Last updated: October 15, 2024

​

GENERAL TERMS

​

Brind OÜ, is a private limited company registered under the laws of Estonia, registration code 16849393, with registered address at Harju county, Tallinn, Sepapaja str 6, 15551, Estonia (“Brind", “we” or “us”) which provides a NIS2-based information security management platform and marketplace through brind.hu (“Platform”).

​

Please carefully review these Terms. If you do not agree to be bound by these Terms, you may not use our Services. By accessing the Platform or otherwise using the Services, you acknowledge and agree to be bound by these Terms and also confirm you have read and understood our Privacy Policy.

​

Brind reserves the right to revise, update, and modify these Terms periodically by posting a revised version. If, in Brind’s sole discretion, the modifications to these Terms are significant, we will provide you with notice prior to the changes taking effect, either through email notification or by alerting you on the Platform. Any new features that improve or expand the current Services, including the introduction of new features and resources, will also be subject to these Terms.

​

Unless otherwise stated elsewhere in these Terms or in our notice, the updated Terms will take effect upon publishing and will apply on a going-forward basis. Your continued use of the Services and the Platform following any updates to these Terms signifies your acceptance of such changes.

​

APPLICABILITY

​

These Terms and Conditions (“Terms”) constitute a legally binding agreement between you, the user ("User" or "You"), and Brind, governing your use of the Platform, including, but not limited to, all content such as text, information, images, applications, website, software, and other materials (collectively referred to as the "Services").

​

By using our Platform, you fall into one or more of the following three categories:

• “Users(s)” shall mean individuals or businesses who purchased any of Brind’s subscription plans and are granted access to the Platform, along with Authorized Users;

• “Consultants” refers to individuals or businesses, who are granted access to the Platform in order to provide services related to the NIS2 and other cybersecurity compliance framework.

• "Supplier" means individuals or businesses who are given access to the Platform in order to share with "Users" the information necessary for the "Users'" organization to comply.

​

USE OF THE PLATFORM AND ACCOUNT REGISTRATION

​

The Platform as a comprehensive platform and a marketspace that helps companies in adhering to different cyber security frameworks, including but not limited to the Directive (EU) 2022/2555 of the European Parliament and of the Council of 14 December 2022, I on measures for a high common level of cybersecurity across the Union, ISO 27001, NIST 800-53 and others (the “Business”). It allows companies to manage the security controls related to their systems through country-specific audits, where a GAP analysis is used to identify weaknesses, perform relevant analyses and determine the level of risk, thus facilitating financial planning and the allocation of responsibilities among users. The platform can be used to easily generate an action plan to help improve protection in a systematic way and support regulatory compliance. To fill gaps, Brind allows relevant organizations and service providers to find each other through the platform.

​

Every User has the option to register an account on the Software and, at their discretion, authorize members of their personnel to use the Software (“Authorized Users”) and add third-parties such as consultants, auditors (“Consultants”) and their service providers (“Suppliers”). Each account admin may add up to 50 Authorized Users, 30 Suppliersand 10 Consultants to the Platform depending on the subscription. For those using the „Corp” subscription, unlimited users can be added in each category.

​

Authorized Users granted the right to act on behalf of the User will be considered duly authorized representatives, and any actions they take within the Software will be attributed to the User. The User commits to promptly remove any Authorized User whose cooperation has been terminated with the User.

​

You are solely responsible for maintaining the confidentiality of your password and account and for any and all statements made and acts or omissions that occur through the use of your password and account. In case of any unauthorized access to a User account, Brind must be notified immediately. Until receipt of such notification, Brind has the right to deem any actions undertaken through the User’s account as the actions of such User.

​

While all user data currently resides in Brind's cloud, users will have the option to migrate their subscription in the future, allowing them to store sensitive data on their own infrastructure. It is a hybrid operation that combines Software as a Service operation with on-premise data storage. In this form, anyone can only access the data if they log in on their own network or e. g. use a VPN connection. Otherwise, the sensitive data will remain inaccessible to an external party.

​

Please note that in this case, the protection of the data is the responsibility and liability of the user’s organization. In the case of an on-premise solution, Brind cannot be held responsible for any incidents affecting the customer's infrastructure.

​

Please also note that additional fees may apply for this service.

​

By utilizing the features of the Software, the User or its authorized representatives assume sole responsibility for ensuring compliance with the NIS2 directive. Brind does not warrant or guarantee automatic compliance with NIS2 or any other implemented cybersecurity framework through mere usage of the Software. Furthermore, all Users hereby affirm their commitment to adhere to EU laws, as well as country-specific laws, regulations, and industry best practices relevant to their business operations.

