top of page

End User Agreement

 Last Update: Nov 10th, 2024

USER LICENCE POLICY

Welcome to BCG (“BCG”), the smarter way to stay cyber-safe and compliant with

recognised standards. A binding agreement between you (“You” or “Your”) and BCG shall come into force at the time you use the Website and/or purchase any of our products (“Products”). This agreement comprises these Terms, the terms and

conditions of any Relevant Intermediary (where applicable), and our Privacy Policy

(together, the “Agreement”).

1. Definitions

In these Terms, except where expressly stated otherwise, the following words and

expressions shall have the meanings given to them as follows:

Agent: a program developed together with leading cyber security professionals that can

be installed on a computer or mobile device and which can check and secure the

configuration of the computer or device;

Auto-Fix: refers to features which, after enabled by You, can change the configuration of

Your systems;

Customer: You, as an unregistered user of the Website or a registered user of one or

more Products with an account available through the Dashboard, including if that

access has been set up by an Intermediary on Your behalf. For the purposes of these

Terms, an Intermediary may also be a Customer;

BCG: BCG ltd., company number 09545218 whose registered address is at 71-75

Shelton Street, Covent Garden, London England, WC2H 9JQ;

Dataroom: the means by which Your individual Customer account details may be

viewed and registered users can manage their Business Package Products on the

Platform;

Data Protection Laws: means the EU GDPR and the UK GDPR and any other applicable

laws relating to the processing of Personal Data;

EU GDPR: means the General Data Protection Regulation (Regulation (EU) 2016/679)

and all other EU laws regulating the processing of Personal Data, as such laws may be updated, amended and superseded from time to time;

Fees: the fees payable by You (or a relevant Intermediary on Your behalf) to BCG for the

provision of a Cybersecurity Business Package in accordance with this Agreement. The details of any Fees will be available either (i) on Your Dataroom, where You have purchased directly from BCG or (ii) from Your Intermediary;

Intellectual Property Rights: patents, copyright and related rights, trade marks, trade names and domain names, goodwill and the right to sue for passing oc, rights in designs, database rights, rights to preserve the confidentiality of information and any other intellectual property rights, including all applications for, renewals or extensions of, and rights to claim priority from, such rights and all similar or equivalent rights or forms of protection which subsist or will subsist, now or in the future, in any part of the world;

Intermediary: any party authorised by BCG from whom You have acquired use of the Product where You have not acquired such (Cybersecurity Business Package) Product

directly from BCG;

Personal Data means any Personal Data (as defined in UK GDPR) that is processed by

BCG on Your behalf in relation to this Agreement. Your Personal Data excludes any

Personal Data with respect to which BCG is a controller (such as, but not limited to,

business contact information relating to any relevant Intermediary and Your personnel

and representatives used for the purposes of entering into and performing this

Agreement, communicating with a relevant Intermediary in connection with this

Agreement, reporting on use of the BCG Products and services and invoicing and

receiving payments of the Fees);

Platform: the platform used by BCG to deliver and for You to access (Cybersecurity

Business Package) Products;

Subscription Overview: the confirmation by BCG displayed in the Data Room of all

active Subscriptions placed by You or by Your Intermediary (if applicable) for the

provision of the Products;

Systems: any technology or computer infrastructure, software and hardware;

Terms: the terms and conditions set out in this End User Licence Agreement;

UK GDPR: means the EU GDPR as transposed into UK law (including by the Data

Protection Act 2018 and the Data Protection, Privacy and Electronic Communications

(Amendments etc) (EU Exit) Regulations 2019) and all other UK laws regulating the processing of Personal Data, as such laws may be updated, amended and superseded from time to time;

Website: the website at https://www.bigcybergroup.com and any of its sub-domains,

including any Customer relationship management tools.

2. Scope of these Terms

1. Your use of the Website and the Products is subject to Your acceptance of the

terms of this Agreement. If You disagree with any of the provisions of the

Agreement, You should stop using the Website and/or any Products.

2. This Agreement constitutes the entire agreement under which BCG’s Products

and the Website may be used. Any prior communication, warranty or statement

shall not apply to this Agreement.

3. Headings have been inserted for convenience and may not be used to interpret

the content of this Agreement.

4. By using the Website and Products as representative of a corporate entity, You

warrant that You are entitled to do so.

