Norvet MSP Website Terms of Use and Prospective Client Terms

Effective Date: 7/13/2023
Last Updated: 5/24/2024
Company: Norvet MSP (“Norvet,” “we,” “us,” “our”)
Address: 8170 Mall Parkway STE 1161, Lithonia, GA 30038
Support: [email protected] | (888) 598-7677

1. Acceptance of Terms

By accessing, browsing, submitting information through, or otherwise using any Norvet website, landing page, portal, or online service referencing these Terms (collectively, the “Website”), you agree to be bound by these Terms of Use and Prospective Client Terms (the “Terms”). If you do not agree, do not use the Website.

If you are using the Website on behalf of an organization, you represent and warrant that you have authority to bind that organization, and “you” includes that organization.

2. Relationship to Master Services Agreements; Order of Precedence

These Terms are intended to govern:

All Website users (including visitors, leads, and prospective clients), and

All pre-contract interactions, evaluations, assessments, guidance, recommendations, scoping calls, and communications prior to a fully executed written agreement.

If you and Norvet later execute a Master Services Agreement (“MSA”), Statement of Work (“SOW”), subscription agreement, or other written agreement signed by authorized signatories (a “Client Agreement”), then:

The Client Agreement governs the delivery of paid services and products covered by that Client Agreement, and

These Terms continue to govern Website use and pre-contract interactions, and also govern any matters not addressed in the Client Agreement.

No obligation to provide services. Nothing on the Website obligates Norvet to provide services until Norvet accepts the engagement in a signed writing (including a signed SOW/Change Order).

3. Definitions

“Change Order” means a written change document (including an SOW addendum) signed by Norvet and the customer’s authorized signatory that changes scope, pricing, or terms.

“Third-Party Provider” means any vendor, cloud provider, ISP, software publisher, manufacturer, platform provider, or other third party whose products/services are used, recommended, integrated, or relied upon.

“Authorized Contact” means a person expressly designated in writing by the customer to (a) submit requests, (b) approve changes, (c) receive security notifications, and/or (d) authorize actions affecting systems, billing, access, or security posture.

4. Website Content; No Offer; No Reliance

The Website may contain descriptions of services, security concepts, examples, blog posts, checklists, pricing ranges, and other information. All such content is provided for general informational purposes only.

No offer. Website content does not constitute a binding offer, commitment, or guarantee of outcomes, pricing, timelines, deliverables, or availability.

No reliance. You agree that you will not rely on Website statements or informal communications (including sales discussions, chats, calls, texts, or emails) as a substitute for a signed written agreement. Any reliance is at your sole risk.

5. Authorized Contacts; Anti-Social-Engineering Controls; “No Unauthorized Outreach”

5.1 Only Authorized Contacts Can Direct or Approve Work

For security and fraud prevention, Norvet:

Will act only on requests from Authorized Contacts (or verified end users specifically authorized for helpdesk support), and

May refuse, delay, or require additional verification for any request that impacts access, security controls, billing, bank/payment details, vendor authorizations, data transfers, mailbox rules, forwarding, MFA methods, privileged roles, or administrative credentials.

You are solely responsible for maintaining an up-to-date Authorized Contact list and immediately revoking authorization for departed or role-changed personnel.

5.2 We Are Not Responsible for Fraudulent or Unauthorized Instructions

You acknowledge that sophisticated fraud (including impersonation, phishing, deepfakes, SIM swapping, and business email compromise) exists. Norvet is not liable for any loss arising from:

Instructions that appear legitimate but are not actually authorized, or

Your failure to maintain secure internal approval workflows and Authorized Contact controls.

5.3 “People Who Aren’t Supposed to Reach Out”

Norvet may, at its discretion, ignore or block communications from persons who are not verified or authorized to engage on your behalf. Norvet is not obligated to respond to, or take action based on, requests from unauthorized individuals.

Norvet will not be bound by, and you agree you will not rely on, communications from anyone who is not an Authorized Norvet representative acting within documented authority.

6. Subcontractors and Third Parties; No Verbal “Side Deals”

6.1 Use of Subcontractors

Norvet may use subcontractors, contractors, and Third-Party Providers to deliver services, provide coverage, perform specialized work, or support operations.

6.2 No Authority to Bind Norvet; No Side Deals

Critical condition: No subcontractor, contractor, referral partner, agent, or third party has authority to bind Norvet or modify any agreement, scope, service level, security commitment, price, or timeline.

Norvet is not bound by any verbal statements, promises, representations, “side deals,” or out-of-band commitments made by any person (including Norvet personnel) unless memorialized in a written Change Order (or other written amendment) signed by Norvet and the customer’s authorized signatory.

6.3 Third-Party Provider Failures

Norvet is not responsible for outages, defects, vulnerabilities, data loss, service interruptions, SLA failures, support delays, supply-chain incidents, or security events attributable to Third-Party Providers, including but not limited to cloud platforms, telecom/ISP services, registrars/DNS providers, email providers, hardware manufacturers, and software publishers.

Where Norvet provides assistance interfacing with Third-Party Providers, such assistance is provided on a commercially reasonable efforts basis and is not a guarantee of resolution, restoration, or timeline.

7. Cybersecurity “No Guarantee” Clause (NIST-Aligned Risk Reality)

7.1 Security Is Risk Management, Not a Guarantee

You acknowledge and agree that cybersecurity is a continuous risk management process. Even when controls are implemented consistent with recognized frameworks and industry practices (including NIST-aligned approaches), no environment is immune to compromise.

Threats may include sophisticated and evolving tactics such as:

credential theft and phishing/social engineering,

zero-day exploits and advanced persistent threats,

supply-chain and vendor compromise,

misconfigurations and inherited platform risk,

insider threats (malicious or negligent),

ransomware, extortion, and destructive attacks.

7.2 No Warranty of Security Outcomes

NORVET EXPRESSLY DISCLAIMS ANY WARRANTY, REPRESENTATION, OR GUARANTEE THAT:

any service, tool, control, monitoring, hardening, EDR/MDR, SIEM, filtering, backup, training, assessment, or recommendation will prevent or eliminate any security incident; or

any incident can be prevented, detected, contained, remediated, or recovered from within any particular time period.

7.3 Your Security Decisions Control Your Risk

If you reject, delay, disable, or fail to maintain recommended controls (including MFA, phishing-resistant MFA, patching, least privilege, logging, conditional access, backups, or training), you accept the resulting risk allocation as set forth in these Terms, including the indemnity and hold harmless obligations below.

8. Customer Responsibilities; Client Negligence; Hold Harmless

8.1 Mandatory Cooperation and Secure Behavior

You agree to:

follow Norvet’s reasonable security policies, onboarding requirements, and change control procedures;

ensure users complete required security training and comply with acceptable use standards;

enforce MFA where required; and

promptly notify Norvet of suspected compromise, lost devices, or suspicious activity.

8.2 Client Negligence and Risk Acceptance (Explicit)

Without limiting anything else, you agree Norvet is held harmless (and you will indemnify Norvet) for any security incident, breach, business interruption, loss, or claim that arises from or is materially contributed to by your actions/inactions, including:

refusing or disabling MFA,

ignoring or refusing security awareness training,

sharing credentials or using weak/reused passwords,

failing to approve or implement critical patches/updates in a timely manner,

granting excessive privileges, failing to terminate access promptly, or permitting unauthorized devices,

bypassing security controls, or directing Norvet to reduce security posture,

failing to maintain required licensing or vendor support,

failure to provide accurate information or timely approvals.

8.3 No Liability for Customer-Controlled Systems and Decisions

Norvet is not liable for failures, exposures, or incidents attributable to systems, accounts, vendors, endpoints, networks, or configurations that are:

outside Norvet’s contracted scope,

not managed by Norvet,

controlled by you or your vendors, or

modified without Norvet’s written approval.

9. Quotes, Assessments, Recommendations; No Duty to Warn

Any evaluation, assessment, scan, report, recommendation, roadmap, or discussion provided before a signed Client Agreement is:

preliminary and informational,

not a guarantee of completeness,

not a certification, audit opinion, legal compliance opinion, or insurance determination, and

not a commitment that Norvet will identify every vulnerability, misconfiguration, or threat.

You remain solely responsible for your compliance obligations and for independent validation as appropriate.

10. Fees, Billing, and Payment Leverage; Immediate Suspension

10.1 Fees

If you purchase any service, subscription, assessment, or deliverable through or as a result of the Website, you agree to pay all fees, taxes, and charges as stated in the applicable order, invoice, proposal, or Change Order.

10.2 Immediate Suspension for Non-Payment (Including Security Monitoring)

If any amount is not paid when due, Norvet may, without liability and without limiting any other remedies:

immediately suspend, throttle, or terminate access to any services, deliverables, portals, support, monitoring, and/or security tooling (including security monitoring), and/or

refuse to perform further work until all past-due amounts are paid in full.

If a signed Client Agreement includes a specific notice/cure process for suspension, that process applies to services governed by that Client Agreement

Risk allocation disclosure: You acknowledge that suspension of services—especially security monitoring—may increase risk, and you accept that risk entirely in the event of non-payment.

10.3 Collections; Costs

You agree to pay Norvet’s reasonable costs of collection, including attorneys’ fees and costs, to the fullest extent permitted by law.

11. Acceptable Use; Prohibited Conduct

You agree not to:

interfere with Website operation,

attempt to gain unauthorized access to systems, accounts, or data,

introduce malware or conduct scanning without written authorization,

scrape or harvest contact information for solicitation,

impersonate any person or misrepresent affiliation.

Norvet may investigate and may suspend or block access at any time for any suspected violation.

12. Intellectual Property

All Website content and materials are owned by Norvet or its licensors and are protected by applicable intellectual property laws. You receive a limited, revocable, non-exclusive license to access the Website for its intended purpose.

No rights are granted by implication.

13. Communications Consent; Contact Clarification

13.1 Consent to Contact You (When You Ask Us To)

If you submit your contact information, request a callback, schedule a meeting, request a quote, or otherwise initiate contact, you consent to being contacted by Norvet for that purpose (including by email, phone, and text, where permitted by law and your preferences).

13.2 You Must Have Permission to Provide Third-Party Contact Details

If you provide contact details for another person, you represent you have that person’s permission to do so. Norvet may require verification before discussing any account-specific information.

13.3 No Guarantee Against Spoofing

Norvet is not responsible for spoofed messages purporting to be from Norvet. You must verify sensitive requests via known channels.

14. Disclaimers of Warranties

TO THE MAXIMUM EXTENT PERMITTED BY LAW, THE WEBSITE AND ANY INFORMATION, CONTENT, SERVICES, OR MATERIALS PROVIDED THROUGH IT ARE PROVIDED “AS IS” AND “AS AVAILABLE.”

NORVET DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE, AND NON-INFRINGEMENT, AND ANY WARRANTIES ARISING FROM COURSE OF DEALING OR USAGE OF TRADE.

15. MASSIVE LIMITATION OF LIABILITY; CONSEQUENTIAL DAMAGES WAIVER; HARD CAP

15.1 No Consequential / Special Damages

TO THE MAXIMUM EXTENT PERMITTED BY LAW, IN NO EVENT SHALL NORVET (OR ITS OWNERS, OFFICERS, DIRECTORS, EMPLOYEES, CONTRACTORS, SUBCONTRACTORS, AFFILIATES, AGENTS, OR SUPPLIERS) BE LIABLE FOR ANY:

INCIDENTAL, INDIRECT, SPECIAL, CONSEQUENTIAL, EXEMPLARY, OR PUNITIVE DAMAGES,

LOST PROFITS OR REVENUE,

LOSS OF BUSINESS, LOSS OF USE, LOSS OF GOODWILL OR REPUTATION,

LOSS, CORRUPTION, OR INABILITY TO ACCESS DATA,

COST OF COVER, SUBSTITUTE SERVICES, OR PROCUREMENT COSTS,
ARISING OUT OF OR RELATED TO THE WEBSITE, ANY SERVICES, OR THESE TERMS, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

15.2 Direct Damages Hard Cap (12 Months of Fees)

TO THE MAXIMUM EXTENT PERMITTED BY LAW, NORVET’S TOTAL AGGREGATE LIABILITY FOR ANY AND ALL CLAIMS ARISING OUT OF OR RELATED TO THE WEBSITE, ANY SERVICES, OR THESE TERMS SHALL NOT EXCEED THE TOTAL FEES ACTUALLY PAID BY YOU TO NORVET FOR THE TWELVE (12) MONTHS IMMEDIATELY PRECEDING THE EVENT GIVING RISE TO THE CLAIM.

