NDA & Confidentiality Agreement
This Non-Disclosure and Confidentiality Agreement governs the handling of sensitive information shared between
the client and ECHO Pentest during a penetration testing engagement.
1. Confidential Information
Confidential information includes, but is not limited to:
- System architecture and network diagrams
- Credentials and access tokens
- Application source code and configuration files
- Testing results, vulnerabilities, logs, and reports
2. Protection of Shared Data
- All sensitive information will be stored securely.
- No confidential data will be shared with third parties.
- Data will only be used for the purpose of performing the agreed testing.
3. Secure Data Disposal
All sensitive data obtained during testing will be deleted securely within
30 days after project completion unless otherwise agreed.
4. Client Responsibilities
The client agrees to:
- Provide accurate information and necessary access
- Notify ECHO Pentest of any data classified as highly sensitive
- Ensure internal teams are aware of the engagement if required
5. Exceptions
Confidentiality obligations do not apply to information that:
- Is publicly known prior to disclosure
- Becomes public through no fault of either party
- Is independently discovered without access to confidential information
6. Contact
For any confidentiality–related inquiries, contact:
contact@echopentest.com