1. Identification of the parties
1.1 This document contains the General Terms and Conditions applicable to the purchasing and provision of the corresponding services related to the device called SMID (hereinafter, the “Terms”), established by Criptotec S.L. a Company incorporated under the laws of Spain, with VAT No. B86067493 and with home offices in Madrid (Spain), C/Zurbano 86, 1ºD. This document, including all the incorporated annexes and any specific or particular conditions or offerings, wholly constitute the applicable agreement between Criptotec, S.L. and You (“You” or the “CUSTOMER”).
1.2 The purchasing, installation, execution and use of the SMID equipment, as well as the download, execution or implementation of any computer program or updates provided by Criptotec S.L, constitutes the full and unconditional acceptance of this agreement by the CUSTOMER.
1.3 The CUSTOMER declares to be adult, having the legal capacity to accept this agreement, and that all the provided information is true, complete and accurate. If You hire the services on behalf of a company or legal person, You expressly declare and guarantee that You have the corresponding authorizations and/or enough powers to represent and bind such entity.
1.4 Criptotec S.L has a network of partners that provide commercial and/or technical support and services linked or related to SMiD, under these terms or other agreements or specific contracts that You may agree directly with the partner. In this latter case, any agreements or services linked or related with SMiD but not included in this conditions may be considered aside and not part of Your relation with Criptotec S.L. and this contract.
2. Service operation and technical requirements
2.1 SMiD is a hardware and software solution that enables the encryption of electronic communications and data in the cloud and/or locally. SMiD is offered in various operating modes according to the number of users, the volume of the stored data, and the CUSTOMER needs. In this sense, note that the scope, features and specific services included may vary depending on the mode of service requested by the CUSTOMER.
2.2 The SMiD operations necessarily require a data hosting service in external servers (clouds) or otherwise in local client servers, where SMiD remotely connects through Your internet connection or through Your local network, despite SMiD Pro and SMiD business versions including an internal memory to store a limited amount of data. This data storage service is not part of the SMiD service and not provided by Criptotec, S.L, so must be hired directly by the CUSTOMER and at his expense. Before the purchase or activation of SMiD, You must ensure that Your SMiD version supports your hosting provider. Additionally, if You are using external servers (clouds), You will need an Internet connection and Your SMiD connected to Your computer system in order to use Your SMiD and to send, receive, or in any way communicate with You. SMiD is supplied in a small box with a power cord, a network cable and a startup key. This startup key is unique for each device and it is essential to turn it on, so once You have the device in operation, You should remove and store it in a safe place, only accessible by You to turn on the device when necessary.
2.3 SMiD is Plug & Play but requires a minimal prior configuration, in order that Your computer system recognize the device and determine the operating parameters, among others, Your data storage provider or providers accounts. You must follow the indicated steps, despite You will be able to change the configuration later. Please note these settings may determine the encryption of Your files, the time where they will kept clear or in the trash bin before its final elimination, the users with access to Your files or other advanced options. The CUSTOMER should configure the device, except in the case of SMiD Corporate version, which requires the intervention of qualified technical support. Criptotec S.L. and/or its partners will provide all the necessary computer software needed for the SMiD operation. Do not install or configure any application or third party device with SMiD, and do not allow unauthorized people have control or access to it.
2.4 In order to access Your SMiD Control Panel, You will need to enter a username and a password. Besides that, all the encryption of electronic communications and data will be performed using AES (Advanced Encryption Standard), an internationally recognized symmetric encryption algorithm, and with 256-bit keys.
2.5 The loss or compromise of the password and/or the startup key could affect the security and confidentiality of Your files, so we recommend You contact Your dealer, partner or otherwise Criptotec, S.L directly, by any means indicated in smidcloud.com.
3. Intellectual Property
3.1 SMiD includes software or computer code developed specifically by Criptotec, S.L, as well as technical and usage documentation, images and other protected elements that may be protected according to intellectual property laws. Criptotec, S.L. grants to the CUSTOMER a non-exclusive, personal and not transferable license, without any geographical or temporal limitations, to use those elements, versions or upgrades incorporated by Criptotec. S.L. under this agreement.
3.2 The CUSTOMER agrees to use SMiD according to the law, this agreement and the generally accepted good conduct, and agrees to protect and safeguard the device and all its elements; being unable to assign or transfer any of the rights acquired under this agreement to a third person in any way, nor allow, except when indicated, its use by third persons; having prohibited to use SMiD for any other purposes than the sole satisfaction of the needs identified in this Terms. The CUSTOMER will not be allowed, including but not limited to: reverse engineer, modify, download, market, duplicate or transmit to any person or entity, partially or totally any of the elements or versions of the SMiD software.
