Cybersecurity
Agreement

Empty space

PREPARED FOR
[Client Company Name] 

PREPARED BY
[Cybersecurity Company Name]

Cybersecurity Agreement

This Cybersecurity Agreement (hereinafter referred to as the "Agreement") shall become effective as of [Agreement Effective Date] (hereinafter referred to as the "Effective Date"),
 
By and Between 
 
[Client Company Name] (hereinafter referred to as the "Company"), with its principal place of business at [Client Company Address], and;
 
[Cybersecurity Company Name] (hereinafter referred to as the "Contractor"), with its principal place of business at [Cybersecurity Company Address].
 
The Company and the Contractor shall be collectively referred to as the "Parties" and individually as the "Party."
 
WHEREAS, the Company is engaged in [Client Company Business Description] and wishes to avail itself of the cybersecurity services of the Contractor;
 
AND, WHEREAS, the Contractor has agreed to provide the requested service to the Company on the terms and conditions set forth below.
 
The Parties agree to the following terms and conditions:

TERMS OF THE AGREEMENT.

1. DEFINITIONS.

(a) Company Data. Company Data is any and all data that the Company has disclosed to the Contractor. For the purposes of this Agreement, Company Data does not cease to be Company Data solely because it is transferred or transmitted beyond the Company’s immediate possession, custody, or control.

(b) Data Breach. The unauthorized access and acquisition of computerized data that materially compromises the security of confidential and/or sensitive personal information maintained by the Company as part of a fact base of distinctive information regarding a range of individuals and/or that leads to a breach and/or the Company has sufficient reason to believe has to lead to loss or injury to any Company's properties.

(c) System. A range of equipment that assists operations or drives a specific goal. This may consist of a distinct set of knowledge resources, such as servers, software, and storage devices, arranged for the assembly, processing, treatment, application, sharing, dissemination, or creation of information.

(d) Change Management. A formal process is used to ensure that changes to a System are introduced in a controlled and coordinated manner. This reduces the possibility of unnecessary changes to the System, faults or vulnerabilities, or changes made by other users being undone.

2. SERVICES.

The Company agrees to purchase such services from the Contractor as mentioned below:
(a) [Service 1 Name] 
(b) [Service 2 Name] 
(c) [Service 3 Name] 

3. TERM OF SERVICE.

This Agreement will be effective as of the Effective Date and will continue for [Agreement Term] unless terminated early or extended by mutual written consent between the Parties or by the provisions of this Agreement.

4. DISCLOSURE OF COMPANY DATA.

The Contractor shall not disclose Company Data in any manner that would lead to a violation of state or federal law or the terms of this Agreement, including, without limitation, using, outsourcing, distributing, retransferring, or accessing to any individual or entity, except:

(a) Employees or agents who actually and legitimately need to access or use Company Data to perform the Contractor’s duties to the Company.

(b) Such external mediators are approved by the Company in writing and in advance of any disclosure, but only to the extent of such approval.

5. USAGE POLICY.

The Contractor shall only use, store, or access Company Data in compliance with and only to the extent permissible under this Agreement. Any transmission, transportation, or storage of Company Data outside [Usage Limits on Location] is prohibited except on prior written authorization by the Company.

6. PAYMENT.

The Company shall pay the Contractor the agreed-upon amount of [Total Payment]. The payment shall be made upon receipt of the invoice. The Company shall make the payment to the Contractor within [Payment Due in Days] day(s) of the invoice date. The mode of payment shall be [Mode of Payment] or any other mode of payment as mutually agreed by both Parties.
 
Please find below the price of the services to be provided:

Service Name	Price	Quantity	Subtotal
[Service Name]	$[Price Per Unit]	[Quantity]	$[Amount]
[Service Name]	$[Price Per Unit]	[Quantity]	$[Amount]
[Service Name]	$[Price Per Unit]	[Quantity]	$[Amount]
Total (Inclusive of all taxes): $[Total Amount]

7. SAFEGUARDING COMPANY DATA.

(a) The Contractor concurs that implementation, data storage, and access to Company Data shall be executed with proficiency, care, and judgment in accordance with the general standards of quality adherence.

