NullShield

Get started

Terms of Service

Last updated: 10 April 2026

1. Acceptance of terms

By accessing or using NullShield (“the Service”), operated by Damijo Limited, you agree to be bound by these Terms of Service. If you do not agree, do not use the Service.

2. Description of service

NullShield is an AI-powered security scanning service that analyses websites and web applications for vulnerabilities. The Service provides automated security assessments, findings reports, and remediation guidance.

The Service is not a substitute for professional penetration testing or security auditing. NullShield performs automated surface-level and deep scanning, but does not guarantee the detection of all vulnerabilities.

3. Account registration

  • You must provide accurate and complete information when creating an account.
  • You are responsible for maintaining the security of your account credentials.
  • You must be at least 18 years old to use the Service.
  • One person or organisation may not maintain more than one free account.

4. Acceptable use

You agree to scan only websites and applications that you:

  • Own, or
  • Have explicit written authorisation to test.

You must not use the Service to:

  • Scan targets without proper authorisation.
  • Conduct denial-of-service attacks or disruptive testing.
  • Attempt to access other users’ data or accounts.
  • Reverse-engineer, decompile, or attempt to extract the source code of the Service.
  • Use the Service for any illegal purpose.

5. Credits and billing

  • The Service operates on a credit-based model. Each scan consumes credits based on scan type.
  • Credits are non-refundable once consumed by a completed scan.
  • Unused subscription credits roll over according to your plan terms.
  • Prices are in British Pounds (GBP) and exclude VAT where applicable.
  • Subscription renewals are automatic. You can cancel at any time; access continues until the end of the billing period.
  • Top-up credits do not expire while your account is active.

6. Free scans

Unauthenticated free scans are limited to 3 per hour per IP address. Free scans provide a subset of the full scan results and are intended for evaluation purposes only.

7. Data and privacy

Your use of the Service is also governed by our Privacy Policy. By using the Service, you consent to the collection and use of data as described therein.

8. Stored credentials

If you provide login credentials for authenticated (deep) scans:

  • Credentials are encrypted using AES-256-GCM before storage.
  • They are used solely for the purpose of authenticated scanning.
  • They are automatically deleted after the expiry date you set.
  • We strongly recommend using dedicated test accounts with limited permissions.

9. Intellectual property

The Service, including its algorithms, AI models, report templates, and user interface, is the intellectual property of Damijo Limited. Scan reports generated for your targets are licensed to you for your internal use.

10. Limitation of liability

To the maximum extent permitted by law:

  • The Service is provided “as is” without warranties of any kind, express or implied.
  • We do not guarantee that scans will detect all vulnerabilities.
  • We are not liable for any damages arising from your reliance on scan results, including but not limited to security breaches, data loss, or business interruption.
  • Our total liability for any claim related to the Service shall not exceed the amount you paid us in the 12 months preceding the claim.

11. Indemnification

You agree to indemnify and hold Damijo Limited harmless from any claims, damages, or expenses arising from your use of the Service, including scanning targets without proper authorisation.

12. Termination

  • You may close your account at any time via the settings page.
  • We may suspend or terminate your account if you violate these terms, with notice where practicable.
  • Upon termination, your scan data will be retained for 30 days, then permanently deleted.

13. Changes to terms

We may update these terms from time to time. Material changes will be communicated via email to registered users at least 30 days before they take effect.

14. Governing law

These terms are governed by the laws of England and Wales. Any disputes shall be subject to the exclusive jurisdiction of the courts of England and Wales.

15. Contact

For questions about these terms, contact us at legal@nullshield.org or use the contact form.