Terms of Service.

Last Updated: June 28, 2024

From everyone at Breachsiren, thank you for using our platform! Here are our Terms of Service.

When we say “Company”, “we”, “our”, or “us” in this document, we are referring to Breachsiren LLC.

When we say “Services”, we mean our breachsiren.com and any product created and maintained by Breachsiren LLC including but not limited to breachsiren.com platform or Breachsiren Enterprise API.

When we say “You” or “your”, we are referring to the people or organizations that own an account with one or more of our Services.

We may update these Terms of Service ("Terms") in the future on our website. Whenever we make a significant change to our policies, we will refresh the date at the top of this page and take any other appropriate steps to notify account holders.

When you use our Services, now or in the future, you are agreeing to the latest Terms. There may be times where we do not exercise or enforce a right or provision of the Terms; however, that does not mean we are waiving that right or provision. These Terms do contain a limitation of our liability among others terms.

If you violate any of the Terms, we may terminate your account. That’s a broad statement and it means you need to place a lot of trust in us. We do our best to deserve that trust by being open about who we are, how we work, and keeping an open door to your feedback.

Account Terms

You are responsible for maintaining the security of your account and password and for ensuring that any of your users do the same. The Company cannot and will not be liable for any loss or damage from your failure to comply with this security obligation. We recommend all users set up single sign-on (SSO) with two-factor authentication for added security.

You may not use the Services for any purpose outlined in our Use Restrictions policy, and you may not permit any of your users to do so, either.

You are responsible for all content posted to and activity that occurs under your account, including content posted by and activity of any users in your account.

You must be a human. Accounts registered by “bots” or other automated methods are not permitted.

Limited License to Access and Use

  1. License.  BreachSiren LLC (“BreachSiren”) hereby grants to you, conditioned on your continued compliance with these Terms, a personal, limited, revocable, time-limited, nonexclusive, nontransferable, nonassignable right to access and use certain data compiled, edited, and organized by BreachSiren (the “BreachSiren Data”), for the term of the Agreement (the “Term”).

  2. Use and Internal Distribution.  You are permitted to use BreachSiren Data, and to circulate copies of BreachSiren Data within your own organization, for the sole purposes of evaluating your vendor and potential vendor risks, performing information security analytical activities regarding your organization and your vendors and potential vendors, and/or informing your underwriting activities.  You agree to notify BreachSiren immediately upon your reasonable suspicion that you have inadvertently transferred BreachSiren Data to any third party, and reasonably to cooperate with BreachSiren in its prompt recovery of such data.

Restrictions on License (“Use Restrictions”)

The foregoing license is restricted.  You may not copy, reproduce, transmit or distribute to third parties, display, rent, lease, sell, private label, remove or alter any proprietary notices or labels on, create derivative works of, mirror, frame, or sublicense the BreachSiren Data in any manner not expressly permitted by these Terms.  You expressly agree that you will not:

  1. Utilize the BreachSiren Data for the purpose of commercially competing with BreachSiren or publicly harming its reputation;

  2. Utilize the BreachSiren Data for the purpose of exploiting any security vulnerability disclosed within the BreachSiren Data, or to facilitate such exploitation by any other person or entity;

  3. Utilize the BreachSiren Data for the purpose of influencing any securities or other financial market, or for the purpose of trading in securities on the basis of material nonpublic information; or

  4. Utilize or transmit the BreachSiren Data in a manner prohibited by applicable export laws, orders, restrictions, or regulations. 

Proprietary Rights

BreachSiren shall own all right, title, and interest in and to the BreachSiren Data, including the right to market and/or license the BreachSiren Data to other parties, and you shall have no rights therein other than as specifically provided hereunder.  You expressly acknowledge and agree that BreachSiren transfers no ownership or intellectual property interest or title in and to the BreachSiren Data to you or anyone else.  Except as expressly provided herein, BreachSiren does not grant any express or implied right to you or any other entity under any intellectual or proprietary rights.

Nature of BreachSiren Data

  1. You acknowledge the following:

    1. Regardless of whether the BreachSiren Data incorporates publicly available information, BreachSiren has expended significant resources gathering, compiling, and analyzing the BreachSiren Data; and

    2. The BreachSiren Data is the valuable property of BreachSiren, constitutes intellectual property created and owned by it, and constitutes valuable trade secrets of BreachSiren.

    3. BreachSiren represents that the BreachSiren Data does not infringe the bona fide intellectual property rights of any third party.

Payment, Refunds, and Plan Changes

For paid Services that offer a free trial, we explain the length of trial when you sign up. After the trial period, you need to pay in advance to keep using the Service. If you do not pay, we will freeze your account and it will be inaccessible until you make payment. If your account has been frozen for a while, we will queue it up for auto-cancellation. See our Cancellation policy for more details.

All fees are exclusive of all taxes, levies, or duties imposed by taxing authorities. Where required, we will collect those taxes on behalf of the taxing authority and remit those taxes to taxing authorities. See our Taxes policy for more details. Otherwise, you are responsible for payment of all taxes, levies, or duties.

Cancellation and Termination

You are solely responsible for properly canceling your account. Within each of our Services, we provide a simple no-questions-asked cancellation link. You can find instructions for how to cancel your account in our Cancellation policy. An email or phone request to cancel your account is not automatically considered cancellation. If you need help canceling your account, you can always contact our Support team.

Your account will be inaccessible from the Services immediately upon account cancellation. Within 30 days, all watchlist content will be deleted from active systems and logs. Within 60 days, your account will be deleted from our backups. We cannot recover this information once it has been permanently deleted.

If you want to export any data before your account is canceled, please contact our Support team.

We have the right to suspend or terminate your account and refuse any and all current or future use of our Services for any reason at any time. Suspension means you and any other users on your account will not be able to access the account or any content in the account. Termination will furthermore result in the deletion of your account or your access to your account, and the forfeiture and relinquishment of all content in your account. We also reserve the right to refuse the use of the Services to anyone for any reason at any time. We have this clause because statistically speaking, out of the hundreds of thousands of accounts on our Services, there is at least one doing something nefarious. There are some things we staunchly stand against and this clause is how we exercise that stance. For more details, see our Use Restrictions policy. Verbal, physical, written or other abuse (including threats of abuse or retribution) of a Company employee or officer will result in immediate account termination.

Modifications to the Service and Prices

We reserve the right at any time to modify or discontinue, temporarily or permanently, any part of our Services with or without notice.

Sometimes we change the pricing structure for our products. When we do that, we tend to exempt existing customers from those changes. However, we may choose to change the prices for existing customers. If we do so, we will give at least 30 days notice and will notify you via the email address on record. We may also post a notice about changes on our websites or the affected Services themselves.

Uptime, Security, and Privacy

Your use of the Services is at your sole risk. We provide these Services on an “as is” and “as available” basis. We do not offer service-level agreements for most of our Services — here’s the one exception — but do take uptime of our applications seriously. Visit https://status.breachsiren.com to see the status of our Services.

We reserve the right to temporarily disable your account if your usage significantly exceeds the average usage of other customers of the Services. Of course, we’ll reach out to the account owner before taking any action except in rare cases where the level of use may negatively impact the performance of the Service for other customers.

We take many measures to protect and secure your data through backups, redundancies, and encryption. We enforce encryption for data transmission from the public Internet. There are some edge cases where we may send your data through our network unencrypted.

When you use our Services, you entrust us with your data. We take that trust to heart. You agree that Breachsiren may process your data as described in our Privacy Policy and for no other purpose. We as humans can access your data for the following reasons:

To help you with support requests you make. We’ll ask for express consent before accessing your account.

On the rare occasions when an error occurs that stops an automated process partway through. We get automated alerts when such errors occur. When we can fix the issue and restart automated processing without looking at any personal data, we do. In rare cases, we have to look at a minimum amount of personal data to fix the issue. In these rare cases, we aim to fix the root cause to prevent the errors from recurring.

