Legal

Terms of Service

Last updated: February 5, 2026

1. Introduction & Acceptance

The Service is provided by:

Service Provider Details

These Terms of Service ("Terms") constitute a binding legal agreement between the Service Provider ("Provider," "we," or "us"), with its registered seat in Poland, and the entity or individual ("Client" or "you") accessing or using the RAG (Retrieval-Augmented Generation) infrastructure services (the "Service").

1.2. Business-Only Products: Any Service plan, tier, or product whose name includes "Enterprise," "Pilot," or "Design Partner" (collectively, "Business Products") is intended solely for business and professional use. By subscribing to a Business Product, you represent and warrant that you are acting in the course of your trade, business, craft, or profession, and not as a consumer within the meaning of EU Directive 2011/83/EU or any applicable national consumer protection law.

1.3. Consumer Products: For any Service plan not designated as a Business Product, the applicable consumer protection laws of your jurisdiction shall apply, including the 14-day right of withdrawal under the EU Consumer Rights Directive where applicable. Consumer-specific terms are set out in Section 6.4.

By subscribing to, accessing, or using the Service, the Client agrees to be bound by these Terms. If you do not agree to these Terms, do not use the Service.

2. Pilot Program & Service Nature

2.1. Pilot Status: The Client acknowledges that the Service is currently provided as part of a "Pilot" or "Design Partner" program. The Service is under active development and may be subject to changes, updates, or temporary unavailability.

2.2. No SLA: To maintain cost-efficiency during the Pilot phase, the Service is provided on a "best-effort" basis. The Provider does not offer a Service Level Agreement (SLA) regarding uptime, response times, or availability.

2.3. AI Nature: The Service utilizes probabilistic Artificial Intelligence and Large Language Models (LLMs). The Client acknowledges that AI models may generate incorrect, offensive, or "hallucinated" information. The Provider makes no warranties regarding the accuracy, completeness, or reliability of the output generated by the Service.

3. Client Obligations & Data Processing

3.1. Data Controller/Processor: The Client acts as the "Data Controller" and the Provider acts as the "Data Processor." The Provider processes data, URLs, and documents solely on the instructions of the Client.

3.2. Authority to Scrape: If the Client submits URLs, websites, or documents for crawling/parsing ("Input Data"), the Client represents and warrants that they have the legal right to access, scrape, and process such Input Data. The Provider claims no ownership over Input Data and stores it solely to facilitate the Client's use of the Service.

3.3. Prohibited Use: The Client shall not use the Service to:

  • Bypass paywalls or access controls of third-party websites.
  • Infringe upon the intellectual property rights of any third party.
  • Process illegal content under EU or Polish law.

3.4. Remedies for Prohibited Use: If the Provider reasonably determines that the Client has engaged in any prohibited use, the Provider may, at its sole discretion and without liability: (a) immediately suspend the Client's access to the Service; (b) terminate this Agreement without notice and without refund of any prepaid fees; and (c) report the activity to the relevant authorities where required by law.

4. Account Security & Access

4.1. Credential Responsibility: The Client is solely responsible for maintaining the confidentiality and security of all account credentials, API keys, access tokens, and any other authentication mechanisms associated with their account. The Client shall not share credentials with unauthorized third parties.

4.2. Unauthorized Access: The Client must notify the Provider immediately at contact@grymoir.com upon becoming aware of any unauthorized access to or use of their account. The Provider shall not be liable for any loss, damage, or liability arising from unauthorized access that results from the Client's failure to safeguard their credentials.

4.3. Account Activity: The Client is responsible for all activity that occurs under their account, whether or not authorized by the Client. The Provider may treat all instructions received through the Client's authenticated credentials as validly authorized by the Client.

4.4. Provider's Right to Suspend: The Provider may, without prior notice, suspend or restrict access to any account if it reasonably suspects a security compromise, credential leak, or unauthorized use. The Provider shall not be liable for any damages resulting from such suspension.

5. Service Restrictions

5.1. Prohibited Activities: The Client shall not, and shall not permit any third party to:

  • Reverse engineer, decompile, disassemble, or otherwise attempt to derive the source code, algorithms, or underlying architecture of the Service.
  • Modify, adapt, translate, or create derivative works based on the Service.
  • Sublicense, resell, rent, lease, transfer, or distribute the Service or access thereto to any third party without the Provider's prior written consent.
  • Use the Service to build a competing product or service, or to benchmark the Service for publication or competitive purposes without the Provider's prior written consent.
  • Remove, alter, or obscure any proprietary notices, labels, or marks on the Service.
  • Circumvent, disable, or interfere with any security, rate-limiting, or access control features of the Service.
  • Use automated means (including bots, scrapers, or crawlers) to access or interact with the Service in a manner not expressly authorized by the Provider.

