Terms of Service

Last Updated: March 25, 2026

1. Acceptance of Terms

By accessing or using CyberShield ("the Service"), operated by techPause ("we," "us," or "our"), you agree to be bound by these Terms of Service ("Terms"). If you are accepting these Terms on behalf of a company or other legal entity, you represent that you have the authority to bind that entity to these Terms. If you do not agree to these Terms, you must not access or use the Service.

These Terms constitute a legally binding agreement between you and techPause. Your continued use of the Service following the posting of changes to these Terms will mean you accept those changes.

2. Definitions

• "Service" refers to the CyberShield platform, including all web applications, APIs, scanning tools, reports, and related services provided by techPause.
• "User" or "You" refers to any individual or entity that accesses or uses the Service.
• "Engagement" refers to a defined scope of penetration testing or security assessment work performed through the Service.
• "Target" refers to any domain, IP address, application, or system submitted for scanning or testing.
• "Findings" refers to security vulnerabilities, misconfigurations, or issues identified during scanning or testing.
• "Scan Data" refers to all data collected, processed, or generated during security scanning and testing activities.

3. Description of Service

CyberShield provides the following security services:

• Security Posture Scanning — Automated analysis of publicly available information about your domains, including DNS records, TLS configuration, email authentication (SPF, DKIM, DMARC), HTTP security headers, and exposed network services.
• Penetration Testing as a Service (PTaaS) — Agent-driven penetration testing through a four-phase pipeline (Reconnaissance, Enumeration, Active Testing, and Analysis) with real-time findings delivered through a collaborative war room interface.
• Continuous Monitoring — Ongoing security posture tracking with alerts for configuration changes, certificate expirations, and newly discovered issues.
• Reporting & Compliance — Detailed security reports in multiple formats (DOCX, PDF, SARIF, CSV) with OWASP mapping, risk scoring, and remediation guidance.

The Service is designed for legitimate security testing purposes only. All scanning activities are governed by our agent safety framework, which enforces scope boundaries, rate limits, and authorization controls.

4. Account Registration & Security

To access certain features of the Service, you must create an account. When creating an account, you agree to:

• Provide accurate, current, and complete registration information.
• Maintain the security of your account credentials, including enabling two-factor authentication (2FA) when available.
• Promptly notify us of any unauthorized use of your account at cybershield@techpause.org.
• Accept responsibility for all activity that occurs under your account.

We reserve the right to suspend or terminate accounts that appear to violate these Terms or that show signs of unauthorized access.

5. Acceptable Use Policy

You agree to use the Service only for lawful purposes. Specifically, you must:

• Only scan or test domains, systems, and applications that you own or for which you have explicit written authorization to test.
• Not use the Service to attack, exploit, or cause damage to any system, including targets identified during scanning.
• Not attempt to circumvent rate limits, safety controls, scope restrictions, or other protective measures built into the Service.
• Not reverse-engineer, decompile, or disassemble any part of the Service.
• Not use the Service to conduct scanning or testing that violates any applicable law, regulation, or third-party rights.
• Not resell, redistribute, or sublicense access to the Service without our prior written consent.
• Not transmit malware, viruses, or other harmful code through the Service.

Violation of this Acceptable Use Policy may result in immediate suspension or termination of your account without notice or refund.

6. Scanning & Testing Authorization

By submitting a target for scanning or testing, you represent and warrant that:

• You are the legal owner of the target or have obtained explicit, documented authorization from the owner to conduct security testing.
• The testing scope defined in your engagement accurately reflects the authorization you have been granted.
• You will maintain records of all testing authorizations and make them available to us upon request.

For posture scanning, CyberShield performs only non-intrusive, passive, and semi-passive reconnaissance that does not modify target systems or disrupt services. For penetration testing engagements, active testing techniques are used strictly within the authorized scope and are governed by our agent safety framework.

You acknowledge that you are solely responsible for ensuring that your use of the Service complies with all applicable laws and regulations, including the Computer Fraud and Abuse Act (CFAA) and equivalent laws in your jurisdiction.

7. Payment Terms & Billing

7.1 Pricing

The Service is offered under subscription plans with pricing published on our website. Prices are denominated in US Dollars unless otherwise stated. We reserve the right to change pricing with 30 days' written notice to active subscribers.

7.2 Billing Cycle

Subscription fees are billed in advance on a monthly or annual basis, depending on your selected plan. Payment is due at the start of each billing cycle.

7.3 Payment Methods

We accept payment via major credit cards processed through Stripe. All payment processing is handled by Stripe in accordance with PCI DSS requirements. We do not store your full credit card information on our servers.

7.4 Refunds

Subscription fees are non-refundable except where required by applicable law. If you cancel your subscription, you will retain access to the Service through the end of your current billing period. One-time penetration testing engagement fees are subject to the refund terms specified in the individual engagement agreement.