(b) The Contractor shall implement and maintain the integrity of the Company Data.

(c) The Contractor shall also implement and maintain any safeguards required to be implemented by applicable state and federal laws and regulations.

(d) The System shall use secure protocols and encryption to safeguard Company Data in transit.

(e) The Contractor understands that the System may be placed on a public network and shall implement safeguards reasonably necessary to protect its System from compromises and attacks.

(f) The Contractor shall

(i) Limit administrative access to the System.

(ii) Limit remote access to the System.

(iii) Limit permits and benefits to the minimum unless necessary for the proper functioning of the Company operations.

(iv) Withdraw or dismantle applications and services that are not needed for the proper regulation of the System.

(v) Use official accounts and not shared accounts.

(vi) Use standard industry-compliant services for substantiation and authorization.

(vii) Facilitate an appropriate level of audit and log for the System and its applications.

8. OVERSIGHT.

The Company reserves the right to request security information reasonably necessary to ascertain the Company’s own compliance with state and federal data privacy laws. Upon the Company’s request, the Contractor shall provide a copy of its most recent SOC2 audit report and that of any data center in which the Company Data is stored.

9. DATA BREACH.

(a) If Contractor becomes aware that Company Data may have been accessed, disclosed, or acquired without proper authorization and contrary to the terms of this Agreement, Contractor shall bring this to the Company's notice within [Number of Days to Report Data Breach] business day(s) and shall process measures to preserve forensic evidence and eliminate the cause of the Data Breach.

(b) The Contractor shall give the highest priority to immediately correcting any Data Breach and shall devote such resources as may be required to accomplish that goal.

(c) The Contractor shall provide the Company with information necessary to enable the Company to understand the nature and scope of the Data Breach fully.

(d) Upon request, the Contractor shall provide the Company information about what the Contractor has done or plans to do to mitigate any deleterious effect of the unauthorized use, disclosure of, or access to Company Data.

(e) In the event that a Data Breach requires the Contractor’s assistance in reinstalling software, such assistance shall be provided without any additional cost to the Company.

(f) The Company may discontinue any services or products provided by the Contractor until the Company, in its sole discretion, determines that the cause of the Data Breach has been sufficiently mitigated.

10. NO SURREPTITIOUS CODE.

(a) The Contractor agrees that, to the best of its knowledge, the System does not contain any code or mechanism that collects personal information or maintains control of the System without the Company’s permission or any action that may restrict the Company’s access to or use of Company Data.

(b) The Contractor further warrants that it will not knowingly introduce, via any means, spyware, adware, ransomware, rootkit, keylogger, virus, trojan, worm, or other code or mechanism designed to permit unauthorized access to Company Data, or which may restrict Company’s access to or use of Company Data.

11. WARRANTIES.

The Contractor warrants that the services purchased hereunder are free and clear of any defects for a period of [Warranty Tenure] month(s) from the warranty activation date. The Contractor shall abide by this warranty and fix any issue at an authorized Contractor service center in [Warranty Covered State].

12. COMPELLED DISCLOSURE.

Suppose the Contractor is served with any subpoena, discovery request, court order, or other legal request or command that calls for disclosure of any Company Data. In that case, the Contractor shall promptly notify the Company in writing and provide the Company sufficient time to obtain a court order or take any other action the Company deems necessary to prevent the disclosure or otherwise protect Company Data.
 
13. TERMINATION.

(a) Upon expiration or termination of the Agreement, the Contractor shall ensure that no Data Breach occurs and shall follow the Company’s instructions as to the preservation, transfer, or destruction of Company Data.

(b) Upon request by the Company, the Contractor shall certify in writing to the Company that the return or destruction of data has been completed.

(c) The Contractor shall continue to protect Company Data in accordance with this Agreement till the time it is mutually nullified.

(d) Upon termination of this Agreement, the Contractor shall cease reproducing, advertising, marketing, and distributing any material or information pertaining to the Company immediately.

