These Terms of Service ("Terms") govern the access to and use of our websites (including keygraph.io, keygraph.app, soc2sechub.com, and any other websites we own and control that post or link to these Terms), web applications, and related services (collectively, our "Services") provided by Keygraph Inc. ("Keygraph", "we", "us" or "our") by you and the entity you represent ("Customer", "you").
BY CLICKING A BUTTON OR CHECKING A BOX MARKED "I AGREE" (OR SIMILAR), OR BY ACCESSING OR USING THE SERVICES, YOU SIGNIFY THAT YOU HAVE READ, UNDERSTOOD, AND AGREE TO BE BOUND BY THESE TERMS ON BEHALF OF THE CUSTOMER. YOU REPRESENT AND WARRANT THAT YOU HAVE THE FULL LEGAL AUTHORITY TO BIND THE CUSTOMER TO THESE TERMS. IF YOU DO NOT HAVE SUCH AUTHORITY OR DO NOT AGREE TO THESE TERMS, YOU MUST NOT ACCEPT THIS AGREEMENT AND MAY NOT USE THE SERVICES.
We may make changes to these Terms from time to time. If we make material changes, we will provide you with at least thirty (30) days' notice, such as by sending an email or displaying a banner within the Services. Unless otherwise stated, amended Terms will be effective upon the start of your next subscription term. Your continued use of our Services after the changes take effect will confirm your acceptance of the new Terms. If you do not agree to the amended Terms, you must notify us and stop using our Services at the end of your current subscription term.
If you have any questions about these Terms or our Services, please contact us at legal@keygraph.io.
These Terms of Service (the "Terms") are a master agreement that governs your acquisition and use of our Services. The complete agreement between you and Keygraph (the "Agreement") consists of these Terms, our Data Processing Addendum (the "DPA"), and any ordering document, such as a Statement of Work (SOW), quote, or online checkout page, that you enter into with us ("Order Form").
In the event of any conflict or inconsistency between these Terms and an applicable Order Form, the terms of the Order Form shall prevail solely with respect to the subject matter of that Order Form.
Our Privacy Policy describes how we collect, use, and share personal information in our capacity as a data controller. It does not apply to the Customer Data that we process on your behalf.
We will implement and maintain appropriate technical and organizational security measures designed to protect Customer Data, as further described in our DPA.
By using our Services, you represent and warrant that you have the legal right and authority to enter into these Terms on behalf of the Customer. All references to "you" and "Customer" in these Terms include the entity you represent and all of its authorized users.
You must provide accurate account information and promptly update this information if it changes. Customer is responsible for: (a) maintaining the security and confidentiality of all account credentials; (b) preventing unauthorized access to or use of the Services; and (c) all activities that occur under its accounts, including those of its authorized users. You must notify us promptly of any suspected unauthorized access.
Our Services allow you and your authorized users to input, post, store, and share content, including text, data, and other materials ("Customer Data"). As between you and us, and except for the license you grant below, you retain all right, title, and interest in and to your Customer Data.
You grant Keygraph a nonexclusive, royalty-free, worldwide license to use, reproduce, modify, and process your Customer Data for the following purposes: (a) to provide, maintain, support, and secure the Services for you; and (b) to develop and improve our Services, including the training of our underlying algorithms and artificial intelligence models.
For any purpose related to the development or improvement of our Services under subsection (b), Keygraph will only use Customer Data after it has been aggregated and anonymized, such that it cannot reasonably be used to identify you, your users, or any natural person. This license does not grant us the right to display, publish, or distribute your personally identifiable or confidential Customer Data outside of the Services provided to you.
Some of our Services may include outputs generated using artificial intelligence ("AI Features"). Keygraph and its licensors own the underlying AI models and systems. You may use the output from AI Features ("AI Output") for your internal business purposes. You are solely responsible for reviewing and evaluating the accuracy, appropriateness, and legality of any AI Output before use or reliance. AI Output is provided "as-is" without any warranty and may be inaccurate, biased, or incomplete.
