1. Acceptance of Terms

By accessing or using Scalability Data Safeguard™ ("Service"), provided by Scalability Data Ltd Co ("Company," "we," "us," or "our"), you ("Customer," "you," or "your") agree to be bound by these Terms of Service ("Terms"). If you are entering into these Terms on behalf of a company or other legal entity, you represent that you have the authority to bind such entity to these Terms.

IF YOU DO NOT AGREE TO THESE TERMS, DO NOT USE THE SERVICE.

2. Description of Service

3. Critical Limitations and Disclaimers

3.1 Self-Assessment Platform, Not Certification Authority

SAFEGUARD PROVIDES SELF-ASSESSMENT TOOLS AND DOCUMENTATION RESOURCES. WE DO NOT:

• Provide legal advice or legal services
• Perform independent third-party CMMC assessments or certifications
• Verify, validate, or authenticate your self-attestations
• Guarantee CMMC certification outcomes at any level
• Act as a Certified Third-Party Assessment Organization (C3PAO)
• Guarantee compliance with DFARS, NIST SP 800-171, or any other regulations

While our team includes cybersecurity professionals with extensive defense industry experience, Safeguard provides tools for self-assessment and documentation—not independent verification or certification. For official CMMC certification, you must engage an authorized C3PAO. For complex or unique compliance situations, we recommend consulting additional qualified professionals with expertise specific to your organization's needs.

3.2 Your Responsibility for Attestation Accuracy

CRITICAL:

You are solely responsible for the accuracy and truthfulness of all self-attestations, responses, and documentation you create using the Service. Safeguard provides tools to organize and document your compliance efforts, but we do not:

• Verify that your self-attestations are accurate or truthful
• Validate that security controls are actually implemented in your environment
• Confirm that your documentation matches your actual security posture
• Guarantee that your attestations will satisfy C3PAO assessors

Inaccurate or false attestations may result in failed C3PAO assessments, loss of DoD contracts, regulatory penalties, and legal liability. You are solely responsible for ensuring all information you provide is accurate, complete, and reflects your actual security implementations.

3.3 No Guarantee of Assessment Outcomes

Use of the Service does not guarantee that you will:

• Achieve CMMC certification at any level
• Pass an independent C3PAO assessment
• Meet all DFARS 252.204-7012 or NIST SP 800-171 requirements
• Satisfy Department of Defense (DoD) contract requirements or customer expectations
• Avoid security breaches, data incidents, or cyber attacks
• Maintain continuous compliance with evolving standards
• Have your documentation accepted by assessors without modifications

CMMC certification is awarded exclusively by independent Certified Third-Party Assessment Organizations (C3PAOs). Assessment outcomes depend on your actual security implementations, organizational practices, evidence quality, and assessor interpretation—factors entirely outside our control.

3.4 Information Accuracy and Currency

While we strive to provide accurate and up-to-date information, CMMC requirements, DFARS clauses, NIST standards, and related regulations change frequently and are subject to interpretation by regulatory authorities and C3PAO assessors.

You are responsible for:

• Verifying all information against official government sources and current regulations
• Ensuring your implementation meets current requirements as they evolve
• Maintaining compliance with all applicable laws, regulations, and contractual obligations
• Consulting official CMMC Accreditation Body documentation and guidance
• Independently validating the applicability of any templates or guidance to your specific situation
• Monitoring for updates to CMMC requirements and adjusting your compliance program accordingly

3.5 Your Responsibility for Security Implementation

You are solely responsible for:

• Actually implementing appropriate security controls in your organization
• Customizing all templates, policies, and procedures to your specific environment and business processes
• Ensuring all security measures are properly configured, tested, and maintained
• Training your personnel on security policies, procedures, and their responsibilities
• Maintaining ongoing compliance with all applicable requirements
• Conducting regular security assessments, audits, and updates
• Verifying that your actual security posture matches what you attest to in the platform
• Implementing compensating controls where standard controls are not feasible
• Maintaining evidence that your controls are operating effectively

Safeguard provides tools to document what you claim to have implemented. Actual implementation of security controls, technical configurations, network architectures, and organizational policies is entirely your responsibility. The quality of your documentation does not substitute for actual security implementations.

