Indian Cyber Security Solutions | A unit of Green Fellow IT Security Solutions Pvt Ltd | Member of NASSCOM, DSCI, ICC | ATC of EC- Council

Toll-Free - 1800-123-500014  

Call Us at: +91 8972107846 | 6291980077

Penetration Testing Service agreement in India

The penetration testing service agreement in India is made and entered into by and between Indian Cyber Security Solutions and Enterprise who is willng to go for the service. Any organization willing to take this service from the Indian Cyber Security Solutions has to agree with the following terms and conditions. Indian Cyber Security Solutions being rated the among the best cybersecurity solutions provider in India aims at serving its clients with utmost level of satisfaction.

Terms and conditions:


This penetration testing service agreement in India covers the contingency of Penetration Testing Services. These terms and conditions along with the form contract governing the terms of supply.

Defining a few of the terms
  • ‘Client’ means the organization or Individual is the person who is taking the penetration testing services. This is the organization or individual upon whose computer systems the Penetration Testing Services will be undertaken.
  • ‘Contract’ means the agreement signed by the organization or person for agreeing on these terms.
  • ‘Deliverables’ means the results obtained after performing the service is provided in a written report.
  • ‘Fee’ means the fee that will be charged by the service provider for carrying out the Services.
  • ‘Parties means the client, service provider, along with any other person or company that are directly involved or have some interest in the services covered by this contract.
  • ‘Penetration Testing Services’ means-testing, reviewing, or identifying the security vulnerabilities and/or software and system configuration errors the computer systems sufferers from. Tests may be run remotely over a network or on-site as specified in the scope of the Services.
  • ‘Service Provider’ means the organization that is going to provide the penetration testing services.
Provision of Services

The service provider will begin its work only after the client agrees to pay the fee as per the given terms and conditions provided in the contract and approves the given terms and conditions by checking the “I agree to these terms and conditions” or provides us with a formal written confirmation authorizing the initiation of services.

The activities undertaken after the penetration testing service agreement in India is to perform the services that are used on many networks all over the world. So the service provider guarantees that the services would not adversely affect the client’s computer systems. But it is also understood by the client that any local configuration to the client’s computer system is not known by the service provider, so the service provider cannot give any form of indemnification to any IT issues the client may experience in or around the time of the testing exercise.

The service provider shall perform the services:

a. in accordance with the contract;

b. with reasonable care, diligence, and skill;

c. within the times and dates agreed with the client;

Client’s Obligations

As per the penetration testing agreement in India, the client shall provide the service provider with all necessary specific and detailed information concerning, and reasonable access to, the client’s computer systems and networks as agreed in the scope of the services.

Penetrating Testing Service agreement in India
Governing Law and Jurisdiction

Personal Data Protection Act (hereinafter, the "PDPA") it is enacted to regulate the collection, processing, and use of personal data so as to prevent harm to personality rights and to facilitate the proper use of personal data. After approval from the government of India, this act would be applied as an act. Different yet strong laws are soon going to be implemented by the Government of India.

The client accepts that by carrying out the penetration testing service agreement in India, the service provider will be undertaking activities that will, unless the service provider has specific consent from the client, be unlawful.

The other relevant laws that can be included, but are not limited to:

a. The Computer Misuse Act 1990

b. The Copyright, Design, and Patents Act 1988

c. The Data Protection Act 2018

d. The Human Rights Act 1998

e. The Police and Justice Act 2006

f. The Regulation of Investigatory Powers Act 2000

Data Protection

In the course of providing the services, the service provider may acquire some personal data from the client either for acting as a data processor or data controller.

The client permits the service provider to take the role of the data controller to carry out the penetration testing service agreement in India where the service provider can access the personal data. The client shall compensate the service provider against any claims of losses or expenses arising from the data subjects about such personal data.

The service provider will take the role of a data controller and data processor with due consent from the client.

Intellectual Property

The copyright and other relevant intellectual property rights in the penetration testing service agreement in India and all other deliverables shall belong to and remain vested in the service provider.


Penetration testing service agreement in India assures the rights of suspending the services or any part of them in the event of non-payment of issued invoices. There are multiple services for which multiple agreements have been signed with varying fees depending on the type of service.

All fees are exclusive of any additional applicable value or any other sales tax, for which the client shall be additionally liable.

Payment - Indian Cyber Security Solutions

Except in respect of death or personal injury caused by that party’s negligence, one party shall not be liable to the other party by reason of any representation, (unless fraudulent), or any implied warranty, condition or other terms, or any duty at common law, or under the express terms of this contract, for any indirect, special or consequential loss or damage which arises out of or in connection with the performance of this contract including but not limited to any indirect, special or consequential loss or damage which arises out of late delivery and/or non-delivery of goods and/or services.

With reference to the above term, any claim against the service provider shall be limited to the value of the fee.

Neither party shall be liable to the other for any:

a. loss of documentation;

b. loss or corruption of data;

c. remedial costs;

d. loss of operation or staff time;

e. costs of obtaining substitute goods or services;

f. loss of goodwill or anticipated savings;

g. loss of business;

h. loss of anticipated profit or savings; or

i. pure economic loss

The service provider will take all reasonable steps to provide accurate and comprehensive test results within the agreed scope of the services but cannot be held liable if the testing undertaken fails to discover certain security vulnerabilities or configuration issues on the systems under test.


Each party undertakes that it will not at any time hereafter use, divulge or communicate to any person, except to its professional representatives or advisers or as may be required by law, or any legal, law enforcement or regulatory authority, any confidential information concerning the business or affairs of the other party, or of any member of the group of companies to which the other party belongs which may have or may through the course of undertaking the penetration testing service agreement in India come to its knowledge.

Confidentiality - Indian Cyber Security Solutions
Whole Agreement

The penetration testing agreement in India, including the documents and instruments referred to in it, supersedes all prior representations, arrangements, understandings, and agreements between the parties relating to its subject matter. Also, it is the entire complete and exclusive agreement and understanding between the parties relating to its subject matter.

Each party acknowledges that it is not reliable on any representation, arrangement, or understanding.


The point of using dummy text for your paragraph is that it has a more-or-less normal distribution of letters. making it look like readable English.

Important Notice - Indian Cyber Security Solutions
Rights of Third Parties

This agreement is not intended to convey a benefit to any person not a party to it.

Services offered by ICSS

GDPR Managed Service

PCI DSS Compliant Service

Social Engineering Service

Network Penetration Testing - NPT

Web Penetration Testing - WAPT

Mobile App Penetration Testing

Red team Assessment Service

Security Operation Center - SOC