CloudSphere
Terms & Conditions

Terms of Service

This document governs the legal relationship between PT CloudSphere Digital Indonesia and all users of our services. By using CloudSphere services, you confirm that you have read, understood, and agreed to the following terms.

Last updated: 28 June 2026  ·  Applies to all services of PT CloudSphere Digital Indonesia

These Terms of Service constitute a legally binding agreement between you (as a Customer or User) and PT CloudSphere Digital Indonesia. If you do not agree to these terms, please discontinue use of our services.

1. Definitions

In this document, the following terms have the meanings set out below:

"CloudSphere"

PT CloudSphere Digital Indonesia, the company that provides GRC and VAPT services.

"Services"

All SaaS platforms, GRC consulting services, security testing (VAPT), and digital products provided by CloudSphere.

"Customer"

A company, organization, or individual that has agreed to a Service Agreement with CloudSphere.

"User"

An individual who accesses or uses the Services on behalf of a Customer based on granted authorization.

"Service Agreement"

A written contract or Statement of Work (SoW) signed between CloudSphere and the Customer for a specific engagement.

"Customer Data"

All information, documents, and data uploaded or processed through the CloudSphere platform by the Customer.

2. Use of Services

By using our Services, you represent and warrant that:

  • You are at least 18 years old or have the legal capacity to enter into commercial agreements in Indonesia.
  • You use the Services solely for lawful, ethical purposes consistent with the laws of the Republic of Indonesia.
  • All information you provide to CloudSphere is accurate, complete, current, and not misleading.
  • You are fully responsible for the security of your account credentials and must promptly report any unauthorized access to us.
  • You will not allow unauthorized parties to access the account or Services using your identity.
  • Use of the Services by any User you authorize is the full responsibility of the Customer.

3. Prohibited Use

You are expressly prohibited from using the Services for the following activities:

Illegal activities or those that violate applicable laws and regulations in Indonesia

Distributing malware, viruses, ransomware, or malicious code in any form

Conducting penetration testing on third-party systems without valid written authorization

Copying, modifying, distributing, or selling CloudSphere products without written permission

Accessing other Customers' accounts, systems, or data without explicit authorization

Reverse engineering or decompiling CloudSphere software

Taking actions that could disrupt the integrity or availability of the Services

Impersonating or representing another entity without valid authorization

Violations of these prohibitions may result in immediate service termination and legal action under applicable regulations.

4. Consulting Services & VAPT

For GRC consulting services and security testing (Vulnerability Assessment & Penetration Testing), additional terms set forth in the Service Agreement apply:

  • ScopeTesting is conducted only against systems, applications, and infrastructure explicitly listed in the Service Agreement. Testing outside the agreed scope is not permitted.
  • Mandatory AuthorizationThe Customer must possess and provide valid written authorization for all systems to be tested before testing begins. CloudSphere is not responsible for testing performed based on invalid authorization.
  • DeliverablesSchedules, formats, and quality standards for reports follow the applicable Service Agreement.
  • Confidentiality of FindingsAll vulnerability findings and reports are confidential and may not be disclosed to third parties without written consent from CloudSphere.
  • VAPT Liability LimitationCloudSphere is not liable for system disruptions resulting from testing conducted within the agreed scope and performed according to standard procedures.

5. Payment & Billing

  • Prices and payment schedules are set out in writing in the Service Agreement or proposal approved by both parties.
  • Payment is due on the date specified in the invoice. Delays of more than 30 calendar days may result in temporary suspension of Service access.
  • All listed prices are exclusive of Value Added Tax (VAT) per applicable Indonesian tax regulations.
  • A late fee of 2% per month may be charged on outstanding invoices past the due date.
  • Refund policies are specified in each Service Agreement. For billing inquiries, contact billing@cloudsphere.id.

6. Service Level Agreement (SLA)

CloudSphere is committed to maintaining the availability and quality of SaaS platform services in accordance with the Service Level Agreement established for each product:

VendorSphere, RiskSphere, AssetSphere, PeopleSphere

Uptime: 99.5% per monthCritical Response: 4 business hoursNormal Response: 1 business dayBackup: Daily (retention ≥ 30 days)RTO: 8 hrsRPO: 24 hrs

GuardSphere

Uptime: 99.9% per monthCritical Response: 2 business hoursNormal Response: 8 business hoursBackup: Daily (retention ≥ 36 months)RTO: 4 hrsRPO: 8 hrs

SLA Compensation: If CloudSphere fails to meet the uptime commitment in a calendar month, the Customer is entitled to submit a service credit claim. Claim procedures and credit amounts are governed by each Service Agreement.

SLA does not apply to disruptions caused by: force majeure, Customer actions, scheduled maintenance that was notified in advance, or third-party infrastructure failures beyond CloudSphere's reasonable control.

7. Intellectual Property

All intellectual property rights in the platform, software, documentation, methodologies, trademarks, and CloudSphere products remain the exclusive property of PT CloudSphere Digital Indonesia or its licensors. Use of the Services does not grant you any ownership rights over our intellectual property in any form.

Rights to Deliverables: Reports, recommendations, and deliverables produced specifically for the Customer under a Service Agreement become the Customer's property upon settlement of all payment obligations, unless otherwise agreed in writing.

Rights to Methodology: Methodologies, frameworks, templates, and tools developed by CloudSphere remain the property of CloudSphere even if used in Customer engagements.

Rights to Customer Data: The Customer retains full ownership of all Customer Data. CloudSphere uses such data only to the extent necessary to provide the Services.

8. Confidentiality

Both parties agree to maintain the confidentiality of all sensitive information obtained or communicated during the performance of the Services, including but not limited to:

  • Security vulnerability findings and testing reports
  • Business strategies, financial data, and customer information of each party
  • CloudSphere's internal methodologies, tools, and processes
  • Technical information and system architecture of the Customer

This confidentiality obligation remains in effect for 3 (three) years after the termination of the Service Agreement, unless otherwise agreed in writing. The obligation does not apply to information that has entered the public domain through no breach of this agreement, or that must be disclosed pursuant to law or court order.

9. Limitation of Liability

To the extent permitted by applicable law, CloudSphere is not liable for:

  • Indirect, incidental, or consequential losses arising from use of or inability to use the Services
  • Loss of data, profits, or business opportunities of an indirect nature
  • Business operational disruptions due to factors beyond CloudSphere's reasonable control
  • Losses resulting from unauthorized use of Customer credentials by third parties
  • Failures of third-party systems integrated with our platform

Liability Cap

CloudSphere's total liability to the Customer for any single incident, under any circumstances, shall not exceed the total fees paid by the Customer to CloudSphere in the last 3 (three) months preceding the incident.

10. Termination

CloudSphere reserves the right to terminate or suspend your access to the Services, with or without prior notice depending on the severity of the breach, if:

  • You violate any provision of these Terms of Service or the Service Agreement
  • There are outstanding payment arrears that have not been settled past the due date
  • There is suspicious, illegal, or potentially harmful activity that threatens platform security
  • The Service Agreement expires or is terminated by either party

The Customer may terminate the Service Agreement in accordance with the notice period specified therein. Obligations that arose before the termination date remain in effect.

11. Force Majeure

CloudSphere will not be deemed in breach of its obligations under these terms if a delay or failure to perform is caused by events beyond its reasonable control, including but not limited to: natural disasters, pandemics, civil unrest, government action, national internet infrastructure outages, or other force majeure events recognized under Indonesian law.

CloudSphere will notify the Customer as soon as practicable if a force majeure event affects the performance of the Services, along with an estimated impact assessment and recovery plan.

12. Governing Law & Jurisdiction

These Terms of Service, together with all Service Agreements that reference them, are governed by and construed in accordance with the laws of the Republic of Indonesia.

Any dispute arising out of or in connection with this document will be resolved through:

  1. Amicable ResolutionThe parties must endeavor to resolve the dispute amicably within 30 calendar days from the date the first written notice is sent.
  2. MediationIf amicable resolution fails, the parties may pursue mediation with a mutually agreed mediator.
  3. Arbitration / LitigationIf mediation is also unsuccessful, the dispute will be resolved through the Indonesian National Arbitration Board (BANI) or the competent District Court in the Jakarta area.

13. Changes to Terms

CloudSphere reserves the right to modify these Terms of Service at any time to reflect changes in Services, regulations, or operational needs. For material changes:

  • Notice will be sent by email at least 30 days before the change takes effect
  • The “Last updated” date at the top of this document will be updated
  • For active Customers, changes take effect on the date specified in the notice

Continued use of the Services after a change takes effect constitutes acceptance of the revised terms. If you object to a change, you may terminate the Service Agreement in accordance with the applicable procedure.

14. Contact Us

For legal or administrative questions regarding these Terms of Service:

PT CloudSphere Digital Indonesia

Jl. Haji Salim, Gang Haji Musa 1 RT 006/RW 010

Cimanggis, Tugu, Kota Depok 16451

Legal Email: legal@cloudsphere.id

General Email: hello@cloudsphere.id

See also: Privacy Policy and Security Policy.