Limitation of Liability
Effective Date: January 1, 2025
Table of Contents
1. Introduction & Scope
This Limitation of Liability clause forms an integral part of the CyberVault Master Services Agreement and related terms of service. By accessing, subscribing to, or utilizing any CyberVault products, services, or platforms, you acknowledge and agree to the limitations and exclusions outlined herein.
These terms govern the allocation of risk and liability between CyberVault and its clients, partners, and users. This document should be read in conjunction with our Terms of Service, Privacy Policy, and applicable Service Level Agreements.
2. Nature of Cybersecurity Services
CyberVault provides cybersecurity assessment, monitoring, threat detection, and advisory services. While we employ industry-leading technologies, AI-driven analysis, and certified security professionals, no cybersecurity solution can guarantee absolute protection against all forms of cyber threats, attacks, or data breaches.
Important Notice: Cybersecurity is a shared responsibility. CyberVault's tools and services are designed to significantly reduce risk, but they do not eliminate it entirely. Client environments, configurations, third-party dependencies, and human factors inherently contribute to the overall security posture.
CyberVault does not warrant that its services will be uninterrupted, error-free, or completely immune to advanced persistent threats (APTs), zero-day exploits, or socially engineered attacks that bypass technical controls.
3. Limitation of Direct Liability
Subject to Section 6 (Exceptions), CyberVault's total aggregate liability arising out of or related to this agreement, whether in contract, tort (including negligence), or otherwise, shall not exceed:
- The total fees paid or payable by the Client to CyberVault for the specific service giving rise to the claim during the twelve (12) months immediately preceding the event or omission giving rise to the claim; or
- For subscription-based services, 125% of the annual subscription fee for the applicable tier; or
- The minimum insurance coverage maintained by CyberVault for professional liability, whichever is greater.
This cap applies to the entire relationship between the parties, regardless of the number of claims, causes of action, or theories of liability asserted.
4. Exclusion of Consequential Damages
In no event shall CyberVault be liable for any indirect, special, incidental, punitive, or consequential damages arising from or related to the use or inability to use CyberVault services. This includes, but is not limited to:
- Loss of profits, revenue, business opportunity, or goodwill
- Loss of data, business interruption, or system downtime
- Costs of procurement of substitute goods or services
- Regulatory fines, penalties, or compliance-related expenses
- Reputational harm or third-party claims
This exclusion applies even if CyberVault has been advised of the possibility of such damages and regardless of the legal or equitable theory upon which liability may be asserted.
5. Client Responsibilities
CyberVault's liability limitations are contingent upon the Client fulfilling their obligations under the agreement, including but not limited to:
- Maintaining up-to-date operating systems, firmware, and third-party software
- Implementing recommended security configurations and patching schedules
- Providing accurate access credentials, network topology, and asset inventories
- Enforcing internal access controls, least-privilege policies, and employee security training
- Notifying CyberVault promptly of suspected incidents or unauthorized access
Failure to comply with documented security baselines, ignore critical alerts, or willfully circumvent CyberVault controls may void liability protections and limit service obligations.
6. Exceptions to Limitation
The limitations and exclusions in this section shall not apply to:
- Claims arising from CyberVault's gross negligence, willful misconduct, or fraudulent acts
- Breaches of confidentiality or data privacy obligations where expressly required by applicable law
- Violations of intellectual property rights or indemnification obligations as defined in the Master Services Agreement
- Claims for bodily injury or property damage directly caused by CyberVault personnel or systems
Where prohibited by mandatory local law, any exclusion or limitation that cannot be enforced shall be modified to the minimum extent necessary to comply with applicable statutory requirements, while preserving the remainder of this clause.
7. Indemnification
Client agrees to indemnify, defend, and hold harmless CyberVault, its officers, directors, employees, and affiliates from any third-party claims, damages, liabilities, costs, and expenses (including reasonable attorneys' fees) arising from:
- Client's misuse, misconfiguration, or unauthorized modification of CyberVault services
- Client's breach of this agreement or applicable laws, regulations, or third-party rights
- Data, content, or credentials provided by Client that infringe or violate any third-party rights
CyberVault shall provide reasonable cooperation upon timely written notice. Client retains sole control over defense and settlement of any indemnified claims, provided CyberVault does not agree to any liability or restriction without prior written consent.
8. Force Majeure
CyberVault shall not be liable for any delay or failure in performance resulting from causes beyond its reasonable control, including but not limited to:
- Natural disasters, pandemics, or government-imposed restrictions
- Internet service provider failures, telecommunications outages, or cloud infrastructure incidents
- Acts of terrorism, war, or state-sponsored cyber operations targeting critical infrastructure
- Power grid failures or utility interruptions
In the event of a Force Majeure event, CyberVault will use commercially reasonable efforts to mitigate impact and resume services promptly. Liability limitations shall continue to apply during any period of excused performance.
9. Severability & Governing Law
If any provision of this Limitation of Liability clause is held to be invalid, illegal, or unenforceable by a court of competent jurisdiction, such provision shall be modified or interpreted to the minimum extent necessary to make it enforceable. The remaining provisions shall continue in full force and effect.
This clause shall be governed by and construed in accordance with the laws of the State of Delaware, United States, without regard to conflict of law principles. Any disputes arising under this clause shall be subject to the exclusive jurisdiction of the federal and state courts located in Wilmington, Delaware, unless otherwise specified in the Master Services Agreement.
10. Contact & Updates
CyberVault reserves the right to modify this Limitation of Liability clause at any time to reflect changes in services, technology, or legal requirements. Material changes will be communicated via email or platform notification at least thirty (30) days prior to effectiveness. Continued use of CyberVault services constitutes acceptance of revised terms.
For legal inquiries, compliance verification, or contract negotiations, please contact our Legal & Compliance Department:
Legal & Compliance Department
Email: legal@cybervault.io | Phone: +1 (800) 555-SECURE | Address: 100 Innovation Drive, Wilmington, DE 19801
Contact Legal Team →