Legal

Terms of Service

Last updated: May 25, 2026

These Terms of Service (“Terms”) govern your access to and use of the Zafeguard website, visual workflow builder, MPC key-management infrastructure, AI agent (MCP) integration, payment workflows, gas station, developer SDK, and any other product, feature, integration, network connector, hosted service, on-premise component, self-hosted distribution, API, library, or interface that Zafeguard now offers or may offer at any time in the future (collectively, the “Services”), provided by Zafeguard Inc., a Delaware corporation (“Zafeguard,” “we,” “us”). Any new product, feature, or service we release after the date of these Terms is automatically part of the Services and subject to these Terms unless we expressly provide separate terms for it. By accessing the Services, you agree to be bound by these Terms.

1. Acceptance and changes

By registering for Zafeguard, creating an account, signing in, or otherwise accessing or using the Services, you agree to these Terms of Service, our Privacy Policy, and our Cookie Policy.If you are entering into these Terms on behalf of an entity, you represent that you have authority to bind that entity, and “you” refers to that entity.

We may modify these Terms, the Privacy Policy, or the Cookie Policy from time to time. In the event of any material change to these documents, we will notify you via the Services or by email to all users (free and paid) at least 30 days before the change takes effect, except where a shorter period is required for legal or security reasons. Your continued use of the Services after the effective date of a change will be considered your acceptance of and consent to the updated documents.

Dispute-resolution opt-out for material changes. If a material change modifies Section 23 (Governing law), Section 24 (Arbitration), or Section 25 (Notices), you may reject that change by emailing hello@zafeguard.com within 30 days of the notice. Rejection preserves the prior version of those sections as between you and Zafeguard; it does not affect any other section. Persistent use of the Services more than 30 days after the notice without sending a rejection email is acceptance.

Previous versions of these Terms are available on request.

2. Eligibility

You must be at least 18 years old and capable of forming a binding contract under applicable law to create an account or otherwise use any part of the Services that requires an account. You may not use the Services if you are located in, ordinarily resident in, or organized under the laws of any country or region subject to comprehensive US, EU, UN, or UK sanctions, or if you appear on any applicable sanctions list (OFAC SDN, EU consolidated list, UK HM Treasury list, etc.).

3. Accounts and workspaces

To use most features of the Services you must create an account. You are responsible for safeguarding your credentials, MFA factors, API keys, and recovery factors, and for all activity under your account.

Workspaces allow multiple users to collaborate. The workspace owner is responsible for inviting members, managing roles, and complying with these Terms across the workspace. We may suspend or terminate accounts that violate these Terms.

4. Description of the Services

Zafeguard provides software and technology infrastructure. We are not a bank, custodian, fiduciary, money transmitter, money services business, exchange, broker, dealer, investment adviser, or financial institution of any kind. We do not hold customer funds, we do not facilitate the exchange of one asset for another, and we do not provide investment, financial, legal, tax, or any other professional advice. You acknowledge that no fiduciary, agency, partnership, joint venture, broker-client, employment, or trust relationship is created by these Terms or your use of the Services.The Services are tools you direct — you remain in control of the keys, the workflows, the policies, and the on-chain actions you initiate.

The Services include, depending on your plan and configuration:

  • Visual builder — a drag-and-drop canvas for composing blockchain workflows from pre-built components.
  • MPC key management — built-in multi-party computation key custody, or self-hosted MPC clusters in your environment.
  • AI agent integration (MCP) — an MCP server endpoint enabling AI agents to call your workflows.
  • Payment workflows — invoice generation, multi-currency checkout, smart-contract escrow, MPC-signed settlement, and treasury routing components.
  • Gas station — policy-based gas sponsorship across supported EVM chains.
  • Developer SDK and API — a TypeScript client, REST API, and webhooks for programmatic use.
  • Self-hosted distributions — MPC node software, gas-station policy engine, AI agent runner, and other components you may deploy on your own infrastructure under Section 10.

Listings of third-party blockchains, tokens, smart contracts, AI providers, identity providers, exchanges, dApps, or other services within or accessible through the Services are for information and interoperability only. We do not endorse, recommend, vet, or take any responsibility for those third parties. You are solely responsible for evaluating any third party you choose to interact with through the Services.

Features may be added, removed, or modified at our discretion. We will provide at least 30 days' notice by email or in-app message of changes that materially reduce functionality of paid plans, except where a shorter period is required for legal or security reasons.

5. License to use the Services

Subject to your compliance with these Terms and payment of applicable fees, Zafeguard grants you a limited, non-exclusive, non-transferable, revocable license to access and use the Services for your internal business or personal purposes. Any separate license terms applicable to self-hosted distributions are described in Section 10 and the accompanying license file shipped with that distribution; in the event of a conflict, the self-hosted license file controls for the self-hosted component and these Terms control for everything else.

You may not, and may not permit others to:

  • Copy, modify, or create derivative works of the Services or our proprietary software, except as expressly permitted by an applicable open-source or self-hosted license;
  • Reverse engineer, decompile, or attempt to extract the source code of the Services, except to the extent permitted by law;
  • Resell, sublicense, or commercially exploit the Services other than as expressly permitted;
  • Use Zafeguard's confidential information obtained through the Services (including non-public source code, internal documentation, security architecture, or roadmap material) to develop a product or service that competes with the Services, or to benchmark for the benefit of a competitor;
  • Remove proprietary notices, branding, or attributions.

6. Acceptable use

You agree not to use the Services to:

  • Violate any applicable law or regulation, including securities, commodities, money-transmission, AML, KYC, sanctions, tax, or consumer-protection laws;
  • Facilitate fraud, market manipulation, theft, ransomware payments, terrorist financing, or other illicit activity;
  • Process transactions for or on behalf of sanctioned persons or jurisdictions;
  • Infringe intellectual property or privacy rights of others;
  • Distribute malware, conduct phishing, or impersonate any person or entity;
  • Interfere with the Services, attempt unauthorized access, or evade rate limits and security mechanisms;
  • Use automated means (other than the documented API and SDK) to access the Services;
  • Build, train, or fine-tune competitor AI models on outputs of the Services.

We reserve the right to investigate suspected violations and to suspend access immediately where we reasonably believe continued access poses a security, legal, or financial risk.

7. Fees and billing

Fees for paid plans are described on our pricing page. Unless stated otherwise, fees are charged in advance, are non-refundable, and exclude applicable taxes, which are addressed in Section 8.

Pay-as-you-go usage is billed on a per-run basis at the rate published at the time of each run. You are responsible for every run charged to your account, including runs triggered automatically by scheduled workflows, webhooks, AI agents you have connected via MCP, and other autonomous actors you have authorized. Blockchain network gas fees are not included in run pricing and are paid separately from your own funds or sponsored via the Gas Station component you configure.

We may change pricing for new billing periods with at least 30 days' notice. Late or failed payments may result in suspension of paid features until the balance is cured.

8. Taxes

Subscription and usage taxes.Fees are exclusive of all sales, use, value-added (VAT), goods-and-services (GST), withholding, or similar taxes, however designated. You are responsible for all such taxes (other than taxes on Zafeguard's net income), and where Zafeguard is required to collect them we will add them to your invoice. If a payment to Zafeguard is subject to withholding under applicable law, you will gross up the payment so that the net amount received by Zafeguard equals the amount that would have been received absent the withholding.

Crypto-asset taxes are yours alone.You are solely responsible for determining and paying any tax (including income, capital-gains, VAT, GST, withholding, or transfer tax) arising from your crypto-asset activity conducted through the Services, including transactions, swaps, transfers, payment runs, gas reimbursements, hard-fork tokens, airdrops, staking rewards, liquidity provision, or any other on-chain event — whether received automatically or claimed manually. Zafeguard does not issue tax forms for on-chain activity (other than US tax forms for direct subscription payments where required) and does not act as a withholding agent for on-chain transfers.

Not tax advice. Nothing in the Services, our documentation, our marketing materials, or any communication from Zafeguard staff is tax advice. Tax treatment of digital assets is jurisdiction-specific and evolving; consult a qualified tax adviser.

9. Key material and your responsibility

“Key Material”means any cryptographic or authentication artifact associated with your account, workspace, or wallets — including private keys, MPC key shards, threshold shares, seed phrases, mnemonic backups, recovery factors, signing keys, session tokens, API keys, OAuth credentials, social-login factors, hardware-security-module material, passkeys, multi-factor secrets, and any equivalent material introduced by current or future Zafeguard products.

Where the Services use multi-party computation, no complete private key ever existsat Zafeguard — key shards are distributed across separate nodes and signing requires a threshold of nodes to participate. Where the Services use other custody, identity, or signing models (now or in the future), the underlying technology may differ, but the responsibility allocation in this Section applies equally.

Zafeguard is a technology provider, not a custodian, fiduciary, money transmitter, exchange, or broker of your funds, assets, or accounts. We make no warranty of any kind regarding your Key Material, including no warranty of safekeeping, availability, recoverability, secrecy, integrity, or fitness for any purpose.

You acknowledge and agree, to the maximum extent permitted by applicable law, that:

  • You are solely and exclusively responsible for the secrecy, integrity, availability, backup, recovery, and use of your Key Material;
  • Loss, theft, destruction, leak, disclosure, or unauthorized use of any Key Material may result in permanent and irreversible loss of access to wallets, workflows, and on-chain assets, and Zafeguard cannot restore them on your behalf under any circumstance;
  • Zafeguard cannot recover lost recovery factors, lost social-login accounts, destroyed key shards, forgotten passwords, or compromised credentials, and is not liable for losses arising from any of those events;
  • If you operate self-hosted MPC nodes or other self-hosted components, Section 10 governs and you are solely responsible for the availability, security, and recovery of those nodes and components;
  • Threshold policies, guardian sets, approval rules, and any other access-control configurations you choose govern signing authority — you are responsible for setting them appropriately and for the consequences of any signature produced under them;
  • Any transaction signed under your configuration and submitted to a blockchain is irreversible, and Zafeguard has no ability and no obligation to reverse, rewind, or compensate for it;
  • Zafeguard is not liable for any loss, theft, unauthorized access, unauthorized signing, leak, exposure, or destruction of Key Material arising from compromise of any MPC node, threshold-protocol implementation, cryptographic primitive, third-party dependency, identity provider, hardware device, or the broader internet — regardless of the cause, regardless of which Zafeguard product or future product is involved, and regardless of whether such compromise was reasonably foreseeable.

You use the Services and any handling of Key Material entirely at your own risk. No advice or assistance provided by Zafeguard in connection with Key Material constitutes a guarantee or warranty of any kind.

10. Self-hosted deployments

Zafeguard may make available distributions of its software — including MPC node software, gas-station policy engine, AI agent runner, workflow execution components, and related tooling (each, a “Self-Hosted Component”) — for you to deploy and operate on infrastructure you control. This Section governs Self-Hosted Components and supplements (and where it conflicts, overrides) any other section as applied to them. Self-Hosted Components are licensed under the license file that accompanies the distribution; if no separate license file is provided, the limited license in Section 5 applies, subject to this Section.

10.1 AS IS, no warranty, no SLA. Self-Hosted Components are provided “AS IS” and “AS AVAILABLE”, with all faults, and without warranty of any kind — express, implied, statutory, or otherwise — including no warranty of merchantability, fitness for a particular purpose, title, non-infringement, accuracy, reliability, availability, uptime, or security. No service-level agreement, availability target, uptime warranty, or security warranty applies to Self-Hosted Components.

10.2 You are the sole operator. You are exclusively responsible for the deployment, configuration, network security, host operating system, container runtime, dependency patching, monitoring, alerting, backup, disaster recovery, capacity planning, scaling, load balancing, key custody, node availability, threshold parameters, guardian sets, audit logging, log retention, secrets management, identity provider integration, access controls, and compliance with all legal and regulatory obligations applicable to your deployment and to your end users. Zafeguard has no visibility into, and no control over, your Self-Hosted Component instances.

10.3 No support obligation.Support, security advisories, bug fixes, patches, version upgrades, and security updates for Self-Hosted Components are provided at Zafeguard's discretion unless you have a separate written paid support agreement with us. You are responsible for monitoring our published advisories and release notes and for applying updates in a timely manner. Failure to apply a published security update is your responsibility and does not give rise to any claim against Zafeguard.

10.4 No liability for self-hosted compromise. TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, ZAFEGUARD HAS NO LIABILITY OF ANY KIND FOR ANY LOSS, THEFT, OUTAGE, BREACH, COMPROMISE, UNAUTHORIZED ACCESS, KEY EXPOSURE, DATA LOSS, OR OTHER HARM ARISING FROM OR RELATED TO YOUR OPERATION OF A SELF-HOSTED COMPONENT — EVEN IF SUCH HARM IS CAUSED IN WHOLE OR IN PART BY A DEFECT, BUG, VULNERABILITY, OR ERROR IN A ZAFEGUARD SELF-HOSTED COMPONENT, EVEN IF ZAFEGUARD HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH HARM, AND REGARDLESS OF WHETHER THE CLAIM SOUNDS IN CONTRACT, TORT (INCLUDING NEGLIGENCE), STRICT LIABILITY, STATUTE, OR OTHERWISE. YOU ASSUME ALL RISK OF OPERATING ZAFEGUARD SOFTWARE ON YOUR INFRASTRUCTURE.

10.5 Self-hosted Key Material is exclusively yours. Any Key Material generated, held, or used by a Self-Hosted Component is entirely under your control and responsibility. Even where a defect in a Zafeguard Self-Hosted Component is the proximate cause of a key compromise or asset loss, you assumed that risk by self-hosting, and Zafeguard has no liability for any resulting loss of assets, data, or access.

10.6 No source escrow, no continuity obligation. Zafeguard has no obligation to release source code, place source in escrow, transfer rights, hand over keys or signing material, or assist migration beyond the published install path and documentation for the Self-Hosted Component, even if Zafeguard ceases to offer the hosted Services or the Self-Hosted Component itself.

10.7 Export controls and sanctions. You represent and warrant that you may lawfully receive, install, and operate the Self-Hosted Component in your jurisdiction, including under US export-control laws (Export Administration Regulations, OFAC sanctions), EU dual-use regulations, UK export controls, and any applicable encryption-import rules. You will not export, re-export, transfer, or make the Self-Hosted Component available to any person, entity, or destination prohibited by those laws. You will indemnify Zafeguard for any claim, fine, penalty, or loss arising from your breach of this Section 10.7, on the terms set out in Section 22.

10.8 Downstream users and multi-tenancy. If you use a Self-Hosted Component to offer a service to your own end users (whether internal users, customers, or counterparties), you are exclusively responsible to those end users for all matters, including service availability, security, data protection, consumer protection, anti-money-laundering compliance, sanctions screening, financial regulation, and dispute handling. You are the sole data controller for your end users' personal data, you are the sole regulated party where regulation applies, and Zafeguard is neither joint controller nor processor for that data and neither party to nor backstop for your relationship with those end users. You will indemnify Zafeguard for any claim brought by your end users in connection with your Self-Hosted Component deployment, on the terms set out in Section 22.

10.9 Trademark and endorsement limits.Your right to use Zafeguard's name, marks, or logos in connection with a Self-Hosted Component deployment is limited to factual statements (e.g., “powered by Zafeguard” where accurate). You may not represent, suggest, or imply that Zafeguard endorses, supports, has audited, has certified, or is otherwise responsible for your deployment, your operations, or your end users.

10.10 Termination of self-host rights. Zafeguard may revoke your right to use a Self-Hosted Component, in whole or in part and with or without notice, for material breach of these Terms (including sanctions or export-control violations, fork-and-rebrand attempts, unauthorized sublicensing, or breach of Sections 5, 6, 10.7, or 10.9). Upon revocation you must cease use of the Self-Hosted Component within 30 days, destroy all copies in your possession or control, and certify destruction on request. Zafeguard has no obligation to assist with data extraction, migration, or key recovery in connection with revocation.

11. Blockchain and crypto risks

Use of public blockchains carries inherent risks, including:

  • Irreversibility of confirmed transactions;
  • Price volatility of cryptocurrencies and tokens;
  • Network congestion, fee spikes, and chain reorganizations;
  • Smart-contract bugs in third-party contracts you interact with;
  • Oracle failure, oracle manipulation, and stale or incorrect price feeds;
  • Bridge failures, bridge hacks, and loss of cross-chain message integrity;
  • MEV, frontrunning, sandwich attacks, and other adversarial transaction ordering;
  • Validator or sequencer downtime, censorship, or misbehaviour;
  • Layer-2 fraud-proof or challenge windows that delay finality or withdrawals;
  • Stablecoin de-pegging, issuer insolvency, or redemption suspension;
  • Regulatory uncertainty and changes in applicable law;
  • Loss of access if you lose your authentication or recovery factors.

You are responsible for evaluating these risks and using the Services accordingly. Zafeguard does not provide investment, financial, tax, or legal advice.

12. Forks, airdrops, and dormant accounts

Forks. Blockchain networks may undergo hard forks, soft forks, contentious splits, protocol migrations, or rebranding events. Zafeguard does not commit to supporting any forked network, replacement chain, or successor token, and our decision whether to support, ignore, or pause activity on any forked or successor network is at our sole discretion. Zafeguard has no liability for assets, balances, or workflow runs affected by a fork event.

Airdrops, hard-fork tokens, staking rewards, and similar passive accruals. Tokens, NFTs, or other on-chain assets that accrue to your wallet by airdrop, hard fork, retroactive distribution, staking reward, or similar passive mechanism belong to you. However, Zafeguard has no obligation to detect, claim, surface, list, value, distribute, or transmit such assets, and we make no representation that the Services will recognize them. You are solely responsible for monitoring, claiming, and securing such assets, and for the tax consequences described in Section 8.

Dormant accounts. If your account shows no sign-in, no workflow run, and no billing activity for 12 consecutive months, we may classify it as dormant. We may attempt to contact you at the email on file, and if we receive no response within 30 days we may suspend the account and pause associated workflows. Suspension does not delete data; reinstatement is available on request subject to identity verification and applicable unclaimed-property laws.

13. Assumption of risk

YOU EXPRESSLY ASSUME ALL RISK ASSOCIATED WITH YOUR USE OF THE SERVICES. Without limiting Sections 9, 10, 11, 12, 14, 15, 19, 20, 21, or 22, you acknowledge and agree that, to the maximum extent permitted by applicable law:

  • The Services, the underlying internet, MPC nodes, blockchain networks, identity providers, AI providers, and other third-party dependencies may be subject to unauthorized access, intrusion, software bugs, cryptographic weaknesses, supply-chain compromise, insider misconduct, denial-of-service attacks, regulatory actions, and other events outside our reasonable control;
  • Such events may result in temporary or permanent loss of access, loss of data, loss of digital assets, unauthorized transactions, disclosure of personal or financial information, or other harms;
  • You accept all such risks, and you will not seek to hold Zafeguard responsible for any resulting losses, regardless of cause and regardless of fault, including any negligence on our part — except in cases of gross negligence or willful misconduct or as otherwise required by applicable non-waivable law;
  • You will maintain your own backups, recovery factors, and risk-mitigation measures (including, where appropriate, cyber-insurance) commensurate with the value of the assets and data you process through the Services;
  • You will not rely on the Services as your sole point of failure, and you accept full responsibility for the consequences of any configuration, integration, or operational decisions you make.

This assumption of risk survives any termination of these Terms and applies regardless of the legal theory (contract, tort, statute, strict liability, or otherwise) under which a claim is brought.

14. AI agents and MCP

When you connect AI agents (Claude, GPT, your own agents) to your workspace via our MCP server, those agents can call workflows you have exposed and trigger on-chain actions within the policy limits you set.

You acknowledge and agree that:

  • AI agents act autonomously and may produce outputs that are inaccurate, biased, or unintended;
  • You are responsible for the workflows you expose, the prompts you send, the policy limits you configure, and any resulting on-chain actions, including actions taken in response to prompt injection, indirect prompt injection, jailbreaks, or other adversarial inputs from sources you have not curated;
  • You are responsible for and will pay for every usage charge generated by AI-triggered runs (and any other autonomous trigger you have authorized), on the terms set out in Section 7;
  • Zafeguard is not responsible for outputs of third-party AI providers, and your use of those providers is subject to their own terms. Third-party AI providers act as independent controllers of the data routed through them, and they may have separate rights or claims to inputs and outputs under their own terms;
  • Ownership of AI outputs. As between you and Zafeguard, you own AI-generated outputs produced for your workspace, subject to any rights asserted by third-party AI providers in their own terms. You grant Zafeguard a limited license to use aggregated, de-identified, or anonymized usage data to operate, secure, and improve the Services;
  • You will not rely solely on AI-generated outputs for decisions of material consequence without human review where appropriate.

15. Third-party services

The Services interoperate with third-party blockchains, oracles, identity providers, AI providers, payment processors, and other services. Your use of those third parties is subject to their own terms and policies. Where they receive personal data, they generally act as independent controllersof that data, not as Zafeguard's processors. Zafeguard is not responsible for the availability, security, content, or data-protection practices of third-party services.

Authorization granted to third-party applications (“Login with Zafeguard”). You may sign in to third-party applications using your Zafeguard account via the OAuth 2.0 / OpenID Connect surface we operate. You are solely responsible for reviewing the identity, scope request, redirect URI, and stated privacy practices of any application before authorizing it. Authorization is per-workspace: when you allow a third-party application, you grant it the scopes you check on the consent screen on the specific workspace you select, and on no other workspace. Once disclosed, information sent to the third-party application is outside our control; revoking your authorization at any time stops further data flow but does not retroactively recall data the application has already received. Zafeguard makes no representations or warranties about, and disclaims liability for, the conduct, security, or data practices of any third-party application you authorize.

Developer terms (OAuth-app providers).Customers granted the developer permission to register OAuth applications on the platform must submit accurate metadata — name, description, logo, homepage, privacy-policy URL, terms-of-service URL, redirect URIs, and requested scopes — via the Developer surface. Submitting a draft for admin review is your acceptance of the following: (a) you will not impersonate Zafeguard, another company, or another developer's product; (b) you will request only the scopes your integration genuinely needs and will not request a wider scope as a placeholder for future capabilities; (c) you will handle the client secret and any user data received via the OAuth flow under at least the same care you would apply to your own production credentials; (d) you will publish a privacy policy and terms of service at the URLs you submitted and will keep them current; (e) you will not use the OAuth flow to phish, harvest credentials, or otherwise mislead end-users about which party they are authorizing. Zafeguard reserves the right, at its sole discretion and without prior notice, to reject a pending submission, revert an approved application to draft status (which invalidates the client secret and disables the OAuth flow until re-approval), or permanently delete an OAuth application, on the basis of a suspected violation of these terms, a suspected security incident involving the application, or a lawful request from a competent authority.

Revocation rights reserved. Zafeguard further reserves the right to revoke any specific user-application authorization (the consent record tying one of your accounts to a third-party application on a particular workspace) where we have reasonable grounds to believe the authorization is being abused, was obtained under false pretences, or poses a risk to other users or to platform integrity. Revocation does not entitle the affected end-user or developer to compensation; it is an operational safety measure consistent with the suspension and termination rights elsewhere in these Terms.

16. Compliance and sanctions

You represent and warrant that your use of the Services complies with all applicable laws and that you are not on any applicable sanctions list. We screen wallet addresses, transaction counterparties, and user identifiers against sanctions lists and risk-scoring services, and we may refuse to process, may block, may freeze, may reverse-route, or may report any transaction that fails screening. We may suspend or terminate accounts on the basis of screening results without prior notice where required by law.

KYC / KYB. We may at our discretion request that you, your beneficial owners, or your workspace members provide identity-verification information (passport or government ID, address, source-of-funds attestation, corporate registration, beneficial-ownership chart), whether or not required by law, and you agree to cooperate promptly and in good faith. Failure to cooperate, or provision of false or misleading information, is grounds for immediate suspension or termination of your account, refusal to process pending transactions, and reporting to relevant authorities where required.

17. Intellectual property

Zafeguard retains all right, title, and interest in the Services, including all underlying software, designs, documentation, and trademarks. Nothing in these Terms transfers any of those rights to you except for the limited license set out in Section 5 and any separate license accompanying a Self-Hosted Component under Section 10.

You retain ownership of the content you create using the Services (workflow definitions, configurations, outputs). You grant Zafeguard a limited license to host, process, transmit, and display such content solely as necessary to provide the Services to you.

18. Feedback

If you submit suggestions, ideas, or feedback about the Services, you grant Zafeguard a worldwide, royalty-free, irrevocable license to use that feedback without restriction or obligation.

19. Suspension and termination

You may stop using the Services and delete your account at any time. We may suspend or terminate your access if you breach these Terms, if your use poses a security, legal, or financial risk, or as required by law. We will provide at least 30 days' notice by email or in-app message for non-cause termination of paid accounts. We may terminate immediately and without notice where required by law, where the account is associated with a sanctioned person or jurisdiction, where there is a credible threat to the security of the Services or other users, or where continued operation would expose Zafeguard to legal or regulatory liability.

Post-termination export and migration window. Except in cases of immediate termination above, for 60 days after termination we will, on request and where technically feasible, provide read-only access for you to export your workflow definitions, run logs, and similar workspace data. For built-in MPC wallets, during that window you may initiate a self-hosted migration or key-export procedure consistent with the threshold and guardian configuration of the wallet; Zafeguard cannot release a complete private key because no complete private key exists, and cooperation with key reconstruction is subject to the protocol-level participation of the configured guardians and node operators. After the 60-day window, we may delete workspace data subject to Section 7 of the Privacy Policy.

Upon termination: (a) your right to access the Services ends; (b) we will retain or delete your data as described in the Privacy Policy; (c) the following sections survive termination: Section 5 (License restrictions), Section 7 (Fees), Section 8 (Taxes), Section 9 (Key material), Section 10 (Self-hosted deployments), Section 13 (Assumption of risk), Section 14 (AI agents), Section 15 (Third-party services), Section 17 (Intellectual property), Section 18 (Feedback), Section 20 (Disclaimer of warranties), Section 21 (Limitation of liability), Section 22 (Indemnification), Section 23 (Governing law), Section 24 (Arbitration), Section 25 (Notices), and Section 26 (Miscellaneous), along with any other provision that by its nature should survive.

20. Disclaimer of warranties

THE SERVICES, INCLUDING ALL SOFTWARE, DOCUMENTATION, CONTENT, AND OUTPUTS, ARE PROVIDED “AS IS” AND “AS AVAILABLE”, WITH ALL FAULTS, AND WITHOUT WARRANTY OF ANY KIND, EXPRESS, IMPLIED, STATUTORY, OR OTHERWISE.

TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, ZAFEGUARD AND ITS AFFILIATES, OFFICERS, DIRECTORS, EMPLOYEES, AGENTS, AND LICENSORS DISCLAIM ALL WARRANTIES, INCLUDING WITHOUT LIMITATION: WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE, NON-INFRINGEMENT, QUIET ENJOYMENT, ACCURACY, COMPLETENESS, RELIABILITY, AVAILABILITY, SECURITY, OR THAT THE SERVICES WILL BE UNINTERRUPTED, TIMELY, ERROR-FREE, OR FREE OF VIRUSES, MALICIOUS CODE, OR OTHER HARMFUL COMPONENTS.

WITHOUT LIMITING THE FOREGOING, WE MAKE NO WARRANTY AND ASSUME NO RESPONSIBILITY FOR:

  • THE OPERATION, AVAILABILITY, FEES, CONGESTION, REORGANIZATIONS, FORKS, OR SECURITY OF ANY BLOCKCHAIN NETWORK;
  • THE BEHAVIOUR, AVAILABILITY, OR SECURITY OF ANY THIRD-PARTY SMART CONTRACT, DAPP, TOKEN, ORACLE, BRIDGE, EXCHANGE, IDENTITY PROVIDER, AI PROVIDER, OR OTHER THIRD PARTY YOU INTERACT WITH THROUGH THE SERVICES;
  • THE ACCURACY, COMPLETENESS, OR RELIABILITY OF AI-GENERATED OUTPUTS, ROUTING DECISIONS, PRICE QUOTES, OR ON-CHAIN DATA;
  • ANY LOSS, THEFT, EXPLOIT, HACK, PHISHING ATTACK, MALWARE, KEY COMPROMISE, BREACH OF MPC NODES, SUPPLY-CHAIN ATTACK, OR OTHER SECURITY INCIDENT, REGARDLESS OF WHETHER IT ORIGINATED FROM ZAFEGUARD, A THIRD PARTY, OR YOU;
  • ANY IRREVERSIBLE ON-CHAIN ACTION TAKEN UNDER YOUR THRESHOLD POLICIES OR BY AGENTS YOU AUTHORIZED;
  • ANY REGULATORY ACTION, BLACKLISTING, SANCTIONS DESIGNATION, OR LEGAL CHANGE AFFECTING YOUR USE OF THE SERVICES OR THE ASSETS YOU PROCESS THROUGH THEM.

NO ADVICE OR INFORMATION, WHETHER ORAL OR WRITTEN, OBTAINED FROM ZAFEGUARD OR THROUGH THE SERVICES, WILL CREATE ANY WARRANTY NOT EXPRESSLY STATED IN THESE TERMS.

Some jurisdictions do not allow the exclusion of certain warranties. In those jurisdictions, the above exclusions apply to the maximum extent permitted by law, and any warranties that cannot lawfully be disclaimed are limited in duration to the minimum period required by law.

21. Limitation of liability

TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, AND EXCEPT FOR ZAFEGUARD'S GROSS NEGLIGENCE OR WILLFUL MISCONDUCT OR AS OTHERWISE REQUIRED BY NON-WAIVABLE LAW, IN NO EVENT WILL ZAFEGUARD, ITS AFFILIATES, OR ANY OF THEIR RESPECTIVE OFFICERS, DIRECTORS, EMPLOYEES, AGENTS, OR LICENSORS BE LIABLE TO YOU OR ANY THIRD PARTY FOR ANY:

  • INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, CONSEQUENTIAL, OR PUNITIVE DAMAGES;
  • LOSS OF PROFITS, REVENUE, GOODWILL, BUSINESS OPPORTUNITY, OR ANTICIPATED SAVINGS;
  • LOSS OF, DAMAGE TO, OR UNAUTHORIZED ACCESS, USE, ALTERATION, OR DISCLOSURE OF DATA, ACCOUNTS, CREDENTIALS, KEYS, RECOVERY FACTORS, WALLETS, OR DIGITAL ASSETS;
  • DAMAGES RESULTING FROM ANY HACK, EXPLOIT, BREACH, PHISHING ATTACK, MALWARE, KEY COMPROMISE, SOCIAL-ENGINEERING ATTACK, INSIDER MISCONDUCT, BUG, OUTAGE, FORK, REORGANIZATION, OR OTHER SECURITY OR OPERATIONAL EVENT — WHETHER ORIGINATING WITH ZAFEGUARD, A THIRD PARTY, OR YOU;
  • DAMAGES RESULTING FROM ANY IRREVERSIBLE ON-CHAIN ACTION INITIATED BY YOU, BY AN AI AGENT YOU AUTHORIZED, OR UNDER A THRESHOLD POLICY YOU CONFIGURED;
  • DAMAGES RESULTING FROM ANY ERRONEOUS, MALICIOUS, OR UNVETTED THIRD-PARTY SMART CONTRACT, DAPP, ORACLE, BRIDGE, EXCHANGE, IDENTITY PROVIDER, OR AI PROVIDER YOU INTERACT WITH THROUGH THE SERVICES;
  • DAMAGES RELATED TO A SELF-HOSTED COMPONENT, WHICH ARE GOVERNED BY SECTION 10.

THE FOREGOING LIMITATIONS APPLY REGARDLESS OF THE LEGAL THEORY UNDER WHICH A CLAIM IS BROUGHT (CONTRACT, TORT, INCLUDING NEGLIGENCE, STRICT LIABILITY, STATUTE, OR OTHERWISE) AND EVEN IF ZAFEGUARD HAS BEEN ADVISED OF, OR SHOULD HAVE KNOWN OF, THE POSSIBILITY OF SUCH DAMAGES, AND EVEN IF A REMEDY SET FORTH HEREIN IS FOUND TO HAVE FAILED OF ITS ESSENTIAL PURPOSE.

OUR TOTAL CUMULATIVE LIABILITY ARISING OUT OF OR RELATING TO THESE TERMS OR THE SERVICES, FROM ALL CAUSES OF ACTION COMBINED, WILL NOT EXCEED THE GREATER OF (A) THE AMOUNTS YOU PAID TO ZAFEGUARD FOR THE SERVICES IN THE 12 MONTHS IMMEDIATELY PRECEDING THE EVENT GIVING RISE TO THE CLAIM, OR (B) USD $100.

You acknowledge that the foregoing limitations are an essential element of the bargain between you and Zafeguard, and that, absent these limitations, the pricing and terms on which the Services are offered would be substantially different. Some jurisdictions do not allow the exclusion or limitation of certain damages. In those jurisdictions, our liability is limited to the maximum extent permitted by law, and nothing in these Terms limits liability that cannot lawfully be limited (including liability for death or personal injury caused by negligence, fraud, or fraudulent misrepresentation).

22. Indemnification

You agree to indemnify, defend, and hold harmless Zafeguard and its affiliates, officers, directors, employees, and agents from and against any third-party claims, liabilities, damages, losses, costs, and expenses (including reasonable attorneys' fees) arising out of or in any way connected with: (a) your access to or use of the Services; (b) your violation of these Terms; (c) your workflows, content, configurations, threshold policies, or on-chain actions, including any action initiated by, on behalf of, or triggered by an AI agent, autonomous workflow, scheduled trigger, MCP client, webhook, or other third party you have authorized; (d) your violation of any third-party rights, including intellectual property or privacy rights; (e) your violation of any law, including export-control, sanctions, AML, KYC, tax, or consumer-protection law; or (f) your operation of, or your end users' interaction with, a Self-Hosted Component under Section 10.

Defense and control.Zafeguard will provide you prompt written notice of any claim for which it seeks indemnification. Zafeguard has the right to control the defense and settlement of any indemnified claim with counsel of its choice; you will cooperate fully in the defense. You may not settle or compromise any indemnified claim, agree to any injunction or admission of liability, or make any statement on Zafeguard's behalf, without Zafeguard's prior written consent.

Carve-out.Your indemnification obligation does not apply to the extent a claim arises solely from Zafeguard's gross negligence or willful misconduct, as finally determined by a court or arbitrator of competent jurisdiction.

23. Governing law and dispute resolution

These Terms are governed by the laws of the State of Delaware, USA, without regard to conflict-of-laws principles. Subject to Section 24, any dispute arising out of or relating to these Terms or the Services will be brought exclusively in the state or federal courts located in Delaware, and you and Zafeguard consent to personal jurisdiction in those courts.

Consumer carve-out. Nothing in this Section deprives you, as a consumer, of the mandatory protections of the law of the country of your habitual residence. Where applicable consumer-protection law gives you a non-waivable right to bring proceedings in the courts of your country of habitual residence, that right is preserved.

24. Arbitration and class-action waiver (US users)

Informal resolution first. Before initiating arbitration, the party with a dispute must send a written notice of dispute to the other party describing the nature and basis of the claim and the relief sought (see Section 25 for delivery). The parties will attempt in good faith to resolve the dispute informally for 30 days from receipt of the notice. Only after that period may arbitration be initiated, and the running of any limitations period is tolled during the informal-resolution period.

If you are a US resident, you and Zafeguard agree to resolve any dispute arising out of these Terms or the Services through binding individual arbitration administered by the American Arbitration Association under its Commercial Arbitration Rules and, where applicable, its Consumer Arbitration Rules, in English, in Delaware (or by video, by agreement). For 25 or more substantially similar claims filed by or coordinated through the same or coordinated counsel, the AAA Mass Arbitration Supplementary Rules apply, including bellwether and batching procedures — the parties agree to cooperate with the AAA process administrator to staged selection of bellwether cases, with subsequent batches sequenced based on bellwether outcomes. YOU AND ZAFEGUARD WAIVE THE RIGHT TO A JURY TRIAL AND TO PARTICIPATE IN A CLASS, COLLECTIVE, OR REPRESENTATIVE ACTION. Either party may bring small-claims actions in court. Either party may seek injunctive relief in court to protect intellectual property rights.

30-day arbitration opt-out. You may opt out of this arbitration agreement by sending written notice to arbitration-optout@zafeguard.comwithin 30 days of first accepting these Terms (or, for these Terms' first publication, within 30 days of the “Last updated” date for existing users). The notice must include your name, account email, and a statement that you opt out of arbitration. Opt-out does not affect any other provision of these Terms.

Non-US users.For users who are not US residents, disputes are resolved as follows: (i) consumer disputes may be brought in the courts of the consumer's country of habitual residence to the extent required by applicable consumer-protection law (see Section 23); (ii) all other disputes are finally resolved by arbitration under the Rules of Arbitration of the International Chamber of Commerce (ICC) by one or three arbitrators appointed in accordance with those rules, seated in Delaware (or, by agreement, in a neutral seat), conducted in English, with the substantive law of Delaware (subject to Section 23).

25. Notices

Notices to you. We may send notices to you by email to the address associated with your account, by in-app message, or by posting on the Services. You are responsible for keeping your contact email current.

Notices to Zafeguard. Formal legal notices to Zafeguard must be sent by email to hello@zafeguard.comwith the subject line “Legal notice”, and concurrently by registered mail or recognized courier to: Zafeguard Inc., Legal, Delaware, USA (full postal address provided on request). Notices are deemed received on delivery confirmation of the email or, for postal notice, on the date of receipted delivery.

Pre-dispute informal resolution. The 30-day informal resolution procedure in Section 24 applies to all formal disputes regardless of forum, and a written notice of dispute under this Section is a prerequisite to commencing arbitration or litigation other than small-claims actions and injunctive proceedings to protect intellectual property.

26. Miscellaneous

  • Entire agreement. These Terms and the Privacy Policy constitute the entire agreement between you and Zafeguard regarding the Services and supersede all prior or contemporaneous understandings.
  • No oral modification. These Terms may be modified only as expressly set out in Section 1 (changes by Zafeguard with notice) or by a written instrument signed by an authorized representative of Zafeguard. Oral statements and informal communications do not modify these Terms.
  • No third-party beneficiaries. Except for Zafeguard's affiliates, officers, directors, employees, agents, and licensors (who are beneficiaries of the disclaimers, limitations of liability, and indemnities), these Terms confer no rights on any person other than you and Zafeguard.
  • No waiver. A failure to enforce any provision is not a waiver of that provision.
  • Severability and blue-pencil reformation. If any provision of these Terms is held invalid or unenforceable by a court or arbitrator of competent jurisdiction, the provision will be reformed and applied to the minimum extent necessary to render it enforceable, preserving as closely as possible the original intent of the parties; if reformation is not possible, the provision will be severed and the remainder of these Terms will continue in full force and effect.
  • Assignment. You may not assign these Terms, in whole or in part, without our prior written consent, and any purported assignment in breach of this provision is void. We may assign these Terms in connection with a merger, acquisition, reorganization, or sale of all or substantially all of our assets.
  • Force majeure. Neither party will be liable for any delay or failure to perform (other than payment obligations) caused by events outside its reasonable control, including: acts of God, fire, flood, earthquake, severe weather, pandemic or epidemic, war, armed conflict, terrorism, civil unrest, riot, sabotage, strike or other labor action, supply-chain failure, internet or telecommunications failure, cloud-provider or hosting-provider outage, blockchain network outage or reorganization, cyber attack or distributed denial-of-service attack, cryptographic break of an underlying primitive, government action, regulator-mandated suspension, embargo, or change of law (each, a “Force Majeure Event”). The affected party will give prompt notice of the Force Majeure Event and use reasonable efforts to mitigate. If a Force Majeure Event continues for more than 60 consecutive days, either party may terminate the affected Services on written notice without liability, subject to Sections 19 and 21.
  • Headings. Section headings are for convenience only and do not affect interpretation.

27. Contact us

Zafeguard Inc.
hello@zafeguard.com