Terms and Conditions of Using Our Services

Last Updated: June, 2026

These terms and conditions set out the basis on which managed security services are provided by Cyber Universe Europe Ltd. Please read them carefully before entering into an engagement with us. By signing a contract or statement of work with us, you agree to be bound by these terms. We may update these terms from time to time; any changes will be communicated in writing and will apply only to new engagements or renewals, not to services already being delivered under a signed agreement.

For any questions regarding these terms, please contact us at: info@cyberuniverse.uk.

1. About Us

Cyber Universe Europe Ltd. is a company registered in England and Wales (company registration number 16833900). Our registered office is Landmark House, 12 Chorley New Road, Bolton, Greater Manchester, England, BL1 4AP. The services described in these terms are provided from the United Kingdom and are governed by English law.

2. Our Services

We provide a range of managed security services as described in the relevant statement of work or service schedule agreed with each client. Our standard service portfolio includes 24/7 Security Operations, Managed Detection and Response, Vulnerability Assessment and Penetration Testing, Governance Risk and Compliance advisory, Cybersecurity Awareness and Training, Digital Forensics, and vCISO advisory. The specific scope of services, service level commitments, and deliverables applicable to your engagement are set out in the relevant contract or statement of work.

3. Fees and Payment

Fees for our services are as set out in the relevant contract or statement of work. Unless otherwise agreed in writing, invoices are payable within 30 days of the invoice date. We reserve the right to suspend services where invoices remain unpaid beyond 45 days of the due date, following written notice. No refund will be issued for services already delivered. Where we are unable to deliver a service due to circumstances within our control, we will offer to reschedule or provide an appropriate credit.

4. Cancellations

Notice periods and cancellation terms are as specified in the relevant contract. Where no specific cancellation term is agreed, either party may terminate ongoing services on 30 days' written notice. Any work completed up to the point of cancellation will be invoiced at the agreed rate. Cancellation of a fixed-scope engagement (such as a penetration test) within 5 business days of the scheduled start date may incur a cancellation fee as specified in the statement of work.

5. General Terms

Authorised use

All services provided by the organisation, including penetration testing and offensive security activities, are carried out strictly within the scope agreed in writing with the client. Any access to systems not covered by the written scope is not authorised and will not be undertaken. Clients must ensure that appropriate authorisation is obtained from all relevant parties before the commencement of any technical assessment.

Confidentiality

Both parties agree to keep confidential all information relating to the other party's business, technical environment, security posture, and the content of any deliverables produced. Confidentiality obligations are set out in detail in the non-disclosure agreement and/or the relevant contract.

Intellectual property

All tools, methodologies, and platforms used by the organisation in the delivery of services, including the Trident SIEM platform, remain the intellectual property of the organisation or its delivery partner. Deliverables produced specifically for the client, such as reports and assessments, are owned by the client upon payment of all applicable fees.

Data processing

The organisation acts as a data processor when handling personal data within client environments. All such processing is governed by the Data Processing Agreement incorporated into or annexed to the relevant client contract. Clients are responsible for ensuring that appropriate authorisation exists for the organisation to access and process data within the agreed scope.

Changes to services

The organisation reserves the right to make changes to services where required by applicable law, changes in the threat landscape, or improvements to technical capabilities. Where a change affects the agreed scope or service level, the client will be notified in writing.

Governing law

These terms are governed by and construed in accordance with English law. The courts of England and Wales shall have non-exclusive jurisdiction over any disputes arising from these terms.

6. Limitation of Liability

The organisation's total liability to you in connection with any service is limited to the total fees paid for the specific service to which the claim relates in the 12 months prior to the relevant event, unless otherwise agreed in writing. The organisation is not liable to you for any indirect, consequential, or special loss, including loss of profit, loss of business, or business interruption, arising from the provision of services.

Nothing in these terms excludes or limits either party's liability for death or personal injury caused by negligence, fraud or fraudulent misrepresentation, or any other liability that cannot lawfully be excluded or limited.