Terms of Service

Effective Date: 8 October 2025

These terms of service (Terms) set out how out how we will provide the Penetration Testing Services that you have requested and your rights and responsibilities in receiving these services. In these Terms, "Pensure", "us" or "we" means Pensure Pty Ltd (ABN 87 688 512 334), and "you" or "Client" means the party engaging us to provide Penetration Testing Services.

In order to engage us, you must enter into a written proposal, statement of work or other agreement with us describing the details of the Penetration Testing Services to be provided (SOW).

1. The Services

1.1 Acceptance of terms

By accepting a SOW, you are accepting these Terms and entering into a legally binding agreement with us that consists of the SOW (and any addendums or annexures thereto) and these Terms (together the Agreement).

1.2 Role of a SOW

  1. A SOW will describe the particulates of the Penetration Testing Services to be provided. The parties may sign one or more SOWs in relation to this Agreement.
  2. A SOW will only take effect once it is signed by the Client or if both parties otherwise state in writing that they agree to the contents of the relevant SOW.
  3. If the parties wish to change the scope or nature of the Penetration Testing Services, then the parties may do so by signing either a new SOW or an amendment or addendum to the then-current SOW setting out the modified or updated Penetration Testing Services.
  4. If there is any conflict between a SOW and a prior SOW, then the terms of the most recent SOW will prevail to the extent of the conflict. If there is any conflict between the terms of this Agreement and a SOW, then the terms of this Agreement will prevail to the extent of the conflict, unless the SOW is expressly stated to override a particular term of this Agreement, then in which case the terms of the SOW will prevail over that particular term.

1.3 Delivery of the services

In relation to the provision of the Penetration Testing Services, Pensure will perform the Penetration Testing Services in a lawful, competent, timely and professional manner and with due care, skill and diligence.

2. Client Authorisations and Responsibilities

2.1 Your authorisations

  1. You must obtain all authorisations required from any third parties to enable us to conduct the Penetration Testing Services (and must provide us evidence of such authorisations on request).
  2. You acknowledge that we rely on the timeliness and accuracy of the information you have provided.
  3. You warrant to us that that the conduct of the Penetration Testing Services is legal where you are located and where your systems are located. You understand that we will actively attempt to breach security controls in order to obtain access to your systems and data and that such attempts would otherwise amount to criminal activity by us.
  4. You acknowledge that Penetration Testing Services are inherently risky and while we will take reasonable measures to perform the Penetration Testing Services, to the maximum extent permitted by law, we are not liable to you for losses or downtime that occurs as a result of the Penetration Testing Services.
  5. You warrant to us that you will review the impact and related risks of implementing any recommendation made by us in any report we provide to you. You are best placed to ascertain the applicability of security procedures and updates to your own environment and you remain responsible for the implementation of any recommendations and your overall system security.
  6. If you report any activities we undertake as part of the Penetration Testing Services to any external body (including law enforcement agencies), you must promptly confirm to that external body that we were acting in an authorised manner.
  7. You must indemnify us for all costs, losses or liability which may arise in connection with your breach of any obligation or warranty under this clause 2.1 or clause 2.3.

2.2 Assistance required

In order to enable us to provide the Penetration Testing Services:

  1. you will designate an appropriately skilled and qualified member of your Personnel to liaise with us on all matters relating to the Penetration Testing Services;
  2. you will provide all reasonable access to your Personnel and facilities to ensure we can properly provide the Penetration Testing Services;
  3. you will provide us with all information we reasonably request to enable us to properly provide the Penetration Testing Services, and you will ensure that all information provided is accurate and complete;
  4. you will provide us with access to your network, systems and premises on reasonable notice;
  5. if Penetration Testing Services are to be conducted in a test environment (as detailed in a SOW), ensure the test environment:
    • is available to us within the agreed timeframes;
    • mirrors your systems' live production environment;
    • is dedicated to us for the Penetration Testing Services, and is otherwise suitable for the Penetration Testing Services; and
    • is segregated from any live production environment or data in a way that avoids or minimises the potential for detrimental impact to such live production environments or data; and
  6. you must promptly notify us of any system outages, incidents, or changes affecting Penetration Testing Services;
  7. you must not, and must ensure that your Personnel do not, attempt to gain unauthorised access to accounts, computer systems or networks in connection with the Penetration Testing Services, through hacking, password mining or by any other means. You must not obtain or attempt to obtain any materials or information through any means not intentionally made available through the supply of the Penetration Testing Services; and
  8. after the Penetration Testing Services have been completed, restore or remove from your systems any data, files and user accounts created in connection with the Penetration Testing Services.

