SendSafely Terms of Service

Last Updated: October 12, 2023

1. Introduction

These SendSafely Terms of Service (the "Terms") govern your ("Customer", "you", or "your") access to and use of SendSafely Inc.'s ("SendSafely", "we", or "our") websites and encrypted data transfer platform (collectively, the "Services"). By accessing or using the Services you agree to be bound by these Terms. If you have a separate written agreement with SendSafely governing your use of the Services, these Terms will not apply to you. If you are using the Services on behalf of an organization, you are agreeing to these Terms for that organization and confirming that you have the authority to bind that organization to these Terms. In that case, "Customer", "you" and "your" will refer to that organization.

SendSafely will provide the Services to you and your End Users (as defined below) pursuant to these Terms and the applicable ordering document(s) between you and SendSafely. You may use the Services only in accordance with these Terms, and only if you have the power to form a contract with SendSafely. You agree that the Services may continue to change over time as we refine and add more features.

2. Your Privacy

SendSafely is committed to ensuring the privacy of the information you provide when using the Services. We use a variety of security technologies and procedures to help protect your information from unauthorized access, use and disclosure. Our policies around what information we collect and how we use that information is explained in our Privacy Policy.

3. Your Data

By using the Services, you and your End Users will provide SendSafely with various data elements, such as profile information, recipient information, usage data, and encrypted files, messages, and other data. Any data that you provide, transfer, or make available through the Services is referred to as "Customer Data" in these Terms. By agreeing to these Terms, you also agree to be bound by the SendSafely Data Processing Addendum. The Services provide features that allow you to share Customer Data with specific individuals or to make it public. There are many things that recipients and other users may do with Customer Data once received (for example, copy it, modify it, re-share it). Please consider carefully what you choose to share or make public. SendSafely has no responsibility to you or any third party for the use of Customer Data by recipients and other users of the Services.

4. Your Responsibilities

End Users and Customer Data. You are responsible for your End Users' use of the Services. "End Users" includes you, your Registered System Users, and the recipients of the encrypted data sent by you or your Registered System Users using the Services. You will obtain any consents necessary from your End Users to allow SendSafely to provide the Services. You will at all times comply with laws and regulations applicable to your use of the Services. You are responsible for the accuracy, quality, integrity, and legality of Customer Data and for the means by which you acquired the Customer Data.

Customer Enterprise Administrators. Business and Enterprise plan customers are required to have a minimum of two End Users designated as an "Enterprise Administrator" at all times. You acknowledge that Enterprise Administrators will have the ability to access, disclose, restrict, and delete Customer Data and configure data retention settings within the Services associated with your End Users. Enterprise Administrators can monitor, restrict, or terminate access for End Users within the Services. You will be responsible for obtaining any consents necessary from End Users to allow your Enterprise Administrators to engage in the activities described above.

Registered System Users. You may be entitled to designate persons as Registered System Users up to the number of Registered System Users permitted under the applicable subscription plan. Each Registered System User will be issued a unique username and password. Such usernames and passwords may not be shared and may not be used to access the Services by anyone who is not the associated Registered System User. Such unauthorized use can result in irreversible disclosure and/or loss of Customer Data for which SendSafely is not responsible.

Customer Administration of the Services. SendSafely's responsibilities do not extend to the internal management or administration of the Services, which include but are not limited to the following additional Customer responsibilities: (i) ensuring that all billing and contact information in Customer's SendSafely account is accurate and current; (ii) proper configuration of retention, expiration, and deletion settings for Customer Data and End Users within Customer's SendSafely portal; (iii) correctly configuring, securing, and maintaining the appropriate levels of confidentiality, integrity, and availability for all platform "master keys"; (iv) manual or automated provisioning and deprovisioning of registered user accounts; (v) enforcing the restrictions on unauthorized use and access described in these Terms; (vi) proper management and retention of trusted device and browser keys; and (vii) proper management of passwords and credentials for user accounts, service accounts, and Enterprise Administrator accounts using industry best practice controls such as multi factor authentication and other recommended steps described in the checklists published in the SendSafely Online Help Center. Customer's failure as to any of the above responsibilities may result in loss of access to or unauthorized disclosure of Customer Data, and Customer acknowledges that SendSafely shall bear no responsibility for such loss or disclosure.

Unauthorized Use & Access. Customer will prevent unauthorized use of the Services by its End Users. In the event such unauthorized use occurs, Customer will terminate the End User's access to the Services. Customer will not allow any person under the age of 16 to use the Services. Each user and service account will have a unique username and password. Such usernames and passwords may not be shared. You are responsible for safeguarding the credentials that you use to access the Services and you agree not to disclose these credentials to any third party. Customer acknowledges and agrees that SendSafely does not monitor or police the content of Customer's or its End Users' communications or data transmitted through the Services, and that SendSafely shall not be responsible for the content of any such communications or transmissions. You are responsible for any activity using your account, whether or not you authorized that activity.

Personal (free) accounts are for use by individuals only and are not to be used for commercial or business purposes. If you are accessing the Services in your capacity as an employee or contractor of an organization with more than five (5) employees, you must do so under a Business or Enterprise subscription plan. Accessing the Services through a Personal, Basic, or Pro subscription plan for the benefit of an organization with more than five (5) employees is strictly prohibited and constitutes unauthorized use of the Services.

Customer agrees not to transmit any content or data which (i) contains malicious code; (ii) violates the rights of others, such as data which infringes on any intellectual property right or violates any right of privacy or publicity; or (iii) otherwise violates any applicable law or regulation. Customer further agrees not to interfere with or disrupt networks connected to the Services, not to interfere with any third party's use and enjoyment of similar services, and to comply with all regulations, policies and procedures of networks connected to the Services. SendSafely may remove any violating content transmitted through the Services without notice to Customer. Customer shall not use the Services for the purpose of designing, modifying, or otherwise creating any environment, program, or infrastructure which performs functions similar to the functions performed by the Services. Customer shall not attempt to reverse engineer or decompile the Software nor assist anyone else to do so. Customer will promptly notify SendSafely if Customer becomes aware of any unauthorized use of or access to the Services.

5. Software and Updates

Some portions of the Services allow or require you and your End Users to download SendSafely software ("Software") which may update automatically when a new version becomes available. We grant you a limited, nonexclusive, nontransferable, revocable license to use the Software, solely to access the Services for your internal use. If any component of the Software is offered under an open source license, we will make the license available to you and the provisions of that license may expressly override some of these Terms. Your license to use the Software is automatically revoked if you violate these Terms.

6. Proprietary Rights

SendSafely's Proprietary Rights. SendSafely retains all right, title, and interest in and to the Services, including without limitation all software used to provide the Services and all graphics, user interfaces, logos, and trademarks reproduced through the Services. These Terms do not grant you any intellectual property license or rights in or to the Services or any of its components, except to the limited extent that such rights are necessary for your use of the Services as specifically authorized by these Terms. You agree that the Services and its components are protected by copyright, other laws, and treaties. While we appreciate it when users send us feedback, please be aware that we may use any feedback, comments, or suggestions you send us or post in our forums without any obligation to you.

Customer's Proprietary Rights. As between Customer and SendSafely, Customer Data shall be the sole and exclusive property of Customer.

Limited License. Customer grants SendSafely the rights that are reasonably necessary for SendSafely to provide the Services (e.g., hosting and processing Customer Data). This permission also extends to trusted third parties SendSafely works with to offer the Services (e.g., payment providers used to process payment of fees).

Premium Advisory Services. To the extent you request and SendSafely agrees to make available an appropriate number of employees to advise you concerning supplemental setup and integration matters ("Premium Advisory Services"), such technical advisory services will be provided on a consultative basis. SendSafely, at its sole discretion, will determine whether resources are available for the requested Premium Advisory Services. SendSafely's fees for Premium Advisory Services are billed on a time-spent basis and calculated according to hourly rates detailed in the applicable order or pricing document. You acknowledge that these Terms do not grant you any intellectual property license or rights in or to sample code or PoC code referenced by SendSafely in providing Premium Advisory Services. You are solely responsible for any claims arising from your use of any sample code referenced by SendSafely in providing Premium Advisory Services.

7. Other Content

The Services may contain links to third-party websites or resources. SendSafely does not endorse and is not responsible or liable for their availability, accuracy, the related content, products, or services. You are solely responsible for your use of any such websites or resources.

