Terms & Conditions

Terms & Conditions

1. Purpose and content of the website

The purpose of these terms of use (the “Terms”) is to regulate access to, browsing and use of the website https://www.zerod.io/ (the “Website”), as well as other channels of communication with customers and hackers. The identification details of the owner of the services are provided below:

  • Owner: Cybersec Hub S.L. (“Zerod”)
  • Tax Identification Number: B-09.681.867
  • Address: Barcelona, calle Josep Irla i Bosch, 1, (08034)
  • Email: hello@zerod.io
  • Website: https://www.zerod.io/

Accessing, browsing or using the Website implies acceptance of all the stipulations set out in these Conditions, as well as the privacy or data protection policy and the cookies policy.

Consultation of the content of the Website shall not in itself constitute any type of contractual relationship and its use is the sole responsibility of the user.

Zerod shall not be liable for any errors or omissions which may exist in the information provided, with the exception of those points required by law, nor for the specific application or use which may be made of the same.

Zerod reserves the exclusive right to update, modify or delete the content of the Website, the Conditions, the privacy policy and any specific legal warnings which may be applicable to the Website, as well as the right to limit or prevent access to the same. Zerod may exercise these rights at any time and without prior notice.

2. Activity of the owner

Zerod is a marketplace that connects customers with ethical hackers who provide ethical hacking services anonymously and without concern for their identity. Also, Zerod offers Software as a Service (SaaS) cybersecurity services.

At Zerod, as an intermediary, we have a community of ethical hackers ready to test your platform. We will find the right partner to meet your needs, from simple vulnerability assessments to complex security penetration testing.

3. User status

A user is defined as a person who accesses, browses and uses the Website and the services or content hosted on the Website. In other words, both customers (the “Customers”) and hackers (the “Hackers”) who access the marketplace will be considered users (the “Users”).

Browsing and accessing the Website does not require prior registration, however, the purchase of services or entry into the Zerod professional marketplace is conditional upon registration and acceptance of these Conditions, the privacy or data protection policy and the cookies policy.

By accepting the above, the User declares to be of legal age and to have sufficient legal capacity to be bound by these Conditions, and also undertakes to make diligent use of the services offered on the Website, as well as the information contained therein, in full compliance with the regulations applicable in each case.

4. Rules of use

  1. a. Use of the Service: User undertakes in all cases to use the Website and its services in a diligent, correct and lawful manner, in accordance with the Law, these Conditions of Use (or those applicable in each specific case), the regulations for use and instructions made known to them, as well as with morality, generally accepted good customs and public order.

    b. To this effect, the User will abstain from using the website, its contents or services in a manner that is illicit, prohibited, or harmful to the rights and interests of third parties, or that in any way may damage, render useless, overload, deteriorate or impede the normal use of the services, computer equipment or documents, files and all types of content stored in any computer equipment. The User agrees not to download, share, send or distribute in any other way content or applications which may infringe current legislation, or which may infringe any rights of any party.

    c. Zerod reserves the right to refuse to provide the service or to grant access to the platform's pool of professionals to any person for any reason, or to discontinue the service in whole or in part at any time, with or without notice.

  2. Access control: the User may only access those resources of the information system for which he/she is authorized.

  3. Terms of use: the User using the Website shall be responsible for:

    1. I. Ensuring that the information he/she handles cannot be used by unauthorized persons.
    2. II. Provide accurate, current, and complete information during the registration process and to update such information to keep it accurate, current and complete.
    3. III. Safeguard your password and other sensitive credentials. The User further agree that you will not disclose your password to any third party and that you will assume sole responsibility for any activities or actions under your Zerod User, whether or not you have authorized such activities or actions.
    4. IV. Manage security permissions and to remove sensitive data in a timely manner to mitigate the risk of security breaches.
    5. V. Immediately notify Zerod of any unauthorized use of your Zerod account.
    6. VI. If you interact with anyone who you believe is acting or has acted inappropriately, including, but not limited to, anyone who (i) engages in offensive, violent or sexually inappropriate behaviour, (ii) you suspect is stealing from you, or (iii) engages in any other disruptive behavior, you must immediately report such person to the appropriate authorities and then to Zerod by contacting the reporting number at hello@zerod.io; provided that your report will not oblige us to take any action beyond that required by law (if any) or cause us to incur any liability to you.
  4. Temporary files:

    The information stored on the Website by Users will be retained by the owner for the periods indicated in the privacy policy without the owner being liable in any way for the information that the User exports from such systems.

