General Terms of Sale

1. Purpose and scope

These General Terms of Sale ("Terms") apply to all services provided by Lux Gap S.à r.l., a Luxembourg limited liability company (VAT LU30886939), registered office at 2 rue de l'École, L-8376 Kahler, Luxembourg, hereafter "Luxgap". Any order implies unreserved acceptance of these Terms by the Client.

2. Description of services

Luxgap provides the following services, the details of which are set out in the personalised quote sent to the Client:

• External DPO mandate: full handling of GDPR and AI Act obligations, registration with the Luxembourg CNPD, records of processing, DPIAs, data subject requests, breach handling, dialogue with supervisory authorities.
• Whistleblower channel (optional): drafting of the alert procedure, internal charter, partial or full management of the reporting channel, in accordance with the Luxembourg law of 16 May 2023.
• External CISO mandate: operational steering of information security, ISO 27001 governance, ICT risk management, NIS 2 and DORA compliance where applicable, incident handling, team awareness.
• Security tools: Dark Web monitoring (EEM), counter-espionage and executive protection, audits and penetration tests, ISO 22301 / DORA business continuity plan, 24/7 managed SOC.
• Training: internal awareness, Luxgap e-learning platform, accredited professional certifications.
• AI advisory: AI Act scoping, deployment of on-premise AI agents or public GPAI, POC on dedicated infrastructure, governance and training.

3. Luxgap obligations

Luxgap is bound by an enhanced best efforts obligation. Luxgap applies the skills and reasonable due diligence of a professional in cybersecurity and legal compliance in Luxembourg. Technical and organisational measures comply with Article 32 GDPR and the recognised state of the art.

4. Client obligations

The Client undertakes to provide Luxgap with reasonable access to the information and people needed for the mission, to inform Luxgap of any material change in its organisation, IT systems or regulatory scope, and to respect the recommendations issued by Luxgap.

5. Prices and payment

Prices are quoted in euros, excluding VAT. Unless otherwise stated, recurring mandates (DPO, CISO, SOC, EEM) are billed monthly in arrears; one-off missions are billed upon delivery. Invoices are payable within 30 days of issue.

6. Liability

Luxgap's total liability, all causes combined, is expressly capped at the total amount excluding VAT actually invoiced to the Client during the twelve (12) months preceding the event giving rise to the claim. Luxgap shall not be liable for indirect damages.

7. Confidentiality

Each party undertakes to keep strictly confidential any non-public information received from the other party. This obligation remains in force for the duration of the contract and for five (5) years after its termination.

8. Term and termination

Recurring mandates (DPO, CISO, SOC) are concluded for an initial term of twelve (12) months, automatically renewed for successive twelve-month periods. Either party may terminate with three (3) months' written notice before the renewal date.

9. Personal data protection

Personal data processing within the scope of Luxgap services is governed by a separate Data Processing Agreement (DPA), compliant with Article 28 GDPR. For data processed by the luxgap.com website itself, see our privacy policy.

10. Intellectual property

Methods, tools, models, platforms, AI agents and content developed by Luxgap remain Luxgap's exclusive property. Deliverables specifically adapted to the Client become the Client's property upon full payment of the corresponding invoices.

11. Governing law and jurisdiction

These Terms and any Luxgap service are governed by Luxembourg law. Any dispute falls within the exclusive jurisdiction of the courts of the Luxembourg judicial district.

12. Miscellaneous

If any provision of these Terms is held to be invalid or unenforceable, the remaining provisions shall remain in full force.

For any question on these Terms, contact us via our contact page or call +352 621 583 116.