Terms of Services

0. Effective date and operating entity

0.1 Parties. These Terms of Services (the "Terms") are entered into between you and SkyMakers Digital Limited, a company registered in England and Wales at Bank Chambers, St Petersgate, Stockport, SK1 1AR, United Kingdom (referred to throughout as "Authgear", "we", "us", or "our"). The Terms govern your access to and use of the hosted Authgear Services available at https://authgear.com and the Authgear Developer Portal.

0.2 Effective date. "Last updated" date is shown above. Material changes to the Terms are governed by Section 13.

0.3 Data Processing Addendum. Data processing activities carried out by Authgear in connection with the Services are further governed by the Data Processing Addendum ("DPA"), which is incorporated by reference for any processing of personal data of End Users.

1. Your Agreement with Authgear

1.1 Scope. Your use of Authgear is governed by these Terms. "Authgear Services" refers to the services Authgear makes available through this website, including this website, the Authgear Developer Portal, the Authgear API, the Authgear Plugins, and any other software or services offered by Authgear in connection to any of those. The contracting Authgear entity is identified in Section 0.1.

1.2 Acceptance. In order to use Authgear Services, you must first agree to the Terms. You can agree to the Terms by actually using Authgear Services. You understand and agree that Authgear will treat your use of Authgear Services as acceptance of the Terms from that point onward.

1.3 Eligibility. You may not use Authgear Services if you are a person barred from receiving Authgear Services under the laws of the United States or other countries, including the country in which you are a resident of or from which you use Authgear Services. You affirm that you are at least 18 years old and have the legal capacity to enter into this agreement. Authgear Services are not intended for minors.

1.4 No future-feature reliance. You agree that your purchase of Authgear Services is not contingent on the delivery of any future functionality or feature, or dependent on any oral or written public comments made by Authgear or any of its affiliates regarding future functionalities or features.

2. Your Account and Use of Authgear Services

2.1 Account registration. You must provide accurate and complete registration information when you register to use Authgear Services. You are responsible for the security of your passwords and any use of your account. If you become aware of any unauthorized use of your password or your account, you agree to notify Authgear immediately.

2.2 Compliance with law. Your use of Authgear Services must comply with all applicable laws, regulations, and ordinances, including any law regarding the export of data or software.

2.3 Permitted access. You agree not to (a) access (or attempt to access) the administrative interface of Authgear Services by any means other than through the interface that provided by Authgear in connection with Authgear Services, unless you have been specifically allowed to do so in a separate agreement with Authgear; and (b) engage in any activity that interferes with or disrupts Authgear Services (or the servers and networks which are connected to the Service). Nothing in this Section 2.3 prohibits good-faith security research conducted in accordance with Authgear's responsible disclosure process described in the Service Level Agreement. Researchers who (i) report identified vulnerabilities to Authgear in accordance with that process, (ii) make a good-faith effort to avoid privacy violations, destruction or modification of Customer data or End User Personal Data, and material disruption of the Services, and (iii) do not exfiltrate or publicly disclose Customer data, End User Personal Data, or other non-public Authgear information before Authgear has had a reasonable opportunity to remediate, will not be subject to civil claims, contractual breach claims, or referral for criminal prosecution by Authgear arising solely from such research.

2.4 Usage limits. Your account has "hard" and "soft" usage limits, as further explained here (or such URL as Authgear may provide). Authgear Services does not permit you to exceed the hard usage limits. Authgear reserves the right to enforce soft usage limits in its sole discretion, which may result in Authgear serving a page indicating "quota exceeded" page or "services temporarily not available" to you or users whom you serve webpages to via the Authgear Services ("End Users"). Repeatedly exceeding the hard or soft usage limits may lead to termination of your account.

2.5 Permitted purpose. You may use the Authgear Services only to develop and run applications on the Authgear infrastructure. You may not access or use Authgear Services for the purpose of bringing an intellectual property infringement claim against Authgear or creating a product or service that competes with Authgear Services.

2.6 No high-risk use. You agree not to use Authgear Services in connection with any high-risk activity or strict-liability use case, including without limitation: aviation, space travel, firefighting, police or military operations, the operation of nuclear or power-plant facilities, life-support, emergency rescue, the operation of medical devices, hospital or clinical-decision systems, or any other application in which the failure, error, or unavailability of an authentication or identity service could lead to death, personal injury, severe environmental damage, or critical infrastructure failure. Authgear Services are not designed, intended, or warranted for such use. If you intend to use Authgear Services in any such context, you must contact Authgear in advance to negotiate a separate written agreement with terms appropriate to such use.

