Terms of Service

1 Acceptance of Terms

By accessing or using the Tagsia website (www.tagsia.com), creating an account, or using any Tagsia service including the Maritime Cyber Risk Assessment tool (“CyRA“) and the CBS Network Risk Assessor (“CBS Assessor“), you (“User“, “you“, or “your“) agree to be bound by these Terms of Service (“Terms“).

If you are using Tagsia on behalf of a company or organisation, you represent that you have authority to bind that entity to these Terms, and “you” refers to that entity.

If you do not agree to these Terms, you must not use our services. Your continued use of the services constitutes ongoing acceptance of these Terms, including any updates.

These Terms should be read alongside our Privacy Policy, which explains how we handle your personal data.

2 Definitions

• “Tagsia” means the operator of www.tagsia.com and its services.
• “Services” means the Tagsia website, the CyRA tool, the CBS Assessor, the E26 Search tool, member resources, playbooks, intelligence content, vault forms, and any other products offered by Tagsia.
• “CyRA” means the Maritime Cyber Risk Assessment tool — a questionnaire-based risk scoring platform aligned to SOLAS, IACS UR E26, DNV, ISM/SMS, and IMO MSC-FAL.1/Circ.3 frameworks.
• “CBS Assessor” means the CBS Network Risk Assessor — a topology-based compliance assessment tool aligned to IACS UR E26, UR E27, and IEC 62443-3-3.
• “Assessment Data” means the questionnaire responses, topology data, risk scores, findings, notes, vessel information, and related data you create using the CyRA or CBS Assessor tools.
• “Content” means all materials published by Tagsia on its website, including articles, playbooks, templates, compliance documents, vault forms, and tool outputs.
• “Registered User” means a user who has created a free account on tagsia.com and has access to the full suite of tools and resources.
• “Browser Storage” means the localStorage mechanism in your web browser where Assessment Data is stored locally on your device. Assessment Data stored in Browser Storage is never transmitted to Tagsia servers.

3 Accounts & Registration

3.1 Account Creation

To access the assessment tools and gated resources, you must register for a free Tagsia account. Registration requires a valid email address, name, and password. You agree to provide accurate, current, and complete information and to keep your account information updated.

3.2 Account Security

You are responsible for maintaining the confidentiality of your account credentials and for all activity that occurs under your account. You agree to:

• Use a strong, unique password of at least 8 characters containing uppercase letters and numbers
• Not share your login credentials with any other person
• Notify us immediately at [email protected] if you suspect unauthorised access to your account

Tagsia is not liable for any loss or damage arising from your failure to protect your account credentials.

3.3 One Account Per User

Each individual must maintain only one account. Creating multiple accounts to circumvent usage limits or access controls is a material breach of these Terms and may result in immediate termination of all associated accounts.

3.4 Account Eligibility

You must be at least 18 years of age and legally capable of entering into binding contracts to create an account. Our services are intended for maritime industry professionals and related organisations.

4 Access & Free Use

Tagsia is currently operating in a content-first phase. All tools and resources are available free of charge to registered users. No paid subscriptions exist at this time.

4.1 Fair Use

Free access is for individual or organisational internal use only, not for resale, sub-licensing, or provision to third parties as a commercial service. If you wish to use Tagsia tools as part of a consulting or audit service offered to clients, please contact us to discuss arrangements.

4.2 AI Analysis Rate Limit

The AI-powered analysis feature within the CBS Assessor is subject to a daily usage limit of 5 analyses per registered user per day. This limit exists to manage server capacity during the current phase. Tagsia reserves the right to adjust this limit at any time with reasonable notice.

4.3 Future Paid Plans

Tagsia intends to introduce paid subscription plans at a future date. Registered users will be notified at least 30 days in advance before any currently free features become paid. Full billing and subscription terms will be published at that time.

5 Assessment Tools — Scope & Limitations

5.1 What CyRA Does

The CyRA tool provides:

• Structured, questionnaire-based cyber risk scoring aligned to ISM/SMS frameworks, SOLAS, DNV cyber class notation scope, IACS UR E26, and IMO MSC-FAL.1/Circ.3 guidelines
• Likelihood and impact scoring based on observable system characteristics
• CIA (Confidentiality, Integrity, Availability) assessments
• Printable risk assessment reports for internal use and SMS documentation
• CSV export for fleet management and DPA review

5.2 What the CBS Assessor Does

The CBS Network Risk Assessor provides:

