Thank you for choosing Cyberion as your partner for cyber security and insurance services. These terms of services (“Terms”) govern your access and use of Cyberion’s website and services. By accessing or using our website and services, you agree to be bound by these Terms. If you do not agree to these Terms, please do not access or use our website and services.
Article 1. Definitions
Terms used in the singular or plural in the body of these Terms of Services beginning with a capital letter have the meaning given to them below:
Terms of Services: refers to the present Terms of Services concluded between the User and Cyberion;
Company: refers to the legal entity for which the vulnerability assessment is performed;
User Portal: refers to the virtual space allocated to the User at the time of registration and accessible by entering his/her Personal Identifiers. The User Portal allows access to relevant functionalities offered to the User;
Functionalities: refers to all the functionalities offered to the User, such as, in particular, the technological data vulnerability scan, the data vulnerability report, the data leakage report, the mapping of the User’s network infrastructure and their vulnerability, the personalised list of actions to be taken to reduce the risk of vulnerability, the subscription to the insurance contract drawn up through Cyberion and the archiving of the corresponding summary form;
Personal Identifiers: refers to the data necessary for the creation and accessibility by the User of his Customer Portal;
Parties: refers to Cyberion and the User;
Services: refers to all the features and services offered by Cyberion;
Site: shall designate the Cyberion Internet site accessible at the following address: https://www.cyberion.ch;
Cyberion: refers to Cyberion SA, a limited liability company, having its registered office at Rue de Lausanne 35A, 1110 Morges registered in the Registre du Commercial Register in Vaud, Switzerland under number CHE-491.160.237. Cyberion is acting as creator, publisher and developer of the Site and as a provider of Services;
User: means any legal representative or employee of the Company using the Services.
Article 2. Legal Notices
The Site is edited by Cyberion. The Director of the publication is Isabelle Kuksin.
It is furthermore specified that the Site is developed on Bubble.io, a platform from the Bubble Group, having its registered office at 22 West 21 Street 3rd Floor, New York, NY 10010, USA and hosted on Xano Inc., having its registered office at 20700 Ventura Boulevard #210 Woodland Hills, CA 91364, USA.
The servers of the databases produced by Cyberion is hosted by the Xano platform (Frankfurt EU-Server) in the EU.
Article 3. Purpose
Cyberion provides cyber security and insurance services to companies in Switzerland. Our services include cyber risk assessment, security consultation, risk management, incident response, and cyber insurance policies. We strive to provide high-quality and reliable services to protect the company against possible cyberattacks.
The purpose of these Terms of Services is to define the terms and conditions of use of the Services, as well as the rights and obligations of the Parties in this context.
The Terms of Services are accessible and printable at any time, by means of a link located on the Site, allowing them to be displayed on a separate web page. The Terms of Services are also available on the Site when the User registers.
They may be supplemented, if necessary, by special conditions related to certain Services. In the event of contradiction, the special conditions shall prevail over the Terms of Services.
These Terms of Services may be subject to subsequent modifications. The version applicable to the User is the one in force on the Site at the date of use of the Services.
Article 4. Scope and acceptance
Access to and use of the Site are subject to compliance with these Terms of Services. Consequently, any access to and/or use of the Site and more generally of all the Services, imply compliance with Terms of Services and their unconditional acceptance.
These Terms of Services are concluded between the User and Cyberion for an indefinite period.
Article 5. Services
The registration is a using a web-based application accessible through an internet connection and a web browser. It does not require any download or installation on any device whatsoever. It runs on any operating system and is suitable for any computer device, including, but not limited to, computers, mobiles and tablets.
Registration by a User is compulsory to be able to access his/her User Portal and use the Services. It is done by answering a declarative questionnaire and filling in a professional e-mail address and by defining a password.
Cyberion uses the company name provided by the User to verify its eligibility to cyber risk services provided by Cyberion. Cyberion verifies the company’s registration, postal address, industry NOGA code and credit status through the services from CRIF AG, having its registered office at Hagenholzstrasse 81, 8050 Zurich, registered under UID number CHE-107.708.282.
The User Portal is strictly personal. The User undertakes to use the Services personally and not to allow any third party to use them in his place or on his behalf.
The User is deemed to be authorised to act on behalf of his Company, for strictly professional purposes and uses.
Cyberion reserves the right to suspend, restrict, refuse or revoke access to the User’s account and the Application at any time and for any reason whatsoever.
The User may, at any time and at no cost, close his or User Portal by clicking on the “Delete” button available in the “Account” menu in the Application or contacting Cyberion to do so.
Cyberion may, at its sole discretion, close the User’s User Portal, provided that it informs the User of this in advance by email, stating the reason for its decision. If the User has taken out an insurance contract via the Application, the closure of the User Portal will be carried out in accordance with the procedures defined in article 10 of the Terms of Services.
In accordance with article 6.3 of the Terms of Services, the User is responsible for the confidentiality and security of his Personal Identifiers allowing his authentication on the Application.
5.2 Light vulnerability scan
When the User registers on the Site, a light vulnerability scan of the Company’s technological data is automatically launched. The scan is performed by Bastion, a simplified joint company with a capital of EUR 12,000, having its registered office at 65 Rue de la Croix, Nanterre, France, registered under number 921 179 925.
The average duration of a technology data vulnerability scan is less than one minute. The scan is based on the Company’s publicly available databases, such as passwords, emails and Internet Protocol (IP) addresses linked with the Company.
The scan does not prevent any use of the User’s computer device or the Company’s computer devices and/or infrastructure on which the technological data vulnerability scan is performed. The light vulnerability scan of technological data is carried out free of charge for the Company. The results from the light vulnerability scan are displayed on the User Portal.
5.3 Access to cyber risk assessment and prevention
When the light vulnerability scan of the technological data described above and a self-declaration questionnaire is completed, each User will be offered a cyber risk protection package. Upon purchase of a package against a defined stated price on the Site, the User will be able to access a certain number of Functionalities from their User Portal.
The User has in particular access through his User Portal to an extended cyber risk assessment covering infrastructure, cloud applications, data leaks and prevention measures which include phishing simulation and employee training. These tools are made available by Bastion (see 5.2) and usecure. USECURE LIMITED is a company incorporated in England and Wales under number 10113345 whose registered office is at Holyoake House, Hanover Street, Manchester, M4 4AH; (“usecure”). Their access is provided from Cyberion’s User Portal. The duration of cyber risk assessment will take several hours which may vary depending on several factors, such as, but not limited to, the number of publicly accessible Company databases and the volume of data associated with them.
In general, Cyberion reserves the right to offer any other Functionality that it deems useful, according to the technical means that it deems most appropriate.
The extended cyber risk assessment does not prevent any use of the User’s computer device or the Company’s computer devices and/or infrastructure on which the technological data vulnerability scan is performed.
The fees for our services are determined based on the type and scope of the service. We will provide you with a quote before commencing any services. All fees are payable in Swiss Francs and are non-refundable unless otherwise stated in the quote. Payment for the services will be made via an invoice with a QR code sent to the User email address.
5.4 Taking out insurance
The Company’s relevant information related to its eligibility for a cyber insurance contract will be shared and verified by Helvengo AG, having its registered office at Hans-Huber-Strasse 4, 8002 Zurich, Switzerland and registered under CHE-428.533.794 (“Helvengo”). If the User is acting on behalf of the Company, they will be required to upload a valid brokerage or insurance advisory mandate or an equivalent document. In this instance, the User is expected to fulfil any applicable regulatory requirements to undertake these obligations towards the Company. In all other cases, Helvengo shall stand as the broker of record for the insurance contract. If the User is eligible, an insurance contract offer for the Company will be provided.
In this respect, it is recalled that only the User acting as the legal representative of the Company, is authorised to act in the name and on behalf of the Company, is authorised to take out an insurance contract. Any insurance contract concluded via the Site by a user other than the one acting as the legal representative of the Company will not be recognised by Cyberion and Helvengo. This contract will be deemed electronically signed when clicking on the confirmation button.
Payment for the services will be made via an invoice with a QR code sent to the User email address.
Access to the insurance coverage is conditional on the risk profile of the Company. In this respect, the Company must not present too great a risk to be able to be offered coverage. If the Company is not eligible for coverage, the User will be offered all the Services other than the insurance coverage.
In addition, and regardless of the result of the eligibility assessment, access to insurance is not permitted for any company that engages in any of the following activities: sale of weapons, drugs, sale of illegal substances and products, communication and dissemination of information or images of an erotic or pornographic nature, websites of a religious, political or ideological nature, gambling and betting activities, social networks, activities related to cryptocurrencies, airports, stock markets.
5.5 Incident response services
If the Company purchases an insurance coverage, incident response services can be provided should the Company need it. The User can contact Cyberion for incident support.
In the absence of insurance coverage, the User can contact Cyberion to establish access to incident response services from Cyberion. The fees for these services will be determined based on the type and scope of the service. We will provide you with a quote before commencing any services. All fees are payable in Swiss Francs and are non-refundable unless otherwise stated in the quote.