4. Account Registration and Security

4.1 Account Creation

To use the Service, you must:

• Provide accurate, complete, and current registration information
• Maintain and promptly update your account information
• Be at least 18 years of age
• Have authority to bind your organization to these Terms (if applicable)
• Comply with all applicable laws and regulations in your jurisdiction

4.2 Account Security

You are responsible for:

• Maintaining the confidentiality and security of your login credentials
• All activities that occur under your account, whether authorized or unauthorized
• Immediately notifying us of any unauthorized access or security breach
• Using reasonable security measures to protect your account, including strong passwords and multi-factor authentication where available
• Ensuring that your personnel with access to the Service understand and comply with these Terms

We reserve the right to suspend or terminate accounts that we reasonably believe have been compromised or are being used in violation of these Terms.

5. Pricing, Payment, and Service Terms

5.1 Service Tiers and Pricing

We offer multiple service tiers with different features, deliverables, and professional service levels. Current tiers include Self-Service, Guided, and White Glove packages. Detailed pricing and features are available on our pricing page.

5.2 Payment Terms

• All fees are one-time payments due at the time of service engagement
• Payment is processed through Stripe, our third-party payment processor
• All fees are stated in U.S. Dollars and exclude applicable taxes
• You are responsible for all applicable sales, use, value-added, and other taxes
• Payment must be successfully completed before you receive access to the Service

5.3 What You're Purchasing

When you purchase a Safeguard service tier, you are paying for:

• Professional documentation development services
• Compliance attestation workflow and organizational tools
• Evidence management and secure storage capabilities
• PDF generation and export functionality
• Access to policy templates and compliance guidance appropriate to your tier
• Professional guidance and consultation hours (if included in your tier)

Additionally, you receive complimentary platform access for up to twelve (12) months to update, maintain, and export your compliance documentation. This platform access is provided as a courtesy to support ongoing compliance efforts and is not the primary service being purchased.

5.4 Payment Authorization and Failure

If payment authorization fails or is declined:

• Your service engagement will not be initiated until payment is successfully processed
• We reserve the right to cancel your order if payment cannot be completed within a reasonable timeframe
• You will not receive access to the Service until payment succeeds

Payment Disputes and Chargebacks:

If you initiate a chargeback, payment dispute, or reversal with your bank or payment provider after receiving services and platform access:

• Your account will be immediately suspended without notice
• All access to the Service and your compliance documentation will be revoked
• You will be liable for all fees plus collection costs, administrative fees, and legal fees
• We reserve the right to pursue all available legal remedies, including filing suit for payment
• Your account will not be restored until the dispute is resolved in our favor and all fees are paid in full

5.5 No Refunds Policy

ALL SALES ARE FINAL.

Because Safeguard provides professional services, custom documentation development, and delivers work product immediately upon payment, no refunds will be provided for any reason after you gain access to the platform. Because access to the Service provides immediate access to proprietary templates, methodologies, frameworks, and other intellectual property, all fees are non-refundable once access is granted.

Services are considered "delivered" and non-refundable once:

• You gain access to the compliance platform
• Templates and tools become available in your account
• You begin creating attestations or uploading evidence
• Professional guidance or consultation services are rendered (for Guided and White Glove tiers)

You are purchasing professional service delivery, documentation development tools, evidence management capabilities, and PDF generation functionality—not merely platform access. The included twelve-month platform access is provided as a courtesy benefit and does not constitute the primary value or deliverable of your purchase.

Cancellation, non-use of platform features, dissatisfaction with self-generated content, failure to achieve certification, or inability to pass C3PAO assessments do not entitle you to any refund.

If you have questions or concerns about the Service before purchasing, we strongly encourage you to contact us at support@scalabilitydata.com. We are happy to answer questions, provide demonstrations, or clarify what is included in each service tier.

5.6 Platform Access Period

Upon successful payment, you receive:

• Immediate access to compliance documentation tools and evidence management
• Professional guidance materials and templates appropriate to your service tier
• PDF generation and export capabilities
• Complimentary platform access for up to twelve (12) months to update and maintain your documentation

Your twelve-month access period begins on the date of your initial payment. Platform access beyond twelve months may require a renewal fee. Renewal pricing will be communicated to you before your access period expires, and renewal is entirely optional.

If you do not renew platform access, you will retain any documentation and PDFs you exported during your access period, but you will no longer be able to log in, make updates, or generate new exports.

5.7 Price Changes

We reserve the right to change pricing for our service tiers at any time. Price changes will not affect purchases already completed. If you purchase a service tier, your payment amount is locked in and will not change.

Optional renewal fees for extended platform access beyond twelve months may be established at our discretion and will be communicated to you in advance of your renewal date.

