Email:

Phone No.

Whatsapp

Frame-14

Privacy Ninja

I've Been Breached

Terms & Conditions

Last updated: August 15, 2023
Please read these terms and conditions carefully before using Our Service.

Interpretation and Definitions

Interpretation

The words of which the initial letter is capitalized have meanings defined under the following conditions.
The following definitions shall have the same meaning regardless of whether they appear in singular or in plural.

Definitions

For the purposes of these Terms and Conditions:

  • Affiliate means an entity that controls, is controlled by or is under common control with a party, where “control” means ownership of 50% or more of the shares, equity interest or other securities entitled to vote for election of directors or other managing authority.
  • Company (referred to as either “the Company”, “We”, “Us” or “Our” in this Agreement) refers to PRIVACY NINJA PTE. LTD., 7 Temasek Boulevard, #12-07, Suntec Tower One, Singapore 038987.
  • Country refers to: Singapore
  • Service refers to the Website.
  • Terms and Conditions (also referred as “Terms”) mean these Terms and Conditions that form the entire agreement between You and the Company regarding the use of the Service.
  • Third-party Social Media Service means any services or content (including data, information, products or services) provided by a third-party that may be displayed, included or made available by the Service.
  • Website refers to Privacy Ninja, accessible from https://www.privacy.com.sg
  • You means the individual accessing or using the Service, or the company, or other legal entity on behalf of which such individual is accessing or using the Service, as applicable.

Acknowledgement

These are the Terms and Conditions governing the use of this Service and the agreement that operates between You and the Company. These Terms and Conditions set out the rights and obligations of all users regarding the use of the Service.

Your access to and use of the Service is conditioned on Your acceptance of and compliance with these Terms and Conditions. These Terms and Conditions apply to all visitors, users and others who access or use the Service.

By accessing or using the Service You agree to be bound by these Terms and Conditions. If You disagree with any part of these Terms and Conditions then You may not access the Service.

Your access to and use of the Service is also conditioned on Your acceptance of and compliance with the Privacy Policy of the Company. Our Privacy Policy describes Our policies and procedures on the collection, use and disclosure of Your personal information when You use the Application or the Website and tells You about Your privacy rights and how the law protects You. Please read Our Privacy Policy carefully before using Our Service.

Links to Other Websites

Our Service may contain links to third-party web sites or services that are not owned or controlled by the Company.

The Company has no control over, and assumes no responsibility for, the content, privacy policies, or practices of any third party web sites or services. You further acknowledge and agree that the Company shall not be responsible or liable, directly or indirectly, for any damage or loss caused or alleged to be caused by or in connection with the use of or reliance on any such content, goods or services available on or through any such web sites or services.

We strongly advise You to read the terms and conditions and privacy policies of any third-party web sites or services that You visit.

Termination

We may terminate or suspend Your access immediately, without prior notice or liability, for any reason whatsoever, including without limitation if You breach these Terms and Conditions.

Upon termination, Your right to use the Service will cease immediately.

Limitation of Liability

Notwithstanding any damages that You might incur, the entire liability of the Company and any of its suppliers under any provision of this Terms and Your exclusive remedy for all of the foregoing shall be limited to the amount actually paid by You through the Service or zero dollars if You haven’t purchased anything through the Service.

To the maximum extent permitted by applicable law, in no event shall the Company or its suppliers be liable for any special, incidental, indirect, or consequential damages whatsoever (including, but not limited to, damages for loss of profits, loss of data or other information, for business interruption, for personal injury, loss of privacy arising out of or in any way related to the use of or inability to use the Service, third-party software and/or third-party hardware used with the Service, or otherwise in connection with any provision of this Terms), even if the Company or any supplier has been advised of the possibility of such damages and even if the remedy fails of its essential purpose.

Some states do not allow the exclusion of implied warranties or limitation of liability for incidental or consequential damages, which means that some of the above limitations may not apply. In these states, each party’s liability will be limited to the greatest extent permitted by law.

Price Beat Gurantee for VAPT Services

Just as we emphasize the quality of our offerings, we understand the importance of competitive pricing. With this guarantee, we ensure that not only do you receive outstanding service, but you also benefit from our dedication to offering the best value in the industry. The terms and conditions of our 20% Price Beat Guarantee are as follows:

  • Eligible Service Providers: The Price Beat Guarantee is applicable only to quotations or invoices offered by local service providers that hold a CSRO (Cyber Security Service Provider) license. The scope of work in the quoted service must be the same as the main assessment inclusions defined in Privacy Ninja’s proposal.
  • Verification of Competitor’s Quote: To avail the Price Beat Guarantee, the client must, in good faith, disclose either the identity of the competing service provider or provide the full quotation. This must be done no later than 3 days after the client’s acceptance of our revised proposal, following the initiation of our Price Beat Guarantee.
  • Privacy Ninja’s Discretion: Privacy Ninja retains the right of refusal and sole discretion to decline the application of the Price Beat Guarantee if there are reasonable suspicions of fraudulent or illegitimate quotations submitted with the intent to trigger the price beat offer.

Security Guarantee for VAPT Services

At Privacy Ninja, we’re committed to helping you validate that your fixes work–not just to identify vulnerabilities. That’s why we offer a 1-Year Unlimited Revalidations Guarantee under the following terms:

  • Eligibility Scope: This Security Guarantee applies strictly to clients who have completed a VAPT engagement with Privacy Ninja and received their initial assessment report. The unlimited revalidations apply to the same environment tested, and only for unresolved vulnerabilities identified in the original engagement.
  • Request-Based Trigger: Revalidations will be conducted only upon client request and within 12 months from the date of the first assessment report. There is no cap on the number of revalidation requests, as long as each request is related to fixing previously identified vulnerabilities.
  • Environment Consistency Clause: The Guarantee is valid only if no significant architectural changes or platform migrations have been made to the originally tested system. If changes are introduced (e.g., new features, environments, codebases), the affected portions may require a new VAPT engagement.
  • Scope of Coverage:  This Guarantee applies to the same asset categories covered in the original test—e.g., web applications, APIs, mobile apps, cloud infrastructure—using either Greybox or White Box methodologies.
  • Exclusions: Revalidations will not cover entirely new attack surfaces or vulnerabilities unrelated to the original scope. This Guarantee does not extend to phishing simulations or social engineering vectors. We reserve the right to reject requests that fall outside the originally tested system, or where significant changes have invalidated the prior findings.
  • Revalidation Format: Each revalidation may consist of a narrowed scope retest focusing on the resolved vulnerabilities and will result in an updated report noting successful fixes or remaining issues.
  • Validity Period: This Guarantee is valid for 12 months from the date of the initial VAPT report submission to the client.
  • Revalidation Scheduling: Revalidations will be scheduled based on mutual availability and may be subject to a short lead time depending on resource allocation.

Money Back Guarantee for DPO-As-A-Service

We are committed to providing exceptional Data Protection Officer (DPO)-as-a-Service to our clients in Singapore. To demonstrate our dedication to delivering high-quality services and ensuring compliance with data protection regulations, we offer a money back guarantee under the following terms and conditions:

  • Refund Scope: The Money-Back Guarantee applies strictly to the service fee associated with the current year’s engagement, regardless of the length of the client’s engagement with us.
  • Minimum Engagement Period: In order to be eligible for a refund, the client must have progressed in the engagement for at least six months, which may include the previous year’s engagement.
  • Reportable Data Breach: The client must experience a data breach that meets the criteria of a notifiable data breach as defined by the Personal Data Protection Act (PDPA) Singapore. The breach must be promptly reported to the Personal Data Protection Commission (PDPC) and affected individuals within 72 hours, and where applicable, relevant authorities such as the Singapore Police Force (SPF), Cyber Security Agency (CSA), and relevant regulatory bodies.
  • Missed Process or Insufficient Advisory: The data breach must be directly attributable to our failure to fulfill a specific process or advisory obligation, resulting in the breach. This includes situations where our advice or recommendations were implemented yet were insufficient, leading to the breach.
  • Rejection of Recommendations: In instances where the client’s management rejects the best practices, process modifications, or security technology adoption suggestions put forth by us, leading to inadequate technical, administrative or physical measures that resulted in the data breach, the client will not be eligible for the money back guarantee.
  • Written Notice: The client must inform us in writing, within 24 hours of the occurrence of the breach, of their intention to enact the money back guarantee clause.
  • Continuity of Services: Should a client opt to invoke the Money-Back Guarantee, we will continue to serve and assist them until the end of our engagement, or upon acknowledgement of receipt of the refunded DPOAAS service fee, whichever is earlier. This continuation of service before termination, is inclusive of support for breach reporting and participating in remediation activities.
  • Non-Invocation of Money Back Guarantee: If the client chooses not to invoke the money back guarantee clause, we will continue to fulfill our obligations as the outsourced DPO and provide full support in reporting the breach to the authorities and assisting with remediation efforts.
  • Refund Processing Timeline: Upon receipt of a written request for a refund and subject to the validation of the eligibility for the Money-Back Guarantee as outlined in our terms and conditions, we shall process the corresponding refund to the client within a period of 90 days from the receipt of the request, but no earlier than 60 days from the same date. This timeline is necessary to allow our internal team adequate time to conduct a thorough and comprehensive investigation into the client’s claims, assess the extent of our liability, and determine the validity of the Money-Back Guarantee invocation. It is our commitment to ensure a transparent, fair, and methodical evaluation process to safeguard the interests of all parties involved.

