Terms and Conditions

Last updated:

1. Introduction

Welcome to Device Prophet. By accessing our website and using our assessment tools, you agree to be bound by these Terms and Conditions (“Terms”). These Terms constitute a legally binding agreement between you (“User”) and Mingulov Denis (trading as Device Prophet) (“Service Provider,” located in Tampere, Finland).

If you do not agree to these Terms, you must not use our services.

2. Nature of Services

Device Prophet provides IoT security assessment tools based on Expert Systems and Algorithmic Logic.

2.1 Methodology (Human-in-the-Loop)

Our assessment engine uses deterministic logic rules to evaluate compliance. While we utilize Artificial Intelligence (AI) and Machine Learning tools to assist in data analysis, regulatory monitoring, and report template generation, the core risk evaluation is rule-based.

  • No Black Box Decision Making: The determination of whether a device is “compliant” or “non-compliant” is made by static logic rules defined by human experts, not by generative AI probabilities.
  • Smart Import: Our “Smart Import” feature uses Generative AI to extract technical parameters from user-provided text. This process is experimental and may produce inaccurate results. The User must verify all extracted data points.
  • AI-Assisted Content: Some descriptive text in reports may be generated or refined by AI models to improve readability.

2.2 Assessment Disclaimer

Our reports provide probabilistic and deterministic risk assessments based on the technical data you provide.

  • Not Legal Advice: The results are for informational and planning purposes only. They do not constitute legal advice, compliance certification, or a guarantee of market access.
  • No Guarantee: We strive for accuracy by tracking regulations like the EU CRA and RED Art 3.3. However, regulations are subject to interpretation and change.

2.3 Free vs. Paid Services

  • Free Design Audit: Provided on an “as-is” basis without warranty of any kind. The results are generated solely based on user-provided questionnaire inputs.

  • Expert Triage (Free Upgrade): Includes manual human review of inputs.

    • Availability: This service involves manual review and is provided on a best-effort basis. While we aim for a 24-48 hour turnaround, delivery times are estimates only and may be delayed due to expert availability.

  • Expert Services (Paid): Paid professional engagements (e.g., Design Assurance Audits, Fractional Embedded Security Architect retainer engagements) are direct B2B engagements governed by separate agreements. See Section 4.

  • Device Security Gap Report (Free Digital Product): A standalone PDF report with embedded data delivered digitally free of charge. See Section 3.

3. Free Digital Products (“Device Security Gap Report”)

The following terms apply specifically to Free Digital Products (such as the “Device Security Gap Report”).

3.1 Definition and Scope

The “Device Security Gap Report” is a free digital content product delivered as a single, comprehensive PDF document. This document contains:

  • An architecture-risk profile generated from the Digital Auditor assessment.
  • Traceability between your architecture answers and likely security gaps.
  • Regulatory-readiness mapping (where relevant).
  • An engineering remediation roadmap.

The Device Security Gap Report acts as technical guidance for the User’s internal product-security planning. It identifies architectural risks and provides an actionable remediation roadmap. It is not a certificate of conformity issued by a Notified Body, nor does it guarantee approval by external regulators.

3.2 Delivery

The Device Security Gap Report is available as a free download from your results dashboard immediately after you complete the Digital Auditor assessment. No payment is required.

3.3 License

We grant you a non-exclusive, perpetual license to use the Device Security Gap Report for:

  • Your internal product-security and engineering planning.
  • Discussions with customers, suppliers, and partners about your product’s security architecture.
  • Submission as supporting context to regulators, notified bodies, or certification partners - subject to the disclaimer in §3.1.

Redistribution of the full report to third parties outside the above contexts is not permitted.

3.4 No Refund Policy

The Device Security Gap Report is provided free of charge. No refund mechanism applies because no payment is taken.

4. Expert Services

The following terms apply to Professional Services (including Design Assurance Audits, Fractional Embedded Security Architect retainer engagements, Gap Analysis Consulting, or DevSecOps implementation).

4.1 Direct Engagement

Expert Services are provided and billed directly by Device Prophet.

