Terms of Services
Dated: 4th July 2017
Unless you have entered into a separate SAAS agreement with us, these Terms of Service (together with the documents referred to in it) tell you the terms on which you may make use of the services which are made available to you via our software platform at https://snyk.io and our CLI tool (together, the “Platform”) (the “Services”), as well as all information and data made available to you in connection with the Services (“Service Data”).
If you have entered into a separate SAAS agreement with us for your and your employees, contractors and agents use of the Services, then that agreement will apply instead of these Terms of Service.
Please read these Terms of Service carefully before you start to use the Services. We recommend that you print a copy of this for future reference.
By using the Services or installing our CLI tool, you are confirming that you accept these Terms of Service and that you agree to comply with them. If you do not agree to these Terms of Service, you must not use the Services.
Other applicable terms
These Terms of Service refer to the following additional terms, which also apply to your use of the Services:
Snyk Limited (“Snyk”, “us”, “our” or “we”) is the provider of the Services and operator of the Platform. We are registered in England and Wales under company number 09677925 and have our registered office at 2 Angel Square, London, EC1V 1NY, UK. Our VAT number is 227200547.
2. Changes to these terms
We may revise these Terms of Service at any time by amending this page. Where appropriate (for example, where the changes limit your rights or increase your obligations), we will also give you notice of the changes by sending you an email – where possible, a reasonable time in advance. The process for changes to fees and payment plans is set out separately in clause 8. If you are using the Services as an anonymous user (and therefore on a session by session basis), the version of these Terms of Service which is in force at the beginning of a particular session will apply to your use of the Services during that particular session. We will not notify you of changes.
Please check this page from time to time and give careful consideration to any emails we send you, as the changes to the Terms of Service will be binding on you.
3. User account
If you register for an account on the Platform (including via third party authentication), you are responsible for any use of our Services with your account details, and for protecting your account details from unauthorised use. You are also responsible for the security of any computer from which you sign in to your account.
You may also use our Services as an anonymous user, in which case no account is necessary.
In the case of a company, you hereby warrant that you have authority to bind the company (as the contracting party) to these Terms of Service. In the case of an individual, you hereby warrant that you are 18 years of age or older or, where you are not, that you have the consent of your parent or guardian to use the Services in accordance with these Terms of Service.
4. Rights we grant you
We grant you a non-exclusive, non-transferable, revocable right to install and make use of the Services and to make use of the documentation available at https://snyk.io/docs (“Documentation”) and Service Data, solely for your internal business operations and in accordance with these Terms of Service.
This licence shall remain in effect until and unless these Terms of Service are terminated by you or us (see clause 13 for information about termination). You promise and agree that you will only make use of the Services, Documentation and Service Data within the scope of this licence and limits, terms and conditions set out in these Terms of Service, and that you will not redistribute or transfer the Services, Documentation or Service Data, or any part of them.
You acknowledge that all intellectual property rights in the Services, the Documentation, the Service Data and the Platform anywhere in the world belong to us or our licensors (even after installation onto a computer owned by you or integration into your system), and that you have no rights in or to the Services, Documentation, Service Data or the Platform other than the right to use each of them in accordance with the terms of these Terms of Service.
In the event that you breach the terms of the licence granted to you herein and such breach results in the creation of derivative works of the Services, the Documentation, and/or the Service Data (“Improvements”), you hereby assign with full title guarantee all such Improvements to us. Such assignment does not preclude us from taking any legal or other action against you for contravention of these terms and conditions, including for infringement of our intellectual property rights.
From time to time, we may introduce new services, features or functionality to the Services. These Terms of Service will apply to such new services, features or functionality, unless they come with separate or additional terms, in which case you will be required to agree to such separate or additional terms before being permitted to use the new services, features or functionality.
