Menu

Menu

Terms & Conditions

Effective Date: March 1, 2026

Last Updated: March 17, 2026

DRisk is a product of Digital400 (Private) Limited

For enquiries: info@driskglobal.com

Please read these Terms and Conditions (the "Agreement") carefully before accessing or using the DRisk platform or any related services. These Terms and Conditions constitute a legally binding agreement between you and Digital400 (Private) Limited, the operator of DRisk ("DRisk", "we", "us", or "our").

By creating an account, starting a free trial, subscribing to any DRisk plan, or otherwise accessing or using the DRisk platform or website at  (http://driskglobal.com (the "Website"), you ("Customer", "you", or "your") agree to be bound by this Agreement. If you are accessing or using DRisk on behalf of a company, organization, or other legal entity, you represent and warrant that you have the authority to bind that entity to this Agreement, and references to "you" or "Customer" shall refer to that entity.

If you do not agree to these Terms and Conditions, you must not access or use the DRisk platform or Website.

Definitions

In this Agreement: "Services" means the DRisk platform, software, features and related services provided by DRisk under a subscription. "Authorized Users" means individuals permitted by the Customer to access the Services. "Customer Data" means all data, content and information submitted by Customer or its Authorized Users to the platform. "Order Form" means any written or online subscription order referencing this Agreement. "Subscription Term" means the period covered by a paid subscription as set out in an Order Form.

1.     The Services

1.1 Provision of Services

Subject to the terms and conditions of this Agreement and payment of applicable fees, DRisk will make the Services available to Customer during the Subscription Term. DRisk will use commercially reasonable efforts to make the Services available twenty four (24) hours a day, seven (7) days a week, except for planned maintenance windows and events outside DRisk's reasonable control.

1.2 Service Availability

Digital400 (Private) Limited provides a commitment to the reliability of the DRisk platform to ensure your compliance operations remain uninterrupted.

  • Availability Target: DRisk targets 99% monthly platform availability (the "Uptime Commitment").

  • Exclusions from Uptime Calculation: Downtime does not include unavailability resulting from:

    • Maintenance: Scheduled or emergency maintenance, for which DRisk will provide reasonable advance notice where possible.

    • Misuse: Customer's failure to use the Services in accordance with the Subscription Agreement or official DRisk documentation.

    • External Factors: Events beyond DRisk’s reasonable control, including internet outages, third party cloud provider failures (e.g., AWS regional outages), or force majeure events.

    • Customer Actions: Any acts or omissions taken by the Customer or its Authorized Users that cause instability or service disruption.

  • Availability Target: DRisk targets 99% monthly platform availability (the "Uptime Commitment").

  • Exclusions from Uptime Calculation: Downtime does not include unavailability resulting from:

    • Maintenance: Scheduled or emergency maintenance, for which DRisk will provide reasonable advance notice where possible.

    • Misuse: Customer's failure to use the Services in accordance with the Subscription Agreement or official DRisk documentation.

    • External Factors: Events beyond DRisk’s reasonable control, including internet outages, third party cloud provider failures (e.g., AWS regional outages), or force majeure events.

    • Customer Actions: Any acts or omissions taken by the Customer or its Authorized Users that cause instability or service disruption.

 1.3 Remedies of Service Failure

If DRisk fails to meet the 99% Uptime Commitment in any given calendar month, the following remedies apply:

  • Service Credits: Customers may be eligible to receive credit toward future subscription fees. The specific percentage of the credit relative to the monthly subscription cost is defined in our Subscription Agreement [Link: Subscription Agreement].

  • Requesting Credit: To receive a credit, the Customer must submit a written request to support@driskglobal.com within thirty (30) days of the end of the month in which the Uptime Commitment was not met.

  • Sole Remedy: Service credits are the Customer’s sole and exclusive remedy for any performance or availability issues for the DRisk platform.

  • Service Credits: Customers may be eligible to receive credit toward future subscription fees. The specific percentage of the credit relative to the monthly subscription cost is defined in our Subscription Agreement [Link: Subscription Agreement].

  • Requesting Credit: To receive a credit, the Customer must submit a written request to support@driskglobal.com within thirty (30) days of the end of the month in which the Uptime Commitment was not met.

  • Sole Remedy: Service credits are the Customer’s sole and exclusive remedy for any performance or availability issues for the DRisk platform.

1.4 Authorized Users

Customers may designate Authorized Users and  grant them with access to the Services up to the number of Monthly Active Users permitted under the applicable subscription tier. Customer shall be responsible for all acts and omissions of its Authorized Users including use and misuse of the Services by its Authorized Users and shall ensure their compliance with this Agreement. Authorized Users  should strictly be prohibited from sharing login credentials or account access with any  third party. Customer should promptly notify DRisk upon becoming aware of any such unauthorized access or use of the Services .

