Ransomware Terms of Service
Please read the following Terms and Conditions (this “Agreement”) closely before using our services. If you do not agree with any part of this Agreement, YOU MUST NOT USE THIS SITE OR OUR SERVICES.
The client (hereafter “you”, “the client”, “your”) authorizes Proven Data (hereafter “Proven Data”, “we”, “our”, or “us” or “PD”), its officers, employees, contractors and subcontractors, to access your computer equipment, including its storage media, and conduct an evaluation of your storage media to determine the nature of the damage, determine recoverability and provide an estimate of recovery cost and timing. By executing our Approved Recovery Efforts Authorization form (the “Authorization”) the client also authorizes Proven Data to take any and all available efforts and measures necessary to recover data from such media and equipment.
The client is the owner of the computer equipment to which the client is providing access, or otherwise has the right to act on the owner’s behalf, including the right to transmit all data contained therein to Proven Data.
BEFORE PROVIDING YOUR TEAMVIEWER ID TO PD, CAREFULLY READ THIS AGREEMENT INCLUDING THE LIABILITY DISCLAIMER BELOW. BY PROVIDING YOUR TEAMVIEWER ID YOU ARE (1) REPRESENTING THAT YOU ARE OVER THE AGE OF 18 AND HAVE THE CAPACITY AND AUTHORITY TO BIND YOURSELF AND/OR YOUR EMPLOYER, AS APPLICABLE, TO THIS AGREEMENT INCLUDING THER LIABILITY DISCLAIMER BELOW; AND (2) CONSENTING ON BEHALF OF YOURSELF AND/OR AS AN AUTHORIZED REPRESENTATIVE OF YOUR EMPLOYER, AS APPLICABLE, TO BE BOUND BY THIS AGREEMENT AND SUCH DISCLAIMER. Our services are provided at your sole risk. You hereby request a remote evaluation by a PROVEN DATA technical support representative through a remote connection to your computer. You understand that by requesting such evaluation, you will be providing PD technical support personnel with access to and control of your computer. In addition, you will be providing PD technical support personnel with access to files that reside on your computer. In order to provide the services, PD’s technical support personnel may require sample files that have been encrypted by a ransomware virus. You understand and agree that PD may download files from your computer for the purpose of conducting the analysis of such ransomware virus.
PD’S LIABILITY AND THE LIABILITY OF ITS VENDORS AND LICENSORS SHALL BE LIMITED TO THE TOTAL AMOUNT PAID BY YOU TO PD FOR ITS SERVICES. PD AND ITS VENDORS AND LICENSORS MAKE NO WARRANTIES OF ANY KIND WITH REGARD TO THE SERVICES PROVIDED HEREUNDER, INCLUDING ANY IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. IN NO EVENT SHALL PD OR ITS VENDORS OR LICENSORS BE LIABLE FOR (i) ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR (ii) ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE PROVISION OF OUR SERVICES EVEN IF PD HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. YOU AGREE THAT YOU HAVE SOLE RESPONSIBILITY FOR YOUR SOFTWARE AND PD CANNOT ASSURE YOU IN ANY MANNER THAT YOUR SOFTWARE WILL BE OR REMAIN FUNCTIONAL AFTER DECRYPTION OR OTHER RESTORATION OF YOUR DATA.
Proven Data may create or utilize its own proprietary utilities depending on the ransomware variant. You agree that you will not distribute or sell Proven Data’s decrypters to third parties or utilize them outside the scope of the service you are inquiring about.
PARTNERS & RESELLERS OF OUR SERVICES:
PROVEN DATA ALWAYS DISCLOSES THAT IT IS PAYING RANSOM ON BEHALF OF OUR CLIENTS. ALL PARTNERS AND RESELLERS OF OUR SERVICES MUST MAKE THE SAME DISCLOSURE TO THEIR CLIENTS. AS SUCH, YOU HEREBY COVENANT AND AGREE THAT YOU SHALL DISCLOSE TO YOUR CLIENT(S) THE MANNER IN WHICH ALL SERVICES ARE TO BE PROVIDED, INCLUDING BUT NOT LIMITED TO THE PAYMENT OF ANY AND ALL RANSOM DEMANDS. YOU FURTHER AGREE TO USE BEST EFFORTS TO ENSURE THAT ALL SERVICES PROVIDED ARE IN COMPLIANCE WITH THE LAWS OF THE UNITED STATES OF AMERICA AS WELL AS THOSE OF ANY COUNTRY WHERE YOUR COMPANY OR CLIENTS RESIDE.
Waiver and Release:
You understand and acknowledge that the provision of data recovery services by PD could result in damage to your computer equipment and any and all data stored therein, third party actions, disruption of your business operations or other loss, liability or damages. You, on your own behalf and on behalf of any and all successors and assigns, hereby voluntarily agree to release, waive, discharge, hold harmless, defend and indemnify the Company, its owners, officers, employees, licensors and contractors from any and all claims, actions, losses or liabilities for damages of any kind, including loss of data, injury to property and lost revenue, that may arise in connection with the Company’s services. You represent that you have independently investigated the advisability of using PD’s services and the possible risks involved in using such services. You agree to maintain your own insurance covering such risks and will look solely to such insurance for reimbursement of any resulting damages. You also represent that you have read this entire waiver and liability release, that you fully understand it and that you intend to relieve PD, its officers and employees and its successors and assigns from any and all liability for personal injury, loss of property or property damage caused by the negligence of any person or any other cause. Any dispute, claim, or controversy arising out of or relating to the foregoing waiver and release shall be determined by arbitration in New York County, State of New York before a single arbitrator having experience with data recovery services. The arbitration shall be administered by JAMS pursuant to JAMS’ Streamlined Arbitration Rules and Procedures.
We will protect the confidentiality of your data against unauthorized disclosure using the same degree of care used to protect our own confidential information. You acknowledge, however, that our officers, employees, contractors, accountants and attorneys (“Representatives”) may need access to such data. Thus you agree that we may disclose confidential data to our Representatives, provided that they are under a similar obligation to keep such data confidential. You also agree that we may disclose your confidential data when such disclosure is required by law, regulation or other governmental requirements.
Use of Information:
Proven Data collects non-identifiable customer information regarding the ransomware / cyber incident. Proven Data will use this information to understand the full scope of the incident, and quoting purposes. Additionally, this data may also be used for threat intelligence and analytics. This does not include any files on your system. The client understands and acknowledges the use of this information.
Communication With Hackers:
PD may engage in communication with perpetrators who have hacked your systems. We may ask the perpetrators to decrypt a sample file that will be provided by you. Any files that you submit to us MUST be NON-CONFIDENTIAL in nature for this purpose. You agree that we may send such a file to a third party for this purpose and that the above “Waiver and Release” and “Liability Disclaimer” apply to our doing so. You also agree that we may contact the hacker on your behalf.
Reporting Crimes To Authorities:
While Proven Data recommends reporting all internet crimes to the authorities, it is the sole responsibility of the client to report any such crimes. PD will never disclose any information to authorities about the client unless required by law or written consent has been given by the client. You agree that you will not hold PD liable for any disclosure of information to the authorities. To file a complaint:
US-based customers: https://www.ic3.gov/
Canada: Ivan Kapilouk [email protected]
Proven Data will diagnose your storage device to the best of our ability with the resources available. It is imperative that we have access to all devices that have your encrypted data on them to prevent any additional unforeseen costs. PD is not responsible for any new variants, keys, & hacks, that are found after the evaluation. PD will need to perform an additional evaluation of any new variants found after the initial evaluation and send a new quote to the client. The client understands and acknowledges that this will be a separate fee from the original quote.
All evaluations are free during our standard business hours Monday-Friday 9 AM – 5 PM. Emergency evaluations after hours require a fee of $400 unless otherwise stated to you in writing by PD.
The client agrees to pay our fee for an after-hours emergency evaluation before our commencing such evaluation.
The client is responsible for all shipping charges regardless of the outcome of our services and we will invoice you for such charges promptly after they are incurred.
We will issue our statement for the amount you have chosen on the Authorization, from five days after we have decrypted the files we have been able to decrypt or, if we have been prevented from decrypting your files due to your failure to comply with your Customer Responsibilities, promptly after such failure.
If we are unable to recover any data from your files because our methods have failed or because bugs in the encryption method destroyed the data in them, you will be charged a proportion of the files that were successfully decrypted unless specific arrangements have been made in writing to you. IE if 90% of your files were decrypted, then the fee will be 90% of the total quoted amount on the Authorization. All invoices must be paid within 48 hours after receipt.
