Skip to main content
All CollectionsLegal
Terms and Conditions of Use
Terms and Conditions of Use
Updated over a week ago

The following terms and conditions are approved by any user signing up for a Flusk account.


These General Terms and Conditions of Use (hereinafter "T&C") are a contract concluded between:

The User


FLUSK (hereinafter "FLUSK"), a simplified joint-stock company with a share capital of EUR 1,000.00, domiciled at 16 rue des Chèvrefeuilles, 14000 CAEN, registered with the CAEN Trade and Companies Register ("Registre de Commerce et des Sociétés") under number 921 538 203, NAF code 62.03Z and represented by its managers, in the persons of Wesley WASIELEWSKI and Victor NIHOUL.

By which the terms of use of the FLUSK VAULT tool (hereinafter "the Tool"), property of FLUSK, are defined.

FLUSK's activity is the management of IT facilities. In this context, FLUSK has developped the IT tool FLUSK VAULT, an all-in-one IT security tool for applications. FLUSK VAULT can be used to run security tests and generate security reports on applications. In addition to existing security features, FLUSK now offers enhanced monitoring capabilities including User Tracking, Error Monitoring, and a Log Explorer. These features aim to provide comprehensive oversight and analysis of application performance and user interaction. For full utilization of these features, optional collaborator access to the User's application may be requested.

The applicable T&C are those in force on the date of the provision by FLUSK of the tool to the User.

However, FLUSK reserves the right to modify these T&C at any time if necessary. In that case, FLUSK will provide a copy of any new version to the User, electronically. Therefore, any modification of the T&C having been duly transmitted to the User is enforceable against him from the date of the said transmission.

Article 1. Definitions.

For the purposes of the interpretation and execution of these terms and conditions, the terms and expressions referred to below, when preceded by a capital letter, mean:

"Agency": refers to development agencies, producing and developing applications for commercial purposes and on their behalf;

"Application": refers to any application which the User may own or which an Agency has developped;

"Dashboard": refers to an interface available giving access to a set of functionnalities, among which all Flusk products including Flusk Vault, Flusk Monitor, Flusk Assist, Flusk Plugins;

"External Costumer": refers to any costumer who is not a direct FLUSK costumer (meaning they don’t have a Flusk account on their own and don’t use the Flusk Product directly but trough an intermediary) ;

"Subscription": monthly payment from the User and after payment of a price, necessary to run external security audits and access features from the Flusk Product the subscription was based on;

"T&C": General Terms and Conditions for the use of FLUSK VAULT, the Tool;

"Tool": refers to FLUSK’s security tool, FLUSK VAULT. The Tool is an IT security solution for applications. The Tool connects with the User's application and allows the User to generate security tests as well as security reports;

"Parties": refers to both FLUSK and the User, as parties to the present terms and conditions;

"User": refers to any professional using the Tool for the needs of his professional activity;

References to the Articles are references to the articles of these terms and conditions, unless otherwise provided.

Any reference to the singular includes the plural and vice versa.

Any reference to one genre includes the other gender.

Article 2. Object.

The purpose of these T&Cs is to define the conditions under which FLUSK makes its Tool available to the User, as well as the rights and obligations of the Parties in connection with its use.

Article 3. Scope.

These T&C are reserved for professionals only, acting as part of their professional activity.

The User declares to have read and to accept these T&C at the time of the provision of the Tool by FLUSK and before any start of use.

Section 5. Description, installment and billing of the Tool.

5.1.- Description.

The Tool works based on the scrapping of public data in order to extract all the front-end data and to pass it through an internal algorithm. The Tool will then analyze the data and look for security vulnerabilities on the pages of the Application.

5.2.- Installment of the Tool.

The Tool can only be installed by the application owner. In order to ensure the proper installation and functionality of the Tool, the User will have to grant access to FLUSK’s internal account ([email protected]).

Any Customer wishing to use the Tool for third party (External Customer) must ask FLUSK to install the Tool before any possible use.

5.3 - Subscription

FLUSK works with a flexible subscription model with options for monthly, quarterly, or annual billing, as detailed on our Pricing page ( Various tiers of subscriptions are available, each offering a distinct set of features tailored to diverse needs.

Users can manage their subscription preferences directly from the Dashboard under 'App' > 'Billing' or by contacting our support team.

Users who purchased a license before January 1st 2024 will transition to a 'Legacy Plan', retaining access to features included in their original plan until the expiration of their current license. To embrace our enhanced services, legacy users are offered a 50% discount when upgrading to any new plan. This transitional arrangement applies until the expiration of individual licenses as per existing terms.

