Terms of Service

    Last Updated: October 2, 2025

    Heimgard AI, Inc. ("Heimgard," "we," "us," or "our") provides: (i) our website at heimgard.ai (the "Website"); (ii) our registry, scanning, and enforcement platform for MCP servers (the "Platform"); and (iii) related APIs, SDKs, documentation and tools (together with the Website and Platform, the "Services"). By using the Services, you agree to these Terms of Service (the "Terms"). If you are agreeing on behalf of an entity, you represent you have authority to bind that entity. If you do not agree, do not use the Services.

    1. Accounts; Eligibility

    1.1 Registration

    You may need an account to use certain Services. You must provide accurate, complete information and keep it updated. You are responsible for activities under your credentials.

    1.2 Eligibility

    You must be at least 18 years old to use the Services. You represent you are not barred from using the Services under applicable laws (e.g., export/sanctions).

    1.3 Your Administrators

    If you are an enterprise customer, you may designate individuals within your organization as authorized users ("Authorized Users"). You are responsible for their compliance with these Terms.

    2. License; Customer Data; Service Data

    2.1 License

    Subject to these Terms, Heimgard grants you a non‑exclusive, non‑transferable, non‑sublicensable, revocable right to access and use the Services during your subscription in accordance with our documentation and usage limits.

    2.2 Customer Data

    "Customer Data" means data you or your Authorized Users submit to the Services (e.g., scan targets, registry entries, policies, logs). You retain all rights in Customer Data. You instruct Heimgard to process Customer Data to provide and support the Services, including security, support, billing, and to prevent misuse.

    2.3 Service Data & Aggregates

    We may generate and use de‑identified/aggregated data about use of the Services for operations, analytics, and product improvement, provided it does not identify you or your users.

    2.4 Authorization for Scanning

    You must have and maintain all necessary rights and permissions to scan, probe, query, or otherwise assess any MCP servers or other systems you target via the Services. You will not use the Services to access any system without authorization or in violation of law. You are solely responsible for setting scan intensity/scope and for any downstream effects.

    3. Subscriptions; Fees; Taxes

    3.1 Plans; Renewal

    Some features are free; paid plans require a subscription or order form. Plans renew automatically unless you cancel as described in the dashboard or your order form.

    3.2 Fees & Payment

    You agree to pay fees in U.S. dollars, plus applicable taxes, in accordance with the plan selected and any usage‑based overages. Late amounts may accrue interest at 1.5% per month (or the maximum allowed by law).

    3.3 Changes

    We may change pricing or plan features with notice before your next renewal.

    3.4 No Refunds

    Except where required by law or expressly stated otherwise in an order form, fees are non‑refundable.

    4. Acceptable Use

    You and your Authorized Users will not, and will not permit anyone to:

    • reverse engineer, decompile, or attempt to derive source code from the Services;

    • bypass or interfere with security or access controls;
    • use the Services to build a competing product;
    • submit unlawful, harmful, or abusive content;
    • attempt unauthorized access to third‑party systems or data;

    • run scans that violate law, applicable policies, or the targeted system’s terms;

    • use automated scraping/crawling except as expressly permitted by Heimgard;
    • introduce malware or interfere with network integrity.

    5. Confidentiality; Security

    5.1 Confidentiality

    Each party may disclose non‑public information ("Confidential Information") to the other. The receiving party will use reasonable care to protect it and only use it for the relationship.

    5.2 Security

    We implement industry‑standard technical and organizational measures to protect the Services and Customer Data. You are responsible for securing your environments and any secrets/keys you place in the Services.

    5.3 Incident Notice

    If we become aware of unauthorized access to Customer Data stored in our systems, we will notify you without undue delay and provide information as reasonably available, consistent with applicable law.

    6. Intellectual Property; Feedback; DMCA

    6.1 Ownership

    Heimgard and its licensors own the Services and all related IP. These Terms do not transfer ownership.

    6.2 Feedback

    You grant Heimgard a perpetual, worldwide, royalty‑free license to use feedback and suggestions without restriction.

    6.3 DMCA

    If you believe content on the Services infringes copyright, email [email protected] with the information required by 17 U.S.C. §512(c)(3). We may remove content and terminate repeat infringers.

    7. Third‑Party Services; Open Source

    The Services may interoperate with third‑party software, APIs, models, or cloud providers. We are not responsible for third‑party services. Some components may be provided under open‑source licenses—those terms govern the components.

    8. Export; Sanctions; Government Use

    8.1 Export & Sanctions

    You will not use or export the Services in violation of U.S. export control or sanctions laws (including the EAR and OFAC programs). You represent you are not on any U.S. restricted list.

    8.2 U.S. Government Rights

    Our software is “commercial computer software” subject to FAR 12.212 and DFARS 227.7202; Government use is subject to the license terms customary for the public.

    9. Beta/Pre‑Release Features

    We may offer features marked alpha/beta/preview. They are provided AS IS, may change or cease, and are excluded from SLAs and support.

    10. Warranties; Disclaimers

    10.1 Mutual

    Each party represents it has authority to enter these Terms.

    10.2 Heimgard Disclaimers

    THE SERVICES AND ANY OUTPUTS ARE PROVIDED “AS IS” AND “AS AVAILABLE.” TO THE FULLEST EXTENT PERMITTED BY LAW, WE DISCLAIM ALL WARRANTIES, INCLUDING IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NON‑INFRINGEMENT. DO NOT USE THE SERVICES FOR HIGH‑RISK SYSTEMS.

    11. Indemnification

    11.1 By You

    You will defend and indemnify Heimgard from claims arising out of (a) Customer Data; (b) your use of the Services in violation of law (including unauthorized scanning) or these Terms; or (c) your third‑party services.

    11.2 By Heimgard

    Heimgard will defend you from third‑party claims alleging the Services, as provided by Heimgard, directly infringe a valid U.S. IP right, and will pay resulting damages finally awarded, provided you promptly notify us and cooperate. We may modify or replace the Services to avoid infringement or refund prepaid unused fees if we cease providing the infringing component.

    12. Limitation of Liability

    To the fullest extent permitted by law, neither party is liable for indirect, incidental, consequential, special, exemplary, or punitive damages, or lost profits/revenue/goodwill. Except for specified carve‑outs, each party’s total liability is capped at the amount paid or payable for the Services in the 12 months before the event.

    13. Dispute Resolution; Arbitration; Class Waiver

    13.1 Informal Resolution

    Contact [email protected] first; most issues resolve quickly.

    13.2 Arbitration

    Any dispute arising out of or relating to these Terms will be resolved by binding arbitration administered by the American Arbitration Association (AAA) under its Commercial Arbitration Rules and, if applicable, its Mass Arbitration Supplementary Rules. The seat and venue of arbitration will be New Castle County, Delaware, and the language will be English. The Federal Arbitration Act governs arbitrability. Either party may seek injunctive relief in court for actual or threatened misuse of Confidential Information or intellectual property. Either party may bring an individual claim in small-claims court instead of arbitration.

    13.3 Mass‑Arbitration Protocol

    The administrator’s Mass Arbitration Procedures will govern filing, batching, bellwethers, and fees if 25+ similar demands are filed.

    13.4 Class Action Waiver; Jury Trial Waiver

    No class, consolidated, or representative proceedings.

    Opt‑Out: You may opt out of arbitration within 30 days of first agreeing to these Terms by emailing [email protected] with subject “Arbitration Opt‑Out.”

    14. Term; Termination; Effect

    We may suspend or terminate access for breach, legal risk, or security reasons. You may terminate at any time; refunds are not provided unless stated in an order form. Upon termination, your license ends and you must stop using the Services. Upon request, we will make a limited export window available for Customer Data unless legally prohibited.

    15. Changes to the Services or Terms

    We may update the Services and these Terms from time to time. Material changes will be notified via the Service or email and will become effective on the stated date. If you continue using the Services after the effective date, you accept the changes.

    16. Miscellaneous

    • Governing Law. Delaware law, excluding conflict‑of‑laws rules; FAA governs arbitrability.

    • Assignment. You may not assign without consent; we may assign in connection with a merger, acquisition, or sale of assets.

    • Force Majeure. Neither party is liable for delays/failures due to events beyond reasonable control.

    • Entire Agreement; Severability; Waiver. These Terms and any order form are the entire agreement. If a provision is unenforceable, the remainder remains in effect. Failure to enforce isn’t a waiver.

    • Notices. Heimgard AI, Inc.; [email protected].