CODERED TERMS OF SERVICE
CODERED ASM Continuous Threat Exposure Management
TERMS OF SERVICE
Effective September 1,2025
Note: Our updated Terms of Service will take effect on September 1, 2025. The current Terms of Service shall remain in effect and applicable prior to this date.
1. ACCEPTANCE
i. By accepting this Terms of Service during your account registration, or by accessing or using our Service, you confirm your acceptance of the Terms of Service and your agreement to be a party to this binding contract. If you do not agree, you do not have the right to access or use our Service.
ii. You agree to this Terms of Service on behalf of the company or other legal entity for which you are acting (for example, as an employee) or, if there is no company or legal entity, on behalf of yourself as an individual. You represent and warrant that you have the right and authority to act on behalf of and bind such entity (if any) and yourself.
iii. If you are acting on behalf of an organization, you confirm that you have the legal authority to accept this Terms of Service Agreement on the organization’s behalf. You are not permitted to use the Service or agree to the Terms if you are not of legal age to enter into binding contract, do not have the necessary authority, or are prohibited from using or accessing the Service under applicable laws.
2. DEFINITIONS
i. “PROVINTELL” means PROVINTELL Technologies Sdn. Bhd. and its affiliates (collectively known as “PROVINTELL”).
ii. “Service” means the CODERED ASM Service provided by PROVINTELL to the Subscriber.
iii. “Subscription” means a service order for CodeRed ASM Service by Subscriber via PROVINTELL website.
iv. “Subscriber” means the End Customer or Service Operator who is purchasing and utilizing the CODERED ASM Continuous Threat Exposure Management (CTEM) Service provided by PROVINTELL.
v. “Service Operator” means the Local Reseller or Managed Services Partner of CODERED ASM with direct business assignation in providing the local customer support and consulting services to the Subscriber.
vi. “Subscription Term” means the Service period, quantity of the Managed Asset, and the Service Level Agreement (SLA) set forth in this Terms of Service Agreement.
vii. “Service Level” means the committed service-based Service Level Agreement (SLA) in defining the service availability and response time of the Service provided to the Subscriber and Service Operator.
viii. “Managed Asset” refers to the Fully Qualified Domain Names (FQDN) and the Internet accessible digital infrastructure and services that are authorized by Subscriber to be managed under the Service which includes the IP network addresses or address ranges, domains and the like, specified by Subscriber to PROVINTELL, that are either directly under control of the Subscriber or are used to provide services solely for the Subscriber. PROVINTELL reserves the right to review the assets for their relevance and reject the assets that cannot be associated with the Subscriber. Managed Asset is the object of the Service and for which the Observation relevant for such asset is issued.
ix. “Fully Qualified Domain Names (FQDN)” is a complete and unambiguous domain name that specifies the exact location of a network resource on the Internet.
x. “Observation” refers to the actionable threat intelligence information forwarded to Subscriber by CodeRed ASM Service that reports or provides on-line access to the information relating to any suspected and observed cyber security threats such as compromised hosts or vulnerable or open services with respect to the Managed Asset, as collected and filtered from third party threat sources.
xi. “E-Support IMS System” refers to the Ticketing System used for incident management and online customer support to the Subscriber.
xii. “Threat Responder App” refers to the CODERED ASM mobile application developed by PROVINTELL to provide mobile alerts, security dashboards, integrated ticketing system and live- chat services to the Subscriber and Service Operator.
xiii. “Subscriber Account” refers to the user account used by Subscriber to login to the Threat Responder App.
xiv. “Agent Account” refers to the user account used by PROVINTELL business and technical personnel including the Service Operator to login to E-Support IMS System for business support and service delivery operations.
xv. “Confidential Information” refers to non-public information of PROVINTELL, Service Operator and Subscriber disclosed by either party to the other party, either directly or indirectly, in writing, orally or by inspection of tangible.
xvi. “Intellectual Property Rights” refers to patents (including utility models), design patents, designs (whether or not capable of registration), chip topography rights, proprietary software and other like protection, copyright, trademark and any other form of statutory protection of any kind and any applications for any of the foregoing as well as any trade secrets and know how.
3. RIGHT TO USE SERVICE
i. Subscriber shall have a non-exclusive, non-transferable, non-sublicensable right to use the Services in accordance with these Terms of Service to receive Observation relating to the Managed Asset and specifically excluding all other purposes of any kind.
ii. Subscriber has the right to use Observation, and the information contained therein to identify and fix security issues. Subscriber has no obligation to act based on such Observation at its sole discretion, risk and expense.
iii. The right to use its service is subject to Subscriber providing PROVINTELL with correct and truthful information and keeping such information up-to-date and the timely payment of the respective Subscription Fees (“Fees”), except when otherwise indicated.
iv. Rights of Refusal/ Termination. PROVINTELL reserves the right to refuse or terminate the Service of the Subscriber upon detection of any fraudulent, illicit or conflicting business activities of the Subscriber that are considered harmful to PROVINTELL’s business reputation and/or its service operation. Subscriber shall not (or to assist others) to access, use, modify, distribute, transfer or exploit its Service or systems. For example, Subscriber shall not or attempt to (a) gain unauthorized access to its Service or systems; (b) disrupt the integrity or performance of its Service; (c) create accounts for its Service with invalid credentials or contacts information; (d) collect information about its users; or (e) license, outsource, rent, transfer, distribute, resell the Service to any third party, unless with PROVINTELL’s written consent.
v. Legal and Acceptable Use. Subscriber agrees to use the Service legally and for acceptable purposes. Subscriber is not allowed to use the Service (or assist others in using) its Service in ways that (a) violate or infringe the rights of the Service, its users, or others, including privacy, publicity, intellectual property, or other proprietary rights, (b) involve in any unlawful or fraudulent activities including but not limited to hacking, unauthorized data modification, leeching and/or abuse of the Service and data provided by PROVINTELL.
vi. Managed Asset Authorization. Subscriber shall not to use its Service on the assets that belong to third party or not within the Subscriber’s authority and purview.
vii. Subscriber Registration and User Account Creation. All Subscribers are required to their interests by providing us with valid business contacts information via PROVINTELL’s website. All User Accounts will be validated and created by PROVINTELL, and the user login credentials will be sent to the validated Subscriber email upon successful validation of the Subscriber Contact and Managed Asset information, and verification of the payment receipt.
viii. User Account Security. The Subscriber Account login is mandatorily secured with advanced multi-factor authentication mechanisms. Subscriber is responsible to keep his/her Subscriber Account credentials safe and shall not share his/her login credentials to other users.
ix. Service and Support Duration. Subscription period starts from the date of User Account creation. The User Account access will be automatically deactivated or suspended upon service expiry if the service is not renewed by the Subscriber within thirty (30) days upon the service expiry date. The Subscriber account and managed asset information will be permanently deleted from its systems after twelve (12) months from the service expiry date.
x. Terms of Service and Privacy Notice. Subscriber agrees to CODERED ASM Terms of Service and Privacy Notice. Subscriber may refer to PROVINTELL’s Privacy Notice here – https://www.provintell.com/privacy-notice/.
4. ABOUT CODERED ASM SERVICE
i. CodeRed ASM Continuous Threat Exposure Management (CTEM) Service is managed by PROVINTELL’s 24×7 Security Operation Center (SOC) using CodeRed AI-driven Threat Management Platform.
ii. CodeRed ASM Service is provided to Subscriber via proprietary Threat Responder App for Early Warning Alert, Exposure Risk Analysis, Observation / Issue Tracking and Live Chat for threat mitigation with PROVINTELL 24×7 SOC teams.
iii. Subscriber shall specify the Managed Asset to be initially monitored, and Subscriber has a right to add or remove the Managed Asset to the scope of Service from time to time in a manner and within the limitations specified on the Terms of Service.
iv. PROVINTELL shall be responsible for the continuing operation and maintenance of the platforms. However, PROVINTELL shall not guarantee to Subscriber the uninterrupted operation of the platforms or the availability of Service.
v. All warranties, express, implied, statutory or otherwise, including but not limited to the implied warranties of merchantability, non-infringement of intellectual property rights and fitness for a particular purpose are expressly excluded.
vi. PROVINTELL does not sell, rent or monetize its Subscriber’s personal data and Service information to any third party.
5. OBSERVATION AND EXPOSURE CATEGORIES
i. PROVINTELL aims to provide Observation to Subscriber based on its zero false positive operation processes for CodeRed ASM Service on best-effort basis. The Observation shall include information about suspected security threats relating to the Managed Asset only but shall not be warranted as being a complete list of all threats that may exist nor shall PROVINTELL be in any manner responsible for threats notified as part of the Observation.
ii. Subscriber shall be responsible for the forwarding and handling of the Observation and any distribution of the Observation, or the information contained therein.
iii. The right of Subscriber to use Observation shall be non-exclusive and non-transferable and the delivery of Observation shall not transfer or create any intellectual property rights to the Observation, or any information contained therein.
iv. PROVINTELL maintains a comprehensive list of Exposure Categories for reporting of different types of Observation to Subscriber. PROVINTELL may update the information of the Exposure Categories from time to time without any notice to Subscriber.
v. Any direct access by Subscriber to the systems of PROVINTELL to review Observation shall be subject to the respective terms of use as applicable from time to time.
6. RESTRICTION OF USE
i. Specifically, Subscriber may utilize the Service only on its own Managed Asset.
ii. Subscriber shall not have a right to distribute or publish any Observation, or any part thereof or otherwise permit any third party to use the Service or Observation, except for the purposes of supporting the Subscriber in the investigation and mitigation of threats reported in the Observation.
iii. If PROVINTELL suspects that the information provided by Subscriber is not true, accurate, current or complete, or if Subscriber uses or is suspected of using the information for illegal or criminal activity, PROVINTELL may suspend or terminate the Subscription immediately.
iv. Subscriber shall notify PROVINTELL immediately if Subscriber becomes aware of any unauthorised use of the Service or if the Observation include information on assets other than Managed Asset.
v. Redistribution, resale, or disclosure of any data or content from the Service to third party is strictly prohibited unless expressly authorized by PROVINTELL.
vi. Any API access, if available, is governed by specific terms and usage restriction.
vii. Each Subscriber Account login is restricted to a single individual, and sharing of access credentials is not permitted.
7. PROFESSIONAL SERVICE AND TAKEDOWN SERVICE
i. PROVINTELL may provide Professional Service and Takedown Service relating to the Service (“CodeRed-IR Service”) and subject to a separate agreement with Subscriber in each case. The Subscriber shall be responsible for the time and materials charges of PROVINTELL as specified in the respective agreement and any out-of-pocket costs and expenses relating to the performance of the CodeRed-IR Service.
ii. PROVINTELL shall provide CodeRed-IR Service on a consultancy basis and subject to any general terms of PROVINTELL referred to in the respective agreement and unless otherwise agreed, shall not imply any transfer of ownership of the results of the CodeRed-IR Service to Subscriber, who shall receive a right to use the results of the CodeRed-IR Service only for the purposes of effectively using the Service under a valid subscription from time to time.
iii. Subscriber Acknowledgement of Limitation and Constraint. PROVINTELL provides Takedown Service for fraudulent or infringing sites as part of CodeRed-IR Service to Subscriber. Subscriber acknowledges and agrees that (a) infringing sites reported by or to PROVINTELL for Takedown Service are under different local Internet governance authorities and controls that may resist any part or all of the Takedown Service. Further, due to the nature of Internet, political, legal, technical and other constraints, PROVINTELL may be prevented from successfully performing in whole or in part the Takedown Service; and/or (b) the Takedown Service may not achieve the desired result.
iv. Discretion of Takedown Service. PROVINTELL reserves the right to suspend or not perform the Takedown Service in its sole discretion if it believes: (a) subscriber has not provided sufficient, accurate or complete information to initiate or continue with the Takedown Service; or (b) any Takedown Services may result in any adverse action from a third party; or (c) that the desired result of the Takedown Service is unlikely to be achieved through reasonable efforts; or (d) PROVINTELL or its suppliers are or may be legally restricted or prevented from providing the Takedown Service.
v. Turnaround Time of Takedown Service. The turnaround time for a successful Takedown Service is vary depending on the types of Takedown Service. Subscriber may refer to the turnaround time as stated herein, and PROVINTELL cannot guarantee that all Takedown Service provided to Subscriber can be successfully executed within the expected turnaround time due to the known limitation and discretion of the Takedown Service.
vi. Subscriber may request for CodeRed-IR Service, including Takedown Service by submitting a Service Request (“SR Ticket”) to PROVINTELL. Subscriber shall agree to the time and materials charges imposed before any service activation based on the SR Ticket. PROVINTELL reserves the right to refuse or suspend any SR Ticket activities at any point of time and without cause.
vii. Subscriber shall promptly provide to PROVINTELL information required for Takedown Services: (a) issue ticket number and any other information or documents reasonably requested by PROVINTELL; and (b) other information and/or explanations as reasonably required for PROVINTELL, its agents, its suppliers or sub-contractors to be able to provide the Takedown Service.
viii. PROVINTELL commences specified actions for a Takedown Service once the Service Request (“SR Ticket”) is provisioned and acknowledged by Subscriber. In each instance, initiation occurs upon receipt of one of the following from the Subscriber: (a) a SR Ticket for Takedown; or (b) confirmation via email.
ix. The general limitation of liability under Section 13 shall apply and the liability of PROVINTELL for any claims arising based on the performance of CodeRed-IR Service shall be limited to the time and materials charges paid to PROVINTELL for the same.