  5. Prohibited conduct:

    1. I. The use of computer viruses or any other code, file or program that is designed or intended to interrupt, damage, or limit the operation of any software, hardware or telecommunications equipment, or damage or gain unauthorized access to data or other information of any third party not related to the provision of services.
    2. II. Impersonate, interfere with or disrupt the service, servers or networks connected to the services or fail to comply with the requirements, procedures, policies or regulations of networks connected to the services that are not related to the provision of services.
    3. III. Circumvent, circumvent, remove, disable, disable, impair, decode, or otherwise circumvent any technological measures implemented by Zerod or any of Zerod's suppliers or any other third party (including another User) to protect the Website, the services or the collective content.
    4. IV. Acting as a User, contact and recruit other Users to join the services of third parties that are competitors of Zerod.
    5. V. Systematically retrieve data or other content from Zerod to create, directly or indirectly, in single or multiple downloads, a collection of data either manually or by means of bots, crawlers or the like that is unrelated to the provision of services.
    6. VI. Copy, store, modify, prepare derivative works based on, distribute, license, sell, transfer, publicly display, publicly perform, transmit, broadcast, or otherwise exploit any software that forms part of the Website, except as expressly permitted under these Terms, or attempt to expose the source code or attempt to recreate any software that forms part of the Website.
    7. VII. Provide the account to any other person for their use, the User being fully responsible for any and all activities that occur under their password or account, and for ensuring that their password remains confidential and secure. The User agrees to immediately notify Zerod of any unauthorized use of your password or account or any other breach of security. Zerod shall not be liable for any loss or damage arising from your failure to comply with the above.
    8. Violate any Applicable Law, including, without limitation, privacy laws.

Zerod shall have the right to investigate and report any of the foregoing conduct in accordance with the law and to cooperate with the authorities in the investigation of such conduct.

The User acknowledges that Zerod has no obligation to monitor the User's access to or use of the Website or to review or edit the content without prejudice to its right to do so for operational purposes, to ensure compliance with the terms and applicable legislation, administrative, police or judicial requirements.

5. Specific conditions

When a Customer registers for an activity through the Website, he/she must indicate his/her personal data, including his/her bank card details, which may be shared as provided for in the privacy policy with third party payment service providers.

By entering into this agreement, the Customer agrees to the immediate provision of the Service and the immediate availability of the content to the Customer. The Customer also accepts that he/she will not have the right to withdraw from the service or the agreement, in accordance with article 103 (m) of the General Law for the Defense of Consumers and Users (Royal Legislative Decree 1/2007, of 16 November) once the provision of the Service has begun.

Some of the services offered may be subject to special conditions that may be established by Zerod from time to time. These conditions may supplement, modify, or replace, where appropriate, the General Conditions.

6. Intermediary service

Zerod is a platform whose function is to act as an intermediary between clients and hackers who may provide, among others, penetration testing, or pentesting, being an attack on a computer system with the intention of finding security weaknesses and anything that might have access to it, its functionality, and data (the “Services”).

Zerod, without the intervention of Hackers, will also offer the following SaaS services:

  1. a. Security testing of dynamic applications.
  2. b. Static application security testing.
  3. c. Software composition analysis.

Once the relevant tests and analysis have been performed:

  1. a. The hacker selected by the client will produce a pentesting vulnerability report detailing the findings discovered during the performance of the services.
  2. b. There's always the possibility to speak with the hacker within the platform chat in case of any doubt or clarification.
  3. c. After the vulnerability report has been delivered, the client must review it and give the approval. When the vulnerabilities have been solved by the client, the retest must be requested in the platform to verify everything has been corrected properly.
  4. d. The content and format of the vulnerability report will be determined by Zerod at its discretion.
  5. e. Vulnerability reports are not customizable, except where the tier you purchased includes customizable vulnerability reports.
  6. f. By using the Zerod Services, you acknowledge that Zerod acts as an intermediary, and possesses a degree of independence in the formulation of its findings (as articulated through a Vulnerability Report) and, as such, Zerod will not remove or downplay the findings in a Vulnerability Report at the request of a customer without a sufficient factual basis to do so.
  7. g. Customer may remove the Zerod logo and any other branding from a Vulnerability Report and use the Vulnerability Report for Customer's own commercial and non-commercial purposes.

