Microsoft Word - Comodo SSL Certificate Subscriber Agreement - click

SSL Subscriber Agreement – click - 082009

COMODO CERTIFICATE SUBSCRIBER AGREEMENT

IMPORTANT—PLEASE READ THIS CERTIFICATE SUBSCRIBER AGREEMENT CAREFULLY

BEFORE APPLYING FOR, ACCEPTING, OR USING A COMODO CERTIFICATE. BY USING,

APPLYING FOR, OR ACCEPTING A COMODO CERTIFICATE OR BY CLICKING ON “I AGREE”, YOU

ACKNOWLEDGE THAT YOU HAVE READ THIS AGREEMENT, THAT YOU UNDERSTAND IT, AND

THAT YOU AGREE TO ITS TERMS. IF YOU DO NOT ACCEPT THIS AGREEMENT, DO NOT APPLY

FOR, ACCEPT, OR USE A COMODO CERTIFICATE AND DO NOT CLICK “I AGREE”.

This agreement is between you (“Subscriber”) and Comodo CA Limited (“Comodo”), a United Kingdom

company. The agreement governs your application for and use of an SSL Certificate issued from

Comodo. You and Comodo agree as follows:

1. Subscription Service.

1.1. Issuance. Upon Comodo’s acceptance of Subscriber’s application for a Certificate, Comodo

shall attempt to validate the application information in accordance with the Comodo CPS and,

for EV Certificates, the EV Guidelines. If Comodo chooses to accept the application and can

validate Subscriber to Comodo’s satisfaction, Comodo shall issue the ordered Certificate(s)

to Subscriber. Comodo may refuse an application for any reason.

1.2. Multiple Certificates. This agreement applies to multiple future Certificate request and any

resulting Certificates, regardless of when the Certificate is requested or issued.

1.3. License. After issuance, Comodo grants Subscriber a revocable, non-exclusive, non-

transferable license to use the issued Certificates on the server hosting the domain name(s)

listed in the Certificate. Comodo also grants Subscriber a non-exclusive, non-transferable,

and revocable license to use Comodo’s EV AUTO-Enhancer and EV Enhancer technology in

connection with Comodo EV Certificates. All rights not expressly granted herein to

Subscriber are reserved to Comodo.

1.4. TrustLogos. Comodo grants Subscriber a license to display purchased TrustLogos on

domain(s) secured by a Comodo Certificate. When revoking a Certificate, Comodo may also

revoke any TrustLogos issued to the same site. Subscriber shall not modify a TrustLogo in

any manner. Subscriber shall not display or use a TrustLogo 1) to represent that Comodo

guarantees any non-Comodo products or services, 2) on a site that is misleading,

defamatory, libelous, disparaging, obscene or otherwise objectionable to Comodo, or 3) in a

way that harms Comodo’s rights to its trademarks or harms Comodo’s business reputation.

1.5. Fee. Subscriber shall pay all applicable fees for the Certificate before it issues. Certificate

fees are provided to Subscriber during the application process. All payments are non-

refundable, except that the Certificate’s seller will refund a payment if, before twenty (20)

business days after the Certificate’s issuance, the Subscriber has 1) not used the Certificate

and 2) made a written request to Comodo for the Certificate’s revocation.

1.6. Subscriber Obligations. Subscriber shall:

(i) use the Certificates only for the purposes listed in the Comodo CPS;

(ii) only install an issued Certificate on the servers accessible at the domain name(s) listed in

the Certificate and only use an issued Certificate for authorized business of the

Subscriber;

(iii) be responsible for any computer hardware, telecommunications hardware, and software

necessary to use the Certificate;

SSL Subscriber Agreement – click - 082009

(iv) obtain and maintain any authorization or license necessary to use the Certificate;

(v) bind every Relying Party to Comodo’s Relying Party Agreement;

(vi) keep Confidential Information confidential and uncompromised, and immediately inform

Comodo and request revocation of any affected Certificates if Subscriber reasonably

believes that Confidential Information is likely to be disclosed or compromised;

(vii) ensure that all information provided to Comodo is complete and accurate and does not

include any information that would be unlawful, contrary to public interest, or otherwise

likely to damage the business or reputation of Comodo if used in any way;

(viii) immediately cease using a Certificate and associated Private Key 1) if the Private Key is

compromised or 2) after the Certificate is expired or revoked,

(ix) immediately notify Comodo of 1) any a breach of this agreement or 2) any information

provided to Comodo changes, ceases to be accurate, or becomes inconsistent with the

warranties made by Subscriber herein, and

(x) comply with all applicable local and international laws when receiving or using a

Certificate, including all export laws. Subscriber shall not export or re-export, either

directly or indirectly, any Certificate to a country or entity under United Kingdom or United

States restrictions. SUBSCRIBER ASSUMES ALL LIABILITY FOR ITS VIOLATION OF

EXPORT LAWS.

1.7. Restrictions. Subscriber shall not:

(i) impersonate or misrepresent Subscriber’s affiliation with any entity,

(ii) modify, license, create a derivative work of, or transfer any Certificate (except as required

to use the Certificate) or Private Key;

(iii) install or use an issued Certificate until after Subscriber has reviewed and verified the

Certificate data’s accuracy;

(iv) upload or distribute any files or software that may damage the operation of another’s

computer,

(v) use the Services to 1) engage in conduct that is offensive, abusive, contrary to public

morality, indecent, defamatory, obscene, or menacing, 2) breach the confidence of a third

party, 3) cause Comodo or a third party distress, annoyance, denial of any service,

disruption or inconvenience, 4) send or receive unsolicited bulk correspondence or 5)

create a Private Key that is substantially similar to a Comodo or third party’s Private Key,

(vi) make representations regarding the Service to any third party except as agreed to in

writing by Comodo.

2. Warranties and Representations. Subscriber warrants that:

(i) for EV Certificates, the subject named in the Certificate has exclusive control of the

domain name(s) listed in the Certificate;

(ii) it has full power and authority to enter into this agreement and perform its obligations

hereunder;

(iii) for EV Certificates, the individual accepting the Agreement is expressly authorized by

Subscriber to sign the agreement for Subscriber.

SSL Subscriber Agreement – click - 082009

3. Revocation. Comodo may revoke a Certificate if Comodo believes that:

(i) Subscriber requested revocation of the Certificate;

(ii) Subscriber did not authorize the Certificate and has not retroactively granted

authorization;

(iii) Subscriber breached this Agreement;

(iv) Confidential Information related to the Certificate has been disclosed or compromised;

(v) the Certificate has been 1) misused, 2) used contrary to law, rule, or regulation or 3)

used, directly or indirectly, for illegal or fraudulent purposes;

(vi) information in the Certificate is inaccurate or misleading,

(vii) for EV Certificates, Subscriber loses exclusive control over a domain name listed in the

Certificate;

(viii) the Certificate was not issued or used in accordance with Comodo’s CPS, industry

standards, or, for EV Certificates, the EV Guidelines;

(ix) Comodo 1) ceased operations or 2) is no longer allowed to issue the Certificate, and no

other certificate authority has agreed to provide revocation support for the Certificate;

(x) Subscriber is added as a denied party or prohibited person to a blacklist, or is operating

from a prohibited destination under the laws of Comodo’s jurisdiction of operation;

(xi) the Certificate was issued to publishers of malicious software;

(xii) the CPS authorizes revocation of the Certificate; or

(xiii) the Certificate, if not revoked, will compromise the trust status of Comodo.

After revoking the Certificate, Comodo may, in its sole discretion, reissue the Certificate to

Subscriber or terminate the agreement.

4. Intellectual Property Rights.

4.1. Comodo IP Rights. Comodo retains, and Subscriber shall not obtain or claim, all title, interest,

and ownership rights in:

(i) the Services, including issued Certificates,

(ii) all copies or derivative works of the Services, regardless of who produced, requested, or

suggested the copy or derivative work,

(iii) all documentation and materials provided by Comodo, and

(iv) all of Comodo’s copyrights, patent rights, trade secret rights and other proprietary rights.

4.2. Trademarks. Subscriber shall not use a Comodo trademark without Comodo’s written

consent. Comodo consents to use of trademarks in connection with provided TrustLogos.

4.3. Other Rights. EV AUTO-Enhancer™ for Windows uses Microsoft Detours Professional 2.1.

be covered by patents owned by Microsoft corporation.

SSL Subscriber Agreement – click - 082009

Microsoft, MS-DOS, Windows, Windows NT, Windows 2000, Windows XP, and DirectX are

registered trademarks or trademarks of Microsoft Corporation in the U.S. and other countries.

5. Indemnification.

5.1. Indemnification. Subscriber shall indemnify Comodo and its affiliates and their respective

directors, officers, employees, and agents (each an “Indemnified Person”) against all

liabilities, losses, expenses, or costs (including reasonable attorney’s fees) (collectively

“Losses”) that, directly or indirectly, are based on Subscriber’s breach of this agreement,

information provided by Subscriber, or Subscriber’s or its customers’ infringement on the

rights of a third party.

5.2. Indemnification Procedure. Comodo shall notify Subscriber promptly of any demand for

indemnification. However, Comodo’s failure to notify will not relieve Subscriber from its

indemnification obligations except to the extent that the failure to provide timely notice

materially prejudices Subscriber. Subscriber may assume the defense of any action, suit, or

proceeding giving rise to an indemnification obligation unless assuming the defense would

result in potential conflicting interests as determined by the Indemnified Person in good faith.

Subscriber may not settle any claim, action, suit or proceeding related to this agreement

unless the settlement also includes an unconditional release of all Indemnified Persons from

liability.

5.3. Additional Liability. The indemnification obligations of Subscriber are not Comodo’s sole

remedy for Subscriber’s breach and are in addition to any other remedies Comodo may have

against Subscriber under this agreement. Subscriber’s indemnification obligations survive

the termination of this agreement.

6. Term and Termination.

6.1. Term. Unless otherwise terminated as allowed herein, this agreement is effective upon

Subscriber’s acceptance and lasts for as long as a Certificate issued under the agreement is

valid.

6.2. Termination. Either party may terminate the agreement with 20 business days notice for

convenience. Comodo may terminate this agreement immediately without notice if

(i) Subscriber materially breaches this agreement,

(ii) if Comodo revokes a Certificate as allowed herein,

(iii) if Comodo rejects Subscriber’s Certificate application,

(iv) Comodo cannot satisfactorily validate Subscriber in accordance with section 1.1, or

(v) if industry standards change in a way that affects the validity of the Certificates ordered

by Subscriber.

6.3. Events Upon Termination. After termination, Comodo may revoke any other Certificate’s

issued to Subscriber without further notice. Subscriber shall pay any amounts still owed for

the Certificates. Comodo is not obligated to refund any payment made by Subscriber upon

termination of this Agreement.

7. Disclaimers and Limitation of Liability.

SSL Subscriber Agreement – click - 082009

7.1. Relying Party Warranties. Subscriber acknowledges that the Relying Party Warranty is only

for the benefit of Relying Parties. Subscriber does not have rights under the warranty,

including any right to enforce the terms of the warranty or make a claim under the warranty.

7.2. Exclusion of Warranties. THE SERVICES ARE PROVIDED “AS IS” AND “AS AVAILABLE”.

COMODO EXPRESSLY DISCLAIMS ALL IMPLIED AND EXPRESS WARRANTIES IN THE

SERVICES. THIS DISCLAIMER INCLUDES ALL WARRANTIES OF MERCHANTABILITY,

FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT AND IS

EFFECTIVE TO THE MAXIMUM EXTENT ALLOWED BY LAW. COMODO DOES NOT

GUARANTEE THAT 1) THE SERVICES WILL MEET SUBSCRIBER’S REQUIREMENTS OR

EXPECTATIONS OR 2) THAT ACCESS TO THE SERVICES WILL BE UNINTERRUPTED,

TIMELY, SECURE, OR ERROR-FREE.

7.3. Limitation on Liability. SUBJECT TO SECTION 7.4, THE TOTAL LIABILITY OF COMODO

AND ITS AFFILIATES, AND EACH OF THEIR OFFICERS, DIRECTORS, PARTNERS,

EMPLOYEES, AND CONTRACTORS, RESULTING FROM OR CONNECTED TO THIS

AGREEMENT IS LIMITED TO THE AMOUNT PAID BY SUBSCRIBER FOR THE SERVICES

GIVING RISE TO THE LIABILITY. SUBSCRIBER WAIVES ALL LIABILITY FOR ANY

SPECIAL, INDIRECT, INCIDENTAL OR CONSEQUENTIAL DAMAGES. THIS WAIVER

INCLUDES ALL DAMAGES FOR LOST PROFITS, REVENUE, USE, OR DATA AND

APPLIES EVEN IF COMODO IS AWARE OF THE POSSIBILITY OF SUCH DAMAGES.

These limitations apply to the maximum extent permitted by law regardless of 1) the reason

for or nature of the liability, including tort claims, 2) the number of any claims, 3) the extent or

nature of the damages, and 4) whether any other provisions of this agreement have been

breached or proven ineffective.

7.4. Exception. Nothing in this agreement excludes or limits the liability of either party for death or

personal injury resulting from the negligence of that party or for any statements made

fraudulently by either party.

8. Remedy.

8.1. Injunctive Relief. Subscriber acknowledges that its breach of this agreement will result in

irreparable harm to Comodo that cannot adequately be redressed by compensatory

damages. Accordingly, in addition to any other legal remedies which may be available,

Comodo may seek and obtain an injunctive order against a breach or threatened breach of

the agreement by Subscriber.

