1. Acceptance of Terms

By accessing or using the CMAI API, Licensee agrees to be bound by thisEULA and all applicable documentation, pricing, and usage limits published by Provider. If Licensee does not agree, they must not access or use the API.

2. License Grant

Provider grants Licensee a limited, non-exclusive, non-transferable, revocable license to access and use the CMAI API solely for Licensee’s internal business or development purposes and in accordance with the applicable plan, documentation, and this Agreement. This license is subject to the specific usage limits, tiers, or quotas defined in Licensee’s selected plan(self-service or enterprise) as published on Provider’s website or agreed in a separate order form.

Licensee may:

• Integrate the API into Licensee's software products, pipelines, or platforms
• Use the API output to automate or assist compliance control mapping.
• Make API outputs available to Licensee's end users as part of those integrated products or services, provided end users do not receive direct access to the API itself.
• Extend or customize framework mappings within Licensee's authorized environment.

Licensee may not:

• Reverse-engineer, decompile, or attempt to derive the API’s internal methods or logic.
• Use the API to build or train competing compliance automation tools.
• Resell, sublicense, or redistribute access to the API or API credentials, or bulk/systematic exports of API outputs as a standalone data product or service, without  Provider’s prior written consent.

3. Ownership and Intellectual Property

All rights, title, and interest in and to the CMAI API, documentation, algorithms, and proprietary data remain exclusively with Provider. Licensee retains ownership of any text or data submitted to the API (“Input Data”) and any derivative analyses or reports generated in Licensee’s systems (“OutputData”) but acknowledges that Provider retains all rights to its underlying models and mappings.

4. Data Usage and Privacy

Provider processes Input Data solely to generate Output Data and to maintain or improve core API performance. Provider does not use InputData for model training, third-party sharing, or unrelated analytics withoutLicensee’s consent.
Licensee is responsible for ensuring that submitted data complies with applicable privacy and confidentiality obligations.

5. API Tokens, Rate Limits, and Availability

Licensee must use valid API credentials issued by Provider. Tokens are personal and non-transferable. Provider may enforce rate limits, usage thresholds, or quotas to preserve service availability. Self-service plans are subject to published rate limits and may auto-suspend upon quota exhaustion.Enterprise plans may include custom limits or SLAs as separately agreed.Provider reserves the right to modify or suspend access with reasonable notice for maintenance, abuse, or security concerns.

6. Fees and Payment

Subscription fees for the Compliance Mapping AI API are non‑refundable unless required by applicable law or for billing errors or material service defects. For purposes of this Section 6, “billing errors” include, without limitation, unauthorized charges, duplicated bills, or charges inconsistent with the plan or term selected by Customer. “Material service defects” mean circumstances in which the service fails to operate as materially advertised in the then‑current documentation and onboarding materials, such that Customer cannot reasonably use the service for its intended purpose.

Notwithstanding the foregoing, if Customer participates in a free trial or “pay‑after‑trial” offer and converts from trial to a paid subscription, Customer may be eligible for a refund of the first subscription fee if Customer cancels the paid subscription within twenty‑four (24) hours of the initial charge, provided that Customer contacts Secberus Support at compliance.ai@secberus.com within that same 24‑hour period to request the refund. Secberus reserves the right to deny or revoke such refund in cases of misuse, abuse, or repeated exercise of this trial refund right.

7. Warranty Disclaimer

The CM AI API is provided “as-is” and “as-available.” Provider makes no warranties regarding accuracy, reliability, or suitability for a specific compliance interpretation. Licensee acknowledges the API is a tool for informational and automation purposes, not a substitute for certified compliance assessment or legal advice.

8. Limitation of Liability

To the fullest extent permitted by law, Provider shall not be liable for indirect, incidental, consequential, or punitive damages arising out of API use, including lost profits, data loss, or compliance misinterpretation.Aggregate liability shall not exceed the total fees paid by Licensee in the 12months preceding the claim.

9. Termination

Either party may terminate this Agreement upon written notice. Upon termination, Licensee must cease all API usage and delete API keys and confidential documentation. Sections 3, 7, and 8 survive termination.

10. Compliance and Export Controls

Licensee agrees to comply with all applicable export control and data protection laws in connection with API usage. The API may not be used in jurisdictions under legal restriction or sanction.

11. Governing Law

This Agreement is governed by the laws of the state of California, USA, excluding its conflict-of-law rules. Any disputes shall be resolved in the competent courts of Santa Clara County unless otherwise mutually agreed in writing.

12. Amendments

Provider may update this EULA to reflect changes in features, legal requirements, or business operations. Updates are effective upon posting; continued use constitutes acceptance.

13. Contact

For legal or support inquiries:
Email: compliance.ai@secberus.com
Address: SECBERUS, Inc., 382 NE 191st Street, PMB 57133, Miami, FL 33179-3899

‍