Terms of Service
Last updated: 27 May 2026
You can also download a PDF copy: Terms of Service (PDF).
Terms of Service — Kratos Systems
Effective Date: 27th May 2026
Company: Kratos Systems, a company incorporated in Kenya
Contact: info@kratosystems.africa
Version: 1.0
These Terms of Service (the "Terms") govern your access to and use of the website operated by Kratos Systems (the "Website") and the professional technology services we provide (the "Services"). By accessing the Website or engaging our Services, you agree to be bound by these Terms. If you do not agree, you must not access the Website or engage our Services. These Terms are entered into between Kratos Systems ("we", "us", "our") and you, the user or client ("you", "your"). They are a legally binding agreement under the Law of Contract Act, Cap 23 (Kenya). Electronic acceptance, including browsing the Website, submitting an enquiry, or executing a Statement of Work constitutes valid acceptance under the Business Laws (Amendment) Act, 2020 and the Kenya Information and Communications Act, Cap 411A.
Introduction and Acceptance of Terms
By accessing or using the Website, or by engaging Kratos Systems to provide any Services, you confirm that you have read, understood, and agree to be bound by these Terms and any documents incorporated by reference, including any applicable Statement of Work and our Privacy Policy. Acceptance of these Terms may occur by: (a) browsing or using any part of the Website; (b) submitting an enquiry, contact form, or request for proposal; (c) executing a Statement of Work or Service Agreement that references these Terms; or (d) any other conduct that reasonably indicates acceptance. If you accept these Terms on behalf of a company or other legal entity, you represent and warrant that you have the authority to bind that entity. In that case, "you" and "your" refer to that entity. In the event of a conflict between these Terms and a signed Statement of Work, the Statement of Work shall prevail to the extent of the inconsistency. We reserve the right to refuse access to the Website or to decline to provide Services to any person at our reasonable discretion.
Definitions
In these Terms, the following definitions apply: (a) "Company" means Kratos Systems, a company incorporated in Kenya, including its directors, employees, agents, and authorised representatives. (b) "Client" means any individual, company, or other legal entity that engages the Company to provide Services under a Statement of Work or Service Agreement. (c) "Services" means the professional technology services offered by the Company as described in Section 3. (d) "Website" means the Company's website and any sub-domains, landing pages, or digital properties operated by the Company. (e) "Deliverables" means any work product, software, code, documentation, reports, models, or other outputs created by the Company specifically for a Client under a Statement of Work. (f) "Confidential Information" means any non-public technical, commercial, financial, or operational information disclosed by one party to the other in connection with these Terms or the Services, in any medium and whether or not marked as confidential. (g) "Personal Data" has the meaning given to it under the Data Protection Act, 2019 (Kenya). (h) "Intellectual Property" or "IP" means all patents, copyrights, trademarks, trade secrets, database rights, design rights, moral rights, and all other intellectual property rights, whether registered or unregistered, anywhere in the world. (i) "Statement of Work" or "SOW" means a written document executed by both parties that sets out the specific scope, fees, timelines, and deliverables for a particular engagement. (j) "Background IP" means all IP owned or licensed by the Company prior to, or developed independently of, any particular Client engagement, including proprietary tools, frameworks, methodologies, libraries, and platform components. (k) "Data Protection Act" or "DPA 2019" means the Data Protection Act, 2019 (Kenya) and all subsidiary regulations and guidance issued by the Office of the Data Protection Commissioner (ODPC). (l) "Force Majeure Event" has the meaning given in clause 17.2.
Our Services
Kratos Systems provides professional technology services to businesses and organisations. Our core service lines include: (a) Software Engineering — custom software design, development, testing, and maintenance; (b) AI & Machine Learning — design, development, and deployment of artificial intelligence and machine learning models, pipelines, and applications; (c) Cloud Infrastructure — design, deployment, management, and optimisation of cloud-based infrastructure and platforms; (d) Automation Systems — development of workflow automation, robotic process automation, and systems integration solutions; (e) Data Engineering — data pipeline architecture, data warehousing, analytics infrastructure, and data transformation services; and (f) Cybersecurity — security assessments, penetration testing, vulnerability management, security architecture, and incident response support. The specific scope, deliverables, pricing, timelines, and service-level commitments for any engagement are set out in individual Statements of Work or Service Agreements executed between the Company and each Client. No binding service-level obligations, performance guarantees, or uptime commitments arise from these Terms alone or from any portfolio case study, marketing material, or Website content. Portfolio case studies and project descriptions published on the Website are for illustrative purposes only and do not represent guarantees of identical outcomes, performance, or results for future engagements. We may decline to provide Services that we determine, in our reasonable judgement, are unlawful, technically infeasible, or contrary to our professional or ethical standards.
Eligibility
To access the Website or engage our Services, you must: (a) be at least 18 years of age; (b) have the legal capacity to enter into binding contracts under Kenyan law; and (c) if acting on behalf of a business entity, represent a company or organisation that is duly incorporated or registered under the applicable laws of its jurisdiction of formation. By using the Website or engaging our Services, you represent and warrant that you meet all eligibility requirements in clause 4.1. We do not knowingly provide Services to persons who lack legal capacity or to unregistered entities purporting to act as incorporated businesses. If we become aware that you do not meet the eligibility requirements, we may suspend or terminate your access without liability to you.
Intellectual Property
Background IP. We retain all right, title, and interest in and to our Background IP, including our proprietary tools, frameworks, methodologies, libraries, software components, development templates, and any technology created by us independently of any specific Client engagement. Nothing in these Terms or any SOW transfers ownership of our Background IP to any Client. Bespoke Deliverables. Subject to clause 5.1 and to full payment of all fees due under the applicable SOW, we agree to assign to the Client all right, title, and interest in the bespoke Deliverables created specifically for that Client under the SOW. For the avoidance of doubt: (a) any Background IP incorporated into Deliverables remains the Company's property and is licensed to the Client on a non-exclusive, royalty-free, perpetual basis solely for the Client's use of the relevant Deliverable; and (b) IP assignment takes effect only upon receipt of full payment, no IP vests in the Client before that point. Default position absent a signed SOW. Where the Company provides services without a signed SOW in place, all IP in any work product created by the Company remains the Company's property unless and until a written assignment is separately executed. Under the Copyright Act (Kenya), the author retains copyright by default absent a written assignment. Clients should not assume ownership of any work product without a signed written assignment. Portfolio licence. The Company retains a non-exclusive, royalty-free licence to reference, display, and describe Deliverables and project outcomes as part of its portfolio and marketing materials, unless the Client has requested in writing that the engagement be kept confidential, in which case we will not publicly identify the Client or disclose identifying project details. Open-source components. Where we incorporate open-source software into Deliverables, those components are subject to their respective open-source licences. We will identify material open-source dependencies in the applicable SOW or associated documentation. Client-provided materials. By providing us with materials, data, content, or other inputs for the purpose of receiving the Services, you grant us a limited, non-exclusive, royalty-free licence to use those materials solely to perform the Services. You represent and warrant that you have all rights necessary to grant this licence. Website content. All content on the Website including text, graphics, logos, and code is owned by or licensed to the Company and is protected under Kenyan copyright law. You may not reproduce, distribute, or create derivative works from Website content without our prior written consent.
Client Obligations
You agree to cooperate with us in good faith throughout the delivery of the Services. In particular, you shall: (a) provide accurate, complete, and timely instructions, approvals, materials, and feedback as reasonably required to enable us to perform the Services; (b) ensure that any materials, data, content, or other inputs you provide to us are accurate, do not infringe any third-party intellectual property rights, and do not violate any applicable law; (c) ensure that you hold all necessary rights, licences, and consents to share client-provided materials with us for the purposes of the Services; (d) not use the Services or Deliverables for any unlawful, fraudulent, or harmful purpose; (e) comply with all applicable laws and regulations in connection with your use of the Services and Deliverables, including the Data Protection Act, 2019, the Computer Misuse and Cybercrimes Act, 2018, and any sector-specific regulations applicable to your business; and (f) promptly notify us of any change in circumstances that may materially affect the delivery of the Services. Where delivery of the Services is delayed or disrupted as a direct result of your failure to fulfil your obligations under clause 6.1, we may: (a) pause delivery timelines without waiving our right to accrued fees; and (b) recover additional costs reasonably incurred as a result of the delay, as agreed in the applicable SOW.
