Terms of Service

1. Who these terms are between

These Terms of Service (“Terms”) form a binding agreement between Complira Ltd, a company incorporated in Ireland under company number 815262, with registered office at 20 Harcourt Street, Dublin, D02H364, Ireland (“Complira”, “we”, “us”, “our”), and the organisation that has subscribed to use our service (“Customer”, “you”, “your”). The individual who accepts these Terms on behalf of the Customer warrants that they have authority to bind the Customer.

By creating an account, accepting an Order Form, or using the Service, you agree to be bound by these Terms.

If you do not agree to these Terms, do not use the Service.

2. The service we provide

Complira provides EU AI Act compliance infrastructure, including:

• A software development kit (SDK) that customers integrate into their AI-powered products to log AI interactions
• A web-based dashboard for human oversight, review workflows, and incident management
• Tamper-evident audit trail storage meeting EU AI Act Article 19 record-keeping requirements
• Tooling to support regulator access under EU AI Act Article 74(12)
• Sub-processor management, data export, and compliance reporting features

The specific functionality available to you depends on the subscription tier set out in your Order Form. We may release new features or update existing ones over time. We will provide reasonable notice of changes that materially reduce functionality you are using.

3. Your account

3.1 Eligibility

You may create an account only if you are using the Service for legitimate business purposes on behalf of an organisation. The Service is not available to individuals acting as consumers, and is not available to organisations whose use of AI is unlawful in their jurisdiction.

3.2 Authorised use

You are responsible for ensuring that everyone who uses the Service through your account is authorised by you to do so, and that they comply with these Terms. You remain responsible for their actions.

3.3 Account security

You are responsible for keeping your account credentials secure. You must enforce multi-factor authentication for every user with dashboard access (we require this at the technical level). You must notify us immediately at security@complira.io if you suspect unauthorised use of your account.

3.4 Accurate information

You must provide accurate information when creating your account and keep it up to date. This includes billing contacts, technical contacts, and the primary contact for breach notifications.

4. Acceptable use

You agree to use the Service only for lawful purposes and in compliance with these Terms. You will not:

• Submit data to the Service that you are not authorised to process under applicable law
• Use the Service to violate the rights of third parties, including privacy, intellectual property, and data protection rights
• Attempt to reverse engineer, decompile, or extract source code from the Service except to the extent permitted by mandatory law
• Probe, scan, or test the vulnerability of the Service or attempt to circumvent its security mechanisms (legitimate security research must be reported via security@complira.io)
• Use the Service to transmit malware, conduct denial-of-service attacks, or interfere with the operation of the Service for other customers
• Resell, sublicense, or commercially exploit the Service except as expressly permitted under your subscription tier
• Submit content that is illegal, defamatory, infringing, or that you have no right to submit

We reserve the right to suspend access without notice if we reasonably believe these Acceptable Use restrictions are being violated, with details and an opportunity to remediate provided as soon as practical.

5. Customer data

5.1 Ownership

You retain ownership of all data you submit to the Service, including AI prompts and outputs, organisation configuration, review records, and account data (“Customer Data”). We claim no ownership rights over Customer Data.

5.2 Our role

For Customer Data that contains personal data, we act as your Data Processor and you act as the Data Controller. Our standard Data Processing Agreement is available on request from privacy@complira.io.

5.3 What we do with Customer Data

We process Customer Data only:

• To provide and maintain the Service
• To comply with your documented instructions, including reasonable instructions you give through the dashboard interface
• To detect, prevent, and address technical issues, security incidents, and acceptable use violations
• To meet legal obligations that apply to us as a data processor

We do not use Customer Data to train machine learning models, generate analytics about your business that we use commercially, or for any purpose unrelated to providing the Service.

5.4 Your obligations regarding Customer Data

You warrant that you have the right to submit Customer Data to the Service and that doing so does not violate the rights of any third party. You are responsible for obtaining any necessary consents, providing any required notices, and otherwise meeting your obligations as Data Controller for the Customer Data you submit.

5.5 Data export and deletion

You can export your Customer Data through the dashboard at any time during your subscription. Following termination of your subscription, you have 90 days to export your data before it is permanently deleted, in accordance with the Data Retention Policy. We can provide additional export assistance on request, subject to reasonable fees for non-routine exports.

6. Our obligations

We commit to:

• Provide the Service with reasonable care and skill
• Maintain the security measures described in our Security Overview at complira.io/security
• Manage our sub-processors in accordance with our Sub-processor Change Notification Policy, including 30 days advance notice for material sub-processor changes
• Notify you of personal data breaches affecting your Customer Data without undue delay and in any event within 72 hours of becoming aware
• Comply with our obligations as a Data Processor under the Data Processing Agreement
• Use commercially reasonable efforts to keep the Service available, recognising that no online service can guarantee 100% availability

We do not commit to a specific uptime percentage at this time. As Complira matures, we expect to introduce service level commitments for enterprise customers; these will be set out in separate Service Level Agreements.