We only accept Checks, P.O.s, VISA, MasterCard, American Express, and Discover. You may deduct 2% from any payment by ACH / wire transfers.
A payment is considered late if it has not been paid within 10 days after receiving an invoice via email. You agree to pay a late fee equal to 1.5% of the initial overdue balance for every 30 days that payment is late (18% per year). Additionally, the you agree to pay any costs of collection, including reasonable legal fees, if the balance is not paid within the specified time period.
Authorization of Recovery:
If you execute our Approved Recovery Efforts Authorization form provided to you in our case management system upon completion of the initial evaluation of your data storage device(s), we will apply our existing technology and standard processes to recover your data.
Once you eSign the Authorization you must allow us to use all available efforts to recover your data, and if we recover any data or if we are prevented from recovering data due to your failure to comply with the Customer Responsibilities below you agree to pay the quoted recovery fee in full.
The following responsibilities are the sole responsibilities of the client. Not meeting these responsibilities will result in significant delays, or void our no data no charge policy.
- Whitelist all PD’s email addresses (“@provendatarecovery.com”) immediately after eSigning this form so that you can receive our emails.
- Patch up security vulnerabilities in the network that were used to encrypt your data. If the client needs assistance regarding incident response or security implementation, they should notify Proven Data immediately. Failure to patch holes in the network will result in the same issue. Proven Data has detailed knowledge of these attacks should be notified promptly if the client would like to use this service.
- Backup any critical data before we are provided access to them.
- Provide TeamViewer access within 48 business hours and fix any issues with TeamViewer preventing Proven Data access to the network.
- Respond to requests for files or information within 48 business hours.
- Provide full permission access to all encrypted files on the network at the time the engineer connects. This includes but is not limited to external hard drives, network drives, other computers and any other device which contains encrypted files. The device(s) must show up as a drive letter with full read/write permissions.
- Keep your computer operable while we are rendering services; or
- If your computer becomes inoperable, provide an alternative network so we can access your files; or
- If your computer is inoperable and no such alternative network is available, ship your computer to us at your cost and in accordance with our instructions.
- Inform us of any known issues during the process within 48 business hours.
- Any issues with Software is the sole responsibility of the client. Proven Data does not support any 3rd party software and cannot guarantee functionality of software post-decryption.
- Back up all your files immediately after they are decrypted or, if they have been sent to us, they are returned to you.
Successful: As per our policy, PD will give the client 5 days to verify their data before deeming the case 100% successful. If the client opts out of the recovery at any time and PD can show proof of decryption based on the file sampling taken in the initial evaluation, PD is to be compensated 100% of the recovery fee for the work required to obtain the decryption key.
Partial: If the client states that their data is partially corrupted after verifying their data, PD will investigate if the files are still encrypted or if they are corrupted (damaged). If the files are deemed to be corrupted and not encrypted and PD is unable to retrieve the corrupted data, the client is to pay a proportional fee for the total data recovered. IE If 70% of the data was recovered then the client will owe 70% of the fee. If the client does not specify which files are most important before the recovery begins, the prorated amount will be based off the total number of decrypted files EXCLUDING the following file types: temporary files, duplicate files, system files and program files.
Exceptions: PD does not offer any guarantees that any of the following file type files will be operational after the correct decryption key is applied to the files. File extensions include: mdb, vhd, vhdx, mdf, accdb, dbf, bak, ldf, dat. For an additional fee, PD can attempt to run proprietary repair software to repair these damaged file types. The client understands that if these file types are corrupted, the full amount of the recovery is still owed as the work completed to obtain the decryption key has been achieved.
If the client opts out of the recovery at any time prior to the decryption key being acquired, the client is obligated to a portion of the recovery fee for resource allocation as follows: Standard service: 20% of the recovery fee, Expedited service: 30% of the recovery fee, Emergency service: 50% of the recovery fee.
Data Recovery Turn-Around:
We do our best to meet the turn-around time you have selected. In certain cases, we will not be able to complete our work within that time frame due to complications, which often arise in the recovery process. The client understands that all turn-around times provided are based on averages, and no price reductions will be granted for delays unless specifically approved in writing by PD.
Approved Recovery Services:
After the evaluation is performed, you will have the option of moving forward or not with the quote provided. If you decide to move forward with recovery services, you will be locked into a fixed rate for the specific encryption discovered in the evaluation which pertains to the files gathered. If another encryption is discovered at any time, we will need to re-evaluate and provide you with an updated quote for the additional encryption. If the client opts out of the recovery after approving the quote at any time without allowing us reasonable time to remotely connect within the SLA selected and decrypt their files, the full agreed amount will still be due.
