Home > Stormshield Data Security for Email Terms of Use

These Terms of use constitute the full contractual terms and conditions governing the subscription (the 'Subscription') binding, on the one hand, STORMSHIELD, a simplified limited French company with capital of 2 793 881,60 €, having its registered office at 2-10 rue Marceau, 92130 Issy-les-Moulineaux, France (‘Stormshield’) and, on the other hand, the client (the 'Client'). Stormshield and the Client can be referred to hereinafter separately as a 'Party' and jointly as the 'Parties'.

By using our Services, you agree to these Terms and to review our Privacy Policy. If you do not agree to these Terms, Cookies, and Privacy Policy, you should not use our Services.

Definitions

Stormshield: refers to the company STORMSHIELD whose registered office is located at 2-10 rue Marceau, 92130 Issy-les-Moulineaux, France.

Stormshield Data Security for Email or SDS for Email: refers to the "Stormshield Data Security for Email" Web Application that allows you to compose and read encrypted emails. Stormshield Data Security for Email solution hereinafter referred to as the "Software", the "Web Application" or the "Solution".

Add-on: refers to the shortcut to the Web Application directly integrated into Gmail.  This add-on allows its User to navigate between their Gmail mailbox and their “Stormshield Data Security for Email” Web Application, in just 2 clicks. It is deployed centrally to all Users by the Administrator.

Customer: refers to the individual or entity that has subscribed to “Stormshield Data Security for Email”. The Customer shall provide Stormshield, as part of the sales proposal, the email addresses and number of Users for which they wish to deploy the Solution, as well as the contact details for their Administrator.

User: refers to the person using the Web Application, identified by a unique email address given by the Customer as part of the commercial proposal.

Administrator: refers to the person in charge of the deployment of the Solution to all Users, as defined in the commercial proposal, by the Customer.

Party(ies): refers individually or collectively to Stormshield and/or Customer.

Documentation: refers to the technical documentation and user guides made available by Stormshield at: documentation.stormshield.eu/SDS-GM/v1/en/Content/Home.htm

TAC: Technical Assistance Center

 

Software

The Terms of use of the Software will depend on whether the Customer requires the free or the paid version of the Software.

In the case of the freeware, the User must use the Web Application on their devices and has no entitlement to support from Stormshield.

In the case of a paid Subscription, the Customer must identify the users who will work with the solution in advance, as part of the commercial proposal.

It is the Administrator (designated by the Customer) who is in charge of centrally deploying the solution to all the Users previously defined in the commercial proposal.

To do so, the Administrator must first trust the Web Application, following the procedure indicated here, and then centrally deploy the add-on to their Users, following the Google Workspace mechanisms, described here.

In any event, the Customer agrees to restrict access and use of the Software to authorized personnel only. If a User leaves the company, the Customer must ensure that he/she has implemented the necessary means to recover his/her encrypted emails. He/She must also ensure that the User in question has been removed from his/her authentication solution.

All Users must read these Terms of use of the Software to ensure compliance.

 

Changes to Terms

We reserve the right to change these Terms at any time. We will always post the most current version to our Web Application and notify you before they become effective, via a banner posted on the Web Application. By continuing to use the Services after the changes take effect, you agree to the revised Terms.

 

Changes to the Services

Stormshield may make changes to the functionality of the Software in response to changes in technology or market demand, including adding or removing one or more features.

Any functional changes within the initial scope may have an impact on the price, which may increase. If this is the case, Stormshield undertakes to inform the affected Customers one month in advance.

In case of deletion or modification of essential functionalities of the Software, Stormshield shall inform the Customer at least one month in advance of the deletion or modification.

If the Customer does not retract the agreement following the notice before the deletion or modification takes effect, the Customer shall be deemed to have accepted the deletion or modification.

 

Termination

The contract concluded between the Parties, within the framework of the commercial proposal, shall be tacitly renewed for periods of one year, unless terminated by one of the Parties one month before the end date of the subscription or of each of the renewal periods, as the case may be.

In this case, the Customer should send an e-mail to the following address: adv@stormshield.eu, in order to cancel the renewal of the contract for a new one-year period.

 

Technical Support

TAC requests must be submitted via the incident tracker in your user account at mystormshield.eu, under the menu Technical Support > Manage cases.

This tool is the point of entry for incidents submitted to Stormshield’s TAC and it is also used to track them.

  1. You are a non-certified client/partner or certified Administrator

The incident will be managed by level 1 support.

  1. Telephone access

In order to ensure the best quality service, we only recommend using this mode of communication to track incidents that have already been opened via the site mystormshield.eu.

