Digitally accepted and governed by the laws of England and Wales.
Continued access, installation, or use constitutes acceptance.

This Agreement takes effect from the Effective Date shown on the applicable Order Form or Invoice. No physical or electronic signature is required. Any electronic acceptance or signature shall be deemed valid and enforceable in accordance with the Electronic Communications Act 2000 (UK) and Regulation (EU) No 910/2014 (eIDAS), as retained in UK law.

1. Definitions

"Agreement" means this End User Licence Agreement.

"Software" means the Rebasoft software, modules, and components identified in any quotation, order form, or invoice issued by Rebasoft Limited.

"Documentation" means any technical or user materials supplied with the Software.

"Order Form" means any quotation, proposal, or invoice issued by Rebasoft and accepted by the Customer.

"Customer" means the organisation identified in the Order Form.

"Authorised User" means any employee, contractor, or consultant authorised by the Customer to use the Software within its internal business operations.

"Licence Term" means the period specified on the Order Form, being one (1) to five (5) years.

"Effective Date" means the date the Customer accepts a quotation, order form, or invoice, or the date of first use, whichever is earlier.

"Fees" means all charges payable to Rebasoft for the Software and related services.

"Partner" means any authorised Reseller, Managed Service Provider (MSP), or Managed Security Service Provider (MSSP) that installs, operates, or manages the Software for one or more Customers. Each Partner is jointly and severally bound by this Agreement and must hold a current written Partner Agreement or authorisation with Rebasoft.

"Software as a Service (SaaS)" means access to the Software hosted by or for Rebasoft, provided over the internet for the Licence Term.

"Customer Data" means all information entered or uploaded by the Customer or its users into the Software.

"Environment" means the Customer's IT infrastructure, systems, networks, connected devices, and interfaces with third-party services.

"Affiliate" means any entity that directly or indirectly controls, is controlled by, or is under common control with a party, where "control" means the ownership of fifty percent (50%) or more of the voting securities or other ownership interests, or the power to direct the management and policies of such entity.

"Rebasoft Competitor" means any entity that develops, markets, sells, or provides products or services that directly compete with or are substantially similar to Rebasoft's solutions offering.

"System Data" means anonymised, aggregated telemetry data, usage statistics, performance metrics, and technical diagnostic information collected by the Software that does not identify the Customer or contain Customer Data.

2. Grant of Licence

2.1 Rebasoft grants the Customer a non-exclusive, non-transferable, non-sublicensable right to use the Software and Documentation solely for its internal business operations, including security monitoring and reporting, during the Licence Term.

2.2 The Software may not be used to provide commercial managed services or multi-tenant hosting without Rebasoft's prior written consent.

2.3 If the Software is deployed or managed by a Partner, both Partner and Customer are jointly and severally responsible for compliance.

2.4 Licence scope is limited to the number of devices, assets, or users specified in the Order Form.

2.5 Unauthorised duplication, sharing, or distribution of licence keys constitutes a material breach under the Copyright, Designs and Patents Act 1988.

2.6 Reverse engineering, decompilation, or disassembly for interoperability may only be carried out with Rebasoft's prior written consent and strictly in accordance with Section 50B CDPA 1988.

3. Ownership and Feedback

All intellectual-property rights in the Software and Documentation remain the exclusive property of Rebasoft. No title or ownership passes to the Customer.

Any feedback, ideas, or suggestions provided by the Customer may be used freely by Rebasoft for product improvement without restriction, obligation, or attribution.

Rebasoft retains all rights to collect, use, and analyse System Data for the purposes of improving the Software, developing new features, enhancing security capabilities, and conducting research and analytics. System Data shall not include any Customer Data or personally identifiable information. Rebasoft may share aggregated, anonymised System Data with third parties for industry research purposes.