AI and Machine Learning Services
This section applies to all Services involving the design, development, or deployment of artificial intelligence or machine learning systems, models, or pipelines ("AI Services"). Nature of AI outputs. AI and machine learning systems produce probabilistic outputs. Accordingly: (a) outputs generated by AI systems are not guaranteed to be accurate, complete, error-free, unbiased, or fit for any specific purpose; (b) AI outputs may reflect patterns or biases present in training data; and (c) the Company does not warrant that any AI system will perform identically across all operating environments or datasets. Client validation obligation. You are responsible for reviewing, validating, and testing all AI-generated outputs before relying on them for any operational, commercial, regulatory, or decision-making purpose. You must apply appropriate human oversight, particularly in high-stakes contexts such as healthcare, financial services, legal matters, or employment decisions. Performance metrics. The Company does not guarantee specific AI model performance metrics including accuracy rates, precision, recall, or latency benchmarks unless those metrics are expressly set out in a signed SOW. Regulatory compliance. You are responsible for ensuring that your use of AI Deliverables complies with all applicable laws, including the Data Protection Act, 2019, sector-specific regulations applicable to your industry, and any guidelines issued by relevant Kenyan regulatory authorities. AI model ownership. Where AI models are trained on data you provide: (a) the trained model weights produced from your data remain your property, subject to full payment and the IP assignment provisions in clause 5.2; and (b) any model architectures, training methodologies, pipelines, or tooling developed independently by the Company, including those used to build your model remain the Company's Background IP under clause 5.1. Training data warranty. You warrant that any data you provide for AI model training has been collected lawfully, that you have all necessary rights to use it for that purpose, and that its use complies with the Data Protection Act, 2019 and any other applicable law.
Cybersecurity Services
This section applies to all Services involving penetration testing, vulnerability assessments, security audits, threat modelling, or any offensive or defensive security activities ("Cybersecurity Services"). Written authorisation required. All penetration testing, ethical hacking, and security assessments will be carried out only under a signed written authorisation from you that specifies the scope, target systems, and testing parameters. We will not conduct any testing outside the agreed and authorised scope. Any changes to the authorised scope must be agreed in writing before implementation. Pre-existing vulnerabilities. We are not liable for any vulnerabilities, weaknesses, or security gaps that existed in your systems, networks, or applications prior to the commencement of our engagement and that are discovered or disclosed during the course of our work. Advisory nature. Security recommendations, reports, and remediation guidance provided by us are advisory in nature. Implementation of those recommendations is your responsibility unless implementation services are expressly agreed in the applicable SOW. Company's security liability. Where a security breach arises from our own negligent acts or omissions in performing Cybersecurity Services, our liability is not excluded. Such liability is subject to the aggregate cap in clause 12.1 and the carve-out in clause 12.4. Legal compliance. All Cybersecurity Services are performed in strict compliance with the Computer Misuse and Cybercrimes Act, 2018 (Kenya). Any engagement that involves access to third-party systems requires prior written authorisation from the owner of those systems.
Fees and Payment
Fees for the Services are as agreed between the parties in the applicable SOW or invoice. These Terms do not independently establish any fee schedule. Unless otherwise stated in the applicable SOW, all fees are denominated in Kenyan Shillings (KES). Where fees are agreed in a foreign currency, the applicable exchange rate and conversion mechanism will be specified in the SOW. Payment is due within 30 days of the date of invoice, unless a different payment schedule is agreed in the applicable SOW. If payment is not received by the due date, we reserve the right to charge interest on the overdue amount at 2% per month, calculated from the due date until the date of actual payment, subject to any maximum rate prescribed by applicable Kenyan law. If any invoice remains unpaid for more than 14 days after we have given you written notice of non-payment, we may suspend delivery of the Services. Suspension does not release you from your obligation to pay fees for work already completed. All fees are exclusive of value added tax (VAT) or any other applicable taxes unless stated otherwise. Where VAT or other taxes are applicable, they will be added to invoices at the prevailing rate. You are responsible for providing any applicable tax exemption certificates in a timely manner. Pre-authorised, evidenced out-of-pocket expenses (including travel, accommodation, and third-party licences) may be invoiced in addition to agreed fees, as specified in the applicable SOW. We may withhold delivery of Deliverables until all outstanding fees have been paid in full.
Confidentiality
Each party undertakes to keep the other party's Confidential Information strictly confidential and not to disclose it to any third party without the prior written consent of the disclosing party. Each party shall use the other party's Confidential Information solely for the purposes of performing its obligations or exercising its rights under these Terms or the applicable SOW. Each party may disclose Confidential Information only to its employees, contractors, advisers, or sub-contractors who need to know it for those purposes, provided that such persons are bound by confidentiality obligations no less protective than those set out here. The obligations in clauses 10.1 and 10.2 do not apply to information that: (a) is or becomes publicly available through no fault of the receiving party; (b) was already known to the receiving party at the time of disclosure, as evidenced by written records predating the disclosure; (c) is independently developed by the receiving party without use of or reference to the disclosing party's Confidential Information; or (d) is required to be disclosed by applicable law, court order, or regulatory authority, provided that the receiving party gives the disclosing party prompt written notice where lawfully permitted to do so, and cooperates to seek a protective order or other appropriate remedy. The confidentiality obligations in this Section 10 survive termination or expiry of these Terms and any applicable SOW for a period of 3 years from the date of termination or expiry, unless the parties agree in writing to a longer period in the relevant SOW.
Data Protection
Both parties agree to comply with all applicable data protection laws in connection with these Terms and any Services, including the Data Protection Act, 2019 (Kenya) and all subsidiary regulations and guidance issued by the ODPC. Where the Company processes Personal Data on behalf of the Client in the course of providing the Services, the Company acts as a data processor under the Client's instructions. In such cases, the parties shall execute a separate Data Processing Agreement before processing commences, as required by the Data Protection Act, 2019. The Company will not process Client Personal Data except on the Client's documented instructions. Where the Company processes Personal Data for its own purposes including managing the Website and client relationships, it acts as an independent data controller. Such processing is governed by the Company's Privacy Policy, available on request at info@kratosystems.africa. Each party shall implement appropriate technical and organisational measures to protect Personal Data against unauthorised access, loss, destruction, or disclosure. In the event of a Personal Data breach, the affected party shall notify the other party without undue delay. Each party shall comply with its own breach notification obligations under the Data Protection Act, 2019, including the requirement to notify the ODPC within 72 hours of becoming aware of a breach likely to result in risk to the rights and freedoms of data subjects. For data protection queries or to exercise data subject rights, please contact us at info@kratosystems.africa. You also have the right to lodge a complaint with the Office of the Data Protection Commissioner at odpc.go.ke.
Limitation of Liability
Aggregate cap. Subject to clauses 12.3 and 12.4, the Company's total aggregate liability to you arising out of or in connection with these Terms, any SOW, or the Services whether in contract, tort (including negligence), breach of statutory duty, or otherwise shall not exceed the total fees paid by you to the Company in the 12 months immediately preceding the event giving rise to the claim. Excluded losses. Subject to clauses 12.3 and 12.4, neither party shall be liable to the other for: (a) loss of profits or revenue; (b) loss of business or contracts; (c) loss of anticipated savings; (d) damage to reputation or goodwill; or (e) any indirect, consequential, or special losses, except where such losses are caused by gross negligence, fraud, or wilful misconduct on the part of the party against whom the claim is made, in which case this exclusion shall not apply. Non-excludable liability. Nothing in these Terms limits or excludes either party's liability for: (a) death or personal injury caused by negligence; (b) fraud or fraudulent misrepresentation; (c) any liability that cannot lawfully be excluded or limited under Kenyan law, including non-excludable consumer protections under the Consumer Protection Act, 2012 (Kenya) and in particular Section 15 of that Act; or (d) any other liability that cannot be excluded or limited by applicable law. Cybersecurity and data carve-out. The Company's liability for a security breach or Personal Data loss caused directly by its own negligent acts or omissions in performing the Services is not excluded under clause 12.2. Such liability remains subject to the aggregate cap in clause 12.1. You acknowledge that the fees charged by the Company reflect the allocation of risk in this Section 12, and that the limitations and exclusions set out here are reasonable in the context of a professional B2B services relationship. Website content is provided "as is". We do not warrant the accuracy or completeness of any Website content, and we accept no liability for loss arising from reliance on it.
Indemnification
You shall indemnify, defend, and hold harmless the Company and its directors, employees, agents, and sub-contractors from and against any third-party claims, losses, damages, costs, and expenses (including reasonable legal fees) arising from or in connection with: (a) your misuse of any Deliverable in a manner not authorised by these Terms or the applicable SOW; (b) any allegation that client-provided materials, including data, content, or software, infringe the intellectual property rights or other rights of any third party; (c) your breach of any applicable law or regulation, including the Data Protection Act, 2019, in connection with your use of the Services or Deliverables; or (d) any claim arising from your use of AI Deliverables without adequate validation or in contravention of applicable regulatory requirements. The Company shall indemnify you against direct losses arising from the Company's wilful and knowing reuse of materials that the Company was not authorised to use and that are found to infringe a third party's intellectual property rights. The indemnifying party shall: (a) notify the indemnified party promptly in writing of any claim triggering indemnification obligations;