Trust + Safety Center

By purchasing and using Affordable Pentesting services you agree to these terms in full. If you do not agree, do not use the platform.

Affordable Pentesting provides automated and AI-assisted penetration testing services. All testing is performed exclusively on targets for which you have provided explicit written authorisation.

Credits are non-refundable once a pentest job has been dispatched to our backend systems. Unused credits may be refunded within 14 days of purchase — contact support.

We reserve the right to suspend or terminate accounts that violate these terms without notice or refund.

These terms are governed by the laws of the United States.

We collect only the data necessary to provide our services: your email address, payment information (processed by Stripe — we never see card details), and scan targets you submit.

Scan results and reports are stored in Google Cloud Storage, accessible only to you and our backend systems. We do not sell or share your data with third parties.

We use Firebase Authentication for identity management. Firestore is used to store account and pentest metadata.

You may request deletion of your account and associated data at any time by submitting a support ticket via our Support page.

You must have explicit, written authorisation from the system owner before submitting any target for testing. Verbal permission is not sufficient.

By submitting a target you are legally attesting that you own the system or hold documented permission from the owner to conduct penetration testing.

Submitting targets you do not own or have not obtained authorisation for is a criminal offence in most jurisdictions (e.g., CFAA in the United States, Computer Misuse Act in the UK).

Affordable Pentesting operates in good faith on your attestation. Any misuse is solely your legal responsibility.

The following target types are strictly prohibited regardless of claimed ownership: critical national infrastructure (power grids, water systems, financial clearing systems), government systems, healthcare systems containing patient data, and any system you have been explicitly prohibited from testing.

Targets that appear to be shared hosting environments where testing could impact other tenants are also prohibited.

We reserve the right to cancel any job and suspend any account if a submitted target is determined to be prohibited.

If you discover a security vulnerability in the Affordable Pentesting platform itself, please disclose it responsibly by submitting a support ticket via our Support page — select the "Other" topic and include as much detail as possible.

We commit to acknowledging your report within 48 hours, working to remediate confirmed issues within 30 days, and not pursuing legal action against good-faith security researchers.

We do not currently operate a bug bounty programme, but we will credit researchers who assist us in improving our security.