Terms of Service

PentestHero Terms of Service 

By using, accessing, or visiting PentestHero or any of its affiliated web properties or services, you agree to the terms of service stipulated below. By signing in, creating an account, registering, or requesting services, you agree to comply with and be legally bound by the terms defined below, regardless of whether you go on to become a registered user. These terms govern your access to and use of PentestHero and all its properties, services, and content. These terms constitute a binding legal agreement between you and PentestHero (PentestHero BV). If you do not agree with these terms, you have no legal right to access or obtain information or services from PentestHero or its properties. These terms are legally binding whether you review them or not. 

Scope of the General Terms and Conditions 

This Terms and Conditions (“Terms”, “Conditions”) outlines the general terms of service for PentestHero (“PentestHero”, “We”, “Us”, “Our”) by which customers, visitors, clients, etc. (“user”, “you”, “your”) are legally bound when accessing, using, or implementing PentestHero or its properties in any way. Supplemental terms will be provided via an Order (“Contract”) to customers wishing to purchase a service, and mutually agreed upon to cover pricing, additional terms of service, and terms specific to the user. 

PentestHero provides data security and compliance services, colloquially known as “Pentesting” “Penetration Testing”, delivered via an online cloud portal (“Web Property”) and conducted at the discretion and explicit request of the user. PentestHero also provides access to digital services, automated services, and reporting. These are collectively referred to as “Services” throughout this Terms and Conditions, via our website, web application, and other properties, collectively referred to as “Properties”, “Site”, and “Platform”. See “Definitions” at the bottom of this page for further information. 

As a user, it is your responsibility to carefully read these Terms of Service as well as our Privacy Policy. Our Terms of Service are legally binding, and govern how you may legally access, use, and interact with our services and properties. These terms apply whether you purchase services directly or utilize PentestHero through an employer or reseller. 

Furthermore, if you accept or agree to these terms on behalf of a legal entity such as a company or organization, you assume full responsibility for ensuring you represent and have the authority to bind that company or legal entity to these terms. In such an event, “you”, and “your” refer to and apply to that company and/or legal entity. 

Failure to comply with these Terms of Service may subject you to litigation and civil penalties. 

Order of Precedence 

Should any secondary terms or orders conflict with the General Terms of Service, the latter terms and conditions will take precedence, with the exception of conflicts caused by human error or honest mistake. Conflicts listed in an Order must expressly amend General Terms and Conditions to be considered as purposeful rather than erroneous amendments. 

Notices 

PentestHero reserves the right to modify the services or its properties and these Terms, including Service Fees, at any time, at its sole discretion, and without prior notice. 

Modifications to the General Terms of Service will be updated on the site at PentestHero.io/Terms. We will notify users of changes via email where possible. 

By continuing access to and usage of PentestHero and its properties or services, you are agreeing to be bound by the terms and any modifications therein. If changes are unacceptable, your only recourse is to cease usage of services or properties. 

Any notices or communications required hereunder, including those regarding modifications, will be written and distributed via email, from PentestHero, where the user has provided an address. Notices to PentestHero may be sent to info@pentesthero.io or to our headquarters at Bickerswerf 6, 1013 KX Amsterdam, Netherlands.

Access Rights 

By accessing or using PentestHero, its properties, or its services, you agree to be legally bound by the terms and conditions. These terms of service stipulate that you must be 18 years or older in order to access web properties or services. Minors may access and utilize PentestHero services and properties with express support and guidance from a Guardian, by contacting info@pentesthero.io 

Using PentestHero Properties and Services 

PentestHero delivers penetration testing and cyber security services via a digital platform. These tests are delivered to user properties as agreed-upon by a separate Order, with individual scope, terms and conditions, and limitations. Results including reporting, assessments, and ongoing contact with pentesters is carried out through the Platform. PentestHero will independently verify the pentesters in its employ. 

Registration 

Registration is necessary to access most of the services offered by PentestHero. Registering to create a PentestHero account requires submitting personal information including your name and contact information. By registering an account, you consent to these terms and conditions on behalf of yourself and any legal entity which you may be requesting services for. 

You agree to provide accurate, current, and complete information during registration and to update information to ensure that it remains accurate, current, and complete. You are responsible for ensuring the accuracy of personal information collected by PentestHero and any damages or liabilities ensuing from incorrect or missing information will be assumed by you, the user. 

Account Requirements 

  • As a user, you may not have more than one (1) active account. 
  • You are responsible for safeguarding your account login information including username, password, and recovery details 
  • You agree that you will not disclose your password to any third party 
  • You agree that you will take sole responsibility for any activities or actions on your Cobalt Account, whether you have authorized such activities or actions or not, with the exception of non-account related breaches of PentestHero properties. 
  • You agree to immediately notify PentestHero (security@pentesthero.io) of any unauthorized activity or usage of your PentestHero account. 

