Awarely
AwarelyMonitor

Terms and Conditions

Last Updated: July 12, 2026Effective Date: July 26, 2026

These Terms and Conditions ("Terms") govern your access to and use of the Awarely Monitor CVE monitoring service ("Service") operated by PFA, trading as AWARELY ("Company", "we", "us", or "our"), a Persoană Fizică Autorizată (Authorized Physical Person) registered and operating under the laws of Romania and the European Union. By accessing or using our Service, you acknowledge that you have read, understood, and agree to be bound by these Terms.

1. Definitions and Legal Entity

1.1 "Service"The Awarely Monitor CVE monitoring platform, including the web dashboard, API access, alert systems, and all related features.
1.2 "User" or "Customer"Any individual or legal entity that creates an account, accesses, or uses the Service.
1.3 "Subscription"The paid or trial access tier selected by the User (Free Trial, Starter, or Pro).
1.4 "CVE Data"Common Vulnerabilities and Exposures data aggregated from sources including NVD, CISA KEV, EUVD, and GitHub Security Advisories.
1.5 "API"The programmatic interface providing access to CVE data for Pro subscribers.
1.6 "Personal Data"Has the meaning given under Regulation (EU) 2016/679 (General Data Protection Regulation - GDPR).
1.7 "DPA"A separate Data Processing Agreement made available for organization customers where Awarely processes customer data on the customer's behalf.

2. Company Information

The Service is provided by:

Legal EntityPFA (Persoană Fizică Autorizată)
Legal NameMUNTEANU C. D. MIHAI PERSOANĂ FIZICĂ AUTORIZATĂ
Trade NameAWARELY
Tax IdentifierCUI: 53962936 (Romanian clients) · VIES: RO54197611 (EU clients outside Romania)
Registered AddressBucurești, Sector 1, Bulevardul Bucureștii Noi, Nr. 136, Cod poștal 012366, România
CountryRomania, European Union
RegistrationRegistered with the Romanian Trade Register (ONRC) as a PFA under OUG 44/2008
Contact Emailmonitor@awarely.ro
VAT StatusAll billing arrangements are handled directly by Awarely. Invoices and tax documentation are issued directly by Awarely for B2B customers.

3. Account Registration and Eligibility

3.1 Age RequirementYou must be at least 16 years old (or the age of digital consent in your jurisdiction) to use this Service.
3.2 Accurate InformationYou must provide accurate, complete, and current information during registration and maintain its accuracy.
3.3 Account SecurityYou are responsible for maintaining the confidentiality of your account credentials and for all activities under your account. Notify us immediately of any unauthorized access.
3.4 AuthenticationAccount authentication is provided via AWS Cognito. You may register with email/password or through Google OAuth. You are responsible for the security of your chosen authentication method.
3.5 One Account Per UserEach user may maintain only one account. Creating multiple accounts to abuse trial periods or circumvent restrictions is prohibited.
3.6 Organization UseIf using the Service on behalf of an organization, you represent that you have authority to bind that organization to these Terms.

4. Service Description and Subscription Tiers

4.1 Free Trial14-day full access trial including dashboard access, real-time CVE updates, and all filters. Trial accounts are limited to one per user/organization.
4.2 Starter Subscription (€59/month)For small teams. Includes shared team access, email alerts for Critical severity CVEs, CSV export, watched filters and search, and 90-day retention. No Slack/Teams/webhook alerts and no API access.
4.3 Pro Subscription (€199/month)For security teams. Includes everything in Starter, Email + Slack alerts, Critical instant / High daily / Medium weekly, 12-month retention, audit trail + monthly evidence pack, watched products, and API access (50k requests/month).
4.4 Data SourcesCVE data is aggregated from NVD (National Vulnerability Database), CISA KEV (Known Exploited Vulnerabilities), EUVD (ENISA), and GitHub Security Advisories. We do not guarantee completeness or accuracy of third-party data.
4.5 Availability and MaintenanceThe Service is made available on a best-effort basis. We do not guarantee minimum uptime, uninterrupted availability, error-free operation, recovery time, recovery point, or that a feature, alert, report, integration, API response, or data-source update will be available at a particular time. We may change, maintain, suspend, or restrict the Service where reasonably necessary. We may give advance notice of planned maintenance when reasonably practicable.
4.6 Support; No Commercial SLASupport requests sent through the Service or to monitor@awarely.ro are handled on a best-effort basis. Unless a separately negotiated written agreement expressly states otherwise, no service-level agreement applies: we do not guarantee support hours, response time, resolution time, fix timeframe, availability, uptime, RTO, RPO, or a particular support outcome. An acknowledgement, product message, or severity label is not a contractual service commitment. The in-product remediation-target or “SLA” tracking feature is a workflow tool and does not create a commercial SLA, compliance certification, or obligation for Awarely. Mandatory legal obligations are not excluded.

5. Acceptable Use Policy

You agree to use the Service only for lawful purposes. You shall NOT:

5.1Use the Service for any illegal purpose or to violate any laws or regulations.
5.2Attempt to gain unauthorized access to the Service, other accounts, or connected systems.
5.3Interfere with or disrupt the Service, servers, or networks.
5.4Use automated tools to scrape, crawl, or extract data beyond API rate limits.
5.5Resell, redistribute, or commercially exploit CVE data without authorization.
5.6Share account credentials or API keys with unauthorized parties.
5.7Use the Service to conduct attacks, exploit vulnerabilities, or engage in malicious activities.
5.8Reverse engineer, decompile, or attempt to extract source code from the Service.

6. API Terms (Pro Subscribers)

6.1 Rate LimitsAPI access is subject to rate limiting. Current limits are specified in the API documentation and may be adjusted.
6.2 API KeysAPI keys are confidential and must not be shared. You are responsible for all API usage under your key.
6.3 AttributionWhen displaying CVE data obtained via API, you must attribute the data sources (NVD, CISA, EUVD, GitHub) appropriately.
6.4 No API SLAAPI access is subject to Section 4.6. It does not include a Service Level Agreement, guaranteed capacity, response time, availability, or support commitment unless a separately negotiated written agreement expressly states otherwise.

7. Intellectual Property

7.1 Our RightsThe Service, including its design, code, features, and documentation, is owned by PFA (AWARELY) and protected by Romanian, EU, and international intellectual property laws.
7.2 CVE DataCVE data is sourced from public databases. Original data from NVD, CISA, EUVD, and GitHub remains subject to their respective terms and licenses.
7.3 Limited LicenseWe grant you a limited, non-exclusive, non-transferable, revocable license to access and use the Service for its intended purpose.
7.4 FeedbackAny feedback or suggestions you provide may be used by us without obligation to compensate you.

8. Payment, Billing, and Contracting

Awarely Monitor operates exclusively on a B2B direct-billing model. All subscriptions are contracted directly with Awarely:

8.1 Direct B2B ContractsAll customers contract directly with Awarely. Awarely is the contractual counterparty and the entity responsible for billing, invoicing, and the subscription relationship.
8.2 PricingPrices are presented in EUR. Taxes and invoice details follow the billing documents issued directly by Awarely.
8.3 Billing CycleSubscriptions are billed according to the schedule agreed with Awarely in the direct billing arrangement.
8.4 Payment Methods and Overdue AmountsPayment is made outside the app under the terms agreed with Awarely. Failed or overdue payments may result in suspension or downgrade.
8.5 RefundsSubscription charges are generally non-refundable once billed, except where mandatory law or a separately agreed contract requires otherwise. Refund requests should be directed to Awarely.
8.6 TaxesAwarely handles tax and accounting obligations for all billing arrangements.
8.7 InvoicesAll invoices are issued directly by Awarely.
8.8 Payment Instrument DataAwarely does not collect or store full payment card numbers, CVC/CVV, or expiry details. Awarely may process business contact, billing, and accounting records under its own legal obligations.

9. Data Protection and Privacy

9.1 GDPR ComplianceWe process personal data in accordance with Regulation (EU) 2016/679 (GDPR) and Romanian Law 190/2018. See our Privacy Policy for comprehensive details.
9.2 Controller and Processor RolesPFA (AWARELY) acts as independent controller for account creation, authentication, security logging, fraud prevention, tax/accounting, billing administration, and website/app operations. Where we process organization customer data on behalf of a business customer to provide the Service, we act as processor to the extent required by GDPR.
9.3 Data ProcessingWe process only the personal data necessary to provide the Service, support the customer relationship, secure the platform, and meet legal obligations. This may include processor-side service operations for business customers and controller-side records maintained by Awarely.
9.4 Sub-processors and VendorsWe use trusted service providers including AWS/Cognito for infrastructure and authentication. Cookiebot and Google Analytics are used where relevant to our own site/app operation.
9.5 Data SecurityWe implement reasonable technical and organizational measures designed to protect the Service and the personal data under our control. See our Privacy Policy for the current description of those measures.
9.6 Your RightsUnder GDPR, you have rights to access, rectify, erase, restrict, port, and object to processing of your personal data. See our Privacy Policy or contact us to exercise these rights.
9.7 Cookie ConsentWe use Cookiebot for cookie consent management. Non-essential cookies (including Google Analytics) require your explicit consent before being set.
9.8 DPA PrecedenceWhere a signed DPA applies to an organization customer, that DPA governs Awarely's processor-side obligations for that customer relationship.

10. Disclaimers and Limitations

10.1 No Security GuaranteeThe Service provides CVE information for awareness purposes. It does not guarantee protection against vulnerabilities or security incidents.
10.2 Third-Party DataCVE data is sourced from third parties. We do not warrant its accuracy, completeness, or timeliness.
10.3 As-Is ServiceTHE SERVICE IS PROVIDED "AS IS" AND "AS AVAILABLE" WITHOUT WARRANTIES OF ANY KIND, EXPRESS OR IMPLIED, TO THE MAXIMUM EXTENT PERMITTED BY LAW.
10.4 Limitation of LiabilityTO THE MAXIMUM EXTENT PERMITTED BY LAW, AWARELY SHALL NOT BE LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, OR PUNITIVE DAMAGES, OR LOSS OF PROFITS, DATA, OR BUSINESS OPPORTUNITIES.
10.5 Liability CapOur total liability shall not exceed the amounts paid by you in the twelve (12) months preceding the claim, or €100, whichever is greater.
10.6 ExceptionsNothing limits liability that cannot be excluded by law, including for death, personal injury, fraud, or willful misconduct. Consumer protection rights under EU law are not affected.
10.7 Customer ResponsibilitiesYou remain responsible for your security decisions, risk assessments, patching, incident response, legal and regulatory obligations, backup and continuity arrangements, and for reviewing third-party CVE data before acting on it. You must not submit passwords, API keys, payment-card data, or other unnecessary sensitive information in a support request. The Service is not emergency response, legal advice, security certification, or a substitute for professional assessment.

11. Term, Termination, and Data Export

11.1 TermThese Terms remain effective until terminated by either party.
11.2 Your Termination RightYou may request cancellation at any time by contacting Awarely through the Settings support tab or at monitor@awarely.ro. The cancellation date, renewal handling, and access end date follow the applicable direct billing arrangement, any signed customer contract, and mandatory law.
11.3 No Fixed Notice PeriodNo fixed minimum notice period applies to your cancellation unless mandatory law or a separately agreed enterprise arrangement requires otherwise.
11.4 Data ExportAt any time, you may export the account data currently made available in Settings > Privacy & Data. The export currently includes profile, preferences, alert settings, subscription details, and billing metadata under our control.
11.5 Account Deletion and RetentionDeleting your account removes your login access and starts our internal cleanup process for data under our control. Some records may be retained, restricted, anonymized, or kept in backups where required for legal, tax, security, fraud-prevention, or operational reasons.
11.6 Our TerminationWe may suspend or terminate your access immediately for Terms violations, or with 30 days notice for any other reason.
11.7 Migration AssistanceWe do not charge a separate fee for the currently available self-service export feature. Custom migration, onboarding, or switching assistance is not included unless separately agreed.
11.8 Payment and Billing Data RequestsAwarely handles all billing records under its control. Payment and billing data requests should be directed to Awarely at monitor@awarely.ro.
11.9 SurvivalProvisions regarding intellectual property, limitations of liability, data retention obligations, and governing law survive termination.

