top of page

Terms and Conditions – CyberNova OÜ

Last updated: December 2025

Introduction
These Terms and Conditions (“Terms”) govern the use of the products, services, websites and Client Area provided by CyberNova OÜ, a private limited company duly incorporated under the laws of the Republic of Estonia. By accessing or using any of CyberNova’s services, products, websites, platforms or the Client Area, you acknowledge that you have read, understood and agree to be bound by these Terms.
If you do not agree to these Terms, you must not access or use the Services.
These Terms apply to all Clients, including individuals acting on behalf of legal entities. Where you use the Services on behalf of a company or other organisation, you represent and warrant that you have the authority to bind that organisation to these Terms.


1. Definitions
For the purposes of these Terms, the following definitions apply:
CyberNova: Refers to CyberNova OÜ and, where relevant, its affiliates, subcontractors and authorised service providers.
Client: Any natural or legal person who accesses, subscribes to, purchases, or uses CyberNova’s Services, whether directly or through authorised users.
Services: The cybersecurity and related services provided by CyberNova on a subscription and/or standalone basis, including but not limited to:

  • Managed SOC as a Service (SOCaaS);

  • Vulnerability management and scanning;

  • Penetration testing and ethical hacking;

  • Security awareness and phishing simulations;

  • Virtual CISO and security governance;

  • Compliance and regulatory readiness (including GDPR, NIS2, ISO 27001 and related frameworks);

  • Threat intelligence, configuration review, digital risk analysis, advisory services, incident-related guidance; and

  • Associated maintenance, support, updates and reporting.

Subscription: The recurring contractual arrangement under which the Client is granted time-limited access to certain Services, subject to payment of the applicable fees, typically including continuous or periodic delivery (such as ongoing monitoring, scheduled scanning or recurring advisory calls).
Standalone Services: Professional services sold and delivered on a non-recurring, project, engagement or on-demand basis, such as individual penetration tests, one-off audits, compliance assessments, training programmes, workshops or bespoke consulting engagements, dimensioned to the Client’s size, infrastructure and risk profile.
Service Order / Statement of Work (SOW): Any written document, proposal, quotation or agreement (including electronic acceptance) specifying the concrete scope, fees, timelines and deliverables for particular Subscription(s) and/or Standalone Services, which is deemed to form an integral part of these Terms.
Account / Client Area: The secure web portal made available by CyberNova to the Client for access to the Services, including management of subscriptions, tickets, reports, deliverables, configuration data and billing information.
Third-Party Services: Any software, platforms, infrastructure, tools, content, or services provided by entities other than CyberNova which are integrated with, connected to, or used in conjunction with the Services (for example: hosting providers, cloud platforms, scanning engines, communication tools or analytics platforms).
Deliverables: Any reports, dashboards, recommendations, assessments, documentation, risk analyses, remediation roadmaps, executive summaries, training materials or other outputs generated by CyberNova in the course of providing the Services.
Confidential Information: Any non-public information disclosed by one party to the other, whether oral, written, or in electronic form, that is designated as confidential or would reasonably be understood as confidential given the nature of the information and the circumstances of disclosure.


2. Scope of Services
2.1 Nature of Services
CyberNova provides professional cybersecurity and related technology services on both a subscription basis and a project-based / standalone basis. Depending on the selected plan, Service Order or Statement of Work, the Services may include, without limitation:

  • vulnerability scans and configuration reviews of systems or networks authorised by the Client;

  • monitoring and reporting of identified security findings, trends and risks;

  • provision of dashboards, reports, security metrics and remediation roadmaps in the Client Area;

  • recommendations and advisory services in relation to mitigation, hardening and best practices;

  • basic guidance in relation to incident response, containment and remediation steps (excluding full managed incident response unless expressly agreed in writing);

  • security awareness content, guidelines and high-level training materials, including phishing simulations;

  • virtual CISO, governance, policy and risk-management advisory;

  • compliance and regulatory readiness assessments (e.g. GDPR, NIS2, ISO/IEC 27001 and related frameworks);

  • Ongoing maintenance, updates, enhancements and technical support relating to the above.

Subscription-based Services typically provide continuous or periodic delivery (e.g. 24/7 monitoring, scheduled scanning, regular reporting), while Standalone Services are dimensioned to the Client’s needs, delivered over a defined period and may be billed on a fixed-price or time-and-materials basis.


2.2 Service Description and Limits
The precise content, frequency, depth and technical scope of the Services are defined in the relevant Subscription description, Service Order, proposal or separate service agreement. CyberNova does not provide any services outside the agreed scope unless expressly confirmed in writing.
The Services are not a substitute for the Client’s own legal, regulatory, compliance or risk-management obligations; the Client remains solely responsible for its own compliance with applicable laws, industry standards and regulatory requirements in all jurisdictions in which it operates (including EU Member States, EEA/Schengen countries such as Switzerland, and the United Kingdom).


2.3 Changes and Improvements
CyberNova may, at its discretion, modify, improve or replace elements of the Services in order to enhance security, performance, usability or regulatory alignment. Such modifications will not materially reduce the core functionality of the Services purchased by the Client during the active subscription term, unless required by law, by a supervisory authority, or by technical dependencies or constraints imposed by third-party providers.


3. Client Accounts and Client Area Privacy
3.1 Account Creation and Accuracy
To access the Client Area, Clients must register an Account and provide accurate, complete and up-to-date information. CyberNova may refuse or cancel registrations if information is found to be false, misleading or incomplete.


3.2 Security of Credentials
The Client is solely responsible for safeguarding Account credentials and for all actions performed under its Account. The Client shall implement appropriate internal controls, such as role-based access, where technically available multi-factor authentication, regular review of authorised users and timely revocation of access upon staff departures or role changes. CyberNova shall not be liable for any loss or damage arising from the Client’s failure to comply with these obligations.


3.3 Access by CyberNova
CyberNova will only access Client Area content and data when reasonably necessary:

  • to provide, maintain, or support the Services;

  • to investigate security incidents, suspected breaches or technical issues;

  • to comply with legal obligations or binding requests from competent supervisory, regulatory, judicial or law-enforcement authorities; or

  • where expressly authorised by the Client for a specific purpose (for example, troubleshooting or advisory).

3.4 Data Protection and Legal Framework
Personal data processed in the context of registration and use of the Client Area, as well as personal data processed in the context of delivering the Services, shall be handled in accordance with:

  • Regulation (EU) 2016/679 (General Data Protection Regulation, “GDPR”);

  • the Estonian Personal Data Protection Act;

  • where applicable, the EU Directive (EU) 2022/2555 on measures for a high common level of cybersecurity across the Union (“NIS2”), as implemented in national law;

  • where relevant, the United Kingdom GDPR and Data Protection Act 2018; and

  • where relevant, the Swiss Federal Act on Data Protection (FADP) and any other applicable data-protection legislation in EEA/Schengen countries served by CyberNova.

Details of personal data processing are provided in CyberNova’s Privacy Policy, which forms an integral part of these Terms.


3.5 Operational Alignment with Innova Group Frameworks
Where relevant and technically appropriate, CyberNova aligns its security controls, processes and infrastructures with frameworks and good practices implemented within the Innova Group ecosystem, including infrastructures audited under internationally recognised standards such as ISO/IEC 27001, ISO 22301, PCI-DSS, NIST Cybersecurity Framework and comparable schemes. Such alignment does not imply that CyberNova itself holds any specific certification, unless explicitly stated, but reflects CyberNova’s commitment to structured, risk-based security management.


4. Subscriptions and Payment
4.1 Subscription Plans
Access to Subscription-based Services is granted under one or more Subscription plans, as specified in the Client’s order, quotation, Service Order or online selection. Subscription plans may be monthly, annual, or for another agreed period, and may differ in terms of features, usage limits, service levels, geographies covered and reporting options.


4.2 Fees, Invoicing and Payment
(a) Fees are payable in advance for each subscription term, unless otherwise agreed in writing.
(b) CyberNova may issue invoices electronically; the Client agrees to receive invoices and related communications in this manner.
(c) Payments must be made in the currency and within the timeframe indicated on the invoice or order form.
(d) If payment is not received when due, CyberNova may charge statutory interest on late payments and may suspend or restrict access to the Services until outstanding amounts, interest and any reasonable collection costs are settled.


4.3 Non-Refundability
Except where mandatory law requires otherwise, all fees are non-refundable once the subscription period or project has commenced. This includes situations where the Client does not actively use the Services, unless otherwise agreed in a specific service-level or master agreement.


4.4 Third-Party Payment Processors
Where payments are processed by a third-party payment provider, such processing is subject to that provider’s own terms and conditions and privacy policy. CyberNova is not responsible for the acts or omissions of payment processors, but will reasonably cooperate to address any technical or security issues affecting payments that fall within CyberNova’s control.


4.5 Renewal
Subscriptions will automatically renew for successive terms equal to the original subscription term, unless the Client or CyberNova gives written notice of non-renewal within the cancellation period set out in the applicable order, agreement or the Client Area. CyberNova will inform the Client in advance if any material changes to the Services or pricing will take effect upon renewal.


4.6 Cancellation by Client
The Client may cancel a Subscription at any time via the Client Area or by written notice to CyberNova, subject to any minimum term, initial commitment period or notice period agreed. Unless otherwise specified, cancellation takes effect at the end of the current paid term. The Client will not be entitled to a refund for any unused portion of the subscription period.


4.7 Changes in Pricing
CyberNova reserves the right to adjust pricing and billing methods, including the introduction of new charges or revised fee structures. Any such changes will:

  • not affect the then-current active term already paid by the Client; and

  • only apply to subsequent renewal periods, after providing the Client with reasonable prior notice.

If the Client does not agree to the revised pricing, the Client may elect not to renew the Subscription.


4.8 Standalone Services and Project Billing
Standalone Services and project-based engagements may be billed on a fixed-fee, milestone-based or time-and-materials basis, as specified in the relevant Service Order or SOW. Unless otherwise agreed:

  • a portion of the fee may be payable upfront to confirm the engagement;

  • interim invoices may be issued for longer projects; and

  • All such invoices are subject to the same payment terms set out in this Clause 4.

5. Licence to Use Services
5.1 Grant of Licence
Subject to the Client’s timely payment of fees and ongoing compliance with these Terms, CyberNova grants the Client a limited, revocable, non-exclusive, non-transferable and non-sublicensable licence to access and use the Services and associated software solely for the Client’s internal business purposes, strictly in accordance with the scope defined in the relevant Subscription plan and/or Service Order.


5.2 Restrictions
The Client shall not, and shall not permit any third party to:

  • copy, modify, adapt, translate, reverse engineer, decompile, disassemble or otherwise attempt to derive the source code of any software component of the Services, except where such restriction is prohibited by applicable law;

  • remove, obscure or alter any proprietary notices, trademarks or copyright indications;

  • sub-license, sell, resell, rent, lease, outsource, or otherwise make the Services or Deliverables available to any third party, except as expressly authorised in writing;

  • use the Services to provide a competing or substantially similar service, or for the purpose of benchmarking or comparison with the intention of developing a competing product.

5.3 Ownership of Intellectual Property
All intellectual property rights in and to the Services, Deliverables, software, documentation, designs, logos, trademarks and content made available by CyberNova remain the sole property of CyberNova or its licensors. No title or ownership is transferred to the Client by virtue of these Terms or by the provision of the Services. Any rights not expressly granted herein are reserved.


