Terms and Conditions

DefendTech

23 Makariou Street, 3030 Limassol, Cyprus

Phone: +357 25 694 182

Email: info@domain.com

Legal Agreement and Binding Nature

These Terms and Conditions constitute a legally binding agreement between you and DefendTech regarding the use of our cybersecurity engineering services and website. By engaging with our services, you acknowledge understanding and acceptance of these terms.

This agreement governs all interactions with DefendTech, including consultations, security assessments, implementation services, and ongoing cybersecurity support. The terms apply to all users, clients, and visitors of our services.

Last revised: September 20, 2025

User Obligations and Legal Responsibilities

1. Legal Responsibilities and Conduct Requirements

You agree to fulfill the following legal responsibilities:

  • Comply with all applicable local, national, and international laws regarding cybersecurity
  • Obtain necessary permissions before implementing security measures in your organization
  • Ensure authorized representation when entering agreements on behalf of an organization
  • Maintain accuracy and completeness of information provided during service delivery
  • Report known security vulnerabilities and incidents according to legal requirements
  • Respect intellectual property rights of all security tools and methodologies
  • Cooperate with law enforcement investigations when legally required

2. Prohibited Activities and Behaviors

The following activities are strictly prohibited:

  • Using cybersecurity services for illegal surveillance or unauthorized system access
  • Attempting to compromise the security of DefendTech systems or infrastructure
  • Sharing proprietary security information without proper authorization
  • Misrepresenting security capabilities or service outcomes to third parties
  • Using security tools for malicious purposes or to harm others
  • Violating privacy rights or data protection regulations
  • Engaging in activities that could compromise national security or critical infrastructure

3. Content Guidelines and Restrictions

  • Maintain confidentiality of security assessment findings and recommendations
  • Use security reports solely for organizational protection purposes
  • Obtain written consent before sharing security methodologies externally
  • Protect sensitive information disclosed during cybersecurity engagements
  • Ensure appropriate handling of classified or sensitive security data
  • Respect restrictions on distribution of threat intelligence information
  • Follow guidelines for public disclosure of security vulnerabilities

4. Age Restrictions and Requirements

  • Services available only to individuals 18 years of age or older
  • Business representatives must have legal authority to enter agreements
  • Parent or guardian consent required for educational cybersecurity programs
  • Age verification may be required for access to advanced security tools
  • Professional certification or experience may be required for certain services
  • Compliance with employment law regarding cybersecurity training access

User Responsibilities and Compliance

5. Compliance with Laws and Regulations

You are responsible for ensuring compliance with:

  • General Data Protection Regulation (GDPR) and applicable privacy laws
  • Industry-specific cybersecurity regulations and standards
  • Export control laws regarding cybersecurity technologies
  • National security and critical infrastructure protection requirements
  • Professional licensing and certification obligations
  • Corporate governance and risk management standards
  • Incident reporting requirements to relevant authorities

6. Indemnification Obligations

You agree to indemnify and hold DefendTech harmless from:

  • Claims arising from your misuse of cybersecurity services or recommendations
  • Damages resulting from non-compliance with security implementation guidelines
  • Legal actions due to unauthorized disclosure of confidential information
  • Liability from improper use of security tools or methodologies
  • Consequences of failing to implement recommended security controls
  • Third-party claims related to your cybersecurity practices
  • Regulatory violations arising from non-compliance with service recommendations

7. Privacy and Data Protection Responsibilities

  • Ensure lawful basis for processing personal data in security systems
  • Implement appropriate technical and organizational measures for data protection
  • Notify affected individuals of data processing activities when required
  • Maintain records of processing activities for regulatory compliance
  • Conduct data protection impact assessments for high-risk processing
  • Appoint data protection officers where legally required
  • Report personal data breaches according to regulatory timelines