If you paid no fees to Norvet in that period, Norvet’s aggregate liability shall not exceed $1000 (or the minimum amount required by applicable law, if greater).

15.3 Allocation of Risk; Essential Basis

You acknowledge that these limitations reflect a fair allocation of risk and form an essential basis of the bargain, and that Norvet would not provide access to the Website or offer services on these terms without these limitations.

15.4 Time Limit to Bring Claims

NO ACTION OR PROCEEDING (REGARDLESS OF FORM) ARISING OUT OF OR RELATING TO THESE TERMS OR THE WEBSITE MAY BE BROUGHT MORE THAN ONE (1) YEAR AFTER THE CAUSE OF ACTION ACCRUES, EXCEPT WHERE PROHIBITED BY LAW.

16. Indemnification; Client Negligence; Third-Party Claims

You agree to indemnify, defend, and hold harmless Norvet and its related parties from and against all claims, demands, suits, investigations, liabilities, damages, losses, and expenses (including reasonable attorneys’ fees) arising out of or related to:

your breach of these Terms,

your negligence, willful misconduct, or violation of law,

your failure to implement or maintain required/recommended security controls (including MFA and training),

your relationship with Third-Party Providers,

any instruction, request, or authorization you provided (or that appeared to be from you due to your internal control failures),

any claim by any third party relating to your systems, data, operations, employees, contractors, or customers.

Norvet may assume control of the defense at its option, and you agree to cooperate.

17. Suspension and Termination

Norvet may suspend or terminate Website access and/or any services at any time:

for violation of these Terms,

to protect Norvet systems, personnel, clients, or Third-Party Providers,

for non-payment, or

as required by law.

Upon termination, the rights granted to you cease immediately.

18. Governing Law; Venue; DeKalb County, Georgia

These Terms shall be governed by and construed under the laws of the State of Georgia, without regard to conflict-of-law principles.

You agree that any action arising out of or related to these Terms, the Website, or any dispute with Norvet shall be brought exclusively in the state or federal courts located in DeKalb County, Georgia, and you submit to the exclusive jurisdiction and venue of those courts.

19. Waiver of Jury Trial; Class/Collective Action Waiver

TO THE MAXIMUM EXTENT PERMITTED BY LAW:

EACH PARTY WAIVES ANY RIGHT TO A TRIAL BY JURY; AND

YOU AGREE THAT CLAIMS MAY BE BROUGHT ONLY IN AN INDIVIDUAL CAPACITY, AND NOT AS A PLAINTIFF OR CLASS MEMBER IN ANY PURPORTED CLASS, COLLECTIVE, OR REPRESENTATIVE ACTION.

If any portion of this Section is found unenforceable, the remainder shall still be enforced to the maximum extent permitted.

20. Miscellaneous

Severability. If any provision is held invalid or unenforceable, the remaining provisions remain in full force.

No Waiver. Failure to enforce a right is not a waiver.

Assignment. You may not assign these Terms without Norvet’s prior written consent. Norvet may assign freely (including in connection with a merger, acquisition, or asset sale).

Force Majeure. Norvet is not liable for delays or failures caused by events beyond its reasonable control.

Entire Agreement (Website). These Terms are the entire agreement regarding Website use and pre-contract interactions and supersede prior or contemporaneous communications relating to the Website.

Headings. Headings are for convenience only and do not affect interpretation.

21. Contact

Questions regarding these Terms must be submitted in writing to:
Norvet MSP
8170 Mall Parkway STE 1161
Lithonia, GA 30038
[email protected] | (888) 598-7677