Article 6. Obligations of the User
6.1 Access to the Site and the Services
The User declares to know and understand:
It is the responsibility of the User to equip him/herself appropriately, particularly in terms of computing and electronic communications, to access the Site and the Services. It is also up to the User to take all appropriate measures to protect him/herself and Cyberion against any attack or damage that may affect the data or content stored on the Site. Cyberion is not responsible for the computer media of the User and the Company.
All costs and authorisations required for connection, access and use of the Application, the Site and the Services are and remain the responsibility of the Company.
6.2 Use of the Services
The User declares that he/she is aware and understands that the use of the Application, and more specifically the technological data vulnerability scan and cyber risk assessment, will initiate a connection procedure to the Company’s publicly accessible databases.
The User acknowledges and understands that the duration of cyber risk assessment will take several hours which may vary depending on several factors, such as, but not limited to, the number of publicly accessible Company databases and the volume of data associated with them.
The User undertakes to use the Site and the Services made available by Cyberion in accordance with these Terms of Services, the specific conditions for certain Services, in particular the insurance Service, as well as the laws and regulations in force.
When using the Site and the Services, the User undertakes in particular not to use, or allow third parties to use, the Site, the Application and the Services for the following purposes:
In particular, the User also undertakes, without this list being limitative, to:
Finally, in general, the User undertakes to comply with all the regulations in force applicable in Switzerland.
6.3 Security of the Personal Space
The User Portal is accessible by means of the Personal Identifiers provided by the User. The User’s Personal Identifiers are strictly personal and confidential.
In this respect, the User undertakes to:
To be taken into account, the User’s complaints must be sent by e-mail to the following address: firstname.lastname@example.org.
In the event that the User discloses his/her Personal Identifiers to a third party, Cyberion cannot be held responsible for any fraudulent use of the User Portal. The User shall be solely responsible for the disclosure of its Personal Identifiers.
The User is also responsible for all activities that take place on his User Portal, including the use of the Services.
The User undertakes, in the event of fraudulent use of their User Portal or any breach of security of their User Portal of which they are aware, to immediately notify Cyberion at the following address: email@example.com.
Upon receipt of the aforementioned notification, Cyberion will interrupt access to the User’s User Portal as soon as possible in order to put an end to the fraudulent use of the Services. This action will also prevent the User from accessing their Personal Space. It is specified that Cyberion response time, although not immediate, will be as soon as possible after receiving the notification.
Article 7. Responsibility of the User 7.1 User guarantees
The User guarantees Cyberion against any complaints, claims and/or actions that Cyberion may suffer as a result of the User’s breach of any of their obligations or guarantees under the terms of these Terms of Services.
They undertake to compensate Cyberion for any prejudice it may suffer and to pay all costs, including defense costs, charges and/or fines that it may have to bear as a result.
The use of the Site and the Services is made under the sole and entire responsibility of the User. As such, the User assumes full responsibility for the risks of loss associated with the use of the Services and/or the Site.
Consequently, it is up to the User to take all appropriate measures to protect the data, files or programs stored in his system.
The User is also solely responsible for the compatibility of its hardware, programs and software or its Internet network with the Site or the Application, which are designed to work with recent versions of the following web browsers: Safari, Google Chrome, Mozilla Firefox and Microsoft Edge.
In the event of non-compliant use or illicit exploitation of the Site or the Services, the User is solely responsible for any damage caused to the Company or to third parties and for the consequences of any claims or actions that may result from this.
The User undertakes, at Cyberion’s first request, to indemnify and compensate Cyberion for any damage, loss, or loss of profit that it may suffer if Cyberion is held liable by the Company or a third party due to an action linked to this use by the User.
The User also waives any recourse against Cyberion in the event of legal action taken by the Company or a third party against him/her due to the non-compliant use and/or illicit exploitation of the Site or the Services.
Article 8. User’s rights on his personal data
Article 9. Responsibilities of Cyberion
Cyberion undertakes to make its best efforts to provide the Services, to ensure the proper functioning of the Site and the Functionalities, within the limits of responsibility of the present Terms of Services.
Cyberion is only bound to the User by an obligation of means and does not provide any guarantee, express or implied, including any guarantee of quality and suitability for a particular use of the Services provided to the User, subject to the legal guarantees of conformity and against hidden defects.
