1. Introduction
Welcome to Qualysec ("Qualysec", "Company", "we", "us", or "our"). These Terms & Conditions ("Terms") govern your access to and use of our website, products, services, cybersecurity assessments, penetration testing services, vulnerability assessments, compliance assessments, security consulting services, and all related offerings.
By accessing our website or engaging our services, you acknowledge that you have read, understood, and agree to be bound by these Terms. If you do not agree with these Terms, you must immediately discontinue use of our website and services.
2. Definitions
- Services: Refers to penetration testing, vulnerability assessments, security audits, compliance assessments, red teaming, consulting services, training services, and other cybersecurity-related services provided by Qualysec.
- Client: Any individual, company, organization, government entity, or legal person engaging Qualysec's services.
- Confidential Information: Any non-public business, technical, financial, operational, or security-related information disclosed by either party.
- Personal Data: Information that identifies or can reasonably identify an individual.
- Statement of Work (SOW): The written document defining scope, timelines, deliverables, assumptions, and commercial terms.
3. Use of Services
You agree to use our services only for lawful purposes and in compliance with all applicable laws and regulations. By engaging our services, you confirm:
- That you have the legal authority to engage Qualysec for penetration testing and cybersecurity services.
- You will provide accurate information, including necessary permissions to test systems, networks, and applications.
- You acknowledge that penetration testing may impact the performance of your systems and you accept any inherent risks involved.
4. Service Engagement
Before the commencement of any service, Qualysec will provide a formal proposal outlining the scope, timeline, and cost of the services. Once agreed upon, we require:
- Written consent to carry out the penetration testing or any other agreed-upon service.
- All necessary credentials, system access, and information required to perform the services.
Qualysec will ensure that all tests are conducted in a manner that minimizes disruption to your operations, though no guarantee is made that service interruptions or disruptions will not occur.
5. Scope of Services
- All services shall be performed strictly in accordance with the approved proposal, quotation, contract, or Statement of Work.
- Any modification to scope, testing targets, timelines, deliverables, or requirements must be approved in writing by both parties.
- Additional services may result in additional fees.
6. Confidentiality
We understand the sensitive nature of cybersecurity assessments. Qualysec agrees to:
- Maintain confidentiality regarding all information provided by the client.
- Not disclose or share any proprietary data, trade secrets, or other sensitive information without explicit consent, unless required by law.
The client also agrees to maintain confidentiality regarding any information, methodologies, tools, or findings shared by Qualysec during the course of the engagement.
7. Client Responsibilities
The Client agrees to:
- Provide accurate and complete information.
- Provide necessary access credentials.
- Designate authorized points of contact.
- Maintain backups before testing activities begin.
- Promptly respond to requests for information.
- Ensure systems are available during agreed testing windows.
8. Limitation of Liability
While Qualysec makes every effort to provide high-quality and accurate penetration testing services, we do not guarantee that all vulnerabilities or security flaws will be identified. Furthermore:
- Qualysec will not be liable for any direct, indirect, incidental, or consequential damages, including but not limited to system downtime, data loss, or financial loss arising out of the use of our services.
- The total liability of Qualysec in connection with any service provided will be limited to the fees paid for that particular service.
- Qualysec reserves the right to modify the fee structure with prior notice.
9. Data Protection and Privacy
- Qualysec shall process information solely for the purpose of providing contracted services.
- Both parties shall comply with applicable data protection, privacy, and cybersecurity laws.
- Personal data shall be handled in accordance with Qualysec's Privacy Policy.
10. Intellectual Property Rights
Qualysec retains ownership of:
- Methodologies
- Frameworks
- Tools
- Scripts
- Templates
- Testing procedures
- Proprietary know-how
The Client shall own final reports and deliverables relating specifically to its environment upon full payment of applicable fees.
11. Payment Terms
The cost of services will be agreed upon in writing before commencement. Payment terms are as follows:
- A non-refundable deposit may be required before starting the service.
