Definitions
In these Terms of Service, the following definitions apply:
- 'HX Security', 'we', 'us', or 'our' refers to HX Security, Ahmedabad, India.
- 'Client', 'you', or 'your' refers to the individual or entity engaging our services.
- 'Services' refers to any cybersecurity services provided by HX Security including VAPT, compliance advisory, and related work.
- 'Engagement' refers to a specific, agreed project or service delivery.
- 'Report' refers to any deliverable produced by HX Security as part of an Engagement.
- 'Scope' refers to the agreed boundaries and targets of a security assessment.
Acceptance of Terms
By requesting our services, signing an engagement agreement, or using our website, you confirm that you have read, understood, and agree to be bound by these Terms of Service and our Privacy Policy.
If you do not agree to these Terms, you must not use our services or engage HX Security in any capacity.
Services
3.1 Service Description
HX Security provides offensive and defensive cybersecurity services including, but not limited to, Vulnerability Assessment and Penetration Testing (VAPT), Red Team Operations, Security Compliance Advisory, and related consulting services.
3.2 Engagement Agreement
All Engagements are governed by a written Statement of Work (SOW) or Engagement Agreement that specifies the Scope, deliverables, timelines, and fees. These Terms of Service apply to all such Engagements in addition to any specific terms in the SOW.
3.3 Authorisation
You warrant that you have full legal authority to authorise HX Security to perform the agreed security testing on the specified systems, networks, and applications. You represent that you are the owner of, or have explicit written authorisation from the owner of, all systems within the defined Scope.
Client Obligations
As a Client, you agree to:
- Provide accurate information about your environment and systems.
- Obtain all necessary authorisations before the commencement of any Engagement.
- Designate a named point of contact for the duration of the Engagement.
- Notify relevant personnel (IT teams, management) of testing activities as necessary.
- Not share Reports with unauthorised third parties without our prior written consent.
- Implement recommended remediation steps promptly to reduce security risk.
- Pay all fees in accordance with the agreed payment schedule.
Scope and Limitations
5.1 Agreed Scope
HX Security will only test systems, applications, and networks explicitly included in the agreed Scope. Any activity outside the defined Scope requires a written amendment to the Engagement Agreement.
5.2 Out-of-Scope Activities
HX Security will not conduct any testing that could cause irreversible damage, extended service disruption, or data loss, unless explicitly authorised in writing. We follow responsible testing practices at all times.
5.3 Third-Party Systems
Testing of third-party systems, cloud infrastructure, or shared hosting environments requires separate written authorisation from the relevant third-party provider. The Client is responsible for obtaining such authorisation.
All scope boundaries are clearly defined in the Statement of Work prior to engagement commencement. Any scope changes must be agreed in writing by both parties.
Confidentiality
Both parties agree to maintain strict confidentiality regarding all information shared during an Engagement. HX Security will:
- Treat all Client data, systems, and findings as strictly confidential.
- Not disclose findings or Reports to any third party without prior written consent.
- Securely delete any Client data obtained during testing upon completion of the Engagement.
- Require all team members to be bound by appropriate confidentiality obligations.
Duration: This confidentiality obligation survives termination of the Engagement for a period of five (5) years.
Intellectual Property
7.1 Client Ownership
All Reports, findings, and deliverables produced during an Engagement become the property of the Client upon full payment of all fees.
7.2 HX Security Methodology
HX Security retains all rights to its proprietary methodologies, tools, techniques, and processes used to deliver services. Nothing in these Terms grants the Client any rights to our proprietary intellectual property.
7.3 Anonymised Case Studies
HX Security reserves the right to use anonymised, non-identifying information from Engagements for marketing, training, and research purposes, provided that no Client-identifying information is disclosed.
Fees and Payment
Fees for each Engagement are agreed in writing prior to commencement. Unless otherwise agreed:
- 50% of the total fee is payable prior to commencement of work.
- Remaining 50% is payable upon delivery of the final Report.
- Invoices are payable within 14 days of issue.
- Late payments may attract interest at the rate of 1.5% per month.
- All fees are quoted in INR or USD as agreed and are exclusive of applicable taxes (including GST).
Disclaimer of Warranties
HX Security provides its services on an 'as is' and 'as available' basis. While we use industry-standard methodologies and exercise professional care, we do not warrant that:
- All vulnerabilities in your systems will be identified.
- Our recommendations will prevent all future security incidents.
- Our services will be free from error or interruption.
No security assessment can guarantee complete security. The purpose of our services is to identify and reduce risk, not to eliminate it entirely.
Limitation of Liability
To the maximum extent permitted by applicable law, HX Security's total liability to the Client for any claims arising from or related to an Engagement shall not exceed the total fees paid by the Client for that specific Engagement.
We shall not be liable for any indirect, incidental, special, or consequential damages, including but not limited to loss of profits, data loss, or business interruption.
Indemnification
The Client agrees to indemnify and hold harmless HX Security, its directors, employees, and contractors from and against any claims, damages, losses, or expenses arising from:
- The Client's breach of these Terms of Service.
- The Client's failure to obtain required authorisations prior to testing.
- Any claim by a third party arising from the Client's actions or omissions.
Termination
Either party may terminate an Engagement by providing 14 days' written notice. Upon termination, the Client shall pay for all work completed up to the termination date. HX Security will deliver all work completed at that point.
Either party may terminate immediately in the event of a material breach that is not remedied within 7 days of written notice.
Governing Law & Dispute Resolution
These Terms of Service are governed by the laws of India. Any disputes arising from these Terms or an Engagement will first be subject to good-faith negotiation.
If unresolved, disputes shall be submitted to binding arbitration in Ahmedabad, Gujarat, India, in accordance with the Arbitration and Conciliation Act 1996.
Changes to These Terms
We reserve the right to update these Terms of Service at any time. Material changes will be communicated to active Clients via email. Continued use of our services after notification of changes constitutes acceptance of the updated Terms.
Contact
For any questions relating to these Terms of Service, please reach out to us:
- Email: contact@hxsecurity.in
- Website: hxsecurity.in
- Address: Ahmedabad, Gujarat, India
These Terms of Service constitute the entire agreement between HX Security and the Client with respect to the subject matter hereof and supersede all prior agreements, representations, and understandings.
Questions About Our Terms?
Our team is happy to clarify anything in these terms before you engage with us. Reach out and we'll respond within 24 hours.
Contact Us