Terms of Use
Effective Date: 1 May 2026 Last Updated: 27 March 2026 Version: 2.0
1. Introduction and Acceptance of Terms
These Terms of Use (“Terms”) constitute a legally binding agreement between you (the “User,” “you,” or “your”) and Micro SaaS Solutions Pty Ltd (ABN [to be inserted]) trading as CyberSmart360 (“CyberSmart360,” “we,” “us,” or “our”), governing your access to and use of the CyberSmart360 platform, including our website at cybersmart360.com and our web application (collectively, the “Service” or “Platform”).
1.1 Agreement to Terms
By accessing, registering for, or using the Service, you acknowledge that you have read, understood, and agree to be bound by these Terms and our Privacy Policy. If you do not agree to these Terms, you must not access or use the Service.
1.2 Amendments to Terms
We reserve the right to modify these Terms at any time. We will notify you of material changes via email to your registered email address or through prominent notice on the Platform at least 30 days before the effective date. Your continued use of the Service after the effective date constitutes your acceptance of such changes. If you do not agree with the changes, you may cancel your subscription before they take effect.
1.3 Governing Law and Jurisdiction
These Terms are governed by the laws of Queensland, Australia and the Commonwealth of Australia. You irrevocably submit to the non-exclusive jurisdiction of the courts of Queensland and the Federal Court of Australia.
2. Eligibility and Account Registration
2.1 Eligibility Requirements
You must be at least 18 years of age and have the legal capacity to enter into binding contracts under applicable law. By registering for the Service, you represent and warrant that you meet these eligibility requirements.
2.2 Business Use
The Service is designed for business and organisational use. If you are registering on behalf of an organisation, you represent and warrant that you have the authority to bind that organisation to these Terms.
2.3 Account Registration
To access the Service, you must create an account by providing accurate, current, and complete information including your name, a valid email address, a secure password, and your organisation details (name, ABN and/or ACN, business address, and industry).
2.4 Account Security
You are responsible for maintaining the confidentiality of your account credentials, all activities that occur under your account, and notifying us immediately of any unauthorised access or security breach. We recommend enabling multi-factor authentication (MFA) for all accounts.
We reserve the right to suspend or terminate accounts that show signs of unauthorised access or security compromise.
2.5 Account Accuracy
You must keep your account information current and accurate. Failure to maintain accurate information may result in service disruption or account suspension.
3. Subscription Plans and Fees
3.1 Subscription Options
CyberSmart360 offers the following subscription options:
Free Trial: 7-day free trial with full platform access. No credit card required. Limited to 1 user and 1 assessment.
Standard Plan (Monthly): AUD $49 per month. Includes 2 user accounts and unlimited assessments.
Standard Plan (Annual): AUD $470 per year (save approximately 20%). Includes 2 user accounts and unlimited assessments.
Additional Users: AUD $15 per month per additional user beyond the 2 included in the Standard plan. Each additional user gets full platform access with their own login and activity tracking.
Current pricing and features are available at cybersmart360.com/plans-pricing/.
3.2 Payment Terms
All fees are quoted in Australian Dollars (AUD). GST (10%) applies for Australian customers and is added at checkout. Payment is due in advance on a monthly or annual basis as selected during registration. We accept Visa, Mastercard, and American Express via Stripe. Payment processing is handled by Stripe, Inc., subject to Stripe’s terms of service.
3.3 Billing Cycles
Monthly subscriptions are billed on the same day each month. Annual subscriptions are billed once per year on the anniversary of your registration. If a payment fails, we will attempt to process it again. If payment remains unsuccessful after a reasonable grace period, your account may be suspended or deactivated. You are responsible for all charges incurred under your account.
3.4 Price Changes
We may modify subscription fees with at least 30 days’ notice. Price changes will take effect at the start of your next billing cycle. If you do not agree to a price increase, you may cancel your subscription before the new pricing takes effect.
3.5 Free Trials
The free 7-day trial provides full access to the Platform with no credit card required. The trial is limited to 1 user account and 1 assessment. You may upgrade to a paid Standard subscription at any time during or after the trial. If you do not subscribe, your account will enter view-only mode for 30 days, after which data is permanently deleted.
4. Refunds and Cancellation
4.1 Your Rights Under Australian Consumer Law
Important: Our services come with guarantees that cannot be excluded under the Australian Consumer Law (ACL). Nothing in these Terms excludes, restricts, or modifies any consumer guarantee, right, or remedy under the ACL that cannot be lawfully excluded.
For major failures with the Service, you are entitled to cancel your service contract and receive a refund, or retain the Service and be compensated for the reduced value.
For minor failures, you are entitled to have the problem rectified within a reasonable time. If we fail to do so, you may cancel and obtain a refund for the unused portion, or engage an alternative service provider and recover reasonable costs from us.
4.2 Cancellation
You may cancel your subscription at any time through your account dashboard or by contacting us via the Contact Us page. Monthly subscriptions remain active until the end of the current billing period. Annual subscriptions remain active until the end of the subscription year.
4.3 Money-Back Guarantee
We offer a 30-day money-back guarantee. If you are not satisfied with the Service within the first 30 days of your paid subscription, contact us via the Contact Us page for a full refund. This voluntary guarantee is in addition to your statutory rights under the ACL.
4.4 Refund Processing
Approved refunds are processed to the original payment method within 10 business days. Processing time may vary depending on your financial institution.
For full details, please see our Refund Policy at cybersmart360.com/refund-policy/.
5. Use of the Service
5.1 Licence Grant
Subject to your compliance with these Terms and payment of applicable fees, we grant you a limited, non-exclusive, non-transferable, revocable licence to access and use the Service for your internal business purposes, create and manage cybersecurity framework assessments, generate compliance reports and remediation plans, and use the evidence tracking features.
5.2 Acceptable Use
You agree to use the Service only for lawful purposes and in accordance with these Terms. You agree not to:
- Violate any applicable laws or regulations
- Infringe upon intellectual property rights of CyberSmart360 or third parties
- Upload or transmit malware, viruses, or malicious code
- Attempt to gain unauthorised access to the Service or related systems
- Interfere with or disrupt the integrity or performance of the Service
- Reverse engineer, decompile, or disassemble any part of the Service
- Share your account credentials with unauthorised users
- Use the Service to develop a competing product
- Sublicence, resell, or redistribute the Service without authorisation
- Exceed the user limits of your subscription tier
5.3 Compliance Requirements
You must comply with all applicable cybersecurity and data protection laws, maintain accurate information in your assessments, and respect the usage limits of your subscription tier.
6. User Content and Data
6.1 Your Content
You retain all rights to data, information, assessments, and content you submit to the Service (“User Content”). By submitting User Content, you grant CyberSmart360 a worldwide, non-exclusive, royalty-free licence to store, process, and transmit User Content to provide the Service, create backups for data protection purposes, and generate analytics in aggregated and anonymised form only.
6.2 Responsibility for User Content
You are solely responsible for the accuracy, quality, and legality of User Content, your right to submit User Content under applicable laws, and ensuring User Content does not violate third-party rights.
6.3 Evidence Tracking
The Platform provides reference-based evidence tracking. You record where your evidence is located (URLs, file paths, physical locations). We do not store your actual evidence files — your sensitive documents remain under your control at all times.
7. Data Protection and Privacy
7.1 Australian Privacy Act Compliance
We comply with the Privacy Act 1988 (Cth), the Australian Privacy Principles (APPs), and the Privacy and Other Legislation Amendment Act 2024 (Cth). Our collection, use, and disclosure of personal information is governed by our Privacy Policy at cybersmart360.com/privacy-policy/.
7.2 Data Storage
All customer assessment data is stored in DigitalOcean’s Sydney (SYD1) data centre in Australia. Assessment responses are processed via OpenAI’s API (United States) for AI-powered analysis. Payment data is processed by Stripe (United States). For details on international data transfers, please refer to our Privacy Policy.
7.3 Data Security
We implement security measures including TLS 1.3 encryption for data in transit, encrypted database storage, multi-factor authentication, Row-Level Security in PostgreSQL, OWASP secure coding practices, three-layer audit logging, and HMAC-SHA256 webhook authentication. For full details, see our Privacy Policy.
