SNYK TERMS OF SERVICE

Please read these terms of service (“Agreement”) carefully before accessing and using the Services. In order to assist you in understanding this Agreement, we have defined words which have particular meanings in Schedule 1 below. The words in Schedule 1 will, unless otherwise required by the context, bear the same meaning throughout this Agreement.  

By clicking the word “<AGREE>” at the end of this Agreement or any similar acceptance text on Snyk’s website, or by signing an Order Form which references this Agreement, you agree to this Agreement in its entirety. When you agree to this Agreement, you will be requesting that Snyk grant you access to the Services, and upon Snyk’s acceptance of your request (“Commencement Date”), Snyk will allow you to access and use the Services pursuant to the terms and conditions recorded in this Agreement. If you agree to this Agreement on behalf of a company or any other legal entity: (i) you warrant and represent that you are duly authorised to act on behalf of and to agree to this Agreement on behalf of such company or other entity; and (ii) you acknowledge that such company or other entity shall be legally bound by this Agreement. If you do not have the authority or capacity to enter into this Agreement, are under 18 years of age, or do not agree to any of the terms set forth in this Agreement, you must not agree to this Agreement and you must not access the Services.

For the avoidance of doubt, this Agreement will apply to your use of and access to the Services, irrespective of whether you subscribe to: (i) a paid version of the Services, whether from Snyk directly, or from a Channel Partner; or (ii) a free trial or evaluation of the Services (“Evaluation”), or a free version of the Services, including your entitlement to use a paid version through the Secure Developer Project available here or through any other open source or related projects offered by Snyk from time to time which permit the free use of a paid version of the Services (“Open Source Projects”), save that Sections 1(b), 3.1(b), 3.2, 6, 8.2, 11.6(a), 11.13 and Schedule 2 shall not apply to the Services described in this (ii). In connection with the Open Source Projects, Snyk may provide you with the Services at no charge, provided that you satisfy the applicable requirements prescribed by Snyk from time to time on its website or otherwise communicated to you.     

If you elect to purchase the Services through a Channel Partner, or through such Channel Partner’s authorized reseller, your payment for the Services will be governed by the terms agreed upon by and between you and such Channel Partner or authorized reseller. Accordingly, Section 6.3 to 6.6 of this Agreement will not apply to your payment obligations for such transactions, and this Agreement will not auto-renew pursuant to Section 10.1(c) below. However, all other provisions of this Agreement remain in effect and will continue to govern your use of the Services.

1. Right to Use

Subject to the Subscription Allocation for the applicable Application(s), Snyk grants you a non-exclusive, non-transferable, non-assignable (subject to Section 11.9), non-sublicensable right to: (a) access and use (and to permit your Users to access and use) the Services, Support, and Documentation during the Term solely for the Permitted Purpose; and (b) use the Service Data for software development and maintenance purposes in conjunction with the Code Asset, subject to Section 10.3(a) (Effects of Termination).

2. Restrictions on Use 

You shall not: (a) use the Services in connection with any Code Asset that is not owned by you or your Affiliates, or that you do not have a right to access or use; (b) upload or input to the Services: (i) any Virus; or, (ii) any material that is illegal or infringes any third-party Intellectual Property Right; (c) upload to the Services, or otherwise make accessible to Snyk, any sensitive data or regulated data (except pursuant to the DPA with respect to non-sensitive Personal Data), such as health or financial information; (d) license, sell, rent, lease, distribute, display, commercially exploit, or otherwise make the Services available to any third party; (e) copy, modify, duplicate, create derivative works from, frame, mirror, republish, download, display, transmit, or distribute all or any portion of the Services; (f) reverse compile, disassemble, reverse engineer, or otherwise reduce to human-perceivable form, all or any part of the Services; (g) circumvent or disable any security or other technological features of the Services; (h) perform any actions that would interfere with the proper working of the Services or prevent access to or use of the Services by Snyk’s other customers; (i) use the Services to perform any benchmarking activities on the Applications or any third-party applications; (j) use the Services to provide business process outsourcing services to third parties (e.g., as a service bureau); (k) remove any proprietary notices or labels from the Services; (l) use the Services and/or Documentation other than in accordance with this Agreement; (m) use or input any data into the Services in breach of: (i) applicable law; or, (ii) license terms or other contractual obligations owing to a third party; (n) access or use the Services if you are a competitor of Snyk, or to develop or sell a competing product or service, or for purposes that are competitive with Snyk; or, (o) access or use the Services from any country or region subject to a comprehensive U.S. embargo. A breach of any of the foregoing restrictions is deemed to be a material breach of this Agreement.

3. Obligations, Warranties, and Disclaimers

3.1 General. Snyk shall, subject to the terms of this Agreement: (a) grant you access to the Services; (b) provide the Services in accordance with Schedule 2 (“SLA”); and (c) provide the level of Support set forth on the applicable Order Form or Service Plan.   

3.2 Performance Warranty. Snyk will make commercially reasonable efforts to ensure that the Services perform substantially in accordance with the Documentation and that all Support will be performed with reasonable skill and care (“Performance Warranty”). If the Services and Support do not conform with the foregoing Performance Warranty, Snyk will, at its expense, use reasonable efforts to promptly correct any such non-conformance. Such correction constitutes your sole and exclusive remedy for any breach of the Performance Warranty, provided that should Snyk fail to cure such non-conformity, you shall be permitted to terminate the applicable Services or Support and receive a pro-rata refund of any pre-paid Subscription Fees for such Services not delivered as of the date of termination. The remedies set forth in this Section 3.2 constitute your sole and exclusive remedy for any breach of the Performance Warranty. Notwithstanding the foregoing, the Performance Warranty does not apply where you subscribe to a free version of the Services, an Evaluation or a paid version of the Services through the Open Source Projects, and Snyk may suspend, limit or throttle such Services at any time where necessary due to the exigencies of its business. 

3.3 Disclaimers. You acknowledge and agree that: (a) the Performance Warranty does not apply to the extent of any non-conformance which is caused by use of the Services by you that is not in accordance with the Documentation; (b) the Services will evolve over time and that functionality may be added and removed from time to time in Snyk’s sole discretion; and (c) your use of the Services may not be uninterrupted or error-free. Snyk specifically does not represent or warrant that: (a) the Services (including suggested Snyk Fixes) will meet your requirements or will be fit for your particular purpose; (b) the Services will be able to find and monitor all Vulnerabilities in all code, configurations or dependencies included in, applicable to, or used by the Code Asset; or (c) Snyk will be able to provide a Snyk Fix for all Vulnerabilities. Snyk will not be liable to you for any ‘false positive’ or ‘false negative’ Vulnerabilities incorrectly identified by the Services or for any damage or loss arising from a Snyk Fix deployed by you.

3.4 Customer Obligations. You are solely responsible for: (a) maintaining the confidentiality of your account credentials and for any beach of this Agreement by any person accessing and using the Services using your account credentials; (b) managing access rights for your Users (where applicable) and removing such access rights from Users who should no longer have access to the Services; (c) any Users’ access and use of the Services not in accordance with this Agreement; (d) ensuring that your network, environment and systems comply with the relevant specifications set out in the Documentation and are secure; (e) ensuring the legality, integrity, and accuracy of Customer Data provided to Snyk; (f) assessing each Vulnerability based on your own circumstances, environment, and risk assessments and accepting or rejecting Snyk Fixes accordingly; (g) setting your own controls, severities, priorities or permissions within the Services; and (h) where you subscribe to the Services for an Evaluation: (i) the consequences of your use of (or inability to use) the Services, and for any liability of any kind whatsoever arising out of or in relation to your use of (or inability to use) the Services; and (ii) taking appropriate measures to back up and make any required copies of Customer Data and to comply with Section 10 (Termination), and Snyk shall not be obliged to provide to you any assistance in extracting, transferring or recovering any data whether during or after the Evaluation Period. You also agree to comply with all laws, rules, and regulations applicable to your business and performance under this Agreement, including to the extent applicable, the UK Modern Slavery Act 2015 and other human rights and sanctions laws.  

3.5 Third Party Features. The Services may contain features designed to interoperate with applications or services separately provided to you by third parties, such as source code management services or other security scanning platforms or applications. Any operation or transaction completed via any third-party website, system, platform, or application is between you and the relevant third party, and is at your own risk. Snyk cannot guarantee the continued availability of such features; accordingly, Snyk may cease providing interoperability with them at any time, including if the relevant third-party ceases to make its application or service available for interoperation with the Services or changes the way it does so in a way that is not reasonably acceptable to Snyk. 

3.6 Beta Services. From time to time, Snyk may make Beta Services available to you at no charge. Beta Services are made available “AS IS”, Snyk makes no representations or warranties of any kind, whether express, implied, statutory, or otherwise regarding Beta Services, and Snyk shall have no liability of any kind arising out of or in connection with Beta Services. You may choose to try such Beta Services in your sole discretion. Snyk may discontinue Beta Services at any time in its sole discretion and may never make them generally available. 

3.7 Specific Terms. Certain Applications and Tools have specific terms associated with their use as follows: 

(a) Snyk Tools. The Tools are intended to be used as an interface between the Services and an external application or repository operated and controlled by you. You may access and use the Tools solely to enable your use of the Applications as permitted under this Agreement. Snyk may rate-limit, throttle or otherwise restrict usage of the Tools to prevent what it considers (in its absolute discretion) to be abuse, security issues, or excessive use. Snyk will use reasonable endeavours when applying such restriction(s) to return a descriptive error message. No warranty or representation is made as to its compatibility with any software or technical protocols or standards.

(b) Snyk API & Web. Snyk API & Web (“SAW”) is a web application vulnerability scanner cloud-based solution that has been designed to operate against web applications where connectivity exists between Snyk's servers and the server hosting the web application being tested. The following additional terms apply to your access to and use of SAW: (i) you shall not, and shall not encourage or assist any third party to, access or use SAW in any manner intended to improperly avoid incurring fees or to exceed usage limits or quotas. If you are purchasing SAW on a self-serve plan, you are not entitled to concurrent scans of the same target or more than sixty (60) scans of the same target on a monthly basis; and (ii) Snyk strongly recommends that you use SAW solely against staging and testing environments and not against production environments. You acknowledge that use of any DAST tool, including SAW, against production environments or live data ("Non-Test Environments") involves inherent risks, and you assume sole responsibility for the appropriate configuration and use of SAW in connection with any such Non-Test Environments.

3.8 Consulting Services. You may opt to purchase à la carte consulting services to be provided on a time and materials basis as mutually agreed upon in a statement of work signed by both parties (“Consulting Services”). The statement of work will describe the scope of the Consulting Services as well as the fees to be paid.  The statement of work may include terms that amend or supplement the terms in this Agreement as those terms specifically apply to Snyk’s or, if applicable, its third-party partners’, delivery of the Consulting Services.

4. Data Processing Addendum, Security Addendum, and security notices

4.1 Privacy Notice. To the extent that Snyk processes Personal Data relating to you (as a data controller, as defined under applicable data protection laws) when performing its obligations under this Agreement, it will do so materially in accordance with its Privacy Notice displayed at https://snyk.io/policies/privacy/. The Privacy Notice does not form part of this Agreement and may be amended by Snyk from time to time. 

4.2 Data Processing Addendum. To the extent that Snyk processes Personal Data on your behalf (as a data processor or sub-processor), as defined under applicable data protection laws) when performing its obligations under this Agreement, the Data Processing Addendum (the “DPA”) displayed at https://snyk.io/policies/dpa/ will apply and form part of this Agreement. 

4.3 Information Security Addendum. Snyk will employ security measures designed to protect Customer Data in accordance with the Snyk Information Security Addendum displayed at https://snyk.io/policies/snyk-security-addendum/.  

4.4 Usage Data. Snyk may (i) collect, analyse and otherwise process Usage Data internally for its business purposes, including for the purposes of security and analytics, to improve and enhance the Services, or for other development, diagnostic and corrective purposes in connection with the Services or other Snyk products or services, and (ii) publicly disclose Usage Data only in an aggregated and/or de-identified form in connection with its business in a manner that does not identify you or any of your Users. For the avoidance of doubt, your Inputs shall not be treated as Usage Data for the purposes of this Agreement, and Inputs remain subject to Section 5.4 (AI Compliance).

