Terms and Conditions
These Terms and Conditions were last updated on 4.02.2017.
These Terms and Conditions describe rules and disclaimers under which you can use the website and any information and content provided on The Website, including ratings and rating reports.
Terms and Conditions
In these Terms and Conditions, also on The Website and in any materials or content related to IISRI® the website, we use the following definitions:
IISRI® - Shall always refer to Independent Information Security Rating Institute Ltd. IISRI® is a registered and protected trademark owned by the Independent Information Security Rating Institute Ltd.
ASO – Shall always refer to Assessed Services and Organization.
AO – Shall always refer to Assessed Organization.
Rating – Shall always refer to IISRI® statements of opinion, not statements of fact or recommendation.
External Security Rating – Shall always refer to IISRI® rating based only on publicly available information.
Internal Security Rating – Shall always refer to IISRI® rating based on publicly available and voluntarily provided information by the AO.
The Public – Shall always refer to any person or organization.
The Website – Shall always refer to any websites and applications within the iisri.com domain.
2 / Terms and Conditions applicability
Whenever you use or/and access the IISRI® website, you confirm that you agree with these Terms and Conditions.
It is your responsibility to read these terms and conditions.
3 / IISRI® Services and Information
IISRI® provides you with:
publicly available and accessible ratings
rating reports – paid reports of IISRI® opinion which led to the rating
Free external rating service – you can request IISRI® to assess and issue an external rating to any services or/and organization in the world. IISRI®, at sole discretion, may or may not proceed with your request
free internal rating service – any organization can request IISRI® to assess and issue an internal rating to their services or/and their organization. IISRI®, at sole discretion, may or may not proceed with their request.
4 / Intellectual Property Rights
The IISRI® website and any information and content related to the IISRI® website are the property of IISRI® or are based on publicly available information providers and are protected by copyright and other intellectual property laws.
The IISRI® website cannot be reproduced, copied, or distributed without the written permission of IISRI®. You shall honor all reasonable requests by IISRI® to protect IISRI® proprietary interests in the IISRI® website and the related content.
5/ Forbidden Use Policy
You agree to follow this Forbidden Use Policy.
You will not:
Use or attempt to use any website mining tools or mirroring tools, and take a copy of any information and or materials from the IISRI® website, or:
Obtain or access, attempt to obtain or access through any means any information or content on the Website that has not been made intentionally publicly available in any meaning;
Test the security of any of IISRI® servers, infrastructure, networks applications, and The Website without written permission of IISRI®
Interfere or attempt to interfere with The Website by excessive load, traffic, or requests
The reverse engineer rating framework may indirectly lead to the actionable confidence breach (according to New Zealand Crime Act 1981) and put the public and their information at risk.
6/ Complaints, Corrections & Response Processes
We encourage the assessed organizations and the public to review and clarify any inaccuracies in our reports. IISRI® aims to provide an opinion as accurately as possible but also in an objective manner. If you, as the assessed organization, think that you have found inaccuracy or omissions in our statements, you can follow our Corrections process. The public can notify IISRI® about any inaccuracy or omissions via the “Public Contribution” link on our website.
In the Corrections process, IISRI® verifies all suggested corrections within seven days and sends the response to the requestor. If the suggested correction were valid, we would modify the related report. In addition, if the suggested correction impacts the granted rating, we will publish the rectification on our main website.
We also encourage the assessed organizations to provide their management response to our ratings to inform their customers better. The “Response” process is available only to assessed organizations to respect their brand and reputation protection rights. If you want to add your comment as a response to our rating to inform the public, please send your reply to email@example.com. If appropriate, we will publish “your response” on the rating page of your organization without modifications.
Finally, the Complaint process is available for all other types of requests. Please send your response to firstname.lastname@example.org or use our contact form.
To initiate the Corrections or Response process, please send us an email to email@example.com and include the following information:
For Corrections: subject has to contain the words “CORRECTIONS” and a report license number. In the message, please put the location of the inaccurate statement (Page and line number). Provide the information that is accurate in your opinion by referencing or attaching evidence and, finally, your argumentation. For external security ratings, you can only refer to publicly available information.
For response: the subject has to contain the words “RESPONSE” and a report license number. In the message, please put your answer that you want to be published on our website (on your organization rating page).
7 / Disclaimer
IISRI® DOES NOT GUARANTEE THE ACCURACY, COMPLETENESS, TIMELINESS, OR AVAILABILITY OF ANY INFORMATION OR CONTENT INCLUDING RATINGS AND RELATED MATERIALS, AND IS NOT RESPONSIBLE FOR ANY ERRORS OR OMISSIONS, REGARDLESS OF THE CAUSE OR FOR THE RESULT OBTAINED FROM THE USE OF SUCH INFORMATION. IISRI® RATINGS ARE STATEMENTS OF OPINION, NOT STATEMENTS OF FACTS OR RECOMMENDATIONS TO USE/BUY SERVICES OR COOPERATE WITH ORGANIZATIONS. THEREFORE, IISRI® GIVES NO EXPRESS OR IMPLIED WARRANTIES TO YOU (OR ANY OTHER PERSON OR ENTITY) OF MERCHANTABILITY OR FITNESS FOR ANY PARTICULAR PURPOSE OR USE. ANY INFORMATION OR MATERIAL ON THE WEBSITE MAY INCLUDE INACCURACIES OR OTHER ERRORS.
IN NO EVENT SHALL IISRI® OR OUR STAFF BE LIABLE, WHETHER IN CONTRACT, WARRANTY, TORT (INCLUDING NEGLIGENCE), OR ANY OTHER FORM OF LIABILITY, FOR ANY DIRECT, INDIRECT, INCIDENTAL, EXEMPLARY, COMPENSATORY, PUNITIVE, SPECIAL OR CONSEQUENTIAL DAMAGES, COSTS, EXPENSES, LEGAL FEES, OR LOSSES (INCLUDING, WITHOUT LIMITATION TO DEFAMATION, REPUTATION LOST, INCOME LOST OR PROFITS LOST AND OPPORTUNITY COSTS OR LOSSES CAUSED BY NEGLIGENCE). THE LIMITATIONS ON OUR LIABILITY TO YOU OR ANY PARTY SHALL APPLY WHETHER OR NOT IISRI® OR OUR STAFF HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH LOSSES OR DAMAGES ARISING. ALL INFORMATION AND MATERIALS ON THE WEBSITE ARE PROVIDED ON AN "AS IS" BASIS.
IISRI® RATINGS ARE STATEMENTS OF OPINION EXPRESSED BY SECURITY EXPERTS. ANYONE CAN BUILD THEIR OWN RATING FRAMEWORK, WHICH MAY LEAD TO DIFFERENT OPINIONS. FURTHER, IT WOULD BE RECKLESS FOR ANYONE TO MAKE ANY DECISION BASED ON IISRI® RATINGS. IF YOU HAVE DOUBTS, YOU SHOULD CONTACT YOUR SECURITY OR OTHER PROFESSIONAL ADVISER.
AS SOME LEGAL JURISDICTIONS DO NOT ALLOW THE EXCLUSIONS OR LIMITATIONS AS ESTABLISHED ABOVE, SOME OF THESE EXCLUSIONS OR LIMITATIONS MAY NOT APPLY TO YOU. IN THAT EVENT, YOU ARE NOT ALLOWED TO USE ANY INFORMATION OR MATERIALS ON THE WEBSITE, AND YOU ARE OBLIGED TO LEAVE THE WEBSITE.
8/ Legal Jurisdiction
The Independent Information Security Rating Institute Ltd. is a New Zealand registered company. These terms and conditions and The Website is governed in all respects by the laws of New Zealand.