Terms of Service

Important notice

These Terms of Service ("Terms") form a binding legal agreement between you ("Customer", "you") and Burrell Digital LTD, a company registered in England and Wales ("Burrell Digital", "we", "us", "our"). The Service is offered strictly on an "as is" and "as available" basis. Please read sections 12 (No Warranties), 13 (Limitation of Liability) and 14 (Indemnity) carefully - they limit our liability and allocate risk to you. If you do not accept these Terms in full, you must not access or use the Service.

1. Acceptance & Eligibility

By accessing, registering for, or using Context Guard (the "Service"), you confirm that you have read, understood and agree to be bound by these Terms, our Privacy Policy and any Data Processing Agreement or order form referencing them (collectively, the "Agreement"). If you are entering into the Agreement on behalf of an organisation, you represent and warrant that you have full authority to bind that organisation, and references to "you" include that organisation. The Service is intended for business and professional use by users aged 18 or over; it is not intended for consumers or for use by minors.

2. The Service

Context Guard is a hosted security and policy-enforcement layer for applications that use large language models ("LLMs") and other generative AI systems. It is provided as a reverse-proxy API and/or SDK that inspects inbound and outbound traffic for indicators such as prompt injection, sensitive data exposure, unsafe tool calls and policy violations. The Service is a defence-in-depth tool only; it does not replace your own security controls, governance, testing, human review, or compliance programme. We may add, modify, deprecate or remove features, models, detectors, endpoints, regions or capabilities at any time. Specific service levels apply only where expressly set out in a written order form signed by us.

3. Accounts, API Keys & Security

You must provide accurate, current and complete registration information and keep it up to date. You are solely responsible for: (a) safeguarding your account credentials, API keys, secrets and tokens; (b) all activity that occurs under your account or using your keys, whether or not authorised by you; (c) configuring the Service appropriately for your use case, including selecting detectors, thresholds, allow/deny lists and routing; and (d) maintaining your own backups, logs and audit trails as required by your obligations. You must notify us immediately at legal@ctx-guard.com of any actual or suspected unauthorised use or compromise. We are not liable for any loss arising from your failure to secure your credentials.

4. Customer Responsibility for Prompts, Data & Use

You are exclusively responsible for: (a) the prompts, inputs, outputs, files, embeddings, metadata, configuration and any other content that you, your users or your systems submit to or receive through the Service ("Customer Data"); (b) ensuring you have all necessary rights, consents and lawful bases to process Customer Data through the Service, including under data protection, intellectual property, confidentiality, employment, consumer-protection, financial-services, healthcare and export-control laws; (c) the decisions, automations, communications, transactions and outputs that you generate using the Service or any LLM you connect through it; and (d) reviewing, validating and supervising any AI-generated output before relying on it. You must not submit data through the Service that you are not permitted to disclose to a third-party processor. We do not act as your professional adviser and the Service does not provide legal, medical, financial, regulatory, safety-critical or other professional advice.

5. Acceptable Use

You agree not to, and not to permit any user or third party to: (a) reverse engineer, decompile, disassemble, translate, or otherwise attempt to derive the source code, models, weights, rules, or non-public components of the Service, except to the extent such restriction is prohibited by mandatory applicable law; (b) probe, scan, stress-test, benchmark, fuzz, scrape, crawl or attempt to bypass, defeat or evade the security, rate limits or detection capabilities of the Service without our prior written consent; (c) use the Service to develop, train, fine-tune or evaluate any product or service that competes with Context Guard, or to extract data for that purpose; (d) use the Service to transmit malware, infringing material, unlawful content, child sexual abuse material, content that incites violence or terrorism, harassment, deceptive deepfakes, or content that violates third-party rights or applicable law; (e) use the Service in connection with safety-critical, life-supporting, weapons, nuclear, aviation control, or other high-risk activities where failure could cause death, serious personal injury, severe environmental harm or major financial loss; (f) resell, sublicense, white-label, time-share, lease or otherwise make the Service available to third parties except as expressly permitted in writing; or (g) remove or obscure any proprietary notices. We may publish, update and enforce a more detailed Acceptable Use Policy from time to time, which forms part of these Terms.

