Terms of Service

These Terms of Service ("Terms") govern your access to and use of the services provided by Liora Security Ltd ("Liora Security", "we", "us", or "our"). By engaging with our services, visiting our website, or entering into a commercial agreement with us, you ("Client", "you", or "your") agree to be bound by these Terms.

If you do not agree with these Terms, please do not use our services.

1. Scope of Services

Liora Security Ltd provides cybersecurity services including, but not limited to:

• vCISO and security advisory
• Cybersecurity assessments & governance services
• Preventive security controls implementation support
• Detection & response services (including MDR, SOC support, incident response retainers)
• Security awareness training and simulations
• Ransomware resilience services (backup, containment, monitoring)
• Adversary simulation, penetration testing, and security testing
• Compliance services (ISO 27001, SOC 2, CE+, NIS2, DORA, etc.)
• Continuous security improvement, assurance, and reporting
• Partner/white-label cybersecurity services for MSPs and IT providers

Services are delivered according to individual Statements of Work ("SOWs"), proposals, or agreements between Liora Security and the Client. In the event of a conflict between these Terms and a signed SOW, the SOW will prevail.

2. Client Responsibilities

You agree to:

• Provide accurate information, access, and documentation necessary for delivering the services
• Ensure your systems, staff, and infrastructure are available when required for assessments or testing
• Maintain appropriate backups and system resilience unless otherwise agreed
• Inform Liora Security of any material changes to your technical environment, structure, or requirements
• Comply with all applicable laws, regulations, and internal policies

Failure to meet these responsibilities may impact service delivery and timelines.

3. Confidentiality

Both parties agree to keep all confidential information strictly confidential and use it solely for the purpose of delivering or receiving services.

Confidential information includes (but is not limited to):

• Security assessments and findings
• Incident response data
• Vulnerabilities, risks, or architectural details
• Business, operational, or financial information
• Any personal data provided during service delivery

Confidentiality obligations survive termination of the engagement.

4. Data Protection & GDPR

Liora Security Ltd acts as a Data Processor or Data Controller, depending on the nature of the engagement.

We comply with:

• The UK GDPR
• The Data Protection Act 2018
• Any other applicable data protection regulations

We only process personal data necessary for delivering our services and in accordance with our Privacy Policy.

Clients must ensure they have the lawful basis to share any data supplied to Liora Security.

5. Security Testing & Authorisation

For penetration testing, adversary simulation, or any activity that may interact with live systems, the Client must:

• Provide written authorisation
• Ensure they hold the necessary permissions for all systems and data involved
• Acknowledge that controlled testing may involve risks, including potential disruption

Liora Security implements safeguards to minimise risk, but cannot guarantee that all impacts are avoidable.

6. Incident Response & Monitoring Services

For incident response ("IR") retainers, MDR, SOC services, or detection & response capabilities:

• Liora Security will act based on information available at the time
• We cannot guarantee prevention of all attacks or breaches
• Response times and service levels will be defined in the SOW
• Client cooperation is required to enable rapid response

7. Intellectual Property

Unless otherwise stated:

• All methodologies, frameworks (including the Five-Layer Defence Framework), documentation, reports, materials, and tools created by Liora Security remain our intellectual property
• Clients receive a licence to use deliverables internally for their business purposes
• Reproduction, resale, redistribution, or external publication is not permitted without written consent

8. Payment Terms

Payment terms will be detailed in each SOW or invoice. Unless otherwise stated:

• Invoices are due within 30 days
• Late payments may incur interest as permitted under UK law
• Services may be paused if invoices remain unpaid beyond agreed terms
• Subscriptions or retained services may auto-renew unless the Client provides written notice as specified in the SOW

9. Warranties & Limitations

Liora Security provides services with reasonable skill, care, and professionalism. However:

• No cybersecurity company can guarantee absolute protection
• No service can ensure prevention of all attacks, breaches, or data loss
• Results depend on Client cooperation, environment, and system maturity

To the maximum extent permitted by law, Liora Security is not liable for:

• Indirect, incidental, or consequential damages
• Loss of revenue, profit, data, or business opportunity
• Security incidents resulting from third-party systems, client actions, or unmanaged risks

Our total liability is limited to the fees paid by the Client for the relevant services within the previous 12 months, unless otherwise required by law.

10. Termination

Either party may terminate an engagement if the other party:

• Materially breaches these Terms and fails to remedy the breach within 30 days
• Becomes insolvent or unable to fulfil obligations

Upon termination:

• All outstanding fees become due
• Liora Security will return or securely delete Client data as required
• Rights and obligations that should legally survive termination will continue (confidentiality, IP, liability limits, etc.)

11. Third-Party Tools & Integrations

Some services rely on third-party platforms, tools, or vendors (e.g., EDR, MDR, backup solutions, BullWall, scanning tools, or cloud providers).

Liora Security:

• Does not control third-party systems
• Is not responsible for outages, failures, or vulnerabilities within those platforms
• Will notify clients of known issues where reasonably possible

12. Use of Reports & Findings

Security reports, findings, and documentation provided by Liora Security:

• Are intended for internal use only
• Must not be shared externally without permission
• Should not be used as marketing or certification proof unless explicitly stated

Clients are responsible for acting on recommendations to reduce risk.

13. Changes to Terms

Liora Security may update these Terms periodically. Changes will be posted on our website with an updated "Last Updated" date.

Continued use of services after changes constitutes acceptance of the revised Terms.

14. Governing Law

These Terms are governed by the laws of England and Wales. Any disputes will be subject to the exclusive jurisdiction of the English courts.

15. Contact Information

For any questions regarding these Terms, please contact: