ATOM ONE Product Terms and Conditions
revision September 1st 2020
The ATOM ONE service is operated using Microsoft products available within the Microsoft Azure environment (hereinafter referred to as “Azure”) provided through KPCS CZ s.r.o. The company KPCS CZ s.r.o. (hereinafter referred to as the “Provider”) provides an automated analysis of the monitored environment of the Customer. Recommendations, warnings, and recommendations are provided to the Customer, based on which it can increase the security and health of its IT environment. The Service is provided within the tariffs and extensions that are defined by these Terms and Conditions. The individual functionalities are defined in Article II. The Provider processes information from the Customer's environment, based on which the Service is provided. For the avoidance of doubt, the Provider states that it does not preview databases or systems that are accessible under a different identity than the system identity. Data are obtained using technical means (hereinafter referred to as the “Agent”), which are installed on individual devices in the Customer's environment.
In order to provide the ATOM ONE service, the Customer's cooperation is generally necessary, consisting mainly in allowing access to the Internet from its environment, installing the necessary software, and other steps, which are further described in the technical documentation. Repeated non-cooperation by the Customer is considered as a breach of the Contract by the Customer in a particularly serious manner which may result in a possible withdrawal from the Contract by the Provider. Failure to provide cooperation by the Customer shall not mean an actual delay in the fulfillment of obligations towards the Provider, i.e. the Provider is not in delay for the period of the Customer's delay.
The ATOM ONE service may also be provided within the Customer's existing Azure environment. However, in order for the Service to be deployed the cooperation of the Customer is necessary which enables the access to the environment where the Service shall be deployed.
The Provider provides the service using Basic and Extension Components. The Basic Components form the core of the Service and cannot be removed in order for the Service to function correctly. Extension Components complement the basic functionality with additional, optional functions.
The mentioned components are provided by the Provider in the default form without the need and possibility of modification by the Customer. Therefore, unless stated otherwise in the Contract or the Offer, the Customer has mere access to view, search, merge data of which it is the sole owner. The Provider has the right to modify its own system, it can add data, modify settings, visualize, and activate or deactivate parts of the system. The components are ready for immediate use by the Customer in a fully configured form and which the Provider declares to deliver to the Customer as part of the Service, within 24 hours of ordering, unless there are insurmountable obstacles in the launch of the Service by Microsoft, the Provider or the Customer. Neither the Provider nor the Customer have the opportunity or the right to modify the information already entered in the ATOM ONE service and the Azure platform.
|ATOM ONE Agent Assessment||Status and assessment of the functionality of ATOM ONE agents running on devices, including monitoring of installed versions on individual devices being up to date.|
|ATOM ONE Best Practice Analyzer||Interpretation of Best Practice Analyzer findings running on Windows Server devices.|
|ATOM ONE Local Certificate Assessment||Monitor certificate expiration on devices, including information on deployment across monitored devices.|
|ATOM ONE Local Probe||Monitor the availability of servers and network services provided by the server, including whether the server is manageable over the network.|
|ATOM ONE Local Users and Groups Assessment||An overview of currently running local accounts and groups within Windows, including checking for group membership changes.|
|ATOM ONE Privileged Groups Assessment||Information about membership in critical privileged domain groups in Active Directory domains.|
|ATOM ONE Server Performance Monitoring||Monitoring the performance of connected devices with respect to CPU, RAM, disk, network.|
|ATOM ONE Windows Hardware and Software Inventory||Check and listing of software, hardware, applications and monitor their changes over time, especially with respect to installed applications.|
|ATOM ONE Windows OSE Assessment||Basic assessment of the Windows operating system, including information such as time synchronization, page file usage, service status, etc.|
|ATOM ONE Windows Reliability Monitor||Display information from the Windows Reliability History.|
|ATOM ONE Windows Update Assessment||Check the status of available and installed updates on devices.|
|Agent Health||Health check for Azure service agents.|
|Active Directory Health Check||Active Directory health check with Microsoft's definition of recommendations.|
|AD Replication Status||Check of the replications performed between monitored domain controllers within the Active Directory environment.|
|SQL Health Check||Microsoft SQL Server health check with the definition of Microsoft recommendations.|
|Enhanced data retention||Storing data history above 31 days. Possibility to store data for up to 730 days.|
|SharePoint Assessment||Audit of the access and changes to SharePoint on-premise document libraries.|
|Exchange Assessment||Microsoft Exchange on-premise health check. Requires the Log Management component.|
|Public Web Probe||Check the availability and performance of a publicly available website.|
|DNS Analytics (Microsoft)||Analysis of events of DNS servers running on domain controllers with the possibility of monitoring the translations performed by the DNS server over time.|
|Alert Management||Central view of alerts and events that occurred within the operated ATOM ONE environment.|
|Network Monitoring||Complete monitoring of network traffic.|
