Terms of Service

For the purposes of these Terms of Service:

• "Xybern," "we," "us," or "our" refers to Xybern Ltd., a company registered in the United Kingdom, and its subsidiaries and affiliates.
• "Services" means the Xybern AI verification API platform, including all software, APIs, endpoints, SDKs, dashboard, tools, features, and related services.
• "API" means the Xybern REST API available at api.xybern.com.
• "API Key" means the authentication credential (Bearer token) issued to you to access the API.
• "Verification" means the process of validating LLM outputs for accuracy, bias, compliance, and provenance.
• "Trust Score" means the deterministic score (0–100) assigned to verified content.
• "Provenance Vault" means the immutable, cryptographically-anchored audit trail for all verifications.
• "User," "you," or "your" refers to any individual or entity accessing or using the Services.
• "Customer Data" means all data, content, documents, and information uploaded, submitted, or generated by you through the Services.
• "Workspace" refers to your dedicated environment within the Services where your team collaborates and data is stored.
• "Enterprise Customer" means an organization that has entered into a separate enterprise agreement with Xybern.
• "Output" means any verification result, trust score, compliance report, bias analysis, or other content returned by the API.

2.1 Agreement to Terms. By creating an account, accessing, or using the Services, you acknowledge that you have read, understood, and agree to be bound by these Terms. If you do not agree, you must not use the Services.

2.2 Authority to Bind. If you are using the Services on behalf of an organization, you represent and warrant that you have the authority to bind that organization to these Terms, and "you" refers to both you individually and the organization.

2.3 Enterprise Agreements. If you have entered into a separate written agreement with Xybern (such as an Enterprise Agreement or Order Form), that agreement shall govern to the extent of any conflict with these Terms.

2.4 Age Requirement. You must be at least 18 years old to use the Services. By using the Services, you represent that you meet this requirement.

2.5 Additional Policies. Your use of the Services is also governed by our Privacy Policy, which is incorporated by reference into these Terms.

3.1 Platform Overview. Xybern provides an AI verification API platform — the control plane for enterprise AI. The Services include:

• Universal LLM output verification (GPT-4, Claude, Gemini, Llama)
• Web evidence grounding and claim-by-claim analysis
• Agent trace verification for LangChain, CrewAI frameworks
• Multi-modal validation (PDF, image OCR, audio transcription)
• Bias mitigation engine with 8-category detection
• Regulatory compliance checking (SEC, GDPR, CCPA, HIPAA, EU AI Act)
• Deterministic scoring with confidence bands
• Provenance Vault with SHA-256 hash chain and HMAC signatures
• PII/PHI detection and redaction
• Prompt injection security scanning
• RAG source attribution
• Sentinel Dashboard for real-time monitoring
• Hallucination detection
• Real-time streaming verification
• Custom knowledge bases
• Adversarial robustness testing

3.2 Verification Results. The Services utilize artificial intelligence, rule engines, and web evidence grounding to produce verification Outputs. You acknowledge that:

• Verification results are based on available evidence and models at the time of verification
• Trust scores are deterministic but should not be the sole basis for critical decisions
• The API does not replace human judgment in regulated decision-making

3.3 Service Modifications. We reserve the right to modify, update, or discontinue any aspect of the Services at any time. We will provide reasonable notice of material changes to Enterprise Customers.

3.4 Beta Features. We may offer beta or experimental features. These are provided "as is" without warranties and may be modified or discontinued without notice.

4.1 Account Creation. To access certain features, you must create an account by providing accurate and complete information. You agree to update your information to keep it current.

4.2 Account Security. You are responsible for:

• Maintaining the confidentiality of your login credentials
• All activities that occur under your account
• Immediately notifying us of any unauthorized access or security breach
• Ensuring that your password meets our security requirements

4.3 Multi-Factor Authentication. Enterprise Customers may be required to implement multi-factor authentication (MFA) as part of their security obligations.

4.4 Single Sign-On (SSO). If you configure SSO through your identity provider, you are responsible for the security and configuration of that integration.

5.1 Your Data. You retain all ownership rights to your Customer Data. We do not claim ownership of any content you upload, submit, or generate through the Services.

