# Thauth Terms of Service _Last Updated: April 22, 2026_ These Terms of Service (“Terms”) constitute a legally binding agreement between you (“Customer”, “you”) and Thauth (“Thauth”, “we”, “us”, or “our”) governing your access to and use of the Thauth platform, APIs, dashboard, and related services (collectively, the “Service”). By accessing or using the Service, you agree to be bound by these Terms. --- ## 1. Definitions “Affiliate” means any entity that directly or indirectly controls, is controlled by, or is under common control with a party. “Authorization Decision” means a deterministic allow or deny response generated by the Service. “API Key” means a credential issued by Thauth that enables authenticated access to the Service. “Customer Data” means all data submitted to or processed by the Service on behalf of Customer, including subject identifiers, authorization rules, and metadata. “Documentation” means any official technical or user documentation provided by Thauth. “End Users” means individuals whose identifiers are included in Customer Data. “Service” means the Thauth platform, APIs, and dashboard. --- ## 2. License and Access Rights Subject to these Terms, Thauth grants Customer a limited, non-exclusive, non-transferable, non-sublicensable right to access and use the Service during the applicable subscription term. Customer shall not: - Copy, modify, or create derivative works of the Service - Reverse engineer or attempt to extract source code - Resell or sublicense the Service unless explicitly authorized --- ## 3. Service Description The Service provides authorization infrastructure enabling Customers to define access control logic and retrieve Authorization Decisions via API. **Thauth does not enforce Authorization Decisions.** Customer is solely responsible for implementing and enforcing such decisions within its systems. --- ## 4. Customer Responsibilities Customer is solely responsible for: - Enforcing Authorization Decisions - Designing and operating its application logic - Ensuring compliance with applicable laws - The accuracy and legality of Customer Data Customer represents and warrants that it has all necessary rights to submit and process Customer Data. --- ## 5. Account Security and API Keys Customer shall: - Maintain confidentiality of credentials - Restrict access to authorized personnel - Immediately revoke compromised API Keys Customer is responsible for all activities conducted using its credentials. --- ## 6. Data Ownership As between the parties: - Customer retains all rights in Customer Data - Thauth retains all rights in the Service and underlying technology Thauth may process Customer Data solely to provide and improve the Service. --- ## 7. Data Protection To the extent personal data is processed: - Customer acts as Data Controller - Thauth acts as Data Processor Processing is governed by the: - Privacy Policy - Data Processing Agreement (DPA) --- ## 8. Subprocessors Customer acknowledges that Thauth may engage subprocessors, including: - Contabo (hosting) - Polar (payment processing) - Resend (email delivery) Thauth remains responsible for subprocessors’ obligations. --- ## 9. Fees and Payment - Fees are billed via Polar (Merchant of Record) - All fees are non-refundable unless required by law - Failure to pay may result in suspension or termination --- ## 10. Service Levels Unless otherwise agreed in writing, the Service is provided without any uptime or availability guarantees. --- ## 11. Logging and Monitoring Thauth may collect and analyze logs and metadata to: - Maintain security - Detect abuse - Improve performance --- ## 12. Acceptable Use Customer shall not: - Use the Service for unlawful purposes - Interfere with Service integrity - Attempt unauthorized access - Introduce malicious code --- ## 13. Suspension Thauth may suspend access if: - Customer violates these Terms - Customer usage threatens security or stability - Required by law or regulation --- ## 14. Term and Termination These Terms remain in effect until terminated. Upon termination: - Access to the Service is revoked - Customer Data may be deleted after a reasonable retention period --- ## 15. Intellectual Property All rights in the Service, including software, infrastructure, and documentation, remain the exclusive property of Thauth. No rights are granted except as explicitly stated. --- ## 16. Beta Features Thauth may provide beta or experimental features: - Provided “as is” - May be modified or discontinued at any time - No guarantees or support obligations apply --- ## 17. Disclaimer of Warranties THE SERVICE IS PROVIDED “AS IS” AND “AS AVAILABLE”. THAUTH DISCLAIMS ALL WARRANTIES, INCLUDING: - MERCHANTABILITY - FITNESS FOR A PARTICULAR PURPOSE - NON-INFRINGEMENT --- ## 18. Limitation of Liability TO THE MAXIMUM EXTENT PERMITTED BY LAW: - THAUTH SHALL NOT BE LIABLE FOR INDIRECT, INCIDENTAL, OR CONSEQUENTIAL DAMAGES - TOTAL LIABILITY SHALL NOT EXCEED AMOUNTS PAID IN THE PRIOR 12 MONTHS --- ## 19. Indemnification Customer shall indemnify Thauth against claims arising from: - Customer Data - Customer’s use of the Service - Violations of these Terms --- ## 20. Export Compliance Customer agrees to comply with all applicable export control and sanctions laws. --- ## 21. Force Majeure Neither party shall be liable for failure due to events beyond reasonable control. --- ## 22. Assignment Customer may not assign these Terms without prior written consent. Thauth may assign freely in connection with a merger or sale. --- ## 23. Entire Agreement These Terms constitute the entire agreement between the parties. --- ## 24. Severability If any provision is invalid, the remainder shall remain in effect. --- ## 25. Survival Sections relating to liability, IP, indemnification, and data shall survive termination. ---