Last updated: April 4, 2026
Please read these Terms of Service ("Terms") carefully before using the website, reporting platform, and services provided by Yappo Security LLC ("Yappo", "we", "us", or "our"). By accessing or using our website, platform, or services, you agree to be bound by these Terms. If you do not agree, please do not use our website, platform, or services.
These Terms constitute a legally binding agreement between you (or the company or organization you represent, the "Client") and Yappo Security LLC. These Terms apply to the use of our website, reporting platform, and related offerings. Professional services provided by Yappo, including penetration testing and related security assessments, are further governed by the applicable Statement of Work ("SOW"), proposal, or service agreement executed between Yappo and the Client. In the event of any conflict between these Terms and an executed SOW, the SOW will control for the applicable engagement. Your use of our website, platform, or services also signifies your acceptance of our Privacy Policy, which is incorporated herein by reference.
Yappo provides cybersecurity services including, but not limited to:
The specific scope, methodology, deliverables, assumptions, and timeline for paid engagements are defined in a separate SOW or service agreement executed between Yappo and the Client. Self-service offerings (Domain Checkup and AI Pentest) are governed by these Terms directly. Unless expressly stated otherwise in writing, Yappo's services do not constitute continuous monitoring, managed detection and response, incident response, or security operations center services.
The Client represents and warrants that it has full legal authority to authorize Yappo to perform security testing on all systems, networks, applications, and assets identified in the agreed scope. Yappo will only conduct testing activities that are explicitly authorized in writing by the Client. Testing performed outside the agreed scope is strictly prohibited unless the scope is updated and approved in writing by both parties.
For self-service offerings: by submitting a domain through Domain Checkup or a target application through AI Pentest, you represent and warrant that you have the legal authority to authorize Yappo to perform the corresponding analysis or assessment on the submitted target. You accept sole responsibility for ensuring that you are authorized to request testing on the specified domain or application.
The Client is responsible for ensuring that all necessary permissions and approvals have been obtained from any relevant third parties, including hosting providers, cloud platforms, SaaS vendors, payment processors, upstream providers, or internal stakeholders, before testing begins.
The Client agrees to:
Delays caused by missing access, incomplete information, unavailable personnel, or environment instability may affect the agreed schedule or delivery dates.
You agree not to use our services or platform to:
Both parties agree to treat all non-public information exchanged in connection with an engagement as confidential. Yappo will not disclose findings, reports, evidence, or Client data to any third party without the Client's prior written consent, except to personnel, contractors, or advisors with a need to know and who are bound by confidentiality obligations, or as required by applicable law. Confidentiality obligations survive the termination of any engagement or these Terms.
All methodologies, tools, techniques, templates, and proprietary processes used by Yappo to perform services remain the exclusive intellectual property of Yappo Security LLC. Upon full payment of the applicable fees, deliverables such as final reports and remediation recommendations are licensed to the Client for its internal business, security, audit, compliance, and risk management purposes. The Client may also share such deliverables with its employees, contractors, advisors, auditors, insurers, regulators, investors, or customers with a legitimate business need to review them, provided such disclosure is reasonably related to the Client's business or compliance activities. The Client may not resell, materially alter, or misrepresent Yappo's deliverables without Yappo's prior written consent.
To the fullest extent permitted by applicable law, Yappo's total cumulative liability arising out of or related to these Terms or any engagement shall not exceed the total fees paid or payable by the Client for the specific service or engagement giving rise to the claim.
In no event shall Yappo be liable for any indirect, incidental, special, punitive, or consequential damages, including loss of profits, data, revenue, or business opportunities, even if advised of the possibility of such damages.
The Client agrees to indemnify, defend, and hold harmless Yappo Security LLC and its officers, directors, employees, contractors, and agents from and against any claims, liabilities, damages, losses, and expenses (including reasonable legal fees) arising out of or in any way connected with: (a) the Client's breach of these Terms or the applicable SOW; (b) the Client's failure to obtain proper authorization for testing; or (c) the Client's violation of any applicable law or regulation.
Our website, platform, and services are provided "as is" and "as available." Yappo does not warrant that our services will identify all vulnerabilities present in a given system, or that any findings will be complete, exhaustive, or error-free. Manual penetration testing and AI Pentest assessments represent a point-in-time evaluation and do not guarantee that the assessed systems are free from vulnerabilities at any future time. Continuous penetration testing provides ongoing assessments over an extended period but does not constitute exhaustive or guaranteed coverage of all possible vulnerabilities at any given moment. The Client acknowledges that changes to code, infrastructure, configurations, dependencies, or user behavior may affect security posture at any time.
Yappo offers free accounts that provide access to certain platform features, including Domain Checkup. Free accounts require registration with a valid corporate email address — accounts using free email providers (such as Gmail, Hotmail, or Yahoo) are not accepted. Free accounts are provided at Yappo’s discretion and may be subject to usage limitations.
Yappo reserves the right to suspend, limit, or terminate free accounts at any time, with or without notice, including but not limited to accounts that are inactive for an extended period, that are used in a manner inconsistent with these Terms, or that are used to submit domains or targets for which the user lacks proper authorization.
Free account users are subject to all applicable provisions of these Terms, including but not limited to the authorization, prohibited uses, and indemnification sections.
Fees, billing terms, payment timing, and any applicable taxes for professional services will be set forth in the applicable SOW, proposal, or invoice. Self-service offerings such as AI Pentest are available at the price published on our website or platform at the time of the request. Yappo reserves the right to update pricing for self-service offerings at any time; the price in effect at the time of your request will apply to that request.
Testing windows and delivery timelines are based on reasonable assumptions regarding access, scope stability, environment readiness, and Client cooperation. If the Client materially changes the scope, delays access, or significantly modifies the environment during the engagement, Yappo may revise the schedule, update pricing, or require an amended SOW.
Either party may terminate an engagement or these Terms upon written notice if the other party materially breaches these Terms and fails to cure such breach within fifteen (15) days of receiving notice. Yappo reserves the right to suspend or terminate services immediately if the Client’s use of our services is determined to be unlawful, unauthorized, or poses a risk to third parties or to the integrity of our platform.
Unless otherwise agreed in writing, fees are generally non-refundable once services have been scheduled or started, as Yappo allocates time and resources to the engagement. If you believe an exception should apply, please contact us and we’ll review your request in good faith on a case-by-case basis, including where required by applicable law.
These Terms shall be governed by and construed in accordance with the laws of the State of New Mexico, United States, without regard to its conflict of law provisions. Any disputes arising under these Terms shall be subject to the exclusive jurisdiction of the courts located in Bernalillo County, New Mexico.
We reserve the right to update these Terms at any time. Any material changes will be reflected on this page with an updated "Last updated" date and may also be communicated via email or notice on our website or platform where appropriate. Continued use of our services after any changes constitutes acceptance of the revised Terms.