4.5 Security Incident and Notification Obligations. In the event of a breach of security resulting in an unauthorized or unlawful destruction, loss, alteration, disclosure of, or access to, Customer Data (including Personal Data, as defined in the DPA) (a “Security Incident”), upon becoming aware of the Security Incident, Snyk will: (i) promptly take reasonable action to mitigate the Security Incident; and, (ii) without undue delay (and in any event within 72 hours), notify you of the Security Incident.  

5. Intellectual Property Rights

5.1 Snyk’s Intellectual Property Rights. As between the parties, all right, title, and interest in and to the Services, Documentation, and Usage Data, including all Intellectual Property Rights therein, are and will remain, with Snyk and/or its licensors. You have no right, license, or authorization with respect to any of the Services except as expressly set out in this Agreement. 

5.2 Your Intellectual Property Rights. As between the parties, you are and will remain the sole and exclusive owner of all right, title, and interest in and to all Customer Data, Code Assets and Outputs, including all Intellectual Property Rights relating thereto, subject to the rights and permissions granted in Section 5.3 (Grant of Rights to Snyk).

5.3 Grant of Rights to Snyk. You hereby grant all such rights and permissions in or relating to Customer Data, the Code Asset and Outputs as are necessary to enable Snyk to perform the Services and otherwise exercise its rights and obligations hereunder. All written or oral comments, ideas and suggestions made by you (or your Users) to Snyk regarding the Services, Support, or Beta Services (including regarding product experience, functionality, performance, accuracy, consistency, and ease of use of the same) (“Feedback”) may be freely utilized by Snyk without attribution or compensation of any kind to you.  You hereby irrevocably transfer and assign to Snyk all Intellectual Property Rights embodied in, or arising in connection with, such Feedback. 

5.4 AI Compliance. Snyk may use AI Models in the provision of the Services. Snyk will not use (or permit any of its Affiliates, sub-processors, or other third parties to use) any Inputs to train, enhance or improve any AI Models incorporated within the Services and more fully described in the Documentation.  Snyk aligns its AI compliance program to industry standards and the principles of transparency, data governance, risk management, human oversight, and accountability, as follows: (a) Snyk will make available documentation describing the general nature and intended purpose of its AI Models used in the Services upon reasonable written request; (b)  Snyk implements technical and organizational measures designed to promote data quality, security, and integrity in connection with its AI Models; (c) Snyk maintains processes designed to identify, assess, and mitigate risks associated with its use of AI Models in the Services; (d) Snyk implements its AI Models to support, not replace, human decision-making, and encourages you to implement appropriate human review of AI-generated outputs; and (e) Snyk maintains internal governance structures to oversee the development and deployment of  its AI Models. The parties acknowledge and agree that the Services fundamentally process Code Assets, and are Personal Data agnostic; accordingly Snyk does not specifically orient its AI Model compliance program around bias or discrimination concerning natural persons.

6. Subscription Fees

6.1 Subscription Fees and Audit. You agree to pay the Subscription Fees (if any) due for the duration of the Term. All Subscription Fees are non-cancellable and non-refundable unless otherwise set out in this Agreement. Snyk verifies its customers’ use of the Services on a quarterly basis to ensure compliance with the Subscription Allocation. In the event such verification reveals that your use of the Services exceeds the Subscription Allocation, you must reduce your usage of the Services to the amounts set out in the Subscription Allocation within 30 days of becoming aware of the overage, failing which, Snyk (or its Channel Partner, where applicable) may invoice you for the associated additional Subscription Fees at its then current rates for the remainder of the then-current Term. If you purchase additional Subscription Allocations or move to a higher tier Service Plan during the Term, Subscription Fees shall be pro-rated for the remainder of the then-current Term. You may not downgrade your Subscription Allocation or move to a lower tier of any Service Plan during the term of this Agreement. 

6.2 Credits. If you purchase any Services under a credit model, such as Snyk Platform Credits (“Credits”), those Credits form part of your Subscription Allocation. Credits may be applied for various Services. When Credits are applied, the number of Credits required to redeem a Service shall be deducted from your Credit balance. Unless otherwise stated on an applicable Order Form, all Credits must be used within the term of such Order Form, after which any unused Credits will expire and cannot be redeemed, refunded, or credited.  Credits are not redeemable for cash and are non-transferable. Upon exhaustion of your Credits, you agree to engage in good faith negotiations with Snyk to purchase additional credits and otherwise true-up your consumption within 30 days.  

6.3 Billing. Depending on whether you subscribe to the Services on an Order Form or Service Plan, the billing frequency and payment terms applicable to you shall be as follows:

(a) Order Form: Where you subscribe to the Services on an Order Form, Snyk will invoice you in accordance with the billing frequency and payment terms on the Order Form and you will pay each invoice per such terms. If billing frequency and payment terms are omitted from the Order Form, the default billing frequency is annual and the payment term is net 30 from the date of the invoice; or 

(b) Service Plan: Where you subscribe to the Services through a Service Plan, Snyk and/or its third party payment processor will (and you hereby authorise it to) bill your payment card for the applicable Subscription Fee. You will be billed the applicable Subscription Fee in advance on or shortly after the date you select the Service Plan and on each month or anniversary thereafter, until this Agreement and/or the Services are terminated by you or Snyk in accordance with this Agreement. Snyk reserves the right to change the Subscription Fees applicable to its Service Plans at any time. If you do not agree to such change, you must delete your account by means of the Service, or by contacting Snyk’s support team for deletion assistance and stop using the Services, at which point, this Agreement will be deemed to have been terminated by you at the end of your then current billing period. Snyk will only charge you in respect of the period before termination based on the previously agreed Subscription Fee, and will not be required to refund any Subscription Fees to you. If you do agree to such change (which will be deemed from your continued use of the Services after the date the new Subscription Fee becomes effective), your next bill will include the new Subscription Fees on a pro rata basis.

6.4 Late Payments. If Snyk has not received timely payment of invoices or other amounts payable (including, where applicable, in the event of Credit over-consumption following the 30 day good faith negotiation period), Snyk may notify you of the default and, without prejudice to any other rights and remedies of Snyk, Snyk may disable your access to all or part of the Services if payment has not been made by you or by the Channel Partner (as applicable) within 10 Business Days of the date of the notice of default.

6.5 Committed Subscription Fees and Taxes. All Subscription Fees are payable in US Dollars and exclusive of any applicable taxes.  You are required to pay and bear any sales, use, value-added, goods and services, withholding, or similar taxes or duties, whether domestic or foreign, related to the transactions under this Agreement, other than taxes based on the income of Snyk. You will pay all amounts due under this Agreement in full without any set-off, counterclaim, deduction or withholding. If withholding is required under the laws of any relevant tax jurisdiction, withholding will be applied at the lowest applicable rate including the reduced rate of withholding under any tax treaty. You will also provide Snyk with a copy of the withholding tax certificate or other applicable documentation as proof of payment.

6.6 Renewal Subscription Fee Increases. Unless otherwise set forth in the Service Plan or the Order Form (whichever is applicable), if your subscription to the Services auto-renews pursuant to Section 10.1 below, Snyk may increase the Subscription Fees for each Renewal Term by no more than 5% over the prior year’s Subscription Fees rate for the applicable Services.

7. Confidentiality

7.1 Each party (“Recipient”) will be given access to Confidential Information from the other party (“Discloser”) to perform its obligations under this Agreement. A party's Confidential Information shall not be deemed to include information that: (a) is or becomes publicly known other than through any act or omission of the Recipient; (b) was in the Recipient's lawful possession before the disclosure; (c) is lawfully disclosed to the Recipient by a third party without restriction on disclosure; or, (d) is independently developed by the Recipient without reference to, or reliance on, the Confidential Information of the Discloser, which independent development can be shown by written evidence. Your Confidential Information includes Customer Data, Code Assets and Outputs. Snyk’s Confidential Information includes the Services, Service Data, product roadmaps, pricing, and the results of any performance tests of the Services. The terms of this Agreement are confidential to both parties.

7.2 Each Recipient may disclose Confidential Information to the extent necessary to comply with applicable law or a court order, provided that prior to any such disclosure, the Recipient will, to the extent legally permissible, provide to the Discloser notice of such request and use reasonable efforts to ensure that all Confidential Information so disclosed is treated confidentially.

7.3 Each Recipient will hold the Discloser’s Confidential Information in confidence and, unless required by law and disclosed pursuant to Section 7.2, not make the Discloser's Confidential Information available to any third party or use the Discloser’s Confidential Information for any purpose other than as set out in this Agreement.  The foregoing will not apply with respect to any Confidential Information three (3) years after the termination or expiration of this Agreement (or, with respect to trade secrets, once such Confidential Information no longer constitutes a trade secret under applicable law).

7.4 Notwithstanding any provision of this Agreement, Recipient may disclose Discloser’s Confidential Information, in whole or in part (i) to its employees, officers, directors, consultants and professional advisers (e.g., attorneys, auditors, financial advisors, accountants and other professional representatives, collectively, with the foregoing, “Personnel”) who have a need to know and are legally bound to keep such Confidential Information confidential by confidentiality obligations, or, in the case of professional advisors, are bound by ethical duties, to keep such Confidential Information confidential consistent with the terms of this Agreement.  Recipient is responsible and liable for its Personnels’ compliance with this Section 7, as if their actions or inactions were an action or inaction of Recipient.  

8. Indemnity

8.1 Your Indemnity. You shall defend and indemnify Snyk, its Affiliates, and each of its and their officers, directors, employees, consultants, agents, successors and assigns from and against all Losses incurred from a third-party claim arising out of your: (a) fraud, gross negligence, or wilful misconduct; or, (b) breach of Section 2 (Restrictions on Use).

8.2 Snyk Indemnity. Snyk shall defend and indemnify you, your Affiliates, and each of your and their officers, directors, employees, consultants, agents, successors and permitted assigns, from and against all Losses incurred from a third-party claim that the Services infringe such third party’s Intellectual Property Rights.

8.3 Indemnification Procedure.  Each party will promptly notify the other party in writing of any claim for which such party believes it is entitled to be indemnified pursuant to this Section 8. The party seeking indemnification (the "Indemnitee") shall cooperate with the other party (the "Indemnitor") at the Indemnitor's sole cost and expense. The Indemnitor shall promptly assume control of the defense and shall employ counsel to handle and defend the same, at the Indemnitor's sole cost and expense. The Indemnitee shall not at any time admit liability or otherwise settle or compromise or attempt to settle or compromise the said claim or action except upon the express instructions of the Indemnitor.  The Indemnitee may participate in and observe the proceedings at its own cost and expense with counsel of its own choosing. Neither party may settle a claim that results in liability or admission of liability by the Indemnitee without the Indemnitee’s written consent, which shall not be unreasonably withheld or delayed. The Indemnitee's failure to perform any obligations under this Section 8.3 will not relieve the Indemnitor of its indemnification obligations, except to the extent that the Indemnitor can demonstrate that it has been materially prejudiced because of such failure.

8.4 Mitigation. If any of the Services are, or in Snyk’s reasonable opinion are likely to be, claimed to infringe, misappropriate, or otherwise violate any third-party Intellectual Property Right, or if your use of the Services is enjoined or threatened to be enjoined, Snyk may, at its option and sole cost and expense: (a) obtain the right for you to continue to use the Services materially as contemplated by this Agreement; (b) modify or replace the Services, in whole or in part, to seek to make the Services (as so modified or replaced) non-infringing, while providing materially equivalent features and functionality, in which case such modifications or replacements will constitute Services under this Agreement; or, (c) by written notice to you, terminate this Agreement and require you to immediately cease any use of the Services, provided that you will be entitled to a refund of any pre-paid Subscription Fees for Services not delivered as of the termination date.

8.5 Exclusions.  In no event shall Snyk, its Affiliates, and each of their employees, agents and sub-contractors have any liability or obligation under Section 8.2 to the extent the claim arises out of or relates to: (a) a modification of the Services by you; (b) any breach of your obligations under this Agreement or your use of the Services in a manner contrary to the Documentation; (c) your use of the Services in combination with other products, services, data, or processes not recommended or provided by Snyk, where the alleged infringement would not have occurred in the absence of such use; (d) your use of the Services after notice of the alleged or actual infringement from Snyk or any appropriate authority; or, (e) any Customer Data or your implementation of Snyk Fixes.

8.6 Exclusive Remedy. THIS SECTION 8 SETS FORTH YOUR SOLE REMEDIES AND SNYK'S SOLE LIABILITY AND OBLIGATION FOR ANY ACTUAL, THREATENED, OR ALLEGED CLAIMS THAT THE SERVICES INFRINGE, MISAPPROPRIATE, OR OTHERWISE VIOLATE ANY INTELLECTUAL PROPERTY RIGHTS OF ANY THIRD PARTY.     

9. Limitation of liability

9.1 EXCLUSIONS FROM LIABILITY. EXCEPT AS EXPRESSLY PROVIDED IN THIS AGREEMENT: (A) SNYK SHALL HAVE NO LIABILITY FOR ANY LOSS OR DAMAGE CAUSED BY ERRORS OR OMISSIONS IN ANY INFORMATION, INSTRUCTIONS OR SCRIPTS PROVIDED TO SNYK BY YOU IN CONNECTION WITH THE SERVICES, OR ANY ACTIONS TAKEN BY SNYK AT YOUR DIRECTION; (B) ALL WARRANTIES, REPRESENTATIONS, CONDITIONS AND ALL OTHER TERMS OF ANY KIND WHATSOEVER, EXPRESS OR IMPLIED BY STATUTE OR COMMON LAW ARE, TO THE FULLEST EXTENT PERMITTED BY APPLICABLE LAW, EXCLUDED FROM THIS AGREEMENT; AND, (C) THE SERVICES ARE PROVIDED TO YOU ON AN "AS IS" BASIS.  

9.2 EXCLUSION OF DAMAGES. TO THE FULLEST EXTENT PERMITTED BY APPLICABLE LAW, IN NO EVENT WILL EITHER PARTY BE LIABLE UNDER THIS AGREEMENT UNDER ANY LEGAL OR EQUITABLE THEORY, INCLUDING BREACH OF CONTRACT, TORT (INCLUDING NEGLIGENCE), STRICT LIABILITY, AND OTHERWISE, FOR ANY CONSEQUENTIAL, INCIDENTAL, INDIRECT, EXEMPLARY, SPECIAL, ENHANCED, OR PUNITIVE DAMAGES REGARDLESS OF WHETHER SUCH DAMAGE WAS FORESEEABLE AND WHETHER EITHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

9.3 LIMITATION ON MONETARY LIABILITY. EXCEPT AS OTHERWISE PROVIDED IN SECTION 9.4, IN NO EVENT WILL THE AGGREGATE LIABILITY OF EITHER PARTY ARISING OUT OF OR RELATED TO THIS AGREEMENT, WHETHER ARISING UNDER OR RELATED TO BREACH OF CONTRACT, TORT (INCLUDING NEGLIGENCE), STRICT LIABILITY, OR ANY OTHER LEGAL OR EQUITABLE THEORY, EXCEED THE GREATER OF: (A) 100 USD; OR (B) THE TOTAL SUBSCRIPTION FEES PAID OR PAYABLE BY YOU UNDER THIS AGREEMENT FOR THE 12 MONTH PERIOD PRECEDING THE EVENT GIVING RISE TO THE CLAIM. THE FOREGOING LIMITATIONS APPLY EVEN IF ANY REMEDY FAILS OF ITS ESSENTIAL PURPOSE. 

9.4 EXCEPTIONS. THE LIMITATION ON MONETARY LIABILITY SET FORTH ABOVE SHALL NOT APPLY TO: (A) A PARTY’S INDEMNIFICATION OBLIGATIONS UNDER SECTION 8; (B) A PARTY’S FRAUD, GROSS NEGLIGENCE OR WILFUL MISCONDUCT; (C) LOSSES FOR DEATH OR BODILY INJURY; OR (D) LIABILITY WHICH CANNOT BE EXCLUDED OR LIMITED BY APPLICABLE LAW. EACH PROVISION OF THIS AGREEMENT THAT PROVIDES FOR A LIMITATION OF LIABILITY, DISCLAIMER OF WARRANTIES, OR EXCLUSION OF DAMAGES IS TO ALLOCATE THE RISKS OF THIS AGREEMENT BETWEEN THE PARTIES. THIS ALLOCATION IS REFLECTED IN THE PRICING OFFERED BY SNYK TO YOU AND IS AN ESSENTIAL ELEMENT OF THE BASIS OF THE BARGAIN BETWEEN THE PARTIES. THE LIMITATIONS IN THIS SECTION 9 (LIMITATION OF LIABILITY) WILL APPLY NOTWITHSTANDING THE FAILURE OF ESSENTIAL PURPOSE OF ANY LIMITED REMEDY IN THIS AGREEMENT

10. Term and termination

10.1 Term. The term of this Agreement is determined by whether you subscribe to a free version of the Services, an Evaluation, or a paid version of the Services. In each case, this Agreement shall commence on the Commencement Date and shall endure for the duration set forth in (a), (b) or (c) below: 

(a) Free Version of Services (including Open Source Projects): This Agreement will endure until it is terminated by either party as follows: (i) by Snyk at any time and for any reason, including without notice to you; or (ii) by you at any time by deleting your organization and projects in accordance with Section 10.3(b). Additionally, Snyk reserves the right to terminate this Agreement pursuant to Section 10.1(a)(i) and/or to delete your data at its discretion without prior notice. Examples of when this might occur include prolonged account inactivity, violation of our terms, or system maintenance needs;

(b) Evaluations: This Agreement will, unless otherwise terminated early as provided herein, endure until the earlier of: (i) the expiry of the Evaluation Period; or (ii) the termination of this Agreement by Snyk by providing 3 calendar days’ notice to you, where Snyk reasonably believes that the Services or Documentation are not being used in accordance with this Agreement, or are being accessed in a way that interferes with the normal operation of the Service; or

(c) Paid Version of Services: This Agreement will, unless otherwise terminated early as provided herein, endure for the term recorded in the Order Form or Service Plan (whichever is applicable). Unless otherwise terminated in accordance with the terms of this Agreement, the term of an initial Order Form or Service Plan will (unless otherwise specified in the Order Form or Service Plan) be 1 year from the date specified in the Order Form or Service Plan as the start date of your subscription to the Services (the “Initial Term”) and, thereafter, unless either party provides the other party with written notice of non-renewal at least 30 days prior to the end of the then current Term, shall renew automatically for successive 1 year periods (each a “Renewal Term“). The Initial Term together with any Renewal Term(s) shall constitute the Term of the Order Form or Service Plan. For the avoidance of doubt, a valid notice of non-renewal provided by one party to the other in terms of this Section 10.1(c), will result in the termination of the Order Form or Service Plan (whichever is applicable) at the end of its then current Term, and no Subscription Fees shall be refunded to you. 

