← Back

BlockAPT Terms of Service for Businesses

Version: 1

Effective date: 7th July 2026

1. Who we are, what these Terms cover and how you accept them

1.1 These Terms of Service for Businesses form a legal agreement between BlockAPT Limited, a company registered in England and Wales with company number 11759911 and registered office at 27 Old Gloucester Street, London, United Kingdom, WC1N 3AX, and the Business Customer who buys, accesses or uses the Service.

1.2 BlockAPT, we, us and our mean BlockAPT Limited. You and your mean the Business Customer. BlockAPT is registered with the Information Commissioner's Office in the United Kingdom in relation to data protection.

1.3 These Terms apply to employer, professional, organisational, third party, managed service and commercial use of the BlockAPT SaaS security service, web portal, mobile application, desktop application, endpoint agent, browser extension, software, alerts, dashboards, reports, threat intelligence, Security Telemetry, subscriptions, documentation and support.

1.4 These Terms do not apply to personal, family or household use. Separate BlockAPT consumer terms apply to those uses.

1.5 You accept these Terms when an Authorised User creates an Account, you or an Authorised User buys a Subscription, completes checkout, clicks to accept, downloads or installs an App, renews a Subscription or accesses or uses the Service. You warrant that you have authority to bind the Business Customer.

1.6 Website browsing, cookies, marketing forms and general website privacy are handled through separate website notices. Data processing for use of the Service is covered in section 6 of these Terms.

1.7 If a signed Order Form or written agreement exists, it incorporates these Terms. If there is a conflict between a signed Order Form or written agreement and these Terms, the Order Form or written agreement applies to the matter it covers.

1.8 If you buy or download the App through Apple App Store or Google Play, the app store terms in section 7 also apply for app store matters.

2. Key definitions

Account: the account, product profile, subscription record or organisational workspace used to access the Service.

Administrator: an Authorised User who creates, manages or controls an Account, adds or removes Authorised Users, manages settings, receives alerts or gives instructions to BlockAPT on behalf of the Business Customer.

App: any mobile, desktop, browser, endpoint or other application, agent, connector or software supplied by BlockAPT as part of the Service.

Apple: Apple Inc. and its affiliates, including the operator of the Apple App Store in the territory that applies to you.

Apple App Store: Apple app marketplace, account, billing, subscription, review, update and platform services.

Authorised User: an employee, officer, director, worker, contractor, subcontractor, agent or permitted third party who accesses or uses the Service under the Business Customer's Account.

BlockAPT: BlockAPT Limited, company number 11759911.

Business Customer: a company, partnership, public sector body, charity, sole trader or other legal entity buying or using the Service for employer, professional or organisational purposes.

Charges: the subscription fees, usage charges, support charges, taxes and other amounts payable for the Service.

Documentation: product descriptions, guidance, support articles, technical materials and instructions made available by BlockAPT.

Google: Google LLC, Google Ireland Limited, Google Commerce Limited or another Google entity operating Google Play in the territory that applies to you.

Google Play: Google Play app marketplace, account, billing, subscription, review, update, policy and platform services.

Order Form: a written purchase order, order form, statement of work or other signed or accepted document that describes the scope, term, Charges and other specific commercial terms of a Subscription.

Product Data: Account information, Business Personal Data, device data, app data, usage data, billing data, support data, diagnostic data, logs, metadata, Security Telemetry and other information processed in connection with the Service.

Security Telemetry: technical, operational and security data generated, collected or processed by the Service, including device state, threat indicators, alerts, suspicious files, URLs, domains, IP addresses, installed app information where required, app activity where required, configuration data, diagnostic data, events, logs and metadata.

Service: the BlockAPT SaaS security service, App, software, portal, dashboards, alerts, reports, threat intelligence, support and related services supplied by BlockAPT.

Subscription: a time limited or renewing right to access and use the Service.

3. Orders, Accounts, Authorised Users and Administrators

3.1 BlockAPT will provide the Service in accordance with these Terms, any Order Form, the relevant Subscription, the purchase flow and the Documentation.

3.2 Available features depend on your plan, Subscription tier, device type, operating system, app store, country, permissions, network connection, app settings and technical compatibility.

3.3 You must provide accurate Account, contact and billing information and keep it up to date. BlockAPT may rely on the information you provide.

3.4 You are responsible for all activity under your Account, including activity by Authorised Users and anyone who accesses the Service through your Account.

3.5 If you are the Administrator or main Account holder, you must act responsibly and lawfully when adding or removing Authorised Users or devices, changing settings, enabling monitoring or security features, receiving alerts, managing permissions, giving instructions to BlockAPT or allowing another person to use the Service. You must give Authorised Users required notices, obtain required consents, apply required employment policies and remove users or devices that should no longer have access.

