General terms of use

1. INTRODUCTION #

1. The website of www.hacktify.eu (hereinafter: Website) and its web application on app.hacktify.eu subdomain together is a platform providing ethical hacking services (hereinafter: Platform), which provides services to users through the detection of security errors (hereinafter: Program owner).
2. The platform is managed by Hacktify International LLC. (headquarters in 1027. Budapest, Bem József utca 9. fszt.; company registration number: 01-09-380827; TAX number: 27965043-2-41) (hereinafter: HACKTIFY).
   To use the Platform, the User needs to register an individual account. The account created in this way can mean (i) a Hacker account, i.e. a vulnerability research profile (hereinafter: Researcher) or (ii) a Customer account, an account with access to the given Program and authorized by the Program owner (hereinafter: Customer) (collectively: User).
3. The user is subject to the provisions of these General Terms and Conditions (hereinafter: Terms and Conditions), while in the case of individual conditions, the provisions referred to by indicating the specific party apply. By using the Website and/or the Platform, and by registering thereto, the User explicitly declares their will to conclude the agreement with HACKTIFY with the Conditions described herein. By concluding the agreement, the User acknowledges these Terms and Conditions as binding. If the User does not accept the Terms and Conditions, they are not entitled to use the Website and the Platform or to register. Only registered Users are entitled to use the Platform.
4. An explanation of the boldfaced terms used in the Terms and Conditions is provided in the Concepts and their Explanation section.

2. CONTRACTING PARTIES #

1. The purpose of these Terms and Conditions is to establish the rules and conditions related to HACKTIFY’s services – including those related to individual Bug Bounty programs – and the use of the Platform for Users of the Platform owned by HACKTIFY.
2. User and HACKTIFY together hereinafter: Parties, separately also as Party)
3. In addition to these Terms and Conditions and their annexes, as well as the Legal Declaration relating to the general visit and use of the Website, which also applies to non-registered visitors (www.www.hacktify.eu/legal-declaration), they constitute the contract governing the legal relationship between HACKTIFY and the User. The annexes of these Terms and Conditions and the Legal Declaration are integral, inseparable parts of the agreement concluded by the Parties.
4. By using the Website and registering on the Platform, the User expressly accepts the provisions of the Legal Declaration and these Terms and Conditions (hereafter together: Agreement), thus recognizing the rights and obligations arising from the legal relationship between the User and HACKTIFY as binding on him. If the User does not agree with the terms of the Agreement or does not accept them, he/she is not entitled to use the Platform or register.
5. The Agreement obliges and entitles all registered Users of the Platform. During the registration process, the user is obliged to familiarize himself with the content of the Agreement and to accept it by finalizing the registration. The User is obliged to fully comply with the provisions of the Agreement during their activities on the Platform and for the projects published on it.
6. The parties agree that in the event of any conflicting provisions between the Legal Declaration and these Terms and Conditions, the provisions contained in these Terms and Conditions shall prevail. Parties agree that in case the Legal Declaration or any other annex of these Terms and Conditions include special provisions not regulated herein, then such special provisions shall become part of the Agreement.

3. THE SUBJECT OF THE AGREEMENT, USE OF THE WEBSITE #

1. The subject matter of the Agreement is the services provided by HACKTIFY through the Website. Registered Researchers may use the Website to participate in the advertised Bug Bounty Programs or Vulnerability Disclosure Programs (hereinafter referred to as the “Program”) in order to search for security bugs and vulnerabilities according to the terms and conditions detailed in the description of the Program and report them using the form provided. HACKTIFY may, at its sole discretion, allow you to participate in other activities or provide additional services on the Website (collectively, the “Service”).
2. With the permission of the Program owner, the Customer has access to the Program in accordance with the requested authorization level, in order to manage reported vulnerabilities, billing, and other activities related to the Service.
3. Through its Services, HACKTIFY provides the ethical environment necessary for testing, so it also asks its Users to use the Platform and Website carefully, ethically, and with professional respect. The User expressly undertakes to act ethically, prudently, and with the expected professional respect during the use of the Platform and the activities carried out in relation to each Program in accordance with the applicable laws, the Program Description, and the content of the Agreement.
4. HACKTIFY may, at its own discretion, limit, suspend, or cancel the User’s registration with immediate effect without prior warning, and in the event of any activity or behavior contrary to the above during the use of the Platform or the Programs by the User, or the Agreement based on the provisions of the Agreement may terminate with immediate effect. Parties agree that by the limitation, suspension, or cancelation of the User’s registration, the termination of the Agreement with immediate effect shall be considered communicated.

4. RESPONSIBILITY #

1. HACKTIFY shall not be liable for any damages arising from the use of the Website, registration, and activities in connection with the Programs. The User shall not have any claim against HACKTIFY for any damage resulting from its own activities.
2. To the fullest extent permitted by law, neither HACKTIFY nor any of its affiliates, suppliers, contributors, agents, or partners shall be liable ot he User for any damages, losses, claims, costs, incidental, direct or indirect damages, lost or uncollectible profits, savings, or any other pecuniary or non-pecuniary claims arising out of any wrongful conduct, whether in contract, tort, strict liability or otherwise, of the User or any third party. User explicitly agrees to the limitation of HACKTIFY’s liability as descried in this chapter, and acknowledges that the User’s acknowledgement of the limitation of HACKTIFY’s liability is considered as an essential condition of the Agreement, without which Hacktify would not have concluded the Agreement with the User.
3. In any event, any liability of HACKTIFY or any of its affiliates, suppliers, contributors, agents, or partners under and in connection with this Agreement shall be limited to the minimum extent permitted by applicable law. This limitation shall also apply to any breach of contract by HACKTIFY.
4. The limitations of liability under this Chapter shall apply to the fullest extent permitted by the laws of the User's country of residence. The User expressly and unconditionally agrees to the limitations in this section.
5. The User shall be fully and exclusively liable for any damages resulting from the violation of the legal provisions, this Agreement, and the description of the Program, as well as for the contractual use of the Website, the truthfulness, accuracy, and timeliness of the data provided.
6. The User may use the Platform only and exclusively in accordance with the provisions of this Agreement, including in particular the following terms and conditions of liability, provided that the User acknowledges and accepts them. The User hereby expressly, unconditionally, and irrevocably consents and agrees to the following:

1. The User shall be solely and exclusively responsible for compliance with the laws in force in the country where the Website is used and in Hungary.
2. The User shall be solely and exclusively liable for any and all legal consequences arising from any breach of its obligation of confidentiality in connection with this Agreement. The User shall be solely and exclusively responsible for the security of the login data associated with his/her user account (Profile) and undertakes not to disclose such data to unauthorized persons. The User expressly undertakes to inform HACKTIFY immediately in the event that the security of the login data associated with his/her user accounts may have been compromised. HACKTIFY reserves the right to temporarily deny access to a User's account(s) if there are reasonable grounds to suspect that the User's account login details have fallen into unauthorized hands or that their security has otherwise been compromised. In such cases, the User expressly consents to HACKTIFY investigating the circumstances of the situation.
3. The User shall be solely and exclusively responsible for the knowledge of and compliance with all rules, guidelines, prohibitions, notices, and other documents of all financial institutions (in particular banks and/or credit institutions) that have contractual relations with the User.
4. User shall be solely and exclusively responsible for the truthfulness of all communications, information, and data (including all data relating to the User's account, personal data) and for the security of such communications. The User hereby acknowledges that HACKTIFY will assume that all information and data received from the User's registered e-mail address or telephone number originates directly from the User. Any adverse legal consequences arising from this paragraph shall be borne solely by the User.
5. User shall be solely and exclusively responsible for all legal consequences arising from the use of the Website and shall not hold HACKTIFY liable in any way for any business or other decision arising from any data, facts, or information that comes to its knowledge during or in connection with the use of the Website.
6. The User shall be solely and exclusively responsible for the proper use of the Website and the Platform, in particular the underlying software, database, and algorithms, and for maintaining its security and integrity.

5. OWN PROFILE, REGISTRATION, SCOPE OF THE CONTRACT #

1. By registering on the Platform, visitors to the Website can create their own account and profile, with which they can participate in the current Programs, manage their reports, and see statistical data. During registration, the User must provide the mandatory data listed on the Platform's registration interface. The User may decide to provide non-mandatory data at his own discretion. The Agreement is created for an indefinite period starting from the registration by the User.
2. Depending on the choice of researcher, profile availability can be

1. Public, i.e. the username and additional data are visible to the website Visitors, for example in the Ranking.
2. Visible to Registered Users, in which case the data is hidden from Website Visitors, it will not appear in the Public Ranking, for example, but is available to Registered Users.
3. Private setting, where profile data is hidden, neither Website Visitors nor Registered Users can see it.

3. Reporting a vulnerability cannot be done anonymously, so the Researcher's data (Basic Information) will be recorded, but no personal data will be transmitted to the Program Owner and Customer.
4. In order to report vulnerabilities while the Program is running, the reporting interface of the Platform must be used, which in each case defines the range of data required for reporting.
5. Following a vulnerability, HACKTIFY prepares an encrypted report of the report, which is made available to the Customer. In this way, the Program owner does not know any data about the Researcher reporting the vulnerability, so the Program owner cannot identify the User in any way.
6. HACKTIFY stores the encrypted report on the notification of the vulnerability according to its data protection policies and the relevant laws, and exclusively for the purpose of calculating the points that form the basis of the ranking and determining the Rewards, but no later than the date of termination of the contract with the Program owner – unless otherwise agreed with the Program owner – for 5 years. HACKFITY will then delete the encrypted report and will not be able to disclose it even in response to a request from a public authority.
7. By using the Website, registering, and using the Services, the User, being a natural person, expressly declares and warrants that he/she is entitled to use the Website, register, and use the Services in accordance with the applicable legislation, in particular that he/she has full legal capacity. The age of full legal capacity, including the age of majority, may vary from state to state. The User warrants that they have full legal capacity to act based on the laws of their relevant jurisdiction.
8. By using the Website, registering, or using the Services, the person acting on behalf of a User who is not a natural person expressly declares and warrants that he or she is entitled to use the Website, register and use the Services on the basis of the legislation in force applicable to him or her or on the basis of an appropriate legal provision or a valid and effective power of attorney, and in particular declares and warrants that he or she is entitled to represent the User who is not a natural person, thus they are entitled to conclude this Agreement on behalf of the User. The person acting on behalf of the User, who is not a natural person further declares and warrants on behalf of the User that the User is authorized and able to fulfill the obligations assumed in this Agreement, and thus has particularly adequate legal, financial, and human resources to fulfill the assumed obligations.
9. The person acting on behalf of the User who is not a natural person further represents and warrants that the User who is not a natural person is a legal person or an entity without legal personality, operating lawfully under the applicable laws applicable to it. The legal provisions on the right of representation may differ according to the law of the country in which the non-natural person is registered or the country in which the non-natural person is established.

6. PROGRAMME PARTICIPATION RULES #

1. HACKTIFY is committed to the security of Users' and Customers' data. The Researcher is obliged to comply with the following rules when participating in the Programs, and any breach of these rules will be considered a serious breach of agreement.

1. Testing may be conducted only for the purposes and on the systems specified in the Program description, in accordance with the law, this Agreement and the Program description;
2. Compliance with the specific conditions indicated in the Programme description is mandatory, they form an integral part of this Contract, and their breach may result in exclusion from the Programme, loss of any rewards, and banning from the Website (limitation, suspension, deletion of registration). Violation of the conditions stated in the Program description is considered a serious breach of contract.;
3. When using automated tools, if the User detects a performance degradation in the system under test, the operation shall be suspended;
4. In vulnerability testing, only methods, techniques, and tools that do not violate the requirements and expectations of the Customer as set out in the relevant Programme Description and that do not violate the requirements of conduct normally expected in the given situation may be used;
5. The Researcher represents and warrants that he/she has the necessary skills and experience to perform the testing safely;
6. Testing shall not include accessing, using, handling, processing, searching, inspecting, copying, downloading, transmitting, destroying, deleting, modifying, or storing any information, personal or confidential data that may be stored in the systems and that may become accessible.
7. Vulnerabilities and vulnerabilities discovered during testing shall be reported as soon as possible on the dedicated interface;
8. The Researcher must have evidence, clear evidence (e.g. video, screenshots, etc.) to justify the vulnerabilities detected. A reported bug that cannot be reproduced will be rejected;
9. Public sharing and uploading of supporting documents and other evidence generated during testing to free hosting providers and social platforms is prohibited. The User undertakes to share these documents exclusively with HACKTIFY;
10. Participation in Private Programs is by invitation only. The Researcher is not entitled to disclose to the public or to communicate to others the data, facts, information, or the existence of the Program, details of the Program, or the Customer's data;
11. In any case, the Researcher undertakes to carry out its activities in accordance with the applicable laws, professional and ethical standards in force, this Agreement, and the description of the Program.

7. DATA PROTECTION, DATA MANAGEMENT INFORMATION #

1. The protection of the data of the User or, in the case of a User who is not a natural person, of the natural persons who form its personal data, is important to HACKTIFY. The User hereby declares that he/she has read, understood, and accepted the Privacy Notice (hereinafter referred to as the "Privacy Notice") prepared by HACKTIFY which applies to the use of the Services and the Website. The Privacy Notice is available at the following link: www.www.hacktify.eu/hu/adatkezelesi-tajekoztato.
2. The Privacy Notice as an annex of these Terms and Conditions forms an integral and inseparable part of this Agreement. It may be required to provide certain data of the User, who is not a natural person, or of the natural person(s) acting on his behalf. In order to register on the Platform and use some of its services, it may be necessary to enter additional data, the details of which are contained in the Privacy Notice.
3. The User expressly consents to the processing of his/her personal data by HACKTIFY based on the Privacy Policy. Please be informed that the provision of user data and the processing thereof is necessary to comply with legal requirements and to fulfill the obligations under this Agreement.

8. SPECIFIC CONDITIONS #

1. Each Program may contain only specific contractual terms and conditions applicable to the Program, the knowledge and observance of which are essential conditions of participation in the Programme. Such specific conditions form an integral, inseparable part of the Agreement and breach of these conditions constitutes a serious breach of contract.
2. The specific terms and conditions may change during the Program, and Users will be notified of this fact and of the change in the description of the Program by the Platform. In any case, the User shall be obliged to monitor the description of the Program, and particularly the Specific Conditions, without any special warning and to act in accordance with any changes in it.
3. By submitting a vulnerability report, the Researcher expressly acknowledges and warrants that he/she is aware of the specific terms and conditions applicable to the Program in force and that he/she has acted in accordance with them.
4. If the Specific Conditions contain provisions incompatible with these Rules, the rules set out herein shall apply.

9. VULNERABILITY REPORTING #

1. The Researcher shall be entitled to report any vulnerability discovered exclusively through the Platform. The Researcher shall not be entitled to disclose any vulnerabilities to third parties, by posting them on social media, or to report them directly to the Program Owner or to the Customer.
2. A Researcher with a Hacker account who has added the given Program to their own programs ("Bookmarked") is entitled to report a vulnerability.
3. Each Program has its own specifications, terms and conditions, and rules, which the Reseracher shall take into account when reporting vulnerabilities and shall act in accordance with them at all times. It is the responsibility of the Program owner, i.e. the Customer, to provide and update this information.
4. If the Researcher fails to respond to HACKTIFY's request for information regarding the vulnerability within 8 days, the acknowledgment of the reported bug shall be rejected.

10. MANDATE, REWARDS, PAYMENT #

1. In accordance with the description of each Program, HACKTIFY, as principal, assigns the Researcher (with a Hacker account), as agent, an assignment within the framework of the Agreement, which the researcher accepts. Within the scope of the assignment, the Researcher searches for vulnerabilities corresponding to the description of each Program. A researcher may receive a reward (Reward) for a vulnerability report (Report) submitted and accepted through the Platform that complies with the description and conditions of the given Program.
2. The following provisions apply to the receipt and payment of the Rewards:

1. By submitting a Report and thus by submitting a claim for payment of the Reward, the Researcher expressly declares and warrants that he/she is entitled to receive the Reward;
2. HACKTIFY shall be entitled to pay the Reward only after the Customer (Program Owner) has paid HACKTIFY the full amount of the fee due for the performance of the Program. HACKTIFY is not obliged to make a payment to the Researcher until the Program Owner has fully paid HACKTIFY the fee for completing the Program. The User explicitly agrees to the limitation of HACKTIFY’s payment obligation and acknowledges that the User’s acknowledgment of the limitation of HACKTIFY’s payment obligation is considered as an essential condition of the Agreement, without which Hacktify would not have concluded the Agreement with the User.;
3. The Researcher may receive a Reward if it is the first to report the vulnerability identified and if the report is accepted during validation;
4. If a Researcher is entitled to a monetary Reward, he/she may also be required to provide other information in accordance with financial and accounting legislation;
5. In accordance with the applicable legal regulations, only the Researcher who has completed the identity check in the Platform settings is entitled to request a reward payment. The check is carried out by HACKTIFY's contracted partner, who only forwards the verification result to HACKTIFY, with no other data. After successful verification, the payment request becomes available on the Platform.
6. If the Researcher is entitled to a Reward as a result of successfully submitting a Report, HACKTIFY may request additional data in accordance with the payment method chosen by the Researcher in order to pay it. In order to pay the Reward, the Researcher entitled to the Reward must provide HACKTIFY with the additional data (data required for invoicing, payroll, and transfer). The User explicitly agrees and acknowledges that HACKTIFY shall issue any invoices in a digital form.
7. In accordance with the description of the payment methods and the information sheet, HACKTIFY will carry out some of the legal obligations associated with the payment for those with a residential address in Hungary, instead of the individual Researcher.
8. The researcher can also initiate the payment of the Reward by issuing an invoice, in which case he/she is obliged to issue an invoice for the Reward to HACKTIFY in accordance with the provided data and applicable laws, which HACKTIFY will settle after the acceptance of the Report and the payment of the fee by the Program owner.
9. In the absence of any other provisions contained in the Terms and Conditions and in the case of choosing additional payment methods, the Researcher is always obliged to fulfill all legal obligations related to obtaining the Award, including, in particular, reporting and paying the relevant taxes, contributions or other charges, issuing invoices, etc. and they are solely responsible for fulfilling these obligations. Parties state that especially all taxes, fees, charges, duties, contributions, and all other public burdens or deductions associated with the payment of the Reward shall be fully and exclusively borne by the Researcher.
10. The researcher is obliged to provide HACKTIFY with the data necessary for the payment of the Reward. If the User does not comply with this obligation, or if the User does not respond to HACKTIFY's inquiry regarding entitlement to the Reward within 30 days, the Reward will be forfeited and the Researcher will not be entitled to enforce his claim for the Reward later.

11. RIGHTS AND INTELLECTUAL PROPERTY #

1. With the exception of data uploaded or entered on the Website by the User and the Customer, the Website and all content related to it and used and/or displayed on it, in particular images, photographs, animations, sound, music, effects, text, titles, color schemes, data files, icons, logos and their arrangement, databases, algorithms, software, including object and source code, and all other intellectual property(hereinafter collectively referred to as "Content"), are the exclusive property of or owned by HACKTIFY. The Content is protected by copyright and intellectual property laws and international conventions.
2. The User is only entitled to use the Website and any part thereof or the Content based on this Agreement and may not claim ownership thereof. The User shall not be entitled to any copyright or industrial property rights in relation to the Site, any part thereof, or the Content, in particular the right to reproduce, distribute, publicly perform, publicly communicate, publicly transmit, publicly perform, publicly adapt, or publicly display. The User expressly agrees and acknowledges that he/she shall not have the right to reverse engineer the Site or any part thereof and the Content.
3. In particular, the User shall comply with the following provisions in connection with the use of the Site:

1. In the event of a breach of contract by the User, HACKTIFY may immediately revoke the User's permission to use the Platform;
2. HACKTIFY may, in its sole discretion, modify or discontinue all or any part of the Site or the Content, including access to the Services or the Site;
3. User represents and warrants that neither the Submission of vulnerability report nor the use of the that will infringe the intellectual property rights of any third party, the rights, and freedoms of others, or result in a violation of any applicable law, this Agreement, or the Program Description.
4. By submitting a Report, Researcher grants HACKTIFY a full, irrevocable, non-exclusive, transferable, assignable, sublicensable, royalty-free, perpetual, royalty-free license (License) to use, copy, publish, modify, transmit, exploit, and distribute the Report for the purpose of providing the Services. The User shall not receive any additional remuneration for granting the License and expressly grants it to HACKTIFY free of charge and without any consideration whatsoever. The Researcher grants the Licence to HACKTIFY in the hope of being entitled to any Reward.

12. CONFIDENTIALITY, THIRD PARTY CONTENT #

1. During the term of this Agreement and after its termination for any reason whatsoever, the User expressly and unconditionally undertakes to keep confidential all information relating to this Agreement and to HACKTIFY which is considered trade secrets and undertakes not to disclose or make public to third parties the following data and information without the prior express written consent of HACKTIFY. In particular, the following shall be considered trade secrets:

1. Any intellectual property rights owned by HACKTIFY and protected by law that come to the knowledge of the User during the use of the Platform;
2. All proprietary rights of HACKTIFY, including any intellectual property rights, which are owned by HACKTIFY, and are protected by the User. Any ideas, concepts, data, or information concerning the business and management of HACKTIFY, its business, business relations, and the services provided by HACKTIFY under this Agreement;
3. All communication between HACKTIFY and the User (in particular: conversation, e-mail, telephone, SMS, video chat, correspondence, notification, form, etc.);
4. Any discounts, reimbursement, rewards, etc. that HACKTIFY may offer to the User;
5. Any data, information, or fact that may harm or compromise HACKTIFY's economic, business, commercial interests, or reputation.

2. The Website and other websites linked to it may occasionally contain third party websites, links, content, or pages that HACKTIFY may indicate for the User's convenience. HACKTIFY has no control over, access to, or responsibility for the sites referred to in this paragraph and the content contained therein. The User expressly acknowledges that he/she may not make any claim against HACKTIFY in relation to the content of third parties.
3. In case the User directly or through third parties directly or indirectly influenced by the User, or through persons who contribute to the performance of this Agreement breaches the confidentiality clauses set out in this agreement, the User shall be obliged to pay a confidentiality penalty to HACKTIFY, regardless and on top of the existence or amount of the actual damages incurred. The confidentiality penalty shall be paid within 15 calendar days from the receipt of the notice. The confidentiality penalty’s amount shall be 10.000.000,- HUF which is ten million Hungarian forints per breach.

13. TERMINATION OF THE CONTRACT #

1. This Agreement may be terminated at any time by mutual written agreement between the Parties.
2. The Agreement may be freely terminated at any time by the User by canceling his/her registration. The Agreement may be terminated by HACKTIFY at any time at its sole discretion with 30 days' notice. HACKTIFY shall notify the User of any termination of the Agreement on the Website and by e-mail.
3. In the event of termination of the Agreement by the Researcher, the Researcher permanently waives any claim to the Rewards still to be paid. The Researcher expressly acknowledges that in the event of termination of the Agreement by the Researcher, no Rewards, refunds, or discounts will be granted, however, the Licences granted to HACKTIFY will remain in force and effect and HACKTIFY may continue to use the Licence without restriction.
4. In the event of a serious breach of this Agreement by the User, HACKTIFY shall be entitled to terminate this Agreement with immediate effect. A serious breach of contract by the User shall be deemed to be, in particular, a delay in payment of any payment obligations to HACKTIFY of more than 8 days, breach of confidentiality under this Agreement, breach of the provisions on intellectual property, breach of the provisions on liability and prohibitions of this Agreement, use of the Website and the system contained therein contrary to or incompatible with the purpose of this Agreement or a clear attempt to do so. In addition, the following shall be considered a serious breach of contract by the User: intentionally false, providing false or inaccurate information, failing to disclose false or inaccurate information, violating any law or other regulation applicable to the User, violating the legitimate economic, business, commercial or reputational interests of HACKTIFY or the Client, violating the provisions of the scope of the authorization to use the Website and violating the provisions of the Licence granted by the User to HACKTIFY.

14. CONTACTS #

1. The User is obliged to use the private communication channels of HACKTIFY in connection with the use of the Platform, comments, bug reports, and suggestions, which can be done through the form of the Website or by sending an e-mail to a dedicated e-mail address ([email protected]). The Parties recognize e-mail communication as formal written communication in force in relation to the Contract.

15. MIXED PROVISIONS #

1. The place of conclusion of the Agreement is Budapest. Parties agree that this Agreement shall be considered as having been concluded in writing.
2. The Parties shall endeavor to resolve any disputes arising out of this Agreement in the first instance between themselves, in mutual cooperation.
3. For the settlement of any dispute arising out of or in connection with a legal transaction under this Agreement, in particular, in connection with its breach, termination, validity, or interpretation, the Parties submit to the exclusive decision of the ad hoc arbitral tribunal to be established and acting in accordance with the Model Rules recommended by the Presidency of the Budapest Bar Association. The Parties agree that the members of the ad hoc arbitral tribunal shall be chosen from among the persons registered as members of the Budapest Bar Association in the register of the Hungarian Bar Association. Number of arbitrators: 3. The Hungarian language shall be used in the proceedings. The Model Rules of Arbitration, which are the basis for the ad hoc arbitration and are also published on the website of the Budapest Bar Association (www.bpugyvedikamara.hu), have been familiarized and accepted by the Parties. The Parties shall exclude the possibility of the renewal of the proceedings provided for in Chapter IX of Act LX of 2017 on Arbitration. The substantive law applicable to the resolution of the dispute shall be Hungarian law, excluding its rules of private international law.

16. RELATED DOCUMENTS #

1. Legal declaration
2. Privacy Policy

17. CONCEPTS AND THEIR EXPLANATION #

1. Website: Website operated by HACKTIFY at www.www.hacktify.eu (presentation page).
2. Platform: web application operated by HACKTIFY available at www.app.hacktify.eu (registration page).
3. Program owner: The person, company, or enterprise that starts the Program published on the Platform, who defines the conditions in the Program description.
4. User: User registered on the Platform (including Researcher and Customer accounts).
5. Researcher: Owner of a hacker account registered on the Platform.
6. Customer: Owner of a company account registered on the Platform.
7. Conditions: Short name of the General Terms and Conditions (GTC).
8. Agreement: Legal declaration and the Terms and Conditions (Terms and Conditions) together.
9. Legal Statement: Document describing the conditions for the use of the Website.
10. Privacy policy: A document presenting information related to data management provided to users of the Website and Platform.
11. Bug bounty program: Program type announced on the Platform, which is based on community testing.
12. VDP: Vulnerability Disclosure Policy/Program, which is a type of Program published on the Platform.
13. Service: Cyber security related help provided to Customers.
14. Program: Joint name of VDP and Bug Bounty Program.
15. Program description: A description containing the conditions and information of a Program on the Platform.
16. Payment method: The option chosen by the researcher for the payment of the given Reward on the Platform.
17. Permission: Authorization given by the researcher to use the Report.
18. Identity verification: The verification process carried out by a third party, which carries out the verification based on the documents presented by the given Researcher.
19. Content: the Website and the Platform, as well as all content related to it and used and/or displayed on it, especially images, photographs, animations, sounds, music, effects, text, titles, color schemes, data files, icons, logo and their arrangement, database, algorithm, software – including the object and source code – together.
20. Bookmark: One of the functions of the Platform, which can be used to add a Program to one's own programs.
21. Reward: A reward (amount of money, points, other) that can be paid to the Researcher and can be given in the description of a Program, to which the Researcher is entitled after submitting and then accepting the Report.
22. Report: A result product prepared based on the conditions specified in the description of a Program (information on vulnerabilities found), which is submitted on the Platform, in accordance with the provisions there.

Effective: 21.05.2024