Terms of Service

Welcome to CyberDiagram. These Terms of Service ("Terms") govern your use of the CyberDiagram platform, website (cyberdiagram.com), and related services (collectively, the "Service") operated by CyberDiagram ("we," "us," or "our").

By accessing or using our Service, you agree to be bound by these Terms. If you do not agree, do not use the Service.

1. Description of Service

CyberDiagram provides an AI-powered cloud penetration testing platform delivered as a subscription service (PTaaS — Penetration Testing as a Service). The Service includes:

• Automated cloud infrastructure security scanning
• AI-driven vulnerability detection and analysis
• Visual attack path diagrams
• Compliance reporting (PDPA, ISO 27001, PCI-DSS, CIS Benchmarks)
• Infrastructure-as-Code remediation suggestions (Terraform/Ansible)

CyberDiagram acts as a security assessment tool. We do not provide formal audit certifications. Formal audit signing should be conducted by certified auditors.

2. Eligibility

You must be at least 18 years old and have the legal authority to bind the organization on whose behalf you are using the Service. By using the Service, you represent and warrant that you meet these requirements.

3. Account Registration

To access paid features, you must create an account and provide accurate, complete information. You are responsible for:

• Maintaining the confidentiality of your account credentials
• All activities that occur under your account
• Notifying us immediately of any unauthorized use of your account

4. Subscription Plans and Payment

4.1 Plans

We offer the following subscription tiers:

• Basic (Free): Limited automated scans, basic compliance reports, and community support.
• Enterprise ($499/month): Unlimited scans, compliance dashboards, human review, AI code-fix generation, priority support, and API access.
• Flagship ($999/month): 24/7 dedicated analyst, advanced AI analysis, custom integrations, real-time alerts, full API access, and custom reports.

4.2 Billing

Paid subscriptions are billed monthly in advance. All fees are quoted in US Dollars (USD). You authorize us to charge your designated payment method on a recurring monthly basis.

4.3 Price Changes

We may change our subscription fees with at least 30 days' written notice. Continued use of the Service after the price change constitutes acceptance of the new pricing.

4.4 Taxes

All fees are exclusive of applicable taxes. You are responsible for all taxes associated with your use of the Service, except for taxes based on our net income.

5. Cancellation and Refunds

You may cancel your subscription at any time through your account settings or by contacting us at flashoop@gmail.com. Upon cancellation:

• Your access continues until the end of the current billing period
• No further charges will be made after the current period ends
• No prorated refunds are provided for partial months

For full details on refunds, please refer to our Refund Policy.

6. Acceptable Use

You agree to use the Service only for lawful purposes and only on cloud infrastructure that you own or have explicit written authorization to test. You must not:

• Use the Service to scan, test, or attack systems you do not own or have authorization to test
• Attempt to reverse-engineer, decompile, or disassemble the Service
• Use the Service to develop a competing product or service
• Share account credentials with unauthorized third parties
• Resell, sublicense, or redistribute the Service without our written consent
• Use the Service in any way that violates applicable laws or regulations

7. Authorized Cloud Access

To perform security assessments, the Service requires authorized read-only API access to your cloud environments (AWS, GCP, or Azure). You represent and warrant that:

• You have the legal right to grant this access
• Granting access does not violate any agreements with your cloud provider
• You have obtained any necessary internal approvals before connecting your environment

8. Data Handling and Security

We take the security of your data seriously. Scan results and configuration data collected during assessments are:

• Encrypted in transit and at rest
• Stored only for the duration necessary to provide the Service
• Not shared with third parties except as described in our Privacy Policy
• Deleted upon account termination or upon written request

9. Intellectual Property

The Service, including its AI models, algorithms, visual output, and documentation, is owned by CyberDiagram and protected by intellectual property laws. Your subscription grants you a limited, non-exclusive, non-transferable license to use the Service during the subscription term.

Reports and scan results generated for your account are yours to use for your internal business purposes, including sharing with auditors and compliance officers.

10. Open Source Components

Certain components of the CyberDiagram platform are released under the Apache 2.0 open-source license. These components are governed by their respective open-source licenses. The proprietary AI models, hosted platform, and premium features remain subject to these Terms.

11. Disclaimer of Warranties

THE SERVICE IS PROVIDED "AS IS" AND "AS AVAILABLE" WITHOUT WARRANTIES OF ANY KIND, WHETHER EXPRESS OR IMPLIED. We do not warrant that:

• The Service will detect all vulnerabilities in your infrastructure
• The Service will be uninterrupted or error-free
• Remediation suggestions will resolve all identified issues
• The Service satisfies all compliance requirements applicable to your business

Security assessments provide a point-in-time evaluation and cannot guarantee absolute security. You remain responsible for the overall security posture of your systems.

12. Limitation of Liability

TO THE MAXIMUM EXTENT PERMITTED BY LAW, CYBERDIAGRAM SHALL NOT BE LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, OR PUNITIVE DAMAGES, INCLUDING LOSS OF PROFITS, DATA, OR BUSINESS OPPORTUNITIES, ARISING OUT OF OR RELATED TO YOUR USE OF THE SERVICE.

Our total liability for any claims arising under these Terms shall not exceed the total fees paid by you in the twelve (12) months preceding the claim.

13. Indemnification

You agree to indemnify and hold harmless CyberDiagram, its officers, employees, and agents from any claims, damages, or expenses arising from your use of the Service, your violation of these Terms, or your violation of any third-party rights.

14. Modifications to Terms

We may update these Terms from time to time. We will notify you of material changes by email or through the Service at least 30 days before the changes take effect. Continued use of the Service after changes become effective constitutes acceptance of the updated Terms.

15. Termination

We may suspend or terminate your access to the Service if you violate these Terms or if we reasonably believe your use poses a security risk. Upon termination:

• Your right to use the Service ceases immediately
• We will provide a reasonable period to export your data
• Any outstanding fees remain payable

16. Governing Law

These Terms are governed by and construed in accordance with the laws of Malaysia. Any disputes arising under these Terms shall be resolved in the courts of Kuala Lumpur, Malaysia.

17. Contact

If you have questions about these Terms, contact us at:

• Email: flashoop@gmail.com
• Discord: flashoop
• Website: cyberdiagram.com