12. Governing Law and Disputes

12.1 Governing LawThese Terms are governed by the laws of Romania and applicable mandatory European Union law.
12.2 JurisdictionDisputes shall be subject to the exclusive jurisdiction of Romanian courts, unless mandatory consumer protection laws of your residence country provide otherwise.
12.3 Consumer RightsIf you are an EU consumer, you benefit from mandatory consumer protection laws of your country of residence. Nothing in these Terms affects or limits your statutory consumer rights.
12.4 14-Day Withdrawal RightIf you are an EU consumer, mandatory withdrawal rules for digital services apply where relevant. Service delivery terms are agreed directly with Awarely as part of the B2B contract.
12.5 ADR / Consumer ComplaintsThe former EU Online Dispute Resolution platform is no longer in service. We are not currently committed or obliged to use a specific ADR entity unless mandatory law requires otherwise. You may contact us first at monitor@awarely.ro.
12.6 Payment DisputesDisputes related to payments, refunds, or billing should be directed to Awarely at monitor@awarely.ro.

13. Legal Framework References

13.1 GDPRPersonal data processing is described in our Privacy Policy and is intended to be interpreted consistently with Regulation (EU) 2016/679 and Romanian Law 190/2018.
13.2 Consumer LawWhere applicable, mandatory consumer rules, including Directive 2011/83/EU as implemented in Romania by OUG 34/2014, prevail over conflicting contractual wording.
13.3 NIS2The Service may support internal vulnerability-monitoring workflows relevant to NIS2, but using the Service alone does not create, certify, or prove NIS2 compliance.
13.4 ePrivacyCookie consent and analytics loading are managed through Cookiebot and the controls described in our Privacy Policy.
13.5 E-commerce RulesOnline contracting and trader information are intended to be interpreted consistently with Romanian e-commerce rules, including Law 365/2002 where applicable.
13.6 Other Mandatory LawIf other mandatory EU or Romanian rules apply to your use of the Service, those mandatory rules prevail over conflicting contractual terms.

14. General Provisions

14.1 ModificationsWe may modify these Terms with advance notice for material changes via email and/or a prominent notice in the Service. If you do not agree with the revised Terms, you should stop using the Service and cancel before the changes take effect. Where mandatory law requires a different acceptance mechanism, that law prevails.
14.2 SeverabilityIf any provision is found invalid or unenforceable, the remaining provisions continue in full force and effect.
14.3 Entire AgreementThese Terms, our Privacy Policy, any signed DPA, and direct billing documents issued by Awarely constitute the contractual framework regarding the Service.
14.4 No WaiverFailure to enforce any provision does not waive our right to enforce it later.
14.5 AssignmentYou may not assign your rights under these Terms without our consent. We may assign our rights in connection with a merger, acquisition, or sale of assets, with appropriate notice.
14.6 Force MajeureNeither party is liable for failures due to circumstances beyond reasonable control, including natural disasters, war, terrorism, government actions, or infrastructure failures.
14.7 LanguageThese Terms are available in English and Romanian. Both versions are legally binding. In case of conflict, the English version prevails for non-Romanian speakers.

15. Contact Information

For questions about these Terms:

MUNTEANU C. D. MIHAI PERSOANĂ FIZICĂ AUTORIZATĂ

Trading as: AWARELY

CUI: 53962936 · VIES: RO54197611

București, Sector 1, Bulevardul Bucureștii Noi, Nr. 136, Cod poștal 012366

Romania, European Union

monitor@awarely.ro

https://monitor.awarely.ro

For our data protection practices, please review our Privacy Policy.

For refund terms, please review our Refund Policy.

For organization customer processor terms, please review our Data Processing Agreement.