4. Restrictions

The Customer and any Partner shall not:

(a) copy, modify, translate, or create derivative works of the Software;

(b) reverse-engineer, decompile, or disassemble the Software except as permitted by law and with Rebasoft's written consent;

(c) rent, lease, sell, sublicense, or provide the Software to third parties;

(d) use the Software beyond the authorised scope;

(e) remove or obscure any proprietary notices, logos, or trademarks; or

(f) permit any Rebasoft Competitor to access, use, view, evaluate, or receive demonstrations of the Software or Documentation, or to obtain any information regarding the Software's functionality, performance, features, or technical architecture; or

(g) conduct, publish, or disclose any benchmark tests, performance comparisons, or competitive analyses of the Software without Rebasoft's prior written consent. Any approved benchmarks must follow Rebasoft's standardised testing methodology and be submitted for review before publication.

5. Term and Renewal

5.1 This Agreement begins on the Effective Date and continues for the Licence Term.

5.2 Rebasoft shall notify the Customer at least thirty (30) days prior to expiry regarding renewal options, including any changes to Fees or terms.

5.3 The Customer may elect not to renew by providing written notice to Rebasoft at least thirty (30) days prior to expiry. If no such notice is received and the Customer continues to use the Software after expiry, such continued use is deemed acceptance of a renewal for an equivalent period at Rebasoft's then-current rates.

5.4 Renewal invoices are deemed accepted upon continued use or failure to uninstall within thirty (30) days of expiry.

5.5 Rebasoft may adjust renewal Fees in line with its current price list, available on request, provided such adjustments do not exceed ten percent (10%) per annum unless separately notified under Clause 5.2.

5.6 Licences are non-cancellable and committed for the full Licence Term.

5.7 For clarity, this Clause 5 does not apply to any Evaluation Use governed by Appendix A (Evaluation Use Terms).

6. Payment Terms

6.1 Fees are payable annually in advance (or as stated on the Order Form).

6.2 Payment terms are strictly thirty (30) days from invoice date, unless otherwise agreed in writing.

6.3 Fees are non-refundable, non-cancellable, exclusive of VAT, and payable without set-off or deduction.

6.4 Rebasoft may suspend or terminate access for non-payment and charge statutory interest under the Late Payment of Commercial Debts (Interest) Act 1998.

6.5 Payment obligations apply jointly and severally to both Customer and Partner.

6.6 If a force-majeure event prevents Rebasoft from providing SaaS for more than thirty (30) consecutive days, Rebasoft may, at its sole discretion, issue a pro-rata service credit for the affected period without waiving future rights.

7. Partner Obligations

7.1 Any Partner installing, operating, or managing the Software is bound by this Agreement and is jointly and severally liable with the Customer for compliance.

7.2 Each Partner must hold a written Partner Agreement or authorisation from Rebasoft limited to approved Customers, instances, and usage metrics.

7.3 Each licence key may be used only for the authorised Customer. Duplication, reuse, or application beyond that scope is a material breach. Rebasoft may immediately suspend or terminate access, deactivate keys, and seek injunctive relief without prejudice to other remedies.

7.4 Partners must not operate the Software as a multi-tenant service without Rebasoft's written consent and commercial terms.

7.5 Partners must maintain accurate deployment records and provide them within five (5) business days of request.

7.6 Rebasoft may audit Customer or Partner use on not less than ten (10) business days' notice, no more than four times every twelve (12) months unless breach is suspected. If unlicensed use or under-payment exceeding five percent (5%) is found, the Customer and/or Partner shall pay all underpaid Fees plus interest and reasonable audit costs.

7.7 Partners must maintain appropriate technical and organisational measures to protect licence keys and Customer Data.

7.8 Partners must include back-to-back obligations in their customer agreements, enabling Rebasoft to enforce rights directly.

7.9 Partners shall comply with all applicable export-control and sanctions laws.

7.10 Partners shall indemnify and hold Rebasoft harmless from all losses arising from breach or misuse of the Software.

7.11 Each Partner must maintain and provide evidence upon request of (a) professional indemnity insurance with a minimum coverage of £1,000,000 per claim, and (b) cyber liability insurance with a minimum coverage of £1,000,000 per claim and in the aggregate, in each case with a reputable insurer. Such insurance must remain in force throughout the Partner's authorisation period and for twelve (12) months thereafter.

