Refund & Cancellation Policy

Overview

At nCrypt, we are committed to delivering high-quality cybersecurity services. This policy outlines our terms regarding refunds, cancellations, and service modifications for all our security assessment and managed services.

1. Project-Based Services

Penetration Testing & Security Assessments

• Before Project Start: Full refund available if cancellation is made at least 7 business days before the scheduled start date.
• Within 7 Days of Start: 50% refund available, as resources have been allocated.
• After Project Start: No refunds available once testing has commenced. Clients will be invoiced for work completed.
• Project Rescheduling: One free reschedule is allowed with at least 5 business days notice. Additional reschedules may incur a 10% administrative fee.

Deliverables Guarantee

All penetration testing engagements include a comprehensive report. If the report does not meet the agreed scope outlined in the Statement of Work (SOW), we will revise the deliverables at no additional cost within 14 days of delivery.

2. Subscription Services

Managed Detection & Response (MDR) / SOC Services

• Monthly Subscriptions: Cancel anytime with 30 days written notice. No refunds for partial months.
• Annual Subscriptions: May be cancelled with 60 days notice. Refund will be calculated pro-rata based on unused months, less a 15% early termination fee.
• Platform Access: Access to the nCrypt PTaaS platform will be terminated at the end of the billing period.

PTaaS (Penetration Testing as a Service)

• Unused testing credits expire at the end of the subscription term.
• Credits are non-transferable and cannot be redeemed for cash.
• Downgrade requests take effect at the next billing cycle.

3. Training & Certification

• Public Training: Full refund if cancelled 14+ days before the training date. 50% refund for 7-14 days notice. No refund within 7 days.
• Private/Corporate Training: Subject to the terms in the training agreement. Generally, 50% deposit is non-refundable.
• Substitutions: Participant substitutions are allowed up to 3 days before the training at no additional cost.

4. Incident Response

Due to the emergency nature of incident response services, all IR engagements are non-refundable once work has commenced. Retainer fees are applied according to the terms of the retainer agreement.

5. Compliance Assessments

Compliance assessments (PDPA, RMiT, ISO 27001, PCI-DSS, SOC 2) follow the same refund terms as penetration testing services. However, if regulatory requirements change during the assessment, we will work with you to adjust the scope at no additional charge.

6. How to Request a Refund

To request a refund or cancellation, please contact us through one of the following channels:

• Email: [email protected]
• Phone: +6012 770 7421
• Client Portal: Submit a support ticket through your dashboard

Please include your project/invoice number and reason for the refund request. Refunds are typically processed within 14 business days.

7. Exceptions

We understand that exceptional circumstances may arise. If you have a unique situation, please contact our team directly. We will review requests on a case-by-case basis and aim to find a mutually acceptable solution.

8. Disputes

If you are unsatisfied with any aspect of our services, please contact us immediately. We are committed to resolving issues promptly and professionally. All disputes will be handled according to Malaysian law and the terms outlined in our service agreements.