Terms of Service

Last Updated: January 28, 2025
Effective Date: January 28, 2025
Important Notice: These Terms of Service constitute a legally binding agreement between you and theCISO.ai. By accessing or using our platform, you acknowledge that you have read, understood, and agree to be bound by these terms.

Welcome to theCISO.ai ("we," "us," "our," or "the Company"). These Terms of Service ("Terms") govern your access to and use of the theCISO.ai platform, including our website, applications, services, and all related features (collectively, the "Service").

1. Acceptance of Terms

By creating an account, accessing, or using the Service, you agree to be bound by these Terms and our Privacy Policy, which is incorporated herein by reference. If you are using the Service on behalf of an organization, you represent and warrant that you have the authority to bind that organization to these Terms.

If you do not agree to these Terms, you must not access or use the Service.

2. Service Description

theCISO.ai is an AI-powered Governance, Risk, and Compliance (GRC) platform designed to help organizations:

  • Manage cybersecurity and compliance frameworks (ISO 27001, SOC 2, NIST CSF, CIS Controls, etc.)
  • Conduct risk assessments and manage security incidents
  • Track compliance obligations and generate audit-ready reports
  • Manage vendor risk and third-party security assessments
  • Leverage AI-powered insights and automation for GRC workflows
  • Access virtual CISO advisory services and security guidance

3. Account Registration and Security

3.1 Account Creation

To use certain features of the Service, you must create an account. You agree to:

  • Provide accurate, current, and complete information during registration
  • Maintain and promptly update your account information
  • Maintain the security of your password and account credentials
  • Notify us immediately of any unauthorized use of your account
  • Accept responsibility for all activities that occur under your account

3.2 Account Types

We offer different subscription tiers with varying features and user limits:

  • Base: Individual users and small teams with core GRC functionality
  • Pro: Growing organizations with advanced automation and AI features
  • Enterprise: Large organizations with custom integrations and dedicated support

3.3 Single Sign-On (SSO)

If you sign up using single sign-on through Google, Microsoft, or other identity providers, you authorize us to access certain account information from those providers as permitted by their terms and your privacy settings.

4. Subscription and Payment

4.1 Free Trial

We may offer a 14-day free trial for new customers. During the trial period, you have access to the features of your selected plan. At the end of the trial, your subscription will automatically convert to a paid subscription unless you cancel before the trial ends.

4.2 Subscription Fees

Paid subscriptions are billed monthly or annually in advance based on your chosen billing cycle. All fees are exclusive of applicable taxes, which will be added to your invoice.

4.3 Payment Methods

We accept payment via credit card, debit card, and other payment methods processed through Stripe, our third-party payment processor. You authorize us to charge your payment method for all fees incurred.

4.4 Automatic Renewal

Your subscription will automatically renew at the end of each billing period unless you cancel before the renewal date. You will be charged the then-current subscription fee for your plan.

4.5 Price Changes

We may change our subscription fees at any time. We will provide you with at least 30 days' notice of any price increases. If you do not agree to the new pricing, you may cancel your subscription before the new pricing takes effect.

4.6 Refunds

Subscription fees are non-refundable except as required by law or as expressly stated in these Terms. If you cancel your subscription, you will retain access to paid features until the end of your current billing period.

5. Acceptable Use

5.1 License Grant

Subject to your compliance with these Terms, we grant you a limited, non-exclusive, non-transferable, revocable license to access and use the Service for your internal business purposes.

5.2 Prohibited Activities

You agree not to:

  • Use the Service for any illegal purpose or in violation of any laws
  • Share your account credentials or allow unauthorized access to your account
  • Reverse engineer, decompile, or disassemble any part of the Service
  • Copy, modify, distribute, or create derivative works of the Service
  • Use automated systems (bots, scrapers) to access the Service without permission
  • Attempt to gain unauthorized access to any portion of the Service
  • Interfere with or disrupt the integrity or performance of the Service
  • Remove, obscure, or alter any proprietary notices on the Service
  • Use the Service to transmit malware, viruses, or harmful code
  • Engage in any activity that could damage our reputation or business

5.3 Multi-Tenant Environment

The Service operates in a multi-tenant environment. You agree not to attempt to access data or accounts belonging to other customers.

6. Your Data and Content

6.1 Data Ownership

You retain all ownership rights to the data and content you upload, create, or store in the Service ("Customer Data"). We claim no intellectual property rights over your Customer Data.

6.2 License to Use Customer Data

You grant us a limited license to use, store, process, and display your Customer Data solely to provide the Service to you and for the purposes described in our Privacy Policy.

6.3 Data Responsibility

You are solely responsible for:

  • The accuracy, quality, and legality of your Customer Data
  • Ensuring you have the necessary rights to use and share Customer Data
  • Maintaining backup copies of your Customer Data
  • Complying with all applicable data protection laws

6.4 Data Security

We implement industry-standard security measures to protect your Customer Data. However, no method of transmission or storage is 100% secure. You acknowledge that you provide Customer Data at your own risk.

6.5 Data Deletion

Upon termination of your account, we will delete your Customer Data in accordance with our data retention policies and applicable law. You may request deletion of your data at any time by contacting support.

7. Intellectual Property Rights

7.1 Our Rights

The Service, including all software, designs, text, graphics, logos, and other content (excluding Customer Data), is owned by theCISO.ai or our licensors and is protected by copyright, trademark, and other intellectual property laws.

7.2 Trademarks

"theCISO," "theCISO.ai," and our logos are trademarks of the Company. You may not use our trademarks without our prior written permission.

