Terms & Conditions.

TERMS & CONDITIONS
PS DORA Readiness Radar (the “Service”)
Effective: 15 January 2026 | Version: 2.0 (fully revised)

  1. Introduction and Definitions
    1.1. These Terms & Conditions (the “Terms”) govern the rights and obligations between the Provider and the User in connection with the use of the Service.
    1.2. Provider: Peter Štefánik Advisory s.r.o., with its registered seat at Žitavská 238, Prague 10, 103 00, Czech Republic, Company ID No.: 235 98 328, registered with the Prague City Court (the “Provider”).
    Contact: info@psadvisory.cz | Website: www.psadvisory.cz
    1.3. The “User” means any legal entity or natural person acting in the course of business who uses the Service.
    1.4. The Service is the PS DORA Readiness Radar web application available at www.psadvisory.cz and/or any other domain designated by the Provider.
    1.5. The Service is intended exclusively for business users and organisations. The Provider does not enter into contracts with consumers. If a consumer registers or uses the Service, no contractual relationship is formed to the extent consumer rules would apply, or only those provisions shall apply that are not contrary to mandatory consumer protection laws.
    1.6. By creating an account, ordering a subscription, clicking “I agree”, or otherwise using the Service, the User confirms that they have read and agree to these Terms.
    1.7. Definitions: “FREE / Quick Scan” is the free version with limited functionality. “PRO / Full Analysis” is the paid version with extended functionality (e.g., expanded questionnaire, imports/exports, reporting) as offered from time to time.
    1.8. The Provider may use subcontractors (e.g., hosting, database, email, payment gateway). The User acknowledges that parts of the Service depend on third-party services (e.g., Stripe, email providers).
  2. Description of the Service and Nature of Outputs
    2.1. The Service is a digital tool designed to provide an indicative assessment of an organisation’s readiness against selected requirements of DORA and/or NIS2 through questionnaires, automated calculations, visualisations and reports.
    2.2. The outputs are generated automatically based on the User’s inputs and the Provider’s internal methodology. Outputs are informative and indicative only.
    2.3. The Service does not constitute legal, tax, audit, compliance or other professional advice; it is not an audit and not an assurance service. The Provider does not issue any compliance certification, does not guarantee regulatory acceptance, and does not assume responsibility for the User’s legal obligations.
    2.4. The User remains solely responsible for how the Service is used and for any decisions and measures taken based on the outputs. The User must independently verify suitability of the outputs (including by obtaining professional advice where appropriate) before use in practice.
    2.5. The Provider may change the content, methodology, features or technical parameters of the Service, particularly to improve quality, security, reflect legal changes or technical requirements. Such changes will not materially reduce already paid PRO functionality during the paid period; if they would, the Provider will offer a reasonable compensation (e.g., credit, extension, refund).
  3. Technical Requirements
    3.1. To use the Service, the User needs a stable internet connection, a modern web browser (Chrome, Edge, Safari, Firefox), and cookies and JavaScript enabled.
    3.2. The Service may be affected by the User’s device configuration, organisational security policies, or availability of third-party services.
    3.3. The Provider is not responsible for malfunctions caused by the User’s environment or restrictions on the User’s side (e.g., firewalls, email blocking, script restrictions).
  4. Registration, Account and Security
    4.1. Access to the Service typically requires registration with an email address. Login may be performed via a “magic link” sent to the User’s email.
    4.2. The User must provide accurate and up-to-date information and protect access to their email account and devices. The User is responsible for all use of the account that occurs via their email or devices.
    4.3. The Provider may implement additional security features (e.g., multi-factor authentication, session controls, anomaly detection).
    4.4. The Provider may suspend, restrict or terminate an account if (i) the User breaches these Terms, (ii) misuse is suspected, (iii) a security incident is likely, or (iv) it is necessary to protect the Provider or third parties.
