Skip to content

Terms of Service

Vulnetix VDB — Terms and Conditions

Welcome to Vulnetix! We provide a vulnerability database (VDB) service that aggregates publicly available security vulnerability data from multiple third-party sources, and makes it accessible via our website and API (Services), as set out in more detail on our website (Site).

In these Terms, when we say you or your, we mean you as an individual if you are accepting these Terms for yourself. If you are accepting these Terms on behalf of an entity (such as your employer) and you are authorised to do so, then you or your means that entity. When we say we, us, or our, we mean Vulnetix Pty Ltd (ACN 684 319 917).

These terms and conditions (Terms) form our contract with you, and set out our obligations as a service provider and your obligations as a customer. You cannot use the Services unless you agree to these Terms.

Some capitalised words in these Terms have defined meanings, and each time that word is used in these Terms it has the same meaning. You can find a list of the defined words and their meaning at the end of these Terms.

Our Disclosures

Please read these Terms carefully before you accept. We draw your attention to:

  • our privacy policy (on the Site) which sets out how we will handle your personal information;
  • clause 1.6 (Variations) which sets out how we may amend these Terms; and
  • clause 8 (Liability) which sets out exclusions and limitations to our liability under these Terms.

We may receive a benefit (which may include a referral fee or a commission) should you visit certain third party websites through a link in the Services, or for featuring certain goods or services on the Services.

These Terms do not intend to limit your rights and remedies at law, including any of your Consumer Law Rights.

1. Engagement and Term

These Terms apply from the time you agree to these Terms, until the date these Terms are terminated in accordance with their Terms (Term).

By accessing or using the Services (including by browsing the Site, submitting a query, or obtaining an API key), you agree to these Terms. If you do not agree, you must stop using the Services immediately.

Subject to your compliance with these Terms, we will provide you with access to the Services.

If we provide you with access to any new or beta services, you acknowledge that because of the developmental nature of such services, you use them at your own risk and we have no obligation to maintain or provide error corrections. Any new or beta services we provide you with access to are for evaluation purposes only and not for production use, and we may discontinue those services at any time at our sole discretion.

Where you engage third parties to operate alongside the Services (for example, any third-party software systems you wish to integrate with the Services), those third parties are independent of us and you are responsible for (meaning we will not be liable for) the goods or services they provide, unless we expressly agree otherwise.

We may amend these Terms at any time, by providing written notice to you. By clicking “I accept” or continuing to use the Services after the notice or 30 days after notification (whichever date is earlier), you agree to the amended Terms. If you do not agree to the amendment, you should cease using the Services.

For users who have not registered an Account, we will notify you of any amendments to these Terms by publishing updated Terms on the Site with a revised effective date. Your continued use of the Services after that date constitutes your acceptance of the amended Terms.

2. Account

You may access two versions of the Services:

  1. Public Tier — unauthenticated access to the Services via the Site, subject to rate limiting at our discretion; and
  2. Community Tier — access to the Services via a personal API key, available upon registration of an Account with a valid email address.

While you have an Account with us, you agree to:

  • keep your information up-to-date (and ensure it remains true, accurate and complete); and
  • notify us if you become aware of, or have reason to suspect, any unauthorised access to your Account or any logins linked to your Account.

If you close your Account, you will lose access to the Services.

3. Licence and Scope of Services

During the Term, we grant you a right to use our basic Services in accordance with these Terms. This right cannot be passed on or transferred to any other person.

The Services aggregate vulnerability data from multiple third-party sources. Much of this data is publicly available and open-source. We do not claim ownership of third-party data, and where that data is subject to an existing licence, that licence continues to apply to the data as provided to you.

Where we have created or enriched data ourselves, that data is made available under a Creative Commons Attribution Non-Commercial (CC BY-NC) licence, unless otherwise stated. You may use such data for any purpose except commercial resale or distribution for profit.

We make reasonable efforts to attribute data to its original source. However, we do not warrant that all third-party data is free from licensing restrictions, and you are responsible for ensuring your use of the data complies with any applicable third-party licence terms.

The Services provide information about known vulnerabilities based on data available to us at the time of publication. We do not warrant that:

  • the data is complete, accurate, or up to date;
  • the absence of a listed vulnerability means a package or system is free from vulnerabilities; or
  • any recommended version or configuration is free from security risk.

The Services are provided for informational purposes only and do not constitute security, technical, or risk management advice. You are solely responsible for any decisions made in reliance on the Services.

You must not use the Services in a manner that:

  • places an unreasonable or disproportionate load on our infrastructure (including bulk scraping or automated mass extraction of data);
  • is intended to replicate or commercially exploit our database or Services; or
  • drives up our operational costs in a manner inconsistent with normal use of the Services.

We may, at our sole discretion, apply rate limits, throttle access, or suspend your access to the Services if we reasonably believe your usage is inconsistent with fair use, without prior notice.

