Qodea is now powered by Beyond. Learn more →

Product Specific Terms – Billing of Security Command Center Services

  1. Supplier Obligations:
    1. Supplier shall:
      1. provide Billing of Security Command Center Services for the Term;
      2. invoice the Customer in arrears at the end of each calendar month for the Subscription charges per month (as set out in the Ordering Document) incurred under the Subaccount in such month.
      3. may invoice Customer in arrears monthly for use of the Services in excess of the quantity set out above, which will be charged at the then current Google price list.  
      4. Notwithstanding the foregoing, during any Term, if the number of Workloads of Security Command Center consumed by Customer exceeds the quantity allocated for that Term, then for the remainder of that Term, the Supplier will invoice Customer monthly in arrears for Workloads (or partial Workloads) consumed in excess of the quantity set out above, during the previous month (“Overages”), as calculated at the unit price set out above. The fees for Overages will be invoiced in addition to Customer’s subscription charges per month.
  2. Customer Obligations:
    1. The Customer shall:
      1. not allow any other third party to benefit directly or indirectly from the Security Command Center Services.;
      2. agree to and comply with the Google Terms of Service;
      3. give consent for the Supplier to provide their contact details and / or their representatives contact details to Google to allow Google to use the details to communicate directly with them: (i) as is required to execute any non-standard orders (ii) for purposes related to the provisioning of the Services to the Customers’ account, including in relation to any product updates or security incidents; (iii) as required to ensure the Customer is notified of available options to maintain continuity in the provision of the Services; (iv) to conduct customer service and satisfaction surveys; and (v) to inform Customers about new or additional Google products related to the Services the Customer is using; 
      4. not use the Services in connection with any use involving High Risk Activities;
      5. not: (i) resell, distribute, supply, lease or allow another third party to use the Services (ii) use the Services or any Google documentation provided for any purpose other than as permitted hereunder; or (iii) adapt, alter, modify, decompile, translate, disassemble or reverse engineer any Services or any part thereof including the source code and any other underlying ideas or algorithms of the software forming part of the Services; 
      6. ensure use of the Services complies with the AUP and Service Specific Terms;
      7. use reasonable efforts to prevent and terminate unauthorised use of the Services and promptly notify the Supplier of any unauthorised use or access to the  Services of which the Customer becomes aware;
      8. comply with any Documentation that Google provides in support of the Customer’s use of the Services. The Documentation may specify restrictions on how the Applications may be built or how the Services may be used; 
      9. not: (i) copy, modify, create a derivative work of, reverse engineer, decompile, translate, disassemble, or otherwise attempt to extract any or all of the source code of the Services; (ii) create multiple Applications, Accounts, or Projects to simulate or act as a single Application, Account, or Project (respectively) or otherwise access the Services in a manner intended to avoid incurring Charges; (iii) unless otherwise stated in the Service Specific Terms, use the Services to operate or enable any telecommunications service or in connection with any Application that allows End Users to place calls or to receive calls from any public switched telephone network; or (iv) access or use the Services: to create, transmit, process or store any data that is subject to the International Traffic in Arms Regulations maintained by the Department of State,  on behalf of or for the benefit of any entity or person who is legally prohibited from using the Services, or to transmit, store, or process Protected Health Information (as defined in HIPAA) (unless both parties execute a HIPAA BAA);
      10. not disclose directly or through a third party, the results of any comparative or compatibility testing, benchmarking, or evaluation (each, a “Test”) of the Services, unless the disclosure includes all information necessary for Google or a third party to replicate the Test.  If the Customer conducts, or directs a third party to conduct, a Test of the Services and discloses the results directly or through a third party, then Google (or a Google directed third party) may conduct Tests of the Customer’s products or services (if the Customer or a Customer-directed third party conducted the Test). Google may disclose the results of any such Test of the Customer’s products or services (which disclosure will include all information necessary for the Customer or a third party to replicate the Test);
      11. obtain and maintain any required consents necessary to permit the processing of Customer Data under these Product Specific Terms;
      12. acknowledge that Google and the Supplier are independent contractors and the Supplier is not Google's agent or partner or in a joint venture with Google;
      13. indemnify the Supplier for any use of the Services in violation of the AUP; and
      14. provide the Supplier with all information and evidence required by Google TSS where there is a claim for Google service credit (in accordance with the Google SLA), in order for the Supplier to make a claim for service credit to Google for and on behalf of the Customer.
  3. General 
    1. Customer’s use of SCCE may consist of use on (i) Google Cloud Platform and (ii) infrastructure of other cloud providers (“Other Clouds”), in each case as designated by the SKUs ordered by Qodea or the Customer under the relevant Ordering Document. Pricing for Other Clouds is set forth at https://cloud.google.com/security-command-center/pricing  (the “SCCE Pricing Page”). On each anniversary of the Services Start Date for each SCCE on Other Clouds Order Term, Google will calculate the total number of assets (as defined at the SCCE Pricing Page) used in the preceding 12 months If the number of assets of SCCE on Other Clouds has increased relative to the number of assets of SCCE on Google Cloud Platform such that SCCE usage has increased to another “Size” (as defined at the SCCE Pricing Page), then upon Google’s request, the parties will enter into good faith conversations to execute a new Order Form that is commensurate with the increased usage of SCCE on Other Clouds. If the parties do not enter into a new Order Form within 90 days after Google’s request, then Qodea may terminate the SCCE Order Term(s) in this Order Form, in which case Customer will need to enter into a new Order Form to continue using SCCE under the Subaccount.
    2. The Charges are non-refundable and the Customer owes all Charges even if the Security Command Centre Services are not used by the Customer. Unused units may not be rolled over or banked across Terms.
    3. Customer agrees that the Supplier is authorised to send invoices to the Customer Affiliate on behalf of Customer, Customer agrees to remain fully liable for the payment of all invoices sent to such Customer Affiliate. The Customer Affiliate will be considered as acting solely as an agent for the receipt of invoices and will not be liable for any payments due under the relevant Ordering Document.. Any dispute or non-payment of invoices by the Customer Affiliate will not release Customer from its obligations to pay the charges to the Supplier.
    4. Google shall convert the Charges from US Dollars  into GBP £ sterling in accordance with the market conversion rates published by leading financial institutions, the Supplier shall pass the GBP conversion through to Customer when invoicing the Customer. 
    5. The Supplier may suspend the Billing of Security Command Centre Services and use of Security Command Centre Services if (i) Customer breaches its charges obligations; or (ii) Customer or End User breaches the SCC Documentation and Google suspends the Customers use of Security Command Centre Services. 
    6. Customer, the Supplier and Google are independent contractors with respect to the Billing of Security Command Centre Services. 
    7. If the Supplier becomes aware that the Customer has  violated the AUP, the Supplier may immediately suspend the Customer’s access and / or remove the relevant Customer Data. 
    8. Google will provide the Services in accordance with the applicable SLA (if any). To the extent permitted by law, the only remedies for failure to provide the Services in accordance with the applicable SLA are those stated in the SLA.
    9. The Service Specific Terms and Data Processing and Security Terms are incorporated by reference.
    10. Google is a processor, and the Customer is the controller of any such data, as the terms “controller”, “processed”, “processor” and “personal data” have the meaning given in the European Data Protection Legislation. 
    11. To the extent permitted by Applicable Law, Google shall have no liability for any damages whether direct, indirect, incidental or consequential arising from the Services provided to the Customer by the Supplier and Google disclaims all warranties with respect to the Services including warranties of merchantability, fitness for a particular purpose and non-infringement. 
    12. Google’s measurement of the Customer’s use of the Services is final.
  4. Definitions 
    1. The following definitions apply in these Product Specific Terms:

