Zentinel – Terms of Service

Last Updated: January 24, 2026

1. Introduction and Acceptance

These Terms of Service ("Terms") constitute a legally binding agreement between you ("User," "Client," or "You") and MoyoPal ("Company," "we," "us," or "our"), the operator of Zentinel (the "Service").

By creating an account, accessing, or using Zentinel (including our web dashboard, API, CI/CD integrations, and scanning engines), you expressly agree to be bound by these Terms. If you are entering into these Terms on behalf of a company or legal entity, you represent that you have the authority to bind that entity.

2. Nature of Services (Authorized Security Testing)

Zentinel provides automated offensive security testing ("Red Teaming"), vulnerability scanning, and code analysis. You acknowledge and agree that:

  • The Service simulates real-world cyberattacks to identify weaknesses.
  • These activities, if performed without authorization, would constitute a criminal offense.
  • You are solely responsible for authorizing these activities on the specific targets (URLs, IP addresses, Repositories) you provide.

3. User Representations and Warranties (Target Ownership)

This is the most critical section of this agreement.

By submitting any URL, IP address, API endpoint, or code repository for scanning, You represent and warrant that:

  • Ownership: You own the infrastructure, code, or application being scanned; OR
  • Explicit Authorization: You have obtained explicit, written permission from the owner to perform intrusive security testing on the target.
  • No Third-Party Targets: You will NEVER use the Service to scan, attack, or probe government infrastructure, third-party applications, or any system for which you do not hold authorization.

Violation of this clause will result in immediate account termination and reporting to relevant law enforcement authorities.

4. Risk Acknowledgement and "Safe Harbor"

4.1 Potential for Disruption

You understand that offensive security testing involves sending malformed data, high-volume traffic, and exploit payloads to your systems. This may inherently cause:

  • Service instability or downtime.
  • Data corruption in non-production databases.
  • Triggering of intrusion detection systems (IDS/WAF).

4.2 Safe Harbor & Waiver

You voluntarily assume all risks associated with the use of the Service. You agree that Zentinel shall not be liable for any system crashes, data loss, or service interruptions that occur as a direct or indirect result of a scan you initiated. We strongly recommend running scans against Staging or Development environments, not Production.

5. Data Security and Sovereignty

We respect your Intellectual Property. As detailed in our Data Sovereignty Policy:

  • Zero Retention: Code analyzed by our engines is processed in ephemeral, isolated containers and permanently deleted immediately after the audit report is generated.
  • No Training: We do not use your source code or proprietary logic to train our public AI models (Gemini/Strix).
  • Encryption: All data is encrypted via TLS 1.3 in transit and AES-256 at rest.

6. Intellectual Property

Our IP: The Zentinel platform, the "Strix" scanning engine, our vulnerability signatures, and the generated report formats are the exclusive property of MoyoPal.

Your IP: You retain full ownership of your source code, applications, and the specific vulnerability data discovered within your systems.

7. Limitation of Liability

TO THE MAXIMUM EXTENT PERMITTED BY LAW, MOYOPAL AND ZENTINEL AI SHALL NOT BE LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, OR PUNITIVE DAMAGES, INCLUDING LOSS OF PROFITS, DATA, OR GOODWILL, ARISING FROM YOUR USE OF THE SERVICE.

IN NO EVENT SHALL OUR TOTAL LIABILITY EXCEED THE AMOUNT ACTUALLY PAID BY YOU TO ZENTINEL AI IN THE TWELVE (12) MONTHS PRECEDING THE CLAIM.

8. Indemnification (User Responsibility)

You agree to indemnify, defend, and hold harmless MoyoPal, its officers, directors, and employees from and against any and all claims, liabilities, damages, losses, or expenses (including legal fees) arising out of:

  • Unauthorized Scanning: Your use of the Service to scan a target you do not own or have permission to test.
  • Legal Violations: Your violation of any local, state, or international cybercrime laws.
  • Third-Party Claims: Any claim by a third party that your use of the Service caused damage to their systems or data.

9. Governing Law and Dispute Resolution

These Terms shall be governed by and construed in accordance with the laws of England and Wales. Any dispute arising from these Terms shall be resolved through binding arbitration in London, United Kingdom, in the English language.