3.6 You must keep credentials secure, enforce reasonable access controls and promptly tell BlockAPT if you suspect unauthorised access, compromise or misuse.

3.7 The Service may depend on compatible devices, supported operating systems, internet access, app store availability, operating system permissions, cloud services and third party services. You are responsible for maintaining those requirements unless BlockAPT has expressly agreed otherwise.

3.8 BlockAPT may provide updates, patches, security fixes, new versions and feature changes. You must install or allow required updates where necessary for security, compatibility, app store compliance or continued access.

3.9 The Service is not a backup service, emergency service, disaster recovery service, insurance product or replacement for business continuity planning, safe online behaviour, device security, backups, passwords, multifactor authentication, software updates or your own judgement.

3.10 BlockAPT may provide trials, previews, beta features or early access features. These may be changed or withdrawn at any time and are provided for evaluation only to the fullest extent permitted by law.

4. Licence, permitted use and restrictions

4.1 Subject to these Terms, any Order Form and payment of applicable Charges, BlockAPT grants you a limited, revocable, non exclusive, non transferable right during the Subscription term to permit Authorised Users to access and use the Service for your internal business security purposes.

4.2 You and Authorised Users may use the Service only on devices, accounts, networks and data that you own, control or are legally authorised to protect.

4.3 You must obtain all required consents, apply all required employment notices and comply with all applicable monitoring and surveillance laws, data protection laws, labour laws and employment laws before installing, activating or using features that may monitor, analyse, restrict, alert on or process Authorised User device, account or activity data.

4.4 You must not use or permit use of the Service for personal, family or household purposes under a Business Subscription.

4.5 You must not copy, modify, adapt, translate, rent, lease, loan, sell, sublicense, distribute, disclose, make available, frame, mirror, republish, scrape, decompile, disassemble, reverse engineer or create derivative works from the Service, App, Documentation or BlockAPT intellectual property, except to the extent applicable law prevents this restriction.

4.6 You must not bypass usage limits, authentication controls, entitlement controls, payment controls, app store restrictions, technical restrictions, security controls or approval processes.

4.7 You must not use the Service to monitor, track, access, intercept, control, surveil, harass, stalk or collect information about another person, account, device, network or system unless you have all legally required rights, notices, authority, employment policies and consents.

4.8 You must not use the Service for unlawful, harmful, abusive, fraudulent, deceptive, unsafe, exploitative, invasive, offensive or unauthorised purposes.

5. Cybersecurity product terms

5.1 The Service is designed to help you identify, monitor, manage and respond to security risks. Depending on the plan, it may provide device protection, alerts, policy controls, reports, recommendations, threat intelligence, dashboards and support.

5.2 Security products cannot guarantee complete protection. BlockAPT does not warrant that the Service will detect, block, prevent, remove, quarantine, remediate or warn against every threat, attack, vulnerability, malicious file, phishing site, scam, identity risk, misconfiguration, unauthorised access, data breach, compromise or harmful event.

5.3 The Service may produce false positives and false negatives. Legitimate files, URLs, domains, apps, users, devices, processes or activities may be flagged, blocked, restricted or reported. Malicious or risky activity may not always be detected or may be detected only after delay.

5.4 The Service may take automatic, semi automatic or user configured actions, including alerting, blocking, allow listing, deny listing, policy enforcement, quarantine, restriction, isolation, logging, reporting or other security actions. Those actions may disrupt access to files, apps, networks, accounts, devices or systems.

5.5 You are responsible for reviewing alerts, applying updates, acting on recommendations, maintaining backups, using strong authentication, enabling multifactor authentication where available, patching devices, reviewing permissions, maintaining appropriate business continuity arrangements and using reasonable care.

5.6 Alerts, scores, dashboards, reports and recommendations are provided to support decision making. They are not a guarantee of security, compliance, legal status, incident scope, absence of compromise or continuity of protection.

5.7 Unless expressly agreed in writing, BlockAPT does not provide forensic investigation, legal advice, regulatory advice, managed detection and response, incident response, breach notification services, law enforcement liaison, insurance advice or guaranteed remediation.

5.8 The Service is not intended for high risk use where failure could cause death, personal injury, physical damage, critical infrastructure failure, weapons operation, aircraft operation or emergency service failure.

6. Data processing, data protection, GCP and international support

6.1 This section forms part of these Terms and covers data processing for the Service. It is included here for ease of reference. It does not replace BlockAPT separate website privacy notice, cookie notice or marketing privacy information for general website browsing.

6.2 BlockAPT is registered with the Information Commissioner's Office in the United Kingdom in relation to data protection. BlockAPT will comply with data protection law that applies to BlockAPT and with the commitments in these Terms.

