These Terms & Conditions (“Terms”) govern access to and use of the Xzlenz website, Xzlenz Platform, client portals, APIs, modules, integrations, reports, documentation, support services, and related offerings provided by Xzlenz, CyberCube, and their applicable affiliated or contracting entities.
By accessing the website, signing in to the platform, accepting an order form, using a trial, creating an account, or otherwise using Xzlenz, you confirm that you have read, understood, and agree to these Terms. If you are using Xzlenz on behalf of an organization, you represent that you are authorized to bind that organization.
Xzlenz is a multi-module SaaS platform designed to support cybersecurity governance, compliance, audit readiness, control management, risk management, policy management, privacy management, evidence management, vendor risk management, asset and cloud inventory, regulatory reporting, custom reporting, process governance, user administration, notifications, activity logs, and AI-assisted compliance workflows.
The platform may include modules such as Client Framework, Policy Management, Continuous Compliance, Assessment Objectives, Risk Assessment, Asset Inventory, Cloud Inventory, Vendor Risk Management, Regulatory Custom Report, Additional Client Users, Process Management, AI Module, and other modules made available from time to time.
Customers must provide accurate onboarding, scoping, account, billing, and administrator information. The Customer is responsible for all actions taken through its tenant, administrator accounts, user accounts, integrations, API keys, and credentials.
Customer administrators are responsible for configuring users, roles, permissions, module access, approval workflows, evidence visibility, report access, and internal governance controls. Xzlenz is not responsible for unauthorized access caused by Customer-side misconfiguration, weak credentials, credential sharing, or failure to remove access for former users.
Each Authorized User must use their own credentials and may access the platform only within the permissions granted by the Customer. Customers must ensure that Authorized Users comply with these Terms and any applicable internal policies.
Xzlenz may provide role-based access control, module-level permissions, workflow permissions, audit logs, and other security features. The Customer remains responsible for choosing and maintaining appropriate access-control settings for its own environment.
Access to Xzlenz is provided on a subscription, license, trial, pilot, or other commercial basis stated in the applicable Order Form or agreement. Use is limited to the purchased modules, user limits, usage scope, subscription term, and permitted Customer entities.
Additional users, modules, integrations, storage, support, implementation services, custom reports, custom frameworks, AI usage, or other capabilities may require additional fees or commercial approval.
Customers retain ownership of their Customer Content. Customer grants Xzlenz a limited right to host, process, transmit, display, analyze, generate, back up, and otherwise use Customer Content solely as necessary to provide, secure, support, improve, and maintain the platform and related services.
Customer is responsible for the accuracy, quality, legality, reliability, classification, retention, and appropriateness of Customer Content. Customer must not upload content unless it has all rights, permissions, notices, consents, and lawful bases required to do so.
Each party may receive confidential or proprietary information from the other. The receiving party must use reasonable care to protect confidential information and may use it only for purposes related to the platform, the agreement, support, security, or legal compliance.
Customer Content, audit evidence, reports, risk records, policies, vendor information, security records, and platform configuration are treated as Customer confidential information, subject to the applicable agreement and lawful disclosure requirements.
Use of Xzlenz is also governed by the Xzlenz Privacy Policy. Where required, the parties may enter into a separate data processing agreement. Customer is responsible for providing privacy notices and obtaining lawful permissions for personal data submitted to the platform by Customer or its Authorized Users.
Xzlenz will use commercially reasonable administrative, technical, and organizational safeguards designed to protect the platform and Customer Content. Customer is responsible for securing its endpoints, networks, identity providers, credentials, users, integrations, exported reports, downloaded evidence, and local copies of platform data.
Customer must promptly notify Xzlenz of suspected unauthorized access, credential compromise, security incident, or misuse involving the platform.
Customers and Authorized Users must not:
Xzlenz may integrate with cloud providers, identity providers, ticketing tools, repositories, communication platforms, storage systems, audit tools, AI services, or other third-party systems. Customer is responsible for enabling integrations, granting permissions, reviewing third-party terms, and ensuring that integration use complies with Customer policies and applicable law.
Xzlenz is not responsible for third-party services outside its reasonable control, including their availability, security, data handling, pricing, changes, or failures.
Xzlenz may provide AI-assisted features for summarization, mapping, report drafting, risk analysis, control correlation, evidence review, workflow recommendations, and similar purposes. AI outputs are provided as assistance and may be incomplete, inaccurate, or unsuitable for a specific regulatory, audit, security, or legal purpose.
