SYRNBack to home

General Terms and Conditions of Use and Sale

Last updated: February 18, 2026

Article 1. Legal Notice

The SaaS platform is published by SYRN, a simplified joint-stock company (SAS) with a share capital of EUR 2,000, registered with the RCS de PARIS under number 994 405 231, with its registered office located at 58 rue de Monceau, 75008 Paris (hereinafter "the Publisher").

Article 2. Purpose of the Service

SYRN provides a SaaS cybersecurity vulnerability intelligence platform designed to detect and alert on emerging threats (hereinafter "the Service"). The Service is intended exclusively for professional use (B2B). The purpose of these GTCUS is to define the terms and conditions governing access to and use of the Service by customers (hereinafter "the Customer").

Article 3. Access and Account Creation

Access to the Service requires the creation of a user account. The Customer is responsible for maintaining the confidentiality of its login credentials. Any use of the Service with such credentials shall be deemed to have been made by the Customer. SYRN reserves the right to suspend any account in the event of fraudulent or suspicious use.

Article 4. Financial Terms

4.1. Pricing

Subscription fees are displayed on the Platform in Euros, exclusive of tax (HT). The applicable value-added tax (VAT) at the rate in effect on the date of the order shall be added thereto.

4.2. Payment upon order

The subscription fee is payable in full at the time of the order. Access to the Services shall only be activated upon receipt and validation of payment by SYRN. This rule applies to the initial subscription as well as to each renewal.

4.3. Price revision

SYRN reserves the right to modify its pricing at any time. For current subscriptions, the new pricing shall only take effect upon renewal. SYRN shall notify the Customer of any pricing change by email at least thirty (30) days before the new prices come into effect. Should the Customer refuse such increase, the Customer may terminate its subscription before the effective date, without penalty.

4.4. Late payment

Any payment default, following a formal notice that has remained without effect for 3 days, shall result in the immediate suspension of the Service. In accordance with Article L. 441-10 of the French Commercial Code, late payment penalties (at 3 times the statutory interest rate) and a fixed indemnity of EUR 40 for collection costs shall be due without prior reminder.

4.5. Credit card payment and recurring billing

Payment may be made by credit card through a secure payment platform (Stripe). By subscribing, the Customer authorizes SYRN to retain banking details (through its PCI-DSS certified payment provider) and to process recurring automatic charges at each billing period (monthly or annual), until termination of the Service.

4.6. SEPA direct debit (EU zone)

Payment may be made by SEPA direct debit. By choosing this method, the Customer signs a mandate authorizing SYRN to debit its bank account for all amounts due under the subscription and its renewals.

4.7. Plan changes (Upgrade & Downgrade)

The Customer may change its subscription plan at any time from its account. Upgrade: A change to a higher-tier plan takes effect immediately, with the price difference invoiced on a pro rata basis. Downgrade: A change to a lower-tier plan takes effect at the next renewal date. No partial refund shall be issued for the period already paid.

Article 5. Intellectual Property

SYRN is the exclusive owner of all intellectual property rights relating to the platform (software, interface, database, monitoring algorithms). The subscription grants the Customer a personal, non-exclusive, and non-transferable right of use.

Monitoring information is intended for the Customer's internal use and may not be resold or redistributed to third parties without prior written consent.

Article 6. Liability and Warranties

SYRN undertakes to exercise all reasonable care in collecting monitoring information. However, given the evolving nature of cyber threats, SYRN does not guarantee the completeness or the absence of errors in the data provided.

The Customer is solely responsible for decisions made on the basis of information provided by the platform.

SYRN's liability is limited to direct damages and capped at the total amount paid by the Customer during the preceding 12 months. Under no circumstances shall SYRN be held liable for indirect, incidental, special, consequential, or punitive damages.

Article 7. Service Availability (SLA)

7.1. Availability target

SYRN endeavors to maintain access to the Platform with a target annual availability rate of 99% (excluding maintenance periods).

7.2. Maintenance

SYRN reserves the right to interrupt access to the Service for maintenance operations. SYRN shall endeavor to notify the Customer at least twenty-four (24) hours in advance of any scheduled maintenance.

7.3. Service credit

If the actual availability rate over a full contractual year falls below 95% (excluding maintenance and force majeure), the Customer may request a credit set at 10% of the most recent annual invoice amount.

Article 8. Term and Termination

The subscription is taken out for an initial period chosen by the Customer (one month or one year). At the end of this period, the subscription shall automatically renew for successive periods of the same duration.

Either Party may cancel the automatic renewal directly through the Platform. For monthly subscriptions, termination takes effect at the end of the current month. For annual subscriptions, a three (3) month notice period is required.

In the event of a material breach which remains unremedied within thirty (30) days of a formal notice, the other party may terminate the subscription as of right.

Article 9. Personal Data Protection (GDPR)

SYRN undertakes to process personal data in compliance with applicable regulations, in particular the GDPR and the French Data Protection Act.

The terms governing data collection and processing are set out in the Privacy Policy, deemed an integral annex of these GTCUS.

Article 10. Confidentiality

"Confidential Information" means all information, data, or documents disclosed by one Party to the other, including trade secrets, source code, algorithms, monitoring data, Customer-specific vulnerabilities, and financial terms.

Each Party undertakes to keep Confidential Information strictly secret and to use it solely for the purposes of performing the Service.

The confidentiality obligations shall remain in effect for the entire duration of the agreement and shall survive its termination for a period of five (5) years.

Article 11. Governing Law and Jurisdiction

These GTCUS are governed by French law. In the event of any dispute, exclusive jurisdiction is attributed to the Commercial Court of Paris (Tribunal de Commerce de Paris).

Article 12. Reversibility and Data Retrieval

Upon termination, the Customer may retrieve all professional data (user accounts, declared assets, perimeter configuration, selected technologies) in CSV format.

Upon written request within thirty (30) days following the end of the agreement, SYRN shall deliver the export files within fifteen (15) business days.

Three (3) months after the end of the agreement, SYRN shall permanently delete the Customer's data from its servers.

Article 13. Disclaimer and Limitation of Technical Liability

The Customer acknowledges that the Service is a monitoring and decision-support tool. Alerts and reports constitute an analytical basis, the final interpretation of which rests exclusively with the Customer.

SYRN shall not be held liable for any consequences arising from the application of patches flagged by the Service. The Customer must conduct a prior impact assessment.

The Service cannot substitute for sound IT security practices and a comprehensive security infrastructure (firewalls, EDR/XDR, antivirus, access management).

Article 14. Internal Use Only and Restrictions

The right of use is strictly limited to the Customer's internal needs. The Customer is prohibited from reselling, renting, sublicensing, or distributing the Service to third parties.

The Customer may not integrate the Service into any third-party commercial solution without the prior written consent of SYRN.

Article 15. Indemnification

SYRN undertakes to indemnify the Customer against any third-party claim alleging that use of the Service infringes its intellectual property rights.

The Customer warrants that it holds all necessary rights over data and content uploaded to the Platform and undertakes to indemnify SYRN against any related third-party claim.

Article 16. Force Majeure

Neither Party shall be held liable for any delay or failure due to a force majeure event. Force majeure events expressly include large-scale cyberattacks, power outages or telecommunications failures beyond the Publisher's control, and legal or governmental restrictions. If the event persists for more than thirty (30) days, either Party may terminate the agreement.

Article 17. Assignment and Transfer

The Customer may not assign its rights and obligations without the prior written consent of SYRN. SYRN reserves the right to assign the rights and obligations arising from these GTCUS, in particular in the context of a merger, acquisition, or asset transfer.

Article 18. Entire Agreement

These GTCUS, including the Privacy Policy, constitute the entire agreement between the Customer and SYRN. They supersede any prior communication or agreement. If any provision is declared null, the remaining provisions shall continue in full force.