Terms of Service

1. OUR SERVICES

The information provided when using the Services is not intended for distribution to or use by any person or entity in any jurisdiction or country where such distribution or use would be contrary to law or regulation or which would subject us to any registration requirement within such jurisdiction or country. Accordingly, those persons who choose to access the Services from other locations do so on their own initiative and are solely responsible for compliance with local laws, if and to the extent local laws are applicable.

The Services are not tailored to comply with industry-specific regulations (Health Insurance Portability and Accountability Act (HIPAA), Federal Information Security Management Act (FISMA), etc.), so if your interactions would be subjected to such laws, you may not use the Services. You may not use the Services in a way that would violate the Gramm-Leach-Bliley Act (GLBA).

2. INTELLECTUAL PROPERTY RIGHTS

Our intellectual property We are the owner or the licensee of all intellectual property rights in our Services, including all source code, databases, functionality, software, website designs, audio, video, text, photographs, and graphics in the Services (collectively, the "Content"), as well as the trademarks, service marks, and logos contained therein (the "Marks").

Our Content and Marks are protected by copyright and trademark laws (and various other intellectual property rights and unfair competition laws) and treaties around the world.

The Content and Marks are provided in or through the Services "AS IS" for your internal business purpose only. Your use of our Services Subject to your compliance with these Legal Terms, including the "PROHIBITED ACTIVITIES" section below, we grant you a non-exclusive, non-transferable, revocable license to: access the Services; and download or print a copy of any portion of the Content to which you have properly gained access, solely for your internal business purpose.

Except as set out in this section or elsewhere in our Legal Terms, no part of the Services and no Content or Marks may be copied, reproduced, aggregated, republished, uploaded, posted, publicly displayed, encoded, translated, transmitted, distributed, sold, licensed, or otherwise exploited for any commercial purpose whatsoever, without our express prior written permission.

If you wish to make any use of the Services, Content, or Marks other than as set out in this section or elsewhere in our Legal Terms, please address your request to: [email protected]. If we ever grant you the permission to post, reproduce, or publicly display any part of our Services or Content, you must identify us as the owners or licensors of the Services, Content, or Marks and ensure that any copyright or proprietary notice appears or is visible on posting, reproducing, or displaying our Content.

We reserve all rights not expressly granted to you in and to the Services, Content, and Marks.

Any breach of these Intellectual Property Rights will constitute a material breach of our Legal Terms and your right to use our Services will terminate immediately. Your submissions Please review this section and the "PROHIBITED ACTIVITIES" section carefully prior to using our Services to understand the (a) rights you give us and (b) obligations you have when you send us free-form product feedback.

Submissions (scope): For the purposes of this section, "Submissions" means free-form product feedback that you voluntarily provide to us about the Services — for example bug reports, feature requests, suggestions, comments, ideas, questions, or other feedback sent to [email protected], posted in a feedback form, or otherwise communicated to us outside the normal operation of the product. "Submissions" expressly does NOT include Customer Content (as defined in Section 7), including prompts, API requests and payloads, session or runtime content, tool inputs and outputs, uploaded files, configuration, credentials, or any personal data submitted through the admin console, the Runtime API, MCP interfaces, webhooks, or other documented product interfaces. Customer Content is governed exclusively by Section 7 (Customer Content and Runtime Data), Section 25 (Customer Data and AI Service Providers), and, where applicable, the Data Processing Agreement, and no license is granted to us over Customer Content under these Legal Terms.

Submissions (license): By sending us a Submission as scoped above, you grant us a perpetual, irrevocable, worldwide, royalty-free, non-exclusive, sublicensable, and transferable license to use, reproduce, modify, publish, and distribute such Submission for any lawful purpose, commercial or otherwise, without acknowledgment or compensation to you. You are not required to provide Submissions; if you choose to provide them, you confirm that you have the rights necessary to grant this license.

You are responsible for what you submit: By sending us Submissions you: confirm that you have read and agree with our "PROHIBITED ACTIVITIES" and will not send us any Submission that is illegal, harassing, hateful, harmful, defamatory, obscene, bullying, abusive, discriminatory, threatening to any person or group, sexually explicit, false, inaccurate, deceitful, or misleading; to the extent permissible by applicable law, waive any and all moral rights to any such Submission; warrant that any such Submission is original to you or that you have the necessary rights and licenses to grant us the license above; and warrant and represent that your Submissions do not constitute confidential information of you or any third party. You are solely responsible for your Submissions and you expressly agree to reimburse us for any and all losses that we may suffer because of your breach of (a) this section, (b) any third party’s intellectual property rights, or (c) applicable law. Copyright infringement We respect the intellectual property rights of others. If you believe that any material available on or through the Services infringes upon any copyright you own or control, please immediately refer to the "COPYRIGHT INFRINGEMENTS" section below.

