top of page

Services Policy

VAEL Direct-to-Consumer Cybersecurity Monitoring Service Agreement

Effective Date:
Provider: SecurityInsecurity LLC (“Provider,” “we,” “us”)
Customer: (“Customer,” “you”)

By purchasing, activating, or using this Service, you acknowledge that you have read, understood, and agreed to every term in this agreement.

 

Scope of Service

  1. Provider will provide software, active licenses, and will remotely assist with the installation and initial configuration of ESET PROTECT agents (“Software”) on Customer devices to support remote cybersecurity monitoring. The purpose of which is to identify and remediate malware, ransomware, spyware, and other notable threats.

  2. The Service is limited to monitoring, alerting, reporting, and cybersecurity recommendations. Provider does not guarantee detection, prevention, removal, or remediation of any threats, malware, or unauthorized access.

  3. Customer is solely responsible for following Provider recommendations, implementing security best practices, and acting on alerts. Provider is not liable for Customer inaction or failure to remediate detected issues.

 

Customer Obligations

  1. Customer shall provide accurate device information, maintain reliable internet connectivity, system power, and regular software updates on all covered devices.

  2. Customer shall not interfere, modify, reverse-engineer, bypass, or tamper with the Software or monitoring systems. Such activities nullify any warrantees and can result in termination of this agreement, without refund.

  3. Customer acknowledges that failure to comply may limit Service effectiveness, and Provider is not liable for resulting security breaches, data loss, or device issues.

  • In the event that Customer non-compliance results in the ineffective operation of the Software, the Provider is not responsible for remediation activities.  

  1. Customer is responsible for frequent backup of all personal and critical data; Provider does not perform backups or data restoration except as explicitly agreed to in a separate contract.

  2. Customer agrees to be bound by the End User Licensing Agreements (EULA) and terms and conditions of all ESET tools utilized (https://legal.eset.com/)

  3. Customer systems must be configured with an approved operating system, per the ESET Supported Operating Systems list (https://help.eset.com/protect_cloud/en-US/operating_systems.html)

  4. Customer acknowledges that Software automations may change the normal operation of their systems to a minor degree and that these impacts are outside of the control of the Provider.

On-Demand Risk Reports

Provider may generate and deliver risk reports from its monitoring software only upon Client’s request, up to twice per contract cycle. Delivery timelines for on-demand reports will be determined based on the complexity of the request and Provider’s current workload. Provider is not obligated to provide risk reports on a regular or recurring basis unless otherwise agreed in writing.

 

Limitations:

  1. The Provider will support the Customer with one annual consultation for remediation activities resulting from a hack, breach, compromise, or data spill. This consultation shall not exceed a total of 5 combined hours.

  2. Additional incident response support can be purchased by the Customer for subsequent security incidents/events.

 

Fees, Billing, and Termination

  1. Service fees are $175.00 USD per year, unless otherwise discounted.

  2. Fees are non-refundable, except as required by law.

  3. Provider may suspend or terminate the Service immediately for nonpayment, misuse, breach of terms, or illegal activity.

  4. Termination does not absolve Customer of prior obligations, including payment or indemnification.

 

Privacy and Data Collection

  1. Provider collects system, security, and threat-related data from Customer devices.

  2. Provider will not access personal files, emails, communications, passwords, or financial data without explicit written consent.

  3. Provider will never control the Customer devices, remotely or in-person.

  4. Data analyzed may include system logs, threat alerts, configuration data, and Software status.

  5. Provider uses industry-standard security practices, but cannot guarantee complete protection of collected data.

  6. Customer consents to data collection, processing, storage, and analysis, including cross-device monitoring if multiple devices are enrolled.

 

Incident Response and Service Timelines
Provider will respond to up to one reported security incident per annual contract cycle according to the following priority levels. Note that Incident Response support will not be automatic and must be initiated by the Customer via a direct request via electronic mail or phone call:

  • Critical Issues (e.g., system outages, confirmed security breaches, or issues resulting in complete loss of service): Provider will respond within 24 hours of notification.

  • High Priority Issues (e.g., significant service degradation, suspected security events, or issues severely impacting business operations): Provider will respond within 2 business days of notification.

  • Medium Priority Issues (e.g., functionality impaired but business operations are not critically impacted): Provider will respond within 5 business days of notification.

  • Low Priority Issues (e.g., general questions, non-urgent requests, or cosmetic issues): Provider will respond within 10 business days of notification.

For purposes of this Agreement, “respond” means that Provider will acknowledge receipt of the issue and initiate investigative or remedial action. Resolution times may vary depending on the complexity and severity of the incident.

 

Disclaimers

  1. THE SERVICE IS PROVIDED “AS IS” AND “AS AVAILABLE.”

  2. PROVIDER MAKES NO EXPRESS OR IMPLIED WARRANTIES, INCLUDING MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT, OR CONTINUOUS AVAILABILITY.

  3. CUSTOMER ACKNOWLEDGES THAT CYBERSECURITY IS INHERENTLY RISKY, AND NO SERVICE CAN ELIMINATE ALL THREATS OR GUARANTEE DEVICE SECURITY.

  4. Provider is not responsible for third-party software or operating system vulnerabilities, nor any security failures resulting from such vulnerabilities.

  5. Provider will not assist with Software troubleshooting after the confirmation of a successful initial installation.

 

Reporting of Illegal Activity
Client acknowledges and agrees that if Provider, in the course of delivering services under this Agreement, discovers or reasonably suspects evidence of illegal activity, Provider may be legally or ethically obligated to report such activity to the appropriate law enforcement or regulatory authorities. Provider shall not be liable to Client for any disclosure made in good faith pursuant to such obligations.

 

Compliance with Law
Client acknowledges and agrees that if Provider becomes aware of evidence of illegal activity during the course of services, Provider shall comply with all applicable laws and regulations, which may include reporting such activity to the appropriate law enforcement or regulatory authorities. Provider shall not be liable to Client for any disclosure made in good faith in compliance with applicable legal requirements.

 

​

Limitation of Liability

TO THE MAXIMUM EXTENT PERMITTED BY LAW, PROVIDER IS NOT LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, OR PUNITIVE DAMAGES, INCLUDING:

  • Loss, corruption, or theft of data

  • Financial or business losses

  • Device malfunction, downtime, or reduced performance

  • Unauthorized access, hacking, or cyberattack events

Customer agrees that provider’s total liability for any claim is strictly limited to the total fees paid by customer in the 12 months prior to the claim. This limitation applies regardless of legal theory, including contract, tort, negligence, strict liability, or otherwise.

 

Indemnification

Customer shall indemnify, defend, and hold harmless Provider, its officers, directors, employees, agents, and affiliates from all claims, damages, losses, liabilities, costs, or expenses arising from:

  1. Misuse or unauthorized use of the Service

  2. Failure to follow Provider recommendations or alerts

  3. Violation of laws or these Terms

  4. Actions or inactions causing harm to devices, data, or third parties

 

Consent and Acknowledgment

Customer explicitly consents to:

  1. Installation and operation of Software

  2. Collection, storage, and analysis of system and security data

  3. Remote monitoring, alerts, and guidance

  4. Customer acknowledges that the Service does not prevent malware, cyberattacks, or unauthorized access.

  5. Customer confirms understanding of risks, limitations, and responsibilities and agrees to assume all responsibility for any resulting consequences.

 

Regulatory Compliance

  1. Provider is not responsible for compliance with HIPAA, GLBA, PCI-DSS, or other regulatory frameworks.

  2. Customers in regulated industries must ensure the Service meets their obligations.

  3. Provider may terminate service if Customer requests actions that violate law, regulation, or Software licensing agreements.

 

Force Majeure

Provider is not liable for delays or failures due to events beyond its reasonable control, including:

  1. Natural disasters, power outages, internet failures

  2. Cyberattacks, malware outbreaks, or other security incidents

  3. Governmental actions, labor disputes, or acts of God

 

Dispute Resolution and Arbitration

  1. All disputes will first attempt resolution via good faith negotiation.

  2. Unresolved disputes are subject to binding arbitration in New York State.

  3. Customer waives the right to participate in class actions or collective proceedings.

  4. Arbitration costs will be allocated as determined by the arbitrator, except as prohibited by law.

 

Termination

  1. Either party may terminate with written notice.

  2. Termination does not release prior obligations or accrued fees.

  3. Customer must uninstall Software and secure devices after termination.

  4. Provider reserves the right to terminate immediately for illegal activity, violation of Terms, or misuse of Service.

 

Miscellaneous

  1. This agreement is the entire agreement; no oral or written statements modify it.

  2. Governing law is New York, with venue in East Northport, New York.

  3. If any provision is invalid, the remainder is enforceable.

  4. Customer confirms they have read, understood, and accepted every provision prior to purchase.

  5. Customer acknowledges that they have had the opportunity to consult legal counsel before accepting.

  6. Purchasing of this service constitutes a formal acknowledgement and agreement to all parts. 

bottom of page