7. Your obligations

You agree to:

• Pay the fees set out in your Order Form on time and in accordance with our billing terms
• Use the Service only for purposes consistent with these Terms and applicable law
• Maintain the security of your account and credentials
• Submit only Customer Data that you are authorised to process
• Cooperate with us reasonably to investigate security incidents, technical issues, and acceptable use questions
• Provide accurate and current contact information for billing, technical, security, and breach notification purposes

8. Fees and payment

8.1 Fees

Fees for the Service are as set out in your Order Form or, where applicable, on the subscription page at complira.io. Fees are exclusive of VAT and other applicable taxes, which will be added where required.

8.2 Payment terms

Unless otherwise specified in your Order Form, fees are payable annually in advance. Payment is processed through Stripe (subject to Irish company formation completion) or via invoice for enterprise customers. Invoices are due within 30 days of issue.

8.3 Late payment

If you fail to pay fees when due, we may suspend the Service after providing 14 days written notice and an opportunity to cure. Suspended accounts retain their data for the duration of the 90-day grace period, after which deletion proceeds in accordance with the Data Retention Policy.

8.4 Fee changes

We may change our fees with at least 60 days written notice. Fee changes take effect at the start of your next renewal term. If you do not agree to a fee change, you may terminate your subscription effective at the end of your current term in accordance with Section 9.

9. Term and termination

9.1 Initial term

Unless otherwise specified in your Order Form, your subscription has an initial term of 12 months commencing on the date you first access the Service.

9.2 Auto-renewal

Your subscription will automatically renew for successive 12-month terms unless either party gives written notice of non-renewal at least 60 days before the end of the then-current term.

9.3 Termination for cause

Either party may terminate immediately by written notice if the other party:

• Materially breaches these Terms and fails to cure the breach within 30 days of receiving written notice
• Becomes insolvent, enters administration, or ceases to do business
• Commits a serious or repeated breach of applicable law in connection with the Service

9.4 Termination for convenience

You may terminate without cause at the end of your then-current annual term by giving 60 days notice. Mid-term termination for convenience is not available except where these Terms expressly provide for it (such as Section 8.4 fee changes or Section 12.4 material change to limitation of liability).

We may terminate without cause by giving you at least 90 days written notice, in which case we will refund any prepaid fees covering the period after termination.

9.5 Effect of termination

On termination:

• Your access to the Service ends on the effective termination date
• You retain access to data export for 90 days following termination
• Customer Data is permanently deleted at the end of the 90-day grace period unless you have arranged extended retention
• Each party returns or destroys the other party’s confidential information except where retention is required by law
• Provisions intended by their nature to survive (including ownership, limitation of liability, governing law) survive termination

10. Intellectual property

10.1 Our intellectual property

Complira and its licensors own all intellectual property rights in the Service, including the dashboard interface, SDK, documentation, and any improvements or modifications. We grant you a non-exclusive, non-transferable, revocable licence to use the Service for the duration of your subscription, solely for your internal business purposes.

10.2 Your intellectual property

You retain all intellectual property rights in your Customer Data. You grant us a limited, non-exclusive licence to process Customer Data solely as necessary to provide the Service and as set out in the Data Processing Agreement.

10.3 Feedback

If you provide feedback or suggestions about the Service, you grant us a non-exclusive, perpetual, royalty-free licence to use that feedback to improve the Service. We are under no obligation to implement any feedback.

10.4 Third-party rights

The Service incorporates open source and third-party software. Use of these components may be subject to additional licence terms which we make available on request.

11. Confidentiality

Each party may have access to information that is confidential to the other (“Confidential Information”). Confidential Information includes Customer Data, business and technical information, pricing, and any information that a reasonable person would understand to be confidential from the context of disclosure.

Each party agrees to:

• Use Confidential Information only as necessary to perform under these Terms
• Protect Confidential Information with the same degree of care it uses for its own confidential information of similar sensitivity, and in no event with less than reasonable care
• Disclose Confidential Information only to employees, contractors, and advisors who need it and who are bound by confidentiality obligations at least as protective as these

Confidentiality obligations do not apply to information that is publicly known through no fault of the receiving party, was independently developed, was rightfully received from a third party, or is required to be disclosed by law (with reasonable advance notice to the other party where permitted).

These confidentiality obligations survive termination for a period of five years, except for trade secrets, which remain protected for as long as they qualify as such.

12. Warranties and disclaimers

12.1 Mutual warranties

Each party warrants that it has the legal capacity and authority to enter into these Terms and to perform its obligations under them.

12.2 Our warranties

We warrant that we will provide the Service with reasonable care and skill, in accordance with applicable law, and consistent with industry standards for similar services.

12.3 Disclaimers

To the maximum extent permitted by law, except as expressly stated in these Terms, the Service is provided “as is” and “as available”. We disclaim all other warranties, express or implied, including warranties of merchantability, fitness for a particular purpose, non-infringement, and any warranty arising from course of dealing or usage of trade.

12.4 Material changes

If we make a material adverse change to the Service that significantly reduces functionality you are actively using, you may terminate your subscription effective at the date of the change and receive a pro-rata refund of prepaid fees.

13. Limitation of liability

13.1 Liability cap

To the maximum extent permitted by law, each party’s total aggregate liability arising out of or related to these Terms is limited to the fees paid by the Customer to Complira in the 12 months preceding the event giving rise to the claim.

13.2 Excluded damages

Neither party is liable for indirect, incidental, consequential, or punitive damages, or for lost profits, lost revenue, lost data, or business interruption, even if advised of the possibility of such damages.

13.3 Carve-outs

The limitations in Sections 13.1 and 13.2 do not apply to:

• Liability for death or personal injury caused by negligence
• Liability for fraud or fraudulent misrepresentation
• Liability for gross negligence or wilful misconduct
• Liability that cannot be excluded or limited under applicable law (including under Irish and EU consumer protection law where it applies)
• A party’s indemnification obligations under Section 14
• Breach of confidentiality obligations under Section 11
• Customer’s obligation to pay fees

13.4 Basis of the bargain

You acknowledge that the limitations in this Section 13 are an essential element of the bargain between us, and that the fees we charge reflect this allocation of risk.

14. Indemnification

14.1 Indemnity by Complira

We will defend you against any third-party claim alleging that the Service, used in accordance with these Terms, infringes that third party’s intellectual property rights, and we will pay damages and reasonable costs awarded against you in any such claim or settlement.

If we believe the Service may infringe, we may at our option modify the Service to be non-infringing, obtain a licence to continue providing the Service, or terminate the affected subscription and refund any prepaid fees.

14.2 Indemnity by Customer

You will defend us against any third-party claim arising from your use of the Service in violation of these Terms, your breach of warranties about Customer Data, or your violation of applicable law, and you will pay damages and reasonable costs awarded against us in any such claim or settlement.

14.3 Indemnification process

The indemnified party must promptly notify the indemnifying party of any claim, give the indemnifying party sole control of the defence and settlement, and provide reasonable cooperation. The indemnifying party may not settle any claim without the indemnified party’s consent if the settlement requires the indemnified party to admit liability or take any action.

15. Data protection

The processing of personal data through the Service is governed by our Data Processing Agreement, which is incorporated into these Terms by reference. To the extent of any conflict between these Terms and the DPA in respect of personal data, the DPA prevails.

The Privacy Policy at complira.io/privacy describes how we handle personal data in our role as Data Controller. The DPA covers our role as Data Processor for Customer Data.

16. Governing law and jurisdiction

These Terms are governed by the laws of Ireland.

Any dispute arising out of or in connection with these Terms is subject to the exclusive jurisdiction of the courts of Ireland, except that either party may seek urgent injunctive relief in any court of competent jurisdiction.

Nothing in these Terms restricts your right under applicable law to bring proceedings in your local courts where required by mandatory law.

17. General provisions

17.1 Entire agreement

These Terms, together with the Data Processing Agreement, the Privacy Policy, the Acceptable Use restrictions in Section 4, and any Order Form executed between us, constitute the entire agreement between the parties and supersede all prior agreements and understandings.

17.2 Amendments

We may amend these Terms by giving you at least 60 days written notice. Material amendments take effect at the start of your next renewal term. If you do not agree to a material amendment, you may terminate effective at the end of your current term.

Non-material amendments (clarifications, typo corrections, contact information updates) may be made without notice.

17.3 Notices

Notices to Complira must be sent to legal@complira.io and copied to thomas@complira.io. Notices to Customer will be sent to the primary contact email on file.

17.4 Force majeure

Neither party is liable for failure to perform due to causes beyond reasonable control, including acts of God, war, terrorism, civil unrest, government action, pandemic, or failure of essential infrastructure. The affected party must notify the other promptly and use reasonable efforts to resume performance.

17.5 Assignment

Neither party may assign these Terms without the other’s written consent, except that either party may assign to an affiliate or in connection with a merger, acquisition, or sale of substantially all of its assets. Any unauthorised assignment is void.

17.6 Severability

If any provision of these Terms is held unenforceable, the remaining provisions remain in full force and effect, and the unenforceable provision will be modified to the minimum extent necessary to make it enforceable.

17.7 No waiver

Failure to enforce any provision of these Terms is not a waiver of the right to enforce it later.

17.8 Independent contractors

The parties are independent contractors. Nothing in these Terms creates a partnership, joint venture, agency, or employment relationship.

17.9 Third-party beneficiaries

These Terms do not create rights for any third party.

18. Contact

For questions about these Terms, contact privacy@complira.io.