8. Payment for Services

Invoicing and Payment. SendSafely offers multiple subscription plans, many of which will require you to remit a monthly or annual payment. Monthly invoicing, using a PO or otherwise, is only available for Business and Enterprise plans that exceed monthly minimum amount requirements set by SendSafely. For all other subscription plans, the subscription fee will be automatically debited at the intervals described in the ordering document until you cancel the subscription. If you wish to no longer use the Services, you can cancel your Business/Enterprise plan by contacting our customer support team. Personal, Basic, and Pro plans can be canceled by logging into your SendSafely account. Unless an accelerated termination right is expressly provided hereunder, such termination shall become effective (the “Effective Termination Date”) as follows: (i) if you prepay subscription fees annually, such termination shall become effective thirty (30) days from SendSafely’s receipt of the termination notice; or (ii) if you pay subscription fees monthly, your next scheduled payment following SendSafely's receipt of the termination notice will be your final subscription payment, and these Terms will terminate after the final day of the paid-up subscription term. The Effective Termination Date may be earlier if SendSafely terminates these Terms, or you request an earlier shutdown date that satisfies the termination notice requirement above. Please note that if you cancel your subscription, you will not receive a refund for amounts you have already paid and any subscription fees for the remaining subscription term identified in an ordering document will become immediately due and payable.

Renewals and Additional Users. For Business/Enterprise plan customers who elect to prepay the subscription fees by annual invoice, you may only add users during the subscription term if purchasing a minimum number of additional users, determined by SendSafely, via a co-termed expansion or early renewal. At the time of subscription renewal, any number of additional users can be added. The Customer Success Team will contact your portal administrator or billing contact prior to expiration of the subscription term to facilitate renewal of a subscription paid by annual invoice.

9. Termination

You may stop using our Services any time. We reserve the right to suspend or end your access to the Services at any time, with or without cause, and with or without notice in our sole discretion. For example, we may suspend or terminate your use of the Services if you breach these Terms or use the Services in any way that would cause us legal liability or disrupt other use of the Services. If we suspend or terminate your use, we may let you know in advance and help you retrieve data, though there may be some cases (for example, following repeated or flagrant violations of these Terms, a court order, or if we determine your use poses a danger to others) where we may suspend immediately and without notice.

Effects of Termination. Upon any termination of these Terms: (i) the rights granted by SendSafely to Customer will cease and Customer shall stop using the Services immediately (except as set forth in this section); and (ii) upon Customer’s timely request within thirty (30) days following the Effective Termination Date, SendSafely will restore Customer access to Customer’s account at then current fees so that Customer may export Customer Data. SendSafely will delete Customer Data from SendSafely’s systems by automated process following the thirty-day retention period unless earlier deletion is requested by Customer. Customer may also export Customer Data during the subscription period using the self-service export tool. Customer acknowledges that SendSafely will have no obligation to maintain and will not be liable for any loss or corruption of Customer Data once deleted from SendSafely’s systems.

10. Disclaimer

THE SERVICES AND SOFTWARE ARE PROVIDED AS-IS, AT YOUR OWN RISK, WITHOUT EXPRESS OR IMPLIED WARRANTY OR CONDITION OF ANY KIND. WE ALSO DISCLAIM ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. SENDSAFELY WILL HAVE NO RESPONSIBILITY FOR ANY HARM TO YOUR COMPUTER SYSTEM, LOSS OR CORRUPTION OF DATA, OR OTHER HARM THAT RESULTS FROM YOUR ACCESS TO OR USE OF THE SERVICES OR SOFTWARE. SOME STATES DO NOT ALLOW THE TYPES OF DISCLAIMERS IN THIS PARAGRAPH, SO THEY MAY NOT APPLY TO YOU.

11. Indemnification

You shall defend and indemnify SendSafely and SendSafely's affiliates, officers, employees, agents, suppliers and licensors (collectively, the "Indemnified Parties") against any "Indemnified Claim," meaning any third party claim, suit, or proceeding arising out of, related to, or alleging: (i) your negligence or willful misconduct, (ii) your breach of these Terms, or (iii) a Data Incident. A "Data Incident" is any (i) unauthorized disclosure of, access to, or use of Customer Data or (ii) violation of Privacy/Security Law through your account. Data Incidents include, without limitation, such events caused by you, by your customers or other users, by hackers, and by any other third party. "Privacy/Security Law" means applicable law governing the protection or management of personal information.

12. Limitation of Liability

TO THE FULLEST EXTENT PERMITTED BY LAW, IN NO EVENT WILL SENDSAFELY, ITS AFFILIATES, OFFICERS, EMPLOYEES, AGENTS, SUPPLIERS OR LICENSORS BE LIABLE FOR ANY INDIRECT, SPECIAL, INCIDENTAL, PUNITIVE, EXEMPLARY OR CONSEQUENTIAL (INCLUDING LOSS OF USE, DATA, BUSINESS, OR PROFITS) DAMAGES, REGARDLESS OF LEGAL THEORY, WHETHER OR NOT SENDSAFELY HAS BEEN WARNED OF THE POSSIBILITY OF SUCH DAMAGES, AND EVEN IF A REMEDY FAILS OF ITS ESSENTIAL PURPOSE. SENDSAFELY'S AGGREGATE LIABILITY TO CUSTOMER FOR ALL CLAIMS RELATING TO THE SERVICES SHALL NOT EXCEED THE AMOUNTS PAID BY YOU TO SENDSAFELY FOR THE PAST SIX MONTHS OF THE SERVICES IN QUESTION. SOME STATES DO NOT ALLOW THE TYPES OF LIMITATIONS IN THIS PARAGRAPH, SO THEY MAY NOT APPLY TO YOU.

13. Confidential Information

Confidential Information Defined. "Confidential Information" refers to the following items one party to these Terms ("Discloser") discloses to the other ("Recipient"): (a) any document Discloser marks "confidential"; (b) any information Discloser orally designates as "confidential" at the time of disclosure; (c) any other non-public information Recipient should reasonably consider confidential, whether or not marked "confidential." Notwithstanding the foregoing, Confidential Information does not include information that: (i) is in Recipient's lawful possession at the time of disclosure; (ii) is independently developed by Recipient without use of or reference to Confidential Information; (iii) becomes known publicly, before or after disclosure, other than as a result of Recipient's improper action or inaction; or (iv) is approved for release in writing by Discloser.

Nondisclosure. Recipient shall not use Confidential Information for any purpose other than to facilitate the transactions contemplated by these Terms (the "Purpose"). Recipient: (a) shall not disclose Confidential Information to any employee or contractor of Recipient unless such person needs access in order to facilitate the Purpose and is subject to nondisclosure obligations no less restrictive than those of this Section 13; and (b) shall not disclose Confidential Information to any other third party without Discloser's prior written consent. Without limiting the generality of the foregoing, Recipient shall protect Confidential Information with the same degree of care it uses to protect its own confidential information of similar nature and importance, but with no less than reasonable care. Recipient shall promptly notify Discloser of any misuse or misappropriation of Confidential Information that comes to Recipient's attention. Notwithstanding the foregoing, Recipient may disclose Confidential Information to the extent required by applicable law or by proper legal or governmental authority. Recipient shall give Discloser prompt notice of any such legal or governmental demand, to the extent permitted under law, and reasonably cooperate with Discloser in any effort to seek a protective order or otherwise to contest, limit, or protect such required disclosure, at Discloser's expense.

Injunction, Termination, and Retention of Rights. (a) Injunction. Recipient agrees that: (i) no adequate remedy exists at law if it breaches any of its obligations in this Section 13; (ii) it would be difficult to determine the damages resulting from its breach of this Section 13, and such breach would cause irreparable harm to Discloser; and (iii) a grant of injunctive relief provides the best remedy for any such breach, without any requirement that Discloser prove actual damage. Recipient waives any opposition to such injunctive relief. (b) Survival. The obligations of Section 13 above will survive termination or expiration of these Terms. (c) Return and Retention of Rights. Upon Discloser's request, Recipient shall return all copies of Confidential Information to Discloser or certify, in writing, the destruction thereof. These Terms do not transfer ownership of Confidential Information or grant rights thereto. Discloser retains all right, title, and interest in and to all Confidential Information.

14. General Terms

Modifications. We may revise these Terms from time to time and the most current version will always be posted on our website. If a revision, in our sole discretion, is material we will notify you (for example via email to the email address associated with your account). Other changes may be posted to our website without notice. By continuing to access or use the Services after revisions become effective, you agree to be bound by the revised Terms. The updated version of the Terms supersedes all prior versions. If you do not agree to the updated version of these Terms, you must stop using the Services immediately.

Automatic Renewals. UNLESS STATED OTHERWISE IN THE APPLICABLE ORDERING DOCUMENT, ALL SUBSCRIPTIONS WILL AUTOMATICALLY RENEW FOR ONE OR MORE ONE-YEAR RENEWAL TERM(S) UNTIL A PARTY PROVIDES 30 DAYS NOTICE OF NON-RENEWAL OR TERMINATION. SENDSAFELY WILL PROVIDE CUSTOMER REASONABLE PRIOR NOTICE OF EACH RENEWAL, AFTER WHICH SENDSAFELY MAY AUTOMATICALLY CHARGE CUSTOMER FOR THE RENEWAL UNLESS CUSTOMER NOTIFIES SENDSAFELY THAT CUSTOMER WANTS TO CANCEL OR DISABLE AUTO RENEWAL.