8. Support and Maintenance

8.1 Rebasoft provides support and updates as set out in the Order Form or Support Policy.

8.2 Rebasoft may enhance, modify, or replace components provided that overall functionality remains materially equivalent.

8.3 Where SaaS is provided, Rebasoft shall operate and maintain the environment with reasonable care and skill. Temporary interruptions for maintenance or external events are not a breach. No guaranteed uptime applies unless defined in a Support Policy or SLA Addendum.

8.4 The Customer is responsible for credential security, internal controls, and Customer Data accuracy.

8.5 Rebasoft will use reasonable efforts to protect Customer Data, but is not responsible for recovery beyond routine backups. The Customer must maintain independent backups.

8.6 Availability targets and maintenance windows are as defined in any Support Policy or SLA Addendum.

8.7 A current list of open-source software components incorporated into the Software, together with their applicable licences, is available at www.rebasoft.net/open-source and is updated periodically. The Customer acknowledges that use of such components is subject to the terms of their respective licences.

9. Warranties

9.1 Except as stated here, the Software and services are provided "as is."

9.2 For ninety (90) days from first use or delivery, the Software will perform substantially in accordance with the Documentation when properly used.

9.3 Rebasoft's sole obligation and the Customer's exclusive remedy are repair, replacement, or refund of the affected Software; any refund is pro-rated for unused Licence Term.

9.4 For SaaS, Rebasoft warrants services will be provided with reasonable care and skill; any uptime commitment is as set out in an SLA Addendum.

9.5 These warranties do not apply to defects from misuse, unauthorised modification, unsupported environments, or beta features.

9.6 All other warranties, conditions, or representations, express or implied, are excluded to the fullest extent permitted by law.

9.7 Rebasoft makes no warranty regarding third-party open-source components beyond applicable licence obligations. A schedule of open-source components is maintained at www.rebasoft.net/open-source.

9.8 Software is designed to enhance cybersecurity posture but does not guarantee protection against all threats, vulnerabilities, or attacks. Rebasoft will use commercially reasonable efforts to avoid introducing malicious code but does not warrant the Software is vulnerability-free or that it will detect, prevent, or remediate all security incidents, malware, ransomware, zero-day exploits, or advanced persistent threats. Cyber threats evolve continuously, and no security solution can provide absolute protection. The Customer acknowledges that security effectiveness depends on proper configuration, timely updates, layered defences, and the broader security practices of the Customer's Environment. Rebasoft disclaims all liability for security breaches, data loss, or system compromise except to the extent caused by Rebasoft's wilful misconduct or fraud.

9.9 IP indemnity does not apply to claims arising from Customer or Partner modification, combination with third-party products, or use of outdated versions.

10. Termination and Notice

10.1 Either party may terminate for material breach not remedied within thirty (30) days of written notice.

10.2 Rebasoft may terminate immediately for non-payment, unauthorised use, licence circumvention, security violation, or insolvency.

10.3 If the Customer ceases use or gives notice, all contracted payments remain due unless termination results from Rebasoft's unremedied breach.

10.4 Upon termination, the Customer must cease use, delete all copies, and pay all outstanding Fees. If termination is due to Rebasoft's unremedied breach, a pro-rata refund for unused months applies.

10.5 Notices must be served by email to support@rebasoft.net or to the Customer's registered address, or by registered post to the party's registered office.

10A. Dispute Resolution

10A.1 Prior to commencing legal proceedings, either party may invoke a structured escalation process by providing written notice to the other party identifying the dispute and requesting senior management escalation.

10A.2 Within fourteen (14) days of such notice, senior executives from each party (at director level or above) shall meet in good faith to attempt resolution of the dispute.

10A.3 If the dispute remains unresolved thirty (30) days after the initial notice under Clause 10A.1, either party may refer the matter to mediation under the Centre for Effective Dispute Resolution (CEDR) Model Mediation Procedure. The parties shall share the costs of mediation equally unless otherwise agreed.