10.2 Termination.  Without affecting any other right or remedy available to it, including (but not limited to) the rights in Section 10.1, either party may terminate this Agreement, an Order Form and/or the Service Plan with immediate effect by giving written notice to the other party if: (a) the other party commits a material breach of any other term of this Agreement which breach is irremediable or, if such breach is remediable, the breaching party fails to remedy that breach within a period of 30 days after being notified in writing to do; (b) the other party ceases to function as a going concern or to conduct operations in the normal course of business; or, (c) the other party has a petition filed by or against it under any bankruptcy or insolvency laws which petition has not been dismissed or set aside within sixty (60) days of filing.  Snyk may additionally terminate this Agreement upon written notice to you if: (i) you fail to pay any amount due under this Agreement on the due date for payment and remain in default not less than 10 Business Days after being notified in writing to make such payment (though termination does not relieve you of your payment obligation); or (ii) the Channel Partner (if any) fails to pay any amounts due to Snyk with respect to your subscription to the Services. You acknowledge and agree that Snyk shall have no liability of any kind with respect to any such termination, and your sole recourse with respect to any such termination shall be against the Channel Partner.

10.3 Effect of Termination. On termination or expiry of this Agreement and/or an applicable Order Form/Service Plan for any reason:

(a) the rights granted to you under this Agreement, including under Section 1 (Right to Use) shall immediately terminate except that you may continue to use (in accordance with the restrictions on use set out in this Agreement) Service Data and any Snyk intellectual property captured within Outputs provided to you prior to termination or expiry of this Agreement.  You assume sole responsibility and Snyk shall incur no liability risk resulting from any continued use of the Service Data following termination or expiration;

(b) you must promptly delete your organization and projects from the Services by either activating the delete button in the Services or contacting Snyk’s support team for deletion assistance;

(c) you shall immediately uninstall all Tools from all computer equipment in your possession or control and, upon written request from Snyk, will provide satisfactory evidence of the same; and,

(d) any rights, remedies, obligations, or liabilities of the parties that have accrued up to the date of termination or expiry, including the right to claim damages with respect to any breach of this Agreement which existed at or before the date of termination shall not be affected or prejudiced.

11. General

11.1 Interpretation. Headings are for reference only and do not affect the interpretation of this Agreement.  Capitalized terms have the meanings indicated in this Agreement unless the context otherwise requires, which meaning will be equally applicable to both the singular and plural forms of such terms.  The words "include," "includes," and "including" are deemed to be followed by the words "without limitation”.

11.2 Force Majeure.  Snyk shall have no liability to you under this Agreement if it is prevented from or delayed in performing its obligations under this Agreement, or from carrying on its business, by acts, events, omissions or accidents beyond its reasonable control, including, without limitation, strikes, lock-outs or other industrial disputes (whether involving the workforce of Snyk or any other party), epidemic, pandemic, failure of a utility service or transport or telecommunications network, act of God, war, riot, civil commotion, malicious damage, compliance with any law or governmental order, rule, regulation or direction, acts of or restrictions imposed by a government, regulatory or similar authority, accident, breakdown of plant or machinery, fire, flood, storm or default of suppliers or sub-contractors, provided that you are notified of such an event and its expected duration.

11.3 Survival.  Any provision of this Agreement that expressly or by implication is intended to come into or continue in force on or after termination or expiry of this Agreement shall remain in full force and effect.

11.4 Severance.  If any provision (or part of a provision) of this Agreement is found by any court or administrative body of competent jurisdiction to be invalid, unenforceable, or illegal, the other provisions shall remain in force.  If any invalid, unenforceable or illegal provision would be valid, enforceable, or legal if some part of it were deleted, the provision shall apply with whatever modification is necessary to give effect to the commercial intention of the parties.

11.5 Waiver.  No failure or delay by a party to exercise any right or remedy provided under this Agreement or by law shall constitute a waiver of that or any other right or remedy, nor shall it prevent or restrict the further exercise of that or any other right or remedy. No single or partial exercise of such right or remedy shall prevent or restrict the further exercise of that or any other right or remedy.

11.6 Amendment.  Snyk may periodically update the terms of this Agreement. If you have an active Snyk account, Snyk will notify you of updates via an email or a notification through the Services. Unless the notice states otherwise, the updated terms of this Agreement will become effective and binding 30 calendar days after it is posted, and you can find archived recent versions of the terms here. In the event that you: (a) have subscribed to a paid version of the Services and reasonably object to any update to the terms of this Agreement, the parties may discuss in good faith with a view to achieving a commercially reasonable resolution. If no such resolution can be reached within 30 calendar days of Snyk’s receipt of the objection, Snyk will either not implement the update (or any part of the update which forms the subject of the objection) with respect to your use of the Services, or permit you to terminate this Agreement (and any applicable Order Form or Service Plan) without liability to either party; or (b) have subscribed to a free version of the Services and do not agree to any update to the terms of this Agreement, you must delete your organization and projects from the Services as described in Section 10.3(b) and immediately stop using the Services, at which point this Agreement will be deemed to have been terminated by you. If this Agreement is terminated pursuant to this Section 11.6, Snyk will refund (or cause its Channel Partner to refund, where applicable) any pre-paid Subscription Fees (if any) for such Services not delivered as of the date of termination. If you continue to use the Services after the update becomes effective, you acknowledge that you will be deemed to have agreed to (and will be bound by) the updated terms. No other amendment or modification of this Agreement, including by you or, where applicable, by any Channel Partner, shall be effective unless it is in writing and signed by an authorized representative of each party.

11.7 Entire Agreement.  This Agreement, and any Order Forms, Service Plans, exhibits, schedules, attachments, and appendices referred to in it, constitute the whole agreement between the parties and supersede any previous arrangement, understanding or agreement between the parties relating to the subject matter they cover.  Each of the parties acknowledges and agrees that in entering into this Agreement it does not rely on any undertaking, promise, assurance, statement, representation, warranty or understanding (whether in writing or not) of any person (whether party to this Agreement or not) relating to the subject matter of this Agreement, other than as expressly set out in this Agreement.  No terms included in any purchase order or other ordering document, or any vendor invoicing service or similar platform or portal, maintained by or on your behalf shall be binding or have any effect. 

