Legal

Terms & Conditions of Service

Effective date: 1 May 2025  ·  Provided by Intrai Technologies S.L.  ·  Last reviewed: April 2025

Contents

  1. Acceptance of Terms
  2. User Authorisation & Legal Responsibility for Scans
  3. Description of Service
  4. Commercial Communications
  5. Remediation & Professional Services
  6. Aggregated Analytics & Data Use
  7. Privacy & Data Protection
  8. Intellectual Property
  9. Limitation of Liability
  10. Termination
  11. Changes to These Terms
  12. Contact

1. Acceptance of Terms

By creating an account or using the Skopia platform ("Service"), operated by Intrai Technologies S.L. ("Intrai", "we", "us", "our"), you ("User", "you") agree to be legally bound by these Terms & Conditions ("Terms").

If you are using the Service on behalf of a company or organisation, you represent that you have authority to bind that entity to these Terms, and the terms "you" and "User" refer to that entity.

If you do not accept these Terms in full, you must not use the Service.

2. User Authorisation & Legal Responsibility for Scans

You are solely and exclusively responsible for ensuring you hold all necessary permissions and authorisations before scanning any target.

Skopia is a security analysis tool. By initiating any scan, you expressly warrant and represent that:

  • You are the owner of the target application or web asset, or you have obtained explicit written authorisation from the owner to perform security testing against it.
  • The scan complies with all applicable laws and regulations in the jurisdiction(s) where you and the target reside, including but not limited to computer misuse, cybercrime, and data protection laws.
  • No third-party systems, data, or users will be harmed, disrupted, or affected without their prior informed consent.

Intrai Technologies S.L. bears no responsibility whatsoever for any legal, regulatory, financial, or reputational consequences arising from scans performed without proper authorisation. You agree to indemnify, defend, and hold harmless Intrai Technologies S.L., its directors, employees, and agents from and against any claims, damages, penalties, fines, or expenses (including reasonable legal fees) arising out of or related to your unauthorised or unlawful use of the Service.

Any misuse of the platform to conduct unauthorised scans constitutes a material breach of these Terms and may result in immediate account suspension, reporting to relevant authorities, and civil or criminal liability.

3. Description of Service

Skopia provides automated web application security scanning, vulnerability detection, and reporting tools. Scans are performed on targets you provide and results are made available in your account dashboard.

The Service is provided on a "best efforts" basis. We do not guarantee that all vulnerabilities will be detected, and scan results do not constitute a comprehensive security audit or certification.

4. Commercial Communications

By registering an account and accepting these Terms, you expressly consent to receiving commercial communications from Intrai Technologies S.L. to the email address associated with your account. These communications may include:

  • Information about new features, product updates, and service improvements.
  • Pricing and plan offers, promotions, and special programmes.
  • Security insights, industry reports, and educational content produced by Intrai.
  • Invitations to events, webinars, and demos.

You may withdraw this consent at any time by clicking the unsubscribe link in any commercial email, or by sending a written request to privacy@intrai.tech. Withdrawal of consent does not affect the lawfulness of communications sent prior to withdrawal, and you will continue to receive strictly transactional messages necessary for the operation of your account (e.g. scan completion notifications, invoices, security alerts).

5. Remediation & Professional Services

By using the Service and accepting these Terms, you authorise Intrai Technologies S.L. to contact you regarding professional remediation services related to vulnerabilities and security findings identified in your scans. Such contact may include:

  • Personalised remediation proposals tailored to your specific scan results.
  • Technical consultancy, code review, and security hardening engagements.
  • Managed security services, penetration testing, and follow-up audits.
  • Educational resources and guidance specific to the issues detected.

Any remediation engagement is subject to a separate service agreement and is entirely optional. You are under no obligation to purchase or engage with any services proposed. Scan data used to prepare a remediation proposal is handled in accordance with Section 6 (Aggregated Analytics) and Section 7 (Privacy).

6. Aggregated Analytics & Data Use

By using the Service, you grant Intrai Technologies S.L. a non-exclusive, royalty-free, worldwide licence to process and use data generated through your use of the platform for the purpose of producing aggregated, anonymised analytics and industry reports. Specifically:

  • Anonymisation: Before any data is included in aggregate reports, all information that directly or indirectly identifies you, your organisation, or the specific targets scanned (including URLs, domain names, IP addresses, and account identifiers) is permanently removed or irreversibly generalised.
  • Aggregation: Data is combined with data from other users so that no individual user's results can be isolated or re-identified.
  • Permitted uses: Anonymised aggregate data may be used to publish security trend reports, benchmark industry vulnerability rates, improve machine-learning models within the platform, and provide statistical insights to the security community.
  • No sale of personal data: We do not sell, rent, or share individual user data or identifiable scan results with third parties for their marketing or commercial purposes.

You may request deletion of your personal data at any time (see Section 7). Deletion of your account removes your identifiable data; anonymised aggregate contributions cannot be recalled as they are no longer linked to you.

7. Privacy & Data Protection

Intrai Technologies S.L. processes personal data in accordance with the EU General Data Protection Regulation (GDPR) and applicable Spanish data protection law (LOPDGDD). The data controller is Intrai Technologies S.L.

Key points:

  • We collect only the data necessary to provide the Service (name, email, scan targets, results).
  • Data is stored within the European Economic Area on Azure infrastructure.
  • You have the right to access, rectify, erase, restrict, and port your personal data.
  • You have the right to object to processing and to lodge a complaint with the Agencia Española de Protección de Datos (AEPD).

Full details are set out in our Privacy Policy. For data-related requests, contact privacy@intrai.tech.

8. Intellectual Property

All intellectual property rights in the Service, including software, algorithms, interface, trademarks, and documentation, belong exclusively to Intrai Technologies S.L. or its licensors. These Terms do not grant you any rights in our intellectual property beyond the limited right to use the Service for its intended purpose during the term of your subscription.

Scan reports generated by the Service from your authorised scans are owned by you. You grant us a limited licence to process that data as described in Section 6.

9. Limitation of Liability

To the maximum extent permitted by applicable law, Intrai Technologies S.L. shall not be liable for any indirect, incidental, special, consequential, or punitive damages, including loss of profits, data, goodwill, or business interruption, arising out of or in connection with your use of the Service.

Our total aggregate liability to you for direct damages shall not exceed the amount paid by you for the Service in the twelve (12) months preceding the event giving rise to the claim.

Nothing in these Terms limits liability for death or personal injury caused by negligence, fraud, or any other liability that cannot be excluded by law.

10. Termination

You may close your account at any time via the account settings. We may suspend or terminate your access immediately, without notice, if you breach these Terms, engage in unlawful activity, or if we reasonably believe continued access poses a security risk.

On termination, your right to use the Service ceases immediately. Sections 2 (indemnification), 6, 8, 9, and 11 survive termination.

11. Changes to These Terms

We may update these Terms from time to time. When we make material changes, we will notify you by email and display a notice in the platform at least 14 days before the changes take effect. Continued use of the Service after that date constitutes acceptance of the revised Terms.

12. Governing Law & Contact

These Terms are governed by the laws of Spain, without regard to conflict-of-law principles. Any disputes shall be subject to the exclusive jurisdiction of the courts of Madrid, Spain.

For questions about these Terms, contact us at:
Intrai Technologies S.L.
Email: legal@intrai.tech