Legal · 02
Terms of Service
Last updated · 30 May 2026
These Terms of Service ("Terms") govern your use of hackastra.com (the "Site"), the Hackastra incident response channel, and any paid consulting engagement that follows (together, the "Services"). The Services are provided by HACKASTRA INFOSEC L.L.C-FZ, a free-zone limited liability company registered in the United Arab Emirates ("Hackastra", "we"). By opening a channel or engaging Hackastra, you accept these Terms.
1. The service
Hackastra provides private cyber incident response — discreet triage of active intrusions, data leaks, ransomware, digital extortion, and impersonation cases. Hackastra is not law enforcement, not a regulated legal-services firm, and not an insurance provider. Nothing on the Site constitutes legal, financial, regulatory, or insurance advice.
2. Engagement scope
Initial triage through the channel is offered free of charge and creates no obligation on either party. If both parties agree to proceed, Hackastra will issue a written engagement letter setting out the scope of work, deliverables, key assumptions, milestones, and a fixed fee (or, where strictly necessary, a time-and-materials estimate). The engagement letter, with these Terms, forms the agreement between us. Paid work begins only after the engagement letter is accepted in writing (email is sufficient).
3. Payment terms
- Fees are quoted in AED or USD and exclude any applicable VAT or withholding tax.
- Where a retainer or deposit is specified, work begins on receipt.
- Invoices are due within fourteen (14) days of issue.
- Overdue amounts may bear interest at the lower of two percent (2%) per month or the maximum permitted by UAE law, calculated from the due date until paid.
- Hackastra may suspend the Services where invoices remain unpaid beyond their due date, after written notice.
4. No guarantee of outcomes
Cyber incident outcomes are inherently uncertain. Hackastra makes no warranty, express or implied, that an intrusion will be fully remediated, that data will be recovered, that systems will be restored, that attackers will be identified, or that future incidents will be prevented. The Services are provided on an "as is" and "as available" basis. To the maximum extent permitted by law, all implied warranties (including merchantability, fitness for a particular purpose, and non-infringement) are disclaimed.
5. Confidentiality obligations
Hackastra treats the channel, the existence of any engagement, and all client information as confidential. Subject to the Privacy Policy and Confidentiality Policy, Hackastra will not disclose your identity, the existence of the engagement, or its contents to any third party except (a) with your written consent, (b) to Hackastra's authorised personnel and bound vendors who need it to perform the Services, or (c) where compelled by a valid order of a competent authority. You agree to treat Hackastra's methodologies, tooling, deliverables, and rate information as confidential and not to disclose them to third parties without our prior written consent. These obligations survive termination indefinitely.
6. Acceptable use
Your use of the Services is also governed by our Acceptable Use Policy. Without limiting that policy, you must not:
- Share credentials, secrets, API keys, or live personally identifiable information in the channel.
- Use the Services to commission illegal activity, attack third parties, or access systems you do not own or are not authorised to investigate.
- Impersonate another person, organisation, or counsel.
Hackastra may terminate the Services immediately on breach of these obligations.
7. Limitation of liability
To the maximum extent permitted by UAE law, Hackastra's aggregate liability arising out of or in connection with the Services — whether in contract, tort (including negligence), statute, or otherwise — shall not exceed the fees actually paid by you to Hackastra under the relevant engagement. Where no fees have been paid (for example, during free triage), Hackastra's aggregate liability shall not exceed five hundred United States dollars (USD 500). In no event will Hackastra be liable for indirect, incidental, consequential, special, exemplary, or punitive damages, lost profits, lost data, loss of business, or reputational harm. Nothing in this clause limits liability that cannot be limited under UAE law.
8. Intellectual property
Hackastra retains all rights to its tooling, methodologies, software, and pre-existing intellectual property. Deliverables produced specifically for you are licensed to you on a non-exclusive, non-transferable, perpetual basis for your internal use, subject to payment of all fees due.
9. Termination
Either party may terminate an engagement at any time by written notice. Fees for work properly completed up to the date of termination remain due. Hackastra may terminate the Services immediately where you breach these Terms. Confidentiality, limitation of liability, governing law, and other survival-intended provisions continue to apply.
10. Governing law & disputes
These Terms are governed by the laws of the United Arab Emirates as applicable in the free zone in which HACKASTRA INFOSEC L.L.C-FZ is registered. Any dispute is subject to the exclusive jurisdiction of the courts of the United Arab Emirates, save that either party may seek injunctive or interim relief in any court of competent jurisdiction to protect its confidential information or intellectual property.
11. Changes
We may update these Terms from time to time. Material changes will be flagged on this page with a revised effective date. Continued use of the Services after such changes constitutes acceptance.
12. Contact
Questions about these Terms: legal@hackastra.com.