Legal
Terms of Service
Effective date: January 1, 2025 · Last updated: April 2025
These Terms govern your access to and use of the AlektroAI API and services. Please read them carefully. By using the Services you agree to be bound by these Terms and our Privacy Policy.
1. Acceptance of Terms
By accessing or using the AlektroAI API and related services ("Services"), you agree to be bound by these Terms of Service ("Terms"). If you are entering into these Terms on behalf of a company or other legal entity, you represent that you have the authority to bind that entity. If you do not agree to these Terms, do not use the Services.
2. Description of Services
AlektroAI provides programmatic access to AI-powered security capabilities via a REST and gRPC API, including: real-time threat detection, anomaly scoring, content moderation, vulnerability scanning, malware classification, and authentication risk scoring. Services are provided under the tier selected at sign-up (Growth, Enterprise, or Platform) and are subject to the usage limits and SLAs associated with that tier.
3. API Usage & Rate Limits
Your use of the API is subject to the call volume, rate limits, and latency SLAs of your selected plan. Growth accounts are limited to 500,000 API calls per month and 100 requests per second (burst). Enterprise accounts receive unlimited monthly volume and up to 10,000 rps. Platform accounts receive custom limits agreed at contract time. Exceeding rate limits will result in throttled responses (HTTP 429). AlektroAI reserves the right to suspend access for sustained abuse of rate limits.
4. Acceptable Use
You agree not to use the Services to: (a) violate any applicable law or regulation; (b) reverse engineer, decompile, or extract AlektroAI's underlying models or training data; (c) submit synthetic adversarial inputs designed to degrade model accuracy or extract model parameters; (d) resell or sublicense API access without a Platform-tier agreement; (e) use the Services to build a product that directly competes with AlektroAI without prior written consent; (f) process data in a way that violates the privacy rights of individuals, including submitting unredacted PII beyond what is strictly necessary for the security analysis requested.
5. Authentication & Security
Access to the API requires valid credentials — API keys for standard integrations or OAuth 2.0 client credentials for enterprise deployments. mTLS is available for service-to-service authentication. You are responsible for keeping your credentials confidential and for all activity that occurs under your account. You must notify AlektroAI immediately at security@alektroai.io if you suspect unauthorized access. AlektroAI will never ask for your API keys via email or support channels.
6. Service Availability & SLAs
AlektroAI targets 99.99% monthly uptime across all production endpoints. Median detection latency is under 100ms for synchronous endpoints (Growth and Enterprise) and under 50ms for Platform-tier deployments. Scheduled maintenance windows will be communicated at least 48 hours in advance. SLA credits for downtime events are governed by your order form or, in the absence of one, AlektroAI's standard SLA addendum available on request.
7. Data Handling
AlektroAI processes the payloads, logs, and files you submit solely to deliver the requested security analysis. AlektroAI does not use customer-submitted data to train or fine-tune its models. Payloads are processed in-memory and are not persisted beyond what is required to generate and return a result. Audit log entries — containing the verdict, confidence score, timestamp, and request metadata — are retained for a default period of 90 days (configurable to up to 7 years on Enterprise and Platform tiers for compliance purposes). For full details on data handling, see the Privacy Policy.
8. Intellectual Property
AlektroAI and its licensors retain all rights, title, and interest in the Services, including all underlying models, algorithms, detection logic, and threat intelligence. These Terms grant you a limited, non-exclusive, non-transferable licence to access the API for your internal security operations or to embed AlektroAI capabilities into your products (Platform tier only). You retain ownership of the data you submit. AlektroAI retains ownership of all aggregated, de-identified insights derived from API usage.
9. Confidentiality
Both parties agree to keep confidential any non-public information disclosed in connection with the Services, including API credentials, detection logic, pricing terms, and technical architecture. This obligation does not apply to information that is publicly available, independently developed, or required to be disclosed by law. Enterprise and Platform customers may request a mutual NDA.
10. Compliance Obligations
AlektroAI maintains SOC 2 Type II certification, with audit evidence available to Enterprise and Platform customers upon request under NDA. AlektroAI's practices are aligned with NIST AI RMF and GDPR/CCPA data minimization principles. Customers operating in regulated industries are responsible for ensuring their use of the Services meets applicable regulatory requirements. AlektroAI will cooperate in good faith with reasonable compliance assessments.
11. Indemnification
You agree to indemnify, defend, and hold harmless AlektroAI and its officers, directors, employees, and agents from any claims, damages, or expenses (including reasonable legal fees) arising from your use of the Services, your violation of these Terms, or your violation of any third-party rights, including privacy rights of individuals whose data you submit.
12. Limitation of Liability
To the maximum extent permitted by applicable law, AlektroAI's total liability for any claim arising out of or relating to the Services shall not exceed the amount you paid to AlektroAI in the twelve months preceding the claim. In no event shall AlektroAI be liable for indirect, incidental, special, consequential, or punitive damages, including loss of revenue, loss of data, or loss of business opportunity, even if AlektroAI has been advised of the possibility of such damages.
13. Termination
Either party may terminate these Terms at any time with 30 days written notice. AlektroAI may suspend or terminate access immediately if you materially breach these Terms, including for non-payment, abuse of rate limits, or violation of the acceptable use policy. Upon termination, your right to access the API ceases immediately. You may request export of your audit log data within 30 days of termination, after which AlektroAI may delete it.
14. Changes to These Terms
AlektroAI may update these Terms from time to time. Material changes will be communicated by email to the address on your account at least 30 days before taking effect. Continued use of the Services after changes take effect constitutes acceptance of the revised Terms.
15. Governing Law
These Terms are governed by the laws of the State of Delaware, United States, without regard to its conflict of laws provisions. Any disputes shall be resolved through binding arbitration under the AAA Commercial Arbitration Rules, except that either party may seek injunctive relief in a court of competent jurisdiction to protect intellectual property or confidential information.
16. Contact
For questions about these Terms, contact AlektroAI at legal@alektroai.io or through the contact form at alektroai.io/contact.