Credential Handover & Client Access Disclaimer

For the purposes of this disclaimer, "credentials" and "access" refer to any of the following — whether provided directly by Neel Networks or already held by the client:

Access to any of the above — whether in full or in part — triggers the responsibilities and limitations described in this disclaimer.

Everything in this disclaimer flows from one simple principle: whoever controls the access, controls the responsibility. Here is how the two scenarios differ:

When a client requests and receives credentials from Neel Networks — for any reason — the following applies immediately and without exception:

• The client accepts full and exclusive responsibility for all actions performed using those credentials — whether by the client themselves, their employees, their in-house IT team, or any other party they share access with.
• Neel Networks is not responsible for any errors, broken features, website downtime, data loss, performance degradation, or security incidents caused by changes made through client-held access.
• Neel Networks is not responsible for any unintended consequences arising from plugin installations, theme changes, code modifications, database edits, server configuration changes, or any other actions taken by the client or any party acting on their behalf.
• Neel Networks is not responsible for changes made by a third-party developer, freelancer, or agency hired by the client, even if those changes are made to a website originally built by Neel Networks.
• All investigation, repair, restoration, or recovery work required as a result of client-managed changes will be treated as a new, billable request — quoted at our standard rates and requiring written approval before commencement.
• If a client holds credentials and an issue arises on the website, Neel Networks will not assume the cause was from our side. Investigation to determine the root cause is itself a billable activity under client-managed access.

If you are on an Annual Maintenance Plan with Neel Networks, the following actions — taken by you, your team, or any third party with access — will void our maintenance coverage for the affected areas of your website:

• Installing or activating plugins or themes without notifying Neel Networks — especially plugins that conflict with existing functionality, modify the database schema, or alter core files.
• Editing PHP files, theme files, functions.php, or any custom code directly through the WordPress editor, FTP, or any other file access method.
• Making changes to the website's database directly via phpMyAdmin or any database management tool.
• Changing hosting settings, PHP version, server configuration, or .htaccess without consulting Neel Networks first.
• Upgrading WordPress core, themes, or plugins manually without coordination with Neel Networks — especially major version upgrades that can break compatibility.
• Giving another agency, freelancer, or developer access to the website backend without informing Neel Networks — any changes they make are outside our oversight and therefore outside our coverage.
• Changing DNS settings, nameservers, or email configuration without consulting us — these can take websites offline and cause email delivery failures that are complex and time-consuming to diagnose and fix.
• Deleting files, posts, products, or database tables that were not clearly intended for deletion.

This section specifically addresses situations where a client gives access to their website to a third party — a freelancer, another web agency, an in-house developer hired after project delivery, or any other individual not employed by Neel Networks.

What happens when a third party accesses your website:

• The client becomes the sole responsible party for all changes made by that third party. The fact that Neel Networks originally built the website does not transfer any of this responsibility back to us.
• Neel Networks cannot be held responsible for broken functionality, data loss, design changes, performance issues, or security vulnerabilities introduced by another developer or agency.
• Our maintenance plan coverage is suspended for all areas of the website touched by the third party until a formal handover and review is completed by our team. This review is billable.
• If the third party's work needs to be undone or fixed, Neel Networks will assess the website and provide a quote for remediation. This is not covered by any maintenance plan.
• We strongly recommend notifying us before giving any third party access. We can advise on what roles and permissions to grant to minimise risk, and we can coordinate with the third party if needed.

Your responsibilities once you hold credentials:

• Change all passwords immediately after receiving them from Neel Networks. Do not use the credentials we provided as your permanent passwords.
• Use strong, unique passwords for all access points. Do not reuse passwords across different services.
• Enable Multi-Factor Authentication (MFA / 2FA) wherever available — WordPress, cPanel, hosting dashboards, domain registrars, and email accounts.
• Limit access to a need-to-know basis. Do not share admin credentials with anyone who does not genuinely require full admin access. Use limited roles (Editor, Author, Contributor) for team members with limited requirements.
• Do not share credentials over insecure channels — SMS or unencrypted email. Use a password manager with secure sharing features.
• Revoke access immediately when a team member, employee, or third-party developer no longer requires it.
• Monitor your website for unusual activity, unexpected admin accounts, or unknown file changes.

Neel Networks is not responsible for security incidents arising from:

• Weak or reused passwords chosen by the client or their team
• Credentials shared with unauthorised parties by the client
• Failure to enable available Multi-Factor Authentication
• Plugins or themes installed by the client that contain known vulnerabilities
• Compromised credentials on the client's own devices or email accounts
• Server-level vulnerabilities on hosting managed by the client or a third-party host
• Delays in applying security updates after we have recommended or flagged them

Website software — WordPress core, plugins, themes, PHP versions — requires regular updates to stay secure and compatible. When the client manages their own access, the following applies:

• The client is responsible for keeping all software up to date if they manage their own hosting and backend access.
• Updates can break things — particularly major version upgrades (e.g., WordPress 6.x to 7.x, PHP 8.1 to 8.3, or plugin major releases that change functionality). We strongly recommend testing all updates on a staging environment before applying to the live website.
• If an update breaks the website and the update was applied by the client or a third party, restoring or fixing the website is billable work — not covered under any maintenance plan.
• We will notify you when critical updates are available for your website. If you would like us to apply updates safely, contact us — we will quote for this as a separate task.
• Auto-updates are not recommended for live production websites without a staging environment and rollback plan. If your WordPress or hosting is configured to auto-update, we are not responsible for issues arising from automatic updates applied without our oversight.

Backups are your single most important safety net. The following applies under client-managed access:

• If you manage your own hosting, you are solely responsible for setting up, testing, and maintaining regular backups of your website files and database.
• If Neel Networks manages your hosting, we set up scheduled backups as part of your plan. However, you should still maintain independent copies of your data in a separate location — we strongly recommend this for all clients.
• Always take a complete manual backup — files and database — before making any changes to your website, applying updates, or giving a third party access.
• Backup restoration under client-managed access is a billable service. We will always restore promptly, but it is not free work.
• Neel Networks is not liable for data loss arising from the absence of adequate backups, failed backups, or corruption of backups caused by the client's hosting environment or actions.

When Neel Networks is the sole party with backend access to your website — and the client has not independently taken or shared credentials — we accept the following responsibilities as part of your plan:

• We handle all plugin, theme, and WordPress core updates on a safe, tested schedule
• We monitor basic uptime and respond to critical technical failures as per your plan's response time commitments
• Any issue caused by our own configuration, code, or update application is fixed at no additional cost
• We maintain backups as agreed in your plan and can restore quickly in the event of a failure
• We proactively notify you of any security vulnerabilities, incompatible plugins, or hosting issues that require your attention or approval
• Any third-party costs (premium plugin renewals, SSL renewal, hosting upgrades) are presented to you for written approval before being incurred on your behalf

To avoid any confusion when things go wrong, here is a clear reference table showing what is covered at no cost vs what is billed:

Neel Networks shall not be held liable — under any circumstances — for any loss, damage, data corruption, business interruption, revenue loss, reputational damage, or any other harm arising from:

• Any changes made to the website by the client, their employees, in-house team members, or any third party granted access by the client
• Security breaches, malware, hacking incidents, or data theft resulting from client-side credential exposure, weak passwords, or unauthorised access granted by the client
• Website downtime or data loss caused by actions taken through client-held credentials
• Plugin, theme, or WordPress core updates applied by the client or a third party without Neel Networks' oversight
• The failure of third-party services, platforms, hosting providers, or APIs — regardless of who manages the hosting
• Auto-updates enabled on a website without our knowledge or consent
• Any consequential, indirect, or punitive damages arising from any of the above

Liability cap: In all cases where Neel Networks is found liable for an issue arising from our own work or negligence, our total liability is limited to the amount paid by the client for the specific service or project giving rise to the claim in the preceding 6 months.

This disclaimer is governed by the laws of India. Any disputes arising from or related to this disclaimer, the handover of credentials, or client-managed access to a Neel Networks-built website shall be subject to the exclusive jurisdiction of the Courts of Mumbai, Maharashtra, India.

Both parties agree to first attempt resolution through good-faith discussion before initiating any formal legal proceedings.

For questions about this disclaimer, or to request support for issues arising from client-managed access: