Legal

Terms of Service

These Terms of Service describe the rules for using TurtleScan's website, contact forms, and cloud security reporting services.

Last updatedJune 4, 2026

1. Acceptance

By accessing the TurtleScan website, submitting a form, or using our services, you agree to these Terms of Service. If you use TurtleScan on behalf of an organization, you confirm that you are authorized to bind that organization.

If you have a separate signed agreement, order form, statement of work, or data processing agreement with TurtleScan, that document controls where it conflicts with these Terms.

2. Services

TurtleScan provides cloud security reporting, risk prioritization, compliance mapping, security posture review, and related advisory services. The exact scope, cadence, deliverables, access requirements, and fees are defined in the applicable plan, proposal, statement of work, or written confirmation.

3. Accounts And Authorized Access

You are responsible for making sure all account information, contact information, cloud access details, and authorization materials you provide are accurate and current.

You must only provide access to systems and data that you are authorized to submit for review. TurtleScan may refuse or stop work if we reasonably believe an access request is unauthorized, unsafe, illegal, or outside the agreed scope.

4. Customer Responsibilities

  • Maintain control over your cloud accounts, credentials, identity providers, and production systems.
  • Provide read-only or agreed access scopes needed for the service.
  • Review reports and decide whether, when, and how to implement remediation steps.
  • Back up critical systems and follow your own change management process before making changes.
  • Comply with laws, internal policies, third-party terms, and customer obligations that apply to your environment.

5. Reports And Remediation

TurtleScan reports are designed to help identify and prioritize security risks. Reports may include findings, context, scoring, remediation guidance, and compliance mapping based on information available at the time of review.

Security findings are not guarantees that every vulnerability, misconfiguration, attack path, or compliance gap has been found. Unless agreed in writing, TurtleScan does not perform remediation work directly and is not responsible for changes made by your team or third parties.

6. Fees, Payment, And Taxes

Fees, payment timing, renewal terms, and taxes are defined in the relevant plan, invoice, order form, or written agreement. Fees are non-refundable unless stated otherwise in a written agreement or required by law.

7. Confidentiality

Each party may receive confidential information from the other. The receiving party must use reasonable care to protect confidential information and may use it only for the purpose of performing or receiving the services, unless disclosure is authorized or legally required.

8. Privacy And Data Protection

Our handling of personal data is described in the Privacy Policy. For customer environments, additional data protection terms may be included in a data processing agreement, security addendum, or statement of work.

9. Acceptable Use

  • Do not use TurtleScan services for unlawful, harmful, deceptive, or unauthorized activity.
  • Do not submit systems for review unless you have permission to authorize testing or analysis.
  • Do not attempt to reverse engineer, disrupt, overload, scrape, or bypass protections on the website or services.
  • Do not upload malware, secrets, credentials, sensitive data, or regulated data unless it is required for an agreed service and approved handling controls are in place.

10. Third-Party Services

TurtleScan may interoperate with cloud providers, communication tools, analytics systems, payment providers, and other third-party services. Your use of third-party services remains subject to those providers' own terms and policies.

11. Intellectual Property

TurtleScan retains ownership of its website, tools, software, methods, templates, know-how, trademarks, and service materials. You retain ownership of your data and systems. Subject to payment and any written agreement, you may use final reports internally for security, audit, compliance, and remediation purposes.

12. Disclaimers

Services are provided using commercially reasonable skill and care. Except as expressly stated in a written agreement, TurtleScan does not promise uninterrupted availability, complete detection of every issue, guaranteed compliance certification, or prevention of all security incidents.

13. Limitation Of Liability

To the maximum extent permitted by law, TurtleScan will not be liable for indirect, incidental, special, consequential, exemplary, or punitive damages, or for loss of profits, revenue, goodwill, data, or business interruption. Any liability cap or exclusion in a signed agreement will control where applicable.

14. Suspension And Termination

We may suspend or terminate access to the website or services if you breach these Terms, fail to pay fees when due, create security or legal risk, or use the services outside the agreed scope. You may stop using the website at any time, and service termination rights are governed by the applicable written agreement.

15. Changes To These Terms

We may update these Terms from time to time. The updated version will be posted on this page with a new last updated date. Continued use of the website or services after updates means you accept the updated Terms, unless a separate agreement states otherwise.

16. Contact

For questions about these Terms, contact TurtleScan at dr.turtle@turtlescan.id.

Dr. Turtle
TurtleScan Assistant

Meet Dr. Turtle, AI Assistant

I'm here to help you understand cloud security, answer questions about our service packages, Indonesian regulatory compliance, and help you choose the best solution for your business needs. What are you looking for today?