6. Data Handling and Privacy

6.1 Your Data

You retain all rights, title, and interest in and to the data you submit to the Service ("Customer Data"). Customer Data may include:

• Company and organizational information
• Security policies, procedures, and documentation
• System descriptions and technical documentation
• Assessment responses and compliance data
• Evidence files and supporting documentation
• Plans of Action and Milestones (POA&M)
• System Security Plans (SSP) and related materials

6.2 Our Use of Customer Data

We will only use Customer Data to:

• Provide, maintain, and improve the Service
• Generate reports, documentation, and compliance artifacts for you
• Provide customer support and technical assistance
• Comply with applicable legal obligations and lawful government requests
• Enforce these Terms and protect our rights and property
• Create aggregated, de-identified usage statistics (with no personally identifiable information)

We will not sell, rent, or share Customer Data with third parties for their marketing purposes.

6.3 Data Security

We implement commercially reasonable security measures to protect Customer Data, including:

• 256-bit encryption of data in transit using TLS/SSL protocols
• Encryption of sensitive data at rest
• Multi-layered access controls and authentication mechanisms
• Regular security assessments, audits, and penetration testing
• Secure data centers with physical and logical security controls
• Employee background checks and security training
• Incident response and breach notification procedures

However, no system is completely secure. We cannot and do not guarantee absolute security of your data. You acknowledge that you provide Customer Data at your own risk.

6.4 Zero-Access Encryption Model

Safeguard uses a zero-access encryption model for certain sensitive data and uploaded evidence. This means that Scalability Data cannot view, decrypt, or modify this encrypted content.

IMPORTANT: Due to this zero-access design, if you lose your password or authentication credentials, your encrypted data may become permanently inaccessible. Safeguard cannot recover lost or forgotten passwords or decrypt data on your behalf.

You are solely responsible for maintaining secure backups of critical data and safeguarding your authentication credentials.

6.5 Prohibited Data

DO NOT submit to the Service:

• Classified information of any kind (Confidential, Secret, Top Secret, or any other classification level)
• Controlled Unclassified Information (CUI) unless you have verified that the Service meets all applicable CUI safeguarding requirements for your specific use case
• Social Security Numbers, driver's license numbers, or other government-issued identification numbers
• Credit card numbers, bank account numbers, or other financial account information
• Protected Health Information (PHI) as defined by HIPAA
• Passwords, encryption keys, or other authentication credentials (except your own account credentials)
• Export-controlled technical data subject to ITAR or EAR without proper authorization
• Any data whose disclosure would violate applicable law, regulation, or contractual obligation

You are responsible for ensuring that any data you submit complies with all applicable laws and regulations, including but not limited to DFARS 252.204-7012, NIST SP 800-171, and any specific contractual requirements imposed by your customers or the Department of Defense.

6.6 Data Retention and Deletion

• We retain Customer Data as long as your account is active or as needed to provide the Service
• Upon account deletion, we will delete or anonymize your Customer Data within thirty (30) days
• Backup copies may persist in our systems for up to ninety (90) days
• We may retain certain data longer if required by law, legal hold, regulatory requirement, or for legitimate business purposes such as dispute resolution or fraud prevention
• Aggregated, de-identified data may be retained indefinitely

6.7 Privacy Policy

Our collection, use, and disclosure of personal information is governed by our Privacy Policy, which is incorporated into these Terms by reference. By using the Service, you consent to the practices described in our Privacy Policy.

7. Intellectual Property Rights

7.1 Service IP

The Service, including all software, algorithms, user interfaces, text, graphics, logos, trademarks, service marks, and other content (collectively, "Service IP"), is owned by Scalability Data Ltd Co and is protected by United States and international copyright, trademark, patent, trade secret, and other intellectual property laws.

Subject to your compliance with these Terms, we grant you a limited, non-exclusive, non-transferable, non-sublicensable, revocable license to access and use the Service solely for your internal business purposes in accordance with these Terms.

7.2 Customer IP

You retain all rights, title, and interest in and to Customer Data. By using the Service, you grant us a limited, worldwide, non-exclusive license to use, copy, store, transmit, display, and process Customer Data solely to the extent necessary to provide the Service to you and as described in these Terms and our Privacy Policy.

7.3 Generated Content

Content generated by the Service using your inputs (such as customized policies, procedures, reports, and compliance documentation) becomes your property upon generation. However:

• Underlying templates, frameworks, methodologies, and software remain our exclusive property
• You may customize, use, and distribute generated content for your internal business operations
• You may not resell, redistribute, or sublicense templates, frameworks, or Service functionality
• You may not reverse engineer, decompile, or create derivative works of the Service
• You may not remove or alter any proprietary notices, trademarks, or branding

7.4 Feedback

If you provide us with feedback, suggestions, ideas, or other input about the Service ("Feedback"), you grant us a perpetual, irrevocable, worldwide, royalty-free license to use, modify, and incorporate such Feedback into our products and services without any obligation or compensation to you.

