Terms of Service

These Terms of Service govern access to and use of Qourby, including the website, application, scanner, APIs, reports, integrations, and related services. By accessing Qourby, creating an account, joining an access list, or using the service, you agree to these Terms.

If you use Qourby on behalf of a company, team, or other organization, you represent that you have authority to bind that organization. In that case, "you" and "your" refer to both you and the organization.

Qourby provides a security scanning workspace for web assets. The service may include domain and site management, scan profiles, vulnerability and configuration checks, findings triage, evidence capture, reports, webhooks, APIs, integrations, custom rules, and team workflows.

Qourby is a security assistance tool. It does not replace professional security review, legal review, compliance assessment, incident response, or your own operational controls.

Some parts of Qourby require an approved account. Public account creation may be limited while the product is in development or private access. You must provide accurate account information and keep credentials, tokens, API keys, and session access secure.

You are responsible for activity under your account, including activity by employees, contractors, invited team members, integrations, and automated systems using your credentials or API keys. Notify us promptly if you believe access has been compromised.

You may only submit domains, URLs, applications, APIs, networks, systems, or other assets that you own, administer, or are expressly authorized to test. You are responsible for obtaining and maintaining any required permissions from asset owners, hosting providers, customers, and internal stakeholders.

You must not use Qourby to scan, probe, disrupt, enumerate, attack, or collect information from third-party assets without permission. We may require verification of control over a site or domain and may refuse or stop scans where authorization is unclear.

You must use Qourby lawfully and responsibly. You must not use the service to perform unauthorized testing, denial-of-service activity, credential attacks, spam, phishing, malware delivery, exploitation, data exfiltration, evasion of security controls, or activity intended to harm another person, service, or network.

You must not attempt to bypass rate limits, account restrictions, scan safeguards, access controls, authentication, billing controls, logging, or security measures. You must not reverse engineer, scrape, resell, sublicense, or misuse the service except where permitted by law or by a written agreement with us.

Security scanning can generate traffic, trigger alerts, expose misconfigurations, affect fragile systems, or interact with application controls. You are responsible for choosing appropriate scan profiles, timing scans, notifying stakeholders, monitoring systems, and ensuring scans are suitable for your environment.

You remain responsible for validating findings, prioritizing remediation, implementing fixes, and determining whether your systems satisfy security, regulatory, contractual, or operational requirements.

Qourby may identify vulnerabilities, misconfigurations, missing controls, suspicious signals, or security best-practice gaps. Results may include false positives, false negatives, incomplete evidence, outdated references, or findings that require manual validation.

We do not guarantee that Qourby will find every issue, prevent incidents, satisfy compliance obligations, or make any system secure. Reports are informational and should be reviewed by qualified personnel before being relied on for decisions.

You retain ownership of domains, scan configurations, scan results, uploaded materials, reports, comments, metadata, and other content you submit or generate through the service. You grant us the rights needed to host, process, secure, transmit, display, and operate that data for the service.

We will treat non-public customer data as confidential and use reasonable administrative, technical, and organizational measures to protect it. You are responsible for ensuring that customer data submitted to Qourby may lawfully be processed by the service.

Qourby may connect to third-party services such as identity providers, hosting platforms, messaging tools, issue trackers, webhooks, and infrastructure providers. Your use of third-party services is governed by their terms and policies.

If you enable an integration, you authorize Qourby to exchange data with that provider as needed for the integration. You are responsible for configuring scopes, permissions, recipients, and destinations correctly.

Plans may include limits for sites, scans, scan profiles, API keys, webhooks, users, history retention, reports, and support. We may enforce plan limits, suspend activity that exceeds limits, or require an upgrade for continued access to restricted features.

Paid plans, trials, renewals, taxes, refunds, cancellations, and invoices may be governed by additional billing terms shown at purchase or in a signed order. Pricing and plan features may change prospectively with reasonable notice where required.

We may suspend or terminate access if we believe you violated these Terms, created legal or security risk, used the service abusively, failed to pay amounts owed, or used Qourby in a way that may harm the service, other users, or third parties.

You may stop using Qourby at any time. Termination does not affect obligations that should reasonably survive, including payment obligations, confidentiality, intellectual property rights, disclaimers, limitations of liability, indemnity, and dispute provisions.

Qourby, including its software, user interface, design, workflows, documentation, branding, logos, and service materials, is owned by us or our licensors and is protected by intellectual property laws.

These Terms do not transfer ownership of Qourby to you. You may use the service only as permitted by these Terms and any applicable plan, documentation, or written agreement.

If you provide suggestions, ideas, requests, bug reports, or other feedback, you grant us permission to use that feedback without restriction or compensation. We are not required to treat feedback as confidential unless we separately agree in writing.

To the maximum extent permitted by law, Qourby is provided on an "as is" and "as available" basis. We disclaim warranties of merchantability, fitness for a particular purpose, non-infringement, uninterrupted operation, error-free operation, and accuracy of scan results.

Some laws do not allow certain exclusions. Where those laws apply, the exclusions apply only to the maximum extent permitted.

To the maximum extent permitted by law, we will not be liable for indirect, incidental, special, consequential, exemplary, or punitive damages, or for lost profits, lost revenue, lost data, business interruption, loss of goodwill, security incidents, remediation costs, or third-party claims arising from or related to Qourby.

To the maximum extent permitted by law, our total liability for all claims relating to Qourby is limited to the greater of the amount you paid for the service in the three months before the event giving rise to the claim or USD $100.

You agree to defend, indemnify, and hold us harmless from claims, damages, losses, liabilities, costs, and expenses arising from your use of Qourby, your customer data, your violation of these Terms, your violation of law, unauthorized scanning, or infringement of third-party rights.

We may update the service, add or remove features, adjust scan behavior, change plans, or modify these Terms. If changes are material, we will provide notice through the website, application, email, or another reasonable channel.

Your continued use of Qourby after changes become effective means you accept the updated Terms. If you do not agree, you must stop using the service.

These Terms are governed by the laws applicable where Qourby operates, without regard to conflict-of-law rules, unless a written agreement with you states otherwise. Courts in that jurisdiction will have exclusive authority over disputes, except where applicable law requires another forum.

Questions about these Terms may be sent to legal@qourby.com. Product and account questions may be sent to support@qourby.com. Security reports may be sent to security@qourby.com.