Last updated: 21 May 2026
These Terms of Service govern the purchase and use of cybersecurity, cloud security, compliance, advisory, assessment and managed security services provided by Vernovi Cyber Ltd.
In these Terms, “Vernovi Cyber,” “we,” “us” and “our” refer to Vernovi Cyber Ltd. “Client,” “you” and “your” refer to the individual or organisation purchasing, receiving or using our Services.
By ordering, accepting or using any of our Services, you agree to these Terms.
These Terms apply together with any proposal, quotation, order form, subscription agreement or Statement of Work issued by Vernovi Cyber. Where there is a conflict, the signed Statement of Work will take priority for the relevant engagement.
Cybersecurity, cloud, compliance, monitoring, advisory, assessment or related services supplied by Vernovi Cyber.
Information, records, credentials, system data, logs, documents or personal data provided by the Client.
Reports, policies, assessments, recommendations, findings, plans, dashboards or other work products agreed as part of the Services.
Systems, applications, networks, devices, APIs, domains or cloud environments that the Client has authorised Vernovi Cyber to access, monitor, assess or test.
A document describing the agreed scope, fees, timescales, responsibilities and Deliverables for a particular engagement.
These Terms are contractually binding between Vernovi Cyber and the Client.
A person accepting these Terms for an organisation confirms that they have authority to bind that organisation.
Services may not begin until the relevant proposal or Statement of Work has been accepted, required access has been provided and any required payment has been received.
Cybersecurity support for small and medium-sized organisations, which may include assessments, policies, vulnerability management, compliance support, security monitoring and ongoing advice.
Cloud threat detection, configuration monitoring and automated or assisted remediation of approved security issues.
Advice relating to cloud security strategy, architecture, governance, risk, identity, access management and secure cloud design.
Security planning, architecture, assurance and support for the movement of applications, workloads, systems or data into or between cloud environments.
Ongoing cybersecurity support, which may include SOC monitoring, vulnerability management, alert triage, incident escalation, security reporting and management of agreed security controls.
On-demand strategic cybersecurity leadership, including governance, risk management, security strategy, compliance oversight, board reporting and security programme planning.
Compliance assessments, gap analysis, policy development, control monitoring, audit preparation and remediation support for relevant standards and regulations.
Assessment and establishment of minimum cloud security controls for areas such as identity, logging, network security, data protection, resilience and vulnerability management.
Support with Nigerian data protection readiness, assessments, documentation, evidence gathering, remediation and ongoing compliance activities.
Monitoring, analysis, triage, escalation and reporting of security events affecting systems included within the agreed scope.
Authorised assessment and testing of agreed applications, networks, APIs, cloud environments, devices or other systems to identify security weaknesses.
Cybersecurity governance, policy, risk, assurance, regulatory alignment, incident preparedness and executive reporting support.
A complimentary introductory session providing high-level cybersecurity assessment and recommendations based on the information supplied during the session.
The precise scope, Deliverables, exclusions and service levels will be stated in the applicable proposal or Statement of Work.
Vernovi Cyber will provide only the Services included in the agreed scope.
Any additional work may require a written change request, revised fees and revised delivery dates.
We are not required to perform work outside the agreed scope until the change has been approved by both parties.
Delivery dates may be adjusted where delays are caused by missing information, unavailable personnel, restricted access, third-party dependencies or changes requested by the Client.
The Client must:
provide complete and accurate information;
provide timely access to relevant systems, records and personnel;
obtain all necessary internal and third-party permissions;
maintain suitable backups and recovery arrangements;
protect credentials and access information;
ensure that all instructions given to Vernovi Cyber are lawful;
maintain appropriate software and third-party licences;
review Deliverables within agreed timescales; and
implement recommendations unless implementation is included in the agreed Services.
Vernovi Cyber will not be responsible for delays, incomplete results or additional costs caused by the Client's failure to meet these responsibilities.
Vernovi Cyber will only access, assess, monitor or test Authorised Systems.
The Client confirms that it owns the relevant systems or has obtained the legal authority and third-party permissions required to authorise the Services.
The Client acknowledges that vulnerability assessments, penetration tests, migrations, remediation and configuration changes may create risks including alerts, temporary interruption, account lockouts, system degradation or compatibility issues.
Vernovi Cyber will use reasonable care to minimise disruption but cannot remove all risks associated with technical security work.
We may suspend testing or access where authorisation is unclear or where continuing could create an unacceptable legal, security or operational risk.
Monitoring and managed security Services apply only to the systems, tools, log sources and service hours stated in the applicable Statement of Work.
Unless expressly agreed otherwise:
response times are service targets rather than guarantees;
not every attack, vulnerability or security event will necessarily be detected;
incomplete logs or incorrect configurations may affect detection;
Vernovi Cyber will not make material system changes without appropriate authority; and
the Client remains responsible for business continuity, backups and final incident-response decisions.
A free consultation is an introductory session and does not include a full security assessment, formal audit, penetration test or implementation work.
Any recommendations provided are preliminary and based on the information available during the session.
A free consultation does not create an ongoing advisory relationship and does not guarantee that all cybersecurity, legal, regulatory or operational risks will be identified.
Fees will be stated in the applicable quotation, proposal, subscription agreement, invoice or Statement of Work.
Unless otherwise agreed:
invoices must be paid within the period stated on the invoice;
recurring Services are invoiced in advance;
project work may require a deposit or advance payment;
fees exclude applicable taxes and approved expenses; and
bank and currency-conversion charges are the Client's responsibility.
Where payment is overdue, Vernovi Cyber may suspend Services, withhold Deliverables, restrict platform access or terminate the engagement after reasonable notice.
Suspension does not remove the Client's obligation to pay outstanding fees.
Where Services are supplied on a recurring basis, the subscription term, billing frequency and cancellation notice will be stated in the relevant agreement.
Unless otherwise agreed, recurring Services continue into the next billing period until cancelled in accordance with the applicable agreement.
Fees already paid for a current billing period are non-refundable.
Vernovi Cyber may revise fees where the number of systems, users, data sources, log volumes or required service coverage materially increases.
Where the Client cancels an engagement:
work already completed remains payable;
onboarding and preparation fees may be non-refundable;
committed third-party charges remain payable; and
reserved consultant time may be charged where insufficient notice is given.
Prepaid fees for work already started or for the current subscription period will not normally be refunded.
Requests to reschedule assessments, consultancy sessions, workshops, testing or migration activities must be made with reasonable notice.
Vernovi Cyber may reschedule Services where reasonably necessary in the case of illness, technical issues, security incidents, consultant availability or events outside our reasonable control.
Vernovi Cyber will provide the Services with reasonable skill and care.
However, we do not guarantee that:
websites, platforms, dashboards or monitoring tools will always be available;
Services will be uninterrupted or error-free;
all vulnerabilities, attacks or compliance issues will be identified;
every security incident will be prevented or detected;
recommendations will eliminate all risk; or
third-party services will remain available or unchanged.
Maintenance, internet disruption, software updates, cloud-provider outages and other third-party failures may affect service availability.
Cybersecurity and regulatory compliance involve ongoing risks that cannot be completely eliminated.
Our Services do not guarantee that the Client will:
avoid a cyberattack, data breach or operational interruption;
identify every vulnerability;
pass an audit;
obtain or retain certification;
satisfy every regulator; or
meet every legal or regulatory obligation.
Unless expressly stated, our Services do not constitute legal advice, formal certification or regulatory approval.
The Client remains responsible for its legal obligations, governance decisions and overall cybersecurity and compliance programme.
Each party must protect the other party's confidential information and use it only for the purpose of delivering or receiving the Services.
Confidential information includes security findings, credentials, system configurations, business information, customer information, technical documentation and pricing.
These obligations do not apply to information that:
is already lawfully known;
becomes public without breach of these Terms;
is independently developed;
is lawfully received from another party; or
must be disclosed by law, court order or regulatory requirement.
Each party will comply with applicable data protection laws.
The Client confirms that it has a lawful basis for providing personal data to Vernovi Cyber and instructing Vernovi Cyber to process it.
Where Vernovi Cyber processes personal data on behalf of the Client, the parties may enter into a separate Data Processing Agreement.
Vernovi Cyber may use appropriately qualified employees, contractors, cloud providers and subprocessors, subject to suitable confidentiality and data protection obligations.
Vernovi Cyber retains ownership of its pre-existing and reusable intellectual property, including:
software and platforms;
methodologies;
templates;
frameworks;
assessment tools;
report formats;
policies;
processes; and
technical know-how.
Subject to full payment, the Client receives a non-exclusive and non-transferable licence to use the Deliverables for its internal business purposes.
The Client must not resell, commercially distribute, publicly publish or represent Vernovi Cyber's work as its own without prior written permission.
Penetration-testing reports and security findings must not be published or disclosed publicly without Vernovi Cyber's written approval.
The Client retains ownership of Client Data and grants Vernovi Cyber permission to use it only as required to deliver the Services.
Our Services may use or depend on third-party cloud platforms, software, security tools, hosting providers and data sources.
Third-party products may be subject to separate terms, licences and fees.
Vernovi Cyber is not responsible for third-party outages, discontinued features, licence restrictions, provider changes or defects outside our reasonable control.
The Client remains responsible for deciding whether a recommended third-party product is suitable for its organisation.
Nothing in these Terms excludes liability for fraud, fraudulent misrepresentation, death or personal injury caused by negligence, or any liability that cannot legally be excluded.
Subject to the above, Vernovi Cyber will not be liable for:
indirect or consequential loss;
loss of profit, revenue, goodwill or business opportunity;
loss caused by inadequate backups;
losses arising from third-party systems;
vulnerabilities or incidents not detected during the Services;
losses caused by incorrect or incomplete Client information;
recommendations that the Client does not implement;
incorrect implementation by the Client or another provider; or
activities outside the agreed scope.
Unless a different cap is stated in the applicable Statement of Work, Vernovi Cyber's total liability arising from the affected Services will not exceed the fees paid or payable for those Services during the 12 months preceding the event giving rise to the claim.
Vernovi Cyber may suspend Services where:
payment is overdue;
required access has not been provided;
continuing would create a security or legal risk;
the Client requests unlawful or unauthorised activity;
required authorisations or licences have expired; or
the Client materially breaches these Terms.
Either party may terminate an engagement in accordance with the notice period stated in the relevant Statement of Work.
A party may terminate immediately where the other party commits a serious breach, becomes insolvent, engages in unlawful conduct or fails to remedy a material breach after receiving notice.
On termination, all fees for work completed and costs incurred become payable.
The Client must not use our Services, systems or Deliverables for:
unlawful activity;
unauthorised security testing;
malicious access;
surveillance without lawful authority;
attacks against another organisation; or
interference with Vernovi Cyber systems or customers.
We may terminate Services without refund where there is serious misconduct, deliberate misuse or unlawful activity.
Vernovi Cyber may update these Terms to reflect changes in our Services, technology, payment methods, security requirements, business practices or applicable law.
Updated Terms will be published on our website with a revised “Last updated” date.
An update will not retrospectively change a signed Statement of Work unless agreed by both parties or required by law.
Neither party will be responsible for delays or failures caused by events outside its reasonable control, including natural disasters, war, government action, widespread power or internet failure, cloud-provider outages, industrial action, pandemics or major cybersecurity incidents.
The Client may not transfer its rights under these Terms without Vernovi Cyber's written consent.
Vernovi Cyber may use suitably qualified employees, contractors and specialist subcontractors to deliver the Services.
These Terms, together with the applicable proposal, quotation, order form, Statement of Work, subscription agreement and Data Processing Agreement, form the entire agreement between the parties concerning the Services.
If any part of these Terms is found to be invalid or unenforceable, the remaining provisions will continue in effect.
A person who is not a party to the agreement has no right to enforce these Terms unless expressly stated otherwise.
These Terms and any dispute or claim arising from them will be governed by the laws of England and Wales.
The courts of England and Wales will have exclusive jurisdiction unless another governing law or jurisdiction is expressly stated in the applicable Statement of Work.
Questions regarding these Terms should be sent to:
Vernovi Cyber Ltd
Registered address: 3rd Floor, 8 Minories, London, United Kingdom EC3N 1BJ
Email: info@vernovi.io
Phone: +44 7904925022