IBERSCAN / LEGAL
Conditions governing requests for and use of the IBERSCAN service
These terms govern access to IBERSCAN, the submission of automated analysis requests and the use of reports generated from website, DNS, email, TLS and other technically visible signals of the reviewed asset. They complement the Legal Notice, Privacy Policy and Cookie Policy of this website.
Depending on the submitted asset and publicly visible information, IBERSCAN may review:
Important: The exact scope may vary depending on the target type, its state during execution and the public information available at that time.
IBERSCAN is an automated service intended to review technically visible elements on the public Internet, including where applicable domains, IP addresses, URLs, email related records, DNS settings, TLS, HTTP headers, exposed services and related assets submitted by the user.
The actual scope of each review depends on the target type, the publicly available information visible at execution time and the checks enabled by the platform for that specific asset. Ibersya may execute, limit or reject requests for technical, operational, security or authorization related reasons.
The user states that they have sufficient legal capacity to contract or to act on behalf of the organization requesting the service.
The user also states, under their sole responsibility, that they own the audited asset or hold express and verifiable authorization to request the analysis.
IBERSCAN may not be used to request audits of third party systems, domains or infrastructures without legitimate authorization.
Reports and findings may not be used for unauthorized access, attacks, abusive testing, unlawful resale or any activity contrary to law, good faith or third party rights.
The service is automated and informational. It does not replace a full manual audit, a contracted penetration test, a formal certification or legal advice.
Results depend on the state of the asset at the time of execution, on publicly visible information and on the capabilities of the analysis engine, so false positives, false negatives or later changes may occur.
The report is sent to the email address provided by the requester and must be treated as confidential or sensitive information. The user is responsible for storing it securely and limiting circulation to authorized persons.
Unless otherwise agreed in writing, Ibersya retains all intellectual property rights over the platform, templates, methods, trademarks and service elements. The user retains ownership of their assets and internal use rights over the delivered report.
Ibersya may update engines, rules, templates, languages, integrations and scoring criteria to improve quality, security or regulatory compliance.
To the maximum extent permitted by applicable law, Ibersya shall not be liable for indirect damage, loss of profit, loss of opportunity, decisions made solely on the basis of the report or incidents arising from unauthorized or improper use of the service.
Core service information is made available permanently, clearly and free of charge, in line with article 10 and, where applicable, article 27 of Spanish Law 34/2002, as well as article 60 of the Spanish Consumer Protection Act.
Requests are stored electronically in the provider systems. For legal interpretation purposes, the prevailing version of these terms is the Spanish version, without prejudice to the interface translations shown to the user.
Personal data processing is governed by the Privacy Policy and storage technologies by the Cookie Policy. The Legal Notice contains additional ownership and corporate information.
These terms are governed by Spanish law. Unless mandatory law provides otherwise, disputes shall be submitted to the courts of Valladolid, Spain.