  5. Licence and Permitted Use
    5.1. The Provider grants the User a non-exclusive, non-transferable, non-sublicensable, time-limited licence to use the Service for the internal needs of the User and its organisation during the subscription term (if any).
    5.2. The User must not in particular:
    • share the account or provide access to third parties outside the User’s organisation unless expressly permitted by the Provider;
    • reverse engineer, decompile, circumvent security features, or test vulnerabilities without consent;
    • automatically extract/scrape data or content from the Service;
    • use the Service to train AI models or to build a competing service;
    • overload infrastructure (e.g., automated requests, bots) or disrupt operations;
    • upload malicious content (malware) or infringe third-party rights.
  6. Pricing, Payments and Subscription
    6.1. FREE / Quick Scan is provided free of charge with limited functionality. The Provider may change its scope at any time.
    6.2. PRO / Full Analysis is subject to fees according to the current pricing displayed on www.psadvisory.cz (or within the application).
    6.3. Payments are processed via the Stripe payment gateway. Upon successful payment, the User gains access to PRO for the agreed period.
    6.4. If recurring subscription is offered and selected, it renews automatically for successive periods until cancelled by the User in the Stripe customer portal. Charges may be collected at renewal.
    6.5. Prices are stated exclusive of VAT unless stated otherwise. VAT (if applicable) will be charged in accordance with law.
    6.6. Invoices and tax documents are provided via Stripe and/or by email. The User agrees to electronic invoicing.
    6.7. Unless expressly stated otherwise, no refunds are provided for a partially used period; exceptions are governed by these Terms (e.g., Sections 11 and 13).
  7. User Content, Data and Confidentiality
    7.1. “User Content” means data, answers, notes, files, links and other information uploaded or entered by the User into the Service.
    7.2. The User represents that it is entitled to upload User Content and that processing such content does not violate third-party rights or applicable law.
    7.3. The User must not upload special categories of personal data or other highly sensitive information unless strictly necessary; in such case, the User must ensure an appropriate legal basis and security.
    7.4. The Provider may use User Content only to provide the Service, deliver support, resolve incidents, ensure security, and comply with legal obligations.
    7.5. The Provider may use aggregated and anonymised statistics (without identifying the User) for service improvement and internal analytics.
    7.6. Each party shall keep the other party’s confidential information confidential, except where information is public or must be disclosed by law.
  8. Availability, Maintenance and Changes
    8.1. The Provider aims to ensure high availability but does not guarantee uninterrupted operation.
    8.2. Short outages for maintenance, updates or security interventions are permissible.
    8.3. The Provider is not liable for outages caused by third-party services (e.g., hosting, database, Stripe, email).
    8.4. The Provider may temporarily limit availability if necessary to prevent damage, address security threats, or protect the integrity of the Service.
  9. Support and Complaints
    9.1. For technical support or complaints, the User may contact the Provider at info@psadvisory.cz.
    9.2. The User shall provide reasonable cooperation necessary to resolve an incident (e.g., error description, reproduction steps).
    9.3. The Provider may request that the User first follows common troubleshooting steps (e.g., checking delivery of magic links, spam filters).
  10. Personal Data and Security
    10.1. Personal data processing is governed by the Privacy Policy published on www.psadvisory.cz and/or available within the application.
    10.2. The User acknowledges that the Provider may engage subprocessors and cloud services, potentially including providers outside the EU/EEA, where necessary and in compliance with applicable law.
    10.3. The Provider implements reasonable technical and organisational measures to protect the Service. The User acknowledges that no system is fully secure.
    10.4. The User must promptly notify the Provider if it suspects unauthorised access or compromise of the User’s email account.
  11. Termination, Subscription End and Data Deletion
    11.1. The User may delete the account at any time in the application or by contacting the Provider. Account deletion does not automatically cancel a recurring Stripe subscription (it must be cancelled in the Stripe portal as well).
    11.2. After account termination or subscription expiry, User data will be retained for 30 days and then permanently deleted unless longer retention is required by law.
    11.3. The User is responsible for exporting data in due time. The Provider is not liable for data loss if the User fails to export within the retention period.
    11.4. The Provider may terminate access in case of a material breach or for security reasons. If termination occurs without the User’s fault, the Provider will provide a reasonable compensation for the unused portion of the paid period.
  12. “AS IS” / No Warranty
    12.1. The Service is provided “as is” and “as available”. The Provider makes no warranties, express or implied, including warranties of error-free operation, uninterrupted availability, accuracy, completeness, or fitness for a particular purpose.
    12.2. The Provider does not warrant that use of the Service will achieve compliance with DORA/NIS2 or any other regulations, or that outputs will be accepted by regulators, auditors or third parties.
    12.3. Regulatory requirements and interpretations may change, and the Service does not replace professional judgement.
  13. Liability, Limitation of Liability and Claim Procedure
    13.1. The User acknowledges that the Service operates based on User-provided data and the Provider’s internal methodology. The Provider is not liable for damages caused by incorrect, incomplete or outdated inputs.
    13.2. The Provider is not liable for damages resulting from decisions made based on the outputs or their misinterpretation.
    13.3. Any claim must be notified in writing without undue delay and no later than 30 days after the User became aware (or should have become aware) of the facts giving rise to the claim. The notice must include a description and reasonable cooperation.
    13.4. The Provider shall have a reasonable opportunity (at least 30 days) to cure by fixing, restoring access, or providing a workaround. If cure is not possible or not provided within a reasonable time, the User’s sole and exclusive remedy shall be, at the Provider’s option: (i) repair, (ii) workaround/re-performance, or (iii) pro-rata refund for the unused remainder of the paid subscription period.
    13.5. The Provider’s total aggregate liability towards any User is limited to the subscription fees paid by the User during the last 12 months prior to the event giving rise to the claim. This cap applies regardless of the legal basis (contract, tort or otherwise) and regardless of the number of claims.
    13.6. The Provider excludes liability for loss of profit and any indirect, consequential, special or exemplary damages.
    13.7. In particular, the Provider is not liable for (i) regulatory fines, penalties or sanctions, (ii) legal/audit/consulting costs related to supervisory proceedings, (iii) loss of goodwill or reputation or loss of business opportunities, (iv) loss or corruption of data not solely caused by the Provider, or (v) damages arising from compromised email accounts or unauthorised access to the User’s account.
    13.8. Nothing in these Terms limits liability to the extent such limitation is not permitted by applicable law, in particular for intentional misconduct or gross negligence.
    13.9. The limitations in this Section apply only to business users.
  14. Indemnity
    14.1. The User shall indemnify and hold harmless the Provider against third-party claims, damages, penalties, costs and expenses (including reasonable legal fees) arising out of (i) the User’s breach of these Terms, (ii) unlawfulness or unsuitability of User Content, or (iii) the User’s disclosure of outputs to third parties.
    14.2. The Provider shall notify the User of such claims without undue delay and allow reasonable participation in the defence.
  15. Final Provisions
    15.1. These Terms are governed by the laws of the Czech Republic.
    15.2. Disputes shall be resolved by the competent courts of the Czech Republic with venue determined by the Provider’s registered seat.
    15.3. The User may not assign, transfer or pledge any rights or claims under these Terms without the Provider’s prior written consent.
    15.4. No third party shall have any rights under these Terms; no third party is an intended beneficiary.
    15.5. If any provision is invalid or unenforceable, the remaining provisions remain in effect and the parties shall replace it with a provision closest to the intended purpose.
    15.6. The Provider may amend these Terms unilaterally. Amendments become effective upon publication on the website or in the application unless stated otherwise. For already paid PRO periods, the version effective at the time of payment applies if the amendment would be materially detrimental to the User.
    15.7. These Terms enter into force on 15 January 2026.