7.3 Feedback

If you provide us with feedback, suggestions, or ideas about the Service, you grant us an unrestricted, perpetual, royalty-free right to use, modify, and incorporate such feedback into our products and services.

8. AI-Powered Features

8.1 AI Services

Our Service includes AI-powered features that analyze your data to provide insights, recommendations, and automation. These features use machine learning models and large language models (LLMs) from third-party providers including Google (Gemini) and Anthropic (Claude).

8.2 AI Accuracy

While we strive to provide accurate AI-generated content and recommendations, AI systems may produce errors, inaccuracies, or inappropriate content. You are responsible for reviewing and validating all AI-generated output before relying on it for business decisions.

8.3 AI Training

We do not use your Customer Data to train our AI models or third-party AI models unless you explicitly opt in to such usage. Aggregate, anonymized usage data may be used to improve the Service.

9. Third-Party Services and Integrations

The Service may integrate with third-party services (e.g., Microsoft 365, Google Workspace, Azure AD, Okta). Your use of such integrations is subject to the third-party's terms and conditions. We are not responsible for the availability, performance, or security of third-party services.

10. Disclaimers and Warranties

IMPORTANT LEGAL NOTICE

THE SERVICE IS PROVIDED "AS IS" AND "AS AVAILABLE" WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT, OR TITLE.

We do not warrant that:

  • The Service will be uninterrupted, secure, or error-free
  • The results obtained from the Service will be accurate or reliable
  • Any errors or defects will be corrected
  • The Service will meet your specific requirements

The Service is not a substitute for professional legal, compliance, or cybersecurity advice. You should consult qualified professionals for guidance specific to your organization.

11. Limitation of Liability

TO THE MAXIMUM EXTENT PERMITTED BY LAW, IN NO EVENT SHALL THECISO.AI, ITS AFFILIATES, OFFICERS, DIRECTORS, EMPLOYEES, AGENTS, OR LICENSORS BE LIABLE FOR:

  • ANY INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, OR PUNITIVE DAMAGES
  • ANY LOSS OF PROFITS, REVENUE, DATA, OR BUSINESS OPPORTUNITIES
  • ANY DAMAGES ARISING FROM YOUR USE OR INABILITY TO USE THE SERVICE
  • ANY UNAUTHORIZED ACCESS TO OR ALTERATION OF YOUR DATA

OUR TOTAL LIABILITY TO YOU FOR ALL CLAIMS ARISING FROM OR RELATED TO THE SERVICE SHALL NOT EXCEED THE GREATER OF: (A) THE AMOUNT YOU PAID TO US IN THE 12 MONTHS PRECEDING THE CLAIM, OR (B) $100 USD.

Some jurisdictions do not allow the limitation or exclusion of liability for incidental or consequential damages, so the above limitations may not apply to you.

12. Indemnification

You agree to indemnify, defend, and hold harmless theCISO.ai and its affiliates, officers, directors, employees, and agents from any claims, liabilities, damages, losses, costs, or expenses (including reasonable attorneys' fees) arising from:

  • Your use of the Service
  • Your violation of these Terms
  • Your violation of any rights of another party
  • Your Customer Data or any content you submit

13. Termination

13.1 Termination by You

You may cancel your subscription at any time through your account settings or by contacting support. Cancellation will take effect at the end of your current billing period.

13.2 Termination by Us

We may suspend or terminate your account immediately, without notice, if:

  • You breach these Terms
  • Your payment method fails
  • We are required to do so by law
  • We reasonably believe your account poses a security risk
  • We cease offering the Service

13.3 Effects of Termination

Upon termination:

  • Your right to access and use the Service will immediately cease
  • We may delete your Customer Data in accordance with our retention policies
  • You remain liable for all charges incurred prior to termination
  • Sections that by their nature should survive will continue to apply

14. Changes to Terms

We reserve the right to modify these Terms at any time. We will notify you of material changes by:

  • Posting the updated Terms with a new "Last Updated" date
  • Sending an email notification to your registered email address
  • Displaying a notice when you log into the Service

Your continued use of the Service after the effective date of the updated Terms constitutes your acceptance of the changes. If you do not agree to the updated Terms, you must stop using the Service.

15. General Provisions

15.1 Governing Law

These Terms shall be governed by and construed in accordance with the laws of the jurisdiction in which our company is incorporated, without regard to its conflict of law provisions.

15.2 Dispute Resolution

Any dispute arising from these Terms or your use of the Service shall be resolved through binding arbitration, except that either party may seek injunctive relief in court for intellectual property or confidentiality violations.

15.3 Entire Agreement

These Terms, together with our Privacy Policy and any other policies referenced herein, constitute the entire agreement between you and theCISO.ai regarding the Service.

15.4 Severability

If any provision of these Terms is found to be unenforceable or invalid, that provision shall be limited or eliminated to the minimum extent necessary, and the remaining provisions shall remain in full force and effect.

15.5 Waiver

Our failure to enforce any right or provision of these Terms shall not constitute a waiver of such right or provision.

15.6 Assignment

You may not assign or transfer these Terms or your account without our prior written consent. We may assign these Terms without restriction.

15.7 Force Majeure

We shall not be liable for any failure or delay in performance due to circumstances beyond our reasonable control, including acts of God, war, terrorism, natural disasters, or failures of third-party services.

16. Contact Information

If you have any questions about these Terms, please contact us:

theCISO.ai
Email: legal@theciso.ai
Support: support@theciso.ai
Website: https://theciso.ai

© 2025 theCISO.ai. All rights reserved. | Privacy Policy | Security | Contact Us