qortrace-terms-v2.0ACTIVELEGAL · TERMS · LAST UPDATED MAY 30, 2026

Terms of Service

These Terms of Service constitute a binding legal agreement between Qor Corporation, a Delaware corporation, and the person or entity that accesses or uses the website at www.qortrace.com, the QorTrace post-quantum cryptography scanning and auditing platform, related dashboards, consulting, application programming interfaces (APIs), reports, command-line tools, and any other products or services made available by Qor.

19SECTIONS·
30dARBITRATION OPT-OUT WINDOW·
DEGOVERNING LAW · DELAWARE·
V2COUNSEL-APPROVED

Plain provisions where possible

We flag binding arbitration, class-action waiver, and liability caps in plain caps — no buried hooks.

Reports are advisory

QorTrace findings, scores, and certificates reflect our best technical assessment under our published methodology — not legal, investment, or fiduciary advice.

Predictable billing

Order forms govern Fees. Late amounts bear interest at 1.5%/mo. Net-30 unless stated otherwise.

30-day arbitration opt-out

You can opt out of binding arbitration within 30 days of first acceptance by emailing legal@qortrace.com.

Your use of the Services is also subject to our Privacy Policy, which is hereby incorporated by reference and available at https://qortrace.com/legal/privacy.

Please read these Terms carefully. They contain important provisions, including a binding arbitration clause, a class-action waiver, limitations on liability, and disclaimers of warranty, each of which affects your legal rights. If you do not agree to these Terms, do not access or use the Services.

By clicking “I agree,” registering an account, submitting a scan, downloading a report, or otherwise accessing or using the Services, you (a) acknowledge that you have read and understood these Terms; (b) agree to be bound by these Terms; and (c) represent and warrant that you have the authority and capacity to enter into these Terms (and, if you are accepting on behalf of an entity, that you are authorized to bind that entity).

1. The Services

1.1 Description

QorTrace is a software-as-a-service and consulting platform that helps blockchain ecosystems, custodians, exchanges, validators, and other institutions identify and remediate exposure to quantum-computing threats, including risks associated with Shor’s algorithm and “harvest-now-decrypt-later” attacks. The Services may include, without limitation:

  • (a) free post-quantum exposure scans of public blockchain addresses, smart contracts, validators, RPC endpoints, and other on-chain assets across supported networks from time to time;
  • (b) paid institutional audits, risk reports, dashboards, alerts, and analytics;
  • (c) APIs and integrations; and
  • (d) advisory and remediation guidance materials.

1.2 Modifications to the Services

Qor reserves the right at any time, in its sole discretion, to add, modify, suspend, or discontinue any portion of the Services, including features, chain coverage, scoring methodologies, and pricing tiers. We will use commercially reasonable efforts to notify Customer of material changes to paid Services. Continued use of the Services after a modification constitutes acceptance of the modification.

1.3 Free Services and Trials

Portions of the Services may be offered free of charge or on a trial basis (“Free Services”). Free Services are provided “AS IS” and “AS AVAILABLE” without any warranty or service-level commitment, and Qor may modify, limit, throttle, suspend, or discontinue Free Services at any time without notice and without liability to you.

1.4 Beta Features

From time to time Qor may make available pre-release, beta, alpha, evaluation, or “early-access” features (collectively, “Beta Features”). Beta Features are clearly identified as such and are provided “AS IS” without any warranty or support. Qor may discontinue any Beta Feature at any time. Customer’s use of Beta Features is at its sole risk.

2. Eligibility; Accounts; Authority

2.1 Eligibility

The Services are intended for use only by:

  • (a) individuals who are at least 18 years of age and capable of forming a binding contract under applicable law; and
  • (b) entities that are duly organized and in good standing in their jurisdiction of formation.

By using the Services, you represent and warrant that you satisfy the foregoing eligibility requirements and that you are not:

  • (i) located in, or a national or resident of, any country subject to a U.S. Government embargo or designated by the U.S. Government as a “terrorist supporting” country; or
  • (ii) listed on any U.S. Government list of prohibited or restricted parties, including the Specially Designated Nationals (SDN) List maintained by the Office of Foreign Assets Control (“OFAC”).

2.2 Accounts

Certain Services require Customer to register for an account (“Account”). Customer agrees to:

  • (a) provide accurate, complete, and current information during registration;
  • (b) maintain and promptly update Account information;
  • (c) maintain the security of Account credentials; and
  • (d) promptly notify Qor of any unauthorized access to or use of the Account.