To safeguard Breachsiren. We’ll look at logs and metadata as part of our work to ensure the security of your data and the Services as a whole. If necessary, we may also access accounts as part of an abuse report investigation.

To the extent required by applicable law. As a US company with all data infrastructure located in the US, we only preserve or share customer data if compelled by a US government authority with a legally binding order or proper request under the Stored Communications Act, or in limited circumstances in the event of an emergency request. If a non-US authority approaches Breachsiren for assistance, our default stance is to refuse unless the order has been approved by the US government, which compels us to comply through procedures outlined in an established mutual legal assistance treaty or agreement mechanism. If Breachsiren is audited by a tax authority, we only share the bare minimum billing information needed to complete the audit.

We use third party vendors and hosting partners to provide the necessary hardware, software, networking, storage, and related technology required to run the Services. Under the California Consumer Privacy Act (“CCPA”), Breachsiren is a “service provider”, not a “business” or “third party”, with respect to your use of the Services. That means we process any data you share with us only for the purpose you signed up for and as described in these Terms, the Privacy policy, and other policies. We do not retain, use, disclose, or sell any of that information for any other commercial purposes unless we have your explicit permission. And on the flip-side, you agree to comply with your requirements under the CCPA and not use Breachsiren’s Services in a way that violates the regulations.

Copyright and Content Ownership

All content submitted to our platform must comply with U.S. copyright law. We provide details on how to file a copyright infringement claim.

You give us a limited license to use the content posted by you and your users in order to provide the Services to you, but we claim no ownership rights over those materials.

We do not pre-screen content, but we reserve the right (but not the obligation) in our sole discretion to refuse or remove any content that is available via the Service.

The Company or its licensors own all right, title, and interest in and to the Services, including all intellectual property rights therein, and you obtain no ownership rights in the Services as a result of your use. You may not duplicate, copy, or reuse any portion of the HTML, CSS, JavaScript, or visual design elements without express written permission from the Company. You must request permission to use the Company’s logos or any Service logos for promotional purposes. Please email us requests to use logos. We reserve the right to rescind any permissions if you violate these Terms.

You agree not to reproduce, duplicate, copy, sell, resell or exploit any portion of the Services, use of the Services, or access to the Services without the express written permission of the Company.

Features and Bugs

We design our Services with care, based on our own experience and the experiences of customers who share their time and feedback. However, there is no such thing as a service that pleases everybody. We make no guarantees that our Services will meet your specific requirements or expectations.

We also test all of our features extensively before shipping them. As with any software, our Services inevitably have some bugs. We track the bugs reported to us and work through priority ones, especially any related to security or privacy. Not all reported bugs will get fixed and we don’t guarantee completely error-free Services.

Services Adaptations and API Terms

We offer Application Program Interfaces (“API”s) for our Breachsiren platform. Any use of the API, including through a third-party product that accesses the Services, is bound by these Terms plus the following specific terms:

  • You expressly understand and agree that we are not liable for any damages or losses resulting from your use of the API or third-party products that access data via the API.

  • Third parties may not access and employ the API if the functionality is part of an application that remotely records, monitors, or reports a Service user’s activity other than time tracking, both inside and outside the applications. The Company, in its sole discretion, will determine if an integration service violates this bylaw. A third party that has built and deployed an integration for the purpose of remote user surveillance will be required to remove that integration.

  • Abuse or excessively frequent requests to the Services via the API may result in the temporary or permanent suspension of your account’s access to the API. The Company, in its sole discretion, will determine abuse or excessive usage of the API. If we need to suspend your account’s access, we will attempt to warn the account owner first. If your API usage could or has caused downtime, we may cut off access without prior notice.

Liability

We mention liability throughout these Terms but to put it all in one section:

You expressly understand and agree that the Company shall not be liable, in law or in equity, to you or to any third party for any direct, indirect, incidental, lost profits, special, consequential, punitive or exemplary damages, including, but not limited to, damages for loss of profits, goodwill, use, data or other intangible losses (even if the Company has been advised of the possibility of such damages), resulting from: (i) the use or the inability to use the Services; (ii) the cost of procurement of substitute goods and services resulting from any goods, data, information or services purchased or obtained or messages received or transactions entered into through or from the Services; (iii) unauthorized access to or alteration of your transmissions or data; (iv) statements or conduct of any third party on the service; (v) or any other matter relating to these Terms or the Services, whether as a breach of contract, tort (including negligence whether active or passive), or any other theory of liability. You expressly absolve and release BreachSiren from any claim of harm resulting from your use or non-use of BreachSiren Data, or the inclusion or exclusion of any particular information within the BreachSiren Data.  MOREOVER, IN NO EVENT SHALL BREACHSIREN BE LIABLE FOR ANY INDIRECT, PUNITIVE, INCIDENTAL, SPECIAL, OR CONSEQUENTIAL DAMAGES ARISING OUT OF OR IN ANY WAY CONNECTED WITH THE USE OF THE BREACHSIREN DATA OR OF ANY BREACHSIREN WEBSITE OR SOFTWARE, WHETHER BASED IN CONTRACT, TORT, STRICT LIABILITY, OR OTHERWISE, EVEN IF BREACHSIREN HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.  NOTWITHSTANDING THE FOREGOING, THE TOTAL LIABILITY OF BREACHSIREN FOR ANY REASON WHATSOEVER RELATED TO THE BREACHSIREN DATA SHALL NOT EXCEED THE TOTAL AMOUNT PAID BY YOU TO BREACHSIREN IN CONNECTION WITH THE SUBJECT MATTER OF THE PARTICULAR DISPUTE DURING THE PRIOR THREE MONTHS.

In other words: choosing to use our Services does mean you are making a bet on us. If the bet does not work out, that’s on you, not us. We do our darnedest to be as safe a bet as possible through careful management of the business; investments in security, infrastructure, and talent; and in general giving a damn. If you choose to use our Services, thank you for betting on us.

Other Terms

DISCLAIMER.  WHILE BREACHSIREN ENDEAVORS TO PROVIDE RELIABLE DATA, THE BREACHSIREN DATA AND ANY OTHER INFORMATION FURNISHED BY BREACHSIREN TO YOU IS PROVIDED ON AN “AS-IS” AND “AS AVAILABLE” BASIS, AND MAY INCLUDE ERRORS, OMISSIONS, OR OTHER INACCURACIES.  YOU ASSUME THE SOLE RISK OF MAKING USE OF AND/OR RELYING ON THE INFORMATION PROVIDED TO YOU BY BREACHSIREN.  BREACHSIREN MAKES NO REPRESENTATIONS OR WARRANTIES ABOUT THE SUITABILITY, COMPLETENESS, TIMELINESS, OR ACCURACY OF THE BREACHSIREN DATA, AND BREACHSIREN MAKES NO REPRESENTATIONS OR WARRANTIES ABOUT THE RESULTS THAT CAN BE ACHIEVED OR HAZARDS THAT CAN BE AVOIDED FROM THE USE OF THE BREACHSIREN DATA OR THAT IT WILL MEET YOUR NEEDS.  BREACHSIREN EXPRESSLY DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING, WITHOUT LIMITATION, ANY WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NON-INFRINGEMENT OR ANY OTHER IMPLIED WARRANTY.  BREACHSIREN ALSO MAKES NO REPRESENTATION OR WARRANTY THAT ANY WEBSITE OR SOFTWARE OPERATED BY IT WILL OPERATE ERROR FREE OR IN AN UNINTERRUPTED FASHION.

Indemnification.  You agree to defend, indemnify, and hold harmless BreachSiren and its affiliates and all of their respective employees, agents, directors, officers, shareholders, attorneys, successors, and assigns from and against any and all claims, proceedings, damages, injuries, liabilities, losses, costs, and expenses (including reasonable attorneys' fees and litigation expenses) relating to or arising from any breach by you of these Terms.

Payment and Invoices.  The fees identified in your invoice form are due and payable as specified on such form.  All such fees are stated in United States Dollars and do not include any applicable taxes.

Term and Termination.  The Term shall be as specified on your invoice form.

  1. Termination.  BreachSiren reserves the right at any time, if it has any reasonable belief of use of BreachSiren Data violative of these Terms, to deny you access to the BreachSiren Data.   If either party breaches a provision of the Agreement, the other party shall give the breaching party written notice of such breach.  If you are the breaching party and you fail to cure the breach within thirty (30) days, BreachSiren shall have the right to terminate the Agreement and all licenses and access granted hereunder.  If the breach is a failure by you to pay any amount when due, BreachSiren shall have the right to terminate the Agreement upon written notice to you.  If BreachSiren is the breaching party and fails to cure the Agreement within thirty (30) days, you shall have the right to terminate the Agreement upon written notice to BreachSiren.

  2. Deletion on Termination.  You agree that, following any termination of your account, you will immediately (1) discontinue any use of the BreachSiren Data and (2) delete all internal copies, including backup copies and copies that may be attached to email messages, of BreachSiren Data in your possession.

Miscellaneous

Titles.  Titles and section headings in these Terms are for the convenience of the parties and are not a part of these Terms.

Governing Law.  The Agreement, including these Terms, shall be construed and governed solely in accordance with the laws of the United States of America and of the State of Ohio, without giving effect to its conflict of laws provisions.  Any action arising out of the Agreement shall be brought only in the state and federal courts located in Franklin County, Ohio, and you irrevocably consent to venue and jurisdiction therein and hereby waive any right to object to jurisdiction or venue or to request a transfer therefrom.

Equitable Relief.  You acknowledge that any breach, threatened or actual, of these Terms will cause irreparable injury to BreachSiren, such injury would not be quantifiable in monetary damages, and BreachSiren would not have an adequate remedy at law.  You therefore agree that BreachSiren shall be entitled, in addition to other available remedies, to seek and be awarded an injunction or other appropriate equitable relief from a court of competent jurisdiction restraining any breach, threatened or actual, of your obligations under any provision of these Terms.  Accordingly, you hereby waive any requirement that BreachSiren post any bond or other security in the event any injunctive or equitable relief is sought by or awarded to BreachSiren to enforce any provision of these Terms.

Assignment.  You may not assign the Agreement or any license granted hereunder for any reason (except for an assignment by operation of law in connection with a merger or similar transaction) without the prior express written consent of BreachSiren.

Force Majeure.  Neither party will be responsible for any failure or delay in its performance (other than failure to pay) under the Agreement due to causes beyond its reasonable control which makes performance commercially impractical, including but not limited to, labor disputes, strikes, lockouts, shortages of or inability to obtain labor, energy, Internet access, raw materials or supplies, war, riot, or act of God.

Notices.  In the case of any required notice to a party under this agreement, such notice shall be in writing and shall be deemed to have been duly given when sent by nationally recognized overnight delivery service or First Class U.S. Mail (receipt requested), or by email, to the addresses set forth on the invoices form.

Relationship Between the Parties.  No joint venture, partnership, employment, or agency relationship exists between you and BreachSiren as a result of the Agreement or your use of BreachSiren Data.

Entire Agreement.  The Agreement constitutes the entire understanding between the parties with respect to the subeject matter hereof, and supersedes all prior agreements and understandings, whether oral or written.  There are no representations, promises, warranties, or understandings relied upon by you which are not contained herein.

Partial Invalidity.  If any provision of the Agreement shall be held to be void, invalid, or unenforceable by a court of competent jurisdiction or on account of a conflict with an applicable government regulation, such decision shall not affect the validity or enforceability of all the remaining provisions, and the void, invalid, or unenforceable provision shall be modified in compliance with applicable law in a manner that most closely matches the intent of the original language.

Waiver.  The failure by any party to insist on strict performance of any of the terms and conditions of the Agreement shall not operates as a waiver of that or any subsequent default or failure of performance.

Survival.  Obligations relating to BreachSiren Data and to pay any amount owed by you to BreachSiren as of the expiration or termination of the Agreement shall survive termination.

If you have a question about any of these Terms, please contact our Support team at info@breachsiren.com.