8. CUSTOMER SUPPORT AND SERVICE LEVEL MANAGEMENT
i. PROVINTELL is responsible to provision and manage the status of the Subscriber Account in accordance with PROVINTELL’s Privacy and Data Protection policy.
ii. During the Subscription Term, and subject to Subscriber’s payment of the applicable fees and the status of Subscriber Account, Subscriber shall have active access to Threat Responder App and 24×7 Live Chat for technical support and advisory services provided PROVINTELL.
iii. PROVINTELL Cyber Security Operation Center (“CyberSOC”) is operating on 24x7x365 basis to provide the Service to Subscriber based on the Standard Service Level Agreement (“SLA”) defined herein. PROVINTELL reserves the right to amend the SLA and Terms of Service under Section 18 or otherwise subject to a separate agreement with Subscriber on specific case.
9. FEES AND TAXES
i. Non-Refundable Policy. Subscriber shall pay the Fees (if, any) by credit card and as instructed during account registration or if Subscriber selects invoice option, PROVINTELL will send an invoice to the address informed by Subscriber in the account registration. Fees shall not be subject to any right of offset or suspension and all payments shall be non-cancellable, non-refundable and non-creditable.
ii. Payment Term. Subscriber shall pay PROVINTELL the Fees as specified in the accepted quotation or payment advice within seven (7) working days.
iii. Overdue Payment. If any applicable Fees are overdue, PROVINTELL reserves the right to suspend or automatically terminate the Service to the Subscriber without notice. Late payments may incur monthly interest charges of 1.5% per month or the maximum rate allowable by law, whichever is lower, along with any collection costs, including attorneys’ fees.
iv. Taxes. Subscriber must pay to the relevant taxing authority for all taxes arising for this Serrvice subscription and the taxes should not be deducted from the payment to PROVINTELL.
10. CONFIDENTIALITY
i. PROVINTELL and Subscriber shall hold in confidence any confidential information received from another in connection with the performance of or access to Service. For purposes of PROVINTELL, this includes the identity of Subscriber and Managed Asset.
ii. The confidentiality obligation shall not be applied to any material or information:
a) that is generally available or otherwise public, other than if it is public through a breach of the Subscription or Terms of Service;
b) that the party has received from a third party without any obligation of confidentiality;
c) that was in the possession of the party prior to receipt of the same without any obligation of confidentiality related thereto;
d) that party has independently developed without using material or information received from the other party; or
e) that a party is obliged to disclose pursuant to applicable laws.
iii. All business and personal data, including accounts, finances, transactions, or any communications, shall be kept strictly confidential by PROVINTELL and its Subscriber.
iv. The parties agree not to use Confidential Information for their own benefit or in any way detrimental to the other party.
v. The confidentiality obligations outlined in this section shall survive the expiration or termination of the Service.
11. SUBSCRIPTION TERM AND TERMINATION
i. The right to use Service remains in effect throughout the Subscription term.
ii. Subscription commences on the date of Subscriber Account is available and Subscriber agrees that the minimum Subscription Term for the Service is twelve (12) months.
iii. Access to the Subscriber Account will be automatically deactivated or suspended if the Subscription is not renewed within thirty (30) days following the service expiry date. Subscriber and Managed Asset information will be permanently deleted from PROVINTELL systems after twelve (12) months from the service expiry date, if not renewed.
iv. Either party may terminate the applicable Subscription and the right to use Service granted therein, if the other party fails to cure a material breach within fourteen (14) days after written notice of such breach, provided that PROVINTELL may terminate the Subscription immediately upon any breach of Section 3 by Subscriber.
v. Additionally, either party may terminate the Service immediately if the other enters into compulsory or voluntary liquidation, ceases to carry on business, or takes or suffers any similar action that the other party reasonably believes will materially impair its performance under the Terms of Service Agreement. Upon termination, PROVINTELL’s obligation to provide Service will immediately terminate and Subscriber shall pay the full amount of any outstanding fees due.
12. EFFECTS OF TERMINATION
i. Upon termination of the Subscriber shall immediately cease using the Service. However, the termination shall not affect the right of Subscriber to continue the use of the delivered Observation.
ii. Termination of the Subscription shall not prevent either party from pursuing all available legal remedies, nor shall such termination relieve Subscriber’s obligation to pay all Fees and any other amounts due that are owed as of the effective date of termination.
iii. All provisions of these Terms, including but not limited to the provisions relating to the ownership of the Service, limitation of liability, disclaimers of warranties, confidentiality, audit and governing law and jurisdiction, shall survive the termination of the Subscription.
13. LIMITATION OF LIABILITY
i. Subscriber agrees that PROVINTELL shall not be liable to the Subscriber or any third party for any loss or damage arising directly or indirectly from the Service, including liability for special, punitive, incidental, pecuniary, or consequential losses, damage to software or data, business interruptions, or loss of profit, revenue, goodwill, or anticipated savings.
ii. Under no circumstances shall PROVINTELL’s liability under the Subscription exceed the Fees paid by Subscriber for the Service under the applicable Subscription.
iii. Subscriber agrees to indemnify and hold PROVINTELL harmless against and from:
a) Any act, omission, breach, non-observance, and non-performance by the Subscriber or its employees, agents, or vendors;
b) Any claim, damage, loss, or expenses due to or resulting from any negligence, wrongful act, or breach of duty on the part of the Subscriber or its employees, agents, or vendors;
c) Any and all claims and proceedings for or on account of infringement of any protected intellectual property rights related to or connected with the Service.
14. DISCLAIMER AND LIMITATION
i. Subscriber acknowledges that there is no assurance that all security exposures can be identified during the Subscription due to inherent limitations. Observation and recommendation provided are based on known technologies and security issues at the time and may change over time, which may cause deviations in the identified security issues and recommendations.
15. ASSIGNMENT
i. PROVINTELL shall be entitled to assign this Subscription and any of its rights and obligations hereunder to its affiliated company or to any third party to which any part of its business is transferred.
16. DISPUTE AND APPLICABLE LAW
i. Unless expressly otherwise stated in the Subscription, the Subscription and all matters arising out of or in connection with the Subscription (except for mandatory local law provisions) shall be construed and governed exclusively in accordance with the laws of Malaysia.
ii. The above governing law and dispute resolution provisions shall always apply to any claims against PROVINTELL relating to the matters arising out of or in connection with the Service or the operation thereof.
17. PRIVACY AND DATA PROTECTION
i. Compliance with Privacy Regulations. PROVINTELL is committed to protecting the privacy and personal data of the Subscriber. All personal data collected or processed in connection with the Service shall be handled in accordance with applicable data protection laws, including but not limited to the General Data Protection Regulation (GDPR) and the Malaysia Personal Data Protection Act (PDPA). PROVINTELL shall not use or disclose such data for marketing, profiling, or advertising purposes.
ii. Data Processing Agreement (DPA). PROVINTELL processes Subscriber’s personal data in accordance with applicable privacy regulations, including the General Data Protection Regulation (GDPR) and Malaysia’s Personal Data Protection Act (PDPA). Data collected during the provision of the Service is only used for the purpose of delivering the service and will not be shared with third parties for advertising or marketing purposes.
ii. Data Retention Policy. Subscriber’s data will be retained for the duration of the Subscription term and for up to 12 months following the termination of the Service. After this period, all Subscriber data will be permanently deleted unless otherwise required by law.
iv. Data Access and Confidentiality. Access to personal and Subscriber data is strictly limited to authorized personnel involved in the delivery and support of the Service. All such personnel are subject to confidentiality obligations and appropriate access controls to ensure data integrity and security.
18. INTELECTUAL PROPERTY RIGHT
i. The Service and all related materials, including software, data, and documentation, are the exclusive intellectual property of PROVINTELL, containing trade secrets protected by copyright, trademark, and other applicable laws. PROVINTELL retains all rights, title, and interest in the Service, including any enhancements or derivative works.
ii. Subscriber is granted a limited, non-transferable license to use the Service solely for internal business purposes through secure access provided by PROVINTELL.
iii. The Subscriber retains ownership of its own data input into the Service but grants PROVINTELL a perpetual, royalty-free license to use this data to provide and enhance the Service and for other internal purposes.
19. VALIDITY OF AND AMENDMENT TO THE TERMS
i. These Terms are valid as of 1 September 2025 and remain in force until further notice.
ii. PROVINTELL is entitled to amend these Terms. PROVINTELL shall notify Subscriber in writing or electronically at least 30 days prior the effective date of the amendment. If the amendment has a material effect on Subscriber, Subscriber shall have the right to terminate the Subscription on the effective date of the amendment by providing PROVINTELL at least 15 days prior written notice, unless the amendment is attributable to changes in legislation or to authority decisions.