1. Acceptance of Terms

By accessing or using the CMAI API, Licensee agrees to be bound by thisEULA and all applicable documentation, pricing, and usage limits published by Provider. If Licensee does not agree, they must not access or use the API.

2. License Grant

Provider grants Licensee a limited, non-exclusive, non-transferable, revocable license to access and use the CMAI API solely for Licensee’s internal business or development purposes and in accordance with the applicable plan, documentation, and this Agreement. This license is subject to the specific usage limits, tiers, or quotas defined in Licensee’s selected plan(self-service or enterprise) as published on Provider’s website or agreed in a separate order form.

Licensee may:

• Integrate the API into Licensee's software products, pipelines, or platforms
• Use the API output to automate or assist compliance control mapping.
• Make API outputs available to Licensee's end users as part of those integrated products or services, provided end users do not receive direct access to the API itself.
• Extend or customize framework mappings within Licensee's authorized environment.

Licensee may not:

• Reverse-engineer, decompile, or attempt to derive the API’s internal methods or logic.
• Use the API to build or train competing compliance automation tools.
• Resell, sublicense, or redistribute access to the API or API credentials, or bulk/systematic exports of API outputs as a standalone data product or service, without  Provider’s prior written consent.

3. Ownership and Intellectual Property

All rights, title, and interest in and to the CMAI API, documentation, algorithms, and proprietary data remain exclusively with Provider. Licensee retains ownership of any text or data submitted to the API (“Input Data”) and any derivative analyses or reports generated in Licensee’s systems (“OutputData”) but acknowledges that Provider retains all rights to its underlying models and mappings.

4. Data Usage and Privacy

Provider processes Input Data solely to generate Output Data and to maintain or improve core API performance. Provider does not use InputData for model training, third-party sharing, or unrelated analytics withoutLicensee’s consent.
Licensee is responsible for ensuring that submitted data complies with applicable privacy and confidentiality obligations.

5. API Tokens, Rate Limits, and Availability

Licensee must use valid API credentials issued by Provider. Tokens are personal and non-transferable. Provider may enforce rate limits, usage thresholds, or quotas to preserve service availability. Self-service plans are subject to published rate limits and may auto-suspend upon quota exhaustion.Enterprise plans may include custom limits or SLAs as separately agreed.Provider reserves the right to modify or suspend access with reasonable notice for maintenance, abuse, or security concerns.

6. Fees and Payment

Fees are outlined in the applicable pricing documentation. Self-service fees are billed via automated invoicing per the selected plan. Enterprise fees are as specified in the applicable order form or contract. Continued use of theAPI after a payment failure or subscription lapse may result in suspension. All fees are non-refundable unless otherwise stated.

7. Warranty Disclaimer

The CM AI API is provided “as-is” and “as-available.” Provider makes no warranties regarding accuracy, reliability, or suitability for a specific compliance interpretation. Licensee acknowledges the API is a tool for informational and automation purposes, not a substitute for certified compliance assessment or legal advice.

8. Limitation of Liability

To the fullest extent permitted by law, Provider shall not be liable for indirect, incidental, consequential, or punitive damages arising out of API use, including lost profits, data loss, or compliance misinterpretation.Aggregate liability shall not exceed the total fees paid by Licensee in the 12months preceding the claim.

9. Termination

Either party may terminate this Agreement upon written notice. Upon termination, Licensee must cease all API usage and delete API keys and confidential documentation. Sections 3, 7, and 8 survive termination.

10. Compliance and Export Controls

Licensee agrees to comply with all applicable export control and data protection laws in connection with API usage. The API may not be used in jurisdictions under legal restriction or sanction.

11. Governing Law

This Agreement is governed by the laws of the state of California, USA, excluding its conflict-of-law rules. Any disputes shall be resolved in the competent courts of Santa Clara County unless otherwise mutually agreed in writing.

12. Amendments

Provider may update this EULA to reflect changes in features, legal requirements, or business operations. Updates are effective upon posting; continued use constitutes acceptance.

13. Contact

For legal or support inquiries:
Email: compliance.ai@secberus.com
Address: SECBERUS, Inc., 382 NE 191st Street, PMB 57133, Miami, FL 33179-3899

‍