CyberRisk Alliance

Terms of Use

November 8, 2023

These Terms of Service (“Terms”) control the use of the Website, Mobile Apps, and Services of CyberRisk Alliance, LLC, a Delaware limited liability company (“CyberRisk Alliance”, “our”, “us”, or “we”).

By accessing the Websites, Mobile Apps, and/or the Services, you are bound by all terms and conditions in these Terms and our Privacy Policy. If you do not wish to be bound, you may not access the Websites, Mobile Apps, and/or the Services. If you are accepting these Terms on behalf of a company, organization, government, or other legal entity, you represent and warrant that (a) you are authorized to do so, (b) the entity agrees to be legally bound by the Terms, and (c) neither you nor the entity are barred from using the Services or accepting the Terms under the laws of the applicable jurisdiction.

1. Introduction.

a. Scope. These Terms govern your use of the Website, Mobile Apps, and the Services. Except as otherwise specified, these Terms do not apply to Third-Party Products, which are governed by their own terms of service.

b. Incorporated Terms. The following policies, guidelines, and agreements (“Incorporated Terms”) are hereby incorporated into, and form an integral part of, the Terms to which you are agreeing to be bound:

                                            i. Privacy Policy

                                          ii. Mobile App Terms

                                         iii. Acceptable Use Policy

c. Certain Definitions.

                                          i. “Services” means all CyberRisk Alliance products, services, and materials located on or accessible through the Websites and the Mobile Apps.

                                         ii. “Third-Party Products” means any third-party information, website, product, service, or materials referenced in, accessible through, or provided in connection with, the Website or Services.

                                         iii. “Website” means all CyberRisk Alliance and CyberRisk Alliance affiliated websites.

2. Modifications. CyberRisk Alliance reserves the right, in its discretion, to change, modify, add to, or remove any and all parts of these Terms at any time.

a. For users in the United States, any changes or modifications will be effective immediately upon posting of the revisions on the Websites and shall apply to all use of our Services and all acts or omissions occurring after the effective date of the revised Terms. Your continued use of the Websites and Services, following the posting of changes, will mean that you accept and agree to all changes or modifications.

b. For users in the European Economic Area (EEA), any changes or modifications will be effective upon your express consent as you will be notified of any changes by virtue of a pop-up, banner, or other notification mechanism when you seek to access our Services after we issue a change or modification. Upon consent, the revisions to these Terms shall apply.

3. Eligibility.

a. Minimum Age. The Services are directed to adults and are not directed to children under the age of 13. You must be 13 years of age or older to use the Services. CyberRisk Alliance complies with the Children’s Online Privacy Protection Act and does not permit registration by and will not knowingly collect personally identifiable information from anyone under 13. By registering for the Services, you represent and warrant that you are 13 years of age or older. Additionally, you must provide true, accurate and complete registration information to become a member of the Services (“Member”). Creating a Member account under automated means or under false or fraudulent pretenses constitutes unauthorized use of the Services and such accounts will be terminated by CyberRisk Alliance.

b. Registration. By using the Services, you represent and warrant that all registration information you submit is truthful and accurate and you agree to the accuracy of such information. The profile that you compose upon registering for the Services (the “Member Profile”) must describe you, an individual person. Examples of inappropriate profiles include, but are not limited to, profiles that purport to represent an animal, place, inanimate object, fictional character, or real individual who is not you. If you wish to view or change your profile, you can do so via the “my account” option on the Websites.

4. Intellectual Property.

a. Restrictions. All rights not expressly granted by CyberRisk Alliance to you in these Terms are hereby reserved by CyberRisk Alliance. There are no implied rights save to the extent rights cannot be excluded by applicable law. You may not use, imitate, or copy, in whole or in part, any CyberRisk Alliance trademark, service mark, trade dress, logo, or other branding (collectively, “Marks”) without, in each instance, CyberRisk Alliance’s prior written consent, in CyberRisk Alliance’s sole discretion. All permitted use of CyberRisk Alliance’s Marks will inure to the benefit of CyberRisk Alliance.

b. Ownership. As between the parties, the Website and Services, including, without limitation, any and all software, documentation, images, video, content, logos, page headers, custom graphics, design and user interface elements, scripts, and other materials (the “Content”) contained therein or provided in connection therewith, and all modifications, enhancements, and updates thereto, as well as all intellectual property rights associated with any of these materials (collectively, “CyberRisk Alliance IP”) are owned by CyberRisk Alliance and/or its third party sponsors, partners, and suppliers. You have no right or license in or to the CyberRisk Alliance IP other than the right to use the Services, in compliance with the Terms.

c. Notice of Intellectual Property Infringement. CyberRisk Alliance respects copyright laws and intellectual property rights, and we expect and encourage our users to do the same. In accordance with the Digital Millennium Copyright Act of 1998 (“DMCA”), which you may find in full on the U.S. Copyright Office website, CyberRisk Alliance will do its best to respond with due diligence to claims of copyright infringement when such claims are reported to it using the sample notice form below.

If you believe that your work has been copied in a way that constitutes copyright infringement and is displayed in our Services, please provide substantially the following information to CyberRisk Alliance’s copyright agent:

DMCA NOTICE OF ALLEGED INFRINGEMENT

(“NOTICE”)

·   Identify the copyrighted work that you claim has been infringed or a list of copyrighted works that you claim have been infringed.

·   Identify the material or link you claim is infringing and to which access you think should be disabled, including the URL of the link shown on the Site or the exact location where such material may be found.

·   Provide your personal or company name, mailing address, telephone number, and email address.

·   In the body of such notice, you must include a statement that you have a good faith belief that the disputed use of the copyrighted material is not authorized by the copyright owner, agent, or the law.

·   A statement that the information in such notice is accurate and, under penalty of perjury, that you as the complaining party are the owner or authorized to act on behalf of the owner.