6. Acceptable Use Policy
6.1 General Obligations
The Client shall use the Services in a responsible manner and in conformity with all applicable laws, regulations and contractual obligations in all relevant jurisdictions, including those of the European Union, EEA/Schengen states and any other country in which the Client operates or to which the Services are provided.


6.2 Prohibited Activities
Without limitation, the Client shall not:

  • use the Services to carry out or assist in unlawful activities, including unauthorised access, hacking, data theft, denial-of-service attacks or distribution of malicious code;

  • probe, scan or test the vulnerability of any system or network without the explicit written authorisation of the relevant owner;

  • attempt to circumvent, disable or otherwise interfere with any security or access-control mechanisms implemented by CyberNova;

  • share login credentials with unauthorised persons or provide access to the Client Area to any third party not covered by the Subscription or Service Order;

  • upload to the Client Area any content that is illegal, defamatory, offensive, discriminatory, or that infringes third-party intellectual-property or privacy rights;

  • misuse the Services in a way that could damage, disable, overburden or impair CyberNova’s infrastructure or that of its suppliers.

6.3 Consequences of Breach
CyberNova may suspend or restrict access to the Services, in whole or in part, where there are reasonable grounds to believe that the Client has violated this Acceptable Use Policy. In serious or repeated cases, CyberNova may terminate the Subscription and/or relevant Service Orders in accordance with Clause 13.


7. Third-Party Services and Links
7.1 Use of Third-Party Services
The Services may rely on or provide optional access to Third-Party Services, such as hosting providers, communication tools, security scanners, analytics or ticketing platforms. These Third-Party Services are governed solely by the terms and conditions and privacy policies of the relevant providers.


7.2 No Endorsement or Control
CyberNova does not control, endorse or assume responsibility for Third-Party Services. CyberNova does not warrant the availability, accuracy, performance, security or suitability of any Third-Party Service and shall not be liable for any loss or damage arising from the Client’s use of or reliance on such services.


7.3 Client Responsibility
The Client is responsible for evaluating whether Third-Party Services meet its own legal, compliance, and technical requirements, including its obligations under the GDPR, UK GDPR, Swiss FADP, and any other data-protection legislation applicable to the Client. Any use of Third-Party Services is at the Client’s own risk.


8. Privacy and Data Protection
8.1 Regulatory Compliance
CyberNova is committed to processing personal data in compliance with:

  • GDPR (Regulation (EU) 2016/679);

  • applicable national data-protection laws (including the Estonian Personal Data Protection Act);

  • where relevant, the NIS2 Directive and related cybersecurity regulations;

  • where relevant, the United Kingdom GDPR and Data Protection Act 2018; and

  • where relevant, the Swiss Federal Act on Data Protection and similar EEA/Schengen norms.

8.2 Roles of the Parties
Unless stated otherwise in a specific data-processing agreement, CyberNova acts as:

  • data controller in relation to personal data collected directly from Clients (e.g. account details, contact data, billing data, communications); and

  • may act as a data processor where it processes personal data on behalf of the Client within the scope of a bespoke engagement or managed service, in which case additional written terms (such as a Data Processing Agreement) may apply.

8.3 Purposes and Legal Bases of Processing
Personal data may be processed for purposes including:

  • account registration and authentication;

  • provision, configuration and monitoring of the Services;

  • billing, invoicing and financial management;

  • security monitoring, incident detection and response;

  • communication with the Client and its authorised users;

  • compliance with legal obligations and regulatory requirements;

  • defence of legal claims.

Legal bases may include Article 6(1)(b) GDPR (performance of a contract), Article 6(1)(c) GDPR (legal obligation), Article 6(1)(f) GDPR (legitimate interests, such as ensuring security and service quality) and, where applicable, Article 6(1)(a) GDPR (consent).


8.4 Data Subject Rights
Data subjects whose personal data is processed by CyberNova may have rights under GDPR, UK GDPR, Swiss FADP and applicable national laws, including rights of:

  • access;

  • rectification;

  • erasure;

  • restriction of processing;

  • data portability; and

  • objection to certain processing activities.

