, reduced performance, complex failback failover procedure, additional service provision invoicing etc.)
Termination of Services : In case of deletion, reinstallation or modification of the Virtual machine configuration, and in case of termination or non-renewal of a Private Cloud or this Option, any synchronization (including data and information contained therein) is deleted automatically and irreversibly. Prior to performing such operations, and prior to the expiry date of the “Disaster Recovery Plan” or Private Cloud Option, it is the Customer’s responsibility to backup or transfer its Virtual Machines (including all data and information contained therein) to other devices, in order to avoid loss or alteration of data.