Customer is solely responsible for all activities that occur under the Account, whether or not authorized.

2.3 Authorized Users

Customer may permit its employees, contractors, agents, and consultants (“Authorized Users”) to access the Services solely for Customer’s internal business purposes, provided that Customer is responsible for:

  • (a) each Authorized User’s compliance with these Terms;
  • (b) the accuracy, quality, and legality of all data submitted by Authorized Users; and
  • (c) preventing unauthorized access to or use of the Services.

3. Orders, Fees, and Payment

3.1 Orders

Paid Services are made available pursuant to an order form, online subscription, statement of work, or other ordering document executed or accepted by Customer (each, an “Order”). Each Order is incorporated by reference into these Terms. In the event of a conflict between an Order and these Terms, the Order controls solely with respect to the subject matter of that Order.

3.2 Fees

Customer shall pay all fees set forth in the applicable Order (“Fees”). Except as expressly stated in an Order or required by applicable law, all Fees are non-refundable. Qor may change Fees for any renewal term upon written notice to Customer no later than thirty (30) days prior to the start of the renewal term.

3.3 Taxes

All Fees are exclusive of taxes, levies, duties, and similar governmental assessments, including value-added, sales, use, withholding, and other taxes (collectively, “Taxes”). Customer is responsible for all Taxes other than taxes imposed on Qor’s net income.

3.4 Invoicing and Payment

Unless otherwise specified in an Order, Fees are due net thirty (30) days from the date of invoice. Late amounts bear interest at the lesser of 1.5% per month or the maximum rate permitted by law. Qor may suspend the Services if Fees are more than thirty (30) days past due.

4. License Grant; Reservation of Rights

4.1 License to Use the Services

Subject to these Terms and the payment of applicable Fees, Qor hereby grants Customer a limited, non-exclusive, non-transferable, non-sublicensable, revocable license during the applicable subscription term to access and use the Services solely for Customer’s internal business purposes.

4.2 Reports and Output

Subject to these Terms, Qor grants Customer a limited, non-exclusive, non-transferable, royalty-free license to use the reports, dashboards, scoring outputs, charts, and other deliverables generated by the Services (“Reports”) for Customer’s internal risk-management, compliance, and remediation purposes. Reports may not be sold, sublicensed, redistributed, or publicly disclosed, in whole or in part, without Qor’s prior written consent. Customer may share Reports and certificates with third parties solely for the purpose of demonstrating compliance or risk posture, provided the Reports are not modified.

4.3 Reservation of Rights

Except for the limited license expressly granted in Sections 4.1 and 4.2, Qor and its licensors reserve all right, title, and interest in and to the Services, including all underlying software, algorithms, scoring methodologies, dashboards, documentation, trademarks, trade dress, and goodwill, and all intellectual property rights therein. No rights are granted to Customer by implication, estoppel, or otherwise.

5. Acceptable Use

Customer shall not, and shall not permit any Authorized User or third party to:

  • (a) use the Services to scan, probe, audit, or otherwise interact with any system, address, contract, or asset for which Customer does not have the legal right or authority to do so;
  • (b) reverse engineer, decompile, disassemble, or otherwise attempt to derive the source code, scoring weights, or underlying algorithms of the Services, except to the extent such restriction is prohibited by applicable law;
  • (c) copy, modify, translate, adapt, or create derivative works of the Services;
  • (d) interfere with or disrupt the integrity or performance of the Services, including by transmitting viruses, worms, or other malicious code;
  • (e) attempt to gain unauthorized access to the Services or related systems or networks, or circumvent any access or usage limits or rate limits;
  • (f) use the Services to develop or improve a competing product or service, or to benchmark, perform competitive analysis on, or publish performance data regarding the Services without Qor’s prior written consent;
  • (g) resell, sublicense, time-share, or otherwise commercially exploit the Services on behalf of any third party, except as expressly permitted in an Order;
  • (h) remove, obscure, or alter any proprietary notices on the Services or Reports;
  • (i) use the Services in connection with any unlawful, deceptive, harassing, threatening, defamatory, fraudulent, or infringing activity;
  • (j) use the Services to violate any law or regulation, including U.S. export control laws and economic sanctions laws (see Section 13);
  • (k) use any automated means (other than Qor-supported APIs in accordance with their documentation) to access the Services; or
  • (l) submit to the Services any personal data not necessary for the Services or any data Customer does not have the lawful right to submit.

Qor may suspend Customer’s access to the Services immediately and without notice for any actual or suspected violation of this Section 5.

6. Customer Data; Inputs

6.1 Customer Data

“Customer Data” means all data and information submitted by or on behalf of Customer or its Authorized Users to the Services, including blockchain addresses, transaction hashes, contract addresses, validator identifiers, configuration data, and any related descriptive information.

6.2 Ownership

As between the parties, Customer retains all right, title, and interest in and to Customer Data. Customer hereby grants Qor a non-exclusive, worldwide, royalty-free license to host, copy, process, transmit, and display Customer Data solely to:

  • (a) provide and operate the Services;
  • (b) prevent or address service, security, or technical issues;
  • (c) comply with applicable law or binding governmental requests; and
  • (d) generate Aggregated Data in accordance with Section 6.4.

6.3 Responsibility for Customer Data

Customer is solely responsible for the accuracy, quality, legality, and content of Customer Data and for the means by which Customer acquires and submits Customer Data to the Services. Customer represents and warrants that it has obtained, and will maintain, all rights, consents, and authorizations necessary for Qor to process Customer Data as contemplated by these Terms.

6.4 Aggregated Data

Qor may collect and use anonymized, de-identified, and/or aggregated data derived from the Services or Customer Data (“Aggregated Data”) to operate, analyze, improve, develop, and market the Services and Qor’s products and services, including for research, benchmarking, and threat-intelligence purposes. Aggregated Data does not include any personally identifiable information or any information that identifies Customer or its Authorized Users.

6.5 Public Blockchain Data

Customer acknowledges that public blockchain data is, by its nature, publicly accessible and may be lawfully analyzed by Qor and third parties. Nothing in these Terms restricts Qor’s ability to access, use, analyze, or publish information drawn from public blockchains.

7. Confidentiality

7.1 Definition

“Confidential Information” means non-public information disclosed by one party (“Discloser”) to the other (“Recipient”) that is identified as confidential or that reasonably should be understood to be confidential given the nature of the information and the circumstances of disclosure. Qor’s Confidential Information includes the Services (including non-public features and Beta Features), Reports, pricing, scoring methodologies, and security findings. Customer’s Confidential Information includes non-public Customer Data.

7.2 Obligations

Recipient shall:

  • (a) use Confidential Information only as necessary to exercise its rights and perform its obligations under these Terms;
  • (b) protect Confidential Information using at least the same degree of care it uses to protect its own confidential information of a similar nature (and in no event less than a reasonable degree of care); and
  • (c) not disclose Confidential Information to any third party other than its employees, contractors, agents, and professional advisors who have a need to know and who are bound by confidentiality obligations at least as protective as those set forth herein.

7.3 Exclusions

Confidential Information does not include information that:

  • (a) is or becomes generally available to the public other than as a result of Recipient’s breach;
  • (b) was known to Recipient on a non-confidential basis prior to disclosure;
  • (c) is rightfully received from a third party without confidentiality obligations; or
  • (d) is independently developed by Recipient without use of or reference to Discloser’s Confidential Information.

7.4 Compelled Disclosure

Recipient may disclose Confidential Information to the extent required by law or legal process, provided that, where legally permissible, Recipient gives Discloser prompt prior notice and reasonable cooperation to seek a protective order.

8. Security

Qor shall maintain commercially reasonable administrative, physical, and technical safeguards designed to protect the security, confidentiality, and integrity of Customer Data, including encryption in transit, access controls, and routine vulnerability management. Notwithstanding the foregoing, no system can be guaranteed to be fully secure, and Qor does not warrant against all unauthorized access or disclosure.

9. Disclaimers

9.1 No Warranty

Except as expressly set forth in an Order, the Services, Reports, and all other materials provided by Qor are provided “AS IS” and “AS AVAILABLE,” and Qor disclaims all warranties, whether express, implied, statutory, or otherwise, including all warranties of merchantability, fitness for a particular purpose, title, non-infringement, accuracy, and any warranty arising out of course of dealing or usage of trade.

9.2 No Guarantee of Security; Advisory Nature of Reports

Customer acknowledges that:

  • (a) post-quantum cryptography, blockchain security, and quantum threat analysis are evolving fields and any score, rating, finding, or recommendation provided by the Services represents Qor’s good-faith assessment based on then-current standards (including NIST FIPS 203, 204, and 205 and NSA CNSA 2.0 guidance), then-available data, and Qor’s then-current methodology;
  • (b) Reports are advisory in nature and do not guarantee the absence of vulnerabilities or that the audited systems are secure against quantum or classical attacks, and may contain false positives, false negatives or other inaccuracies;
  • (c) Customer is solely responsible for evaluating Reports and determining whether to take any action (including any remediation, migration, key rotation, or disclosure) in response; and
  • (d) Qor is not responsible for any decision Customer makes, or fails to make, based on the Services or any Report.

