Effective Date: 1st August 2026
These Terms of Service (“Terms”) govern your access to and use of the SecuVeo website, software platform and related services (collectively, the “Services”).
The Services are provided by MSP SecureView LLC-FZ, trading as SecuVeo (“SecuVeo”, “we”, “our”, or “us”).
By creating an Account, accessing the Services, commencing a Free Trial, purchasing a Subscription, or otherwise using the Services, you confirm that you have read, understood and agree to be bound by these Terms.
If you do not agree to these Terms, you must not access or use the Services.
1. Service Overview
The Services are a cloud-based Software-as-a-Service (SaaS) platform designed exclusively for Managed Service Providers (MSPs) to create, manage, deliver and maintain professional IT Security Reviews for their Clients.
The Services include, but are not limited to:
- Security Review creation and management
- Security Review Reports
- Security Review templates
- Security Review Items
- AI-generated Executive Summaries
- AI-generated Changes Since Last Review
- Client and contact management
- Native PSA integrations
- Spreadsheet-based Client import
- Manual Client creation
- Security scoring
- Recommendation tracking
- Report delivery
- Disclaimer management
- Audit trails
- Internal Tasks
- Historical reporting
- Multi-Factor Authentication (MFA)
- Microsoft Single Sign-On (SSO)
- Microsoft Graph security evidence integration
- Microsoft Granular Delegated Admin Privileges (GDAP) integration
- Microsoft tenant discovery
- Security evidence collection
- Historical security evidence tracking
- Other features and functionality made available from time to time.
Customers may populate Client information by:
- Connecting a supported Professional Services Automation (PSA) platform;
- Importing Client information using spreadsheet templates provided by SecuVeo; or
- Entering Client information manually where supported.
PSA integration is optional and is not required to use the Services.
Where enabled by the Customer, SecuVeo may use Microsoft Graph and Microsoft Granular Delegated Admin Privileges (GDAP) to discover authorized Microsoft Tenants and retrieve permitted Security Evidence and Microsoft security configuration information.
Information retrieved through Microsoft Graph or GDAP may be used to:
- Support Security Reviews.
- Populate Security Review Items.
- Generate Security Review Reports.
- Assist AI-generated Executive Summaries.
- Assist AI-generated Changes Since Last Review.
- Provide supporting Security Evidence.
- Assist with historical comparisons.
- Track changes in Microsoft security configurations over time.
SecuVeo does not independently determine whether a Client’s environment is secure, compliant or appropriately configured.
The Customer is solely responsible for reviewing, accepting, modifying or rejecting all imported, synchronized, AI-generated and automatically generated information, recommendations and suggested deployment statuses before any Security Review Report is generated, published or delivered to a Client.
SecuVeo may add, improve, modify, replace or discontinue features of the Services from time to time in order to enhance functionality, performance, reliability and security.
2. Definitions
Headings are provided for convenience only and do not affect the interpretation of these Terms.
For the purposes of these Terms:
Account means a registered SecuVeo account.
Customer means the Managed Service Provider (MSP) purchasing or using the Services.
Client means an end customer recorded within the SecuVeo platform and managed or assessed by the Customer.
Security Review means an assessment completed within SecuVeo using Security Review Items selected by the Customer.
Security Review Report means a report generated through the Services containing the Customer’s Security Review findings, recommendations, security scores, AI-generated summaries and related content for a Client.
Report Compliance Record means a record generated through the Services containing audit, delivery, disclaimer acknowledgment and related compliance information associated with a Security Review Report. A Report Compliance Record may be made available in PDF or other formats.
Subscription means a paid SecuVeo subscription.
Free Trial means the complimentary thirty (30) day evaluation period.
User means any individual authorized by the Customer to access the Services.
Microsoft Graph means Microsoft’s application programming interface used by SecuVeo, where authorized, to retrieve permitted Microsoft cloud information.
GDAP means Microsoft Granular Delegated Admin Privileges, through which a Customer may grant or use delegated administrative access to Microsoft customer tenants.
Microsoft Tenant means a Microsoft cloud environment belonging to a Customer or Client and authorized for connection to the Services.
Security Evidence means configuration information, assessment data, security settings, status information and related metadata retrieved through an authorized integration and used to support a Security Review.
PSA means a Professional Services Automation platform supported by SecuVeo, including but not limited to HaloPSA and ConnectWise PSA.
3. Eligibility
The Services are intended solely for legitimate Managed Service Providers.
By using the Services, you represent and warrant that:
- You have authority to enter into these Terms on behalf of your organization.
- All information provided during registration is accurate and complete.
- You will keep your account information accurate and up to date.
- You will use the Services only for lawful business purposes.
4. Account Approval
Every new Customer Account begins with a Free Trial.
All registrations are subject to manual approval by SecuVeo before access to the Services is granted.
Submitting an application does not guarantee access to the Services.
We reserve the right, at our sole discretion, to approve or reject any application without providing a reason.
Reasons may include, but are not limited to:
- Suspected fraud.
- False or misleading information.
- Duplicate registrations.
- Abuse of the Free Trial.
- Competitors or individuals acting on behalf of competitors.
- Businesses developing, marketing or evaluating products or services that compete with the Services.
- Security concerns.
- Any other legitimate business reason.
We may request additional information to verify your identity, eligibility or legitimacy before granting access to the Services.
5. Free Trial
Every approved Customer Account automatically begins with a 30-day Free Trial.
The Free Trial allows prospective Customers to evaluate the Services before purchasing a Subscription.
No credit card is required to create an Account or begin the Free Trial.
The Free Trial currently includes:
- Full access to the SecuVeo platform.
- Access for thirty (30) days.
- The ability to create and send up to two (2) Security Review Reports.
Unused Trial days or reports have no monetary value.
Customers may purchase a Subscription at any time during the Free Trial through the Billing section of the SecuVeo platform.
If a Subscription is purchased during the Free Trial, the Subscription will commence immediately unless otherwise stated during checkout.
If a Subscription is not purchased before the Free Trial expires:
- The Customer Account will remain active.
- The ability to create or send additional Security Review Reports and access certain functionality may be restricted until a paid Subscription is purchased.
A Customer may only hold one Free Trial unless otherwise agreed by SecuVeo.
We reserve the right to refuse, suspend or terminate duplicate or repeat Free Trial Accounts.
SecuVeo may, at its sole discretion:
- Modify the Free Trial.
- Withdraw the Free Trial.
- Refuse Free Trial access.
- Suspend or terminate Free Trial Accounts.
- Limit the availability or functionality of the Free Trial.
6. Subscription Plans
Subscriptions are based on the number of active managed Clients recorded within the SecuVeo platform.
Current Subscription tiers are:
| Plan | Managed Clients |
| Starter | 1–50 Clients |
| Growth | 51–150 Clients |
| Scale | 151–300 Clients |
Enterprise plans are available for Customers managing more than 300 Clients.
Unless otherwise stated, every Subscription includes:
- Unlimited Users.
- Unlimited Security Review Reports.
Current Subscription pricing is published on the SecuVeo website and may only be amended in accordance with these Terms.
6.1 Client Limits
SecuVeo determines the applicable Subscription plan based on the number of active managed Clients recorded within the platform.
If your managed Client count exceeds the limit of your current Subscription plan, your Subscription will be automatically upgraded to the appropriate Subscription tier.
The applicable Subscription plan and Subscription fee will take effect from the date the threshold is exceeded.
A new minimum twelve (12) month Subscription term will commence from the effective date of the upgrade.
If your managed Client count subsequently falls below the limit of your current Subscription plan, your Subscription will be automatically downgraded to the appropriate Subscription tier.
The applicable Subscription plan and Subscription fee will take effect from the effective date of the downgrade.
A new minimum twelve (12) month Subscription term will commence from the effective date of the downgrade.
7. Subscription Term
Unless otherwise agreed in writing, every paid Subscription is entered into for a minimum term of twelve (12) months.
Subscriptions automatically renew for successive twelve (12) month terms unless cancelled in accordance with these Terms.
SecuVeo will provide at least forty-five (45) days’ written notice before each Subscription renewal.
8. Billing
Subscription fees are billed monthly in advance using the Customer’s selected payment method.
By purchasing a Subscription, the Customer authorizes SecuVeo to collect all applicable Subscription fees.
Customers are responsible for ensuring that payment information remains valid and up to date.
Failure to pay any Subscription fee when due may result in:
- Suspension of the Services.
- Restriction of access.
- Downgrading of functionality.
- Termination of the Subscription.
Customers remain responsible for all applicable taxes, duties and governmental charges unless otherwise stated.
9. Pricing Changes
SecuVeo may review and amend its published Subscription pricing no more than once in any calendar year.
We will provide at least forty-five (45) days’ written notice before revised pricing takes effect.
Any pricing change will not affect the current Subscription term.
Updated pricing will apply from the commencement of the next Subscription term.
If you do not agree to the revised pricing, you may cancel your Subscription before renewal in accordance with these Terms.
Continued use of the Services following the effective date of revised pricing constitutes acceptance of the updated Subscription fees.
10. Promotional Discounts & Vouchers
SecuVeo may offer promotional discounts, vouchers or special pricing from time to time.
- Unless expressly stated otherwise:
- Promotional discounts and vouchers apply for the period specified at the time of issue.
- Discounts continue for their full promotional period regardless of any Subscription plan upgrade or downgrade during that period.
- Where a Subscription plan changes, the promotional discount will automatically be applied to the published price of the new Subscription plan for the remainder of the promotional period.
- Once the promotional period expires, the standard published price for the Customer’s current Subscription plan will apply.
- Discounts and vouchers have no cash value, are non-transferable and may not be exchanged for credit or refunds.
- Only one promotional discount or voucher may be applied to a Subscription unless expressly stated otherwise.
- SecuVeo reserves the right to withdraw or refuse promotional offers where fraud, abuse or misuse is suspected.
11. Cancellation
Customers wishing to cancel their Subscription must submit a cancellation request by creating a Support Ticket within the SecuVeo platform at least thirty (30) days before the end of the current Subscription term.
Cancellation takes effect at the end of the current Subscription term.
Free Trial Customers may also request account termination by submitting a Support Ticket.
No refunds will be provided for unused Subscription periods except where required by applicable law.
Failure to use the Services does not cancel a Subscription or remove the Customer’s obligation to pay applicable Subscription fees.
Before requesting account termination, Customers are responsible for exporting any Security Review Reports, Security Evidence or other information they wish to retain.
Customer Data will be deleted in accordance with the SecuVeo Data Processing Agreement.
Termination of the Services does not affect any outstanding payment obligations that arose before termination.
12. User Accounts & Customer Responsibilities
Customers are responsible for:
- Maintaining the confidentiality of Account credentials.
- Ensuring all Users are authorized to access the Services.
- Immediately notifying SecuVeo of any unauthorized access or suspected security breach.
- Using the authentication method configured for their organization, including mandatory Multi-Factor Authentication (MFA) where Email & Password authentication is used.
- Where Microsoft Single Sign-On (SSO) is enabled, ensuring Users have valid Microsoft Entra ID accounts and that the Customer’s Microsoft authentication policies, including Multi-Factor Authentication (where configured), are appropriately managed.
- Ensuring they have the legal authority to collect, process and store Client information within the Services.
- Reviewing every Security Review before delivery.
- Reviewing and validating all imported, synchronized, AI-generated and automatically generated information before relying upon it.
- Validating all imported PSA data.
- Reviewing and approving all AI-generated Executive Summaries before they are shared with Clients.
- Reviewing and approving all AI-generated Changes Since Last Review before they are shared with Clients.
- Ensuring all Security Review Reports accurately reflect the Client’s environment before delivery.
- Ensuring all recommendations accurately reflect the Customer’s professional opinion before they are shared with Clients.
Customers remain solely responsible for all professional advice, recommendations, reports and services provided to their Clients.
12.1 User Management & Permissions
The Services allow Customers to invite, manage and remove authorized Users.