User Conduct and Applicable Laws 

As a user, you are solely responsible for compliance with any and all Applicable Laws and Tax obligations that may apply to your usage of PentestHero properties or services. Except as otherwise expressly provided in the Terms, you agree that any legal remedy or liability you seek to obtain for acts or omissions of members, or third parties will be limited to a claim against those parties. You agree to not impose any liability on PentestHero with respect to acts or omissions of other members or third parties. 

In connection with PentestHero properties and services, you agree that you will not: 

  • Violate any applicable laws, including but not limited to privacy laws, zoning laws, tax regulation, etc. This includes but is not limited to Applicable Law relating to civil liability, such as performing fraudulent acts, posting content that is defamatory, obscene, pornographic, vulgar, or offensive, or which is discriminatory, hate speech, racism, or promotes violence or illegal activities. 
  • Use of manual or automated software, devices, scripts, robots, or other processes to “access”, “scrape”, “crawl”, “spider”, “or access other services or properties of PentestHero. 
  • Utilize services or PentestHero properties in any way not expressly permitted by these terms. 
  • Copy, store, modify, prepare derivative works based upon, distribute, license, sell, transfer, publicly display, publicly perform, transmit, broadcast, or otherwise exploit or access information contained in PentestHero properties or services, in ways not expressly permitted by these terms or an Order of service. 
  • Systematically retrieve data or other content from Services or Properties, whether by manual or automatic means. 
  • Remove, alter, obscure, or replace any copyright, trademark, service mark, or other proprietary rights noticed incorporated in the Services or Properties. 
  • Infringe on the rights of any person or entity, including but not limited to posting, publishing, submitting, or transmitting content that infringes, misappropriates, or violates a third party’s patent, copyright, trademark, trade secret, moral rights, or other intellectual property rights. 
  • Interfere with or damage the Services or Properties, unless expressly requested to do so. 
  • Use the Services or Properties to transmit, distribute, post, or submit information concerning other persons or entities without their express permission or the legal right to do so. 
  • Utilize the site for any purpose not expressly allowed under these terms and the Order, including for the distribution of unsolicited email, to stalk or harass other users, to collect personal information from other users, etc. 
  • Register more than one PentestHero Account 
  • Contact any user or Pentester for any reason other than communication related to Services 
  • Impersonate any person or entity or to falsify or misrepresent yourself, your rights, or affiliation with any person or entity 
  • Use, display, mirror, or frame the Properties or any individual element of the Properties or Services, without the express, written consent of PentestHero. Contact us at Info@pentesthero.io for more. 
  • Access, tamper with, or duplicate in any way non-public areas including but not limited to backend of the website and web properties, computer systems, technical delivery systems, or through PentestHero’s providers, unless expressly requested to do so. 
  • Attempt to probe, scan, or test the vulnerability of the Services or Properties, including but not limited to networks, technical delivery systems, servers, computers, security authentication, etc., unless expressly requested to do so. 
  • Avoid, bypass, remove, deactivate, impair, or otherwise circumvent technological measures implemented to protect the Properties or Services, either by PentestHero or any other third-party. 

Any violation of these obligations constitutes a material breach. PentestHero will investigate and prosecute violations to the full extent of Applicable Law. 

Access Rights 

PentestHero is under no obligation to monitor user access to Services or Properties. However, we do so for the purpose of operating, maintaining, and improving the Services and Properties. This monitoring ensures that users continue to abide by the Terms of Service. 

PentestHero reserves the right to void access rights to services and properties at any time, without prior notice. Rights to refunds for Services purchased are completely void if the user is found to have violated the terms of service. 

Confidentiality 

PentestHero collects personal information, as defined in our Privacy Policy. Results of any vulnerability reports constitute Confidential Information. PentestHero agrees to maintain in the confidence of any Confidential Information and will maintain, use, and process such information with compliance to any applicable data protection and privacy laws. PentestHero takes all reasonable measures to protect Personal Information and Confidential Information, including to prevent the disclosure, publication, or dissemination of the user’s confidential information. 

PentestHero and the User shall establish and maintain appropriate administrative, physical, and technical safeguards to prevent destruction, loss, dissemination, or alternation of Confidential information, within reasonable established practices and standards. 

Ownership

PentestHero, its properties, and services are protected by copyright law in the Netherlands and the EU. This is further defended by international copyright treaties. 

By using PentestHero, its services, or properties, you acknowledge and agree that PentestHero or its third-party suppliers and licensors own all rights, title, and interest to these properties. This includes but does not limit to any technique, methods, processes, software, utilities, data, documents, directories, designs, user interfaces, graphics, video content, or data and information available through the properties or services. This includes but does not limit to any techniques, ideas, methods, processes, and tooling utilized by Pentesters through the site. 

So long as you remain compliant with the Terms of Service, PentestHero grants you a limited, non-exclusive, non-transferable, non-sublicensable license to access, utilize, and view PentestHero content for internal use or use in connection with PentestHero services and properties. No licenses or rights are granted to you by implication or otherwise, under any intellectual property rights owned or controlled by PentestHero or its licensors, except for the licenses and rights expressly granted in these terms. This clause is not modifiable by any further Order or specific Terms. 

We may, at our sole discretion, permit users to post, upload, publish, submit, or transmit content. This content will be considered confidential and will be treated as Personal Information under the terms of this contract. PentestHero does not claim any ownership rights to user content. 

Proprietary Rights Notice

All proprietary designations of PentestHero including logos, trade names, trademarks, service marks, etc. Are properties of PentestHero and are trademarks or registered trademarks of PentestHero. Our Services and Properties also include proprietary designations and trademarks belonging to respective third parties. 

Privacy 

PentestHero retains the right to collect, create, and share Personal and Non-Personal data relating to users, at its discretion. We reserve the right to share user data with third-party partners and service providers. Review the Privacy Policy at PentestHero.io/privacy for more information. 

Third Parties 

PentestHero utilizes third-party services and content, including but not limited to services such as Google Analytics, Auditflow.io, and tooling related to security scanning. We maintain these tools at our discretion and are not obligated to disclose third-parties to users. We are obligated to disclose when third parties have access to user data and Personal Information. 

In addition, in the instance where the Services or Properties link to a third-party website or resource, PentestHero is not responsible for the quality, availability, safety, accuracy, or lawfulness of said link. Links to any website do not imply endorsement or approval of any content, service, website, or platform. By following a link, you acknowledge sole responsibility for any risk arising from utilizing any website or resource. 

Termination of User Account or Services 

PentestHero retains the right to terminate these Terms, our Properties, and our Services, without liability to you, without cause, and without prior notice. Upon termination of services or user account, we will promptly (within 30 days of termination) repay any amounts reasonably owed, at our discretion. Any violation of these Terms by the user will result in forfeiture of any amounts paid for services or platform access. 

In the event that PentestHero terminates services, properties, or your user account, you remain liable for services previously performed. Any fees owed for services already performed remain due and must be paid within the timeframe stipulated in the Order. 

PentestHero will not cancel a user account, service, or Order with an active Order in effect, without due cause. Due cause may include but is not limited to a breach of Terms of Service, a breach of the Order (such as failure to pay), failure to cure such a breach following 30 days following your receipt of notice, or in the unlikely event of natural or manmade disaster or breach preventing PentestHero from reasonably fulfilling the Order. 

PentestHero may suspend a user account at any time. We will offer an explanation for suspension on request. Email us at info@pentesthero.io 

You may cancel your PentestHero account at any time, via your account. You may also email us at info@pentesthero.io to request an account cancellation. You will remain liable for any current fees due for services already rendered or agreed to in a signed Order. Should you cancel your account with an open Order, you are still liable for payment. However, we are not liable to return or submit any content or services for that Order. 

You may not assign, transfer, delegate, or subcontract access to Services or Properties through these terms, or any of your rights or obligations, in whole or in part, by sale of assets, merger, operation of law, otherwise, without PentestHero’s explicit written consent. Any attempt to do so without prior consent will be null and will have no effect. Any attempt to transfer rights or Services may result in account and service termination, without prior notice. 

Service Level Agreement 

PentestHero represents and warrants that it shall provide Services through the Properties and meet Order obligations in a timely and professional manner, as agreed upon in the Order. We agree that we will assume all necessary precautions to ensure the professionalism and safety of our Pentesters. We take sole responsibility for the actions and liabilities of our Pentesters. If the user notifies PentestHero of a breach within twenty (20) days of the breach, PentestHero shall take action to make reparations for the breach, including at the user’s request, perform additional testing at no additional cost. 

Disclaimers

PentestHero, its properties, and its services are provided “as-is”, without any representations or warranties of any kind. PentestHero makes no claims that the properties, services, security services, vulnerability reports, or other services will meet your needs, will be available on an uninterrupted, secure, or error-free basis, or will provide satisfaction. PentestHero makes no warranty regarding the quality of any programs, applications, or tooling provided through our services. However, we will attempt to ensure user satisfaction and report quality using every reasonable measure available to us. 

No advice, statement, or Order, oral or written, will create any warranty not expressly made in these Terms. 