You must not:

  • access or use the Services in any way that is improper or breaches any laws, infringes any person’s rights (for example, intellectual property rights and privacy rights), or gives rise to any civil or criminal liability;
  • interfere with or interrupt the supply of the Services, or any other person’s access to or use of the Services;
  • introduce any viruses or other malicious software code into the Services;
  • use any unauthorised or modified version of the Services, including but not limited to for the purpose of building similar or competitive software or for the purpose of obtaining unauthorised access to the Services;
  • attempt to access any data or log in to any server or account that you are not expressly authorised to access;
  • use the Services in any way that involves service bureau use, outsourcing, renting, reselling, sublicensing, concurrent use of a single user login, or time-sharing;
  • circumvent user authentication or security of any of our networks, accounts or hosts or those of any third party;
  • access or use the Services to transmit, publish or communicate material that is defamatory, offensive, abusive, indecent, menacing, harassing or unwanted; or
  • access or use the Services if you are located in, or are a national or resident of, any country or territory subject to applicable sanctions laws or export control restrictions. We reserve the right to restrict access to the Services from certain jurisdictions at our sole discretion.

We may make available open-source plugins, integrations, or developer tools (including integrations with third-party developer environments) to facilitate access to the Services. Such tools are provided under their applicable open-source licence and are separate from the Services. We make no warranties in respect of such tools.

4. Availability, Disruption and Downtime

While we strive to always make the Services available to you, we do not make any promises that these will be available 100% of the time. The Services may be disrupted during certain periods, including, for example, as a result of scheduled or emergency maintenance.

The Services may interact with, or be reliant on, products or services provided by third parties, such as cloud hosting service providers. To the maximum extent permitted by law, we are not liable for disruptions or downtime caused or contributed to by these third parties.

5. Intellectual Property and Data

We own all intellectual property rights in the Services. This includes how the Services look and function, as well as our copyrighted works, trademarks, inventions, designs and other intellectual property. You agree not to copy or otherwise misuse our intellectual property without our written permission (for example, to reverse engineer or discover the source code of our intellectual property), and you must not alter or remove any confidentiality, copyright or other ownership notice placed on the Services.

We do not own the third-party vulnerability data aggregated through the Services. That data is sourced from publicly available third-party databases and remains subject to its original licence terms. Where we have created or enriched data ourselves, that data is made available under a Creative Commons Attribution Non-Commercial (CC BY-NC) licence. You may use that data for any purpose except commercial resale or distribution for profit.

When you use the Services, we may create anonymised statistical data from your data and usage of the Services (for example, through aggregation). Once anonymised, we own that data and may use it for our own purposes, such as to provide and improve the Services, to develop new services or product offerings, to identify business trends, and for other uses we communicate to you.

This clause 5 will survive the termination or expiry of these Terms.

6. Confidential Information and Personal Information

While using the Services, you may share confidential information with us, and you may become aware of confidential information about us. You agree not to use our confidential information, and to take reasonable steps to protect our confidential information from being disclosed without our permission, and we agree to do the same for your confidential information. This also means making sure that any employees, contractors, professional advisors or agents of ours or yours only have access to confidential information on a ’need-to-know basis’ (in other words, the disclosure is absolutely necessary), and that they also agree to not misuse or disclose such confidential information.

However, either you or we may share confidential information with legal or regulatory authorities if required by law to do so.

We collect, hold and disclose and use any Personal Information you provide to us in accordance with our privacy policy, available on the Site, and applicable privacy laws.

You must only disclose Personal Information to us if you have the right to do so (such as having the individual’s express consent).

We may need to disclose Personal Information to third parties, such as our related companies or our service providers (for example, IT and administrative service providers and our professional advisors).

Where we are required by law to report on our activities, you acknowledge that from time to time we may request certain information from you in order to meet our requirements, and you agree to provide us with such information within the timeframes reasonably requested by us.

This clause 6 will survive the termination or expiry of these Terms.

7. Consumer Law Rights

In some jurisdictions, you may have guarantees, rights or other remedies provided by law (Consumer Law Rights), and these Terms do not restrict your Consumer Law Rights. We will only be bound by your Consumer Law Rights and the express wording of these Terms.

If you accept these Terms in Australia, nothing in these Terms should be interpreted to exclude, restrict or modify the application of, or any rights or remedies you may have under, any part of the Australian Consumer Law (as set out in Schedule 2 of the Competition and Consumer Act 2010 (Cth)).

This clause 7 will survive the termination or expiry of these Terms.

8. Liability

The Services aggregate data from third-party sources. We do not warrant that the data is complete, accurate, current or free from error. We are not liable for any Liability arising from your reliance on the data, including any decision made in connection with a vulnerability assessment or remediation action.

To the maximum extent permitted by law, we will not be liable for, and you release us from liability for, any Liability caused or contributed to by, arising from or in connection with:

  • your computing environment (for example, your hardware, software, information technology and telecommunications services and systems);
  • the data shared via the Services; or
  • any use of the Services by a person or entity other than you.