Customers remain solely responsible for:
- Inviting only authorized Users.
- Assigning appropriate User roles and permissions.
- Reviewing and maintaining User access.
- Removing or disabling User access when no longer required.
- Ensuring Users comply with these Terms.
The Services may provide different User roles and permission levels. The functionality available to each User depends upon the role assigned by the Customer and may change from time to time.
Customers acknowledge that:
- Certain functionality may be restricted to specific User roles.
- Only Users with appropriate permissions may invite additional Users, manage Account settings or perform administrative functions.
- SecuVeo is not responsible for actions performed by authorized Users acting under the Customer’s Account.
Where Microsoft Single Sign-On (SSO) is enabled, User access may also depend upon the Customer’s Microsoft Entra ID configuration and authentication policies.
12.2 Microsoft Single Sign-On (SSO)
Where enabled, Microsoft Single Sign-On (SSO) may be used to authenticate Users to the Services.
Customers remain solely responsible for:
- Their Microsoft Entra ID tenant.
- User identities and account lifecycle management.
- Authentication policies.
- Multi-Factor Authentication (MFA) policies.
- Conditional Access policies.
- Microsoft licensing.
- The security and administration of their Microsoft identity environment.
Customers acknowledge that authentication using Microsoft Single Sign-On is performed by Microsoft. SecuVeo is not responsible for the availability, security or operation of the Customer’s Microsoft Entra ID environment.
Microsoft Single Sign-On is separate from any Microsoft Graph or GDAP integration.
12.3 Account Security
Customers are responsible for ensuring that:
- Only authorized Users have access to their Account.
- User Accounts are removed promptly when no longer required.
- Passwords remain confidential.
- Appropriate security controls are maintained within their organization.
Customers must immediately notify SecuVeo if they become aware of:
- Unauthorized access.
- Credential compromise.
- Suspected data breach.
- Unauthorized Microsoft Tenant access.
- Any event which may affect the security of the Services.
12.4 Prohibited Activities
Users must not:
- Share passwords or login credentials.
- Create unauthorized Accounts.
- Attempt to gain unauthorized access to another Customer’s environment.
- Circumvent security controls.
- Upload malicious software.
- Attempt to interfere with the operation or availability of the Services.
- Reverse engineer, decompile or attempt to extract source code except where expressly permitted by law.
- Use the Services for unlawful, fraudulent or malicious purposes.
SecuVeo reserves the right to suspend or terminate access where these Terms are breached.
13. Integrations
13.1 PSA Integrations
Where supported, Customers may connect Professional Services Automation (PSA) platforms to synchronize Client information, Client Contacts, recurring billing data and other information made available by the connected PSA platform for use within the Services.
PSA integrations are optional.
Customers may alternatively:
- Import Client information using spreadsheet templates supplied by SecuVeo; or
- Enter Client information manually where supported.
Customers remain solely responsible for reviewing and validating all imported and synchronized information before relying upon it.
13.2 Microsoft Graph & GDAP
Where enabled by the Customer, the Services may use Microsoft Graph and Microsoft Granular Delegated Admin Privileges (GDAP) to discover authorized Microsoft Tenants and retrieve Security Evidence and Microsoft security configuration information.
Retrieved Security Evidence is intended solely to assist Customers in completing
Security Reviews and may be used to:
- Populate Security Review Items.
- Generate Security Review Reports.
- Assist AI-generated Executive Summaries.
- Assist AI-generated Changes Since Last Review.
- Provide supporting Security Evidence.
- Assist with historical comparisons.
- Track changes in Microsoft security configurations over time.
Customers remain solely responsible for:
- Ensuring they have the legal authority to connect each Microsoft Tenant.
- Obtaining all necessary Client authorizations.
- Maintaining appropriate GDAP relationships.
- Maintaining appropriate delegated permissions.
- Configuring Microsoft roles correctly.
- Removing Microsoft Tenant access when authorization no longer exists.
- Complying with Microsoft’s licensing, terms and acceptable use policies.
- Reviewing, validating and approving all retrieved Security Evidence before relying upon it or including it within a Security Review Report.
Microsoft Graph and GDAP integrations are optional.
Customers acknowledge that the availability, completeness and accuracy of retrieved
Security Evidence may depend upon:
- Microsoft licensing.
- Delegated permissions.
- Microsoft service availability.
- API limitations.
- Microsoft Tenant configuration.
- Synchronization timing.
- Other factors outside SecuVeo’s reasonable control.
SecuVeo does not guarantee that Security Evidence will always be available, complete, accurate or up to date.
13.3 PSA Opportunities & Tickets
Where supported, the Services may enable Customers to create Opportunities, Tickets or other records within a connected PSA platform.
Such functionality is provided solely to assist Customers in managing Security Reviews and related activities.
Customers remain solely responsible for:
- Reviewing all information before creating any Opportunity, Ticket or other PSA record.
- Determining whether an Opportunity, Ticket or other PSA record should be created.
- Reviewing, modifying and approving all information before it is submitted to the connected PSA platform.
- Managing all subsequent activities, communications and workflows within the PSA platform.
SecuVeo does not guarantee that Opportunities, Tickets or other PSA records will be successfully created, synchronized or updated. Successful creation may depend upon the availability of the connected PSA platform, API functionality, permissions, licensing and other factors outside SecuVeo’s reasonable control.
Customers remain solely responsible for all commercial proposals, quotations, project planning, service delivery and communications arising from any Opportunity or Ticket created using the Services.
14. Client Management
14.1 Account Managers
The Services may allow Customers to manage Account Manager information for use within the Services, including Security Review Reports, report delivery and meeting scheduling.
Where supported, Account Manager details may be synchronized from a connected PSA platform or entered manually by the Customer.
Customers remain solely responsible for:
- Ensuring all Account Manager information is accurate and up to date.
- Assigning the appropriate Account Manager to each Client.
- Configuring and maintaining any meeting scheduling links associated with an Account Manager.
- Reviewing all Account Manager information before it is included in a Security Review Report or other Client communication.