|Log Management||Complete collection and potential possibility of event analysis (Windows Event, Linux), except for Security events. Prerequisite for activating Exchange Assessment.|
|Active Directory Advanced Assessment||Advanced Active Directory health and security check.|
|Security||Advanced security environment, collection of security events, information about the number of logins, account bruteforce and other attempts to break the user's identity, the status of the antimalware solution on the server.|
ATOM ONE features
The Provider provides the Service on the basis of an Order from the website or through a Service Offer from the Provider's sales representative. The Service is created on the Azure platform. By accepting these Terms and Conditions, the Customer agrees to the Microsoft Cloud Terms and Conditions, with which it has been made acquainted in advance. The Provider is entitled to confirm this consent to Microsoft when setting up the Service. The Microsoft Cloud Terms and Conditions are available at: https://www.microsoft.com/licensing/docs/customeragreement
|Data collection and transmission||Collection of data using the Provider's agent and their dispatch to Microsoft Azure for further processing and visualization in order to provide the Service.|
|Data analysis||Automatic control of data and connection of information obtained from the Customer's monitored devices based on information about the time of recording the information in the system, including access to a separate console for searching logs in their original form.|
|Data visualization||Visualization of the obtained information within the individual components listed in Article II. of this document, on the basis of which the Customer draws information regarding the status of its environment.|
|Updates||By the own development and development of Microsoft, individual components of the Service may be changed, which are automatically available to the Customer without prior notice from the Provider. Regular updates of agents are performed without prior notice to the Customer.|
|Customer access to the console||The Customer has the right to access the Microsoft Azure platform with the right to view the recorded information and provided Services. The Provider creates a separate account for the Customer and provides a temporary password for the given account immediately after setting up the ATOM ONE service.|
|Service data availability||Data availability is based on the availability of Microsoft Azure.|
|Data retention||Data is stored in the ATOM ONE service for 31 days. The retention time can be extended by activating the Advanced Data Retention Expansion component.|
Service levels, licensing
The Provider is entitled to the payment for the provision of the Service according to the valid Price List or Individual Offer. The Service is provided in several price levels. The service fee is paid monthly and varies according to the number of monitored unique devices in the previous month. The ranges of devices included in individual tariffs are listed in the Price List, which is part of the Provider's Offer and is also located on the Provider's website.
The Provider is also entitled to the payment for the use of Extension Components according to the valid Price List or Individual Offer.
Based on these Terms and Conditions, the Customer may connect devices located anywhere in the world, with the platform being created within Microsoft Azure Region “West Europe”, unless otherwise agreed.
- Under the License, the Provider allows the Customer to perform:
install the agent on devices that correspond to the intended purpose of the Service and/or
upload the agent to the working memory of the device, display and run it and/or
- include the agent in the device backup on used media where the agent is part of the backed-up device, if necessary.
- The Customer undertakes to provide cooperation in terminating the use of the Service, especially in case where ATOM ONE is operated in its own Microsoft Azure environment.
Determination of price and payment method
The Customer shall pay the Provider a monthly payment for the connected monitored devices in the given month, based on the number of unique connected devices. If one device is removed from the system and another device is added to the system at different times during one month, then this counts as two devices.
In addition to the monthly payment for the connected monitored devices, the Customer shall also pay the price for each Extension Component.
Unless otherwise agreed, the Customer shall pay for the Services according to the Price List which is located at www.atomone.net.
If the Service is ordered and the Customer did not have any device connected in the previous month, for the invoicing purposes, it is considered as if one device was connected.
The billing period begins on the 1st day of each month. The Service is charged for the entire commenced month.
Payment for the ATOM ONE services is made in arrears according to the current use of Services in the previous month, based on the invoice issued to the Customer, which is due within 14 days from the date of issue.
The invoice is paid by crediting the amount to the Provider's account. In the event of a delay in payment, a contractual penalty in the amount of 0.1 % of the price of the outstanding performance for the commenced day of delay is agreed. The Provider is entitled to suspend access to the Service for the period of delay in payment of the price. Delay in payment of the price or part thereof for more than 10 working days may lead to the Provider's withdrawal from the Contract and termination of the Service's functionality.
The Customer is entitled to claim the ATOM ONE service, when detecting the defect or in case of unavailability of the Service by the Provider. If such a situation occurs, then an assessment of the event is always carried out. Any compensation may not exceed the monthly price paid by the Customer. The compensation may only be applied from the flat rate for the Basic Components, but not from the payment for the Extension Components.