2.7 Sanctions and export controls. Each party represents that it will comply with all applicable trade and economic sanctions laws and regulations, including those administered by the UK Office of Financial Sanctions Implementation, the EU, and the U.S. Office of Foreign Assets Control (OFAC), as well as applicable export-control laws (including the UK Export Control Order 2008 and the U.S. Export Administration Regulations). You represent that you, your principals, and your End Users are not on any restricted-party list and that you will not use Authgear Services from, or for the benefit of any person in, a comprehensively sanctioned country or territory.

3. Service Policies and Privacy

3.1 Privacy Policy. Authgear Services shall be subject to the privacy policy for Authgear Services. You agree to the use of your data in accordance with Authgear's privacy policies.

3.2 End User privacy. You agree that you will protect the privacy and legal rights of the End Users of your application. You must provide legally adequate privacy notice and protection for End Users. If End Users provide you with user names, passwords, or other log-in information or personal information, you must make the users aware that the information will be available to your application and to Authgear.

3.3 Acceptable Use Policy. You agree to comply with the Authgear Acceptable Use Policy (the "Acceptable Use Policy") which is incorporated herein and may be updated from time to time.

4. Fees for Use of the Authgear Services

4.1 Fees and Quotes. Subject to the Terms, Authgear Services is provided to you without charge up to certain limits. Usage over this limit requires your purchase of additional resources or services. Unless and until Authgear and you have executed a quote document specifically referencing these Terms with respect to amounts due on resources and services (a "Quote", which is hereby incorporated by reference, if applicable), and unless your subscription to (and payment with respect to) the resources and services has been made on your behalf by a reseller, the pricing for additional resources and services is published at https://authgear.com/pricing (or any such URL as Authgear may provide).

4.2 Billing and collection. For all purchased resources and services, we will charge your credit card on a monthly basis or otherwise at the interval indicated in Authgear fees and payment policies. Late payments may bear interest at the rate of 1.5% per month (or, if indicated as less, the highest rate permitted by law). Charges are exclusive of taxes. You are responsible for paying all taxes and government charges, and all reasonable expenses and attorneys' fees Authgear incurs collecting late payments. To the fullest extent permitted by law, you waive all claims relating to charges unless claimed within 60 days after the charge (this does not affect your credit card issuer rights). Charges are solely based on Authgear's measurements of your use of Authgear Services, unless otherwise agreed to in writing. To the fullest extent permitted by law, refunds (if there are any) are at the discretion of Authgear and only in the form of credit for Authgear Services. Nothing in these Terms obligates Authgear to extend credit to any party. You acknowledge and agree that any credit card and related billing and payment information that you provide to Authgear may be shared by Authgear with companies who work on Authgear's behalf, such as payment processors and/or credit agencies, solely for the purposes of checking credit, effecting payment to Authgear, and servicing your account. Authgear may also provide information in response to valid legal process, such as subpoenas, search warrants, and court orders, or to establish or exercise its legal rights or defend against legal claims. Authgear shall not be liable for any use or disclosure of such information by such third parties. Authgear reserves the right to discontinue the provision of Authgear Services to you for any late payments.

4.3 Fee changes. Authgear may change its fees and payment policies for Authgear Services by notifying you at least thirty (30) days before the beginning of the billing cycle in which such change will take effect. Changes to the fees or payment policies will be posted on the website (or any other URL Authgear may provide from time to time). If you do not agree to the change, you may terminate paid services before the effective date and any prepaid fees for the unused balance of the then-current term will be refunded on a pro-rated basis. Any outstanding balance becomes immediately due and payable upon termination of the Terms for any reason.

4.4 Anti-circumvention. You may not develop multiple Applications to simulate or act as a single Application or otherwise access Authgear Services in a manner intended to avoid incurring fees.

5. Content on Authgear Services and Takedown Obligations

5.1 Definition of Content. You understand that all information (such as data files, written text, computer software, music, audio files or other sounds, photographs, videos, or other images) to which you may have access as part of, or through your use of, Authgear Services, are the sole responsibility of the person from which such content originated. All such information is referred to below as the "Content." The term Content shall specifically exclude (a) the web application that you create using Authgear Services and any source code written by you to be used with Authgear Services (collectively, "Applications"), and (b) personal data of End Users that Authgear processes on your behalf in performing the authentication and identity functions of Authgear Services ("End User Personal Data"). End User Personal Data is governed separately by the Data Processing Addendum, and the disclaimer in Section 5.4 does not apply to Authgear's processing of End User Personal Data, which is subject to Authgear's security and data-protection obligations under the DPA and applicable law.

