End User Licence Agreement

 

Latest Changes (July 2024)

  • Removed references to Unipass Mailock

1. Introduction

This End User Licence Agreement (EULA) is a binding Legal Agreement between Beyond Encryption Limited, (company number 08814096) of 1 Gloster Court, Whittle Avenue, Fareham, Hampshire, PO15 5SH (“we” or “us”) and you, whether you are an individual user or business entity represented by as either an authorised officer for, or authorised user within, the business.

Our VAT number is 280809881.

The EULA terms apply to all products and services provided to you by Beyond Encryption in whatever manner you might choose to use them (“The Services”).

In using The Services, you are agreeing to be bound by the Terms of this EULA.   If you do not agree to the Terms of this EULA, you are not permitted to use The Services.

If you are an authorised user of a business entity that has purchased the Services, you agree to the terms of this EULA on behalf of all the users within your business entity, but as an individual in the company, the following paragraph applies to you personally.

In accepting the terms and conditions of usage within this EULA you agree to be bound Beyond Encryption’s Acceptable Use Policy the latest version of which can be found at our website www.beyondencryption.com. Our Privacy Policy sets out in details how we process your personal data and can be found at our website www.beyondencryption.com.

Prior to entering into a Paid Contract, We offer all our users a free trial of The Services. During the Trial, Clauses 4,5,6,7,10,11,13,15 16, 17 and 21 apply.

In your trial period we will send you advisory information to optimise usage of our solution and all its features. If you have purchased the services from us directly or through an Introducer Affiliate, the length of the trial period and the cost of the Service you have purchased will be stated in the registration page for The Services. If you have purchased the Services through one of our Partner Resellers this will be determined by your Reseller Terms.

 

2. The Services

This agreement covers the following services, “The Services” provided by Beyond Encryption which may be subscribed to by the user and include, but are not limited to;

  • the provision of a secure email system, Mailock, which enables users, in accordance with compatible software, as published on our website beyondencryption.com, to apply encryption to their existing email.
    • This is not an alternative email service.
    • The user remains responsible for determining whether the level of security they apply to their email when using the Service is sufficient for the communication and determining whether any other security requirements should be applied or incorporated into their existing infrastructure.
  • secondary authentication service provider integration (depending on licence type) such as:
    • Short Message Service provision (SMS)
  • the provision of metrics and personal data, as per our Privacy Policy, to assist in securing your identity and communications.
  • administrative Console delivered by way of a secure web site.

3. Adapters and Technology

To send secure communications using Mailock you need either;

  • the Outlook Add-in (an Adapter) if Outlook is your email provider.
  • access to the web using your normal internet browser.

The Services will be subject to minimum compatible mobile or computer device specifications and browser or operating system requirements.

These requirements, together with information on increased accessibility for The Services through email Add-in and Applications can be found at www.beyondencryption.com. This also includes details of using The Services via a web browser.

You acknowledge and agree that you, as the sender, control the release of your email to the recipient. You acknowledge that The Services have not been developed to meet your individual requirements and it is therefore your responsibility to ensure that the functions available meet your requirements and security levels.

 

4. Licence and Licence Types

The user accepts that this is a non-exclusive, non-transferable licence for The Services. Within the Services offered, there a number of different licence types, suitable for both business (Mailock Pro) or end client use (Mailock Free), with variances in message functionality, ability to send and receive secure email messages, methods of verification, message availability, company branding and message storage. Further details on our licence types and their comparative functionality can be found at our website www.beyondencryption.com or by contacting our Sales team at sales@beyondencryption.com.

The Services may not be resold without the express prior written agreement from Beyond Encryption.

Each user of the service must have their own individual licence.

 

5. Intellectual Property

You acknowledge that all worldwide intellectual rights in The Services belong to us and are licensed to you (not sold) and that you have no rights in, or to, the Technology other than the right to use such technology in accordance with the Terms and Conditions of usage as outlined in this End User Licence Agreement (EULA).

 

6. Customer Obligations

Account Administration

For a Pro or Premium account, the user agrees that they, either as, or on behalf of, the contracting party:

  • shall nominate at least one administrative user to utilise the administration console, as defined in the published guide available at beyondencryption.com, who will be granted system administration rights for The Services.
  • accept that nomination of an administration user and any actions, instructions and configuration changes made by such user, are deemed to be on your behalf.
  • accept that administration users may invite additional users to the user account by way of a simple registration process.
  • may download, install and use ‘Adapters’ on multiple email programs provided that all the email addresses used have been registered on your account and are used by the nominated user alone.
  • you, as the registered account holder, will take all reasonable steps to ensure that nobody other than yourself as the registered user, access The Services using your user accounts, created with your username and password.
  • as soon as it comes to your attention that somebody has accessed either you or any of your users’ accounts, you must notify us as soon as possible.

Usage

You agree that:

  • you shall only use The Services in a manner that complies applicable laws and regulations in your jurisdiction. Our Acceptable Use Policy sets out in detail the prohibited uses of our Services. You shall (and if you are a business entity you shall ensure that all your authorised users shall) adhere to the terms of our Acceptable Use Policy. We reserve the right to disable your or your users’ access to The Services without further liability if any users breach any clauses within the Acceptable Use Policy or this EULA.
  • your use of The Services shall be in accordance with all restrictions concerning privacy and intellectual property rights.
  • you are responsible for the information technology and computer programs through which you, or any of your users access The Services.
  • you agree for you, and your users, a fair usage of the system would be 100 messages per user per month, which could be averaged across all users within a given company, as long as all users held an individual licence.

You may not:

  • create derivative works based on The Services.
  • attempt to copy, modify, duplicate, or distribute any aspect of the technology comprised in The Services (the “Technology”). sell, assign, disclose, or otherwise transfer or make available the Technology or any copies of the Technology in any form to any third parties.
  • alter, attempt to reverse compile, disassemble, reverse engineer any part of the Technology.
  • remove or alter any proprietary notices or marks on the Technology.
  • provide the Technology, in whole or in part, (including object and source code), in any form to any person without prior written agreement from Beyond Encryption.
  • you have no rights to access the Technology in source-code form.
  • pass yourselves off as Beyond Encryption, as an authorised representative of Beyond Encryption or as the provider of The Services.

SMS

In using this two Factor Authentication facility made available to the sender of a secure message with our Business Premium and Pro licences, for the purpose of ID verification on the part of the recipient, the associated mobile number will be retained and used in accordance with our Privacy Policy.

We anticipate the average system user will utilise 25 SMS messages per month under normal operation and we reserve the right to make additional charges for this functionality of the service should it be deemed by us that such usage is excessive.

At registration the SMS feature will only be available when the recipient has a UK registered mobile number. To use the SMS for non-UK mobile numbers, which may incur additional charges, please contact us at salessupport@beyondencryption.com for further information the activation of this feature.

 

7. Personal Information and Privacy

We are committed to protecting your privacy and we will only use your personal information in accordance with this agreement and our Privacy Policy.

During the registration process we will ask you to provide certain information about you. All personal information that you will provide is listed and governed by Beyond Encryption’s Privacy Policy.

You understand and agree that Beyond Encryption may disclose information if required to do so by law or in the good faith belief that such disclosure is reasonably necessary to comply with legal process, enforce the terms of this EULA, or protect the rights, property or safety of Beyond Encryption, its users, or the public.

By submitting your personal information to us you are confirming that all the details provided by you are up to date and accurate at that time.

If your personal information changes at any time you should promptly update your individual account information by logging in to the website and updating your account details. We will not be responsible or liable for inaccurate data where you have failed to update changes in your personal information.

You are responsible for maintaining the confidentiality and suitability of the password you use to log into your account. We are not liable for any damage or loss that arises from your failure to protect such password and/or account information.

Unipass Identification

Users of The Services will be given the option to sign in with their Unipass Identity.

If the Trust Unipass option is enabled, an automatic check to see if the recipient holds a Unipass Identity that has been linked to a Mailock or Unipass Mailock account occurs during the sending of all secure email messages.

This information will be revealed to the sender of the message so that the appropriate level of challenge can be applied to the email. This ensures the correct and secure handling of the message.

 

8. Providing the Services

Beyond Encryption will provide you with The Services until the contract is cancelled or ended, as per the terms of this Agreement.