9.3 No Investment, Legal, Tax, or Financial Advice

The Services do not constitute investment advice, brokerage services, legal advice, tax advice, or financial advice, and Qor is not acting as a fiduciary to Customer. Customer should consult its own professional advisors before making any investment, legal, tax, or financial decisions.

9.4 Third-Party Services and Data

The Services may include or interoperate with third-party services, data feeds, blockchains, oracles, RPC providers, or APIs (collectively, “Third-Party Services”). Qor does not control and is not responsible for Third-Party Services, and Customer’s use of Third-Party Services is subject to their respective terms.

10. Limitation of Liability

10.1 Exclusion of Damages

To the fullest extent permitted by applicable law, in no event shall Qor (or its affiliates, officers, directors, employees, or licensors) be liable to the Customer or to any third party for any: (a) indirect, incidental, special, exemplary, consequential, or punitive damages; (b) loss of profits, revenue, goodwill, business, or data; or (c) costs of substitute goods or services, in each case arising out of or in connection with these Terms or the Services, whether based on contract, tort (including negligence), strict liability, or otherwise, and whether or not the party has been advised of the possibility of such damages.

10.2 Liability Cap

To the fullest extent permitted by applicable law, Qor’s total aggregate liability arising out of or in connection with these Terms or the Services shall not exceed the greater of: (a) the Fees paid or payable by Customer to Qor in the twelve (12) months preceding the event giving rise to the claim, or (b) one hundred U.S. dollars (US$100). If Customer is using only Free Services, Qor’s total aggregate liability shall not exceed one hundred U.S. dollars (US$100).

10.3 Basis of the Bargain

The parties agree that the limitations of liability in this Section 10 are an essential element of the basis of the bargain and shall apply notwithstanding any failure of essential purpose of any limited remedy.

10.4 Exclusions

Nothing in these Terms limits a party’s liability that cannot be limited or excluded under applicable law.

11. Indemnification

11.1 By Customer

Customer shall defend, indemnify, and hold harmless Qor, its affiliates, and their respective officers, directors, employees, and agents from and against any and all third-party claims, damages, losses, liabilities, costs, and expenses (including reasonable attorneys’ fees) arising out of or relating to:

  • (a) Customer Data;
  • (b) Customer’s or any Authorized User’s breach of these Terms (including Section 5);
  • (c) Customer’s violation of applicable law; or
  • (d) Customer’s negligence, willful misconduct, or fraud.

11.2 Procedure

The indemnified party shall:

  • (a) promptly notify the indemnifying party of any claim;
  • (b) maintain sole control of the defense and settlement (provided that any settlement requiring admission of liability or imposing non-monetary obligations on the indemnified party requires its prior written consent, not to be unreasonably withheld); and
  • (c) provide reasonable cooperation at the indemnifying party’s expense.

12. Term; Termination

12.1 Term

These Terms commence on the date you first accept them and continue in effect until terminated as provided herein.

12.2 Termination

Either party may terminate these Terms (or any Order) at any time, for any reason or no reason, upon written notice to the other party. Termination is effective upon receipt of notice unless a later effective date is specified in the notice or required by the applicable Order.

12.3 Effect of Termination

Upon termination or expiration:

  • (a) all rights and licenses granted to Customer under these Terms terminate, and Customer shall immediately cease all access to and use of the Services;
  • (b) all Fees accrued or otherwise owed by Customer as of the effective date of termination remain due and payable, and no termination relieves Customer of its obligation to pay any such Fees;
  • (c) except as expressly stated in an Order, Fees are non-refundable, and termination by Customer does not entitle Customer to a refund of any prepaid Fees;
  • (d) each party shall, upon the other party’s request, return or destroy the other party’s Confidential Information in its possession (other than information retained pursuant to routine backup procedures or as required by law); and
  • (e) Qor may delete Customer Data in accordance with its data-retention practices, except as otherwise required by applicable law or the Privacy Policy.

12.4 Suspension

Without limiting Section 12.2, Qor may suspend Customer’s access to the Services, in whole or in part, immediately and without prior notice if:

  • (a) Fees are past due;
  • (b) Qor reasonably believes Customer has violated Section 5 (Acceptable Use), Section 13 (Export Controls; Sanctions), or applicable law; or
  • (c) Qor reasonably determines suspension is necessary to protect the security, availability, or integrity of the Services.