6.3 For Business Customer use, the parties acknowledge that BlockAPT processes personal data of Authorised Users and others on behalf of the Business Customer as part of delivering the Service, and may also process certain business contact and Account data as controller. The parties will comply with their respective controller and processor obligations under applicable data protection law. Where required by law (for example, where UK GDPR Article 28 applies), the parties may need to execute a data processing agreement. BlockAPT's standard data processing terms are available on request.

6.4 Product Data may include names, email addresses, contact details, Account identifiers, Subscription details, billing references, support communications, device identifiers, IP addresses, operating system information, app version, permissions, configuration settings, diagnostic data, logs, alerts, usage data and Security Telemetry.

6.5 Security Telemetry may include device state, app activity where required for the feature, suspicious files or indicators, URLs, domains, IP addresses, threat events, configuration data, event data, metadata and other technical information needed to provide, secure, support and improve the Service.

6.6 BlockAPT processes Product Data to provide the Service, operate Accounts, manage Subscriptions, deliver alerts, detect and analyse threats, provide support, troubleshoot issues, improve the product, maintain security, prevent fraud and misuse, comply with law, manage billing, enforce these Terms and protect BlockAPT, users and third parties.

6.7 Where UK GDPR, EU GDPR, the Data Protection Act 2018 or similar law applies, BlockAPT may rely on legal bases including performance of a contract, legitimate interests, legal obligation and establishment or defence of legal claims. Where BlockAPT processes personal data as processor, it does so in accordance with controller instructions and applicable law.

6.8 BlockAPT uses Google Cloud Platform as a core cloud infrastructure provider for SaaS hosting, storage, processing, security and related infrastructure. Unless BlockAPT expressly says otherwise in writing, you authorise BlockAPT to use Google Cloud Platform for the Service.

6.9 BlockAPT may use employees, directors, workers, contractors, consultants, group companies and service providers located in the United Kingdom and other jurisdictions to operate, support, secure, maintain, troubleshoot and improve the Service. Such access may include Product Data where reasonably necessary for those purposes.

6.10 BlockAPT may share Product Data with service providers that help provide the Service, including cloud hosting, security, support, billing, payments, analytics, communications, app store services, error logging, fraud prevention, professional advisers, insurers, auditors, regulators, courts and law enforcement where required or permitted by law.

6.11 BlockAPT will apply reasonable technical and organisational measures designed to protect Product Data against unauthorised or unlawful processing and accidental loss, destruction or damage. Such measures may include access controls, encryption, logging, backup practices, vulnerability management, supplier controls and security monitoring as appropriate to the Service.

6.12 Product Data may be processed outside the United Kingdom. Where UK GDPR, EU GDPR or similar transfer rules apply to BlockAPT, BlockAPT will use a lawful transfer mechanism where required, such as an adequacy decision, standard contractual clauses, a UK international data transfer agreement, a UK addendum or another recognised mechanism.

6.13 BlockAPT does not agree to comply with every local, sector specific, employment, monitoring, data residency or privacy law that may apply to every organisation in every country unless expressly agreed in writing. You are responsible for ensuring that your deployment of the Service is lawful in your location and for your devices, Authorised Users and intended use cases.

6.14 BlockAPT may retain Product Data for as long as needed to provide the Service, manage the Account, comply with legal, tax, accounting, fraud prevention, security, dispute, backup, audit, sanctions, export control and legitimate operational requirements, and then delete, anonymise or aggregate it in accordance with its retention practices.

6.15 Data subjects may exercise access, correction, deletion, restriction, objection, portability or withdrawal of consent rights where applicable. These rights are not absolute. BlockAPT may refuse or limit a request where permitted by law, including where data must be retained for security, legal, tax, fraud prevention, dispute, backup, audit or legitimate operational reasons.

6.16 Where the Service allows account creation or user provisioning, BlockAPT will provide a reasonable account deletion or offboarding route through the App, website, admin console or support process. You are responsible for offboarding Authorised Users before termination, cancellation or expiry of the Subscription.

6.17 You must not submit special category data, highly sensitive data, regulated health data, payment card data, government restricted data, classified data or children's data to the Service unless the feature is designed for that data and BlockAPT has expressly agreed the relevant processing in writing.

6.18 BlockAPT may use aggregated, anonymised, statistical, diagnostic, operational and threat intelligence data for security, analytics, product improvement, benchmarking, research and development, provided it does not identify any individual in breach of applicable law.

6.19 You are responsible for providing required notices and obtaining required consents from Authorised Users, employees and other individuals whose data you submit to or process through the Service, in accordance with applicable data protection, employment and labour law, and your own policies and professional obligations.

6.20 Where you act as controller in relation to Authorised User personal data, you must comply with your obligations as controller, including legal basis, notice, purpose limitation, minimisation, accuracy, retention, security, governance, individual rights and documentation requirements under applicable law.