1.5 Free Trial

DRisk may offer access to the Services on a free trial basis for a period of fourteen (14) days from the date of registration ("Trial Period"). The following terms apply to free trials:

  • Trial access is provided at no charge and is subject to this Agreement.

  • DRisk reserves the right, at its sole discretion, to modify, suspend, or terminate the trial at any time.

  • Customer Data submitted during the trial may be permanently deleted if Customer does not activate a paid subscription before the end of the Trial Period. DRisk will make reasonable efforts to allow Customer to export data before deletion.

  • Trial access is provided at no charge and is subject to this Agreement.

  • DRisk reserves the right, at its sole discretion, to modify, suspend, or terminate the trial at any time.

  • Customer Data submitted during the trial may be permanently deleted if Customer does not activate a paid subscription before the end of the Trial Period. DRisk will make reasonable efforts to allow Customer to export data before deletion.

TRIAL SERVICES ARE PROVIDED ON AN AS IS BASIS WITHOUT WARRANTY OF ANY KIND. DRISK SHALL HAVE NO LIABILITY OF ANY KIND WITH RESPECT TO TRIAL SERVICES TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW.

1.6 Support

DRisk will provide commercially reasonable support during the Subscription Term in accordance with the support tier included in Customer's plan. Starter plan customers receive email support. Growth plan customers receive priority support. Enterprise plan customers receive support with guaranteed response times as agreed in the applicable Order Form. Support does not include professional services, custom development or on site assistance unless otherwise explicitly agreed in writing.

1.7 Changes to the Services

DRisk reserves the right to modify, update or enhance the Services from time to time. DRisk will not materially decrease the core functionality of the Services during an active Subscription Term without providing reasonable prior notice. New features or modules may be introduced, which may be subject to an additional fee..

2.     Fees, Payment and Billing

2.1 Subscription Fees

Customers agree to pay the subscription fees set out in the applicable Order Form or as displayed during the online subscription process ("Fees"). All Fees are quoted and payable in United States Dollars unless otherwise agreed in the Order Form. Fees are non refundable except as expressly set out in Section 3 (Term and Termination) or as required by applicable law.

2.2 Payment Terms

DRisk will invoice the Customer for Fees at the start of each Subscription Term or renewal. Payment is due within thirty (30) days of the invoice date unless otherwise specified in the Order Form. DRisk accepts payment on a subscription basis as DRisk makes available from time to time.

 If Customer fails to pay any invoiced amount within thirty (30) days of the due date, DRisk may suspend Customer's access to the Services until all outstanding amounts are paid in full. Suspension for non payment does not relieve Customer of its obligation to pay fees for the remainder of the Subscription Term.

2.3 Taxes

All Fees are exclusive of applicable taxes, duties, levies and similar charges. Customer is responsible for paying all applicable taxes in connection with its purchase of the Services, excluding taxes assessed on DRisk's net income. Where DRisk is required by law to collect and remit applicable taxes, DRisk will include those amounts on the relevant invoice.

2.5 Disputed Invoices

If Customer disputes any portion of an invoice in good faith, Customer must notify DRisk in writing within fifteen (15) days of the invoice date specifying the basis for the dispute. The Parties will work in good faith to resolve the dispute. Customers must pay the undisputed portion of any invoice by the payment due date.

3.     Term and Termination

3.1 Subscription Term

This Agreement commences on the Effective Date and remains in effect for the duration of the Subscription Term specified in the applicable Order Form. Unless otherwise stated, subscriptions are annual and will automatically renew for successive one year terms at the then current pricing unless either Party provides written notice of non renewal at least thirty (30) days before the end of the current Subscription Term.

3.2 Termination for Cause

Either Party may terminate this Agreement for material breach upon providing written notice if the breaching Party fails to remedy the breach within thirty (30) days of receiving such notice. The following shall constitute material breach by Customer without a cure period:

  • Non payment of Fees outstanding for sixty (60) or more days after the due date.

  • Any use of the Services in violation of Section 5 (Acceptable Use and Prohibited Conduct).

  • Any unauthorized attempt to access, copy, reverse engineer or circumvent DRisk's platform or intellectual property rights.

  • Non payment of Fees outstanding for sixty (60) or more days after the due date.

  • Any use of the Services in violation of Section 5 (Acceptable Use and Prohibited Conduct).

  • Any unauthorized attempt to access, copy, reverse engineer or circumvent DRisk's platform or intellectual property rights.

3.3 Termination for Insolvency

Either Party may terminate this Agreement immediately upon written notice if the other Party becomes subject to insolvency proceedings, receivership, liquidation, voluntary administration, or makes a general assignment for the benefit of its creditors or is otherwise unable to meet its financial obligations.

3.4 Effect of Termination

Upon expiry or termination of this Agreement for any reason:

  • Customer's right to access and use the Services will cease immediately as of the termination date.

  • DRisk will make Customer Data available for export for a period of thirty (30) days following the termination date. After this period, DRisk may permanently delete Customer Data in accordance with its data retention and privacy policy and in compliance with applicable data protection laws and industry standard data security practices, unless retention is required by law.

  • Customer must pay all outstanding Fees accrued up to and including the termination date. Termination does not relieve Customer of payment obligations for the remainder of a prepaid Subscription Term.

  • Including but not limited to, the following sections shall survive termination: Section 2 (Fees and Payment), Section 4 (Intellectual Property), Section 6 (Confidentiality), Section 9 (Disclaimers), Section 10 (Limitation of Liability), Section 11 (Indemnification), and Section 14 (General).

  • Customer's right to access and use the Services will cease immediately as of the termination date.

  • DRisk will make Customer Data available for export for a period of thirty (30) days following the termination date. After this period, DRisk may permanently delete Customer Data in accordance with its data retention and privacy policy and in compliance with applicable data protection laws and industry standard data security practices, unless retention is required by law.

  • Customer must pay all outstanding Fees accrued up to and including the termination date. Termination does not relieve Customer of payment obligations for the remainder of a prepaid Subscription Term.

  • Including but not limited to, the following sections shall survive termination: Section 2 (Fees and Payment), Section 4 (Intellectual Property), Section 6 (Confidentiality), Section 9 (Disclaimers), Section 10 (Limitation of Liability), Section 11 (Indemnification), and Section 14 (General).

4.     Intellectual Property

4.1 DRisk's Intellectual Property

DRisk and its licensors retain all rights, title and interest, in and to the Services, the DRisk platform, and all related components including but not limited to underlying software, technology, algorithms, artificial intelligence models, features, functionality, documentation, trademarks, trade names,all other intellectual property rights associated with the Services ("DRisk IP") and any modifications thereto. Nothing in this Agreement transfers any ownership of DRisk IP to Customer.

4.2 License to Customer

Subject to the terms of this Agreement and payment of applicable Fees, DRisk grants Customer a limited, non exclusive, non transferable, non sublicensable license to access and use the Services solely for Customer's internal business purposes during the Subscription Term. This license does not permit Customer to:

  • ublicence, sell, resell, transfer, assign or otherwise make the Services available to any third party.

  • Copy, modify, adapt, translate, reverse engineer, decompile, disassemble or create derivative works of the Services or any component thereof.

  • Access the Services for the purpose of building a competing product or service.

  • Remove, alter, tamper or obscure any proprietary notices, trademarks, logos or labels on or within the Services.

  • ublicence, sell, resell, transfer, assign or otherwise make the Services available to any third party.

  • Copy, modify, adapt, translate, reverse engineer, decompile, disassemble or create derivative works of the Services or any component thereof.

  • Access the Services for the purpose of building a competing product or service.

  • Remove, alter, tamper or obscure any proprietary notices, trademarks, logos or labels on or within the Services.

4.3 Customer Data Ownership

As between the Parties, Customer retains all right, title and interest in and to Customer Data. Customer grants DRisk a limited, non exclusive license to process, store, transmit and use Customer Data solely for the purpose of providing, maintaining, and improving the Services in accordance with this Agreement and DRisk's Privacy Policy. DRisk will not access Customer Data except to provide the Services, comply with legal obligations, or as otherwise expressly permitted under this Agreement.

4.4 AI and Machine Learning

DRisk's platform uses artificial intelligence and machine learning to power features including risk scoring, document categorization, workflow automation and compliance monitoring. DRisk does not use Customer Data to train or improve its AI models beyond the scope of delivering the Services to that Customer. DRisk's AI processing of Customer Data is governed by the instructions provided by Customer through their use of the platform and the DRisk Data Processing Agreement.

4.5 Feedback

If Customer provides DRisk with suggestions, enhancement requests, recommendations or other feedback regarding the Services ("Feedback"), Customer grants DRisk a perpetual, irrevocable, royalty free, worldwide license to use, implement, incorporate and commercialize that Feedback in connection with the Services and DRisk's business, without obligation or compensation to Customer.

5.     Acceptable Use and Prohibited Conduct

5.1 Acceptable Use

Customer agrees to use the Services only for lawful purposes and in accordance with this Agreement, all applicable laws and regulations, and DRisk's documentation. Customer is responsible for ensuring that its Authorized Users comply with this Agreement. [Link: data retention policy].

5.2 Prohibited Conduct

Customer and its Authorized Users must not use the Services to:

  • Upload, transmit or store content that is unlawful, harmful, defamatory, fraudulent, obscene, or that infringes the intellectual property or other rights of any third party.

  • Introduce malware, viruses, Trojan horses, worms, or other malicious or disruptive code into the platform or any connected systems.

  • Attempt to gain unauthorized access to DRisk's systems, infrastructure, other customers' data, or any third party systems connected to the platform.

  • Use the Services in a manner that disrupts, degrades or impairs the availability or performance of the platform for other users.

  • Circumvent, disable or otherwise interfere with any security features of the platform.

  • Use automated means such as bots, scrapers or crawlers to access the Services in ways not permitted by this Agreement.

  • Use the Services to engage in any activity that violates applicable data protection, privacy, anti spam, or export control laws.

  • Misrepresent Customer's identity, affiliation, or authority when accessing or using the Services.

  • Upload, transmit or store content that is unlawful, harmful, defamatory, fraudulent, obscene, or that infringes the intellectual property or other rights of any third party.

  • Introduce malware, viruses, Trojan horses, worms, or other malicious or disruptive code into the platform or any connected systems.

  • Attempt to gain unauthorized access to DRisk's systems, infrastructure, other customers' data, or any third party systems connected to the platform.

  • Use the Services in a manner that disrupts, degrades or impairs the availability or performance of the platform for other users.

  • Circumvent, disable or otherwise interfere with any security features of the platform.

  • Use automated means such as bots, scrapers or crawlers to access the Services in ways not permitted by this Agreement.

  • Use the Services to engage in any activity that violates applicable data protection, privacy, anti spam, or export control laws.

  • Misrepresent Customer's identity, affiliation, or authority when accessing or using the Services.

5.3 Suspension for Violations

DRisk reserves the right to suspend Customer's access to the Services immediately and without prior notice if DRisk reasonably believes that Customer or any Authorized User is engaged in prohibited conduct that poses a material risk to the security, integrity or availability of the platform or harm to other customers or third parties. DRisk will notify Customer of the suspension and the reasons for it as soon as practicable unless legally prohibited from doing so.

6.     Confidentiality

6.1 Confidential Information

Each Party ("Disclosing Party") may disclose to the other Party ("Receiving Party") information that is designated as confidential or that reasonably should be understood to be confidential given the nature of the information and circumstances of disclosure ("Confidential Information"). DRisk's Confidential Information includes the Services, platform architecture, pricing, roadmap and non public technical information. Customer's Confidential Information includes Customer Data and non public business information.

6.2 Obligations

The Receiving Party agrees to:

  • Keep the Disclosing Party's Confidential Information strictly confidential.

  • Use Confidential Information only for the purposes of performing obligations or exercising rights under this Agreement.

  • Limit access to Confidential Information to those employees, contractors or Authorized Users who need to know it and who are bound by confidentiality obligations at least as protective as those in this Agreement.

  • Notify the Disclosing Party promptly upon becoming aware of any unauthorized disclosure of Confidential Information.

  • Keep the Disclosing Party's Confidential Information strictly confidential.

  • Use Confidential Information only for the purposes of performing obligations or exercising rights under this Agreement.

  • Limit access to Confidential Information to those employees, contractors or Authorized Users who need to know it and who are bound by confidentiality obligations at least as protective as those in this Agreement.

  • Notify the Disclosing Party promptly upon becoming aware of any unauthorized disclosure of Confidential Information.

6.3 Exceptions

Confidentiality obligations do not apply to information that: (a) is or becomes publicly available without breach of this Agreement; (b) was known to the Receiving Party before disclosure without restriction; (c) is independently developed by the Receiving Party without use of Confidential Information; or (d) is required to be disclosed by applicable law, regulation or court order, provided that the Receiving Party gives the Disclosing Party prompt written notice where permitted.

7.     Data Protection and Security

7.1 Privacy Policy

DRisk’s collection and use of personal data in connection with the Services and Website shall be governed by DRisk’s Privacy Policy, as may be updated from time to time and made available at the website. The Privacy Policy is hereby incorporated into and forms an integral part of this Agreement.

7.2 Data Processing Addendum

Where DRisk processes personal data on behalf of Customer as a data processor under applicable data protection law (including but not limited to GDPR, UK GDPR or other equivalent legislation), the Parties agree to execute DRisk's Data Processing Agreement ("DPA"), which forms part of this Agreement. Customers subject to GDPR may request the DPA at info@driskglobal.com.

7.3 Security Measures

DRisk will implement and maintain reasonable and appropriate administrative, technical and physical security measures designed to protect Customer Data against unauthorized access, disclosure, alteration and destruction. These measures include encryption in transit and rest, role based access controls, multi factor authentication, regular security assessments and an information security program aligned with internationally recognized standards such as ISO 27001 and SOC 2 principles.

7.4 Security Incidents

In the event of a confirmed personal data breach affecting Customer Data, DRisk shall

  • Notify Customer without undue delay and in accordance with applicable data protection law.

  • Provide reasonable cooperation to assist Customer in meeting its own breach notification obligations. Notice will be provided with the email address associated with Customer's account.

  • Take reasonable steps to investigate, mitigate, and remediate the effects of the breach.

  • Notify Customer without undue delay and in accordance with applicable data protection law.

  • Provide reasonable cooperation to assist Customer in meeting its own breach notification obligations. Notice will be provided with the email address associated with Customer's account.

  • Take reasonable steps to investigate, mitigate, and remediate the effects of the breach.

 7.5 The Sub processor Approach

DRisk engages third party entities ("Sub processors"). to perform specific data processing activities on behalf of our customers [Link: Sub processor List]

  • Prior Authorization: By entering into this Agreement, Customer provides a general written authorization for DRisk to engage Sub processors, provided that DRisk remains fully liable for the acts and omissions of its Sub processors as if they were its own.

  • Contractual Safeguards: DRisk shall enter into a written agreement with each Sub processor containing data protection obligations no less protective than those set out in this Agreement and the DRisk Data Processing Addendum (DPA).

  • Notification of Changes: DRisk maintains an up to date list of Sub processors on its Website. DRisk will notify Customer of any intended changes concerning the addition or replacement of Sub processors at least thirty (30) days in advance via email or platform notification.

  • Right to Object: Customer may object to a new Sub processor on reasonable grounds related to data protection within fifteen (15) days of notification. If the Parties cannot reach a resolution, Customer may terminate the affected portion of the Services as its sole remedy.

  • Prior Authorization: By entering into this Agreement, Customer provides a general written authorization for DRisk to engage Sub processors, provided that DRisk remains fully liable for the acts and omissions of its Sub processors as if they were its own.

  • Contractual Safeguards: DRisk shall enter into a written agreement with each Sub processor containing data protection obligations no less protective than those set out in this Agreement and the DRisk Data Processing Addendum (DPA).

  • Notification of Changes: DRisk maintains an up to date list of Sub processors on its Website. DRisk will notify Customer of any intended changes concerning the addition or replacement of Sub processors at least thirty (30) days in advance via email or platform notification.

  • Right to Object: Customer may object to a new Sub processor on reasonable grounds related to data protection within fifteen (15) days of notification. If the Parties cannot reach a resolution, Customer may terminate the affected portion of the Services as its sole remedy.

7.6 Customer Responsibilities

Customer is responsible for the security and appropriate use of its account credentials and for configuring the Services in a manner that meets Customer's own data protection and compliance obligations. Customer is also responsible for ensuring that its collection and use of data uploaded to the platform complies with applicable data protection laws.

7.7 Compliance with Applicable Law

Each Party shall comply with its respective obligations under applicable data protection and privacy laws, including but not limited to obligations relating to transparency, lawful processing, data subject rights, and cross border data transfers.

8.     Third Party Services and Integrations

8.1 Third Party Integrations

The DRisk platform supports integrations with third party services including Jira, Confluence, GitHub, Microsoft Azure Active Directory, Google Workspace, Slack, Microsoft Teams and Grafana ("Third Party Services").  Customer acknowledges and agrees that:

  • Access to and use of any Third Party Service is governed solely by the terms and conditions and privacy policies of the applicable third party.

  • DRisk does not control, endorse, or assume any responsibility or liability for any Third Party Services, including but not limited to their functionality, security, or data handling practices.

  • Access to and use of any Third Party Service is governed solely by the terms and conditions and privacy policies of the applicable third party.

  • DRisk does not control, endorse, or assume any responsibility or liability for any Third Party Services, including but not limited to their functionality, security, or data handling practices.

8.2 Third Party Availability

Customers acknowledge that:

  • The Services may depend on the continued availability and proper functioning of Third Party Services; and

  • Any unavailability, suspension, or degradation of Third Party Services may impact on the functionality of the Services.

  • The Services may depend on the continued availability and proper functioning of Third Party Services; and

  • Any unavailability, suspension, or degradation of Third Party Services may impact on the functionality of the Services.

Such impacts shall not constitute a breach of this Agreement by DRisk and shall not entitle Customer to any service credits, refunds, or other compensation, except where required by applicable law.

8.3 NeuroMesh Integration Layer

Access to DRisk's NeuroMesh Integration Layer is available to Growth and Enterprise tier customers only. The NeuroMesh layer governs the AI powered bi directional integration capabilities between DRisk and connected Third Party Services. Use of NeuroMesh is subject to this Agreement,any additional terms specified in the applicable Order Form and any applicable laws, including those relating to artificial intelligence, data protection, and automated decision making.

9.     Representations, Warranties and Disclaimers

9.1 Mutual Warranties

Each Party represents and warrants that:

  • They are duly organized, validly existing, and in good standing under the laws of its jurisdiction of incorporation.

  • They have the full right, power, and authority to enter into and perform its obligations under this Agreement.

  • This Agreement constitutes a valid and binding obligation enforceable against it in accordance with its terms; and

  • The execution, delivery, and performance of this Agreement do not and will not conflict with or violate any other agreement or legal obligation binding on such Party.

  • They are duly organized, validly existing, and in good standing under the laws of its jurisdiction of incorporation.

  • They have the full right, power, and authority to enter into and perform its obligations under this Agreement.

  • This Agreement constitutes a valid and binding obligation enforceable against it in accordance with its terms; and

  • The execution, delivery, and performance of this Agreement do not and will not conflict with or violate any other agreement or legal obligation binding on such Party.

 9.2 DRisk Service Warranty

DRisk warrants that during the Subscription Term: (a) the Services will perform materially in accordance with the applicable documentation; and (b) DRisk will implement commercially reasonable security measures to protect Customer Data as described in Section 7. As the sole remedy for any breach of this warranty, DRisk will make reasonable efforts to correct or re perform the non conforming Services. If DRisk cannot do so within a reasonable period, Customer may terminate the affected subscription and receive a pro rated refund of prepaid Fees for the unused portion of the Subscription Term.

9.3 Disclaimers

EXCEPT AS EXPRESSLY SET OUT IN SECTION 9.2, THE SERVICES ARE PROVIDED ON AN AS IS AND AS AVAILABLE BASIS. TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, DRISK DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON INFRINGEMENT, AND ANY WARRANTIES ARISING FROM COURSE OF DEALING OR USAGE OF TRADE.

DRISK DOES NOT WARRANT THAT THE SERVICES WILL BE UNINTERRUPTED, ERROR FREE, COMPLETELY SECURE, OR FREE OF HARMFUL COMPONENTS. DRISK DOES NOT WARRANT THAT THE SERVICES WILL MEET CUSTOMER'S SPECIFIC COMPLIANCE REQUIREMENTS OR THAT THEIR USE WILL RESULT IN ANY PARTICULAR CERTIFICATION OR REGULATORY OUTCOME. CUSTOMER IS SOLELY RESPONSIBLE FOR DETERMINING THE SUITABILITY OF THE SERVICES FOR ITS PURPOSES.

10.  Limitation of Liability

10.1  EXCLUSION OF CONSEQUENTIAL LOSS: TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, NEITHER PARTY SHALL BE LIABLE TO THE OTHER FOR ANY INDIRECT, INCIDENTAL, CONSEQUENTIAL, SPECIAL, EXEMPLARY OR PUNITIVE DAMAGES, INCLUDING LOSS OF PROFITS, LOSS OF DATA, LOSS OF BUSINESS, LOSS OF GOODWILL, LOSS OF REVENUE, OR COST OF SUBSTITUTE SERVICES, EVEN IF SUCH PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

10.2  CAP ON LIABILITY: SUBJECT TO SECTION 10.3, EACH PARTY'S TOTAL AGGREGATE LIABILITY TO THE OTHER ARISING OUT OF OR IN CONNECTION WITH THIS AGREEMENT, WHETHER IN CONTRACT, TORT (INCLUDING NEGLIGENCE), BREACH OF STATUTORY DUTY OR OTHERWISE, SHALL NOT EXCEED THE TOTAL FEES PAID OR PAYABLE BY CUSTOMER TO DRISK IN THE TWELVE (12) MONTHS IMMEDIATELY PRECEDING THE EVENT GIVING RISE TO THE CLAIM.

10.3 EXCEPTIONS: THE LIMITATIONS IN SECTIONS 10.1 AND 10.2 DO NOT APPLY TO: (A) DEATH OR PERSONAL INJURY CAUSED BY EITHER PARTY'S NEGLIGENCE; (B) FRAUD OR FRAUDULENT MISREPRESENTATION; (C) CUSTOMER'S OBLIGATION TO PAY FEES; (D) BREACHES OF CONFIDENTIALITY OBLIGATIONS; OR (E) ANY LIABILITY THAT CANNOT BE EXCLUDED OR LIMITED BY APPLICABLE LAW.

The Parties acknowledge that the limitations of liability set out in this Section reflect a reasonable allocation of risk and form an essential basis of the bargain between the Parties. Without these limitations, DRisk would not have entered into this Agreement.

11.  Indemnification

11.1 DRisk Indemnification

DRisk will defend Customer against any third party claim alleging that the Services, as provided by DRisk and used in accordance with this Agreement, infringe any patent, copyright, trademark or trade secret of a third party ("IP Claim"), and will indemnify Customer for damages finally awarded or settlements agreed in writing by DRisk in connection with such IP Claim. DRisk's obligations under this section do not apply where the IP Claim arises from: (a) Customer's modification of the Services; (b) use of the Services in combination with third party products not authorized by DRisk; (c) use of a version of the Services for which DRisk has provided a non infringing update; or (d) Customer Data.