10A.4 Nothing in this Clause 10A shall prevent either party from seeking urgent injunctive or equitable relief from a court of competent jurisdiction where immediate action is necessary to prevent irreparable harm.

11. Confidentiality

Each party shall keep the other's confidential information secret and use it only for this Agreement. Obligations last for five (5) years or as long as the information remains confidential, whichever is longer.

12. Data Protection

12.1 Rebasoft shall process personal data in accordance with UK GDPR and the Data Protection Act 2018.

12.2 Where Rebasoft acts as Processor, it shall do so under its Data Processing Addendum (DPA) available at www.rebasoft.net/dpa. The DPA is incorporated by reference and forms part of this Agreement. Rebasoft may update the DPA to maintain compliance and will publish the current version at that URL.

12.3 Each party shall act as Controller or Processor as defined by UK GDPR, depending on data flow and purpose.

12.4 Rebasoft will not transfer personal data outside the UK without appropriate safeguards.

12.5 Each party shall implement appropriate technical and organisational measures.

12.6 Breach notification: Rebasoft shall notify the Customer without undue delay after becoming aware of a personal-data breach affecting Customer personal data and provide information necessary for the Customer's regulatory notifications.

12.7 Data Subject Rights

Rebasoft shall assist the Customer, to the extent reasonably practicable and in accordance with applicable data protection laws, in fulfilling its obligations to respond to requests from individuals exercising their rights under privacy legislation. These rights may include, where applicable, access, rectification, erasure, restriction, portability, objection, and rights related to automated decision-making.

Where Rebasoft acts as a Processor or Service Provider, the Customer shall be responsible for verifying the identity and validity of such requests and providing Rebasoft with appropriate instructions. Rebasoft shall not respond directly to any individual request unless legally required to do so, in which case it shall notify the Customer promptly unless prohibited by law.

Any assistance provided by Rebasoft in relation to data subject requests may be subject to reasonable fees where permitted by applicable law or contract. Rebasoft shall maintain appropriate technical and organisational measures to support compliance with these obligations.

13. Indemnity

13.1 The Customer and Partner indemnify Rebasoft against all losses and costs arising from misuse of the Software or breach of this Agreement.

13.2 Rebasoft indemnifies the Customer against third-party IP claims alleging that unmodified Software infringes rights, provided the Customer promptly notifies Rebasoft and allows control of defence. Rebasoft may procure continued use, modify the Software, or terminate the affected licence with a pro-rata refund.

13.3 This indemnity excludes claims arising from circumstances in Clause 9.9.

14. Limitation of Liability

14.1 Rebasoft's aggregate liability per claim (or series) shall not exceed the Fees paid in the preceding twelve (12) months.

14.2 Rebasoft is not liable for indirect, consequential, or special loss, including profit, data, or business interruption.

14.3 Nothing limits liability for death or personal injury due to negligence or fraud.

14.4 Rebasoft has no liability for issues caused by Customer environment, Partner actions, internet failure, or external cyber events.

14.5 Liability for breach of confidentiality or data-protection obligations is capped at the Fees paid in the preceding twelve (12) months.

15. Audit Rights

Rebasoft may audit use on ten (10) business-days' notice, no more than once every twelve (12) months unless breach is suspected. The Customer shall pay any under-licence fees identified, and where under-payment exceeds five percent (5%), shall also pay Rebasoft's reasonable audit costs.

16. Intellectual-Property Enforcement

Rebasoft may seek injunctive or equitable relief without proof of damage for any IP breach. All trademarks and logos remain Rebasoft's property.

17. Force Majeure

Neither party is liable for failure or delay caused by events beyond reasonable control, including natural disasters, epidemic, pandemic, war, terrorism, industrial dispute, supplier failure, power or network outage, governmental restriction, or widespread cyber incident.

