Disclaimers

Main

CodeHalo

DISCLAIMERS 

Effective Date: May 15, 2026

1. PURPOSE AND OVERVIEW

This Disclaimers document is published by CodeHalo ("CodeHalo," "we," "our," or "us"), operator of the CodeHalo automated code security analysis platform and the website at codehalo.io.

This document provides important notices about the nature, scope, and limitations of the Service and its outputs. It is intended to be read alongside our Terms and Conditions, Privacy Policy, and Acceptable Use Policy, all of which are available at codehalo.io. Capitalised terms used but not defined here have the meanings given to them in those documents.

Nothing in this document limits or replaces the terms of those policies. In the event of any conflict, the Terms and Conditions shall prevail.

These disclaimers apply to all visitors to codehalo.io and to all Users of the Service.

2. NATURE OF THE SERVICE

CodeHalo is an automated code security analysis tool. The Service uses a combination of static analysis techniques and AI-assisted methods to identify potential security vulnerabilities, misconfigurations, and code quality issues in User-submitted repositories.

The following should be clearly understood by all Users:

2.1 Automated Analysis The Service operates through automated processes. It does not involve human review of User code unless explicitly stated otherwise in a specific service offering. Findings generated by the Service reflect the output of automated systems and are subject to the inherent limitations of those systems, including the possibility of false positives, false negatives, and incomplete coverage.

2.2 AI-Assisted Outputs Certain aspects of the Service incorporate AI-assisted analysis techniques. AI-generated outputs — including vulnerability classifications, severity assessments, remediation suggestions, and Halo Scores — are probabilistic in nature. They are not deterministic or guaranteed to be complete, accurate, or free from error. The quality of AI-assisted outputs may vary depending on the nature, size, language, and structure of the submitted code.

CodeHalo is committed to the responsible and transparent use of AI in accordance with applicable frameworks including Singapore's Model AI Governance Framework and, where applicable, the EU AI Act. Users are encouraged to treat AI-assisted findings as a starting point for further investigation rather than a definitive assessment.

2.3 Point-in-Time Analysis Every Scan and Report reflects the state of the submitted code at the specific time the Scan was performed. CodeHalo makes no representation that a Report remains accurate or complete after the date of the Scan. Changes to the codebase, the emergence of new vulnerability disclosures, updates to security standards, or changes in the threat landscape may affect the relevance of any Report over time.

3. ACCURACY AND COMPLETENESS DISCLAIMER

3.1 No Guarantee of Complete Detection The Service is designed to assist in identifying potential security vulnerabilities. It does not guarantee the detection of all vulnerabilities, risks, or issues present in a codebase. No automated security analysis tool — regardless of how it is described — can guarantee complete coverage of all possible security issues in any given codebase.

3.2 Interpretation of Marketing Language Where CodeHalo's website, marketing materials, or platform interface use descriptive terms such as "comprehensive," "powerful," "advanced," "thorough," or similar language, such terms describe the general capabilities and design intent of the Service. They do not constitute representations, warranties, or guarantees of any specific level of detection accuracy, vulnerability coverage, or security outcome. Users should not rely on such language as a basis for making security decisions without independent validation.

3.3 Zero-Finding Results A Report that identifies zero vulnerabilities does not mean that the analysed codebase is free from security risks. A zero-finding result means only that the Service did not identify vulnerabilities within the scope and capabilities of its analysis at the time of the Scan. Users must not treat a zero-finding result as a security certification, clearance, or guarantee of safety.

3.4 Halo Score Interpretation The Halo Score is a proprietary metric generated by CodeHalo's scoring methodology. It is intended as a relative indicator to assist Users in tracking and prioritising security improvement over time. The Halo Score does not represent an absolute measure of security, compliance, or fitness for any particular purpose. It should not be presented to third parties — including clients, regulators, auditors, or investors — as a standalone certification of security posture without appropriate context and qualification.

4. NO PROFESSIONAL ADVICE DISCLAIMER

4.1 Not a Substitute for Professional Advice The Service and all Reports, findings, scores, and recommendations generated by the Service are provided for informational and technical guidance purposes only. They do not constitute and must not be relied upon as:

legal advice, regulatory or compliance advice, professional cybersecurity consultancy, penetration testing, a formal security audit, or certification of any kind.

4.2 Independent Review Required Users are strongly encouraged to engage qualified cybersecurity professionals to validate, contextualise, and act upon findings generated by the Service before making material security decisions or deploying systems in production environments. CodeHalo's outputs are designed to augment, not replace, professional security review.

4.3 Compliance Disclaimer CodeHalo does not represent that use of the Service or implementation of its recommendations will result in compliance with any regulatory framework, industry standard, or certification requirement, including but not limited to ISO 27001, SOC 2, PCI-DSS, HIPAA, GDPR, the Cyber Security Act (Singapore), or any other applicable standard. Users are solely responsible for determining and achieving their own compliance obligations.

5. THIRD-PARTY INTEGRATION DISCLAIMER

5.1 Third-Party Platforms The Service integrates with or connects to third-party platforms and services, including GitHub and third-party authentication and payment providers. CodeHalo does not control and is not responsible for the availability, security, accuracy, or practices of any third-party platform. Disruptions, errors, or security incidents originating in third-party platforms are outside CodeHalo's control and responsibility.

5.2 OAuth and Authentication Services Where Users authenticate with the Service using third-party OAuth providers such as GitHub, the User's access to the Service may be affected by changes to those providers' terms, availability, or authentication systems. CodeHalo is not liable for any loss of access, data, or functionality arising from changes to third-party authentication services.

5.3 CI/CD and Pipeline Integrations CodeHalo intends to support integration with CI/CD pipeline environments in a future release. When such integrations become available, Users should be aware that automated pipeline-based Scans are subject to the same limitations described in this document as all other Scans. The integration of CodeHalo into a CI/CD pipeline does not constitute a guarantee of continuous or real-time security coverage. Pipeline scan results should be treated as one layer in a broader security programme.

5.4 Third-Party Links The codehalo.io website and platform may contain links to third-party websites, resources, or documentation. Such links are provided for convenience only. CodeHalo does not endorse, control, or accept responsibility for the content, privacy practices, or accuracy of any third-party website. Users access third-party links at their own risk.

6. WEBSITE AND GENERAL INFORMATION DISCLAIMER

6.1 General Information Only Information published on the codehalo.io website, including blog posts, documentation, guides, security advisories, and educational content, is provided for general informational purposes only. It does not constitute professional advice of any kind and may not reflect the most current developments in security research, regulatory requirements, or industry standards.

6.2 No Warranty of Website Accuracy While CodeHalo takes reasonable care to ensure the accuracy of information published on its website, we make no representation or warranty that such information is complete, accurate, current, or fit for any particular purpose. Information on the website may be updated, corrected, or removed at any time without notice.

6.3 Availability CodeHalo does not warrant that the website or the Service will be available at all times or free from errors, interruptions, or disruptions. Scheduled and unscheduled maintenance, infrastructure issues, and events outside CodeHalo's reasonable control may affect availability. See Section 22 of the Terms and Conditions for further detail on Force Majeure.

7. LIMITATION OF LIABILITY CROSS-REFERENCE

This Disclaimers document should be read in conjunction with Section 13 of the Terms and Conditions, which sets out CodeHalo's full limitation of liability, including the exclusion of indirect and consequential damages and the aggregate liability cap. Nothing in this document creates any additional liability on CodeHalo's part beyond what is set out in the Terms and Conditions.

To the extent permitted by applicable mandatory law, CodeHalo's total liability in connection with the matters addressed in this document shall be subject to the cap set out in Section 13.2 of the Terms and Conditions.

Nothing in this document excludes or limits liability for death or personal injury caused by negligence, fraud, or any other liability that cannot be excluded under applicable mandatory law, including statutory consumer rights applicable in the User's jurisdiction.

8. JURISDICTION-SPECIFIC NOTICES

8.1 European Union and United Kingdom Users in the EU and UK are reminded that certain statutory consumer rights may apply to the use of the Service that cannot be excluded by contract. Nothing in this document is intended to limit those rights. For further information, see Section 2 of the Terms and Conditions.

8.2 Singapore CodeHalo is incorporated in Singapore and subject to Singapore law including the Consumer Protection (Fair Trading) Act ("CPFTA") and the Personal Data Protection Act ("PDPA"). Nothing in this document is intended to exclude protections afforded to Singapore consumers under those Acts.

8.3 Other Jurisdictions Users in other jurisdictions are advised that local laws may provide additional rights and protections. CodeHalo does not represent that the Service is appropriate or available in all jurisdictions. Users are responsible for ensuring that their use of the Service complies with the laws of their jurisdiction.

9. UPDATES TO THIS DOCUMENT

CodeHalo may update this Disclaimers document from time to time. Updates will be posted on the website and within the platform with a revised effective date. For material changes, CodeHalo will provide advance notice consistent with the notice requirements set out in Section 18 of the Terms and Conditions. Continued use of the Service or the website after the effective date of any update constitutes acceptance of the revised disclaimers.

10. CONTACT

If you have questions about this document or any of CodeHalo's legal policies, please contact:

Legal / Compliance Contact: contact@codehalo.io

[END OF DISCLAIMERS]