• Legal

Terms of Service

These terms govern your use of UX3 Security ("the Service", "we", "our"). By creating an account or installing our agent, you agree to these terms. If you don't agree, don't use the Service.

The short version: use the Service responsibly, don't try to abuse or break it, don't use it to attack others. We provide the Service as-is and try our best to keep it running, but it's a security tool — you remain responsible for your own site's security. Either of us can end this agreement at any time.

1. Account requirements

  • You must be at least 16 years old to use the Service.
  • You must provide accurate registration information and keep it updated.
  • You're responsible for keeping your password and API tokens confidential.
  • You're responsible for all activity that occurs under your account.
  • If you're using the Service on behalf of an organization, you confirm you have authority to bind that organization to these terms.

2. Acceptable use

You agree not to:

  • Use the Service to attack, probe, or interfere with sites you don't own or aren't authorized to protect
  • Reverse-engineer, decompile, or attempt to extract source code from any part of the Service that isn't open-source
  • Resell, sublicense, or redistribute the Service without written permission (the open-source agent and WordPress plugin are exempt and licensed under their own terms)
  • Use the Service to store or transmit malware, viruses, or other harmful code
  • Attempt to circumvent rate limits, billing controls, or access restrictions
  • Use the Service in a way that violates any law in your jurisdiction or the jurisdiction where the protected site is hosted
  • Misrepresent the source or accuracy of data submitted via the API

We reserve the right to suspend accounts that violate these rules without prior notice if the violation is serious (e.g. attacks against our infrastructure, abuse of API quotas, or use of the Service for illegal activity).

3. Your responsibilities

  • Site backups — the Service is not a backup tool. Maintain your own backups.
  • Server maintenance — keep your server, PHP, and web stack up to date. Our agent can't protect against vulnerabilities in unpatched core software.
  • Configuration review — periodically review your firewall rules, ban lists, and allow-lists. The defaults are reasonable but your site may have specific needs.
  • False positives — if our rules block legitimate traffic, use the allow-list to whitelist it. We can't catch every edge case.
  • Account credentials — change your password if you suspect compromise. Rotate API tokens via your dashboard if a token is leaked.

4. Service availability

We aim for high availability but make no formal SLA at this time. The Service may be unavailable due to:

  • Scheduled maintenance (we'll announce in advance where possible)
  • Emergency maintenance (security patches, infrastructure incidents)
  • Force majeure events (network outages, natural disasters)

Our agent caches firewall rules locally for several minutes. If our API is briefly unreachable, your site stays protected using cached rules. If our API is unreachable for an extended period, the agent skips silently rather than break your site — but your firewall protection will not update during that window.

5. Pricing & payment (paid plans only)

If you're on a paid plan:

  • Fees are billed in advance for the subscription period (monthly or annually)
  • Prices are listed in your dashboard and may change with 30 days' notice
  • Refunds are available within 14 days of initial purchase, prorated thereafter at our discretion
  • Failed payments may result in service suspension after a grace period — we'll notify you by email
  • You can cancel anytime; cancellation takes effect at the end of the current billing period

6. Intellectual property

The Service (excluding the agent and WordPress plugin) is owned by us and protected by copyright. The open-source agent and WordPress plugin are licensed under GPL-2.0-or-later — you can use, modify, and redistribute them under those terms.

You retain all rights to your own site content, configuration, and data. By using the Service, you grant us a limited license to process your data as described in our Privacy Policy for the purpose of providing the Service.

Aggregate, anonymized threat intelligence derived from data we collect (e.g. patterns of attack volume across all customers) is owned by us and may be used to improve the Service or published in research.

7. Termination

You can delete your account at any time from the dashboard. Your data will be retained for 30 days after deletion (in case of accidental deletion) and then permanently purged.

We may suspend or terminate your account if:

  • You violate these terms
  • You fail to pay fees on a paid plan after the grace period
  • We're legally required to do so
  • The Service is being discontinued (we'll provide at least 60 days' notice)

On termination, your access to the dashboard ends and the agent on your sites will stop receiving rule updates. You should remove the agent from your sites after termination.

8. Disclaimers

The Service is provided "AS IS" without warranties of any kind. While we work hard to detect and block threats, no security tool can guarantee 100% protection. New attack types emerge continuously, and rules may have false negatives. The Service is one layer of defense, not a substitute for general security practices.

We do not warrant that:

  • The Service will be uninterrupted, error-free, or secure from all attacks
  • Threat detection rules will catch every malicious request
  • The Service will be compatible with every server configuration
  • Defects will be corrected within any specific timeframe

9. Limitation of liability

To the maximum extent permitted by law, our total liability arising out of or related to these terms or the Service is limited to the amount you paid us in the 12 months preceding the claim (or USD $100 if you're on a free plan).

We are not liable for:

  • Indirect, incidental, consequential, or punitive damages
  • Loss of profits, revenue, data, or business opportunity
  • Damages caused by attacks that bypass our protection
  • Damages caused by configuration errors on your part
  • Damages caused by issues outside our reasonable control (your hosting provider, third-party plugins, etc.)

Some jurisdictions don't allow these limitations — in those cases, our liability is limited to the smallest amount the law permits.

10. Indemnification

You agree to indemnify and hold us harmless from claims arising out of:

  • Your use of the Service in violation of these terms
  • Your violation of any law or third-party right
  • Content or data you submit to the Service

11. Changes to these terms

We may update these terms from time to time. Material changes will be announced by email to account holders at least 14 days before taking effect. Continuing to use the Service after that period means you accept the updated terms. If you don't accept them, you can cancel before they take effect.

12. Governing law & disputes

These terms are governed by the laws applicable in our principal place of business. Disputes will first be addressed informally — contact us at legal@ux3security.com and we'll work to resolve in good faith. Where informal resolution fails and where allowed, disputes are subject to the exclusive jurisdiction of the courts in our principal place of business.

13. Miscellaneous

  • Entire agreement — these terms plus the Privacy Policy constitute the entire agreement between us regarding the Service.
  • Severability — if any provision of these terms is held invalid, the rest remain in effect.
  • Waiver — our failure to enforce any provision doesn't waive our right to enforce it later.
  • Assignment — you can't transfer your account to another party without our written consent. We may assign these terms in connection with a merger, acquisition, or sale of assets.
  • No agency — these terms don't create a partnership, joint venture, or agency relationship.

14. Contact