5.2 License to Xybern. You grant Xybern a limited, non-exclusive, worldwide license to use, process, and store your Customer Data solely to:

• Provide and maintain the Services
• Improve and develop the Services (using only aggregated, anonymized data)
• Comply with legal obligations
• Enforce these Terms

5.3 No Training on Private Data. We do not use your private Customer Data to train our general-purpose AI models. Your prompts, documents, and outputs remain confidential to your Workspace.

5.4 Output Ownership. Subject to any third-party rights in underlying source materials, you own the Outputs generated through your use of the Services.

5.5 Data Portability. You may export your Customer Data at any time through the available export features. Upon termination, we will provide a reasonable period to export your data.

6.1 Permitted Use. You may use the Services only for lawful purposes and in accordance with these Terms.

6.2 Prohibited Activities. You agree not to:

• Violate any applicable laws, regulations, or third-party rights
• Upload malicious code, viruses, or harmful content
• Attempt to gain unauthorized access to the Services or other users' accounts
• Reverse engineer, decompile, or attempt to extract the source code or model weights
• Circumvent security measures, rate limits, or usage restrictions
• Use the Services to generate illegal, harmful, or misleading content
• Resell, sublicense, or redistribute the Services without authorization
• Interfere with or disrupt the integrity or performance of the Services
• Use automated means to access the Services except through approved APIs
• Impersonate any person or entity or misrepresent your affiliation

6.3 API-Specific Restrictions. In addition to the above, you agree not to:

• Share, publish, or embed API keys in client-side code or public repositories
• Exceed rate limits or attempt to circumvent usage quotas
• Use the API to verify content for the purpose of generating misinformation
• Submit content designed to manipulate or game trust scores
• Use verification results to make fully automated high-stakes decisions without human review

6.4 Regulated Use. If you use verification results for regulated decisions (financial, legal, healthcare), results must be reviewed by qualified professionals. Verification outputs do not constitute professional advice and should not be the sole basis for regulated decisions.

7.1 Xybern IP. The Services, including all software, algorithms, models, designs, trademarks, and documentation, are owned by Xybern and protected by intellectual property laws. Nothing in these Terms grants you any right to use Xybern's trademarks or branding.

7.2 Feedback. If you provide feedback, suggestions, or ideas about the Services, you grant Xybern a perpetual, irrevocable, royalty-free license to use and incorporate such feedback without obligation to you.

7.3 Third-Party Content. The Services may include or reference third-party content, data sources, or integrations. Such content remains the property of the respective owners and is subject to their terms.

8.1 Fees. Certain features of the Services require payment. Fees are specified in your Order Form or the pricing displayed at the time of purchase.

8.2 Payment Method. You authorize us to charge your designated payment method for all applicable fees. You are responsible for providing accurate billing information.

8.3 Taxes. Fees are exclusive of taxes. You are responsible for all applicable taxes, except for taxes based on Xybern's income.

8.4 Late Payment. Overdue amounts may accrue interest at 1.5% per month or the maximum rate permitted by law, whichever is less.

8.5 Refunds. Fees are non-refundable except as expressly stated in your Order Form or required by law.

8.6 Price Changes. We may change our fees upon 30 days' notice. Price changes will not affect the current billing period for existing subscriptions.

8.7 Usage-Based Billing. API usage may be billed based on the number of verification requests, endpoints called, and volume of content processed, as specified in your plan or Order Form.

8.8 Rate Limits. Each plan includes defined rate limits. Exceeding rate limits may result in throttled requests or overage charges as specified in your plan.

9.1 Confidential Information. Each party agrees to protect the other's Confidential Information with the same degree of care it uses to protect its own confidential information, but no less than reasonable care.

9.2 Definition. "Confidential Information" includes Customer Data, business plans, technical data, product plans, and any information designated as confidential.

9.3 Exclusions. Confidential Information does not include information that: (a) is or becomes publicly available; (b) was known prior to disclosure; (c) is independently developed; or (d) is rightfully received from a third party.

9.4 Required Disclosure. A party may disclose Confidential Information if required by law, provided it gives reasonable notice and cooperates in seeking protective measures.

10.1 Our Warranties. Xybern warrants that:

• The Services will perform substantially as described in the documentation
• We will use commercially reasonable efforts to maintain service availability
• We have implemented appropriate security measures to protect Customer Data

10.2 Disclaimer. EXCEPT AS EXPRESSLY PROVIDED, THE SERVICES ARE PROVIDED "AS IS" AND "AS AVAILABLE." WE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT.

10.3 AI Limitations. We do not warrant that AI-generated Outputs will be accurate, complete, or suitable for any particular purpose. You are solely responsible for evaluating and verifying Outputs before reliance.

10.4 Third-Party Services. We make no warranties regarding third-party services, connectors, or integrations.

11.1 Exclusion of Damages. TO THE MAXIMUM EXTENT PERMITTED BY LAW, NEITHER PARTY SHALL BE LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, OR PUNITIVE DAMAGES, INCLUDING LOSS OF PROFITS, DATA, OR BUSINESS OPPORTUNITIES.

11.2 Liability Cap. XYBERN'S TOTAL LIABILITY FOR ALL CLAIMS ARISING FROM THESE TERMS SHALL NOT EXCEED THE GREATER OF: (A) THE FEES PAID BY YOU IN THE 12 MONTHS PRECEDING THE CLAIM, OR (B) $100 USD.

11.3 Exceptions. These limitations do not apply to: (a) breaches of confidentiality obligations; (b) indemnification obligations; (c) violations of intellectual property rights; or (d) gross negligence or willful misconduct.

11.4 Basis of the Bargain. The limitations in this section reflect the allocation of risk between the parties and are an essential basis of the bargain.

12.1 Your Indemnification. You agree to indemnify, defend, and hold harmless Xybern and its officers, directors, employees, and agents from any claims, damages, losses, and expenses (including reasonable legal fees) arising from:

• Your use of the Services
• Your Customer Data
• Your violation of these Terms
• Your violation of any third-party rights

12.2 Xybern Indemnification. Xybern will defend you against claims that the Services infringe a third party's intellectual property rights, and will indemnify you for damages finally awarded, provided you give prompt notice and reasonable cooperation.

13.1 Termination by You. You may terminate your account at any time by contacting us or using the account deletion feature. Termination does not entitle you to a refund of prepaid fees.

13.2 Termination by Xybern. We may suspend or terminate your access if:

• You breach these Terms
• Your payment is overdue
• We are required to do so by law
• Your use poses a security risk

13.3 Effect of Termination. Upon termination:

• Your right to access the Services immediately ceases
• You will have 30 days to export your Customer Data
• We will delete your Customer Data within 90 days, unless legally required to retain it
• Sections that by their nature should survive will survive termination

14.1 Your Compliance. You are responsible for ensuring your use of the Services complies with all applicable laws and regulations, including:

• Data protection laws (GDPR, CCPA, etc.)
• Financial services regulations (MiFID II, SEC rules, etc.)
• Legal professional conduct rules
• Industry-specific regulations
• Export control laws

14.2 Xybern Compliance. Xybern maintains compliance with:

• SOC 2 Type II certification
• GDPR requirements for data processors
• Industry-standard security practices
• API-level audit logging for all verification requests
• Provenance Vault cryptographic anchoring for compliance evidence
• Multi-jurisdiction regulatory checking capabilities (note: these are tools, not guarantees of compliance)

14.3 Data Processing Agreement. Enterprise Customers may request a Data Processing Agreement (DPA) for GDPR compliance.

14.4 Audit Rights. Enterprise Customers may have audit rights as specified in their Enterprise Agreement.

15.1 Governing Law. These Terms are governed by the laws of England and Wales, without regard to conflict of law principles.

15.2 Jurisdiction. Any disputes shall be subject to the exclusive jurisdiction of the courts of England and Wales, except that Xybern may seek injunctive relief in any court of competent jurisdiction.

15.3 Alternative Jurisdiction. For US-based Enterprise Customers, the governing law and jurisdiction may be modified by mutual agreement in the Enterprise Agreement.

15.4 Informal Resolution. Before initiating formal proceedings, the parties agree to attempt to resolve disputes informally by contacting legal@xybern.com.

16.1 Modifications. We may modify these Terms at any time. We will provide notice of material changes by email or through the Services at least 30 days before they take effect.

16.2 Acceptance of Changes. Your continued use of the Services after the effective date constitutes acceptance of the modified Terms. If you do not agree to the changes, you must stop using the Services.

16.3 Enterprise Customers. Material changes to Terms for Enterprise Customers will be handled according to the change provisions in their Enterprise Agreement.

For questions about these Terms, please contact us: