Terms of Service

✅ 1. Acceptance of Terms

By accessing our website, purchasing services, or entering into a service agreement with EVERLINE CYBER IT INFRASTRUCTURE L.L.C. ("EVERLINE", "we", "us"), you agree to be bound by these Terms of Service ("Terms"), our Privacy Policy, and any applicable service-level agreements.

If you are agreeing on behalf of a company or other legal entity, you represent that you have the authority to bind that entity to these Terms. If you do not have such authority or do not agree with these Terms, you must not use our services.

🔒 2. Services Description

EVERLINE provides professional cybersecurity services including, but not limited to:

• Penetration Testing: Authorised simulated cyberattacks to identify vulnerabilities in your systems, networks, and applications
• Vulnerability Assessment: Systematic review and prioritisation of security weaknesses
• SOC & Managed Security: 24/7 monitoring, detection, and response to security incidents
• Incident Response: Rapid containment, investigation, and recovery from security breaches
• Cloud Security: Configuration review, hardening, and continuous monitoring for cloud environments
• Compliance & Auditing: Assessment and preparation for ISO 27001, GDPR, PCI-DSS, HIPAA, and other frameworks
• Digital Forensics: Post-incident investigation and evidence collection

The specific services, deliverables, timelines, and fees applicable to your engagement will be detailed in a separate Statement of Work (SOW) or service agreement.

👤 3. Client Obligations

To enable effective service delivery, you agree to:

• Provide accurate, complete, and timely information required for service delivery
• Ensure all authorisations, approvals, and consents necessary for EVERLINE to perform services are obtained in advance
• Designate a qualified technical point of contact to coordinate with our team
• Promptly notify EVERLINE of any changes to the scope, systems, or environment under assessment
• Ensure your use of our services and reports complies with all applicable laws
• Maintain appropriate backups of all systems prior to any penetration testing engagement
• Not use EVERLINE's services or reports for any unlawful purpose

📜 4. Scope of Work & Authorisation

All penetration testing and offensive security services require explicit, written authorisation before commencement. This authorisation must:

• Clearly define the scope of systems, networks, and applications to be tested
• Identify permitted testing windows and blackout periods
• Be signed by an authorised representative of the client organisation
• Include acknowledgement that the client owns or has rights to test the specified systems

EVERLINE reserves the right to pause or terminate an engagement if activities could cause unacceptable risk to out-of-scope systems or third parties.

🤐 5. Confidentiality

Both parties acknowledge that they may receive confidential information from the other party during the course of the engagement. Each party agrees to:

• Maintain the confidentiality of the other party's proprietary and confidential information
• Not disclose such information to third parties without prior written consent
• Use confidential information solely for the purposes of the engagement
• Apply at least the same level of protection as they apply to their own confidential information (but not less than reasonable care)

Confidentiality obligations survive the termination of any service agreement for a period of five (5) years, or indefinitely for information that qualifies as a trade secret.

EVERLINE security assessment reports, findings, and recommendations are considered highly confidential and must be handled and stored securely by the client.

💡 6. Intellectual Property

Client Data & Systems

You retain all ownership of your data, systems, and pre-existing intellectual property. EVERLINE does not claim any ownership over client data accessed during service delivery.

EVERLINE Deliverables

Upon full payment of applicable fees, EVERLINE grants you a non-exclusive, non-transferable licence to use deliverables (reports, assessments, remediation guidance) for your internal business purposes.

EVERLINE Tools & Methodologies

All proprietary tools, scripts, frameworks, and methodologies developed by EVERLINE remain the exclusive intellectual property of EVERLINE. No licence to these assets is granted unless explicitly agreed in writing.

💳 7. Payment & Billing

• Invoicing: Invoices are issued per the payment schedule defined in the applicable SOW or service agreement
• Payment Terms: Unless otherwise agreed, payment is due within 30 days of invoice date
• Late Payment: Overdue amounts accrue interest at 1.5% per month or the maximum permitted by applicable law
• Disputed Invoices: Disputes must be raised in writing within 14 days of invoice receipt. Undisputed portions remain due
• Retainer Services: Monthly retainer fees are due in advance on the first business day of each month
• Taxes: Fees are exclusive of VAT and other applicable taxes, which will be added to invoices as required by law

⚖️ 8. Limitation of Liability

EVERLINE shall not be liable for any:

• Indirect, incidental, consequential, special, or punitive damages
• Loss of profits, revenue, data, business, or goodwill
• Damages resulting from your failure to implement recommended security remediations
• Damages caused by third-party actions or cyberattacks that occur after service delivery
• System downtime or data loss occurring during agreed testing windows

These limitations apply regardless of the theory of liability and even if EVERLINE has been advised of the possibility of such damages.

🛡️ 9. Indemnification

You agree to defend, indemnify, and hold harmless EVERLINE and its officers, directors, employees, and agents from and against any claims, damages, losses, and expenses (including legal fees) arising from:

• Your breach of these Terms or any applicable law
• False or misleading representations made to EVERLINE
• Your use of EVERLINE deliverables in violation of these Terms
• Claims by third parties arising from your failure to obtain proper authorisation for testing
• Your gross negligence or wilful misconduct

🚪 10. Termination

Termination for Convenience

Either party may terminate a service engagement with 30 days' written notice. You remain liable for fees for work completed up to the termination date.

Termination for Cause

Either party may terminate immediately upon written notice if the other party materially breaches these Terms and fails to cure the breach within 14 days of notice.

EVERLINE may terminate immediately if:

• You use our services or findings for unlawful purposes
• You provide false information regarding system ownership or authorisation
• Payment is overdue by more than 60 days
• Your conduct exposes EVERLINE to legal or reputational risk

Effect of Termination

Upon termination, confidentiality obligations, IP provisions, payment obligations for completed work, and limitation of liability provisions survive.

🚫 11. Acceptable Use

You must not use our website, portal, or services to:

• Conduct any form of unauthorised security testing against third-party systems
• Distribute malware, ransomware, or other malicious code
• Engage in any activity that violates applicable laws or regulations
• Attempt to gain unauthorised access to EVERLINE's systems or infrastructure
• Reverse-engineer, decompile, or disassemble any EVERLINE software or tools
• Share access credentials or resell EVERLINE services without written authorisation
• Interfere with or disrupt the integrity of EVERLINE's services

🏛️ 12. Governing Law & Disputes

These Terms are governed by and construed in accordance with the laws of the United Arab Emirates, specifically the laws of the Emirate of Dubai.

Dispute Resolution

Any dispute arising from or related to these Terms shall be resolved through the following process:

1. Negotiation: The parties shall attempt to resolve the dispute through good-faith negotiation within 30 days of written notice
2. Mediation: If negotiation fails, the dispute shall be submitted to mediation under the Dubai International Arbitration Centre (DIAC) rules
3. Arbitration: If mediation fails, the dispute shall be finally resolved by binding arbitration administered by DIAC in Dubai

Nothing in this section prevents either party from seeking emergency injunctive relief from a court of competent jurisdiction.

These Terms were last updated on April 1, 2026. We reserve the right to modify these Terms at any time. Continued use of our services following notification of changes constitutes acceptance of the revised Terms.