← Pylon Command
Get notified

Terms of Service

Last updated: May 20, 2026

Pre-launch notice. Command is currently in development and not yet available for use. These Terms of Service describe the terms that will apply when the platform launches and are published now so that prospective customers can review them. Use of the marketing site at thepylongroup.com/software/command is also governed by our corporate Terms of Use.

1. Acceptance of Terms

By accessing or using Command's security program management platform and related services (collectively, the "Service"), you agree to be bound by these Terms of Service ("Terms"). These Terms constitute a legally binding agreement between you and Advosec, LLC d/b/a The Pylon Group. If you are using the Service on behalf of an organization, you represent that you have the authority to bind that organization to these Terms.

If you do not agree to these Terms, you may not access or use the Service.

2. Description of Service

Advosec, LLC d/b/a The Pylon Group provides Command, a software-as-a-service platform for security program management. Command is designed to be the operating system for a security program. The Service will include:

  • Roadmap and milestone management for security program initiatives
  • Control library with framework mappings (NIST CSF, ISO 27001, SOC 2, HIPAA, PCI DSS, and others)
  • Exceptions and risk-acceptance workflows with approval chains
  • Audit and assessment management with finding tracking and remediation workflows
  • Policy and standards management
  • Board reporting, executive summary generation, and metrics rollups
  • AI-assisted control mapping, exception drafting, audit response drafting, and report generation
  • Integration with Scout (third-party risk) and Anvil (M&A diligence) where used together
  • Multi-program views for vCISOs and PE firms managing security across a portfolio

We reserve the right to modify, suspend, or discontinue any part of the Service at any time with reasonable notice. The feature list above describes the planned scope at launch and may be adjusted prior to general availability.

3. Account Registration and Security

You must register for an account to use the Service. You agree to provide accurate, current, and complete information during registration and to update such information to keep it accurate. You are responsible for maintaining the confidentiality of your account credentials and for all activities that occur under your account.

You must notify us immediately at [email protected] if you become aware of any unauthorized use of your account. We are not liable for any loss arising from unauthorized use of your account.

The Service is multi-tenant with organization-level data isolation. Each organization's data is logically separated through row-level security policies.

4. Data Ownership and License

4.1 Your Data

You retain all ownership rights to the data you input, upload, or create within the Service ("Your Data"). This includes roadmap items, control configurations, exceptions, audit records, policies, reports, and any other content you provide. We do not claim ownership of Your Data.

4.2 License to Us

By using the Service, you grant us a limited, non-exclusive, worldwide license to use, process, store, and transmit Your Data solely for the purpose of providing the Service to you, including AI-assisted analysis, drafting, reporting, and cross-platform integration with Scout and Anvil if your organization uses them. This license terminates when your account is closed and Your Data is deleted in accordance with our data retention practices.

4.3 AI Processing

When you use AI-assisted features, Your Data is processed by our AI service provider to generate suggestions, drafts, and outputs. Your Data is not used to train, improve, or fine-tune AI models. AI-generated outputs (control mappings, drafts, summaries, reports) are provided as informational aids and do not constitute professional security advice. Human review is required before AI outputs are relied upon for security, audit, board, or regulatory purposes.

4.4 Aggregated and Anonymized Data

We may create aggregated, anonymized, or de-identified data derived from Your Data and usage of the Service. Such data does not identify you or your organization and may be used for service improvement, benchmarking, and research purposes.

5. Acceptable Use

You agree not to:

  • Use the Service for any unlawful purpose or in violation of any applicable laws or regulations
  • Attempt to gain unauthorized access to any part of the Service, other accounts, or systems
  • Interfere with or disrupt the integrity or performance of the Service
  • Transmit any viruses, malware, or other harmful code
  • Reverse engineer, decompile, or disassemble any part of the Service
  • Use the Service to store or transmit content that infringes third-party intellectual property rights
  • Resell, sublicense, or make the Service available to third parties without our written consent
  • Use automated means (bots, scrapers) to access the Service without our written consent
  • Attempt to circumvent rate limits, security controls, or access restrictions

We reserve the right to suspend or terminate access for violations of these terms.

6. Intellectual Property

The Service, including its software, design, documentation, features, control library, and all related intellectual property, is owned by Advosec, LLC d/b/a The Pylon Group and protected by applicable intellectual property laws. These Terms do not grant you any rights to our trademarks, service marks, or trade names.

You may not copy, modify, distribute, or create derivative works based on the Service except as explicitly permitted by these Terms.

7. Confidentiality

Each party agrees to maintain the confidentiality of the other party's Confidential Information. "Confidential Information" includes any non-public information disclosed by one party to the other, including business plans, technical data, pricing, and platform data. Confidential Information does not include information that is publicly available, independently developed, or rightfully received from a third party.

We implement technical and organizational safeguards to protect the confidentiality of Your Data, as described in our Privacy Policy.

8. Service Availability

We strive to maintain high availability of the Service but do not guarantee uninterrupted access. The Service may be temporarily unavailable due to scheduled maintenance, infrastructure provider outages, or circumstances beyond our reasonable control. We will make commercially reasonable efforts to provide advance notice of planned maintenance.

Our infrastructure is hosted on Supabase (AWS) with Cloudflare for content delivery. Availability is subject to the uptime commitments of our infrastructure providers and will be detailed in your subscription agreement at the time of launch.

9. Payment Terms

Access to the Service may require a paid subscription. Pricing, payment terms, and subscription details are set forth in your order form or subscription agreement. Unless otherwise agreed, subscriptions renew automatically at the then-current rate. You may cancel your subscription in accordance with the cancellation terms in your agreement.

All fees are non-refundable unless otherwise specified in your agreement or required by applicable law.

10. Limitation of Liability

To the maximum extent permitted by applicable law, Advosec, LLC d/b/a The Pylon Group shall not be liable for any indirect, incidental, special, consequential, or punitive damages, including but not limited to loss of profits, revenue, data, business opportunities, or goodwill, arising out of or related to your use of the Service, regardless of the theory of liability.

Our total aggregate liability for any claims arising out of or related to these Terms or the Service shall not exceed the amounts paid by you in the twelve (12) months preceding the claim.

AI-generated outputs, control mappings, drafts, and reports are provided for informational purposes and should not be relied upon as the sole basis for security, audit, or regulatory decisions. Human review by a qualified practitioner is required before AI outputs are submitted to auditors, regulators, or the board. We are not liable for decisions made based on AI-generated content without human review.

11. Indemnification

You agree to indemnify, defend, and hold harmless Advosec, LLC d/b/a The Pylon Group and its officers, directors, employees, and agents from and against any claims, damages, losses, liabilities, and expenses (including reasonable attorneys' fees) arising out of or related to: (a) your use of the Service; (b) your violation of these Terms; (c) your violation of any third-party rights; or (d) data you input into the Service.

12. Termination

12.1 By You

You may terminate your account at any time by contacting us or through the platform's account settings. Upon termination, your access to the Service will cease and Your Data will be retained for 30 days to allow for export, after which it will be permanently deleted.

12.2 By Us

We may suspend or terminate your account if you breach these Terms, fail to pay applicable fees, or engage in conduct that we reasonably believe is harmful to the Service or other customers. We will provide notice where practicable.

12.3 Effect of Termination

Upon termination, sections relating to data ownership, limitation of liability, indemnification, confidentiality, and governing law shall survive.

13. Data Portability

You may export Your Data from the platform at any time using the available export features (including PDF reports, CSV exports, and document downloads). Upon account termination, we will make Your Data available for export during the 30-day retention period.

14. Modifications to Terms

We may update these Terms from time to time, including when Command launches and the terms described as forward-looking become operational. We will notify you of material changes by posting the updated Terms on this page, updating the "Last updated" date, and, where appropriate, sending notification via email or the platform. Your continued use of the Service after changes take effect constitutes acceptance of the revised Terms.

15. Governing Law and Dispute Resolution

These Terms shall be governed by and construed in accordance with the laws of the United States and the Commonwealth of Pennsylvania, without regard to conflict of law principles. Any disputes arising out of or relating to these Terms or the Service shall be resolved through binding arbitration in accordance with the rules of the American Arbitration Association, except that either party may seek injunctive relief in a court of competent jurisdiction.

16. General Provisions

These Terms, together with the Privacy Policy and any applicable order forms, constitute the entire agreement between you and Advosec, LLC d/b/a The Pylon Group with respect to the Command platform. If any provision of these Terms is found to be unenforceable, the remaining provisions shall continue in effect. Our failure to enforce any provision of these Terms shall not constitute a waiver. You may not assign these Terms without our prior written consent. We may assign these Terms in connection with a merger, acquisition, or sale of assets.

17. Contact Us

If you have questions about these Terms of Service, please contact us at:

Advosec, LLC d/b/a The Pylon Group
Email: [email protected]