Where Account Manager information is synchronized from a connected PSA platform, Customers may modify certain Account Manager details within the Services. Unless expressly stated otherwise by the Services, such changes will be retained and will not be overwritten by subsequent PSA synchronizations.
Meeting scheduling links are not synchronized from connected PSA platforms and must be configured and maintained manually by the Customer.
14.2 Client Consolidation
The Services may allow Customers to consolidate or merge duplicate Client records.
Customers remain solely responsible for:
- Reviewing all Client records before consolidation.
- Confirming that the selected Client records relate to the same Client.
- Verifying the accuracy of the consolidated Client record.
- Reviewing any associated Security Reviews, Reports, Contacts, Security Evidence and other information following consolidation.
Customers acknowledge that Client consolidation is permanent and cannot be reversed through the Services. Customers should carefully review all information before proceeding with a consolidation.
Where supported, the Services may retain historical Security Reviews, Reports, Audit Records and other associated information as part of the consolidated Client record.
SecuVeo is not responsible for any Client consolidation performed or approved by the Customer.
15. Templates & Product Library
The Services include Security Review Templates, Security Review Items and a Product Library to assist Customers in creating Security Reviews.
Customers may:
- Create and maintain their own Templates.
- Create, modify and organize Security Review Items.
- Create, modify and organize Product Library Items.
- Copy, customize and use Templates and Product Library content supplied by SecuVeo, where permitted by the Services.
Templates, Security Review Items and Product Library content are intended solely to assist Customers in preparing Security Reviews.
Customers remain solely responsible for:
- The content of their Templates and Product Library.
- Selecting which Security Review Items are included in each Security Review.
- The accuracy, completeness and suitability of all Template and Product Library content.
- Ensuring all Security Review Reports accurately reflect their professional opinion and the Client’s environment.
SecuVeo-supplied Templates, Security Review Items and Product Library content are provided as guidance only and do not constitute professional, legal, regulatory or cybersecurity advice.
16. Security Reviews & Security Review Reports
The Services enable Customers to create, manage and deliver Security Reviews and Security Review Reports for their Clients.
Security Reviews are intended to assist Customers in assessing and communicating aspects of a Client’s security posture.
Security Review Reports are generated using information entered by the Customer, synchronized from connected systems, retrieved through authorized integrations, generated using AI-assisted functionality, or otherwise made available through the Services.
Security Review Reports are intended solely as decision-support and communication tools.
They do not constitute legal, regulatory, compliance, insurance or cybersecurity certification.
Customers remain solely responsible for reviewing, validating and approving every Security Review Report before it is shared with a Client.
16.1 Security Review Frequency & Reminders
The Services may allow Customers to configure default Security Review frequencies and reminder settings for their Clients.
Customers remain solely responsible for:
- Selecting an appropriate Security Review frequency for each Client.
- Configuring and maintaining reminder settings.
- Ensuring reminder email addresses are accurate and up to date.
- Reviewing and updating Security Review schedules where appropriate.
Where configured, the Services may generate reminder notifications based on the Customer’s selected Security Review frequency and reminder settings.
Customers acknowledge that:
- Default Security Review frequency and reminder settings apply only to newly created Clients unless otherwise stated by the Services.
- Existing Client settings may be managed independently.
- Reminder notifications are provided solely as an organizational aid and do not guarantee that a Security Review will be completed or delivered.
- Failure to receive or act upon a reminder does not relieve the Customer of its responsibility to complete Security Reviews in accordance with its own contractual, regulatory or operational requirements.
17. Recommendations
Recommendations are intended solely to assist Customers in identifying potential security improvements.
Recommendations may be:
- Selected manually by the Customer.
- Generated automatically.
- Assisted by artificial intelligence.
- Derived from Security Review Items.
- Derived from PSA billing data.
- Derived from Microsoft Security Evidence.
- Generated through future functionality introduced by SecuVeo.
Recommendations are provided solely to assist the Customer.
Customers remain solely responsible for determining:
- Which recommendations should be included.
- Recommendation priority.
- Risk level.
- Suitability for each Client.
- Commercial advice provided to Clients.
18. AI & Automated Assistance
The Services include artificial intelligence (“AI”) and automated functionality designed to assist Customers in preparing Security Reviews and Security Review Reports.
These features may include, but are not limited to:
- AI-generated Executive Summaries.
- AI-generated Changes Since Last Review.
- Automated recommendation assistance.
- Automated PSA keyword matching.
- Automated deployment status suggestions.
- Historical comparison assistance.
- Future AI-powered functionality introduced by SecuVeo.
These features are intended solely to assist Customers and do not replace professional judgement.
Customers remain solely responsible for reviewing, validating, editing and approving all AI-generated and automatically generated content before relying upon it or sharing it with Clients.
18.1 AI Executive Summaries
Executive Summaries generated through the Services may utilise artificial intelligence together with information available within the Services at the time of generation. Customers may alternatively choose to create Executive Summaries manually without using artificial intelligence.
AI-generated content may:
- Contain inaccuracies.
- Omit relevant information.
- Include inappropriate wording.
- Misinterpret imported or synchronized information.
Customers remain solely responsible for reviewing, editing and approving every Executive Summary before it is shared with a Client.
18.2 Changes Since Last Review
The Services may use artificial intelligence to generate Changes Since Last Review summaries based on information available to the Services and differences identified between Security Reviews.
Changes Since Last Review summaries are intended solely to assist Customers and may contain inaccuracies, omissions or misinterpretations.
Customers remain solely responsible for reviewing, editing and approving every Changes Since Last Review summary before it is relied upon or shared with a Client.
18.3 AI-Assisted PSA Matching
Where a supported PSA integration is enabled, SecuVeo may import billing items, products and services from the Customer’s connected PSA platform.
SecuVeo may use artificial intelligence to recommend one or more PSA billing item names that may correspond to individual Security Review Items. Customers may select AI-generated keyword recommendations or manually create their own keyword matching rules using any keywords they choose, regardless of whether those keywords were recommended by SecuVeo.
Customers may configure one or more keyword matching rules using Exact Match, Includes and Excludes criteria. Where a configured keyword match is found against the Customer’s PSA billing data and the matched billing item has a quantity greater than zero, SecuVeo may automatically mark the associated Security Review Item as Deployed. Customers remain solely responsible for reviewing, confirming and, where necessary, modifying all automatically populated deployment statuses before generating or delivering a Security Review Report.
Customers are solely responsible for:
- Reviewing all AI-generated keyword recommendations.
- Selecting, modifying, deleting or manually creating keyword matching rules, including any Exact Match, Includes and Excludes criteria.
- Configuring the deployment status to apply when a keyword match is found.
- Configuring the fallback deployment status to apply when no keyword match is found (for example, Deployed, Partially Deployed, Not Deployed or Not Applicable).
- Reviewing all automatically populated deployment statuses.
- Determining and approving the final deployment status of every Security Review Item before generating or delivering a Security Review Report.
A successful keyword match or suggested deployment status does not confirm that:
- A product or service has been fully deployed.
- Every licensed user is protected.
- The solution has been correctly configured.
- The solution is operating correctly.
- The Client’s environment is secure.
The Customer’s contractual, regulatory or compliance obligations have been satisfied.
Customers remain solely responsible for the accuracy of their keyword matching rules, deployment statuses, Security Review Reports and recommendations provided to their Clients.
18.4 Future AI Features
SecuVeo may introduce additional AI-powered or automated functionality from time to time.
Unless expressly stated otherwise, all AI and automated functionality provided by the Services is intended solely as decision-support assistance and does not replace the Customer’s professional judgement.
19. Security Scores
The Services may calculate Security Scores using methodologies developed by SecuVeo.
Security Scores are intended solely as indicative measurements to assist Customers in demonstrating progress over time.
Security Scores:
- Are not security certifications.
- Are not compliance certifications.
- Do not guarantee security.
- Should not be relied upon as the sole measure of a Client’s security posture.
Customers remain responsible for interpreting and explaining Security Scores to their Clients.
20. Report Delivery & Client Communication
The Services may enable Customers to deliver Security Review Reports and related communications electronically.
Customers remain solely responsible for:
- Selecting report recipients.
- Verifying recipient email addresses.
- Ensuring reports are appropriate before delivery.
- Ensuring reports are delivered only to authorized individuals.
- Confirming that intended recipients have received Security Review Reports and related communications where appropriate.
SecuVeo uses reputable third-party email delivery providers and takes reasonable steps to maximize email deliverability. However, SecuVeo does not guarantee that emails will be successfully delivered, received or placed in a recipient’s inbox.
SecuVeo is not responsible for:
- Incorrect recipient information.
- Email delivery failures outside its reasonable control.
- Spam, junk or phishing filtering.
- Recipient mailbox configuration or security policies.
- Domain, DNS, SPF, DKIM or DMARC configuration.
- Temporary outages or service interruptions affecting third-party email providers or recipient mail servers.
Customers remain responsible for monitoring report delivery and, where necessary, resending reports or using alternative communication methods to ensure intended recipients receive Security Review Reports and related notifications.
20.1 Email Settings & Custom Domains
The Services may allow Customers to configure custom email sending domains and custom web addresses (URLs) for Security Review Reports, disclaimer pages and other Customer-facing pages.
Customers remain solely responsible for:
- Configuring and maintaining their custom sending domain.
- Configuring and maintaining any custom URLs used with the Services.
- Correctly configuring DNS records required by the Services, including but not limited to SPF, DKIM, DMARC, A records and any other records specified by SecuVeo.
- Ensuring they have the necessary authority to configure and use the relevant domain names and DNS records.
- Maintaining the ongoing security, validity and availability of their configured domains and DNS records.
Incorrect or incomplete configuration may affect the availability, accessibility, security or deliverability of Security Review Reports, disclaimer pages, emails or other functionality.
SecuVeo may perform validation checks to assist Customers with configuration but does not guarantee the correctness, effectiveness or ongoing validity of any DNS configuration.
Customers acknowledge that email deliverability, report accessibility, website availability and domain reputation may be affected by factors outside SecuVeo’s reasonable control, including DNS providers, domain registrars, certificate authorities, email providers and third-party infrastructure.
SecuVeo is not responsible for any interruption, delay, failed email delivery or loss of functionality resulting from incorrect, incomplete or subsequently modified domain or DNS configurations.
21. Branding & Localization
The Services may allow Customers to configure branding, localization and presentation settings for use throughout the Services.
These settings may include, but are not limited to:
- Company name.
- Company logo.
- Branding colors.
- Time zone.
- Date format.
- Custom email sending domain.
- Custom report and disclaimer URLs.
- Other branding or localization settings made available by the Services from time to time.
Customers remain solely responsible for:
- Ensuring all branding information is accurate and up to date.
- Ensuring they have the necessary rights to use all uploaded logos, trademarks and other branding assets.
- Selecting the appropriate time zone and date format for their organization.
- Reviewing all generated Security Review Reports, Report Compliance Records and other Customer-facing content before distribution.
Customers acknowledge that the configured time zone and date format may be used throughout the Services, including but not limited to:
- Security Review Reports.
- Report Compliance Records.
- Audit records.
- Disclaimer acknowledgments.
- Report delivery records.
- Historical activity.
- Other dates and times displayed by the Services.
Customers are responsible for ensuring that the selected time zone accurately reflects their operational requirements. SecuVeo is not responsible for any misunderstanding, interpretation or reliance arising from an incorrectly configured time zone or localization setting.
22. Disclaimer Acknowledgment
The Services may require the first authorized recipient accessing a Security Review Report to acknowledge a disclaimer before the report can be viewed.
As part of the disclaimer acknowledgment process, the recipient may be required to enter the email address to which the Security Review Report was originally sent. This information is collected solely to identify the acknowledging recipient and to maintain the Security Review’s audit trail and compliance record.
Once the disclaimer has been acknowledged, other authorized recipients of the same Security Review Report may access the report without being required to acknowledge the disclaimer again.
Disclaimer acknowledgment records may include:
- Date and time.
- Email address entered by the acknowledging recipient.
- IP address.
- Browser or device information.
- Report identifier.
- Other audit information reasonably required to evidence acknowledgment.
The Services may generate a Report Compliance Record containing disclaimer acknowledgment details, report delivery information and related audit information. Customers may download this record in PDF format for their own compliance, governance and record-keeping purposes.
Disclaimer acknowledgment assists Customers in maintaining an audit trail and compliance record.
A disclaimer acknowledgment confirms only that the recipient has acknowledged receipt of and access to the Security Review Report. It does not constitute acceptance of the report’s contents, recommendations or conclusions, create any contractual obligation, or constitute an agreement to purchase any products or services.
23. Internal Tasks
The Services may allow Customers to create, assign and manage internal Tasks associated with Security Reviews.
Tasks are intended solely to assist Customers with internal planning, collaboration and follow-up activities.
Tasks:
- Do not form part of Client-facing reports.
- Are not synchronized with third-party PSA platforms unless expressly stated by the Services.
- Are not intended to replace project management, PSA or ticketing systems.
- Do not guarantee that any action will be completed, monitored or acted upon by any User.
Customers remain solely responsible for managing their own operational workflows and for ensuring that all Tasks are appropriately reviewed and completed.
24. Audit Trail
The Services maintain audit information relating to Customer activity and Security Reviews.
Audit information may include:
- Report creation.
- Report modification.
- Report generation.
- Report delivery.
- Disclaimer acknowledgment.
- User activity.
- Recommendation decisions.
- Internal Task activity.
- Policy acknowledgments.
- Other significant platform events.
Audit information is provided solely for record-keeping purposes.
25. Customer Data
Customers retain ownership of all data they upload to or create within the Services, including but not limited to:
- Client information.
- Contact information.
- Security Reviews.
- Security Review Reports.
- Templates.
- Security Review Items.
- Recommendations.
- Tasks.
- Notes.
- Security Evidence.
- Audit records.
- Branding.
- Uploaded files.
Except as expressly set out in these Terms, SecuVeo claims no ownership over Customer Data.
26. License to Process Customer Data
The Customer grants SecuVeo a worldwide, non-exclusive, royalty-free license to host, process, store, copy, transmit and otherwise use Customer Data solely for the purpose of:
- Providing the Services.
- Delivering Security Review Reports.
- Synchronizing authorized integrations.
- Providing customer support.
- Maintaining backups.
- Maintaining, securing and improving the Services.
- Detecting security incidents.
- Complying with legal obligations.
- Performing other activities reasonably necessary to operate the Services.
SecuVeo will not use Customer Data for its own commercial benefit except as reasonably necessary to provide, maintain, secure and improve the Services.
Without the Customer’s express authorization, SecuVeo will not:
- Use Customer Data to provide managed IT services or operate a competing managed service business.
- Contact or solicit the Customer’s Clients for products or services unrelated to the operation of the Services.
- Sell, rent or commercially exploit Customer Data.
- Use Customer Data to build customer lists, marketing databases or commercial profiles for SecuVeo’s own benefit.
This license terminates when Customer Data is permanently deleted in accordance with these Terms and the Data Processing Agreement.
27. Privacy & Data Protection
SecuVeo processes personal data in accordance with its Privacy Policy and Data Processing Agreement (“DPA”).
The Customer acknowledges that:
- Client information may contain personal data.
- The Customer acts as the Data Controller (or equivalent).
- SecuVeo acts as the Data Processor (or equivalent) where applicable.
Customers are responsible for ensuring they have the lawful authority to upload, synchronize, process and store Client information within the Services.
28. Confidentiality
Each party agrees to keep confidential all non-public information obtained from the other party in connection with the Services.
Neither party shall disclose confidential information except:
- With the other party’s consent.
- Where required by law.
- To professional advisers under confidentiality obligations.
- As reasonably necessary to provide the Services.
This obligation survives termination of these Terms.
29. Data Security
SecuVeo maintains administrative, technical and organizational measures designed to protect Customer Data.
Security measures may include:
- Encryption in transit.
- Encryption at rest where appropriate.
- Multi-Factor Authentication.
- Access controls.
- Audit logging.
- Infrastructure monitoring.
- Vulnerability management.
- Security monitoring.
- Security patching.
- Backup procedures.
No Internet-connected service can guarantee absolute security.
Customers acknowledge that no security measures eliminate all risk.
30. Third-Party Services
The Services may integrate with, rely upon or make available functionality provided by third-party services including, but not limited to:
- Microsoft
- HaloPSA
- ConnectWise PSA
- Stripe
- Amazon Web Services (AWS)
- Auth0
- Anthropic
- Intuit Mailchimp / Mandrill
- Google Analytics
- Calendly
Third-party providers operate independently of SecuVeo and are subject to their own terms, policies and service availability.
SecuVeo is not responsible for the availability, performance, security, accuracy or functionality of any third-party products or services, including any outages, API changes, licensing changes, service interruptions or other events affecting those services.
Customers acknowledge that changes made by third-party providers may affect the availability or operation of certain features of the Services, and SecuVeo shall not be liable for any resulting interruption, limitation or loss of functionality.
31. Availability
SecuVeo will use commercially reasonable efforts to maintain the availability of the Services.
However, uninterrupted availability cannot be guaranteed.
The Services may occasionally be unavailable due to:
- Planned maintenance.
- Emergency maintenance.
- Security updates.
- Infrastructure failures.
- Third-party outages.
- Internet connectivity issues.
- Force majeure events.
- Circumstances beyond SecuVeo’s reasonable control.
No service level agreement (SLA) applies unless separately agreed in writing.
32. Backups
SecuVeo performs automated backups for business continuity and disaster recovery purposes.
Backups are intended solely to restore the overall Service following a disaster or significant operational event.
Backups are not intended to provide:
- Customer archiving.
- Historical data retrieval on demand.
- Recovery of individual deleted records.
- Recovery of Customer Data deleted by the Customer.
Customers remain responsible for exporting any information they wish to retain.
33. Support
Technical support is provided through the SecuVeo Support Portal.
Support includes reasonable assistance relating to:
- Use of the Services.
- Bugs.
- Platform errors.
- General usage questions.
Support does not include:
- Cybersecurity consulting.
- IT consulting.
- Microsoft administration.
- PSA administration.
- Custom software development.
- Bespoke integrations.
- Professional services.
SecuVeo aims to respond to Support Tickets as soon as reasonably practicable. However, no guaranteed response times, resolution times or Service Level Agreement (SLA) apply unless expressly agreed in writing.
Support requests are prioritized at SecuVeo’s sole discretion, taking into account factors including severity, security impact, operational impact and overall business priorities.
34. Support Tickets & Account Impersonation
The Services include an in-platform Support Ticket system through which Customers may request technical support and communicate with SecuVeo.
Customers remain solely responsible for ensuring that information submitted within Support Tickets is accurate and appropriate.
Support Tickets, attachments and related communications may be retained by SecuVeo for support, security, quality assurance, audit and record-keeping purposes.
Where reasonably necessary to investigate reported issues, fulfil a support request or maintain the Services, authorized SecuVeo personnel may access a Customer’s Account using secure account impersonation functionality.
Impersonation access is strictly limited to authorized personnel and is used solely for legitimate support, maintenance and operational purposes.
Impersonation activity may be recorded within the Services and may include:
- The authorized SecuVeo representative.
- The Customer Account accessed.
- Date and time of access.
- Actions performed during the impersonation session.
- Other audit information reasonably required for security and compliance purposes.
Where supported by the Services, Customers may be notified when an authorized SecuVeo representative is accessing their Account using impersonation functionality.
Customers acknowledge that authorized SecuVeo personnel may temporarily access Customer Data solely to the extent reasonably necessary to investigate or resolve the reported issue and remain subject to appropriate confidentiality obligations.
35. Intellectual Property
The Services, including but not limited to:
- Software
- Source code
- User interface
- Branding
- Logos
- Documentation
- Security scoring methodology
- Report layouts
- Platform design
- AI prompts
- Product Library
- Templates supplied by SecuVeo
- Other intellectual property
remain the exclusive property of MSP SecureView LLC-FZ or its licensors.
Nothing within these Terms transfers ownership of SecuVeo intellectual property to the Customer.
36. Acceptable Use
Customers must not:
- Use the Services unlawfully.
- Attempt unauthorized access.
- Reverse engineer the Services except where permitted by law.
- Copy or resell the Services.
- Upload malicious software.
- Attempt to interfere with the Services.
- Use the Services to infringe third-party rights.
- Attempt to bypass licensing restrictions.
- Use automated tools to scrape or extract platform data without authorization.
SecuVeo may suspend or terminate access where these Terms are breached.
37. Beta Features
From time to time, SecuVeo may make Beta, preview or early access functionality available.
Beta features are provided for evaluation purposes.
Beta features may:
- Change without notice.
- Be withdrawn.
- Produce inaccurate results.
- Contain defects.
Customers use Beta functionality entirely at their own risk.
38. Disclaimer of Warranties
Except as expressly stated in these Terms, the Services are provided “as is” and “as available.”
To the fullest extent permitted by law, SecuVeo disclaims all warranties, whether express, implied or statutory, including but not limited to:
- Merchantability.
- Fitness for a particular purpose.
- Non-infringement.
- Continuous availability.
- Accuracy.
- Completeness.
- Security.
- Compatibility.
SecuVeo does not warrant that:
- The Services will operate without interruption.
- The Services will be error-free.
- AI-generated content will be accurate.
- Security Reviews will identify every risk.
- Microsoft Graph or PSA integrations will always be available.
- Security Evidence will always be complete.
39. Limitation of Liability
To the fullest extent permitted by applicable law:
SecuVeo shall not be liable for:
- Indirect damages.
- Consequential damages.
- Incidental damages.
- Special damages.
- Loss of profits.
- Loss of revenue.
- Loss of business.
- Loss of contracts.
- Loss of goodwill.
- Loss, corruption or unauthorized disclosure of Customer Data.
- Cybersecurity incidents affecting the Customer or its Clients.
- Decisions made by the Customer based upon Security Reviews, Security Evidence, AI-generated content or recommendations.
SecuVeo’s total aggregate liability arising from or relating to the Services shall not exceed the total Subscription fees paid by the Customer during the twelve (12) months immediately preceding the event giving rise to the claim.
Nothing in these Terms excludes liability that cannot lawfully be excluded.
40. Suspension of Services
SecuVeo may immediately suspend all or part of the Services where reasonably necessary to:
- Protect the security or integrity of the Services.
- Prevent fraud or unlawful activity.
- Respond to a security incident.
- Perform emergency maintenance.
- Comply with applicable law.
- Protect other Customers.
- Investigate suspected breaches of these Terms.
- Respond to requests from competent legal or regulatory authorities.
Where reasonably practicable, SecuVeo will notify the Customer before or shortly after any suspension.
Suspension does not remove the Customer’s obligation to pay any Subscription fees due under these Terms.
41. Termination
Either party may terminate these Terms where the other party commits a material breach and fails to remedy that breach within fourteen (14) days of receiving written notice.
SecuVeo may terminate the Services immediately where:
- The Customer commits fraud.
- The Customer intentionally compromises the security of the Services.
- Continued provision of the Services would be unlawful.
- Subscription fees remain unpaid following reasonable notice.
- The Customer repeatedly breaches these Terms.
- Continued provision of the Services presents a security, operational or legal risk.
Termination does not affect:
- Any accrued rights.
- Outstanding payment obligations.
- Clauses intended to survive termination.
42. Effect of Termination
Upon termination:
- Customer access to the Services will cease.
- Customer Data will be processed in accordance with the SecuVeo Data Processing Agreement.
- Customers remain responsible for exporting any information they wish to retain before requesting termination.
- SecuVeo may permanently remove Customer Data following the applicable retention period.
The following provisions survive termination:
- Confidentiality.
- Intellectual Property.
- Limitation of Liability.
- Indemnity.
