Effective Date: March 18, 2026
These Terms of Service ("Terms") govern your use of celvexgroup.com and all services provided by CELVEX Group ("CELVEX Group," "we," "us," "our"). By using our website or services, you agree to these Terms.
Our philosophy is simple: we are your trusted security partner. Everything we do is designed to help you identify and address security issues before bad actors find them. These Terms exist to protect both of us so we can focus on that shared mission.
By accessing our website, using our free scan tool, or engaging our paid services, you acknowledge that you have read, understood, and agree to be bound by these Terms. If you do not agree, please do not use our website or services.
If you are accepting these Terms on behalf of an organization, you represent and warrant that you have the authority to bind that organization.
CELVEX Group offers a free external security scan tool on our website as a courtesy to the security community and to organizations seeking to understand their external security posture. By using it, you agree to the following:
The free scan tool performs passive reconnaissance only, using publicly available data sources such as DNS records, certificate transparency logs, HTTP headers, WHOIS data, and similar public information. It does not:
The free scan tool is, in essence, gathering information that is already publicly visible to anyone on the internet and organizing it in a useful way for you.
The free scan tool and all results generated by it are provided "AS IS" and "AS AVAILABLE," without warranties of any kind, whether express, implied, statutory, or otherwise. CELVEX Group expressly disclaims all warranties, including but not limited to implied warranties of merchantability, fitness for a particular purpose, accuracy, completeness, reliability, and non-infringement.
The free scan is a limited, automated assessment provided as a courtesy. It is not a substitute for a comprehensive security audit. Findings may be incomplete, inaccurate, or outdated. The absence of findings does not mean a system is secure.
By using the free scan tool, you accept all risk associated with its use and with any decisions you make based on its output. You acknowledge that you are solely responsible for evaluating the accuracy, completeness, and usefulness of any information provided.
You may only use the free scan tool to scan domains you own or have explicit written authorization to scan. By submitting a domain, you represent and warrant that you have the legal authority to do so.
You may not:
We reserve the right to suspend or terminate access to the free scan tool for any user who violates these terms, without notice.
Paid services -- including but not limited to penetration testing, security assessments, vulnerability assessments, code audits, and advisory retainers -- are governed by individual Statements of Work (SOW), service agreements, or contracts executed between CELVEX Group and the client.
In the event of any conflict between these Terms and a signed SOW or contract, the SOW or contract governs for the specific engagement in question.
All paid penetration testing and security assessment work is conducted only within the scope explicitly defined in a signed Statement of Work. This includes:
CELVEX Group will not test systems, applications, or environments that are not explicitly within the agreed scope, regardless of what we may discover during the engagement.
Security testing, by its nature, involves interacting with live systems in ways that could potentially cause service disruption, unexpected behavior, or other impacts -- even when conducted carefully and professionally.
By engaging CELVEX Group for paid security testing, the client acknowledges and accepts the inherent risks of authorized security testing. CELVEX Group is not liable for any service disruption, data loss, system instability, application errors, or other impacts that may occur during authorized testing activities within the scope and testing windows that the client has approved, provided that CELVEX Group performed the testing in accordance with the SOW.
We take every reasonable precaution to minimize impact, and we work closely with your team to ensure testing is conducted safely. But security testing is not a zero-risk activity, and both parties should understand that.
This is important, and we want to be absolutely clear:
CELVEX Group does NOT perform denial-of-service (DoS) attacks, distributed denial-of-service (DDoS) attacks, heavy load testing, stress testing, or any form of destructive testing against production systems.
The only exception is when all of the following conditions are met:
Outside of these conditions, CELVEX Group will never intentionally generate traffic volumes, request rates, or system loads designed to test the capacity or availability of a client's systems.
This applies to all engagements -- free scan, paid penetration testing, advisory, and any other service we offer.
All scanning tools, methodologies, techniques, AI models, machine learning systems, scanning templates, internal playbooks, proprietary software, custom scripts, detection rules, and proprietary techniques developed or used by CELVEX Group remain the exclusive intellectual property of CELVEX Group. Clients receive the output of our work, not the tools or methods themselves.
This intellectual property is the foundation of our ability to serve all our clients effectively. Protecting it ensures we can continue to invest in and improve these capabilities for everyone's benefit.
All reports, findings, and deliverables produced for a client under a paid engagement belong to the client upon full payment. Clients may use, distribute, and act on their reports as they see fit within their organization and with their advisors.