6. Third-Party Models, Providers & Dependencies

The Service relies on, integrates with and routes traffic to or from third-party model providers, cloud infrastructure, data sources and software (collectively, "Third-Party Services"), including but not limited to OpenAI, Anthropic, Google, Microsoft Azure, AWS and other LLM and infrastructure vendors. Third-Party Services are provided by independent operators under their own terms, pricing, content policies and availability commitments, over which we have no control. We make no representation or warranty regarding any Third-Party Service and are not responsible or liable for: (i) their availability, performance, accuracy, content, security, latency or pricing; (ii) any change, suspension, deprecation or discontinuation of any model, endpoint, feature or region; (iii) any output produced by, or decision made by, any third-party model; or (iv) any breach by you of any Third-Party Service's terms. You are responsible for maintaining your own contracts and credentials with Third-Party Services, and for any costs incurred with them. Where the Service is unable to function because of a Third-Party Service's actions, outage or change, our sole obligation is to use commercially reasonable efforts to restore comparable functionality. We do not use traffic routed through the Service to train, fine-tune, benchmark or evaluate any general-purpose AI model, as further described in our Privacy Policy and Data Processing Agreement.

7. Security Disclaimer & No Guarantee of Threat Detection

Security is probabilistic and adversarial. While the Service is designed to help reduce certain categories of risk, you acknowledge and agree that: (a) we do not and cannot guarantee that the Service will detect, prevent, block, classify, redact or mitigate any specific prompt injection, jailbreak, exfiltration attempt, hallucination, data leak, policy violation, malicious input, malicious output, or other threat; (b) detection results, scores, classifications and policy decisions may include false positives and false negatives, and may change as detectors and models evolve; (c) novel, adversarial or evolving attack techniques may bypass the Service; (d) the Service is one component of a defence-in-depth strategy and must not be relied upon as a sole or sufficient security control; and (e) you are responsible for designing, testing, monitoring and auditing your overall security posture, including human review of high-risk outputs. To the maximum extent permitted by law, we disclaim all liability arising from any failure of the Service to detect, prevent or mitigate any threat or harmful output.

8. Free Trials, Beta & Preview Features

From time to time we may offer free trials, free tiers, evaluation accounts, preview features, alpha or beta releases, or features designated as "experimental" (collectively, "Trial & Beta Features"). Trial & Beta Features are provided strictly on an "as is" and "as available" basis for evaluation only, may be unstable, may change or be removed without notice, may have lower throughput or rate limits, and are not covered by any service level commitment, security commitment, support commitment or indemnity. To the maximum extent permitted by law, our total aggregate liability arising out of or relating to Trial & Beta Features (including any free tier) is limited to one hundred British pounds (£100). We may discontinue any Trial & Beta Feature, or convert it to a paid feature, at any time.

9. Fees, Subscriptions & Taxes

Paid plans are billed on a subscription basis at the rates published on our website or set out in your order form. Unless expressly stated otherwise: (a) fees are quoted exclusive of VAT and other taxes, which you are responsible for paying; (b) subscriptions automatically renew for successive periods of equal length until cancelled in accordance with these Terms or your order; (c) usage-based, overage, metered or token-based fees are charged in arrears based on our measurements, which are the authoritative record absent manifest error; (d) all fees are non-refundable and pre-paid amounts are non-creditable except where required by mandatory applicable law; (e) we may change pricing on at least thirty (30) days' notice, with changes taking effect at your next renewal; and (f) overdue amounts accrue interest at the lower of 4% above the Bank of England base rate or the maximum rate permitted by law, and we may suspend the Service for non-payment without further notice. You authorise us and our payment processors to charge your designated payment method for all amounts due.

10. Suspension

We may suspend, throttle, restrict or revoke all or part of your access to the Service immediately and without prior notice if we reasonably believe that: (a) your account or use poses a security, legal, reputational or operational risk to us, our other customers, our infrastructure or any Third-Party Service; (b) you have breached these Terms, our Acceptable Use Policy or any applicable law; (c) you have failed to pay amounts when due; (d) suspension is required by a court order, regulatory authority, sanctions regime or competent law-enforcement request; or (e) a Third-Party Service has revoked, restricted or otherwise affected our ability to provide the Service. We will use reasonable efforts to notify you of a suspension where lawfully able to do so. Suspension does not relieve you of your payment obligations and we are not liable for any loss arising from a suspension exercised in accordance with this section.

11. Term & Termination

The Agreement starts when you first access the Service or sign an order form and continues until terminated. Either party may terminate a subscription for convenience at the end of the then-current billing period by giving notice through the in-product cancellation flow or in writing. We may terminate or refuse to renew the Agreement, or any portion of it, immediately on written notice if you: (a) materially breach these Terms and fail to cure within fourteen (14) days of notice (or immediately for breaches that are not capable of cure, including breaches of sections 4, 5, 9, 15 or 16); (b) become insolvent, enter administration, make an arrangement with creditors, or are subject to similar proceedings; or (c) engage in conduct that, in our reasonable opinion, is likely to bring us, our other customers or any Third-Party Service into disrepute. On termination, your right to access the Service ends and you remain liable for all accrued fees. Within thirty (30) days of termination you may request the return or deletion of Customer Data by emailing legal@ctx-guard.com; we will return or delete it within ninety (90) days of that request as set out in our Data Processing Agreement. If no request is made within that thirty-day window, we may delete Customer Data thereafter, save where retention is required by law or expressly agreed in writing. Sections 4, 5, 6, 7, 9, 12, 13, 14, 15, 16, 17, 18, 20, 21 and 22 survive termination.

12. No Warranties - As-Is Service

To the maximum extent permitted by applicable law, the Service, all detectors, all outputs, all documentation and any related materials are provided strictly "as is" and "as available", with all faults and without warranty of any kind. We expressly disclaim all warranties, conditions, representations and terms, whether express, implied, statutory or otherwise, including any warranty of merchantability, satisfactory quality, fitness for a particular purpose, accuracy, completeness, reliability, security, non-infringement, freedom from defects or vulnerabilities, uninterrupted or error-free operation, that the Service will detect or prevent any specific threat, that any output is accurate, lawful or appropriate, or any warranty arising from course of dealing or usage of trade. No advice or information obtained from us creates any warranty not expressly stated in these Terms. Some jurisdictions do not allow the exclusion of certain warranties; in such jurisdictions our liability is limited to the maximum extent permitted by law.

13. Limitation of Liability

Nothing in these Terms limits or excludes any liability that cannot be limited or excluded under applicable law (including, in England and Wales, liability for death or personal injury caused by negligence and liability for fraud or fraudulent misrepresentation). Subject to that:

(a) Excluded losses. In no event will we, our affiliates, officers, directors, employees, contractors, suppliers or licensors be liable to you or any third party for any indirect, incidental, special, exemplary, punitive or consequential loss or damage; or for any loss of profits, revenue, business, goodwill, anticipated savings, data, data integrity, customers, contracts, use, opportunity, reputation, or for any cost of substitute goods or services, in each case arising out of or in connection with the Agreement or the Service, however caused and under any theory of liability (including contract, tort, negligence, strict liability or otherwise), even if we have been advised of the possibility of such loss.

(b) Aggregate cap. Our total aggregate liability to you arising out of or in connection with the Agreement and the Service in any twelve (12) month period will not exceed the lesser of (i) the fees actually paid by you to us under the Agreement in the twelve (12) months immediately preceding the first event giving rise to the liability, or (ii) one thousand British pounds (£1,000). For Trial & Beta Features and any free use of the Service, the cap in section 8 applies instead.

(c) Allocation of risk. You acknowledge that the fees reflect this allocation of risk and that we would not provide the Service without these limitations.

