TERMS AND CONDITIONS

Last updated: May 6, 2026

Domain Methods ("Company," "we," "us," or "our")

These Terms and Conditions ("Terms") govern your access to and use of the security audit services offered by Domain Methods, a company incorporated in the state of Oregon, US ("Services"). By submitting a request, making a payment, or signing any related agreement, you ("Client," "you," or "your") agree to be bound by these Terms in full.

1. ABOUT THESE TERMS

These Terms form the entire agreement between you and the Company in relation to the Services described on our website. They apply to all individuals and businesses worldwide who engage us for a security audit, regardless of location or entity type.

If you are entering into these Terms on behalf of a business or organization, you represent and warrant that you have authority to bind that entity to these Terms.

2. SERVICES

We provide manual security audit services for software applications, with a focus on applications built using AI-assisted development tools such as Lovable, Bolt, Cursor, Replit, and similar platforms.

The scope of each audit is defined by the tier selected at the time of engagement:

  • Single App Audit: One repository, standard stack, delivered within 48 hours of audit commencement.
  • Full Stack Audit: Up to five repositories, custom backend or complex authentication, delivered within 72 hours of audit commencement.
  • Enterprise: Agreed separately in writing based on scope.

Each engagement begins only after (a) you have submitted your application details, (b) both parties have signed the applicable agreements (NDA, Non-Compete, and Code Deletion Agreement), and (c) payment has been successfully received in full.

3. ENGAGEMENT PROCESS

  • Step 1 — You submit your audit request via our website or contact form.
  • Step 2 — We reach out within 24 hours to confirm your audit tier and next steps.
  • Step 3 — Both parties execute a Non-Disclosure Agreement, a Non-Compete Agreement, and a Code Deletion Agreement before any code or repository access is shared.
  • Step 4 — Payment is collected in full. The audit begins only after payment is confirmed.
  • Step 5 — We conduct the audit and deliver a written report in plain English, along with a 15-minute follow-up call to walk through findings.

4. DELIVERY TIMEFRAMES

The delivery windows stated for each audit tier (48 hours for Single App, 72 hours for Full Stack) are targets and guidelines only. They are not contractual guarantees. Actual delivery may vary depending on the complexity of the codebase, volume of findings, availability of necessary access, and factors outside our reasonable control.

We will communicate proactively if we anticipate a delay. However, a delay in delivery beyond the stated window does not entitle you to a refund, a discount, or any other remedy, except as described in Section 5 below.

5. PAYMENT AND REFUND POLICY

All fees are stated in USD and are due in full prior to commencement of the audit.

Refund conditions are as follows:

  • You are entitled to a full refund only if we fail to produce and deliver an audit report. In this context, "failure to produce a report" means we did not deliver any written findings document to you within a reasonable extended timeframe after the stated delivery window.
  • All payments are otherwise non-refundable. This applies regardless of the number of findings in the report, the severity or nature of those findings, your satisfaction with the results, your decision not to implement the recommendations, or any other circumstance.

By proceeding with payment, you acknowledge and accept this refund policy in full.

6. USE OF LARGE LANGUAGE MODELS (LLMs)

To carry out the audit, we use a combination of manual review by senior engineers and automated scanning tools, which may include large language model (LLM) providers of our choosing. These providers may change at any time without notice to you.

By agreeing to these Terms and proceeding with the engagement, you explicitly consent to the following:

  • Your code, in part or in full, may be submitted to third-party LLM providers as part of the scanning and analysis process.
  • We do not guarantee which specific LLM providers will be used.
  • We take reasonable steps to use reputable providers with appropriate data handling practices; however, we disclaim all liability for any breach, leak, exposure, or unauthorized use of your code that occurs on the part of any LLM provider. Any such incident is solely the responsibility of the LLM provider in question.
  • You should not submit code containing secrets, credentials, or sensitive personal data that you are not willing to have processed through third-party AI systems. We recommend sanitizing such information before providing repository access where possible.

7. DATA HANDLING AND RETENTION

We handle your data as follows:

  • Code and repositories: Your actual source code and repository contents are deleted as soon as the audit process is completed. This deletion is confirmed in the Code Deletion Agreement signed prior to commencement.
  • Project documentation: High-level repository information, architecture overviews, and project summaries (non-code documentation) are retained for up to 90 days following delivery of your report. This data is used for internal quality assurance and record-keeping purposes only.
  • Deletion requests: You may request deletion of your project documentation at any time within the 90-day retention window by emailing contact@highvelocityclub.com. We will action deletion requests within a reasonable timeframe.
  • Anonymized statistics: We retain the right to use anonymized, non-attributable statistical data derived from audits (for example, aggregate finding counts, vulnerability categories, stack types) for internal benchmarking, product improvement, and marketing purposes. This data will never identify you, your application, or your codebase.

A separate Privacy Policy governs how personal data you provide (such as your name and email address) is collected and processed. The Privacy Policy is available on our website.

8. OWNERSHIP OF AUDIT REPORT

Upon delivery and full payment, you own your audit report. You may use it internally, share it with your team, and act on its recommendations without restriction.

We retain the right to use anonymized and aggregated insights derived from the report (as described in Section 7) but will not reproduce, publish, or distribute your specific report or any identifiable portion of it without your written consent.

You may share or publish your audit report externally (for example, with investors, partners, or publicly) only with our prior written consent. To request consent, email contact@highvelocityclub.com.

9. CONFIDENTIALITY

Both parties are bound by the Non-Disclosure Agreement executed at the start of the engagement. These Terms do not supersede that agreement. In the event of a conflict between these Terms and the signed NDA, the NDA shall prevail with respect to confidentiality obligations.

10. DISCLAIMER OF WARRANTIES

Our Services are provided on an "as is" and "as available" basis. We make no warranty, express or implied, that:

  • The audit will identify all vulnerabilities or security issues present in your codebase. Security audits are not exhaustive by nature. Our findings represent professional judgment at a point in time and do not constitute a certification that your application is secure.
  • The audit report will be error-free or complete.
  • Acting on the report's recommendations will make your application fully secure or compliant with any specific regulatory standard.

11. LIMITATION OF LIABILITY

To the fullest extent permitted by applicable law:

  • Our total liability to you arising from or in connection with these Terms or the Services shall not exceed the total fees paid by you for the specific audit engagement giving rise to the claim.
  • We shall not be liable for any indirect, incidental, consequential, special, or punitive damages, including but not limited to loss of profits, loss of data, loss of business, or reputational harm, even if we have been advised of the possibility of such damages.
  • We are not liable for any damages or losses arising from your use or non-use of the audit report, your failure to act on findings, third-party breaches including LLM providers, or any security incident that occurs before, during, or after the audit.

12. INDEMNIFICATION

You agree to indemnify, defend, and hold harmless the Company and its officers, employees, contractors, and agents from and against any claims, damages, losses, and expenses (including reasonable legal fees) arising from your breach of these Terms, your use of the Services, or any third-party claim relating to your application or business.

13. ACCEPTABLE USE

By engaging our Services, you represent and warrant that:

  • You own or have full legal authorization to share the codebase and repositories submitted for audit.
  • You are not using our Services for any unlawful purpose.
  • You will not submit code or materials that infringe the intellectual property rights of any third party.

14. MODIFICATIONS TO THESE TERMS

We reserve the right to update these Terms at any time. The version in effect at the time of your engagement is the version that governs your audit. Material changes will be communicated via our website or by email.

15. GOVERNING LAW AND DISPUTES

These Terms shall be governed by the laws of the State of Oregon, US. Any disputes arising under these Terms shall first be attempted to be resolved in good faith between the parties. If unresolved, disputes shall be subject to the exclusive jurisdiction of the courts of the State of Oregon, US.

16. SEVERABILITY

If any provision of these Terms is found to be unenforceable or invalid under applicable law, that provision shall be modified to the minimum extent necessary to make it enforceable, and the remaining provisions shall continue in full force and effect.

17. CONTACT

For any questions about these Terms, data deletion requests, report sharing consent, or any other matter, please contact us at:

contact@highvelocityclub.com

END OF TERMS AND CONDITIONS