← Back to Legal

Netallion AI Assurance Terms of Service

Effective date: 03 February 2026

These Terms of Service ("Terms") govern your access to and use of Netallion AI Assurance (the "Service"). By creating an account, accessing, or using the Service, you agree to these Terms.

1) Who we are

Netallion AI Assurance is operated by Netallion Limited ("Provider", "we", "us"). Our primary place of business is Auckland, New Zealand.

2) Definitions

  • "Customer" means the legal entity or individual that enters into these Terms.
  • "Users" means individuals authorized by Customer to use the Service.
  • "Customer Content" means data Customer submits to or makes available to the Service, including configuration, workspace identifiers, and any content processed from Customer systems (including logs).
  • "Findings" means detection results produced by the Service (e.g., suspected secrets/PII indicators).
  • "Subscription" means the paid plan and term purchased for the Service.

3) Eligibility and account ownership

You must have authority to bind the Customer (if acting for an organization). You are responsible for maintaining accurate account information and for all activity under your account.

4) The Service

Netallion AI Assurance helps customers identify potential exposure of sensitive data (e.g., suspected secrets and PII indicators) in supported sources. The Service provides signals, not certainty.

You acknowledge:

  • Findings may include false positives and false negatives.
  • The Service does not replace secure SDLC, security review, logging hygiene, or incident response processes.

5) Customer responsibilities

Customer is responsible for:

  • Ensuring Users are authorized and trained.
  • Maintaining secure configurations and access controls in Customer environments.
  • Ensuring Customer has all rights, permissions, and lawful bases needed to provide Customer Content to the Service.
  • Using Findings responsibly and verifying before taking action (e.g., rotating credentials).

6) Acceptable Use

Use of the Service must comply with the Acceptable Use Policy, which is incorporated into these Terms.

7) Subscriptions, billing, and taxes

If you purchase a Subscription directly from us, you agree to pay fees according to your plan and billing cycle. Fees are non-refundable except where required by law or explicitly stated in writing.

Marketplace purchases. If you purchase via a cloud marketplace, billing, invoicing, refunds, and order terms may be governed by that marketplace and any private offer or order document. Your marketplace order terms will apply in addition to these Terms.

8) Trials and betas

Trials and beta features may be offered at our discretion. Trials/betas may have limitations, may change without notice, and may be discontinued at any time.

9) Security and confidentiality

We implement administrative, technical, and organizational measures designed to protect Customer Content.

Customer agrees to:

  • Keep credentials secure
  • Use least-privilege access in customer environments
  • Promptly notify us of suspected unauthorized use

10) Data minimization (no raw secrets storage)

We design Netallion AI Assurance to minimize sensitive data storage. We do not intend to store raw secrets or full raw log payloads in our primary incident records. Typically, we store only:

  • hashed indicators (e.g., strong hash of a suspected secret token),
  • optional masked fragments (e.g., last 4 characters),
  • redacted snippets where detected strings are removed/replaced,
  • metadata needed for investigation (timestamps, source identifiers, severity).

Customer acknowledges that some Customer Content may include sensitive data, and Customer is responsible for preventing sensitive data from being logged in the first place.

11) Intellectual property

We own the Service, including software, design, and underlying technology. Customer retains ownership of Customer Content.

Customer grants us a limited license to process Customer Content solely to provide, maintain, and improve the Service, and to meet legal obligations.

12) Feedback

If you provide feedback, you grant us a perpetual, worldwide right to use it without restriction or compensation.

13) Service availability and changes

We may modify the Service to improve it, comply with law, or address security risks. We may suspend access where required for security or to prevent harm.

We are not liable for downtime caused by factors outside our reasonable control.

14) Third-party services

The Service may rely on third-party infrastructure and services (e.g., cloud hosting). We are not responsible for third-party outages outside our control, but we will make reasonable efforts to restore Service.

15) Warranty disclaimer

To the maximum extent permitted by law, the Service is provided "as is" and "as available". We disclaim all warranties not expressly stated in these Terms, including implied warranties of merchantability, fitness for a particular purpose, and non-infringement.

16) Limitation of liability

To the maximum extent permitted by law:

  • We are not liable for indirect, incidental, special, consequential, or punitive damages, or loss of profits, revenue, goodwill, or data.
  • Our total aggregate liability arising out of or relating to the Service will not exceed the fees paid by Customer to us for the Service in the 3 months preceding the event giving rise to liability.

Nothing in these Terms excludes liability that cannot be excluded under applicable law.

17) Indemnity

Customer will indemnify us against third-party claims arising from:

  • Customer Content,
  • Customer's violation of the Acceptable Use Policy,
  • Customer's unauthorized access to or use of third-party systems.

18) Termination

Customer may cancel according to plan terms. We may suspend or terminate access if:

  • Customer breaches these Terms or the Acceptable Use Policy,
  • continued use creates security or legal risk,
  • payment is overdue (where applicable).

Upon termination, Customer access ends. Data handling after termination is described in Data Retention & Deletion.

19) Contracting out (business customers)

If the Customer is acquiring the Service in trade (for business purposes), the parties agree that, to the extent permitted by law and where fair and reasonable, certain consumer protections may be contracted out of by written agreement. If you require explicit contracting-out wording in an Order Form, contact legal@netallion.ai.

20) Changes to these Terms

We may update these Terms. If changes are material, we will provide reasonable notice (e.g., via email or in-app notice). Continued use after the effective date means you accept the updated Terms.

21) Assignment / change of control

We may assign these Terms and/or transfer the Service to an affiliate or successor in connection with a merger, acquisition, reorganization, or sale of assets, provided your rights are not materially reduced. Customer may not assign without our written consent, except to an affiliate or in connection with a merger/acquisition.

22) Governing law and disputes

These Terms are governed by the laws of New Zealand. The parties submit to the non-exclusive jurisdiction of the courts of New Zealand.