Last updated: May 2026
By accessing, registering for, or using PentestMe's penetration testing platform (the "Service"), you agree to be bound by these Terms of Service ("Terms"). If you are accepting these Terms on behalf of an organisation, you confirm that you have authority to bind that organisation. If you do not agree to these Terms, you may not use the Service.
PentestMe provides an automated penetration testing and security assessment platform. The Service includes web application scanning, network testing, vulnerability detection, AI-assisted analysis, and security reporting. We reserve the right to modify, suspend, or discontinue any aspect of the Service at any time, with or without notice.
You may use PentestMe only for lawful purposes and only against systems, networks, applications, and data that you own or for which you hold explicit, current, written authorisation to test. You must:
You are responsible for maintaining the security of your account, payment details, and any activities that occur under your account. You must notify us immediately of any unauthorised access at security@pentestme.dev.
You acknowledge that automated security testing can, by its nature, generate substantial network traffic, exercise application logic intensively, and in rare cases temporarily degrade or interrupt the performance or availability of target systems. You accept this risk on behalf of yourself and any third party whose system you have authorised us to test. You agree that PentestMe is not responsible for any impact to scanned systems, including downtime, data loss, performance degradation, or any direct or consequential business impact arising from a scan you initiated or scheduled.
You agree not to:
The Service is offered on monthly or annual subscription plans. Each plan includes a fixed number of scans (the "Scan Allowance") and may include additional features and add-ons. Current plans, prices, and Scan Allowances are listed on our pricing page and may be amended on thirty (30) days' notice.
Your Scan Allowance is granted at the start of each billing period and is intended for use during that period only. Unused scans:
When a new billing period begins — whether by automatic renewal or by manual reactivation following a payment failure — your scan counter resets to zero and the new period's Scan Allowance becomes available. Add-on scans purchased separately are governed by the same single-period expiry unless explicitly stated otherwise at the time of purchase.
Subscriptions are billed in advance. By providing payment details you authorise PentestMe and our payment processors (PayFast and Stitch) to charge the agreed amount on each renewal date for the duration of your subscription. All prices are quoted in South African Rand (ZAR) and are inclusive of Value-Added Tax (VAT) where applicable. We may change prices with thirty (30) days' notice; price changes take effect at your next renewal.
Subscriptions renew automatically at the end of each billing period unless cancelled before the renewal date. As a courtesy, we send reminder notifications to your registered billing email seven (7), three (3), two (2), and zero (0) days before the renewal date. You remain responsible for ensuring that your billing details are current. Reminder emails are a notification, not a precondition to renewal: failure to receive a reminder does not entitle you to refund or credit.
If a renewal payment fails:
Subscription fees are non-refundable except where required by law or at our sole discretion. Refund requests must be submitted in writing to billing@pentestme.dev within fourteen (14) days of the charge. Where the South African Consumer Protection Act, 2008 applies, eligible consumers may exercise their right to cancel a distance-selling transaction within five (5) business days of signup; this right does not apply to business customers, to scans already executed, or to add-ons already consumed.
You may cancel your subscription at any time from your billing settings. Cancellation takes effect at the end of the current billing period and you retain access until then. No pro-rata refund is provided for the unused remainder of the period, and unused scans are voided in accordance with section 5.2. Add-on scans expire with the subscription they belong to.
You agree to contact PentestMe at billing@pentestme.dev to resolve any billing dispute before initiating a chargeback with your bank or card issuer. Initiating a chargeback without first attempting to resolve the dispute with us may result in immediate suspension or termination of your account and a chargeback-handling fee equivalent to the cost levied on us by the payment processor.
Prices include South African VAT where applicable. You are responsible for any other taxes, duties, or withholding taxes imposed by your jurisdiction. Where you are required to withhold tax on payments to us, you must gross up the payment so that we receive the full invoiced amount.
Our collection and use of your information is described in our Privacy Policy. By using the Service you consent to those practices. PentestMe operates from South Africa and processes personal information in accordance with the Protection of Personal Information Act, 2013 ("POPIA"). For data submitted into the Service by you (including scan results, target metadata, and report content), you are the Responsible Party and PentestMe acts as Operator. You warrant that you have a lawful basis to provide any personal information you upload and that you have obtained any consents required from data subjects.
We retain scan data and reports for as long as your subscription is active and for a reasonable period thereafter to enable reactivation. After prolonged inactivity or upon written request, data may be permanently deleted.
PentestMe retains all rights, title and interest in the platform — including software, AI models, scan methodology, documentation, look-and-feel, and brand. You receive a limited, non-exclusive, non-transferable, revocable licence to use the Service for the duration of your subscription. You retain ownership of the raw scan results and reports generated for your authorised targets, subject to PentestMe's ongoing rights in the underlying tooling and methodology. You grant PentestMe a perpetual, royalty-free licence to use aggregated, anonymised scan data to improve the Service.
While we strive for high availability, the Service is provided on a commercially reasonable basis. We do not guarantee uninterrupted access. Planned maintenance, third-party outages (including cloud, payment, email, and DNS providers), and force-majeure events may cause downtime. We are not liable for downtime, delays, missed scans, or service interruptions, and no service credits accrue automatically.
Neither party is liable for any failure or delay in performance arising from causes beyond its reasonable control, including but not limited to acts of God, natural disasters, war, terrorism, civil unrest, government action, labour disputes, internet or telecommunications failures, third-party platform outages, pandemics, or load-shedding. Affected obligations are suspended for the duration of the event.
The Service is provided "as is" and "as available", without warranties of any kind, whether express, implied, or statutory, including any warranty of merchantability, fitness for a particular purpose, accuracy, or non-infringement. We do not guarantee that the Service will detect all vulnerabilities, that findings will be free from false positives or false negatives, or that scan results are sufficient to satisfy any compliance, regulatory, or audit requirement.
To the maximum extent permitted by law, PentestMe and its officers, directors, employees, and affiliates shall not be liable for any indirect, incidental, special, consequential, punitive, or exemplary damages — including loss of profits, revenue, data, goodwill, or business opportunity — arising from your use of, or inability to use, the Service, regardless of the cause of action and even if we have been advised of the possibility of such damages. Our total aggregate liability for any claim arising out of or relating to these Terms is limited to the amount you paid PentestMe in the twelve (12) months preceding the event giving rise to the claim.
The Service provides automated security testing and AI-assisted analysis but is not a substitute for professional security consulting or qualified human review. You must independently validate findings before acting on them. Always consult qualified security professionals for critical systems and regulated environments.
You agree to defend, indemnify, and hold harmless PentestMe and its officers, directors, employees, and affiliates from and against any and all claims, damages, losses, liabilities, costs, and expenses (including reasonable legal fees) arising out of or relating to: (a) your use of the Service; (b) any scan you initiated or scheduled, including any impact to target systems or third parties; (c) your breach of these Terms; (d) your violation of any law or the rights of any third party; or (e) any content, data, or instructions you submitted to the Service. This obligation survives termination of your subscription.
We may suspend or terminate your account at any time, with or without notice, for breach of these Terms, for non-payment, for actual or suspected misuse of the Service, or where required by law. Upon termination your right to use the Service ceases immediately, and unused scans, balances, and add-ons are forfeit. Sections 3.3, 5.6, 5.8, 6, 7, 10, 11, and 14 survive termination.
We may modify these Terms from time to time. Material changes will be notified via email to your registered billing address or via in-platform notification. The "Last updated" date at the top of this page indicates when the Terms were most recently revised. Continued use of the Service after a change takes effect constitutes acceptance of the revised Terms.
These Terms are governed by the laws of the Republic of South Africa. The parties submit to the exclusive jurisdiction of the Western Cape High Court, Cape Town, in respect of any dispute, save that PentestMe may seek interim or injunctive relief in any court of competent jurisdiction.
For questions about these Terms of Service, contact us at:
Legal: legal@pentestme.dev
Billing: billing@pentestme.dev
Security: security@pentestme.dev
Address: Cape Town, South Africa
These Terms, together with our Privacy Policy and any order form or plan-specific terms agreed with you, constitute the entire agreement between you and PentestMe in respect of the Service and supersede all prior agreements, communications, and understandings. If any provision is found to be unenforceable, the remaining provisions remain in full force and effect.