Terms of Service

1. Acceptance of Terms

These Terms of Service ("Terms") constitute a legally binding agreement between you or the organization you represent ("Customer") and Arx Inc. ("Arx," "we," "us," or "our"), governing your access to and use of the ARXsec.io platform and related services (collectively, the "Service"). By accessing or using the Service, you represent that you have the authority to bind the Customer and agree to be bound by these Terms.

If you are accessing the Service pursuant to an order form, master services agreement, or enterprise agreement ("Order Form"), the Order Form governs to the extent of any conflict with these Terms. If you do not agree to these Terms, do not access or use the Service.

2. Description of Service

ARXsec.io is a compliance-native infrastructure platform for enterprise AI agents. The Service enables security and operations teams to deploy, govern, and monitor internally-built AI agents with built-in compliance controls. Core capabilities include:

• Automated compliance documentation generation (SOC 2 questionnaires, data flow diagrams, control mappings)
• Policy guardrails and configurable restrictions on agent behavior
• Human approval gates for high-risk agent actions
• Immutable audit trails and agent execution logging
• Secrets management and secure credential storage for agent integrations
• Agent registry for cataloguing and lifecycle management
• Connector integrations with third-party security and operations tools

Arx reserves the right to modify, suspend, or discontinue features of the Service with reasonable notice, except where required by law or emergency circumstances.

3. Account Registration and Security

To access the Service, you must register for an account using accurate and complete information. You are responsible for maintaining the confidentiality of your credentials and for all activity that occurs under your account. Organizations are collectively responsible for all users provisioned under their account.

You agree to notify Arx immediately at legal@arxsec.io of any unauthorized use of your account or any other breach of security. Arx is not liable for any loss or damage arising from your failure to maintain the security of your credentials.

We strongly encourage enabling multi-factor authentication (MFA) for all accounts. Enterprise customers may be required to enforce MFA under their Order Form.

4. Authorized Use and Restrictions

You may use the Service solely for lawful purposes and in accordance with these Terms and applicable law. You agree not to:

• Attempt to circumvent, disable, or otherwise interfere with the policy controls, guardrails, or audit mechanisms of the Service
• Reverse engineer, decompile, or attempt to derive source code from the Service or its compliance engine
• Deploy AI agents through the Service that are designed to violate applicable law, including data protection regulations (GDPR, CCPA, HIPAA) or AI-specific regulations (EU AI Act)
• Share account credentials, API keys, or access tokens with unauthorized parties
• Use the Service to process data in a manner that violates the rights of any third party
• Conduct load testing, penetration testing, or security scanning of the Service without prior written consent from Arx
• Resell, sublicense, or otherwise make the Service available to third parties without an express written agreement with Arx

5. AI Agent Data and Compliance Obligations

As between Arx and Customer, Customer is the data controller (or equivalent under applicable law) for any personal data or sensitive information processed by AI agents deployed through the Service. Arx acts as a data processor with respect to such data, processing it solely to provide and operate the Service.

Customer is solely responsible for ensuring that its use of AI agents through the Service complies with all applicable laws and regulations, including but not limited to data protection laws, financial regulations, healthcare regulations, and AI-specific legislation. ARXsec.io provides compliance infrastructure and tooling, but does not constitute legal advice or a guarantee of regulatory compliance.

Customers operating in regulated industries (financial services, healthcare, energy, government) are responsible for conducting their own compliance assessments and obtaining necessary certifications or approvals before deploying AI agents to production.

6. Intellectual Property

The Service, including the ARXsec.io platform, its underlying compliance engine, brand, trademarks, and all associated intellectual property, are owned by Arx Inc. and protected by applicable intellectual property laws. "Patent Pending" technology applies to certain features of the platform.

Customer retains ownership of all data, agent configurations, policy definitions, and audit records generated through Customer's use of the Service ("Customer Content"). Customer grants Arx a limited, non-exclusive license to process, store, and transmit Customer Content solely to provide and improve the Service in accordance with these Terms and our Privacy Policy.

Arx does not use Customer Content to train machine learning models or share it with third parties for any purpose other than operating the Service.

7. Confidentiality

Each party agrees to maintain the confidentiality of the other party's non-public information that is designated as confidential or that reasonably should be understood to be confidential given the nature of the information and the circumstances of disclosure ("Confidential Information"). Customer's agent configurations, policy rules, audit logs, and security architectures are deemed Confidential Information of the Customer. The Service's proprietary algorithms and compliance frameworks are Confidential Information of Arx.

Each party agrees not to disclose the other's Confidential Information to third parties without prior written consent, and to use it only as necessary to fulfill obligations under these Terms. Obligations of confidentiality survive termination of these Terms for three (3) years.

8. Payment Terms

Access to the Service is subject to applicable subscription fees as specified in your Order Form or at the time of account registration. Fees are billed in advance on a subscription basis (monthly or annual). All payments are non-refundable except as expressly set forth in an Order Form.

Customer is responsible for all applicable taxes. Arx reserves the right to modify pricing with thirty (30) days' prior written notice. Continued use of the Service after the effective date of a price change constitutes acceptance of the new pricing.

Failure to pay fees when due may result in suspension or termination of access to the Service following reasonable notice.

9. Service Level and Availability

Arx will use commercially reasonable efforts to make the Service available and to maintain platform reliability. Planned maintenance will be communicated in advance where practicable. Arx does not warrant any specific uptime percentage under these Terms unless an SLA is expressly set forth in an Order Form.

The Service may be unavailable due to factors beyond Arx's reasonable control, including internet service disruptions, third-party provider outages, or force majeure events.

10. Disclaimer of Warranties

THE SERVICE IS PROVIDED "AS IS" AND "AS AVAILABLE" WITHOUT WARRANTY OF ANY KIND. TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, ARX DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT.

ARX DOES NOT WARRANT THAT THE SERVICE WILL SATISFY ANY SPECIFIC REGULATORY OR COMPLIANCE REQUIREMENT. CUSTOMER IS RESPONSIBLE FOR CONDUCTING INDEPENDENT COMPLIANCE ASSESSMENTS APPROPRIATE TO CUSTOMER'S INDUSTRY AND JURISDICTION.

11. Limitation of Liability

TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, IN NO EVENT SHALL EITHER PARTY BE LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, OR PUNITIVE DAMAGES, INCLUDING LOSS OF PROFITS, DATA, OR GOODWILL, ARISING OUT OF OR RELATED TO THESE TERMS OR THE SERVICE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

EACH PARTY'S TOTAL CUMULATIVE LIABILITY ARISING OUT OF OR RELATED TO THESE TERMS SHALL NOT EXCEED THE FEES PAID OR PAYABLE BY CUSTOMER IN THE TWELVE (12) MONTHS PRECEDING THE CLAIM. THE FOREGOING LIMITATIONS DO NOT APPLY TO: (I) A PARTY'S GROSS NEGLIGENCE OR WILLFUL MISCONDUCT; (II) EITHER PARTY'S INDEMNIFICATION OBLIGATIONS; (III) INTELLECTUAL PROPERTY INFRINGEMENT CLAIMS; OR (IV) BREACHES OF CONFIDENTIALITY OBLIGATIONS.

12. Indemnification

Customer agrees to defend, indemnify, and hold harmless Arx and its officers, directors, employees, and agents from and against any claims, damages, losses, and expenses (including reasonable attorneys' fees) arising out of or relating to: (i) Customer's misuse of the Service or AI agents deployed through the Service; (ii) Customer's violation of applicable law or regulation, including data protection laws; (iii) Customer's infringement of third-party intellectual property rights through Customer's use of the Service; or (iv) Customer Content.

13. Term and Termination

These Terms commence on the date you first access the Service and remain in effect for the duration of your subscription unless terminated earlier. Either party may terminate for cause upon thirty (30) days' written notice if the other party materially breaches these Terms and fails to cure such breach within the notice period.

Upon termination, Customer's right to access the Service ceases immediately. Arx will make Customer Content available for export for thirty (30) days following termination, after which it will be permanently deleted. Provisions that by their nature should survive termination (including confidentiality, limitation of liability, and governing law) will survive.

14. Governing Law

These Terms are governed by the laws of the State of Texas, without regard to conflict of law principles. Any disputes arising out of or related to these Terms shall be subject to the exclusive jurisdiction of the state and federal courts located in Dallas County, Texas. Both parties waive any right to a jury trial in connection with any action or litigation arising from these Terms.

15. Changes to Terms

Arx reserves the right to modify these Terms at any time. For material changes, Arx will provide at least thirty (30) days' advance notice via email to the account's registered address. Your continued use of the Service after the effective date of the revised Terms constitutes your acceptance of the changes.

If you object to a material change, you may terminate your account before the effective date of the change by contacting legal@arxsec.io.

16. Contact

For legal inquiries regarding these Terms, please contact: