Terms & Conditions

These Terms and Conditions (“Terms”) govern access to and use of the Cyberadviser Supplier Assessment service, site features, software interfaces, workflows, content, and related functionality made available by Cyberadviser OÜ, registry code 16410734, established in Estonia (“Cyberadviser”, “Provider”, “we”, “us”, or “our”).

By accessing, using, ordering, configuring, or continuing to use the Service, the customer identified in the applicable order, checkout flow, account, or usage context (“Customer”, “you”, or “your”) agrees to these Terms. If you access or use the Service on behalf of a company or other legal entity, you represent and warrant that you are authorized to bind that entity to these Terms.

1. Scope of the Service

Cyberadviser Supplier Assessment is a business-oriented supplier due diligence, supplier information collection, supplier risk review, and related assessment support service. The Service may include, depending on the selected tier, ordered scope, or current product configuration, customer onboarding, supplier intake flows, questionnaires, follow-up workflows, automated processing, risk indicators, OSINT-supported checks, generated outputs, reporting, and related operational features.

The Service is offered for business use only. It is not directed to consumers acting for personal, family, or household purposes.

The Service may evolve over time. We may modify, improve, replace, suspend, or discontinue features, workflows, interfaces, or operational methods where reasonably necessary for product development, security, legal compliance, service quality, operational continuity, or commercial reasons.

2. Customer Eligibility and Authority

You may use the Service only on behalf of a business, organization, or other legal entity and only where you have the authority to do so.

By using the Service, you represent, warrant, and undertake that:

1. you are acting in a business or organizational capacity;
2. you are authorized to access and use the Service on behalf of the relevant Customer;
3. the supplier, prospective supplier, or third party being assessed is a supplier or prospective supplier in relation to the Customer, or is otherwise lawfully within the Customer’s due diligence, procurement, compliance, risk management, or onboarding scope;
4. the Customer has a lawful, legitimate, contractual, corporate, procurement, compliance, or other valid business basis for carrying out the relevant supplier assessment activity;
5. all information submitted to the Service by or on behalf of the Customer is, to the best of the Customer’s knowledge and belief, accurate, current, not misleading, and submitted lawfully.

3. Account Access and Security

Access to the Service may require authentication, account verification, or other access controls designated by Cyberadviser from time to time.

You are responsible for:

• maintaining the confidentiality and security of your login methods, session access, and internal user access arrangements;
• ensuring that only authorized personnel access the Service;
• promptly informing us of any suspected unauthorized access, credential compromise, misuse, or security incident affecting your use of the Service.

We may implement or modify authentication, rate limits, access restrictions, session policies, technical controls, or other security measures where reasonably necessary.

4. Customer Data, Inputs, and Responsibility

The Customer remains responsible for all data, documents, identifiers, contact details, supplier information, uploaded material, questionnaire responses, requests, instructions, configuration choices, and other inputs submitted to the Service by or on behalf of the Customer (“Customer Inputs”).

You must not submit, upload, request, or otherwise use the Service in connection with any content or activity that is unlawful, infringing, deceptive, defamatory, abusive, malicious, discriminatory, sanction-sensitive without authorization, or otherwise improper.

Without limitation, you must not use the Service to:

• assess, monitor, or investigate individuals or entities where you lack a lawful or legitimate business basis to do so;
• submit confidential or protected third-party material without authorization;
• upload malicious code, harmful payloads, or material intended to disrupt the Service;
• misrepresent the identity, status, relationship, or role of a supplier or prospective supplier;
• interfere with the Service, reverse engineer it except to the extent such restriction is prohibited by applicable law, or attempt to gain unauthorized access to any system or data.

You are solely responsible for determining whether your use of the Service, including any supplier due diligence activity, is appropriate and lawful in your jurisdiction and in the context of your internal compliance framework.

5. Compliance Basis and Customer Warranties

The Customer is solely responsible for its own internal legal, regulatory, compliance, procurement, contractual, and governance basis for initiating and conducting supplier assessments.

Without limiting the foregoing, the Customer is responsible for its own obligations relating to, where applicable:

• procurement governance;
• anti-bribery and corruption controls;
• sanctions and export controls;
• data protection and privacy compliance;
• employment and internal authorization policies;
• sector-specific or regulated-industry requirements;
• any contractual restrictions applicable to the Customer or its supplier relationships.

Cyberadviser does not undertake to determine, validate, or guarantee that the Customer’s use of the Service satisfies the Customer’s own internal or external compliance obligations.

6. Supplier Communications and Assessment Process

Where the Service includes supplier outreach, supplier intake, supplier questionnaires, reminder workflows, or similar process features, the Customer acknowledges that the effectiveness, speed, completeness, and outcome of an assessment may depend on factors outside Cyberadviser’s reasonable control, including supplier responsiveness, supplier cooperation, third-party data availability, public-source visibility, and the accuracy or completeness of information received.

Service features, workflows, assessment logic, reminder cadence, follow-up practices, indicative timelines, operational steps, and related delivery characteristics may be described on the Site, in the Service interface, in pricing or ordering materials, or in supplemental service documentation, and may evolve from time to time.

Cyberadviser does not guarantee that:

• a supplier will respond;
• a supplier will respond completely or accurately;
• a supplier will respond within any specific timeframe;
• any specific assessment outcome, risk outcome, or commercial decision outcome will follow from the Service.

7. Fees and Payment

Certain parts of the Service may be offered on a paid basis.

Applicable fees, charges, tier pricing, scope-based pricing, indicative prices, taxes, payment terms, and billing details may be presented on the Site, within the Service, in a checkout flow, order summary, quote, invoice, or other commercial materials made available by Cyberadviser.

By placing an order, initiating payment, confirming a paid tier, or otherwise proceeding with a paid Service component, the Customer agrees to pay the applicable fees and charges presented at the relevant point of purchase or billing.

Unless otherwise stated:

• fees are exclusive of taxes, duties, levies, and similar governmental charges;
• the Customer is responsible for applicable taxes except those imposed on Cyberadviser’s net income;
• payments made are non-refundable except where required by applicable law or expressly stated otherwise by Cyberadviser in writing.

We may suspend access to paid functionality or decline to proceed with paid Service components in the event of failed payment, chargeback, billing dispute, suspected fraud, sanctions concerns, or other payment-related risk.

8. Third-Party Providers and Third-Party Sources

Cyberadviser may, where reasonably necessary for service delivery, security, communications, payments, hosting, analytics, operational continuity, data acquisition, or processing, engage third-party service providers, infrastructure providers, subprocessors, and external data sources.

This may include, for example, hosting services, email delivery providers, payment processors, analytics or monitoring providers, AI or model providers, search or enrichment providers, and external information sources.

Cyberadviser is not responsible for delays, interruptions, omissions, inaccuracies, incomplete results, or availability issues caused by third-party providers or third-party data sources outside Cyberadviser’s reasonable control.

9. Intellectual Property

As between the parties:

• Cyberadviser and its licensors retain all rights, title, and interest in and to the Service, including the software, workflows, interfaces, design, methodology, platform logic, documentation, content structure, generated presentation format, know-how, trademarks, branding, and all related intellectual property rights;
• the Customer retains its rights in Customer Inputs, subject to the rights granted under these Terms for the purpose of providing, operating, securing, improving, and supporting the Service.

Subject to these Terms and any applicable payment obligations, Cyberadviser grants the Customer a limited, non-exclusive, non-transferable, non-sublicensable right to access and use the Service for the Customer’s internal business purposes in connection with supplier assessment and related business operations.

The Customer must not copy, resell, sublicense, commercially exploit, republish, or distribute the Service except as expressly permitted in writing by Cyberadviser.

10. Permission to Process Customer Inputs

The Customer grants Cyberadviser the right to host, store, transmit, organize, analyze, transform, and otherwise process Customer Inputs as reasonably necessary to provide, operate, support, secure, maintain, and improve the Service, and to perform related administrative, billing, operational, legal, and compliance functions.

Processing of personal data, where applicable, is further subject to the service’s applicable data protection documentation and notices.

11. No Professional Advice; Informational Outputs Only

The Service, including any reports, summaries, scores, indicators, flags, findings, recommendations, generated text, or other outputs, is provided for informational and decision-support purposes only.

The Service does not constitute, and must not be relied upon as, legal advice, regulatory advice, compliance advice, financial advice, investment advice, insurance advice, audit advice, due diligence certification, or any other professional advice.