8.2. Limitation on Actions. Except for actions and claims related to a party’s indemnification and

confidentiality obligations, all claims and actions arising from this agreement must be brought

within one (1) year from the date when the cause of action occurred.

8.3. Remedy. Subscriber’s sole remedy for a defect in the Services is to have Comodo use

reasonable efforts to correct the defect. Comodo is not obligated to correct a defect if (i) the

Service was misused, damaged, or modified, (ii) Subscriber did not immediately report the

defect to Comodo, or (iii) Subscriber breached any provision of this agreement.

9. Confidentiality. Except as allowed herein, a party (“Receiving Party”) shall not use or disclose

any Confidential Information provided by the other party (the “Disclosing Party”) other than for the

purpose of performing its obligations under this agreement. The Receiving Party shall take

reasonable measures to prevent unauthorized disclosure and shall ensure that any person

receiving Confidential Information complies with the restrictions in this section. The Receiving

Party may disclose Confidential Information if the information:

(i) is already possessed by the Receiving Party before receipt from the Disclosing Party;

SSL Subscriber Agreement – click - 082009

(ii) is or becomes public domain without fault of the Receiving Party;

(iii) is received by the Receiving Party from a third party who is not under an obligation of

confidentiality or a restriction on the use and disclosure of the information,

(iv) is disclosed in response to the requirements of a law, governmental order, regulation, or

legal process and the Receiving Party first gives prior notice to the Disclosing Party of the

requirement to disclose the information, or

(v) is disclosed under operation of law to the public without a duty of confidentiality.

A party asserting one of the exceptions to Confidential Information above shall prove the

assertion using verifiable documentary evidence. The restrictions contained in this section apply

for the duration of the agreement plus five years after its termination.

10. Privacy.

(i) Comodo shall follow the privacy policy posted on its website when receiving and using

information from the Subscriber. Comodo may amend the privacy policy at any time by

posting the amended privacy policy on its website. Subject to Section 10(ii), Comodo

shall use reasonable efforts in protecting Subscriber’s information. Subscriber

acknowledges that risks remain that are beyond Comodo’s reasonable control and

waives all liability of Comodo for these risks.

(ii) Subscriber consents to 1) Comodo disclosing Subscriber’s information publicly by

embedding the information in issued Certificates and 2) Comodo disclosing and

transferring Subscriber’s information to third parties located outside of the European

Union as necessary to validate and issue Certificates.

(iii) Subscriber may opt-out of having information used for purposes not directly related to the

Services by emailing a clear notice to optout@comodo.com. By clicking “I AGREE”,

Subscriber affirmatively consents to receiving Comodo’s and its affiliates marketing

material.

11. Miscellaneous.

11.1. Force Majeure and Internet Frailties. Other than for payment obligations by Subscriber,

neither party will be liable for a delay or failure to perform an obligation to the extent that the

delay or failure is caused by an occurrence beyond the party's reasonable control. Each party

acknowledges that the operation of the Internet is beyond the other party’s reasonable

control, and neither party will be liable for a delay or failure caused by an interruption or

failure of telecommunication or digital transmission links, Internet slow-downs or failures, or

other such transmission failure.

11.2. Notices. You shall send all notices to Comodo by first class mail in English writing, with

return receipt requested, to Comodo CA Limited, 26 Office Village, 3

Floor, Exchange Quay,

Trafford Road, Salford, Manchester M5 3EQ, United Kingdom. Comodo shall send all

notices to Subscriber’s contact information listed on its Certificate application. Comodo may

send notices by mail, email, or facsimile.

11.3. Entire Agreement. This agreement and all documents referred to herein constitutes the

entire agreement between the parties, superseding all other agreements that may exist with

respect to the subject matter. Section headings are for reference and convenience only and

are not part of the interpretation of this agreement.

SSL Subscriber Agreement – click - 082009

11.4. Amendments. Comodo may amend this agreement, the CPS, the Relying Party Agreement,

the Relying Party Warranty, its website, and any documents listed in its Repository at any

time by posting either the amendment or the amended document in the Repository.

Subscriber shall periodically review the Repository to be aware of any changes. Subscriber

may terminate the agreement if Subscriber does not agree to the amendment. Subscriber’s

continued use of the Services after an amendment is posted constitutes Subscriber’s

acceptance of the amendment.

11.5. Waiver. A party’s failure to enforce a provision of this agreement will not waive the party’s

right to enforce the same provision later or right to enforce any other provision of this

agreement. To be effective, all waivers must be both in writing and signed by the party

benefiting form the waived provision.

11.6. Assignment. Subscriber may not assign any of its rights or obligations under this agreement

without the prior written consent of Comodo. Any transfer without consent is void. Comodo

may assign its rights and obligations without Subscriber’s consent.

11.7. Governing Law and Venue. The laws of England and Wales govern the interpretation,

construction, and enforcement of this agreement and all proceedings arising out of it,

including tort claims, without regard to any conflicts of law principles. All proceedings or legal

action arising from this agreement must be commenced in the courts of England and Wales.

Both parties agree to the exclusive venue and jurisdiction of these courts.

11.8. Severability. Any provision determined invalid or unenforceable by rule of law will be

reformed to the minimum extent necessary to make the provision valid and enforceable. If

reformation is not possible, the provision is deemed omitted and the balance of the

agreement remains valid and enforceable.

11.9. Survival. All provisions of the agreement related to confidentiality, proprietary rights,

indemnification, and limitations of liability survive the termination of the agreement.

11.10. Rights of Third Parties. The Certificate Beneficiaries are express third party beneficiaries of

Subscriber’s obligations and warranties in this agreement.

12. Definitions.

12.1. “Certificate” means a digitally signed electronic data file issued by Comodo to a person or

entity seeking to conduct business over a communications network which contains the

identity of the person authorized to use the Digital Signature, a copy of their Public Key, a

serial number, a time period during which the data file may be used, and a Digital Signature

issued by Comodo.

12.2. “CPS” refers to the documents explaining Comodo’s polices and procedures when operating

its PKI infrastructure.

12.3. “Confidential Information” means all material, data, systems, technical operations, and

other information concerning Comodo’s business operations that is not known to the general

public, including all information about the Certificate issuance services (such as all Private

Keys, personal identification numbers and passwords).

12.4. “Certificate Beneficiaries” means the Subscriber, the Subject named in the Certificate, any

third parties with whom Comodo has entered into a contract for inclusion of its root certificate,

and all Relying Parties that actually rely on such Certificate during the period when it is valid.

12.5. “Digital Signature” means an encrypted electronic data file which is attached to or logically

associated with other electronic data and which identifies and is uniquely linked to the

SSL Subscriber Agreement – click - 082009

signatory of the electronic data, is created using the signatory's Private Key and is linked in a

way so as to make any subsequent changes to the electronic data detectable.

12.6. “EV AUTO-Enhancer” means Comodo’s patent-pending process and software to enable EV

functionality on web browsing computers using a modified Apache configuration file or the

Comodo developed IIS plug-in.

12.7. “EV Certificate” means a Certificate signed to Comodo’s EV root certificate that is designed

for use with an SSL v3 or TLS v 1.0 enabled web browse and that complies with the EV

Guidelines.

12.8. “EV Enhancer” means the process and software used by Comodo to enable EV functionality

on web browsing computers by pointing the web browser on the web browsing computer to a

beacon website designed to download and install a new EV root certificate.

12.9. “EV Guidelines” refers to the official, adopted guidelines governing EV Certificates as

established by the CA/Browser Forum that are available online at http://www.cabforum.org.

12.10. “Private Key” means a confidential encrypted electronic data file designed to interface with a

Public Key using the same encryption algorithm and which may be used to create Digital

Signatures, and decrypt files or messages which have been encrypted with a Public Key.

12.11. “Public Key” means a publicly available encrypted electronic data file designed to interface

with a Private Key using the same encryption algorithm and which may be used to verify

Digital Signatures and encrypt files or messages.

12.12. “Relying Party” means an entity that acts in reliance on a Certificate or a Digital Signature.

12.13. “Relying Party Agreement” refers to an agreement located on the Comodo Repository that

governs a Relying Party’s use of the Certificate when transacting business with the

Subscriber’s website.

12.14. “Relying Party Warranty” refers to a warranty offered by Comodo to a Relying Party under

the terms and conditions found in the Comodo Relying Party Agreement in connection with

the Relying Party’s use of a Certificate.

12.15. “Repository” means a publicly available collection of information and databases relating to

Comodo’s Certificate practices and which is available at http://www.comodo.com/repository.

12.16. “Services” means the Certificates ordered hereunder along with any related TrustLogos,

software, and documentation.

12.17. “TrustLogo” means a logo provided by Comodo for use on a Subscriber’s site in connection

with an issued Certificate.

ACCEPTANCE

BY CLICKING “I AGREE”, YOU ACKNOWLEDGE THAT YOU HAVE READ AND UNDERSTAND THIS

AGREEMENT AND THAT YOU AGREE TO COMPLY WITH ITS TERMS. DO NOT CLICK “I AGREE” IF

YOU DO NOT ACCEPT THIS AGREEMENT.