General Terms and Conditions (GTC)

Effective Date: January 2026

1. Scope and Validity

These General Terms and Conditions (hereinafter "GTC") apply to all services, products, and contracts between Lucumo Security GmbH (hereinafter "Lucumo") and its clients (hereinafter "Client"), unless explicitly agreed otherwise in a written individual contract.

2. Nature of Services

Lucumo provides highly specialized consulting services in the fields of cryptography, quantum security, AI safety, and digital sovereignty. The services are categorized as follows:

2.1. Strategic Advisory & Consulting

For mandates involving strategic advice (e.g., Post-Quantum roadmaps, AI risk assessment, technology investment advice), Lucumo provides recommendations based on the current "State of the Art" in scientific research. The Client acknowledges that these fields are rapidly evolving. Lucumo does not guarantee that a specific technology or protocol will remain secure indefinitely or that market predictions will materialize.

2.2. Cryptographic Code Audits & Reviews

Lucumo performs code reviews and protocol analyses to identify vulnerabilities. The Client acknowledges that an audit represents a "best effort" analysis based on the agreed scope and time budget. The absence of "Findings" in a report does not prove the mathematical impossibility of vulnerabilities, nor does it certify the code as "bug-free."

2.3. Research Collaboration

When collaborating on unpublished tools or research schemes, intellectual property rights regarding background IP and foreground IP shall be regulated in a separate agreement. Unless otherwise specified, Lucumo retains the right to use general methodological knowledge gained for other projects.

3. Client Obligations

The Client agrees to provide Lucumo with all necessary assets, including but not limited to source code, documentation, architecture diagrams, and access to development environments. The Client warrants that they possess the legal authority to share such materials.

4. Confidentiality

Both parties undertake to treat all information exchange—specifically unreleased cryptographic schemes, source code, and strategic trade secrets—as strictly confidential. This obligation survives the termination of the contract.

5. Liability

Lucumo is liable only for direct damages caused by unlawful intent or gross negligence. Liability for slight negligence is excluded.

Exclusions: Lucumo is not liable for:

  • Damages resulting from the implementation of advice where the underlying technology (e.g., a specific AI model or Quantum standard) subsequently fails due to external scientific breakthroughs.
  • Loss of profit, reputational damage, or data loss.
  • Vulnerabilities discovered in code after a review has been completed, provided the review was conducted with professional due diligence.

6. Final Provisions

These GTC are governed exclusively by Swiss Law. The place of jurisdiction is Zurich, Switzerland.