Terms of Service

Last updated:
June 2024


These are the Terms and Conditions governing the use of this Service and the agreement that operates between the Parties. These Terms and Conditions set out the rights and obligations of all users regarding the use of the Service. 

These terms and conditions apply to all quotations, offers, work, Agreements and deliveries of services or goods by or on behalf of the Service Provider.

The Client’s access to and use of the Service is conditioned on the Client’s acceptance of and compliance with these Terms and Conditions. These Terms and Conditions apply to all visitors, users and others who access or use the Service.

By accessing or using the Service, the Client agrees to be bound by these Terms and Conditions. If  the Client disagrees with any part of these Terms and Conditions then the Client may not access the Service. The Terms that govern the provision of the Service by the Service Provider to the Client form the Agreement between the Parties.

The Service Provider reserves the right to amend the Agreement from time to time. The continued use of the service by the Client will be relied upon by the Service Provider as consent to any such amendment. Material changes in the Agreement will enter into force after 7 days of notification thereof by the Service Provider to the Client. Deviation from these conditions is only possible if the Parties have explicitly agreed in writing.

The Client represents that  the Client is over the age of 18. The Service Provider does not permit those under 18 to use the Service.

The Client’s access to and use of the Service is also conditioned on  the Client’s acceptance of and compliance with the Privacy Policy of the Service Provider. Our Privacy Policy describes the Service Provider’s policies and procedures on the collection, use and disclosure of the Client’s personal information when  the Client uses the Application or the Website and tells  the Client about its privacy rights and how the law protects  the Client. Please read the Privacy Policy carefully before using the Service.

The Agreement always contains best efforts obligations for the Service Provider, no obligations with regard to results. The client is therefore not entitled to compensation if the intended result is not achieved.

Article 1 - Definitions

  1. Service Provider: Naq Cyber ​​B.V., established in Zoetermeer, Netherlands, Company Registration Number 75310368, or Naq Cyber UK Ltd., established in Leighton Buzzard, UK, Company Registration Number 12714016.
  2. Affiliate: An entity that controls, is controlled by or is under common control with a party, where "control" means ownership of 50% or more of the shares, equity interest or other securities entitled to vote for election of directors or other managing authority.
  3. Client: The counterparty to the Service Provider is referred to in these general terms and conditions as the Client.
  4. Parties: Service Provider and Client together.
  5. Agreement: These Terms and Conditions which qualify as the Agreement between the Parties.
  6. Infringement: A breach of security that accidentally or unlawfully leads to destruction, loss, alteration or unauthorised provision or unauthorised access to transmitted, stored or otherwise processed (personal) data.
  7. Service: The Client receives from the Service Provider a limited, time-bound, non-exclusive licence to use the Application which enables the Client to manage their privacy, information security, quality, and clinical risk management compliance for as long as the Client has an active Subscription to the Service.
  8. Application: The software program provided by the Service Provider used by the Client on any electronic device, named Naq.
  9. Subscription: Subscription refers to the Service or access to the Service offered on a subscription basis by the Service Provider to the Client in the form of the Application.
  10. Terms and Conditions: These Terms and Conditions (also referred as "Terms") that form the entire agreement between the Client and the Service Provider regarding the use of the Service.
  11. Support: The Support offered by the Service Provider in relation to the use of the Application.

Article 2 - Subscription period

  1. The Service is available only with a paid Subscription. The Client will be billed in advance on a recurring and periodic basis (such as monthly, quarterly or annually), depending on the type of Subscription plan you select when purchasing the Subscription.
  2. At the end of each period, the Subscription will automatically renew under the exact same conditions unless the Client or the Service Provider cancels it in accordance with these Terms.

Article 3- Subscription cancellations

  1. Each contract between the Client and the Service Provider is entered into for a minimum term of 12 months, monthly or quarterly payments notwithstanding. 
  2. The contract may not be terminated by the Client within the term of the contract duration. 
  3. Each subscription is renewed annually on a tacit renewal basis.
  4. Contract cancellations must take place at least one calendar month before the contract renewal date. 

Article 4- Subscription billing

  1. For yearly subscriptions, invoices must be paid within 30 days after the invoice date unless the Parties have made different arrangements in writing or a different payment term is stated on the invoice. For monthly or quarterly subscriptions, the Service Provider may enable the Client to pay automatically, set up a direct debit or enable the Client to make a bank transfer.
  2. If the Client does not pay within the agreed period, the Client will be in default by operation of law, without any warning being required. From that moment, the Service Provider is entitled to suspend the obligations until the Client has fulfilled his payment obligations.
  3. If the Client fails to do so, the Service Provider will proceed with the collection. The costs with regard to that collection will be borne by the Client. If the Client is in default, the Client will owe legal (commercial) interest, extrajudicial collection costs and other damage to the Service Provider in addition to the principal sum. The collection costs are calculated on the basis of the applicable legislation.
  4. In the event of liquidation, bankruptcy, seizure or suspension of payment of the Client, the claims of the Service Provider on the Client are immediately claimable.
  5. If the Client refuses his cooperation in the execution of the assignment by the Service Provider, the Client is still obliged to pay the agreed price to the Service Provider.

Article 5- Fee Changes

  1. The Service Provider, in its sole discretion and at any time, may modify the Subscription fees. Any Subscription fee change will become effective at the end of the then-current Subscription period.
  2. The Service Provider will provide the Client with reasonable prior notice of any change in Subscription fees to give the Client an opportunity to terminate their Subscription before such change becomes effective.
  3. The continued use of the Service after the Subscription fee change comes into effect constitutes the Client’s agreement to pay the modified Subscription fee amount.

Article 6- Refunds

  1. Except when required by law, paid Subscription fees are non-refundable.
  2. Certain refund requests for Subscriptions may be considered by the Service Provider on a case-by-case basis and granted at the sole discretion of the Service Provider.

Article 7 - Offers and quotations

  1. The offers of the Service Provider are valid for a maximum of 1 month, unless another period of acceptance is stated in the offer. If the offer is not accepted within the specified period, the offer will expire.
  2. Delivery times in quotations are indicative and do not give the Client the right to dissolution or compensation if they are exceeded, unless the parties have explicitly agreed otherwise in writing.
  3. Offers and quotations do not automatically apply for an extension of the service. Parties must agree explicitly and in writing.

Article 8 - Prices for additional services 

  1. The prices stated on the website of the Service Provider or on any marketing material or quote are excluding VAT and any other government levies, unless explicitly stated otherwise.
  2. With regard to any additional service provision next to or instead of the normal subscription and its fees, parties can agree to a fixed price when concluding the Agreement.
  3. If no fixed price has been agreed, the rate with regard to the additional services can be determined on the basis of the hours actually spent. The rate is calculated according to the Service Provider's usual hourly rates, valid for the period in which the Service Provider performs the work, unless a different hourly rate has been agreed upon.
  4. If no rate has been agreed based on the hours actually spent, a target price will be agreed for the service, whereby the Service Provider is entitled to deviate up to 10% from this. If the target price is more than 10% higher, the Service Provider must inform the Client in good time why a higher price is justified. In that case, the Client has the right to cancel part of the assignment that exceeds the target price plus 10%.

Article 9 - Price indexing

  1. The prices agreed upon entering into the Agreement are based on the price level applied at that time. The Service Provider has the right to adjust the fees to be charged to the Client annually as of 1 January.
  2. Adjusted prices and rates are communicated to the Client as soon as possible.

Article 10 - Force majeure

  1. In addition to the provisions related to Force Majeure of the relevant contract law, a failure on the part of the Service Provider to fulfil any obligation vis-à-vis the Client cannot be attributed to the Service Provider in the event of a circumstance independent of the will of the Service Provider, as a result of which his obligations towards the Client are wholly or partially prevented or as a result of which the fulfilment of his obligations cannot reasonably be expected from the Service Provider. These circumstances include non-performance by suppliers or other third parties, power failures, computer viruses, strikes, bad weather conditions and work interruptions.
  2. If a situation as referred to above occurs as a result of which the Service Provider cannot meet its obligations towards the Client, those obligations will be suspended as long as the Service Provider cannot meet its obligations. If the situation referred to in the previous sentence has lasted 30 calendar days, the parties have the right to terminate the Agreement in writing in whole or in part.
  3. In the case as referred to in the second paragraph of this article, the Service Provider is not obliged to pay compensation for any damage, even if the Service Provider enjoys any benefit as a result of the force majeure situation.  