Requests to exercise such rights may be submitted using the contact details provided in Clause 17 and will be handled in accordance with applicable law. Where CyberNova acts as data processor, the Client is primarily responsible for responding to such requests, and CyberNova will provide reasonable assistance.


8.5 Security Measures
CyberNova implements appropriate technical and organisational measures to protect personal data and Client information against unauthorised access, accidental loss, destruction or damage, having regard to the state of the art, implementation costs and the nature, scope, context and purposes of processing, in line with Article 32 GDPR and comparable provisions in other applicable frameworks. Such measures may include encryption, access controls, network segregation, logging and monitoring, vulnerability management and regular security reviews.
However, no security measure can guarantee absolute protection in all circumstances; the Client acknowledges this residual risk.
Further details can be found in the Privacy Policy, which supplements these Terms.


9. International Data Transfers (GDPR Articles 44–49)
9.1 General Framework
Under Chapter V of the GDPR (Articles 44–49), personal data may be transferred to countries outside the European Economic Area (“EEA”) only where specific conditions are met, such as:

  • an adequacy decision by the European Commission (Article 45 GDPR);

  • appropriate safeguards (Article 46 GDPR); or

  • one of the derogations for specific situations (Article 49 GDPR).

Guatemala is not currently recognised by the European Commission as a country providing an adequate level of protection within the meaning of Article 45 GDPR.


9.2 Location of Operations
While CyberNova OÜ is legally established in Estonia and maintains its primary corporate presence within the European Union, certain operational activities—including but not limited to analysis, support, SOC operations, consultancy and administrative tasks—are carried out by personnel located in Guatemala and potentially other non-EEA jurisdictions.
As a result, personal data relating to Clients or their users within the EU, EEA/Schengen, the United Kingdom or Switzerland may be accessed or processed from Guatemala and/or other non-adequate countries in the course of providing the Services.


9.3 Explicit Informed Consent (Article 49(1)(a) GDPR)
By entering into these Terms and by continuing to use the Services, the Client:

  1. explicitly consents, within the meaning of Article 49(1)(a) GDPR, to the transfer and remote processing of relevant personal data to and from Guatemala and any other non-EEA country in which CyberNova or its authorised personnel operate;

  2. acknowledges that such countries may not provide a level of data-protection legislation equivalent to the GDPR, UK GDPR, Swiss FADP or other EEA/Schengen norms, and that supervisory and enforcement mechanisms may differ; and

  3. agrees that CyberNova compensates for such differences by implementing robust technical and organisational measures, contractual safeguards and strict internal policies designed to ensure an adequate and GDPR-compatible level of protection.

9.4 Safeguards and Restrictions
CyberNova undertakes to:

  • Limit transfers of personal data to what is strictly necessary for the performance of the Services;

  • ensure that all personnel handling personal data are bound by confidentiality obligations and are trained in data-protection and cybersecurity principles;

  • apply security controls consistent with recognised standards (including ISO/IEC 27001 principles, NIST CSF, Tier I–III datacentre practices and PCI-DSS where relevant);

  • maintain appropriate logging and access-control mechanisms;

  • ensure that any subprocessors or third parties in non-EEA countries are engaged under written agreements imposing data-protection and security obligations that are not materially less protective than those set out in these Terms.

9.5 Subprocessors
CyberNova may use subprocessors established within or outside the EEA/Schengen area to provide elements of the Services (for example, hosting providers or specialised security tools). Where such subprocessors are located in third countries, CyberNova will:

  • ensure that an appropriate transfer mechanism under GDPR is in place (e.g. Standard Contractual Clauses under Article 46 GDPR or explicit consent under Article 49 GDPR); and

  • disclose the categories of subprocessors upon reasonable request, subject to confidentiality constraints.

9.6 Withdrawal of Consent and Impact on Services
The Client may withdraw its explicit consent to international data transfers at any time by providing written notice to CyberNova. However, the Client acknowledges that:

  • Due to the operational structure of CyberNova, withdrawal of consent may make it technically or legally impossible for CyberNova to continue providing the Services; and

  • CyberNova may therefore need to terminate the relevant Subscription(s) or Service Order(s) in accordance with Clause 13.

9.7 Right to Deletion Following Termination
In addition to any rights under Clause 13.4 and Article 17 GDPR, Clients may request that CyberNova permanently delete all personal data relating to them held by CyberNova, subject to legal retention obligations. Once such a deletion has been executed:

  • data cannot be recovered or reconstructed by CyberNova;

  • CyberNova will no longer be able to provide historical reports, past deliverables or forensic reconstruction of prior events; and

  • Any later engagement with the Client may require repeating prior assessments or work at the Client’s cost.

10. Confidentiality
10.1 Obligations
Each party undertakes to treat the other party’s Confidential Information as strictly confidential, to use such information solely for the purposes of performing or receiving the Services, and not to disclose it to any third party without prior written consent, except as permitted below.


10.2 Permitted Disclosures
Either party may disclose Confidential Information:

  • to its employees, officers, professional advisers and subcontractors who have a need to know such information and are bound by confidentiality obligations no less protective than those contained herein;

  • where required by law, court order, or request from a competent supervisory, regulatory or law-enforcement authority, provided that, to the extent legally permitted, the disclosing party gives prompt notice to the other party.

10.3 Exclusions
Confidential Information does not include information that:

  • is or becomes publicly available without breach of this Clause;

  • was lawfully known by the receiving party before disclosure;

  • is independently developed without use of or reference to the Confidential Information; or

  • is lawfully received from a third party without restriction.

10.4 Duration
The confidentiality obligations under this Clause shall survive termination of these Terms for a period of at least five (5) years, or longer where required by law or professional regulation.


11. Warranty Disclaimer
11.1 General Disclaimer
Except as expressly set out in a written agreement signed by both parties, the Services, Deliverables and any related materials are provided “AS IS” and “AS AVAILABLE”, without any warranties or representations of any kind.


11.2 No Implied Warranties
To the maximum extent permitted by law, CyberNova expressly disclaims all implied warranties, including but not limited to implied warranties of merchantability, fitness for a particular purpose, satisfactory quality, accuracy, non-infringement, or that the Services will meet the Client’s requirements, be compatible with all systems, operate uninterrupted, or be free from defects, vulnerabilities or errors.


11.3 Security Context
The Client acknowledges that cybersecurity is inherently risk-based: no system, network or application can be guaranteed to be completely secure. CyberNova’s Services aim to assist in the identification, prioritisation and mitigation of risks, but cannot guarantee prevention of all incidents, breaches, attacks or losses, nor can CyberNova guarantee that all vulnerabilities will be found.


11.4 Third-Party Content and Information
Any information, recommendations or intelligence provided as part of the Services is based on sources and tools reasonably believed to be reliable, but is provided for informational purposes only and without warranty as to completeness or absolute accuracy. The Client remains responsible for validating and implementing any recommended measures.


12. Limitation of Liability
12.1 Cap on Liability
To the fullest extent permitted by applicable law, CyberNova’s aggregate liability arising out of or in connection with the Services, these Terms, or any related claim (whether in contract, tort, negligence, strict liability or otherwise) shall be limited to the total amount of subscription or service fees actually paid by the Client to CyberNova during the twelve (12) months immediately preceding the event giving rise to the claim.


12.2 Exclusion of Certain Damages
In no event shall CyberNova be liable for:

  • loss of profits, revenue, business, contracts or anticipated savings;

  • loss of or damage to data, or corruption of data;

  • loss of goodwill or reputation;

  • business interruption; or

  • any indirect, consequential, incidental, punitive or special damages,

even if advised of the possibility of such damages or such loss was reasonably foreseeable.


12.3 Allocation of Risk
The Client acknowledges that the limitations set out in this Clause are an essential basis of the bargain between the parties and reflect a fair allocation of risk in light of the fees charged. The Client also acknowledges that the Services are priced on the assumption that such limitations will apply.


13. Termination
13.1 Termination by CyberNova
CyberNova may, without prejudice to any other rights or remedies, suspend or terminate the Client’s access to the Services and/or these Terms, in whole or in part, if:

  • The Client commits a material breach of these Terms and fails to remedy such breach within a reasonable period after written notice;

  • The Client fails to pay fees when due and does not cure such failure within the timeframe specified in a reminder notice;

  • CyberNova reasonably suspects fraudulent, abusive or unlawful use of the Services;

  • Continuation of the Services would expose CyberNova to a material legal, regulatory or security risk, including due to withdrawal of consent to international data transfers under Clause 9.

13.2 Termination by Client
The Client may terminate the Subscription and these Terms at any time by cancelling the Subscription in accordance with Clause 4 or by ceasing all use of the Services and providing written notice to CyberNova, subject to any minimum commitment period or notice requirements agreed.


13.3 Effects of Termination
Upon termination for any reason:

  • all licences granted under these Terms shall immediately cease;

  • The Client shall stop using the Services and shall delete or destroy any copies of software, documentation or other materials provided by CyberNova, except where retention is required by law;

  • Any accrued payment obligations shall become immediately due and payable.

13.4 Data Retention and Right to Erasure
CyberNova may, but is not obliged to, retain Client data for a limited period after termination, in accordance with its data-retention policies and legal obligations, after which such data may be securely deleted or anonymised.
In addition, the Client (and, where relevant, individual data subjects) may request that CyberNova permanently erase personal data relating to them, in accordance with Article 17 GDPR and comparable provisions under UK GDPR and Swiss FADP. Where such a request is granted and executed:

  • The Client expressly acknowledges and accepts that CyberNova will no longer retain any historical records, reports or Deliverables that depend on such data;

  • CyberNova will not be able to reproduce, reconstruct or provide copies of deleted information at any later date; and

  • Any future engagement that requires similar analyses or historical context may need to be performed again from scratch at the Client’s cost.

14. Changes to Terms
14.1 Right to Modify
CyberNova may revise these Terms from time to time to reflect changes in law, regulatory guidance, industry standards, business practices, or in the Services themselves.


14.2 Notification
Material changes will be communicated to Clients via email and/or through notifications in the Client Area. CyberNova will provide at least forty-eight (48) hours’ notice before material changes take effect, unless earlier implementation is required by law, a supervisory authority, or to address urgent security issues.


14.3 Acceptance of Changes
Continued use of the Services after the effective date of the revised Terms shall be deemed acceptance of such changes. If the Client does not agree to the updated Terms, the Client must cease using the Services and may terminate the Subscription and/or relevant Service Orders in accordance with Clause 13.


15. Governing Law and Jurisdiction
15.1 Applicable Law
These Terms and any disputes or claims arising out of or in connection with them or their subject matter (including non-contractual disputes or claims) shall be governed by and construed in accordance with the laws of the Republic of Estonia, together with applicable European Union law.
Nothing in these Terms shall prevent CyberNova from complying with mandatory provisions of data-protection or cybersecurity laws applicable to the Client in other jurisdictions (including EU Member States, EEA/Schengen countries, the United Kingdom and Switzerland).


15.2 Jurisdiction
The parties irrevocably agree that the courts of Estonia shall have exclusive jurisdiction to settle any dispute or claim arising out of or in connection with these Terms or their subject matter.


16. Force Majeure
16.1 Definition of Force Majeure Events
CyberNova shall not be liable for any delay, failure, interruption, suspension or limitation in the performance of its obligations under these Terms where such performance is prevented or materially hindered by events or circumstances beyond its reasonable control (“Force Majeure Events”).
 

16.2 Examples of Force Majeure Events
Force Majeure Events may include, without limitation:
(a) Natural and Environmental Events: earthquakes, floods, storms, fires, volcanic eruptions, or other extreme natural phenomena causing widespread disruption of infrastructure or services.
(b) Conflict and Public Disorder: war (declared or undeclared), armed conflict, acts of terrorism, civil unrest, riots, insurrection, or imposition of martial law that materially impairs the ability to operate or deliver the Services.
(c) Infrastructure and Utility Failures: large-scale or systemic failures of electricity supply, telecommunications networks, undersea cables, data-centre facilities, cloud platforms, or other critical infrastructure upon which the Services depend.
(d) Public Health Emergencies: pandemics, epidemics, or comparable public health emergencies officially recognised by competent authorities and resulting in restrictions, quarantines, workforce unavailability or other measures that impede performance.
(e) Industrial Actions: national or sector-wide strikes, lockouts or other labour disputes beyond CyberNova’s reasonable control affecting key suppliers or infrastructure providers.
(f) Astronomical or Cosmological Phenomena: extraordinary astronomical, solar, geomagnetic or cosmological events that significantly disrupt telecommunications, electrical grids or satellite-based systems relevant to the operation of the Services.
(g) Non-Terrestrial, Non-Human or Interdimensional Events: the manifestation of events or entities of non-terrestrial, non-human or interdimensional origin that directly or indirectly interfere with terrestrial infrastructure, communications systems, public order or the safe operation of digital or physical environments.
(h) Eschatological or Mythological Events: large-scale societal disruption arising from the fulfilment of ancient mythological or cultural eschatological traditions, including events consistent with catastrophic cosmological cycles described in such traditions.
(i) Severe Pathogenic Disruptions: verified outbreaks of pathogenic conditions causing severe neurological, behavioural or societal disruption recognised by the Estonian Health Board, the European Centre for Disease Prevention and Control (ECDC), the World Health Organization (WHO) or any successor authority, to the extent such events materially impede the operation of the Services.
(j) Other Extraordinary Events: any other event of an extraordinary, unforeseeable and unavoidable nature that is beyond CyberNova’s reasonable control and materially impairs performance.


16.3 Consequences of Force Majeure
During any period in which a Force Majeure Event persists, CyberNova’s obligations under these Terms shall be suspended to the extent affected. CyberNova shall use reasonable efforts to mitigate the impact and resume performance as soon as reasonably practicable, but shall not be deemed in breach of these Terms for failure or delay resulting from such events.


17. Miscellaneous and Contact Information
17.1 Entire Agreement
These Terms, together with any applicable order forms, Service Orders, Statements of Work, data-processing agreements and written service agreements, constitute the entire agreement between CyberNova and the Client regarding the Services and supersede all prior proposals, understandings or representations, whether oral or written, relating to the same subject matter.


17.2 Severability
If any provision of these Terms is held to be invalid, unlawful or unenforceable by a competent court or authority, such provision shall be deemed modified to the minimum extent necessary to make it valid and enforceable, and the remaining provisions shall remain in full force and effect.


17.3 Waiver
No failure or delay by either party in exercising any right or remedy under these Terms shall operate as a waiver of such right or remedy, nor shall any single or partial exercise of any such right or remedy preclude the further exercise of that or any other right or remedy.


17.4 Assignment
The Client may not assign or transfer any of its rights or obligations under these Terms without CyberNova’s prior written consent. CyberNova may assign or transfer its rights and obligations to an affiliate or successor in connection with a restructuring, merger, acquisition or transfer of business, provided that this does not materially reduce the protections afforded to the Client.


17.5 Contact Information
For questions about these Terms or to exercise data-protection rights, please contact:
CyberNova OÜ
Registration Number: 17267279
Registered Office: Lõõtsa tn 5, Lasnamäe district, Tallinn, 11415, Harju County, Estonia
CyberNova Legal Department
Email: legal@cybernovaprotect.com
Phone: +34 902 01 81 83

bottom of page