6.21 You must promptly notify BlockAPT if you become aware of any personal data breach, security incident, regulatory inquiry, enforcement action, court order, data subject claim or third party demand that relates to data processed through the Service.

6.22 Where BlockAPT is required to conduct a data protection impact assessment, legitimate interests assessment, transfer impact assessment or similar assessment in connection with the Service and your deployment, you will cooperate with and provide reasonable information to support that assessment.

6.23 BlockAPT may update its data protection and privacy practices to reflect changes in law, regulatory guidance, app store policy, technical capability or operational requirements. BlockAPT will give reasonable notice where a material change affects how personal data is processed.

6.24 Where sub processor arrangements are relevant, BlockAPT may maintain and make available a sub processor list on request or through the Service documentation. BlockAPT will give reasonable notice of material sub processor changes where required by applicable law or agreed data processing terms.

6.25 The privacy information shown in app store listings, in app disclosures, account tools and operating system prompts must be consistent with this section. If a product feature requires additional disclosure or consent, BlockAPT may update the disclosure or restrict the feature until it is corrected.

6.26 If a sector specific regulation, national law or local supervisory authority requires additional contractual terms, data localisation, specific security standards, audit rights, data protection officer involvement or other requirements for BlockAPT to legally process data in connection with your use, those requirements apply only where BlockAPT has expressly agreed them in a signed Order Form or data processing agreement.

6.27 Nothing in these Terms prevents BlockAPT from complying with a legal obligation, a court order, a regulatory direction or a law enforcement requirement that requires processing, disclosure, retention or restriction of Product Data, provided BlockAPT gives reasonable notice where permitted by law.

7. Mobile Applications and App Stores

7.1 The Service may be accessed through one or more mobile applications published by BlockAPT and made available through the Apple App Store, Google Play Store or other authorised application marketplaces. Use of the App is subject to these Terms together with any applicable marketplace terms, policies and usage requirements.

7.2 Apple App Store

7.2.1 This section applies where an App is downloaded, installed, purchased, subscribed to, accessed or used through the Apple App Store.

7.2.2 The App is licensed, not sold. BlockAPT and its licensors retain ownership of the App and all related intellectual property rights. You and Authorised Users receive only the limited right to use the App in accordance with these Terms, the Documentation and Apple rules that apply to the App.

7.2.3 Apple is not a party to these Terms and is not responsible for the App or the Service. BlockAPT, not Apple, is responsible for the App, the Service, product support and maintenance, except to the extent Apple has a separate obligation under mandatory Apple terms.

7.2.4 To the extent required by Apple, Apple and its subsidiaries are third party beneficiaries of this section and may enforce it against you.

7.2.5 You must comply with Apple App Store terms, Apple Media Services terms, Apple usage rules and Apple device rules that apply to use of the App. Apple rules govern app store billing, refunds, family sharing, subscriptions, device usage, app review, permissions and platform functionality.

7.2.6 If the App or a Subscription is bought through Apple, billing, renewal, cancellation and refunds may be handled by Apple rather than BlockAPT. BlockAPT may not be able to cancel, refund or manage an Apple App Store Subscription directly.

7.2.7 Apple has no obligation to provide maintenance or support for the App. If the App fails to conform to an applicable warranty and Apple is legally required to respond, Apple may refund the purchase price paid through Apple if required by Apple terms. To the fullest extent permitted by law, Apple has no other warranty obligation for the App.

7.2.8 Apple is not responsible for claims relating to the App or use of it, including product liability claims, legal compliance claims, intellectual property claims, privacy claims or claims by Authorised Users, except where Apple terms or mandatory law say otherwise.

7.2.9 The App may request Apple permissions needed for security features, notifications, network status, device information, app activity, local storage, VPN configuration, identity, location, contacts, installed app information, accessibility functions or other platform features. The permissions requested must be consistent with the product functionality, in app disclosures and any privacy information provided through the Apple App Store.

7.2.10 Security related apps may involve sensitive permissions and data. You must not use the App in a way that breaches Apple rules, manipulates permissions, hides monitoring, misrepresents data collection, bypasses platform controls or creates unlawful surveillance or security risk.

7.3 Google Play Store

7.3.1 This section applies where an App is downloaded, installed, purchased, subscribed to, accessed or used through Google Play.

7.3.2 The App is licensed, not sold. BlockAPT and its licensors retain ownership of the App and all related intellectual property rights. You and Authorised Users receive only the limited right to use the App in accordance with these Terms, the Documentation and Google rules that apply to the App.

7.3.3 Google is not a party to these Terms and is not responsible for the App, the Service or these Terms. BlockAPT, not Google, is responsible for the App, the Service, product support and maintenance, except to the extent Google has a separate obligation under mandatory Google Play terms.

7.3.4 If these Terms conflict with any mandatory Google Play requirements that BlockAPT must comply with as a developer, those mandatory requirements will apply only to the extent necessary to resolve the conflict.