11.8 Conflict and Authority: If your subscription to the Services is purchased through a Channel Partner, the Channel Partner (and not Snyk) is responsible for ensuring that the contents of any agreement between you and the Channel Partner, and the contents of any Order Form issued by the Channel Partner, are accurate and correct. In the event of a conflict between any provision in this Agreement and any provision in any agreement (or Order Form) between you and a Channel Partner, this Agreement will prevail to the extent of the conflict. The Channel Partner (if any) is not permitted to modify this Agreement, to make any warranties, representations, or undertakings on Snyk’s behalf, or to bind Snyk to any obligations other than those set forth in this Agreement. Snyk will, however, have the right to enforce this Agreement and any Order Form directly against you.  

11.9 Assignment.  Neither party may assign or transfer this Agreement or any performance rights or obligations under this Agreement without the prior written consent of the other party. Notwithstanding the foregoing, no consent is required for: (a) either party to assign this Agreement in its entirety to an Affiliate or to a successor of all or substantially all its assets through merger, reorganization, consolidation, or acquisition, provided that the assigning party provides notice of the assignment to the other party; or (b) a Channel Partner (if any) to assign your Order Form to Snyk, in which event you will continue to be bound by this Agreement.  No assignment shall relieve the assigning party of any of its obligations hereunder incurred prior to the assignment. Any attempted assignment, transfer, or other conveyance in violation of the foregoing shall be null and void. This Agreement shall be binding upon and shall inure to the benefit of the parties hereto and their respective successors and permitted assigns.

11.10 No Partnership or Agency.  Nothing in this Agreement is intended to or will operate to create a partnership between the parties, or authorize either party to act as agent for the other, and neither party shall have the authority to act in the name or on behalf of or otherwise to bind the other in any way (including, but not limited to, the making of any representation or warranty, the assumption of any obligation or liability and the exercise of any right or power).

11.11 Third Party Rights.  This Agreement is for the sole benefit of the parties hereto and their respective successors and permitted assigns and nothing herein, express, or implied, is intended to or shall confer upon any other person any legal or equitable right, benefit, or remedy of any nature whatsoever under or by reason of this Agreement.

11.12 Notices.  Any notice required to be given under this Agreement shall be in writing and sent by email to the other party's email address as set out in this Agreement (or such other email address as the other party may have notified in accordance with this Section 11.12). Snyk’s email address for notices is: legal@snyk.io, provided that any notice of non-renewal referred to in Section 10.1(c) of this Agreement must be sent to: renewals@snyk.io. A notice sent by email shall be deemed to have been received at the time of transmission. 

11.13 EU Data Act. If you are located in the European Union or otherwise subject to the EU Data Act, the EU Data Act Addendum displayed at https://snyk.io/policies/eu-data-act-addendum/ will apply and form part of this Agreement.

11.14 Governing Law.  If you are contracting with Snyk, Inc., this Agreement will be governed by and construed in accordance with the law of the State of Delaware, excluding its conflicts of laws rules and each party irrevocably agrees that the courts located in Dover, Delaware shall have exclusive jurisdiction to settle any dispute or claim arising out of or in connection with this Agreement. If you are contracting with Snyk Limited, this Agreement will be governed by and construed in accordance with the laws of the England and Wales, excluding its conflicts of law rules and each party irrevocably agrees that the courts of England and Wales shall have exclusive jurisdiction to settle any dispute or claim (including non-contractual disputes or claims) arising out of or in connection with this Agreement.

Schedule 1: definitions

“Affiliate” means any entity that controls, is controlled by or is under common control with a party. For purposes of this definition, “control” means at least 50% of the capital, assets, voting stock, profits, interests, or similar participation rights are owned or controlled, directly or indirectly by an entity under this definition;

"AI Model" means any generative large language models incorporated within the Services and which are trained on large datasets to autonomously generate novel outputs constituting text, source code, and/or other content in response to a prompt or other input;

“Application” means the proprietary software applications made available by Snyk, including Snyk Code, Snyk Open Source, Snyk Container, Snyk Infrastructure as Code,, and Snyk API and Web, that are listed on an Order Form or in the Service Plan (as required by the context), and are more particularly described in the Documentation;

“Beta Services” means a product, service or functionality that may be made available to you to try, and which is designated beta, pilot, experimental preview, early access, or similar designation; 

“Business Day” means a day other than a Saturday, Sunday or federal or national holiday in the applicable jurisdiction;

"Channel Partner" means a third party authorized by Snyk to resell the Services;

“Code Asset” means any source code repository, code file, configuration file, web application, API, container image, cloud asset, or similar software asset relating to your software projects stored in your source code manager and used in conjunction with the Services;

“Confidential Information” means all non-public information (however recorded or preserved) disclosed by a party to the other party that is conspicuously marked as confidential or would normally be considered confidential information by a reasonable party under the circumstances;

“Contributing Developer” means an employee, independent contractor, or other individual acting for or on your behalf  who has contributed to the Code Asset during a 90-day rolling period by modifying, programming, or testing the Code Asset;

“Customer Data” means any data input into the Services by Users for the purpose of using the Services, including the Code Asset;

“Documentation” means the information made available to Snyk’s customers via https://snyk.io/docs or their successor websites that sets out a description of the Services and instructions for use of the Services, as may be updated from time to time;

“Evaluation Period” means the evaluation period designated in writing by Snyk, or where the duration of the Evaluation Period has not been designated in writing by Snyk, a period of 30 calendar days;

"Inputs" means any Customer Data input into a Snyk AI Model by Users for the purpose of using the Services;

“Intellectual Property Rights” means all rights to patents, inventions, copyright and related rights, trademarks, business names and domain names, get-up, goodwill, designs, computer software, database rights, including know-how and trade secrets, and all other intellectual property rights;

“Losses” means all losses, damages, deficiencies, claims, actions, judgments, settlements, interest, awards, penalties, fines, costs, or expenses of whatever kind, including reasonable attorneys' fees and the costs of enforcing any right to indemnification hereunder and the cost of pursuing any insurance providers;

“Order Form” means Snyk’s or, where applicable, the Channel Partner’s, form of ordering document that, if signed by you, is incorporated into this Agreement by reference and specifies the Services and Support to be provided by Snyk pursuant to this Agreement;

