Terms & Conditions

1. Parties and Acceptance

These Terms and Conditions ("Terms") constitute a legally binding agreement between BXIM Consultancy Private Limited (CIN: U72900DL2023PTC409614; GSTIN: 07AALCB3545M1ZB; registered at JP Gupta, 74, Krishna Nagar, Anarkali Colony South, New Delhi, East Delhi, Delhi – 110051, India) ("BXIM", "we", "us", or "our") and any individual or entity ("you", "Client", or "User") who accesses our website at bxim.in or engages BXIM for professional cybersecurity consulting services.

By accessing our website, submitting a contact form, booking a consultation, or entering into a service agreement with BXIM, you confirm that you have read, understood, and agree to be bound by these Terms and our Privacy Policy. If you do not agree, please do not use our website or engage our services.

If you are accessing our website or engaging services on behalf of an organization, you represent that you have the authority to bind that organization to these Terms.

2. Description of Services

BXIM provides professional cybersecurity consulting services, which may include:

• ISO 27001 Information Security Management System (ISMS) gap assessment and audit readiness support
• AWS cloud security configuration review and architecture assessment
• Web application security review aligned with OWASP methodology
• Infrastructure and network security review
• Security consultation, advisory, and strategic roadmap services
• Security monitoring setup and detection engineering assistance
• Risk assessment, threat modeling, and remediation support
• Security policy, Standard Operating Procedure (SOP), and compliance documentation
• Technical troubleshooting and incident support

The specific scope, deliverables, timelines, and commercial terms for each engagement are set out in a written Engagement Agreement or Statement of Work (SOW), which takes precedence over these general Terms in the event of any conflict.

3. Authorization-Only Operations

3.1 Explicit Written Authorization Required

BXIM operates exclusively on an authorization-only basis. We will not perform any security assessment, penetration test, vulnerability scan, cloud configuration review, or any other active security testing or inspection of any system, network, application, cloud environment, or digital asset without prior explicit written authorization from a person with legal authority to grant such access.

All engagements involving access to client systems, data, or environments require a duly signed Engagement Agreement or Rules of Engagement document that clearly defines the authorized scope, systems in scope, testing methodologies permitted, and authorized time windows.

3.2 Client Responsibility for Authorization

By engaging BXIM for any active assessment service, you represent and warrant that:

• You are the lawful owner of, or have been expressly authorized in writing by the owner of, all systems and assets within the agreed engagement scope
• No third-party systems (including shared hosting, third-party SaaS, or upstream service providers) are included in scope without their express written consent
• The authorized scope will not include systems or services owned or operated by any party other than the Client, unless such parties have provided written consent that you hold and can produce on request

Any misrepresentation of authorization will render the engagement void. BXIM will retain payment for work performed to date and shall not be liable for any consequences arising from unauthorized access facilitated by the Client's misrepresentation.

3.3 BXIM's Right to Pause or Terminate

BXIM reserves the right to immediately pause or terminate any assessment if, at any point, it appears that the assessment may inadvertently reach systems outside the authorized scope, or if BXIM has reason to believe the authorization provided is incomplete or inaccurate. In such cases, BXIM will notify the Client before resuming.

4. Use of Website

4.1 Permitted Use

You may use the BXIM website solely for lawful purposes — to learn about our services, submit enquiries, book consultations, and access published content. You must not use our website in any manner that:

• Violates any applicable Indian or international law or regulation
• Is fraudulent, misleading, or deceptive
• Transmits unauthorized advertising, spam, or unsolicited communications
• Attempts to gain unauthorized access to any part of the website, server, or associated systems
• Introduces viruses, malware, or other harmful code
• Disrupts, degrades, or overloads the website's infrastructure
• Scrapes, crawls, or extracts content using automated means without our prior written consent

4.2 Website Availability

We aim to keep the website available at all times, but we do not guarantee uninterrupted or error-free access. We reserve the right to suspend, modify, or discontinue any part of the website at any time without notice. We shall not be liable for any loss or inconvenience arising from website unavailability.

5. Intellectual Property

5.1 BXIM's Intellectual Property

All content on this website — including but not limited to text, articles, blog posts, graphics, logos, icons, images, service descriptions, methodologies, and software — is the exclusive property of BXIM Consultancy Private Limited or its licensors, and is protected by applicable copyright, trademark, and intellectual property laws.

You may not reproduce, copy, distribute, modify, display, republish, or commercially exploit any content from this website without our prior written permission.

5.2 Engagement Deliverables

Upon full payment of the agreed fees, BXIM grants the Client a non-exclusive, non-transferable license to use the deliverables (e.g., security assessment reports, documentation packs) strictly for the Client's internal business purposes.

Underlying methodologies, templates, tools, and frameworks used or developed by BXIM to produce deliverables remain the exclusive intellectual property of BXIM, regardless of payment or delivery.

Clients may not share, publish, resell, or distribute BXIM's deliverables to third parties without prior written consent.

5.3 Client Data and Materials

All data, documentation, credentials, and materials provided by the Client to BXIM for the purpose of an engagement remain the Client's property. BXIM will handle all such materials with strict confidentiality under the terms of the applicable NDA or Engagement Agreement.

6. Confidentiality

Both parties acknowledge that during the course of an engagement, they may have access to confidential and proprietary information belonging to the other party, including but not limited to technical configurations, security findings, business strategies, and client identity.

Both parties agree to hold all such information in strict confidence, not to disclose it to any third party without prior written consent, and to use it only for the purposes of fulfilling the engagement. This obligation survives the termination of any engagement by a minimum of three (3) years, or as otherwise specified in the Engagement Agreement.

BXIM will not disclose the identity of clients, the existence of engagements, or any findings to any third party without the Client's written consent, except as required by applicable law or court order.

7. Client Responsibilities

Clients engaging BXIM for services are responsible for:

• Providing timely access to systems, documentation, personnel, and information necessary for the engagement
• Ensuring all required authorizations for BXIM's access are in place before work commences
• Notifying BXIM of any regulatory, contractual, or operational constraints that may affect the engagement scope
• Designating a primary point of contact with decision-making authority for the engagement
• Reviewing and acknowledging findings, and implementing remediation steps based on BXIM's guidance
• Making payments in accordance with the agreed payment schedule
• Ensuring that BXIM's engagement does not inadvertently violate any agreement the Client has with third-party service providers

8. Disclaimers and Warranties

8.1 No Guarantee of Security

BXIM provides advisory and assessment services based on professional expertise, industry-recognized methodologies, and information available at the time of the engagement. BXIM does not guarantee or warrant that its services will identify all security vulnerabilities, risks, or threats, or that systems assessed will be free from security incidents or breaches following the engagement.

Cybersecurity is a dynamic field. New threats, vulnerabilities, and attack techniques emerge continuously. BXIM's findings reflect the security posture at the time of assessment only.

8.2 Website Content

The content on our website is provided for general informational purposes only. While we strive for accuracy, BXIM makes no representations or warranties — express or implied — regarding the completeness, accuracy, or reliability of the information on this website. Website content does not constitute professional security advice.

8.3 "As Is" Basis

This website and any free resources or tools provided on it are offered on an "as is" and "as available" basis without warranties of any kind, to the maximum extent permitted by applicable law.

9. Limitation of Liability

To the maximum extent permitted by applicable law:

• BXIM's total aggregate liability to any Client arising out of or in connection with an engagement shall not exceed the total fees paid by that Client to BXIM in the three (3) months preceding the event giving rise to the claim.
• BXIM shall not be liable for any indirect, incidental, special, consequential, or punitive damages — including loss of profits, loss of data, business interruption, loss of goodwill, or reputational harm — even if BXIM has been advised of the possibility of such damages.
• BXIM shall not be liable for any security incident, data breach, or system compromise that occurs: (a) after the engagement has concluded; (b) on systems outside the agreed engagement scope; or (c) arising from the Client's failure to implement recommended remediations.
• BXIM shall not be liable for the actions or omissions of third-party service providers used in connection with the engagement.

Nothing in these Terms excludes or limits BXIM's liability for fraud, willful misconduct, gross negligence, or for any liability that cannot be excluded by law.

10. Indemnification

You agree to indemnify, defend, and hold harmless BXIM, its directors, officers, employees, and agents from and against any claims, damages, penalties, losses, liabilities, and expenses (including reasonable legal fees) arising from:

• Your breach of any provision of these Terms
• Your misrepresentation of authorization for systems or assets assessed
• Your violation of any applicable law in connection with your use of our services
• Any third-party claim arising from unauthorized access facilitated by your misrepresentation
• Your failure to implement security remediations recommended by BXIM, resulting in a security incident

11. Payment Terms

Commercial terms for paid engagements are specified in the applicable Engagement Agreement or SOW. General payment conditions include:

• Invoices are due within the period stated on the invoice (typically 15 days net)
• All amounts are exclusive of applicable GST, which will be charged at the prevailing rate
• Overdue amounts may attract interest at 1.5% per month from the due date
• BXIM reserves the right to suspend or withhold services for overdue accounts without liability
• All fees are stated in Indian Rupees (INR) unless otherwise agreed in writing

12. Term and Termination

These Terms remain in force for as long as you use our website or engage BXIM's services. Either party may terminate an engagement by providing written notice as specified in the Engagement Agreement.

Upon termination of an engagement, the following provisions survive: Sections 3 (Authorization), 5 (Intellectual Property), 6 (Confidentiality), 9 (Limitation of Liability), 10 (Indemnification), 13 (Dispute Resolution), and 14 (Governing Law).

BXIM reserves the right to terminate access to its website for any user who violates these Terms.

13. Dispute Resolution

13.1 Informal Resolution

In the event of any dispute arising out of or in connection with these Terms or any engagement, both parties agree to first attempt to resolve the matter through good-faith negotiation. Either party may initiate this process by giving written notice to the other describing the dispute and the resolution sought. The parties will meet (in person or virtually) within 15 business days of such notice to attempt resolution.

13.2 Arbitration

If the dispute is not resolved within 30 days of the initial notice, either party may refer it to binding arbitration in accordance with the Arbitration and Conciliation Act, 1996 (as amended). The arbitration shall be:

• Conducted by a sole arbitrator mutually agreed upon by both parties, or appointed by a court of competent jurisdiction if the parties cannot agree
• Held in New Delhi, India
• Conducted in the English language
• Subject to Indian procedural law

The arbitration award shall be final and binding on both parties.

13.3 Interim Relief

Nothing in this Section prevents either party from seeking interim or injunctive relief from a court of competent jurisdiction where necessary to prevent irreparable harm.

14. Governing Law and Jurisdiction

These Terms and any disputes arising out of or in connection with them are governed by and construed in accordance with the laws of India, without regard to conflict of law principles.

Subject to the arbitration clause in Section 13, any legal proceedings relating to these Terms shall be subject to the exclusive jurisdiction of the courts of New Delhi, India.

15. Modifications to Terms

BXIM reserves the right to modify these Terms at any time. Updated Terms will be posted at bxim.in/terms with a revised effective date. For material changes, we will endeavour to notify active clients by email.

Continued use of our website or services after the effective date of revised Terms constitutes your acceptance of the changes. If you do not agree to the revised Terms, please discontinue use of our services and notify us at info@bxim.in.

16. Severability

If any provision of these Terms is found to be invalid, unlawful, or unenforceable by a court of competent jurisdiction, that provision shall be limited or eliminated to the minimum extent necessary, and the remaining provisions shall continue in full force and effect.

17. Waiver

No failure or delay by BXIM in exercising any right, power, or privilege under these Terms shall operate as a waiver of that right. No single or partial exercise of any right, power, or privilege shall preclude its further exercise or the exercise of any other right.

18. Entire Agreement

These Terms, together with our Privacy Policy, Refund and Cancellation Policy, and any applicable Engagement Agreement or Statement of Work, constitute the entire agreement between you and BXIM with respect to the subject matter herein, and supersede all prior communications, representations, and agreements, whether written or oral.

19. Force Majeure

BXIM shall not be liable for delays or failures in performing its obligations under these Terms to the extent that such delays or failures result from causes beyond its reasonable control, including but not limited to acts of God, natural disasters, civil unrest, government actions, internet or infrastructure outages, epidemics, or pandemics. BXIM will promptly notify the Client of any such circumstance and will use reasonable efforts to resume performance as soon as practicable.

20. Contact

For questions about these Terms, or to report a concern, please contact: