When Crisis Comms Become Evidence

Read Our Blog

Website Terms of Use
Chevron_White_Jade 1

DORA ADDENDUM

Last modified September 2025

This DORA Addendum (โ€œAddendumโ€) supplements the terms and conditions described in the Terms of Service (collectively the โ€œTermsโ€) that apply to your use of the Services. This Addendum applies only if you are subject to the Digital Operational Resilience Act (DORA), (Regulation (EU) 2022/2554) (โ€œDORAโ€). This Addendum sets forth the terms of the partiesโ€™ agreement to comply with DORA.

Unless otherwise stated herein, all capitalized terms shall have the same meaning as defined in the Terms.

  1. We will comply with all applicable laws, including DORA and any other regulatory requirements that apply to ICT third-party providers (as defined in DORA).
  2. Unless otherwise agreed, we will supply the Services, which also includes processing or storing User Content, from the following locations: (i) Canada, (ii) USA, (iii) United Kingdom, (iv) Germany, (v) India, and (vi) Australia. We will provide at least thirty (30) days advance notice to you of any changes to these locations.
  3. ICT Incident. We will promptly notify you (and in no event later than forty-eight (48) hours after becoming aware) of any material ICT Incident that significantly impacts the availability, performance, or security of the Services. The notification shall include: (i) a description of the incident, including its nature and impact, and (ii) the measures taken or proposed to be taken to mitigate the incident. We will provide commercially reasonable assistance to you in connection with the investigation and resolution of the ICT-related Incident.
  4. Security Awareness Training. We will ensure that all CYGNVS personnel with access to your Confidential Information participate in appropriate security awareness and operational resilience training. Training shall be completed annually and updated as regulations evolve.
  5. Regulatory Cooperation. We will cooperate with regulatory authorities in connection with audits or inquiries related to the Services, provided that such cooperation is limited to the extent necessary to comply with applicable laws and does not compromise our proprietary information, security measures, or third-party contractual obligations.
  6. Critical ICT Provider Obligations. If designated as a critical ICT third-party provider, we will comply with all oversight requirements, including facilitating audits and providing information to the designated oversight body.

 

CONTACT US

For any questions or queries, contact info@cygnvs.com

Mailing Address: 221 Main Street, #1393, Los Altos CA 94022

CYGNVS Terms & Policies