Terms
Noxen is a Mac-native homelab vulnerability scanner sold as a one-time licence (with optional subscription add-ons). These terms cover the software, the noxen.app website, and our obligations to you.
Licence
Buying a Noxen licence grants you the right to install and use the app on Macs you own or control, up to the host count shown for your tier (3 / 25 / 100 / 500). A licence is tied to the person or organisation that purchased it. You may reinstall as often as you like, and activate the same licence on up to three Macs you personally use.
Payments and merchant of record
Paddle.com Market Limited (Paddle, Inc. for US customers) is the merchant of record for every paid Noxen tier. When you click a Buy button, you transact with Paddle — they collect payment, charge applicable sales tax / VAT / GST in your jurisdiction, issue the invoice, and remit the appropriate taxes. By completing a purchase, you also accept Paddle's buyer terms and privacy policy.
We never see your card number, billing address, or CVV — Paddle handles all of that. Subscription tiers (Maintenance, Live Feed, MSP / Team) renew automatically on the cadence shown at checkout; you can cancel any time via the Paddle customer portal or by emailing us. Cancellation takes effect at the end of the current billing period; access continues until then.
Refunds
30-day refund for any reason after purchase, no questions asked. If Noxen fails to ship a working public release within the timeframe you were shown at checkout, the refund window extends until we ship. Refund via the Paddle customer portal — your original receipt email contains a self-serve refund link — or by emailing hello@noxen.app. Refunds typically arrive on your card within 5-10 business days depending on your bank.
What Noxen is not
Noxen is a defensive scanner. It observes and reports. It does not attempt to authenticate against services you flag, does not run exploit code, and does not attempt to exploit CVEs it detects.
Noxen is not a replacement for a compliance audit. The findings it emits are evidence, not conclusions. Do not use Noxen as the primary control for ISO 27001, SOC 2, PCI, or any other formal audit programme.
Authorisation
You may only scan hosts you own, manage, or have explicit permission to scan. Using Noxen against machines you don't own is illegal in most jurisdictions, regardless of intent.
Warranty + liability
Noxen is provided "as is." We make no warranty that it will detect every vulnerability or that the signed CVE feed will be complete at any given moment. Liability is limited to the amount you paid for the current licence or subscription period.
Changes
If these terms change materially, we'll update the "Last updated" date at the top of this page. Continued use after an update means you accept the new terms.
Contact
hello@noxen.app for anything contract-related.