Terms of Service

Last updated on January 12, 2024

1. Introduction

These Terms of Service ("Terms") govern your access to and use of VerySecure ("Service"), a product of Ziru Technology Limited ("Company", "we", "our", or "us"), a company registered in the United Kingdom. By using VerySecure, you agree to these Terms. If you are using VerySecure on behalf of an organization, you represent and warrant that you have the authority to bind that organization to these Terms.

2. Service Description

VerySecure is an identity and access management platform that provides:

  • • Personnel management and user onboarding
  • • Single Sign-On (SSO) capabilities using OIDC and SAML protocols
  • • Multi-Factor Authentication, including SMS OTP and Time-based OTP
  • • Application access management and monitoring
  • • Policy and document management with acknowledgment tracking
  • • Comprehensive event logging and audit trails
  • • Device management and monitoring capabilities

3. Pilot Program

  • 3.1. The Service is currently operating under a pilot program for an initial period of three (3) months ("Pilot Period").
  • 3.2. During the Pilot Period, the Service is provided free of charge.
  • 3.3. We reserve the right to modify, terminate, or implement pricing for the Service following the Pilot Period, with reasonable notice to users.
  • 3.4. We will provide at least 30 days' notice before implementing any pricing changes after the Pilot Period.

4. Account Terms

  • 4.1. You must register for an account to use VerySecure.
      • 4.2. You are responsible for:
    • • Providing accurate account information
    • • Maintaining the security of your account credentials
    • • All activities that occur under your account
    • • Promptly notifying us of any unauthorized access or security breaches
    • • Ensuring proper configuration of authentication methods
    • • Managing user access rights within your organization
  • 4.3. Accounts must be created and used by humans. Accounts registered by bots or automated methods are not permitted.
  • 4.4. Administrator accounts have elevated privileges and must be protected with multi-factor authentication.

5. Customer Data and Isolation

  • 5.1. Each customer receives a unique instance of VerySecure.
  • 5.2. Your data is stored separately and isolated from other customers' data.
  • 5.3. All data is stored on servers located in the European Union.
      • 5.4. You retain all rights to your data. We will only access your data to:
    • • Provide and maintain the Service
    • • Comply with legal obligations
    • • Respond to support requests
    • • Investigate security incidents
    • • Perform agreed-upon troubleshooting
  • 5.5. We implement strict access controls and monitoring for any staff access to customer instances.

6. Acceptable Use

    You agree not to:
  • • Use the Service for any illegal purpose
  • • Attempt to gain unauthorized access to the Service or other users' accounts
  • • Interfere with or disrupt the Service's integrity or performance
  • • Circumvent or modify any security features
  • • Upload malicious code or content
  • • Share access credentials with unauthorized users
  • • Attempt to bypass authentication mechanisms
  • • Use the Service to store or transmit inappropriate content
  • • Conduct security tests without prior written permission

7. Security and Compliance

  • 7.1. We implement reasonable security measures to protect your data, including:
    • • Encryption at rest and in transit
    • • Regular security assessments
    • • Automated security monitoring
    • • Access logging and auditing
    • • Regular security updates
  • 7.2. We are pursuing ISO 27001 and SOC 2 certifications and will maintain these certifications once obtained.
  • 7.3. While we provide tools for compliance, you are responsible for:
    • • Configuring the Service to meet your compliance requirements
    • • Obtaining necessary consents from your users
    • • Using the Service in compliance with applicable laws
    • • Maintaining appropriate security controls within your organization
    • • Implementing appropriate authentication policies
    • • Managing device compliance policies

    8. Service Level and Support

    • 8.1. We will use commercially reasonable efforts to make the Service available 24/7, except for:
    • • Planned maintenance (with at least 48 hours notice)
    • • Emergency maintenance
    • • Factors beyond our reasonable control
    • • Third-party service interruptions
    • 8.2. Support is provided via email and our support portal during business hours.
    • 8.3. Critical security incidents will receive priority response regardless of business hours.

    9. Third-Party Services

    • 9.1. The Service integrates with third-party services for:
    • • Payment processing
    • • SMS delivery
    • • Authentication services
    • • Mobile device management
    • • Compliance monitoring
    • 9.2. Your use of third-party services is subject to their respective terms and conditions.
    • 9.3. We are not responsible for the availability or security of third-party services.

    10. Intellectual Property

    • 10.1. We own all rights to the Service, including any modifications or improvements.
    • 10.2. We grant you a limited, non-exclusive, non-transferable license to use the Service during the term of these Terms.
    • 10.3. You grant us a limited license to use your trademarks and logos to provide the Service.
    • 10.4. Any feedback you provide may be used to improve the Service without any obligation to you.

    11. Term and Termination

    • 11.1. These Terms remain in effect until terminated.
    • 11.2. Either party may terminate these Terms:
    • • At the end of the Pilot Period
    • • For material breach, with 30 days' written notice
    • • Immediately for violations of Acceptable Use terms
    • • For repeated security violations
    • 11.3. Upon termination:
    • • Access to the Service will cease
    • • You may request a copy of your data within 30 days
    • • We will delete your data after 90 days
    • • You must remove any installed MDM profiles or agents
    • • You must discontinue use of all authentication mechanisms

    12. Limitation of Liability

    • 12.1. To the maximum extent permitted by law, we shall not be liable for:
    • • Indirect, incidental, or consequential damages
    • • Loss of profits or revenue
    • • Data loss or corruption
    • • Service interruptions
    • • Security breaches outside our reasonable control
    • • Misuse of authentication
    • • Third-party service failures
    • 12.2. Our total liability shall not exceed the amounts paid for the Service in the 12 months preceding the claim.

    13. Indemnification

    • You agree to indemnify and hold us harmless from claims arising from:
    • • Your use of the Service
    • • Violation of these Terms
    • • Violation of third-party rights
    • • Your content or data
    • • Misuse of authentication mechanisms
    • • Unauthorized access through your accounts
    • • Violation of security policies

    14. Modifications

    • 14.1. We may modify these Terms at any time by posting updates to our website.
    • 14.2. Your continued use of the Service constitutes acceptance of modified Terms.
    • 14.3. Material changes will be notified via email with 30 days' notice.
    • 14.4. Changes to security requirements may be implemented immediately if required.

    15. Governing Law

    These Terms are governed by the laws of the United Kingdom, without regard to conflict of law principles.

    16. Contact Information

    For questions about these Terms, contact us at: m@ziru.ventures

verysecure
x github

Terms of use

Privacy Policy

Security

© 2024 VerySecure. All Rights Reserved.