Terms of Service

This Terms of Service Agreement ("Agreement") is a legal agreement between you (either an individual or a single entity, "Customer", "you", or "your") and MnemoShare LLC ("MnemoShare", "we", "us", or "our") for the use of MnemoShare software, cloud-hosted services, and related documentation (collectively, the "Service"). The Service is offered as both a cloud-hosted platform ("SaaS Service") and self-hosted software ("Self-Hosted Service").

1. Definitions

• "Authorized Users" means individuals authorized by Customer to access and use the Service under the Customer's subscription.
• "Capabilities" means the features and limits associated with the Customer's subscription tier, including but not limited to user seat limits, Partner Organization limits, Deployment limits, audit retention periods, and access to specific features such as SSO, SIEM export, workflows, or hardware-backed identity.
• "Confidential Information" means any non-public information disclosed by either party, including but not limited to business plans, customer data, technical data, product plans, and financial information.
• "Customer Data" means all data, files, and information uploaded, transmitted, or stored through the Service by Customer or its Authorized Users.
• "Deployment" means a single installation of the MnemoShare server software in a production, staging, or development environment (applicable to Self-Hosted Service).
• "Documentation" means the user guides, installation guides, and other technical documentation provided by MnemoShare.
• "Instance" means a dedicated, isolated MnemoShare environment provisioned for Customer on our cloud infrastructure (applicable to SaaS Service).
• "License Key" means the unique identifier issued to Customer upon purchase that activates and validates the Service.
• "Partner Organization" means an external organization with which Customer exchanges data through the Service.
• "SaaS Service" means the cloud-hosted version of MnemoShare operated and maintained by MnemoShare on Customer's behalf.
• "Seat" means one Authorized User license within a SaaS subscription.
• "Self-Hosted Service" means the MnemoShare software licensed for installation on Customer's own infrastructure.
• "Subscription Term" means the period during which Customer has paid for access to the Service.

2. License Grant and Service Access

2.1 Self-Hosted License

Subject to the terms of this Agreement and payment of all applicable fees, MnemoShare grants Customer a limited, non-exclusive, non-transferable, non-sublicensable license to:

• Install and run the MnemoShare server software on Customer's infrastructure or approved cloud environments;
• Allow Authorized Users to access and use the Service;
• Create Deployments up to the limit specified in the purchased subscription tier;
• Exchange data with Partner Organizations up to the limit specified in the purchased subscription tier;
• Use the Documentation solely in connection with permitted use of the Service.

2.2 SaaS Service Access

Subject to the terms of this Agreement and payment of all applicable fees, MnemoShare grants Customer a non-exclusive, non-transferable right to access and use the SaaS Service during the Subscription Term. This includes:

• Access to a dedicated Instance at Customer's designated subdomain;
• The number of Seats (Authorized Users) specified in the purchased subscription tier;
• Features and Capabilities included in the purchased tier;
• Software updates, security patches, and infrastructure maintenance performed by MnemoShare;
• Use of the Documentation solely in connection with permitted use of the Service.

2.3 Subscription Tiers

The Service is offered in the following tiers:

Self-Hosted Tiers

SaaS Tiers (Per-Seat Pricing)

2.4 Restrictions

Customer shall not:

• Copy, modify, adapt, translate, reverse engineer, decompile, disassemble, or create derivative works based on the Service;
• Sublicense, lease, rent, loan, transfer, or distribute the Service to any third party;
• Remove, alter, or obscure any proprietary notices, labels, or marks on the Service;
• Use the Service to provide services to third parties (service bureau, time-sharing, or similar) without a separate reseller agreement;
• Use the Service in violation of any applicable laws, regulations, or third-party rights;
• Attempt to circumvent license validation, seat limits, Partner Organization limits, Deployment limits, or Capability restrictions;
• Share License Keys or account credentials with unauthorized parties;
• Operate the Service on versions below the minimum required version when specified by MnemoShare for security or compatibility reasons;
• Use the Service in any manner that violates the Acceptable Use Policy (Section 4).

3. Customer Data and Privacy

3.1 Ownership

Customer retains all right, title, and interest in and to Customer Data. MnemoShare acquires no rights in Customer Data except as necessary to provide the Service.

3.2 Self-Hosted Data Processing

For the Self-Hosted Service, Customer Data is stored on Customer's own infrastructure or Customer-controlled cloud resources. MnemoShare does not have access to Customer Data except:

• License validation requests (License Key, deployment ID, version number);
• When Customer explicitly requests support and grants access;
• Aggregated, anonymized usage statistics (opt-out available).

3.3 SaaS Data Processing

For the SaaS Service, Customer Data is stored on MnemoShare-managed infrastructure. The following safeguards apply:

3.3.1 No Intentional Access

MnemoShare will not intentionally access, view, download, or decrypt Customer Data. We do not monitor the content of your file transfers, review the substance of your stored files, or inspect your organizational data for any purpose other than as described in Section 3.3.2.

3.3.2 Infrastructure Maintenance and Incidental Exposure

In the course of operating, maintaining, securing, and troubleshooting the SaaS infrastructure, MnemoShare personnel may encounter limited metadata or system-level information incidentally. This may include:

• File names, file paths, or file sizes visible in storage listings or application logs;
• Database metadata such as collection names, document counts, or record structures encountered during database maintenance or backups;
• User account details (usernames, email addresses, organization names) visible in the application database;
• System and application logs that reference file operations, transfer events, or error details.

Such incidental exposure is limited to what is necessary for the maintenance, support, or security task at hand. MnemoShare personnel are bound by confidentiality obligations and are prohibited from using, copying, or disclosing Customer Data encountered incidentally for any unauthorized purpose.

3.3.3 No Intentional Decryption

MnemoShare will never intentionally decrypt Customer Data stored within your Instance. Our encryption architecture is designed so that your data remains encrypted at rest, and routine infrastructure operations do not require or involve decryption of Customer Data. The only circumstance in which MnemoShare would access decrypted Customer Data is pursuant to a valid, binding legal order (e.g., court order or subpoena) — and in such cases, we will notify Customer to the extent legally permitted before any disclosure.

3.3.4 Permitted Infrastructure Access

MnemoShare may access Customer Instance infrastructure components (distinct from Customer Data) for the following purposes:

• Applying security patches, software updates, and platform upgrades;
• Diagnosing and resolving technical issues, service outages, or performance problems;
• Responding to Customer-initiated support requests;
• Monitoring for and responding to security threats, incidents, or vulnerabilities;
• Investigating potential violations of the Acceptable Use Policy (Section 4);
• Performing backups, disaster recovery, and capacity planning;
• Complying with valid legal process.

3.4 Security

The Service includes security features designed to protect Customer Data, including AES-256-GCM encryption, multi-factor authentication, and comprehensive audit logging. For the Self-Hosted Service, Customer is responsible for:

• Properly configuring and securing their deployment;
• Managing user access and permissions;
• Maintaining secure storage configurations (S3, MongoDB);
• Implementing appropriate backup and disaster recovery procedures.

For the SaaS Service, MnemoShare is responsible for infrastructure security, patching, backups, and availability. Customer remains responsible for managing user access, permissions, and organizational security policies within their Instance.

3.5 Data Portability and Deletion

SaaS customers may export their data at any time through the MnemoShare application interface. Upon subscription termination, Customer Data is retained for thirty (30) days to allow for export, after which it is permanently deleted from our systems, including all encrypted files, database records, and backups.

3.6 HIPAA Compliance

For Customers subject to HIPAA, MnemoShare will execute a Business Associate Agreement (BAA) upon request. For SaaS customers handling Protected Health Information (PHI), a BAA is required and defines the parties' respective obligations. All PHI stored in the SaaS Service is encrypted at rest and in transit, and MnemoShare personnel do not intentionally access or decrypt PHI.

4. Acceptable Use Policy

MnemoShare provides a secure, compliant file transfer platform. We expect all customers to use the Service responsibly and in accordance with applicable laws. This Acceptable Use Policy ("AUP") applies to all customers, with particular relevance to SaaS customers whose Instances operate on shared infrastructure.

4.1 Prohibited Uses

Customer shall not use the Service to:

• Store, transmit, or distribute content that is unlawful, harmful, threatening, abusive, harassing, defamatory, or otherwise objectionable;
• Store, transmit, or distribute child sexual abuse material (CSAM) or any content that exploits minors;
• Infringe upon or violate the intellectual property rights, privacy rights, or other rights of any third party;
• Distribute malware, viruses, ransomware, or other malicious software;
• Engage in or facilitate phishing, fraud, identity theft, or other deceptive practices;
• Send unsolicited communications (spam) or conduct unauthorized data harvesting;
• Attempt to gain unauthorized access to other customers' Instances, data, or accounts, or to MnemoShare systems;
• Interfere with, disrupt, or place an unreasonable burden on the Service or its infrastructure (e.g., denial-of-service attacks, cryptocurrency mining, excessive resource consumption);
• Circumvent or attempt to circumvent security controls, access restrictions, rate limits, or usage metering;
• Use the Service in any manner that violates applicable laws or regulations, including but not limited to export control, sanctions, anti-money laundering, and data protection laws;
• Resell, redistribute, or sublicense access to the Service without prior written authorization from MnemoShare.

4.2 Resource Usage

SaaS customers are allocated resources (storage, compute, bandwidth) based on their subscription tier. Customers must not intentionally exceed these allocations in ways that degrade service for other customers. MnemoShare reserves the right to implement fair-use limits and to throttle or suspend Instances that consume disproportionate resources.

4.3 Enforcement

MnemoShare reserves the right to investigate suspected AUP violations. If we determine that a violation has occurred, we may take one or more of the following actions at our sole discretion and without prior notice where the situation warrants immediate action:

• Issue a warning and request corrective action within a specified timeframe;
• Temporarily suspend the Customer's access to the Service while the issue is investigated or resolved;
• Remove or disable access to offending content;
• Permanently terminate the Customer's subscription and delete their Instance;
• Report illegal activity to appropriate law enforcement authorities.

Where practicable, MnemoShare will provide advance notice and a reasonable opportunity to cure before suspension or termination. However, we reserve the right to take immediate action without notice for severe violations (e.g., CSAM, active malware distribution, attacks on infrastructure, or violations requiring immediate action under applicable law).

4.4 Reporting Violations

If you become aware of any violation of this AUP, please report it to abuse@mnemoshare.com.

5. Payment Terms

5.1 Fees

Customer agrees to pay all fees for the subscription tier selected at checkout. All fees are quoted and payable in United States Dollars (USD) and are non-refundable except as expressly provided in this Agreement. SaaS subscription fees are calculated on a per-seat basis according to the Customer's selected tier and billing cycle.

5.2 SaaS Billing

SaaS subscriptions are billed in advance on a recurring basis according to the selected billing cycle (monthly, quarterly, or annually). Subscriptions include a seven (7) day free trial period for new customers. Subscriptions auto-renew at the end of each billing period unless Customer cancels through the customer portal or by contacting support prior to the renewal date.

5.3 Self-Hosted Billing

Pilot licenses are one-time purchases valid for the purchased term. Pilot licenses do not auto-renew; Customers must repurchase to continue using the Service after the term expires.

Governed, Enterprise, and Regulated subscriptions are billed in advance and auto-renew at the end of each billing period unless Customer cancels at least thirty (30) days prior to the renewal date.

5.4 Taxes

Fees are exclusive of all taxes, levies, or duties imposed by taxing authorities. Customer is responsible for payment of all such taxes, excluding taxes based on MnemoShare's income.

5.5 Late Payment

Overdue amounts bear interest at the rate of 1.5% per month or the maximum rate permitted by law, whichever is less. MnemoShare may suspend Customer's access to the Service if payment is more than thirty (30) days overdue.

5.6 Refund Policy for Annual Subscriptions

Refunds for early cancellation of annual subscriptions (both SaaS and self-hosted) are calculated according to the following schedule:

Example: If a Customer on an annual Governed plan ($36,000/year) cancels on day 2 of month 4, they have used 4 months, leaving 8 months remaining. The usage falls in the 3-6 month bracket (75% refund rate). The refund calculation is:

• Remaining value: 8/12 x $36,000 = $24,000
• Refund amount: $24,000 x 75% = $18,000

Monthly and quarterly subscriptions are not eligible for prorated refunds. Customers may cancel at any time, and the subscription will remain active until the end of the current billing period.

5.7 Subscription Changes

Customers may upgrade or downgrade their subscription tier at any time. For annual subscriptions:

• Upgrades: The remaining value of the current subscription (subject to the refund schedule in Section 5.6) is applied as credit toward the new tier. Any balance due is charged immediately, and the new tier takes effect immediately.
• Downgrades: The remaining value of the current subscription (subject to the refund schedule) is compared to the cost of the remaining period on the new tier. Any positive difference may be refunded or applied as account credit at MnemoShare's discretion.

For monthly and quarterly subscriptions, tier changes take effect at the next billing cycle. SaaS customers may adjust seat counts, and charges will be prorated accordingly.

6. Term and Termination

6.1 Term

This Agreement is effective upon Customer's acceptance (by purchase, account creation, or installation) and continues for the duration of the Subscription Term, unless earlier terminated.

6.2 Termination for Convenience

Customer may terminate this Agreement at any time by canceling their subscription through the customer portal or by contacting support. For the Self-Hosted Service, Customer must also discontinue use and destroy all copies of the software. Refunds for early termination of annual subscriptions are subject to the Refund Policy described in Section 5.6.

6.3 Termination for Cause

Either party may terminate this Agreement immediately upon written notice if:

• The other party materially breaches this Agreement and fails to cure such breach within thirty (30) days of written notice;
• The other party becomes insolvent, files for bankruptcy, or ceases business operations.

6.4 Termination for AUP Violation

MnemoShare may suspend or terminate Customer's access to the Service immediately, without prior notice, if Customer violates the Acceptable Use Policy (Section 4) in a manner that poses a risk to the security, integrity, or availability of the Service or other customers. In cases of AUP-related termination:

• No refund will be issued for the remaining Subscription Term;
• Customer Data will be retained for thirty (30) days to allow for export, unless the data itself constitutes illegal content, in which case it may be immediately removed and reported to authorities;
• MnemoShare may provide a post-termination summary of the violation upon request.

6.5 Effect of Termination

Upon termination:

• All licenses and access rights granted hereunder immediately terminate;
• For Self-Hosted: Customer must cease all use of the Service and destroy all copies;
• For SaaS: Customer's Instance will be deactivated and Customer Data retained for thirty (30) days for export before permanent deletion;
• Customer may export their Customer Data prior to termination (or during the 30-day retention window for SaaS);
• Sections 3, 4, 7, 8, 9, 10, and 11 survive termination.

7. Intellectual Property

7.1 MnemoShare IP

The Service, including all software, Documentation, designs, algorithms, and know-how, is the exclusive property of MnemoShare and its licensors. This Agreement grants no title or ownership rights in the Service to Customer.

7.2 Feedback

If Customer provides suggestions, ideas, or feedback about the Service ("Feedback"), MnemoShare may use such Feedback without obligation or compensation to Customer.

8. Warranties and Disclaimers

8.1 Limited Warranty

MnemoShare warrants that during the Subscription Term, the Service will perform substantially in accordance with the Documentation. MnemoShare's sole obligation for breach of this warranty is to use commercially reasonable efforts to correct the non-conformity or, if correction is not commercially practicable, to refund prepaid fees for the remainder of the Subscription Term.

8.2 SaaS Availability

MnemoShare will use commercially reasonable efforts to maintain SaaS Service availability. Scheduled maintenance windows will be communicated in advance when practicable. MnemoShare does not guarantee uninterrupted availability and is not liable for downtime caused by factors outside our reasonable control, including third-party infrastructure outages, Customer-side network issues, or force majeure events.

8.3 Disclaimer

8.4 No Guarantee

MnemoShare does not warrant that the Service will be uninterrupted, error-free, or completely secure. Customer acknowledges that no data transmission or storage system can be guaranteed to be 100% secure.

9. Limitation of Liability

9.1 Exclusion of Damages

9.2 Liability Cap

9.3 Basis of Bargain

The limitations and exclusions in this Section 9 reflect the allocation of risk between the parties and form an essential basis of the bargain between them.

10. Indemnification

10.1 By MnemoShare

MnemoShare will defend, indemnify, and hold harmless Customer from any third-party claim that the Service infringes such third party's intellectual property rights, provided Customer: (a) promptly notifies MnemoShare in writing; (b) grants MnemoShare sole control of the defense and settlement; and (c) provides reasonable cooperation.

10.2 By Customer

Customer will defend, indemnify, and hold harmless MnemoShare from any third-party claim arising from: (a) Customer's use of the Service in violation of this Agreement or the Acceptable Use Policy; (b) Customer Data; or (c) Customer's violation of applicable law.

11. General Provisions

11.1 Governing Law

This Agreement is governed by the laws of the State of Delaware, without regard to its conflict of laws principles. Any disputes shall be resolved exclusively in the state or federal courts located in Delaware.

11.2 Export Compliance

Customer agrees to comply with all applicable export control laws and regulations, including U.S. Export Administration Regulations (EAR) and ITAR where applicable.

11.3 Assignment

Customer may not assign this Agreement without MnemoShare's prior written consent. MnemoShare may assign this Agreement in connection with a merger, acquisition, or sale of all or substantially all of its assets.

11.4 Notices

Notices must be in writing and sent to the addresses provided at time of purchase (for Customer) or to legal@mnemoshare.com (for MnemoShare). Email notices are effective upon confirmed delivery.

11.5 Waiver

Failure to enforce any provision of this Agreement shall not constitute a waiver of future enforcement of that or any other provision.

11.6 Severability

If any provision of this Agreement is held invalid or unenforceable, the remaining provisions shall continue in full force and effect.

11.7 Entire Agreement

This Agreement, together with any order forms, BAAs, or other documents incorporated by reference, constitutes the entire agreement between the parties and supersedes all prior agreements and understandings.

11.8 Amendments

MnemoShare may update this Agreement from time to time. Material changes will be notified at least thirty (30) days in advance. Continued use of the Service after such notice constitutes acceptance of the updated terms.

11.9 Force Majeure

Neither party shall be liable for any delay or failure to perform due to causes beyond its reasonable control, including natural disasters, war, terrorism, strikes, or government actions.