If you purchase The Services from us directly or via an Introducer Affiliate, we will provide support and services with all reasonable care and skill. If you have purchased The Services from a Reseller, then your agreement with the Reseller determines the process of raising concerns regarding service levels or functionality.

We will always make every effort to provide you with The Services and access to our website at all times, however at times there may be delays due to matters beyond our reasonable control.

 

9. Fees

Services Purchased Direct from Beyond Encryption

  • If you purchase The Services directly from us, we will bill you, a month in advance, for The Services, based on the number of users registered, user functionality, licence type and any committed licence period.
  • If you have registered your credit card, when creating your subscription, you have authorised for us to invoice and charge your account on the due date each month.
  • If you have set up a direct debit/Go-Cardless/BACS payment method with us, you have authorised us to invoice and bill your account in accordance with the completed direct debit instructions on the due date each month.
  • Increases in licence number or if appropriate an upgrade in licence type will be charged immediately on a pro-rata basis via the payment method chosen.
  • If you do not pay the applicable fees within 10 days after the due date and if you do not contact us, access to all or part of The Services will be removed. In these circumstances we are under no obligation to provide any or all of The Services while the invoice(s) concerned remain unpaid.
  • If you fail to make payment under your agreement then we may charge you interest, which will accrue on a daily basis, from the due date, on the overdue amount at a rate of 3% per annum above Barclays Bank PLC base rate.
  • Non-payment of amounts falling due, may lead to account cancelation and deletion of data held by Beyond Encryption in relation to The Services. Such data deletion will be in accordance with regulatory requirements and Beyond Encryption will not be held liable for any loss incurred by any party as a result of such actions.
  • If additional support is required, an additional set-up fee may be charged depending on the nature and scope of the work.
  • Changes to your account type will be subject to Term and Termination (Section 15) any you may contact salessupport@beyondencryption.com at any time.
  • We reserve the right to amend the fees we charge for The Services from time to time, giving 30 days prior written notice and advertised on our website. Any changes to our fees, which will be no more than 2% above the CPI, shall apply from the date confirmed in the notice but shall not apply in respect of any period for which you have already committed and paid for The Services.

Services Purchased Direct from a Reseller

  • If you purchased The Services from a third-party Reseller your usage fees may be paid to your Reseller or, by agreement, to us.
  • If we are informed by the Reseller that you have not paid your fee to them, or the Reseller does not pay their fee to us, then we may disable your account and any or all of The Services offered by Beyond Encryption while the invoices remain unpaid.

 

10.  Warranties and Disclaimer

We take all reasonable efforts to ensure that our services, our infrastructure and our technology are completely secure. We do not guarantee, represent or warrant that they are and you, as the user, must take responsibility for how you use the technology and services.

We do not warrant or give any assurance that The Services or our means of delivery are compatible with your computer configuration or email provider. It is your responsibility to evaluate and ensure that The Services are the correct solution for your individual circumstances and requirements. Our support team will provide all necessary assistance to you and work with any third-party IT supplier you may use to ensure the delivery of the services to you but we will not be responsible for any costs which you may incur from an external IT supplier without prior agreement.

You acknowledge and agree that:

  • The Services use ‘Encryption Keys’, a mathematical method used to safeguard data, to:
    • encrypt/decrypt messages including all attachments but excluding email addresses and message subject headers.
  • when sending and receiving secure messages transported using The Services, not all encryption keys pass through the Beyond Encryption infrastructure thereby deriving greater privacy and as such this is the recommended method of usage.
  • where a “web browser” is utilised to read or reply to a secure message, all message encryption keys pass through, but not all are stored within, the Beyond Encryption infrastructure. The transient nature of the unstored keys, during a secure read session, may lead you to determine that a lower level of security is derived.
  • you will at all times remain the data controller of the data, information, content and attachments of your email. You approve the release of your email to your intended recipient and by doing so, apart from the ability to revoke your secure email, you transfer control of the content of the email to the recipient.
  • we at no time control the sending or release of your email or assume control over it or its content or the email applications used by you for creating, sending, releasing and storing emails. Beyond Encryption shall not be liable for any release of email by you or any third-party recipient of that email unless such release is due entirely to an act of gross negligence by us.
  • any messages you may receive via The Services are provided and controlled by the sending party and subject to the provisions described in section 12 (Storage and Message Availability).
  • Beyond Encryption will not accept responsibility for maintaining message access beyond the terms noted in this License agreement.

 

11. Data Management

Each party shall comply with its respective obligations under the provisions of the UK Data Protection Legislation (“GDPR), the Data Protection Act 2018 and any related or successor data protection legislation (“Data Protection Legislation”).

We do not expect to have access to or process any personal data that you encrypt using The Services which will, in most cases, be accessible as personal data only by you and the intended recipients of your encrypted emails. To the extent that we process data in connection with the provision of The Services, it is accepted by both parties, on entering this agreement, that you are acting as Data Controller and we are acting as Data Processor on your behalf. References in this section to “data processor”, “data controller” and “personal data” shall have the meanings given to them in GDPR.

To the extent that we act as your data processor, we shall;

  • process personal data provided by you to us to the extent necessary to provide The Services, for the duration of your agreement with us;
  • always process personal data in accordance with your instruction;
  • take appropriate technical and organisational measures to keep your personal data secure and assist you with your obligation to do the same;
  • assist you with any data subject access requests (SAR) (to the extent that we are able considering the limited data on you we are able to access); The extent to which we can comply with both a SAR and Right to be Forgotten will also depend on if you are a sender or a recipient of an email message secured by our Services.
  • assist you with any consultations in relation to data impact assessments;
  • we shall only process personal data to the extent to provide The Services we agreed with you and shall not retain any personal data longer than necessary for the processing and as outlined in our Data Protection, Privacy and Data Retention Policies.
  • not intentionally transfer any personal or identifiable data outside the European Economic Area (EEA) without your prior written consent. This clause is subject to regular review, in line with the continued review of the UK’s Adequacy status following the UK leaving the EEA in Dec 2020.
  • on termination of this agreement, we will delete or archive all personal data held by us. Data will be removed from our data base and archived as stated by our terms of our Data Retention policy prior to full deletion and we will only release your data either via a Subject Access Request (SAR) or request by law enforcement agencies;
  • we will provide you with all information necessary to demonstrate compliance with our obligations in this paragraph on request and will contribute, if considered appropriate, to audits carried out by you;
  • we will report any data breaches to you in accordance with applicable Data Protection Legislation.

It is your responsibility to notify us immediately if you receive any complaint, notice or communication which is related directly or indirectly to the processing of personal data under this agreement and provide us with full operation in relation to any such complaint, notice or communication.

If you have purchased The Services as part of a discounted rate through either a Network, Channel Partner, Partner Reseller, or Introducer Affiliate, we may share your usage data of The Services upon request by the relevant organisation, with any data shared, meeting the requirements as outlined under GDPR.

 

12. Storage and Message Availability

Messages and associated attachments that are managed and processed by The Services are encrypted and stored within a Microsoft Azure environment.

The length of time messages and attachments remain accessible is outlined in the following table;

Account Type

Suitability

Maximum Message Longevity (days from date of send) *

Free

For end user or client

21

Pro

For business

365

 

* Company owners with Mailock Pro accounts are able to select in their company administration console the length of time, from sending, their messages will be available to the recipient, ranging from 7 days to 365 days.

By accepting the terms of this licence agreement, you acknowledge that you are responsible for selecting the appropriate licence type for your requirements.

The use of The Beyond Encryption Services platform will be subject to Microsoft Azure Terms and Conditions which may be found at https://azure.microsoft.com/en-gb/ and may be subject to change.

 

13. Limitation of liability

We have no responsibility to pay you compensation for any data or information that is lost, corrupted, intercepted, forwarded and/or read by the recipient or a third party.

We do not in any way exclude or limit our liability for

  • death or injury caused by our negligence.
  • fraud or fraudulent misrepresentation.

Subject to these areas the extent to which we are liable to you is limited as follows:

  • if you purchased The Services from us, the lower of one hundred thousand pounds (£100,000) or the amount you have paid for the service in that 12-month period.
  • If you purchased The Services from a third-party Reseller, two hundred and fifty pounds, £250, as your principal remedy for any defect shall be against the Reseller from whom you purchased The Services.