2.3 Risk and adverse impacts

  1. You understand the Penetration Testing Services will involve access to data and systems accessible via your systems and there is a risk that the Penetration Testing Services may result in:
    • damage, loss, modification or impairment of such data and systems (including in respect of reliability, security, performance and operation);
    • reduction in the availability of network services and functionality; and
    • impairment of electronic communications.
  2. You understand that the Penetration Testing Services:
    • may not identify all vulnerabilities within your systems;
    • are limited to an assessment of the current state of your environment; and
    • will not produce particular results or outcomes (including achieving any external accreditation or industry standard).
  3. You must make your own assessment of the information and any recommendations provided by us and must satisfy yourself as to its appropriateness for your specific requirements, prior to implementing any recommendation we provide.
  4. You must take measures to avoid or minimise the impact of the risks identified in this clause 2.3, including by ensuring that the data and systems accessible via your systems are backed up regularly and the back-ups are promptly restored (if required).
  5. If you reasonably believe that the Penetration Testing Services are materially adversely impacting any person, system or data, you must notify us as soon as possible and direct us to suspend the Penetration Testing Services is required to minimise the material adverse impact. We will liaise with you to agree the timeframe to resume Penetration Testing Services and any changes reasonably required to minimise the likelihood the material adverse impact will recur.

3. Fees and invoicing

  1. You agree to pay us the Fees specified in the SOW.
  2. We will provide you with an invoice for the Fees in accordance with the terms of the SOW.
  3. Unless otherwise specified in a SOW, the Fees (including any GST applicable to the supply) must be paid by you to us by the relevant due dates specified in the invoice (which must be no less than 14 days after the date of the invoice).
  4. Unless otherwise specified in a SOW, the payment terms applicable to the Fees are that 50% of the Fees are payable on execution of a SOW and the remaining 50% of the Fees will be payable on delivery of the final report setting out the results of the Penetration Testing Services.
  5. If GST is imposed on any Supply, as that term is defined in the A New Tax System (Goods and Services Tax) Act 1999 (Cth) ("GST Law"), other than a Supply that is GST free under subsection 38-190 of the GST Law, made by any party ("Supplier") to any other party ("Recipient") under or in connection with this Agreement, the consideration for that Supply is increased by an amount equal to the amount of that consideration multiplied by the rate at which GST is imposed in respect of that Supply. Supplier must provide to Recipient a GST tax invoice as required by the relevant legislation.
  6. If payment has not been made in accordance with an invoice, we may (at our absolute discretion);
    • suspend the delivery of the Penetration Testing Services until payment is made; and/or
    • charge interest at a rate equal to 2% per annum (calculated daily and compounding monthly) on such amounts unpaid after the due date for payment.

4. Data Handling and Retention

  1. You agree that we may use Personal Information that is made available to us as is reasonably required to provide the Penetration Testing Services to you. You warrant to us that you have taken all steps necessary to permit us to access and use such Personal Information required under this clause.
  2. Test data and evidence created in the course of providing the Penetration Testing Services will be stored securely.
  3. We will deliver reports to you setting out the results and recommendations arising from the Penetration Testing Services in electronic format (PDF).

5. Intellectual Property

5.1 Your material

  1. You will at all times be the owner of Intellectual Property Rights in Your Material. You grant us a royalty-free licence in the Intellectual Property Rights in Your Material to use Your Material for the purpose of performing our obligations under the Agreement.
  2. We acknowledge that the licence granted under clause 5.1 does not transfer to us any Intellectual Property Rights in any of Your Material.
  3. You indemnify us for any and all loss, damage, liability, costs or expenses incurred by us as a result of a claim that Your Material or its use by us in accordance with the terms of this Agreement infringes any Intellectual Property Rights, or any other rights, of a third party.

5.2 Ownership by Pensure

  1. We will at all times be the owner of Intellectual Property Rights in Our Material. We grant you a royalty-free licence in the Intellectual Property Rights in Our Material to the extent required to perform your obligations under this Agreement. You acknowledge that the licence granted under this clause does not transfer to you any Intellectual Property Rights in any of Our Material.
  2. Unless otherwise agreed, we own all Intellectual Property Rights in and to all Material arising out of the provision of the Penetration Testing Services you hereby assign to us absolutely any and all rights and interests (including all Intellectual Property Rights) which it has in respect of the foregoing, immediately upon creation (including part creation). You must execute all documents and do all acts and things (including procuring your Personnel to do the same) reasonably required by us for the purpose of giving effect to this clause.

6. Confidential Information

  1. We acknowledge that will be given access to or obtain Confidential Information in the course of providing the Penetration Testing Services and such Confidential Information is of considerable commercial value to you.
  2. We must (and must ensure that our Personnel), at all times whilst providing the Penetration Testing Services and thereafter:
    • not disclose Confidential Information to a third party, except in the proper course of providing the Penetration Testing Services and on a confidential basis;
    • not use Confidential Information for any other purpose other than for the Client's benefit; and
    • keep confidential, maintain proper and secure custody of and not use, disclose, publish or reproduce, in any form (including via verbal discussion), any Confidential Information except as authorised by you, reasonably required to provide the Penetration Testing Services on a confidential basis or required by law.

7. Limitation of liability

To the extent permitted by law and subject to your consumer rights under applicable law:

  1. save for the representations and warranties of Pensure expressly set out in this Agreement and without limiting the Pensure's obligations to deliver the Penetration Testing Services with due care, skill and diligence, the Client acknowledges that Pensure has made no warranties or guarantees of uninterrupted services or identification of all vulnerabilities;
  2. Pensure is not liable for any Loss arising from your computing environment (including all hardware, software, information technology and telecommunications services and systems) or faults, defects, errors or omissions in your computing environment or data;
  3. neither party is liable to the other in respect of any claim for Consequential Loss;
  4. neither party is liable to the other in respect of a Loss arising from or connected with a Force Majeure Event;
  5. a party may not claim the same Loss more than once in respect of a breach of this Agreement, a breach of warranty or under an indemnity;
  6. a party's liability for any Loss under this Agreement will be reduced proportionately to the extent the relevant liability was caused or contributed to by the acts or omissions of the other party (or any of its Personnel), including any failure by the other Party to mitigate its loss; and
  7. the maximum aggregate liability of each party under this Agreement will not exceed the aggregate amount of the Fees paid or payable by the Client under this Agreement.

8. Termination and Suspension

8.1 Term

  1. This Agreement begins on the date of entry into a SOW by the parties and will continue until this Agreement is terminated in accordance with this clause 8 (the Term).
  2. Each SOW will commence on its effective date and will terminate on the termination date as set out in the relevant SOW.

8.2 Mutual termination by notice

Either party may terminate this Agreement or a SOW by giving the other 7 days' written notice.

8.3 Termination by the Pensure

This Agreement or any SOW may be terminated at any time by the Pensure by giving written notice to the Client if:

  1. you have failed to pay any Fees payable under this Agreement within 10 Business Days of the applicable due date;
  2. you are in material breach of this Agreement and the breach is either not capable of rectification, or if capable of rectification, has not been rectified within 30 days of us providing written notice to you requiring the breach be remedied;
  3. you are insolvent, wound up or has an administrator, liquidator or receiver appointed over it or its assets; or
  4. the SOW provides any additional right for us to terminate the SOW or this Agreement.

8.4 Termination by the Client

This Agreement or any SOW may be terminated at any time by the Client by giving written notice to Pensure if:

  1. we are in material breach of this Agreement and the breach is either not capable of rectification, or if capable of rectification, has not been rectified within 30 days of you providing written notice to us requiring the breach be remedied;
  2. Pensure is insolvent, wound up or has an administrator, liquidator or receiver appointed over it or its assets; or
  3. the SOW provides any additional right for you to terminate the SOW or this Agreement.

8.5 Obligations on termination

On termination of this Agreement or a SOW:

  1. we will cease providing Penetration Testing Services under this Agreement or a SOW (as applicable);
  2. you must pay to us all Fees unpaid as at the date of termination which relate to the period prior to termination;
  3. any pre-paid Fees attributable to the period after the date of termination, including in respect of any Penetration Testing Services that have not been performed, must be promptly reimbursed to the Client; and
  4. nothing under this clause shall be construed to release either party from any breach of this Agreement that occurred prior to termination or expiry.

8.6 Survival

Clauses 4 (Intellectual Property), 6 (Confidential Information), 7 (Limitation of liability), 8.5 (Obligations on termination), 9 (General) and 10 (Definitions and interpretation) survive termination or expiry of this Agreement.

9. General

9.1 Notices

  1. A notice or other communication given under this Agreement must be in writing and addressed and delivered to the intended recipient by hand, prepaid post or email in accordance with the notice details last notified by the recipient to the parties.
  2. A party may change its notice details by written notice to the other Parties.

9.2 Dispute resolution

  1. If a party has a dispute, controversy or claim arising out of or relating to this Agreement (Dispute), then the party must attempt to resolve that Dispute in accordance with this clause 9.2.
  2. If a Dispute arises, either party may service a notice (Dispute Notice) on the other party setting out the nature of the Dispute. The parties must then use best commercial endeavours to meet within 7 days of the Dispute Notice being served, to attempt to resolve the Dispute.
  3. If the Dispute remains unresolved for more than 14 days following the Dispute Notice being served, then either party may require that the Dispute be submitted to mediation and the parties agree to cooperate in submitting the matter to a mediator.
  4. If the Dispute remains unresolved after following the process in this clause 9.2, either party may commence legal proceedings.

9.3 Severance

  1. If a provision of this Agreement is held to be void, invalid, illegal or unenforceable, that provision must be read down as narrowly as necessary to allow it to be valid or enforceable.
  2. If it is not possible to read down a provision (in whole or in part), that provision (or that part of that provision) is severed from this Agreement without affecting the validity or enforceability of the remainder of that provision or the other provisions in this Agreement.

9.4 Entire agreement

This Agreement, each SOW and any documents referred to or incorporated in any of them constitute the entire understanding between the parties, and supersedes all previous discussions, communications, negotiations, understandings, representations, warranties, commitments and agreements, in respect of their subject matter.

9.5 Amendment

  1. Pensure may vary this Agreement from time to time and will notify you when this occurs.
  2. If you object to any variation, you may terminate this Agreement in accordance with these Terms.

9.6 Assignment

This Agreement is personal to the parties and no party shall:

  1. assign any of its rights under this Agreement;
  2. transfer any of its obligations under this Agreement; or
  3. sub-contract or delegate any of its obligations under this Agreement, other than to its Personnel in the ordinary course of business,

and any purported assignment, transfer, sub-contracting or delegation in contravention of this clause shall be ineffective.

9.7 Governing law and jurisdiction

  1. This Agreement (and any dispute or claim relating to it or its subject matter (including non-contractual claims)) is governed by and is to be construed in accordance with the laws of New South Wales.
  2. The parties irrevocably agree that the courts of New South Wales shall have exclusive jurisdiction to settle any claim, dispute or issue (including non-contractual claims) which may arise out of or in connection with this Agreement.

9.8 Execution

These Terms may be executed by your execution of the SOW, either in hard copy or electronically. Execution of the SOW by you signifies your intention to be bound by these Terms.

9.9 Contact

For any questions about these Terms, please contact:

  • Email: daniel@pensure.ai
  • Phone: +61 422 076 659
  • Address: 30-03, 201 Elizabeth Street, Sydney NSW 2000

10. Definitions and Interpretation

10.1 Definitions

In this Agreement, unless the context otherwise requires:

Agreement is defined in clause 1.1.

Business Day means a day on which banks are ordinarily open for the transaction of normal banking business in Sydney, Australia (other than a Saturday or Sunday or public holiday).

Confidential Information means all confidential or sensitive information of any kind whatsoever of a party.

Consequential Loss means:

  1. any Loss not arising naturally according to the usual course of things from the breach or other act or omission giving rise to the relevant liability; and
  2. any loss of data, loss of production, use, business, profits, revenue, goodwill or damage to reputation.

Fees means the fees and charges of Pensure relating to the provision of the Penetration Testing Services, as specified in a SOW.

Force Majeure Event means any of the following: an act of God, adverse weather conditions, flood, fire, earthquake and other natural occurrences, war, terrorism, civil commotion and riots, strikes and industrial action or an act or omission of a government agency.

Intellectual Property Rights means all intellectual property rights which subsist in copyrights and related rights, trade marks and service marks, business and trade names, rights in logos and get-up and trade dress, goodwill and the right to sue for passing off or unfair competition, rights in inventions, rights to use and protect the confidentiality of confidential information (including trade secrets and Know How), registered designs, design rights, patents, utility models, semi-conductor topographies, all rights of whatsoever nature in computer software and data, all rights of privacy and all other intellectual property or other intangible rights and privileges, and rights of a nature similar or allied to any of the foregoing, in every case which subsists now or in the future in any part of the world and whether or not registered, and including all granted registrations and all applications for registration, and rights to apply for and be granted, renewals and extensions of, and rights to claim priority from, any such rights.

Material means all material in any form, including documents, reports, products, hardware, information, data, software, software tools and software development methodologies.

Our Material means Material:

  1. in which we own the Intellectual Property Rights; or
  2. in which we are licensed the Intellectual Property Rights by a third party (other than by you or your subcontractors).

Penetration Testing Services means the penetration testing and related security services to be provided by Pensure under this Agreement, as further described in a SOW.

Personal Information has the meaning given under the Privacy Act 1988 (Cth).

Personnel means, in respect of a party, any of its officers, employees, agents, independent agencies and consultants.

Your Material means Material:

  1. in which you own the Intellectual Property Rights; or
  2. in which you are licensed the Intellectual Property Rights by a third party (other than us or our subcontractors).

10.2 Interpretation

In this Agreement, unless context indicates a contrary intention:

  1. (headings) clause headings are inserted for convenience only and do not affect interpretation of this Agreement;
  2. (party) a reference to a party to a document includes that party's personal representatives, executors, administrators, successors, substitutes (including persons taking by novation) and permitted assigns;
  3. (person) a reference to a person includes an individual, corporation, partnership, trust, limited liability company, association or other entity;
  4. (including) including and includes (and any other similar expressions) are not words of limitation, and a list of examples is not limited to those items or to items of a similar kind;
  5. (corresponding meanings) a word that is derived from a defined word has a corresponding meaning;
  6. (statute) a reference to statutory provisions or enactments shall include references to any amendment, modification, extension, consolidation, replacement or re-enactment of any such provision or enactment (whether before or after the date of this Agreement), instrument or order or other subordinate legislation made under such provision or enactment;
  7. (time and date) a reference to the time of day or date shall, unless otherwise specifically stated, be construed as references to the time or date prevailing in New South Wales, Australia; and
  8. (writing) a reference to a notice, consent, request, approval or other communication under this Agreement or an agreement between the parties means a written notice, request, consent, approval or agreement.