TERMS AND CONDITIONS
1. Acceptance of Terms
These Terms and Conditions (“Terms”) constitute a legally binding agreement between Defentrix (“Company,” “we,” “us,” or “our”) and any individual, business entity, or organisation (“Client,” “you,” or “your”) that accesses, uses, or engages the services, products, platforms, or resources provided by Defentrix.
By signing a service agreement, accessing our platforms, or otherwise engaging our services, you confirm that you have read, understood, and agree to be bound by these Terms. If you do not agree to these Terms, you must not use our services.
These Terms should be read in conjunction with our Privacy Policy, Service Level Agreements (SLAs), and any other applicable agreements between you and Defentrix.
2. Description of Services
Defentrix provides a range of professional cybersecurity services and solutions, which may include but are not limited to:
- Penetration testing and vulnerability assessments
- Threat intelligence and monitoring
- Incident response and digital forensics
- Security audits and compliance advisory
- Managed security services (MSS)
- Cybersecurity training and awareness programmes
- Security architecture design and implementation
- Risk management consulting
The specific scope, deliverables, timelines, and fees for services engaged by the Client shall be defined in a separate Statement of Work (SOW) or Service Agreement executed between both parties. In the event of any conflict between these Terms and a specific SOW or Service Agreement, the SOW or Service Agreement shall prevail.
3. Client Obligations
In order to receive our services effectively and lawfully, the Client agrees to:
- Provide accurate, complete, and up-to-date information as required for service delivery
- Obtain all necessary authorisations, consents, and permissions before engaging Defentrix to assess, test, or access any systems, networks, or data
- Ensure that all systems, assets, and environments presented to Defentrix for assessment are within the Client’s legal ownership or authorised control
- Cooperate with Defentrix personnel in a timely and professional manner
- Notify Defentrix immediately of any changes to the agreed scope of work
- Comply with all applicable laws and regulations in connection with the use of our services
- Maintain appropriate backup and recovery mechanisms for all systems prior to any testing engagement
The Client acknowledges that failure to fulfil these obligations may result in delays, service limitations, or termination of the engagement at Defentrix’s discretion.
4. Authorisation and Scope of Engagement
All testing, assessment, or access activities conducted by Defentrix must be explicitly authorised in writing by the Client or an authorised representative prior to commencement. Verbal authorisations will not be accepted.
The Client is solely responsible for ensuring that written authorisation covers all systems, networks, third-party platforms, and data involved in the agreed scope. Defentrix will operate strictly within the boundaries of the authorised scope and will not be held liable for any issues arising from Client-provided scope inaccuracies.
Any request to expand the scope of services must be agreed in writing and may be subject to additional fees and revised timelines.
5. Fees, Payment, and Invoicing
5.1 Fees
Fees for Defentrix services are as agreed in the applicable Statement of Work or Service Agreement. Defentrix reserves the right to revise its pricing with reasonable notice.
5.2 Payment Terms
Unless otherwise agreed in writing:
- Invoices are due and payable within thirty (30) days of the invoice date
- A deposit may be required prior to commencement of certain engagements
- Payments must be made in the currency specified in the invoice
5.3 Late Payment
Defentrix reserves the right to charge interest on overdue amounts at a rate of 2% per month, or the maximum rate permitted by applicable law, whichever is lower. Defentrix may also suspend or terminate services for accounts that remain outstanding beyond sixty (60) days
5.4 Taxes
All fees are exclusive of applicable taxes, levies, or duties. The Client is responsible for any taxes applicable to the services received, except for taxes on Defentrix’s net income.
6. Confidentiality
Both parties acknowledge that in the course of engagement, they may have access to confidential information belonging to the other party, including but not limited to technical data, business information, security findings, reports, methodologies, and trade secrets (“Confidential Information”).
Each party agrees to:
- Hold all Confidential Information in strict confidence
- Use Confidential Information solely for the purposes of the agreed engagement
- Not disclose Confidential Information to any third party without prior written consent
- Apply at least the same level of care as it applies to its own confidential information, but no less than reasonable care
These confidentiality obligations shall survive the termination or expiry of any agreement between the parties for a period of five (5) years, unless a separate Non-Disclosure Agreement (NDA) specifies a different period.
Defentrix’s security assessment reports, findings, and recommendations are strictly confidential and must not be shared with unauthorised parties without Defentrix’s prior written consent.
7. Intellectual Property
7.1 Defentrix Property
All tools, methodologies, frameworks, software, scripts, templates, and know-how developed by Defentrix — including any pre-existing intellectual property — remain the sole and exclusive property of Defentrix. Nothing in these Terms transfers any ownership of Defentrix intellectual property to the Client.
7.2 Deliverables
Upon full payment of all applicable fees, Defentrix grants the Client a non-exclusive, non-transferable licence to use deliverables (such as reports and documentation) for their internal business purposes only. Deliverables may not be reproduced, distributed, or used to develop competing products or services.
