Terms of Service

Effective Date: 12 May 2026

1. Inleiding en Definities

These Terms of Service (“Terms”) set out the conditions under which Layer7 Networking (Pty) Ltd (“Layer7”, “we”, “us”, or “our”), a company registered in the Republic of South Africa, provides managed cybersecurity and networking services, and under which you (“Client”, “you”, or “your”) access and use this website and our services.

Deze Voorwaarden zijn van toepassing op alle bezoekers van onze website en alle klanten die Layer7 inschakelen voor diensten. Door deze website te bezoeken of onze diensten af te nemen, erkent u dat u deze Voorwaarden hebt gelezen, begrepen en ermee instemt gebonden te zijn.

Belangrijke Definities

• Services — the managed cybersecurity, networking, and professional services provided by Layer7 as described in the applicable Service Agreement, including but not limited to Managed Firewall, SOC/MDR (IRON SHIELD), Vulnerability Assessment, Incident Response, CISOaaS, Professional Services, and Next-Gen Firewalling.
• Client — any individual, organisation, or entity that enters into a Service Agreement with Layer7 or uses this website.
• Service Agreement — the specific statement of work (SOW), service order, or contract governing a particular engagement between Layer7 and a Client.
• Confidential Information — any non-public information disclosed by either party in connection with the Services, including technical data, security assessments, vulnerability reports, network architecture details, business strategies, and client lists.
• Personal Information — information as defined in the Protection of Personal Information Act 4 of 2013 (POPIA), relating to an identifiable, living natural person or an identifiable, existing juristic person.
• Security Incident — any event that actually or potentially compromises the confidentiality, integrity, or availability of information systems, data, or services.

2. Omvang van Diensten

Layer7 levert beheerde cyberbeveiligings- en netwerkdiensten aan organisaties in heel zuidelijk Afrika. De specifieke omvang, deliverables en prestatienormen van elke opdracht worden gedefinieerd in de toepasselijke Serviceovereenkomst.

Deze website wordt aangeboden voor informatieve doeleinden. Algemene beschrijvingen van onze capaciteiten, dienstaanbiedingen en beveiligingsadviezen gepubliceerd op deze website vormen geen contractuele verplichting en kunnen op elk moment worden bijgewerkt.

Alle Diensten zijn onderworpen aan afzonderlijke service level agreements (SLAs) zoals overeengekomen tussen Layer7 en de Klant in de toepasselijke Serviceovereenkomst.

3. Serviceovereenkomsten

Individuele opdrachten tussen Layer7 en een Klant worden beheerst door afzonderlijke Serviceovereenkomsten, die werkomschrijvingen, serviceorders of raamovereenkomsten kunnen omvatten. Deze Serviceovereenkomsten vullen deze Voorwaarden aan.

In geval van conflict of inconsistentie tussen deze Voorwaarden en een specifieke Serviceovereenkomst, prevaleren de bepalingen van de Serviceovereenkomst voor zover het conflict reikt.

4. Verplichtingen van de Klant

Als Klant van Layer7 gaat u akkoord met:

• Nauwkeurige, volledige en actuele informatie te verstrekken zoals redelijkerwijs vereist voor de levering van Diensten.
• Redelijke beveiligingspraktijken te handhaven binnen uw eigen omgeving, inclusief tijdige patching, toegangscontrole en bewustwordingstraining voor gebruikers.
• Vermoedelijke Beveiligingsincidenten of afwijkende activiteiten onmiddellijk te melden aan Layer7 via de overeengekomen communicatiekanalen.
• Te voldoen aan alle toepasselijke wetten en het acceptabel gebruik beleid zoals vastgelegd in uw Serviceovereenkomst.
• Refrain from interfering with, tampering with, or circumventing any managed infrastructure, security controls, or monitoring systems deployed by Layer7.
• Ensure that any access credentials provided to Layer7 are kept secure and are revoked promptly when no longer required.

