Service Order for the SiteLock product

Following are the specific contract conditions for every SiteLock solution purchased on

This Service Order (hereinafter "SO") is an integral and material part of the General Service Conditions (hereinafter "GSC") of S.p.A., (hereinafter, "the Company"). The GSC and this SO lay down the terms and conditions for the delivery of the service SiteLock (hereinafter "Service") by the Company to the Customer. The terms with capital initials in this SO have the same meaning as set out in the GSC. The commercial offer published online on the website is an integral part of these conditions.

1 –Description of the Service

The Service is activated by the Customer after he purchases by clicking on the purchase button on the dashboard, and involves the supply by the Company of an instrument allowing the Customer to perform safety auditing on his own website, to analyse its vulnerabilities and to remove such vulnerabilities, should the Service he has purchased allow for it.

The Company reserves the right to change the features of the service and/or transfer the Service to other platforms enjoying the same or higher quality, providing notice in writing thereof to the Customer.

The Service is provided with different solutions, each of which is defined by special technical features. Possible solutions appear up to date on the Company website, together with their technical differences and economic offer.

1.1 Information notice on data processing

The Service is provided by Sitelock LLc, an external provider which acts as autonomous data controller, located in the U.S. and registered in the Safe Harbor registry (

The Customer acknowledges and agrees that the Company acts exclusively as reseller of Sitelock LLC and that the use of the Service implies the access by Sitelock to personal data or to contents lead into the web by the Customer (i.e. for the delivery of reports as a result of the execution of the scan). This information is processed by Sitelock as autonomous data controller.

For further details we invite you to read the Sitelock Privacy Policy, visible at the following link: . When activating an account, Customer consent will be required to allow the Company to share some of your personal data with Sitelock. Only data that is strictly necessary to activate Service will be required, namely the Customer (email address and website name). Consent to the communication of personal data to Sitelock is voluntary, however, without it, it is not possible to provide you with the Service.

The Service is supplied by the Company according to the D.Lgv. 30 June 2003 n. 196, as described in the Privacy Disclosure published on the home page of the Company's website, that the Customer declares to have read and understood.

2 - Conditions of use of the Service

The Customer hereby acknowledges that he is only purchasing a non-exclusive licence, which cannot be transferred to third parties, to use the software, such licence being valid only for the duration signed by the Customer.

The Customer engages to use the Service in compliance with art. 8 of the GSC, with this SO and with any applicable prescription or regulation.
2.1 Association with a website

The Service is provided by the Company in reference to a single website chosen by the Customer at the time of first configuration (so-called "association"). Association with a website different from the one first established will be granted only on request to the technical office and will in any case be limited to no more than 3 times a year. Exceptions to this rule will be assessed by the Company on request by the Customer.

Unless there is evidence to the contrary, for the purposes of this ODS, it is presumed that the Customer may legitimately dispose of the website associated with the Service, as the owner or in any case as a party authorized by an entitled third party.

2.2 Activities carried out by SiteLock on the Customer's website

By purchasing the SiteLock product, the Customer authorizes SiteLock to:

a) use the credentials the Customer has set inside the SiteLock dashboard in order to deliver the Service (website scanning, automatic malware removal)
b) download the whole Customer website on its own servers in order to deliver the service (website scanning, monitoring modified/added/deleted files)
c) diagnose, solve and/or remove any malware or link to malware, change the code of the website in order to remove any identified vulnerabilities
d) contact Google, Phishtank or other malware listing authority in the name and on behalf of the Customer in order to remove the website from any blacklist on which it may appear

2.3 Service use rules

The Customer may not use the Service in such a way as to overload the delivery platforms of the Service. The Customer may not use any of the IP addresses or any the platforms through which the Service is delivered to launch any kind of attack on third party IP addresses, send unwanted internet messages to anyone, commit illegal deeds, transmit or save illegal data. Should the Customer - intentionally or by mistake - access any information not directly addressed to him, he must notify this breach to the Company and delete any copy which he may possess.

Throughout the extent and duration of this SO, the Customer must, at his own liability and charge:

a) use the Service for legitimate purposes only. By way of example only, the following are held to be illegitimate: i) breaking ordinary law and current regulations; ii) committing or enabling criminal actions; iii) instigating violence or racism; iv) breaching intellectual property rights or other rights of third parties; v) sending unauthorized or unrequested commercial notices; vi) breaking into or computers, software or networks; vii) intercepting, downloading, copying, interfering with, damaging or expropriating any system, data or personal information; viii) damaging websites or services of the Company or of third parties;
b) comply with any and every instruction which may be issued by the Company concerning appropriate and correct use of the Service.

The Company reserves the right to suspend the Service immediately, if - at its discretion or upon complaint by third parties - it believes that activities have been committed which break the law, imperative rules, decent behaviour, of this SO and/or of the GSC. In such case, after notice by the Company, the Customer must eliminate the cause of the complaint or submit proper documentation proving full compliance with current regulations in his activities. Should the Customer acquire the Service on behalf of third parties, he must inform such third parties concerning the reasons for suspension of the Service. The Company reserves the right to contact directly any third parties who are final users of the Service, should these contact the Company asking to have the Service restored. Should no immediate reply be received, the Company will have the right to cease delivering the Service without prejudice to its entitlement to full payment of the consideration due or to the Company's right to take legal steps for full reimbursement of any damage incurred.

2.4 Customer Liability

The Company has no control over or access to the data submitted for verification to the Service. Any liability arising from such data and contents shall fall entirely on the Customer. It is the exclusive liability of the Customer to properly preserve access credentials and take appropriate steps to prevent unauthorized access by third parties to the Service.

2.5 Company Liability

The Service will be available 24 hours a day seven days a week, except for any suspension due to upkeep work. The Customer takes note that the Service is provided "as is", without any warranty, explicit or implicit, of operation, holding the Company harmless for any liability in case of malfunction or loss of data or contents due to problems with Sitelock's software or to operations carried out by Sitelock on the IT systems and/or websites chosen by the Customer. The Company also shall in no case be held liable in case of malfunction of the Service due to reasons beyond its reasonable control, including by way of example only :

a) cases of force majeure;
b) events depending on actions by third parties such as, by way of example only, interruption or malfunction of telecommunications and/or power services;
c) malfunction of terminals or other communications systems employed by the Customer;

The Customer accepts and acknowledges that the Company will neither check nor monitor correct activation of the Service and may in no way be held liable in case of mistaken or failed activation of the Service. In any case, no liability on the part of the Company towards the Customer due to prejudice arising from this agreement may exceed the total amount actually paid by the Customer to the Company during the six months immediately preceding the arising of the event which determined the above mentioned prejudice.

2.6 Limitation of Sitelock's liability

The Customer acknowledges and accepts that in some circumstances, on the basis of the analysis of practices adopted by the Customer carried out by SItelock, a certain automatic or manual system which identifies vulnerabilities of the website or of the network i) may be invasive or intrusive as such, and include attempts by Sitelock or its agents to access - without permission - the IT Customer's system in order to make the Customer aware of areas in which the system is vulnerable to intrusions by unauthorized third parties, damage, unauthorized use, ii) may accidentally damage the Customer's system because of lack of consistency among network systems, iii) may generate an excessive number of log messages and give rise to an excessive consumption of disk space, iv) may cause degradation of the Customer's system due to an attempted penetration including, by way of example only, slowing down, suspension, blocking of the Customer's system, possible malfunction of the Customer's system as the result of an attempted invasion of such a system, or any other damage due to the use of invasive or intrusive techniques employed to gain access to the Customer's system. The Customer allows SItelock to get into the IT system of the Customer only in order to provide the contract assessment services. The Customer authorizes SItelock to carry out Security Audits on any device and IP specified by the Customer. The Customer acknowledges and accepts that Sitelock shall not be held liable for any delay or damaged caused by Sitelock's Services, including the Security Audits and activities under art. 2.2. The Customer furthermore explicitly acknowledges that Sitelock is not bound by any obligation, contract liability or guarantee in case of loss of profit or of data or because of any incidental, consequential or indirect damage, foreseen or foreseeable, unforeseeable or in any case due to use of the service, within the limits set by the law. Such limitations apply to any kind of complaint or request for action, including by way of example only, any arising from availability of the Service, from access by the Customer to third party services, contents or software and their use, as well as any other matter relating to the service.

2.7 Complaints

The Customer must notify any irregularity in the Service by return registered mail within 48 hours. Failure to do so will make the Company harmless for any liability.

3 - Duration

This SO, according to the choice made by the Customer during the purchase procedure or also later from his own dashboard, may last one or more years. Renewal at expiry may be automatic or manual.

3.1 Expiry with automatic renewal

In case of expiry with automatic renewal and payment by credit card, the consideration referred to in the following paragraph "Consideration and Payments" will be charged, in the terms provided for and at the conditions existing at the time of the renewal, as shown on the dashboard, directly by the Company to the Customer's credit card, after notice by e-mail. Should the Company fail to pay such a charge, the contract will not renew automatically and must be considered to have expired upon expiry of the term. In this case, the Customer may renew the Service following the manual renewal procedure.

In case of expiry with automatic renewal and payment using a system different from credit card, the Company, 20 days before expiry, after notice by email, will undertake the renewal and send the bill to the Customer who must pay in terms laid down therein. The bill and relevant payment instructions will be sent by surface mail to the address filed in the archives at the time of the order. Should the Customer fail to pay in the expected terms, the Company may at any time cut off delivery of the Service, without prejudice to the provisions of art. 6 of the GSC. In this case, any data present on the space made available with the Service will be deleted without any liability by the Company for preserving and/or saving such data.

3.2 Expiry with manual renewal

In case of expiry with manual renewal, the Customer may ask the Company - using the online procedure made available by the Company - to renew the Service with this SO for further and later periods in the terms appearing on the Customer's dashboard and at the technical and economic conditions current at the time of renewal of the Service and undertaking the renewal procedure. In case of failure to renew, in the manner and terms hereinabove, upon expiry the Service will cease to be delivered and this SO will cease to produce its effects by law, without need for any notice by the Company. In this case, any data present on the space made available with the Service will be deleted without any liability by the Company for preserving and/or saving such data .

3.3 Termination of the contract

In any case of termination of the effects of this contract and/or should the Conditions of use of the Service hereinabove cease for any reason, all the functions provided for in the offer will be deactivated.

4 - Price and Payments

The price of the requested Service is as indicated in the Offer. The Service is agreed upon from the time of payment of the price of the Service in the manner laid down in the offer. The price of the renewal will be the list price applied by the Company at the time the Customer makes his request, as it appears on the dashboard.