 

CyberRisk Alliance’s copyright agent can be reached as follows:

CyberRisk Alliance, LLC

Attn: Copyright Agent

400 Madison Ave Ste. 6C, New York City, New York, 10017

 

5. Managing Content. CyberRisk Alliance reserves the right to delete, move or edit any Content (including Member material (“Material”) posted in any interactive area of the Services) that it may determine, in its sole discretion, violates these Terms or is otherwise unacceptable. However, CyberRisk Alliance does not and cannot review all of the Content posted by Members on the Services and is not responsible for such Content. You shall remain solely responsible for all Material. Although CyberRisk Alliance reserves the right to remove any offending Content on the Services, you understand and agree that you nonetheless may be exposed to such Material and that you further waive your right to any damages (from any party) related to such exposure. Additionally, CyberRisk Alliance shall have the right, but not the obligation, to correct any errors or omissions in any Content, as it may determine in its sole discretion.

6. No Endorsement.

a. CyberRisk Alliance does not represent or endorse the accuracy or reliability of any Content posted on any interactive area and you acknowledge that any reliance upon such Content shall be at your sole risk. Any Content placed on any interactive area by users represents the views of the user posting the statement and does not represent the views of CyberRisk Alliance.

b. The Services may contain links to websites or mobile applications on the internet which are owned and operated by third parties (the “External Site or mobile applications”). You acknowledge that CyberRisk Alliance is not responsible for the availability of, or the content located on or through, any External Site or mobile application. You should contact the website or mobile application administrator or webmaster for those External Site or mobile applications if you have any concerns regarding such links or the content located on such External Site or mobile applications.

7. Indemnification. You agree to indemnify, defend and hold CyberRisk Alliance and its affiliates, and the respective officers, directors, owners, agents, information providers and licensors (collectively, the “CyberRisk Alliance Parties”) harmless from and against any and all claims, liability, losses, damages, costs and expenses (including attorneys’ fees) incurred by any CyberRisk Alliance Party in connection with any Material or with use or alleged use of any Content or the Services, including any use under your password by any person, whether or not authorized by you. CyberRisk Alliance reserves the right, at its own expense, to assume the exclusive defense and control of any matter otherwise subject to indemnification by you, and in such case, you agree to cooperate with CyberRisk Alliance’s defense of such claim. This Indemnification Section will survive any termination or expiration of these Terms.

8. Termination of Service. CyberRisk Alliance reserves the right, in its sole discretion, to restrict, suspend or terminate your access to all or any part of the Services, including the discussion areas, at any time for any reason without prior notice or liability. Conversely, you may terminate your membership of the Services at any time, for any reason, by emailing CyberRisk Alliance at privacy@cyberriskalliance.com. Once your membership terminates, you will have no right to use the Services; provided, that these Terms shall survive any termination of your membership. CyberRisk Alliance may change, suspend or discontinue all or any aspect of the Services at any time, including the availability of any feature, database, or Content (including the discussion areas), without prior notice or liability.

9. Limitations of Liability.

a. Excluded Damages and Theories. CYBERRISK ALLIANCE AND ITS AFFILIATES ASSUME NO RESPONSIBILITY WITH RESPECT TO YOUR OR YOUR USER’S USE OF THE WEBSITES OR SERVICES AND WILL NOT BE LIABLE FOR ANY INDIRECT, CONSEQUENTIAL, INCIDENTAL, PUNITIVE, EXTRAORDINARY, EXEMPLARY OR SPECIAL DAMAGES, INCLUDING, WITHOUT LIMITATION THE FOLLOWING, UNLESS PROHIBITED BY APPLICABLE LAW, LOSS OF USE, DAMAGE BY VIRUS, LOSS OF DATA, LOSS OF PROFITS, AND LOST REVENUE, WHETHER SUCH DAMAGES ARE ALLEGED IN TORT, CONTRACT OR ANY OTHER LEGAL OR EQUITABLE THEORY, AND WHETHER OR NOT CYBERRISK ALLIANCE IS AWARE OF THE POSSIBILITY OF SUCH DAMAGES.

b. Aggregate Liability. CYBERRISK ALLIANCE AND ITS AFFILIATES WILL IN NO EVENT BE LIABLE IN AGGREGATE FOR MORE THAN THE TOTAL FEES ACTUALLY RECEIVED BY CYBERRISK ALLIANCE FROM YOU FOR THE SERVICES DURING THE 12-MONTH PERIOD BEFORE THE CLAIM OR CAUSE OF ACTION AROSE.

c. Multiple Claims; Time Limits. MULTIPLE CLAIMS WILL NOT EXPAND THIS LIMITATION. ANY CAUSE OF ACTION ARISING OUT OF OR RELATED TO THE WEBSITES OR SERVICES MUST BE COMMENCED WITHIN ONE (1) YEAR AFTER THE CLAIM OR CAUSE OF ACTION ACCRUES, OTHERWISE SUCH CLAIM AND CAUSE OF ACTION WILL BE PERMANENTLY BARRED.

d. Jurisdictions; Limitations. SOME JURISDICTIONS MAY NOT ALLOW THE EXCLUSION AND/OR LIMITATION OF LIABILITY FOR FRAUD, WILLFUL MISCONDUCT, GROSS NEGLIGENCE, DEATH OR PERSONAL INJURY OR FOR CONSEQUENTIAL, INCIDENTAL, SPECIAL OR OTHER DAMAGES, SO THE ABOVE LIMITATIONS OR EXCLUSIONS MAY NOT APPLY TO YOU. IN SUCH EVENT, THE LIABILITY OF CYBERRISK ALLIANCE AND ITS AFFILIATES FOR SUCH DAMAGES WILL BE LIMITED TO THE FULLEST EXTENT PERMITTED BY APPLICABLE LAW. THIS LIMITATIONS OF LIABILITY SECTION WILL SURVIVE ANY TERMINATION OR EXPIRATION OF THESE TERMS.

10.  Disclaimers.

a. General. YOUR USE OF THE WEBSITES AND SERVICES WILL BE AT YOUR OWN RISK AND ARE PROVIDED “AS IS”, “AS AVAILABLE” AND “WITH ALL FAULTS”. CYBERRISK ALLIANCE AND ITS AFFILIATES DISCLAIM, TO THE FULLEST EXTENT PERMITTED BY APPLICABLE LAW, ALL WARRANTIES, CONDITIONS, REPRESENTATIONS, WHETHER STATUTORY, EXPRESS OR IMPLIED, INCLUDING, WITHOUT LIMITATION, ANY IMPLIED WARRANTIES, CONDITIONS AND REPRESENTATIONS OF TITLE, MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT.

b. Specific. CYBERRISK ALLIANCE MAKES NO WARRANTIES, CONDITIONS OR REPRESENTATIONS ABOUT (i) THE ABILITY OF THE WEBSITES OR SERVICES TO PERFORM WITHOUT LIMITATION OR RESTRICTION IN ANY GIVEN ENVIRONMENT, (ii) THE ACCURACY, COMPLETENESS, OR CONTENT OF THE WEBSITES OR SERVICES, (iii) THE ACCURACY, COMPLETENESS, OR CONTENT OF ANY LINKED SITES (THROUGH HYPERLINKS, BANNER ADVERTISING OR OTHERWISE), AND/OR (iv) THIRD-PARTY PRODUCTS, AND CYBERRISK ALLIANCE ASSUMES NO LIABILITY OR RESPONSIBILITY THEREWITH.

c. Third-Party Products. THE REFERENCE TO, OR AVAILABILITY OF, THIRD-PARTY PRODUCTS IN CONNECTION WITH THE SERVICES OR WEBSITES DOES NOT CONSTITUTE, AND WILL NOT BE CONSTRUED AS CONSTITUTING, AN ENDORSEMENT, AUTHORIZATION, SPONSORSHIP, OR AFFILIATION BY OR WITH CYBERRISK ALLIANCE WITH RESPECT TO SUCH THIRD-PARTY PRODUCTS.

d. Legal, Tax, Financial, Other Communications. NO ORAL OR WRITTEN INFORMATION OR ADVICE OR COMMUNICATIONS PROVIDED BY CYBERRISK ALLIANCE OR ANY OF ITS EMPLOYEES WILL CONSTITUTE PERSONAL, LEGAL, TAX OR FINANCIAL ADVICE OR CREATE A WARRANTY, CONDITION OR REPRESENTATION OF ANY KIND.

e. Jurisdictions; Limitations. THESE DISCLAIMERS APPLY TO THE FULLEST EXTENT PERMITTED BY LAW AND WILL SURVIVE ANY TERMINATION OR EXPIRATION OF THESE TERMS. SOME JURISDICTIONS MAY NOT ALLOW THE EXCLUSION AND/OR LIMITATION OF IMPLIED REPRESENTATIONS, CONDITIONS OR WARRANTIES, OR ALLOW LIMITATIONS ON HOW LONG AN IMPLIED WARRANTY LASTS, SO THE ABOVE LIMITATIONS OR EXCLUSIONS MAY NOT APPLY TO YOU. IN SUCH EVENT, CYBERRISK ALLIANCE’S WARRANTIES, CONDITIONS AND REPRESENTATIONS WILL BE LIMITED TO THE GREATEST EXTENT PERMITTED BY APPLICABLE LAW IN SUCH JURISDICTION.

11.  Anti-Corruption, Export and Sanctions Compliance. 

a. With respect to these Terms, you represent, warrant, and covenant that you:

                                            i. have not and will not violate, or cause any party to be in violation of, any applicable anti-bribery or anti-corruption law (including, but not limited to, the U.S. Foreign Corrupt Practices Act of 1977, as amended, the U.S. domestic bribery statute in 18 U.S.C. 201, the U.S. Travel Act, or the UK Bribery Act 2010), anti-kickback laws, anti-money laundering and anti-terrorist financing laws, sanctions, embargoes, export controls, import controls, anti-fraud laws, or any other applicable law, regulation, or order (collectively, “Applicable ABAC Laws”);

                                          ii. have not and will not use or apply the Services or the Websites in violation of Applicable ABAC Laws;

                                         iii. have not and will not with a corrupt, improper, or illegal intention directly or indirectly (through third parties) pay, provide, promise, offer, authorize, solicit, or accept any money, gift, hospitality, entertainment, favor, financial advantage, or other thing of value to or from any individual, organization, political party, or entity whether in the public or private sector in any country in order to obtain, retain, or direct regulatory approvals, licenses, permits, business, contracts, investments, sales, tax or duty assessments, import or export clearances, foreign exchange clearances, or other advantages;

                                         iv. are not, (i) nationals, residents, agents or representatives of Iran, Cuba, North Korea, Syria, the Crimea Region of Ukraine, or any other region subject to comprehensive U.S. sanctions; (ii) on the List of Specially Designated Nationals & Blocked Persons, the Sectoral Sanctions Identifications (SSI) List, or Foreign Sanctions Evaders List maintained by the Office of Foreign Assets Control of the U.S. Department of the Treasury, or any other applicable list of sanctioned, embargoed, blocked, criminal, or debarred persons maintained by any U.S. or non-U.S. government, the European Union, Interpol, the United Nations, the World Bank, or any other public international organization (each such list, a “Sanctions List”); (iii) an entity that is 50% or more owned, individually or in the aggregate, directly or indirectly, by, is controlled by (including without limitation by virtue of such person being a director or owning voting shares or interests), or acts, directly or indirectly, for or on behalf of, any person or entity on a Sanctions List; or (iv) otherwise the target of any sanctions, suspensions, embargoes or debarment by the U.S. government or any other government or public international organization;

                                           v. shall implement an effective, risk-based compliance program and necessary internal controls (including, but not limited to, conducting sanctions screenings of your Relevant Parties and customers) to ensure compliance with Applicable ABAC Laws and this Anti-Corruption, Export and Sanctions Compliance Section;

                                         vi. shall reasonably cooperate with CyberRisk Alliance to (i) ensure compliance with sanctions, embargoes, and other Applicable ABAC Laws and/or (ii) review and remediate actual or potential violations of sanctions or other Applicable ABAC Laws, including, but not limited to, suspending or terminating the supply of products or services to customers or other persons that appear on a Sanctions List or are otherwise the target of sanctions and other similar restrictions.

