B2B Terms of Service

Last updated: December 19, 2025

1. Introduction

These Business Terms of Service ("B2B Terms") govern the use of enterprise cybersecurity services provided by NEETOO Software LLC, operating under the trade name 42SAFE ("Provider", "we", "us"), to business clients ("Client", "you").

Provider Information:
NEETOO Software LLC
30 N Gould St, STE R, Sheridan, WY 82801, USA
Email: [email protected]

These B2B Terms supplement our general Terms of Service, Privacy Policy, and GDPR Compliance documentation. In case of conflict, these B2B Terms prevail for business relationships.

2. Enterprise Services

2.1 42SAFE PROTECT - Web Threat Defense

Proactive protection against web threats for your organization:

Fraudulent website blocking: DNS-level filtering before user access
Anti-phishing & anti-malware: Real-time threat detection
Ad tracker filtering: Block malicious tracking and privacy-invasive trackers
Zero configuration required: Seamless deployment across devices

2.2 42SAFE SURVEILLANCE - Dark Web Monitoring

24/7 monitoring for data breaches affecting your organization:

Automatic breach detection: Continuous scanning of breach databases
Compromised account identification: Detailed analysis of exposed credentials
Prioritized action plans: Risk-based remediation recommendations
Audit-ready reports: Detailed incident documentation for compliance purposes

2.3 42SAFE PENTEST - Attack Surface Intelligence

Continuous security assessment of your external infrastructure:

Attack surface scanning: Ports, services, DNS configuration analysis
Fraudulent domain monitoring: Detection of look-alike domains
Brand protection & cybersquatting: Trademark violation detection
WHOIS & public exposure mapping: Comprehensive digital footprint analysis

2.4 42SAFE SOUVERAIN - European Sovereignty

For clients requiring European data sovereignty:

100% European hosting: Data stored exclusively in the EU
Native GDPR compliance: Built-in data protection by design
Privacy by design: Data minimization and purpose limitation
No US CLOUD Act exposure: Data outside US jurisdiction

3. Service Agreement

3.1 Order Form

Each engagement is governed by an Order Form specifying:

Selected services and scope
Number of protected users/domains/assets
Contract duration and renewal terms
Pricing and payment schedule
Service Level Agreement (SLA) commitments

3.2 Proof of Concept (POC)

We offer a limited-scope POC period for enterprise clients to evaluate services before full deployment. POC terms are defined in a separate POC Agreement.

3.3 Demo & Security Audit Data

For companies requesting a security audit or demonstration without proceeding to a full contract:

Data collection: Limited to domain analysis, WHOIS lookups, subdomain discovery, and breach checks
Purpose: Exclusively for demonstrating our capabilities and providing a security assessment
No third-party sharing: Data collected during demos is never shared with third parties
Automatic deletion: All demo data is permanently deleted within 30 days of the audit completion if no contract is signed
Deletion confirmation: Upon request, we provide written confirmation of data deletion
No marketing use: Contact information is not used for marketing without explicit consent

3.4 Enterprise Agreement

Large deployments (100+ users) may require a Master Services Agreement (MSA) with customized terms, SLAs, and pricing.

4. Data Processing

4.1 Data Processing Agreement (DPA)

For GDPR compliance, we execute a Data Processing Agreement with each business client. The DPA defines:

Categories of personal data processed
Processing purposes and instructions
Security measures implemented
Sub-processor list and approval process
Data subject rights procedures
Breach notification commitments

4.2 Controller vs. Processor Roles

Depending on the service:

Client as Controller: For employee monitoring services, the Client determines purposes and means of processing. 42SAFE acts as Processor.
Joint Controllers: For breach intelligence services, we may act as joint controllers with defined responsibilities in the DPA.

4.3 Enhanced Data Access for B2B

Business clients with authorized security personnel (CISO, CTO, DPO, DSI) may receive enhanced breach data for incident response purposes, including:

Full breach records (with appropriate masking)
Password exposure indicators
Complete timeline and source attribution
Technical indicators of compromise (IOCs)

This enhanced access requires signed authorization from the Client's designated security officer.

5. Service Levels

5.1 Availability

Platform uptime: 99.9% monthly SLA
Monitoring services: 24/7/365 operation
Planned maintenance: Scheduled outside business hours with 72h notice

5.2 Support

Hours: 10am-9pm CET, every day
Response time: Maximum 12 hours
Contact: [email protected]

5.3 Incident Response

Critical alerts: Immediate notification to designated contacts
Breach notifications: Within 24h of confirmed breach detection
Quarterly reviews: Security posture reports and recommendations

5.4 SLA Credits

Service credits for SLA breaches are defined in the Order Form and typically range from 10-25% of monthly fees for significant availability failures.

6. Client Responsibilities

6.1 Designated Contacts

Client must designate:

Primary contact: For contract and billing matters
Technical contact: For deployment and integration
Security contact: For incident response and alerts

6.2 Employee Notification

Client is responsible for:

Informing employees about monitoring tools as required by local law
Obtaining necessary works council or employee representative approval
Maintaining appropriate privacy notices

6.3 Asset Inventory

Client shall provide and maintain an accurate inventory of:

Domains and subdomains to monitor
Email domains and address patterns
IP ranges for infrastructure scanning
Brand names and trademarks for protection

6.4 Authorization

Client warrants authorization to:

Monitor specified domains and assets
Receive security scans on owned infrastructure
Process employee data as described in services

7. Pricing & Payment

7.1 Pricing Model

Enterprise pricing is based on:

Number of protected users
Number of monitored domains/assets
Service tier (Standard/Premium/Enterprise)
Contract duration (annual or multi-year)

7.2 Payment Terms

Invoicing: Annual in advance or quarterly with approval
Payment: Net 30 days from invoice date
Currency: EUR or USD as specified in Order Form
Late payment: 1.5% monthly interest on overdue amounts

7.3 Price Adjustments

Prices may be adjusted at renewal with 90 days written notice. Annual increases are typically capped at the greater of 5% or published CPI inflation.

7.4 Taxes

Prices exclude applicable taxes (VAT, sales tax). Client is responsible for all taxes except those based on Provider's income.

8. Intellectual Property

8.1 Provider IP

Provider retains all rights to:

Platform software and technology
Threat intelligence databases and algorithms
Methodologies and processes
Reports, templates, and documentation

8.2 Client Data

Client retains all rights to data provided to the Platform. Provider acquires no ownership rights to Client data through service provision.

8.3 Aggregated Intelligence

Provider may use anonymized, aggregated data from all clients to improve services and threat intelligence. No Client-identifiable information is included.

8.4 License Grant

Client receives a non-exclusive, non-transferable license to use the services during the contract term. No source code or underlying technology is licensed.

9. Confidentiality

9.1 Confidential Information

Both parties agree to protect confidential information including:

Technical data and configurations
Security assessments and vulnerabilities
Pricing and commercial terms
Business strategies and plans

9.2 Exceptions

Confidentiality obligations do not apply to information that:

Is or becomes publicly available without breach
Was known before disclosure
Is independently developed
Is required by law to be disclosed

9.3 Duration

Confidentiality obligations survive contract termination for 3 years.

10. Limitation of Liability

10.1 Liability Cap

Provider's total liability under this agreement shall not exceed the total fees paid by Client in the 12 months preceding the claim.

10.2 Exclusions

Provider is not liable for:

Indirect, incidental, or consequential damages
Lost profits, data, or business opportunities
Third-party claims against Client
Failure to detect all security threats
Client's failure to act on provided intelligence

10.3 Exceptions

Liability limitations do not apply to:

Gross negligence or willful misconduct
Breach of confidentiality obligations
IP infringement claims
Death or personal injury

10.4 Insurance

Provider maintains professional liability insurance with coverage appropriate to the services provided.

11. Term & Termination

11.1 Contract Term

Initial term as specified in Order Form, typically 12 or 24 months. Auto-renewal for successive 12-month periods unless terminated.

11.2 Termination for Convenience

Either party may terminate with 90 days written notice before renewal date.

11.3 Termination for Cause

Either party may terminate immediately upon:

Material breach not cured within 30 days of notice
Insolvency or bankruptcy of the other party
Failure to pay invoices within 60 days of due date

11.4 Effect of Termination

Upon termination:

Client access to services is disabled
Client data is exported upon request (within 30 days)
Client data is deleted within 90 days unless legally required
Outstanding invoices become immediately due

11.5 No Refunds

Prepaid fees are non-refundable except for Provider's material breach.

12. Compliance & Certifications

12.1 Security Standards

Provider maintains:

GDPR compliance documentation and processes
Regular security assessments and penetration testing
Documented security policies and procedures
Encryption standards (AES-256 at rest, TLS 1.3 in transit)

12.2 Audit Rights

Client may request:

Annual security questionnaire completion
Third-party audit reports
On-site audit with 30 days notice (at Client's expense)

12.3 Regulatory Cooperation

Provider will cooperate with Client's regulatory requirements including:

Providing documentation for audits
Supporting due diligence processes
Assisting with data protection authority inquiries

13. Governing Law & Disputes

13.1 Governing Law

These B2B Terms are governed by the laws of the State of Wyoming, USA, without regard to conflict of law principles.

For EU-based clients, applicable mandatory EU consumer protection and data protection laws are preserved.

13.2 Dispute Resolution

Disputes shall be resolved as follows:

Negotiation: Good faith discussions between executives for 30 days
Mediation: If negotiation fails, non-binding mediation
Arbitration: Binding arbitration under ICC Rules (for contracts >€100k)
Litigation: Courts of Sheridan County, Wyoming (for smaller disputes)

13.3 Injunctive Relief

Nothing prevents either party from seeking injunctive relief for IP or confidentiality breaches in any court of competent jurisdiction.

14. General Provisions

14.1 Entire Agreement

These B2B Terms, together with the Order Form and DPA, constitute the entire agreement. Prior discussions and proposals are superseded.

14.2 Amendment

Amendments require written agreement signed by authorized representatives.

14.3 Assignment

Neither party may assign without consent, except to an affiliate or in connection with a merger/acquisition (with notice).

14.4 Severability

Invalid provisions are modified to the minimum extent necessary. Remaining provisions continue in full force.

14.5 Notices

Legal notices must be in writing to addresses in the Order Form. Email is acceptable for operational communications.

14.6 Force Majeure

Neither party is liable for delays due to circumstances beyond reasonable control. Affected party must notify and mitigate impact.

15. Contact Us

For B2B inquiries:

Enterprise Sales: [email protected]
Support: [email protected]
GDPR/Privacy: [email protected]
Mail: NEETOO Software LLC, 30 N Gould St, STE R, Sheridan, WY 82801, USA

Questions or Concerns?

For any questions about this document, please contact us:

[email protected][email protected][email protected]