  • Agreements: These engagements are governed by a separate Statement of Work (SOW) or Service Agreement signed by both parties.
  • Precedence: In the event of a conflict between these Terms and the SOW, the SOW shall prevail.

4.2 Invoicing & Payment

Payment terms for Expert Services (e.g., Net 14, Net 30) will be defined in the invoice or SOW. These payments are typically invoiced separately from automated Digital Product purchases.

5. Refund & Cancellation Policy

5.1 Digital Product Refund Policy

The Device Security Gap Report is provided free of charge; no refund mechanism applies. See §3.4.

5.2 Service Cancellation

Cancellation of Expert Services (Fractional Embedded Security Architect retainer engagements, Audits) is governed by the termination clause in the respective Statement of Work (SOW).

To request a cancellation, please email us at info@deviceprophet.com.

6. Disclaimer of Warranties

6.1 Accuracy

The Free Design Audit and Device Security Gap Report are generated using Expert Systems, AI-assisted analysis, and rule-based logic. While we strive for accuracy, the outputs are probabilistic and deterministic risk assessments based on the data you provide. They are provided on a best-effort basis.

6.2 No Guarantee of Compliance

Using our tools does not guarantee that your product will pass a third-party audit, receive regulatory approval, or be immune from enforcement action. Compliance is ultimately the responsibility of the manufacturer.

6.3 Regulatory Changes

Regulations such as the EU Cyber Resilience Act (CRA) and AI Act are subject to updates, amendments, and interpretative guidance. We update our logic engine regularly, but there may be a lag between regulatory changes and our rule updates.

7. Limitation of Liability

To the maximum extent permitted by law, Mingulov Denis (trading as Device Prophet) shall not be liable for any indirect, incidental, special, consequential, or punitive damages, or any loss of profits or revenues, whether incurred directly or indirectly, or any loss of data, use, goodwill, or other intangible losses resulting from:

  • Your use of or inability to use the Service.
  • Any errors or inaccuracies in the automated reports.
  • Any reliance on the outputs of the Expert System.
  • Payment Processing: Any errors, delays, or security breaches arising from the payment processing services provided by third-party processors.

For the free assessment services, our total liability is limited to 0 EUR. For paid Digital Products, liability is limited to the amount paid for the product. For Expert Services, liability is limited as defined in the specific service contract. Nothing in these Terms excludes liability for damages caused by intentional misconduct or gross negligence.

8. User Obligations

By using our services, you agree to the following:

  • Accuracy: You are responsible for the accuracy of the technical specifications and data you input. “Garbage in, garbage out” - our reports are only as valid as your inputs.
  • Authorization: You warrant that you have the necessary rights and authority to assess the devices or specifications you submit. You must not use our tools to assess third-party systems without permission.
  • Lawful Use: You agree not to use our services for any unlawful purpose, including reverse engineering our logic engine, disrupting our infrastructure, or attempting to scrape our proprietary data.
  • Feedback: If you provide feedback, suggestions, or report card ratings (“Feedback”) to us, you grant Device Prophet a worldwide, non-exclusive, perpetual, irrevocable, royalty-free license to use and incorporate such Feedback into our services without restriction or compensation.

9. Data Protection

We process personal data in accordance with our Privacy Policy.

  • Digital Products: We share necessary transaction data (such as email and order value) with our payment processors solely for the purpose of processing payments, fraud detection, and tax compliance.
  • Services: Data processed during Expert Services engagements is governed by the confidentiality and data processing clauses in the relevant SOW.

By using our services, you acknowledge and agree to our data processing practices.

10. Changes to Terms

We reserve the right to modify these Terms at any time. We will notify users of material changes by updating the “Last Updated” date at the top of this page. Continued use of the service after such changes constitutes acceptance of the new Terms.

11. Governing Law and Dispute Resolution

These Terms shall be governed by and construed in accordance with the laws of Finland.

Any dispute, controversy, or claim arising out of or relating to these Terms, or the breach, termination, or validity thereof, shall be settled by the District Court of Pirkanmaa (Pirkanmaan käräjäoikeus) as the court of first instance.

12. Contact Us

If you have any questions about these Terms, please contact us:

Email: info@deviceprophet.com