- Governing Law.
- Any provision which by its nature is intended to survive termination.
43. Force Majeure
Neither party shall be liable for any delay or failure to perform its obligations where such delay or failure results from events beyond its reasonable control.
These events may include:
- Natural disasters.
- Fire.
- Flood.
- War.
- Terrorism.
- Civil unrest.
- Government action.
- Pandemic.
- Internet failure.
- Utility failure.
- Cyberattack.
- Failure of third-party providers.
- Microsoft service disruption.
- AWS service disruption.
- Other events beyond reasonable control.
The affected party shall use reasonable efforts to resume performance as soon as practicable.
44. Indemnity
The Customer agrees to indemnify, defend and hold harmless MSP SecureView LLC-FZ, its officers, directors, employees, contractors and affiliates from and against any claims, liabilities, damages, losses, costs and expenses (including reasonable legal fees) arising out of or relating to:
- The Customer’s use of the Services.
- Any breach of these Terms.
- Any Security Review Report issued by the Customer.
- Advice or recommendations provided by the Customer to its Clients.
- Customer Data uploaded to the Services.
- Any infringement of third-party rights caused by the Customer.
- The Customer’s failure to obtain appropriate authorization from its Clients.
45. Assignment
The Customer may not assign, transfer or otherwise dispose of any rights or obligations under these Terms without the prior written consent of SecuVeo.
SecuVeo may assign or transfer these Terms as part of:
- A corporate reorganization.
- A merger.
- An acquisition.
- A sale of assets.
- Any other legitimate business transaction.
46. Entire Agreement
These Terms, together with the Privacy Policy, Data Processing Agreement (“DPA”) and any documents expressly incorporated by reference, constitute the entire agreement between the parties regarding the Services.
They supersede all previous agreements, discussions, representations and understandings relating to the Services.
If there is any conflict between these Terms, the Data Processing Agreement and the Privacy Policy, the documents shall apply in the following order of precedence:
- The Data Processing Agreement, where applicable;
- These Terms; and
- The Privacy Policy.
- Product Roadmap
The Services may include a Product Roadmap or other information describing planned, proposed or future functionality.
Roadmap information is provided solely for informational purposes and does not constitute a commitment, warranty or contractual obligation to develop, release or maintain any particular feature, functionality, integration or release date.
SecuVeo may, at its sole discretion:
- Modify roadmap items.
- Change priorities.
- Delay or accelerate development.
- Remove planned features.
- Introduce new features.
- Change estimated release dates.
Customers should make purchasing and business decisions based on the functionality currently available within the Services and not on planned or future functionality.
48. Changes to the Services
SecuVeo continually develops and improves the Services.
Features, integrations and functionality may vary between Subscription plans and may be introduced, modified or withdrawn over time.
Accordingly, we may:
- Add features.
- Remove features.
- Modify functionality.
- Introduce new integrations.
- Change user interface elements.
- Improve AI functionality.
- Expand Microsoft Graph or GDAP capabilities.
- Introduce additional security evidence providers.
Such changes do not constitute a breach of these Terms.
Where a change materially reduces core functionality, SecuVeo will use reasonable efforts to provide advance notice where practicable.
49. Policy Centre
The Services may include a Policy Centre through which SecuVeo makes available these Terms, the Privacy Policy, Data Processing Agreement and other policies, notices or legal documents relating to the Services.
Customers acknowledge that:
- The Policy Centre is the primary location for accessing the latest versions of applicable policies.
- Historical versions of policies may be made available for reference.
- SecuVeo may publish updated policies through the Policy Centre from time to time.
- Where a policy is materially updated, Customers may be required to review and acknowledge the revised policy before continuing to use all or part of the Services.
- Policy acknowledgments may be recorded within the Services as part of the Customer’s audit trail and compliance record.
Where applicable, SecuVeo may also notify Customers of policy updates by email or through in-platform notifications.
50. Changes to these Terms
SecuVeo may amend these Terms from time to time.
Where changes materially affect Customer rights or obligations, SecuVeo will provide reasonable notice through the Policy Centre and may also notify Customers by email, through the Services or via the SecuVeo website.
Where required by the Services, Customers may be required to review and acknowledge updated Terms or other policies before continuing to use all or part of the Services.
Where acknowledgment is not required, continued use of the Services after the revised Terms become effective constitutes acceptance of the updated Terms.
If a Customer does not agree to the revised Terms, the Customer may cancel the Subscription in accordance with these Terms before the revised Terms take effect.
51. Severability
If any provision of these Terms is found to be invalid, illegal or unenforceable, the remaining provisions shall continue in full force and effect.
The invalid provision shall be interpreted or replaced, where legally permitted, so that it most closely reflects the original commercial intent.
52. Waiver
Failure or delay by either party to exercise any right or remedy under these Terms shall not constitute a waiver of that right or remedy.
Any waiver must be in writing and signed by the party granting it.
53. Notices
Any notices relating to these Terms may be provided:
- By email.
- Through the SecuVeo platform.
- Through the Customer Account.
- By any other reasonable electronic means.
Customers are responsible for ensuring their contact details remain accurate.
54. Governing Law & Jurisdiction
These Terms shall be governed by and construed in accordance with the laws of the Emirate of Dubai and the applicable Federal laws of the United Arab Emirates.
Subject to any mandatory law to the contrary, the courts of Dubai shall have exclusive jurisdiction over any dispute arising out of or relating to these Terms or the Services.
55. Contact Details
MSP SecureView LLC-FZ
Trading as SecuVeo
Meydan Grandstand, 6th Floor, Meydan Road, Nad Al Sheba, Dubai, United Arab Emirates
Email: legal@secuveo.com
Support: Via the SecuVeo Support Portal
Website: https://www.secuveo.com
56. Acceptance
By creating an Account, commencing a Free Trial, purchasing a Subscription or otherwise using the Services, you acknowledge that you have:
- Read these Terms of Service.
- Understood these Terms of Service.
- Agreed to be legally bound by these Terms of Service.
- Confirmed that you have authority to enter into these Terms on behalf of your organization.