We shall not in any way be liable to you for:

  • loss of profits.
  • loss of business.
  • loss of anticipated savings.
  • loss of goods.
  • loss of use of The Services.
  • loss or corruption of data or information or
  • any special, indirect, consequential; or pure economic loss, costs, damages, charges etc.

Neither party in this agreement will be liable to the other for any indirect, special or consequential loss or damage.

 

14. Third Party Providers

You acknowledge that Beyond Encryption may enable you to correspond with and purchase The Services from third parties via third party websites, and you do so entirely at your own risk. Beyond Encryption does not filter or moderate your communications but simply apply an additional level of security to your existing email facility.

We do not endorse or approve any third-party website and are not responsible for any contract or transaction between you and any third party using Beyond Encryption services.

 

15.   Term and Termination

Term of agreement for direct customers

For monthly subscriptions purchased directly from Beyond Encryption, a one-month notice is required for cancellation after the initial free trial period ends.

If you purchased a yearly subscription, this is considered a 12-month contract with a minimum 1-month notice required to cancel. There will be no refund for a cancellation during the contract term.

Upon cancelling your subscription, your account will be closed and the messages will no longer be accessible. The terms of our data retention can be found in our Privacy and Data Retention Policies.

 

Users with a Free account may also upgrade their licence as per the licence types as defined in Section 4, with the upgrade subject to pro rata charges effective from the date of the licence upgrade.

 

Further information on retention periods for messages when the licence type changes is available from salessupport@beyondencryption.com.

Term of agreement for customers via a Reseller

If you purchased The Services from a Reseller, then this agreement shall commence on the date on which you first install The Services and accept these terms and shall terminate automatically on the date on which your agreement with the Reseller for the provision of The Services ends.

Statutory right of cancellation for consumers

If you are a consumer, you may cancel your agreement with us for the provision of The Services at any time within the agreed Trial period (see clause 16) after placing an order by registering for The Services (“Cancellation Period”). This means that during the Cancellation Period if you change your mind or decide for any other reason that you do not want to receive The Services or keep your account, you can notify us of your decision to cancel the Contract.

If you have expressly requested that we provide The Services at the end of the Trial, but you change your mind during the Cancellation Period you must pay the fee for any period that The Services were made available to you during the Cancellation period.

A cancellation request can only be made by the account administrator through the company administrator console.

Early Termination (non-statutory)

You may terminate this agreement with immediate effect, by written notice to us if;

  • We breach this agreement in any material way, and we do not correct or fix the situation within 14 days of you asking us.
  • we go into liquidation or a receiver or an administrator is appointed over our assets or we become insolvent and cease trading.
  • we are affected by a matter beyond our control, but which affects your use of The Services for longer than 14 days.
  • we change this agreement to your material disadvantage.

In these circumstances we will refund to you the proportion of any fees that you have paid in advance of your agreed termination date.

We may terminate this agreement with immediate effect by written notice to you if;

  • you do not pay us within 10 days after the due date as set out in your payment agreement with us.
  • you breach the contract in any other material way, and you do not correct or fix the situation within 30 days of us asking you in writing.
  • you go into liquidation or a receiver or an administrator is appointed over your assets or you become insolvent or cease trading; or
  • you suspend or cease or threaten to suspend or cease, carrying on all or substantial part of your business.

If you have received The Services as a result of a Third-Party relationship The Service terms may be reviewed at the end of the initial contract term in the event of a material change.

 

16. Trial Terms and Conditions

Prior to entering into a Paid Contract, your licence agreement starts with a “free” period of usage which is considered the Trial period. We grant you a personal, non-transferable, non-exclusive free Licence (the “Trial Licence”) to use the Services during this period, solely for the purpose of evaluating The Services, as you reasonably require, to assess the potential suitability for use within your business.

On expiry of the Trial period if you do not contact us, your account will move to the purchase of a paid Account, reflective of the relevant licence type, with payment due from the trial end date. During the Trial period you can cancel your subscription by exercising your statutory cancellation rights as outlined in Clause 15.

If you decide to end your account, you may either choose a Free Account with reduced functionality, if appropriate to your licence type, to downgrade your account as per the licence types outlined in Clause 12 or to cancel your account.

Details of each account/licence type can be found at our website www.beyondencryption.com.