Customer understands and agrees that security hackers are independent third parties who are engaged by Customer through the Zerod platform to assist in providing the Services. The use of the Site by security hackers and their performance of any testing at the Customer's request is governed by these Conditions or, if entered into, by the contract signed between the parties concerned.

7. Security hackers

The Hackers are aware and accept that the relationship between Zerod and the Hackers is a commercial relationship between legally and economically independent parties, each of the Parties being responsible for its obligations and tax and labor charges and holding the other Party harmless with respect to the same.

Hackers agree not to use the Website or any service provided through the intermediation of Zerod for the commission of any criminal offence or impermissible practice. Hackers agree that if they fail to comply with the above, they shall be liable for the payment of all damages and expenses that Zerod may incur as a result of the offence committed with the Hacker, in addition to a penalty being at least proportionate to the damage caused.

Hackers also undertake to indemnify Zerod or pay Zerod any amounts due for failure to comply with the deadlines agreed with Customers, lack of quality in the Services provided through the intermediation of Zerod, or failure to comply with any confidentiality or data protection obligations set out in the Conditions.

8. Hacker regions

Security hacks are distributed globally. Zerod cannot guarantee that a particular Service will only exploit security hackers from a specific country, region, or other geographic specification.

Customer acknowledges that hackers are not employees of Zerod. Hackers provide the Services through the Zerod platform and, as such, do not and will not enter into contracts directly with the Customer. Zerod will not facilitate the exchange or execution of any agreement directly between a hacker and a customer, including but not limited to any non-disclosure agreement or similar document.

9. Service orders, invoicing, payment, returns and refunds

9.1 Ordering of services

If the Customer wishes to order any of the Services, the parties shall enter into one or more Service Orders. Each order shall specify, as applicable, the particular Services requested (including a description thereof), the fees for the Services and the estimated time for performance (the “Service Order”).

9.2 Ordering of services

Zerod will invoice in accordance with invoicing schedule set out in the Service Order. Consequently, the Customer shall pay all fees by bank card at the time of requesting and subscribing the Service Order, whereas the hackers shall charge the amounts due to them for the services actually provided up to 7 days after the performance and completion of the Services in accordance with the following payment schedule: 80% upon completion of the Services and 20% after the retest.

9.3 Ordering of services

Customer acknowledges that future renewals of Services purchased under any particular Service Order will occur at the then current per credit price applicable at the time of such renewal. Zerod reserves the right to change its per credit pricing at its discretion so that future renewals of Services purchased under any particular Service Order may reflect price increases.

9.4 Ordering of services

The User will only have 5 working days after the subscription of the Service Order to withdraw from the contracted Services, provided that the Hackers have not started to provide these services. In this case, Zerod and the Hacker, bound by these Terms and Conditions, will refund the amounts paid by the Customer within a period equal to or greater than that established as a payment schedule in the Service Order signed by the Parties, with the Customer being obliged to bear the costs and expenses of such refund. We will proceed to make such reimbursement using the same means of payment used by the Customer for the initial transaction.

The final analysis delivered by the Hackers as a result of the provision of the Services is considered a customized product. Consequently, once delivered, the Customer may not request the return of the Products, or the reimbursement of the amounts paid.

10. Corrective action

We may, in our sole discretion and at any time, with or without cause, and with or without notice: terminate or modify these Terms, terminate, modify, or restrict your access to the Services, deactivate or terminate your Zerod account, and take such other actions as we deem appropriate in our sole discretion. In the event that any of the foregoing applies, you will remain liable for all amounts due hereunder, or under an applicable Service Order.

Notwithstanding the foregoing, we will not terminate your account if there is an active Service Order in effect unless such termination is for:

  1. a. a material breach by you of these Terms, including, without limitation, any breach of the restrictions described herein;
  2. b. a material breach of a Service Order, where such breach is not cured within 30 days after receipt of your email or other notice of such breach; or,
  3. c. a violation of any third-party rights or applicable laws, as determined in our sole discretion.

