Terms of Service

Scholar-Secure Platform

Effective Date: January 1, 2026  |  Last Updated: February 2026

1. Agreement to Terms

We are Cyber Viking LLC (“Company,” “we,” “us,” “our”), a California limited liability company with its principal place of business at 222 E El Morado Ct, Ontario, CA 91764.

We operate the Scholar-Secure Platform at scholar-secure.com and related subdomains (collectively, the “Platform”), providing managed cybersecurity education environments featuring virtual lab infrastructure, remote desktop access via Apache Guacamole, and hands-on security training exercises (collectively, the “Services”).

By creating an account, accessing, or using the Services, you (“User,” “you,” “your”) agree to be bound by these Terms of Service (“Terms”). If you do not agree, you may not access the Services.

Contact: [email protected]

1.1 Third-Party Service Disclosure

Scholar-Secure is an independent service provided by Cyber Viking LLC pursuant to a Master Services Agreement (“MSA”) with your educational institution (“Institution”). We are NOT affiliated with, endorsed by, or operated by your Institution. Your Institution is a client of Cyber Viking LLC; these Terms govern your individual use of the Platform.

1.2 Eligibility

You must be at least eighteen (18) years of age, or the age of majority in your jurisdiction, to use the Services. If you are under eighteen (18), you may only use the Services with the consent of a parent or legal guardian, and your Institution must have authorized your access. By using the Services, you represent that you meet these eligibility requirements.

1.3 Relationship of Documents

These Terms govern your use of the Platform as an individual end user. Your Institution’s access to the Platform is governed by a separate MSA between your Institution and Cyber Viking LLC. In the event of a conflict between these Terms and the MSA, the MSA controls with respect to the Institution’s obligations, and these Terms control with respect to your individual conduct.

2. Account Responsibilities

When you are provisioned an account on the Platform, you agree to the following:

  • Account Security. You are solely responsible for maintaining the confidentiality of your credentials, including passwords, MFA tokens, and any API keys. You must not share your credentials with any other person.
  • Activity Responsibility. You are responsible for all activity that occurs under your account, whether authorized by you or not. You must immediately notify your instructor and [email protected] if you believe your account has been compromised.
  • Accurate Information. You agree to provide accurate, current information during registration and to keep your profile information up to date.
  • Single User. Accounts are assigned to individual users and may not be shared, transferred, or used by anyone other than the assigned user.

3. Academic Integrity

Scholar-Secure is designed to support legitimate educational activities. You agree to:

  • Complete your own work. Lab assignments, quizzes, and assessments must be completed individually unless explicitly designated as group work by your instructor.
  • Not share solutions. Do not share lab answers, scripts, exploits, assessment responses, or any other graded materials with other students.
  • Not use unauthorized assistance. Do not use AI tools, external resources, or other individuals to complete graded work unless explicitly permitted by your instructor.
  • Report violations. If you become aware of academic dishonesty, report it to your instructor.

WARNING: Violations may result in a failing grade, course dismissal, and/or reporting to your Institution’s academic conduct office. All submissions and activity are logged and may be reviewed for academic integrity purposes.

4. Acceptable Use Policy

4.1 Permitted Use

The Platform and Services are provided solely for educational purposes as authorized by your Institution and instructor. You may use the Platform only for coursework, lab exercises, and training activities assigned or approved by your instructor.

4.2 Prohibited Conduct

You agree NOT to:

  • Attempt to access, probe, or scan systems, networks, or data outside your designated lab environment.
  • Use security tools, exploits, or techniques against any target other than designated lab targets within your assigned sandbox.
  • Exfiltrate data from the lab environment to external systems, personal devices, or cloud storage.
  • Upload malware, ransomware, or any malicious code to systems outside your designated lab environment.
  • Use Platform resources for cryptocurrency mining, distributed computing, or any purpose unrelated to your coursework.
  • Access, attempt to access, or interfere with another user’s account, data, sessions, or virtual machines.
  • Share, publish, or distribute your credentials, VPN configurations, or access tokens.
  • Reverse-engineer, decompile, or attempt to extract the source code of the Platform.
  • Use the Platform to conduct any illegal activity or to attack any system not explicitly designated as a lab target.
  • Circumvent, disable, or interfere with any security feature of the Platform, including session limits, access controls, or monitoring systems.
  • Use the Platform in any manner that could damage, disable, overburden, or impair Platform infrastructure.

