Terms of Service

Effective Date: 17 May 2026
Last Updated: 17 May 2026

Welcome to vCISOdesk. These Terms of Service (“Terms”) govern your use of the vCISOdesk website at vcisodesk.com, including all content, resources, newsletters, and downloadable materials made available through it (collectively, the “Site”).

By accessing or using the Site, you agree to these Terms. If you do not agree, please do not use the Site.

vCISOdesk is an information and education brand focused on governance, risk, and compliance (GRC) and cybersecurity, written for Indian small and medium enterprises (SMEs). The Site does not provide consulting, legal, or regulated professional services; it provides general educational content only.

1. About vCISOdesk

vCISOdesk is an India-based content brand. References in these Terms to “vCISOdesk,” “we,” “us,” or “our” mean the operators of the Site. References to “you” or “your” mean the individual or organisation accessing the Site.

The Site also hosts content under the sub-brand “GRC RADAR.” Both brands are operated by the same team and are subject to these Terms.

2. What the Site Is — and What It Is Not

The Site exists to help Indian SME founders, IT leaders, compliance officers, and security practitioners understand frameworks such as CERT-In, the Digital Personal Data Protection Act 2023 (“DPDP Act”), SEBI CSCRF, RBI IT governance, and ISO 27001.

The Site provides general information only. Nothing on the Site is:

  • Legal advice
  • Tax advice
  • Financial advice
  • Regulated cybersecurity audit, attestation, or certification
  • A formal compliance opinion
  • A substitute for engaging a qualified professional, an accredited auditor, or the relevant regulator’s helpdesk for your specific situation

Compliance requirements, regulatory thresholds, penalty amounts, deadlines, and circulars referenced on the Site change frequently. While we make reasonable effort to keep content current, you must verify any regulatory claim against the regulator’s own publication (CERT-In, MeitY, SEBI, RBI, BIS, etc.) before relying on it for a real-world decision.

If you act on information found on the Site without independently verifying it for your facts, you do so at your own risk.

3. Eligibility

You must be at least 18 years old and capable of forming a binding contract under the Indian Contract Act, 1872 to use the Site. If you are using the Site on behalf of an organisation, you represent that you have authority to bind that organisation to these Terms.

The Site is intended primarily for users in India. If you access it from elsewhere, you do so on your own initiative and are responsible for compliance with your local laws.

4. Account-Free Use; Newsletter & Resources

You do not need to create an account to read content on the Site. Certain features — for example, subscribing to the newsletter, downloading resources, or contacting us — require you to submit limited information such as your name, email address, and (optionally) your organisation. Your use of those features is also governed by our Privacy Policy.

When you subscribe to a vCISOdesk or GRC RADAR newsletter, you consent to receive periodic emails containing educational content, framework updates, and occasional notices of new resources. You can unsubscribe at any time using the link at the bottom of every email. Unsubscribing does not affect emails already in transit.

5. Content on the Site

5.1 Ownership

All content on the Site — including articles, guides, frameworks, checklists, illustrations, downloads, code snippets, the vCISOdesk and GRC RADAR brand marks, and the underlying design — is owned by vCISOdesk or licensed to us, and is protected by Indian copyright law, the Indian Copyright Act 1957, and applicable international copyright treaties.

5.2 Permitted use

You may:

  • Read, save, print, and share Site content for your own non-commercial reference or for internal use within your organisation;
  • Quote short extracts (typically a paragraph or two) in your own writing, with clear attribution and a link back to the original Site page;
  • Link to any Site page from your own website, social media, internal wiki, or community channel.

5.3 Restricted use

You may not, without our prior written permission:

  • Republish substantial portions of Site content on another website, blog, newsletter, or platform — including by translation, summary, or paraphrase that retains the substance of the original;
  • Use Site content to train, fine-tune, or evaluate any machine-learning model, large language model, or generative AI system;
  • Remove, obscure, or alter any copyright notice, attribution, watermark, or other proprietary marking on Site content;
  • Use the vCISOdesk or GRC RADAR name, logo, or visual identity in a way that suggests endorsement, partnership, certification, or affiliation that does not exist;
  • Sell, resell, sublicense, or commercially exploit any Site content, including downloadable resources, templates, and checklists.

5.4 Templates and checklists

Templates, checklists, and worked examples published on the Site are intended as starting points only. You are responsible for adapting them to your facts and for getting professional review where appropriate. We make no representation that any template satisfies any specific regulatory requirement for your organisation.

6. User Submissions

If you submit comments, feedback, suggestions, questions, or other content to us — by email, contact form, social media, or any other channel — you grant vCISOdesk a non-exclusive, worldwide, royalty-free, perpetual licence to use that submission for any purpose related to operating, improving, or promoting the Site. This includes the right to quote your submission in published content, with or without attribution at our discretion. You will not be paid for any such use.

Do not submit anything you consider confidential, proprietary, or personally sensitive. Anything you submit through public channels (comments, social media replies, forum posts) should be treated as public.

7. Acceptable Use

You agree not to use the Site to:

  • Violate any applicable law, regulation, or third-party right;
  • Upload, post, or transmit content that is unlawful, harassing, defamatory, obscene, or that infringes intellectual property rights;
  • Probe, scan, scrape, or test the vulnerability of any system or network associated with the Site, except as expressly authorised in writing by us;
  • Interfere with the Site’s operation — including by introducing malware, attempting denial-of-service activity, or circumventing rate limits or access controls;
  • Impersonate vCISOdesk, GRC RADAR, any team member, or any third party;
  • Use automated means (bots, crawlers, scrapers) to access the Site at a rate or volume that disrupts normal use by other visitors, or to extract content for any of the restricted uses listed in section 5.3.

We may suspend or block access to the Site, in whole or in part, for any user we reasonably believe is violating these rules.

8. Third-Party Tools, Links, and References

The Site links to and references third-party websites, regulators, vendors, and tools — for example, regulator websites such as cert-in.org.in, sebi.gov.in, rbi.org.in, and meity.gov.in, and commercial vendors mentioned for illustrative or comparative purposes.

These third parties are independent of vCISOdesk. We do not control them, do not endorse them merely by linking to them, and are not responsible for their content, products, policies, or practices. You should review their own terms and privacy policies before relying on them.

Mention of a vendor, product, or tool on the Site does not constitute a recommendation, endorsement, or guarantee of suitability for your situation.

9. Privacy and Data Protection

Your use of the Site is also governed by the Privacy Policy, which describes what limited personal data we collect (for example, when you subscribe to the newsletter or use the contact form), how we use it, and your rights under the Digital Personal Data Protection Act 2023.

By using the Site, you acknowledge that you have read the Privacy Policy and consent to the practices described there.

If you have a data-protection grievance — for example, you want to access, correct, or delete personal data you have submitted to us, or you believe your data has been mishandled — write to vcisodesk@gmail.com with the subject line “DPDP Grievance” and we will respond within the timelines required under the DPDP Act 2023.

10. Disclaimers

The Site, its content, and any associated communications are provided “as is” and “as available,” without warranties of any kind, whether express or implied.

To the maximum extent permitted by law, we disclaim all warranties — including but not limited to warranties of merchantability, fitness for a particular purpose, non-infringement, accuracy, completeness, timeliness, and uninterrupted availability.

Specifically, and without limiting the above:

  • We do not warrant that any regulatory information on the Site is current, complete, or applicable to your facts. Regulators issue circulars, clarifications, and amendments frequently; the Site cannot keep pace with every change.
  • We do not warrant that the Site will be available without interruption or free of errors, bugs, or security vulnerabilities.
  • We do not warrant that any link to a third-party website will continue to function or that the third-party content remains accurate.
  • We do not warrant any specific outcome, audit pass, certification, or regulatory result from following content on the Site.

You use the Site at your own risk.