11. Cancellation

The Customer may cancel the Zerod account at any time through the “Cancel Account” function of the Services or by sending an email to hello@zerod.io, provided that such cancellation by the Customer shall not affect any obligations of the Customer under an active Service Order, including payment obligations, unless the parties to the Service Order expressly agree otherwise. Please note that if your Zerod account is terminated, we have no obligation to remove or return to you any Customer data you have posted on the Services, including but not limited to reviews or comments, unless explicitly agreed to in a Service Order.

12. Confidentiality

In the context of the provision of the Services, the parties shall have access to confidential information of the other party. Confidential information means any information relating to the other party, to companies of the same group, or to other persons or entities related to the activities, including, but not limited to, corporate, technical, business, accounting, financial information, programs or software, methods, know-how, plans, drawings, processes (the “Confidential Information”).

In the event that it is legally obliged to disclose all or part of the Confidential Information, the obliged Party shall:

  1. a. give such written notice as soon as possible and in any event prior to the disclosure or delivery of the Confidential Information, accompanied by copies of relevant documents and information to enable the other Party to take such steps as it considers appropriate to protect its rights and the Confidential Information; and,
  2. b. determine the content of the Confidential Information that is legally required to be disclosed, unless such content is fixed by a decision of the competent authority requiring each Party to provide such information.

The obligation of confidentiality provided for in this clause shall apply indefinitely even in the event of termination of the provision of the Services, whatever the cause thereof.

13. Protection of personal data

The Customer grant Zerod a worldwide, unlimited, non-exclusive, non-transferable, non-transferable, royalty-free license to use, access, view, copy, display, transmit and store customer data through or via the Website and the Services solely to the extent necessary to operate, maintain, run and provide the Website and the Services, to use, access, view, copy and display, information related to the Applications or Networks to create vulnerability reports or perform security program related tasks; and to create, view, display, transmit and store vulnerability reports related to the Applications or Networks. The Customer acknowledge that this license grant extends, to the extent necessary to facilitate the performance of the Services, to Zerod personnel and hackers. Except as expressly licensed herein, the Customer shall retain all right, title or interest in and to the Applications or Network and all intellectual property rights therein, and except as expressly granted herein, Zerod shall not obtain any right or license therein.

Zerod undertake to comply with all obligations arising from the application of Organic Law 3/2018 of 5 December on the Protection of Personal Data (“LOPD”) and General Regulation EU 2016/679 of the European Parliament and of the Council of 27 April 2016.

Zerod will process the data set out in the heading relating to natural persons acting on behalf of the Parties in accordance with the LOPD.

Zerod reserves the right to store and dispose of the data of data subjects for the period permitted under data protection law.

14. Intellectual and industrial property

The Services are protected by copyright, trademarks and other laws of Spain, the European Union, and foreign countries.

The User acknowledges and agrees that Zerod or its licensors own all right, title and interest in and to the Website, the Services and all results derived from the provision of the Services, including but not limited to techniques, ideas, concepts, methods, processes, software, utilities, data, documents, directories, designs, user interfaces, know-how, graphics, video content or other data or information acquired, created, developed or licensed by Zerod prior to or outside the scope of the Services and all modifications, enhancements and derivative works thereof and all associated intellectual property rights (the “Zerod Property”).

The User agrees that Zerod and its licensors reserve and retain all right, title and interest in and to the Website, the Services and the content and results derived from the Services. The User may not remove or alter any proprietary notices contained in the Services or content derived from the provision of the Services or modify or attempt to expose the source code or attempt to recreate any software forming part of the Website.

You are not granted any title, license or other right or interest by implication or otherwise under any intellectual property rights owned or controlled by Zerod or its licensors, except for the licenses and rights expressly granted in these Terms.

Zerod reserves the right to take appropriate legal action against Users who violate or infringe intellectual property rights and to remove infringing content.

15. Licensing of customers

The Customer acknowledges and agrees that Zerod has the right to collect and create high-level, generic, anonymous, statistical, or benchmarking data derived from the use of the Website and the provision of the Services, results, and information (the “Statistical Data”).