The money back guarantee is subject to a thorough investigation and assessment by our internal team. We reserve the right to validate the client’s claims and determine the legitimacy and extent of our liability in accordance with the outlined terms and conditions.

“AS IS” and “AS AVAILABLE” Disclaimer

The Service is provided to You “AS IS” and “AS AVAILABLE” and with all faults and defects without warranty of any kind. To the maximum extent permitted under applicable law, the Company, on its own behalf and on behalf of its Affiliates and its and their respective licensors and service providers, expressly disclaims all warranties, whether express, implied, statutory or otherwise, with respect to the Service, including all implied warranties of merchantability, fitness for a particular purpose, title and non-infringement, and warranties that may arise out of course of dealing, course of performance, usage or trade practice. Without limitation to the foregoing, the Company provides no warranty or undertaking, and makes no representation of any kind that the Service will meet Your requirements, achieve any intended results, be compatible or work with any other software, applications, systems or services, operate without interruption, meet any performance or reliability standards or be error free or that any errors or defects can or will be corrected.

Without limiting the foregoing, neither the Company nor any of the company’s provider makes any representation or warranty of any kind, express or implied: (i) as to the operation or availability of the Service, or the information, content, and materials or products included thereon; (ii) that the Service will be uninterrupted or error-free; (iii) as to the accuracy, reliability, or currency of any information or content provided through the Service; or (iv) that the Service, its servers, the content, or e-mails sent from or on behalf of the Company are free of viruses, scripts, trojan horses, worms, malware, timebombs or other harmful components.

Some jurisdictions do not allow the exclusion of certain types of warranties or limitations on applicable statutory rights of a consumer, so some or all of the above exclusions and limitations may not apply to You. But in such a case the exclusions and limitations set forth in this section shall be applied to the greatest extent enforceable under applicable law.

Governing Law

The laws of the Country, excluding its conflicts of law rules, shall govern this Terms and Your use of the Service. Your use of the Application may also be subject to other local, state, national, or international laws.

Disputes Resolution

If You have any concern or dispute about the Service, You agree to first try to resolve the dispute informally by contacting the Company.

Severability and Waiver

Severability

If any provision of these Terms is held to be unenforceable or invalid, such provision will be changed and interpreted to accomplish the objectives of such provision to the greatest extent possible under applicable law and the remaining provisions will continue in full force and effect.

Waiver

Except as provided herein, the failure to exercise a right or to require performance of an obligation under this Terms shall not effect a party’s ability to exercise such right or require such performance at any time thereafter nor shall be the waiver of a breach constitute a waiver of any subsequent breach.

Translation Interpretation

These Terms and Conditions may have been translated if We have made them available to You on our Service.

You agree that the original English text shall prevail in the case of a dispute.

Changes to These Terms and Conditions

We reserve the right, at Our sole discretion, to modify or replace these Terms at any time. If a revision is material We will make reasonable efforts to provide at least 30 days’ notice prior to any new terms taking effect. What constitutes a material change will be determined at Our sole discretion.

By continuing to access or use Our Service after those revisions become effective, You agree to be bound by the revised terms. If You do not agree to the new terms, in whole or in part, please stop using the website and the Service.

Contact Us

If you have any questions about these Terms and Conditions, You can contact us:

  • By email: dpo@privacy.com.sg
  • By visiting this page on our website: https://privacy.com.sg/contact-us
shape4
Frame-14

Privacy Ninja

Established in 2018, Privacy Ninja is a Singapore-based IT security company specialising in data protection and cybersecurity solutions for businesses. We offer services like vulnerability assessments, penetration testing, and outsourced Data Protection Officer support, helping organisations comply with regulations and safeguard their data.

Facebook-f X-twitter Instagram Youtube

Data Protection​

Training

Managed Services

Cybersecurity

Location

Singapore

7 Temasek Boulevard,
#12-07, Suntec Tower One,
Singapore 038987

Newsletter

Latest resources sent to your inbox weekly

© 2025 Privacy Ninja. All rights reserved

Terms Of Use | Privacy Policy

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Cybersecurity updates weekly!

PDPA-1024x683-min

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Cybersecurity updates weekly!

PDPA-1024x683-min

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
TALK TO US
× Chat with us