CloudQix

Terms and Conditions

Terms of Use
Last updated: 05/07/2025

CloudQix Hackathon Terms and Conditions
Effective Date: 05/02/2025

Overview

  • The CloudQix Security Hackathon (the “Hackathon”) is a skill-based contest hosted by CloudQix, Inc. (“CloudQix”, “we,” or “us”).
  • This Hackathon is focused exclusively on security testing and vulnerability discovery in the CloudQix iPaaS sandbox environment before public release.
  • By registering for and/or participating in the Hackathon, you (“Participant,” “you”) agree to comply with and be bound by these Terms and Conditions (“Terms”).
  • The Hackathon begins on May 17, 2025, and ends on May 19, 2025.
  • CloudQix reserves the right, in addition to those other rights reserved herein, to modify any date(s) or deadline(s) set forth in these Terms.
  • NO PURCHASE NECESSARY. PARTICIPATION IS VOID WHERE PROHIBITED BY LAW.

Eligibility. You must: 

  • Be a legal resident of the United States.
  • Be 18 years of age or older at the time of registration.
  • Provide a valid email address and a valid U.S. phone number. You must complete email and SMS verification before being granted access to the CloudQix sandbox.
  • Not be subject to U.S. export controls, OFAC sanctions, or embargoes.
  • Not be an employee, officer, or agent of CloudQix or an affiliate of CloudQix

Participant Rules You agree:

  • Only to access and test the designated Hackathon Sandbox Environment.
  • Not to perform Denial of Service (DoS) or brute-force attacks.
  • Not to submit any Participant Material that is unlawful or otherwise includes any virus, spyware, malware, or other malicious component designed to harm the functionality of a computer in any way. 
  • Not to engage in social engineering, phishing, or manipulation of CloudQix employees or other participants.
  • Not use any robotic, automatic, macro, programmed, third-party or like methods to participate in the Hackathon.
  • Not to attempt to access real user data or production environments.
  • Not to use public disclosure methods (blogs, social posts, etc.) before CloudQix confirms a fix has been implemented.
  • Be the first valid report of any specific vulnerability to be considered for prize eligibility.
  • Submit all entries in English and before the applicable deadline.
  • Abide by any written instructions, deadlines, or technical limits posted by CloudQix.
  • Work alone and submit Participant Materials (defined below) that are original, lawful, generated solely by you, and do not violate the intellectual property or other rights of any third party.

By providing a submission, you agree that your submission conforms to these Terms. CloudQix reserves the right to disqualify any Participant for violating these Terms.

Ownership of Submissions

  • All materials, workflows, bug reports, stress tests, creative builds, code artifacts, feedback, documentation and other deliverables (“Participant Materials”) you submitted during the Hackathon become the sole and exclusive property of CloudQix.
  • You expressly assign to CloudQix all rights, titles, and interests in and to any Participant Materials, including any intellectual property rights.
  • You waive any and all claims to compensation, royalties, or ownership except as outlined in these Terms.
  • If we ask you to do so, you agree to sign any documentation that may be required to confirm your assignment of rights described above.

Prizes

All prizes will be distributed via PayPal in USD. Participants must: (a) have an active PayPal account; (b) confirm their PayPal email address and identity; and (c) sign an affidavit confirming compliance with these Terms, assigning all rights in Participant Materials, and releasing CloudQix from liability. Prizes of $600 or more require submission of IRS Form W-9. Participants are responsible for all applicable federal, state and local taxes. Any prize not collected by the applicable winner via PayPal within thirty days after our first attempt to distribute the prize shall be deemed forfeited; CloudQix shall not be responsible for any inability of a winner to accept any portion of a prize for any reason.

  • Top submission: $5,000
  • Second Place: $1,000
  • Third Place: $500

Odds

  • Odds of winning will be determined by: (a) the number of entries; and (b) the skills of those who choose to participate.
  • We cannot accurately predict the number of entrants who will participate in the Hackathon.

Critical Vulnerability Handling

  • Any critical or high-severity vulnerabilities must be reported only through the official submission channel.
  • Participants must not attempt to exploit vulnerabilities outside the sandbox, and must not publicly share findings before written approval from CloudQix.
  • You must not publicly disclose any flaw or vulnerability with respect to CloudQix without CloudQix’s written consent.
  • Failure to follow responsible disclosure protocols may result in disqualification and legal consequences.

Publicity and Marketing Rights

  • If you are awarded a prize, you grant to CloudQix the irrevocable and perpetual right to use your name, biographical information, photo, entry(ies) and/or likeness at any time or times Participants may be featured in one or more blog posts, event recaps, or social media postings or other media without prior notice, review or approval and without additional compensation. Participation in promotional content will be opt-in for any public attribution beyond the prize winners.
  • No further compensation will be provided beyond the prizes awarded.

