Terms of Service
Contents
01Acceptance
These Terms of Service ("Terms") form a binding agreement between ctOS:BLADE ("we", "us") and the entity or individual accessing the Services ("you", "Customer"). By accessing the website, requesting access, or using the platform, you agree to these Terms.
If you are entering into these Terms on behalf of an organisation, you represent that you have authority to bind that organisation.
02Definitions
| Services | The ctOS:BLADE platform, marketing website, and related support, documentation, and integrations. |
| Customer Data | Data you or your authorised users submit to or generate through the platform, including security findings, asset information, and user accounts within your tenant. |
| Order | A subscription order, quote, or purchase order referencing these Terms. |
| Tier | The pricing plan selected in your Order (Tactical, Operational, or Sovereign). |
| Subscription Term | The period during which you are entitled to access the Services, as specified in your Order. |
03The Services
The Services enable Customers to ingest, deduplicate, prioritise, track, and report on security vulnerabilities and findings across their environment, with features varying by Tier.
We will provide the Services with reasonable skill and care and in substantial conformity with published documentation. We may modify the Services from time to time; we will not make changes that materially degrade the Services during a paid Subscription Term.
04Accounts and access
You are responsible for:
- Maintaining the confidentiality of credentials issued to you or your authorised users
- All activity under your account, whether or not authorised by you
- Promptly notifying us at security@ctosblade.com of any suspected compromise
We may suspend access if we reasonably believe an account has been compromised, is being used unlawfully, or is materially in breach of these Terms.
05Acceptable use
You agree not to, and not to allow any user to:
- Use the Services to attack or test systems you are not authorised to test
- Upload malware, illegal content, or content that infringes third-party rights
- Reverse-engineer, decompile, or scrape the platform except as permitted by law
- Circumvent usage limits, authentication, or Tier restrictions
- Use the Services to build a competing product
- Resell or sublicense access without our written consent
We reserve the right to suspend or terminate access for material breach of this section.
06Customer data and ownership
Your data stays yours. Customer Data remains your property. You grant us a limited, non-exclusive licence to process Customer Data solely to deliver, secure, and support the Services under these Terms and the DPA.
Our platform stays ours. We retain all rights in the Services, including the software, documentation, design, and underlying intellectual property. No rights are granted except those expressly stated here.
Feedback. If you provide feedback or suggestions, you grant us a perpetual, royalty-free licence to incorporate them without obligation to you.
Aggregated data. We may generate and use aggregated, anonymised statistics derived from the Services (e.g. "average triage time across BLADE customers"), provided such data cannot reasonably identify you or your users.
07Fees and payment
Fees are specified in your Order and are exclusive of taxes, duties, and withholdings, which are your responsibility except where we are legally required to collect them.
Invoices are due within 30 days of issue unless otherwise agreed in writing. Overdue amounts may accrue interest at the lower of 1.5% per month or the maximum permitted by law.
We may suspend the Services on at least 10 days' written notice if invoices remain unpaid after the due date.
Except as expressly stated, fees are non-refundable. Where we terminate for convenience, we will refund any prepaid fees for the unused portion of the Subscription Term.
08Warranties and disclaimers
Our warranty. We warrant that the Services will be delivered with reasonable skill and care and will perform in material conformance with the applicable documentation during the Subscription Term.
Your warranties. You warrant that (i) you have the right to submit Customer Data to the Services, (ii) your use of the Services complies with applicable laws, and (iii) you have obtained all necessary consents from your personnel and third parties whose data may appear in Customer Data.
Disclaimer. Except as expressly stated, the Services are provided "as is" and "as available". We disclaim all other warranties, express or implied, including merchantability, fitness for a particular purpose, and non-infringement, to the maximum extent permitted by law. We do not warrant that the Services will be uninterrupted, error-free, or that they will detect all vulnerabilities in your environment.
09Limitation of liability
To the maximum extent permitted by law:
- Neither party will be liable for indirect, incidental, special, consequential, or punitive damages, or for loss of profits, revenue, data, or goodwill, even if advised of the possibility.
- Each party's total aggregate liability arising out of or relating to these Terms will not exceed the fees paid or payable by Customer in the twelve (12) months preceding the event giving rise to the claim.
These limitations do not apply to: (a) fraud or wilful misconduct, (b) breach of confidentiality, (c) indemnification obligations, (d) Customer's payment obligations, or (e) liability that cannot be limited under applicable law.
10Indemnification
By us. We will defend you against third-party claims alleging that the Services, as provided by us and used in accordance with these Terms, infringe intellectual property rights, and will pay damages finally awarded against you in such claim.
By you. You will defend us against third-party claims arising out of (i) Customer Data, (ii) your use of the Services in breach of these Terms, or (iii) your breach of the acceptable use section.
Indemnification is conditioned on the indemnified party (a) promptly notifying the indemnifying party, (b) giving the indemnifying party sole control of the defence, and (c) providing reasonable cooperation.
11Term and termination
These Terms apply from your first use of the Services and continue until terminated. A Subscription Term continues for the period specified in your Order and renews in accordance with that Order.
Either party may terminate for material breach not cured within 30 days of written notice. Either party may terminate immediately for the other's insolvency or assignment for the benefit of creditors.
Upon termination: (i) your access to the Services will end, (ii) we will make Customer Data available for export for 30 days, after which we will delete or return it per the DPA, and (iii) accrued payment obligations survive.
12Confidentiality
Each party may disclose Confidential Information under these Terms. The receiving party will protect Confidential Information with at least the same degree of care as it protects its own, and not less than reasonable care, and will use it only to perform its obligations or exercise its rights under these Terms.
Confidential Information does not include information that is or becomes publicly available through no fault of the receiving party, was independently developed, or is required to be disclosed by law (with prompt notice to the disclosing party where permitted).
13Changes to these terms
We may update these Terms from time to time. For material changes affecting paying Customers, we will provide at least 30 days' notice by email or in-product notification. Continued use after the effective date constitutes acceptance. If you do not agree to the changes, you may terminate as of the effective date and receive a pro-rated refund of prepaid fees for the unused Subscription Term.
14Governing law and disputes
These Terms are governed by the laws specified in your Order or, absent that, by the laws of the jurisdiction in which ctOS:BLADE is organised, excluding conflict-of-laws rules. Disputes will first be attempted to be resolved informally; unresolved disputes may be submitted to the courts or arbitral forum specified in your Order.
Nothing in this section prevents either party from seeking injunctive relief to protect its intellectual property or confidential information.
15Contact
Questions about these Terms: support@ctosblade.com
Security matters: security@ctosblade.com