Terms of Service

1. Acceptance of Terms

These Terms of Service ("Terms") constitute a legally binding agreement between you ("Customer," "you," or "your") and GR IT Services LLC (also known as Ghulam Rasool IT Services LLC), a company registered in Dubai, United Arab Emirates ("GR IT Services," "we," "us," or "our"), governing your access to and use of the CISGuard compliance automation platform, including all associated software, documentation, agents, APIs, and the website at cisguard.ae (collectively, the "Service").

By accessing, downloading, installing, or using the Service, you acknowledge that you have read, understood, and agree to be bound by these Terms. If you are entering into these Terms on behalf of a company or other legal entity, you represent that you have the authority to bind such entity to these Terms, in which case "Customer" shall refer to such entity.

If you do not agree to these Terms, you must not access or use the Service.

2. Description of Service

CISGuard is an enterprise compliance automation platform that enables organizations to automate CIS benchmark compliance assessments, continuous monitoring, drift detection, and audit-ready reporting across their IT infrastructure. The platform supports Windows, Linux, cloud (Azure, AWS, Microsoft 365), container (Docker, Kubernetes), and related environments.

CISGuard is deployed on-premises within the Customer's infrastructure. The platform consists of:

• CISGuard Server: The central management server that hosts the API, dashboard, and database.
• CISGuard Agents: Lightweight agents deployed on target systems to perform compliance scans.
• CISGuard Dashboard: A web-based interface for managing agents, viewing compliance results, and generating reports.
• Documentation and benchmarks: CIS benchmark definitions and supporting documentation.

3. Account Registration

To use CISGuard, you must register an account. When registering, you agree to:

• Provide accurate, current, and complete registration information, including your full name, business email address, and organization details.
• Maintain and promptly update your registration information to keep it accurate and current.
• Maintain the confidentiality of your account credentials, including passwords and API keys, and not share them with unauthorized individuals.
• Accept responsibility for all activities that occur under your account, whether or not authorized by you.
• Use only one account per individual user. Shared accounts are not permitted unless explicitly approved in writing by GR IT Services.
• Notify GR IT Services immediately at sales@cisguard.ae if you become aware of any unauthorized use of your account or any other security breach.

4. License Grant

Subject to your compliance with these Terms and payment of applicable fees as set forth in your Order Form or subscription agreement, GR IT Services grants you a limited, non-exclusive, non-transferable, non-sublicensable, revocable license to install and use the CISGuard platform during the subscription term, solely for your internal business purposes and in accordance with the scope defined in your Order Form (including any limitations on the number of agents, servers, or users).

This license does not constitute a sale of the CISGuard software or any intellectual property rights therein. All rights not expressly granted herein are reserved by GR IT Services.

5. Restrictions

You agree that you will not, and will not permit any third party to:

• Reverse engineer, decompile, disassemble, or otherwise attempt to derive the source code, algorithms, or underlying structure of the CISGuard software, except to the extent expressly permitted by applicable law.
• Copy, reproduce, distribute, republish, download, display, post, or transmit the Service or any portion thereof in any form or by any means, except as expressly permitted herein.
• Sublicense, rent, lease, loan, sell, resell, or otherwise transfer the Service or access thereto to any third party without the prior written consent of GR IT Services.
• Use the Service to provide a managed service, service bureau, or similar commercial offering to third parties without a separate written agreement with GR IT Services.
• Use the Service for the purpose of benchmarking or competitive analysis against GR IT Services or any of its products, or to develop a competing product or service.
• Remove, alter, obscure, or tamper with any proprietary notices, labels, watermarks, or trademarks appearing on or within the Service.
• Use the Service in any manner that violates any applicable law, regulation, or third-party rights.
• Attempt to gain unauthorized access to any part of the Service, other accounts, computer systems, or networks connected to the Service.
• Use bots, scrapers, crawlers, or automated tools to access or extract content from the Service or website.
• Transmit viruses, malware, worms, or any code of a destructive nature.
• Attempt denial-of-service attacks or overload the Service infrastructure.
• Aggregate, republish, or redistribute any content from the Service or website.
• Submit content that is defamatory, libelous, or infringes on third-party rights.

6. Customer Responsibilities

As CISGuard is deployed on-premises, you are responsible for:

• Providing and maintaining the infrastructure required to run CISGuard, including servers, operating systems, databases, network connectivity, and related dependencies.
• Ensuring that only authorized personnel within your organization have access to the CISGuard platform and all data processed by it.
• Maintaining appropriate security measures for your infrastructure, including firewalls, access controls, encryption, and regular security updates.
• Complying with all applicable laws, regulations, and industry standards in connection with your use of the Service, including data protection, privacy, and cybersecurity regulations.
• Performing regular backups of all CISGuard data, including the database, configuration files, and scan results.
• Ensuring that your use of CISGuard does not infringe upon any third-party rights or violate any applicable law.

7. Intellectual Property

CISGuard, including all software code, architecture, documentation, benchmark definitions, APIs, user interfaces, designs, trade names, trademarks, service marks, logos, and all related intellectual property rights, are and shall remain the exclusive property of GR IT Services LLC. Nothing in these Terms grants you any right, title, or interest in or to the CISGuard intellectual property, except for the limited license expressly granted in Section 4.

The CISGuard name, logo, and related marks are trademarks of GR IT Services LLC. You may not use these marks without our prior written permission, except as reasonably necessary to identify your use of the Service.

8. Data Ownership

You own all data generated, collected, and stored by CISGuard within your infrastructure, including but not limited to compliance scan results, benchmark assessments, agent data, configuration data, reports, audit logs, and any other data produced by the platform ("Customer Data").

GR IT Services does not have access to Customer Data stored in your on-premises CISGuard deployment. We do not collect, process, store, or claim any rights over Customer Data.

You are solely responsible for the backup, security, and integrity of Customer Data. GR IT Services shall not be liable for any loss, corruption, or unauthorized access to Customer Data resulting from failures in your infrastructure, security practices, or backup procedures.

9. Payment Terms

Fees for the Service are as set forth in the applicable Order Form or subscription agreement executed between you and GR IT Services. Unless otherwise specified in your Order Form:

• All invoices are due and payable within thirty (30) days of the invoice date ("Net 30").
• All fees are non-refundable except as expressly stated in the Order Form or as required by applicable law.
• Late payments shall accrue interest at the rate of 1.5% per month (or the maximum rate permitted by applicable law, whichever is lower), calculated from the due date until the date of payment.
• GR IT Services reserves the right to suspend access to the Service or withhold support services if payment is more than thirty (30) days past due, upon written notice.
• All fees are exclusive of applicable taxes, duties, and levies, which are your responsibility.

10. Service Level

GR IT Services provides best-effort technical support for the CISGuard platform during standard business hours (Sunday through Thursday, 9:00 AM to 6:00 PM GST), unless otherwise specified in your Order Form or a separate support agreement.

As CISGuard is deployed on-premises within your infrastructure, GR IT Services does not provide an uptime Service Level Agreement (SLA). The availability, performance, and reliability of the CISGuard platform are dependent on your infrastructure, and you are responsible for maintaining the operational environment.

GR IT Services provides managed deployment support during initial onboarding, including server setup, agent deployment, SSO integration, and SIEM configuration, as agreed in your Order Form.

11. Warranty Disclaimer

THE SERVICE IS PROVIDED "AS IS" AND "AS AVAILABLE," WITHOUT WARRANTY OF ANY KIND, WHETHER EXPRESS, IMPLIED, STATUTORY, OR OTHERWISE. GR IT SERVICES SPECIFICALLY DISCLAIMS ALL WARRANTIES, INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE, AND NON-INFRINGEMENT.

Without limiting the foregoing, GR IT Services does not warrant that:

• The Service will meet all of your requirements or expectations.
• The Service will be uninterrupted, timely, secure, error-free, or free of viruses or other harmful components.
• The results obtained from the use of the Service will be accurate or reliable.
• Any errors in the Service will be corrected.
• The website or Service will be available at all times, will function without interruption or errors, or that the information provided will be accurate, complete, or current.

CISGuard is a compliance automation tool designed to assist organizations in assessing their compliance posture. It does not guarantee compliance with any standard, benchmark, regulation, or framework. Compliance is ultimately the Customer's responsibility, and CISGuard results should be used as one component of a comprehensive compliance program.

12. Limitation of Liability

TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, IN NO EVENT SHALL GR IT SERVICES' TOTAL AGGREGATE LIABILITY ARISING OUT OF OR RELATED TO THESE TERMS OR THE USE OF THE SERVICE EXCEED THE TOTAL AMOUNT OF FEES ACTUALLY PAID BY YOU TO GR IT SERVICES DURING THE TWELVE (12) MONTH PERIOD IMMEDIATELY PRECEDING THE EVENT GIVING RISE TO THE CLAIM.

IN NO EVENT SHALL GR IT SERVICES BE LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, PUNITIVE, OR EXEMPLARY DAMAGES, INCLUDING BUT NOT LIMITED TO DAMAGES FOR LOSS OF PROFITS, GOODWILL, USE, DATA, OR OTHER INTANGIBLE LOSSES, REGARDLESS OF WHETHER SUCH DAMAGES WERE FORESEEABLE AND WHETHER OR NOT GR IT SERVICES HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

GR IT Services shall have no liability for the Customer's compliance posture, audit outcomes, regulatory penalties, or any decisions made based on CISGuard scan results. The Customer is solely responsible for interpreting compliance results and implementing appropriate remediation measures.

13. Indemnification

You agree to indemnify, defend, and hold harmless GR IT Services, its officers, directors, employees, agents, affiliates, and licensors from and against any and all claims, demands, actions, liabilities, losses, damages, judgments, settlements, costs, and expenses (including reasonable attorneys' fees) arising out of or related to: (a) your use of the Service; (b) your violation of these Terms; (c) your violation of any applicable law, regulation, or third-party right; (d) any data, content, or materials processed by your CISGuard deployment; or (e) any unauthorized access to or use of the Service resulting from your failure to maintain adequate security measures.

14. Term and Termination

These Terms are effective as of the date you first access or use the Service and shall continue for the duration of your subscription term as specified in your Order Form. Unless otherwise stated, subscriptions are annual.

Either party may terminate these Terms:

• With thirty (30) days' prior written notice to the other party, effective at the end of the then-current subscription term.
• Immediately upon written notice if the other party materially breaches these Terms and fails to cure such breach within thirty (30) days after receiving written notice thereof.
• Immediately upon written notice if the other party becomes insolvent, files for bankruptcy, or ceases to operate in the ordinary course of business.

Upon termination or expiration of these Terms, your license to use the Service immediately terminates. You must cease all use of the CISGuard software and delete all copies in your possession or control.

You retain ownership of and access to all Customer Data stored in your on-premises infrastructure. GR IT Services has no obligation to maintain or provide access to Customer Data after termination, as such data resides entirely within your infrastructure.

15. Confidentiality

Each party ("Receiving Party") agrees that all non-public information disclosed by the other party ("Disclosing Party") in connection with these Terms or the Service that is designated as confidential or that reasonably should be understood to be confidential given the nature of the information and circumstances of disclosure ("Confidential Information") shall be kept confidential and shall not be disclosed to any third party without the prior written consent of the Disclosing Party.

Confidential Information includes, but is not limited to: software code, architecture, benchmark definitions, pricing, business plans, customer lists, technical specifications, security configurations, and compliance data.

The Receiving Party shall protect the Disclosing Party's Confidential Information using at least the same degree of care it uses to protect its own confidential information, but in no event less than reasonable care.

The confidentiality obligations under this section shall survive termination of these Terms for a period of three (3) years. These obligations do not apply to information that: (a) is or becomes publicly available through no fault of the Receiving Party; (b) was known to the Receiving Party prior to disclosure; (c) is independently developed by the Receiving Party without reference to the Confidential Information; or (d) is required to be disclosed by law, regulation, or court order, provided the Receiving Party gives prompt notice to the Disclosing Party.

16. Force Majeure

Neither party shall be liable for any failure or delay in performing its obligations under these Terms (other than payment obligations) to the extent that such failure or delay results from circumstances beyond the party's reasonable control, including but not limited to: acts of God, natural disasters, pandemics, epidemics, war, terrorism, civil unrest, government actions or orders, labor disputes, power outages, internet or telecommunications failures, cyberattacks, or failures of third-party service providers. The affected party shall give prompt written notice to the other party and shall use reasonable efforts to mitigate the effects of the force majeure event.

17. Third-Party Links

The Service and website may contain links to third-party websites or services. GR IT Services is not responsible for the content, privacy policies, or practices of any third-party websites. You acknowledge and agree that GR IT Services shall not be liable for any damage or loss caused by your use of or reliance on any third-party content.

18. Governing Law and Dispute Resolution

These Terms shall be governed by and construed in accordance with the laws of the Emirate of Dubai and the applicable federal laws of the United Arab Emirates, without regard to conflict of law principles.

Any dispute, controversy, or claim arising out of or in connection with these Terms, or the breach, termination, or invalidity thereof, shall be submitted to the exclusive jurisdiction of the Courts of Dubai, United Arab Emirates. Each party irrevocably consents to the personal jurisdiction and venue of such courts.

19. Statute of Limitations

Any cause of action or claim arising out of or relating to these Terms or the Service must be commenced within one (1) year after the cause of action accrues. After this period, such cause of action is permanently barred.

20. Severability

If any provision of these Terms is held to be invalid, illegal, or unenforceable by a court of competent jurisdiction, such provision shall be modified to the minimum extent necessary to make it valid, legal, and enforceable while preserving the original intent of the parties. If such modification is not possible, the provision shall be severed from these Terms, and the remaining provisions shall continue in full force and effect.

21. Entire Agreement

These Terms, together with any applicable Order Form, subscription agreement, Data Processing Agreement (DPA), and any other documents expressly incorporated by reference, constitute the entire agreement between you and GR IT Services with respect to the subject matter hereof and supersede all prior and contemporaneous understandings, agreements, representations, and warranties, whether written or oral. No amendment or modification of these Terms shall be effective unless in writing and signed by both parties. No waiver of any provision of these Terms shall constitute a waiver of any other provision or of the same provision on another occasion.

22. Contact

If you have any questions about these Terms of Service, please contact us: