Terms of Service

Acceptance of Terms

Welcome to PrismSec. By accessing or using the PrismSec platform (the "Service"), you agree to be bound by these Terms of Service ("Terms"). If you do not agree to these Terms, you may not access or use the Service. These Terms constitute a legally binding agreement between you (the "Customer," "you," or "your") and PrismSec, Inc. ("PrismSec," "we," "us," or "our").

We reserve the right to update these Terms at any time. If we make material changes, we will notify you via email or through the Service. Your continued use of the Service after such changes constitutes acceptance of the revised Terms.

Description of the Service

PrismSec is an automated, agentic application security platform designed to assist development teams in identifying and remediating security vulnerabilities, exposed secrets, dependency risks, and misconfigurations in source code. The Service integrates with your version control repositories (such as GitHub, GitLab, and Bitbucket) to review code on every pull request, produce actionable security findings, and, where applicable, automatically open fix pull requests.

The Service utilizes advanced AI and static analysis techniques to perform security reviews. While PrismSec aims to provide comprehensive coverage, it does not guarantee the detection of all vulnerabilities or the prevention of all security incidents. The Service is intended as a tool to assist your security practices, not to replace human expertise, secure development processes, or other security measures.

Accounts and Eligibility

To use the Service, you must create an account. You represent and warrant that (a) you are at least 18 years of age and have the legal capacity to enter into binding contracts, (b) all registration information you submit is accurate and current, and (c) if you are registering on behalf of an organization, you are authorized to bind that organization to these Terms.

You are responsible for maintaining the confidentiality of your account credentials and for all activities that occur under your account. You agree to notify us immediately of any unauthorized use of your account.

Acceptable Use

You agree to use the Service only for lawful purposes and in accordance with these Terms. You agree not to:

• Reverse engineer, decompile, disassemble, or otherwise attempt to derive the source code or underlying algorithms of the Service (except where permitted by applicable law).
• Use the Service to attack, harm, or compromise the security of third-party systems, networks, or data.
• Upload, scan, or submit any content that is illegal, infringing, defamatory, or otherwise harmful.
• Use the Service in any manner that could disable, overburden, or impair its infrastructure or interfere with any other party's use of the Service.
• Sublicense, resell, or redistribute the Service or otherwise make it available to any third party without our prior written consent.

Customer Code and Data

To perform security analysis, PrismSec requires access to your source code repositories and related metadata. We access your repositories using the minimum permissions necessary (read access to repository content and pull request data; write access only where you enable automatic remediation features). You retain all ownership rights, title, and interest in your code and data.

We commit to the following with respect to customer code:

• No Training on Customer Code: PrismSec does not use customer code, data, or findings to train machine learning models or improve our algorithms in ways that would expose or derive insights from your proprietary information.
• Confidentiality: We treat all customer code and data as confidential and will not disclose it to third parties except as necessary to provide the Service (e.g., using authorized subprocessors for cloud hosting) or as required by law.
• Security: We encrypt customer code in transit and at rest, apply industry-standard security practices, and implement access controls to protect your data.
• Deletion: Upon termination of your account or at your written request, we will delete customer code and associated data in accordance with our data retention policies, subject to legal and backup retention requirements.

Intellectual Property

PrismSec and the Service, including all software, documentation, branding, and related materials, are the exclusive property of PrismSec, Inc. and its licensors and are protected by copyright, trademark, and other intellectual property laws. Subject to your compliance with these Terms, we grant you a limited, non-exclusive, non-transferable, revocable license to access and use the Service for your internal business purposes.

You may provide feedback, suggestions, or feature requests to us. You agree that we may use such feedback without any obligation to you, and you hereby assign to us all rights, title, and interest in such feedback.

Subscriptions, Free Trials, and Billing

PrismSec offers a 14-day free trial for new users. After the trial period, continued use of the Service requires a paid subscription. We offer monthly subscription plans for small and medium teams, as well as custom Enterprise plans. Pricing details are available at prism-sec.com/pricing.

By subscribing to a paid plan, you authorize us to charge your designated payment method on a recurring basis. Subscription fees are non-refundable except as required by law or as otherwise stated in these Terms. You may cancel your subscription at any time; cancellations take effect at the end of the current billing period.

We reserve the right to change our pricing and fees at any time, with notice provided to you in advance. If you do not agree to a price change, you may cancel your subscription before the change takes effect.

Third-Party Services

The Service integrates with third-party platforms and services, including GitHub, GitLab, Bitbucket, and Slack. Your use of these third-party services is governed by their respective terms of service and privacy policies. We are not responsible for the availability, functionality, or security of third-party services. Any issues arising from your use of third-party services are between you and the relevant third party.

Disclaimers

THE SERVICE IS PROVIDED "AS IS" AND "AS AVAILABLE" WITHOUT WARRANTIES OF ANY KIND, WHETHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT. WE DO NOT WARRANT THAT THE SERVICE WILL BE UNINTERRUPTED, ERROR-FREE, OR FREE FROM SECURITY VULNERABILITIES.

WHILE PRISMSEC USES COMMERCIALLY REASONABLE EFFORTS TO DETECT SECURITY ISSUES IN YOUR CODE, WE DO NOT GUARANTEE THAT ALL VULNERABILITIES, SECRETS, OR RISKS WILL BE IDENTIFIED. THE SERVICE IS A TOOL TO ASSIST YOUR SECURITY PRACTICES AND DOES NOT REPLACE SECURE DEVELOPMENT METHODOLOGIES, CODE REVIEWS, PENETRATION TESTING, OR OTHER SECURITY MEASURES.

Limitation of Liability

TO THE MAXIMUM EXTENT PERMITTED BY LAW, IN NO EVENT SHALL PRISMSEC, ITS AFFILIATES, OFFICERS, DIRECTORS, EMPLOYEES, OR AGENTS BE LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, OR PUNITIVE DAMAGES, INCLUDING BUT NOT LIMITED TO LOSS OF PROFITS, DATA, USE, OR GOODWILL, ARISING OUT OF OR IN CONNECTION WITH THESE TERMS OR YOUR USE OF THE SERVICE, WHETHER BASED IN CONTRACT, TORT, NEGLIGENCE, STRICT LIABILITY, OR OTHERWISE, EVEN IF WE HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

OUR TOTAL LIABILITY TO YOU FOR ALL CLAIMS ARISING OUT OF OR RELATED TO THESE TERMS OR THE SERVICE SHALL NOT EXCEED THE AMOUNT YOU PAID TO PRISMSEC IN THE 12 MONTHS PRECEDING THE EVENT GIVING RISE TO LIABILITY, OR $100 IF NO PAYMENTS WERE MADE.

Indemnification

You agree to indemnify, defend, and hold harmless PrismSec and its affiliates, officers, directors, employees, and agents from and against any claims, liabilities, damages, losses, costs, or expenses (including reasonable attorneys' fees) arising out of or related to (a) your use of the Service, (b) your violation of these Terms, (c) your violation of any rights of a third party, or (d) any content or code you submit to the Service.

Termination

You may terminate your account at any time by contacting us at hello@prism-sec.com. We reserve the right to suspend or terminate your account and access to the Service at any time, with or without notice, if we believe you have violated these Terms or engaged in conduct that we deem harmful to the Service or other users.

Upon termination, your right to access and use the Service will immediately cease. Provisions of these Terms that by their nature should survive termination (including intellectual property, disclaimers, limitations of liability, and indemnification) will continue in effect.

Governing Law

These Terms shall be governed by and construed in accordance with the laws of the State of Delaware, United States, without regard to its conflict of law principles. Any dispute arising out of or related to these Terms or the Service shall be resolved exclusively in the state or federal courts located in Delaware, and you consent to the personal jurisdiction of such courts.

Changes to These Terms

We reserve the right to modify these Terms at any time. If we make changes, we will provide notice by posting the updated Terms on our website and updating the "Last updated" date. For material changes, we will provide additional notice via email or through the Service. Your continued use of the Service after the effective date of revised Terms constitutes your acceptance of the changes.

Contact

If you have any questions, concerns, or requests regarding these Terms, please contact us:

PrismSec, Inc.
855 El Camino Real, Suite 300, Palo Alto, CA 94301, USA
Email: hello@prism-sec.com