Acceptable Use Policy

Updated: 08 May 2020

1. ABOUT THIS POLICY

1.1 AkimboCore offer a suite of security testing tools, deployed as a software as a service scanning system. This tool is offered on a paid subscription basis and access is only available to subscribers or their authorised users.

1.2 You must therefore only attempt to access AkimboCore if you are a subscriber, or an employee, consultant, or agent of one of our subscribers and if that subscriber has given you permission to access this system on their behalf.

1.3 Please read this document carefuly, as by attempting to log in to this system you confirm you will comply with this policy and acknowledge that you have authority to do so.

This Acceptable Use Policy is intended only to deal with the proper use of AkimboCore. It does not create any direct contractual entitlement for you to receive the services, not does it provide ou with any direct remedies if you experience a problem with the service.

This policy does not superseed any terms of an existing subscriber agreement.

2. BEFORE UTILISING THE TOOL SUITE

2.1 When you log in to AkimboCore you will have the ability to carry out security testing or vulnerability scanning of the URLs and IP addresses ("The Targets") you choose. This includes attempting to determine vulnerabilities on The Targets as well as safely exploiting those vulnerabilities.

2.2 It is essential that you carefully verify the details of the URLs and IP addresses included within the scan and that you verify that you have the correct legal permission from the owner of The Targets to perform the security testing.

2.3 The scanning activity is designed to deterine any vulnabilities present in The Targets, therefore the use of AkimboCore comes with the following warning:

2.3.1 Scanning may expose vulnerabilities in targets, may cause disruption to services, and carries a risk of loss of service, hardware failure, and loss or corruption of data.

2.3.2 We strongly advise you to complete a full backup of all data which is contained in or available through any devices connected to the targets and that the backups are stored separately from The Targets.

2.3.3 Ensure that there are qualified knowledgable representatives available to respond prompty to any security issue identified in The Targets and to deal with any adverse impact on The Targets that security testing may cause.

2.4 The subscriber agrees to take responsiblity for its users and their compliance with this Acceptable Use Policy and the subscriber will be responsible for any breach of this policy by a user.

3. LICENSE LIMITATIONS

3.1 There are no limits on the total number of scans that can be conducted under a licensed account, however there are restrictions on the number of concurrent scans which can be performed.

3.2 You must only use AkimboCore in good faith and in the manner in which is intended.

3.3 You must not use AkimboCore in any manner that breaches any local, national, or international law or regulation.

3.4 You must not use AkimboCore in any way which is unlawful or fraudulent in purpose or effect.

3.5 You must not use AkimboCore in any way which may damage our reptutation.

VULNERABILITY REPORTING

4.1 If vulnerabilties are identified a report containing details of the vulnerability type and a recommended fix. For all identified vulnerabilities you should deal with those vulnerabilities in accordance will all relevant internal policies and procedures of the affected organisation, Target System, or relevant third-party provider.

4.2 Any rights, title and interest (including intellectual property) in AkimboCore and the generated reports belong to us, and nothing in these terms will operate to transfer any of thos erights to the subscriber or their users. The subscriber is entited to use the report for hte purposes of reviewing its findings and acting upon them to address any vulnerabilities identified within The Targets.

5. SCANNING RESTRICTIONS

5.1 By utilising this system you expressly authorise us to access or attempt to access The Targets, and any programs or data held on those systems, and to perform any actions, operations or exploits necassary or desirable to identify or confirm vulnerabilities present on The Targets.

5.2 Where The Targets include a system containing personal data you agree:

(a) Ensure that, for each data subject whose personal data may be disclosed to us, there is a lawful basis for us to perform processing of personal data in accordance with Articles 6 ad 9 of the General Data Protection Regulation ("GDPR")

(b) On our behalf, provide each data subject whose personal data may be disclosed to us with the fair processing information required by Articles 13 and 14 of GDPR.

(c) Immidiately inform us if a data subject requests to exercise their reight under Chapter III of GDPR in respect of any processing activity we may carry out.

5.3 The subscriber agrees to indemnify us against:

(a) Any breach of applicable law which we or the subscriber are alleged to have committed.

(b) Any use of AkimboCore to perform any action where you are not authorised to do so, including any consequences arising out of those actions.

(c) Any loss or damage caused as a result of the subscribers use of this system, including loss or damage against The Targets.

(d) All claims demands, penalities, fines, actions, costs, expenses, losses and damages we suffer or incur or which are awarded against us arising from or in connection with any failure by the subscriber to comply with any part of this policy.