Tel: +33 (0) 9 69 329 129

  1. What information is required?

To open an incident with the TAC, you must provide administrative information and technical details to describe the problem. The list of required information is available in the incident creation form at mystormshield.eu, in the Technical support - Manage cases menu. The quality of our diagnosis depends on the relevance of the information you provide. To facilitate tracking, it is important to submit only one problem per incident.

  1. What is the severity of the incident?

The severity level is defined by STORMSHIELD tech support.

  • SEV1 / Critical Severity: The main activity of the company is severely impacted by a malfunction and there is no workaround.
  • SEV2 / Major Severity: The main activity of the company is partially impacted by a malfunction and there is no workaround.
  • SEV3 / Minor Severity: An incident that does not impact the company’s main activity is encountered.
  • SEV4 / Information: You want information or are preparing for a future installation.
  1. What are the response times?

The response time is measured from when the incident has been assigned.

  • SEV1: Stormshield agrees to contact you within 4 business hours (8 am - 7 pm Paris time).
  • SEV2: Stormshield agrees to contact you within 8 business hours (8 am - 7 pm Paris time).
  • SEV3: Stormshield agrees to contact you within 24 business hours (8 am - 7 pm Paris time).
  • SEV4: Stormshield agrees to contact you within 72 business hours (8 am - 7 pm Paris time).

Important, Stormshield has no obligation to provide technical support services to Users of a Free Version of the Solution.

 

Corrective Maintenance

Corrective Maintenance includes:

  • the provision of diagnostic services to assess any failure, defect or malfunction of Stormshield Data Security for Email;
  • the delivery of versions, upgrades, patches or packages that may be necessary to correct any failure, defect or malfunction of Stormshield Data Security for Email; and/or
  • the provision of other services to correct or work around any failures, defects or malfunctions of  Stormshield Data Security for Email.

However, Corrective Maintenance does not include services necessary to correct or remove a failure, defect or malfunction caused by:

  • improper integration of the User's Web Application;
  • inappropriate use of Stormshield Data Security for Email by the Users and/or the result of third-party products used by themselves;
  • gross negligence or gross misconduct of the User, such as misuse of the Solution;
  • any use of Stormshield Data Security for Email that does not substantially comply with the Documentation;
  • any modification or alteration made to the configuration of Stormshield Data Security for Email by the User without the prior authorization of Stormshield.

Furthermore, Stormshield shall not be obliged to provide any Corrective Maintenance services to Users of a Free Version.

 

Subcontracting

Subject to the more specific provisions related to subcontracting of personal data contained in the Subcontracting Agreement, Stormshield shall be free to subcontract all or part of its Services to any third party of its choice, which the Customer accepts without reservation. Stormshield shall nevertheless remain liable to the Customer for the respect of their obligations by the subcontractors

 

Warranties

Stormshield warrants to the Customer that the Software's functionalities comply with the Specifications described in the Documentation included as Appendix 1.

Throughout the term of the Subscription, Stormshield undertakes to use its best efforts to offer the Customer all corresponding updates necessary to ensure a level of security that is consistent with industry standards. To that effect, the Customer undertakes to report to Stormshield any problems it may encounter or observe when using the Software.

Stormshield does not provide any warranty concerning the suitability of the Software for the Customer's specific needs, or its compatibility with any computer program run alongside it. As such, the Customer shall be responsible for assessing their specific needs, evaluating the suitability of the Software in view of those needs, and ensuring that they have the necessary skills to use the Software and a compatible computer environment, as described in Appendix 2. By accepting the Terms of Use, the Customer acknowledges that it has received all necessary information in this connection.

In view thereof, the Customer may, if they consider it appropriate, put in place suitable plans to deal with the event of a failure or suitable measures to minimize any harmful consequences of, for example, the loss of data generated by the Software as a result of its use.

Stormshield's warranty does not cover the consequences of:

  • any use of Stormshield Data Security for Email by the Customer that does not comply with its intended purpose, the Documentation, or the provisions of these Terms of Use;
  • any failure or malfunction of the operating system used by the Customer;
  • any modification made by the Customer to Stormshield Data Security for Email or to the procedures for using the Solution defined in the Documentation;
  • any negligence or lack of diligence on the part of the Customer or its personnel in the ongoing maintenance and management of the equipment used for running Stormshield Data Security for Email;
  • any act committed by a third-party or resulting from an act of Force Majeure;
  • any vulnerability contained in the Web Application for which Stormshield could legitimately justify that it was unaware of;
  • any use by the Customer of an Unsupported Version of the Solution;
  • Any loss or inaccessibility for a User, of the encrypted Email or of the Email in clear text, including in the context of a reversibility procedure, in the following cases
    • if the encryption keys were revoked;
    • if the encryption keys had an expiry date that had passed;
    • if at least one of the private keys was not registered by the Customer;
    • if the keys were saved using an “insecure” method;
    • if the keys were stored encrypted on the Customer's own media, and that media has subsequently been erased.
  • any compromise (including a data leak) of the User's Encrypted Data in the following cases:
    • if encrypted Data remains accessible (if an email remains in clear text);
    • if private keys have been stored in clear text;