A violation of the foregoing representations, warranties, or covenants by you will constitute a material breach of these Terms, and, in the event of such a violation, CyberRisk Alliance may, at its sole option, terminate your membership of the Services for cause and without further liability or obligation on the part of CyberRisk Alliance. Any such breach will entitle CyberRisk Alliance to seek to be indemnified by you and/or obtain injunctive and other emergency or equitable relief, in addition to any other remedies which may be available under applicable laws.

12.  Violations of These Terms. CyberRisk Alliance may disclose any information CyberRisk Alliance has about you (including your identity) if CyberRisk Alliance determines that such disclosure is necessary in connection with any investigation or complaint regarding your use of the Services, or to identify, contact, or bring legal action against someone who may be causing injury to or interference with (either intentionally or unintentionally) CyberRisk Alliance’s rights or property, or the rights or property of visitors to or users of the Services, including CyberRisk Alliance’s customers. CyberRisk Alliance reserves the right at all times to disclose any information that CyberRisk Alliance deems necessary to comply with any applicable law, regulation, legal process or governmental request. CyberRisk Alliance also may disclose your information when CyberRisk Alliance determines that applicable law requires or permits such disclosure, including exchanging information with other companies and organizations for fraud protection purposes.

You acknowledge and agree that CyberRisk Alliance may preserve any transmittal or communication by you with CyberRisk Alliance through the Services or any service offered on or through the Services, and may also disclose such data if required to do so by law or CyberRisk Alliance determines that such preservation or disclosure is reasonably necessary to (1) comply with legal processes, (2) enforce these Terms, (3) respond to claims that any such data violates the rights of others, or (4) protect the rights, property or personal safety of CyberRisk Alliance, its employees, users of or visitors to the Services, and the public. You also agree that any violation by you of these Terms will constitute an unlawful and unfair business practice, and will cause irreparable harm to CyberRisk Alliance, for which monetary damages would be inadequate, and you consent to CyberRisk Alliance obtaining any injunctive or equitable relief that CyberRisk Alliance deems necessary or appropriate in such circumstances. These remedies are in addition to any other remedies CyberRisk Alliance may have at law or in equity.

If CyberRisk Alliance does take any legal action against you as a result of your violation of these Terms, CyberRisk Alliance will be entitled to recover from you, and you agree to pay, all reasonable attorneys’ fees and costs of such action, in addition to any other relief granted to CyberRisk Alliance. You agree that CyberRisk Alliance will not be liable to you or to any third party for termination of your access to the Services as a result of any violation of these Terms.

13.  Member Disputes. You are solely responsible for your interactions with other Members of the Services. CyberRisk Alliance reserves the right, but has no obligation, to monitor disputes between you and other Members.

14.  Arbitration.

a. Arbitration Procedures. Except as otherwise expressly provided in these Terms, any Dispute (defined below)  shall be resolved by arbitration proceedings through the American Arbitration Association (“AAA”), www.adr.org, or JAMS, www.jamsadr.com, and the arbitration will be conducted before a single arbitrator. The arbitration will be commenced as an individual arbitration, and will in no event be commenced as a representative or class arbitration. All issues will be for the arbitrator to decide, including the scope of this arbitration provision.

                                            i. For arbitration before the AAA, the AAA’s Commercial Arbitration Rules and the AAA’s Optional Rules For Emergency Measures of Protection will apply. The AAA rules are available at www.adr.org or by calling 1-800-778-7879. For arbitration before JAMS, the JAMS Comprehensive Arbitration Rules & Procedures and the JAMS Recommended Arbitration Discovery Protocols For Domestic, Commercial Cases will apply. The JAMS rules are available at www.jamsadr.com or by calling 1-800-352-5267. This arbitration provision governs in the event it conflicts with the applicable arbitration rules. Under no circumstances will class action, representative action, or collective action procedures or rules apply to the arbitration.

                                          ii. You understand that, in the absence of this provision, you would have had a right to litigate disputes through a court, including the right to litigate claims on a class-wide or class action basis, and that you have expressly and knowingly waived those rights and agreed to resolve any Disputes through binding arbitration in accordance with the provisions of this Section. This arbitration provision shall be governed by the Federal Arbitration Act, 9 U.S.C. § 1, et seq.

b. Dispute. The term “Dispute” means any dispute, claim, or controversy between you and CyberRisk Alliance regarding any aspect of your relationship with CyberRisk Alliance, whether based in contract, statute, regulation, ordinance, tort (including, but not limited to, fraud, misrepresentation, fraudulent inducement, negligence, gross negligence or reckless behavior), or any other legal or equitable theory, and includes the validity, enforceability or scope of this arbitration provision (with the exception of the enforceability of the Class Action Waiver clause below). “Dispute” is to be given the broadest possible meaning that will be enforced.

c. WE EACH AGREE THAT, EXCEPT AS PROVIDED BELOW, ANY AND ALL DISPUTES, AS DEFINED ABOVE, WHETHER PRESENTLY IN EXISTENCE OR BASED ON ACTS OR OMISSIONS IN THE PAST OR IN THE FUTURE, WILL BE RESOLVED EXCLUSIVELY AND FINALLY BY BINDING ARBITRATION RATHER THAN IN COURT IN ACCORDANCE WITH THIS ARBITRATION PROVISION.

15.  Miscellaneous.

a. Entire Agreement. These Terms constitute the entire agreement between the parties with respect to the subject matter hereof and supersedes all previous written or oral agreements between the parties with respect to such subject matter. If any inconsistency exists between these Terms and any additional terms and conditions posted on the Services, such terms shall be interpreted as to eliminate any inconsistency, if possible, and otherwise, the additional terms and conditions shall control.

b. Severability. If any provision of these Terms is held invalid, illegal or unenforceable in any respect, (i) such provision shall be interpreted in such a manner as to preserve, to the maximum extent possible, the intent of the parties, (ii) the validity, legality and enforceability of the remaining provisions shall not in any way be affected or impaired thereby, and (iii) such decision shall not affect the validity, legality or enforceability of such provision under other circumstances.

c. Waiver. Any failure by CyberRisk Alliance to require or enforce strict performance by you of any provision of these Terms or to exercise any right under them shall not be construed as a waiver or relinquishment of your right to assert or rely upon any such provision or right in that or any other instance.

d. Notices. We may communicate with you through the email address specified in your account or by posting notices on the Website. You agree that all agreements, notices, disclosures and other communications that are provided to you electronically satisfy any requirement that such communications be in writing. All notices from us intended for receipt by you shall be deemed delivered when sent to the email address you provide to us.

Notices to CyberRisk Alliance must be sent to:

 

CyberRisk Alliance, LLC

400 Madison Ave Ste. 6C, New York City, New York, 10017

Attn: Joe Haddock

e. Section Headings. The section headings and titles in these Terms are for convenience only and have no legal or contractual effect. These Terms will be interpreted without application of any strict construction in favor of or against you or CyberRisk Alliance.

f.  Force Majeure. CyberRisk Alliance will have no liability to you or any third party for any failure by CyberRisk Alliance to perform its obligations under these Terms in the event that such non-performance arises as a result of the occurrence of an event beyond the reasonable control of CyberRisk Alliance, including, without limitation, an act of war or terrorism, natural disaster, failure of electricity supply, riot, civil disorder, or civil commotion or other force majeure event.

g. Third-Party Service Integration. Certain Third-Party Products may be integrated with the Services. CyberRisk Alliance may, in its discretion and without liability to you, decide to no longer support such integration and migrate your account to a different integration.

h. Statute of Limitations. You agree that regardless of any statute or law to the contrary, any claim or cause of action arising out of or related to use of the Services, Websites, Terms of Service and/or Privacy Policy must be filed within ONE (1) YEAR after such claim or cause of action arose or be forever barred.

i.  Jurisdiction; Venue. These Terms shall be construed in accordance with the laws of the State of New York, without reference to principles of choice of law. Any dispute relating in any way to your use of the Services or Websites shall be submitted to confidential arbitration in New York, New York except that, to the extent you have in any manner violated or threatened to violate CyberRisk Alliance intellectual property rights, CyberRisk Alliance may seek injunctive, equitable, or other appropriate relief in any state or federal court and you consent to the exclusive jurisdiction and venue in the state and federal courts in the State of New York, New York.

MOBILE APP TERMS

November 8, 2023

The terms below are incorporated into, and form an integral part of, the CyberRisk Alliance’s Terms of Service. Unless otherwise defined herein, capitalized terms shall have the meaning ascribed them in the Terms of Service. Any breach of the terms below will be deemed a material breach of the Terms of Service. By using any of CyberRisk Alliance’s mobile applications (“Application”), you agree to be bound by the Terms of Service and these incorporated Mobile App Terms.

  1. Compatibility; Performance. Use of the Application requires a compatible device with supported software and internet access. You are responsible for paying all fees associated with the foregoing. Application performance can be affected by a variety of factors, such as your location, your device, and the availability and speed of your internet connection.
  2. License. Subject to your compliance with these Terms, CyberRisk Alliance grants you a revocable, non-exclusive, non-sublicensable, non-transferable, worldwide, limited license to install and use the Application solely in connection with your account for lawful purposes only. No other license or right is granted. CyberRisk Alliance reserves all rights, including intellectual property rights, in and to the Application not expressly granted to you under these Mobile App Terms. There are no implied rights or licenses.
  3. Restrictions. Except where otherwise expressly permitted by applicable law or the licensing terms governing open-sourced components included within the Application, you will not, directly or indirectly: reverse engineer, decompile, disassemble, or otherwise attempt to discover the source code, object code, or underlying structure, ideas, or algorithms of or included in the Application, documentation, or data related to the Application; modify, translate or create derivative works based on the Application; copy (except for archival purposes), distribute, sublicense, pledge, assign or otherwise transfer or encumber rights to the Application; use the Application for timesharing or service bureau purposes or otherwise for the benefit of a third party or where it could be used by multiple devices at the same time; remove any proprietary notices or labels; attempt to, or assist, authorize, or encourage others to, circumvent, disable, or defeat any of the security features or components of the Application. The foregoing restrictions are applicable to the Application as a whole, all parts of the Application, all updates to the Application, and all CyberRisk Alliance proprietary materials displayed within the Application.
  4. Intellectual Property. As between the parties, the Application, including, without limitation, any and all documentation, images, video, content, trademarks, service marks, trade dress, logos, or other branding, custom graphics, design and user interface elements, scripts, and other materials contained therein or provided in connection therewith, and all modifications, enhancements, and updates thereto, as well as all intellectual property rights associated with any of the foregoing (collectively, “CyberRisk Alliance IP”) are owned by CyberRisk Alliance and/or its third party sponsors, and partners. You have no right or license in or to the CyberRisk Alliance IP other than the right to use the Application, in compliance with these Mobile App Terms. You may not use, imitate, or copy, in whole or in part, any CyberRisk Alliance trademark, service mark, trade dress, logo, or other branding without, in each instance, CyberRisk Alliance prior written consent, which may be given or withheld in CyberRisk Alliance’s sole discretion. All permitted use of the foregoing will inure to the benefit of CyberRisk Alliance.
  5. Disclaimers
  1. General. USE OF THE APPLICATION IS AT YOUR OWN RISK, AND IT IS PROVIDED “AS IS”, “AS AVAILABLE” AND “WITH ALL FAULTS”. TO THE FULLEST EXTENT PERMITTED BY APPLICABLE LAW, CYBERRISK ALLIANCE AND ITS AFFILIATES DISCLAIM ALL WARRANTIES, CONDITIONS, REPRESENTATIONS, WHETHER STATUTORY, EXPRESS OR IMPLIED, INCLUDING, WITHOUT LIMITATION, ANY IMPLIED WARRANTIES, CONDITIONS AND REPRESENTATIONS OF TITLE, MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT.
  2. Specific. CYBERRISK ALLIANCE MAKES NO WARRANTIES, CONDITIONS OR REPRESENTATIONS ABOUT (i) THE ABILITY OF THE APPLICATION TO PERFORM WITHOUT LIMITATION OR RESTRICTION IN ANY GIVEN ENVIRONMENT, (ii) THE ACCURACY, COMPLETENESS, OR CONTENT OF THE APPLICATION, (iii) THE ACCURACY, COMPLETENESS, OR CONTENT OF ANY LINKED SITES (THROUGH HYPERLINKS, BANNER ADVERTISING OR OTHERWISE), AND/OR (iv) THIRD-PARTY PRODUCTS OR SERVICES, AND CYBERRISK ALLIANCE ASSUMES NO LIABILITY OR RESPONSIBILITY THEREWITH.

ACCEPTABLE USE POLICY

November 8, 2023

The terms below are incorporated into, and form an integral part of, the CyberRisk Alliance’s Terms of Service. Unless otherwise defined herein, capitalized terms shall have the meaning ascribed them in the Terms of Service. Any breach of the terms below will be deemed a material breach of the Terms of Service.

Prohibited Activities/Content:

  1. Lawful Purposes Only. You may use the Websites and Services only for lawful purposes. You may not use the Websites or Services or allow any third party to use the Websites or Services for any purpose that is determined by CyberRisk Alliance, in its discretion, to be unlawful, invasive, infringing, obscene, offensive, defamatory or fraudulent, or to engage in, promote or encourage illegal activity.
  2. Profanity. Your Materials may not contain any profane or otherwise inappropriate subject matter, as determined by CyberRisk Alliance in its discretion. “Your Materials” means the content, communications, text, images, video, photographs, domain names, and all other materials posted to, displayed on, or linked by you.
  3. Private Information and Images. You may not post or disclose any personal or private information about, or images of, minors or any third party without the consent of such third party (or a parent’s or guardian’s consent in the case of a minor).
  4. Violations of Third Party Rights. Your Materials may not violate, or encourage the violation of, the intellectual property rights, rights of privacy, rights of publicity, or other legal rights of any third party. CyberRisk Alliance may remove or block access to Your Materials upon receipt of proper notice of copyright infringement.
  5. Misrepresentation of Transmission Information. Forging, misrepresenting, omitting, or deleting message headers, return mailing information, and/or internet protocol addresses to conceal or misidentify the origin of a message is prohibited.
  6. Viruses and Other Destructive Activities. You will not use the Websites or Services, or allow any third party to use the Websites or Services, for creating or sending internet viruses, worms or Trojan horses, corrupted files, hoaxes or other items of a destructive or deceptive nature, or for pinging, flooding or mail bombing, or engaging in denial of service attacks. You will not engage in other activity that is intended to disrupt or interfere with, or that results in the disruption of or interference with, the ability of others to effectively use the Websites or Services (or any connected network, system, service or equipment) or conduct their business over the Internet.
  7. Hacking. Hacking and related activities are prohibited. “Hacking” includes, but is not limited to, the following activities: illegally or without authorization, accessing computers, accounts or networks, penetrating or attempting to penetrate security measures, port scans, stealth scans, and other activities designed to assist in hacking.
  8. Spam. You will not use the Websites or Services, or allow any third party to use the Websites or Services, to generate, distribute, publish or facilitate unsolicited mass email, promotions, advertisements or other solicitations (“spam”).
  9. Anonymous Proxies. CyberRisk Alliance does not allow the use of anonymous proxy scripts on its servers. You will not access or copy any portion of the Websites or Services through any automated viewing, downloading or crawling systems.
  10. Child Pornography. The use of the Websites or Services to store, post, display, transmit, sell, advertise or otherwise make available child pornography is prohibited. CyberRisk Alliance is required by law to, and will, notify law enforcement agencies when it becomes aware of the presence of child pornography on, or transmitted through, the Website or Services.
  11. Other Prohibited Activities. Engaging in any activity that, in CyberRisk Alliance’s discretion, actually or potentially disrupts, interferes with, competes with, or is harmful to the Websites or Services, CyberRisk Alliance’s business, reputation, goodwill, customers and/or customer relations, or the ability of CyberRisk Alliance’s customers to effectively use the Websites or Services, is prohibited. Your failure to cooperate with CyberRisk Alliance in correcting or preventing violations of the Terms constitutes a violation of the Terms by you.

PRIVACY POLICY

Date of Last Revision: November 8, 2023

CyberRisk Alliance, LLC (“CyberRisk Alliance”, “our”, “us”, or “we”) wants to help you better understand how we collect, use, protect, and share your Personal Data. This Privacy Policy is designed to help you understand your privacy choices when you visit our Website or use our Mobile Apps or any of our Services. It does not apply to other websites or services that we do not control, including websites or services of other CyberRisk Alliance users. Unless otherwise defined herein, capitalized terms shall have the meaning ascribed them in the Terms of Service.

This Privacy Policy is incorporated into, and forms an integral part of, the CyberRisk Alliance Terms of Service  (“Terms of Service”). Please note that our services may vary by region.

We encourage you to read this Privacy Policy carefully and take the time to get to know our privacy practices. By accessing the Websites, Mobile App, and/or the Services, you are bound by all terms and conditions in the Terms of Service and this Privacy Policy. If you do not wish to be bound, you may not access the Websites, Mobile App, and/or the Services.

  1. Definitions.
  1. Information Types.

                                            i. “Account Information” means data about how and when a CyberRisk Alliance account is accessed and the features used.

                                          ii. “Browser Information” means data or information provided by a browser, including the IP address, the website visited, network connection, device information, and other data, including Cookies.

                                         iii. “Contact Information” means basic personal and business information, such as first and last name, company name, email address, postal address, phone number, and may include social media account information.

                                         iv. “Device Information” means information about your device, such as device ID number, model, and manufacturer, version of your operating system and geographical region, collected from any devices when accessing our website, using the Mobile App, or any of our services.

                                           v. “Security Information” means user ID, password and password hints, and other security information used for authentication and account access.

                                         vi. “Support Information” includes information about your hardware and software, authentication data, chat session contents, error reports, performance data, and other communication or technical information and may, with express permission, include remote access to facilitate troubleshooting.

