Terms of Service

These Terms of Service govern access to and use of the NetKrypton services, including the NetKrypton Cloud API, the NetKrypton Self-Hosted database edition, and the NetKrypton Report submission service (collectively, "the Service").

The Service is operated by Igor Oprządek, Bągart 14A, Poland, e-mail: contact@weborbiton.com ("Service Provider", "we", "us").

By accessing or using the Service, the User agrees to these Terms in full. Users who do not agree must not use the Service.

The User confirms they have full legal capacity. Persons under the age of 18 may not create an account or subscribe to a paid plan.

NetKrypton provides a continuously verified database of dangerous and suspicious domains for integration into applications, security tools, and infrastructure. The following tiers are available:

• Self-Hosted (Free): A downloadable snapshot of the threat database for deployment on the User's own infrastructure. No API access. Database updates are manual or scripted. Licensed for commercial and non-commercial use without attribution.
• Developer ($2/month): Cloud API access with 5,000 requests/month and daily database updates.
• Pro ($5/month): Cloud API access with 50,000 requests/month and 12-hour database updates.
• Business ($15/month): Cloud API access with 500,000 requests/month and real-time database updates.

All paid plans are billed on a monthly recurring basis through Polar.sh. Plan features, pricing, and quotas are as published on netkrypton.com at the time of subscription and may be updated with notice to subscribers.

Access to the paid Cloud API requires creating an account with a valid e-mail address, accepting these Terms, and maintaining an active paid subscription.

• Each account is personal and non-transferable.
• The User is solely responsible for maintaining the confidentiality of their API key and account credentials.
• Any activity conducted using the User's API key is the User's responsibility, regardless of whether it was authorised by the User.
• Sharing, reselling, or sublicensing API access is prohibited.

The User must notify us immediately at contact@weborbiton.com in the event of suspected unauthorised use of their account or API key.

The Service Provider reserves the right to impose limits on simultaneously active API keys or the number of accounts per entity where abuse is detected.

API requests are counted per calendar month and reset on the billing anniversary date. Unused requests do not roll over.

The following are considered fair use of the API:

• Querying domains on behalf of end users of the integrating application (e.g. browser extensions, security tools, firewalls, SIEM integrations)
• Automated lookup pipelines within the monthly request quota
• Internal tooling and research within a single organisation

The following are not permitted:

• Bulk downloading or mirroring the entire NetKrypton database via API (use the Self-Hosted edition instead)
• Reselling API responses as a standalone service
• Circumventing rate limits or quotas through technical means
• Using the API to generate responses that misrepresent NetKrypton data

Exceeding the monthly request quota will result in API responses returning a quota-exceeded error until the next billing cycle. Persistent quota abuse may result in account suspension.

The Self-Hosted edition is provided free of charge for commercial and non-commercial use without attribution requirement.

• The database is provided "as is." The Service Provider makes no guarantees regarding completeness, accuracy, or update frequency beyond what is stated on the product page.
• Users may freely integrate the Self-Hosted database into their own applications, security products, or infrastructure.
• Redistribution of the database in its raw form as a competing product or standalone dataset is not permitted without written consent from the Service Provider.
• The Self-Hosted edition does not include API access, support SLAs, or guaranteed update schedules.

The Report service at report.netkrypton.com allows any person to submit a domain for threat review. Use of this service is subject to the following conditions:

• Reports must relate to genuine suspected threats. Submitting false, malicious, or defamatory reports is prohibited and may be reported to relevant authorities.
• The submitter must have reasonable grounds to believe the reported domain poses a threat; speculative or commercial-competitor reporting is not permitted.
• Submission of a report does not guarantee inclusion in the database. All reports are subject to independent verification by the NetKrypton team.
• The Service Provider reserves the right to reject, archive, or dismiss any report at its discretion without providing a reason.

By submitting a report, the User consents to the storage and processing of the submitted data as described in the Privacy Policy, Section 4.

All payments for paid plans are processed by Polar.sh. The Service Provider does not store full credit card details.

• Payment circumvention: Attempts to obtain paid-tier access without completing payment — including credential sharing, API key theft, or technical bypass — will result in immediate account termination.
• Unjustified chargebacks: Fraudulent or unjustified chargeback requests may result in permanent account suspension and recovery of the amount in question through available legal means.
• Risk verification: Transactions flagged as high risk by the payment processor may be rejected without prior notice.

Pursuant to EU consumer law (including Article 38(13) of the Polish Act on Consumer Rights implementing Directive 2011/83/EU), the statutory 14-day right of withdrawal does not apply once delivery of digital content has commenced with the User's explicit consent and acknowledgement that the right of withdrawal is thereby lost.

By completing a subscription purchase, the User agrees to immediate activation of API access and explicitly acknowledges the loss of the withdrawal right.

For refund requests, complaints, and billing inquiries, please refer to the Billing & Refund Policy or contact contact@weborbiton.com.

The following uses of any NetKrypton service are strictly prohibited:

• Automated scraping, crawling, or bulk extraction of database contents via the API
• Penetration testing, vulnerability scanning, or deliberate attacks against NetKrypton infrastructure
• Using the Service to harass, defame, or unfairly target specific domains or their operators
• Impersonating NetKrypton or the WebOrbiton Team in any context
• Using the Service in any manner that violates applicable law
• Attempting to reverse-engineer proprietary components of the NetKrypton threat classification system

Detection of prohibited use may result in immediate account suspension or termination without refund, at the Service Provider's sole discretion.

The NetKrypton name, logo, trade dress, and brand assets are the property of Igor Oprządek / WebOrbiton Team. Use of these assets without written permission is not permitted.

The threat database compiled by NetKrypton — including the classification methodology, domain entries, and associated metadata — constitutes proprietary intellectual property of the Service Provider. Use is permitted solely within the scope of the applicable plan (Self-Hosted or Cloud API) as described in these Terms.

Integration of NetKrypton data into the User's own products does not transfer ownership of the underlying data to the User.

The NetKrypton database is provided on a best-effort basis. The Service Provider does not warrant that:

• The database is complete or contains all existing threat domains at any given time
• The Service will be available without interruption during maintenance or unforeseen outages
• Any specific domain classification is free from error

The Service Provider is not liable for any damage arising from reliance on NetKrypton data, including but not limited to false positives (legitimate domains incorrectly classified as threats) or false negatives (threat domains not yet in the database).

To the maximum extent permitted by applicable law, the Service Provider's total liability to any User shall not exceed the amount paid by that User in the three months preceding the event giving rise to the claim.

User Assumption of Risk — Flagged Domains

NetKrypton provides domain threat intelligence for informational purposes only. The Service does not block, restrict, or prevent access to any domain. Any decision to visit, interact with, or otherwise access a domain listed in the NetKrypton database is made solely and exclusively by the User.

By using the Service, the User expressly acknowledges and agrees that:

• NetKrypton data constitutes a threat indicator, not a directive or guarantee of harm. Classification of a domain as dangerous or suspicious reflects the Service Provider's best-effort assessment at the time of classification and may be incomplete, outdated, or inaccurate.
• The act of visiting, querying, transacting with, or otherwise engaging with any domain identified in the NetKrypton database — whether flagged as dangerous, suspicious, or otherwise — is undertaken entirely at the User's own risk.
• The Service Provider bears no liability whatsoever for any harm, loss, damage, legal exposure, or consequence — whether direct, indirect, incidental, or consequential — arising from a User's decision to access a domain that appears in the NetKrypton database.
• NetKrypton's role is limited to providing data. The User is solely responsible for all decisions made on the basis of that data, including decisions to access flagged domains.

This assumption of risk applies regardless of whether the User accessed the flagged domain intentionally, negligently, or as part of a test or investigation. Any claim arising from the User's voluntary access to a flagged domain shall be the User's sole responsibility, and the Service Provider shall have no obligation to indemnify, defend, or contribute to any costs, damages, or legal proceedings in connection therewith.

The Service Provider reserves the right to suspend or terminate any account, with or without notice, in the event of:

• Breach of these Terms
• Non-payment or payment fraud
• Detected abuse of the API or Self-Hosted distribution
• Any activity that poses a risk to the integrity or availability of the Service

Upon termination, API keys are deactivated immediately. Access to previously downloaded Self-Hosted database files is not revoked, but future updates will no longer be provided.

Users wishing to close their account voluntarily may do so by cancelling their subscription via Polar.sh and contacting contact@weborbiton.com for account data deletion.

The Service Provider may update these Terms for legal, operational, or security reasons. Subscribers will be notified of significant changes via e-mail at least 14 days before the changes take effect. Continued use of the Service following the effective date of changes constitutes acceptance of the revised Terms.

The current version of the Terms is always available at netkrypton.com/terms.

These Terms are governed by Polish law. Any disputes arising from these Terms shall be subject to the jurisdiction of the competent Polish courts, without prejudice to mandatory consumer protection rights under applicable EU law.

If any provision of these Terms is found to be invalid or unenforceable, the remaining provisions shall remain in full force and effect.

These Terms constitute the entire agreement between the User and the Service Provider with respect to the NetKrypton services and supersede all prior representations, agreements, or understandings.