All Statistical Data is the sole and exclusive intellectual property of Zerod.

The Customer shall retain all right, title, or interest in and to its data and Confidential Information and all intellectual property rights therein.

The Customer understands and agrees that Zerod shall be entitled to share the Customer's agreement details with external partners and service providers in connection with the provision of the Services and to allow such partners to provide other software or services related to the Services.

16. License to use the website

Zerod grants the User a personal, non-transferable, non-sublicensable, revocable, non-exclusive licence to use the Zerod services through the Website on the terms described herein. Zerod reserves all other rights not expressly granted.

The contents of the Zerod services are protected by copyright, trademark and other proprietary rights laws. Zerod is the owner of the copyrights and trademarks displayed on the Website. Users may not modify, copy, reproduce, reproduce, republish, upload, transmit or distribute in any way the material on this service including text, video, graphics, code and software, except with the prior written consent of Zerod.

Users may not use data mining tools to collect or copy any content or data relating to the service or its users in a manner not authorised by Zerod. Similarly, Users may not use framing techniques, or use meta tags or any other “hidden text” using Zerod's name or brand without Zerod's permission.

The rights granted will terminate without notice if the User breaches any term of the Terms or Privacy Policy. Upon termination of the Licence, the User shall cease all use of the Website, and destroy or uninstall all copies, in whole or in part.

17. Advertising

The Website may host advertising or sponsored content. Advertisers or sponsors are solely responsible for ensuring that the material submitted for inclusion on the Website complies with the laws that may be applicable in each case. Zerod shall in no event be liable for any advertising or sponsored content included on the Website.

18. Links

The Website may contain links to third-party websites. However, Zerod accepts no liability whatsoever for the links or the content which may appear on such websites. Likewise, their existence does not imply that Zerod endorses, promotes, guarantees or recommends the linked websites. Thus, the Customer is responsible for accepting and checking the accesses each time he/she accesses them.

On the other hand, third parties who intend to include a link to this Website on a web page must comply with current legislation and may not host content which is inappropriate, illegal, violent, etc. Zerod is not responsible for the content of the Website, nor does it endorse, promote, guarantee or recommend the content of the Website.

19. Non-warranty clause on contracted services

Zerod offers no guarantee as to the accuracy, quality, reliability, legality or non-violation of rights by Customer. In this respect, Customer declare that they understand that Zerod is an independent company which accepts no liability whatsoever for the actions carried out by Customer or for any damages which they may suffer as a result of a breach of these Conditions of use. Zerod guarantees the quality of the Services, ensuring that, in the event that the Services are not provided with the required level of diligence and professionalism, Zerod will take action against the professional who has contacted the Customer.

20. Liability

The User is aware and voluntarily accepts that the provision of the Services takes place, in all cases, under his or her sole and exclusive responsibility, and shall therefore be liable for any damages of any kind which Zerod may suffer as a result of breach of any of the obligations of these conditions of use.

The User undertakes to use the Website in accordance with the Law, these conditions of use, good customs and public order. Likewise, the User undertakes not to use the Website, its contents or services provided through it for illicit purposes or effects, being contrary to these conditions, or harmful to the interests or rights of third parties, or which, in any other way, may damage, render inaccessible or deteriorate the Website, its contents or prevent normal use of the same by other users.

The User undertakes not to insert illegal content on the Website and to comply with all applicable regulations concerning the display of content. Zerod reserves the right to remove content from the Website which it considers inappropriate for the characteristics and purposes of the Website.

By accepting these Terms and Conditions, the Clients and the Hackers agree and guarantee that the only interlocutor between them will be Zerod, and that none of the aforementioned will be able to negotiate or contact each other directly.

Consequently, the Clients and the Hackers shall not, under any circumstances, provide each other with personal data (such as telephone, mail or other). In order to ensure the above, Zerod may monitor conversations between the Client and the Hacker, with the Users authorizing, by accepting these terms and conditions, such monitoring. In the event that any of the Users provide their personal data, Zerod shall be entitled to take such measures as it deems appropriate, including blocking the User from the Website, preventing the User from using the Website for such period as Zerod deems necessary, and claiming damages as appropriate.

