Terms & Conditions

Introduction

These terms and conditions (the “Terms”) govern your use of this website, including all pages within it (collectively referred to as the “Website”). By using this Website, you accept all these Terms in full. If you disagree with any part of these Terms, you must not use this Website.

Intellectual Property Rights

Cloudforce and/or its licensors own all rights to the intellectual property and material on this Website, and all such rights are reserved. You are granted a limited license solely for viewing the material on this Website.

Restrictions

You are strictly prohibited from:

Publishing any Website material in any media;
Selling, sublicensing, or otherwise commercializing any Website material;
Publicly performing or displaying any Website material;
Using this Website in any way that may be damaging to it;
Interfering with user access to this Website;
Violating applicable laws and regulations in connection with Website use;
Engaging in data mining, data harvesting, or similar activities related to this Website;
Using this Website for advertising or marketing.

No Warranties

This Website is provided “as is,” and Cloudforce makes no express or implied representations or warranties regarding the Website or the materials contained on it. Nothing on this Website constitutes professional advice.

Limitation of Liability

Cloudforce, including its officers, directors, and employees, shall not be liable for any damages arising from your use of this Website, whether under contract, tort, or otherwise. This includes indirect, consequential, or special damages.

Indemnification

You agree to indemnify Cloudforce to the fullest extent against any liabilities, costs, demands, damages, or expenses arising from your breach of these Terms.

Severability

If any provision of these Terms is found to be unenforceable or invalid, the rest of the Terms will remain unaffected.

Variation of Terms

Cloudforce may revise these Terms at any time. By using this Website, you agree to review these Terms regularly to stay informed of any changes.

Assignment

Cloudforce may assign, transfer, or subcontract its rights and obligations under these Terms without prior notice or consent. However, you may not assign, transfer, or subcontract your rights and obligations under these Terms.

Entire Agreement

These Terms, along with any legal notices on this Website, constitute the entire agreement between Cloudforce and you regarding the use of this Website, overriding any prior agreements.

Governing Law and Jurisdiction

These Terms shall be governed by and interpreted under the laws of the State of Maryland. Any disputes shall be resolved in the state or federal courts located in Maryland.

Vulnerability Report/Disclosure

How to Submit a Vulnerability

To submit a vulnerability report to Cloudforce’s Cloud Security Team, please utilize the following email: secops@gocloudforce.com.

Preference, Prioritization, and Acceptance Criteria

We will use the criteria from the next sections to prioritize and triage submissions.

What we would like to see from you:

Well-written reports in English will have a higher probability of resolution.
Reports that include proof-of-concept code equip us to better triage.
Reports that include only crash dumps or other automated tool output may receive lower priority.
Reports that include products not on the initial scope list may receive lower priority.
Please include how you found the bug, the impact, and any potential remediation.
Please include any plans or intentions for public disclosure.

What you can expect from Cloudforce:

A timely response to your email within 5 business days.
After triage, we will send an expected timeline, and commit to being as transparent as possible about the remediation timeline as well as on issues or challenges that may extend it.
The vulnerability will be addressed according to its criticality with it taking no more than 90 days for a resolution to be achieved.
An open dialog to discuss issues.
Notification when the vulnerability analysis has completed each stage of our review.
Credit after the vulnerability has been validated and fixed.

If we are unable to resolve communication issues or other problems, Cloudforce may bring in a neutral third party to assist in determining how best to handle the vulnerability.

Cloudforce will not retaliate against individuals who submit vulnerability disclosures in good faith.

At Cloudforce we respect your privacy. We recognize your need for appropriate protection and management of any personally identifiable information you may share with us. Your use of our website is subject to this Privacy Policy. Therefore, it is important that you fully understand the conditions of our collection and use of such information. Please take a moment and read our policy before using and/or submitting personal information on our website.

I. Non-Identifiable Information.

When you visit our website or use our products and services, we may collect, store, or accumulate certain non-personally identifiable information concerning your use of our website. For instance, we may collect information about which of our website’s pages you have visited. We typically analyze this data for trends and statistics, which allows us to improve our services to you. In addition, to properly display this website to you, our web hosting company may serve font files from and render fonts using Google Fonts and Adobe Fonts. These third parties may receive non-personally identifiable information about you, including: (i) information about your browser, network, or device, (ii) information about our website and the page you’re viewing on it, and (iii) your IP address.

II. Personally Identifiable Information.

When you use our website, we may collect data that you provide to us voluntarily such as your name, address, e-mail address, telephone number and other personally identifiable information. We do not sell, share, or otherwise distribute your personally identifiable information to third parties except as provided herein. Your personally identifiable information that you provide to us is used to provide our services to you. While we typically use your personally identifiable information only for these purposes, we may have to disclose your personally identifiable information as we deem necessary to comply with any applicable law, regulation, legal process or governmental request.

Cloudforce does not collect, access, or process any personal data (personally identifiable information or “PII”) from end users of the nebulaONE.AI software. All personal data processed within the product remains entirely under the control of the client organization that deploys, operates and hosts the tool in their Azure environment.

The only data that Cloudforce collects in connection with product operation is limited to:

Anonymized telemetry data – high-level system performance, error reporting, and feature usage metrics. This information is fully anonymized in accordance with Recital 26 GDPR, meaning it does not relate to an identified or identifiable natural person and cannot be re-identified by Cloudforce or any additional third-party.

Token usage statistics – aggregate counts of product activity (e.g., feature calls, model usage). This data provides [Company Name] with insights into general system usage and performance trends. It is collected and stored in an anonymized form and contains no personal identifiers.

None of the data collected by Cloudforce through the product contains personal data, nor can it be used to identify any individual user. All telemetry and usage data are strictly anonymized, aggregated, and used solely to support product performance monitoring, security, and future product improvements.

Cloudforce does not sell, share, or transfer any personal data, as no personal data is ever collected through the nebulaONE.AI. In the event that Cloudforce accepts any processing duties on behalf of Microsoft due to a SSPA agreement, Cloudforce maintains an internal Record of Processing Activities in accordance with Article 30 GDPR.

III. Security.

While no Internet service is completely secure, we maintain commercially reasonable administrative, technical, and physical safeguards that are intended to appropriately protect against accidental or unlawful destruction, accidental loss, unauthorized alteration, unauthorized disclosure or access, misuse and any other unlawful form of processing, of the personally identifiable information in our possession. For instance, we use commercially reasonable security techniques when sending and receiving personally identifiable information through our website. In addition, we have appropriate physical security measures in place at our facilities to protect against the loss, misuse or alteration of personally identifiable information that we may have collected from you through our website. Moreover, all of our information is protected by non-disclosure agreements. While Cloudforce makes every effort to ensure the integrity and security of our network and systems, we cannot guarantee that these security measures will prevent third-parties from illegally obtaining this information.

IV. Third-Party Websites.

Cloudforce may make third-party websites available through our website. Any third-party websites linked to or from our website may have different privacy policies and practices. You should review the privacy policies on these other websites in order to determine how they may use any personally identifiable information that you provide.

V. Children.

Our services are restricted to persons who are 18 years of age or older. We do not knowingly collect any personally identifiable information from individuals under 18. If we, however, inadvertently collect any personally identifiable information from someone under the age of 18 (a “Child”), then the Child’s parent or legal guardian has the right to inspect all such collected information and to request that we delete it. If you are a parent or legal guardian of a Child and you become aware that your Child has provided us with personally identifiable information, you should contact us via email at info@gocloudforce.com. Parents or legal guardians always have the right to inspect any information that we may have inadvertently collected from their Child, and have the right to have us delete it.

VI. Data Retention / Changes to Your Information.

We may retain your personally identifiable information as long as you continue to use our services, have an Account with us, or for as long as is necessary to fulfill the purposes outlined in this Privacy Policy. You have the right to access, update, change or delete your personally identifiable information with us. You can make these by sending an email request to: info@gocloudforce.com. Please note that we may need to verify your identity in connection with such a request. If we are unable to verify your identity or request, we may not, in accordance with applicable law, be able to fulfill your request. If you prefer not to receive information from us, you may opt-out by emailing your request to info@gocloudforce.com.

VII. Cookies.

When you use our website, we typically store cookies on your computer in order to authorize access to our private content and to facilitate and customize your use of our website. A cookie is a small data text file, which is stored on your computer’s hard drive (if your Web browser permits). We use two types of cookies: persistent and essential. Cookies contain information that can be read later by a Web server. Cookies cannot be used to run programs or deliver viruses to your computer. Our cookies (i) make your use of our website easier, (ii) make our website run more smoothly, (iii) permit customers to visit private content on our website, and (iv) help us to maintain a secure website. You are always free to decline our cookies if your browser permits, but due to the nature of our essential cookies, some parts of our website may not work properly. Once you leave our website, our persistent cookie remains on your hard drive while you are connected to the Web in case you choose to visit our website again. At no time will our cookies collect your personally identifiable information.

VIII. California.

If you are a California resident, the California Consumer Privacy Act of 2018 (CCPA), as amended by the California Privacy Rights Act of 2020 (CPRA), and certain other privacy and data protection laws, as applicable, provides you additional rights with the respect to your personal information. California residents have the right to be informed of, and request access to, the personally identifiable information we store about them; update and correct inaccuracies in that information; have the information restricted or deleted; object or withdraw their consent to certain uses of their data; and lodge a complaint with their local data protection authority. California residents may also have the right not to be subject to automated decision-making, including profiling, where it would have a legal or similarly significant effect on such residents; and the right to data portability with regard to the data they provided to us. We will not discriminate against California residents for the exercise of these rights.

IX. Questions.

If you have questions about our Privacy Policy, please contact us by email at info@gocloudforce.com.