12.5 Survival

Sections 3 (with respect to accrued Fees), 4.3, 5, 6, 7, 9, 10, 11, 12.3, 12.5, 13, 14, 15, 16, 17, and 18, and any other provision that by its nature should survive, will survive termination or expiration of these Terms.

13. Export Controls; Sanctions

The Services and Reports may be subject to U.S. and foreign export-control and economic-sanctions laws, including the U.S. Export Administration Regulations and OFAC sanctions programs. Customer represents and warrants that:

  • (a) Customer is not located in, organized under the laws of, or ordinarily resident in any country or region that is the subject of comprehensive U.S. sanctions (currently, Cuba, Iran, North Korea, Syria, and the Crimea, Donetsk, Luhansk, Kherson, and Zaporizhzhia regions of Ukraine);
  • (b) Customer is not on any list of restricted parties maintained by the U.S. government; and
  • (c) Customer will not use the Services in any manner that would cause Qor to violate applicable export-control or sanctions laws.

Cryptographic software is subject to additional export controls; Customer is responsible for compliance with all such requirements.

14. Anti-Corruption

Each party agrees to comply with all applicable anti-bribery and anti-corruption laws, including the U.S. Foreign Corrupt Practices Act, and shall not, directly or indirectly, offer, promise, give, or authorize the giving of anything of value to any person to improperly influence such person’s actions in connection with these Terms or the Services.

15. Dispute Resolution; Arbitration; Class-Action Waiver

15.1 Informal Resolution

Before initiating any formal dispute resolution, the parties shall first attempt in good faith to resolve any dispute, claim, or controversy arising out of or relating to these Terms or the Services (each, a “Dispute”) by negotiation between executives who have authority to settle the controversy. A party may initiate this process by sending a written notice describing the Dispute. If the Dispute is not resolved within thirty (30) days after the notice is sent, either party may proceed to arbitration as provided below.

15.2 Binding Arbitration

Except as set forth in Section 15.4, all Disputes shall be resolved exclusively by final and binding arbitration administered by JAMS pursuant to its Comprehensive Arbitration Rules and Procedures (or, for Disputes seeking less than US$250,000, its Streamlined Arbitration Rules).

The arbitration shall be conducted by a single arbitrator in Wilmington, Delaware (or, at the parties’ mutual agreement, remotely). The arbitrator shall apply the substantive law of the State of Delaware, without regard to its conflict-of-laws principles. The arbitrator’s award shall be final and binding and may be entered as a judgment in any court of competent jurisdiction.

15.3 Class-Action Waiver

Customer and Qor each agree that Disputes shall be brought only in an individual capacity, and not as a plaintiff or class member in any purported class, collective, or representative proceeding. The arbitrator may not consolidate the claims of more than one person and may not otherwise preside over any form of class or representative proceeding.

15.4 Carve-Outs

Notwithstanding Section 15.2, either party may:

  • (a) bring an individual action in small claims court;
  • (b) seek injunctive or other equitable relief in a court of competent jurisdiction to prevent the actual or threatened infringement, misappropriation, or violation of its intellectual property rights or Confidential Information; or
  • (c) bring claims for non-payment of Fees in a court of competent jurisdiction.

15.5 30-Day Right to Opt Out

Customer may opt out of the arbitration provisions of this Section 15 by sending written notice to legal@qortrace.com within thirty (30) days after first accepting these Terms. The notice must state Customer’s name, address, account email, and a clear statement that Customer does not wish to resolve Disputes through arbitration.

16. Governing Law; Venue

These Terms, and any Dispute not subject to arbitration, shall be governed by and construed in accordance with the laws of the State of Delaware, without regard to its conflict-of-laws principles. Subject to Section 15, the parties consent to the exclusive jurisdiction and venue of the state and federal courts located in New Castle County, Delaware. The United Nations Convention on Contracts for the International Sale of Goods does not apply.

17. Modifications to These Terms

Qor may modify these Terms from time to time. If Qor makes a material change, Qor will provide notice by:

  • (a) posting the updated Terms on the Site with a new “Last Updated” date;
  • (b) sending notice to the email address associated with Customer’s Account; or
  • (c) providing notice through the Services.

Material changes are effective thirty (30) days after notice (or upon Customer’s earlier acceptance). Non-material changes are effective immediately. Customer’s continued use of the Services after the date last updated above constitutes acceptance of the updated Terms following such date.