​

THIRD-PARTIES (PARTNERS)

​

Brind distinguishes between two types of cooperation. The "Marketplace Partner" category includes software and hardware vendors, resellers, distributors and service providers who only wish to participate in the operation of the Platform as a solution to the "Users'" GAPs.

​

A “Consultant Partner” is a legal entity, typically a consultancy firm or a sole trader, who, in addition to participating in the Platform, helps to populate the Platform after obtaining "Consultancy" rights, possibly as an outsourced professional (e.g. Information Security Officer) to operate the Information Security Management System. Consultant Partners will undergo a training course to ensure that the Users can use the Platform effectively and appropriately.

​

Through the use of the Services, you may have the opportunity to engage in commercial transactions or communications with various Partners (e.g. Consultants, software and hardware providers, distributors) at the Platform functionality. The Services may facilitate matchmaking with appropriate third-parties (Marketplace Partners and Consultant Partners) specializing in NIS2 compliance consultation, including but not limited to Consultants, auditors, supply chain data managers, hardware and software providers and other related specialists.

​

You acknowledge that all transactions related to any services offered by any third-party, including but not limited to payment terms, warranties and guarantees are agreed solely between you and such third-parties.

​

While Brind endeavors to do a thorough background check of the Marketplace Partner and Consultant Partner before facilitating any matchmaking, it is crucial to recognize that engaging in such transactions carries inherent risks. Users should exercise diligence and caution when entering into any commercial agreements, sharing NIS2 compliance documents, or communications facilitated through the Services. Brind does not provide any guarantees or warranties regarding the suitability, reliability, or performance of third-party service providers, and Users acknowledge and accept full responsibility for any risks associated with such engagements.

​

Brind reserves the right to charge Marketplace Partners and Consultant Partners separate fees for the matchmaking Services as a yearly subscription fee in the future. It will notify the partners concerned at least 1 month before the start of the fee.

​

SUBSCRIPTION PLANS AND PAYMENT

​

Brind provides a fee-based features.

​

Brind Users are entitled to use the Platform after payment of a monthly fee. Subscriptions can only be made by an authorized person of the organization through the interface on the website, according to the subscription packages and prices advertised there. If the subscription is for a 2-year period, a discounted price will be granted. In this case the relevant bank account will be debited on a monthly basis as well. Brind is entitled to offer individual discounts to all concerned directly or through its Partners.

​

In case a Consultant Partner wishes to perform a GAP analysis and cybersecurity assurance project (“Assurance Project”) of its client through the Brind platform, in accordance with NIS2 (or other frameworks), the Partner can provide the Consultant a free discount code for a maximum of 4 months, after a valid deal registration. At the end of the assurance work or at the end of the 4 months, the User will be required to purchase one of the subscription packages advertised on the website or to cancel the service.

​

We offer a 14-day trial period for all subscriptions. This is not applicable in case the Users has already used the platform with the Partner in the framework of the "Assurance Project".

​

The subscription is valid for one legal entity. The functionalities include, in the case of a group of companies, the possibility to access the data of the other entities with the appropriate permissions for the parent company in respect of a parent-subsidiary company. This is possible if all the legal entities to be linked are subscribed to the service. Should User’s opt for fee-based features, they undertake to remit the corresponding fees to Brind in accordance with the price list. All prices will be exclusive of taxes (VAT or otherwise), which may be added based on applicable law and the User’s legal residence.

​

Brind retains the unilateral right to amend the price list, with prior notification to Users before implementing any changes. Users will have the option to accept the amended price list or terminate their use of the Services.

​

GUIDELINES FOR SOFTWARE USE AND USER DATA MANAGEMENT

​

When utilizing our Services for managing your NIS2 and/or other cybersecurity compliance frameworks, Brind may furnish pre-filled forms, templates, lists, NIS2 controls based on the information provided by the User. These suggested and pre-filled or partially pre-filled forms, templates, and lists serve as incomplete assistance in creating the User's own NIS2 compliance framework and should always be verified and modified by the User to align with the requirements of the NIS2.

​

Brind solely provides a platform and user interface for managing a paperless NIS2 compliance framework. The User is responsible for all content entered into or used within the Software.

​

Brind does not own any data, information such as supply chain data, company data, suggestions, trade secrets, NIS2 compliance documents or any other material that the Users submit to the Software while using the Services ("User Data"). The User shall have sole responsibility for the accuracy, quality, integrity, legality, reliability, appropriateness, and intellectual property ownership or right to use any and all User Data. Brind shall not be responsible or liable for the deletion, correction, destruction, damage, loss, or failure to store any User Data. In the event that User Data infringes upon third-party rights, the User agrees to indemnify Brind for all claims and losses related to such infringement and/or illegality.