7.3 Client Property
All data, systems, and information provided by the Client remain the property of the Client. Defentrix acquires no rights over Client data except as necessary to deliver the agreed services.
8. Limitation of Liability
To the fullest extent permitted by applicable law, Defentrix’s total aggregate liability to the Client arising out of or in connection with any engagement shall not exceed the total fees paid by the Client to Defentrix in the three (3) months immediately preceding the event giving rise to the claim.
Defentrix shall not be liable for:
- Any indirect, incidental, consequential, special, or punitive damages
- Loss of profits, revenue, data, business, or goodwill
- Damages arising from the Client’s failure to implement recommended security measures
- Any security incidents occurring after the conclusion of an engagement
- Third-party claims or losses arising from Client’s use of our deliverables
Nothing in these Terms limits liability for fraud, gross negligence, wilful misconduct, or any liability that cannot be excluded by law.
9. Disclaimers and No Guarantee of Security
Defentrix provides its services using industry-recognised methodologies and best practices. However, the Client acknowledges and agrees that:
- No cybersecurity assessment or solution can guarantee complete security or the prevention of all cyber threats
- Security assessments reflect the state of the environment at the time of testing only
- Defentrix does not warrant that its services will identify every vulnerability or security risk
- The cybersecurity landscape evolves continuously and new threats may emerge after any engagement
Defentrix’s services are provided “as is” and “as available” to the extent permitted by law, without warranties of any kind, whether express or implied, except as specifically stated in an applicable Service Agreement.
10. Indemnification
The Client agrees to indemnify, defend, and hold harmless Defentrix, its directors, officers, employees, and agents from and against any claims, liabilities, damages, losses, penalties, and expenses (including reasonable legal fees) arising from:
- The Client’s breach of these Terms or any applicable agreement
- The Client’s unauthorised or improper use of Defentrix services or deliverables
- Any inaccuracy in the authorisation or scope provided by the Client
- The Client’s violation of any applicable law or regulation
- Third-party claims arising from the Client’s actions or omissions
11. Term and Termination
11.1 Term
These Terms remain in effect for the duration of any active engagement or service agreement between Defentrix and the Client.
11.2 Termination for Convenience
Either party may terminate an engagement with thirty (30) days written notice. The Client shall be liable for all fees for work completed and expenses incurred up to the date of termination.
11.3 Termination for Cause
Defentrix may terminate an engagement immediately and without notice if the Client breaches any material term of these Terms or any applicable agreement, engages in unlawful activity, or fails to make payment when due.
11.4 Effect of Termination
Upon termination, the Client must immediately cease using any Defentrix deliverables in progress. Confidentiality obligations, intellectual property rights, payment obligations, and limitations of liability shall survive termination.
12. Regulatory Compliance
The Client is solely responsible for ensuring that its use of Defentrix services complies with all applicable laws, regulations, and industry standards, including but not limited to data protection laws, financial regulations, and sector-specific cybersecurity requirements.
Defentrix will support compliance efforts as part of its service delivery where agreed, but does not assume the role of compliance officer or legal advisor. Nothing in these Terms or any deliverable constitutes legal advice.
13. Force Majeure
Neither party shall be in breach of these Terms or liable for any delay or failure to perform its obligations where such delay or failure results from circumstances beyond its reasonable control, including but not limited to acts of God, natural disasters, war, civil unrest, pandemic, government action, or failure of third-party services.
The affected party shall notify the other as soon as reasonably practicable and shall use reasonable endeavours to mitigate the impact of the force majeure event.
14. Governing Law and Dispute Resolution
These Terms shall be governed by and construed in accordance with the laws of the Federal Republic of Nigeria, without regard to its conflict of laws principles.
In the event of any dispute arising from or in connection with these Terms, the parties shall first attempt to resolve the matter through good-faith negotiations. If the dispute is not resolved within thirty (30) days of written notice, either party may refer the matter to mediation before seeking resolution through the courts of competent jurisdiction.
15. Amendments
Defentrix reserves the right to amend these Terms at any time. Updated Terms will be published on our official website and clients will be notified of material changes. Continued use of our services following such notice constitutes acceptance of the revised Terms.
16. Entire Agreement
These Terms, together with any applicable Service Agreement, Statement of Work, Non-Disclosure Agreement, and Privacy Policy, constitute the entire agreement between Defentrix and the Client with respect to the subject matter herein and supersede all prior discussions, representations, or agreements.
If any provision of these Terms is found to be invalid or unenforceable, the remaining provisions shall continue in full force and effect.
17. Contact Information
For questions, concerns, or notices relating to these Terms, please contact:
Defentrix — Legal & Compliance
Email: legal@defentrix.com
Website: www.defentrix.com
All notices under these Terms must be submitted in writing and delivered via email or registered post to the addresses provided in the applicable Service Agreement.