14. Indemnity by Customer

You will defend, indemnify and hold harmless Burrell Digital LTD, its affiliates and their respective officers, directors, employees, contractors and agents from and against any and all claims, demands, investigations, proceedings, fines, penalties, losses, damages, liabilities, settlements, costs and expenses (including reasonable legal fees) arising out of or relating to: (a) Customer Data, including any allegation that Customer Data infringes, misappropriates or violates any intellectual property right, privacy right, publicity right, confidentiality obligation or applicable law; (b) your use of, or inability to use, the Service, or any output generated through it; (c) your use of any Third-Party Service or any breach by you of any Third-Party Service's terms; (d) your breach of these Terms or applicable law; (e) any claim by your end users, customers or affiliates; or (f) any combination of the Service with any product, service, data or process not provided by us. We will give you reasonable notice of any claim, allow you to control the defence (subject to our right to participate with counsel of our choice at our expense) and provide reasonable assistance at your cost. You may not settle any claim that imposes any obligation or admission on us without our prior written consent.

15. Confidentiality

Each party (the "Receiving Party") may receive non-public information of the other party (the "Disclosing Party") that is marked or reasonably understood to be confidential ("Confidential Information"). Our Confidential Information includes the Service, our pricing, non-public documentation, detector logic, rule sets, prompts, system configurations, security findings and product roadmap. The Receiving Party will: (a) use Confidential Information only as needed to exercise its rights and perform its obligations under the Agreement; (b) protect it using at least the same degree of care it uses for its own confidential information of similar importance, and no less than a reasonable standard of care; and (c) not disclose it to any third party except to its personnel and professional advisers who have a need to know and are bound by confidentiality obligations no less protective than those in this section. The obligations in this section do not apply to information that is or becomes publicly known through no fault of the Receiving Party, was lawfully known before disclosure, is independently developed without use of the Confidential Information, or is required to be disclosed by law (in which case the Receiving Party will, where lawfully able, give prompt notice to the Disclosing Party). These obligations survive for five (5) years after termination, and indefinitely for trade secrets.

16. Intellectual Property

As between the parties, we and our licensors retain all right, title and interest in and to the Service, including all software, models, detectors, rules, algorithms, user interfaces, documentation, logos, marks, designs, configurations, know-how and any improvements, derivatives, suggestions or feedback (whether or not implemented). No rights are granted by implication, estoppel or otherwise. Subject to the Agreement and your payment of fees, we grant you a limited, non-exclusive, non-transferable, non-sublicensable, revocable licence during the term to access and use the Service for your internal business purposes. You retain all right, title and interest in Customer Data and grant us a worldwide, royalty-free, non-exclusive licence to host, copy, transmit, process, analyse and display Customer Data solely as necessary to provide, secure, monitor, support, improve and develop the Service, to enforce these Terms, to comply with law and to produce de-identified, aggregated statistical data (which we may use for any lawful purpose). If you submit feedback, ideas or suggestions, you assign them to us with full title guarantee, free of any obligation.

17. Data Protection & Privacy

We process personal data in accordance with our Privacy Policy and, where applicable, our Data Processing Agreement ("DPA"), which is incorporated by reference. To the extent we process personal data on your behalf, you are the controller and we are the processor. You are responsible for the lawfulness of all Customer Data, for providing all required notices to data subjects, for obtaining all required consents and for the security of any data you choose to send through the Service. We do not sell personal data. Cross-border transfers, sub-processors and security measures are described in our DPA.

18. Export Controls & Sanctions

You represent and warrant that: (a) you, your affiliates, your beneficial owners and your end users are not located in, ordinarily resident in, organised under the laws of, or owned or controlled by parties in, any country, territory or region subject to comprehensive sanctions administered by the United Kingdom (HMT/OFSI), the United States (OFAC), the European Union, the United Nations or any other relevant authority (currently including Cuba, Iran, North Korea, Syria, the Crimea, Donetsk, Luhansk, Kherson and Zaporizhzhia regions of Ukraine, and any other jurisdiction added from time to time); (b) you are not, and are not acting on behalf of, any party on a denied, restricted or sanctioned-party list (including the UK Consolidated List, OFAC SDN List, EU Consolidated List or equivalent); and (c) you will not use, export, re-export, transfer or make the Service available in violation of any applicable export-control, sanctions, anti-bribery, anti-money-laundering or counter-terrorism law. You will indemnify us for any breach of this section, and we may suspend or terminate immediately on suspected breach.

19. Affiliate Program

Affiliates earn a recurring 20% commission on net monthly revenue actually received and retained by us from each paying customer they refer, for as long as that customer remains active and in good standing. Commission rates are fixed and non-negotiable. Commissions are not payable on taxes, refunds, chargebacks, fraudulent transactions, free or trial usage, internal accounts or self-referrals. Referral codes must not be used in spam, misleading advertising, paid search bidding on our trademarks, malware, adult content, illegal content, or any practice that violates applicable law or platform rules. We may adjust, withhold, claw back, suspend or revoke commissions and affiliate status at any time for actual or suspected abuse, fraud, breach of these Terms or our reputation. We may modify or terminate the affiliate programme at any time on notice. Affiliates are independent contractors and not employees, agents or partners of Burrell Digital.

20. Service Availability & Force Majeure

We strive for high availability but do not guarantee that the Service will be uninterrupted, secure, timely or error-free. We may perform scheduled or emergency maintenance, updates, migrations or modifications, with or without notice. Neither party will be liable for any failure or delay in performance (other than payment obligations) caused by events beyond its reasonable control, including acts of God, fire, flood, earthquake, severe weather, epidemic or pandemic, war, terrorism, civil unrest, riot, sabotage, strike or labour dispute, sanction, embargo or governmental action, internet, telecommunications, electricity or cloud-infrastructure failure, denial-of-service or other malicious-actor attack, third-party model or provider outage, change in law, or any other force majeure event. The affected party will use reasonable efforts to mitigate the effects. If a force majeure event continues for more than sixty (60) consecutive days, either party may terminate the affected order on written notice without liability.

21. Changes to the Service & to These Terms

We may modify, update or discontinue any part of the Service at any time, including features, detectors, models, regions, integrations, rate limits and pricing tiers. We may also amend these Terms at any time by posting an updated version at this page and updating the "Last updated" date. Material changes will, where reasonably practicable, be notified to you by email or in-product notice at least thirty (30) days before they take effect. If you do not accept a change, your sole remedy is to stop using the Service and cancel your subscription before the change takes effect. Continued use of the Service after the effective date constitutes acceptance of the updated Terms.

22. Governing Law, Jurisdiction & Venue

The Agreement, and any non-contractual obligations arising out of or in connection with it, are governed by, and construed in accordance with, the laws of England and Wales, without regard to conflict-of-law rules. The parties submit to the exclusive jurisdiction of the courts of England and Wales for the resolution of any dispute, save that we may bring proceedings to protect our intellectual property, confidential information or seek urgent injunctive relief in any court of competent jurisdiction. The United Nations Convention on Contracts for the International Sale of Goods does not apply.

23. General

Entire agreement. The Agreement is the entire agreement between the parties about the Service and supersedes all prior or contemporaneous understandings. Any terms in your purchase order or other business form are rejected and have no effect.

Order of precedence. If there is a conflict, the order of precedence is: (1) signed order form; (2) DPA; (3) these Terms; (4) any policy or documentation referenced.

Assignment. You may not assign or transfer the Agreement, by operation of law or otherwise, without our prior written consent. We may assign the Agreement freely, including to an affiliate or in connection with a reorganisation, merger, sale of assets or financing.

Severability. If any provision is held unenforceable, it will be modified to the minimum extent necessary to make it enforceable, and the remaining provisions will remain in full effect.

No waiver. A failure or delay in exercising a right is not a waiver of that right.

No third-party rights. A person who is not a party to the Agreement has no right under the Contracts (Rights of Third Parties) Act 1999 to enforce any term.

Notices. Notices to us must be sent to legal@ctx-guard.com; notices to you may be given by email to your account address or by in-product notice. Notices are deemed received on the next business day.

Independent contractors. The parties are independent contractors. The Agreement does not create any agency, partnership, joint venture or employment relationship.

Publicity. We may identify you as a Context Guard customer and use your name and logo in customer lists, subject to your reasonable trademark guidelines.

Not legal advice. These Terms are provided for informational purposes and do not constitute legal advice. You should obtain your own legal advice before relying on the Service or these Terms.

24. Contact

Burrell Digital LTD, a company registered in England and Wales. For questions, notices or requests under these Terms, contact us at legal@ctx-guard.com.