Privacy & Terms

Privacy Policy

Shadowserver is committed to protecting the privacy of individuals who visit our Website (“Visitors”); Shadowserver’s members, recruits, contractors, and affiliated organizations (the “Members”); the non-member users of Shadowserver’s IRC channels and discussion groups (“Friends”); and the persons, companies, and organizations who sign up for Shadowserver’s services as defined below (“Customers”) (collectively “Users”). This Privacy Statement describes Shadowserver’s privacy practices in relation to the use of the Shadowserver Website, Shadowserver’s IRC channels, Shadowserver’s mailing list, and the related applications and services offered by Shadowserver (the “Services”).

Unless specifically defined, terms used throughout this statement have the same definitions as those given in the Shadowserver Terms of Service, available here.

Information we collect

  • Like most website operators, Shadowserver collects information of the sort that web browsers and servers typically make available through the use of commonly-used information-gathering tools such as cookies (please see our section on “Cookies” for details). This information includes the visitor’s browser type, language preference, referring site, additional websites requested and the date and time of each Visitor request. We also collect potentially personally-identifying information like Internet Protocol (IP) addresses. Shadowserver’s purpose in collecting non-personally identifying information is to better understand how our Visitors use our website.
  • You may visit our Website without creating an account, but you will not have full access to our Service. Visitors who wish to use the Service must create an account, thus becoming a User. To create an account, Users must either provide Shadowserver with personal contact information, such as a username, password, and email address. Visitors may also provide User Personal Information through entering into a contractual agreement with Shadowserver, such as a license agreement.
  • Either form of account creation may create “User Personal Information,” which is any information about a User which could, alone or together with other personally-identifying information, personally identify him or her. Shadowserver collects User Personal Information only with your consent. User Personal Information may include, without limitation, information you provide us directly, such as your name, email address, and location, or information we collect through your use of our Services, such as your preferences or your search terms. We only gather the information you give us access to, and we only use it as described below.
  • User Personal Information does not include aggregated, non-personally identifying information. You may refuse to supply personally-identifying information, however, that refusal may prevent you from using Shadowserver Services.
  • Shadowserver only collects the minimum amount of personal information necessary or appropriate to fulfill the purpose of your interaction with us.
  • To fulfill its business purposes, Shadowserver also collects certain potentially personally-identifying and personally identifying information about third parties that are not affiliated with Shadowserver (“Third Party Personal Information”). Shadowserver collects such information only insofar as is necessary or appropriate to fulfill its business purposes. Third Party Personal Information does not include:
    • publicly available information that is lawfully made available to the general public from federal, state, or local government records;
    • information not about an individual (e.g., information about a company or organization); or
    • aggregated, non-personally identifying information.
  • Shadowserver does not knowingly collect information from, or direct any of our content specifically to, children under the age of 13. If you are under 13, you may not create an account and you may not send us any personal information without parental consent. If we learn or have reason to suspect that a User of our Service is under the age of 13, we will promptly delete any personal information in that User’s account.

How we use the information we collect

  • Shadowserver uses User Personal Information to perform and provide the Services you request, such as granting access to the Shadowserver IRC channels or generating reports.
  • Shadowserver may also use User Personal Information to communicate with Users. For instance, we may use information you provide to send you news about current Shadowserver research, or to notify you if our policies change.
  • Shadowserver may use aggregated, non-personally identifying information gathered from our web server to operate, improve, and optimize our Website and Services.
  • Shadowserver may use Third Party Personal Information to fulfill its business purposes. Examples of Shadowserver’s use of Third Party Personal Information include, without limitation, performing research and analysis on current malware and botnet threats; documenting security threats; and generating reports and notifications to affected organizations and entities.

Sharing the information we collect

  • We do not disclose User Personal Information outside Shadowserver, except as described below or in our section on “Compelled Disclosure.”
  • Shadowserver may share User Personal Information with your consent, to perform services you have requested.
  • Shadowserver discloses User Personal Information only to those of our employees, contractors, and affiliated organizations that (i) need to know that information in order to process it on our behalf or to provide or improve our Service, and (ii) that have agreed not to disclose it to others. Some of those employees, contractors, and affiliated organizations may be located outside of your home country; by using Shadowserver’s Services, you consent to the transfer of such information to them. Please see “Gathering and protecting the information we collect” for more details.
  • Shadowserver may partner with other companies or organizations for the purpose of research and analysis. Shadowserver does not share User Personal Information with our business partners, but we may share Third Party Personal Information to business partners that (i) need to know that information in order to achieve the purpose, and (ii) have agreed not to disclose it to others.
  • Shadowserver may share User Personal Information if we are involved in a merger, sale, or acquisition. If any such change of ownership happens, we will continue to ensure the confidentiality of User Personal Information, and we will notify you before any transfer of User Personal Information on our Website. The purchaser will have to honor any promises we have made in this Privacy Statement or in our Terms of Service.
  • Shadowserver does not share, sell, rent, or trade User Personal Information with third parties for their promotional purposes.
  • Shadowserver may share Third Party Personal Information to those Members that (i) need to know that information in order to process it for Shadowserver’s business purposes, and (ii) that have agreed not to disclose it to others.
  • Shadowserver may share Third Party Personal Information to Customer organizations seeking reports or data about themselves, in which case Shadowserver will disclose only such information as pertains to the individual Customer organization (or to the organization’s designated agent with the explicit permission of the Customer organization). Shadowserver may also share Third Party Personal Information in the form of aggregated, non-personally identifying reports, or as described in Section 5.
  • Shadowserver does not use advertising on our Website or Service.
  • Shadowserver does not permit third-party tracking across our Website or Service.
  • “Do Not Track” is a privacy preference Users can set if they do not want web services to collect certain kinds of information about their online activity. There is no standard for setting and receiving “Do Not Track” preferences, or other mechanisms that allow Users to opt out of certain kinds of collection of personal information. Therefore, we cannot promise that we comply with all methods of opting out of tracking. We do not monitor or respond to “Do Not Track” preferences. However, Shadowserver does not track its Users on third-party sites, and we do not permit third-party tracking across our Website or Service.

Our use of cookies

  • Shadowserver uses cookies to make interactions with our Website easy and meaningful. A cookie is a small piece of text that our web server stores on your computer or mobile device, which we can then retrieve as needed. Cookies do not necessarily identify you if you are merely visiting the Shadowserver.org Website; however, a cookie may store a unique identifier for each logged in User.
  • Shadowserver uses temporary, or “session-based,” cookies, which are removed when you close your web browser or reboot your computer or device. We use session-based cookies to provide services to you while you navigate our website; record  that you user session is logged in; and increase website security.
  • Shadowserver uses permanent, or “persistent,” cookies, which remain stored on your computer or device until deleted, or until they reach a specified date of expiration. We use persistent cookies to enable our website to remember you each time you visit our website and keep track of your preferences in relation to your use of our website.
  • The cookies Shadowserver sets are essential for the operation of the Website, or are used for performance or functionality. By using our Website, you agree that we can place these types of cookies on your computer.
  • Shadowserver uses Google Analytics to help improve our Users’ experience. Google Analytics uses both session-based and permanent cookies to collect information about how our Website performs and how our Users use the Website and Service. The Google Analytics tool helps us evaluate and monitor Users’ use of our Website, compile statistical reports on activity on the Service, and improve our content. It may collect more information than Shadowserver collects. Google stores the information these cookies generate.
  • Shadowserver will not, nor will we allow any third party to, use the Google Analytics tool to track our Users; collect any User Personal Information other than IP address; or correlate your IP address with the identity of any User. Google provides further information about its own privacy practices and allows the ability to opt out of Google Analytics tracking here.
  • You may disable your browser’s or device’s ability to accept cookies, but if you do, you will not be able to use Shadowserver’s Services.