5. Gegevensverwerking en POPIA-naleving

Layer7 zet zich in voor de rechtmatige en verantwoorde verwerking van gegevens in overeenstemming met de Protection of Personal Information Act 4 van 2013 (POPIA) en andere toepasselijke Zuid-Afrikaanse wetgeving.

5.1 Rol onder POPIA

When processing Personal Information on behalf of a Client in the course of delivering Services, Layer7 acts as an operator (processor) as defined in POPIA. The Client remains the responsible party (controller) for such Personal Information.

5.2 Verwerking

Layer7 processes data only as necessary for the delivery of the contracted Services and in accordance with the Client’s lawful instructions. We do not use Client data for purposes unrelated to the Services without prior written consent.

5.3 Gegevenssoevereiniteit

Client data is processed and stored within the Republic of South Africa unless otherwise agreed in writing in the applicable Service Agreement. Where cross-border transfers are necessary, Layer7 will ensure appropriate safeguards are in place as required by POPIA.

5.4 Bewaring en Verwijdering

Client data is retained only for as long as necessary to fulfil the purposes of the Services or as required by law. Upon termination of a Service Agreement, data will be returned or securely deleted in accordance with section 11 of these Terms.

5.5 Privacybeleid

For further details on how Layer7 collects, uses, and protects Personal Information, please refer to our Privacy Policy.

6. Vertrouwelijkheid

Both parties agree to treat all Confidential Information received from the other party with the same degree of care as they would their own confidential information, and in no event with less than reasonable care.

Without limiting the generality of the foregoing, the following are expressly considered Confidential Information:

• Security assessment findings and vulnerability reports.
• Network architecture details, firewall configurations, and security policies.
• Incident response reports and forensic analysis results.
• Layer7’s proprietary methodologies, tools, and processes.

Confidential Information may not be disclosed to any third party without the prior written consent of the disclosing party, except as required by law or regulation, or to professional advisors under equivalent confidentiality obligations.

The obligations of confidentiality shall survive the termination or expiry of these Terms and any Service Agreement for a period of five (5) years.

7. Intellectueel Eigendom

All tools, software, methodologies, frameworks, templates, and know-how developed or used by Layer7 in the delivery of Services remain the intellectual property of Layer7 Networking (Pty) Ltd.

The Client retains ownership of all Client data provided to Layer7 for the purposes of the Services.

Reports, assessments, and other deliverables produced by Layer7 in the course of a Service engagement are provided to the Client under a non-exclusive, non-transferable licence for the Client’s internal business purposes only. Deliverables may not be redistributed, published, or shared with third parties without Layer7’s prior written consent.

8. Reactie op Beveiligingsincidenten

Where incident response forms part of the contracted Services, Layer7 will respond to Security Incidents in accordance with the procedures, escalation paths, and timelines defined in the applicable Service Agreement.

Notification of Security Incidents involving Personal Information will be provided in accordance with the applicable Service Agreement and POPIA requirements, including notification to the Information Regulator where required by law.

Important disclaimer: While Layer7 employs industry-leading practices and technology to protect client environments, no security measure can guarantee absolute protection against all threats. Layer7 does not warrant or guarantee that Services will render the Client’s systems immune from Security Incidents.

9. Beperking van Aansprakelijkheid

To the maximum extent permitted by South African law:

• Layer7 shall not be liable for any loss, damage, or claim arising from:
  • Acts of sophisticated threat actors that could not reasonably have been prevented given the contracted scope of Services and prevailing industry standards.
  • The Client’s failure to implement security recommendations made by Layer7.
  • Defects, vulnerabilities, or failures in third-party vendor products or services not under Layer7’s direct control.
  • Unauthorised access resulting from the Client’s failure to maintain adequate security practices within its own environment.
• Aggregate liability cap: Layer7’s total aggregate liability under these Terms and any related Service Agreement shall not exceed the total fees paid by the Client to Layer7 in the twelve (12) months immediately preceding the event giving rise to the claim.
• Exclusion of consequential damages: In no event shall Layer7 be liable for any indirect, incidental, special, consequential, or punitive damages, including but not limited to loss of revenue, loss of profits, loss of business, loss of data, or reputational harm, regardless of the cause of action or the theory of liability.