Article 11 - Transfer of rights

Rights of one party to this Agreement cannot be transferred to a third party without the prior written consent of the other party. 

Article 12 - Expiry of the claim

Any right to compensation for damage caused by the Service Provider expires in any case 12 months after the event from which the liability arises directly or indirectly. 

Article 13 – The Service: acknowledgement and responsibilities

  1. The Service to which these Terms apply includes a security testing and monitoring service of the Client’s website(s), (web)applications, network(s) and security- and phishing testing of the Client’s e-mail. The objective of the security monitoring and testing service is to identify and report on security vulnerabilities, to allow the client to close the issues in a planned manner, thus significantly raising the level of their security protection. The Client understands and acknowledges that:
    1. Cyber security is a continually growing and changing field and the service performed by the Supplier does not protect Client against every type or form of attack. 
    2. Testing, scanning and/or monitoring of the Client’s website(s), (web)applications, network(s) and email will be done on a best endeavour’s basis and that it is not possible to guarantee that all vulnerabilities will be discovered. 
    3. Security breaches can and frequently do come from internal sources whose access is not a function of system configuration and/or external access security issues.
    4. It is at all times the responsibility of the Client to ensure proper implementation of relevant compliance measures, documentation, training and risk management methods through the use of the Application or the support of the Service Provider, and the Subscription taken in isolation does not guarantee compliance with any law, regulation or standard. 
    5. The Application is provided to the Client based on a best endeavours basis.
    6. The Support provided by the Service Provider to the Client is subject to the following Service Level Agreements:
      1. For questions regarding the use of the Application, including logging into the Application and general compliance questions, the Client must email support@naqcyber.com or raise a request using the support tool within the Naq platform. Questions sent to any other email address, even if that email address is part of the Naq domain, will not be taken into account as part of these Service Level Agreements. 
      2. Support will be provided by the Service Provider to the Client according to the following classification of support requests:

        Reply time:
        All tickets: 8 hours

        Resolve time:
        Tier A
        : Tickets that impact the ability of users to use the Naq platform (e.g. cannot log in or bugs that impact the functioning of the app): 8 hrs
        Tier B
        : Specific compliance questions: 5 working days 
        Tier C
        : Requests for support with bespoke policies, review of existing policies or due diligence questionnaires: 10 working days
      3. Manifestly unfounded or excessive Support requests may be subject to additional fees. These support requests qualify as excessive if the time spent by the Service Provider exceeds one hour per week. These fees will be calculated in accordance with article 8 of these Terms.

  1. The Supplier will:
    1. Take all reasonable steps to preserve the operational status of tested systems. The operational status of systems cannot be guaranteed in one hundred per cent (100%) of cases in which testing and/or monitoring is carried out. 
    2. Perform tests at its own discretion using appropriate tools and methods. 
    3. Provide a full list of all systems to be tested or monitored prior to performance of any form of testing or monitoring. 
    4. Upon termination of the Service, hand over all materials related to the website, including but not limited to website-assets, log-on credentials, etc. The Supplier guarantees that upon termination of the Service, the Client’s website(s) are fully functioning.
  2. The Client:
    1. Hereby grants permission to the Supplier and authorises the Supplier to perform the work as set out in article 1  of these Terms and Conditions.
    2. Will provide the Supplier with all required information prior to any form of security testing or monitoring.

Article 14- "AS IS" and "AS AVAILABLE" Disclaimer

The Service is provided to the Client "AS IS" and "AS AVAILABLE" and with all faults and defects without warranty of any kind. To the maximum extent permitted under applicable law, the Service Provider, on its own behalf and on behalf of its Affiliates and its and their respective licensors and service providers, expressly disclaims all warranties, whether express, implied, statutory or otherwise, with respect to the Service, including all implied warranties of merchantability, fitness for a particular purpose, title and non-infringement, and warranties that may arise out of course of dealing, course of performance, usage or trade practice. Without limitation to the foregoing, the Service Provider provides no warranty or undertaking, and makes no representation of any kind that the Service will meet the Client’s requirements, achieve any intended results, be compatible or work with any other software, applications, systems or services, operate without interruption, meet any performance or reliability standards or be error free or that any errors or defects can or will be corrected.

Article 15 - Liability for special, incidental, indirect or consequential damage

  1. To the maximum extent permitted by applicable law, in no event shall the Service Provider  or its suppliers be liable for any special, incidental, indirect, or consequential damages whatsoever (including, but not limited to, damages for loss of profits, loss of data or other information, for business interruption, for personal injury, loss of privacy arising out of or in any way related to the use of or inability to use the Service, third-party software and/or third-party hardware used with the Service, or otherwise in connection with any provision of this Terms), even if the Service Provider or any supplier has been advised of the possibility of such damages and even if the remedy fails of its essential purpose.

Article 16- Liability for direct damage

  1. The Service Provider is responsible for ensuring that its advice is accurate and up to date. Direct damage caused by inaccurate advice provided by the Service Provider may be subject to a liability claim provided that the direct causality between the damage and the advice can be unambiguously proven by the Client or its legal representative in a court of Law. Liability for damages is in any case limited to the amount paid by the Client to the Service Provider for its services in the 12 months prior to the liability claim. 
  2. The Service Provider is not liable for damages resulting from the inaccurate, incomplete or insufficient implementation of its advice, whether through services or its platform, by the Client. The Client remains, at all times, responsible and liable for ensuring that it follows the advice provided by the Service Provider. 
  3. This liability limitation also applies if the Service Provider is held liable for damage that results directly or indirectly from the testing or monitoring as meant in article 13 of these Terms and Conditions, malfunctioning of the equipment, software, data files, registers or other products, services or matters used by the Service Provider in the performance of the Service.
  4. The Service Provider is not liable for damage ensuing from this Agreement unless the Service Provider caused the damage intentionally or with gross negligence. Any liability for damage arising from or related to the implementation of this Agreement is always limited to the amount that is paid out in the relevant case by the (professional) liability insurance policy (s) concluded.
  5. The liability of the Service Provider for damage that is the result of intent or deliberate recklessness on the part of the Service Provider, his supervisor or subordinates is not excluded.

Article 17 – Indemnity for third party claims

The Client indemnifies the Service Provider against all claims from third parties that are related to the services supplied by the Service Provider.

Article 18 - Complaint obligation

  1. The Client is obliged to report complaints about the work performed to the Service Provider in writing in a timely manner. The complaint contains a description of the shortcoming that is as detailed as possible, so that the Service Provider is able to respond adequately.
  2. A complaint cannot in any case result in the Service Provider being obliged to perform other work than agreed.
  3. Client and Service Provider enter into mutual consultation and will, to the best of their ability, solve the problems to which the complaint referred to in this article relates.

Article 19- Your Feedback to Us

The Client assigns all rights, title and interest in any feedback the Client provides the Service Provider. If for any reason such assignment is ineffective, the Client agrees to grant the Service Provider a non-exclusive, perpetual, irrevocable, royalty free, worldwide right and license to use, reproduce, disclose, sub-license, distribute, modify and exploit such feedback without restriction.

Article 20- Links to Other Websites

  1. The Service may contain links to third-party web sites or services that are not owned or controlled by the Service Provider.
  2. The Service Provider has no control over, and assumes no responsibility for, the content, privacy policies, or practices of any third party web sites or services. The Client further acknowledges and agrees that the Service Provider shall not be responsible or liable, directly or indirectly, for any damage or loss caused or alleged to be caused by or in connection with the use of or reliance on any such content, goods or services available on or through any such web sites or services.

Article 21 - Intellectual property

  1. The Service Provider retains all absolute intellectual property rights (including copyright, patent law, trademark law, drawing and design right, etc.) on all designs, drawings, writings, media with data or other information, quotations, images, sketches, models, etc.
  2. The aforementioned absolute intellectual property rights may not be copied, shown to third parties and / or made available or used in any other way without written permission from the Service Provider.
  3. The Client undertakes to maintain the confidentiality of the confidential information made available to him by the Service Provider. Confidential information means that information to which this article relates, as well as general company data. The Client undertakes to impose on its staff and / or third parties involved in the implementation of this Agreement a written obligation of confidentiality regarding the scope of this provision.
  4. If the Client or one of his employees, service providers or natural persons or legal entities otherwise connected to him violates the intellectual property rights of the service provider, a penalty of €/£5,000 shall be payable for each day the violation continues. Claiming the fine does not affect the right of the service provider to claim damages for this violation. 

