Legal · Terms

Terms of Service — the agreement that lets you ship with us.

Effective: May 26, 2026 Last updated: May 26, 2026 Version: 1.1

01Agreement to these terms

These Terms of Service (the "Terms") form a binding agreement between you and EgisAI ("EgisAI", "we", "us") and govern your access to and use of the EgisAI runtime governance platform, including the dashboard at app.egisai.co, our APIs, our open-source SDK published at pypi.org/project/egisai, our documentation at docs.egisai.co, and our marketing pages at egisai.co (together, the "Service").

Contracting entity. "EgisAI" means Egis Labs, Inc., a Delaware corporation, with notices sent to adriano@egisai.co and to the postal address stated in the Privacy Policy or on the applicable order form.

By creating an account, calling egisai.init() with a key issued by us, or otherwise accessing the Service, you accept these Terms on behalf of yourself and any organisation you represent ("Customer", "you"). If you do not have authority to bind the organisation, do not use the Service.

A separately signed master agreement, order form, or DPA between EgisAI and Customer prevails over these Terms to the extent of any conflict.

02Beta & evaluation status

The Service is currently offered as a Beta / Evaluation offering. This means:

The Beta status does not waive any rights you may have under applicable consumer-protection law that cannot be excluded by contract.

03The service

EgisAI is a runtime control layer for AI agents and AI-powered applications. The Service helps Customers detect risky prompts and outputs, mask categories of personal data, restrict tool / connector use, and produce audit evidence of model and agent Behavior. EgisAI is not a substitute for your own application-level security, your own compliance programme, your own model selection, or your own legal review.

04Accounts & access

05Plans, fees & trials

The Service is currently offered under the plan tiers published on our pricing page or in your order form. While the Service is in Beta:

06SDK licence & ownership

The egisai Python SDK is published under the Apache License 2.0. Your use, modification, and redistribution of the SDK source is governed by that licence, not these Terms.

The hosted Service (dashboard, control-plane APIs, semantic-guard judge, intent summariser, dashboards, and related backend code) is not open source. We grant you a limited, non-exclusive, non-transferable, revocable right to access and use the hosted Service in accordance with these Terms.

You will not (a) reverse-engineer or attempt to derive the source code or models behind the hosted Service, (b) resell, sublicense, or "white-label" the hosted Service without our written consent, (c) use the Service to build a competing product, or (d) remove or obscure any proprietary notices.

All rights, title, and interest in and to the hosted Service (excluding the open-source SDK and excluding Customer Data) are and will remain ours.

07Customer data & processing

"Customer Data" means data submitted to the hosted Service by or on behalf of Customer, including the governance telemetry described in our Privacy Policy.

Where EgisAI processes personal data on behalf of Customer, the EgisAI Data Processing Addendum applies once executed by the parties or incorporated by reference into an applicable order form. The DPA includes, where applicable, Standard Contractual Clauses, UK and Swiss transfer addenda, technical and organisational measures, subprocessor terms, deletion and export assistance, and security-incident notification obligations. A signed DPA is available on request at sales@egisai.co.

08Acceptable use

Your use of the Service is also subject to the EgisAI Acceptable Use Policy (the "AUP"), which is incorporated by reference into these Terms. Until the AUP is published as a standalone page, the requirements below are the AUP.

You will not, and will not allow your end users to, use the Service to:

We may suspend or terminate access for violations of this section, and we may report violations of law to the appropriate authorities.

09Customer responsibilities

EgisAI helps you govern AI. It is not a substitute for your own controls. Specifically, you are responsible for:

10Availability & fail-open Behavior

The hosted Service is designed so that availability of your application takes precedence when no governance signal is available. In practice:

We may change defaults as the product matures; material changes that affect production fail-open Behavior will be flagged in the changelog and (for paid customers) communicated to workspace owners ahead of time.

Availability and enforcement warning. Certain controls may fail open by default to preserve application availability unless Customer configures fail-closed behavior. Customer must validate the applicable framework-specific enforcement mode before relying on a policy as a hard blocking control. PII detection itself is local and fails closed; the availability fail-open does not extend to letting raw PII through.

11Human approval for risky actions

Where the Service recommends remediations — such as suggesting a new policy, tightening an existing rule, classifying an agent, or escalating an incident — the default is that those recommendations require explicit human approval from a Customer administrator before they take effect. We will not silently change your enforced policy set on your behalf.

If Customer explicitly enables an automation that allows the Service to apply recommendations without per-event approval, Customer accepts responsibility for the outcomes of those automated actions on its workspace.

12Third-party services

The Service interoperates with third-party services (LLM providers such as OpenAI, Anthropic, Google, AWS Bedrock; SSO providers; the email-delivery and hosting subprocessors listed in our Privacy Policy). Your use of those third-party services is governed by their respective terms. EgisAI is not responsible for outages, defects, or policy changes by those third parties, except as specifically agreed in a signed order form.

