Terms and Conditions of Use

1. Introduction

Access and use of our website (“The Site”), as well as the technological products and services we offer, are governed by these Terms and Conditions of Use. By contracting or using our services, you (the “User” or the “Client”) acknowledge having fully read, understood, and accepted these conditions. If you do not agree, we recommend refraining from using the site or the services.

For the purposes of these Terms and Conditions, the “Company” shall be understood as Digisecuritas, which is the owner of the website and provider of the services described herein.

These Terms and Conditions form an integral part of the contractual relationship between the Client and the Company, and shall prevail over any other commercial document, unless a written agreement signed by both parties exists.

2. Purpose and Services

The Company offers advanced cybersecurity solutions aimed at preventing, detecting, and responding to technological threats, testing, analysis, among others:

  • Mobile application penetration testing
  • Red Team services and attack simulation
  • Denial of Service (DDoS) simulations
  • Threat Hunting and defensive services
  • Cyber Threat Intelligence (CTI)

The services are provided under a technological service delivery model, in accordance with the best international practices in the sector, without implying an absolute guarantee of invulnerability against cybersecurity incidents.

The provision of the services does not constitute a legal consultancy service, accounting audit, or regulatory advice, but strictly technological cybersecurity services.

The Client acknowledges that the results of the tests, simulations, and analyses are indicative and do not constitute an absolute guarantee of security or the absence of future incidents.

The Company may update, modify, or interrupt, temporarily or permanently, the provision of the services, timely notifying the Client when this affects the execution of an ongoing contract.

3. Conditions of use of the site and software

The User undertakes to use the site and services only for lawful purposes and in accordance with the provisions of these Terms. It is expressly prohibited to:

  • Introduce, transmit, or disseminate unlawful, defamatory, offensive content, or content contrary to morality, public order, or the rights of third parties
  • Access restricted systems, accounts, networks, or information without authorization
  • Interfere with, alter, or damage the technological infrastructure of the Company or third parties
  • Perform reverse engineering, decompile, copy, or modify the software owned by the Company without express written authorization
  • Use the services for fraudulent, unlawful activities, or activities that may generate civil or criminal liability

The Client undertakes to use the services exclusively in environments for which they have full ownership or express authorization. The Company will not be responsible for tests performed on third-party systems without the owner's authorization.

Likewise, the Company reserves the right to suspend or restrict access to the site or services in case of detecting misuse, fraud, unlawful activities, or any breach of these Terms.

4. User registration and accounts

When registration is necessary for accessing the services, the User undertakes to provide truthful, complete, and up-to-date information. The safekeeping of their access credentials is the sole responsibility of the User. The Company will not be responsible for unauthorized access or incidents arising from negligent custody of such credentials.

The Company may suspend or cancel accounts in case of detecting false, outdated, or incomplete information, or for any breach of these Terms. The User undertakes to immediately notify the Company of any unauthorized use of their account or access credentials, so that timely security measures can be adopted.

5. Client Responsibilities

The Client undertakes to:

  • Provide the Company with all the information, access, authorizations, and documentation necessary for the proper provision of the services.
  • Appoint a representative or point of contact to centralize coordination and communication with the Company.
  • Maintain updated backups of their information and systems, accepting that the Company is not responsible for data loss.
  • Guarantee that the performance of the tests does not violate third-party rights and that they have all the necessary authorizations for this.

The Company will not be responsible for delays, impossibility of execution, or limitations in the provision of services caused by lack of cooperation, incomplete information, or restricted access on the part of the Client.

6. Intellectual and Industrial Property

All software developments, algorithms, methodologies, trademarks, trade names, logos, texts, graphics, images, as well as any material included on the site or in the provision of services, are the exclusive property of the Company or its licensors, and are protected by national and international intellectual and industrial property laws.

Their unauthorized reproduction, modification, distribution, transmission, or exploitation, in whole or in part, is prohibited without the prior written consent of the Company.

The Client acknowledges that the contracting of the services does not imply in any case the assignment of intellectual or industrial property rights, but only a limited, non-exclusive, revocable, and non-transferable license to use the deliverables strictly necessary for the provision of the services.

Any use other than that expressly authorized by the Company will constitute an infringement that will entitle the Company to terminate the contractual relationship and claim the corresponding damages.