18. Assignment

Neither party may assign rights or obligations without prior written consent, except Rebasoft may assign to an Affiliate or in connection with merger or sale of its business.

19. Compliance with Laws

Each party shall comply with all applicable laws and regulations, including export-control, anti-bribery, modern-slavery, and data-protection laws.

20. Non-Solicitation

The Customer and Partner shall not solicit or employ any Rebasoft employee or contractor involved in this Agreement during the Licence Term and for twelve (12) months thereafter without Rebasoft's written consent. Liquidated damages = six (6) months of the employee's gross annual remuneration.

21. Severability

If any provision is held invalid or unenforceable, the remainder shall remain in full force.

22. Survival

Clauses on payment, confidentiality, limitation of liability, data protection, audit, and IP ownership survive termination or expiry.

23. Governing Law and Jurisdiction

Governed by and construed in accordance with the laws of England and Wales. Rebasoft may enforce this Agreement in any jurisdiction where the Customer or Partner operates, without prejudice to proceedings in England and Wales.

24. Governing Language

This Agreement is drafted and interpreted in English; translations are for convenience only.

25. Entire Agreement and Acceptance Mechanisms

25.1 This Agreement constitutes the entire understanding between the parties and supersedes all prior proposals or communications. No amendment is valid unless in writing and agreed by both parties or effected under Clause 25.5.

25.2 Each Order Form and invoice issued by Rebasoft references this EULA by version number and publication date, forming part of the binding contract.

25.3 Acceptance and version control
(a) Acceptance occurs by: (i) click-through assent within Rebasoft's portal or installer; (ii) payment of invoice or execution of an Order Form referencing this EULA; or (iii) installation, access, or continued use of the Software.
(b) The version effective at the Effective Date governs for the Licence Term unless replaced by express acceptance of a later version.
(c) Rebasoft may update this EULA to reflect legal or operational changes. Material changes reducing Customer rights require thirty (30) days' notice by email or posting at www.rebasoft.net. Continued use after notice constitutes acceptance.

25.4 Each party acknowledges it has not relied on any statement or representation not expressly set out herein.

25.5 Updates to this Agreement

25.5.1 Rebasoft may update or modify this Agreement, including any Appendix or incorporated policy, from time to time to reflect changes in law, technology, or business practices.

Appendix A — Evaluation Use Terms (Proof of Concept / Proof of Value)

These Evaluation Use Terms apply only where Rebasoft Limited ("Rebasoft") has expressly authorised a Proof of Concept, Proof of Value, or other evaluation deployment (together, "Evaluation Use"). In all other circumstances, the standard terms of the Rebasoft End User Licence Agreement v4.0 (December 2025) ("Agreement") apply exclusively.

If there is any inconsistency between this Appendix A and the body of the Agreement during an Evaluation Use, this Appendix A shall prevail.

A1. Evaluation Purpose and Duration

1.1 Evaluation Use is provided solely for the Customer's internal testing, assessment, or validation of Rebasoft's Software and related materials for a limited period not exceeding thirty (30) days, or such other period expressly agreed in writing by Rebasoft.

1.2 The Evaluation Use shall automatically terminate on the earlier of (a) expiry of the agreed period or (b) notice from Rebasoft.

A2. Licence and Operation

2.1 Rebasoft grants the Customer a temporary, non-exclusive, non-transferable right to install and operate the Software solely for the Evaluation Use.

2.2 The Customer may install and operate the Software within its live production or enterprise domain to the extent reasonably necessary to evaluate functionality, performance, or reporting outcomes.

A3. Risk Allocation and Indemnity

3.1 The Software and all related materials are provided "as is" and without warranty of any kind, whether express, implied, or statutory. Rebasoft disclaims all implied warranties of merchantability, fitness for a particular purpose, and non-infringement.

3.2 The Customer assumes all risk arising from installation or operation of the Software in any environment, including any interruption, degradation, or loss of data or network performance.

