TERMS AND AGREEMENT

Welcome to Zen.io. These Terms of Service (“Terms”) govern your access and use of Zen.io's websites, applications, and services (“Services”). By accessing or using any part of the Services, you agree to be bound by these Terms, including Zen.io’s Privacy Policy and any applicable data processing agreements.

Definition of Terms

“Zen.io,” “we,” “us,” or “our” – Refers to Zen Tech Solutions LLC, doing business as (“DBA”) Zen.io, the provider of cybersecurity services, data backup, and disaster recovery solutions, including its employees, affiliates, and authorized contractors


“You”, “Customer,” or “Client” – Refers to the end user or entity utilizing Zen.io’s Services under an authorized subscription, including its authorized users and representatives.


“Services” – Refers to the suite of managed and on-demand cybersecurity, data backup, protection, business continuity, and disaster recovery solutions provided by Zenio as described in your service plan, order form, or subscription agreement.


“Customer Content” – Any data, files, system configurations, messages, credentials, or materials uploaded, backed up, submitted, or otherwise transferred by the Customer to Zenio in connection with the Services.


“Subprocessor” – A third-party service provider engaged by Zen.io to perform part of the Services on its behalf, which may access, process, store, or transmit Customer Content under contractual safeguards.


“Personal Data” – Any information that identifies an individual, often required if you process Personally Identifiable Information (PII) under General Data Protection Regulation (GDPR) or California Consumer Privacy Act (CCPA).


“Incident” or “Security Incident” – For detailed service-level disclosures.


“Service Level Agreement (SLA)” – If you introduce uptime or response guarantees in the future.



“Account” – The unique access credentials and related data (including user profile, permissions, and settings) created by or for the Customer to access and manage Zen.io Services.


“Support” – Technical assistance services offered by Zen.io, which may include remote troubleshooting, account management, escalations, or responses to outages, as detailed in your service tier or SLA (if applicable).


“DRaaS” (Disaster Recovery as a Service) – A form of business continuity service where Zen.io provides infrastructure, processes, and resources to enable the recovery of Customer data and systems during a disruption or outage event.


“Confidential Information” – Any non-public information shared by either Zen.io or the Customer in connection with this Agreement that should reasonably be understood to be confidential based on its nature or context. This includes business processes, strategies, system details, pricing, and Customer Content.


“Privacy Policy” – Zen.io’s publicly available policy describing how we collect, use, store, and safeguard personal data submitted through our Services. [Link this if published on your site.]


“Data Processing Addendum” (DPA) – A supplemental legal agreement outlining responsibilities and safeguards for processing personal data in compliance with data protection laws such as GDPR, applicable when Customer Content includes personal data.


“Authorized User” – Any individual who is permitted by the Customer to use the Services on their behalf, and who has been provided with login credentials for a Zenio Account.


“Terms” or “Agreement” – Refers collectively to these Terms of Service, any applicable order forms, amendments, policies, or attached documents (e.g., DPA) incorporated by reference.


1. Services Provided

 Zen.io offers managed and on-demand solutions focused on cybersecurity planning, data protection, backup, and disaster recovery (collectively, the “Services”). These Services are designed to help businesses minimize data loss, ensure business continuity, and recover critical information and systems in the event of cyberattacks, hardware failures, human error, or natural disasters.

 Depending on the selected service plan or agreement, Zen.io may provide:

  • Development of tailored cybersecurity plans and incident response strategies  

  • Offsite and cloud-based backup for files, servers, and virtual machines  

  • Backup monitoring, testing, and periodic system checks  

  • Disaster recovery as a service (DRaaS), including rapid data restore  

  • System imaging, failover support, or virtualization for continuity  

Customers may be required to configure and maintain supported systems, network connections, and/or agents for Zen.io’s services to run reliably.  

Unless otherwise agreed in writing, Zen.io does not guarantee zero data loss, uninterrupted uptime, or recovery timeframes outside of what is specifically outlined in your service plan or subscription agreement.

Customers are solely responsible for classifying which data is critical, determining retention requirements, and verifying recovery functionality. Zen.io's Services are a supplement—not a replacement—for internal IT or compliance functions unless otherwise contracted.

2. User Accounts and Responsibilities

To access and utilize Zen.io’s Services, Customers may be required to create an account from the Zen.io official website and provide accurate, complete, and up-to-date information( First name, Last name, phone number, email address and creating a password; company name, physical address; payment information). You are solely responsible for maintaining the confidentiality of your login credentials, and for all activities that occur under your account.