7. Confidentiality and information security

The Company undertakes to maintain the confidentiality of the information to which it has access during the execution of the services, adopting reasonable technical and organizational security measures for its protection.

The Client, in turn, undertakes not to disclose technical or contractual information related to the Company's services without express authorization.

Confidentiality obligations will remain in force for a period of five (5) years following the termination of the contractual relationship, unless applicable regulations provide for longer or shorter periods.

Information shall not be considered confidential if (I) it is publicly available without infringing these Terms, (II) it was legitimately obtained from a third party without a confidentiality obligation, or (III) it must be disclosed by legal mandate or by requirement of a competent authority, in which case the party obliged to disclose shall notify the other party to the extent legally possible.

The Client acknowledges and accepts that the Company may access certain technical information of the Client solely for the purpose of providing the contracted services, and its use for other purposes is prohibited.

8. Payment and billing conditions

For services subject to payment, the Client must comply with the economic conditions in force at the time of contracting, including applicable taxes according to local regulations.

The Company will issue invoices based on the tax information provided by the Client. Payment terms, refunds, and cancellations will be established in the particular contracting conditions or in the corresponding service contract.

In case of non-compliance with payment terms, the Company may suspend the provision of services, totally or partially, until regularization, without this generating additional liability.

Delay in payments will generate default interest at the maximum rate permitted by applicable regulations, accrued automatically without prior demand.

The Client is responsible for ensuring that the billing information provided is correct and up-to-date. The Company will not assume responsibility for delays, payment rejections, or additional charges resulting from incorrect or incomplete information.

9. Limitation of Liability

The User acknowledges and accepts that:

  • Cybersecurity services do not guarantee the total elimination of risks or computer threats, but rather the reduction and management of such risks in accordance with international standards.
  • The Company will not be responsible for indirect, incidental, consequential damages, loss of data, loss of revenue, or loss of profits arising from the use or inability to use the services.
  • The Company's liability, in any case, will be limited to the amount actually paid by the Client under the contract that gave rise to the claim.
  • The Company is not responsible for failures, incompatibilities, or vulnerabilities in third-party systems or software over which it has no control.

The Company will not be responsible for security incidents arising from the Client's failure to implement the recommendations, configurations, or corrective measures suggested in the reports or deliverables.

The Company will not be responsible for delays or failures caused by force majeure, including but not limited to: third-party attacks, failures of internet, energy, or telecommunications providers, governmental provisions, labor disputes, or health emergencies.

In no case shall the Company be responsible for the improper use that the Client or third parties make of the deliverables, reports, or results derived from the contracted services.

10. Security Incidents During Service Provision

In the event that, as a direct consequence of the tests or simulations carried out by the Company, an incident occurs that affects the availability or operation of the Client's systems, the Company will take reasonable measures to mitigate the impact.

Such incidents will not generate additional liability for the Company, except for proven fraud or gross negligence.

The Client undertakes to immediately notify any incident detected during the execution of the services to coordinate joint mitigation actions.

11. Personal Data Protection

The processing of personal data will be carried out in accordance with the applicable regulations in the jurisdictions where the Company operates, and in accordance with the provisions of our Privacy Notice. Such data will be processed for the purposes of service provision, billing, support, and legal compliance.

12. Regulatory Compliance During Service Provision

The Client is responsible for ensuring that the contracting and use of the Company's services comply with the applicable regulations in their jurisdiction, including regulations regarding data protection, cybersecurity, electronic contracting, and other legal provisions.

The Client acknowledges that some cybersecurity services may be subject to technology export controls or international restrictions (for example, regulations of the European Union or the United States), and it is their sole responsibility to ensure compliance with such restrictions in their jurisdiction.

The Client undertakes not to use the services for purposes that contravene national or international laws, including those related to asset laundering, terrorism financing, or improper use of technologies.

The Company reserves the right to suspend or terminate the provision of services in case of detecting that the Client or its end users carry out activities contrary to the law or to what is stipulated in these Terms.

13. Modifications

The Company may modify these Terms and Conditions at any time. Such modifications will come into effect upon their publication on the website. Continued use of the services will be understood as express acceptance of the modifications.

In case of substantial modifications that directly affect the provision of the contracted services, the Company will notify the Client with reasonable advance notice through the registered contact means.

The Client will have the right to terminate the contractual relationship if they do not agree with the substantial modifications, and must notify the Company in writing within the period communicated to them in each case.

14. Applicable Law and Jurisdiction

These Terms shall be governed by and interpreted in accordance with the laws of the Oriental Republic of Uruguay, without prejudice to other jurisdictions possibly being applicable depending on the Client's place of residence or the provision of services.

Any dispute arising from the interpretation or execution of these Terms shall be submitted to the competent courts of Montevideo, except for an express agreement on arbitration or other alternative dispute resolution mechanism agreed upon under contract.

15. Early Termination

The Company may terminate the contractual relationship early in the event of:

  • Serious breach of payment obligations by the Client.
  • Improper, unlawful, or unauthorized use of the services.
  • Violation of confidentiality obligations.
  • Repeated breach of the obligations established in these Terms.

The Client may terminate the contract in case of a serious breach by the Company in the provision of the services, provided that such breach is not remedied within a period of thirty (30) calendar days from the written notification.

In all cases of termination, the Client must pay for the services effectively provided up to the date of termination, without the right to refunds unless otherwise provided in a particular contract.

16. Ethical and Service Use Restrictions

The Client may not request or induce the Company to carry out activities contrary to the law, such as computer attacks on third-party systems without the express authorization of their owners.

The Company reserves the right to refuse or suspend services that imply use contrary to professional ethics, current regulations, or integrity principles in cybersecurity.

17. Notifications and Contact

All notifications, communications, or requirements that must be made under these Terms must be made in writing and shall be considered validly made when sent to the official email addresses indicated by each party at the time of contracting or those subsequently designated in writing.

The Company designates the following email as the official contact channel: legal@digisecuritas.tech.

The Client must keep their contact information updated and will be responsible for the validity of the email address and other information provided.

Notifications sent by email shall be deemed received on the date and time of dispatch, unless proven otherwise.

Privacy Notice of Use

1. Identity of the Data Controller

Digisecuritas (the “Site”), with domicile in Montevideo, Uruguay, is responsible for the processing of the personal data of its users and clients, in accordance with the applicable regulations on personal data protection in the jurisdictions in which it operates, including the European Union's General Data Protection Regulation (GDPR) and relevant local legislation.

For the purposes of this Policy, the “Company” shall be understood as Digisecuritas, which owns the website and provides the services described herein. The Company may act as a Data Controller or Data Processor, as appropriate, and has designated the email legal@digisecuritas.tech as the contact channel for privacy matters.

2. Personal Data Collected

The Company may collect and process the following categories of data:

  • Identification Data: name, surname, identity document, or passport.
  • Contact Data: email address, phone number, physical address.
  • Billing and Financial Data: tax information, payment methods, receipts.
  • Site and Software Usage Data: activity records, logs, IP addresses, browsing patterns, user configuration.
  • Technical Information: cookies, online identifiers, operating system, browser.
  • Data derived from communications: support requests, queries, and correspondence sent by users.

In no case will we request or process sensitive data (health, political orientation, religion, etc.) unless strictly necessary and with express consent.

When certain services require sensitive data by legal or regulatory mandate (e.g., security or compliance certifications), the Company will inform the user in advance, obtain their express written consent, and limit the use of said data exclusively to the authorized purpose.

3. Purposes of Processing

Personal data are used for:

  • Processing user registrations and managing accounts.
  • Providing, personalizing, and improving our cybersecurity and software services.
  • Issuing invoices, managing collections, and accounting obligations.
  • Providing technical support and customer service.
  • Complying with legal, regulatory, or contractual obligations.
  • Preventing fraud, security incidents, and unauthorized access.
  • Sending communications related to contracted services or, in case of express consent, commercial and marketing communications.

In no case will personal data be used for purposes other than those provided herein without previously informing the user and, where appropriate, obtaining their express consent.

The data collected may be used for statistical analysis and improvement of the user experience, always in aggregated or anonymized form, so that they do not allow the direct identification of the data subject.

4. Legal Basis for Processing

Data processing is based on:

  • Express user consent, granted upon registration or acceptance of this Policy.
  • Execution of a contract or provision of a requested service.
  • Compliance with legal obligations of the Company (example: billing, cybersecurity regulations).
  • Legitimate interest of the Company, such as service improvement, site security, and fraud prevention.