7.5 Late Payment

Accounts with overdue payments may have access suspended after a 7-day grace period. We will notify you via email before any suspension takes effect.

8. Data Handling & Confidentiality

8.1 Your Data

You retain ownership of all data you submit to the Service, including targets, scan configurations, and any documentation provided as part of an engagement. We process your data solely to deliver the Service and will not use it for unrelated purposes.

8.2 Scan Results & Findings

Scan results and findings are treated as confidential and are accessible only to authorized users on your account. We do not share individual findings with third parties. Aggregate, anonymized data may be used to improve the Service.

8.3 Data Retention

Scan data and engagement findings are retained for the duration of your active subscription plus 90 days after account closure. You may request earlier deletion of your data at any time by contacting us. Real-time posture scans that are not saved to your account are not stored beyond the session.

8.4 Data Security

We implement industry-standard security measures to protect your data, including encryption in transit (TLS 1.2+), encrypted storage for sensitive credentials, and access controls. For details on our data practices, please review our Privacy Policy.

9. Intellectual Property

All content, features, functionality, software, and design of the Service are owned by techPause and protected by intellectual property laws. This includes but is not limited to our scanning engine, detection templates, agent framework, user interface, and documentation.

You are granted a limited, non-exclusive, non-transferable license to use the Service for its intended purpose during your active subscription. This license does not include the right to copy, modify, distribute, or create derivative works from any part of the Service.

You retain full ownership of your scan data, findings reports, and any materials you generate through the Service.

10. Service Availability & SLAs

We aim to maintain 99.9% uptime for the Service, excluding scheduled maintenance windows. However, the Service is provided on an "as-is" and "as-available" basis. We do not guarantee uninterrupted or error-free operation.

We may temporarily suspend the Service for:

• Scheduled maintenance (with reasonable advance notice).
• Emergency security patches or critical infrastructure updates.
• Circumstances beyond our reasonable control (force majeure).

11. Limitation of Liability

To the maximum extent permitted by applicable law:

• The Service is provided "as is" and "as available" without warranties of any kind, whether express, implied, or statutory, including warranties of merchantability, fitness for a particular purpose, and non-infringement.
• CyberShield scan results and findings are informational and should not be considered a comprehensive or exhaustive security assessment. The absence of findings does not guarantee the absence of vulnerabilities.
• We are not liable for any indirect, incidental, special, consequential, or punitive damages, including but not limited to loss of profits, data, business opportunities, or goodwill.
• Our total aggregate liability for any claims arising from or related to the Service shall not exceed the amount you paid for the Service in the 12 months preceding the claim.
• We are not responsible for security incidents that occur despite the use of our Service, nor for decisions made based on scan results or findings.

12. Indemnification

You agree to indemnify, defend, and hold harmless techPause and its officers, directors, employees, and agents from any claims, liabilities, damages, losses, and expenses (including reasonable legal fees) arising from:

• Your use of the Service in violation of these Terms.
• Scanning or testing of targets for which you lacked proper authorization.
• Your violation of any applicable law or third-party rights.
• Any misrepresentation regarding your authority to authorize testing.

13. Termination

Either party may terminate this agreement at any time. You may cancel your subscription through your account settings or by contacting us. We may terminate or suspend your access immediately, without prior notice, if:

• You breach any provision of these Terms.
• You engage in activities that could harm the Service or other users.
• We are required to do so by law.
• We discontinue the Service (with 30 days' notice where practicable).

Upon termination, your right to use the Service ceases immediately. Sections 8 (Data Handling), 9 (Intellectual Property), 11 (Limitation of Liability), 12 (Indemnification), and 14 (Governing Law) survive termination.

14. Governing Law & Dispute Resolution

These Terms shall be governed by and construed in accordance with the laws of the State of Delaware, United States, without regard to its conflict-of-law principles.

Any disputes arising from these Terms or the Service shall first be attempted to be resolved through good-faith negotiation. If negotiation fails, disputes shall be resolved through binding arbitration administered in accordance with the rules of the American Arbitration Association (AAA). The arbitration shall be conducted in English.

15. Changes to Terms

We reserve the right to modify these Terms at any time. Material changes will be communicated via email to the address associated with your account at least 30 days before they take effect. Non-material changes may be posted directly to this page.

Your continued use of the Service after the effective date of any changes constitutes your acceptance of the updated Terms. If you do not agree with the revised Terms, you must stop using the Service and cancel your subscription.

16. Contact Information

For questions, concerns, or requests related to these Terms of Service, please contact us:

• Email: cybershield@techpause.org
• Website: techpause.org

We aim to respond to all inquiries within 2 business days.