7.4 Data Breach Notification
In accordance with the Notifiable Data Breaches scheme under Part IIIC of the Privacy Act, we will notify you and the OAIC of eligible data breaches as required by law.
7.5 Data Retention and Deletion
Active account data is retained while your account is active. Upon account termination, User Content is available for export for 30 days. Personal information is deleted within 90 days except where legal retention applies (such as tax records retained for 7 years). Aggregated, anonymised data may be retained indefinitely.
To request data deletion, contact us via the Contact Us page. We will respond within 30 days.
8. Intellectual Property Rights
8.1 CyberSmart360 Intellectual Property
The Service and all content, features, and functionality (including software, user interfaces, text, graphics, logos, and design) are owned by Micro SaaS Solutions Pty Ltd or our licensors and are protected by Australian and international intellectual property laws.
8.2 Trademarks
“CyberSmart360” and our logo are trademarks of Micro SaaS Solutions Pty Ltd. You may not use these marks without our prior written permission except as necessary to describe your legitimate use of the Service.
8.3 Feedback
If you provide feedback, suggestions, or ideas about the Service (“Feedback”), you grant us an unlimited, irrevocable, perpetual, royalty-free licence to use, modify, and incorporate such Feedback into our products and services without compensation or attribution.
9. Third-Party Services
9.1 Payment Processing
Payments are processed by Stripe, Inc. Your use of Stripe is subject to Stripe’s terms and conditions and privacy policy. We do not store your credit card numbers.
9.2 AI Analysis
Assessment analysis is powered by OpenAI GPT-4. Your assessment responses are sent to OpenAI’s API for processing. We use OpenAI’s API in a configuration that does not permit OpenAI to use your data for training their models.
9.3 Third-Party Responsibility
We are not responsible for the availability, accuracy, or functionality of third-party services, data practices of third-party service providers, or disputes between you and third-party service providers.
10. Service Availability and Modifications
10.1 Service Availability
We strive to provide reliable service but do not guarantee uninterrupted or error-free operation. The Service may be temporarily unavailable due to scheduled maintenance (with advance notice), emergency maintenance for security or stability, third-party service disruptions, or events beyond our reasonable control.
10.2 Service Modifications
We reserve the right to modify, update, or discontinue features of the Service and to change system requirements. We will provide reasonable notice of material changes that adversely affect your use of the Service.
11. Warranties and Disclaimers
11.1 Australian Consumer Law Guarantees
For Australian Customers: Our services come with guarantees that cannot be excluded under the Australian Consumer Law (ACL). For major failures with the Service, you are entitled to cancel your service contract and receive a refund, or retain the Service and be compensated for the reduced value. You are also entitled to have minor failures rectified within a reasonable time.
Nothing in these Terms excludes, restricts, or modifies any consumer guarantees, rights, or remedies under the ACL that cannot be lawfully excluded.
11.2 Service Warranties
Subject to the ACL, we warrant that the Service will perform substantially in accordance with our published documentation, we will provide the Service with reasonable care and skill, and we maintain appropriate security measures to protect your data.
11.3 Compliance Disclaimer
Important: CyberSmart360 provides tools and guidance for cybersecurity framework assessments. However, we do not provide legal, compliance, or cybersecurity consulting advice. Use of the Service does not guarantee compliance with any framework or regulation. You are solely responsible for achieving and maintaining actual compliance. Assessment results and recommendations are AI-generated guidance and should be reviewed by qualified professionals where appropriate. You should consult with legal and cybersecurity professionals regarding your specific compliance obligations.
12. Limitation of Liability
12.1 Australian Consumer Law
For Australian Customers: Nothing in this section limits or excludes liability that cannot be limited or excluded under the Australian Consumer Law or other applicable consumer protection legislation. Where the ACL applies and we breach a consumer guarantee, our liability is limited to the extent permitted by the ACL.
12.2 General Limitation
To the maximum extent permitted by law (subject to the ACL), CyberSmart360 shall not be liable for indirect, incidental, special, consequential, or exemplary damages, loss of profits, revenue, data, or business opportunities, service interruptions or delays, or your reliance on content provided through the Service.
Our total aggregate liability arising from or related to these Terms or the Service shall not exceed the amounts paid by you to CyberSmart360 in the 12 months preceding the claim.
12.3 Liability Allocation
These limitations reflect the allocation of risk between you and CyberSmart360 and are reflected in the pricing of the Service.
13. Indemnification
You agree to indemnify, defend, and hold harmless CyberSmart360, its officers, directors, and employees from and against any claims, liabilities, damages, losses, or expenses arising from your use or misuse of the Service, your User Content, your violation of these Terms, your violation of any rights of third parties, or your violation of any applicable laws.
14. Term and Termination
14.1 Term
These Terms commence when you first access the Service and continue until terminated.
14.2 Termination by You
You may cancel your subscription at any time through your account dashboard or by contacting us. Monthly subscriptions remain active until the end of the current billing period. Annual subscriptions remain active until the end of the subscription year. Refund rights are as described in Section 4 and our Refund Policy.
14.3 Termination by CyberSmart360
We may suspend or terminate your account if you breach these Terms, your account shows signs of fraudulent activity, you fail to pay fees when due after a reasonable grace period, or required by law. Where practicable, we will give you notice before termination and an opportunity to remedy any breach.
14.4 Effect of Termination
Upon termination, your licence to use the Service terminates. User Content is available for export for 30 days. All fees owed remain due and payable. Sections intended to survive termination (including User Content licences, Warranties, Limitation of Liability, Indemnification, and Dispute Resolution) remain in effect.
15. Dispute Resolution
15.1 Informal Resolution
Before initiating formal proceedings, you agree to first attempt to resolve disputes informally by contacting us via the Contact Us page. We will attempt to resolve disputes within 30 days.
15.2 External Complaints
If informal resolution fails, you may file a complaint with:
- Office of the Australian Information Commissioner (OAIC) for privacy matters: www.oaic.gov.au
- Australian Competition and Consumer Commission (ACCC) for consumer protection matters: www.accc.gov.au
- Your state or territory consumer protection agency (for Queensland: Office of Fair Trading at www.qld.gov.au/law/fair-trading)
15.3 Litigation
If other resolution methods fail, disputes will be resolved in the courts of Queensland and the Federal Court of Australia.
16. General Provisions
16.1 Entire Agreement
These Terms, together with our Privacy Policy and Refund Policy, constitute the entire agreement between you and CyberSmart360 regarding the Service.
16.2 Severability
If any provision is found invalid or unenforceable, that provision will be limited to the minimum extent necessary, and the remaining provisions remain in full force.
16.3 Waiver
Our failure to enforce any right or provision will not constitute a waiver. Any waiver must be in writing.
16.4 Assignment
You may not assign these Terms without our consent. We may assign these Terms in connection with a merger, acquisition, or sale of assets with notice to you.
16.5 Force Majeure
We will not be liable for delay or failure to perform resulting from causes outside our reasonable control, including natural disasters, war, pandemics, network infrastructure failures, or government actions.
16.6 Notices
We may provide notices via email to your registered address or through the Service interface. You may contact us via the Contact Us page at cybersmart360.com/contact-us/ or by post to:
Micro SaaS Solutions Pty Ltd trading as CyberSmart360 Queensland, Australia
17. Contact Information
Micro SaaS Solutions Pty Ltd trading as CyberSmart360 ABN: [To be inserted]
For questions about these Terms, contact us via the Contact Us page at cybersmart360.com/contact-us/.
Business Hours: Monday–Friday, 9 AM – 5 PM AEST
18. Acknowledgment
By clicking “I Accept,” creating an account, or using the Service, you acknowledge that you have read and understood these Terms, you agree to be bound by these Terms, you have the authority to enter into these Terms, and you understand your rights under Australian Consumer Law.
Important Notices:
Australian Consumer Law: Your rights under the Australian Consumer Law cannot be excluded. Nothing in these Terms limits your consumer guarantees or remedies under Australian law.
Not Professional Advice: The Service does not constitute legal, compliance, or cybersecurity advice. Consult appropriate professionals regarding your specific obligations.