ExposureGrid Terms of Service

Use of the Service constitutes acceptance of these Terms and our Privacy Policy (see privacy-policy reference below). If you use the Service on behalf of an organization, you represent that you have authority to bind that organization and "you" includes the organization.

You must be of legal age to form a contract in your jurisdiction. You may not use the Service if you are prohibited from receiving services under applicable law.

You are responsible for account credentials and all activity under your account. Notify us promptly of unauthorized use. You must provide accurate registration information. We may suspend or terminate accounts that violate these Terms or present security risk.

ExposureGrid performs automated security analysis against targets you submit. You may only scan domains, hosts, or systems that you own or that you have express written or legally sufficient authorization to assess. Lack of technical blocking (for example, a publicly reachable site) is not consent and does not authorize scanning. Misrepresenting authorization or scanning third-party assets without permission may violate law and these Terms.

The public scanner is provided without an account, subject to rate limits, operational controls, and fair-use policies. Results may be cached, reused within configured windows, or limited for abuse prevention. We may block public scans for domains that are managed in ExposureGrid with current, valid ownership verification so that account holders control how those assets are assessed publicly. Blocking decisions are not disclosed to anonymous users in a way that reveals ownership or account details.

Paid plans, trials, and features are described on our website and may evolve. Trials may be limited in duration, scope, or availability and can be changed or ended. Subscriptions renew according to the plan you select until canceled. Nonpayment or failed billing may result in downgrade, suspension, or loss of paid features. Cancellations take effect per the billing flow shown in-product (e.g., end of billing period when applicable). Fees are exclusive of taxes unless stated otherwise.

You agree not to:

• Use the Service for unlawful purposes or to violate others' rights.
• Probe, scan, or attack systems without authorization, or attempt to bypass technical or contractual limits (including rate limits).
• Abuse, harass, or interfere with the Service, other users, or underlying infrastructure; introduce malware; or conduct denial-of- service or similar attacks.
• Scrape, harvest, or systematically extract data except via documented APIs where offered and permitted.
• Misuse credentials, share accounts in breach of plan terms, or attempt to reverse engineer the Service beyond what applicable law allows.

You retain rights in your data. You grant us a license to host, process, and use data you submit solely to provide, secure, and improve the Service, enforce these Terms, and comply with law. Scans produce observations (e.g., headers, TLS data) derived from targets you authorize. We may collect operational telemetry and logs as described in our Privacy Policy.

The Service, branding, software, and documentation are owned by EHFC / ExposureGrid or licensors. Except for the limited rights to use the Service under these Terms, no rights are granted. Feedback you provide may be used without obligation to you.

THE SERVICE IS PROVIDED "AS IS" AND "AS AVAILABLE." TO THE MAXIMUM EXTENT PERMITTED BY LAW, WE DISCLAIM ALL WARRANTIES, WHETHER EXPRESS, IMPLIED, OR STATUTORY, INCLUDING MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT. SCAN RESULTS ARE INFORMATIONAL AND NOT A GUARANTEE OF SECURITY OR COMPLETENESS; THEY DO NOT REPLACE PROFESSIONAL ADVICE, PENETRATION TESTING WHERE REQUIRED, OR COMPLIANCE PROGRAMS.

TO THE MAXIMUM EXTENT PERMITTED BY LAW, EHFC / EXPOSUREGRID AND ITS SUPPLIERS WILL NOT BE LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, OR PUNITIVE DAMAGES, OR LOSS OF PROFITS, DATA, OR GOODWILL, ARISING FROM OR RELATED TO THE SERVICE OR THESE TERMS, WHETHER OR NOT ADVISED OF THE POSSIBILITY. OUR AGGREGATE LIABILITY FOR CLAIMS ARISING OUT OF THE SERVICE IN ANY TWELVE-MONTH PERIOD WILL NOT EXCEED THE GREATER OF (A) THE AMOUNTS YOU PAID US FOR THE SERVICE IN THAT PERIOD OR (B) ONE HUNDRED U.S. DOLLARS (USD $100), EXCEPT WHERE PROHIBITED BY LAW.

You will defend and indemnify EHFC / ExposureGrid and its affiliates, officers, and employees against third-party claims, damages, and costs (including reasonable attorneys' fees) arising from your use of the Service, your targets, your violation of these Terms, or your violation of others' rights, including scanning without proper authorization.

We may suspend or terminate access for breach of these Terms, risk to the Service or third parties, legal requirements, or nonpayment where applicable. You may stop using the Service at any time. Provisions that by nature should survive (e.g., disclaimers, limitations, indemnity) survive termination.

We may modify the Service or these Terms. Material changes will be communicated as appropriate (e.g., in-product notice or email). Continued use after the effective date may constitute acceptance. Version identifiers help track which Terms applied at acceptance time.

These Terms are governed by the laws of Delaware, United States, excluding conflict- of-law rules. Exclusive venue and jurisdiction for disputes shall lie in the state or federal courts located in Delaware, except where prohibited by law. Confirm with legal counsel for your operating entity and customer base.

Our Privacy Policy describes how we collect and use personal data. Where linked from the product, that policy is incorporated by reference.

For legal or security notices, contact [email protected] . General support may use the contact channels shown on the website.