Service Levels. Each Registered System User account, including all user and service accounts, will be bound by the limits outlined on the SendSafely Plan Specifications and Limits page. Any Registered System User account that requires usage in excess of these limits, such as accounts used for high-volume API integrations, must be pre-authorized by SendSafely and may be subject to additional Usage Based Charges depending on Customer's current subscription level.

Governing Law. These Terms will be governed by Delaware law except for its conflicts of laws principles.

Beneficiary Rights. These terms create no third-party beneficiary rights.

Waiver. Our failure to enforce a provision is not a waiver of its right to do so later. If a provision is found unenforceable the remaining provisions of these Terms will remain in full effect and an enforceable term will be substituted reflecting our intent as closely as possible.

Assignment. You may not assign any of your rights in these Terms, and any such attempt is void, but SendSafely may assign its rights to any of its affiliates or subsidiaries, or to any successor in interest of any business associated with the Services. SendSafely and you are not legal partners or agents; instead, our relationship is that of independent contractors.

Use of Third Parties. SendSafely may utilize third parties in the performance of the Services without the prior consent of Customer.

Force Majeure. No delay, failure, or default, other than a failure to pay fees when due, will constitute a breach of these Terms to the extent caused by or resulting from any act of God, riot, fire, explosion, accident, flood, sabotage, war, inability to obtain power, embargo, lockouts, strike or labor trouble, governmental law, regulation, or order, or other cause beyond the performing party's reasonable control.

Limitation of Action. No action arising out of these Terms, regardless of the form of action, may be brought by Customer more than one year after the action accrued.

Agreement to Informally Resolve Dispute. SendSafely wants to understand and address concerns quickly and to Customer's satisfaction. Before filing a claim, each party agrees to try to resolve the dispute by contacting the other party through the notice procedures outlined in these Terms. If a dispute is not resolved within thirty (30) days of notice, Customer or SendSafely may bring a formal proceeding.

Agreement to Arbitrate. All disputes shall be resolved finally and exclusively by binding individual arbitration with a single arbitrator administered by the American Arbitration Association (www.adr.org) or JAMS (www.jamsadr.com) according to this provision and the applicable arbitration rules for that forum.

No Class Actions. Customer may only resolve disputes with SendSafely on an individual basis and will not bring a claim in a class, consolidated, or representative action. Class arbitrations, class actions, private attorney general actions, and consolidation with other arbitrations are not allowed.

Publicity. Customer agrees that SendSafely may include Customer's name or logo in a list of customers, online or in promotional materials. Customer also agrees that SendSafely may verbally reference Customer as a customer of the Services.

Inactive Accounts. SendSafely reserves the right to delete an inactive account and its data if you do not log into the Services for at least twenty-four months.

Entire Agreement. These Terms, including any SendSafely ordering documents and invoices for the Services, constitute the entire agreement between the parties with respect to the subject matter and supersede any prior agreement or communications between the parties relative thereto, whether written or oral. If there is a conflict between the documents that make up these Terms, the documents will control in the following order: the invoice, the SendSafely ordering document, these Terms. The parties agree that any term or condition stated in Customer's vendor registration form, registration portal, or in any purchase order or similar document originating from Customer will be construed solely as evidence of Customer's internal business processes and the terms and conditions contained therein will be void and have no effect with regard to these Terms, even if accepted by SendSafely or signed by the parties after these Terms become effective.

Export Restrictions. Customer agrees to comply with applicable U.S. Government, EU and UN export and reexport laws, regulations and requirements. Customer further certifies that it will not export or reexport any software or services that may be subject to such laws, regulations and requirements, to any location, or to any end-user, or for any end-use, without first obtaining any export license, permit or other approval that may be required. Without limiting the foregoing, Customer specifically agrees that it will not export or reexport any software or services subject to export and reexport laws to (1) any Group E country listed in SUPPLEMENT NO. 1 TO PART 740 - COUNTRY GROUPS and the Crimea Region of Ukraine or (2) any person listed in any Denied Party Lists, or (3) for any restricted end-use, including those related to the development, production or use of nuclear, chemical or biological weapons or missiles.



If you have any questions relating to these terms you can contact us via email at info@sendsafely.com.