Sikurd is a monitoring and management platform for 3CX phone systems. It connects to real PBXs carrying real businesses’ calls, which is why the rules below exist: almost all of them protect someone else’s phone system, data, or service quality. This policy applies to every user of the Service and is incorporated by reference into the Terms of Service.
1. Only monitor systems you’re authorized to manage
You may only connect, monitor, or manage 3CX instances you own or are explicitly authorized to access — your own systems, or a customer’s under an active service relationship that covers this kind of management. Connecting someone else’s PBX without authority is the fastest way to lose your account, and depending on jurisdiction it is also a crime.
2. Don’t attack the Service
You agree not to:
- Probe, scan, or penetration-test the Service or its underlying infrastructure without our prior written agreement.
- Interfere with service integrity or availability — no denial of service, resource abuse, rate-limit evasion, or attempts to bypass authentication, authorization, or tenant isolation.
- Reverse-engineer, decompile, or disassemble the Service except to the extent applicable law expressly permits it notwithstanding this restriction.
Found a vulnerability? We genuinely want to hear about it — report it to privacy@sikurd.comand we’ll work with you in good faith. Good-faith security research reported responsibly is not a violation of this policy.
3. Don’t use Sikurd to do harm
You agree not to use the Service to:
- Send spam or any unsolicited bulk communication.
- Transmit malware or any malicious code.
- Violate any applicable law — including telecommunications, wiretapping/call-recording consent, and data-protection law in the jurisdictions where you and your monitored systems operate.
- Facilitate toll fraud or other telephony abuse, on your own systems or anyone else’s.
4. Respect the account model
- One account, one organization. Use team management to invite co-workers — don’t share login credentials across people.
- Don’t resell, sublicense, or white-label the Service except under a partner or reseller agreement we’ve signed.
- Keep your account information accurate, and keep your authentication factors (passwords, MFA devices) to yourself.
5. Enforcement
We may suspend or terminate accounts that violate this policy, with or without notice depending on severity — an active attack or fraud gets cut off immediately; lesser issues get a warning and a chance to fix first. Where a violation creates risk to third parties (for example a connected PBX being used for toll fraud), we may also notify the affected parties. Section 9 of the Terms governs the effect of termination on your data.
Reporting abuse
To report abuse of the Service — spam originating from a Sikurd account, a system being monitored without authorization, suspected fraud — contact privacy@sikurd.com. Reports are read by a human and investigated.
Last updated: June 11, 2026. This policy was previously section 3 of the Terms of Service; it was moved here unchanged in substance so it can be referenced and revised as a standalone document.