1. Use of the Platform
1.1 Eligibility
You must be at least eighteen (18) years old and authorized to bind your organization to these Terms.
1.2 Account Registration
You are responsible for safeguarding your account credentials and for all activity conducted under your account. You agree to provide accurate and current information and to promptly update such information as needed.
1.3 Authorized Use & Lawful Testing
You represent and warrant that:
- You own or have explicit authorization to test all systems, applications, IP addresses, domains, and environments submitted to the Platform ("Testing Targets")
- All testing conducted through the Platform is lawful, properly approved, and compliant with applicable laws, regulations, contracts, and internal policies
- You will not submit targets belonging to third parties without documented authorization
RedVeil does not independently verify authorization for submitted targets.
1.4 Acceptable Use Restrictions
You may not use the Platform to:
- Perform testing against systems for which you lack authorization
- Engage in illegal, malicious, or abusive activity
- Attempt to disrupt or compromise the Platform itself
- Reverse engineer, decompile, or extract proprietary models, prompts, or logic
- Misrepresent testing results or reports
RedVeil reserves the right to suspend or terminate access immediately if misuse or unauthorized activity is suspected.
2. License and Restrictions
2.1 License Grant
Subject to these Terms, RedVeil grants you a limited, non-exclusive, non-transferable, non-sublicensable license to access and use the Platform solely for your internal security testing and assessment purposes.
2.2 Restrictions
You may not resell, lease, sublicense, or otherwise make the Platform available to third parties except as expressly permitted in writing.
3. Data, AI, and Privacy
3.1 Customer Data Ownership, Use, and Retention
You retain all right, title, and interest in and to all data, configurations, testing targets, credentials, artifacts, logs, and other information submitted to or generated through the Platform ("Customer Data").
RedVeil may access, process, and temporarily store Customer Data solely for the purpose of:
- Providing the Platform and its security testing functionality
- Generating reports and delivering results to you
- Maintaining platform security, reliability, and integrity
- Complying with applicable legal, regulatory, audit, or contractual obligations
RedVeil does not retain Customer Data for internal business use beyond these purposes. Customer Data is not used for marketing, analytics unrelated to service delivery, or any internal research activities.
3.2 Agentic AI Systems and Model Training
The Platform performs penetration testing using agentic artificial intelligence systems that autonomously plan, execute, and adapt security testing workflows. Human involvement is limited to initial configuration, scoping, or customer-directed setup and does not include active participation in testing execution.
RedVeil does not use Customer Data to train, fine-tune, or improve any artificial intelligence or machine learning models, whether owned or operated by RedVeil.
Improvements to RedVeil's agentic AI systems are developed through internal research and engineering efforts, including the use of synthetic data and controlled testing environments, and do not rely on Customer Data.
In the course of operating the Platform, RedVeil may utilize third-party services to support infrastructure, processing, or inference. RedVeil's use of such services is limited to enabling Platform functionality, and RedVeil does not intentionally submit Customer Data for use in model training, dataset creation, or persistent memory.
3.3 Confidentiality and Privacy
RedVeil treats all Customer Data as confidential information and applies administrative, technical, and organizational safeguards designed to protect Customer Data against unauthorized access, disclosure, or misuse.
Use of the Platform is subject to RedVeil's Privacy Policy, which further describes data handling and protection practices.
Except where required for audit, legal, or security obligations, Customer Data is retained only for the duration of your active subscription or as configured within the Platform, after which it is deleted or de-identified in accordance with RedVeil's data retention practices.
5. Term and Termination
5.1 Term
These Terms remain in effect until expiration or termination of your subscription.
5.2 Termination for Cause
Either party may terminate for material breach not cured within thirty (30) days. RedVeil may suspend or terminate immediately for suspected misuse, unauthorized testing, or legal risk.
5.3 Effect of Termination
Upon termination, access to the Platform will cease. Certain data may be retained for legal, audit, or security purposes.
5.4 Survival
Sections relating to intellectual property, confidentiality, disclaimers, indemnification, and limitation of liability survive termination.
6. Intellectual Property
6.1 Ownership
RedVeil retains all rights, title, and interest in the Platform, including all software, AI models, methodologies, and reports formats.
6.2 Feedback
Feedback may be used by RedVeil without obligation or compensation.
7. Disclaimers and Limitation of Liability
7.1 Disclaimers
THE PLATFORM IS PROVIDED "AS IS" AND "AS AVAILABLE." REDVEIL DISCLAIMS ALL WARRANTIES, INCLUDING IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT.
7.2 Limitation of Liability
TO THE MAXIMUM EXTENT PERMITTED BY LAW, REDVEIL'S TOTAL LIABILITY SHALL NOT EXCEED THE FEES PAID BY YOU IN THE TWELVE (12) MONTHS PRECEDING THE CLAIM. REDVEIL SHALL NOT BE LIABLE FOR INDIRECT, INCIDENTAL, CONSEQUENTIAL, OR SPECIAL DAMAGES.
8. Indemnification
You agree to indemnify, defend, and hold harmless RedVeil and its affiliates from any claims, damages, liabilities, and expenses arising from:
- Your unauthorized or unlawful testing activities
- Submitted Testing Targets
- Violation of these Terms
- Use or reliance on testing results