Upon termination of the Service, the Services (Components) related to the ATOM ONE service will be terminated immediately, including the deletion of data. The Customer acknowledges that the termination of the Service is irreversible, and the data cannot be recovered.
In case of the Customer's own Microsoft Azure environment, upon the termination of the Contract, ATOM ONE components will be deleted. The Customer is obliged to cooperate in deleting the ATOM ONE components, otherwise the Contract and this arrangement will be violated.
The notice period for the Service is one month. The period begins to run the month following the date the notice was given.
The notice may be given only by the Governing Body of the Customer or a person authorized thereby.
Within the performance, the Customer may not claim from the Provider or Microsoft the damages or lost profit caused by improper use of ATOM ONE service or Microsoft Azure or should there be a system failure due to installation on the Customer's device. Deployment of the ATOM ONE service is always carried out under the responsibility of the Customer, not the Provider.
The stipulated price of the ATOM ONE service also includes the relevant license fee for the provided licenses according to Article IX.
The Provider is entitled to unilaterally change the Price List. In the event of disagreement of the Customer, the Customer is entitled to terminate the Contract and terminate the use of the Service. The Provider shall notify the price change at least 30 days in advance.
- In case of Service ordered in a binding manner, failure to provide cooperation by the Customer does not constitute a reason for non-payment for the use of the service according to the Price List.
Obligations of the Customer
Customer is obliged to prevent unexpected events that could negatively affect the ATOM ONE service and the performance by the Provider.
The Customer is therefore obliged to ensure:
Installation, reinstallation, or update of the software components on all monitored devices by itself.
In case of termination of the Service, the Customer is obliged to uninstall all the components, software, and stop using the Service.
- Ensure cooperation in the establishment and operation of the Service, in particular, the provision of data for the setting of individual components of the Service, setting up the environment so that data can be transmitted to the ATOM ONE service.
Definition of the position in relation to Regulation no. 679/2016 and Act No. 101/2000 Sb.
The Provider does not preview databases or applications that could contain confidential information with respect to the protection of privacy, except for information about user access to the system or IP addresses or MAC addresses from which the system was accessed, or information about websites visited. The Provider is considered to be a "Third Party" as specified in REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation). For this reason, the Provider sets out below the conditions of confidentiality in relation to the ascertained facts, which result from the obligations upon delivery of the ATOM ONE service. If there is a separate confidentiality agreement or a processing agreement between the Provider and the Customer, then it is superior thereto.
Within the meaning of the General Data Protection Regulation, the Contracting Parties shall be considered as independent controllers vis-à-vis Data Subjects and as Third Parties vis-à-vis themselves with regard to the definitions set out in Article 4 of the General Data Protection Regulation.
The Contracting Parties are obliged to inform the Data Subject according to the conditions of the General Data Protection Regulation, about the transfer of personal data to the other Party, especially when transferring contact information of employees or partners of the Contracting Parties.
The employees of the Contracting Parties or other natural persons who process personal data on the basis of a contract with the controller and other persons who come into contact with personal data maintained with the controller in the course of fulfilling the rights and obligations prescribed by the law are obliged to keep confidential of personal data and security measures, the disclosure of which would jeopardize the security of personal data.
Each of the Contracting Parties is obliged to take sufficient measures with regard to the context of the performed processing and with regard to the personal data that are processed by the Contracting Party, according to the determined degree of risk of the performed processing. For the avoidance of doubt, neither Party is responsible for the other Party at the level of the measures taken and it is therefore up to each Contracting Party to ensure continued protection by appropriate technical or organizational measures against unauthorized or unlawful processing and accidental loss, destruction or damage.
Neither Contracting Party shall carry out the systematic processing of personal data and transfer the personal data outside the IT space of the Contracting Party that is the controller of the personal data and shall not manipulate the personal data of persons other than employees of the Contracting Parties, which means always only those data that are strictly necessary for the given action.
For the avoidance of doubt, the Contracting Parties agree that this paragraph is without prejudice to the incidental collection of personal data necessary to fulfill the subject matter of the Contract, as such incidental collection is not bound by the terms of the General Data Protection Regulation.
Should it be necessary to carry out systematic processing of personal data of Data Subjects other than employees of the Contracting Parties, then the relationship between the Contracting Parties shall be modified to the processing relationship and an appropriate contract shall be concluded for the processing of personal data of Data Subjects.
Should there be a systematic processing of personal data of Data Subjects, the Contracting Parties are obliged to inform the other Party immediately, but no later than before the start of the processing.
Personal data with which the Contracting Parties come into contact shall be used only for the performance of the subject-matter of the Contract and shall not be used for any other purposes of processing without the prior consent of the other Party.
