Legal · Terms of Service

Terms of Service

Last updated: 1 June 2025 · Effective: 1 June 2025

These Terms govern your use of all Sky Nexus Cyber Operations services, websites, and platforms. They are issued under the Competition and Consumer Act 2010 (Cth) and Australian Consumer Law. Please read them carefully before using our services.

Electronic Transactions Act 1999
Valid e-contracts
Australian Consumer Law
Statutory guarantees
Cybercrime Act 2001
Authorised testing only
Governing Law
Victoria, Australia

1. Parties and acceptance

These Terms of Service ('Terms') are between Sky Nexus Proprietary Limited ('Sky Nexus', 'we', 'us') and the individual or organisation accessing our services ('you', 'Client'). By accessing or using any Sky Nexus service you confirm you have read, understood, and agreed to these Terms. If you accept on behalf of an organisation, you represent that you have authority to bind that organisation.

These Terms constitute a legally binding agreement under the Electronic Transactions Act 1999 (Cth), which provides that electronic contracts and signatures have the same legal effect as written paper contracts.

2. Legislative framework

The following legislation is relevant to your use of Sky Nexus services.

  • Competition and Consumer Act 2010 (Cth), Schedule 2 — Australian Consumer Law (ACL): consumer guarantees (Part 3-2), unfair contract terms (ss 23–28)
  • Electronic Transactions Act 1999 (Cth) — validity of electronic contracts, signatures, and notices
  • Privacy Act 1988 (Cth) — data handling obligations; see our Privacy Policy
  • Cybercrime Act 2001 (Cth) — prohibited conduct in relation to computer systems
  • Criminal Code Act 1995 (Cth) Division 477 — serious computer offences
  • Security of Critical Infrastructure Act 2018 (Cth) (SOCI Act) — risk management obligations for critical infrastructure owners
  • Spam Act 2003 (Cth) — consent requirements for commercial electronic messages
  • Copyright Act 1968 (Cth) — intellectual property ownership and permitted use
  • Corporations Act 2001 (Cth) — business conduct obligations

3. Australian Consumer Law — statutory guarantees

Where you are a consumer as defined in the ACL (s 3), statutory consumer guarantees apply to our services and cannot be excluded, restricted, or modified by any term in this agreement.

  • Services will be rendered with due care and skill (ACL s 60)
  • Services will be fit for any specific purpose you communicate to us (ACL s 61)
  • Services will be delivered within a reasonable time where no time is agreed (ACL s 62)
  • Where we fail a statutory guarantee, you may be entitled to a remedy — re-supply for a minor failure; refund or compensation for a major failure (ACL ss 267–270)
  • These statutory guarantees apply regardless of any other term in these Terms or any service agreement

4. Unfair contract terms (ACL ss 23–28)

Sky Nexus does not rely on terms that are unfair within the meaning of ACL Part 2-3. From 9 November 2023, the ACL unfair contract terms regime applies to small business contracts (turnover under $10M or fewer than 100 employees) as well as consumer contracts. A term is unfair if it: (a) creates a significant imbalance in the parties' rights and obligations; (b) is not reasonably necessary to protect a legitimate interest; and (c) would cause detriment if relied on. Any such term is void to the extent of the unfairness; the remainder of the agreement continues.

5. Services provided

Sky Nexus provides professional cybersecurity, cloud, ICT, and digital transformation services. Specific scope, deliverables, timelines, and fees are set out in individual Statements of Work (SOW) or Master Service Agreements (MSA), which supplement these Terms.

  • Managed Security Services — 24/7 SOC, SIEM, threat detection and response
  • Penetration testing and red team operations — conducted under written Authorisation to Test only
  • Cloud architecture, migration, and security — AWS, Azure, GCP
  • Governance, risk, and compliance — Essential Eight, IRAP, DISP, ISO 27001, SOCI Act
  • Incident response and digital forensics — ISO/IEC 27035:2023 aligned
  • ICT infrastructure, managed support, and digital transformation advisory

6. Authorisation for security testing (Cybercrime Act 2001)

Important

Unauthorised access to computer systems is a criminal offence under the Cybercrime Act 2001 (Cth) s 477.1 and the Criminal Code Act 1995 (Cth) Division 477. Sky Nexus conducts all offensive security activities only under a signed Authorisation to Test (ATT) document.

  • An ATT must be signed by an authorised representative of the organisation that owns or controls all systems within scope
  • You must confirm you have authority over all systems, networks, and data included in scope
  • Testing is strictly confined to the agreed scope; any expansion requires written re-authorisation
  • Cloud and shared-infrastructure testing may require provider approval — the client is responsible for obtaining this
  • Sky Nexus may terminate testing immediately if authorisation is uncertain or if testing poses unanticipated risk

7. Intellectual property (Copyright Act 1968)

  • Background IP (pre-existing tools, methodologies, software) — remains Sky Nexus property; client receives a limited licence to use in deliverables only
  • Foreground IP (bespoke deliverables created for a client) — assigned to client on full payment unless the SOW provides otherwise
  • Open-source software — governed by its applicable licence; Sky Nexus discloses all OSS components used
  • Client materials and data — remain client property at all times; Sky Nexus processes them only for service delivery
  • Moral rights — individual authors retain moral rights of attribution and integrity (Copyright Amendment (Moral Rights) Act 2000)

8. Confidentiality

Both parties agree to maintain strict confidentiality over each other's confidential information, to use it only for the purpose of the engagement, and to apply at least the same standard of care as they apply to their own confidential information (minimum: reasonable care). This obligation survives termination of the service relationship indefinitely. Disclosure required by law (e.g., to ASIC, ACSC, or a court) is permitted only to the extent required and with prompt notice to the other party where lawful.

9. Payment terms

  • Invoices are due within 30 days of receipt unless otherwise specified in the SOW
  • Late payments accrue interest at the RBA cash rate plus 8% per annum from the due date
  • Services may be suspended after 14 days' written notice if an invoice remains unpaid
  • All fees are in Australian Dollars (AUD); GST applies as specified on the tax invoice
  • Disputed invoices — raise in writing within 7 days; undisputed portions remain payable on the original due date

10. Limitation of liability

Subject to the ACL and to the maximum extent permitted by law:

  • Sky Nexus's aggregate liability for any claim is limited to the fees paid for the specific service in the 12 months preceding the relevant event
  • We are not liable for indirect, incidental, special, consequential, or punitive losses
  • We are not liable for losses from the client's failure to maintain backups or implement recommended controls
  • We are not liable for acts or failures of third-party software, cloud providers, or infrastructure vendors
  • Nothing in these Terms limits liability for death or personal injury caused by negligence, or for fraud
  • ACL statutory guarantees for consumers are not limited by this clause

11. Critical infrastructure clients (SOCI Act 2018)

If you are an owner or operator of a critical infrastructure asset within the meaning of the Security of Critical Infrastructure Act 2018 (Cth) and its 2021–22 amendments, additional obligations apply — including mandatory notification of cybersecurity incidents to the Australian Signals Directorate (ASD). Sky Nexus will assist you in meeting your SOCI Act obligations as part of the engagement scope. Please notify us at the outset if your organisation is subject to the SOCI Act.

12. Termination

  • Either party may terminate a service engagement with written notice as specified in the SOW or MSA
  • Sky Nexus may terminate immediately for material breach — including non-payment, scope violation, or unauthorised activity
  • On termination, you must cease use of any Sky Nexus-provided access, platforms, or credentials within 24 hours
  • Obligations of confidentiality, IP ownership, and limitation of liability survive termination
  • Outstanding fees remain payable for work completed prior to termination

13. Governing law and dispute resolution

These Terms are governed by the laws of Victoria, Australia. Before commencing litigation, the parties agree to:

  • Step 1 — Good-faith negotiation: senior representatives meet within 10 business days of a written dispute notice
  • Step 2 — Mediation in Melbourne under IAMA Mediation Rules if negotiation fails within 30 days
  • Step 3 — Litigation in the courts of Victoria if mediation does not resolve the dispute within 60 days

Contact — legal enquiries

For questions about these Terms or to initiate a formal dispute notice, contact our legal team.

Email: legal@skynexus.co

Phone: 1800 712 345

Address: 7 Saltgrass Ave, Tarneit VIC 3029, Australia

Questions about our Terms?

Our legal and commercial team can clarify any aspect of these Terms or discuss engagement-specific requirements.