Until full payment is received, CELVEX Group retains all rights in the deliverables. Upon payment, ownership transfers to the client, and CELVEX Group retains no rights to the specific deliverable content except as needed for our internal records and quality assurance.
Results from the free scan tool are provided for your informational use. You may share them within your organization and with your advisors. You may not present them as the output of your own tools or services, or use them in any commercial offering without our written permission.
If you provide us with feedback, suggestions, or ideas regarding our services, you grant CELVEX Group an unrestricted, perpetual, irrevocable, royalty-free license to use that feedback for any purpose, including improving our services. We appreciate feedback -- it makes us better.
To the maximum extent permitted by applicable law:
Security is inherently uncertain. No security assessment, no matter how thorough, can guarantee the discovery of all vulnerabilities in a system. The threat landscape evolves continuously, new vulnerabilities emerge daily, and no methodology -- automated or manual -- can provide absolute assurance.
CELVEX Group is not liable for:
Our services reduce risk. They do not eliminate it. We do our best work on every engagement, and we stand behind the quality of that work -- but we cannot guarantee outcomes in an inherently adversarial and unpredictable domain.
If we report a vulnerability to you and you choose not to remediate it, or you delay remediation, CELVEX Group bears no responsibility for any consequences that arise from that decision. Our job is to find and report. Your job is to decide what to do about it. We are happy to advise, but the decision and the responsibility are yours.
You agree to indemnify, defend, and hold harmless CELVEX Group, its officers, directors, employees, contractors, and agents from and against any and all claims, damages, losses, liabilities, costs, and expenses (including reasonable attorney fees and legal costs) arising from or related to:
This indemnification obligation survives the termination of these Terms and the completion of any engagement.
We want to be transparent about our intentions. CELVEX Group exists to help organizations improve their security posture. Our entire business model is built on trust -- clients trust us with access to their systems, and we honor that trust by acting with integrity, professionalism, and care.
We will always:
We ask that you extend the same good faith to us. These Terms exist not because we expect problems, but because clear ground rules allow both parties to focus on what matters: making your organization more secure.
Neither party will be liable for any failure or delay in performing its obligations under these Terms where such failure or delay results from circumstances beyond the reasonable control of that party. This includes, but is not limited to: natural disasters, pandemic, epidemic, acts of government, war, terrorism, civil unrest, labor disputes, power failures, internet or telecommunications failures, cyberattacks against either party, or failures of third-party service providers.
If a force majeure event continues for more than 30 consecutive days, either party may terminate the affected engagement upon written notice.
We may suspend or terminate your access to any of our services if we reasonably believe you have violated these Terms. Where possible, we will provide notice before doing so, but we reserve the right to act immediately when necessary to protect our systems, our clients, or third parties.
We may update these Terms from time to time. We will post the updated version on this page with a new effective date. For paid service clients with active engagements, material changes will be communicated via email at least 30 days in advance. Your continued use of our services after changes are posted constitutes acceptance of the revised Terms.
These Terms are governed by the laws of the applicable jurisdiction in which CELVEX Group is incorporated, without regard to conflict of law principles.
Any disputes arising from these Terms will first be subject to good-faith negotiation for 30 days. If unresolved, disputes will be resolved by binding arbitration under applicable commercial arbitration rules in the jurisdiction where CELVEX Group is incorporated. Each party bears its own costs unless the arbitrator decides otherwise.
Nothing in this section prevents either party from seeking injunctive relief in a court of competent jurisdiction to protect its intellectual property or confidential information.
Class action waiver: To the maximum extent permitted by applicable law, any dispute resolution proceedings will be conducted on an individual basis and not as part of a class, consolidated, or representative action.
If any provision of these Terms is found to be unenforceable or invalid, that provision will be modified to the minimum extent necessary to make it enforceable, or if it cannot be modified, it will be severed. The remaining provisions remain in full force and effect.
These Terms, together with any applicable Statement of Work, service agreement, or contract, constitute the entire agreement between you and CELVEX Group regarding the subject matter herein. They supersede all prior or contemporaneous oral or written communications, proposals, and representations with respect to the services.
Our failure to enforce any provision of these Terms at any time does not waive our right to enforce that or any other provision in the future.
For questions about these Terms: legal@celvexgroup.com
↑ Back to top