4.3 Consequences

Violations of this Acceptable Use Policy may result in immediate suspension or termination of your account, academic penalties as determined by your Institution, reporting to your Institution’s conduct office, and where applicable, reporting to law enforcement authorities.

5. Lab Environment Rules

The virtual lab environment is a controlled, sandboxed environment. In addition to the Acceptable Use Policy above, the following rules apply specifically to lab sessions:

  • Stay within the sandbox. Only interact with designated lab targets and infrastructure. Never attempt to access production systems, other students’ environments, the Platform’s own infrastructure, or external networks unless the lab exercise explicitly requires it.
  • Use tools responsibly. Security tools (e.g., Nmap, Metasploit, Burp Suite) may only be used against designated targets within your assigned lab topology.
  • Respect session limits. Lab sessions are subject to time limits as configured by your instructor. You will receive a warning notification before automatic disconnection. Save your work frequently.
  • Report vulnerabilities. If you discover a vulnerability in the Platform itself (not a lab exercise target), report it immediately to [email protected]. Do not exploit Platform vulnerabilities.
  • No persistent access. Do not install backdoors, create unauthorized accounts, or establish persistent access mechanisms within lab environments beyond the scope of a specific lab exercise.

6. Monitoring, Session Logging & Consent

By using Scholar-Secure, you acknowledge and expressly consent to the following:

6.1 Session Recording

Lab sessions, commands executed, files created or accessed, and network activity within the lab environment may be logged for educational assessment, academic integrity verification, and security purposes.

6.2 Activity Tracking

We track login times, session durations, lab progress, quiz attempts, submission timestamps, IP addresses, browser/device information, and general usage patterns.

6.3 Security Monitoring

All Platform activity is monitored in real time for policy violations, unauthorized access attempts, and security threats. Automated alerts may trigger review by Platform administrators.

6.4 Audit Logging

Complete audit logs of all user actions are maintained for a minimum of one (1) year for compliance and security purposes, consistent with our obligations under the MSA and FERPA.

7. Privacy & Data Protection

For complete information about how we collect, use, and protect your data, please refer to our Privacy Policy.

7.1 Data Categories

We process two categories of data:

  • Institution Data: Information provided by your Institution (e.g., name, institutional email address, course enrollment, student ID). This data is processed by Cyber Viking LLC as a service provider on your Institution’s behalf, subject to the MSA and FERPA.
  • Platform Data: Information generated through your use of the Platform (e.g., login credentials you create, lab submissions, session logs, usage analytics). This data is processed by Cyber Viking LLC as an independent controller for Platform operation, security, and improvement.

7.2 FERPA Compliance

Cyber Viking LLC acknowledges that student educational records are protected under the Family Educational Rights and Privacy Act (FERPA), 20 U.S.C. § 1232g. We:

  • Limit access to educational records to authorized personnel on a need-to-know basis for system administration and support.
  • Maintain appropriate administrative, technical, and physical security controls for all personally identifiable information (PII).
  • Report any data breach involving PII to your Institution within four (4) hours of discovery, consistent with our MSA obligations.
  • Return or securely destroy all Institution Data and PII upon termination of the MSA with your Institution.
  • Maintain audit logs sufficient to demonstrate compliance.

7.3 Your Rights

You may request access to, correction of, or deletion of your personal data by contacting [email protected]. Requests related to Institution Data (e.g., enrollment records) should be directed to your Institution, as they are the data controller for that information.

7.4 Data We Do NOT Collect or Use

We do NOT sell your personal information. We do NOT use your personal data for advertising or marketing to third parties. We do NOT use student data for purposes unrelated to the educational services described herein.

7.5 California Privacy Rights

If you are a California resident, you may have additional rights under the California Consumer Privacy Act (CCPA), including the right to know what personal information is collected, the right to request deletion, and the right to opt out of the sale of personal information (which we do not do). For a complete description of your California privacy rights, please refer to our Privacy Policy.

8. Intellectual Property

The Platform, including its source code, design, documentation, logos, and all associated intellectual property, is and remains the exclusive property of Cyber Viking LLC or its licensors. Nothing in these Terms grants you any right, title, or interest in the Platform beyond the limited right to access and use it as authorized by your Institution.

Content you create within lab environments (e.g., scripts, reports, configurations) as part of your coursework remains your work, subject to your Institution’s academic policies. However, anonymized, aggregated usage data may be used by Cyber Viking LLC to improve the Platform.

9. Suspension & Termination

9.1 Suspension by Cyber Viking LLC

We may immediately suspend your access to the Platform, without prior notice, if we reasonably believe you have violated these Terms, the Acceptable Use Policy, or any applicable law, or if your continued access poses a security risk to the Platform or other users.

9.2 Termination by Institution

Your Institution may request the deactivation of your account at any time (e.g., upon course completion, withdrawal, or disciplinary action). We will comply with such requests in accordance with the MSA.

9.3 Termination of the MSA

If the MSA between Cyber Viking LLC and your Institution is terminated for any reason, your access to the Platform will end. We will handle data return and destruction as specified in the MSA.

9.4 Effect of Termination

Upon suspension or termination of your account, your right to access the Platform ceases immediately. We are not obligated to retain your data beyond the periods required by the MSA, these Terms, or applicable law. Sections 3 (Academic Integrity), 6 (Monitoring), 7 (Privacy), 8 (Intellectual Property), 10 (Disclaimers), 11 (Limitation of Liability), 12 (Indemnification), and 14 (Governing Law) survive termination.

10. Disclaimers

THE SERVICES ARE PROVIDED “AS-IS” AND “AS-AVAILABLE” WITHOUT WARRANTIES OF ANY KIND, WHETHER EXPRESS, IMPLIED, OR STATUTORY, INCLUDING BUT NOT LIMITED TO IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE, AND NON-INFRINGEMENT.

CYBER VIKING LLC DOES NOT WARRANT THAT THE SERVICES WILL BE UNINTERRUPTED, TIMELY, SECURE, OR ERROR-FREE, OR THAT ANY DEFECTS WILL BE CORRECTED. NO ADVICE OR INFORMATION, WHETHER ORAL OR WRITTEN, OBTAINED FROM CYBER VIKING LLC OR THROUGH THE SERVICES SHALL CREATE ANY WARRANTY NOT EXPRESSLY STATED IN THESE TERMS.

CYBER VIKING LLC IS NOT RESPONSIBLE FOR THE ACTIONS, CONTENT, OR DATA OF THIRD PARTIES, AND YOU RELEASE US FROM ANY CLAIMS AND DAMAGES, KNOWN AND UNKNOWN, ARISING OUT OF OR IN ANY WAY CONNECTED WITH ANY CLAIM YOU HAVE AGAINST ANY SUCH THIRD PARTIES.

11. Limitation of Liability

TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, IN NO EVENT SHALL CYBER VIKING LLC, ITS OFFICERS, MEMBERS, EMPLOYEES, AGENTS, OR CONTRACTORS BE LIABLE TO YOU FOR ANY INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, PUNITIVE, OR EXEMPLARY DAMAGES, INCLUDING BUT NOT LIMITED TO DAMAGES FOR LOSS OF PROFITS, GOODWILL, DATA, OR OTHER INTANGIBLE LOSSES, ARISING OUT OF OR IN CONNECTION WITH YOUR USE OF OR INABILITY TO USE THE SERVICES, REGARDLESS OF THE THEORY OF LIABILITY (CONTRACT, TORT, NEGLIGENCE, STRICT LIABILITY, OR OTHERWISE), EVEN IF CYBER VIKING LLC HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, CYBER VIKING LLC’S TOTAL AGGREGATE LIABILITY TO YOU FOR ALL CLAIMS ARISING OUT OF OR RELATING TO THESE TERMS OR THE SERVICES SHALL NOT EXCEED THE GREATER OF (A) FIFTY DOLLARS ($50.00) OR (B) THE AMOUNT YOUR INSTITUTION PAID TO CYBER VIKING LLC ON YOUR BEHALF IN THE TWELVE (12) MONTHS IMMEDIATELY PRECEDING THE EVENT GIVING RISE TO THE CLAIM, DIVIDED BY THE TOTAL NUMBER OF USERS ENROLLED DURING THAT PERIOD.