We undertake that the Services will be performed substantially in accordance with the Documentation and with reasonable skill and care. This undertaking shall not apply to the extent of any non-conformance which is caused by your use of the Services contrary to our instructions or these Terms of Service, or any alternation or modification made to the Services or the software used in the provision of the Services by a third party who is not authorised by us. You understand and agree that we have no obligation to modify software to support your use of the Services.
We do not warrant that:
- the Services will be able to find and monitor all vulnerabilities in all dependencies (including open source dependencies) included or used by your application. Whilst we endeavour to keep up to date and build on our open source vulnerability database, you acknowledge that it does not provide any legal or other professional advice in relation to the Services and that we do not guarantee it is a complete source of all vulnerabilities and license issues for all dependencies or that it is relevant or suited to all the dependencies included or used by your applications;
- we will be able to fix all vulnerabilities discovered using the Services; or
- a patch will not break the functionality of your code or will not result in the introduction of new vulnerabilities. We take care when authoring patches and test all patches before making them available to you as part of the Services; however, you acknowledge that it is your responsibility to assess the impact of patch before using it.
You further acknowledge that the suggestions made by us in relation to fixes (whether for updates, patches or monitoring services) are provided for general information only, and have not been made with your particular requirements in mind. It is therefore not intended to amount to advice on which you should solely rely.
We will not be liable to you for our failure to find, fix and monitor dependencies, or for any damage or loss suffered as a result of a fix deployed, in such circumstances, or as further set out in clause 11.
6. Accessing the Services
You acknowledge that the extent of your use of the Services will depend on your subscription plan, and you further agree to only use the Services within the limits of such subscription plan. The default subscription plan is the ‘Free Plan’. Details about the Services available under each subscription plan can be found here: https://snyk.io/plans. If, at any time whilst using the Services, you exceed the limit of your subscription plan, we will charge you, and you will pay, the relevant fees which apply to such excess use as set out above. We will use our reasonable endeavours to notify you when the limit is close to being exceeded; however, we accept no liability for failure to do this. You are solely responsible for monitoring your use of the Services within the permitted limits.
Whilst we will make reasonable efforts to ensure the Services are operational 24 hours a day, 7 days a week, we do not guarantee that the Services will always be available or be uninterrupted. In particular, but without limitation:
- Maintenance Services: The Services will not be available to you when we carry out maintenance services. We will endeavour to carry out these services outside of normal business hours (being 9:00am to 5:00pm UK time) and to give you at least three hours’ notice in writing (via email where possible); however you acknowledge that this may not be possible in cases of urgency.
- Communication networks: The Services may be subject to limitations, delays and other problems inherent in the use of communication networks and facilities.
We will not be liable to you if the Services are unavailable at any time, or for any period due to an event or cause outside of our control.
We reserve the right to suspend your access to or use of the Services without notice in the event you breach these Terms of Service or if we reasonably suspect that you have breached these Terms of Service.
7. Using the Services
You must not use the Services for any commercial use (other than for internal use within your business), and you must not redistribute or transfer the Services, Documentation or Service Data to any third party or make any part of the Services, Documentation or Service Data available to be accessed, in whole or in part, by any third party.
The licence granted to you to install and make use of the Services, the Documentation, and Service Data, does not permit you to do, and you shall not do nor permit any third party to do, any of the following:
- Embed our Services, Documentation, or Service Data into any product of yours or any third party;
- Make available through automated or manual means any part of the Services, the Documentation, or the Service Data, by way of crawling, scraping, spidering or otherwise;
- Copy or access all or any part of the Services, the Documentation, or the Service Data other than via the interface(s) provided to you by us;
- Use web-crawlers, bots, or scripts to copy or access any part of the Services, the Documentation or the Service Data;
- Circumvent or attempt to override any security features we have installed around the Services, the Documentation, or the Service Data; or
- Copy in part or in whole, our database of vulnerabilities.
A breach of the Acceptable Use Policy will constitute a breach of these Terms of Service, and may result in termination or suspension of your account in accordance with these Terms of Service.
If you choose a paid-subscription plan, you agree to pay us fees in accordance with the relevant pricing plan. Details of those fees are set out on our Pricing Page at https://snyk.io/plans (which do not include VAT).
Depending on the pricing plan chosen by you, our third party payment processor will (and you hereby authorise it to) bill your payment card for the applicable fee in advance on or shortly after the date you subscribe for a paid plan and each month or anniversary thereafter, until terminated by you or us. The fees are non-refundable, except as expressly stated otherwise in these Terms of Service.
If you move to a higher tier of a paid plan, the change will take effect immediately and we will charge you for the additional fees associated with the new paid plan on a pro-rata basis. If you move to a lower tier of a paid plan, the change will take effect in the next billing cycle. You acknowledge that you will not receive a refund for the then-current billing cycle if you move to a lower tier of a paid plan, or to a non-payment subscription plan.
We reserve the right not to provide you with the Services until the relevant fee has been received in full and cleared funds.
We also reserve the right to change our fees or payment plans at any time. If you do not agree to such change, you must ask us to delete your account via email to firstname.lastname@example.org and stop using the Services within 30 days of the date the new fee or payment plan becomes effective, at which point these Terms of Service will be deemed to have been terminated by you. We will only charge you in respect of the period before termination and based on the old fee or payment plan. If you do agree to such change (which will be deemed from your continued use of the Services after the date the new fee or payment plan becomes effective), your next bill will include the new fees on a pro rata basis.
9. Project Data and Rights you give us
We claim no intellectual property rights in and to your applications, project or any material you provide or otherwise transmit to us via the Service.
However, to enable your use of the Services, we do need to inspect portions of your project and send parts of it to our servers. This information includes, but is not limited to, information relating to the project (such as the project name and metadata), information relating to the dependencies, including open source and closed source but locally available to our tool, being used and how they are referenced by the project, Snyk-related files and environmental information (“Project Information”). We may also collect Project Information for each of the project’s dependencies (“Dependency Information”). For these purposes, we require, and you hereby grant us, a worldwide, non-exclusive, royalty free licence to store, use, reproduce, display and transmit the Project Information, the Dependency Information and any other materials transmitted via the Service to the extent necessary to enable your use of the Services, including monitoring services. This licence shall remain in effect until and unless these Terms of Service are terminated by you or us.
In addition to the rights granted to us above, we also require, and you hereby grant to us, a licence to store, use, reproduce, display and transmit the Project Information, the Dependency Information and any other materials transmitted via the Service for analytical purposes (for example, so that we can see what stage the project was in when it was deleted) and to improve our Services. This licence shall remain in effect unless and until you email us at email@example.com and expressly ask us to delete such data from our database. For the avoidance of doubt, this licence will not end upon termination of these Terms of Service or where you delete the relevant project on the project page of the Platform.
10. Usage Data Analysis
Our CLI tool reports to us an event for each command you issue, including, but not limited to, the version of the CLI tool, the versions of surrounding tools such as node and npm, the Snyk User and organization ID, the arguments and inputs provided to the CLI, and details about duration, success and failure of CLI actions. This information is used by us for analytical purposes and to improve our Services. It allows us to better understand how the CLI too is used, and informs our product development decisions.
If you would like to opt out of this, you can do so by setting the
disable-analytics configuration item, as explained in our FAQ page at https://snyk.io/docs/faqs/#using-snyk.
11. Limitation of Liability
You agree to the following limitations on our liability to you:
- Exclusion of certain losses: We shall not be liable to you for any loss of profits, business, anticipated savings, goodwill or business opportunity, business interruption, loss or corruption of data or information, or for any special, indirect or consequential loss or damage, howsoever arising under these Terms of Service; and
- Cap on liability: Our maximum aggregate liability to you in contract, tort (including negligence or breach of statutory duty), misrepresentation, restitution or otherwise, arising in connection with the performance or contemplated performance of these Terms of Service shall be limited to the higher of either: i) the total amount paid to us in the 12 month period preceding the date on which the claim arose; or ii) £100.