                                        vii. “Usage Information” means information collected when you interact with the CyberRisk Alliance website, mobile application or any of our services, including functionalities accessed, pages visited, and other interaction data.

b. “Automated Decision Making” means a decision made solely by automated means without human involvement.

c.  “Controller” means an entity that determines the purposes and means of the Processing of Personal Data.

d. “Cookie” means a small file that resides on your computer’s hard drive that often contains an anonymous unique identifier that is accessible by the website that placed it there, but is not accessible by other sites.

e.  “Member” means an entity or natural person that registers to become a member of the Services.

f.  “Mobile App” means the CyberRisk Alliance Mobile Application available through third-party app stores for mobile devices.

g. “Personal Data” or “Personal Information” means information that (i) relates to an identified or identifiable natural person, or (ii) identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household.

h. “Processing” means any operation or set of operations which is performed upon Personal Data, whether or not by automatic means, including, but not limited to, alteration, collection, organization, recording, retrieval, storage, transmission, and use.

i.   “Processor” means the entity that processes Personal Data on behalf of the Controller.

j.   “Services” means all CyberRisk Alliance content, memberships, services, and materials located on or accessible through the Websites and the Mobile Apps.

k. “Third-Party Products” means any third-party information, website, product, service, or materials referenced in, accessible through, or provided in connection with, the Website or Services.

l.   “User” means an entity or natural person that downloads, uses, or interacts with the CyberRisk Alliance Mobile Apps.

m. “Visitor” means an entity or natural person that visits or interacts with the CyberRisk Alliance Websites.

n. “Website(s)” means the CyberRisk Alliance website located at https://cyberriskalliance.com and all CyberRisk Alliance affiliated websites (including all associated internet country codes).

 

  1. How Do We Collect Information and What Information Do We Collect?

a. When a User or Member interacts with our Websites, CyberRisk Alliance may collect and control information such as Account Information, Browser Information, Contact Information, Support Information, Device Information, Security Information, Usage Information and set a Cookie.

b. When a User or Member interacts with our Mobile Apps, CyberRisk Alliance may collect and control information such as Account Information, Contact Information, Device Information, Usage Information and Security Information.

c. When visitors browse our Websites, or engage in communications with us online or offline, we may collect and control, as applicable, Browser Information, Support Information, Contact Information, and Usage Information submitted or communicated to us.

d. We may collect the following types of information from you or your device(s):

                                            i. identifiers, such as Browser Information, Device Information, and Security Information;

                                           ii. commercial information, such as Account Information, Contact Information, and Usage Information;

                                         iii. internet or network information, such as Browser Information and Device Information;

                                         iv. geolocation data, such as Browser Information and Device Information;

                                           v. other Personal Information, such as Support Information; and/or

                                         vi. information derived from other categories, which could include your preferences, interests, and other information used to personalize your experience.

 

3.   How We Use the Information We Collect We use the information we collect in our role as a Controller to:

i.  provide our Services;

ii. confirm identities;

iii. to communicate with you, including required communications regarding your account, security, or updates regarding our Services or polices, and to send promotional communications;

iv. improve and personalize communications, interactions, and our Services, such as push notifications regarding your activities;

v. provide support such as debugging, troubleshooting, automated decision making such as the detection of fraudulent account creation when signing up for our Services;

vi. for advertising and marketing, invoicing, to resolve incidents related to the use of our Websites and Services;

vii.   to comply with legal requirements,

viii.  create potential sales contacts (“Leads”);

ix. as may be necessary in a business transaction concerning the sale or transfer of our assets; and/or

x. in other cases where the Visitor has given express consent.

 

  1. How We Share the Information We Collect We may access, transfer, or disclose the Personal Data with your consent or if we have a good faith belief that doing so is necessary to: (i) comply with applicable law or respond to valid legal process, including from law enforcement or other government agencies; or (ii) protect the rights or property of CyberRisk Alliance, including enforcing the terms governing the use of the Services.

Lead Generation. Notwithstanding the above, we may access certain Personal Data, limited to your name, job title, company name, company size, address, phone number, email address, behavior at virtual and live events, and behavior on the Website, in the creation of our Leads. We may sell and share that certain Personal Data to the Third Parties that purchase our Leads in the context of cross-behavioral advertising.

  1. Cookies.

a. Usage. CyberRisk Alliance and its third-party service providers use cookies, web beacons, and similar tracking technologies to recognize you when you visit our Websites, remember your preferences, and give you a personalized experience. When you visit our Website, we, or an authorized third party, may place a Cookie on your device that collects information, including Personal Data, about your online activities over time and across different sites. Cookies allow us to track use, infer browsing preferences, and improve and customize your browsing experience.

b. Persistence. We use both session-based and persistent Cookies on our Websites. Persistent Cookies remain on your computer when you have gone offline, while session Cookies are deleted as soon as you close your web browser. A website may set a Cookie if the browser’s preferences allow it. A browser only permits a website to access the Cookies that it has set, not those set by other websites.

c. Types.

                                          i. Essential. These Cookies are necessary for our Websites to work as intended.

                                        ii. Functional. These Cookies enable enhanced functionality, like videos and live chat. Without these Cookies, certain functions may become unavailable.

                                       iii. Analytics. These Cookies provide statistical information on site usage. For example, these Cookies enable web analytics that allow us to improve our website over time.

                                       iv. Targeting and Advertising. These Cookies are used to personalize content to enhance your experience.

 

d. Control. It is possible to disable Cookies through your device or browser settings, but doing so may affect your ability to use our website. For instance, we may not be able to recognize your computer or mobile device and you may need to log in every time you visit our Websites. The method for disabling Cookies may vary by device and browser, but can usually be found in preferences or security settings. Please use the following links for further instructions:

                                            i. Google Chrome

                                           ii. Apple Safari

                                         iii. Mozilla Firefox

                                         iv. Microsoft Internet Explorer

 

e. Other Resources. To find out more about Cookies, including how to see what Cookies have been set and how to manage and delete them, visit allaboutcookies.org, or aboutcookies.org.

  1. Third Parties. Third Party application stores, such as Apple’s App Store or Google’s Google Play, might collect additional information and share them with us. Please refer to the application store’s Privacy Policy to better understand how they process any of the personal information they collect and share with app publishers like ourselves. Third Party applications, such as Amazon Voice Service, may collect additional information. Please refer to the respective Third Party’s Privacy Policy to better understand how they process any of the personal information they collect and the purposes for collection. While we are dedicated to securing our Websites, Application, and Services, you are responsible for securing and maintaining the privacy of your passwords and account information. We are not responsible for protecting Personal Data shared with a Third Party based on an account connection that you have authorized.
  2. Data Subject’s Rights. Depending on where you reside, you may have data subject rights as set forth based on location of residency below.

a. UK/UE/EEA Data Subject Rights under the General Data Protection Regulation (GDPR). If you are a resident of the United Kingdom, European Union, or European Economic Area (EEA), you may have certain data protection rights. We aim to take reasonable steps to allow you to correct, amend, delete, object to the processing, restrict the processing, request a transfer, or limit the use of your Personal Information. You can exercise rights over your Personal Data against the Controller by submitting a request by clicking this link or emailing us at privacy@cyberriskalliance.com, with the subject line “GDPR Data Subject Request”. When collection is based on your consent, you have the right to withdraw consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal by applicable law. If applicable by national law, you have the right to lodge a complaint with a supervisory authority if you believe that the processing of your personal data relating infringes your rights.

b.   California Consumer Privacy Act. If you are a California resident, or were within the last year or at any point since January 1, 2022, you have the following rights under applicable California law in relation to your Personal Information, subject to certain exceptions: 

                                       i.     Right to Know. You have the right to, up to twice in a 12-month period, request what Personal Information we collect, use, disclose, share, and/or sell, as applicable.

                                      ii.     Right to Delete. You have the right to request the deletion of your Personal Information that is collected by us.

                                    iii.     Right to Opt-Out of Sale. You have the right to opt-out of the sale of your Personal Information by a business. However, as noted above, we do not currently sell any Personal Information.

                                     iv.     Right to Non-Discrimination. You have the right not to receive discriminatory treatment for the exercise of the privacy rights described above.

                                      v.     Right to Correct. You have the right to correct inaccurate Personal Information that we maintain about you.         

                                     vi.     Right Not to Be Discriminated Against. You have the right not to receive discriminatory treatment by us for exercising your privacy rights, including the right not to be retaliated against.

We may sell or share (in the context of cross-behavioral advertising which means the targeting of advertising to a consumer based on the consumer’s personal information obtained from the consumer’s activity across businesses including distinctly-branded websites, applications, or services) Personal Information. If we do, you will be notified of it prior to or at the point of such collection for those purposes, and provided a link to opt-out of the selling/sharing of Personal Information.

These rights are not absolute, and there may be cases when we decline your request as permitted by law.

Any request you submit to us is subject to an identification and residency verification process as permitted by the CCPA.

To submit a request pursuant to this Section, please contact us, or have your authorized representative, contact us at (888) 979-4745, click this link, or email us at privacy@cyberriskalliance.com, with the subject line “California Data Subject Request”. In the event you have an authorized representative submit a request to delete, request to correct or request to know on your behalf, you will have to provide written authorization demonstrating this grant of authority, which can include a Power of Attorney. Authorized representatives may not submit any other types of requests on your behalf.

For purposes of requests to delete, correct and to know, we will verify your identity based on information we have collected about you, including your name, address, and phone number, but will not fulfill your request unless you have provided sufficient information that enables us to reasonably verify that you are the consumer about whom we collected the Personal Information. If we are unable to verify your identity, we may deny your request.

c.   If you are 16 years of age or older, you have the right to direct us not to sell your Personal Information at any time. We do not and will not sell Personal Information of consumers we actually know are less than 16 years of age unless we received affirmative authorization from the consumer who is between 13 and 16 years of age, or the parent or guardian of a consumer less than 13 years of age, to opt-in to the sale of their Personal Information. Upon the receipt of this request to opt-in, we will inform the minor of the right to opt-out later and of the process for doing so.

d.   We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.

  1. Do Not Track. Do Not Track is a privacy preference that users can set in their web browsers. When a user turns on the Do Not Track signal, the browser sends a message to websites requesting them not to track the user. At this time, we do not respond to web browser “do not track” settings or signals. We deploy Cookies and other technologies on our Services to collect information about you and your browsing activity, even if you have turned on the Do Not Track signal.
  2. Protecting Your Personal Information. We implement security measures designed to maintain the security of your Personal Information. These security measures are implemented both during transmission of Personal Information and once received. The security of your Personal Information is important to us. However, no method of safeguarding information is completely secure. While we use measures designed to protect Personal Information, we cannot guarantee that our safeguards will be effective or sufficient. In addition, you should be aware that internet data transmission is not always secure, and we cannot warrant that information you transmit utilizing the Services is or will be secure.
  3. Transfer of Data. Your Personal Information may be transferred to —and maintained on—computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ from those in your jurisdiction. If you are located outside the United States, please note that we transfer data, including Personal Information, to the United States and process it there. By using the Services, you understand and acknowledge that your Personal Information will be transferred to and processed in the United States, which may have different data protection rules than in your country. We will take steps reasonably designed to treat your Personal Information securely and in accordance with this Privacy Policy, as further described below.

10. Updates. We may update this Privacy Policy from time to time in response to changing legal, technical or business developments. When we update our Privacy Policy, we will take appropriate measures to inform you, consistent with the significance of the changes we make. We will obtain your consent to any material Privacy Policy changes if and where this is required by applicable data protection laws. You can see when this Privacy Policy was last updated by checking the “Date of Last Revision” date displayed at the top of this Privacy Policy.

11. Contact Us. For more information about our privacy practices, if you have questions, or if you would like to make a complaint, please contact us by e-mail or by mail using the details provided below:

CyberRisk Alliance, LLC

400 Madison Ave Ste. 6C, New York City, New York, 10017

Attn: Joe Haddock

We're Here to Help

From news, analysis, and insight, to events, communities, custom content and marketing solutions, the CyberRisk Alliance portfolio provides support to the entire cybersecurity ecosystem. We'd love to help support your goals.