Terms of Service

1. Introduction & Acceptance of Terms

Welcome to StateCheck Security. These Terms of Service ("Terms") constitute a legally binding agreement between you ("User", "you", or "your") and StateCheck Security ("Company", "we", "our", or "us"), governing your access to and use of statechecksecurity.com and all associated content, services, resources, and communications (collectively, the "Website").

StateCheck Security is a cybersecurity and data privacy consultancy specialising in compliance with India's Digital Personal Data Protection Act, 2023 (DPDPA), and other international privacy and security frameworks. Our website serves as an informational, educational, and service-enquiry platform.

If you do not agree with any part of these Terms, you must immediately cease using this Website.

We reserve the right to update these Terms at any time. Continued use of the Website after any update constitutes your acceptance of the revised Terms. Material changes will be communicated at least 7 days in advance via a website banner and email to subscribers. See Section 14 for the full change policy.

2. Definitions

3. Website Access & Acceptable Use

3.1 Licence to Access

Subject to your compliance with these Terms, StateCheck Security grants you a limited, non-exclusive, non-transferable, revocable licence to access and use the Website for the following permitted purposes:

• Professional research into cybersecurity and data privacy compliance topics.
• Evaluating StateCheck Security's services for potential engagement.
• Reading, referencing, and downloading Content for internal educational and compliance purposes.
• Submitting enquiries, subscribing to newsletters, and downloading Gated Resources.

This licence does not include any right to sublicense, resell, commercially exploit, or create derivative works from the Website or its Content, except as expressly permitted in Section 5 (Gated Resources).

3.2 Prohibited Conduct

You agree not to engage in any of the following conduct, each of which constitutes a material breach of these Terms and may result in immediate termination of your access and legal action:

3.3 Account Security

The Website does not currently require user account registration. However, if account functionality is introduced in the future, you will be responsible for maintaining the confidentiality of your credentials and for all activities that occur under your account. Notify us immediately at legal@statechecksecurity.com if you suspect any unauthorised access.

3.4 Website Availability

We strive to maintain the Website's availability but do not guarantee uninterrupted or error-free access. The Website may be temporarily unavailable due to scheduled maintenance, infrastructure upgrades, or events beyond our control. We will endeavour to notify users of planned downtime via a website banner where reasonably practicable.

4. Intellectual Property Rights

4.1 Ownership

All Content on this Website — including but not limited to blog articles, DPDPA compliance guides, whitepapers, checklists, policy templates, infographics, logos, icons, and software code — is the exclusive intellectual property of StateCheck Security or its licensors, protected under:

• The Copyright Act, 1957 (India) and its amendments.
• The Trade Marks Act, 1999 (India).
• The Information Technology Act, 2000 (India).
• Applicable international intellectual property treaties to which India is a signatory.

Nothing in these Terms transfers ownership of any Intellectual Property to you. All rights not expressly granted are reserved.

4.2 Trademarks

The name "StateCheck Security," our logo, taglines, and any product or service names displayed on the Website are trademarks or registered trademarks of StateCheck Security. You may not use our trademarks:

• As part of your company name, product name, or domain name.
• In a way that suggests affiliation, endorsement, or partnership without written authorisation.
• In meta tags, search keywords, or advertising copy to divert traffic from our Website.
• In any modified or combined form without written consent.

4.3 Permitted Uses of Content

You may use our freely available Content (non-Gated Resources) for the following purposes without seeking separate permission, provided attribution is always given:

• Personal, non-commercial educational reference.
• Sharing links to our articles or resources on social media or internal communications.
• Quoting brief excerpts (up to 150 words per article) in academic, journalistic, or internal reports, with proper attribution to StateCheck Security and a link to the original source.

Any use beyond the above requires our prior written consent. Requests may be submitted to legal@statechecksecurity.com.

4.4 Copyright Infringement Notices

If you believe that Content on our Website infringes your intellectual property rights, please notify us in writing at legal@statechecksecurity.com with: (a) identification of the work claimed to be infringed; (b) identification of the infringing material and its location on our Website; (c) your contact details; and (d) a statement that you have a good-faith belief that the use is not authorised. We will investigate and respond within 15 business days.

5. Gated Resources — Licence Terms

5.1 What Are Gated Resources?

Gated Resources are downloadable materials produced by StateCheck Security that are made available in exchange for registration details (primarily your email address). These include, but are not limited to:

• DPDPA 2023 Compliance Checklists and Gap Analysis Templates
• Data Protection Impact Assessment (DPIA) Frameworks
• Privacy Policy and Notice Templates
• Consent Management Guides
• VAPT Preparation Checklists
• Cybersecurity Awareness Training Decks
• Whitepapers and Research Reports on Indian and Global Privacy Law

5.2 Licence Grant

Upon downloading a Gated Resource, StateCheck Security grants you a limited, non-exclusive, non-transferable, non-sublicensable, revocable licence to use that resource solely for the following purposes:

• Internal use within your own organisation for compliance, training, and reference.
• Adapting templates to your organisation's specific operational context, provided adaptations remain for internal use only.
• Referencing content in internal presentations, board reports, or audit documentation with attribution to StateCheck Security.

5.3 Restrictions

The following uses are strictly prohibited without prior written consent from StateCheck Security:

• Selling, sublicensing, or commercially distributing Gated Resources to any third party.
• Publishing or republishing Gated Resources in whole or in part on external websites, blogs, or publications.
• Distributing Gated Resources to multiple client organisations as part of a consulting engagement.
• Presenting Gated Resources as your own organisation's original work.
• Removing, modifying, or obscuring any copyright notice, attribution, or branding within the resource.
• Translating and distributing Gated Resources in other languages without a translation licence.

5.4 Single-Organisation Scope

Each Gated Resource is licensed for use within a single legal entity. Affiliated entities, subsidiaries, or group companies must each independently download and register for the resource, unless a multi-entity licence has been separately agreed in writing.

5.5 Attribution Requirement

When excerpts from or references to Gated Resources appear in external publications, presentations, reports, or academic papers, you must include the following attribution: "Source: StateCheck Security (statechecksecurity.com)". Hyperlinks to the original resource are encouraged where the medium permits.

5.6 No Professional Advice

All Gated Resources are provided for general educational and informational purposes only. They do not constitute legal, financial, technical, or professional compliance advice. The applicability of any template, checklist, or framework to your specific circumstances depends on your organisation's sector, size, data processing activities, and jurisdictional obligations. You must seek independent legal and compliance advice before implementing any programme based on our resources.

5.7 Licence Termination

This resource licence terminates automatically and immediately upon any breach of Section 5.3 (Restrictions). Upon termination, you must permanently delete all copies of the relevant resource from all systems, devices, and storage media within your control, and certify such deletion upon our request.

6. Professional Services — Scope & Disclaimers

6.1 Website Is Not a Service Agreement

Access to and use of this Website does not create any contractual obligation on the part of StateCheck Security to provide Professional Services, nor does it create a client-service, advisory, or attorney-client relationship of any kind.

6.2 Engagement Requirements

To engage StateCheck Security for any Professional Services — including DPDPA compliance gap analysis, privacy programme design, VAPT assessments, Data Protection Impact Assessments, staff training, or incident response — you must enter into a signed Engagement Agreement. The terms of any such engagement will be governed exclusively by that agreement and not by these Terms.

6.3 Confidentiality Before Engagement

You must not transmit any confidential, sensitive, proprietary, or personal data belonging to your organisation or your clients via this Website (contact forms, email, or otherwise) without first executing a Non-Disclosure Agreement (NDA) with StateCheck Security. StateCheck Security accepts no confidentiality obligations in respect of unsolicited information submitted before an NDA is in place.

To request an NDA template before sharing sensitive information, email legal@statechecksecurity.com.

6.4 Educational Content Is Not Specific Advice

Blog articles, newsletters, social media posts, and other Website Content reflect our general views and analysis of privacy law and cybersecurity best practices as at the date of publication. They are not tailored to your organisation's specific facts, risks, or regulatory obligations. We expressly disclaim any liability arising from reliance on general Content without obtaining independent professional advice specific to your circumstances.

7. Privacy & Data Protection

7.1 Privacy Policy

Your use of this Website is subject to our Privacy Policy, which is incorporated into these Terms by reference. The Privacy Policy explains what personal data we collect, the legal basis for processing, your rights as a Data Principal under the DPDPA 2023, and how to exercise them. Please read it carefully before using the Website.

7.2 Consent to Data Processing

By submitting a contact form, subscribing to our newsletter, or downloading a Gated Resource, you consent to StateCheck Security processing your personal data for the purpose described at the point of collection, in accordance with our Privacy Policy and the DPDPA 2023.

7.3 DPDPA Compliance Commitment

StateCheck Security processes all personal data in accordance with the Digital Personal Data Protection Act, 2023, and its implementing rules. This includes:

• Collecting only data that is necessary for the stated purpose (data minimisation).
• Maintaining timestamped consent records for all consent-based processing.
• Providing a one-click unsubscribe mechanism in every marketing communication.
• Responding to Data Principal rights requests within 7 days of identity verification.
• Notifying the Data Protection Board of India of reportable breaches within 72 hours.

7.4 Cookies

We use strictly necessary cookies only. We do not deploy third-party advertising or tracking cookies without your prior opt-in consent. Full details of our cookie use are set out in our Privacy Policy.

8. Third-Party Websites & External Links

8.1 Nature of External Links

The Website may contain hyperlinks to third-party websites for reference and informational purposes. These may include:

• Government portals: Ministry of Electronics & Information Technology (MeitY), Data Protection Board of India (dpb.gov.in), CERT-In (cert-in.org.in).
• Industry bodies: Data Security Council of India (DSCI), NASSCOM, IAPP.
• International regulatory authorities: European Data Protection Board (edpb.europa.eu), ICO (ico.org.uk).
• Technology partners, tool providers, and reference publications.

8.2 No Endorsement or Liability

The presence of a hyperlink does not constitute an endorsement, recommendation, or approval of the linked website or its content. StateCheck Security has no control over, and accepts no responsibility for, the content, privacy practices, accuracy, legality, or availability of any third-party website.

8.3 Linking to Our Website

You may link to our homepage or any publicly accessible page of our Website without prior permission, provided that:

• The link is not presented in a misleading, defamatory, or disparaging manner.
• The link does not imply endorsement, partnership, or affiliation by StateCheck Security.
• The link does not appear on a website that contains illegal, hateful, or adult content.

We reserve the right to require you to remove any link at any time by written notice.

9. Disclaimer of Warranties

To the maximum extent permitted by applicable Indian law, the Website, all Content, and all Gated Resources are provided on an "AS-IS" and "AS-AVAILABLE" basis, without any warranty of any kind, whether express, implied, statutory, or otherwise.

You acknowledge that cybersecurity and data privacy law is a rapidly evolving field, and that Content published on our Website may not reflect the most current regulatory developments, enforcement guidance, or judicial interpretation at the time you access it.

10. Limitation of Liability

10.1 Exclusion of Consequential Damages

To the fullest extent permitted by Indian law, StateCheck Security, its directors, officers, employees, contractors, affiliates, and licensors shall not be liable for any:

• Indirect, incidental, special, consequential, exemplary, or punitive damages.
• Loss of profits, revenue, business opportunities, goodwill, or anticipated savings.
• Loss of data, corruption of data, or costs of data recovery.
• Business interruption or reputational harm.
• Regulatory fines or penalties imposed on your organisation by any authority.
• Losses arising from your reliance on Website Content without independent professional advice.
• Losses arising from unauthorised access to or alteration of your data by third parties.

10.2 Liability Cap

These limitations reflect a reasonable allocation of risk between you and StateCheck Security. If you require greater protection, you should engage us under a formal Engagement Agreement, which may include negotiated indemnity and liability provisions appropriate to your risk profile.

10.3 Force Majeure

StateCheck Security shall not be liable for any failure or delay in performance of obligations under these Terms where such failure or delay is caused by a Force Majeure event, including: natural disasters, acts of government, war, terrorism, pandemic, cyberattacks by third parties, power failures, or internet infrastructure outages. We will use reasonable efforts to resume normal operations as quickly as practicable.

11. Indemnification

You agree to indemnify, defend, and hold harmless StateCheck Security and its directors, officers, employees, contractors, and licensors from and against any and all claims, demands, actions, liabilities, damages, losses, costs, and expenses (including reasonable legal fees and court costs) arising out of or relating to:

• Your violation of any provision of these Terms.
• Your infringement or misappropriation of any third-party intellectual property right.
• Your use of Gated Resources in a manner that breaches the licence terms in Section 5.
• Any fraudulent, negligent, or unlawful act or omission by you in connection with the Website.
• Any claim by a third party arising from Content you submit, share, or publish in connection with the Website.
• Your failure to comply with any applicable law, regulation, or regulatory requirement.

StateCheck Security reserves the right to assume exclusive control of the defence and settlement of any claim subject to indemnification. You agree to cooperate fully with our defence of such claims.

12. Termination & Suspension of Access

12.1 Termination by StateCheck Security

We reserve the right to suspend or permanently terminate your access to the Website, and to remove or disable access to any Content or Gated Resources, at our sole discretion and without notice or liability if:

• You breach any provision of these Terms (including the Acceptable Use Policy in Section 3.2).
• We reasonably believe your use of the Website poses a security risk to us or other users.
• We are required to do so by applicable law, court order, or regulatory directive.
• We discontinue or substantially modify the Website or any of its features.

12.2 Termination by You

You may stop using the Website at any time. To request deletion of any personal data we hold about you, exercise your Right to Erasure under the DPDPA by emailing privacy@statechecksecurity.com. To unsubscribe from all marketing communications, use the one-click unsubscribe link in any email we have sent you.

12.3 Effect of Termination

Upon termination of your access:

• All licences granted to you under these Terms (including resource licences under Section 5) immediately terminate.
• You must cease all use of Gated Resources and delete all copies from your systems, unless you have a surviving right under a separate written agreement.
• Provisions of these Terms that by their nature should survive termination — including Sections 4 (Intellectual Property), 9 (Disclaimers), 10 (Limitation of Liability), 11 (Indemnification), 13 (Dispute Resolution), and this Section 12.3 — shall continue in full force and effect.

13. Dispute Resolution & Governing Law

13.1 Governing Law

These Terms and any dispute or claim arising out of or in connection with them (including non-contractual disputes) shall be governed by and construed in accordance with the laws of India, without regard to its conflict of law principles.

13.2 Informal Resolution

Before initiating any formal dispute process, both parties agree to attempt in good faith to resolve any dispute informally. The party raising the dispute shall send a written notice to the other party describing the dispute and the relief sought. Both parties shall engage in good-faith discussions for at least 30 days before proceeding to arbitration or litigation.

Informal dispute notices to StateCheck Security should be sent to: legal@statechecksecurity.com

13.3 Arbitration

If informal resolution is unsuccessful, either party may refer the dispute to binding arbitration under the following conditions:

• Seat and Venue: [Your City], India.
• Language: English.
• Number of Arbitrators: Sole arbitrator, mutually appointed, or as per the applicable rules if parties cannot agree.
• Governing Rules: Arbitration and Conciliation Act, 1996 (India), as amended by the 2015 and 2019 amendments.
• Confidentiality: All arbitration proceedings and awards shall be confidential.

The arbitral award shall be final and binding on both parties and may be enforced in any court of competent jurisdiction.

13.4 Court Jurisdiction (Non-Arbitrable Matters)

For matters that are not arbitrable (including applications for urgent injunctive relief, intellectual property enforcement, and statutory claims), both parties submit to the exclusive jurisdiction of the courts located in [Your City], India.

13.5 Class Action Waiver

To the extent permitted by applicable law, you waive any right to participate in a class, collective, or representative action against StateCheck Security. All disputes must be brought individually.

13.6 Severability of Dispute Provisions

If any portion of this Section 13 is found unenforceable by a court of competent jurisdiction, the remaining provisions of this Section shall continue to apply to the maximum extent permitted by law.

14. Changes to These Terms

14.1 Minor Updates

We may make minor, non-material amendments to these Terms at any time (e.g., typographical corrections, clarifications that do not affect your rights). Minor changes take effect immediately upon posting. The "Last Updated" date at the top of this document will be revised accordingly.

14.2 Material Changes

For changes that materially affect your rights or obligations, we will:

• Post a prominent notice on the Website's homepage for at least 14 days before the change takes effect.
• Send an email notification to all newsletter subscribers and registered resource download leads at least 7 days before the change takes effect.
• Update the version number of these Terms (e.g., v2.0 → v2.1).

Material changes take effect 7 days after notification. Your continued use of the Website after that date constitutes acceptance. If you do not accept a material change, you must cease using the Website and may request deletion of your data under Section 12.2.

14.3 Version Archive

Previous versions of these Terms are archived and available upon written request to legal@statechecksecurity.com for a period of 3 years.

15. General Provisions

15.1 Entire Agreement

These Terms, together with our Privacy Policy and any applicable Engagement Agreement, constitute the entire agreement between you and StateCheck Security with respect to your use of the Website and supersede all prior discussions, representations, and agreements relating to the same subject matter.

15.2 Severability

If any provision of these Terms is held by a court of competent jurisdiction to be invalid, illegal, or unenforceable, that provision shall be modified to the minimum extent necessary to make it enforceable. If modification is not possible, the provision shall be severed from the Terms, and the remaining provisions shall continue in full force and effect.

15.3 Waiver

No failure or delay by StateCheck Security in exercising any right, power, or privilege under these Terms shall operate as a waiver of that right. No single or partial exercise of any right shall preclude any other or further exercise of that right or the exercise of any other right.

15.4 No Partnership or Agency

Nothing in these Terms creates a partnership, joint venture, employment, franchise, or agency relationship between you and StateCheck Security. You do not have any authority to bind StateCheck Security in any respect.

15.5 Assignment

StateCheck Security may assign or transfer its rights and obligations under these Terms to any affiliate or in connection with a merger, acquisition, or sale of its business assets without your consent, subject to notifying you in accordance with Section 14. You may not assign any rights or obligations under these Terms without our prior written consent.

15.6 Notices

All legal notices to StateCheck Security under these Terms must be sent in writing to legal@statechecksecurity.com and, where required, by registered post to our registered office address. Notices sent by email are effective upon receipt of a delivery confirmation.

15.7 Accessibility

We are committed to making this Website accessible to users with disabilities. If you encounter any accessibility barrier, please contact us at legal@statechecksecurity.com and we will make reasonable efforts to address it.

15.8 Language

These Terms are drafted in English. In the event of any conflict between an English version and any translated version, the English version shall prevail.

16. Contact Information

---

Document Title: Terms of Service — StateCheck Security
Version: 2.0  |  Status: Active
Effective Date: March 29, 2026  |  Last Reviewed: March 29, 2026
Next Review Date: March 29, 2027 (Annual Review Cycle)
Owner: Legal & Compliance Function, StateCheck Security
© 2026 StateCheck Security. All rights reserved. For the most current version, visit statechecksecurity.com/terms-of-service.