8. Third-Party Interactions and Relationships

  • Obtain necessary approvals for third-party security integrations
  • Ensure vendor compliance with cybersecurity standards and requirements
  • Manage security risks associated with external service providers
  • Maintain appropriate contracts with cybersecurity vendors and partners
  • Monitor third-party access to systems and sensitive information
  • Ensure business continuity planning includes third-party dependencies
  • Conduct due diligence on cybersecurity service providers

Liability and Warranties

9. Disclaimer of Warranties

DefendTech provides cybersecurity services with the following disclaimers:

  • Services are provided "as is" without warranties of absolute security protection
  • No guarantee of complete prevention of all cybersecurity threats or incidents
  • Cybersecurity is an ongoing process requiring continuous adaptation
  • Effectiveness of security measures depends on proper implementation and maintenance
  • Threat landscape evolves continuously, requiring regular security updates
  • Human factors and user behavior significantly impact security effectiveness
  • Third-party integrations may introduce variables outside our direct control

10. Limitation of Liability

DefendTech's liability is limited as follows:

  • Total liability limited to the value of services provided in the preceding 12 months
  • No liability for indirect, consequential, or punitive damages
  • Exclusion of liability for business interruption or loss of profits
  • No responsibility for damages arising from client's failure to follow recommendations
  • Limited liability for third-party actions or system vulnerabilities
  • Exclusion of liability for force majeure events beyond reasonable control
  • No liability for damages resulting from client's cybersecurity policy decisions

11. Consequential Damages Exclusion

DefendTech shall not be liable for:

  • Loss of business opportunities or competitive advantage
  • Damage to reputation or business relationships
  • Loss of data or information due to security incidents
  • Regulatory fines or penalties related to cybersecurity compliance
  • Cost of alternative security measures or incident response
  • Loss of intellectual property or trade secrets
  • Third-party claims arising from cybersecurity incidents

12. Force Majeure Provisions

Service delivery may be affected by force majeure events including:

  • Natural disasters, pandemics, or other unforeseeable circumstances
  • Government actions, regulations, or legal restrictions
  • Large-scale cyberattacks affecting critical infrastructure
  • Disruptions to internet connectivity or telecommunications
  • Supplier failures or third-party service interruptions
  • Acts of war, terrorism, or civil unrest
  • Changes in cybersecurity threat levels requiring emergency response

Legal Information and Dispute Resolution

13. Governing Law and Jurisdiction

  • Agreement governed by the laws of the Republic of Cyprus
  • European Union regulations applicable to cross-border services
  • Cyprus courts have exclusive jurisdiction for legal disputes
  • GDPR and EU cybersecurity directives apply to data processing
  • International arbitration available for complex disputes
  • English language version of agreement prevails in interpretation
  • Local laws may apply for services delivered in specific jurisdictions

14. Dispute Resolution Procedures

Disputes shall be resolved through the following process:

  • Initial good faith negotiations between authorized representatives
  • Mediation through qualified cybersecurity industry mediators
  • Binding arbitration under Cyprus Arbitration and Mediation Centre rules
  • Final resort to Cyprus court system for unresolved matters
  • Emergency procedures available for urgent cybersecurity disputes
  • Confidentiality maintained throughout dispute resolution process
  • Cost allocation based on arbitration panel or court determination

15. Severability Clause

  • Invalid provisions shall be severed without affecting remainder of agreement
  • Replacement provisions shall reflect original intent where possible
  • Agreement remains enforceable despite partial invalidity
  • Court interpretation shall guide enforcement of ambiguous provisions
  • Regulatory changes may require modification of specific clauses
  • Client notification provided for material changes to terms
  • Continued service use constitutes acceptance of modified terms

16. Terms Modification Policy

These terms may be modified in the following circumstances:

  • Changes in applicable cybersecurity laws or regulations
  • Evolution of industry standards and best practices
  • Significant changes in threat landscape or security technologies
  • Business model adjustments or service offering updates
  • Legal requirements or court decisions affecting terms
  • Client feedback and operational experience improvements
  • Force majeure events requiring permanent procedural changes

Thirty days advance notice will be provided for material changes, with opportunity for comment on proposed modifications.