14. INDEMNIFICATION.

Both Parties agree to indemnify, defend, and hold the other Party harmless from any actions, suits, claims, damages (actual and consequential), judgments, levies, executions, liabilities, losses, expenses, and other costs incurred in connection with this Agreement whether by an act or omission to act by the Parties except for gross negligence, willful misconduct or bad faith.

15. ARBITRATION.

In the event of any dispute arising in and out of this Agreement between the Parties, it shall be resolved by arbitration. There shall be [Number of Arbitrators] arbitrator(s), who shall be appointed by [Arbitration Appointing Party Name]. The venue of arbitration shall be [Location of Arbitration], and the Seat shall be [State of Seat]. The arbitrators' decision shall be final and binding on both Parties.

16. ASSIGNABILITY. 

Neither Party may assign this Agreement or the rights and obligations thereunder to any third party without the prior express written approval of the other Party, which shall not be unreasonably withheld.

17. NOTICES. 

Any notices required or permitted by this Agreement shall be in writing and delivered by certified mail or courier to the mentioned address.

18. FORCE MAJEURE. 

No Party shall be liable or responsible to the other for any loss or damage or for any delays or failure to perform under this Agreement due to causes beyond its reasonable control, including, but not limited to, acts of God, employee strikes, epidemics, war, riots, flood, fire, sabotage, terrorist acts or any other circumstances of like character.

19. SEVERABILITY. 

Suppose any term, clause, or provision hereof is held invalid or unenforceable by a court of competent jurisdiction. In that case, all other terms will remain in full force and effect until the termination of the Agreement.

20. GOVERNING LAW AND JURISDICTION. 

This Agreement shall be governed by the laws of [Governing Law]. Suppose the disputes under this Agreement cannot be resolved by arbitration. In that case, they shall be resolved through litigation in the courts of [Jurisdiction], including the federal courts therein. The Parties consent to the jurisdiction of such courts, agree to accept service of process by mail, and hereby waive any jurisdictional or venue defenses otherwise available to them.

21. LEGAL AND BINDING AGREEMENT. 

This Agreement is legal and binding between the Parties as stated above. It shall be interpreted and enforced in accordance with the applicable laws of the jurisdiction governing this Agreement. Each Party represents that it has the full authority to enter into and perform its obligations under this Agreement.

22. ENTIRE AGREEMENT. 

This Agreement constitutes the entire understanding of the Parties, revoking and superseding all prior agreements between them, and is intended as the final expression of their Agreement. It shall not be modified or amended except in writing, signed by the Parties hereto, and specifically referring to this Agreement. This Agreement shall take precedence over any other documents that may conflict with this Agreement.

ACCEPTANCE AND SIGNATURE.

IN WITNESS WHEREOF, the Parties hereby agree to and have executed this Cybersecurity Agreement on the date first mentioned above. 

[Client Company Name] 

[Cybersecurity Company Name] 

Name:

Name:

Signature:

Signature: 

Date: 

Date:

Cybersecurity Agreement Template

Safeguard your digital assets with a cybersecurity agreement. Clearly outline security measures, responsibilities, and breach protocols to protect sensitive data and secure your business today!

Start creating at $59/document or $99/year for unlimited documents

Fill your responses and complete your document

Personalize with a rich editor

eSign document easily and securely

Related templates

IT Support Contract

Use an IT support contract to lay out service terms, solutions, deliverables, and payment details. Formalize partnerships between the IT service provider and client with ease.

Define clear service levels between a service provider and a client. Outline service expectations, responsibilities, and performance standards clearly to maintain high standards and client satisfaction.

ATTORNEY ADVERTISEMENT: Attorneys advertised on this site are independent attorneys. in your area who’s responsible for this advertisement. LegalZoom.com, Inc. is not an "attorney referral service" or a law firm. The information you provide to LegalZoom is not protected by attorney-client privilege. about this advertisement if you live in Alabama, Missouri, or New York.

Cybersecurity Agreement Template

Related templates

IT Support Contract

Service Level Agreement