3.3“SMiD”, “Encifra”, its logos and the domain names “smidcloud.com”, “encifra.net” or any other used in relation with SMiD are the propriety of Criptotec, S.L.. Reference may however be made to our names provided You indicate Criptotec, S.L. products, services or business, without involving the granting of any ownership rights or specific licenses. 3.4 Failure to comply the applicable regulations and this Terms will result in the exercise of the corresponding civil or penal actions for infringement of rights. In this case, regardless of the compensation due by previous acts, the CUSTOMER agrees to cover the costs that the exercise of the corresponding actions may lead, including the fees of defense and legal representation although their intervention is not mandatory.
3.5 The CUSTOMER will be liable to Criptotec, S.L. for any infringement by whom it depends and by any reason Criptotec, S.L. rights have been infringed.
4. Personal data protection
4.2 The CUSTOMER is responsible to ensure the confidentiality of its information used to access the Control Panel, as well as for acts performed using his/her username and password.
4.3 The CUSTOMER must provide internet access to SMiD in a reasonable way; this is required to perform the upgrades and maintenance of SMiD. You acknowledge and agree that if You do not provide reasonable access to the above, Criptotec, S.L. will be released to provide the services that depend on such access. When necessary, You must obtain the appropriate permissions from third parties to connect the Criptotec, S.L. services and have access to the corresponding resources.
4.4 The information or data stored on external hosting services or the internal SMiD storage memory are the sole responsibility of the CUSTOMER, who is obligated to manage them and the related files, as well as the fulfillment of the obligations and organizational or technical requirements legally required. Nevertheless, the encryption of electronic communications and data stored on external servers or the SMiD system enables the compliance of high-level security measures as established in the Spanish and European legislation on personal data protection.
4.5 Any data encrypted by a specific SMiD device can only be decrypted using the mechanisms and systems of such SMiD device. Criptotec, S.L. does not have access nor knows the content of the encrypted data, so in case of any loss, destruction or damage of the SMiD device You can only recover such data following the provisions indicated below.
5. Data Recovery
5.1 Encryption of data through SMiD uses an internally and randomlygenerated cryptographic keys, stored and managed within the SMiD to provide a high level of security. In order to ensure the reconstruction of a SMiD in case of failure or in case it becomes unavailable, You must run a process called “SMiD safeguard”, which is a management functionality. This operation generates a copy of your SMiD internal configuration and cryptographic keys that you can use to restore your SMiD in the event of an incident. You will need two high quality USB drives to perform the SMiD Safeguard. It should be performed as soon as possible. Once You start SMiD for the first time, You must execute this operation and introduce the two USB drives into the SMiD device, so it will generate the two components constituting the safeguard of that SMiD. Having completed the above, The USB drives should be stored in different and secure locations, since you cannot restore your SMiD with only one of the USB drives.. This process can be performed as often as the CUSTOMER deems necessary to have several pairs of USB drives to rebuild his SMiD.
5.2 The CUSTOMER should be aware that the only way to reconstruct the SMiD and recover, access and decrypt the encrypted data by the device, will be possible if the CUSTOMER has previously executed the “SMiD Safeguard” operation, in accordance with the instructions or manual provided. Also, the CUSTOMER must have the two USB drives with the data generated in the process. Otherwise, the data will be unrecoverable.
6. Support and Updates
6.1 Depending on the type of service contracted, it may include technical support for the configuration, assistance and troubleshooting related to the operation of SMiD, as well as updates of the internal software included in the device.
6.2 Technical support will be made by phone, mail or through specific IT tools set by Criptotec S.L. in accordance with the times and actions foreseen in the relevant support.
6.3 Criptotec, S.L. reserves the right to make, at any time, changes and updates to the service, its contents, configuration, availability and disposal, and this Terms, despite any previously acquired rights. Any change in the services offered and the Terms will be communicated by email, and the CUSTOMER accepts that his effective address is the indicated in the order, the offer or special conditions. Continuing the use of SMiD implies the full acceptance of the corresponding amendments.
7.1 Prices or quotas for purchasing Your SMiD device and other services depend on the mode or type of service and will be indicated in Your purchase order, offer and/or particular terms, broken down into price, taxes and shipping costs. Unless expressly indicated otherwise, the price indicated does not include the costs associated with recovery and replacement of Your SMiD device in case of destruction or damage.
7.2 The price must be paid in euros. The CUSTOMER accepts to pay the amounts shown as price or final installment, regardless any payment or transaction costs, currency exchange or any other third parties’ additional costs or requirements.
7.3 In case of failure to pay any amount at the corresponding date, Criptotec, S.L. has the right to suspend or terminate the service and / or the Agreement, despite any claim of the owed amounts and an interest consisting in the legal interest rate established annually by the Bank of Spain increased by two points, as well as bank fees and any penalties caused.
8. Liability and guarantees
8.1 Criptotec S.L. ensures that the SMiD solution allows the encryption of stored data according to the standard specified in the clause 2.4 of the Terms, as well as the transmission and retrieval of the data in external systems or the same device in accordance to these Terms.
8.2 Accordingly to the current state of the art, the encryption used in SMiD is considered to provide a very high security level and it is used to protect classified information by most of government agencies, banks and high security data systems worldwide. However, absolute and universal security is impossible; Criptotec S.L cannot guarantee or be liable if –hypothetically- the encryption solution is used in a vulnerable moment when facing a hacking attack. In any case, the encryption algorithms are constantly evolving and improving, and Criptotec, S.L. is compromised to make its best efforts to provide a highlevel solution at all times.
8.3 Nevertheless, Criptotec, S.L. will not be liable for any loss or damage, direct or indirect consequences or results (including without limitation, damages for loss of profits, business interruption, loss of data or any economic loss or damage) arising from the use or utilization of SMiD under this Terms, including in the event that Criptotec, S.L. has been noticed of the possibility of such damages, as well as the assumption of the previous paragraph. In the event that Criptotec, S.L. were found liable, the maximum liability of Criptotec, S.L. and appropriate compensation to the CUSTOMER for any damages or torts arising from this agreement shall be limited to the total amount paid by the CUSTOMER as price or fee over the past 12 months.
8.4 Criptotec, S.L. will not be liable in case of breach of any obligations or any general damage caused by third parties that may affect the operation, access and use of SMiD, including acts or omissions of a partner. The CUSTOMER acknowledges and agrees that the services, terms and conditions agreed with any suppliers, including partners, are aside of any relationship with Criptotec, S.L..
8.5 In case the SMiD device or any other device received by the CUSTOMER had not been paid, or otherwise in case of provisions stated in clause 9.3, we will understood that the device is given as a loan for use only under the Terms. The CUSTOMER will be responsible to the care and fair use of the device, and held liable by any accident, failure, malfunction or lost according to the value indicated in the offer or terms of service, or otherwise at market value. In case of termination of the agreement, the device must be returned to Criptotec S.L in perfect conditions, with all its necessary components, accessories documentation and packaging within a maximum period of one week.
9. Termination of the agreement
9.1 This agreement (Terms) may be terminated on reasons specified in Spanish legislation. In case of continuous supply of services, these Terms will have the duration specified in the order, offer and/or particular conditions, renewing automatically for equal time periods, unless it is terminated by legally established reasons and in the following scenarios: o In case of serious breach of the obligations of the parties, upon request from the breaching party, without prejudice to the claim for damages that may apply. o At the CUSTOMER’s request, in which case the effects of the termination will occur at the end of the period initially contracted or any of its extensions.
9.2 The termination of the agreement will not prevent the CUSTOMER from continued use of the SMiD device. However, in this situation the CUSTOMER will not have access to supporting services, maintenance or updates, and will not be able to demand or request the application of any liability, warranty, responsibility or compliance of any obligation attributed to Criptotec S.L, under the Terms. The CUSTOMER may keep the SMiD equipment and other devices or components that have been already purchased and fully paid. In all other cases, You must return the device in accordance with clause 8.5, unless the following clause is applied.
9.3 If the CUSTOMER has received the SMiD equipment or any other device or service with total or partially subsidized costs by Criptotec, S.L and/or its partners, and this agreement is terminated before its term, except in case Criptotec, S.L. breach its obligations, the CUSTOMER will be obliged to compensate Criptotec S.L and / or partners according to the value of the equipment, devices or services in proportion to the pending contract period.
10.1 The CUSTOMER acknowledges and agrees that the last email address provided to Criptotec S.L. will be used for the purposes of any required or authorized communication from Criptotec S.L according to the Terms. 10.2 Any waiver or concession from Criptotec, SL will not limit or affect any of its rights in case of a future breach of this agreement. 10.3 This Terms constitute the entire agreement between the parties regarding the indicated matter, and revokes and supersedes any other previous or contemporary agreement.
11. Applicable law and forum
This Terms shall be governed and construed in all its precepts according to Spanish legislation. Any disputes that may exist between the parties in relation to the provisions of the same will be referred to the Courts of Madrid (Spain), expressly renouncing any other jurisdiction that may apply. © Criptotec, S.L. Spain. All rights reserved