Furthermore, Stormshield will not be liable for any warranty of any kind to Customers using the free version of Stormshield Data Security for Email.

 

User rights

Stormshield grants the Customer a Subscription allowing a number of Users (as defined in the commercial proposal) to use the Software in the context of their professional duties; this Subscription excludes any sharing of the license which is produced and sold for one and only one firm, non-assignable and non-transferable for the duration of the Subscription.

The Customer expressly acknowledges that they are entering into these terms of use under the following circumstances:

  • The Customer is aware of the essential functional characteristics of Stormshield Data Security for Email;
  • The Customer has accepted that Stormshield Data Security for Email is not error-free;
  • Stormshield has given the Customer the following warranties regarding the use of Stormshield Data Security for Email

The Customer agrees to:

  • Pay the Royalties in accordance with the terms and conditions of the commercial proposal;
  • Cooperate in good faith with Stormshield in respect of the Terms and Conditions;
  • And, use Stormshield Data Security for Email in accordance with the terms and conditions set forth herein.

In particular, the Customer will be responsible for:

  • The management, administration and control of the Web Application;
  • The prompt installation of Updates published by Stormshield, at their own expense;
  • Adopting emergency procedures adapted to their own needs to provide for restarting the solution, backing up and recovering data.

 

 

Intellectual property

The Software shall in all circumstances remain the sole property of Stormshield, who is the sole owner thereof and/or holds all the necessary rights to market and authorize the use thereof.

Accordingly, the Customer may not pledge, assign, lend or allow access to it, whether for a consideration of value or free of charge. Moreover, the Customer undertakes to inform Stormshield of any infringement of Stormshield intellectual property rights of which it becomes aware.

Stormshield warrants that the Software does not infringe any intellectual property rights or other property rights of third parties.

You can find the list of used libraries, here.

 

In the event the Software is, or becomes, in Stormshield's opinion, the subject of a claim by a third party, Stormshield may decide, as it sees fit:

  1. to arrange for the Client to be allowed to continue to use it, or
  2. to modify it so that it no longer infringes any rights, or
  3. to replace it with suitable software that is functionally equivalent, compatible and that does not infringe any rights.

 

Force majeure

Neither Party shall be liable towards the other Party for the non-respect or any delay in the observance of their obligations under the Subscription when this is due to the occurrence of a force majeure event resulting from any unavoidable or unforeseeable event or circumstances beyond their control.

Force majeure events shall be understood to mean those events defined as such in the case law of the Court of Cassation, and any change to the regulations or any court order or administrative decision that prevents Stormshield from operating its business.

Throughout the term of the Subscription, any force majeure event, as defined above, shall suspend the obligations under the Subscription for such time as the event or circumstances persist(s).

 

Liability

Stormshield will not be liable under any circumstances, for any indirect or unforeseeable loss resulting from the Customer's use of the Software. The Parties expressly agree that indirect loss shall be understood to mean any financial loss, business loss, lost profits, lost data, lost orders or lost customers, and any legal action taken against the Customer by a third party.

In the event that Stormshield's liability is incurred under the Subscription, the right to compensation for any direct loss suffered by the Customer shall be limited, for all causes and losses combined: per contractual year, to 50% of the amount paid to Stormshield by the Customer for the year in which the loss occurs;

 

Reversibility

In this version (1.0) of the solution, if the Users want to decrypt in bulk, all their emails encrypted by Stormshield Data Security for Email application, then they will have to download a third-party application.

The third-party application to be downloaded is an open-source email client, which means that no additional cost is required to access this service.

You can find the whole procedure for recovering your emails, here.

The Users who wish to recover their data will then have to follow the procedure described in the link above, independently.

 

Contact Us

If you have any questions or concerns about our privacy policy please send an email to dpo@stormshield.eu.

 

Appendix 1: Documentation

The reference documentation is available here.

Appendix 2: Technical configuration

The technical configuration requirements are available for the encryption portal here.