Nothing in these Terms excludes or limits liability for fraud, wilful misconduct, or death or personal injury caused by gross negligence.

10. Vrijwaring

Each party (the “Indemnifying Party”) agrees to indemnify, defend, and hold harmless the other party and its directors, officers, employees, and agents from and against any claims, losses, damages, liabilities, and reasonable legal costs arising from:

• A material breach of these Terms by the Indemnifying Party.
• The Indemnifying Party’s gross negligence or wilful misconduct in connection with the Services.
• Any violation of applicable law by the Indemnifying Party.

11. Looptijd en Beëindiging

These Terms remain in effect for as long as you access this website or have an active Service Agreement with Layer7.

Either party may terminate a Service engagement in accordance with the termination provisions set out in the applicable Service Agreement.

Upon termination of a Service Agreement:

• Layer7 will, at the Client’s election, return or securely delete all Client data within thirty (30) days of the effective date of termination, unless retention is required by law.
• The Client shall pay all fees due and owing for Services rendered up to the date of termination.
• Provisions relating to confidentiality, intellectual property, limitation of liability, and indemnification shall survive termination.

12. Websitegebruik

This website and its content are provided for general informational purposes only. While Layer7 endeavours to keep the information on this website accurate and current, we make no representations or warranties of any kind, express or implied, about the completeness, accuracy, or reliability of the website content.

Security advisories, threat intelligence summaries, and other technical content published on this website constitute general guidance and do not constitute specific security advice tailored to your environment. You should not rely solely on such content for security decisions without consulting with a qualified professional.

Layer7 reserves the right to modify, suspend, or discontinue any aspect of this website at any time without prior notice.

13. Externe Leveranciers

In the delivery of Services, Layer7 may utilise technology, products, and platforms from third-party vendors, including but not limited to Palo Alto Networks, CrowdStrike, Fortinet, and other technology partners.

Such third-party products and services are subject to their own terms of service, licence agreements, and support policies. Layer7 is not liable for any defects, vulnerabilities, service interruptions, or data breaches attributable to third-party vendor products, except to the extent caused by Layer7’s own negligence in the configuration or management of those products.

14. Overmacht

Neither party shall be liable for any failure or delay in performing its obligations under these Terms to the extent that such failure or delay results from circumstances beyond the party’s reasonable control, including but not limited to natural disasters, acts of war or terrorism, pandemics, government actions, power failures, telecommunications failures, or cyberattacks of an unprecedented scale and nature.

The affected party shall notify the other party promptly and use reasonable efforts to mitigate the impact of the force majeure event. If such event continues for more than ninety (90) days, either party may terminate the affected Service Agreement upon written notice.

15. Toepasselijk Recht en Geschillen

Deze Voorwaarden worden beheerst door en geïnterpreteerd in overeenstemming met de wetten van de Republiek Zuid-Afrika.

Any dispute arising out of or in connection with these Terms shall first be referred to mediation in accordance with the rules of the Arbitration Foundation of Southern Africa (AFSA). If the dispute is not resolved through mediation within thirty (30) days, either party may refer the matter to the High Court of South Africa, Gauteng Division, Johannesburg, which shall have exclusive jurisdiction.

16. Wijzigingen van Voorwaarden

Layer7 reserves the right to amend or update these Terms at any time. The “Effective Date” at the top of this page indicates when the Terms were last revised.

Material changes to these Terms will be communicated via a notice on this website and, where practicable, by email to Clients with active Service Agreements.

Your continued use of this website or the Services after any changes to these Terms constitutes your acceptance of the revised Terms.

17. Contact

Als u vragen heeft over deze Voorwaarden of onze Diensten, neem dan contact met ons op:

• Layer7 Networking (Pty) Ltd
• Email: info@layer7.co.za
• Phone: +27 11 392 5169
• Toll-free: +27 860 LAYER7
• Website: www.layer7.co.za