blueredix logo

Terms of Service

These Terms of Service (“Terms”) govern your access to and use of the vulnerability scanner service operated by blueredix GmbH at scan.blueredix.com (the “Service”). By submitting a scan request you confirm that you have read, understood, and agree to be bound by these Terms.

1. Service Description

The Service provides automated vulnerability scanning of IP addresses and web-accessible hostnames. Scans are performed asynchronously; results are delivered by e-mail. Two scan modes are available:

  • IP-Mode — port scan, service/version detection, and CVE matching against a single IP address or the requesting client’s detected public IP.
  • Web-Mode — passive subdomain enumeration, DNS resolution, port scan, HTTP probing, technology fingerprinting, web crawl, and CVE / JS-library matching against a hostname. Subdomains are enumerated but not scanned.

2. Eligibility

You must be at least 18 years old and have full legal capacity to enter into binding agreements in your jurisdiction. The Service is intended for security professionals, IT teams, and organisations assessing their own infrastructure.

3. Authorisation Requirement

This is the most important clause of these Terms.

You may only submit a scan target — an IP address or hostname — if one of the following conditions is met:

  1. You are the owner of the system at that address or name, or
  2. you hold explicit written authorisation from the owner permitting the specific types of scanning performed by this Service.

By submitting a scan target you make a binding legal declaration that the applicable condition is satisfied. Unauthorised scanning of third-party systems may constitute a criminal offence under § 202a, § 202b, or § 202c of the German Criminal Code (StGB) and equivalent provisions in other jurisdictions. blueredix GmbH will cooperate fully with law enforcement authorities in the event of misuse.

4. Prohibited Conduct

You must not use the Service to:

  • scan systems you do not own or have not been explicitly authorised to scan;
  • evade rate limits or access controls through technical means;
  • submit false information (e-mail address, scan target, ownership declaration);
  • use scan results to attack, exploit, or compromise systems;
  • resell or redistribute scan results or access to the Service without our prior written consent.

5. Scan Results and Accuracy

Scan results are provided for informational purposes only. They represent a point-in-time automated assessment based on publicly available information. They do not constitute:

  • a guarantee that the scanned system is secure or free of vulnerabilities;
  • professional security advice or a penetration test report;
  • any form of certification or security clearance.

Results may be incomplete due to firewalls, WAFs, rate limiting, CDN infrastructure, or other factors. A warning notice displayed before submission indicates known limitations for that specific target.

6. Data Processing

Your personal data (e-mail address, scan target, results) is processed in accordance with our Privacy Policy. Scan data is retained for 90 days after scan completion and then permanently deleted.

7. Limitation of Liability

To the extent permitted by applicable law, blueredix GmbH is not liable for:

  • any damage, loss, or liability arising from the use of or reliance on scan results;
  • business interruption, loss of data, or loss of profit connected with the Service;
  • the accuracy, completeness, or fitness for purpose of scan results.

Our aggregate liability for any claim arising from these Terms is limited to the greater of the amount paid by you for the Service in the three months preceding the claim or €100.

Nothing in these Terms limits liability for death or personal injury caused by negligence, fraud, or fraudulent misrepresentation, or any other liability that cannot be excluded by mandatory law.

8. Indemnification

You agree to indemnify, defend, and hold harmless blueredix GmbH and its employees from any claim, loss, liability, or expense (including reasonable legal fees) arising from: (a) your use of the Service in breach of these Terms; (b) a scan target submitted without proper authorisation; or (c) any infringement of third-party rights caused by your use of the Service.

9. Modification and Termination

blueredix GmbH reserves the right to modify, suspend, or discontinue the Service at any time without notice, and to reject or cancel any scan request at its sole discretion. Access may be terminated immediately for violations of these Terms.

10. Governing Law and Jurisdiction

These Terms are governed by the laws of the Federal Republic of Germany, excluding conflict-of-law rules. The United Nations Convention on Contracts for the International Sale of Goods (CISG) does not apply.

The exclusive place of jurisdiction for all disputes arising from these Terms is the competent court at the registered seat of blueredix GmbH (Amtsgericht Jena / Landgericht Erfurt), unless mandatory consumer protection law in your country of residence requires otherwise.

11. Changes to These Terms

We may update these Terms to reflect changes to the Service or applicable law. The date at the top of this page indicates when they were last revised. Continued use of the Service after an update constitutes acceptance of the revised Terms.

Last updated: 4 May 2026