- Full payment is due upon completion of the services unless otherwise agreed in writing.
- Any late payments may result in additional fees or suspension of ongoing services.
Qualysec reserves the right to modify the fee structure with prior notice.
12. Security Assessment Disclaimer
Cybersecurity assessments are point-in-time evaluations. Qualysec does not warrant or guarantee that:
- Future attacks will be prevented.
- Systems will remain secure after assessment.
Security is an ongoing process and requires continuous monitoring and improvement.
13. Responsible Disclosure
- Qualysec shall disclose findings solely to authorized Client representatives.
- Qualysec shall not publicly disclose vulnerabilities without written permission unless required by law.
14. Acceptable Use
Clients shall not use Qualysec services for:
- Illegal activities
- Fraudulent activities
- Unauthorized access
- Malware deployment
- Cyber warfare
- Denial-of-service attacks
- Activities violating applicable laws
Qualysec reserves the right to terminate services upon detection of prohibited activities.
15. Website Usage
Users shall not:
- Attempt unauthorized access
- Disrupt website operations
- Circumvent security controls
- Introduce malware
- Scrape website data
- Conduct automated attacks
Violation may result in legal action.
16. Unauthorized Security Testing, Bug Hunting and Bug Bounty Activities
Qualysec does not operate a public bug bounty program unless expressly announced through official written communication.
No individual, organization, researcher, penetration tester, bug hunter, consultant, or third party is authorized to conduct:
- Vulnerability assessments
- Penetration testing
- Security scanning
- Bug bounty activities
- Reconnaissance
- Exploitation attempts
- Reverse engineering
- Source code analysis
- Security research activities
against any Qualysec website, application, API, network, server, cloud infrastructure, or digital asset without prior written authorization from Qualysec.
Any such activity conducted without explicit written authorization shall be considered unauthorized.
Qualysec reserves the right to investigate, report, and pursue civil, criminal, administrative, and equitable remedies available under applicable laws, including the Information Technology Act, 2000 and other applicable laws of India.
The identification or reporting of a vulnerability does not grant any right to access, exploit, disclose, test, retain, copy, or distribute information obtained through such activities.
17. Publicity and Use of Name
Neither party may use the other party's:
- Name
- Logo
- Trademark
- Case study
- Testimonial
without prior written approval.
18. Indemnification
The Client agrees to indemnify and hold harmless Qualysec, its officers, directors, employees, contractors, and affiliates against claims arising from:
- Breach of these Terms
- Unauthorized testing requests
- Violation of applicable laws
- Misuse of services
19. Force Majeure
Neither party shall be liable for delays caused by events beyond reasonable control including:
- Natural disasters
- Cyber incidents
- Internet outages
- Government actions
- Pandemics
- Labor disputes
20. Termination
Either party may terminate the engagement by providing written notice:
- If the client breaches any material provision of these Terms.
- Upon the completion of the agreed-upon services.
Upon termination, any outstanding fees become immediately due and payable. Qualysec reserves the right to suspend or discontinue services if payment is not received or if you are found in violation of these Terms.
21. Electronic Communications
Electronic communications, approvals, contracts, invoices, and notices shall have the same legal effect as physical documents.
22. Governing Law and Jurisdiction
- These Terms shall be governed by the laws of India.
- Any dispute shall be subject to the exclusive jurisdiction of the courts located in Bhubaneswar, Odisha, India.
23. Amendments
Qualysec reserves the right to update or modify these Terms at any time. Any changes will be communicated via the website, and continued use of our services after such changes implies your acceptance of the new Terms.
26. Contact Information
Qualysec Technologies Pvt. Ltd.
Email: sales@qualysec.com
Website: www.qualysec.com
Registered Office: 302, 3rd Floor, NSIC-IMDC Dharampad Bhawan, Mancheswar Industrial Estate, Bhubaneswar-751010
For legal notices, disputes, or compliance inquiries, please contact the above address.