3. Use of Products and Website

1. BCGBCG’s Products, Website and all its contents are owned by and under

copyright of BCGBCG and/or third-party licensors. You may not reproduce any

written content, images or concepts without the prior written permission of BCG.

You may not (and shall not incite or cause others to):

• modify, disassemble, decompile or reverse-engineer the Products or

Website, except to the extent expressly permitted by law;

• resell, sublicense, distribute or otherwise transfer any materials from the

Products or Website to any third party;

• copy any of the Product or Website content;

• circumvent, disable or remove any Product or Website security features;

• interfere (or try to do so) with the proper working of the Website or any

activities conducted on it.

2. In case of Your breach of this provision, BCG shall have the right to immediately

terminate Your access to the Website and Products and, where appropriate,

claim damages, and or any appropriate relief for the damage and losses

sucered.

3. The Website and Products are provided on an “as is” and “as available” basis

without any representation or endorsement made and BCG makes no

warranties, whether express or implied, in relation to the Website or Products or

their use. You acknowledge that BCGBCG cannot be responsible for the security

or privacy of information transmitted to BCG and You must bear the risk

associated with the use of the internet.

4. Access to the Products

1. Products may be purchased directly from BCG, or indirectly through an

Intermediary. In each case, this Agreement shall apply. Where You have

contracted through an Intermediary, You may be required to enter into an

additional agreement with that Intermediary. If You purchase additional

Product(s) from time to time, these will be added to the scope of this Agreement.

Some of the products You may wish to purchase from a third party fall into the

category of regulated products, which must be purchased directly from the third-party providers. BCG does not sell, advertise, or endorse such products. Our role

is strictly limited to sourcing quotes from providers in the market and presenting

these quotes to You.The decision to proceed with any such product rests solely

with You. We strongly recommend conducting thorough due diligence and

seeking independent legal and financial advice before making any decisions.

2. You will be granted non-exclusive, non-transferable access to any Product which is shown in Your Subscription Overview displayed on Your Data Room. You are responsible at all times for the security of its access details and BCG will not be responsible for any loss or damage caused by any third-party access caused by Your failure to keep the same secure.

3. You will be liable for any and all loss, liability and/or damage to BCGBCG or third

parties through the use of Your Website account, Data Room, Products or other

relationship tools as applicable, including any unauthorised third-party access.

You are recommended to follow best practices, including the use of strong

passwords, change in case of a suspected security breach, and to enable multifactor

authentication at all times. In the case of a suspected security breach, You

must inform BCG in writing immediately.

4. It is Your responsibility to provide BCG or Your Intermediary at all times with

accurate contact information including, but not limited to, a valid e-mail

address. Changes in Your contact information must be registered through the

Data Room or by communicating with Your Intermediary or directly with BCG.

5. Use of the Products

1. BCGBCG hereby grants to You (or shall procure the same) a licence to use the

Products (and any IPR therein) in the course of Your business in accordance with

this Agreement. BCG represents and warrants that the only licence terms that

are required for the use of the Product by You are included in this Agreement

(including, without limitation, the Product-specific terms in Schedule 2). Other

obligations may exist as set out in agreements between Intermediaries and You

where Products have not been purchased directly from BCG.

2. In order for the Products to function comprehensively, You or Your Intermediary

must install Premium Business Cybersecurity Software on Your Systems so as to

provide 24/7 compliance monitoring. You or Your Intermediary agree to Premium

Business Cybersecurity Software being installed on Your Systems, and You and

Your Intermediary will not hold BCG, its ocicers or employees liable for any

damage, loss or inconvenience caused by any such Agents.

3. BCG provides Auto-Fix solutions, which help You to implement standards more

eciciently. The Customer accepts that Auto-Fixes are applied at Your or (where

applicable) Your Intermediary’s discretion and risk. BCG it will not be held liable

for any damage incurred by You using such a function.

4. In ocering certain Products, BCG provides a non-exclusive, non-transferable

subscription to You to access certain materials through the Dashboard and Data

Room, including, without limitation, opinions and guidance. You acknowledge

that such opinions and guidance are not legally binding and BCG will not be held

liable for any damage or inconvenience resulting from You following such

opinions or guidance provided. You should always discuss any changes in Your IT

infrastructure with a professional familiar with Your Systems.

5. All information entered by You or Your Intermediary (where applicable) onto Your

account on the Dashboard or Data Room in the Product in the course of using

the Products is treated by BCG as confidential. You acknowledge that BCG, as

well as any Intermediary has the right to access, monitor and modify Your

account (including Your Dashboard) for the purpose of providing access to use

the Products.

6. BCG may make commercially reasonable changes to the Products from time to

time. If CyberSmart makes a material change to the Products, BCG or Your

Intermediary will notify You, by giving not less than 30 day’s prior notice. If You

notify BCG that You do not agree with such material change, then You will remain

governed by the Agreement in ecect immediately prior to the change until the

end of any then-current subscription terms, except where such change is

required by applicable law.

7. Individual Products may have specific requirements for their operation, details of

which can be accessed through the Dashboard or via additional instructions or

obligations from BCG or Your Intermediary and it is Your or Your Intermediary’s

responsibility to be familiar with these. You or Your Intermediary shall be liable

for any failure to meet any stated time limits, and You may as a result be required

to re-purchase Products where such limits apply.

8. You or Your Intermediary may also be required to take certain actions as a result

of a third-party audit which is an integral part of the relevant Product. A failure to

correct defects identified by any such third-party audit may require You to repurchase

a Product or pay additional fees (as identified in the relevant Product).

6. Fees

1. You shall pay or be responsible for procurement of the payment of the Fees by

Your Intermediary to BCG for continued use of the Products.

2. Fees may be reviewed by BCG at the time of renewal at BCG’s discretion. All

Fees payable under this Agreement are exclusive of VAT or any relevant local

sales taxes, for which You shall be responsible.

3. Where You have purchased a Product directly from BCG, we shall provide You

with a minimum of 30 calendar days’ notice of any change in the Fees. Where

You have purchased through an Intermediary, You will be informed of any fee

changes by them.

4. If You or an Intermediary fail to make any payment due to BCG under this

Agreement by the due date for payment, then, without limiting BCG’s remedies

under Clause 8:

• BCG may require You (or Your Intermediary) to pay interest on any overdue

amount at the rate of 4% per annum above HSBC’s base rate from time to

time. Such interest shall accrue daily from the due date until actual

payment of the overdue amount, whether before or after judgment. You

(or Your Intermediary) shall pay the interest together with the overdue

amount, including the full costs of enforcement of any debt owed

pursuant to the terms of this Agreement; and

• BCG reserves the rights to cancel Your access to the Platform and/or

Products after a thirty-day (30) notice day period.

7. Personal Data

1. Any data provided by You whilst using or accessing the Products, the Dashboard

and the Agents remain Your sole property. As a necessary part of providing the

Website, Dashboard, Data Room and Products, BCG stores and processes Your

Personal Data. The terms of the Privacy Policy apply to all processing of Personal

data under the Agreement.

2. In the event of any loss or damage to Your data (whether or not Personal Data),

Your sole and exclusive remedy against BCG shall be for BCG to use reasonable

commercial endeavours to restore the lost or damaged data from the latest

back-up maintained by BCG in accordance with its archiving procedure. BCG

shall not be responsible for any loss, destruction, alteration or disclosure of data

caused by any third party (except those third parties sub-contracted by BCG to

perform services related to data maintenance and back-up).

3. All parties agree to comply at all times with applicable Data Protection Laws.

4. Each party (the “Controller” as applicable) shall only supply to the other (the

“Processor” as applicable) and such Processor shall only process, in each case

under or in relation to this Agreement the Personal Data of data subjects falling

within the categories specified in Schedule 1 (Data processing information) (or

such other categories as may be agreed by the parties in writing).

5. The Processor shall only process the Personal Data of the Controller:

• during the term of this Agreement and for not more than 1 year following

the end thereof, subject to the other provisions of this Clause 7, unless

there is a valid business need (including, in the case of BCG, any

regulatory requirement);

• on the documented instructions of the Controller (including with regard to

transfers of Personal Data to a third country under the Data Protection

Laws), as set out in this Agreement or any other document agreed by the

parties in writing; and/or

• by way of transfer to a country, a territory or sector to the extent that the

competent data protection authorities have decided that the country,

territory or sector ensures an adequate level of protection for Personal

Data or appropriate documents are entered into for the purpose.

6. The Processor shall promptly inform the Controller if, in the reasonable opinion

of the Processor, an instruction of the Controller relating to the processing of

Personal Data infringes the Data Protection Laws.

7. Notwithstanding any other provision of this Agreement, a Processor may process

Personal Data if and to the extent that it is reasonably believes that it is required

to do so by applicable law. In such a case, the Processor shall inform the

Controller of the legal requirement before processing, unless that law prohibits

such information on important grounds of public interest.

8. The Processor shall ensure that persons authorised to process Personal Data

have committed themselves to confidentiality or are under an appropriate

statutory obligation of confidentiality.

9. Each party shall implement appropriate technical and organisational measures

to ensure an appropriate level of security for Personal Data.

10. No Processor may engage any third party to process Personal Data without the

prior specific or general written authorisation of the Controller. In the case of a

general written authorisation, the Processor shall inform the Controller at least

14 days in advance of any intended changes concerning the addition or

replacement of any third-party processor, and if the Controller reasonably

objects to any such changes before their implementation, then the Processor

must not implement the changes. Each Processor shall ensure that each third

party sub-processor is subject to equivalent legal obligations as those imposed

on the Processor by this Clause 7.

11. The Processor assist the Controller in ensuring compliance with the obligations

relating to the security of processing of personal data, the notification of

personal data breaches to the supervisory authority, the communication of

personal data breaches to the data subject, data protection impact assessments

and prior consultation in relation to high-risk processing under the Data

Protection Laws. A Processor shall notify the Controller of any breach acecting

Personal Data without undue delay and, in any case, not later than 48 hours

after the Processor becomes aware of the breach.

12. The Processor shall make available to the Controller all information necessary to

demonstrate compliance with its obligations under this Clause 7 and applicable

Data Protection Laws.

13. At the termination or expiry of this Agreement, each party shall, at the choice of

the Controller, delete or return all Personal Data to the Controller after the

provision of services relating to the processing, and shall delete existing copies

save to the extent that applicable law requires storage of the relevant Personal

Data.

14. Each party shall allow for and contribute to audits, including inspections,

conducted by the Controller or another auditor mandated by the Controller in

respect of the compliance of the processing of Personal Data with the Data

Protection Laws and this Clause 7.

8. Termination

1. You may, at any time without cause terminate this Agreement. You (or Your

Intermediary) must notify BCG directly in writing at least 30 days’ notice before

the end of a Subscription period, failing which the Subscription will

automatically renew.

2. If this Agreement terminates pursuant to Clause 8.1, where You have achieved

any certification or certifications and have paid any Fees:

• annually in advance, You shall not be entitled to any refund of monies

paid to BCG; or

• by monthly subscription(s), You shall remain liable on termination for a

sum of the dicerence between Your current fees paid and the full value of

Your subscription, with the calculation date to start from the date upon

which the subscription started. Such fees will be liable per subscription

terminated.

3. Without acecting any other right or remedy available to it, BCG may terminate

this Agreement with immediate ecect by giving written notice to You if You (or any

Intermediary on Your behalf) fail to pay any Fees due under this Agreement on

the due date for payment and remain in default for not less than 14 days after

being notified in writing to make such payment.

4. Without acecting any other right or remedy available to it, either party may

terminate this Agreement with immediate ecect by giving written notice to the

other party, if:

• the other party commits a material breach of any other term of this

Agreement, which breach is irremediable or (if such breach is

remediable) fails to remedy that breach within a period of 30 days after

being notified to do so;

• the other party suspends, or threatens to suspend, payment of its debts

or is unable to pay its debts as they fall due or admits inability to pay its

debts or is deemed unable to pay its debts within the meaning of section

123 of the Insolvency Act 1986;

• a petition is filed, a notice is given, a resolution is passed, or an order is

made, for or in connection with the winding up of that other party other

than for the sole purpose of a scheme for a solvent amalgamation of that

other party with one or more other companies or the solvent

reconstruction of that other party;

• an application is made to court, or an order is made, for the appointment

of an administrator, or if a notice of intention to appoint an administrator

is given or if an administrator is appointed, over the other party;

• the holder of a qualifying floating charge over the assets of that other

party has become entitled to appoint or has appointed an administrative

receiver;

• a person becomes entitled to appoint a receiver over the assets of the

other party or a receiver is appointed over the assets of the other party;

• a creditor or encumbrancer of the other party attaches or takes

possession of, or a distress, execution, sequestration or other such

process is levied or enforced on or sued against, the whole or any part of

the other party’s assets and such attachment or process is not

discharged within 30 days; or

• the other party suspends or ceases, or threatens to suspend or cease,

carrying on all or a substantial part of its business.

5. BCG may terminate this Agreement with immediate ecect on notice if You

undergo a change of control and Your new controlling shareholder is in BCG’s

reasonable opinion a direct competitor of BCG.

6. BCG may, in the event of a cyber or other security incident significantly acecting,

or in BCG's reasonable opinion, likely to significantly acect the provision of the

Products or harm customers, suspend access to the Products for such period as

BCG considers reasonably necessary for the incident to be contained.

7. Any provision of this Agreement that expressly or by implication is intended to

come into or continue in force on or after termination or expiry of this Agreement

shall remain in full force and ecect.

8. Termination or expiry of this Agreement shall not acect any rights, remedies,

obligations or liabilities of the parties that have accrued up to the date of

termination or expiry, including the right to claim damages in respect of any

breach of the agreement which existed at or before the date of termination or

expiry.

9. On termination for any reason, all rights granted to You under this Agreement

shall cease.

9. Warranties and Liability

1. BCG undertakes to provide the Website, Platform and Products using reasonable

skill and care and in accordance with the SLA, however, it does not warrant that

access to and/or use of the Website, Platform and Products will be uninterrupted

or error-free. In particular, BCG is not responsible for any delays, delivery

failures, or any other loss or damage resulting from the transfer of data over

communications networks and facilities, including the internet, and You

acknowledge that the Website, Platform and Products may be subject to

limitations, delays and other problems inherent in the use of such

communications facilities. BCG may, at any time and at its own discretion,

temporarily or permanently discontinue its Products where necessary as a result

of any cause beyond BCG’s reasonable control including, without limitation,

mechanical, electronic or communications failure. Under such circumstances,

BCG shall not be liable for any damage, loss or inconvenience.

2. You (and Your Intermediary) accept responsibility for the selection of the

Products to achieve Your intended results and acknowledge that the Products

have not been developed to meet Your individual requirements.

3. All other conditions, warranties or other terms which might have ecect between

the parties or be implied or incorporated into this Agreement or any collateral

contract, whether by statute, common law or otherwise, are hereby excluded,

including the implied conditions, warranties or other terms as to satisfactory

quality, fitness for purpose or the use of reasonable skill and care.

4. Notwithstanding any other provision in this Agreement, nothing will acect or limit

any rights You may have under English Law; or exclude or limit either

party’s liability for death or personal injury caused by its negligence or for fraud

or fraudulent misrepresentation or any other liability which cannot be excluded

or limited under applicable law.

5. In no event will BCG be liable for any indirect, special, punitive, exemplary or

consequential losses or damages of whatsoever kind arising out of Your use of,

or access to the Website, Platform or Products, including loss of profit, loss of

business, loss of opportunity or loss of contract whether or not in the

contemplation of the parties, whether based on breach of contract, tort

(including negligence), product liability or otherwise. BCG’s total aggregate

liability for direct losses or damages of whatsoever kind (including loss of profits)

in contract, tort (including negligence or breach of statutory duty),

misrepresentation, restitution or otherwise, relating to any claim in relation to

Your purchase of the Products shall be limited to the total fees actually paid to

BCG for Your own use of the Products during the 12 months immediately

preceding the date on which the claim arose.

10. General

1. In performing its obligations under this Agreement, You (and Your Intermediary)

shall comply with:

• the Mandatory Policies; and

• all applicable laws, regulations and sanctions relating to anti-bribery and

anti-corruption including but not limited to the Bribery Act 2010.

2. Subject to Clause 5.6 above, BCG may, at any time and at its discretion by

notice, amend these Terms and its Privacy Policy. You agree that it is Your (or Your

Intermediary’s) responsibility to regularly check the Website for notice of any

such changes to these documents.

11. Dispute Resolution and Jurisdiction

1. Any disputes shall be subject to the version of the Agreement in ecect at the date

at which the dispute was first brought to BCG’s attention in writing.

2. Before instigating court proceedings, You agree to provide BCG with sucicient

time and information to rectify the point in issue. Furthermore, before filing any

claims You agree to provide BCG with the opportunity to engage in an alternative

dispute resolution process.

3. Subject to clause 11.1, this Agreement and any claims resulting from its

application are subject to the laws of England and Wales. The English courts

shall have exclusive jurisdiction over any disputes arising under or in connection

with this Agreement You hereby waive any right of claim in any other jurisdiction.

BCG may, at its discretion, bring a claim in Your jurisdiction.

bottom of page