      AUP      : means the Google Acceptable Use Policy set out at: http://cloud.google.com/terms/aup, as amended by Google from time to time

      Billing of  Security Command Center Services:       means the provisioning and fee collection for Customers use of the Security Command Center.

      Customer Data:       means data provided to Google by or on behalf of the Customer.

      Documentation:       means the Google documentation (as may be updated from time to time) in the form generally made available by Google to its customers for use with the services at:  https://cloud.google.com/docs/. 

      GCP Service Specific Terms:       means: https://cloud.google.com/cloud/terms/service-terms (as updated from time to time).

      GCP Terms of Service:       means: https://cloud.google.com/terms/ (as updated from time to time).

      Google Terms of Service:       means those terms of service that govern use of the applicable Services and that must be agreed directly between the Customer and Google or otherwise passed through to the Customer by these Product Specific Terms, including but not limited to the GCP Terms of Service and the GCP Service Specific Terms.

      High Risk Activities:       means uses such as the operation of nuclear facilities, air traffic control or life support systems where the failure of the Services could lead to death, personal injury or environmental damage.

      HIPAA:       means the Health Insurance Portability and Accountability Act of 1996 as it may be amended from time to time and any regulations issued under it.

      Security Command Center Services:       means Google Cloud's centralised vulnerability and threat reporting service. Security Command Center provides asset inventory and discovery and allows you to identify misconfigurations, vulnerabilities and threats, helping you to mitigate and remediate risks, as described at https://cloud.google.com/terms/services as amended from time to time. 

      SLA:        means each of the then-current service level agreements at: https://cloud.google.com/terms/sla/.

      Units:       means the units by which use of a Service is measured (e.g., End User, API call, Certificate, etc.). For Security Command Center Enterprise, “Units” means Workloads, as further described at https://cloud.google.com/security-command-center/pricing (“SCCE Pricing Page”).