Customer must independently review and validate AI-generated content, reports, recommendations, mappings, and conclusions before relying on them. Xzlenz does not provide legal advice, audit certification, regulatory approval, penetration testing certification, or assurance opinions through AI outputs.
Xzlenz helps Customers organize evidence, workflows, controls, risks, policies, frameworks, reports, and audit-related documentation. The platform does not guarantee that a Customer will pass an audit, achieve certification, satisfy a regulator, eliminate risk, or comply with every applicable law, standard, or contractual obligation.
Customers are responsible for selecting applicable frameworks, validating control applicability, maintaining accurate evidence, obtaining professional advice where required, and confirming final reports before submission to auditors, regulators, clients, or other third parties.
Fees, payment terms, taxes, renewal terms, module charges, implementation charges, support charges, and other commercial terms will be stated in the applicable Order Form or agreement. Unless otherwise stated, fees are non-refundable and payable in accordance with the agreed payment schedule.
Xzlenz may update, improve, modify, suspend, or discontinue features, modules, user interface elements, integrations, reports, APIs, or workflows from time to time. We will use reasonable efforts to avoid materially reducing core subscribed functionality during an active subscription term, subject to security, legal, operational, or product requirements.
Support availability, response times, service levels, implementation assistance, and maintenance windows are governed by the applicable agreement or support plan.
Xzlenz and its licensors retain all rights, title, and interest in the platform, software, source code, object code, interfaces, workflows, designs, templates, documentation, frameworks, AI-assisted features, analytics, product names, logos, trademarks, and underlying technology.
No ownership rights are transferred to Customer except for the limited right to access and use the platform during the applicable subscription term. Customer retains ownership of Customer Content.
If Customer or users provide feedback, suggestions, enhancement requests, or ideas, Xzlenz may use them without restriction or obligation, provided that such use does not disclose Customer confidential information.
Each party must comply with laws applicable to its activities under these Terms, including privacy, data protection, cybersecurity, anti-corruption, export control, sanctions, intellectual property, and procurement laws where applicable.
Xzlenz may suspend access to the platform if reasonably necessary due to non-payment, security risk, misuse, legal requirement, violation of these Terms, suspected unauthorized access, or risk to the platform, customers, users, or third parties. Where practical and lawful, we will provide notice and an opportunity to resolve the issue.
Subscriptions may terminate or expire according to the applicable Order Form or agreement. Upon termination, Customer’s right to access the platform will end. Customer should export required reports, evidence, and records before termination where export functionality is available.
After termination, Xzlenz may delete, archive, retain, or return Customer Content according to the applicable agreement, backup cycles, legal requirements, and operational retention practices.
Except as expressly stated in a written agreement, Xzlenz is provided on an “as is” and “as available” basis. To the maximum extent permitted by law, Xzlenz disclaims all implied warranties, including warranties of merchantability, fitness for a particular purpose, non-infringement, uninterrupted operation, error-free performance, and complete accuracy of outputs.
To the maximum extent permitted by law, Xzlenz will not be liable for indirect, incidental, special, consequential, exemplary, punitive, or lost-profit damages, including loss of revenue, goodwill, data, business opportunity, compliance status, audit outcome, or security posture.
Unless a separate written agreement states otherwise, Xzlenz’s aggregate liability arising out of or related to the platform or these Terms will not exceed the fees paid by Customer for the affected service during the twelve months immediately preceding the event giving rise to the claim.
Customer will defend and indemnify Xzlenz against claims arising from Customer Content, Customer’s use of the platform in violation of these Terms, Customer’s violation of law, unauthorized use by Customer’s users, or Customer’s third-party integrations, except to the extent caused by Xzlenz’s breach of a written agreement or applicable law.
Unless a signed agreement or Order Form states otherwise, these Terms are governed by the laws of India, without regard to conflict-of-law rules. The courts located in Delhi NCR, India will have exclusive jurisdiction, unless applicable law requires otherwise.
We may update these Terms from time to time to reflect product changes, legal requirements, operational practices, or security improvements. The updated version will be posted on this page with a revised “Last Updated” date. Continued use of Xzlenz after the effective date means you accept the updated Terms.
For questions regarding these Terms, contact us at info@xzlenz.com.