3. USER REPRESENTATIONS

By using the Services, you represent and warrant that: (1) all registration information you submit will be true, accurate, current, and complete; (2) you will maintain the accuracy of such information and promptly update such registration information as necessary; (3) you have the legal capacity and you agree to comply with these Legal Terms; (4) you are not a minor in the jurisdiction in which you reside; (5) except for programmatic access expressly permitted under Section 26 (Programmatic Access), you will not access the Services through automated or non-human means, whether through a bot, script or otherwise; (6) you will not use the Services for any illegal or unauthorized purpose; (7) your use of the Services will not violate any applicable law or regulation; and (8) you are accessing and using the Services exclusively for business, commercial, or professional purposes, on behalf of a legal entity or a business, and not as a "consumer" within the meaning of Article 22¹ of the Polish Civil Code or Article 2(1) of Directive 2011/83/EU, and you are not an individual entrepreneur whose purchase is unconnected with their professional activity within the meaning of Article 385⁵ of the Polish Civil Code.

If you provide any information that is untrue, inaccurate, not current, or incomplete, we have the right to suspend or terminate your account and refuse any and all current or future use of the Services (or any portion thereof).

4. USER REGISTRATION

You may be required to register to use the Services. You agree to keep your password confidential and will be responsible for all use of your account and password. We reserve the right to remove, reclaim, or change a username you select if we determine, in our sole discretion, that such username is inappropriate, obscene, or otherwise objectionable.

5. PURCHASES AND PAYMENT

The Services are currently provided at no charge to users. We do not collect payment information and do not process purchases through the Services at this time.

If we introduce paid plans in the future, the applicable fees, accepted payment methods, billing currency, taxes, and refund terms will be presented to you on the ordering page (or in a separate order form) before you are charged, and the corresponding terms will supplement this Section 5 for your account. We will update this Section when paid plans become generally available.

If you do provide us with account or contact information, you agree to keep that information current, complete, and accurate so we can reach you about your account.

6. PROHIBITED ACTIVITIES

You may not access or use the Services for any purpose other than lawful internal business use of the PlanVault platform and documented integrations (Runtime API, Admin Console, MCP, webhooks, and related features). Without our prior written approval, you may not resell access to the Services, operate the Services as a standalone managed service for unrelated third parties, or use the Services primarily to build or operate a competing orchestration product (see also the "Competitive Use" rule below).

As a user of the Services, you agree not to:

