Terms of Service

By accessing or using this website (thesecurelancer.com) or by engaging TheSecureLancer for any service, you agree to be bound by these Terms of Service and our Privacy Policy. If you do not agree, please discontinue use of the site and do not submit a service request.

These terms apply to all visitors, prospective clients, and clients. Where a separate signed Scope of Work (SOW) or engagement agreement exists, that document governs the specific engagement and prevails over these terms in the event of a conflict.

TheSecureLancer provides professional cybersecurity consulting services, including but not limited to:

• Penetration testing (web applications, APIs, network, mobile, cloud)
• Vulnerability assessments and VAPT
• Cloudflare configuration, WAF rule authoring, and edge security
• Website malware removal and incident response
• Security hardening (CMS, hosting environment, access controls)
• Red team operations and adversary simulation
• Source code security review
• Compliance readiness (ISO 27001, SOC 2, PCI DSS, GDPR, DPDP)
• Fractional CISO and vCISO advisory
• Threat modelling and DevSecOps pipeline integration

Content on this website — service descriptions, blog posts, guides, and pricing indications — is provided for informational purposes only and does not constitute professional advice. Every engagement is individually scoped and quoted.

No security testing, scanning, or any activity that could affect systems, networks, or applications will begin until:

• A written Scope of Work (SOW) has been agreed and signed by both parties.
• Explicit written authorisation confirming that the client owns, or is formally authorised to test, all systems within scope has been provided.
• Rules of Engagement (RoE), including testing windows, out-of-scope items, and escalation paths, have been agreed in writing.

Testing or attack activity performed on systems that the client does not own or is not authorised to test is a criminal offence in most jurisdictions. TheSecureLancer will not conduct any such activity regardless of instruction. Submitting a request for such activity terminates the engagement immediately and may be reported to relevant authorities.

Any changes to scope after the SOW is signed must be agreed in a written change order. Scope creep is not assumed to be included in the original fee.

• Indicative prices shown on the website are starting points. All quotes are tailored to the specific engagement scope and are provided within 24 hours of a scoping call.
• Quotes are valid for 30 calendar days from the date of issue unless stated otherwise.
• Currency: USD by default. Alternative currencies may be agreed in writing.
• Specific payment terms — deposit, milestone payments, or full payment in advance — are defined in each SOW. TheSecureLancer reserves the right to require a deposit before work begins.
• Invoices are issued via email. Late payment may result in suspension of work until the outstanding amount is cleared.
• Taxes: clients are responsible for any taxes applicable in their jurisdiction. Prices quoted by TheSecureLancer do not include GST, VAT, or withholding taxes unless explicitly stated.

TheSecureLancer treats all client information as confidential by default. We do not disclose engagement details, findings, system information, or any client-proprietary data to any third party without explicit written consent.

A mutual Non-Disclosure Agreement (NDA) is available on request and can be signed before any preliminary discussion of sensitive scope details. Where a client prefers to use their own NDA template, we are willing to review and sign a reasonable agreement.

Confidentiality obligations survive termination of the engagement for a period of three (3) years, or as otherwise defined in the signed NDA.

Upon full payment of all fees due for an engagement:

• Deliverables produced specifically for the client — including penetration test reports, vulnerability assessment reports, remediation guides, and similar written deliverables — are licensed to the client for internal use. The client may share these deliverables internally and with their auditors, regulators, and insurers.
• Methodologies, testing frameworks, custom tooling, scripts, automation code, and any pre-existing intellectual property used during an engagement remain the sole property of TheSecureLancer and are not transferred to the client.
• The client may not publish or reproduce TheSecureLancer's deliverables externally (e.g., as marketing material, public disclosures, or press releases) without prior written consent.

All content on this website — copy, design, structure, and code — is the property of TheSecureLancer. Unauthorised reproduction or use without written permission is prohibited.

TheSecureLancer engages each client with professional diligence and best-effort methodology. However:

• No security assessment — however thorough — can guarantee the identification of every vulnerability present in a system. Threat actors may exploit vulnerabilities that were not present, not in scope, or not discoverable within the agreed testing window.
• No warranty is given that following the remediation recommendations in a report will prevent all future security incidents. Security is an ongoing process, not a one-time event.
• The website and its content are provided on an "as is" basis. TheSecureLancer makes no warranty that the site will be uninterrupted, error-free, or free of viruses.
• Informational content on this website does not constitute legal, compliance, or professional security advice specific to your circumstances.

To the maximum extent permitted by applicable law:

• TheSecureLancer's total liability arising out of or in connection with any engagement — whether in contract, tort (including negligence), or otherwise — is capped at the total fees paid by the client for that specific engagement.
• TheSecureLancer is not liable for any indirect, incidental, special, consequential, or punitive damages, including loss of profits, loss of data, business interruption, or reputational harm, even if advised of the possibility of such damages.
• Nothing in these terms excludes or limits liability for fraud, wilful misconduct, or any other liability that cannot be excluded by law.

Each party ("Indemnifying Party") agrees to indemnify, defend, and hold harmless the other party and its representatives from and against any third-party claims, losses, damages, costs, and expenses (including reasonable legal fees) arising from the Indemnifying Party's: (a) breach of these terms or any signed SOW; (b) negligence or wilful misconduct; or (c) infringement of any third-party intellectual property right. This indemnification is mutual and applies equally to both TheSecureLancer and the client.

You agree not to:

• Scrape, harvest, or systematically extract data from this website using automated tools without prior written consent.
• Submit false, misleading, or fraudulent information via the contact form.
• Attempt to gain unauthorised access to any part of this website or its underlying infrastructure.
• Conduct any security testing, vulnerability scanning, or penetration testing against thesecurelancer.com or its hosting infrastructure without prior explicit written consent from TheSecureLancer.
• Use this website for any unlawful purpose or in a way that violates applicable laws or regulations.

Responsible disclosure of genuine security vulnerabilities found in this website is welcome. Please report them via the contact form before any public disclosure.

These terms are governed by and construed in accordance with the laws of India, without regard to conflict-of-law principles. Any dispute arising out of or in connection with these terms or any engagement shall be subject to the exclusive jurisdiction of the courts of Punjab, India.

Where the client is a consumer located in a jurisdiction with mandatory consumer protection laws that confer more favourable rights, those rights are not excluded by these terms, and such consumers may rely on the applicable consumer law of their own jurisdiction.

We may update these terms from time to time. The "Last updated" date at the top of this page will reflect the date of the most recent material revision. We will not apply material changes retroactively to engagements already in progress under a signed SOW. Continued use of the website after a revision constitutes acceptance of the updated terms.

For any question about these terms or about a current or prospective engagement, please reach out via the contact form. Email is available on request through the same form.