Gathering and protecting the information we collect

  • Shadowserver takes all measures reasonably necessary to protect User Personal Information and Third Party Information from unauthorized access, alteration, or destruction; maintain data accuracy; and help ensure the appropriate use of User Personal Information and Third Party Information.
  • We follow generally accepted industry standards to protect the personal information submitted to us, both during transmission and once we receive it. No method of transmission, or method of electronic storage, is 100% secure. Therefore, we cannot guarantee its absolute security.
  • Information that we collect may be stored and processed in and transferred between any of the countries in which we operate in order to enable us to use the information in accordance with this privacy policy.

Compelled disclosure

  • Shadowserver discloses potentially personally-identifying and personally-identifying information only in response to a subpoena, court order or other governmental request, or when we believe in good faith that disclosure is reasonably necessary to protect the property or rights of Shadowserver, third parties, or the public at large.

Your access to and control of the information we collect

  • Shadowserver Users may access, update, alter, or delete their basic user profile information by editing their user profile or contacting privacy@shadowserver.org.
  • Shadowserver will retain User Personal Information for as long as your account is active or as needed to provide you with services.
  • If you wish to cancel your account, delete your User Personal Information, or request that we no longer use your information to provide you services, please contact privacy@shadowserver.org. We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements, but barring legal requirements, we will delete your full profile within 30 days.
  • Customers may alter their User Personal Information as described above. However, Customer’s organizations and third parties may not alter or delete data Shadowserver has accumulated about them.
  • Shadowserver does not send marketing emails to our Users; however, Shadowserver does maintain a discussion mailing list. You may manage your receipt of these communications by clicking on the “unsubscribe” link located on the bottom of Shadowserver’s emails.

Changes to this Privacy Statement

  • Although most changes are likely to be minor, Shadowserver may change its Privacy Statement from time to time, and in Shadowserver’s sole discretion. We encourage visitors to frequently check this page for any changes to our Privacy Statement.
  • We will provide notification to Users of material changes to this Privacy Statement through our Website at least 30 days prior to the change taking effect.

Contacting Shadowserver

  • Questions regarding Shadowserver’s Privacy Statement or information practices should be directed to privacy@shadowserver.org.

Terms of Service

Thank you for using our services. The following Terms of Service control all use of the website located at https://www.shadowserver.org/ and all content, services, and products available at or through the website.

Please read this agreement carefully before accessing or using the Shadowserver website, IRC servers, mailing lists, or any of Shadowserver’s other services. Because it is such an important contract between us and you, our users, we have tried to make it as clear and user-friendly as possible. For your convenience, we have presented these terms in a non-binding summary format as well as the full legalese. Please read each section thoroughly.

By accessing or using any part of the website, you agree to the terms and conditions of this agreement. If you do not agree to all the terms and conditions of this agreement, then you may not access the website or use any services. The website is available only to individuals who are at least 18 years old.

  1. Definitions. The following terms are used throughout the agreement, and have specific meanings. You should know what each of the terms means.
    1. The “Service” refers to the applications, Software, programs, and services provided by Shadowserver, including without limitation the IRC servers, mailing list, statistics, graphs, and other Content.
    2. The “Agreement” refers, collectively, to all the terms, conditions, and notices contained or referenced in this document (the “Terms of Service”) and all other operating rules, policies (including, without limitation, Shadowserver’s Privacy Statement, incorporated by reference in this Agreement and available here) and procedures that may be published from time to time on the Website by Shadowserver or distributed to Users of the Service.
    3. The “Website” refers to Shadowserver’s website located at https://www.shadowserver.org/, and all content, services, and products available at or through the Website, including related subdomains on shadowserver.org.
    4. The “Software” refers only to the tools and software programs provided by Shadowserver, together with any updates, and all tools, content, services, and products available at or through the service, along with any third party software packaged with Shadowserver’s programs.
    5. “The User,” “You,” and “Your” refer to the person, company, or organization that has visited or is using the Website and/or Service.
    6. “Shadowserver,” “We,” and “Us” refer to The Shadowserver Foundation, Inc., as well as its affiliates, directors, subsidiaries, contractors, licensors, officers, agents, and employees.
    7. “Content” refers to content featured or displayed through the Website, including without limitation text, documents, information, data, articles, images, photographs, graphics, software, applications, video recordings, audio recordings, sounds, designs, features, and other materials that are available on the Website. “Content” also includes our Services. “Content” also includes user generated content, such as user profile images; Restricted Content; and Content submitted to the Service by Users, including Malware (please see Section 4(b)).
    8. “Restricted Content” refers to confidential, proprietary information, including without limitation Reports and other information which by its nature or content is reasonably distinguishable as confidential or proprietary, disseminated through the Shadowserver Website and Channels.
    9. The “Channels” refer to Shadowserver’s channels of communication, including without limitation our IRC servers and email mailing lists.
    10. “Reports” refer to compilations of data Shadowserver assembles and arranges, including daily machine-generated notifications about points of interest for particular organizations; graphs; charts; and other aggregated data points.
  2. License Agreement. By using the Shadowserver Website and Service, you may receive certain proprietary information. You may use that information subject to the following terms.
    1. Grant and Scope of License. Subject to the terms and conditions of this Agreement, we grant you a personal, nonexclusive, nontransferable, non-sublicenseable, limited and revocable license to use the Restricted Content, solely for the purposes set forth below (“Licensed Uses”).
      1. Non-Profit Research. You may perform research and analysis on a non-profit basis.
      2. Organizational Defense and Research. You may use Restricted Content about your company or organization within your company or organization as necessary for defense or research.
      3. Attribution. For published distribution other than the above Licensed Uses, attribution is required. Licensee may copy and distribute verbatim copies of the Restricted Content, in any medium, provided that Licensee publishes, conspicuously and appropriately, on each copy, (1) Shadowserver’s copyright notice; (2) a link to the Shadowserver Website; and (3) the Shadowserver trademarked logo.
    2. License Restrictions. Except as specifically provided in this Agreement, you will not, nor allow third parties on your behalf to:
      1. distribute or make the Restricted Content available to third parties in violation of the Shadowserver Nondisclosure Agreement;
      2. copy the Shadowserver analysis tools;
      3. attempt to copy, reproduce, bundle, repackage, alter, modify, adapt, translate, reverse engineer, decompile, disassemble or make derivative works based on the Restricted Content, except as specified in Section 2(a) above or otherwise permitted by law; or
      4. rent, loan, sub-license, lease, distribute or attempt to grant other rights to the Restricted Content to third parties.
  3. User Responsibilities. You do not need to create an account to use our website, but you do need an account to use the full service. You, and you alone, are responsible for your account and anything that happens while you are signed in to or using your account. Your security is your responsibility.
    1. User Account Security. You are responsible for maintaining the security of your user account, and you are fully responsible for all activities that occur under the account and any other actions taken in connection with the account. You agree to notify us immediately of any unauthorized use of your password and/or account, or any other breaches of security. We will not be responsible for any liabilities, losses, or damages arising out of the unauthorized use of your computer, mobile device, or other computing device and/or account.
