Terms of Service

1. Agreement to Terms

By submitting an audit request through the LeapScan website or any associated form, or by granting access to your AWS environment via a cross-account IAM role, you ("Client," "you," "your") agree to be legally bound by these Terms of Service ("Terms") with Leaptrix Solutions ("Company," "we," "us," "our"), the operator of the LeapScan service.

If you are accepting these Terms on behalf of a company or other legal entity, you represent that you have the authority to bind that entity to these Terms. If you do not have such authority, you must not use the service.

2. Services Provided

LeapScan provides automated AWS cloud security auditing and cost-optimization analysis services ("Services"). Specifically:

• Free Health Check: A subset of 20 critical security checks delivered within 24 hours of IAM trust establishment, at no charge.
• Deep Audit: All 131 security and cost checks, delivered as an executive HTML and PDF report with CLI remediation commands.
• Continuous Compliance: Monthly recurring automated scans with SOC 2 evidence packages and drift detection alerts.

All Services are performed using strictly read-only AWS API calls via a cross-account IAM role. We cannot create, modify, delete, or execute any resource within your AWS environment.

3. Payment Terms

Service Tier	Price	Payment Timing	Refund Policy
Free Health Check	$0.00	No payment required	N/A
Deep Audit	$199.00 USD (one-time)	Invoice issued after delivery; due within 14 days	Full refund if report not delivered within 48 hours of role establishment
Continuous Compliance	$99.00 USD/month	Monthly in advance; first payment due before first scan	Cancel anytime; no refund for the current billing month

Custom pricing for enterprise accounts with multiple AWS accounts or specialized scope is available by written agreement only. Any verbal price quotations are non-binding. All prices are in USD unless explicitly stated otherwise in writing.

Late payments beyond 30 days may result in suspension of Services and the application of a 1.5% per month late fee on outstanding balances.

4. Intellectual Property & Report Ownership

Your Data: You retain full ownership of all data, configurations, and infrastructure information within your AWS account. We do not claim ownership of any Client data.

Audit Reports: Upon full payment of the applicable fee, you are granted a non-exclusive, perpetual, royalty-free licence to use the audit report ("Deliverable") internally for your business operations, compliance purposes, and security remediation. You may share the report with your auditors, investors, legal counsel, and employees.

Our Methodology: The LeapScan scanning engine, check logic, report templates, scoring methodology, and all associated software are and shall remain the sole intellectual property of Leaptrix Solutions. These Terms do not grant you any right to reverse-engineer, copy, or redistribute our methodology or software.

Prohibition on Resale: You may not resell, sublicense, or present LeapScan Deliverables to third parties as your own product or service without our prior written consent.

5. Client Responsibilities

By using the Service, you represent and warrant that:

• You have the legal authority to grant cross-account IAM access to the AWS environment being audited
• The AWS account being audited is owned by or under the lawful control of you or your organization
• You will review all recommended CLI remediation commands before executing them in your environment
• You understand that audit findings represent point-in-time snapshots and that your environment may change after the scan
• You will not use the Service to audit AWS environments you do not have explicit written authorization to access

6. Limitation of Liability

All Deliverables are provided "as-is" based on read-only API data available at the time of the scan. The LeapScan Service:

• Does NOT guarantee the discovery of all security vulnerabilities — cloud security is a shared responsibility model
• Does NOT cover application-layer security (code vulnerabilities, SQL injection, XSS, etc.)
• Does NOT include penetration testing, social engineering simulation, or physical security review
• Does NOT access the content of your S3 buckets, databases, or application data

To the maximum extent permitted by applicable law, Leaptrix Solutions' total liability for any claim arising from the Service shall not exceed the amount paid by you for the specific audit giving rise to the claim, or USD $199, whichever is lower.

We shall not be liable for indirect, incidental, consequential, or punitive damages, including data breaches, service downtime, regulatory fines, or loss of revenue, even if advised of the possibility of such damages.

7. Confidentiality & Non-Solicitation

Mutual Confidentiality: Both parties agree to treat the other party's confidential information (including but not limited to audit findings, business processes, and pricing) with the same standard of care applied to their own confidential information, but not less than reasonable care.

Non-Solicitation: For a period of 12 months following the completion of any paid engagement, each party agrees not to directly solicit or recruit the other party's employees or contractors who were materially involved in the engagement, without prior written consent.

This clause does not apply to general public job postings or recruitment campaigns not specifically targeting the other party's personnel.

8. Term & Termination

These Terms apply from the date of your first audit request submission and continue until terminated.

• Free Health Check: Terminates automatically upon delivery of the report
• Deep Audit: Terminates upon delivery of the report and settlement of payment
• Continuous Compliance: Either party may terminate with 30 days' written notice; you may terminate immediately by deleting the CloudFormation stack and notifying us in writing

Upon termination, your obligation to pay for services already rendered survives termination. Our obligation to delete your data as described in our Privacy Policy also survives termination.

9. Governing Law & Dispute Resolution

These Terms are governed by and construed in accordance with the laws of India, without regard to its conflict of law principles.

Informal Resolution First: Before initiating formal proceedings, both parties agree to attempt to resolve any dispute informally by sending written notice to the other party describing the dispute and desired resolution. The parties will have 30 days to attempt good-faith resolution.

Arbitration: If informal resolution fails, disputes shall be submitted to binding arbitration under the rules of the Indian Council of Arbitration (ICA), conducted in English, with the seat of arbitration in Bangalore, India.

Jurisdiction: For injunctive relief or enforcement of an arbitration award, the parties consent to the exclusive jurisdiction of the courts of Bangalore, Karnataka, India.

Notwithstanding the above, either party may seek injunctive or other equitable relief in any court of competent jurisdiction to prevent irreparable harm.

10. Changes to These Terms

We reserve the right to update these Terms at any time. Material changes will be communicated by email to active clients at least 14 days before taking effect. Continued use of the Service after the effective date constitutes acceptance of the updated Terms. The "Last Updated" date at the top of this page reflects the most recent revision.

11. Entire Agreement

These Terms, together with our Privacy Policy, constitute the entire agreement between you and Leaptrix Solutions with respect to the LeapScan Service and supersede all prior oral or written agreements. No waiver of any provision of these Terms shall be deemed a further or continuing waiver of such provision or any other provision.

12. Contact

For legal notices and contractual queries:
Leaptrix Solutions
Email: connect@leaptrix.com
Subject line: LeapScan Legal Notice