You represent and warrant that: (a) you have all necessary rights, licenses, and consents to provide your Customer Data to Keygraph; and (b) your Customer Data, and our use thereof as permitted by these Terms, will not violate any law or infringe upon the rights of any third party, including intellectual property or privacy rights.
You will not, and will not permit your users to, violate any applicable law, contract, intellectual property right, or other third-party right. You are solely responsible for all conduct occurring under your account. You will not:
Our Services, including all underlying software, technology, AI models, documentation, and content (excluding Customer Data), are the exclusive property of Keygraph and our licensors and are protected by law ("Keygraph IP"). Except as explicitly stated, all rights in and to the Keygraph IP are reserved by us.
Subject to your compliance with these Terms and payment of all applicable fees, you are granted a limited, nonexclusive, nontransferable, non-sublicensable, revocable license to access and use our Services during your subscription term solely for your internal business purposes.
Keygraph, our logos, product/service names, and the look and feel of our Services are our trademarks and may not be copied or used, in whole or in part, without our prior written permission. All other trademarks are the property of their respective owners.
Any questions, comments, suggestions, or other information about our Services ("Feedback") you submit is non-confidential. You grant us a perpetual, irrevocable, royalty-free, worldwide license to use such Feedback for any purpose, including for commercial use, without acknowledgment or compensation to you.
In accordance with the Digital Millennium Copyright Act (DMCA), we may terminate, in appropriate circumstances, the accounts of users who are deemed to be repeat infringers. If you believe anything on our Services infringes your copyright, please provide our Designated Agent with the following information:
Designated Agent: Madeline Nachbar Email: ops@keygraph.io
Please see 17 U.S.C. ยง 512(c)(3) for the full statutory requirements of a valid notification.
We may provide access to third-party services, data, or content ("Third-Party Content"). Your dealings with third parties and use of Third-Party Content are solely between you and the third party. We do not control, endorse, or make any representations regarding any Third-Party Content.
YOUR USE OF OUR SERVICES IS AT YOUR SOLE RISK. EXCEPT AS OTHERWISE PROVIDED IN A WRITING BY US, OUR SERVICES AND ANY CONTENT THEREIN ARE PROVIDED "AS IS" AND "AS AVAILABLE" WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE, AND NON-INFRINGEMENT. WE DO NOT WARRANT THAT OUR SERVICES ARE ACCURATE, COMPLETE, RELIABLE, CURRENT, OR ERROR-FREE. YOU ASSUME THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF OUR SERVICES.
TO THE FULLEST EXTENT PERMITTED BY LAW, NEITHER PARTY NOR ITS AFFILIATES OR PERSONNEL (COLLECTIVELY, THE "PARTIES") WILL BE LIABLE TO THE OTHER PARTY FOR ANY INDIRECT, CONSEQUENTIAL, EXEMPLARY, INCIDENTAL, PUNITIVE, OR SPECIAL DAMAGES OR LOST PROFITS, REGARDLESS OF THE THEORY OF LIABILITY (WHETHER IN CONTRACT, TORT, OR OTHERWISE), EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
THE TOTAL AGGREGATE LIABILITY OF THE KEYGRAPH PARTIES FOR ANY CLAIM ARISING OUT OF OR RELATING TO THESE TERMS OR OUR SERVICES IS LIMITED TO THE GREATER OF $500 OR THE AMOUNT PAID BY YOU TO USE OUR SERVICES IN THE TWELVE (12) MONTHS PRECEDING THE EVENT GIVING RISE TO THE CLAIM.
NOTWITHSTANDING ANYTHING TO THE CONTRARY IN THIS AGREEMENT, THE LIMITATIONS SET FORTH IN SECTION 13.1 AND 13.2 SHALL NOT APPLY TO:
(a) A PARTY'S INDEMNIFICATION OBLIGATIONS UNDER SECTION 15; (b) A BREACH OF A PARTY'S CONFIDENTIALITY OBLIGATIONS UNDER SECTION 14; (c) A PARTY'S GROSS NEGLIGENCE, WILLFUL MISCONDUCT, OR FRAUD; (d) THE CUSTOMER'S OBLIGATION TO PAY FEES OWED UNDER THIS AGREEMENT; OR (e) ANY LIABILITY THAT CANNOT BE EXCLUDED OR LIMITED UNDER APPLICABLE LAW.
"Confidential Information" means all non-public information disclosed by one party ("Discloser") to the other ("Recipient") that is designated as confidential or that reasonably should be understood to be confidential. Your Confidential Information includes your Customer Data; our Confidential Information includes the Keygraph IP and non-public pricing terms.
The Recipient will: (a) use the same degree of care it uses to protect its own confidential information (but not less than reasonable care); (b) not use any Confidential Information for any purpose outside the scope of this Agreement; and (c) limit access to Confidential Information to its employees and contractors who need that access for purposes consistent with this Agreement and who are bound by confidentiality obligations no less stringent than those herein.
Confidential Information excludes information that: (i) is or becomes publicly known through no breach of obligation; (ii) was known to the Recipient prior to disclosure; (iii) is received from a third party without breach of any obligation; or (iv) was independently developed by the Recipient. The Recipient may disclose Confidential Information if compelled by law, provided the Recipient gives the Discloser prior notice (if legally permitted) and reasonable assistance, at the Discloser's cost, to contest the disclosure.
You will defend, indemnify, and hold harmless Keygraph and the Keygraph Parties from any third-party claims, damages, liabilities, and costs (including reasonable attorneys' fees) arising from: (a) your Customer Data, including any claim that it infringes or misappropriates a third party's intellectual property or privacy rights; or (b) your breach of these Terms or violation of applicable law.
We will defend, indemnify, and hold harmless you from any third-party claims, damages, and costs (including reasonable attorneys' fees) finally awarded against you to the extent arising from a claim that your permitted use of the Services, as provided by Keygraph, directly infringes or misappropriates a third party's intellectual property rights (including patents, copyrights, trademarks, and trade secrets) in the United States, Canada, the European Union, or the United Kingdom. This obligation does not apply to claims arising from: (a) your Customer Data; (b) your modification of the Services; or (c) your use of the Services in combination with technology not provided by us.
The indemnified party must promptly notify the indemnifying party of any claim and cooperate in the defense. The indemnifying party will have control over the defense, but any settlement requiring the indemnified party to admit liability will require the indemnified party's prior written consent.
To provide our Services, you agree that we may process, transfer, and store information about you in the United States and other countries, where you may not have the same rights and protections as under local law.
Any dispute arising from these Terms or our Services will be governed by the laws of the State of California, without regard to its conflict of law rules. The United Nations Convention on Contracts for the International Sale of Goods does not apply.
You agree to pay all fees specified in the applicable ordering document, which may be an online checkout page, a quote, or another ordering document ("Order"). The fees specified in the Order ("Fees") may include, but are not limited to, the following types:
(a) Subscription Fees: Recurring fees for access to our platform or specific features, typically billed on a per-user ("seat") or other periodic basis.
(b) Add-on Fees: Recurring or one-time fees for additional products or services, such as the Penetration Test, which may be billed on a different cadence (e.g., annually) than your primary Subscription Fees.
(c) One-Time Fees: Fees for specific services such as setup, implementation, or professional services, which are typically billed once at the time of purchase.
(d) Usage-Based Fees: Fees based on your actual consumption of the Services (e.g., number of active users, API calls), which may be billed in arrears.
Except as otherwise specified in an Order, all Fees are quoted and payable in United States dollars.
Unless otherwise stated in an Order, Subscription Fees and recurring Add-on Fees are billed in advance at the start of each billing cycle (e.g., monthly or annually). One-Time Fees and Usage-Based Fees (if applicable) will be billed as specified in the Order. All invoices are due upon receipt. You will provide and maintain valid and updated payment information. By providing payment information, you authorize us to charge such payment method for all Fees specified in your Orders.
(a) Active User Billing: For Services priced on a per-user basis, your Subscription Fees will be automatically adjusted based on the number of active users associated with your account (e.g., your active Google Workspace accounts).
(b) User Additions: If you add users during a billing cycle, you will be charged a pro-rated amount for the remainder of that cycle, and the new total will be reflected in subsequent billing cycles.
(c) User Reductions: For monthly plans, reductions in user count will take effect at the start of the next billing cycle. For annual plans, reductions will take effect at the next annual renewal. No refunds or credits will be issued for user reductions made mid-cycle.
YOUR SUBSCRIPTIONS AND RECURRING ADD-ONS WILL AUTOMATICALLY RENEW. Unless you cancel prior to the end of the current term, your subscription services and recurring add-ons will automatically renew for a subsequent term of the same duration. You authorize us to automatically charge your payment method for the applicable renewal Fees. Each service or add-on will renew based on its own specific term (e.g., a monthly platform subscription will renew monthly, while an annual pentest add-on will renew annually).
We may offer free trials or promotional pricing. Payment information is required at trial signup. Standard rates for the selected Services will apply automatically after the trial or promotional period ends, unless you cancel at least 24 hours prior to its expiration. If payment fails at conversion, your account will be suspended until payment is received.
We may change our Fees at any time. For any recurring Fees, we will provide you with at least thirty (30) days' notice before the changes take effect. For monthly plans, changes will apply to your next billing cycle. For annual plans, changes will apply upon renewal. Your continued use of the Services after the new pricing takes effect constitutes your acceptance.
Our Fees are exclusive of all taxes, levies, or duties imposed by taxing authorities ("Taxes"). You are responsible for paying all Taxes associated with your purchases. If we are legally obligated to pay or collect Taxes on your behalf, we will invoice you and you will pay that amount.
We may use third-party payment processors to collect and manage payments. Your use of these processors may be subject to additional terms. By submitting payment information, you authorize us (and applicable processors) to charge all Fees using your preferred method. If payment fails, we will retry the charge and notify you. Services may be suspended if payment is not received within 10 days of the due date.
You may cancel any of your subscriptions or recurring add-ons at any time through your account settings or by contacting billing@keygraph.io.
Effect of Cancellation: Cancellations are effective at the end of the current billing term for each respective service. You will retain access until the term expires.
No Refunds: Except where required by law, or as otherwise stated in this section, Fees are non-refundable. No refunds or credits will be provided for partial or unused periods.
Keygraph Termination for Cause: If we terminate your account for cause as described in Section 20.3, any prepaid fees are non-refundable.
Keygraph Termination without Cause: If we terminate your account without cause, we will provide a pro-rated refund for any prepaid, unused Fees.
You may change your subscription plan at any time. The following terms apply unless otherwise specified:
(a) Upgrades. An upgrade is a switch to a higher-priced plan or a longer billing term (e.g., from monthly to annual). Upgrades take effect immediately. We will apply any prepaid but unused fees from your previous plan as a credit towards the upgraded plan's fee. You will be billed for the upgraded plan immediately, less any applicable credits.
(b) Downgrades. A downgrade is a switch to a lower-priced plan or a shorter billing term (e.g., from annual to monthly). Downgrades take effect at the end of your current billing term. You will maintain access to the features of your current plan until the term ends. At the renewal date, your plan will be switched to the downgraded plan, and you will be billed at the new rate. No refunds or credits will be provided for downgrades.
PLEASE READ THIS SECTION CAREFULLY AS IT AFFECTS YOUR RIGHTS.
Except for individual disputes that qualify for small claims court, all claims arising out of or relating to these Terms or the Services shall be resolved by binding arbitration on an individual basis under the rules of the American Arbitration Association ("AAA"). Arbitration shall be conducted in San Francisco, California.
ALL CLAIMS MUST BE BROUGHT IN AN INDIVIDUAL CAPACITY, AND NOT AS A PLAINTIFF OR CLASS MEMBER IN ANY PURPORTED CLASS, COLLECTIVE, OR REPRESENTATIVE PROCEEDING. YOU AND KEYGRAPH WAIVE ANY CONSTITUTIONAL AND STATUTORY RIGHTS TO GO TO COURT AND HAVE A TRIAL IN FRONT OF A JUDGE OR A JURY.
You may opt out of this arbitration agreement within 30 days of first accepting these Terms by emailing us at legal@keygraph.io with the subject line "Arbitration Opt-Out."
These Terms commence on the date you first accept them and continue until your subscription expires or is terminated in accordance with this Section. Your subscription term is either month-to-month or annual, depending on your selected plan.
We may suspend your access to the Services immediately if: (a) your account is overdue by more than 10 days; (b) we reasonably believe your use poses a security risk; (c) we receive a credible report of Terms violation pending investigation; or (d) we are required to do so by law or court order. During suspension, your data remains intact and you may remedy the issue within 30 days to restore access. We will notify you of suspension via email with the reason and remediation steps where applicable. Suspension of access does not suspend your obligation to pay applicable fees unless expressly stated otherwise in writing.
We may terminate your subscription and these Terms as follows:
For Cause: We may terminate immediately upon written notice if: (i) you materially breach these Terms and fail to cure within 10 days of notice; (ii) you engage in illegal activities using our Services; (iii) your account remains suspended for 30 days; or (iv) we are required to terminate by law.
Without Cause: We may terminate your subscription for any reason with 30 days' written notice. Such termination will be effective at the end of your current billing period (monthly or annual term).
Immediate Termination: We reserve the right to terminate immediately without notice for: (i) illegal content or activities that may harm others; (ii) actions that may damage our systems or other users; or (iii) violation of Section 5 (Prohibited Conduct) that poses immediate risk.
You may terminate your subscription at any time as described in Section 18.9. Termination takes effect at the end of your current billing period. For clarity:
Upon termination:
Upon termination or expiration of your subscription, you may request an export of your Customer Data for up to 30 days. After that period, Keygraph may delete all Customer Data in accordance with our data retention policies. We are not obligated to retain Customer Data beyond this period and disclaim any liability for deletion thereafter.
You agree to comply with all applicable U.S. export control and economic sanctions laws. You represent and warrant that you are not located in a country subject to U.S. embargo, nor are you on any U.S. government list of prohibited parties.
You grant us the right to identify your organization as a customer of Keygraph and to use your name and logo in our marketing materials, such as on our website and in customer lists. You may opt out of this by notifying us at legal@keygraph.io.
We may offer beta or experimental features ("Beta Services"). Beta Services are provided "as-is," without warranties, and may be modified or discontinued at any time. Your use of Beta Services is at your own risk.
These Terms, including any policies incorporated by reference (such as the Privacy Policy and DPA), constitute the entire agreement between you and Keygraph and supersede all prior agreements.
If any provision of these Terms is unlawful, void, or unenforceable, that provision is deemed severable and does not affect the validity of any remaining provisions.
The following sections will survive any expiration or termination of these Terms: 5 (Customer Data and AI Content), 7 (Ownership; Limited License), 8 (Trademarks), 9 (Feedback), 12 (Disclaimers), 13 (Limitation of Liability), 14 (Confidentiality), 15 (Indemnification), 17 (Governing Law and Venue), 18 (Fees and Payment Terms, for any fees due and owing), 19 (Dispute Resolution; Binding Arbitration), and 24 (Miscellaneous).
Our failure to exercise any right does not operate as a waiver of that right.
You may not assign these Terms without our prior written consent. We may freely assign these Terms.
We are not liable for any delay or failure to perform resulting from causes outside our reasonable control, including acts of God, war, or natural disaster.
We may provide notices to you electronically, including via email to the address associated with your account or through the Services.