PD DOES NOT CONDONE OR SUPPORT PAYING THE PERPETRATOR’S DEMANDS AS THEY MAY BE USED TO SUPPORT OTHER NEFARIOUS CRIMINAL ACTIVITY, AND THERE IS NEVER ANY GUARANTEE TO OBTAIN THE KEYS, OR IF OBTAINED, THEY MAY NOT WORK. UNFORTUNATELY, SOME CASES MAY REQUIRE THE PAYMENT OF THE DEMAND IN HOPES OF OBTAINING THE MEANS TO DECRYPT YOUR DATA. PROVEN DATA WILL ALWAYS DISCLOSE IF THE RANSOM IS BEING PAID TO OUR CLIENTS IN THE SPIRIT OF FULL TRANSPARENCY. AS A LAST RESORT OPTION, PD RESERVES THE RIGHT TO PAY THE DEMAND FOR THE PURPOSE OF RESTORING BUSINESS FUNCTIONALITY AS SOON AS POSSIBLE. PROVEN DATA WILL ALWAYS DISCLOSE TO OUR CLIENT IF RANSOM PAYMENT IS REQUIRED. THE CLIENT ACKNOWLEDGES THAT THIS WILL BE AN OPTION EXPLORED BY PD IF ALL OTHER CONVENTIONAL METHODS ARE NOT POSSIBLE.
This agreement shall be governed by and interpreted in accordance with the substantive law of the State of New York, excluding conflicts of law and choice of law principles that would require another state’s law to apply. Each party submits to the exclusive jurisdiction of the courts sitting in New York County, State of New York, to resolve all disputes hereunder, and waive any claim that such courts constitute an inconvenient forum. Process in connection with any court proceeding may be served by recognized overnight courier to each party’s last known address, with delivery deemed made on the date of delivery or declined acceptance shown on the records of such courier. No proceeding seeking damages of any kind against PD may be brought by the client in any court in any jurisdiction unless the client notifies PD of the client’s claim within thirty (30) days after such claim arises and brings an action for recovery within six (6) months after such claim arises.
This Agreement constitutes the entire agreement between the parties and supersedes any prior understandings or written or oral agreements between the parties regarding the subject matter hereof. No amendment, modification or alteration of this Agreement shall be binding unless the same shall be in writing and duly executed by the parties hereto of by their duly authorized representative.
If any provision of this Agreement and conditions is held invalid, illegal or unenforceable, such provision shall be enforced to the fullest extent permitted by applicable law and the validity, legality and the enforceability of the remaining provisions shall not be affected thereby.
Any notice required or permitted hereunder (other than service of process) shall be in writing and shall be deemed given upon personal delivery, one day after deposit with a nationally recognized express courier, specifying overnight delivery, or five days after deposit in first-class certified or registered mail, return receipt requested. Delivery shall be deemed to have been completed if the notice is correctly addressed but returned as undeliverable or if delivery is refused or rejected. Notice may also be given by electronic mail, which shall be deemed delivered on the date shown on the records of the sender, provided that any such electronic notice shall only be valid if receipt is confirmed by the recipient or a response is received by the sender. Such notices shall be sent to the party for which intended at his, her or its address most recently communicated to the other party hereto. In the case of PD, its address for notices until further notice is Proven Data, 590 Madison Avenue, 21st Floor, New York, NY 10022, Attention: President or [email protected], as applicable.
This Agreement is the product of arms-length negotiations between parties knowledgeable of its subject matter who have had the opportunity to consult counsel concerning the provisions hereof prior to the execution hereof. Any rule of law that would require interpretation of any provision against the party responsible for its inclusion herein shall have no effect on the interpretation of this Agreement.
Permission to Use Information in Marketing of the Firm
By signing this Agreement, you agree that your name, logo and a general description of the matter(s) may be used by the Firm in its business development efforts and materials.
Proven Data may send you emails from time to time. The monthly newsletter will include news, updates, and content from the Proven Data team and our partners. Our mission is to deliver world-class resources in cyber security, data recovery, and digital forensics for consumers and businesses to utilize and share. You can opt out any time by clicking unsubscribe from the bottom of the newsletter.