Limitation of Liability 

By using PentestHero services or properties, you acknowledge and agree that, to the maximum extent permitted by Applicable Law, neither PentestHero nor its licensors, suppliers, or contractors are liable for any direct, indirect, incidental, special, exemplary, or consequential damages, including lost profits, loss of data, loss of goodwill, service interruption, technical damage or failure, personal or bodily injury, or emotional distress arising out of or in connection with the Terms, the use or inability to use the Services or Properties, or from any communications with PentestHero or its representatives. This applies whether based on warranty, Order, contract, tort, product liability, or other legal theory, whether or not PentestHero has been duly informed of the possibility of such result. 

No event will result in PentestHero’s total aggregate liability arising out of or relating to your usage of the properties or services. 

You as the user acknowledge, understand, and agree that the nature of penetration testing may result in harm or disruption to your organizations properties and services. You acknowledge and agree that neither PentestHero nor its Pentesters shall assume or have any liability of any kind, unless the pentester is shown to have committed gross negligence or committed willful misconduct. 

Indemnification 

You agree to release, indemnify, and hold PentestHero and its employees harmless from and against claims, liabilities, damages, losses, and expenses arising out of or in any way connected with your access to or use of PentestHero Properties or Services. You hereby agree to defend PentestHero, at your expense, against any and all claims, actions, suits, or proceedings arising out of or relating to your actions relating to access or use of the Properties of Services, your breach of the Terms, or your violation of Applicable law. 

Reporting Misconduct 

You agree to report misconduct, including anyone who engaged in offensive or inappropriate behavior, persons you suspect of breaching terms of service, persons engaging in any disturbing or inappropriate conduct, persons breaching Applicable law, including but not limited to suspected theft, fraud, violence, or illicit activities. Should you feel yourself or others to be in danger, you will immediately report the behavior to appropriate authorities, after which you will report the incident to PentestHero, emailing the report number to info@pentesthero.io  

Dispute Resolution 

You and PentestHero agree that where possible, any dispute, claim, or controversy arising out of or relating to the Terms or their breach, termination, enforcement, interpretation, or validity will be settled by binding arbitration, with the exception that each party retains the right to seek injunctive or equitable relief in the case of actual or threatened infringement, of a party’s intellectual property rights. 

Controlling Jurisdiction 

These Terms will be interpreted in accordance with the Laws of the Netherlands. You and we agree to submit to the personal jurisdiction of a court located in Noord Holland, The Netherlands for any actions which the parties retain the  right to seek an injunction or equitable relief.  

Definitions

Various terms are used throughout this document. Some definitions are provided here with the intent of clarifying and solidifying their meaning. 

Account Creator – A person who creates a PentestHero account. 

Applicable Laws – Any statute, law, ordinance, regulation, code, order, judgment, directive, common law, judgement, decree, requirement, or rule of any state or government or political subdivision thereof, including but not limited to arbitrators, courts, and tribunals, which PentestHero may be subject to or under the jurisdiction of. 

Application – An application, either the Platform or third-party tooling used by PentestHero to perform services. PentestHero is not obligated to disclose this tooling to users. 

Order – A transactional document (Order, statement of work, contract), providing a description of services, detailing quantities, pricing, and additional terms. 

PentestHero – An online Software as a Service (SaaS) platform offering digital services in combination with penetration testing for users requesting security tests. 

PentestHero Content – Content created through or made available through PentestHero or its properties, including without limiting to data, documents, screenshots, templates, and report forms. Content includes but is not limited to text, graphics, images, music, software, audio, video, information, and other material. PentestHero does not claim ownership of user-created data such as user profile photos, user comments, etc. 

Personal Information – Personal Information, also known as Personal Data, relates to identified or identifiable information relating to your person or a legal entity, under Applicable Law. 

Platform – The Software as a Service platform offering user login and portals as well as portals for PentestHero and its employees. 

Service Fees – Fees set forth for use and access to services and properties 

Site – Pentesthero.io, where services are made available 

Terms – These General Terms of Service, the Privacy Policy, and Order which govern your use and access to PentestHero services and properties 

User – A person who accesses, registers, or uses the services or properties provided by PentestHero. The user may be an account creator, invited by the account creator, collaborator (such as someone in the employ of the account creator or their organization), or perform another function. 

Pentester– A person under the employ of PentestHero, who is performing services for the user, under specific contexts agreed to by the user. 

Should you have any questions, feedback, or comments regarding these terms, please feel free to contact us at service@pentesthero.io for more information. 

PentestHero’s failure to enforce these terms does not constitute a waiver of future enforcement of that right or provision. A waiver of these Terms will be effective only if written and signed by both parties by a duly authorized representative of PentestHero.