11.2 Customer Indemnification

Customer will defend DRisk against any third party claim arising out of or relating to: (a) Customer Data, including any allegation that Customer Data infringes the rights of any third party or violates applicable law; (b) Customer's or its Authorized Users' misuse of the Services or breach of this Agreement; or (c) Customer's failure to obtain necessary rights, consents or permissions in connection with its use of the Services. Customer will indemnify DRisk for damages finally awarded or settlements agreed in writing by Customer in connection with such claims.

11.3 Indemnification Process

The indemnified Party must: (a) promptly notify the indemnifying Party in writing of the claim; (b) grant the indemnifying Party sole control of the defense and settlement of the claim; and (c) provide reasonable cooperation and assistance at the indemnifying Party's cost. The indemnified Party may participate in the defense at its own expense.

12.  Compliance and Export Control

12.1 Compliance with Laws

Each Party agrees to comply with all applicable laws and regulations in connection with its performance of this Agreement, including but not limited to laws relating to data protection and privacy, anti bribery and anti corruption and applicable trade and economic sanctions.  Each Party represents and warrants that:

  • It has not offered, given, requested, or accepted, and will not offer, give, request, or accept, any bribe, facilitation payment, kickback, or other improper or unlawful benefit in connection with this Agreement; and

  • It shall maintain adequate policies and procedures designed to ensure compliance with such laws.

  • It has not offered, given, requested, or accepted, and will not offer, give, request, or accept, any bribe, facilitation payment, kickback, or other improper or unlawful benefit in connection with this Agreement; and

  • It shall maintain adequate policies and procedures designed to ensure compliance with such laws.

12.2 Export Controls

Customer agrees to comply with all applicable export control and sanctions laws and regulations and any other relevant jurisdiction in connection with its use of the Services.  Customer represents and warrants that:

  • It is not located in, organized under the laws of ordinarily resident in any country or territory subject to comprehensive trade sanctions or embargoes. is not listed on any governmental restricted or denied party list; and

  • It will not access or use the Services in violation of any applicable export control or sanctions laws.

  • It is not located in, organized under the laws of ordinarily resident in any country or territory subject to comprehensive trade sanctions or embargoes. is not listed on any governmental restricted or denied party list; and

  • It will not access or use the Services in violation of any applicable export control or sanctions laws.

Customers shall not use the Services:

  • For the development, design, manufacture, or production of nuclear, chemical, or biological weapons, or missile technology; or

  • For any purpose prohibited under applicable export control laws or international sanctions regimes.

  • For the development, design, manufacture, or production of nuclear, chemical, or biological weapons, or missile technology; or

  • For any purpose prohibited under applicable export control laws or international sanctions regimes.

13.  Updates to this Agreement

DRisk may update these Terms and Conditions from time to time. For material changes that adversely affect Customer's rights or obligations, DRisk will provide at least thirty (30) days’ written notice before the changes take effect, either by email to the address associated with Customer's account or by posting a prominent notice on the DRisk Website or within the platform.

Customer's continued use of the Services after the effective date of any changes constitutes acceptance of the updated Terms and Conditions. If Customer does not agree with any changes, Customer may terminate this Agreement in accordance with Section 3 and request a pro rated refund of prepaid Fees for the unused portion of the Subscription Term from the effective date of the change.

14.  General

14.1 Governing Law

This Agreement is governed by and construed in accordance with the laws of Sri Lanka, without regard to its conflict of laws principles. For Customers located in the European Economic Area or the United Kingdom, nothing in this clause limits any mandatory consumer or business protection rights you may have under the laws of your jurisdiction.

14.2 Dispute Resolution

In the event of any dispute, controversy or claim arising out of or in connection with this Agreement, including its formation, interpretation, breach, or termination (a "Dispute"), the Parties shall follow the resolution process set forth below:

  • Good Faith Negotiation: The Parties shall first attempt to resolve the Dispute through informal, good faith negotiations. Either Party may initiate this by sending a written "Notice of Dispute." The Parties shall have thirty (30) days from the date of the Notice to reach a settlement.

  • Escalation to Mediation (Optional): If the Dispute is not resolved within the 30 day negotiation period, the Parties may, by mutual written agreement, refer the matter to non binding mediation before a single mediator under the rules of the Sri Lanka National Arbitration Centre (SLNAC) or another mutually agreed body.

  • Binding Arbitration: If the Dispute remains unresolved after the period set forth in Section 14.2(a) (and 14.2(b) if pursued), the Dispute shall be referred to and finally resolved by binding arbitration.

    • The arbitration shall be conducted in Colombo, Sri Lanka, in the English language.

    • The seat of arbitration shall be Sri Lanka.

    • The tribunal shall consist of a sole arbitrator appointed in accordance with the rules of the Sri Lanka National Arbitration Centre (SLNAC).

    • The arbitrator's award shall be final and binding, and judgment on the award may be entered in any court having jurisdiction.

  • Exception for Injunctive Relief: Notwithstanding the above, either Party may seek immediate injunctive or other equitable relief in the courts of Colombo, Sri Lanka, to prevent the actual or threatened infringement of intellectual property rights or breach of confidentiality obligations.

  • Good Faith Negotiation: The Parties shall first attempt to resolve the Dispute through informal, good faith negotiations. Either Party may initiate this by sending a written "Notice of Dispute." The Parties shall have thirty (30) days from the date of the Notice to reach a settlement.

  • Escalation to Mediation (Optional): If the Dispute is not resolved within the 30 day negotiation period, the Parties may, by mutual written agreement, refer the matter to non binding mediation before a single mediator under the rules of the Sri Lanka National Arbitration Centre (SLNAC) or another mutually agreed body.

  • Binding Arbitration: If the Dispute remains unresolved after the period set forth in Section 14.2(a) (and 14.2(b) if pursued), the Dispute shall be referred to and finally resolved by binding arbitration.

    • The arbitration shall be conducted in Colombo, Sri Lanka, in the English language.

    • The seat of arbitration shall be Sri Lanka.

    • The tribunal shall consist of a sole arbitrator appointed in accordance with the rules of the Sri Lanka National Arbitration Centre (SLNAC).

    • The arbitrator's award shall be final and binding, and judgment on the award may be entered in any court having jurisdiction.

  • Exception for Injunctive Relief: Notwithstanding the above, either Party may seek immediate injunctive or other equitable relief in the courts of Colombo, Sri Lanka, to prevent the actual or threatened infringement of intellectual property rights or breach of confidentiality obligations.

Nothing in this clause shall prevent either Party from seeking interim or injunctive relief in any court of competent jurisdiction.

14.3 Assignment

Neither Party may assign, transfer, or delegate this Agreement, in whole or in part, without the prior written consent of the other Party, such consent not to be unreasonably withheld or delayed.

Notwithstanding the foregoing, DRisk may assign this Agreement without consent:

  • To an affiliate; or

  • In connection with a merger, acquisition, corporate reorganization, or sale of all or substantially all of its assets,

  • To an affiliate; or

  • In connection with a merger, acquisition, corporate reorganization, or sale of all or substantially all of its assets,

provided that written notice is given to the Customer.

Any assignment in violation of this clause shall be null and void.

14.4 Entire Agreement

This Agreement, together with any applicable Order Forms, the Privacy Policy, and the Data Processing Addendum, constitutes the entire agreement between the Parties with respect to its subject matter and supersedes all prior or contemporaneous agreements, understandings and negotiations, whether written or oral. In the event of any inconsistency between this Agreement and an Order Form, the Order Form shall prevail to the extent of the inconsistency.

14.5 Severability

If any provision of this Agreement is found to be unenforceable or invalid under applicable law, that provision shall be modified to the minimum extent necessary to make it enforceable, and the remaining provisions of this Agreement shall continue in full force and effect.

14.6 Waiver

No failure or delay by either Party in exercising any right or remedy under this Agreement shall constitute a waiver of that right or remedy. A waiver of any breach of this Agreement shall not be construed as a waiver of any subsequent breach.

14.7 Force Majeure

Neither Party shall be liable for any delay or failure in performance resulting from circumstances beyond its reasonable control, including but not limited to acts of God, natural disasters, acts of government, pandemics, internet outages, third party infrastructure failures, or acts of war. The affected Party must promptly notify the other Party and use reasonable efforts to mitigate the effects and resume performance as soon as practicable.

14.8 Notices

All legal notices required or permitted under this Agreement must be in writing and sent to the contact details set out in the applicable Order Form or to info@driskglobal.com for notices to DRisk. Notices sent by email are effective on the date the recipient acknowledges receipt.

14.9 Relationship of the Parties

The Parties are independent contractors. Nothing in this Agreement creates any partnership, joint venture, agency, franchise, employment or fiduciary relationship between the Parties. Neither Party has any right or authority to assume or create obligations on behalf of the other Party.

14.10 No Third Party Beneficiaries

This Agreement is for the sole benefit of the Parties and their respective permitted successors and assigns. Nothing in this Agreement creates any right or remedy in any third party.

15.  Contact

For questions, concerns or legal notices regarding these Terms and Conditions, please contact us:

Legal Contact

Email: support@driskglobal.com

Product: DRisk

Operator: Digital400 (Private) Limited For contract enquiries, Order Forms or DPA requests, please email info@driskglobal.com with the subject line relevant to your enquiry. We will respond within 10 business days.

Legal Notice

This document has been prepared for DRisk by Digital400 (Private) Limited as a working draft. It should be reviewed and approved by qualified legal counsel before publication to ensure it accurately reflects DRisk's specific business practices, applicable jurisdiction, and any regulatory requirements relevant to DRisk's customer base.