1) Acceptance

By creating an account or using the Service, you agree to these Terms. If you do not agree, do not use the Service.

2) Definitions

• Account: Your organization’s tenant.
• Project: A workspace within the Account.
• Credits: Metered units consumed by certain features (e.g., pentest runs).
• Artifacts: Outputs produced by the Service (e.g., findings, reports, evidence snippets).
• AI Pentest: On-demand, scope-bound security testing executed by our agents through your Account; if the SOC 2 option is enabled, a penetration tester is automatically assigned to test the application alongside the AI agents within Customer-configured scope and to review and validate the results for SOC-2-oriented outputs in-platform.

3) Service Overview

• 3.1 API Monitoring. Adaptive monitoring of your API activity to surface security-relevant events.
• 3.2 Dashboards. Configurable dashboards for analysis and sharing.
• 3.3 AI-Executed Penetration Testing. You configure targets, scope, time windows, and stop conditions; our agents execute tests only within that configured scope. If the SOC 2 option is enabled, a penetration tester reviews artifacts and prepares attestable outputs in-platform.

4) Accounts & Eligibility

Provide accurate registration information, keep it current, and restrict access to authorized users. You are responsible for actions taken under your Account.

5) Customer Responsibilities

• 5.1 Lawful Use / AUP. Do not misuse the Service (no illegal content, malware, interference, credential abuse, or unauthorized access).
• 5.2 Authorization for Testing. You represent you have authority to test the configured targets (including any third-party assets).
• 5.3 Data You Submit. Monitor collects data from your network traffic, and AI Pentest automatically collects data from your application. Automated redaction is best-effort only and may not remove all Personal Data.
• 5.4 Prohibited Uses. No testing of assets you do not control or lack written authorization to test; no activity that disrupts third-party services beyond agreed scope.

6) Plans, Credits, and Data Retention

Plan entitlements (projects, monthly Credits, retention) are stated at sign-up or in your order. Credits are deducted as features are used; unused promotional Credits may expire. Data retention follows your plan defaults or stricter settings you configure.

7) Fees, Indexation, Taxes

• 7.1 Fees. You will pay the fees for your selected plan and any metered/overage use. Fees are non-refundable except as required by law or expressly stated here.
• 7.2 Objective Indexation Only. We may adjust list prices by no more than the prior 12-month CPI-U (U.S.) (or another mutually agreed public index) once per contract year and only at renewal. Any increase above indexation requires your written agreement.
• 7.3 Taxes. Fees are exclusive of taxes; you are responsible for applicable taxes.

8) Intellectual Property & Licensing

• 8.1 Your Data & Artifacts. You retain ownership of your data and your Artifacts. You grant us a non-exclusive, worldwide, royalty-free license to host, process, and display your data solely to provide and support the Service and to generate de-identified analytics. We do not train models on your identifiable data without your explicit written agreement.
• 8.2 Our IP. We (and our licensors) own the Service and related IP. We grant you a limited, non-exclusive, non-transferable right to use the Service during your subscription term.

9) Third-Party Services

The Service may interoperate with third-party providers (e.g., model inference, email delivery). Their terms govern their services; we are not responsible for their acts or omissions.

10) Data Protection

Your use of the Service is governed by our Privacy Policy and, where GDPR/UK GDPR/Swiss FADP applies, the parties will execute our Data Processing Agreement (DPA). Nothing in these Terms limits or excludes obligations or liability that cannot be limited under applicable Data Protection Laws. Automated redaction aims to minimize exposure but is not comprehensive.

11) Term, Suspension, Termination

• 11.1 Term. Your subscription runs for the selected period.
• 11.2 Suspension. We may suspend access for material breach, legal risk, or platform security risk, after notice where practicable.
• 11.3 Termination for Convenience (Customer). You may terminate for convenience by written notice. If you pre-paid for a fixed term, we refund the pro-rata unused portion of base subscription fees (excluding consumed usage, overages, or one-time services). Month-to-month plans end at the close of the then-current cycle.
• 11.4 Effect of Termination. Access ends; we will delete or return your data per Section 12 and the DPA.

12) Return & Deletion

Upon termination or upon your written request, we will return or delete your data and Artifacts within 30 days, except where retention is required by law or for legitimate billing/defense purposes. Backups roll off on their normal cycles.

13) Warranties; Disclaimer

The Service is provided “as is”. We disclaim all implied warranties (merchantability, fitness, non-infringement) to the maximum extent permitted by law.

14) Indemnities

• 14.1 By AIKOCORP (IP). We will defend and indemnify you from third-party claims alleging the Service (as provided, when used in accordance with these Terms) infringes a U.S., UK, or EU patent, copyright, or trademark, or misappropriates a trade secret. Remedies: we may procure a license, modify or replace the Service, or credit/refund unused prepaid fees and terminate the affected subscription if none of the foregoing is commercially reasonable. Exclusions: combinations not supplied by us, unsupported use, modifications not made by us.
• 14.2 By You. You will defend and indemnify us from third-party claims arising from (a) your data or instructions, (b) testing of assets without proper authorization or outside configured scope, or (c) your breach of law.

15) Limitation of Liability

Neither party is liable for indirect, incidental, special, consequential, or punitive damages, or lost profits/revenue. Aggregate liability for all claims is limited to fees paid or payable for the Service in the 12 months before the event giving rise to liability. Carve-out: The foregoing does not limit (i) liability that cannot lawfully be limited, or (ii) obligations/ liability to the extent such limitation is prohibited by applicable Data Protection Laws (e.g., GDPR).

16) Confidentiality

Non-public information disclosed by one party to the other must be protected and used only to perform under these Terms.

17) Governing Law & Venue

Enterprise/EU option (based on the region selected at the time of account creation): Laws of Denmark; exclusive jurisdiction in Copenhagen courts. Enterprise/UK option (fallback): Laws of England & Wales; exclusive jurisdiction in its courts. Default (self-serve U.S. signups): Laws of Delaware, USA; exclusive jurisdiction in Delaware courts.

18) Changes

We may update these Terms; material changes will be announced before they take effect. Continued use after the effective date constitutes acceptance.

19) Miscellaneous

Assignment (including change of control) with notice; severability; no waiver unless in writing; order form controls over conflicts; notices to the addresses provided at sign-up.