In particular, Cyberion does not guarantee either the User or the Company that the list of vulnerabilities identified by the light vulnerability scan or extended cyber risk assessment is exhaustive. Similarly, Cyberion does not guarantee either the User or the Company that all of the Company’s infrastructures have been analysed by the light vulnerability scan or the extended cyber risk assessment.
Cyberion assumes no responsibility for material errors or inaccuracies on the Site or, for damage to property or infrastructure resulting from access to the Site, from the use of the Services, from unauthorised access to or use of the servers or personal or financial information stored on them, from the interruption of the Services, from the transmission of viruses or any similar element to or by the Site due to third parties, or from the loss of data placed on the Site.
Cyberion is not liable for any indirect damage resulting from transactions carried out on the Site, including any damage of an economic nature, in particular, without limitation, loss of income or profits, regardless of the legal basis. Furthermore, Cyberion is not liable for any indirect damage resulting from improper use or illicit exploitation of the Site.
In any case, Cyberion’s liability towards the User or the Company for any claim arising from the present document or from the use of the Site is limited to the total amount paid by the Company to Cyberion for the Services that gave rise to the claim. It is specified that the claim must be made within the legal prescription period.
Subject to the occurrence of the following events, or any case of force majeure, change in applicable regulations preventing the operation of the Site or the Services, the Application and the Site are accessible twenty-four hours a day (24 h) and seven (7) days a week (7). Cyberion declines, however, all responsibility, without this list being restrictive:
It is furthermore specified that maintenance work and/or updates to the Site may be carried out without prior notice to the User.
9.2 Content of the Site
Despite the great care taken in creating and updating the Site, Cyberion cannot provide any guarantee, express or tacit, concerning the information contained on the Site of which it is the author.
Consequently, Cyberion cannot be held responsible for any damage, direct or indirect, resulting from any errors, inaccuracies or omissions in the information contained on the Site.
Furthermore, the photographs and illustrations on the Site are for information purposes only and in no way commit Cyberion contractually.
Article 10. Duration and termination
The Services are subscribed to from the date of registration on the Application.
If the insurance is taken out, the commitment begins on the day the insurance is taken out and ends on the date indicated in the insurance contract. The conditions related to the renewal or termination of the insurance contract are defined under the general insurance terms and conditions which are made available to the Company.
If the User has access to a cyber risk protection package, the commitment begins on the day the package is taken out for a 12 (twelve)-month period. The User may request Cyberion to terminate the User’s services contract with a notice period of 1 (one) month by sending an email to: firstname.lastname@example.org, in which case Cyberion will refund the User for the remaining pro-rata period. The Cyber risk protection package contract is then tacitly renewed on the anniversary date for the same duration.
If the insurance contract is terminated in accordance with the terms and conditions set out in the general insurance conditions, the User has the option to maintain his/her access to cyber risk protection packages. The prices for these services will be shared at that point with the User by email.
Notwithstanding the closure of the User Portal and/or the termination of the insurance contract, Cyberion reserves the right to make claims against the User in accordance with these Terms of Services for any previous breach by the User or for any outstanding financial obligations the User may have.
Article 11. Cyberion Insurance
Cyberion guarantees that it has taken out the required mandatory insurance coverage.
Article 12. Disclosures
The User expressly acknowledges and agrees that:
Article 13. Sanctions for non-compliance
In the event of failure to comply with any of the provisions of these terms and conditions, or more generally, of infringement of the laws and regulations in force, by the User, Cyberion reserves the right to:
In the event that a User fails to fulfil an essential obligation arising from the present Terms of Services, in particular fraudulent or illicit use of the Services, Cyberion reserves the right to suspend or cancel access to all or part of the Services, excluding insurance services, at any time and without notice. This right may be exercised without prejudice to any damages that may be claimed from the User.
Deletion automatically results in the closure of the User Portal, except in the case of an insurance contract drawn up through the intermediary of Cyberion, without prejudice to any other consequences that may arise in application of these Terms of Services.
Article 14. Modifications
Cyberion reserves the right to change the Site and the Services at any time.
Cyberion reserves the right to change the terms, conditions and mentions of these Terms of Services at any time. They may also be supplemented by new contractual conditions, particularly in the event of technical, legal or jurisprudential developments or when new services and features are introduced.
It is hereby specified that the Terms of Services applicable to the User shall be those in force on the Site at the date of use of the Services by the latter. The User will be informed of these modifications as soon as he/she connects to the Application for the first time following the update of the said Terms of Services.
Any User who uses the Services after the entry into force of the modified Terms of Services is deemed to have accepted these modifications.
Article 16. Specific conditions of use of third-party platforms and tools
In addition to these Terms of Services, the User agrees to comply with the terms and conditions of the services of the platforms providing access to the Site as well as those of the third-party tools and services used by Cyberion. The general terms and conditions of the services of the above-mentioned platforms and third-party tools are available on their websites.
The use of these third-party platforms and tools by Users leads to the collection and processing of personal data for which Cyberion cannot be considered to be the data controller. The data controllers in this case are designated by the platforms and third-party tools concerned.
16.2 Third-party tools
Bastion offers an application for company managers, particularly small and medium-sized entreprises. They help identify, in a simple and automated way, all the vulnerabilities of a given company’s technological infrastructure. Their services are limited to the functions and purposes strictly necessary for the provision of the Services and, more specifically, the cyber security protection packages offered by Cyberion. The User who registers on Cyberion accepts the general terms and conditions of use that can be consulted here.
usecure provides phishing simulation and cyber training solution to help mitigate the human risk factor. The User who registers on Cyberion accepts the general terms and conditions of use that can be consulted here.
Article 17. Hypertext links
Cyberion specifies that the use of hypertext links may lead the User to other websites or applications, independent of the Site. Cyberion cannot be held responsible for hypertext links to other sites or applications from the Site.
Similarly, the insertion of hypertext links to all or part of the Site and/or the Application is authorised, on a non-exclusive basis and may be revoked at any time, without Cyberion having to provide any justification, and on condition that this link does not create a misleading, false, pejorative or prejudicial character with regard to the Site. Under this authorisation, Cyberion reserves the right to object.
Cyberion cannot be held responsible for any direct, indirect or incidental damage resulting from accessing or using information from third-party sites.
Article 18. Agreement on evidence
The User acknowledges and agrees to subscribe to these Terms of Services in electronic format and to receive all documentation relating to them in this same format, either by e-mail or on his User Portal. The User acknowledges that these Terms of Services, concluded electronically and established on a durable medium within the meaning of the regulations, have the same evidential value as a written document on paper.
By express agreement between the Parties, all electronic records – including, but not limited to, data transmitted by the User, connection data relating to actions carried out from the User Portal, data relating to the use of the Site and collected from the User Portal and emails – constitute proof of the actions and operations carried out by the User on the Site. The Parties agree that these electronic records are admissible in court and are proof of the data and facts contained therein.
In the event of disagreement, the electronic records produced by Cyberion will prevail over those produced by the User, unless the User demonstrates the lack of reliability or authenticity of the documents produced by Cyberion.
Article 19. Independence of clauses
If any part of these Terms of Services is found to be void, invalid or unenforceable for any reason, the term or terms in question shall be declared non-existent and the remaining terms shall retain their full force and effect and continue to be enforceable. The terms declared non-existent would then be replaced by the terms that most closely resemble the content and meaning of the cancelled clause.
Article 20. Customer relations and complaints handling
Cyberion’s customer service is available:
The service is available in English, French and German.
If the User is not satisfied following exchanges with Cyberion’s customer service, he/she may submit a complaint. The User must state the facts and provide the previous exchanges with customer service. Any complaint relating to the Services or to these Terms of Services must be addressed by the User to Cyberion, indicating “complaint” in the subject line, at the above-mentioned email address.
The customer service department undertakes to acknowledge receipt of any complaint submitted by the User within twenty-four (24) hours of its receipt.
Notwithstanding the above provisions, if the customer service department reasonably believes that it will not be able to give the User a response within twenty-four (24) hours, it will send a holding reply to the User clearly stating the additional time required to respond to the complaint and specifying the maximum date by which the User will receive a response to the complaint notified to Cyberion.
Article 21. Applicable law and jurisdiction
These Terms of Services and all matters relating thereto shall be governed by and construed in accordance with Swiss law exclusively.
Unless otherwise stipulated, any dispute relating to the interpretation, validity and/or performance of these Terms of Services, if not resolved amicably between the Parties, shall be subject to the exclusive jurisdiction of the courts attached to the Geneva Court, including for procedures aimed at obtaining emergency or protective measures, in summary proceedings or on petition.
Article 22. Final provisions
These Terms of Services shall remain in full force and effect regardless of any changes that may be made to the structure and legal personality of Cyberion, in particular in the event of a merger, takeover or split, whether or not a new legal entity is created.
Unless expressly provided otherwise, these Terms of Services express the entirety of the agreements between the Parties relating to the Services. It cancels and replaces all other verbal or written agreements, of any nature whatsoever, which may have been previously made between them and relating to the same subject.