3.3 The Customer shall indemnify, defend, and hold Rebasoft harmless from and against all claims, damages, losses, liabilities, costs, and expenses (including reasonable legal fees) arising from or related to its Evaluation Use of the Software, except to the extent caused by Rebasoft's wilful misconduct or fraud.

A4. Fees and Conversion

4.1 No licence fees are payable for an Evaluation Use unless otherwise agreed in writing.

4.2 If the Customer continues to use the Software after the Evaluation Use period, such continued use shall automatically convert to a full Subscription Licence under the Agreement at Rebasoft's then-current list rates, and the Customer shall be invoiced accordingly.

A5. Termination and Removal

5.1 Rebasoft may suspend or terminate the Evaluation Use at any time without liability or notice.

5.2 Upon expiry or termination, the Customer must immediately cease all use of the Software, remove it from all systems, delete any related data or copies, and confirm such deletion to Rebasoft in writing within ten (10) days.

A6. Confidentiality and Data Protection

6.1 The confidentiality, intellectual-property, audit, and data-protection obligations of the Agreement apply in full during and after any Evaluation Use.

6.2 If Customer Data or personal data is processed during the Evaluation Use, such processing shall be subject to the Data Processing Addendum referenced in Clause 12 of the Agreement.

A7. Limitation of Liability

7.1 To the maximum extent permitted by law, Rebasoft's aggregate liability arising from an Evaluation Use shall be limited to £1,000.

7.2 Rebasoft shall not, in any circumstances, be liable for any indirect, special, or consequential loss or damage (including loss of profits, revenue, data, or goodwill) arising from or in connection with any Evaluation Use.

End of Appendix A

Appendix B — SaaS Service Terms

These SaaS Service Terms apply where Rebasoft provides the Software as a hosted or cloud-based service ("SaaS Service") rather than as a locally installed deployment.

B1. Service Delivery

1.1 Rebasoft shall host and operate the SaaS Service in a professionally managed environment using reasonable care and skill.

1.2 The SaaS Service may include routine maintenance and updates, which may cause temporary interruptions.

1.3 Rebasoft may modify, enhance, or replace components of the SaaS Service at any time provided overall functionality remains materially equivalent.

B2. Availability

2.1 Rebasoft targets 99.0% availability over any rolling 12-month period, excluding (a) scheduled maintenance, (b) emergency maintenance, (c) outages caused by third-party providers, or (d) events outside Rebasoft's reasonable control.

2.2 No uptime guarantee is implied beyond this target unless stated in a signed SLA Addendum.

B3. Maintenance Windows

3.1 Routine maintenance may occur between 20:00 and 06:00 (UK time) or during agreed maintenance windows.

3.2 Rebasoft will use reasonable endeavours to notify the Customer of any planned downtime at least 24 hours in advance.

B4. Data Protection and Backup

4.1 Rebasoft performs regular system-level backups and retains them for a minimum of seven (7) days.

4.2 The Customer remains responsible for maintaining independent backups of its Customer Data and for ensuring that no sensitive data categories are uploaded unless contractually authorised.

4.3 All processing of personal data is governed by the Data Processing Addendum referenced in Clause 12 of the Agreement.

B5. Service Credits

5.1 If measured availability falls below 98.0% for any calendar month (excluding the exceptions in 2.1), the Customer may request a service credit equal to 5% of that month's SaaS Fees.

5.2 Service credits are the Customer's sole and exclusive remedy for SaaS downtime or unavailability and shall not exceed one month of SaaS Fees in any 12-month period.

B6. Security

6.1 Rebasoft implements appropriate technical and organisational measures to protect Customer Data from unauthorised access or disclosure, aligned with ISO 27001 controls.

6.2 Rebasoft may suspend the SaaS Service where necessary to prevent or contain a security threat.

B7. Termination of SaaS Service

7.1 Upon termination or expiry of the Agreement, Rebasoft will provide the Customer, upon written request within 30 days, with a final export of available Customer Data in a mutually agreed format.

7.2 After that period, Rebasoft may delete all Customer Data from its systems in accordance with its data-retention policies.

End of Appendix B