• CBS network topology mapping aligned to IACS UR E26, UR E27, and IEC 62443-3-3
• Rule-engine analysis of vendor scope boundaries and conduit compliance
• AI-powered expert analysis of topology findings (subject to daily rate limit)

5.3 What the Tools Do Not Provide

• Penetration testing or active vulnerability scanning of shipboard systems
• Certification, class notation, or regulatory approval of any kind
• Real-time threat intelligence integrated into assessments
• Legal, insurance, or compliance advice
• Guarantee of compliance with IMO, flag state, port state, or class society requirements

5.4 Browser-Only Data Storage

All Assessment Data created using CyRA and the CBS Assessor is stored exclusively in your browser’s local storage on your own device. This data is never transmitted to Tagsia servers. As a consequence:

• Assessment Data is only accessible from the browser and device on which it was created
• Clearing browser data or cache will permanently delete your Assessment Data
• Tagsia cannot recover lost Assessment Data
• You are responsible for maintaining your own backups using the Export function provided in each tool

5.5 User Responsibility for Inputs

The accuracy of tool outputs depends entirely on the accuracy of the information you provide. You are responsible for ensuring that questionnaire answers and topology data accurately reflect the actual state of systems being assessed. Tagsia accepts no liability for outputs derived from inaccurate, incomplete, or misleading inputs.

5.6 Not a Substitute for Professional Advice

Tool outputs should be reviewed by a qualified maritime cybersecurity professional before being used to make operational, investment, or compliance decisions. Tagsia recommends that assessments with High or Critical risk scores be reviewed by a Designated Person Ashore (DPA), Chief Security Officer, or qualified external consultant.

5.7 Framework Alignment

While tool methodologies are aligned with SOLAS, IACS UR E26/E27, DNV, ISM, and IMO guidelines as at the date of publication, regulatory requirements evolve. It is your responsibility to ensure that your risk management practices remain aligned with current flag state and class society requirements.

6 Intellectual Property

6.1 Tagsia Content

All content on the Tagsia website, including but not limited to articles, playbooks, compliance templates, vault forms, the CyRA tool, the CBS Assessor, the E26 Search tool, their methodologies, scoring algorithms, questionnaire frameworks, report templates, and all associated software code, is the intellectual property of Tagsia or its licensors and is protected by copyright, trademark, and other applicable intellectual property laws.

6.2 Licence to Use

Subject to your compliance with these Terms, Tagsia grants you a limited, non-exclusive, non-transferable, revocable licence to:

• Access and use the assessment tools for your own internal maritime cyber risk assessment purposes
• Download, complete, and use compliance documents and vault forms for your own internal vessel operations and SMS documentation
• Print and retain tool reports for inclusion in your SMS documentation
• Share exported reports internally within your organisation

6.3 Restrictions

You may not, without express written permission from Tagsia:

• Copy, reproduce, distribute, or publish any Tagsia content for commercial purposes
• Resell, sublicense, or offer Tagsia tools or content as a service to third parties
• Reverse engineer, decompile, or attempt to extract any tool’s scoring algorithm or source code
• Remove or alter any copyright, trademark, or proprietary notices
• Use Tagsia’s name, logo, or branding without prior written consent
• Systematically scrape or download content from the Tagsia website

6.4 Your Assessment Data

You retain full ownership of all Assessment Data you create using Tagsia tools. Tagsia claims no intellectual property rights over your assessment inputs or outputs. Since all Assessment Data is stored in your browser’s local storage and never transmitted to our servers, Tagsia does not process or have access to your Assessment Data.

7 User Content & Data

Tagsia collects minimal personal data. When you register, we collect your name, email address, company name (optional), and the date of registration. This data is used solely to manage your account and communicate service updates.

Assessment Data (questionnaire responses, topology data, risk scores, vessel information) is stored exclusively in your browser’s local storage. This data never reaches Tagsia servers and is therefore not subject to Tagsia’s data processing.

Tagsia does not use your personal data for advertising, does not sell it to third parties, and does not use it to generate user profiles beyond what is necessary to operate your account.

For full details of how we collect, use, and protect your personal data, please see our Privacy Policy.

8 Prohibited Use

You agree not to use Tagsia or its tools to:

• Violate any applicable law, regulation, or third-party rights
• Conduct, support, or facilitate any unlawful activity, including cyber attacks against vessels or maritime infrastructure
• Upload or transmit malware, viruses, or any malicious code
• Attempt to gain unauthorised access to any part of the platform or another user’s data
• Scrape, crawl, or systematically extract content from the Tagsia website
• Circumvent access controls through technical means, proxy services, or other methods
• Impersonate any person or entity or misrepresent your affiliation
• Use the platform in any way that could damage, disable, or impair its operation
• Create assessments for vessels or systems you do not have authorisation to assess
• Abuse the AI analysis rate limit through technical workarounds or multiple accounts

Violation of these prohibitions may result in immediate account termination and, where applicable, reporting to relevant authorities.

9 Disclaimers

Tagsia does not warrant that:

• The tools will be error-free, uninterrupted, or meet your specific requirements
• Risk scores or compliance findings are accurate, complete, or suitable for any particular regulatory purpose
• The content on the website is current, complete, or free of errors
• The platform will be free from security vulnerabilities
• Browser storage data will persist across browser updates, device changes, or cache clears

Nothing in these Terms excludes or limits any warranties that cannot legally be excluded in your jurisdiction.

10 Limitation of Liability

To the maximum extent permitted by applicable law, Tagsia and its officers, directors, employees, and agents shall not be liable for:

• Any indirect, incidental, consequential, special, or punitive damages
• Loss of profits, revenue, data, or goodwill
• Any damage or loss arising from your reliance on tool outputs to make operational, safety, or compliance decisions
• Any cyber incident, vessel incident, port state control detention, or regulatory non-compliance arising from or in connection with your use of our tools
• Loss of Assessment Data stored in browser local storage due to browser updates, device changes, cache clearing, or any other cause
• Any third-party content, services, or links accessed through our platform
• Interruption or unavailability of the AI analysis feature due to server capacity or maintenance

Some jurisdictions do not allow the exclusion or limitation of certain liabilities. In such jurisdictions, our liability is limited to the minimum extent permitted by law.

11 Indemnification

You agree to indemnify, defend, and hold harmless Tagsia and its officers, directors, employees, agents, and licensors from and against any claims, liabilities, damages, losses, costs, and expenses (including reasonable legal fees) arising from or relating to:

• Your use of the Services in violation of these Terms
• Any content or data you submit to the platform
• Your violation of any applicable law or third-party rights
• Any misrepresentation made by you in connection with the Services

12 Termination

12.1 Termination by You

You may close your account at any time by contacting us at [email protected]. Upon account closure, your account credentials and registration data will be deleted in accordance with our Privacy Policy. Assessment Data stored in your browser’s local storage is not affected by account closure — it remains on your device until you clear it manually.

12.2 Termination by Tagsia

We reserve the right to suspend or terminate your account at any time, with or without notice, for:

• Material breach of these Terms, including prohibited use violations
• Abuse of the AI analysis rate limit or other platform resources
• Conduct that poses a risk to the platform, other users, or third parties
• Required by law

We will endeavour to provide reasonable notice before termination except where immediate action is required to protect the platform or other users.

12.3 Effect of Termination

Upon termination, your right to access the Services ceases immediately. Since Assessment Data is stored in your browser, it remains accessible to you locally after account termination. Provisions of these Terms that by their nature should survive termination (including intellectual property, disclaimers, limitation of liability, and governing law) shall survive.

13 Governing Law & Dispute Resolution

These Terms and any dispute arising from them shall be governed by and construed in accordance with the laws of [jurisdiction to be confirmed], without regard to its conflict of law provisions.

13.1 Informal Resolution

Before initiating any formal legal proceeding, both parties agree to attempt to resolve any dispute informally by contacting [email protected]. We will make reasonable efforts to resolve the matter within 30 days.

13.2 Formal Disputes

If informal resolution is unsuccessful, disputes shall be subject to the exclusive jurisdiction of the courts of [jurisdiction to be confirmed]. If you are a consumer in the EU, you may also be entitled to use the EU Online Dispute Resolution platform at ec.europa.eu/consumers/odr.

14 Changes to Terms

We reserve the right to modify these Terms at any time. When we make material changes we will:

• Update the “Last Updated” date at the top of this document
• Send registered users an email notification at least 14 days before the changes take effect
• Display a prominent notice on our website

Material changes include but are not limited to: introduction of paid plans, changes to data storage practices, changes to AI analysis limits, or changes to the governing law.

For non-material changes (such as clarifications, corrections, or minor formatting updates), we may update the Terms without prior notice. Your continued use of the Services after changes take effect constitutes your acceptance of the revised Terms.

If you do not agree with revised Terms, you may close your account before the effective date of the changes by contacting [email protected].

15 Contact

For questions or concerns about these Terms of Service, please contact us:

Billing and legal contact details will be added when commercial plans launch.