7.5 Trademark Usage

"Scalability Data Safeguard" and the Safeguard shield logo are trademarks of Scalability Data Ltd Co. You may not use our trademarks without our prior written consent. Other trademarks, service marks, and trade names referenced in the Service are the property of their respective owners.

8. Prohibited Uses

You agree not to:

• Violate any applicable laws, regulations, or these Terms
• Infringe on any intellectual property rights or other proprietary rights
• Submit false, misleading, fraudulent, or unlawful information
• Attempt to gain unauthorized access to the Service, other accounts, systems, or networks
• Interfere with, disrupt, or create an undue burden on the Service or connected networks
• Use the Service to transmit viruses, malware, or other malicious code
• Use the Service to harm, threaten, harass, or violate the rights of others
• Use automated systems (bots, scrapers) without our written consent
• Reverse engineer, decompile, disassemble, or attempt to derive source code from the Service
• Remove, alter, or obscure any proprietary notices or labels
• Resell, sublicense, or redistribute the Service or access to the Service
• Use the Service for any illegal purpose or in violation of export control laws
• Benchmark or perform competitive analysis without our written consent
• Impersonate any person or entity or misrepresent your affiliation
• Access the Service to build a competitive product or service

9. Limitation of Liability

9.1 Disclaimer of Warranties

THE SERVICE IS PROVIDED "AS IS" AND "AS AVAILABLE" WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO:

• WARRANTIES OF MERCHANTABILITY
• WARRANTIES OF FITNESS FOR A PARTICULAR PURPOSE
• WARRANTIES OF NON-INFRINGEMENT
• WARRANTIES OF TITLE
• WARRANTIES OF ACCURACY, RELIABILITY, OR COMPLETENESS OF CONTENT
• WARRANTIES ARISING FROM COURSE OF DEALING OR USAGE OF TRADE
• WARRANTIES THAT THE SERVICE WILL BE UNINTERRUPTED, TIMELY, SECURE, OR ERROR-FREE

WE DO NOT WARRANT THAT:

• The Service will meet your specific requirements or expectations
• The Service will achieve compliance with any regulatory requirement
• The Service will result in CMMC certification at any level
• Generated content will be accurate, complete, current, or suitable for your purposes
• The Service will be available at all times or free from interruptions
• The Service will be secure, free from vulnerabilities, or immune from cyber attacks
• Defects or errors will be corrected
• Data will not be lost, corrupted, or compromised

You acknowledge that your use of the Service is at your sole risk. You are solely responsible for any damage to your computer system, loss of data, or other harm that results from your use of the Service.

9.2 Limitation of Damages

TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, IN NO EVENT SHALL SCALABILITY DATA LTD CO, ITS OFFICERS, DIRECTORS, EMPLOYEES, AGENTS, AFFILIATES, OR LICENSORS BE LIABLE FOR:

• Any indirect, incidental, special, consequential, exemplary, or punitive damages
• Loss of profits, revenue, data, goodwill, or business opportunities
• Business interruption or loss of use
• Cost of substitute goods or services
• Failure to achieve compliance, certification, or meet regulatory requirements
• Security breaches, data incidents, or unauthorized access to your systems
• Cyber attacks, malware, or other security threats
• Fines, penalties, or sanctions imposed by regulators or customers
• Loss or termination of contracts or business relationships
• Reputational harm or damage to business reputation
• Legal fees, settlement costs, or damages arising from third-party claims
• Any damages arising from your reliance on the Service, templates, or guidance provided

IN NO EVENT SHALL OUR TOTAL AGGREGATE LIABILITY TO YOU FOR ALL CLAIMS ARISING OUT OF OR RELATING TO THESE TERMS OR THE SERVICE EXCEED THE AMOUNT YOU ACTUALLY PAID US FOR THE SERVICE IN THE TWELVE (12) MONTHS IMMEDIATELY PRECEDING THE EVENT GIVING RISE TO LIABILITY, OR ONE HUNDRED DOLLARS ($100), WHICHEVER IS GREATER.

9.3 Basis of the Bargain

You acknowledge and agree that these limitations of liability are fundamental elements of the agreement between you and us, and that we would not provide the Service without these limitations. These limitations will apply regardless of whether we have been advised of the possibility of such damages and regardless of whether any remedy fails of its essential purpose.