7.3.5 You must comply with Google Play terms, Google Play policies, Android operating system rules and Google account rules that apply to use of the App. Google rules may control app store billing, refunds, subscriptions, permissions, data safety disclosures, app review, removal, suspension and platform functionality.

7.3.6 If the App or a Subscription is bought through Google Play, billing, renewal, cancellation and refunds may be handled by Google rather than BlockAPT. BlockAPT may not be able to cancel, refund or manage a Google Play Subscription directly.

7.3.7 Google may reject, suspend, restrict, remove or stop distributing the App where Google considers this necessary under Google Play rules, applicable law, security requirements, user protection requirements or platform policies. Any such action taken by Google will not constitute a breach of these Terms by BlockAPT, and BlockAPT will not be liable for any loss, damage, interruption, unavailability or other consequence arising from any action or inaction by Google.

7.3.8 The App may request Android permissions needed for security features, notifications, network status, device information, app activity, local storage, VPN configuration, identity, location, contacts, installed app information, accessibility functions or other platform features. The permissions requested must match the product functionality, in app disclosures and Google Play Data safety information.

7.3.9 Security related apps may involve sensitive permissions and data. You must not use the App in a way that breaches Google Play rules, manipulates permissions, hides monitoring, misrepresents data collection, bypasses platform controls or creates unlawful surveillance or security risk.

8. App Permissions, Functionality and Updates

8.1 The App is designed to provide a range of cyber security, privacy and digital protection capabilities for business and professional use. Depending on your Subscription, operating system, device capabilities, permissions granted by you and supported hardware, the App may provide one or more of the following features.

Web & Phishing Protection

Malicious site blockingblocks phishing, scam and malware domains across supported browsers and Apps.

Real timefilters traffic on device. Private, no proxying of content.

Smishing awareflags dangerous links from messages.

Wi Fi & Network Safety

Unsafe network alertswarns on open, potentially unsecure WI-FI.

Network checkscurrent connection security at a glance.

Data Breach Monitor

Breach alertsnotifies if your email, credentials appear in known breaches.

Guided actionwhat to change and where.

Device Posture & Compliance

Jailbreak detectionflags compromised devices.

OS & security checkspatch level, passcode and biometric enforcement.

Posture historytrack health over time.

App Privacy Audit

Permission reviewsee which apps reach sensitive data.

Privacy guidanceclear, actionable recommendations.

App Lock, Anti-Theft & Access

Biometric App Lockface ID or Touch ID to open Pivotra.

Anti-theft guidancelocate, alarm & lock guidance.

AuthenticationSupports Sign in with Apple, Google Sign In and other supported authentication providers and offers two factor authentication.

QOR AI Assistant

Ask Anythingsecurity questions answering in plain language and any language.

Contextualunderstands your device & alerts.

Family, Essential & Alerts

Family protectionprotect & monitor household members devices.

Essential protectionprotect & monitor teams or enterprise members devices.

Threats & alertsreal time alerts, threat timeline and reports.

8.2 The App requests only those permissions reasonably necessary to provide the functionality enabled by you or included within your Subscription. Authorised Users may refuse or withdraw certain permissions through device settings; however, doing so may reduce or prevent the availability of certain features.

8.3 Certain features may not be available on all devices, operating systems, geographic regions, Subscription plans or App versions and may depend upon supported hardware, third party services, internet connectivity or permissions granted by you.

8.4 BlockAPT may introduce, modify, improve, replace, suspend or discontinue features, functionality or integrations from time to time for security, legal, regulatory, technical or commercial reasons.

8.5 The features described in this section are intended to assist in improving your cyber security posture. They do not guarantee the detection, prevention, blocking or remediation of every cyber threat, phishing attempt, malicious website, vulnerability, compromise, malware infection, data breach or other security incident.

9. Fees, renewal, invoicing and payment

9.1 You must pay the Charges shown in the Order Form, checkout, Account, app store purchase flow or pricing page that applies to your Subscription.

9.2 Subscriptions may renew automatically where stated in the purchase flow or Order Form. Renewal terms, renewal date, billing period, minimum term, price and cancellation route should be shown before purchase and made available in the Account or Order Form.

9.3 Charges are exclusive of applicable tax, VAT, GST, withholding tax or similar tax unless expressly stated otherwise. Where tax is applicable and BlockAPT must account for it, BlockAPT will add it to invoices. You are responsible for paying applicable taxes and complying with applicable tax law.

9.4 For direct web purchases from BlockAPT, payment is due as stated at checkout or in the Order Form. BlockAPT may invoice in advance, on a recurring basis or at intervals stated in the Order Form.

9.5 For Apple App Store or Google Play purchases, cancellation, renewal and refund rights may be handled by Apple, Google or the relevant app store. BlockAPT may not be able to cancel, refund or manage an app store Subscription directly.

9.6 Except where mandatory law, the Order Form, purchase flow or an applicable app store rule says otherwise, fees are not refundable and cancellation stops future renewal rather than creating a refund for past or current periods.

9.7 BlockAPT may change prices for future renewal periods by giving notice before renewal or as stated in the Order Form. If you do not accept the changed price, you must cancel before renewal.

9.8 BlockAPT may charge interest on overdue amounts at 8% per annum above the Bank of England base rate from time to time, or as stated in the Order Form, compounding monthly from the due date until payment in full, in accordance with the Late Payment of Commercial Debts (Interest) Act 1998 or equivalent applicable law.

9.9 Where a Subscription covers a number of Authorised Users, devices or protected endpoints, you must not exceed those limits without purchasing additional capacity. BlockAPT may suspend access, charge for overage, require an upgrade or terminate non compliant access.

10. Support, availability and service changes

10.1 Unless a different support arrangement is stated in the applicable plan, Order Form or written agreement with BlockAPT, BlockAPT's standard support hours are Monday to Friday, 09:00 to 17:00 UK time, excluding public holidays in England and Wales. Support is provided through the support channels made available by BlockAPT for the relevant plan. Support requests submitted outside standard support hours may be treated as being received on the next support day.

10.2 Support responses are targets only and are not guaranteed response times or guaranteed resolution times unless BlockAPT expressly agrees specific service levels in the Order Form or a written agreement. BlockAPT does not guarantee that every issue, defect, incompatibility, threat or configuration problem will be fixed.

10.3 Support does not include unsupported devices, unsupported operating systems, unauthorised modifications, third party failures, network issues, custom integrations, incident response, forensic investigation, legal advice, regulatory advice, training or managed security services unless expressly agreed in writing.

10.4 BlockAPT will use commercially reasonable efforts to make the Service available, subject to planned maintenance, emergency maintenance, unscheduled downtime, internet failures, cloud provider issues, app store restrictions, security incidents, force majeure and factors outside BlockAPT reasonable control.

10.5 BlockAPT may change, improve, replace, suspend or discontinue features where reasonably necessary for security, compliance, operational, technical, commercial or product reasons. Where a change materially reduces paid core functionality, BlockAPT will use reasonable efforts to give notice where practicable.

10.6 BlockAPT may suspend, restrict or modify the Service where reasonably necessary for maintenance, security, legal compliance, your misuse or misuse by an Authorised User, payment failure, platform compliance, protection of users, protection of third parties, protection of infrastructure or regulatory risk.

10.7 BlockAPT may communicate service notices, security notices, legal notices, renewal notices, privacy notices and support notices through the Account, email, website, app notification or other reasonable channels.

11. Third party services and integrations

11.1 The Service may interoperate with app stores, operating systems, cloud services, identity providers, billing providers, support tools, analytics tools, notification services, email services, browsers, devices, networks and other third party services.

11.2 Third party services are provided under the third party terms that apply to them. BlockAPT is not responsible for third party services, third party outages, third party security incidents, third party data practices, third party policy changes or third party restrictions unless BlockAPT has expressly agreed otherwise in writing.

11.3 Integrations, connectors, APIs, scripts, automation, third party tools, custom configurations or use cases may require BlockAPT prior approval. BlockAPT may refuse, suspend or disable an integration that may introduce security risk, offensive cyber capability, controlled technology, export control risk, regulatory risk, app store risk, performance risk or operational risk.

11.4 You must not circumvent, conceal, misrepresent or fail to disclose integrations, customisations, configurations, data flows or use cases that could materially affect security, privacy, export control, sanctions, offensive cyber, platform or regulatory risk.

12. Intellectual property, confidentiality and feedback

12.1 BlockAPT and its licensors own all intellectual property rights in the Service, App, software, Documentation, threat intelligence, models, analytics, designs, trademarks, know how, updates, improvements and related materials.

12.2 These Terms do not transfer ownership of BlockAPT intellectual property to you or Authorised Users. You receive only the limited use rights expressly granted in these Terms and any Order Form.

12.3 You own business data and content that belongs to you, subject to the rights granted to BlockAPT to provide, secure, support, maintain, analyse and improve the Service, and to create and use aggregated, anonymised, statistical, diagnostic and threat intelligence data as described in these Terms.

12.4 Each party may receive confidential information of the other in connection with the Service. Confidential information must be used only for the purposes of the Service and must not be disclosed to third parties except where required by law, regulator, court order, professional adviser, service provider or these Terms, and in all cases subject to confidentiality obligations where practicable.

12.5 Confidentiality does not apply to information that is public through no breach, already lawfully known, independently developed without use of confidential information, or lawfully received from a third party without confidentiality restriction.