If processing is based on consent, it may be withdrawn at any time without affecting the lawfulness of processing carried out previously.

The Company will conduct periodic proportionality and necessity assessments when invoking legitimate interest as the basis for processing, ensuring that users' rights and freedoms do not prevail.

5. International and Third-Party Transfers

Personal data may be transferred and stored on servers located outside the user's country, including cloud service providers (e.g., AWS, Google Cloud, Microsoft Azure). The Company will adopt contractual, technical, and organizational measures to ensure an adequate level of protection in accordance with applicable regulations (including standard contractual clauses approved by the European Commission, where applicable). Personal data will not be transferred to third parties other than those mentioned, except for legal obligation or express user consent.

When the Company hires data subprocessors (e.g., technology or support providers), it will contractually require them to apply the same security and confidentiality guarantees established in this Policy.

The Company does not commercialize or sell personal data to third parties under any circumstances.

7. User Rights

Users have the right to:

  • Access their personal data.
  • Rectify inaccurate or incomplete data.
  • Request the deletion of their data when they are no longer necessary or consent has been withdrawn.
  • Object to data processing for legitimate reasons.
  • Request the portability of their data to another provider, when applicable.
  • Withdraw the granted consent at any time, without affecting the lawfulness of the previous processing.

To exercise these rights, the user may send a request to legal@digisecuritas.tech, accompanied by a document proving their identity.

8. Ownership and Use of Data

The data, reports, findings, and results generated within the framework of the provision of services are the property of the Client, who will have full right of use over them.

The Company may retain copies of said results to the extent necessary for archival purposes, legal compliance, or defense of its interests, committing to treating them under strict confidentiality.

Likewise, the Company may use the information derived from the provision of services in an anonymized or aggregated manner for statistical purposes, research, or continuous improvement of its methodologies, provided that it is not possible to directly or indirectly identify the Client or its users.

9. Minors

The Company's services are not directed at minors under 18 years of age. In case of inadvertent processing of minors' data without valid authorization, the Company will proceed to eliminate them immediately.

10. Security Measures

The Company implements reasonable technical, administrative, and organizational measures, including encryption, access control, periodic audits, and security policies, to protect personal data against unauthorized access, loss, alteration, improper disclosure, or destruction.

These measures will be reviewed and updated periodically, taking into account technological evolution, industry best practices, and the risks detected at any given time.

In the event of a security breach compromising personal data, the Company will notify the user and the competent authorities in accordance with applicable regulations.

11. Responsibility for Integrity of Client Information

The Client is solely responsible for the veracity, accuracy, integrity, and lawfulness of the information, credentials, data, and documentation provided to the Company for the execution of the services.

The Client guarantees that the information delivered does not infringe on third-party intellectual property, confidentiality, or data protection rights, and will indemnify and hold the Company harmless against any claim arising from the breach of this obligation.

The Company will not be responsible for errors, failures, or limitations in the results of the services that arise from inaccurate, incomplete, or misleading information provided by the Client.

12. Use of Cookies and Similar Technologies

The website uses cookies and equivalent technologies to improve the user experience, personalize content, and analyze traffic. The user can configure their browser to reject cookies or be notified about them. For more information, consult our Cookie Policy.

13. Modifications to the Privacy Policy

The Company may update this Policy at any time. Changes will be notified on the website, indicating the date of its last update. Continued use of the site and services after such changes will imply acceptance of the new version.

When modifications are substantial or affect the rights of users, the Company will notify such changes via email to registered users, in addition to publishing them on the website.

In such cases, the user will have the right to request the deletion of their personal data if they do not agree with the modifications introduced.

14. Contact

For any inquiries related to this Policy or the exercise of their rights, users can contact us at: legal@digisecuritas.tech

15. Miscellaneous

In case of discrepancy between the provisions of this Privacy Notice and the Terms and Conditions of Use, the provisions of the Terms and Conditions shall prevail.

The nullity, invalidity, or ineffectiveness of any of the provisions contained in this Privacy Notice shall not affect the validity of the rest, which shall continue to be fully applicable.

The failure of the Company to exercise or demand any right derived from this Notice shall not constitute a waiver of the same.

Cookie Policy

This Cookie Policy is issued by Digisecuritas, hereinafter the “Company”, owner of the website and responsible for the processing of personal data related to the use of cookies and similar technologies on this site. For inquiries, users can contact us at: legal@digisecuritas.tech

1. Definition of Cookies

Cookies are small text files that are stored on the user's device when visiting a website. Their main function is to facilitate navigation, improve the user experience, analyze behavior patterns, and enable the operation of certain technical or personalization functionalities.

For the purposes of this Policy, other similar online tracking and storage technologies shall also be understood as included as “cookies”, such as pixels, tags, SDKs, or local storage, insofar as they collect information from the user or their device.

2. Types of Cookies Used

Our website uses first-party and third-party cookies, classified into the following categories:

  • Strictly necessary cookies: They enable the basic operation of the website and the provision of services requested by the user. They do not require prior consent.
  • Performance or analytics cookies: They collect information about visitors' use of the site (for example, most visited pages, time spent, navigation errors), in order to improve its operation and optimize the user experience.
  • Functionality cookies: They allow remembering choices made by the user (language, region, display preferences) and providing improved and more personalized features.
  • Advertising and third-party cookies: They may be installed by external providers (such as Google Analytics, digital marketing tools, or social media) to develop user profiles, offer personalized advertising, and allow the integration of third-party services on the site.

3. Purpose of Cookie Use

The cookies used on this site have the following purposes:

  • Ensuring the safe, stable, and efficient operation of the website.
  • Analyzing traffic and browsing behavior to improve the quality of the services offered.
  • Remembering preferences and personalizing the user experience.
  • Facilitating interaction with social networks and other external services.
  • Developing statistical metrics and, where appropriate, offering content or advertising tailored to the user's interests.

The Company will not carry out automated decisions or create individualized profiles based on cookies without having previously obtained the express consent of the user.

Cookies used for behavioral advertising or digital marketing purposes will only be installed after the explicit acceptance of the user.

4. User Consent

When first accessing our website, an informative notice or banner will be displayed that allows the user to:

  • Accept the use of all cookies.
  • Reject the use of non-essential cookies.
  • Configure their preferences in a granular way.

Consent may be withdrawn or modified at any time through the cookie settings available on the site or in the user's browser.

The withdrawal of consent will not affect the lawfulness of data processing carried out prior to said revocation.

5. Cookie Management

The user can configure their browser to accept, reject, or delete cookies at any time. It is important to note that disabling certain cookies may affect the functionality and experience of the website. For more information, the user can consult the help sections of the most common browsers (Chrome, Firefox, Safari, Edge, among others).

The website may offer its own management panel that facilitates the selective activation or deactivation of cookies, thus ensuring greater transparency and control by the user.

The Company will not be responsible for the malfunctioning of the site or for limitations in the provision of services when these result from the deactivation of cookies necessary for its operation.

6. Use of Similar Technologies

In addition to cookies, the website may use local storage technologies, tracking pixels, or online identifiers, for security, analysis, and user experience improvement purposes, with the provisions of this Policy applying in all cases.

When these technologies come from third parties (for example, integrations with analytics tools or social networks), the Company will ensure that their implementation complies with applicable regulations and that the user has granted the corresponding consent.

The user can manage similar technologies in the same way as cookies, through the settings panel or from their browser, insofar as that option is available.

7. Modifications to the Cookie Policy

The Company may modify this Policy at any time. Changes will be communicated by their publication on the website, indicating the date of the last update. Continued use of the site after such modifications will imply acceptance of the new version.

When modifications are substantial (for example, the incorporation of new categories of cookies or changes in purposes), the Company will notify such modifications through a prominent notice on the website and, where appropriate, by email to registered users.

In these cases, the user will have the right to review and modify their consent preferences again.

8. Contact

For inquiries related to this Cookie Policy or the management of personal data, users can contact us via email: legal@digisecuritas.tech

9. Miscellaneous

In case of discrepancy between the provisions of this Cookie Policy and any other informational or communication document related to the use of cookies, the provisions of this Policy shall prevail, unless a different rule should be applied due to mandatory legal provision.

The nullity, invalidity, or ineffectiveness of any of the provisions contained in this Policy shall not affect the validity of the rest, which shall continue to be fully applicable.

The Company's failure to exercise or demand any right derived from this Policy shall not constitute a waiver of the same.