Disclaimers

  • CloudQix makes the Hackathon and the Hackathon environment available on an “as is, where is” basis, without warranties of any kind, whether express or implied, including, but not limited to, the implied warranties of merchantability, fitness for a particular purpose or non-infringement.
  • CloudQix makes no guarantees that the Hackathon platform will be uninterrupted, error-free, or secure.

Limitation of Liability

  • CloudQix is not liable for any indirect, incidental, special, consequential, or punitive damages arising from or otherwise relating to participation in the Hackathon.
  • CloudQix’s total liability to any Participant will not exceed $1000.

Indemnification

Participants agree to indemnify, defend, and hold harmless CloudQix, Inc. and, its affiliates and their respective, officers, directors, employees, agents, and representatives from and against any and all claims, liabilities, damages, losses, costs, expenses and, or fees (including attorneys’ fees) arising out of or relating to:

  • Any breach by the Participant of these Terms;
  • Any violation by the Participant of any applicable law or regulation;
  • Any infringement or misappropriation of any intellectual property or other rights of a third party by the Participant’s submission or participation in the Hackathon.

Governing Law and Dispute Resolution

  • These Terms are governed by the laws of the State of Maryland, without regard to its conflict of laws principles.
  • Any disputes will be resolved exclusively in the state or federal courts located in Maryland.
  • The remedy for any Participant claim shall be limited to actual damages, and in no event shall any Participant be entitled to recover punitive, exemplary, consequential or incidental damages, including attorney’s fees or other such related costs of bringing a claim, or to rescind these Terms or seek injunctive or any other equitable relief. Any demand or claim made by a Participant must be filed within one (1) year of the time the cause of action occurred, or the cause of action shall be forever barred.
  • If any controversy or claim is not otherwise resolved through direct discussions or mediation, it shall then be resolved by final and binding arbitration administered by the American Arbitration Association in accordance with its arbitration rules and procedures or subsequent versions thereof (“AAA RULES”). The AAA rules for selection of an arbitrator shall be followed, except that the arbitrator shall be experienced and licensed to practice law in Maryland, USA. All proceedings brought pursuant to this paragraph will be conducted in Maryland, USA. The remedy for any claim shall be limited to actual damages, and in no event shall any party be entitled to recover punitive, exemplary, consequential or incidental damages, including attorney’s fees or other such related costs of bringing a claim, or to rescind this agreement or seek injunctive or any other equitable relief. Demand by the entrant for arbitration must be filed within one (1) year of the time the cause of action occurred, or the cause of action occurred, or the cause of action shall be forever barred. The entrant and released parties agree to arbitrate solely on an individual basis, and that this agreement does not permit class arbitration or any claims brought as a plaintiff or class member in any class or representative arbitration proceeding. The arbitrator may not consolidate more than one person’s claim, and may not otherwise preside over any form of a representative or class proceeding. In the event the prohibition on class arbitration is deemed invalid or unenforceable, then the remaining portions of this section will remain in force.

Termination and Modifications

  • CloudQix reserves the right to cancel, modify, or suspend the Hackathon at any time for any reason, without liability.
  • CloudQix also reserves the right to modify these Terms at its sole discretion.
  • Updated Terms and Conditions, if applicable, will be provided to all registered participants prior to the official start of the CloudQix Security Hackathon.

Privacy

Except with respect to publicity rights granted by prize winners in the “Publicity and Marketing Rights” section above:

  • Participants’ submitted information will be handled per the CloudQix Privacy Policy.
  • Personal data (name, email, phone number) will be used solely for event participation, communication, prize distribution, and—if opted in—career or talent outreach.
  • Participants consent to the use of their information for Hackathon administration and marketing purposes.

Judging Criteria

Eligible submissions received on a timely basis during the Hackathon will be scored by a panel of CloudQix employees out of 100 points:  

Category Max Points Notes
Severity (CVSS scale) 40 Critical issues score highest
Reproducibility 20 Clear steps or PoC required
Creativity/Originality 15 Rewarded for unique or clever findings
Report Quality 15 Clear, professional write-up and evidence
Rule Compliance 10 Followed disclosure rules and scope limits

Only the first valid submission of any individual vulnerability will be eligible for scoring and prize consideration, but will otherwise remain subject to these Terms. All submissions must be submitted through CloudQix’s official reporting channel.  Decisions of CloudQix are final and binding in all matters pertaining to the Hackathon.

Contact
If you have any questions about these Terms or the Hackathon, please contact: security@cloudqix.com