    2. Compliance With Laws. You represent and warrant that: (i) you have the authority to, and are of legal age to, bind yourself to this Agreement; (ii) your use of the Service will be solely for purposes that are permitted by this Agreement; (iii) your use of the Service will not infringe or misappropriate the intellectual property rights of any third party; and (iv) your use of the Service will comply with all local, state and federal laws, rules, and regulations, and with all other Shadowserver policies.
  4. Use and Conduct Restrictions. You are allowed to use the service as long as you follow a few basic rules. The following Use Restrictions and Conduct Restrictions are the basic rules we expect users to follow while using Shadowserver. Please be aware that Shadowserver archives certain forms of malicious code and other computer contaminants, and you assume the risk of submitting such code to our Service. We are not responsible for the content our users post.
    1. Conduct on Shadowserver. You agree that you will not under any circumstances, transmit any content (including text, software, images, or other information) that:
      1. is unlawful or promotes unlawful activities, unless otherwise expressly permitted by this Agreement (please see part (b) of this Section);
      2. contains illegal pornography (specifically pornography involving minors);
      3. is discriminatory, or otherwise defames, harasses, abuses, threatens, or incites violence towards any individual or group;
      4. constitutes any form of lottery or gambling;
      5. relays spam, chain letters, or any other form of unauthorized or unsolicited advertising or solicitation through our servers;
      6. installs any live viruses, worms, malware, Trojan horses, or other content that is designed or intended to disrupt, damage, or limit the functioning of Shadowserver’s software, hardware, or telecommunications equipment (please see part (b) of this Section);
      7. infringes on any proprietary right of any party, including patent, trademark, trade secret, copyright, right of publicity, or other rights;
      8. impersonates any person or entity, including any of our employees or representatives; or
      9. violates the privacy of any third party.
    2. Malware, Viruses, and Computer Contaminants. Shadowserver archives malicious code, viruses, worms, trojans, bots, rootkits, spyware, and other computer contaminants (“Malware”). The following rules govern Malware on our Service.
      1. Permission To Upload. You may submit Malware to the Service in binary form using approved submission methods. Malware submitted to the Service may include content that otherwise violates part (a) of this Section, in that its content may:
        1. be defamatory or otherwise discriminatory;
        2. be spam or other forms of unsolicited advertising;
        3. attempt to impersonate a person or entity; or
        4. attempt to violate the privacy of a third party.
    3. You may not submit Malware that contains pornographic images of minors.
      1. No Permission To Install. You do not have permission to install, execute, or otherwise introduce live, active Malware into Shadowserver’s computer systems or network.
      2. Assumption Of Risk. Shadowserver has no responsibility or liability of any kind for Malware found on your own computer system or network. You are solely responsible for any liability, loss, or damage that occurs as a result of any Malware you submit through the Service.
    4. Users Must Be Over Age 18. You represent that you are over the age of 18. Shadowserver does not target our Content to children under 18, and we do not permit any Users under 18 on our Service. If we learn of any User under the age of 18, we will terminate that User’s account immediately.
    5. No Liability For User Interactions; Shadowserver May Monitor Interactions. Any liability, loss or damage that occurs as a result of any User interactions that you input or receive through your use of the Service is solely your responsibility. At our discretion, we, or technology we employ, may monitor and/or record your interactions with the Service.
  5. User-Generated Content. You own your content, but you allow us certain rights to it, so that we can display and share the content you post. We have the right to remove content or close accounts if we need to.
    1. Responsibility for User-Generated Content. You may create content, written or otherwise, while using the Service (“User-Generated Content”). You are solely responsible for the content of, and any harm resulting from, any User-Generated Content that you post, upload, link to or otherwise make available via the Service, regardless of the form of that content. We are not responsible for any public display or misuse of your User-Generated Content.
    2. Right to Post. You represent and warrant that you have the right to post all User-Generated Content you submit. Specifically, you warrant that you have fully complied with any third party licenses relating to User-Generated Content, and have taken all steps necessary to pass through to end users any required terms. If you submit Malware that contains third party intellectual property, you represent that you have the right to submit that Malware, either by license or by law.
    3. Shadowserver May Remove Content. We have the right (though not the obligation) to, in our sole discretion, determine whether or not any User-Generated Content is appropriate and complies with these Terms of Service; refuse or remove any User-Generated Content that, in our reasonable opinion, violates any Shadowserver policy or is in any way harmful, inappropriate, or objectionable; or terminate or deny access to and use of the Service to any User for any reason, with or without prior notice.
    4. Ownership of User-Generated Content. Except for Content that originates from Shadowserver, we do not claim ownership of any Content that is transmitted, stored, or processed in your account. You retain all ownership of, control of, and responsibility for User-Generated Content you post. You may control access to your User-Generated Content through settings in your user account.
    5. License Grant. Solely to allow Shadowserver to use Content you upload to the Service reasonably without violating any rights you have in it, you grant us the following rights: by posting any Content other than Malware via the Website, the Channels, or the Service, you expressly grant Shadowserver and our successors a worldwide, transferable, fully-paid, and non-exclusive license to use, reproduce, display, modify, adapt, distribute, and perform the Content in connection with Shadowserver’s business purpose. This license will terminate when the Content is removed from the Website, the Channels, or the Service.
    6. Malware License Grant. By submitting Malware via the Service, you expressly grant Shadowserver and our successors an irrevocable, perpetual, worldwide, transferable, sublicenseable, fully-paid, and non-exclusive license to use, reproduce, display, modify, adapt, distribute, and perform the Content for any purpose.
    7. Moral Rights. You retain all moral rights to Content you upload, publish, or submit to any part of the Service, including the rights of integrity and attribution. However, you waive these rights and agree not to assert them against us, to enable us to reasonably exercise the rights granted in Section 5(e), but not otherwise. You understand that you will not receive any payment for any of the rights granted in this Section. To the extent such an agreement is not enforceable by applicable law, you grant to Shadowserver a non-exclusive, revocable, world-wide, sublicenseable royalty-free right to (i) use the Content without attribution; and (ii) make reasonable adaptations of the Content as provided in this Section.
  6. Copyright Infringement and DMCA Policy. If you believe that content on our website violates your copyright, please contact us in accordance with our Digital Millennium Copyright Act Policy.
    1. Termination of Repeat Infringer Accounts. We respect the intellectual property rights of others and expect that our Users do the same. Pursuant to 17 U.S.C. 512(i) of the United States Copyright Act, we will terminate a User’s access to and use of the Website if, under appropriate circumstances, the User is determined to be a repeat infringer of our intellectual property rights or the intellectual property rights of others. We may terminate access for Users who are found repeatedly to provide or post protected third party content without necessary rights and permissions.
    2. Notification of Infringing Content. If you believe that material located on or linked to by Shadowserver violates your copyright, you are encouraged to notify Shadowserver’s Designated Copyright Agent at privacy@shadowserver.org, in accordance with Shadowserver’s Digital Millennium Copyright Act Policy (“DMCA Policy”).
  7. Intellectual Property Notice. We own the service and all of our content in it. In order for you to use it, we give you certain rights to our content, but you may only use our content in the way we have allowed.
    1. Shadowserver and our licensors, vendors, agents, and/or our content providers retain ownership of all intellectual property rights of any kind related to the Website, the Content, and Service. Other trademarks, service marks, graphics and logos used in connection with the Website and the Service may be the trademarks of other third parties. This Agreement does not transfer from us to you any Shadowserver or third party intellectual property, and all right, title, and interest in and to such property will remain (as between the parties) solely with us. We reserve all rights that are not expressly granted to you under this Agreement.Specifically, Shadowserver, shadowserver.org, and all other trademarks that appear, are displayed, or are used on the Website, the Content, or as part of the Service are registered or common law trademarks or service marks of The Shadowserver Foundation, Inc. These Marks may not be copied, downloaded, reproduced, used, modified, or distributed in any way without prior written permission from us, except as an integral part of any authorized copy of the Content.
  8. Email Communications. We use email and electronic means to stay in touch with our users.
    1. Electronic Communication Required. For contractual purposes, you (i) consent to receive communications from Shadowserver in an electronic form via the email address you have submitted or via the Service; and (ii) agree that all Terms of Service, agreements, notices, disclosures, and other communications that we provide to you electronically satisfy any legal requirement that such communications would satisfy if it were in writing. This section does not affect your non-waivable rights.
    2. Legal Notice To Shadowserver Must Be In Writing. Communications made through email or the Service’s e-mail and messaging system will not constitute legal notice to Shadowserver or any of its officers, employees, agents or representatives in any situation where notice to Shadowserver is required by contract or any law or regulation.
