Terms of Service

1. Acceptance of terms

By creating an account, accessing, or using the Audulate platform (the “Service”), you agree to be bound by these Terms of Service (“Terms”) and our Privacy Policy. If you are agreeing on behalf of an organisation, you represent that you have authority to bind that organisation, and “you” refers to that organisation.

If you do not agree to these Terms, you must not use the Service. We may update these Terms from time to time; continued use after an update constitutes acceptance of the revised Terms. Material changes will be notified by email or in-app notice at least 14 days in advance.

2. Service description

Audulate is an AI-powered compliance monitoring platform. The Service includes:

• Automated website scanning for GDPR, cookie consent, and privacy policy indicators
• GitHub pull-request analysis for PII leakage and insecure logging
• AI-generated compliance summaries, risk explanations, and remediation suggestions
• Findings management, scoring, and reporting dashboards
• Data subject request (DSR) workflow tools
• Regulatory update monitoring and alerts
• Multi-tenant workspace and team-member management

Important: Audulate is a software tool, not a legal or compliance advisory service. Outputs from the platform — including AI-generated content and compliance scores — are informational only and do not constitute legal advice. You are responsible for obtaining qualified legal counsel to assess your compliance obligations.

3. Accounts & security

Registration

You must provide accurate, complete, and current registration information. You may not use a false identity, impersonate another person, or create an account on behalf of someone else without their express authorisation.

Security obligations

• You are responsible for safeguarding your account credentials and must not share passwords.
• You must immediately notify us at security@audulate.com of any suspected unauthorised access.
• You are liable for all activity that occurs under your account, whether or not authorised by you.

Workspace members

If you invite members to your workspace, you are responsible for their compliance with these Terms. Member access is governed by the roles and permissions you configure.

4. Subscription & billing

Plan overview

Payment & renewal

• Paid plans are billed monthly or annually in advance via Stripe. All prices are exclusive of VAT.
• Subscriptions auto-renew at the end of each billing period unless cancelled before the renewal date.
• Annual plans paid upfront receive the advertised annual discount.
• We may change prices with 30 days' notice; changes take effect at your next renewal.

Cancellation & refunds

You may cancel your subscription at any time from Settings → Billing. Cancellation takes effect at the end of the current billing period — you retain access until then. We do not provide pro-rata refunds for unused time on monthly plans. Annual plans may be eligible for a pro-rata refund within 30 days of renewal; contact billing@audulate.com.

Failed payments & suspension

If a payment fails, we will retry up to three times over seven days. If payment remains outstanding, your account will be downgraded to the Free plan and scan history will be retained for 90 days to allow you to reactivate.

Usage limits

If you exceed your plan’s scan quota, additional scans will be blocked until the next billing cycle or until you upgrade. Overage billing is not available on the Free plan.

5. Acceptable use

Permitted use

You may use Audulate solely for lawful purposes and in accordance with these Terms. You must only scan websites, repositories, or systems that you own or for which you have explicit authorisation from the owner.

Prohibited activities

You must not use the Service to:

• Scan websites, domains, or GitHub repositories you do not own or have no permission to scan
• Conduct security testing, penetration testing, or vulnerability scanning against third-party systems
• Circumvent, disable, or interfere with platform security controls or rate limits
• Reverse-engineer, decompile, or attempt to extract source code from the Service
• Resell, sublicense, or white-label the Service without a written reseller agreement
• Aggregate or scrape platform data for training machine learning models
• Upload or transmit malware, viruses, or any code designed to disrupt the Service
• Use the Service in a manner that violates applicable law, including data protection laws
• Create multiple free accounts to circumvent plan limits

We reserve the right to suspend or terminate accounts that violate these rules without notice.

6. Intellectual property & licences

Our IP

Audulate Ltd owns all intellectual property rights in the Service, including the platform, codebase, compliance rules engine, AI models, reports, and branding. These Terms do not grant you any ownership interest in the Service.

We grant you a limited, non-exclusive, non-transferable, revocable licence to access and use the Service during your subscription for your internal business purposes.

Your data & content

You retain all ownership rights to data, content, and materials you upload to or generate using the Service (“Customer Data”). You grant us a limited licence to process Customer Data solely to provide and improve the Service in accordance with our Privacy Policy.

We do not use your Customer Data to train our AI models or share it with third parties for marketing purposes.

Feedback

If you provide feedback, suggestions, or feature requests, you grant us the right to use that feedback without restriction or compensation.

7. Data processing & privacy

Our collection and use of personal data is governed by our Privacy Policy, which forms part of these Terms.