- If the Contract is terminated then each Contracting Party shall ensure immediate deletion of personal data concerning the Data Subjects of the other Party, except for information on Data Subjects who were directly involved in the performance of the subject-matter of the Contract. These persons shall be stored in the systems in accordance with the applicable text of the "Principles on Personal Data Protection" or also the "Information Memorandum", which is accessible to each of the Contracting Parties.
The Provider representing Microsoft in the negotiations represents that Microsoft becomes the personal data processor in relation to the personal data controller, the Customer. For the avoidance of doubt, the Provider states that it is not responsible for Microsoft's actions as a data controller and states that Microsoft should abide by its Microsoft privacy statement, which can be found here https://privacy.microsoft.com/cs-cz/privacystatement.
If necessary, with regard to the protection of privacy of natural persons or in connection with a breach of security, the Customer may use the contact email address firstname.lastname@example.org, where its request shall be handled, and any questions answered.
Copyright protection according to the Act no. 121/2000 Sb.
The Service contains program components which, in the parts copyrighted by the Provider (Article II. Table No. 1 and No. 2 of this document), are a work protected by copyright in accordance with the relevant provision of Act No. 121/2000 Sb. (Copyright Act).
Azure on which the Service is used is subject to Microsoft copyright protection.
The Licensee is entitled to use ATOM ONE service only within the scope of the granted License and is not entitled to use it other than stipulated by the license conditions, in particular, it is not entitled to:
Edit or otherwise modify the parameters of the Service.
Use the Service in such a way that a third party benefits therefrom, in particular using it to process data for any third party in the provision of services, whether for a fee or free of charge.
Grant authorization forming part of the License in whole or in part, permanently or temporarily, for a fee or free of charge, to a third party.
Make the ATOM ONE service available in any way, in particular, disseminate it or otherwise distribute it, rent, lend or otherwise transfer it, i.e. make the service available to a third party in any way, or otherwise allow a third party to use the service in any way.
Delete or modify the license numbers or any other information contained in the License.
Modify, copy, or otherwise manipulate the source codes.
- Perform reverse engineering services.
The Licensee is obliged to enable the Provider to inspect the use of the scope of the License, even repeatedly. The dates of the inspections shall be notified to the Licensee in writing or electronically at least 7 days in advance.
The Customer is obliged to permanently remove all objects of copyright protection of the Provider's author in the event of termination of the Contract.
the unexpected change in the Service or Services by Microsoft and/or
cancellation of some or all Services by Microsoft and/or
extension of the Provider ´s own service by components that require a change in the price of the service itself, for example due to a higher volume of recorded data and/or
change of price conditions by Microsoft and/or
- event of force majeure.
After the disclosure of the changes by means of electronic communication and before the changes take effect, the Customer has the right to withdraw from the Contract.
Governing law: the relationship between the Customer and the Provider shall be governed by and construed in accordance with the legal regulations of the Czech Republic.
Dispute Resolution: The Customer and the Provider shall try to resolve any dispute arising in connection with this Contract amicably by mutual agreement. Any such dispute, which cannot be resolved by agreement, shall be finally resolved in court proceedings by the locally competent court of the Provider having subject-matter jurisdiction.
Notifications: All notifications, consents and other communications shall be made in writing and delivered in person or by courier with prepaid fees or by post or electronic mail (E-mail) with an electronic signature. In case of communications concerning the change or termination of a contractual relationship, this shall be sent by registered letter by post, electronic data mail box, or e-mail signed with a qualified signature. Notifications addressed to the Provider shall be sent to the following addresses or e-mail addresses (or to such other addresses as the Provider specifies in the notification to the other Party):
- KPCS CZ s.r.o., Kubánské náměstí 1391/11, 100 00 Prague 10 Vršovice
Setting off the receivables. The Customer is not entitled to unilaterally set off any of its receivables against the receivables of the Provider arising from this Contract or to exercise a right of retention against the Provider. The Customer is entitled to assign or transfer the rights and obligations under this Contract to a third party only with the prior written consent of the Provider.
Separability. The unenforceability or invalidity of any article, paragraph, point, sentence or provision of these Terms and Conditions or the Contract of which they form part shall not affect the enforceability or validity of the remaining parts. In the event that any such article, paragraph, point, sentence or provision is or becomes invalid for any reason (including, but not limited to, non-compliance with the statutory provisions of applicable law), the Contracting Parties shall negotiate and agree on a legally acceptable means of achieving the business objectives contained in such invalid article, paragraph, point, sentence or provision.
Contractual limit of liability for damage caused: If the Customer incurs damage in connection with the use of the Service for which the Provider is responsible, the liability for its compensation on the part of the Provider is limited by the amount of performance received.