If the Trial Licence expires or terminates without you having entered into a paid Licence agreement with us or contacted us to advise on downgrading to a Free Account, you acknowledge by agreeing to this Licence agreement, that all data and messages that you have entered during the Trial period will be deleted from The Services and will no longer be accessible to either you as the sender or by the recipient of the emails and will need to be stored on your local storage facility.

 

17. Force Majeure

Sometimes we may not be able to do what we have agreed in this EULA because of something beyond our reasonable control, which may include lock outs, industrial action by third parties, civil commotion, riot, terrorist attack, fire, explosion, other natural disaster, compliance with any law or government instruction or other competent authority or failure of public or private telecommunications networks. This is not an exhaustive list but for any of these examples or others within the same category we do not accept responsibility for not providing The Services.

If such an event does occur and lasts longer than 30 days, termination of the contract could occur from either party without notice.

 

18. Communication

Any notice or communication in connection with this EULA must be in writing and delivered by any of the following: -

  • sent to us by email to an email address provided for this purpose.
  • delivered by hand or prepaid next working day registered delivery service.

Any notice or communication shall be deemed to have been received;

  • if sent and received using The Services.
  • If delivery confirmation is obtained from the recipient including time and authorised signature at the correct address.

 

19. Waiver and Severance

If any aspect of this EULA is invalid, illegal or unenforceable the parties shall negotiate in good faith to resolve any issues so that any changes made are legal, valid and enforceable and achieves the intended commercial result of the original provision.

 

20. General

This Agreement, together with our Acceptable Use Policy and any other contractual arrangements connected with the provision of The Services, constitute an agreement between you and us. Such agreement supersedes and replaces all previous arrangements, promises, assurances, warranties, representations and understandings between us whether written or oral in relation to the subject matter of this agreement.

You acknowledge that in agreeing to the terms of this EULA you do not rely on any statement, representation, assurance or warranty (whether made innocently or negligently) that is not set out in either this agreement or our Privacy Policy or Acceptable Use Policy.

We may transfer our rights and obligations under this contract to another organisation, but this will not affect your rights or our obligations under this agreement. We will always notify you in writing or posting on our website if this happens. You may only transfer your rights and your obligations under this agreement to another person if we agree in writing.

This agreement is between you and Beyond Encryption. No other person shall have any rights to enforce any of its terms. Each of the paragraphs of this agreement operates separately. If any court or relevant authority decides that any of them are unlawful or unenforceable, the remaining paragraphs will remain in full force and effect.

If we fail to insist that you perform any of your obligations under this license agreement or if we do not enforce our rights against you or if we delay in doing so that will not mean that we have waived our rights against you.

We reserve the right to amend this EULA from time to time to reflect changes in law or changes in the way we run our business. We will give you reasonable advance notice of any such change by email before it takes effect. If the changes to this EULA notified to you are unacceptable to you, you can choose to terminate this agreement in accordance with clause 15.

You should check this EULA before signing up for and/or purchasing our Services as they may have changed since your last visit.

 

21. Confidentiality

Each party undertake that it shall not at any time disclose, to any person any confidential information provided to it by the other party (including information relating to the business affairs, customers, clients or suppliers of the other party) or use it for any purpose besides the purposes of this agreement unless required by law or any government or regulatory authority or for each party to perform its obligations under this agreement.

This shall not prevent a party from disclosing information to its employees with a need to know such information in connection with the agreement or to its professional advisers who are themselves subject to an obligation of confidentiality.

 

22. Governing Law and Jurisdiction

Consumers

If you are a consumer, this agreement and any dispute or claim arising out of or in connection with it will be governed by English law. You and we both agree that the courts of England and Wales will have non-exclusive jurisdiction.

However, if you are a resident of another jurisdiction in the EU, you may bring proceedings in the jurisdiction of your residence.

Non-Consumers

If you use The Services otherwise than as a consumer, then to the extent that you do so this agreement and any dispute or claim arising out of or in connection with it or its subject matter or formation (including non-contractual disputes or claims) shall be governed by and construed in accordance with the law of England and Wales; and we both irrevocably agree that the courts of England and Wales shall have exclusive jurisdiction to settle any dispute or claim arising out of or in connection with this agreement, or its subject matter or formation (including non-contractual disputes or claims).