12.6 If you give feedback, suggestions, ideas, improvement requests or recommendations about the Service, BlockAPT may use them without restriction or obligation, provided BlockAPT does not disclose personal data in breach of these Terms or applicable law.

13. Suspension, termination and account offboarding

13.1 These Terms continue for as long as you have an Account, Subscription or access to the Service, unless terminated earlier in accordance with these Terms or any Order Form.

13.2 You may cancel your Subscription using the account tools, app store tools or support channels made available by BlockAPT, subject to any minimum term or billing and refund rules that apply to the purchase route or Order Form.

13.3 BlockAPT may suspend or terminate access immediately if payment is overdue, you breach these Terms, there is suspected misuse, there is suspected unlawful monitoring, there is offensive cyber use, there is sanctions, export control or regulatory risk, the Service is used against unauthorised systems, continued access may harm BlockAPT, users, third parties, infrastructure or app store compliance, or a platform, regulator, court or law requires restriction.

13.4 On termination or expiry, you must stop using the Service, offboard Authorised Users, uninstall or stop using the App where required, return or delete BlockAPT confidential information and pay all outstanding Charges.

13.5 BlockAPT may retain, delete, return or anonymise Product Data after termination in accordance with these Terms, technical limitations, backup cycles, legal requirements and legitimate operational needs.

13.6 BlockAPT may retain records after offboarding where required or permitted for tax, accounting, fraud prevention, security, dispute handling, legal compliance, backup, audit, sanctions, export control or legitimate operational purposes.

13.7 Clauses intended to survive termination will continue, including payment obligations, intellectual property, data retention, liability limits, governing law and restrictions on misuse.

14. Liability, responsibility and indemnity

14.1 Nothing in these Terms excludes or limits liability for death or personal injury caused by negligence, fraud, fraudulent misrepresentation, deliberate wrongdoing or any liability that cannot lawfully be excluded or limited.

14.2 Subject to clause 14.1, BlockAPT is liable only for direct loss caused by BlockAPT breach of these Terms or failure to provide the paid core Service with reasonable care and skill. BlockAPT is not liable for loss caused by security threats, missed or delayed detections, false positives, false negatives, outages, app store action, cloud provider failure, internet or device failure, unsupported systems, Authorised User settings, misuse, failure to follow guidance, failure to update, failure to back up, third party services or matters outside BlockAPT reasonable control.

14.3 To the fullest extent permitted by law, BlockAPT is not liable for service outage, interruption, delay, app store action, cloud provider failure, internet failure, device failure, operating system change, third party service failure, unsupported device, unsupported configuration, Authorised User mistake, ignored alert, weak password, failure to update, failure to back up, malware, phishing, account takeover, data breach, compromise, false positive, false negative, delayed detection, automated action, Authorised User configured policy, unauthorised monitoring, misuse of the Service or breach of these Terms by you or an Authorised User.

14.4 BlockAPT is not liable for indirect, special, incidental, consequential, punitive, exemplary or similar losses, including loss of profits, revenue, income, goodwill, anticipated savings, business, reputation, opportunity, data, third party claims or wasted expenditure, whether arising under contract, tort, statute, equity or otherwise.

14.5 BlockAPT is not liable for loss that was not foreseeable when the relevant Subscription was entered into, or for loss that you could reasonably have avoided by following BlockAPT instructions, alerts, updates, Documentation or reasonable security practices.

14.6 To the fullest extent permitted by law, BlockAPT total liability to a Business Customer for paid Service claims arising in any twelve month period is limited to the Charges paid by that Business Customer for the affected Service during the twelve months immediately before the event giving rise to the claim. For free trials, free plans, beta features or no charge services, the cap is one hundred pounds sterling.

14.7 Where you cause or contribute to a loss, legal claim, regulatory action, enforcement action, data breach, security incident, third party complaint, intellectual property claim, sanctions breach, export control breach, acceptable use breach or other liability suffered by BlockAPT, and that loss results from your deliberate misuse, unlawful use, fraud, negligence, breach of these Terms, failure to obtain required consents, failure to comply with applicable law or unauthorised use, you will indemnify BlockAPT against all direct losses, reasonable legal costs, regulatory fines, third party claims and related expenses attributable to your act or omission, to the extent permitted by law.

14.8 All warranties, guarantees, conditions and terms implied by law are excluded to the fullest extent permitted by law as against Business Customers. This does not affect mandatory rights that cannot lawfully be excluded.

14.9 Each party must use reasonable efforts to mitigate losses that it may suffer under or in connection with these Terms.

15. Acceptable use, export controls and sanctions

15.1 You must not use or permit use of the Service in any way that is unlawful, unsafe, harmful, abusive, deceptive, exploitative, invasive, offensive, unauthorised or inconsistent with the purpose of a defensive security service.