The Customer remains solely responsible for:

• reviewing and interpreting all outputs;
• validating facts and assumptions;
• making procurement, onboarding, compliance, legal, commercial, or risk decisions;
• deciding whether to accept, reject, escalate, suspend, or terminate a supplier relationship.

12. No Warranty of Outcome

The Service is provided on an “as available” and, to the fullest extent permitted by applicable law, “as is” basis.

Cyberadviser does not warrant or guarantee that:

• the Service will be uninterrupted, error-free, or available at all times;
• any assessment will be completed within any specific time;
• any supplier will cooperate, respond, or provide reliable information;
• any result, score, flag, recommendation, or output will be complete, correct, exhaustive, or fit for a particular purpose;
• the Service will detect all issues, risks, misconduct, compliance concerns, or red flags;
• use of the Service will satisfy the Customer’s internal policies or external legal or regulatory obligations.

To the fullest extent permitted by law, all implied warranties, conditions, and representations not expressly stated in these Terms are excluded.

13. Limitation of Liability

Nothing in these Terms excludes or limits liability to the extent such exclusion or limitation is prohibited by applicable law.

Subject to the foregoing, Cyberadviser shall not be liable for any indirect, incidental, consequential, special, exemplary, or punitive damages, or for any loss of profit, loss of revenue, loss of opportunity, loss of business, loss of goodwill, loss of anticipated savings, business interruption, loss or corruption of data, or cost of substitute services, arising out of or in connection with the Service or these Terms, even if advised of the possibility of such loss.

Cyberadviser shall not be responsible for:

• Customer decisions made on the basis of Service outputs;
• supplier non-response, delay, refusal, or misrepresentation;
• third-party data errors or omissions;
• interruptions, failures, or limitations caused by third-party providers or circumstances outside Cyberadviser’s reasonable control;
• the Customer’s failure to maintain an adequate legal, regulatory, contractual, or internal compliance basis for using the Service.

14. Suspension and Termination

Cyberadviser may suspend, restrict, or terminate access to all or part of the Service immediately or at any time where reasonably necessary, including where:

• the Customer breaches these Terms;
• fees remain unpaid;
• the Customer submits false, misleading, unlawful, or unauthorized information;
• the Service is used in a way that creates legal, regulatory, sanctions, fraud, abuse, security, reputational, or operational risk;
• a supplier assessment request appears unauthorized, improper, or inconsistent with a legitimate business purpose;
• Cyberadviser is required to do so by law, regulatory requirement, court order, or compliance necessity.

The Customer may cease using the Service at any time, subject to any outstanding payment obligations and any specific commercial commitments already undertaken.

Sections which by their nature should survive termination or expiry shall survive, including without limitation provisions relating to fees, intellectual property, disclaimers, liability, governing law, dispute resolution, and any accrued rights or obligations.

15. Changes to the Terms

Cyberadviser may update these Terms from time to time. Updated Terms become effective when published on the relevant service page, site, or other designated location, unless a later effective date is stated.

Your continued use of the Service after updated Terms become effective constitutes acceptance of the updated Terms.

16. Governing Law and Dispute Resolution

These Terms and any non-contractual obligations arising out of or in connection with them shall be governed by the laws of Estonia.

The parties shall seek to resolve disputes in good faith. If a dispute cannot be resolved amicably, it shall be submitted to the courts or arbitration of Estonia, as applicable under the relevant circumstances and governing procedural rules.

17. Miscellaneous

If any provision of these Terms is held invalid, illegal, or unenforceable, the remaining provisions shall remain in full force and effect.

Failure by Cyberadviser to enforce any provision shall not constitute a waiver of that provision or any other right.

The Customer may not assign or transfer its rights or obligations under these Terms without Cyberadviser’s prior written consent. Cyberadviser may assign or transfer its rights and obligations in connection with a corporate reorganization, merger, acquisition, sale of business, or transfer of the Service.

These Terms constitute the entire agreement between the parties regarding the subject matter addressed here, except to the extent supplemented by applicable order materials, checkout terms, invoices, or other expressly applicable written commercial documents issued or accepted by Cyberadviser.

18. Contact Details

Provider: Cyberadviser OÜ
Registry code: 16410734
Jurisdiction of establishment: Estonia
Contact email: consulting@cyberadviser.net