  9. Termination. You may cancel this agreement and close your account at any time.
    1. If you wish to terminate this Agreement or your account with the Service, you may simply discontinue using the Website, Channels, or Content. If you wish to delete your User Personal Information (as defined in the Shadowserver Privacy Statement), please contact us to make arrangements for the deletion of your accounts. We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements, but barring legal requirements, we will delete your full profile within 30 days.
    2. We may terminate your access to all or any part of the Website, Channels, or Content at any time, with or without cause, with or without notice, effective immediately.
    3. All provisions of this Agreement which by their nature should survive termination will survive termination, including, without limitation, ownership provisions, warranty disclaimers, indemnity and limitations of liability.
  10. Disclaimer of Warranties. We provide our service as is, and we make no promises or guarantees about this service. Please read this section carefully; you should understand what to expect.
    1. Shadowserver provides the Website, the Channels, and the Service “as is,” without warranty of any kind. Without limiting the foregoing, Shadowserver expressly disclaims all warranties, whether express, implied or statutory, regarding the Website, the Channels, and the Service including without limitation any warranty of merchantability, fitness for a particular purpose, title, security, accuracy and non-infringement.
    2. Without limiting the foregoing, neither Shadowserver nor its suppliers and licensors make any warranty or representation that the information we provide or that is provided through the Service is accurate, reliable or correct; that the Service will meet your requirements; that the Service will be available at any particular time or location; that the Service will function in an uninterrupted manner or be secure; that any defects or errors will be corrected; or that the Service is free of viruses or other harmful components. You assume full responsibility and risk of loss resulting from your downloading and/or use of files, information, content or other material obtained from the Service. Some jurisdictions limit or do not permit disclaimers of warranty, so this provision may not apply to you.
  11. Limitation of Liability. We will not be liable for damages or losses arising from your use of the service or arising under this agreement. Please read this section carefully; it limits our obligations to you.
    1. To the extent permitted by applicable law, in no event will Shadowserver be liable to you for any loss of profits, use, or data, or for any incidental, indirect, special, consequential or exemplary damages, however arising, that result from (i) the use, disclosure, or display of your User-Generated Content; (ii) your use or inability to use the Service; (iii) the Service generally or the software or systems that make the Service available; or (iv) any other interactions with Shadowserver or any other user of the Service, whether based on warranty, contract, tort (including negligence) or any other legal theory, and whether or not we have been informed of the possibility of such damage, and even if a remedy set forth in this agreement is found to have failed of its essential purpose. We will have no liability for any failure or delay due to matters beyond our reasonable control. Some jurisdictions limit or do not permit disclaimers of liability, so this provision may not apply to you.
  12. Release and Indemnification. You are responsible for your use of the service. If you harm someone else or get into a dispute with someone else, we will not be involved.
    1. You agree to indemnify and hold harmless Shadowserver from and against any and all claims and expenses, including attorneys’ fees, arising out of your use of the Website, the Channels, and the Service, including but not limited to your violation of this Agreement.
    2. If you have a dispute with one or more Users, you release Shadowserver from claims, demands and damages (actual and consequential) of every kind and nature, known and unknown, arising out of or in any way connected with such disputes.
  13. Modification of Terms of Service. Shadowserver may modify this agreement, but we will notify users of changes that affect your rights.
    1. Shadowserver reserves the right, at our sole discretion, to amend these Terms of Service at any time and will update these Terms of Service in the event of any such amendments. We will notify our Users of material changes to this Agreement at least 30 business days prior to the change taking effect by posting a notice on our home page, updating our blog and/or Twitter feed, or sending an email to the email address you provided to us. For non-material modifications, your continued use of the Website constitutes agreement to Shadowserver’s revisions to these Terms of Service.
  14. Arbitration Agreement. In the unlikely event that a dispute arises between you and us, you agree to resolve most claims through arbitration. The following section explains our arbitration policy. Please read it very carefully, as it affects your rights.
    1. Arbitration. Should a dispute arise between you and Shadowserver, we would like to provide you with a neutral and cost-effective means of resolving the dispute quickly. Therefore, for any claim (except for claims for injunctive or equitable relief or claims regarding intellectual property rights) under this Agreement where the total amount of the award sought is less than $10,000, either party may elect to resolve any dispute arising under this Agreement through binding non-appearance-based arbitration.
    2. Procedure.
      1. In the event of a dispute, the party seeking relief must first notify the opposing party in writing of the dispute and the intention to seek relief. Within thirty days of receiving a notice, the opposing party must send a written response, and the two parties must enter into negotiations. If the two parties are not able to resolve the dispute within thirty days after the opposing party has sent its response, either party may elect to enter into binding arbitration.
      2. The party electing arbitration must initiate it through an established alternative dispute resolution (“ADR”) provider mutually agreed upon by the parties. The ADR provider and the parties must comply with the following rules: (1) the arbitration will be conducted, at the option of the party seeking relief, by telephone, online, or based solely on written submissions; (2) the arbitration will not involve any personal appearance by the parties or witnesses unless otherwise mutually agreed by the parties; and (3) any judgment on the award rendered by the arbitrator may be entered in any court of competent jurisdiction.
      3. Regardless of which party initiates arbitration, we will pay all filing, administration, and arbitrator fees, unless your claim exceeds $10,000. However, if the arbitrator not only rules against you but also finds that either the substance of your claim or the relief you requested is frivolous or brought for an improper purpose (as measured by the standards of Federal Rule of Civil Procedures 11(b)), then the AAA rules will govern payment of fees, and you may be responsible for them. You agree to reimburse us for all payments that are your obligation to pay.
    3. No Right to Jury Trial. You acknowledge that you are waiving your right to a jury trial. Section 14 of this agreement is governed by the Federal Arbitration Act.
  15. Miscellaneous. This agreement is controlled by California law. You, and you alone, are responsible for any obligations you agree to under this contract. If we are involved in a merger or we are bought, we may transfer this agreement, as long as your rights are protected. You may only agree to these terms if you are able to form a binding contract in your state. These terms, including our Privacy Policy, are the complete agreement between us, and no other terms apply.
    1. Governing Law. Except to the extent applicable law provides otherwise, this Agreement between you and Shadowserver and any access to or use of the Website or the Service are governed by the federal laws of the United States of America and the laws of the State of California, without regard to conflict of law provisions. You and Shadowserver agree to submit to the exclusive jurisdiction and venue of the courts located in the City and County of San Francisco, California, except as provided below in this Agreement.
    2. Limitation of Term of Action. You agree that any cause of action related to or arising out of your relationship with Shadowserver must commence within ONE year after the cause of action accrues. Otherwise, such cause of action is permanently barred.
    3. Non-Assignability. Shadowserver may assign or delegate these Terms of Service and/or the Shadowserver Privacy Statement, in whole or in part, to any person or entity at any time with or without your consent. You may not assign or delegate any rights or obligations under the Terms of Service or Privacy Statement without our prior written consent, and any unauthorized assignment and delegation by you is void.
    4. Section Headings and Summaries Non-Binding. Throughout this Agreement, each section includes titles and brief summaries of the following terms and conditions. These section titles and brief summaries are not legally binding.
    5. Severability. If any part of this Agreement is held invalid or unenforceable, that portion of the Agreement will be construed to reflect the parties’ original intent. The remaining portions will remain in full force and effect. Any failure on the part of Shadowserver to enforce any provision of this Agreement will not be considered a waiver of our right to enforce such provision. Our rights under this Agreement will survive any termination of this Agreement.
    6. Complete Agreement. These terms of service, together with the Shadowserver Privacy Statement here, represent the complete and exclusive statement of the agreement between you and Shadowserver. This Agreement supersedes any proposal or prior agreement oral or written, and any other communications between you and Shadowserver relating to the subject matter of these terms. This Agreement may only be modified by a written amendment signed by an authorized executive of Shadowserver, or by the posting by Shadowserver of a revised version.
    7. Authorization to Contract. You represent and warrant that if you are an individual, you are of legal age to form a binding contract, or that if you are registering on behalf of an entity, that you are authorized to enter into, and bind the entity to, these Terms of Service and register for the Service.

You acknowledge that you have read these Terms of Service, understand the Terms of Service, and will be bound by these terms and conditions.