You agree to notify Zen.io immediately of any unauthorized access or suspected breach of your account or system resources that interface with the Services.

 By using the Services, you agree that:

  • Customers will not share account credentials outside of your organization or authorized personnel.

  •  Customers are responsible for the security and integrity of any systems, networks, or endpoints that Zen.io's agents, tools, or backups are deployed to.

  • Customers will not intentionally disrupt, interfere with, or attempt unauthorized access to the Services, systems, or data—whether belonging to Zen.io or any other customer.

  • Customers will use the Services only for lawful purposes and in accordance with your applicable internal policies (e.g., compliance with HIPAA, GDPR, CISA).

  • Customers will cooperate with Zen.io when required to troubleshoot, test backups, simulate recovery scenarios, or fulfill compliance obligations.

 If you are using the Services on behalf of an organization, you represent and warrant that you have the authority to bind that organization to these Terms. You further agree that all users associated with your account comply with this agreement.

 Zen.io reserves the right to suspend access, investigate misuse, or terminate Services if it has reason to believe the account has been compromised, misused, or violates applicable law or this agreement.


3. Subprocessors and Third-Party Services

To deliver its Services, Zen.io relies on a network of trusted third-party providers who may operate infrastructure, storage, automation, or security technologies on Zen.io’s behalf. Some of these third parties may process or access limited Customer Content in order to support Zen.io's core operations or to carry out specific instructions from the Customer (e.g., backup, and threat detection).

These third-party service providers are referred to as “Subprocessors.”

Zen.io takes reasonable steps to ensure that each Subprocessor maintains data security and privacy practices consistent with applicable law and this Agreement, including where required under the EU General Data Protection Regulation (GDPR) or other local privacy regulations

Zen.io currently engages the following types of providers:

  • Cloud backup and disaster recovery platforms, such as Veeam, used for creating and maintaining secure backup infrastructure.

  • Endpoint monitoring and response platforms like Huntress and Blackpoint Cyber, which help prevent, detect, and respond to cybersecurity threats in customer environments.

  •  Distributed and encrypted object storage solutions such as StoreJ, which support backup redundancy and data durability through decentralized cloud architecture.

  • Remote monitoring and IT automation tools, including SuperOps.ai, used for centralized device management, ticketing, and workflow coordination.

  • Security awareness training delivered through Curricula, a platform used to provide educational content and phishing simulations to help customers and employees improve their human security posture.

  • Cloud infrastructure providers such as Amazon Web Services (AWS) or Microsoft Azure, which may support Zen.io’s hosting or one of the platforms integrated into the service delivery.

This list may change over time based on platform improvements, security enhancements, and service scale. You may request a current list of Subprocessors at any time by emailing: support@zenio.pro .

3.1 Contractual Safeguards

Zen.io requires all Subprocessors who may process personal data to enter into data processing agreements that include confidentiality clauses, data access limitations, breach notification terms, and industry-standard security expectations. Subprocessors are prohibited from using Customer Content for any purpose other than fulfilling their specific responsibilities as part of the Zen.io service offering.

3.2 Right to Object

If you have a reasonable, documented objection to a new Subprocessor based on compliance, regulatory requirement, or risk management policies, you must notify Zen.io within ten (10) business days of being informed of the change. Zen.io will work in good faith to address the concern, which may include suspension of the Subprocessor for your account or transitioning to an alternative option, where feasible.

3.3 Use of Third-Party Software

Zen.io may offer optional integrations with third-party software or cloud platforms that operate under their own terms. Use of those services is at your discretion, and Zenio is not responsible for their performance, data collection, or security practices. You should review the relevant privacy and usage policies of any third-party tools you connect to or authorize via Zen.io.

4. Problem Management and Troubleshooting

Problems will be categorized based on severity (Critical, High, Medium, Low) and addressed accordingly. Zen.io will work with the Client to resolve issues remotely, escalating them to higher technical expertise if necessary. On-site interventions will only occur when remote troubleshooting is insufficient, and third-party technicians may be dispatched upon agreement.

If a problem cannot be resolved within the agreed timeframe, Zen.io will provide the Client with regular status updates and an expedited action plan until the issue is resolved.

5. Pricing and Payment

Zen.io offers subscription-based services for cybersecurity protection, data backup, and disaster recovery, with monthly or annual billing options based on your selected service plan.

Specific pricing and package details are outlined in your individual service agreement, invoice, or order form. Additional charges may apply for onboarding, customization, offsite storage, or third-party services as needed.

All payments are due based on the terms outlined on your invoice. Late payments may incur interest charges, service suspension, or recovery of third-party costs.

Zen.io reserves the right to update its pricing or billing structure with prior notice. If you have any questions about billing or fees, please contact our support team or refer to your latest invoice and service documentation

6. Intellectual Property

All rights, title, and interest in and to the Zen.io platform, services, website, software, associated technologies, documentation, workflow tools, and analytics (collectively the “Zen.io Platform”) are the exclusive property of Zen.io, a registered trademark with the United States Patent and Trademark Office (USPTO).

Except for the limited rights expressly granted to you in these Terms, no license or ownership interest is transferred to you under any circumstances. Zen.io retains all intellectual property rights under applicable copyright, patent, trademark, and trade secret laws.

6.1 Customer Content Ownership

Any data, files, configuration settings, or other materials provided or submitted by you through your use of the Services ("Customer Content") remain your intellectual property. However, by using the Services, you grant Zen.io a worldwide, limited, non-exclusive, royalty-free license to process, store, transmit, and use Customer Content strictly for the purpose of providing, maintaining, and improving the Services.

You represent and warrant that you have the necessary rights and legal basis to provide such content and to authorize Zen.io to process it under these Terms and any applicable regulations (including the GDPR, if applicable).

6.2 Restrictions

You may not:

  • Copy, modify, reverse-engineer, decompile, or otherwise attempt to derive source code from the Zen.io Platform;

  • Use Zen.io trademarks (including logos or product names) without prior written consent;

  • Remove, obscure, or alter any proprietary notices or disclaimers;

  • Resell, sublicense, or distribute the Services to third parties without express agreement;

  • Register similar trademarks, names, or domains designed to imitate or mislead in relation to Zen.io’s brand.

6.3 Feedback and Suggestions

Any suggestions, ideas, enhancement requests, or other feedback you submit to Zen.io may be used by us without restriction, attribution, or compensation. You acknowledge that such input is provided voluntarily and does not create any confidentiality obligation for Zen.io

7. Confidentiality and Data Protection

Zen.io values the integrity and security of your data and is committed to protecting the confidentiality of all information exchanged in the course of providing services. While Zen.io is not currently certified under specific compliance frameworks such as SOC 2, ISO 27001, or HIPAA, it delivers services in coordination with and in alignment with certified industry-leading partners, including:


  • Blackpoint Cyber (compliance with NIST and CMMC standards)

  • Huntress (SOC 2 Type 2 certified)

  • Veeam (GDPR-compliant; ISO 27001 certified hosting partners)


Zen.io's operational processes, data-handling procedures, and customer support practices are modeled after the security, privacy, and data protection standards employed by these partners. This includes aligning with best practices for incident response, encryption, user access control, and data minimization.

7.1 Confidential Information

Each party agrees to treat all information shared in connection with the Services that is marked as confidential or would reasonably be considered confidential under the circumstances (“Confidential Information”) as strictly confidential. Confidential Information includes, but is not limited to:


  • Security configurations, technical specifications, or backup policies;

  • Customer lists, account credentials, business plans, or operational procedures;

  • Monitoring results, support tickets, or logs generated during service incidents.


Neither party will disclose confidential information to third parties without prior written consent, except to professional advisors or auditors who are bound by confidentiality obligations.


This obligation remains in effect during and for a period of two (2) years following the termination of services.


7.2 Data Privacy and Processing

Zen.io handles Customer Content in accordance with its Privacy Policy and incorporates security and privacy best practices from its third-party vendors and software integrations.


Customers remain the data controllers of any personal data submitted to the platform. Zen.io functions as a data processor or sub-processor, depending on the configuration and vendor partnerships in place.


Though Zen.io does not make any standalone compliance certifications at this time, it:


  • Follows internal protocols consistent with the EU GDPR principles (lawfulness, fairness, transparency, purpose limitation, data minimization, and integrity);

  • Utilizes only vetted sub-processors and partners who have adopted strong security and privacy controls;

  • Offers customers a Data Processing Addendum (DPA) upon request.


7.3 Breach

In the event of a security incident impacting your data, Zen.io will notify you without undue delay after becoming aware, provide timely updates, and cooperate fully in any remediation, response, or reporting steps as required by law or contract.


7.4 Customer Obligations

You agree to: 

  • Use Zen.io’s Services in compliance with applicable data protection regulations relevant to your organization;

  • Avoid transmitting unnecessarily sensitive or regulated data unless appropriate safeguards are agreed upon;

  • Notify Zen.io in writing if you are subject to specific regulatory obligations (e.g., HIPAA, CJIS, PCI-DSS) that may require special handling.


8. Security Measures

Zen.io takes the security and integrity of your data seriously and implements a combination of technical, administrative, and organizational controls designed to protect customer environments, backups, and related systems against unauthorized access, cyberattacks, accidental loss, or destruction.


While Zen.io itself is not currently certified under formal compliance frameworks (e.g., SOC 2, ISO 27001), our operational practices are modeled after and implemented in tandem with partners that have achieved these certifications or comply with globally accepted standards, including:


  • Veeam – Secure, policy-driven disaster recovery and immutable backup architecture

  • Huntress – Endpoint security and SOC 2-certified threat detection and response; collaboration with Curricula to deliver comprehensive security awareness training.

  • Blackpoint – Real-time MDR built on NIST-based security control frameworks

  • StoreJ – Decentralized cloud object storage with end-to-end encryption and zero-trust frameworks


Based on these partner capabilities and integrations, Zen.io applies and enforces industry-aligned standards focused on:


  • 256-bit encryption during data transfer and at rest

  • Role-based access controls (RBAC) and minimum privilege principles

  • Enforced backup retention policies with optional immutable storage

  • Offsite replication and recovery hosted across encrypted and distributed systems

  • Scheduled backup testing and disaster simulation

Zen.io continuously monitors its environment for authorized access, threat activity, and data integrity. In the event of a data or security incident, we follow a documented incident response process and notify impacted customers pursuant to our confidentiality and data protection obligations.

8.1 Responses to Emerging Threats

In urgent cases—such as zero-day vulnerabilities, critical infrastructure compromise, or widespread system threats—Zen.io reserves the right to take proactive security actions, including temporary suspension, emergency patching, or containment efforts. Customers will be notified as soon as practical.

9. Termination and Suspension

Either party may terminate this Agreement by providing thirty (30) days’ written notice. If you cancel before the end of a billing cycle, no refunds will be issued for unused time. Early termination of annual contracts may be subject to a cancellation fee, unless otherwise agreed in writing.

Zen.io may suspend or terminate access to Services at any time, with or without notice, if:

  • Payments are overdue

  • These Terms are violated

  • Your use presents a security risk or legal liability

  • Required by law or court order

  • Upon termination, access to services will be disabled, and any unpaid fees will become due immediately.

Customer data and backups will be retained for thirty (30) days after termination and then permanently deleted unless otherwise required by law.

Requesting a copy of your data during this period is permitted if your account is current; fees may apply for manual exports.

10. Limitation of Liability

To the maximum extent permitted by applicable law, Zen.io shall not be liable to the Client for any indirect, incidental, special, consequential, or punitive damages, including but not limited to loss of profits, revenue, data, or use, even if Zen.io has been advised of the possibility of such damages.

Zen.io’s total cumulative liability for any and all claims arising out of or relating to this Agreement, whether in contract, tort, or otherwise, shall not exceed the total amount of fees paid by the Client to Zen.io under this Agreement in the twelve (12) months immediately preceding the event giving rise to the claim.

This limitation of liability shall not apply to claims arising from Zen.io’s intentional misconduct, gross negligence, or any breach of confidentiality obligations outlined in this Agreement. The Client agrees that any claims related to this Agreement must be brought within one (1) year after the cause of action arises.

11. Governing Law

This Agreement shall be governed by and construed in accordance with the laws of the State of Nevada, without regard to its conflict of laws principles. Any disputes arising out of or relating to this Agreement shall be subject to the exclusive jurisdiction of the courts located in Nevada.

12. Entire Agreement

This Agreement, together with any ordering documents or Data Processing Addendums, constitutes the entire agreement between you and Zen.io regarding the Services. If any provision is found unenforceable, the rest of the Agreement remains in effect. Zen.io’s failure to enforce any provision shall not be a waiver of its rights.