CYBERCOMPLY SUBSCRIPTION AGREEMENT

This CyberComply Subscription Agreement (“Agreement”) is entered into by and between Armada Cyber Defense LLC, a Florida limited liability company doing business as CyberComply (“Provider”), and the subscriber identified in the applicable Order Form or through online registration (“Subscriber”). This Agreement is effective as of the date of Subscriber’s acceptance (“Effective Date”).

1. Scope of Agreement

This Agreement governs Subscriber’s access to and use of CyberComply, a SaaS-based Governance, Risk, and Compliance (GRC) platform developed to support cybersecurity compliance activities. CyberComply is primarily designed to assist:

• Department of Defense (DoD) contractors in meeting Cybersecurity Maturity Model Certification (CMMC) requirements;

• Managed Service Providers (MSPs) and Managed Security Service Providers (MSSPs) in delivering compliance support to their clients;

• Enterprise organizations in managing cybersecurity programs across business units, subsidiaries, or controlled entities.

2. Grant of Access

Provider grants Subscriber a limited, non-exclusive, non-transferable right to access and use CyberComply during the subscription term, subject to the terms of this Agreement:

• DoD Contractors may use the platform internally to manage compliance, track remediation, and prepare for formal assessments.

• MSPs and MSSPs may use CyberComply to support multiple client environments, provided that each client’s data remains segregated, and access is managed per client organization. The Subscriber remains responsible for all usage under its account.

• Enterprise Subscribers may deploy CyberComply across affiliated entities, business units, or departments, consistent with the number of licensed users or entities defined in the Order Form.

3. Subscription Term and Renewal

• The initial subscription term begins on the Effective Date and continues for the period selected by the Subscriber (e.g., monthly, quarterly, annually) in the applicable Order Form.

• Subscriptions automatically renew for successive terms unless canceled by either party at least fifteen (15) days before the renewal date.

4. Fees and Payment

Subscriber agrees to pay all fees associated with the selected subscription plan term.

• All payments are due prior to the start of each applicable subscription period.

• Non-payment may result in suspension or termination of access to the platform.

• All fees are non-refundable except as expressly stated in this Agreement.

• Additional fees may apply for:

  • MSPs/MSSPs using multi-tenant features or exceeding client account limits.

  • Enterprise deployments with extended user seats or organizational units beyond initial scope.

5. Acceptable Use and Restrictions

Subscriber shall not:

• Use CyberComply to store, process, or transmit Federal Contract Information (FCI) or Controlled Unclassified Information (CUI);

• Share login credentials or allow unauthorized third-party access;

• Attempt to copy, reverse engineer, decompile, or otherwise access the underlying source code of the platform;

• Use the platform in any manner that violates applicable laws or regulations.

6. Data and Privacy

• Provider does not store or process FCI or CUI. Subscriber is solely responsible for ensuring compliance with data classification and protection laws.

• Provider may collect anonymized usage data and system metrics for the purposes of performance monitoring, product enhancement, and customer support.

• MSP/MSSP Subscribers are responsible for ensuring that data collected or input on behalf of their clients complies with applicable privacy laws and client agreements.

7. Intellectual Property

• CyberComply, including all software, designs, documentation, and trademarks, is the sole property of Armada Cyber Defense LLC.

• No intellectual property rights are transferred to Subscriber under this Agreement.

• Subscriber may not remove or obscure any proprietary notices or branding.

8. Confidentiality

Each party agrees to protect the confidential information of the other party using the same degree of care it uses to protect its own confidential information (but not less than reasonable care), and not to disclose such information to any third party except as necessary to perform under this Agreement.

9. Warranties and Disclaimers

• Provider warrants that CyberComply will be provided in a professional and workmanlike manner and will operate substantially as described in documentation

• EXCEPT AS EXPRESSLY PROVIDED, THE PLATFORM IS PROVIDED "AS IS", AND PROVIDER DISCLAIMS ALL IMPLIED WARRANTIES, INCLUDING MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT.

10. Limitation of Liability

• Provider’s total liability under this Agreement will not exceed the subscription fees paid by Subscriber in the six (6) months preceding the event giving rise to the claim.

• Provider shall not be liable for any indirect, incidental, special, punitive, or consequential damages, including loss of profits, data, or certification status.

11. Termination

• Either party may terminate this Agreement upon thirty (30) days’ written notice for material breach, provided the breach is not cured within that time.

• Upon termination, all access to CyberComply will cease, and any unpaid fees will become immediately due.

• Provider reserves the right to suspend access immediately if Subscriber engages in activity that compromises platform security or violates the Acceptable Use section.

12. Governing Law

This Agreement shall be governed by and construed in accordance with the laws of the State of Florida, without regard to its conflict of laws principles. The parties agree that venue shall lie exclusively in Miami-Dade County, Florida.

13. Technical Support

Provider will make commercially reasonable efforts to provide Subscriber with technical support for CyberComply during normal business hours (Monday–Friday, 9:00 AM–5:00 PM Eastern Time, excluding U.S. federal holidays). Support inquiries may be submitted via email at support@armadacyberdefense.com.

Standard support includes assistance with:

• Access or login issues

• Navigation and use of CyberComply features

• Bug reporting and resolution

• General questions about platform functionality

Support does not include:

• Custom configuration requests

• Consulting services or advisory support for CMMC readiness

• Integration with third-party systems or services

• Enhanced or priority support options may be available under a separate agreement or at additional cost.

14. Service Availability and Uptime (SLA)

Provider will use commercially reasonable efforts to ensure the CyberComply platform is available 99.5% of the time, excluding scheduled maintenance, force majeure events, and issues beyond Provider’s control (e.g., third-party hosting outages). Scheduled maintenance will be communicated to Subscriber with reasonable advance notice.

15. Support for Regulatory Changes

CyberComply is designed to align with current CMMC Level 2 and NIST SP 800-171 standards. Provider will make reasonable efforts to update the platform to reflect changes in relevant frameworks; however, Subscriber is responsible for ensuring their compliance strategy aligns with applicable regulatory updates.

16. Third-Party Services and Integrations

The platform may allow integration with third-party services. Provider is not responsible for the functionality, availability, or compliance posture of such services. Subscriber assumes all risk in enabling third-party integrations.

17. Export Compliance

Subscriber agrees not to use or export CyberComply except as authorized by United States law and the laws of the jurisdiction in which CyberComply was obtained. Subscriber represents that neither it nor its users are located in a U.S. embargoed country or listed on any U.S. government restricted parties list.

18. Assignment

Subscriber may not assign this Agreement or any rights or obligations under it without prior written consent from Provider. Any attempted assignment without such consent will be null and void.

19. Entire Agreement

This Agreement, including any applicable Order Forms and online registration terms, constitutes the entire understanding between the parties and supersedes all prior agreements, written or oral, regarding its subject matter. Amendments must be in writing and signed by both parties

Contact Information:
Armada Cyber Defense LLC
DBA: CyberComply
11091 SW 117th Ct.
Miami, FL 33186

305 (306)-1800 x 2
support@armadacyberdefense.us
www.cybercomply.us