Where you use Audulate to process personal data on behalf of your organisation (for example, scanning a website or running DSR workflows), Audulate acts as a data processor and you act as the data controller under UK/EU GDPR. In this capacity:

• You are responsible for ensuring you have a lawful basis to process that personal data.
• You must ensure your end-users are appropriately informed of any scanning or monitoring activities.
• Growth and Enterprise plans include a Data Processing Agreement (DPA) available on request at legal@audulate.com.
• Free plan users may request a DPA — processing volumes permitting.

All personal data is processed within EU/EEA infrastructure. Transfers outside the EEA are covered by Standard Contractual Clauses as detailed in our Privacy Policy.

8. AI-generated content

Audulate uses large language models (LLMs) via third-party providers (including OpenAI and Anthropic Claude) to generate compliance summaries, risk assessments, and remediation recommendations.

You acknowledge and agree that:

• AI-generated outputs may contain errors, omissions, or inaccuracies and should not be relied upon as legal or regulatory advice.
• You are solely responsible for reviewing, validating, and acting on AI-generated content.
• AI summaries do not constitute an audit or legal opinion and do not guarantee regulatory compliance.
• We are not liable for any decisions made on the basis of AI-generated content.
• AI model providers are listed in our Privacy Policy sub-processor table and are bound by confidentiality obligations.

9. Availability & SLAs

Uptime target

We target 99.5% monthly uptime for the platform API and dashboard. This target excludes scheduled maintenance windows (notified at least 48 hours in advance) and events outside our reasonable control.

Maintenance

We perform scheduled maintenance during low-traffic windows (typically Sunday 02:00–04:00 UTC). We aim to notify users of significant maintenance at least 48 hours in advance via email or in-app notice.

No warranty

The Service is provided “as is” and “as available” without warranty of any kind, express or implied, including but not limited to merchantability, fitness for a particular purpose, or non-infringement. We do not warrant that the Service will be error-free, uninterrupted, or that findings are complete or accurate.

Enterprise SLAs

Enterprise customers may negotiate contractual SLAs and uptime commitments as part of their Enterprise agreement. Contact sales@audulate.com for details.

10. Limitation of liability

To the maximum extent permitted by applicable law:

• Neither party shall be liable to the other for indirect, incidental, consequential, special, punitive, or exemplary damages, including loss of profits, revenue, data, or business opportunities.
• Our total aggregate liability arising out of or related to these Terms or the Service shall not exceed the greater of: (a) the total fees paid by you in the 12 months preceding the claim, or (b) £100.
• These limitations apply regardless of the form of action (contract, tort, statute, or otherwise) and even if we have been advised of the possibility of such damages.

Nothing in these Terms limits liability for death or personal injury caused by negligence, fraud or fraudulent misrepresentation, or any liability that cannot be excluded or limited under applicable law.

11. Indemnification

You agree to indemnify, defend, and hold harmless Audulate Ltd, its officers, directors, employees, and agents from and against any claims, damages, losses, costs, and expenses (including reasonable legal fees) arising from:

• Your use of the Service in violation of these Terms
• Scanning websites or repositories without authorisation
• Your Customer Data infringing any third-party intellectual property or privacy rights
• Your violation of applicable laws or regulations

12. Termination

By you

The workspace owner may delete the account at any time from Settings → Danger zone (a typed confirmation is required). On request, the account is immediately signed out of all devices and sessions and a confirmation email is sent. A 30-day grace period then begins: signing in again at any time during those 30 days automatically cancels the deletion and retains all data. If no one signs in for the full 30 days, the workspace and all associated data are permanently and irreversibly erased and cannot be recovered.

By us

We may suspend or terminate your account:

• Immediately, for material breach of these Terms (including acceptable use violations)
• With 30 days' notice, if we discontinue the Service
• With 30 days' notice, if you fail to pay outstanding invoices after our collection attempts

Effect of termination

On termination, your licence to use the Service ceases immediately. You may request a data export before account closure. Provisions that by their nature should survive termination (including IP ownership, limitation of liability, and governing law) shall survive.

13. Governing law

These Terms are governed by and construed in accordance with the laws of England and Wales, without regard to conflict of law principles.

Each party irrevocably submits to the exclusive jurisdiction of the courts of England and Wales for the resolution of any dispute arising out of or in connection with these Terms, provided that either party may seek interim or emergency relief from any court of competent jurisdiction.

If you are a consumer resident in the EU, you also have the right to access the EU Online Dispute Resolution platform at ec.europa.eu/consumers/odr.

14. Contact & disputes

Before initiating formal legal proceedings, we encourage you to contact us to resolve any dispute informally. Most issues can be resolved quickly by our team.