ShieldedStack Terms of Service

1. What you are licensing

ShieldedStack is software you run on your own infrastructure. It is not a SaaS service. There is no Licensor-hosted control plane, no account you log into on our servers, and nothing to register for.

A "License Key" is a signed JWT we issue that authorises operation of the Software within a defined scope (tier, term, number of installations). License Key validation happens locally on your install.

2. Grant of License

Subject to your compliance with these Terms and payment of fees under your Order Form, we grant you a non-exclusive, non-transferable, non-sublicensable, worldwide right during the License Term to:

1. install and run the Software on infrastructure you control, in production and non-production environments, within the scope of your License Key;
2. make reasonable copies for backup and disaster recovery.

The permitted number of Installations, Tenants, and Workspaces is set in your Order Form, which reflects the tier published at /pricing at the time of execution. Projects within a Workspace are not limited. Operating beyond your Order Form scope is a material breach of these Terms.

3. License Term and expiration

1. The License Term is set in your Order Form (typically 12 months).
2. On expiration, the License Key becomes invalid. License Key validation is local; no remote call to us is required to determine its status.
3. Days 1-7 after expiration (grace). Escalating warnings are emitted via logs and administrative interfaces. There is no functional restriction. The Software does not shut down and does not break running pipelines.
4. Days 8-30 after expiration. Persistent warnings appear in administrative interfaces. Proxying, scanning, and policy enforcement remain fully operational.
5. Day 31 onwards. Package proxying and scanning stop. The administrative interface, historical scan results, audit logs, and configuration export remain available read-only, so you can review past activity, export data, and decommission the Installation. CI/CD pipelines pointing at the proxy will begin to fail at this point. You should renew, migrate, or remove the Installation before this date.
6. If you do not renew, you must stop using the Software and destroy your License Key. Read-only access to historical data remains permitted for 90 days after expiration to support orderly decommissioning.
7. Renewals are not automatic; they require a new Order Form. Renewal pricing is fixed for 13 months from the initial Order Form date. After that, we may adjust renewal pricing with 60 days' notice.

4. Trial use

If we issue you a trial License Key, sections 1-3 apply, with these adjustments:

1. the trial term is 30 days, free of charge;
2. you get Standard-tier features unless we agree otherwise in writing;
3. our total liability arising from the trial is capped at €100 (see also section 11);
4. we may revoke the trial License Key if we have specific evidence it is being used outside your organisation.

When you convert to paid, your Order Form takes effect from the date of execution and these Terms apply in full.

5. Restrictions

You must not:

1. redistribute, sublicense, or transfer the Software or your License Key;
2. remove or alter any proprietary notices or License Key validation logic;
3. use a single License Key across more Installations than your Order Form permits;
4. reverse engineer the Software, except as permitted by mandatory law (including Articles 5 and 6 of EU Directive 2009/24/EC);
5. use the Software to develop a competing on-premises package proxy product.

6. Fees

Fees are set in your Order Form, quoted in DKK, exclusive of VAT. Invoices are payable net 30 unless agreed otherwise. Fees are non-refundable except where these Terms expressly provide otherwise (sections 9.3 and 12.4).

Late payment within an active License Term does not interrupt operation of the Software. Late payment at renewal means the License Term has expired and the schedule in section 3 applies.

7. No telemetry, no phone-home, no audit by default

This is a contractual commitment, not a marketing claim.

1. The Software does not transmit usage data, scan results, package metadata, vulnerability findings, identities, or any other information to us during normal operation. License Key validation is local using public-key cryptography.
2. We have no automatic visibility into your installation. We do not receive logs, telemetry, or usage statistics.
3. We do not perform routine audits. We will not request access to your networks, systems, or log files as a condition of licence compliance.
4. Limited license-scope verification. If we obtain specific evidence that a License Key is being used outside its issued scope (for example, a Key issued to one organisation appearing in use at another), we may ask the registered contact for a signed written confirmation of installation count and operating organisation. A response satisfying this section is your sole compliance obligation. No remote or on-site access will be requested.
5. Sovereign tier alternative. Sovereign customers may negotiate source code escrow with a mutually agreed third party in lieu of any audit. Terms are set in the Sovereign Order Form.

8. Your data

1. All data the Software processes — scanned packages, dependency manifests, vulnerability findings, audit logs, user identities managed by your Keycloak — stays on your infrastructure.
2. We have no access to your data. We are not a processor or sub-processor under the GDPR with respect to data processed by the Software, because no processing relationship exists.
3. The only personal data we hold from you is the contact information you provide for invoicing, support, and License Key issuance, governed by our Privacy Policy.
4. We are established in Denmark and are not subject to the United States CLOUD Act or analogous extraterritorial disclosure regimes.

9. Warranty

1. We warrant that, for 30 days following the start of your initial License Term, the Software will perform materially in accordance with the Documentation when used in a supported environment.
2. We warrant that, to our knowledge as of your Order Form date, the Software does not contain malware, undisclosed back doors, or undisclosed telemetry.
3. Sole remedy for warranty breach. If the Software fails to conform during the warranty period, notify us in writing with reproducible details. We will, at our option: (a) correct the non-conformance within a reasonable time; (b) provide a workaround; or (c) refund the pro-rata unused portion of fees and terminate this Agreement.

10. Disclaimers

EXCEPT FOR THE WARRANTY IN SECTION 9, THE SOFTWARE IS PROVIDED "AS IS" AND "AS AVAILABLE" WITHOUT WARRANTY OF ANY KIND. WE DISCLAIM ALL IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT.

We do not warrant that the Software is error-free, that it will detect all supply chain attacks, or that it will catch every malicious package. Supply chain security is defence-in-depth; ShieldedStack is one component.

11. Limitation of Liability

1. NEITHER PARTY IS LIABLE FOR INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, OR EXEMPLARY DAMAGES, INCLUDING LOST PROFITS, LOST DATA, OR BUSINESS INTERRUPTION.
2. Total cumulative liability of either party arising from these Terms is capped at the fees paid by you under the applicable Order Form in the 12 months preceding the event giving rise to the claim. For trial use, the cap is €100 (section 4.3).
3. The caps do not apply to: (a) our IP indemnification obligations under section 12; (b) your payment obligations; (c) breach of confidentiality; (d) liability that cannot be excluded under mandatory law.

12. IP Indemnification

1. We defend you against any third-party claim that the Software, as provided by us and used in accordance with these Terms, infringes a copyright, trade secret, or registered patent valid in the EU, and we pay damages finally awarded or settled in writing by us.
2. Conditions: you notify us in writing within 10 business days, give us sole control of defence and settlement, and provide reasonable cooperation at our expense.
3. Exclusions — we have no obligation to the extent the claim arises from: (a) modifications you made; (b) combination with software, hardware, or services not approved by us where the combination causes the infringement; (c) Open Source Components (governed by their own licences — list at /legal/oss-attributions); (d) continued use of an allegedly infringing version after we provide a non-infringing update; (e) use outside your License Key scope.
4. Our options if a claim is asserted or threatened: (a) procure your right to continue; (b) modify the Software to be non-infringing with equivalent functionality; or (c) terminate and refund the pro-rata unused fees.
5. Our liability under this section is subject to section 11.2.
6. You indemnify us for claims arising from your use of the Software in violation of these Terms, your modifications, or content you process through the Software.

13. Confidentiality

Each party will protect the other's non-public information disclosed under these Terms with reasonable care, use it only for purposes of this Agreement, and not disclose it to third parties without consent. The License Key and Order Form pricing are our confidential information.

We receive no confidential information through the Software's operation (see section 7). Confidentiality covers only information exchanged through direct communication.

Exceptions: information that is public, was already known, was received from a third party without restriction, or was independently developed. Disclosure required by law is permitted with prompt notice to the other party where legally allowed.

Confidentiality survives for 3 years after termination.

14. Termination

1. Either party may terminate for material breach uncured 30 days after written notice.
2. Either party may terminate immediately on insolvency, bankruptcy, or appointment of a receiver to the other party.
3. On termination, you must stop using the Software and destroy your License Key. We rely on your contractual compliance.
4. Surviving sections: 5 (Restrictions), 7.1-7.3 (no telemetry — perpetually), 10 (Disclaimers), 11 (Liability), 12 (IP Indemnification, for pre-termination use), 13 (Confidentiality), 15 (Governing Law).

15. Governing Law

These Terms are governed by Danish law, excluding conflict-of-laws rules. Disputes go to the Copenhagen City Court (Københavns Byret) as venue of first instance. Either party may seek injunctive relief in any competent court to protect IP or confidentiality.

16. General

Order of precedence: Order Form > these Terms > Documentation.

Changes to these Terms apply only to renewal terms, not to active License Terms. Your current License Term is governed by the version of these Terms in effect when your Order Form was signed.

Assignment. Neither party may assign without consent, except that we may assign to a successor entity formed by Bytebard's incorporation, to an affiliate, or in connection with a merger or sale of substantially all assets — with written notice.

Export control. You will comply with applicable EU and other export-control and sanctions laws.

Force majeure excuses delay or failure to perform (other than payment) due to causes beyond reasonable control.

The parties are independent contractors. Nothing here creates an agency, partnership, or joint venture.

These Terms, together with your Order Form, are the entire agreement and supersede prior agreements including the previous Terms dated 17 October 2025. Amendments require a writing signed by both parties.

If any provision is unenforceable, the rest stands.

17. Contact

Questions about these Terms: [email protected].