Further, due to the nature of the Services, we do not take responsibility for any damage caused by errors or omissions in any content or omissions in any information, instructions or scripts provided by you to us in connection with the Services, or any action taken by us (or not taken by us) at your direction.
Nothing in these Terms of Service shall exclude either party’s liability for death or personal injury caused by negligence, fraud or fraudulent misrepresentation or any other liability that cannot be excluded or limited by law.
All warranties, conditions, representations or other terms implied by statute or common law in relation to the Services, Documentation, the Service Data and the Platform provided by us are excluded to the fullest extent permitted by law.
You shall defend, indemnify and hold harmless Snyk against claims, actions, proceedings, losses, damages, expenses and costs (including without limitation court costs and reasonable legal fees) arising out of or in connection with your use of the Services, Documentation, Service Data or Platform in breach of these Terms of Service or other agreements referred to in these Terms of Service (including, but not limited to, the acceptable use policy https://snyk.io/policies#acceptable-use-policy).
You may terminate these Terms of Service with us at any time, for any reason, by asking us to delete your account via email to firstname.lastname@example.org (as applicable) and ceasing all use of the Services, Documentation and Service Data.
We may terminate these Terms of Service with you immediately, without notice, in the event you commit a material or persistent breach of these Terms of Service (including the Acceptable Use Policy), the Services are discontinued, we lose the right to provide you with the Services, or where the provision of the Services becomes unlawful.
- all rights granted to you under these Terms of Service, including the licence in clause 4, shall cease;
- you must cease all activities authorised by these Terms of Service, including use of the Services, Documentation and Service Data;
- all fees payable to us under these Terms of Service shall become due and shall be billed immediately, despite any other provision; and
- you must immediately uninstall, delete or remove from all computer equipment in your possession or control, and destroy or return to us all copies of, any software used in the provision of the Services including our CLI tool.
14. Other important terms
Assignment and other dealings: You may not assign, transfer, sub-licence or deal in any other manner with any or all of your rights under these Terms of Service, without our prior written consent.
Waiver: A waiver of any right or remedy under these Terms of Service or by law is only effective if given in writing and shall not be deemed a waiver of any subsequent breach or default. A failure or delay by a party to exercise any right or remedy provided under these Terms of Service or by law shall not constitute a waiver of that or any other right or remedy, nor shall it prevent or restrict any further exercise of that or any other right or remedy.
Severance: If any provision or part-provision of these Terms of Service is or becomes invalid, illegal or unenforceable, it shall be deemed modified to the minimum extent necessary to make it valid, legal and enforceable. If such modification is not possible, the relevant provision or part-provision shall be deemed deleted. Any such modification to or deletion of a provision or part-provision shall not affect the validity and enforceability of the rest of these Terms of Service.
Relationship: Nothing in these Terms of Service is intended to, or shall be deemed to, establish any partnership or joint venture between any of the parties or constitute any party the agent of another party.
Third Party Rights: No one other than a party to these Terms of Service, their successors and permitted assignees, shall have any right to enforce any of its terms.
Entire Agreement: these Terms of Service, and all documents referred to in them, constitute the entire agreement between the parties and supersedes and extinguishes all previous agreements, promises, assurances, warranties, representations and understandings between them, whether written or oral, relating to its subject matter.
Jurisdiction/ Governing Law: These Terms of Service, its subject matter and its formation (and any non-contractual disputes or claims) are governed by English law. We both agree to the exclusive jurisdiction of the courts of England and Wales.
To contact us, or if you are experiencing problems with the Services, please email email@example.com
Acceptable use policy
Dated: 23rd June 2016
This acceptable use policy sets out the terms between you and us under which you may use any of our Services, the Documentation and/or the Service Data (as defined in the Terms of Service https://snyk.io/policies/, which this acceptable use policy forms part of).
You may not use the Services:
(a) in any way that breaches any applicable local, national or international law or regulation;
(b) in any way that is unlawful or fraudulent, or has any unlawful or fraudulent purpose or effect;
(c) for the purpose of harming or attempting to harm minors in any way;
(d) to send, knowingly receive, upload, download, use or re-use any material which does not comply with our content standards (see below);
(e) to transmit, or procure the sending of, any unsolicited or unauthorised advertising or promotional material or any other form of similar solicitation (spam); and/or
(f) to knowingly transmit any data, send or upload any material that contains viruses, Trojan horses, worms, time-bombs, keystroke loggers, spyware, adware or any other harmful programs or similar computer code designed to adversely affect the operation of any computer software or hardware.
You also agree not to:
(a) except as may be otherwise permitted in the Terms of Service or allowed by any applicable law which is incapable of exclusion by agreement between the parties:
(i) duplicate, copy, create derivative works from, frame, mirror, republish, download, display, transmit or distribute all or any portion of the software used in the provision of the Services, or the Documentation or any Service Data in any form by any means;
(ii) reverse compile, disassemble, reverse engineer or otherwise reduce to human-perceivable form all or any part of the software used in the provision of the Services.
(b)access without authority, interfere with, manipulate, damage or disrupt all or any part of the Services or any equipment or network owned or used by any third party, or assist any third party in doing such acts;
(c) use the Services, the Documentation and/or the Service Data to provide services to third parties, and in particular, not to use the Services, the Documentation and/or the Service Data in respect of any project that is not owned or used by you;
(d) licence, sell, transfer, assign, distribute, display, disclose or otherwise commercial exploit the Services, Documentation and/or the Service Data, or otherwise make the Services, Documentation and/or the Service Data available to any third party.
If you wish to make use of the Services, the Documentation and/or the Service Data for the purposes prohibited in paragraphs (c) and/or (d) above, please email us at firstname.lastname@example.org so that we can discuss a different licence with you.
These content standards apply to any and all material which you provide to Snyk or otherwise give Snyk access to (“Materials”). The standards apply to each part of any Materials as well as to its whole.
(a) be accurate (where they state facts);
(b) be genuinely held (where they state opinions); and/or
(c) comply with applicable law in the UK and in any country from which they are posted.
Materials must not:
(a) contain any material which is defamatory of any person, obscene, offensive, hateful or inflammatory;
(b) promote sexually explicit material, violence or discrimination based on race, sex, religion, nationality, disability, sexual orientation or age;
(c) infringe any copyright, database right or trade mark of any other person;
(d) be likely to deceive any person;
(e) be made in breach of any legal duty owed to a third party, such as a contractual duty or a duty of confidence;
(f) be threatening, abuse or invade another’s privacy, or cause annoyance, inconvenience or needless anxiety;
(g) be likely to harass, upset, embarrass, alarm or annoy any other person;
(h) be used to impersonate any person, or to misrepresent your identity or affiliation with any person;
(i) give the impression that they emanate from us, if this is not the case; and/or
(j) advocate, promote or assist any unlawful act or illegal activity such as (by way of example only) copyright infringement or computer misuse.
If you disclose security vulnerabilities to us, you must do so by emailing us at email@example.com and not by posting to the snyk.io website.
Changes to the acceptable use policy
We may revise this acceptable use policy at any time by amending this page. Where appropriate (for example, where the changes limit your rights or increase your obligations), we will also give you notice of the changes by sending you an email – where possible, a reasonable time in advance. If you are using the Services as an anonymous user (and therefore on a session by session basis), the version of this policy which is in force at the beginning of a particular session will apply to your use of the Services during that particular session. We will not notify you of changes.
Please check this page from time to time and give careful consideration to any emails we send you, as the changes to the policy will be binding on you.
