Terms of Service

These Terms of Service (“Terms”) form a binding agreement between you (and the organization you represent) and Kollitech (“Kollitech”, “we”, “us”) governing access to and use of KollGuard (the “Service”), available at kollguard.com. By accessing or using the Service, creating an account, or clicking to accept, you agree to these Terms. If you are using the Service on behalf of an organization, you represent that you are authorized to bind it.

You must be at least 18 years old and able to form a binding contract to use the Service. You are responsible for the accuracy of your registration information, for maintaining the confidentiality of your credentials, and for all activity under your account. Notify us promptly at info@kollitech.com of any unauthorized use or suspected security breach.

KollGuard is a compliance intelligence platform that performs read-only scans of connected GitHub repositories and databases (including Postgres and Supabase) for security gaps, maps findings to frameworks such as SOC 2 and HIPAA, organizes them into projects with per-framework reports, recommends applicable regulations through a compliance advisor, and surfaces AI cost and usage you opt into. We may add, modify, or discontinue features over time and will use reasonable efforts to notify you of material changes.

You retain all rights to the data and credentials you provide (“Customer Data”). You grant us a limited license to process Customer Data solely to provide and improve the Service, including performing the scans you request. You represent and warrant that you are authorized to connect, and to permit KollGuard to scan, every repository, database, and system you add, and that doing so does not violate any law or third-party rights.

For customers acting as data controllers under applicable privacy laws, a Data Processing Addendum (DPA) is available on request. Customers subject to HIPAA who require a Business Associate Agreement (BAA) before using the Service in connection with protected health information may request one. To request a DPA or BAA, contact info@kollitech.com.

You agree not to, and not to permit any third party to:

• scan or attempt to scan any system you are not authorized to assess;
• use the Service to violate any law or infringe any third-party right;
• interfere with, disrupt, or attempt to gain unauthorized access to the Service or its infrastructure;
• reverse engineer, decompile, or attempt to extract source code, except as permitted by law;
• resell, sublicense, or provide the Service to third parties except as expressly permitted; or
• upload malware or use the Service to develop a competing product.

The compliance advisor and other AI-assisted features provide informational guidance only and do not constitute legal, regulatory, or professional advice. KollGuard does not warrant the accuracy or completeness of framework recommendations or scan findings, and use of the Service does not by itself establish compliance with SOC 2, HIPAA, or any other framework. You remain solely responsible for your compliance program and for confirming applicability with qualified counsel or a compliance professional.

KollGuard offers a limited number of free scans (currently your first scan); continued scanning beyond that requires a paid plan, while your existing findings remain accessible. Paid plans are billed in advance on a recurring (e.g., monthly) basis through our payment processor and renew automatically until cancelled. You authorize us and our processor to charge your payment method for applicable fees and taxes. Fees are non-refundable except as required by law or expressly stated. You may cancel at any time through the billing portal; cancellation takes effect at the end of the current billing period unless otherwise stated. We may change pricing on a prospective basis with reasonable notice.

The Service integrates with third-party services (such as GitHub, Supabase, cloud infrastructure, payment processing, and AI providers). Your use of those services is subject to their terms, and we are not responsible for them. You are responsible for any fees or obligations arising from your third-party accounts.

The Service, including its software, design, content, and trademarks (excluding Customer Data), is owned by Kollitech and protected by intellectual property laws. Subject to these Terms, we grant you a limited, non-exclusive, non-transferable, revocable right to access and use the Service for your internal business purposes. No other rights are granted.

If you provide suggestions or feedback about the Service, you grant us a perpetual, irrevocable, royalty-free license to use it without restriction or obligation to you.

Each party may access the other’s confidential information in connection with the Service. The receiving party will protect such information with reasonable care, use it only to perform under these Terms, and not disclose it except to personnel and service providers bound by confidentiality obligations, or as required by law.

These Terms remain in effect while you use the Service. You may stop using the Service and close your account at any time. We may suspend or terminate access if you breach these Terms, fail to pay fees, or to protect the Service or other users. Upon termination, your right to use the Service ceases; we may delete Customer Data after a reasonable period, and provisions that by their nature should survive (including ownership, disclaimers, limitation of liability, and indemnification) will survive.

THE SERVICE IS PROVIDED “AS IS” AND “AS AVAILABLE” WITHOUT WARRANTIES OF ANY KIND, WHETHER EXPRESS, IMPLIED, OR STATUTORY, INCLUDING IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE, AND NON-INFRINGEMENT. We do not warrant that the Service will be uninterrupted, error-free, or secure, or that it will detect all security or compliance gaps.

TO THE MAXIMUM EXTENT PERMITTED BY LAW, KOLLITECH AND ITS SUPPLIERS WILL NOT BE LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, OR PUNITIVE DAMAGES, OR FOR ANY LOSS OF PROFITS, REVENUE, DATA, OR GOODWILL, ARISING OUT OF OR RELATING TO THE SERVICE. OUR TOTAL AGGREGATE LIABILITY FOR ALL CLAIMS RELATING TO THE SERVICE WILL NOT EXCEED THE GREATER OF THE AMOUNTS YOU PAID US IN THE TWELVE (12) MONTHS PRECEDING THE CLAIM OR ONE HUNDRED U.S. DOLLARS (US$100). SOME JURISDICTIONS DO NOT ALLOW CERTAIN LIMITATIONS, SO SOME OF THE ABOVE MAY NOT APPLY TO YOU.

You will defend, indemnify, and hold harmless Kollitech and its officers, employees, and agents from and against any claims, damages, liabilities, and expenses (including reasonable attorneys’ fees) arising from your Customer Data, your use of the Service, your violation of these Terms, or your violation of any law or third-party right, including any claim that you were not authorized to scan a connected system.

These Terms are governed by the laws of the State of California, United States, without regard to its conflict-of-laws rules. The exclusive venue for any dispute not subject to arbitration will be the state or federal courts located in California, and you consent to their jurisdiction. The parties will first attempt to resolve any dispute informally by contacting info@kollitech.com.

We may update these Terms from time to time. Material changes will be posted on this page with an updated effective date and, where appropriate, communicated to you. Your continued use of the Service after changes take effect constitutes acceptance of the updated Terms.

These Terms, together with the Privacy Policy and any order or plan you select, constitute the entire agreement between you and Kollitech regarding the Service. If any provision is held unenforceable, the remaining provisions remain in effect. Our failure to enforce a provision is not a waiver. You may not assign these Terms without our consent; we may assign them in connection with a merger, acquisition, or sale of assets. Neither party is liable for delays or failures caused by events beyond its reasonable control.

Questions about these Terms can be sent to info@kollitech.com.