5.2 Right to remove Content. Authgear reserves the right (but shall have no obligation) to remove any or all Content from Authgear Services. You agree to immediately take down any Content that violates the Acceptable Use Policy, including those pursuant to a takedown request from Authgear. In the event that you elect not to comply with a request from Authgear to take down certain Content, Authgear reserves the right to directly take down such Content or disable Applications.

5.3 End User violations. In the event that you become aware of any violation of the Acceptable Use Policy by an End User of Applications, you shall immediately terminate such end user's account on your Application. Authgear reserves the right to disable Applications in response to a violation or suspected violation of the Acceptable Use Policy.

5.4 Responsibility for Content. You agree that you are solely responsible (and that Authgear has no responsibility to you or any third party) for the Application or any Content that you create, transmit, or display while using Authgear Services, and the consequences of your actions (including any loss or damage that Authgear may suffer from).

5.5 Copyright notices and takedown. Authgear maintains processes to respond to notices of alleged copyright or other intellectual-property infringement, including (a) notices under the United States' Digital Millennium Copyright Act ("DMCA"), with respect to which Authgear maintains a policy of terminating the accounts of repeat infringers; and (b) notices under the UK's Electronic Commerce (EC Directive) Regulations 2002, the EU Digital Services Act (Regulation (EU) 2022/2065), the EU Copyright Directive (Directive (EU) 2019/790), and equivalent applicable laws. A valid notice must identify the rights claimed, the allegedly infringing material with sufficient specificity to locate it, the notifier's contact details, and a good-faith statement that the use is unauthorized; knowingly false notices may give rise to liability for the notifier. Authgear reserves the right to take down Content in your Application or, if necessary, the Application itself, upon receipt of a valid notice.

6. Proprietary Rights

6.1 Authgear's intellectual property. You acknowledge and agree that Authgear (or Authgear's licensors) owns all legal rights, titles, and interest in and to Authgear Services, including any intellectual property rights that subsist in Authgear Services (whether those rights happen to be registered or not, and wherever in the world those rights may exist).

6.2 Your Content and Applications. Except as provided in Section 8, Authgear acknowledges and agrees that it obtains no right, title, or interest from you (or your licensors) under these Terms in or to any Content or Applications that you create, submit, post, transmit or display on, or through Authgear Services, including any intellectual property rights that subsist in that Content and Application (whether those rights happen to be registered or not, and wherever in the world those rights may exist). Unless you have agreed otherwise in writing with Authgear, you agree that you are responsible for protecting and enforcing those rights and that Authgear has no obligation to do so on your behalf.

7. License from Authgear and Restrictions

7.1 Licence to use Services. Authgear gives you a personal, worldwide, royalty-free, non-assignable, and non-exclusive license to use the software provided to you by Authgear as part of Authgear Services. This license is for the sole purpose of enabling you to use and enjoy the benefits of Authgear Services as provided by Authgear, in the manner permitted by the Terms.

7.2 Restrictions. You may not (and you may not permit anyone else to): (a) copy, modify, create a derivative work of, reverse engineer, decompile, or otherwise attempt to extract the source code of Authgear Services or any part thereof, unless expressly permitted or required by law or you have been specifically told that you may do so by Authgear in writing (i.e., through an open-source software license); or (b) attempt to disable or circumvent any security mechanisms used by Authgear Services or any Applications running on Authgear Services.

7.3 Open-source components. Open-source software licenses for components of Authgear Services are released under an open-source license and constitute separate written agreements. To the limited extent that the open-source software licenses expressly supersede these Terms, the open-source licenses govern your agreement with Authgear for the use of the components of Authgear Services released under an open-source license.

7.4 Trademark licence. Authgear hereby grants you a limited, non-exclusive, royalty-free, and nontransferable license, with no right to sub-license, to display the Authgear trademarks and/or logos as provided here ("Marks") for the sole purpose of promoting or advertising that you use the Authgear Services. You agree that all goodwill generated through your use of the Authgear Marks shall inure to the benefit of Authgear.

8. License from You

8.1 Licence in your Content. Authgear claims no ownership or control over any Content or Application. You retain copyright and any other rights you already hold in the Content and/or Application, and you are responsible for protecting those rights as appropriate. By submitting, posting, or displaying the Content on or through Authgear Services, you give Authgear a worldwide, royalty-free, and non-exclusive license to reproduce, adapt, modify, translate, publish, publicly perform, publicly display, and distribute such Content for the sole purpose of enabling Authgear to provide you Authgear Services. Furthermore, by creating an Application through the use of Authgear Services, you give Authgear a worldwide, royalty-free, and non-exclusive license to reproduce, adapt, modify, translate, publish, publicly perform, publicly display, and distribute such Application for the sole purpose of enabling Authgear to provide you Authgear Services.

8.2 Collaborator licence. By adding a collaborator to your Application, you hereby grant that user a non-exclusive, royalty-free, and non-transferable license, with no right to sub-license, to use, display, perform, reproduce, modify, publish, distribute, list information regarding, edit, translate, and analyze such Application/s and Content as permitted by the relevant Authgear Services functionality or features, for the sole purpose of collaborating on the development of the Application/s.

8.3 Ideas and feedback. You may choose to or we may invite you to submit comments or ideas about Authgear Services, including, without limitation, how to improve Authgear Services or our products ("Ideas"). By submitting any Idea, you agree that your disclosure is gratuitous, unsolicited, and without restriction and will not place Authgear under any fiduciary or other obligation, and that we are free to use the Idea without any additional compensation to you and/or to disclose the Idea on a non-confidential basis or otherwise to anyone.

8.4 Use of your brand. Authgear may identify you as a customer by displaying your name and logo on the Authgear website and in customer lists, subject to any reasonable branding guidelines you provide. Any other use of your trade names, trademarks, service marks, logos, domain names, or other distinctive brand features (including in case studies, press releases, financial reports, or paid advertising) requires your prior written consent. You may withdraw consent for the website and customer-list listing at any time by writing to hello@authgear.com, and Authgear will remove the listing within thirty (30) days.

9. Modification and Termination of the Authgear Services

9.1 Product changes. Authgear is constantly innovating in order to provide the best possible experience for its users. You acknowledge and agree that the form and nature of Authgear Services that Authgear provides may change from time to time without prior notice to you, subject to the terms in Section 4.3. Changes to the form and nature of Authgear Services will be effective with respect to all versions of Authgear Services. Examples of changes to the form and nature of the Authgear Services include, but are not limited to, changes in fee and payment policies, security patches, added functionality, and other enhancements.

9.2 Termination by you. You may terminate these Terms at any time by canceling your account on Authgear Services. You will not receive any refunds if you cancel your account.

9.3 Termination by Authgear. Authgear may terminate these Terms or your access to all or any part of Authgear Services: (a) immediately if you materially breach the Terms and fail to cure the breach within fifteen (15) days of written notice, or fail to pay fees when due; (b) on thirty (30) days' written notice if you are using Authgear Services on a free or trial basis; or (c) at the end of your then-current paid subscription term on thirty (30) days' written notice. Authgear may also terminate or suspend your access immediately and without prior notice where (i) your use of Authgear Services violates the Acceptable Use Policy or any applicable law or regulation, or constitutes a security, abuse, fraud, or integrity risk to Authgear Services or other users; or (ii) termination or suspension is required by law, regulator, court order, or a binding sanctions or export-control determination. Subject to applicable law, Authgear will not be liable to you for termination or suspension effected in accordance with this Section 9.3.

9.4 Data export on termination. You are solely responsible for exporting your Content and Application/s from Authgear Services prior to the termination of your account for any reason, provided that we give you a reasonable opportunity to retrieve your Content and Application(s) before terminating the account.

9.5 Survival. Upon termination of your access to Authgear Services or your account, these Terms will also terminate, but Sections 2.7, 6.1, 9, 10, 11, 12, 14, 15, 16, and 18 shall continue to be effective after these Terms are terminated.

10. EXCLUSION OF WARRANTIES

10.1 Non-excludable liabilities. Nothing in these Terms, including Sections 10, 11, and 12, shall exclude or limit either party's liability for: (a) death or personal injury caused by its negligence; (b) fraud or fraudulent misrepresentation; or (c) any other liability that cannot lawfully be excluded or limited under applicable law.

10.2 Service provided as-is. YOU EXPRESSLY UNDERSTAND AND AGREE THAT YOUR USE OF Authgear Services IS AT YOUR SOLE RISK AND THAT Authgear Service is PROVIDED "AS IS" AND "AS AVAILABLE."

10.3 Disclaimer of implied warranties. Authgear, ITS SUBSIDIARIES AND AFFILIATES, AND ITS LICENSORS, MAKE NO EXPRESS WARRANTIES AND DISCLAIM ALL IMPLIED WARRANTIES REGARDING Authgear Services, INCLUDING IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT. WITHOUT LIMITING THE GENERALITY OF THE FOREGOING, Authgear, ITS SUBSIDIARIES AND AFFILIATES, AND ITS LICENSORS, DO NOT REPRESENT OR WARRANT TO YOU THAT: (A) YOUR USE OF Authgear Services WILL MEET YOUR REQUIREMENTS; (B) YOUR USE OF Authgear Services WILL BE UNINTERRUPTED, TIMELY, SECURE OR FREE FROM ERROR; AND (C) USAGE DATA PROVIDED THROUGH Authgear Services WILL BE ACCURATE.

10.4 Beta and preview features. From time to time Authgear may make features available marked as "beta," "preview," "experimental," or similar (collectively, "Beta Features"). Beta Features are provided AS-IS and AS-AVAILABLE for evaluation purposes, may be modified, suspended, or discontinued at any time without notice, are not covered by any service-level commitment or uptime warranty, and are not recommended for production use. Authgear's liability with respect to Beta Features is limited to the maximum extent permitted by applicable law.

11. LIMITATION OF LIABILITY

11.1 Exclusion of indirect damages. SUBJECT TO SECTION 10.1, YOU EXPRESSLY UNDERSTAND AND AGREE THAT Authgear, ITS SUBSIDIARIES AND AFFILIATES, AND ITS LICENSORS SHALL NOT BE LIABLE TO YOU FOR ANY INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, OR EXEMPLARY DAMAGES, HOWEVER CAUSED AND UNDER ANY THEORY OF LIABILITY. THIS SHALL INCLUDE, BUT NOT BE LIMITED TO, ANY LOSS OF PROFIT (WHETHER INCURRED DIRECTLY OR INDIRECTLY), ANY LOSS OF GOODWILL OR BUSINESS REPUTATION, ANY LOSS OF DATA SUFFERED, COST OF PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES, OR OTHER INTANGIBLE LOSS.

11.2 Aggregate liability cap. SUBJECT TO SECTION 10.1 AND SECTION 11.3, AUTHGEAR'S TOTAL AGGREGATE LIABILITY ARISING FROM OR RELATED TO THESE TERMS OR YOUR USE OF AUTHGEAR SERVICES, WHETHER IN CONTRACT, TORT (INCLUDING NEGLIGENCE), STATUTORY DUTY, OR OTHERWISE, SHALL NOT EXCEED THE FEES PAID BY YOU TO AUTHGEAR IN THE TWELVE (12) MONTHS PRECEDING THE EVENT GIVING RISE TO THE CLAIM. THE LIMITATIONS IN SECTIONS 11.1 AND 11.2 APPLY WHETHER OR NOT AUTHGEAR HAS BEEN ADVISED OF, OR SHOULD HAVE BEEN AWARE OF, THE POSSIBILITY OF SUCH LOSSES.

11.3 Carve-outs. THE CAP IN SECTION 11.2 DOES NOT APPLY TO: (A) YOUR INDEMNIFICATION OBLIGATIONS UNDER SECTION 12; (B) YOUR PAYMENT OBLIGATIONS UNDER SECTION 4; (C) EITHER PARTY'S BREACH OF CONFIDENTIALITY OBLIGATIONS; (D) EITHER PARTY'S LIABILITY FOR FRAUD, FRAUDULENT MISREPRESENTATION, WILFUL MISCONDUCT, OR GROSS NEGLIGENCE; OR (E) ANY LIABILITY WHICH BY APPLICABLE LAW CANNOT BE EXCLUDED OR LIMITED. AUTHGEAR'S LIABILITY UNDER THE IP INFRINGEMENT INDEMNITY IN SECTION 12.2 IS SUBJECT TO THE CAP IN SECTION 11.2.

12. Indemnification

12.1 Indemnification by you. You agree to hold harmless and indemnify Authgear and its subsidiaries, affiliates, officers, agents, employees, advertisers, licensors, suppliers, or partners (collectively "Authgear and Partners") from and against any third party claim arising from or in any way related to: (a) your breach of the Terms; (b) your use of Authgear Services; (c) your violation of applicable laws, rules, or regulations in connection with Authgear Services; and (d) your Content or your Application, including any liability or expense arising from all claims, losses, damages (actual and consequential), suits, judgments, litigation costs, and attorneys' fees of every kind and nature.

12.2 IP infringement indemnity by Authgear (paid plans only). If you are using Authgear Services on a paid plan, Authgear will defend you against any third-party claim alleging that your authorized use of Authgear Services, as made generally available by Authgear and used in accordance with these Terms, infringes a third party's intellectual property rights (a "Covered Claim"), and will pay amounts finally awarded by a court of competent jurisdiction against you or agreed to in a written settlement signed by Authgear, subject to the cap in Section 11.2. This obligation does not apply to claims arising from: (i) modifications to Authgear Services not made by Authgear; (ii) combinations of Authgear Services with products, services, or data not provided by Authgear, where the claim would not have arisen but for the combination; (iii) your continued allegedly infringing activity after Authgear has notified you, or after Authgear has provided a non-infringing alternative; (iv) your Content, Applications, or End User Personal Data; or (v) use of Authgear Services in violation of these Terms or applicable law. If Authgear Services become, or in Authgear's reasonable opinion are likely to become, the subject of a Covered Claim, Authgear may at its option (a) procure for you the right to continue using Authgear Services, (b) modify or replace Authgear Services so they are no longer allegedly infringing, or (c) terminate the affected portion of Authgear Services and refund any prepaid, unused fees attributable to the terminated portion. Sections 12.2(a)–(c) state Authgear's sole and entire liability, and your sole and exclusive remedy, for IP infringement claims.

12.3 Indemnification procedure. The indemnifying party's obligations under this Section 12 are conditioned on: (i) the indemnified party promptly notifying the indemnifying party in writing of the claim; (ii) the indemnifying party having sole control of the defense and settlement (provided that no settlement shall impose a non-monetary obligation on, or admission of liability by, the indemnified party without its prior written consent, not to be unreasonably withheld); and (iii) the indemnified party providing reasonable cooperation at the indemnifying party's expense. The indemnified party may participate in the defense at its own expense with counsel of its choosing.

13. Changes to the Terms

13.1 Notice of changes. Authgear may make changes to the Terms from time to time. If we change the Terms in any substantive way, we will give you at least thirty (30) days' notice before the changes take effect, except where a shorter notice period is required for legal, regulatory, or security reasons. During the notice period, you may reject the changes by terminating your account. Non-material changes (such as clarifications, formatting, or correction of typographical errors) take effect upon posting. Where applicable law (including UK or EU consumer-protection law) requires a longer notice period for any specific change, that longer period applies.

13.2 Continued use. You understand and agree that if you use Authgear Services after the date on which the Terms have changed, Authgear will treat your use as acceptance of the updated Terms.

14. General Legal Terms

14.1 Entire agreement. The Terms constitute the whole legal agreement between you and Authgear and govern your use of the Authgear Services (but excluding any services which Authgear may provide to you under a separate written agreement), and completely replace any prior agreements between you and Authgear in relation to Authgear Services.

14.2 Translations. If Authgear provides you with a translation of the English language version of these Terms, the English language version of these Terms will take precedence if there is any conflict.

14.3 Notices. You agree that Authgear may provide you with notices, including those regarding changes to the Terms, by email, regular mail, or postings on Authgear Services. By providing Authgear your email address, you consent to our use of the email address to send you any notices required by law in lieu of communication by postal mail.

14.4 No waiver. You agree that if Authgear does not exercise or enforce any legal right or remedy that is contained in the Terms (or in which Authgear has the benefit of under any applicable law), this will not be taken to be a formal waiver of Authgear's rights and that those rights or remedies will still be available to Authgear.

14.5 Force majeure. Authgear shall not be liable for failing or delaying performance of its obligations resulting from any conditions beyond its reasonable control, including but not limited to: governmental action, acts of terrorism, war, civil unrest, earthquake, fire, flood, severe weather or other acts of God; pandemics, epidemics, or government-mandated public-health measures; labor conditions or strikes; power failures and internet, DNS, or telecommunications disturbances; cyberattacks (including distributed denial-of-service attacks, ransomware, or coordinated intrusion attempts) and large-scale third-party cloud, hosting, or content-delivery-network outages; and outages, failures, or disruptions affecting upstream artificial-intelligence or third-party-API infrastructure on which Authgear Services rely.

