PREVIEWCISO360AI is offered as-is while in preview. Features and data may change. Learn more.
Preview← Back to home

Terms of Service

Last updated: 2026-06-02 — Version: 2026-06-02

Provider:alterSec Limited (NZBN 9429047827035), trading as CISO360AI ("we", "us", "our"), a company incorporated in New Zealand.

1. Acceptance & changes

By creating an account or using the CISO360AI service (the "Service") you agree to these Terms of Service (the "Terms"). If you do not agree, do not use the Service.

We may revise these Terms from time to time. Material changes will be announced by email to the address on file for your account, with reasonable notice. Your continued use of the Service after such notice constitutes acceptance of the revised Terms. The latest version is always available at /legal/terms.

2. The Service

CISO360AI is a multi-tenant cybersecurity management platform offering AI-assisted analysis, vulnerability and asset tracking, attack-surface discovery, and compliance workflows.

The Service is currently offered in PREVIEW. Features, data, availability, and pricing may change without notice. Preview environments may contain bugs or errors, and preview data may be reset, migrated, or deleted as we iterate. There is no service-level commitment during preview.

3. Eligibility & account

You must be at least 18 years old to use the Service. Registration requires a corporate email address; personal email domains are not accepted. You are responsible for safeguarding your credentials and for all activity under your account, and you must keep your contact information current so that we can reach you with notices.

4. Acceptable use

You agree not to:

  • reverse engineer, decompile, or attempt to derive the source of the Service;
  • resell, sublicense, or use the Service to provide services to third parties without our prior written consent;
  • circumvent rate limits, scrape, or perform automated access outside of documented APIs;
  • upload malware or use the Service to attack, intrude into, or otherwise harm any third party or system;
  • submit confidential third-party data without proper authority.

5. Authorisation to scan and analyse targets

You represent and warrant that, for every system, asset, domain, IP address, credential, or dataset that you submit to the Service for scanning, analysis, or assessment (each a "target"), you have all necessary authority, permissions, and consents from the owner or controller of that target. You will not use the Service to assess any target you are not legally authorised to assess. The targets you enter are your responsibility.

When you add or edit scan targets, you further acknowledge and agree that:

  • the person acting on your behalf has authority to authorise assessment of all targets in scope;
  • where a target is hosted by a third party (for example a cloud provider such as AWS, Azure, or Google Cloud), it remains your responsibility to check that provider's current acceptable-use policy and to obtain any permissions or notifications it requires;
  • you are and remain the data controller for any personal information disclosed to or accessible by the Service during an assessment, and you have a lawful basis for that disclosure under the New Zealand Privacy Act 2020 or, for Australian-based customers, the Australian Privacy Act 1988 (Cth);
  • security testing uses tools and techniques designed to detect and exploit vulnerabilities, not all risk can be eliminated, and you have taken reasonable steps to mitigate loss or damage (including verified backups and excluding unstable or legacy systems from scope).

You will indemnify and hold us harmless from any third-party claim arising out of your unauthorised use of the Service against targets you did not have permission to assess. This clause is intended to satisfy the authorisation requirements of the New Zealand Crimes Act 1961 (ss. 249–252) and the New Zealand Privacy Act 2020.

6. Your data

You retain ownership of the data you upload to or generate within the Service ("Customer Data"). We process Customer Data only to provide and operate the Service and as described in our Privacy Policy. We may use anonymised, aggregated information derived from the operation of the Service to improve the platform.

7. Our intellectual property

We own all rights in the Service, including the platform, models, workflows, templates, and documentation. Subject to your compliance with these Terms, we grant you a non-exclusive, non-transferable, revocable licence to use the Service for your internal business purposes during the term of your subscription.

8. As-is — no warranties

THE SERVICE IS PROVIDED "AS IS" AND "AS AVAILABLE" WITHOUT WARRANTIES OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING WITHOUT LIMITATION ANY IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NON-INFRINGEMENT. We do not guarantee that the Service will detect all vulnerabilities, weaknesses, misconfigurations, or compliance gaps, or that it will be uninterrupted, secure, accurate, or error-free. There is no service-level agreement during preview.

AI outputs: the Service may use artificial intelligence to generate suggestions, summaries, or analyses. AI-generated outputs may be inaccurate, incomplete, or misleading. You are solely responsible for reviewing and verifying any AI output before relying on it for security, compliance, or business decisions.

9. Limitation of liability

For preview and free-tier use of the Service, our liability is excluded to the maximum extent permitted by applicable law. We shall not be liable for any direct, indirect, incidental, consequential, special, or exemplary damages, including lost profits, lost data, or loss of goodwill, arising out of or in connection with your use of the Service.

For paid tiers (when offered), our aggregate liability arising out of or relating to these Terms will not exceed the fees you paid to us in the twelve months preceding the event giving rise to the claim. Nothing in these Terms limits any liability that cannot be excluded by law, including liability for death or personal injury caused by negligence, fraud, or wilful misconduct.

10. Confidentiality

Each party will protect the other's non-public information disclosed in connection with the Service with the same degree of care it uses for its own confidential information (and at least reasonable care), and will use it solely to perform under these Terms.

11. Term & termination

These Terms apply for as long as you use the Service. Either party may terminate at any time during preview by giving notice. We may suspend or terminate your access immediately for material breach of these Terms, security risk, suspected unauthorised use, or as required by law. Upon termination, we will delete your Customer Data within 30 days, subject to backups and any legal-retention obligations.

12. Governing law & jurisdiction

These Terms are governed by the laws of New Zealand, without regard to its conflict-of-laws principles. The courts of New Zealand have exclusive jurisdiction over any dispute arising from or relating to these Terms or the Service.

13. Contact

Questions about these Terms can be sent to legal@ciso360.ai.

alterSec Limited · NZBN 9429047827035 · Auckland, New Zealand