Cloudryption
Log in Book a Demo

Legal & Compliance

Terms of Service

The terms that govern your use of the Cloudryption platform and website.

Effective date: May 2026  ·  Applies to: cloudryption.com and the Cloudryption platform

1. Acceptance of Terms

By accessing or using the Cloudryption website at cloudryption.com or the Cloudryption platform (collectively, the "Service"), you agree to be bound by these Terms of Service ("Terms"). If you are accessing the Service on behalf of an organisation, you represent that you have the authority to bind that organisation to these Terms, and references to "you" include that organisation.

If you do not agree to these Terms, do not access or use the Service. Continued use of the Service after changes to these Terms are published constitutes acceptance of the revised Terms.

2. Description of the Service

Cloudryption is an enterprise cloud security platform that ingests cloud infrastructure data (from providers including AWS, GCP, and Kubernetes), builds a graph model of that environment, computes attack paths, and provides security prioritisation and remediation recommendations.

The Service is intended for use by security professionals, security engineers, cloud architects, and enterprise security teams. It is not a consumer product and is not designed or marketed for personal, household, or non-commercial use.

2a. Pilot and Evaluation Use

Where the Service is provided as part of a pilot, proof of concept, beta, trial, or evaluation, the Service is provided for evaluation and security decision-support purposes only, unless a signed order form or enterprise agreement states otherwise.

Cloudryption does not perform exploitation, offensive testing, or unauthorised scanning of third-party systems. Customer is responsible for ensuring that it has all rights and authorisations necessary to connect cloud accounts, provide credentials, ingest Customer Data, and use the Service within the agreed pilot scope.

Unless separately agreed in writing, pilot access should use read-only or least-privilege cloud permissions. Customer remains responsible for validating recommendations before applying changes to production environments.

3. Account Registration and Security

To access the Cloudryption platform you must create an account with a valid email address and password. You agree to:

  • Provide accurate, complete, and current account information.
  • Keep your password secure and not share it with any other person or system.
  • Enable multi-factor authentication (TOTP) when offered, as this significantly reduces the risk of unauthorised access.
  • Notify us immediately at security@cloudryption.com if you suspect your account has been compromised.
  • Accept responsibility for all activity that occurs under your account credentials.

We reserve the right to suspend or terminate accounts where we have reasonable grounds to believe that credentials have been compromised, misused, or shared in violation of these Terms.

4. Permitted Use and Restrictions

You may use the Service only for lawful purposes and in accordance with these Terms. You agree not to:

  • Use the Service to attack, compromise, scan, or probe cloud environments, systems, or infrastructure that you do not own or have explicit written authorisation to test.
  • Use the Service to develop, train, or improve any competing product or service, or to extract the Service's proprietary algorithms, models, or data structures through automated means (scraping, reverse engineering, or similar).
  • Attempt to gain unauthorised access to any part of the Service, its infrastructure, or data belonging to other customers.
  • Upload or introduce malicious code, malware, or any content that could disrupt, damage, or interfere with the Service or its users.
  • Circumvent, disable, or interfere with any security or authentication mechanisms of the Service.
  • Resell, sublicense, or provide access to the Service to third parties without our prior written consent.
  • Use the Service in any manner that violates applicable laws or regulations, including data protection laws.

5. Intellectual Property

All intellectual property rights in the Service — including its software, platform architecture, attack-path algorithms, graph engine, user interface, documentation, and trade marks — are owned by or licensed to Cloudryption. Nothing in these Terms transfers any ownership of those rights to you.

Subject to your compliance with these Terms, Cloudryption grants you a limited, non-exclusive, non-transferable, revocable licence to access and use the Service solely for your internal security operations during the term of your agreement with us.

Any feedback, suggestions, or ideas you provide about the Service may be used by Cloudryption without restriction or compensation.

6. Customer Data and Confidentiality

"Customer Data" means the cloud infrastructure data, configuration data, and security findings that you ingest into the Service from your own environments.

  • You retain ownership of all Customer Data.
  • You grant Cloudryption a limited licence to process Customer Data solely to provide the Service to you.
  • We will not access, use, or disclose Customer Data except as necessary to provide the Service, respond to support requests, comply with legal obligations, or enforce these Terms.
  • We will apply technical and organisational measures appropriate to the sensitivity of your Customer Data, consistent with the standards described in our Privacy Policy.

You are responsible for ensuring that you have the right to ingest Customer Data into the Service and that doing so complies with applicable laws, including any obligations to employees, contractors, or third parties whose data may be included.

7. Privacy

Our collection and use of personal data in connection with the Service is described in our Privacy Policy, which is incorporated into these Terms by reference. By using the Service you confirm that you have read and understood the Privacy Policy.

Where Cloudryption processes personal data on your behalf as a data processor (for example, personal data embedded in your Customer Data), we will process that data only in accordance with your documented instructions and applicable data protection law, including the GDPR where applicable.

8. Availability and Uptime

Cloudryption aims to provide a reliable and available Service but does not guarantee uninterrupted or error-free operation. Scheduled maintenance, infrastructure updates, and factors outside our reasonable control (including third-party cloud provider outages) may cause temporary unavailability.

We will endeavour to provide advance notice of planned maintenance windows where reasonably practicable. Any specific uptime commitments are set out in a separate service level agreement where applicable.

9. Disclaimer of Warranties

To the maximum extent permitted by applicable law, the Service is provided "as is" and "as available" without warranties of any kind, express or implied, including warranties of merchantability, fitness for a particular purpose, accuracy, or non-infringement.

Cloudryption does not warrant that:

  • The Service will be free of errors, bugs, or security vulnerabilities at all times.
  • Attack path analysis, risk scores, or remediation recommendations will be complete, accurate, or sufficient to prevent a security incident.
  • The Service will identify every attack path, misconfiguration, or vulnerability in your environment.

The Service is a decision-support tool. You retain full responsibility for the security decisions made on the basis of the Service's outputs.

9a. Data Processing and GDPR

Where Cloudryption processes Customer Personal Data on behalf of Customer as a processor, the Cloudryption Data Processing Addendum applies if incorporated into the applicable order form, master services agreement, enterprise agreement, pilot agreement, or other written agreement between the parties.

9b. Export Control and Sanctions Compliance

Customer may not use the Service in violation of applicable export control, sanctions, or trade compliance laws, including regulations administered by the U.S. Department of Commerce, U.S. Department of the Treasury (OFAC), or equivalent authorities. Customer may not make the Service available to sanctioned persons, embargoed jurisdictions, or prohibited end users.

If Customer is subject to export control jurisdiction, Customer is responsible for determining whether the Service or any recommendations constitute controlled technical data or technology and for complying with all applicable regulations.

9c. Cloud Provider Responsibility

Customer is responsible for maintaining its own cloud accounts, cloud provider agreements, API keys, credentials, access permissions, security group configurations, network policies, and authentication settings. Cloudryption is not responsible for:

  • Outages, unavailability, or access failures caused by third-party cloud providers (AWS, GCP, Azure, Kubernetes, etc.).
  • API rate limits, throttling, quota exhaustion, or service limitations imposed by cloud providers.
  • Changes to cloud provider APIs, features, pricing, or availability.
  • Customer's failure to maintain valid credentials, permissions, or access to cloud accounts.
  • Cloud provider security incidents, breach notifications, or compliance violations outside Cloudryption's control.

Customer should implement and maintain defence-in-depth security controls in its cloud environments independent of Cloudryption's recommendations.

10. Limitation of Liability

To the maximum extent permitted by applicable law, Cloudryption's total liability to you for any claims arising from or related to these Terms or the Service — whether in contract, tort (including negligence), or otherwise — shall not exceed the fees paid or payable by you to Cloudryption under the applicable order form in the twelve months preceding the claim. For free pilots or evaluations, Cloudryption's total liability shall not exceed EUR 1,000.

In no event will Cloudryption be liable for any indirect, incidental, special, consequential, or punitive damages, including loss of profits, loss of data, business interruption, or loss of goodwill, even if advised of the possibility of such damages.

Some jurisdictions do not allow limitation of implied warranties or exclusion of consequential damages, so some of the above limitations may not apply to you.

11. Indemnification

You agree to indemnify, defend, and hold harmless Cloudryption and its officers, employees, and agents from and against any claims, liabilities, damages, losses, and expenses (including reasonable legal fees) arising out of or in connection with:

  • Your use of the Service in violation of these Terms or applicable law.
  • Customer Data you ingest into the Service, including any claim that such data infringes third-party rights or violates applicable law.
  • Any misuse of security findings or recommendations produced by the Service.

12. Suspension and Termination

Cloudryption may suspend or terminate your access to the Service immediately, without prior notice, if:

  • You breach any provision of these Terms.
  • We are required to do so by law or a regulatory authority.
  • Your use of the Service poses a security risk to Cloudryption or other users.

You may close your account at any time by contacting support@cloudryption.com. Upon termination, your licence to use the Service ends immediately. Sections 5, 9, 10, 11, and 13 survive termination.

Following account deletion, your personal data will be removed within 30 days in accordance with our Privacy Policy.

13. Governing Law and Disputes

These Terms are governed by the laws of Poland, without regard to conflict-of-law principles. The courts competent for Cloudryption's registered office shall have exclusive jurisdiction, unless mandatory applicable law provides otherwise.

Any dispute arising from or relating to these Terms or the Service shall first be referred to good-faith negotiation between the parties. If unresolved within 30 days, the dispute shall be subject to the exclusive jurisdiction of the competent courts in Poland.

If you are a consumer in the EU, you may also use the European Commission's Online Dispute Resolution platform at ec.europa.eu/consumers/odr.

14. Changes to These Terms

We may update these Terms from time to time. When we do, we will update the effective date at the top of this page. For material changes, we will provide notice via the platform or by email to registered account holders where appropriate.

Your continued use of the Service after updated Terms take effect constitutes your acceptance of those Terms. If you do not agree to the revised Terms, you must stop using the Service and may request account deletion.

15. Contact

If you have questions about these Terms, or wish to notify us of a legal matter, please contact us:

Email: support@cloudryption.com

For privacy-related requests, please refer to our Privacy Policy for information on how to exercise your rights.