“Outputs” means the reports generated by Snyk’s AI Models (a) specific to your Inputs and which indicate the existence and/or location of certain Vulnerabilities, and/or (b) which indicate your implementation or non-implementation of Snyk Fixes within your Code Assets;

“Permitted Purpose” means: (a) where you have subscribed to the Services for an Evaluation, the use of the Services by you solely for internal testing of the Services to assess their suitability to help you secure your software development lifecycle; or (b) where you have subscribed to the Services for any other reason permitted by this Agreement, the use of the Services, Support, and Documentation solely for your internal business operations to support the development, maintenance, and  functionality of the Code Asset; 

“Service Data” means the information and data made available to you by Snyk in connection with the Services, including Vulnerabilities and Snyk Fixes, but excluding Outputs;

“Service Plan” means, where you do not sign an Order Form, the applicable service plan described at  https://snyk.io/plans selected by you which specifies the Services and Support (if any) to be provided by Snyk pursuant to this Agreement;

“Services” means the Applications subscribed to by you on an Order Form or Service Plan, whichever is applicable, as well as the related Tools and Service Data;

“Snyk” means Snyk Inc, a company incorporated in Delaware, having an office at 100 Summer Street, 7^th Floor, Boston, MA 02110 if you are located in the United States or Snyk Limited, a company incorporated in England and Wales (No. 09677925), having its registered office at Suite 4, 7th Floor, 50 Broadway, London, SW1H 0DB United Kingdom if you are located in any other country;

“Snyk Fix” means a fix suggested by the Services with respect to a particular Vulnerability, which may include a patch, recommended version upgrade, or security setting reconfiguration;

“Subscription Allocation” means the limits on the use of the Services set out in an Order Form or Service Plan, whichever is applicable, including Test Limits and any other limits on the number of Contributing Developers, or Code Assets;

“Subscription Fees” means, where applicable, the fees payable for the Subscription Allocation and any other fees set out in the Order Form or Service Plan; 

“Support” means the support services, including, if applicable, any of the fixed-fee and fixed-scope implementation services packages (e.g. Jumpstart), listed on an Order Form or Service Plan (whichever is applicable), and further described at https://docs.snyk.io/more-info/snyk-terms-of-support-and-services-glossary;

“Test Limits” means the number of tests included as part of your Subscription Allocation;

“Term” means the term of this Agreement, commencing on the Commencement Date and enduring for the period defined in Section 10.1 (a), (b) or (c) as required by the context; 

“Tools” means the software applications that enable access to the Services, including the APIs, CLI, IDE, and SCM;

“Usage Data” means information relating to the provision, use and performance of various aspects of the Services and related systems and technologies (including information concerning your and your Users’ use of the various features and functionality of the Services and analytics and statistical data derived therefrom);

“Users” means those Contributing Developers, employees, independent contractors, or other individuals acting for or on your (or your Affiliates) behalf, who are permitted by you to access the Services; 

“Virus” means any software, code, file, or program that is intended to adversely affect the operation of any computer software, hardware, or network, including malware, worms, and Trojan horses; 

“Vulnerability” means a vulnerability, security misconfiguration, or other issue as identified by the Services based on security rules and controls set within the Services; 

“you” or “your” means, as required by the context, the person that agrees to this Agreement, if this Agreement is agreed to by that person on their own behalf, or, the company or other entity that the person represents, if this Agreement is agreed to by the person on behalf of a company or other entity in the manner described above.  

Schedule 2 - Service Level Agreement (“SLA”)

1. Snyk shall endeavour to ensure that the Services are available to you 99.9% of the time. If the Services availability falls below 99.9% in any calendar month, Snyk will provide you the Service Credit as described below.  

2. If Monthly Uptime Percentage is below 95% for: (a) three consecutive months; or, (b) any three months during any twelve-month period; then, in addition to the 10-day Service Credit referenced above, you will also have the right to terminate this Agreement upon 10 Business Days’ written notice to Snyk. 

3. The aggregate maximum number of Service Credits you can claim for Downtime periods that occur in a single calendar month shall not exceed the equivalent of 10 days of Services being added to your account.

4. This SLA does not apply to any unavailability of the Services caused by: (a) your acts or omissions; (b) the failure or malfunction of equipment, applications or systems not owned or controlled by Snyk; (c) third party connections or utilities or other reasons beyond Snyk’s control (d) any inconsistencies or changes in your source environment, including either intentional or accidental connections or disconnections to the environment; (e) Customer Data; (f) Force Majeure events; (g) any suspension of the Services in accordance with the terms of this Agreement; (h) you using the Services in a manner inconsistent with the Documentation; (i) Scheduled Downtime; or, (j) Emergency Downtime.

5. You must request the applicable Service Credit by written notice to Snyk within sixty (60) days of an event which gives rise to Service Credits as outlined in the table above. You waive any right to Service Credits not requested within this time period. All performance calculations and applicable Service Credits are based on Snyk’s records and data unless you can provide Snyk with clear and convincing evidence to the contrary.

6. The provision of Service Credits and the right to terminate pursuant to Section 2 of this SLA shall be your exclusive remedy, and Snyk’s entire liability, for Snyk’s failure to adhere to this SLA. 

7. Definitions

The following definitions apply to this SLA:

Downtime: in a given calendar month, the number of minutes during which the proportion of failed responses to user requests to APIs owned or controlled by Snyk, calculated as part of the overall API responses to such user requests, exceeds five percent. Snyk tracks its API responses and monitors their success rate by counting the failed responses as part of the overall response count. Downtime does not include Emergency Downtime or Scheduled Downtime.

Emergency Downtime: those times where Snyk becomes aware of a vulnerability or other issue which, based on a risk assessment of the vulnerability, Snyk determines requires immediate remediation and, as a result, the Services are made temporarily unavailable in order for Snyk to address the vulnerability.

Monthly Uptime Percentage: the total number of minutes in the calendar month minus the number of minutes of Downtime suffered in the calendar month, divided by the total number of minutes in the calendar month.

Scheduled Downtime: those times where Snyk notifies you of Downtime 72 hours prior to the commencement of such Downtime, provided that Snyk will use commercially reasonable efforts to: (a) utilize no more than 3 hours of Scheduled Downtime per quarter; and (b) carry out Scheduled Downtime at low traffic times.