5.4 - Refund Policy

FLUSK operates under a strict no-refund policy. Once a subscription payment is processed, FLUSK does not offer refunds or credits for any subscription charges, irrespective of whether the services were utilized or not. This policy applies to all tiers and forms of subscriptions, including monthly, quarterly, and annual plans.

5.4.2. Subscription Cancellation

Users may cancel their subscription at any time; however, the cancellation will only become effective at the end of the current billing period. No refunds will be provided for the remaining time in the subscription period following cancellation. Users are encouraged to ensure that they intend to continue using the service for the entirety of the subscription period before making a payment.

5.4.3. Changes to Subscription Plan

In cases where a User chooses to downgrade or upgrade their subscription plan, the change will be applied to the next billing cycle. No refunds will be issued for any partial usage or the difference in the subscription rates for the remainder of the ongoing billing period.

This no-refund policy is an integral part of the T&C of FLUSK, and by subscribing to any of our plans, Users acknowledge and agree to this policy.

Article 6. User’s obligations.

The User undertakes not to use the Tool for malicious purposes or to run penetration tests on applications which are not owned by the User.

Article 7. Conduction of security audits.

7.1.- Licensing condition.

Prior to the conduction of any security audit on behalf of an external customer using the Tool, a License must be retrieved from FLUSK, irrespective of whether the audit is conducted in the User’s name or in the customer’s name.

License definition and conditions can be found in the following article:

Granted licenses do not expire until applied to an Application.

7.2.- Conduction of external security audits.

The conduction of external security audits by the User is prohibited, unless the User is the owner of a License, as described in Article 7.1.

The Tool may only be used for professional purposes, within Applications that are owned by the User or developed by the Agency on behalf of which the User produces the audit.

Under the present Terms and Conditions, it will be considered that an external security audit has been conducted where:

  • The User has conducted a security audit and wrote a security report on behalf of an External Costumer, irrespective of whether the Tool has been mentioned in the latter;

  • The User has used the Tool within an application of which he is not the owner;

  • The User has delivered a security audit on behalf of an Agency for an application which the Agency did not develop.

On the contrary, it will not be considered that an "external security audit" has been conducted where:

  • The Tool is used by the User for the purposes of its professional activity, including when the User is an Agency, as long as the Tool is used only in applications that it has developed;

  • The Tool is used by the User for internal activities and for the provision of services to internal development teams.

Article 8. Termination of access to the Tool.

Any violation of the above-mentioned obligations in Articles 6 and 7, may lead to the termination of both the User’s account and its organization workspace. This includes the loss of any license, active or inactive, reports and data.

In case of violation, FLUSK will inform the User of the upcoming termination of its account and workspace, that will take place immediately.

Article 9. Responsibility.

It is reminded that the Tool’s object is limited to the analysis of the security level of the applications on which it is run and production of security reports on this basis.

FLUSK can only be held responsible for facts which are directly attributable to it, and which would cause the User a direct prejudice, excluding any indirect prejudice.

In any case, FLUSK cannot be held responsible for security incidents which may occur on the User’s application.

Article 10. Data protection and confidentiality

10.1.- Data protection.

Certain information is mandatory and necessary for the processing of the User's approach.

The personal information communicated is recorded in a computerized file by FLUSK.

In connection with the use of the Tool, FLUSK VAULT collects information relating to:

  1. To the User (surname, first name, email address, postal address, telephone number, profile picture, information relating to the persona).

  1. To the activity of the User (name, official name, registration address, registration number, size of the company, members).

  1. Applications on which the Tool is installed. In particular, information will be collected on:

    • Application structure (public dynamic.js file)

    • Application structure (private dynamic.js file)

    • Application structure (private editor.js file)

    • Database structure

    • Options sets structure

    • Workflows and pages structure and content

    • API tokens (names)

    • API connector content (except call parameters values)

    • Plug-ins

    • Collaborators

    • Application name, domain, and Bubble application ID

    • Paying user

    • Version History

    • Logs

    • Performances and monitoring data

    • Application settings

  1. Applications on which the Tool is installed for security reporting. This is information about:

    • Database content

    • API connector call parameter values

    • API token (value)

This data is used for legal and accounting purposes (including invoicing), functional purposes, including the production of security reports, and personalization.

The data mentioned above are kept until they are deleted by the User from the Dashboard.

The above data can be deleted upon request at any time from your Dashboard, in the “Setting” tab under the “Application” menu.

With respect to data relating to Applications on which the Tool is installed for security reporting, the data listed in (iv.) will not be retained by FLUSK. However, they will be processed by FLUSK's servers and algorithms for reporting purposes.

In accordance with the law "Informatique et Libertés" of 6 January 1978 as amended by Regulation No. 2016/ 679/EU of 27 April 2016 (applicable from 25 May 2018), the User has a right of access, rectification, portability and deletion of data or limitation of processing. The User also has the possibility to oppose the processing of his data, for legitimate reasons.

These rights can be exercised by contacting the following address: [email protected].

10.2.- Security and confidentiality.

FLUSK ensures that no member or employee at FLUSK has access to the User’s application and accounts.

The User account linked to [email protected] has a password matching strong password requirements, only known by a single person, with 2FA enabled on a single device.

Access to the User’s application is subject to the User’s authorization. FLUSK’s access to the User’s application for support or assistance purposes is subject to explicit permission from the User, that will be granted through the Dashboard. Once the User’s consent is given, FLUSK will have access to the User’s application until it revokes access.

However, in case of suspicious activity in the Tool’s use (conduction of external security audits without special authorization, using FLUSK VAULT on an app that the User do not own...), FLUSK will be authorized to check the User’s installation and to access to its application.

10.3.- Non-Disclosure

FLUSK acknowledges and assures that all data gathered via the FLUSK VAULT tool, pertaining to User data, app logic, business logic, customer data, and other sensitive data associated with the user or their customers (app users), shall not be utilized by FLUSK in any manner and shall not be revealed, disseminated or traded. This exclusion, however, does not extend to analytics data pertaining to the User's utilization of the Flusk Vault.

Article 11. Use of the Security Badge

11.1 Definition and Purpose

The "Security Badge" is a digital badge provided by FLUSK, which can be integrated into User's applications using the Flusk plugin. The purpose of the Security Badge is to display the current security status of the User's application and to include a link to a digital certificate, thereby enhancing the credibility and trustworthiness of the application.

11.2 Authorized Use

The Security Badge must be used as provided by FLUSK without any modifications. Users are authorized to use the Security Badge solely in the manner and for the purposes explicitly stated by FLUSK.

11.3 Prohibited Actions

Users are strictly prohibited from copying, modifying, or using the Security Badge in a false or misleading manner. This includes, but is not limited to, altering the appearance, functionality, or information provided by the Security Badge.

11.4 Consequences of Unauthorized Use

Any unauthorized use, copying, or modification of the Security Badge will result in immediate termination of the User's account with FLUSK. Furthermore, FLUSK reserves the right to report such violations to for appropriate action, which may include measures against the User's application on

11.5 Responsibility

Users are responsible for any misuse of the Security Badge by third parties if such misuse occurs due to negligence or failure of the User to adhere to these terms.

11.6 Indemnification

Users agree to indemnify and hold harmless FLUSK against any claims, damages, losses, liabilities, costs, and expenses (including attorney’s fees) arising out of or related to the unauthorized use of the Security Badge.

11.7 Modification and Termination

FLUSK reserves the right to modify the design, features, and functionality of the Security Badge at any time. FLUSK may also terminate the availability of the Security Badge with reasonable notice. Continued use of the Security Badge after such changes will constitute acceptance of the new terms.

Article 12. Intellectual Property Rights.

The Tool, as well as all trademarks that may be attached to it and more generally all other trademarks, illustrations, images and logos appearing on the Goods, their accessories and packaging, whether registered or not, are and will remain the exclusive property of FLUSK.

Any total or partial reproduction, modification or use of these trademarks, illustrations, images and logos, for any reason and on any medium whatsoever, without the express prior consent of FLUSK, is strictly prohibited. The same applies to any combination or conjunction with any other trademark, symbol, logotype and more generally any distinctive sign intended to form a composite logo. The same applies to all copyrights, designs, models and patents owned by FLUSK.

Article 13. Partial nullity.

If one or more stipulations hereof are held to be invalid or declared as such pursuant to a law, a regulation or a final decision of a competent court, the other stipulations will retain all their force.

Article 14. Applicable Law and Competent Courts.

These T&C and the operations resulting from them are governed by French law. They are written in English. If they are translated into one or more languages, only the English text shall prevail in the event of a dispute.

Any dispute relating to the interpretation and/or execution of these T&C must be the subject of an attempt at amicable settlement. Any complaint must therefore be addressed to the address [email protected]. In case of failure of amicable settlement, any dispute will fall under the jurisdiction of the French courts.

Did this answer your question?