18. General

18.1 Entire Agreement

These Terms, together with any Orders, the Privacy Policy, and any documents incorporated by reference, constitute the entire agreement between the parties with respect to the Services and supersede all prior or contemporaneous agreements, representations, or understandings, whether written or oral.

18.2 Order of Precedence

In the event of a conflict, the order of precedence is:

  • (a) any executed Order;
  • (b) these Terms;
  • (c) the Privacy Policy; and
  • (d) any other document incorporated by reference.

18.3 Relationship

Nothing in these Terms creates a partnership, joint venture, agency, fiduciary, or employment relationship.

18.4 Assignment

Customer may not assign or transfer these Terms, by operation of law or otherwise, without Qor’s prior written consent. Any unauthorized assignment is void. Qor may assign these Terms without consent in connection with a merger, acquisition, reorganization, or sale of all or substantially all of its assets.

18.5 Notices

Notices to Qor must be sent to Qor Corporation, Attn: Legal, at legal@qortrace.com (with a hard copy to Qor’s principal place of business). Notices to Customer may be sent to the email or postal address on file for the Account. Notices are effective upon receipt (or, for email, upon confirmed delivery).

18.6 Force Majeure

Neither party shall be liable for any failure or delay in performance (other than payment obligations) due to causes beyond its reasonable control, including acts of God, war, terrorism, civil unrest, labor disputes, internet or telecommunications failures, governmental actions, or pandemic.

18.7 Severability; Waiver

If any provision of these Terms is held unenforceable, the remaining provisions remain in full force and effect, and the unenforceable provision will be modified to the minimum extent necessary to make it enforceable. No waiver is effective unless in writing and signed by the waiving party.

18.8 Third-Party Beneficiaries

There are no third-party beneficiaries to these Terms.

18.9 U.S. Government End Users

The Services are “commercial items” as defined in 48 C.F.R. § 2.101 and are provided to U.S. Government end users only as “commercial computer software” with the same rights as set forth in these Terms.

18.10 Feedback

If Customer provides Qor with any suggestions, comments, ideas, or other feedback regarding the Services (“Feedback”), Qor may freely use and exploit such Feedback without restriction or compensation.

18.11 Headings; Construction

Section headings are for convenience only and do not affect interpretation. “Including” means “including without limitation.”

18.12 Counterparts; Electronic Acceptance

These Terms may be accepted electronically. Any electronic acceptance, including by clicking an “I agree” button or by use of the Services, has the same force and effect as a manual signature.

18.13 Publicity

Customer grants Qor a limited, non-exclusive, royalty-free, worldwide license, during the term of these Terms and for twelve (12) months thereafter, to use Customer’s name and logo, in accordance with any trademark guidelines Customer provides in writing, solely to identify Customer as a customer of Qor on Qor’s website, in customer lists, in sales presentations, and in similar marketing materials. Qor will not issue press releases or case studies referencing Customer without Customer’s prior written consent (email to suffice). Customer may revoke the license granted in this Section 18.13 at any time by written notice to legal@qortrace.com, in which case Qor will cease the foregoing use within a reasonable period (not to exceed thirty (30) days), excluding archived or previously distributed materials that cannot reasonably be recalled. All goodwill arising from Qor’s use of Customer’s marks under this Section 18.13 inures solely to the benefit of Customer.

18.14 Reporting

If Customer or any Authorized User discovers, suspects, or is informed of any actual or potential security vulnerability, defect, flaw, exploit, or other security issue affecting the Services (including the Site, the QorTrace platform, any API, or any Report) (each, a “Vulnerability”), Customer shall promptly, and in any event prior to any public disclosure, report the Vulnerability in writing to security@qortrace.com with sufficient detail to enable Qor to reproduce, validate, and remediate it. Customer shall not, and shall ensure that its Authorized Users do not, publicly disclose, publish, post, share, or otherwise distribute information regarding any Vulnerability (including proof-of-concept code, exploit details, or screenshots) until the earlier of:

  • (a) ninety (90) days after Customer’s report to Qor, or
  • (b) Qor’s written consent to disclosure (which shall not be unreasonably withheld where Qor has implemented a remediation or mitigation).

The parties may mutually agree in writing to extend the non-disclosure period where necessary to coordinate disclosure with affected third parties or to complete remediation.

19. Contact

Qor Corporation
Attn: Legal
Email: legal@qortrace.com
Website: www.qortrace.com

Privacy PolicyTerms of ServiceCookie PolicySecurity & Disclosure
Article Feedback

Was this article helpful?