21. Limitation of liability

Except as otherwise expressly provided in these Terms, by ordering the Services, you agree that any legal remedy or liability you seek to obtain for any acts or omissions of, any individual or other third parties shall be limited to a claim against the particular individuals or other third parties who caused you harm and you agree not to seek to impose any liability against Zerod in respect of the acts or omissions of other individuals or third parties.

The User acknowledge and agree that, to the maximum extent permitted by applicable law, neither Zerod nor its licensors, suppliers or contractors shall be liable for any direct, indirect, incidental, special, exemplary, punitive or consequential damages, including loss of profits, loss of data or loss of goodwill, interruption of service, computer damage or system failure or cost of substitute products or services, or for any damages for personal or bodily injury or emotional distress arising out of or in connection with the terms, the use or inability to use the site, the services or the collective content, from any communication or interaction with other users of the site or the services, whether based on warranty, contract, tort (including negligence), product liability or any other legal theory, and whether or not Zerod has been advised of the possibility of such damage, even if it is determined that a limited remedy set forth herein has failed of its essential purpose.

To the maximum extent permitted by applicable law, Zerod’s total aggregate liability arising out of or related to the Services provided by Zerod, including, without limitation, from its listing of its security program or vulnerability reporting through the Services, shall not exceed the aggregate total of the amounts set forth in this Agreement, shall exceed the aggregate of the amounts you have paid in connection with a specific security program through the Services as a customer during the 12 months prior to the event giving rise to the liability occurring, or if you are a Security Hacker, the amounts paid by Zerod to you in the 12 month period prior to the event giving rise to the liability.

The limitations of damages set forth above are fundamental elements of the basis of the agreement between Zerod and the User. Some jurisdictions do not allow the exclusion or limitation of liability for consequential or incidental damages, so the above limitation may not fully apply to you, in which case you agree that this provision shall apply to the maximum extent permitted by law.

The Customer understand and agree that the nature of Hackers may cause damage or interruption to the programs and that Zerod shall have no liability of any kind arising from such testing activities, and Zerod shall at all times be released from any and all liability.

22. Indemnification

The User agree to release, indemnify and hold harmless Zerod and its affiliates and subsidiaries, and their officers, directors, employees and agents, from and against any and all third-party claims, liabilities, damages, losses and expenses, including, without limitation, reasonable legal and accounting fees, arising out of or in any way connected with:

  1. a. your access to or use of the Website or the Services;
  2. b. Customer Data, including, without limitation, Customer Data that infringes the rights of third parties, including intellectual property rights;
  3. c. Customer Data, including, without limitation, Customer Data that infringes the rights of third parties, including intellectual property rights;
  4. d. your improper or unlawful interaction with any other person accessing the Website;
  5. e. your misrepresentation, negligence, or willful misconduct in connection with your performance of these Terms; and,
  6. f. your violation of applicable law (the “Indemnified Claims”).

23. Modification of content and terms and conditions

Zerod may update or modify these Terms. In such event, the update will be posted in a conspicuous place on the Website so that the User is aware of any changes. In this respect, the User accepts that any changes made shall be binding and shall come into force as soon as they are published. In this way, the User undertakes to always check the most recent version of the Conditions available on the Website.

24. Force majeure

We will do our best to fulfil our obligations. However, we shall not be liable for delay or failure to perform a contract if the delay or failure to perform is due to any force majeure. In the event of delay, we will perform our obligations as soon as reasonably possible.

Force majeure is understood to include, but is not limited to, the following: strikes, lockouts or other industrial action, civil commotion, riot, invasion, terrorist attack or terrorist threat, war (whether declared or not) or threat or preparation for war, fire, explosion, storm, flood, earthquake, subsidence, epidemic, pandemic or any other natural disaster, impossibility of use of trains, ships, aircraft, motor transport or other means of transport, public or private, impossibility of using public or private telecommunication systems, acts, decrees, legislation, regulations or restrictions of any government or public authority, failure or accidents of maritime or inland waterway transport, postal or any other form of transport.

25. Governing law and jurisdiction

This Contract is governed by Spanish common law. For the resolution of any questions that may arise as a result of this Contract, both Parties submit to the jurisdiction of the Judges and Courts of Barcelona, expressly waiving any other jurisdiction that may correspond to them.