Trial Terms of Use
TRIAL AGREEMENT FOR HCL APPSCAN ON CLOUD SERVICE
HCL Technologies Limited, 806 Siddharth, 96 Nehru Place, New Delhi-110019 (“HCL”)
THIS TRIAL AGREEMENT (“AGREEMENT”) GOVERNS CUSTOMER’S TRIAL (“TRIAL”) OF THE HCL APPSCAN ON CLOUD SERVICE (“APPSCAN ON CLOUD”). CUSTOMER IS THE LEGAL ENTITY ORDERING, ACCESSING, OR USING THE TRIAL AND BY ORDERING, ACCESSING, OR USING THE TRIAL, CUSTOMER AGREES TO THE TERMS OF THIS AGREEMENT.
1. HCL AppScan on Cloud Trial
This Trial is made available by HCL for a limited period to enable Customer to evaluate the functionality and technology of AppScan on Cloud. Customer is authorized to use AppScan on Cloud during a specified trial period (“Trial Period”) for the purpose of evaluating its functionality and technology. AppScan on Cloud may only provide a limited set of features and function, therefore use in a production environment or for commercial purposes is not supported under this Agreement and any such use is solely at Customer's own risk.2. Charge Metrics
Generally, there are no charges for the Trial, unless otherwise specified by HCL or a third-party service provider. If any authority imposes a custom, duty, tax (including withholding tax), levy or fee for the import or export, transfer, access or use of the AppScan on Cloud or third-party service, then Customer is responsible to pay any such amount imposed.
3. Technical Support
Technical support for AppScan on Cloud is not available during the Trial Period.
3.1 Access to Client Data
HCL will have access to Customer data for the purpose of diagnosing issues with AppScan on Cloud, and facilitating scans of Customer’s application by AppScan on Cloud. HCL will access the data only for the purposes of diagnosing issues and fixing any defects or only to the extent applicable, to provide support for other HCL products or services.
4. Service Level Agreement
Service Level Agreements for AppScan on Cloud are not available during the Trial Period.
5. HCL SaaS Offering Additional Terms
5.1 Security Scans
Security scans may not identify all security risks in an application, nor are they designed or intended for use in hazardous environments requiring fail-safe operation, including without limitation aircraft navigation, air traffic control systems, weapon systems, life support systems, nuclear facilities, or any other applications in which failure to identify security risks could lead to death, personal injury, or property damage. Security scans are not warranted to operate uninterrupted or error free.
AppScan on Cloud can be used to help Customer meet compliance obligations, which may be based on laws, regulations, standards or practices. Any directions, suggested usage, or guidance provided by AppScan on Cloud does not constitute legal, accounting, or other professional advice, and Customer is cautioned to obtain its own legal or other expert counsel. Customer is solely responsible for ensuring that Customer and Customer’s activities, applications and systems comply with all applicable laws, regulations, standards and practices. Use of AppScan on Cloud does not guarantee compliance with any law, regulation, standard or practice.
- Customer’s computer systems while running applications under test may hang or crash, resulting in temporary system unavailability or loss of data;
- the performance and throughput of Customer’s systems, as well as the performance and throughput of associated routers and firewalls, may be temporarily degraded during testing;
- excessive amounts of log messages may be generated, resulting in excessive log file disk space consumption;
- data may be changed or deleted as a result of probing vulnerabilities;
- alarms may be triggered by intrusion detection systems;
- emails may be triggered by the email function of the web application being tested;
- AppScan on Cloud may intercept the traffic of the monitored network for the purpose of looking for events.
In the event that Customer inputs authenticated log-in credentials for the application under test into AppScan on Cloud, Customer should only input such credentials for test accounts and not for production users. Use of production user credentials shall be in accordance to the terms herein and may result in personal data being transmitted via AppScan on Cloud.
AppScan on Cloud may be configured to scan production web applications. When Customer sets the scan type as "production," AppScan on Cloud is designed to perform scans in a manner that reduces the risks listed above; however, in certain situations AppScan on Cloud may lead to performance degradation or instability within the tested production sites and infrastructure. HCL makes no warranties or representations with respect to the suitability of using AppScan on Cloud to scan production sites.
IT IS CUSTOMER’S RESPONSIBILITY TO DETERMINE IF APPSCAN ON CLOUD IS APPROPRIATE OR SAFE FOR CUSTOMER’S WEBSITE, WEB APPLICATION, MOBILE APPLICATION OR TECHNICAL ENVIRONMENT.
AppScan on Cloud is designed to identify a variety of potential security and compliance issues in mobile and web applications and web services. It does not test all vulnerabilities or compliance risks, nor does it act as a barrier to security attacks. Security threats, regulations and standards continually change, and AppScan on Cloud may not reflect all such changes. The security and compliance of Customer’s web application, systems and employees, and any remedial actions, are Customer’s responsibility alone. It is solely within Customer’s discretion to use or not use any of the information provided by AppScan on Cloud.
Certain laws prohibit any unauthorized attempt to penetrate or access computer systems. CUSTOMER IS RESPONSIBLE FOR ENSURING THAT CUSTOMER DOES NOT USE APPSCAN ON CLOUD TO SCAN ANY WEBSITES AND/OR APPLICATIONS OTHER THAN WEBSITES AND/OR APPLICATIONS OWNED BY CUSTOMER OR THOSE THAT CUSTOMER HAS THE RIGHT AND AUTHORITY TO SCAN.
Customer content may include data that may become accessible to HCL during Application Penetration Testing, however such data shall be used solely accordance to the terms herein.
The scan results generated by AppScan on Cloud shall not be used for commercial purposes, including but not limited to resell or publication.
5.2 Data Use & Cookies
Please review HCL Privacy Statement information here: https://www.hcltech.com/privacy-statement
Customer is aware and agrees that HCL may, as part of the normal operation and support of AppScan on Cloud, collect personal information from Customer (including Customer’s employees and contractors) related to the use of AppScan on Cloud, through tracking and other technologies. HCL does so to gather usage statistics and information about effectiveness of our AppScan on Cloud for the purpose of improving user experience and/or tailoring interactions with Customer. Customer confirms that it will obtain or have obtained consent to allow HCL to process the collected personal information for the above purpose within HCL, other HCL companies and their subcontractors, wherever such subcontractors do business, solely for purposes within the scope of this Agreement and in compliance with applicable law. HCL will comply with requests from Customer’s employees and contractors to access, update, correct or delete their collected personal information.
As part of AppScan on Cloud that includes reporting activities, HCL will prepare and maintain de- identified and aggregate information collected from AppScan on Cloud (called "Security Data"). The Security Data will not identify the Customer, or an individual except as provided in 4 below. Customer herein additionally agrees that HCL may use and/or copy the Security Data only for the following purposes:
- publishing and/or distributing the Security Data (e.g., in compilations and/or analyses related to cybersecurity);
- developing or enhancing products or services;
- conducting research internally or with third parties; and
- lawful sharing of confirmed third-party perpetrator information.
5.3 Enabling Software
AppScan on Cloud may require the use of enabling software (“Enabling Software”) that Customer downloads to Customer systems to facilitate use of AppScan on Cloud. Customer may use Enabling Software listed below solely in connection with use of AppScan on Cloud. Enabling Software is provided to Customer under following terms:
| Enabling Software | Applicable License Terms (if any) |
| Static Analyzer Command Line Utility (IRX Generator) | Provide for use AS-IS |
| AppScan GO! | Provide for use AS-IS |
| AppScan Presence | Provide for use AS-IS |
| AppScan IAST Agent | Provide for use AS-IS |
5.4 No Warranties
CUSTOMER AGREES THAT DURING THE TRIAL PERIOD APPSCAN ON CLOUD IS PROVIDED “AS- IS” AND HCL MAKES NO WARRANTIES OR REPRESENTATIONS, WHETHER EXPRESS OR IMPLIED, WITH RESPECT TO APPSCAN ON CLOUD, INCLUDING, WITHOUT LIMITATION, ANY IMPLIED WARRANTIES OF MERCHANTABILITY, SATISFACTORY QUALITY, FITNESS OR SUITABILITY FOR A PARTICULAR PURPOSE AND TITLE AND ANY WARRANTY OR CONDITION OF NON-INFRINGEMENT. IN NO EVENT WILL HCL BE LIABLE TO CUSTOMER OR TO ANY OTHER PARTY FOR ANY DAMAGES, LOSS OR LIABILITY, INCLUDING WITHOUT LIMITATION, DIRECT, INDIRECT, SPECIAL, PUNITIVE, EXEMPLARY OR CONSEQUENTIAL DAMAGE, LOSS OR LIABILITY, TIME, MONEY OR GOODWILL WHICH MAY ARISE DIRECTLY OR INDIRECTLY FROM OR RELATED TO CUSTOMER'S OR ANY OTHER PERSON’S USE OF APPSCAN ON CLOUD WHETHER IN CONTRACT, TORT, FOR BREACH OF STATUTORY DUTY OR OTHERWISE TO THE EXTENT PERMITTED BY LAW.
ANY DATA ENTERED OR CONFIGURATIONS OF APPSCAN ON CLOUD DURING THE TRIAL PERIOD MAY NOT BE AVAILABLE AFTER THE TRIAL PERIOD.
5.5 Governing Law
IF CUSTOMER IS LOCATED WITHIN THE US, THIS AGREEMENT SHALL BE GOVERNED AND CONSTRUED IN ACCORDANCE WITH THE LAWS OF THE STATE OF CALIFORNIA, WITHOUT REFERENCE TO (I) ANY CONFLICTS OF LAW PRINCIPLE THAT WOULD APPLY THE SUBSTANTIVE LAWS OF ANOTHER JURISDICTION TO THE PARTIES’ RIGHTS OR DUTIES; (II) THE 1980 UNITED NATIONS CONVENTION ON CONTRACTS FOR THE INTERNATIONAL SALE OF GOODS; OR (III) OTHER INTERNATIONAL LAWS. FURTHERMORE, EACH PARTY (I) HEREBY IRREVOCABLY AGREES TO SUBMIT TO THE JURISDICTION AND VENUE IN THE COURTS OF THE STATE OF CALIFORNIA FOR ALL DISPUTES AND LITIGATION ARISING UNDER OR RELATING TO THIS AGREEMENT AND (II) WAIVES ANY RIGHT TO A JURY TRIAL IN ANY PROCEEDING ARISING OUT OF OR RELATED TO THIS AGREEMENT. FOR COMPANIES LOCATED OUTSIDE THE US, BOTH PARTIES AGREE TO THE APPLICATION OF THE LAWS OF THE COUNTRY IN WHICH CUSTOMER OBTAINED THE TRIAL TO GOVERN, INTERPRET, AND ENFORCE ALL OF CUSTOMER’S AND HCL’S RESPECTIVE RIGHTS, DUTIES, AND OBLIGATIONS ARISING FROM, OR RELATING IN ANY MANNER TO, THE SUBJECT MATTER OF THIS AGREEMENT, WITHOUT REFERENCE TO (I) ANY CONFLICTS OF LAW PRINCIPLE THAT WOULD APPLY THE SUBSTANTIVE LAWS OF ANOTHER JURISDICTION TO THE PARTIES’ RIGHTS OR DUTIES; (II) THE 1980 UNITED NATIONS CONVENTION ON CONTRACTS FOR THE INTERNATIONAL SALE OF GOODS; OR (III) OTHER INTERNATIONAL LAWS. FURTHERMORE, ALL RIGHTS, DUTIES, AND OBLIGATIONS ARISING FROM, OR RELATING IN ANY MANNER TO, THE SUBJECT MATTER OF THIS AGREEMENT, ARE SUBJECT TO THE JURISDICTION OF THE COURTS OF THE COUNTRY IN WHICH CUSTOMER OBTAINED THE TRIAL.
5.6 Limitation of Claims.
UNLESS OTHERWISE REQUIRED BY APPLICABLE LAW WITHOUT THE POSSIBILITY OF CONTRACTUAL WAIVER OR LIMITATION: (I) NEITHER PARTY WILL BRING A LEGAL ACTION, REGARDLESS OF FORM, FOR ANY CLAIM ARISING OUT OF OR RELATED TO THIS AGREEMENT MORE THAN TWO (2) YEARS AFTER THE CAUSE OF ACTION AROSE; AND (II) UPON THE EXPIRATION OF SUCH TIME LIMIT, ANY SUCH CLAIM AND ALL RESPECTIVE RIGHTS RELATED TO THE CLAIM LAPSE.