These Terms and Conditions ("Terms") govern your use of the SPOTTR software-as-a-service platform ("SPOTTR," the "Service," or the "Platform") provided by Veriti Incorporated, a Delaware corporation ("Veriti," "we," "our," or "us"). By using SPOTTR, you ("Customer," "you," or "your") agree to these Terms. If you do not agree, you may not access or use the Service.
SPOTTR is a web-based cybersecurity assessment and monitoring platform that performs domain and subdomain scans, collects and analyzes publicly available information, and provides cybersecurity scoring, reports, and recommendations. The Service may also request user-provided survey data regarding cybersecurity practices and policies.
You must be at least 18 years old and legally capable of entering into a binding agreement. If you use the Service on behalf of an organization, you represent and warrant that you are authorized to bind that organization to these Terms.
Users must register for an account, providing accurate and complete information. You are responsible for maintaining the confidentiality of your login credentials and for any activity under your account. Notify Veriti immediately of unauthorized access or use.
New users are eligible for a thirty (30)-day free trial. Continued use after the trial requires a paid subscription.
Subscriptions are billed monthly unless otherwise stated. You authorize Veriti to charge your payment method on a recurring basis until cancellation. Prices may be updated upon notice.
You may cancel your subscription at any time. Access continues until the end of the billing period; fees are non-refundable except as required by law.
Veriti grants you a limited, non-exclusive, non-transferable, revocable license to use SPOTTR for your internal business purposes in accordance with these Terms.
You may not:
You retain ownership of all data, information, and content uploaded to SPOTTR ("User Data"). By using SPOTTR, you grant Veriti a limited, non-exclusive, worldwide license to host, store, and process User Data solely to provide and improve the Service.
SPOTTR may collect and analyze publicly available data related to your domain(s) and company. This information is not considered confidential.
For users located in the European Economic Area (EEA), the United Kingdom, or Switzerland, Veriti acts as a data controller for personal data collected directly (e.g., account registration) and as a data processor for User Data uploaded by customers.
Veriti complies with the EU General Data Protection Regulation (GDPR) and implements appropriate technical and organizational measures to safeguard personal data.
Users have the right to:
To exercise these rights, contact: privacy@veriti.io
Veriti may process data in the United States or other countries with appropriate safeguards in place, including Standard Contractual Clauses (SCCs) for EU data transfers.
SPOTTR's scoring and reports are generated through automated analysis and self-reported data. They are intended for informational purposes only and do not guarantee compliance, protection, or immunity from cybersecurity risks.
All intellectual property rights in SPOTTR, including software, designs, algorithms, and trademarks, belong exclusively to Veriti or its licensors. You receive no ownership or implied license other than the limited right to use the Service under these Terms.
SPOTTR is provided "as is" and "as available," without warranties of any kind. Veriti disclaims all implied warranties, including merchantability, fitness for a particular purpose, and non-infringement.
To the fullest extent permitted by law, Veriti shall not be liable for any indirect, incidental, consequential, or special damages, including loss of profits, data, or goodwill.
Veriti's total cumulative liability shall not exceed the amount you paid during the twelve (12) months preceding the claim.
You agree to indemnify, defend, and hold harmless Veriti, its affiliates, officers, and employees from any claims, damages, liabilities, or expenses arising from your use of SPOTTR or violation of these Terms.
Veriti may suspend or terminate access to SPOTTR for any reason, including non-payment or misuse. Upon termination, your license to use the Service ends immediately.
Any disputes shall be resolved by binding arbitration administered by the American Arbitration Association (AAA) in Fairfax County, Virginia. Arbitration shall be conducted in English, and each party shall bear its own legal fees.
These Terms are governed by the laws of the Commonwealth of Virginia, without regard to its conflict-of-law rules.
If court action is required, exclusive jurisdiction lies with the state or federal courts in Virginia.
You are responsible for compliance with all local laws applicable to your use of SPOTTR, including data protection and privacy requirements.
Veriti may update these Terms periodically. The revised version will be effective upon posting on our website. Continued use constitutes acceptance of the updated Terms.
This Data Processing Addendum ("Addendum") forms part of the Terms and Conditions or other written agreement ("Agreement") between Veriti Incorporated and the Customer (collectively, the "Parties") governing the use of the SPOTTR platform ("Service").
This Addendum reflects the Parties' agreement concerning the processing of personal data under EU, UK, and Swiss data protection laws, including the General Data Protection Regulation (EU) 2016/679 ("GDPR"), the UK GDPR, and the Swiss Federal Data Protection Act (FDPA).
For purposes of this Addendum:
Veriti shall:
If Veriti receives a request from a Data Subject regarding their Personal Data processed through SPOTTR, Veriti shall:
Veriti will assist the Controller in responding to such requests to the extent reasonably possible.
Veriti implements appropriate measures to ensure the confidentiality, integrity, and availability of Personal Data, including:
Details of security practices are available upon request.
Veriti shall notify the Controller without undue delay after becoming aware of a Personal Data Breach. The notification shall include, where possible:
Upon termination or expiration of the Agreement, Veriti shall delete or return all Personal Data (including copies) within a reasonable period, unless retention is required by law or regulatory obligations.
Each Party's liability under this Addendum is subject to the limitations set forth in the main Agreement. Nothing in this Addendum limits a Data Subject's rights under Applicable Data Protection Laws.
This Addendum shall be governed by:
Disputes shall be resolved under the arbitration clause specified in the main Agreement.
In the event of conflict between this Addendum and other terms of the Agreement, this Addendum shall prevail with respect to data protection and privacy matters.