15.2 You must not use or permit use of the Service to develop, test, deploy, control, support, conceal, improve or operate malware, ransomware, spyware, credential theft, unauthorised surveillance, intrusion tools, exploit chains, command and control infrastructure or offensive cyber capability.

15.3 You must not use the Service against systems, accounts, devices, networks, data or individuals unless you have lawful authority, all required employment policies and notices, consents and approvals.

15.4 You must comply with all applicable export control laws, trade control regulations, sanctions programmes, anti bribery laws, anti corruption laws and anti money laundering laws when accessing, downloading, using, re exporting, transferring, providing or enabling access to the Service or any component of it. This includes UK Export Control Act 2002, the Export Control Order 2008, EU and US export controls where applicable, and any relevant sanctions administered by OFSI, OFAC, the UN or similar authorities.

15.5 You must not export, re export, transfer, disclose, provide, enable or use the Service, any security intelligence, any threat data, any technical component or any result of the Service in a way that requires a licence, governmental authorisation or regulatory approval that has not been obtained in advance, or in a way that would knowingly provide a material benefit to a designated, sanctioned or restricted person, entity, country or territory.

15.6 BlockAPT may refuse, restrict, suspend or terminate Service where BlockAPT reasonably believes continued provision may create legal, regulatory, sanctions, export control, app store, platform, reputational, operational or security risk.

15.7 You must not use the Service for covert or secret employee monitoring in a way that breaches applicable employment law, data protection law, privacy law or your own employment policies and notice obligations. You are responsible for giving Authorised Users and other affected individuals required notices, obtaining required consents and complying with applicable monitoring and surveillance law in each jurisdiction where you deploy the Service.

15.8 Where the Service includes threat intelligence, shared telemetry, aggregated data, indicator feeds, benchmarking data or community data, you must not attempt to identify individual users, organisations or entities from that data unless expressly agreed in writing. You must not use threat intelligence data for any purpose other than your own internal defensive security operations. You must not redistribute, resell, republish, broker or commercialise threat intelligence or shared telemetry without BlockAPT prior written consent.

16. General legal terms

16.1 Neither party is responsible for delay or failure to perform caused by events outside its reasonable control, including cloud provider failure, internet failure, app store action, cyber attack, power failure, industrial dispute, war, terrorism, civil unrest, epidemic, legal change, government action, fire, flood, storm or other force majeure event.

16.2 BlockAPT may assign, transfer, subcontract or otherwise deal with its rights and obligations under these Terms. You may not assign, transfer, sublicense or otherwise deal with your rights or obligations without BlockAPT prior written consent.

16.3 No failure or delay in exercising a right is a waiver. A waiver must be in writing and applies only to the specific matter waived.

16.4 If any term is invalid, unlawful or unenforceable, it will be modified to the minimum extent necessary to make it valid, lawful and enforceable, and the remaining terms will continue in force.

16.5 These Terms, any Order Form, the Subscription, the purchase flow and any expressly incorporated documents form the entire agreement about the Service and replace previous discussions, proposals and representations about the Service, except that nothing excludes liability for fraud.

16.6 No person other than the parties, Apple and Google where applicable under app store terms, and BlockAPT affiliates, officers, employees, contractors and service providers for the purpose of liability protection, has rights to enforce these Terms.

16.7 BlockAPT may update these Terms from time to time. Updated terms will apply to new Subscriptions, renewals and continued use after notice. If a change materially reduces paid core rights during a current paid term and is not required by law or regulation, BlockAPT will give reasonable advance notice.

17. Notices, complaints and contact

17.1 BlockAPT may give notices through the Account, App, website, email, invoice, support channel or other reasonable method. You must keep contact details current.

17.2 If you wish to make a complaint about the Product or Service you have received, please email your complaint to complaints@blockapt.com.

17.3 Written notices to BlockAPT must be sent to BlockAPT Limited at its registered office, 27 Old Gloucester Street, London, United Kingdom, WC1N 3AX, or to any legal notice email address stated on the BlockAPT website or in the purchase flow.

17.4 Support requests, billing questions, cancellation requests, app store Subscription questions, account offboarding requests, security alert questions and data rights requests should be submitted through the Account tools or support route made available by BlockAPT.

18. Governing law and exclusive jurisdiction

18.1 These Terms and any dispute or claim arising out of or in connection with them, the Service, the App, any Subscription, any Order Form or their formation are governed by the law of England and Wales.

18.2 The courts of England and Wales have exclusive jurisdiction to settle any dispute or claim arising out of or in connection with these Terms, the Service, the App, any Subscription, any Order Form or their formation, and no other court has jurisdiction.

18.3 The parties each irrevocably submit to the exclusive jurisdiction of the courts of England and Wales for those purposes.

BlockAPT Limited | Company number 11759911