Dated: 23rd June 2016
Please read this policy carefully before using our website.
This policy (together with our Terms of Service https://snyk.io/policies/ or any other SAAS agreement that we have entered into with you, and any other documents referred to in them) sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. Please read the following carefully to understand the types of information we collect from you, how we use that information and the circumstances under which we will share it with third parties.
By visiting our website https://snyk.io or installing our CLI tool (together, the “Platform”) you are accepting and consenting to the practices described in this policy.
For the purpose of the relevant data protection legislation, the data controller is Snyk Limited of 87 Lavender Sweep, London, SW11 1EA, UK (“Snyk”, “us”, “our” or “we”). Our ICO Registration Number is: ZA232876.
Please note that this policy does not apply to, or limit, our use or disclosure of non-personal information (i.e. information which is not relevant to you or able to identify you) we may collect from you via your use of the Platform.
Information we may collect from you
We may collect and process the following data about you:
- Information you give us. You may give us information about you by filling in forms on our Platform or by corresponding with us by phone, e-mail or otherwise. This includes (but is not limited to) information you provide when you use our service and when you report a problem with our Platform or the services available on it. The information you give us will depend on the circumstances but, as you are giving it to us, you will always know what information we are receiving.
Please note that we do not collect payment information from you. This will be collected directly from you by our third party payment processor.
- Information we collect about you. With regard to each of your visits to our Platform we may automatically collect the following information:
- technical information, including the Internet protocol (IP) address used to connect your computer to the Internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform; and
- information about your visit, including the full Uniform Resource Locators (URL) clickstream to, through and from our Platform (including date and time); what you viewed or searched for; page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouseovers), and methods used to browse away from the page and any phone number used to call our customer service number.
- Information we receive from other sources. We may receive information from the third party authentication provider about you, including your GitHub user name and your email address. We are also working closely with other third parties (including, for example, business partners, service providers, sub-contractors in technical and payment services, advertising networks, analytics providers, search information providers) and may receive information about you from them.
Uses made of the information
We use information held about you in the following ways:
- to carry out our obligations arising from any contracts entered into between you and us (including the Terms of Service https://snyk.io/policies/) and to provide you with the information, products and services that you request from us;
- to provide you with information about other goods and services we offer that are similar to those that you have already purchased or enquired about;
- to provide you with information about goods or services we feel may interest you;
- to notify you about changes to our services;
- to administer our Platform and our services and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
- to improve our Platform and our services and to ensure that content is presented in the most effective manner for you and for your computer or mobile device; and
- as part of our efforts to keep our Platform safe and secure.
Disclosure of your information
We may share your information with the following, selected third parties:
- business partners service providers and sub-contractors for the performance of any contract we enter into with them or you;
- analytics and search engine providers that assist us in the improvement and optimisation of our Platform.
We may disclose your personal information to certain third parties in the following circumstances:
- in the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets;
- if Snyk or substantially all of its assets are acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets;or
- if we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply the Customer Agreement and any other documents referred to on it; or to protect the rights, property, or safety of Snyk, our users, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.
Where we store your personal data
All information you provide to us is stored on our secure servers. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our Platform, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our Platform; any transmission is at your own risk. Once we have received your information, we use strict procedures and security features to try to prevent unauthorised access.
You have the right to ask us not to process your personal data for marketing purposes. We will usually inform you (before collecting your data) if we intend to use your data for such purposes or if we intend to disclose your information to any third party for such purposes. You can exercise your right to prevent such processing by checking certain boxes on the forms we use to collect your data. You can also exercise the right at any time by contacting us at firstname.lastname@example.org.
Third Party Platforms
Our Platform may, from time to time, contain links to and from the websites operated by third parties. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
Access to information
Depending on applicable laws, you may have the right to access information held about you. Your right of access can be exercised in accordance with the relevant data protection legislation. Any access request may be subject to a fee to meet our costs in providing you with details of the information we hold about you.