​

We respect your ownership rights over the User Data created or stored by you. You retain full ownership of such content. Unless specifically permitted by you, your use of the Platform does not grant Brind the license to reproduce, adapt, or modify the content created by you or stored in your account for commercial, marketing, or any similar purposes. However, by using the Platform, you grant Brind permission to use, access, copy, distribute, store, transmit, reformat, publicly display, and publicly perform the User Data solely for the purpose of providing the Platform to you and in accordance with these Terms and our Privacy Policy.

​

You may transmit or publish User Data created by you using our Platform. However, you shall bear sole responsibility for such User Data and the consequences of its transmission or publication. Any User Data made public will be accessible through the internet and may be crawled and indexed by search engines. It is your responsibility to ensure that you do not inadvertently make any private content publicly available.

​

During your utilization of any of the Services, should you come across any content featuring copyright notices or copy protection features, you are obligated not to tamper with or disable these notices or features. By uploading any copyrighted or copyrightable content onto the Software, you assert that you have acquired the requisite consent, authorization, or permission from all individuals who may assert rights to such content, thereby allowing its distribution in the manner in which it is made available.

​

Our Service is hosted by Brind or by a subcontractor carefully selected by us. We adhere to rigorous data backup protocols and regularly store all data associated with the Service. In the unlikely event of data loss experienced by a User with a paid service plan, we will make reasonable efforts to restore the data from the most recent working backup.

​

The User administrators of each account shall have full control over all User Data submitted to the Software, and such User Data shall be deemed the property of the respective legal entity is deemed as a User. Brind, upon request by the respective User administrator, may remove, modify, edit, or otherwise alter any applicable User Data. However, the suggestions regarding security controls made by Users shall be duly assigned and owned by Brind.

​

EDU SYSTEM​

 

Brind is committed to the cybersecurity profession and to training the professionals of the future. To this end, it operates a dedicated Edu System.

​

Brind warns users that the Edu System is maintained specifically for educational purposes and is used by students at several educational institutions and employees of several organisations at the same time. It is not a full-fledged environment. Some features may differ from the live systems and those shown in the product demos. In particular, we would like to emphasize that users should NOT enter here any explicit, sensitive data related to their organizations or electronic information systems! Some of the information given here will be visible to other users of the Edu system. Brind cannot guarantee the confidentiality of the information provided here.

​

ACCEPTABLE USE POLICY

​

You agree and acknowledge that you must not and will not permit any third-party to:

1. resell, assign, transfer, distribute or provide others with access to the private features of the Platform;

2. copy, modify, adapt, reverse-engineer, decompile or otherwise discover the source code of the Platform or extract or use any material on the Platform for any other purpose than prescribed herein;

3. send or store material containing viruses, worms, Trojan horses or other harmful computer code, files, scripts, agents or programs;

4. to violate any applicable law, any third party’s intellectual property rights, or anyone’s right of privacy or publicity; or

5. to process personal data of third-parties without prior consent or personal data of minors under the age of 16 without parental consent.

​

In the event that Brind reasonably suspects a breach or imminent breach of this Acceptable Use Policy, we reserve the right to suspend or terminate access to the Platform, without assuming any liability. Furthermore, Brind reserves the right to notify you of the foregoing breach of Acceptable Use Policy.

​

INTELLECTUAL PROPERTY RIGHTS

​

Brind and its licensors retain sole ownership of all rights, titles, and interests pertaining to the intellectual property rights in the Software. By agreeing to these Terms, you commit to complying with all relevant intellectual property laws. Intellectual property encompasses the Software, source codes, and other software components of the Services, as well as the content of the website located at www.brind.hu and www.brind.io, the domain name, and the Services themselves (excluding User Data). Trademarks, names, and other Intellectual Property Rights associated with Brind and its affiliated companies or third parties who have licensed their use to Brind are deemed exclusive property of Brind.

​

Subject to your compliance with these Terms, Brind grants you a limited, non-exclusive, non-sublicensable, non-transferable, and revocable right to access and use the Services and Software only for your own internal use, and only in a manner that complies with these Terms and all legal requirements that apply to you or your use of the Services. All rights not expressly granted to you are reserved by Brind.

​

These Terms do not convey to the User any rights of ownership in or related to the Services, Software, or other intellectual property rights. The User may use the Brind name, logo, and other trademarks associated with Brind or its affiliated companies with prior permission only.

​

PERSONAL DATA PROTECTION

​

In respect to the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (GDPR) the User is considered the data controller and Brind is to be considered as a data processor with respect to the personal data uploaded by the User to the Software.

​

Brind otherwise processes personal data in accordance with the requirements and principles of the GDPR and its Privacy Policy.

​

SUSPENSION OR TERMINATION OF USE

​

Brind reserves the right to temporarily suspend a User from the Software for a specific duration or permanently remove them from the platform immediately, and/or decline forwarding any orders, without any obligation to provide compensation for loss of profit, under the following circumstances.

1. Brind has reasonable belief of fraudulent acts by the User when using the Software;

2. the User is in default with the payment of any fees to Brind (if applicable) and does not rectify the default within the additional term of at least 15 calendar days;

3. the User otherwise fails to comply with their obligations under these Terms.

​

The User may terminate the use of the Software at any time without cause by notifying Brind thereof in a format reproducible in writing. If the User is paying any fees to Brind in exchange for the right of using the Software (or its specific functionalities), one of the following principles shall apply upon termination:

1. If the termination of use takes place without cause, Brind will not return any fees to the User (including any fees paid in advance for the period following termination);

2. If the termination of use takes place due to Brind amending the price list, Brind will retain any fees paid for the period before the amended price list takes effect but will return to the User any fees paid in advance for the period following the application of the amended price list.

​

INDEMNIFICATION

​

The User agrees to indemnify, defend, and hold Brind, its affiliates, licensors and its respective officers, management board members, employees, shareholders, contractors, or representatives harmless from and against any claim and all claim or demand, including without limitation, legal fees, made in connection with or arising out of your use of the Services, your connection to the Services, your violation of the Terms, your violation of an applicable law, your submission, posting, or transmission of User Data to the Service, and/or your violation of any rights of another individual or entity. We reserve the right to assume the exclusive defense and control of such disputes, and in any event you will cooperate with us in asserting any available defenses.

​

WARRANTIES, DISCLAIMERS AND LIMITATION OF LIABILITY

​

The Services, and other information provided by or accessible from them are provided on an "as is" basis, without any warranty, representation, condition, or guarantee of any kind. This includes, but is not limited to, any implied warranties, representations, conditions, or warranties of quality and merchantability for a particular purpose, or non-infringement. All such warranties and representations are expressly disclaimed to the fullest extent permitted by law.

​

Brind assumes no responsibility for any actions or omissions of third parties, and shall not be held liable for any direct, indirect, incidental, special, consequential or punitive damages, arising from or in connection with the Services, its contents, your access to or use of the Services, your reliance on or download from the Services, or any delays or inaccuracies in the information or its transmission. Such damages may include, but are not limited to, loss of profits, use, data or other intangible assets, even if we were made aware of the possibility of such damages.

​

You acknowledge and agree that Brind shall not be liable for any consequential, incidental, indirect, special, punitive, or other loss or damage whatsoever, including but not limited to loss of business profits, business interruption, computer failure, loss of business information, or any other loss arising out of or caused by your use of or inability to use the Service, even if Brind has been advised of the possibility of such damage. Your sole and exclusive remedy for any dispute with Brind related to any of the Services shall be termination of such Service. In no event shall Brind's entire liability to you in respect of any Service, whether direct or indirect, exceed the fees paid by you towards such Service.

​

MISCELLANEOUS

​

Assignment: These Terms may not be assigned by the User without the prior written approval of Brind but may be assigned without the User’s consent by Brind to (i) a parent or subsidiary entity, (ii) an acquirer of assets, or (iii) a successor by merger. Any purported assignment in violation of this section shall be void.

​

Governing Law: While it may be accessed from various locations around the world, any matters related to the use of the Services shall be governed by the laws of the Republic of Estonia, without giving effect to its conflicts of laws principles, regardless of the jurisdiction from which the Services are accessed by a User.

​

Dispute Resolution: Any dispute, claim or controversy arising out of or relating to these Terms, or the breach, termination, enforcement, interpretation or validity thereof, shall be determined by Harju County court in Tallinn, Estonia.

​

No waiver: The failure of Brind to exercise or enforce any right or remedy in these Terms does not waive that right or remedy. If any provision of these Terms is found to be invalid or unenforceable, the parties agree that the court should endeavor to give effect, to the maximum extent permitted by law, to the parties’ intentions as reflected in the provision, and the other provisions of these Terms will remain in full force and effect.

​

Entire Agreement: These Terms (and all terms and conditions incorporated herein) constitute the entire agreement between you and Brind, and supersede any prior agreements between you and Brind on the subject matter.

​

QUESTIONS

​

If there are any inquiries or uncertainties regarding these Terms, please reach out to us through the email address info@brind.hu.