14.6 Governing law and forum. The Terms, and your relationship with Authgear under the Terms, shall be governed by the laws of England and Wales without regard to its conflict-of-laws provisions. The parties submit to the exclusive jurisdiction of the courts of England and Wales (with venue in London) for any dispute arising out of or in connection with the Terms, subject to Section 18 (Dispute Resolution) and except that Authgear may seek injunctive or equitable relief in any court of competent jurisdiction.

14.7 Assignment. Neither party may assign any of its rights or obligations under these Terms, whether by operation of law or otherwise, without the prior written consent of the other party (not to be unreasonably withheld). Notwithstanding the foregoing, either party may assign the entirety of its rights and obligations under these Terms, without consent of the other party, to its affiliate or in connection with a merger, acquisition, corporate reorganization, or sale of all or substantially all of its assets (and not involving a direct competitor of the other party). A party's sole remedy for any purported assignment by the other party in breach of this paragraph shall be, at the non-assigning party's election, termination of your use of Authgear Services upon written notice to the assigning party.

15. Data Protection and Sub-Processors

15.1 Processor role. To the extent Authgear processes personal data of End Users on your behalf in performing Authgear Services, you are the controller and Authgear is the processor of such data within the meaning of the EU General Data Protection Regulation (Regulation (EU) 2016/679, "GDPR"), the UK GDPR, and equivalent applicable data-protection laws. Such processing is governed by the Data Processing Addendum, which is incorporated by reference and forms part of these Terms.

15.2 Sub-processors. You authorize Authgear to engage sub-processors in connection with the provision of Authgear Services. Categories of sub-processors currently used include cloud-hosting providers, transactional email delivery, payment processors, observability and logging providers, and product and web analytics providers. A current list is maintained at the Authgear Sub-Processors page. Authgear will provide notice of new sub-processors as set out in the DPA, and you may object on reasonable data-protection grounds.

16. AI and Machine-Learning Training

16.1 Training restriction. Notwithstanding the license granted in Section 8 and Authgear's other rights to use service telemetry, Authgear shall not use your Content, your Applications, or End User Personal Data to train, fine-tune, or otherwise develop any generative-AI or large-language model that is made available to other customers or third parties, except (a) with your express prior written consent; (b) as strictly necessary to provide, secure, and improve Authgear Services for you (including, for example, anti-abuse, anti-fraud, threat-detection, and product-telemetry analytics, provided that any data used for such purposes is first irreversibly anonymised or aggregated); or (c) as required by applicable law. Where Authgear introduces optional AI-powered features that process your data for training purposes, those features will be opt-in and separately documented.

17. Subscription Term, Auto-Renewal, and Cancellation

17.1 Subscription term and auto-renewal. Paid subscriptions to Authgear Services begin on the start date specified in your purchase or quote, continue for the initial subscription term, and unless cancelled in accordance with this Section 17 will automatically renew for successive renewal terms of equal length at the then-applicable pricing.

17.2 Cancellation. You may cancel auto-renewal at any time through the Authgear Developer Portal or by giving written notice to Authgear, with the cancellation taking effect at the end of the then-current subscription term.

17.3 Non-refundable fees. Except as expressly stated in these Terms or required by applicable law, fees paid for a subscription term are non-refundable, including upon cancellation that takes effect at the end of that term.

18. Dispute Resolution

18.1 Informal resolution. Before either party files a formal legal action arising out of or in connection with these Terms, the parties will first attempt in good faith to resolve the dispute through informal negotiation. The party raising the dispute will provide written notice describing the dispute and the relief sought, and a senior representative of each party will engage in good-faith discussions for at least thirty (30) days from the date of such notice.

18.2 Mediation (optional). If the parties are unable to resolve the dispute within the period in Section 18.1, either party may propose non-binding mediation administered by a mediator mutually agreed to by the parties. Mediation is not a precondition to litigation but is encouraged.

18.3 Carve-outs. Section 18.1 does not prevent either party from seeking urgent injunctive or equitable relief from a court of competent jurisdiction at any time to protect its intellectual-property rights, Confidential Information, or the security or integrity of Authgear Services, and does not toll any applicable statute of limitations.