13Feedback

If you submit suggestions, bug reports, or other feedback to us, you grant us a perpetual, irrevocable, worldwide, royalty-free licence to use that feedback to improve the Service. We will not identify you as the source without your permission.

14Confidentiality

Each party may receive non-public information from the other ("Confidential Information"). The receiving party will use Confidential Information only to perform under these Terms, will protect it with at least the same degree of care it uses for its own confidential information (and in no case less than reasonable care), and will not disclose it except to employees, contractors, and advisers bound by similar obligations.

Customer Data is treated as Customer's Confidential Information. The hosted Service's non-public code, judge prompts, and pricing are EgisAI's Confidential Information.

These obligations do not apply to information that is or becomes public through no fault of the receiving party, was already known without restriction, is independently developed, or is required to be disclosed by law (with notice where lawful).

15Warranties & disclaimers

Each party warrants that it has the right to enter into and perform these Terms. Customer warrants that it has the right to submit Customer Data to the Service.

No professional advice. The Service provides technical controls, operational telemetry, and audit-supporting evidence. EgisAI does not provide legal, regulatory, compliance, security, audit, insurance, or risk-management advice. Customer remains responsible for determining whether its AI systems, workflows, notices, policies, controls, and records satisfy applicable laws, regulations, standards, and contractual obligations.

16Limitation of liability

For Enterprise plans, the liability cap, exclusions, and any data-protection or security-incident specific cap will be as stated in the applicable order form or signed master agreement. The cap above continues to apply to self-serve plans and to any liability not otherwise addressed in an order form.

17Indemnification

By Customer. Customer will defend, indemnify, and hold harmless EgisAI from and against any third-party claim arising out of (i) Customer Data, (ii) Customer's use of the Service in breach of these Terms or the Acceptable Use Policy, or (iii) Customer's violation of applicable law.

By EgisAI. EgisAI will defend Customer against any third-party claim alleging that Customer's authorised use of the unmodified hosted Service infringes a third party's intellectual property rights, and will pay damages and costs finally awarded against Customer by a court of competent jurisdiction (or agreed in settlement) for such a claim. EgisAI's obligations under this paragraph do not apply to claims arising from (a) Customer Data, (b) modifications to the Service not made by EgisAI, (c) combination of the Service with products or data not provided by EgisAI where the claim would not have arisen but for the combination, or (d) Customer's use after we have notified Customer to stop.

Indemnification is conditioned on the indemnified party promptly notifying the indemnifying party in writing, giving the indemnifying party sole control of the defence and settlement (provided no settlement imposes a non-monetary obligation on the indemnified party without consent), and providing reasonable cooperation.

IP claim remedies. If the Service becomes, or in EgisAI's reasonable opinion is likely to become, the subject of an infringement claim, EgisAI may, at its option and expense: (i) procure for Customer the right to continue using the Service, (ii) modify or replace the Service so that it is non-infringing and substantially equivalent, or (iii) terminate the affected access on written notice and refund any prepaid, unused fees covering the period after termination. The remedies in this paragraph, together with the defence and payment obligations above, are EgisAI's sole liability and Customer's sole remedy for any third-party intellectual-property claim related to the Service.

18Term, suspension & termination

19Changes to the service & terms

We may modify the Service and these Terms from time to time. Material changes will be posted on this page with an updated "Effective" date and, where they would affect an active paid term, communicated to workspace owners by email. Your continued use of the Service after the effective date of a change constitutes acceptance of the updated Terms. If you do not agree, you must stop using the Service.

Prior versions of this document are available on request at support@egisai.co. We will publish an on-site archive at /legal/archive once more than one version has been issued.

20Export, sanctions & government use

You will comply with all applicable export, re-export, and sanctions laws. You represent that you are not located in, or a national or resident of, a country subject to comprehensive U.S. trade embargoes, and that you are not on any restricted-parties list. If you are a U.S. government entity, the Service is provided as "commercial computer software" with only those rights provided herein.

21Governing law & disputes

These Terms are governed by the laws of the State of Delaware, U.S.A., without regard to its conflict-of-laws principles. The exclusive jurisdiction and venue for any dispute will be the state or federal courts located in Delaware, and each party consents to personal jurisdiction there. The United Nations Convention on Contracts for the International Sale of Goods does not apply.

Nothing in this Section prevents either party from seeking equitable relief in any court of competent jurisdiction to protect its intellectual property or confidential information.

22General

23Contact

If you have questions about these Terms, want to negotiate a master agreement / DPA, or need to send a legal notice:

Plain-English summary. EgisAI is in Beta — features and defaults will move. The SDK is Apache 2.0; the hosted Service is not. You own your data; we don't train models on it. EgisAI helps you control AI, but you remain responsible for configuring policies, supervising agents, and managing permissions. The Service fails open on availability and fails closed on PII. Use the Service for what we say it does, not for what we don't. If anything in this contract surprises you, email us before you ship.