• Systematically retrieve data or other content from the Services to create or compile, directly or indirectly, a collection, compilation, database, or directory without written permission from us.
• Trick, defraud, or mislead us and other users, especially in any attempt to learn sensitive account information such as user passwords.
• Circumvent, disable, or otherwise interfere with security-related features of the Services, including features that prevent or restrict the use or copying of any Content or enforce limitations on the use of the Services and/or the Content contained therein.
• Disparage, tarnish, or otherwise harm, in our opinion, us and/or the Services.
• Use any information obtained from the Services in order to harass, abuse, or harm another person.
• Make improper use of our support services or submit false reports of abuse or misconduct.
• Use the Services in a manner inconsistent with any applicable laws or regulations.
• Engage in unauthorized framing of or linking to the Services.
• Upload or transmit (or attempt to upload or to transmit) viruses, Trojan horses, or other material, including excessive use of capital letters and spamming (continuous posting of repetitive text), that interferes with any party’s uninterrupted use and enjoyment of the Services or modifies, impairs, disrupts, alters, or interferes with the use, features, functions, operation, or maintenance of the Services.
• Except as permitted under Section 26 (Programmatic Access), engage in any automated use of the system, such as using scripts to send comments or messages, or using any data mining, robots, or similar data gathering and extraction tools.
• Delete the copyright or other proprietary rights notice from any Content.
• Attempt to impersonate another user or person or use the username of another user.
• Upload or transmit (or attempt to upload or to transmit) any material that acts as a passive or active information collection or transmission mechanism, including without limitation, clear graphics interchange formats ("gifs"), 1×1 pixels, web bugs, cookies, or other similar devices (sometimes referred to as "spyware" or "passive collection mechanisms" or "pcms").
• Interfere with, disrupt, or create an undue burden on the Services or the networks or services connected to the Services.
• Harass, annoy, intimidate, or threaten any of our employees or agents engaged in providing any portion of the Services to you.
• Attempt to bypass any measures of the Services designed to prevent or restrict access to the Services, or any portion of the Services.
• Copy or adapt the Services' software, including but not limited to front-end assets, server-side components, or other code comprising the product.
• Except as permitted by applicable law, decipher, decompile, disassemble, or reverse engineer any of the software comprising or in any way making up a part of the Services.
• Except as permitted under Section 26 (Programmatic Access) and except as may be the result of standard search engine or Internet browser usage, use, launch, develop, or distribute any automated system, including without limitation, any spider, robot, cheat utility, scraper, or offline reader that accesses the Services, or use or launch any unauthorized script or other software.
• Use a buying agent or purchasing agent to make purchases on the Services.
• Make any unauthorized use of the Services, including collecting usernames and/or email addresses of users by electronic or other means for the purpose of sending unsolicited email, or creating user accounts by automated means or under false pretenses.
• Use the Services as part of any effort to compete with us or otherwise use the Services and/or the Content for any revenue-generating endeavor or commercial enterprise.
• Use the Services to advertise or offer to sell goods and services.
• Sell or otherwise transfer your profile.
• Malicious AI Usage: Using the service to generate illegal, abusive, or harmful content (e.g., malware, phishing, spam)
• System Abuse: Circumventing rate limits, usage quotas, or billing mechanisms.
• Reverse Engineering: Attempting to decompile or reverse-engineer the platform, tool retrieval logic, or underlying LLM models.
• Competitive Use: Using the runtime API or admin console to build a competing AI orchestration platform or service.
• Unauthorized Data Access: Attempting to access, modify, or delete data belonging to other organizations or users within the platform, or bypassing multi-tenant access controls.
• Credential Misuse: Sharing, publishing, or exposing API keys, authentication tokens, or other credentials generated by or used within the platform.
• Automated Scraping: Using bots, scrapers, or automated tools to extract data, content, or metadata from the platform outside of the documented API.

7. CUSTOMER CONTENT AND RUNTIME DATA

The Services are designed to allow you and your organization to submit data and content as part of using the product—for example prompts, API requests and payloads, tool inputs and outputs, configuration, uploaded files, credentials you configure, session or runtime content, and related materials you submit through the admin console, runtime API, webhooks, MCP interfaces, or other documented means (together, "Customer Content"). The Services do not operate as a public forum, social network, or open user-to-user content platform; Customer Content is processed in connection with your account and organization subject to these Legal Terms, our Acceptable Use Policy (https://planvault.ai/acceptable-use), and, where applicable, our Data Processing Agreement (https://planvault.ai/dpa).

Ownership of Customer Content. As between you and us, you (and/or your licensors) retain all right, title, and interest in and to Customer Content, including all intellectual property rights. No license to Customer Content is granted to us under these Legal Terms. For the avoidance of doubt, Customer Content is NOT a "Submission" under Section 2, and the IP assignment, license grant, and similar provisions in Section 2 do NOT apply to Customer Content. This Section 7, together with Section 25 (Customer Data and AI Service Providers) and, where applicable, the Data Processing Agreement, exclusively governs Customer Content.

Limited operational license. You grant us only the narrow, non-exclusive, non-transferable, royalty-free license to access, store, transmit, process, and display Customer Content solely to the extent strictly necessary to operate, maintain, secure, and provide the Services to you and your organization (including routing requests to the AI providers you select under Section 25, maintaining audit and retention records required by these Legal Terms and applicable law, providing support you request, and preventing or investigating abuse in accordance with Section 6 and our Acceptable Use Policy). This license also includes the right, where your organization has not disabled the Semantic Routing Cache feature, to convert Customer Content into anonymized vector embeddings (mathematical statistical representations that are not reversible to the original content) for the exclusive purpose of optimizing workflow routing and reducing latency within your organization. Such embeddings are: (a) stored in your tenant PostgreSQL under your organization DEK, strictly isolated per organization, and not transmitted to AI providers as part of PlanVault→provider traffic; (b) not used to train any foundation model or other AI model; and (c) immediately deleted when an organisation OWNER disables the organisation-wide Semantic Routing Cache (Owner-only control; typically Organization → General settings). This license terminates when the corresponding Customer Content is deleted or when your account or organization is deleted in accordance with Section 13 and our retention policies. We will not use Customer Content to train any foundation model or other AI model operated by us and will not sell Customer Content.

Your responsibility. You must ensure you have all rights and a valid lawful basis to submit Customer Content and to authorize us to process it on your behalf under the limited operational license above. The "PROHIBITED ACTIVITIES" rules in Section 6 (subject to Section 26 for programmatic access), Section 25 (Customer Data and AI Service Providers), and, where applicable, the Data Processing Agreement apply to Customer Content.

8. CONTRIBUTION LICENSE

You and we agree that we may access, store, process, and use any information and personal data that you provide following the terms of the Privacy Policy and your choices (including settings).

By submitting suggestions or other feedback regarding the Services, you agree that we can use and share such feedback for any purpose without compensation to you.

9. THIRD-PARTY WEBSITES AND CONTENT

The Services may contain (or you may be sent via the Site) links to other websites ("Third-Party Websites") as well as articles, photographs, text, graphics, pictures, designs, music, sound, video, information, applications, software, and other content or items belonging to or originating from third parties ("Third-Party Content"). Such Third-Party Websites and Third-Party Content are not investigated, monitored, or checked for accuracy, appropriateness, or completeness by us, and we are not responsible for any Third-Party Websites accessed through the Services or any Third-Party Content posted on, available through, or installed from the Services, including the content, accuracy, offensiveness, opinions, reliability, privacy practices, or other policies of or contained in the Third-Party Websites or the Third-Party Content. Inclusion of, linking to, or permitting the use or installation of any Third-Party Websites or any Third-Party Content does not imply approval or endorsement thereof by us. If you decide to leave the Services and access the Third-Party Websites or to use or install any Third-Party Content, you do so at your own risk, and you should be aware these Legal Terms no longer govern. You should review the applicable terms and policies, including privacy and data gathering practices, of any website to which you navigate from the Services or relating to any applications you use or install from the Services. Any purchases you make through Third-Party Websites will be through other websites and from other companies, and we take no responsibility whatsoever in relation to such purchases which are exclusively between you and the applicable third party. You agree and acknowledge that we do not endorse the products or services offered on Third-Party Websites and you shall hold us blameless from any harm caused by your purchase of such products or services. Additionally, you shall hold us blameless from any losses sustained by you or harm caused to you relating to or resulting in any way from any Third-Party Content or any contact with Third-Party Websites.

10. SERVICES MANAGEMENT

We reserve the right, but not the obligation, to: (1) monitor the Services for violations of these Legal Terms; (2) take appropriate legal action against anyone who, in our sole discretion, violates the law or these Legal Terms, including without limitation, reporting such user to law enforcement authorities; (3) in our sole discretion and without limitation, refuse, restrict access to, limit the availability of, or disable (to the extent technologically feasible) any of your Contributions or any portion thereof; (4) in our sole discretion and without limitation, notice, or liability, to remove from the Services or otherwise disable all files and content that are excessive in size or are in any way burdensome to our systems; and (5) otherwise manage the Services in a manner designed to protect our rights and property and to facilitate the proper functioning of the Services.

11. PRIVACY POLICY

We care about data privacy and security. Please review our Privacy Policy: https://planvault.ai/privacy, our Cookie Policy: https://planvault.ai/cookies, and our subprocessor list: https://planvault.ai/subprocessors. By using the Services, you agree to be bound by our Privacy Policy, which is incorporated into these Legal Terms.

Primary hosting location. PlanVault's primary application infrastructure (compute, PostgreSQL, DynamoDB, application-layer encryption key handling — typically Google Tink with an AWS KMS KEK for org key material on SaaS; some legacy tenants may use direct AWS KMS wrap of DEK bytes — and short-rotation managed backups) is hosted in Germany on AWS region eu-central-1 (Frankfurt). Tenant data at the primary application layer stays in that region.

US-based subprocessors and onward transfers. Despite the EU-first hosting posture, the Services necessarily rely on two categories of subprocessors that process limited data outside the European Economic Area, primarily in the United States: (a) Cloudflare, Inc. (USA / global edge network) provides DNS, edge TLS termination, and a Cloudflare Tunnel between AWS eu-central-1 and our origin — customer requests therefore traverse Cloudflare's global edge (which may route through non-EU points of presence) before reaching the Frankfurt origin, and Cloudflare may briefly hold transport-layer telemetry; (b) Google LLC (USA) provides transactional email (Google Workspace / Gmail SMTP) for password reset, invites, and lifecycle notifications, and Login with Google (OAuth) for users who choose to sign in with Google. You acknowledge and accept that, as a result, full data-flow isolation exclusively within the EU / EEA is NOT guaranteed and cannot be offered on the standard hosted tier.

Safeguards for US and other non-EEA transfers. Where an onward transfer to a third country is required, we rely on the European Commission's Standard Contractual Clauses (SCCs, Implementing Decision (EU) 2021/914) together with the supplementary technical and organizational measures described in our Data Processing Agreement (https://planvault.ai/dpa) and our Security page (https://planvault.ai/security). Copies of the executed SCCs and the relevant transfer impact assessment (TIA) summary are available to business customers on request under NDA.

Your acknowledgment. If you access the Services from any region of the world with laws or other requirements governing personal data collection, use, or disclosure that differ from applicable laws in Germany or the European Union, then through your continued use of the Services, you acknowledge that your data will be transferred to and processed in Germany and, via the subprocessors listed above, in the United States under the safeguards described in the Privacy Policy and DPA. If the combination of EU hosting with US-based routing and email subprocessors is not acceptable for your use case, you must not use the hosted Services; please contact us at [email protected] to discuss self-hosted or private-cloud deployment options.

12. COPYRIGHT INFRINGEMENTS

We respect the intellectual property rights of others. If you believe that any material available on or through the Services infringes upon any copyright you own or control, please immediately notify us using the contact information provided below (a "Notification"). A copy of your Notification will be sent to the person who posted or stored the material addressed in the Notification. Please be advised that pursuant to applicable law you may be held liable for damages if you make material misrepresentations in a Notification. Thus, if you are not sure that material located on or linked to by the Services infringes your copyright, you should consider first contacting an attorney.

13. TERM AND TERMINATION

These Legal Terms shall remain in full force and effect while you use the Services. WITHOUT LIMITING ANY OTHER PROVISION OF THESE LEGAL TERMS, WE RESERVE THE RIGHT TO, IN OUR SOLE DISCRETION AND WITHOUT NOTICE OR LIABILITY, DENY ACCESS TO AND USE OF THE SERVICES (INCLUDING BLOCKING CERTAIN IP ADDRESSES), TO ANY PERSON FOR ANY REASON OR FOR NO REASON, INCLUDING WITHOUT LIMITATION FOR BREACH OF ANY REPRESENTATION, WARRANTY, OR COVENANT CONTAINED IN THESE LEGAL TERMS OR OF ANY APPLICABLE LAW OR REGULATION. WE MAY TERMINATE YOUR USE OR PARTICIPATION IN THE SERVICES OR DELETE YOUR ACCOUNT AND ANY CONTENT OR INFORMATION THAT YOU POSTED AT ANY TIME, WITHOUT WARNING, IN OUR SOLE DISCRETION.

If we terminate or suspend your account for any reason, you are prohibited from registering and creating a new account under your name, a fake or borrowed name, or the name of any third party, even if you may be acting on behalf of the third party. In addition to terminating or suspending your account, we reserve the right to take appropriate legal action, including without limitation pursuing civil, criminal, and injunctive redress.

14. MODIFICATIONS AND INTERRUPTIONS

We reserve the right to change, modify, or remove the contents of the Services at any time or for any reason at our sole discretion without notice. However, we have no obligation to update any information on our Services. We will not be liable to you or any third party for any modification, price change, suspension, or discontinuance of the Services.

We cannot guarantee the Services will be available at all times. We may experience hardware, software, or other problems or need to perform maintenance related to the Services, resulting in interruptions, delays, or errors. We reserve the right to change, revise, update, suspend, discontinue, or otherwise modify the Services at any time or for any reason without notice to you. You agree that we have no liability whatsoever for any loss, damage, or inconvenience caused by your inability to access or use the Services during any downtime or discontinuance of the Services. Nothing in these Legal Terms will be construed to obligate us to maintain and support the Services or to supply any corrections, updates, or releases in connection therewith.

15. GOVERNING LAW

These Legal Terms are governed by and construed in accordance with the laws of Poland, and the application of the United Nations Convention on Contracts for the International Sale of Goods is expressly excluded. The parties irrevocably submit to the exclusive jurisdiction of the competent courts of Lublin, Poland for any dispute, claim, or controversy arising out of or in connection with these Legal Terms or the Services (including their formation, validity, interpretation, performance, breach, or termination), and each party irrevocably waives any objection it may have at any time to the laying of venue in those courts, any claim that a proceeding has been brought in an inconvenient forum (forum non conveniens), and any claim that those courts lack personal jurisdiction. This exclusive choice-of-court provision is made pursuant to Article 25 of Regulation (EU) No 1215/2012 (Brussels I-bis). Because the Services are offered solely on a business-to-business basis (see AGREEMENT TO OUR LEGAL TERMS and Section 3), no consumer-protection forum, venue, or mandatory-law provisions apply. Nothing in this Section 15 prevents either party from (i) seeking urgent injunctive or other interim protective relief in any court of competent jurisdiction where such relief is necessary to preserve the status quo, prevent immediate and irreparable harm, or enforce intellectual-property rights, or (ii) enforcing a final judgment obtained in the courts of Lublin, Poland in any other jurisdiction where enforcement is sought.

16. CORRECTIONS

There may be information on the Services that contains typographical errors, inaccuracies, or omissions, including descriptions, pricing, availability, and various other information. We reserve the right to correct any errors, inaccuracies, or omissions and to change or update the information on the Services at any time, without prior notice.

17. DISCLAIMER

THE SERVICES ARE PROVIDED ON AN AS-IS AND AS-AVAILABLE BASIS. YOU AGREE THAT YOUR USE OF THE SERVICES WILL BE AT YOUR SOLE RISK. TO THE FULLEST EXTENT PERMITTED BY LAW, WE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, IN CONNECTION WITH THE SERVICES AND YOUR USE THEREOF, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT. WE MAKE NO WARRANTIES OR REPRESENTATIONS ABOUT THE ACCURACY OR COMPLETENESS OF THE SERVICES' CONTENT OR THE CONTENT OF ANY WEBSITES OR MOBILE APPLICATIONS LINKED TO THE SERVICES AND WE WILL ASSUME NO LIABILITY OR RESPONSIBILITY FOR ANY (1) ERRORS, MISTAKES, OR INACCURACIES OF CONTENT AND MATERIALS, (2) PERSONAL INJURY OR PROPERTY DAMAGE, OF ANY NATURE WHATSOEVER, RESULTING FROM YOUR ACCESS TO AND USE OF THE SERVICES, (3) ANY UNAUTHORIZED ACCESS TO OR USE OF OUR SECURE SERVERS AND/OR ANY AND ALL PERSONAL INFORMATION AND/OR FINANCIAL INFORMATION STORED THEREIN, (4) ANY INTERRUPTION OR CESSATION OF TRANSMISSION TO OR FROM THE SERVICES, (5) ANY BUGS, VIRUSES, TROJAN HORSES, OR THE LIKE WHICH MAY BE TRANSMITTED TO OR THROUGH THE SERVICES BY ANY THIRD PARTY, AND/OR (6) ANY ERRORS OR OMISSIONS IN ANY CONTENT AND MATERIALS OR FOR ANY LOSS OR DAMAGE OF ANY KIND INCURRED AS A RESULT OF THE USE OF ANY CONTENT POSTED, TRANSMITTED, OR OTHERWISE MADE AVAILABLE VIA THE SERVICES. WE DO NOT WARRANT, ENDORSE, GUARANTEE, OR ASSUME RESPONSIBILITY FOR ANY PRODUCT OR SERVICE ADVERTISED OR OFFERED BY A THIRD PARTY THROUGH THE SERVICES, ANY HYPERLINKED WEBSITE, OR ANY WEBSITE OR MOBILE APPLICATION FEATURED IN ANY BANNER OR OTHER ADVERTISING, AND WE WILL NOT BE A PARTY TO OR IN ANY WAY BE RESPONSIBLE FOR MONITORING ANY TRANSACTION BETWEEN YOU AND ANY THIRD-PARTY PROVIDERS OF PRODUCTS OR SERVICES. AS WITH THE PURCHASE OF A PRODUCT OR SERVICE THROUGH ANY MEDIUM OR IN ANY ENVIRONMENT, YOU SHOULD USE YOUR BEST JUDGMENT AND EXERCISE CAUTION WHERE APPROPRIATE.

18. LIMITATIONS OF LIABILITY

IN NO EVENT WILL WE OR OUR DIRECTORS, EMPLOYEES, OR AGENTS BE LIABLE TO YOU OR ANY THIRD PARTY FOR ANY DIRECT, INDIRECT, CONSEQUENTIAL, EXEMPLARY, INCIDENTAL, SPECIAL, OR PUNITIVE DAMAGES, INCLUDING LOST PROFIT, LOST REVENUE, LOSS OF DATA, OR OTHER DAMAGES ARISING FROM YOUR USE OF THE SERVICES, EVEN IF WE HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. NOTWITHSTANDING ANYTHING TO THE CONTRARY CONTAINED HEREIN, OUR LIABILITY TO YOU FOR ANY CAUSE WHATSOEVER AND REGARDLESS OF THE FORM OF THE ACTION, WILL AT ALL TIMES BE LIMITED TO 1,000 (EUR).

19. INDEMNIFICATION

You agree to defend, indemnify, and hold us harmless, including our subsidiaries, affiliates, and all of our respective officers, agents, partners, and employees, from and against any loss, damage, liability, claim, or demand, including reasonable attorneys’ fees and expenses, made by any third party due to or arising out of: (1) use of the Services; (2) breach of these Legal Terms; (3) any breach of your representations and warranties set forth in these Legal Terms; (4) your violation of the rights of a third party, including but not limited to intellectual property rights; or (5) any overt harmful act toward any other user of the Services with whom you connected via the Services. Notwithstanding the foregoing, we reserve the right, at your expense, to assume the exclusive defense and control of any matter for which you are required to indemnify us, and you agree to cooperate, at your expense, with our defense of such claims. We will use reasonable efforts to notify you of any such claim, action, or proceeding which is subject to this indemnification upon becoming aware of it.

20. USER DATA

We will maintain certain data that you transmit to the Services for the purpose of managing the performance of the Services, as well as data relating to your use of the Services. Although we perform regular routine backups of data, you are solely responsible for all data that you transmit or that relates to any activity you have undertaken using the Services. You agree that we shall have no liability to you for any loss or corruption of any such data, and you hereby waive any right of action against us arising from any such loss or corruption of such data.

21. ELECTRONIC COMMUNICATIONS, TRANSACTIONS, AND SIGNATURES

Visiting the Services, sending us emails, and completing online forms constitute electronic communications. You consent to receive electronic communications, and you agree that all agreements, notices, disclosures, and other communications we provide to you electronically, via email and on the Services, satisfy any legal requirement that such communication be in writing. YOU HEREBY AGREE TO THE USE OF ELECTRONIC SIGNATURES, CONTRACTS, ORDERS, AND OTHER RECORDS, AND TO ELECTRONIC DELIVERY OF NOTICES, POLICIES, AND RECORDS OF TRANSACTIONS INITIATED OR COMPLETED BY US OR VIA THE SERVICES. You hereby waive any rights or requirements under any statutes, regulations, rules, ordinances, or other laws in any jurisdiction which require an original signature or delivery or retention of non-electronic records, or to payments or the granting of credits by any means other than electronic means.

22. MISCELLANEOUS

These Legal Terms, together with any policies or operating rules posted by us on the Services or in respect to the Services and, where applicable, any separate written agreement between the parties (as described in the "Precedence of documents" paragraph in AGREEMENT TO OUR LEGAL TERMS), constitute the entire agreement and understanding between you and us with respect to the subject matter covered by those documents and supersede all prior proposals, discussions, and communications on that subject matter. In the event of any conflict between these Legal Terms and such a separate signed agreement, the order of priority in the "Precedence of documents" paragraph applies. Our failure to exercise or enforce any right or provision of these Legal Terms shall not operate as a waiver of such right or provision. These Legal Terms operate to the fullest extent permissible by law. We may assign, transfer, delegate, or novate any or all of our rights and obligations under these Legal Terms to any affiliated entity, successor in interest, or new corporate entity established in connection with a reorganization, incorporation, or investment transaction (including, without limitation, a transfer from the current Polish sole-proprietorship (JDG) structure to a Polish limited liability company (Sp. z o.o.) or to a new corporate vehicle formed in connection with accelerator or investor participation). By accepting these Legal Terms you grant your advance, blanket consent to such assignment, transfer, and novation for the purposes of Article 519 of the Polish Civil Code and any equivalent provisions of applicable law, and you agree that the successor entity will assume our position as contracting party under these Legal Terms with the same rights and obligations. We will provide reasonable prior notice of any such novation through the Services or by email, together with the identity and contact details of the successor entity. We shall not be responsible or liable for any loss, damage, delay, or failure to act caused by any cause beyond our reasonable control. If any provision or part of a provision of these Legal Terms is determined to be unlawful, void, or unenforceable, that provision or part of the provision is deemed severable from these Legal Terms and does not affect the validity and enforceability of any remaining provisions. There is no joint venture, partnership, employment or agency relationship created between you and us as a result of these Legal Terms or use of the Services. You agree that these Legal Terms will not be construed against us by virtue of having drafted them. You hereby waive any and all defenses you may have based on the electronic form of these Legal Terms and the lack of signing by the parties hereto to execute these Legal Terms.

23. AI OUTPUTS DISCLAIMER

The Services may integrate external large language models (LLMs) and other AI features. AI-generated outputs may be inaccurate, incomplete, misleading, or unsuitable for a particular purpose. Users are solely responsible for reviewing, verifying, and evaluating the accuracy, legality, safety, and appropriateness of any AI-generated output before relying on or using it. To the maximum extent permitted by law, we disclaim liability for losses or damages resulting from reliance on AI-generated outputs.

24. ACCEPTABLE USE POLICY

Your use of the Services is also subject to our Acceptable Use Policy, which is incorporated into these Legal Terms by reference. By accessing or using the Services, you agree to comply with the Acceptable Use Policy. We may suspend or terminate access to the Services for violations of the Acceptable Use Policy.

25. CUSTOMER DATA AND AI SERVICE PROVIDERS

PlanVault operates on a Bring Your Own Key (BYOK) model. We do not maintain our own API keys or accounts with AI Service Providers. Customers independently select their preferred AI provider, supply their own API credentials, and are responsible for maintaining a separate contractual relationship (including a Data Processing Agreement, where applicable) with their chosen provider. PlanVault acts solely as a technical intermediary, routing requests through its infrastructure to the customer-selected provider. Customer Content submitted through the API or runtime services is processed solely in accordance with the customer's instructions and the applicable Data Processing Agreement, and is not subject to any license granted under these Legal Terms.

26. PROGRAMMATIC ACCESS

Notwithstanding any contrary language in Section 6 (PROHIBITED ACTIVITIES) — including, without limitation, the Section 6 bullets prohibiting automated use of the system, scripts, bots, robots, spiders, scrapers, cheat utilities, offline readers, data mining tools, automated systems, and "Automated Scraping" — the restriction on automated or non-human access to the Services does NOT apply to authorized use of the PlanVault Runtime API, Model Context Protocol (MCP) servers, inbound and outbound webhooks, SDKs, or other programmatic interfaces that we document as part of the Services. These interfaces are specifically designed for automated and machine-to-machine access and may be used in accordance with the applicable documentation, any rate limits or quotas we publish, and these Legal Terms.

For clarity, the Section 6 prohibition on automated extraction, scraping, bots, and similar tools continues to apply in full to: (a) the public marketing site at https://planvault.ai and any of its subpages (for example policies, security, and subprocessors pages) outside of endpoints explicitly documented as programmatic interfaces; (b) any attempt to extract data, content, or metadata from the Services outside of the documented API, MCP, and webhook interfaces; (c) any circumvention of authentication, scope, or rate-limiting controls; and (d) any automated access to accounts or organizations other than those for which you have been authorized. Violations of this Section 26 — including exceeding documented rate limits, using undocumented endpoints in an automated manner, or bypassing access controls — remain violations of Section 3(5), Section 6, and these Legal Terms.

27. DATA PROCESSING AGREEMENT

If you are a business customer using our Services to process personal data of your end users, our Data Processing Agreement ("DPA"), available at https://planvault.ai/dpa, applies to such processing and is hereby incorporated by reference into these Legal Terms.

28. CONTACT US

In order to resolve a complaint regarding the Services or to receive further information regarding use of the Services, please contact us at:

Bohdan Matviichuk ul. Dziewanny 21/19 20-539 Lublin Poland General inquiries: [email protected] Privacy, data protection, and GDPR requests (preferred): [email protected]