11. Indemnification

You agree to indemnify, defend, and hold harmless vCISOdesk, its operators, contributors, and affiliates from and against any claim, demand, loss, liability, damage, cost, or expense (including reasonable legal fees) arising out of or related to:

  • Your use of the Site in violation of these Terms;
  • Your violation of any law, regulation, or third-party right;
  • Your unauthorised use, reproduction, or distribution of Site content;
  • Any decision or action you took (or did not take) in reliance on Site content without independent verification.

12. Limitation of Liability

To the maximum extent permitted by Indian law, vCISOdesk and its operators will not be liable for any indirect, incidental, consequential, special, punitive, or exemplary damages arising out of or related to your use of the Site — including, without limitation, loss of profits, loss of revenue, loss of data, loss of goodwill, business interruption, regulatory penalty, or audit failure — whether based in contract, tort (including negligence), statute, or any other legal theory, and whether or not we were advised of the possibility of such damages.

Where liability cannot be excluded under applicable law, our total aggregate liability to you for all claims arising out of or related to the Site or these Terms is limited to ₹1,000 (one thousand Indian Rupees).

You acknowledge that this allocation of risk is reasonable given that the Site is provided free of charge for general educational purposes.

13. Changes to These Terms

We may update these Terms from time to time — for example, to reflect new features, address legal or regulatory changes, or improve clarity. The “Last Updated” date at the top of this page indicates when the Terms were most recently revised.

If we make material changes, we will provide reasonable prior notice, for example by posting a notice on the Site homepage or by emailing newsletter subscribers. Your continued use of the Site after changes become effective constitutes acceptance of the revised Terms. If you do not agree to the revised Terms, please stop using the Site.

14. Changes to the Site

We may add, modify, suspend, or discontinue any part of the Site at any time, without notice and without liability. This includes specific articles, downloads, features, newsletters, sub-brands, and the Site as a whole.

We are under no obligation to maintain any content, resource, or download in a particular form or for any particular period.

15. Termination

We may suspend or terminate your access to the Site, in whole or in part, at our discretion — including without notice — if we reasonably believe you have violated these Terms or if continued access poses a risk to the Site, to other users, or to us.

Sections that by their nature should survive termination — including sections 5 (Content), 6 (User Submissions), 10 (Disclaimers), 11 (Indemnification), 12 (Limitation of Liability), and 16 (Governing Law and Jurisdiction) — will survive.

16. Governing Law and Jurisdiction

These Terms are governed by the laws of the Republic of India, without regard to conflict-of-laws principles.

The courts at Mumbai, Maharashtra, India will have exclusive jurisdiction over any dispute arising out of or related to these Terms or your use of the Site. You consent to the personal jurisdiction of those courts and waive any objection based on inconvenient forum.

Nothing in this section prevents either party from seeking interim or injunctive relief in any competent court.

17. General

Entire agreement. These Terms, together with the Privacy Policy and any other policies expressly incorporated, constitute the entire agreement between you and vCISOdesk regarding your use of the Site, and supersede all prior or contemporaneous understandings.

Severability. If any provision of these Terms is held invalid or unenforceable by a court of competent jurisdiction, the remaining provisions will remain in full force and effect, and the invalid provision will be reformed only to the extent necessary to make it enforceable.

No waiver. Our failure to enforce any provision of these Terms is not a waiver of our right to enforce it later.

Assignment. You may not assign or transfer these Terms or any rights under them without our prior written consent. We may assign these Terms freely, including in connection with a merger, acquisition, reorganisation, or sale of assets.

Independent contractors. Nothing in these Terms creates a partnership, joint venture, employment, franchise, or agency relationship between you and vCISOdesk.

Notices. Any notice to vCISOdesk under these Terms should be sent to vcisodesk@gmail.com. We will provide notice to you by posting on the Site or, where you have given us an email address, by emailing that address.

18. Contact Us

Questions about these Terms? Write to us at vcisodesk@gmail.com with the subject line “Terms of Service Query.”

For data-protection and privacy grievances, use the subject line “DPDP Grievance” as set out in section 9.

For general feedback or content suggestions, use the contact form at /contact/.

These Terms were last updated on 17 May 2026.