Effective: June 14, 2016 - May 31, 2020
Welcome to HackerOne! Please read these Customer Terms and Conditions carefully because they govern each Customer's access to and use of the Services.
Certain capitalized terms used in these Customer Terms and Conditions are defined the General Terms and Conditions found at https://www.hackerone.com/terms/general, which are incorporated by reference.
Agreement to Terms
By using the Services, Customer agrees to be bound by these Customer Terms and Conditions and the General Terms and Conditions, which are incorporated by reference.
Subject to Customer's compliance with the Terms, HackerOne will allow Customer to access and use the HackerOne Platform solely for its own business purposes in order to allow Customer to connect with Finders. Customer may create Programs and offer Bounties to allow Finders to submit Vulnerability Reports. Finders can browse the Programs and contact Customer through the HackerOne Platform if Finders are interested in submitting Vulnerability Reports for the Program.
Other HackerOne Services.
If set forth on a fully executed Order Form or otherwise mutually agreed by HackerOne and Customer, the Services may include other services to be provided by HackerOne. A description of these other services and any special terms related to these services are found at https://www.hackerone.com/terms/services.
Third Party Services.
If set forth on a fully executed Order Form or otherwise mutually agreed by HackerOne and Customer, the Services may include certain Third Party Services. Notwithstanding anything to the contrary in the Terms, the Third Party Services will be provided by the third party to Customer, and HackerOne is not responsible for the Third Party Services, and HackerOne makes no warranty or representation with respect to the Third Party Services. Customer agrees to be responsible for all payment obligations related to the Third Party Services and to agree to and be bound by any terms and conditions presented to Customer by the Third Party Services provider governing the use of the applicable Third Party Services, and unless otherwise agreed, Customer will remit payment for the Third Party Services directly to HackerOne within thirty (30) days of invoice, and HackerOne will pay the Third Party Services provider.
Use of the Services as a Finder.
If Customer or an employee of Customer desires to access and use the Services as a Finder with the consent of Customer, then the Finder Terms and Conditions found at https://www.hackerone.com/terms/finder will govern Customer's or Customer's employee's use of the Services, as a Finder. The Finder Terms and Conditions are independent of, and in addition to, these Customer Terms and Conditions. In such case, Customer or Customer's employee is solely responsible for performing Finder's obligations under the Finder Terms and Conditions.
HackerOne does not endorse any Finder. HackerOne is not responsible for any damage or harm resulting from Customer's communications or interactions with Finders or other customers, either through the Services or otherwise. Any reputation ranking or description of any Finder as part of the Services is not intended by HackerOne as an endorsement of any type. Any selection or use of any Finder is at Customer's own risk.
Any use or reliance of Vulnerability Reports that Customer receives is at Customer's own risk. HackerOne does not endorse, represent or guarantee the completeness, truthfulness, accuracy, or reliability of any Vulnerability Report. Under no circumstances will HackerOne be liable in any way for any Vulnerability Report, including, but not limited to, any errors or omissions in any Vulnerability Report, or any loss or damage of any kind incurred as a result of the use of any Vulnerability Report.
Finders are not employees, contractors or agents of HackerOne, but are independent third parties who want to participate in Programs and connect with Customer through the Services. Customer agrees that any legal remedy that Customer seeks to obtain for actions or omissions of Finder or other third parties regarding Customer's Program, including Vulnerability Reports, will be limited to a claim against the particular Finder or other third parties who caused harm to Customer, and Customer agrees not to attempt to impose liability on HackerOne or seek any legal remedy from HackerOne with respect to such actions or omissions.
Bounties and HackerOne Fees
In accordance with the Program Terms, Customer agrees to award Bounties to those Finders who submit Vulnerability Reports to Customer for a particular Program if the submitted Vulnerability Reports meets Customer's requirements. HackerOne agrees to process Bounties that are monetary payments on behalf of Customer and will typically remit the Bounty payments to the applicable Finders within ten (10) business days after HackerOne receives the Bounty payment from Customer (or, if HackerOne has a Bounty Prepayment from Customer for the Program, or Customer has a credit card on file with HackerOne, within ten (10) business days after Customer notifies HackerOne via the HackerOne Platform that the Bounty has been awarded to a Finder). HackerOne is not responsible for processing any Bounty award that is not a monetary payment, or for delays in payment outside of HackerOne's reasonable control.
Customer agrees to pay HackerOne a fee equal to twenty percent (20%) of each monetary Bounty awarded to a Finder for access to and use of the HackerOne Platform
Customer agrees to pay HackerOne any additional fees listed in any applicable Order Form or otherwise agreed by the parties (collectively, "HackerOne Fees").
Customer agrees to pay the HackerOne Fees and the applicable Bounty payments directly to HackerOne within thirty (30) days of the date of HackerOne's invoice unless otherwise stated on Order Form. The HackerOne Fees and Bounty payments are nonrefundable, except as otherwise specifically provided in the Terms.
Except for any amounts disputed in good faith, all past due amounts payable in accordance with any applicable Order Form or the Terms will incur interest at a rate of 1.5% per month or the maximum rate permitted by law, whichever is less. Customer will reimburse HackerOne for all reasonable costs and expenses incurred (including reasonable attorneys' fees) in collecting any overdue amounts.
Programs and Program Materials
Except as may be agreed by the parties, Customer is solely responsible for the management and administration of Customer's Programs through the Services. HackerOne reserves the right to reject a Program for any reason in its sole discretion.
While HackerOne may assist Customer in preparing Customer's Program Material, Customer is solely responsible for Customer's Program Material. Customer represents and warrants that Customer owns all of Customer's Program Material or that Customer has all rights necessary to grant HackerOne the license rights in Customer's Program Material under the Terms. Customer also represents and warrants that neither the Program Material, nor Customer's use and provision of the Program Material to be made available through the Services, nor any use of the Program Material by HackerOne or a Finder on or through the Services, will infringe, misappropriate or violate a third party's intellectual property rights, or rights of publicity or privacy, or result in the violation of any applicable law or regulation, including export control laws.
Ownership and Licenses
HackerOne does not claim any ownership rights in any Program Material or Vulnerability Reports, and nothing in the Terms will be deemed to restrict any rights that Customer may have to use and exploit Customer's Program Material and Vulnerability Reports. Customer acknowledges and agrees that HackerOne may collect statistical and other information, which will not identify particular Customers, and use such information internally at HackerOne. Subject to Customer's rights in any Program Material or Vulnerability Reports, HackerOne and its licensors exclusively own all right, title and interest in and to the Services and content contained thereon, including all associated intellectual property rights. Customer acknowledges that the Services and HackerOne content are protected by copyright, trademark, and other laws of the United States and foreign countries.
By making any Program Material available through the Services, Customer hereby grants to HackerOne a perpetual, irrevocable, non-exclusive, non-transferable, non-sublicenseable, worldwide, royalty-free license to use, copy, reproduce, display, modify, adapt, transmit and distribute copies of Customer's Program Material, for the sole purpose of providing the Services.
Subject to Customer's compliance with the Terms, HackerOne hereby grants to Customer a non-exclusive, non-transferable, non-sublicenseable, worldwide, royalty-free license to access and view the content that HackerOne makes available on the Services solely in connection with Customer's permitted use of the Services.
Subject to Customer's compliance with the Terms, HackerOne hereby grants to Customer a non-exclusive, non-transferable, non-sublicenseable, worldwide, royalty-free license to access and view the Vulnerability Reports that HackerOne makes available on the Services solely in connection with Customer's permitted use of the Services. There shall be no fee for the license unless otherwise provided on an Order Form.