9.4 State Law Variations

Some jurisdictions do not allow the exclusion or limitation of certain warranties or liabilities. In such jurisdictions, the above limitations and exclusions will apply only to the maximum extent permitted by applicable law.

10. Indemnification

You agree to indemnify, defend (at our option), and hold harmless Scalability Data Ltd Co, its parent, subsidiaries, affiliates, officers, directors, employees, agents, partners, contractors, and licensors from and against any and all claims, damages, losses, liabilities, costs, and expenses (including reasonable attorneys' fees and court costs) arising from or relating to:

• Your use or misuse of the Service
• Your violation of these Terms or any applicable law or regulation
• Your violation of any rights of any third party, including intellectual property rights, privacy rights, or contractual rights
• Customer Data or any content you submit to the Service
• Your implementation (or failure to implement) security controls or compliance requirements
• Any security breach, data incident, or unauthorized access occurring at your organization
• Your failure to achieve compliance, pass assessments, or meet regulatory requirements
• Your reliance on templates, guidance, or information provided through the Service
• Claims by your employees, contractors, customers, or other third parties
• Any negligent or willful misconduct by you or your employees

This indemnification obligation will survive termination of these Terms and your use of the Service.

11. Term and Termination

11.1 Term

These Terms begin when you first access or use the Service and continue until terminated by either party as described below.

11.2 Termination by You

You may terminate your account at any time by following the cancellation process in your account settings or by contacting us at support@scalabilitydata.com. Termination will be effective at the end of your current billing period.

11.3 Termination by Us

We may suspend or terminate your access to the Service immediately, with or without notice, if:

• You breach any provision of these Terms
• Your payment fails or your account becomes delinquent
• We are required to do so by law or court order
• Providing the Service to you becomes unlawful or impractical
• We reasonably believe your account has been compromised or is being used fraudulently
• We decide to discontinue the Service or materially modify its availability
• Your use of the Service poses a security or legal risk to us or other users

11.4 Effect of Termination

Upon termination of your account or these Terms:

• Your right to access and use the Service immediately ceases
• The license granted to you under Section 7 immediately terminates.
• You remain liable for all fees and charges incurred prior to termination
• We may delete your Customer Data in accordance with our data retention policies
• You must immediately cease all use of Service IP and any generated content containing Service IP
• All provisions of these Terms that by their nature should survive will survive, including but not limited to ownership provisions, warranty disclaimers, indemnification, and limitations of liability

12. Modifications to Terms

We reserve the right to modify these Terms at any time. We will notify you of material changes by:

• Posting the updated Terms on our website with a new "Last Updated" date
• Sending an email notification to the address associated with your account
• Displaying a prominent notice within the Service

Material changes will take effect thirty (30) days after we provide notice, except where we are required by law to make changes effective immediately. Non-material changes will take effect immediately upon posting. Your continued use of the Service after changes take effect constitutes your acceptance of the modified Terms.

If you do not agree to modified Terms, you must stop using the Service and cancel your account. We will refund any prepaid fees for service you will not receive due to early termination caused by material changes you do not accept.

13. Modifications to Service

We reserve the right to:

• Modify, suspend, or discontinue any feature, functionality, or aspect of the Service at any time
• Change pricing, subscription plans, and service tiers
• Impose or modify usage limits, restrictions, or quotas
• Perform scheduled or emergency maintenance that temporarily interrupts the Service
• Update templates, guidance, or educational content to reflect regulatory changes

We will provide reasonable advance notice of material changes to the Service when possible, but are not obligated to do so for minor changes, security updates, or emergency maintenance.

14. Governing Law and Dispute Resolution

14.1 Governing Law

These Terms and any disputes arising out of or relating to these Terms or the Service shall be governed by and construed in accordance with the laws of the State of Texas, without regard to its conflict of law principles.

14.2 Venue and Jurisdiction

Any legal action or proceeding arising out of or relating to these Terms or the Service shall be brought exclusively in the state or federal courts located in Tarrant County, Texas. You irrevocably consent to the personal jurisdiction of these courts and waive any objection to venue in these courts.

14.3 Informal Dispute Resolution

Before filing any formal legal action, you agree to first contact us at legal@scalabilitydata.com to attempt to resolve the dispute informally. We will attempt to resolve the dispute through good faith negotiations for a period of sixty (60) days.

14.4 Binding Arbitration

For disputes involving claims of Ten Thousand Dollars ($10,000) or less, either party may elect binding arbitration as an alternative to litigation. Arbitration shall be conducted by a single arbitrator under the Commercial Arbitration Rules of the American Arbitration Association. The arbitration shall take place in Tarrant County, Texas, or by videoconference at the arbitrator's discretion. The arbitrator's decision shall be final and binding, and judgment may be entered in any court of competent jurisdiction.

14.5 Class Action Waiver

YOU AGREE TO BRING CLAIMS ONLY IN YOUR INDIVIDUAL CAPACITY AND NOT AS A PLAINTIFF OR CLASS MEMBER IN ANY PURPORTED CLASS, COLLECTIVE, REPRESENTATIVE, MULTIPLE PLAINTIFF, OR SIMILAR PROCEEDING. YOU AND WE AGREE THAT CLAIMS MAY NOT BE JOINED OR CONSOLIDATED UNLESS AGREED TO IN WRITING BY ALL PARTIES. YOU WAIVE ANY RIGHT TO A JURY TRIAL.

15. General Provisions

15.1 Entire Agreement

These Terms, together with our Privacy Policy and any other policies or agreements referenced herein, constitute the entire agreement between you and Scalability Data Ltd Co regarding the Service and supersede all prior or contemporaneous understandings, agreements, representations, and warranties.

15.2 Severability

If any provision of these Terms is found to be invalid, illegal, or unenforceable by a court of competent jurisdiction, the remaining provisions will remain in full force and effect to the maximum extent permitted by law. The invalid provision will be modified to the minimum extent necessary to make it valid and enforceable.

15.3 Waiver

Our failure to enforce any right or provision of these Terms does not constitute a waiver of that right or provision. No waiver of any provision of these Terms shall be deemed a further or continuing waiver of such provision or any other provision.

15.4 Assignment

You may not assign, transfer, or delegate these Terms or your rights and obligations under these Terms without our prior written consent. Any attempted assignment in violation of this provision is void. We may freely assign these Terms to any affiliate, subsidiary, successor, or purchaser of all or substantially all of our assets without your consent.

15.5 Force Majeure

We shall not be liable for any failure or delay in performance due to circumstances beyond our reasonable control, including but not limited to acts of God, natural disasters, war, terrorism, civil unrest, labor disputes, telecommunications failures, internet outages, government actions, or pandemics.

15.6 Government Use

If you are a U.S. Government entity or contractor, the Service is provided as "Commercial Computer Software" and "Commercial Computer Software Documentation" as defined in FAR 2.101 and DFARS 252.227-7014, and is subject to standard commercial license terms rather than government purpose rights.

15.7 Export Compliance

You agree to comply with all applicable U.S. and international export control laws and regulations, including the Export Administration Regulations (EAR) and International Traffic in Arms Regulations (ITAR). You represent that you are not located in, under the control of, or a national or resident of any country to which the United States has embargoed goods.

15.8 Independent Contractors

The parties are independent contractors. These Terms do not create any agency, partnership, joint venture, or employment relationship between you and us.

15.9 Third-Party Beneficiaries

These Terms do not confer any third-party beneficiary rights. No person or entity not a party to these Terms shall have any right to enforce any provision of these Terms.

15.10 Notices

All notices required or permitted under these Terms shall be in writing and delivered to the email address associated with your account (for notices to you) or to legal@scalabilitydata.com (for notices to us). Notices shall be deemed given when sent.

16. Contact Information

If you have questions about these Terms, please contact us:

17. Acknowledgment

BY ACCESSING OR USING THE SERVICE, YOU ACKNOWLEDGE THAT YOU HAVE READ THESE TERMS, UNDERSTAND THEM, AND AGREE TO BE BOUND BY THEM. YOU FURTHER ACKNOWLEDGE THAT:

• The Service provides self-assessment tools and documentation resources, not independent certification or verification
• You are solely responsible for the accuracy and truthfulness of all attestations you create using the platform
• We do not verify, validate, or authenticate your self-attestations or claim that your controls are actually implemented
• You are responsible for actually implementing security controls that match your attestations
• We make no guarantees regarding compliance, certification, or C3PAO assessment outcomes
• Our liability is strictly limited as described in these Terms
• You are responsible for verifying that any templates or guidance are appropriate for your specific circumstances
• CMMC requirements and DoD regulations are subject to change, and you are responsible for staying current
• All sales are final and no refunds will be provided after you receive access to the platform, including because access provides immediate exposure to proprietary templates and other Service IP
• Platform access beyond twelve months may require optional renewal fees