Legal · Terms
Terms of Service
These Terms of Service ("Terms") govern your access to and use of the Zentric Protocol API and website ("Service"), operated by Zentric Protocol ("we", "us", "our"). By accessing or using the Service, you agree to be bound by these Terms.
1. The Service
Zentric Protocol provides a REST API that analyzes text inputs for prompt injection patterns and personally identifiable information (PII). The Service returns a deterministic verdict, matched signatures, and a signed audit report. It is designed to be used as a security and compliance layer within AI application pipelines.
2. API Keys and Account Access
Access to the API requires a valid API key. You are responsible for keeping your API key confidential. You must not share your key publicly or include it in client-side code. If you believe your key has been compromised, contact us immediately at core@zentricprotocol.com and we will rotate it.
Free tier API keys are limited to 10,000 requests per month. Paid tier limits are as described on the pricing page at the time of subscription.
3. Acceptable Use
You may use the Service for any lawful purpose consistent with these Terms. You must not:
- Use the Service to process data you do not have the right to process
- Attempt to reverse-engineer, circumvent, or probe the detection signatures
- Use the Service to train competing machine learning models without prior written consent
- Resell or sublicense access to the API without prior written consent
- Use the Service in a manner that violates applicable law or the rights of third parties
- Generate excessive load or conduct denial-of-service attacks against the API infrastructure
4. Data and Privacy
Your use of the Service is also governed by our Privacy Policy, which is incorporated into these Terms by reference. In particular: we do not store the content of prompts you submit to the API beyond the time needed to process the request and return a result.
If you are a business using the Service to process data on behalf of your end users, you remain the data controller. We act as a data processor on your behalf for the duration of each API call. A Data Processing Agreement (DPA) is available on request for paid-tier customers.
5. Accuracy and Limitations
The Service uses deterministic signature-based detection. While we publish precision metrics based on internal benchmarks, no detection system achieves 100% accuracy. You acknowledge that:
- The Service may not detect novel or previously unseen attack patterns not covered by the current signature set
- The Service is a complementary security layer, not a complete security solution
- You are responsible for the security architecture of your own application
- GDPR Art.30 audit records generated by the Service document the analysis performed — they do not constitute legal advice or a compliance certification
6. Availability
We aim to maintain high availability of the Service but do not guarantee uninterrupted access. We may perform maintenance, updates, or emergency interventions that temporarily affect availability. We will make reasonable efforts to notify users of planned maintenance in advance.
7. Payment and Subscriptions
Paid tier subscriptions are billed monthly through Stripe. By subscribing, you authorize us to charge your payment method on a recurring basis. You may cancel your subscription at any time; access continues until the end of the current billing period. We do not offer refunds for partial periods except where required by law.
8. Intellectual Property
The Service, including the detection signatures, API design, documentation, and brand assets, is our intellectual property. These Terms do not grant you any ownership rights. You retain ownership of any data you submit to the API.
9. Disclaimer of Warranties
THE SERVICE IS PROVIDED "AS IS" AND "AS AVAILABLE" WITHOUT WARRANTY OF ANY KIND. TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, WE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT.
10. Limitation of Liability
TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, WE SHALL NOT BE LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, OR PUNITIVE DAMAGES ARISING OUT OF OR RELATED TO YOUR USE OF THE SERVICE, INCLUDING BUT NOT LIMITED TO LOSS OF DATA, LOSS OF REVENUE, OR SECURITY INCIDENTS RESULTING FROM UNDETECTED PROMPT INJECTIONS OR PII. OUR TOTAL LIABILITY FOR ANY CLAIM ARISING FROM THESE TERMS OR THE SERVICE SHALL NOT EXCEED THE AMOUNT YOU PAID US IN THE THREE MONTHS PRECEDING THE CLAIM.
11. Indemnification
You agree to indemnify and hold harmless Zentric Protocol from any claims, damages, or expenses (including legal fees) arising from your use of the Service in violation of these Terms or applicable law.
12. Termination
We may suspend or terminate your API access if you violate these Terms, engage in abusive usage, or if we reasonably believe continued access poses a security risk. We will make reasonable efforts to notify you before termination except where immediate action is required.
13. Changes to These Terms
We may update these Terms as the Service evolves. We will notify registered users of material changes by email at least 14 days before they take effect. Continued use of the Service after the effective date constitutes acceptance of the revised Terms.
14. Governing Law
These Terms are governed by the laws of the European Union and applicable member state law. Any disputes arising from these Terms shall be subject to the exclusive jurisdiction of the competent courts.
15. Contact
For questions about these Terms: core@zentricprotocol.com