Article 22- Termination

  1. The Service Provider may terminate or suspend the Client’s access immediately, without prior notice or liability, for any reason whatsoever, including without limitation if the Client breaches these Terms and Conditions, which includes late or failure of payment for the Subscription. Upon termination, the Client’s right to use the Service will cease immediately.

Article 23 - Confidentiality

  1. Each of the parties shall keep the information it receives (in whatever form) from the other party and any other information concerning the other party that it knows or can reasonably suspect is secret or confidential, or information that it may expect that the distribution thereof may cause harm to the other party, and shall take all necessary measures to ensure that its personnel also keep the said information secret.
  2. The confidentiality obligation mentioned in the first paragraph of this article does not apply to information:
    1. that at the time the recipient received this information was already public or subsequently became public without a violation by the receiving party of a duty of confidentiality imposed on him;
    2. of which the receiving party can prove that this information was already in his possession at the time the other party provided it;
    3. that the receiving party has received from a third party whereby that third party was entitled to provide this information to the receiving party
    4. that is made public by the receiving party on the basis of a legal obligation.
  3. The obligation of confidentiality described in this article applies for the duration of this Agreement and for a period of five years after the termination thereof.
  4. If the Client or any of his employees, service providers or natural persons or legal entities otherwise connected to him violate this confidentiality clause, a penalty of €/£5,000 shall be payable for each day that the violation continues. Claiming the fine does not affect service provider's right to claim damages for this breach. 

Article 24 - Data Processing

  1. The Service Provider might have access to personal data for which the Client is responsible in the exercise of the service. The Service Provider shall take all necessary organisational and technical security measures to secure this personal data, in accordance with the UK and EU GDPR. To this end, The Service Provider will provide the Client with a Data Processing Agreement upon request.
  2. Personal data for which the Client is responsible will be processed by the Service Provider in accordance with the Privacy Policy, available on the Service Provider’s website.

Article 25 - Nullity and voidability of these general conditions

If one of the provisions of these general terms and conditions is declared null and void or annullable, the remaining part of these general terms and conditions will remain in force. 

In the event of nullification of one of the provisions of these general terms and conditions, the parties will consult with a view to concluding a valid provision. This new provision will be as close as possible to the void or voided provision. 

Article 26 - Dissolution

  1. If the service provider has a reasonable expectation of non-performance of one of the obligations of the underlying agreement, the Service Provider shall be entitled to dissolve the underlying agreement with immediate effect. 
  2. The Service Provider is entitled to dissolve without prior notice of default. 

Article 27- Applicable law and competent court

  1. The law applicable to these terms & conditions and the service provision by Naq Cyber is dependent upon the registered location of the Client. If the Client is registered in the UK, the laws of England and Wales apply exclusively. If the Client is registered in the Netherlands or elsewhere with the exception of the United Kingdom, Dutch law applies exclusively.
  2. The judge in the district where Naq Cyber​ is established and keeps office is exclusively authorised to take cognizance of any disputes between parties, unless the law prescribes otherwise.

Article 28- Disputes Resolution

If the Client has any concern or dispute about the Service, the Client agrees to first try to resolve the dispute informally by contacting the Service Provider.

Article 29- For European Union (EU) Users

If the Client is a European Union consumer, the Client will benefit from any mandatory provisions of the law of the country in which the Client is resident.

Article 30- United States Federal Government End Use Provisions

  1. If the Client is a U.S. federal government end user, our Service is a "Commercial Item" as that term is defined at 48 C.F.R. §2.101.
  2. the Client represents and warrants that (i) the Client is not located in a country that is subject to the United States government embargo, or that has been designated by the United States government as a "terrorist supporting" country, and (ii) the Client is not listed on any United States government list of prohibited or restricted parties.

Article 31- Changes to These Terms and Conditions

The Service Provider reserves the right, at our sole discretion, to modify or replace these Terms at any time. If a revision is materia, We will make reasonable efforts to provide at least 7 days' notice prior to any new terms taking effect. What constitutes a material change will be determined at our sole discretion.

By continuing to access or use the Service after those revisions become effective, the Client agrees to be bound by the revised terms. If the Client does not agree to the new terms, in whole or in part, they must cease to use the Service and inform the Service Provider without undue delay.

Contact Us

If you have any questions about these Terms and Conditions, You can contact us:

  • By email: support@naqcyber.com