12. Indemnification

You agree to defend, indemnify, and hold harmless Cyber Viking LLC, its officers, members, employees, agents, and contractors from and against any and all third-party claims, damages, losses, liabilities, costs, and expenses (including reasonable attorneys’ fees) arising out of or relating to:

  • Your use or misuse of the Platform or Services.
  • Your violation of these Terms, the Acceptable Use Policy, or any applicable law.
  • Your violation of any third-party right, including intellectual property, privacy, or other proprietary rights.
  • Any unauthorized access to or use of systems, networks, or data facilitated by your actions on the Platform.

This indemnification obligation survives termination of these Terms and your use of the Services.

13. Dispute Resolution

13.1 Informal Resolution

Before filing any formal dispute, you agree to first contact us at [email protected] and attempt to resolve the dispute informally for at least thirty (30) days.

13.2 Mediation and Arbitration

Any dispute not resolved informally shall be settled first by mediation and, if necessary, by binding arbitration in accordance with the rules of Judicial Arbitration and Mediation Services (“JAMS”) in Riverside County, California. If any party commences an action without first attempting mediation, that party shall not be entitled to recover attorneys’ fees. The prevailing party in arbitration shall be entitled to reimbursement of reasonable attorneys’ fees and costs. All decisions of the arbitrator shall be final, binding, and conclusive.

13.3 Small Claims Exception

Notwithstanding the foregoing, either party may bring an individual action in small claims court in Riverside County, California, if the claim falls within that court’s jurisdiction.

13.4 No Class Actions

YOU AGREE THAT ANY DISPUTE RESOLUTION PROCEEDINGS WILL BE CONDUCTED ON AN INDIVIDUAL BASIS AND NOT IN A CLASS, CONSOLIDATED, OR REPRESENTATIVE ACTION.

14. Governing Law & Jurisdiction

These Terms shall be governed by and construed in accordance with the laws of the State of California, United States, without regard to conflict of law principles. To the extent that any lawsuit or court proceeding is permitted hereunder, you agree to submit to the personal and exclusive jurisdiction of the state and federal courts located in Riverside County, California.

15. Changes to Terms

We reserve the right to modify these Terms at any time. If we make material changes, we will provide notice via email to your institutional email address or through a prominent notice on the Platform at least fourteen (14) days before the changes take effect. Your continued use of the Services after the effective date of any changes constitutes your acceptance of the revised Terms. If you do not agree with the revised Terms, you must stop using the Services and contact your Institution.

16. General Provisions

16.1 Severability

If any provision of these Terms is found to be invalid or unenforceable under applicable law, that provision shall be modified to the minimum extent necessary to make it valid and enforceable, or if it cannot be so modified, severed from these Terms. The remaining provisions shall continue in full force and effect.

16.2 Entire Agreement

These Terms, together with our Privacy Policy and any policies incorporated by reference, constitute the entire agreement between you and Cyber Viking LLC regarding your individual use of the Services, and supersede all prior or contemporaneous agreements, understandings, or representations regarding the same.

16.3 No Waiver

The failure of Cyber Viking LLC to enforce any right or provision of these Terms shall not constitute a waiver of such right or provision. Any waiver of any provision shall only be effective if in writing and signed by Cyber Viking LLC.

16.4 Assignment

You may not assign or transfer these Terms or any rights hereunder without our prior written consent. Cyber Viking LLC may assign these Terms without restriction.

16.5 Force Majeure

Cyber Viking LLC shall not be liable for any delay or failure to perform resulting from causes beyond its reasonable control, including but not limited to acts of God, war, terrorism, natural disaster, pandemic, power failure, internet service provider failure, or governmental action.

16.6 Contact

For questions about these Terms, please contact:

Cyber Viking LLC
222 E El Morado Ct
Ontario, CA 91764
Email: [email protected]
Web: scholar-secure.com