Regardless of whatever else is stated in these Terms, to the maximum extent permitted by law:

  • neither we or you are liable for any Consequential Loss;
  • a party’s liability for any Liability under these Terms will be reduced proportionately to the extent the relevant Liability was caused or contributed to by the actions (or inactions) of the other party, including any failure by the other party to mitigate its loss; and
  • our aggregate liability to you for any Liability arising from or in connection with these Terms will be limited to AU$100.

This clause 8 will survive the termination or expiry of these Terms.

9. Suspension and Termination

Suspension

We may suspend your access to the Services where we reasonably believe there has been any unauthorised access to or use of the Services (such as the unauthorised sharing of login details for the Services). If we suspend your access to the Services, we will let you know within a reasonable time of doing so, and we will work with you to resolve the matter, or if it cannot be resolved, then we may terminate these Terms and your access to the Services will end.

Termination

We may terminate these Terms (meaning you will lose access to the Services) if:

  • you breach these Terms and do not remedy that breach within 14 days of us notifying you of that breach;
  • you breach these Terms and that breach cannot be remedied;
  • we decide to discontinue the Services, in which case we will provide you with written notice; or
  • you experience an insolvency event (including but not limited to bankruptcy, receivership, voluntary administration, liquidation, or entering into creditors’ schemes of arrangement).

You may terminate these Terms if we breach these Terms and do not remedy that breach within 14 days of you notifying us of that breach.

You may also terminate these Terms at any time by notifying us through your Account or to our email for notices (as set out in clause 10.8), and termination will take effect immediately.

Upon termination of these Terms, we will retain any data (including copies) as required by law or regulatory requirements.

Termination of these Terms will not affect any other rights or liabilities that we or you may have.

This clause 9 will survive the termination or expiry of these Terms.

10. General

Assignment: You may not transfer or assign these Terms (including any benefits or obligations you have under these Terms) to any third party without our prior written consent. We may assign or transfer these Terms to a third party, or transfer any debt owed by you to us to a debt collector or other third party.

Disputes: Neither we or you may commence court proceedings relating to any dispute, controversy or claim arising from, or in connection with, these Terms (including any question regarding its existence, validity or termination) (Dispute) unless we and you first meet (in good faith) to resolve the Dispute. Nothing in this clause will operate to prevent us or you from seeking urgent injunctive or equitable relief from a court of appropriate jurisdiction. If the Dispute is not resolved at that initial meeting:

  • where you are resident or incorporated in Australia, refer the matter to mediation, administered by the Australian Disputes Centre in accordance with Australian Disputes Centre Guidelines for Commercial Mediation; or
  • where you are not resident or incorporated in Australia, refer the matter to arbitration administered by the Australian Centre for International Commercial Arbitration, with such arbitration to be conducted in Sydney, New South Wales, before one arbitrator, in English and in accordance with the ACICA Arbitration Rules.

Events Outside Our Control: We will not be liable for any delay or failure to perform our obligations (including the Services), if such delay or failure is caused or contributed to by an event or circumstance beyond our reasonable control.

Governing law: These Terms are governed by the laws of New South Wales, and any matter relating to these Terms is to be determined exclusively by the courts in New South Wales and any courts entitled to hear appeals from those courts.

Illegal Requests: We reserve the right to refuse any request for or in relation to the Services that we deem inappropriate, unethical, unreasonable, illegal or otherwise non-compliant with these Terms.

Marketing: You agree that we may send you electronic communications about our products and services. You may opt-out at any time by using the unsubscribe function in our electronic communications.

Nature of Legal Relationship: These Terms do not create, and should not be interpreted so as to create, a partnership, joint venture, employment or agency relationship between us and you.

Notices: Any notice you send to us must be sent to the email set out at the beginning of these Terms. Any notice we send to you will be sent to the email address registered against your Account.

Professional Services Disclaimer: The Services do not constitute, and are not a substitute for, financial, legal or risk management advice.

11. Definitions

In these Terms:

Account means an account accessible to the individual or entity who signed up to the Services.

Consequential Loss includes any consequential loss, special or indirect loss, real or anticipated loss of profit, loss of benefit, loss of revenue, loss of business, loss of goodwill, loss of opportunity, loss of savings, loss of reputation, loss of use and/or loss or corruption of data, whether under statute, contract, equity, tort (including negligence), indemnity or otherwise. However, your obligation to pay us any amounts for access to or use of the Services (including the Services) will not constitute “Consequential Loss”.

Liability means any expense, cost, liability, loss, damage, claim, notice, entitlement, investigation, demand, proceeding or judgment (whether under statute, contract, equity, tort (including negligence), indemnity or otherwise), howsoever arising, whether direct or indirect and/or whether present, unascertained, future or contingent and whether involving a third party or us or you or otherwise.

Personal Information means any information or opinion about an identified individual, or an individual who is reasonably identifiable, whether the information or opinion is true or not, and whether the information or opinion is recorded in a tangible form or not.

Services means the services we provide to you, as detailed at the beginning of these Terms.