5.2. Remedies: Any violation of Section 5.1 shall be considered a material breach of these Terms, entitling the Provider to immediately terminate the Agreement and pursue all available legal remedies, including injunctive relief and damages.

6. Fees & Payment

6.1. Pre-Payment: Services are billed on a subscription basis, payable in advance.

6.2. No Refunds: Payments are non-refundable. There are no refunds or credits for partially used periods or for service downtime.

6.3. Taxes: The Client is responsible for all applicable taxes. For EU B2B transactions, the Reverse Charge mechanism applies (VAT 0%).

6.4. Consumer Right of Withdrawal: If you are a consumer subscribing to a non-Business Product (as defined in Section 1.2), you have the right to withdraw from your subscription within 14 days of purchase without giving any reason, in accordance with EU Directive 2011/83/EU. To exercise this right, contact us at contact@grymoir.com. If you have explicitly requested that the Service begin during the withdrawal period and subsequently withdraw, you may be charged proportionally for the service received.

7. Usage Limits & Fair Use

7.1. Fair Use Policy: The Service is intended for typical business usage. The Provider reserves the right to throttle, limit, or temporarily suspend access if the Client's usage (including API requests, token consumption, or vector database operations) places an excessive burden on the infrastructure or indicates automated "bot" abuse.

7.2. Model Updates: The Provider reserves the right to update or change the underlying AI models (e.g., LLM providers) used to provide the Service at any time to maintain performance and cost-efficiency.

8. Service Modification, Suspension & Discontinuation

8.1. Right to Modify: The Provider reserves the right to modify, update, or replace any aspect of the Service at any time, including features, functionality, APIs, user interfaces, and underlying infrastructure. Where such modifications materially reduce the core functionality of the Service, the Provider will use reasonable efforts to provide at least fifteen (15) days' advance notice.

8.2. Temporary Suspension: The Provider may temporarily suspend the Service, in whole or in part, for maintenance, security patches, infrastructure upgrades, or any other operational reason. The Provider shall use reasonable efforts to minimize the duration of any suspension but shall not be liable for any downtime or service interruption.

8.3. Discontinuation: The Provider may permanently discontinue the Service, or any feature or component thereof, at any time and for any reason, including but not limited to: (a) commercial unviability; (b) cessation of business operations; (c) regulatory or legal requirements; (d) loss of critical third-party dependencies (such as AI model providers or cloud infrastructure); or (e) any other business reason at the Provider's sole discretion.

8.4. Notice of Discontinuation: In the event of a planned permanent discontinuation, the Provider will use reasonable efforts to provide at least thirty (30) days' advance notice via email or notice within the Service. However, in cases of immediate legal, regulatory, or security necessity, or where continued operation is technically or financially impossible, the Provider may discontinue the Service with shorter or no advance notice.

8.5. Data Export on Discontinuation: Upon notice of discontinuation, the Client will have a reasonable period (not less than fifteen (15) days from the date of notice, where practicable) to export their Input Data and Vector Indices. After this period, the Provider may delete all Client data without further obligation.

8.6. No Liability for Discontinuation: To the maximum extent permitted by applicable law, the Provider shall not be liable for any damages, losses, or costs arising from the modification, suspension, or discontinuation of the Service, including but not limited to loss of data, business interruption, migration costs, or loss of anticipated profits. The Client acknowledges that the Service is provided on a "best-effort" basis during the Pilot phase and that discontinuation is an inherent risk.

8.7. Refunds on Discontinuation: In the event of a Provider-initiated permanent discontinuation (not caused by Client breach), the Provider will issue a pro-rata refund for any prepaid fees corresponding to the unused portion of the current billing cycle, calculated from the effective date of discontinuation. No other compensation, damages, or credits shall be owed.

8.8. Survival: The Provider's obligations regarding data deletion (Section 11.3), limitation of liability (Section 14), and dispute resolution (Section 20) shall survive any discontinuation of the Service.

9. Third-Party Software & Open Source

9.1. Use of Third-Party Components: The Client acknowledges that the Service incorporates third-party open source software libraries, frameworks, and components ("Third-Party Components"). A list of Third-Party Components and their respective licenses is available at /legal/third-party-notices.

9.2. "As Is" Basis: Third-Party Components are provided by their respective authors and contributors on an "as is" basis. The Provider makes no warranties, express or implied, regarding the security, reliability, quality, or fitness for purpose of any Third-Party Component.

9.3. Supply Chain & Dependency Risks: The Client acknowledges that:

  • The Provider selects Third-Party Components using commercially reasonable judgment, favoring widely-adopted, actively-maintained, and reputable projects.
  • Despite these efforts, the Provider cannot guarantee that Third-Party Components are free from vulnerabilities, malicious code, backdoors, or other security defects, including those introduced through supply chain attacks, compromised package registries, or upstream dependency tampering.
  • The Provider is not responsible for monitoring, auditing, or verifying the security of every transitive dependency included in the Service.
  • The discovery of a vulnerability in a Third-Party Component does not constitute a breach of these Terms by the Provider.

9.4. Remediation: Upon becoming aware of a material security vulnerability in a Third-Party Component, the Provider will use commercially reasonable efforts to remediate the issue (e.g., by updating, patching, or replacing the affected component) within a timeframe appropriate to the severity of the vulnerability. The Provider makes no guarantees regarding remediation timelines.

9.5. Exclusion of Liability: To the maximum extent permitted by applicable law, the Provider shall not be liable for any damages, losses, data breaches, security incidents, or claims arising from or related to vulnerabilities, defects, or malicious code in Third-Party Components, including supply chain attacks, zero-day exploits, or compromised upstream dependencies.

9.6. Third-Party Licenses: The Client's use of the Service is also subject to the license terms of the applicable Third-Party Components, as set out in the third-party notices page. In the event of a conflict between these Terms and a Third-Party Component license, these Terms shall prevail with respect to the Provider's obligations and liability.

10. Intellectual Property

10.1. Provider IP: The Provider retains all rights, title, and interest in and to the Service, including the underlying software, source code, infrastructure configurations, and API designs.

10.2. Feedback: If the Client provides feedback, feature requests, or suggestions, the Provider may use such feedback to improve the Service without any obligation or compensation to the Client. The Provider owns all improvements made to the Service.

11. Confidentiality

11.1. Definition: "Confidential Information" means any non-public information disclosed by one party ("Discloser") to the other ("Recipient") in connection with the Service, including but not limited to: business plans, technical data, product roadmaps, pricing, customer lists, source code, API specifications, security configurations, and any information designated as confidential or that a reasonable person would understand to be confidential given the nature of the information and circumstances of disclosure.

11.2. Obligations: The Recipient shall: (a) use Confidential Information solely for purposes of exercising its rights or performing its obligations under these Terms; (b) not disclose Confidential Information to any third party without the Discloser's prior written consent, except to employees, contractors, or advisors who have a need to know and are bound by confidentiality obligations no less protective than this Section; and (c) protect Confidential Information with at least the same degree of care it uses for its own confidential information, but no less than reasonable care.

11.3. Exceptions: Confidentiality obligations do not apply to information that: (a) is or becomes publicly available through no fault of the Recipient; (b) was known to the Recipient prior to disclosure, as demonstrated by written records; (c) is independently developed by the Recipient without use of or reference to the Discloser's Confidential Information; (d) is rightfully received from a third party without restriction on disclosure; or (e) is required to be disclosed by law, regulation, or court order, provided the Recipient gives the Discloser prompt written notice (where legally permitted) and cooperates to limit the scope of disclosure.

11.4. Injunctive Relief: The parties acknowledge that a breach of this Section may cause irreparable harm for which monetary damages would be an inadequate remedy. Accordingly, the Discloser shall be entitled to seek injunctive or other equitable relief without the necessity of proving actual damages or posting a bond.

11.5. Survival: The obligations under this Section shall survive the termination or expiration of these Terms for a period of three (3) years.

12. Warranty Disclaimers

12.1. "AS IS": THE SERVICE IS PROVIDED ON AN "AS IS" AND "AS AVAILABLE" BASIS. TO THE FULLEST EXTENT PERMITTED BY LAW, THE PROVIDER DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.

12.2. Exclusion of Statutory Warranty: Pursuant to Art. 558 § 1 of the Polish Civil Code (Kodeks Cywilny), the parties explicitly exclude the Provider's liability under the statutory warranty for defects (rękojmia).

12.3. Third-Party Components: Without limiting the generality of Section 12.1, the Provider specifically disclaims all warranties with respect to Third-Party Components incorporated in the Service, including any warranty that such components are free from defects, vulnerabilities, or malicious code.

12.4. No Guarantee of Continuity: The Provider does not warrant that the Service will be uninterrupted, error-free, or available at all times. The Client acknowledges that the Service may be modified, suspended, or discontinued in accordance with Section 8.

13. Limitation of Liability

13.1. Cap on Liability: To the maximum extent permitted by applicable law, the Provider's total cumulative liability arising out of or related to this Agreement shall not exceed the total amounts actually paid by the Client to the Provider during the three (3) month period immediately preceding the event giving rise to the claim.

13.2. No Consequential Damages: In no event shall the Provider be liable for any indirect, incidental, special, or consequential damages, including but not limited to loss of profits, data loss, business interruption, or third-party claims.

13.3. Third-Party & Supply Chain Exclusion: Without limiting Sections 13.1 and 13.2, the Provider shall have no liability whatsoever for damages arising from: (a) vulnerabilities, defects, or malicious code in Third-Party Components; (b) supply chain attacks affecting upstream dependencies; (c) actions or omissions of third-party service providers (including AI model providers, cloud infrastructure providers, and payment processors); or (d) the discontinuation or degradation of any third-party service on which the Service depends.

14. Indemnification

The Client agrees to indemnify, defend, and hold harmless the Provider from and against any claims, liabilities, damages, losses, and expenses (including legal fees) arising out of or in any way connected with: (a) The Client's access to or use of the Service; (b) The Client's violation of these Terms; (c) The Client's Input Data (including copyright infringement claims regarding scraped content); (d) The Client's failure to secure account credentials, resulting in unauthorized access or misuse.

15. Term & Termination

15.1. Termination for Convenience: Either party may terminate the subscription at any time. The Service will continue until the end of the current paid billing cycle.

15.2. Termination or Suspension for Cause: The Provider may immediately suspend or terminate the Client's access to the Service, without refund, if: (a) the Client breaches any material provision of these Terms; (b) the Client fails to pay any fees when due; (c) the Client's use poses a security risk to the Service or other users; or (d) the Provider is required to do so by law. Where practicable, the Provider will provide written notice prior to suspension or termination.

15.3. Effect of Termination: Upon termination, the Provider will delete the Client's Input Data and Vector Indices from its servers within thirty (30) days, unless a longer retention period is required by applicable law. The Client may request an export of their data prior to the effective termination date.

15.4. Insolvency: In the event the Provider becomes insolvent, enters bankruptcy or administration proceedings, or ceases to carry on business, these Terms shall terminate automatically. The Provider (or its appointed administrator, trustee, or liquidator) will use commercially reasonable efforts to provide the Client with access to their data for export within the limits imposed by applicable insolvency law. The Provider shall have no liability beyond the obligations imposed by applicable law in such circumstances.

16. Content Takedown

16.1. Takedown Requests: If any third party believes that content processed through the Service infringes their intellectual property rights, they may submit a written takedown notice to the Provider at contact@grymoir.com. The notice must include: (a) identification of the copyrighted work claimed to be infringed; (b) identification of the allegedly infringing content; (c) the complainant's contact information; and (d) a statement of good faith belief that the use is unauthorized. The Provider will promptly remove or disable access to the allegedly infringing content upon receipt of a valid notice.

16.2. Counter-Notice: If the Client believes their content was removed in error, they may submit a counter-notice to the Provider containing: (a) identification of the removed content; (b) a statement under penalty of perjury that the removal was a mistake or misidentification; and (c) consent to the jurisdiction of the courts in the Provider's registered seat. The Provider will restore the content within 10 business days unless the original complainant initiates legal proceedings.

16.3. Client Responsibility: The Client is solely responsible for ensuring that Input Data does not infringe any third-party rights. The Provider acts only as a passive processor of Client-directed content and claims no liability for infringement arising from Client-submitted Input Data.

17. Data Privacy, Subprocessors & Cross-Border Transfers

17.1. GDPR: The Provider processes personal data in accordance with the General Data Protection Regulation (EU 2016/679). A Data Processing Agreement (DPA) is available upon request and shall form part of these Terms when executed.

17.2. Subprocessors: The Client acknowledges and agrees that the Provider engages third-party subprocessors to deliver the Service, including but not limited to: cloud infrastructure providers, AI/LLM model providers, database hosting services, payment processors, and analytics providers. A current list of subprocessors is available upon request at contact@grymoir.com. The Provider shall: (a) ensure that all subprocessors are bound by data protection obligations no less protective than those in these Terms; (b) notify the Client via email of any material changes to its subprocessors at least fifteen (15) days in advance; and (c) remain responsible for the acts and omissions of its subprocessors to the extent required by applicable law. If the Client objects to a new subprocessor, the Client's sole remedy is to terminate the Agreement in accordance with Section 15.1.

17.3. US Privacy Laws: To the extent the California Consumer Privacy Act (CCPA/CPRA) or other US state privacy laws apply, the Provider acts as a "Service Provider" (as defined under CCPA) and processes personal information only on behalf of and under the instructions of the Client. The Provider does not sell or share personal information.

17.4. Cross-Border Transfers: The Client acknowledges that data may be processed in the European Union and other jurisdictions where the Provider's infrastructure operates. For transfers from the EU to the US, the Provider relies on applicable legal mechanisms including the EU-US Data Privacy Framework or Standard Contractual Clauses as appropriate.

18. Export Compliance & Sanctions

The Client represents and warrants that: (a) they are not located in, or a resident of, any country subject to comprehensive US, EU, or UN sanctions; (b) they are not listed on any applicable restricted party list (including OFAC SDN List, EU Consolidated List); and (c) they will not use the Service in violation of any applicable export control or sanctions laws.

19. Force Majeure

Neither party shall be liable for any failure or delay in performing its obligations under these Terms where such failure or delay results from circumstances beyond the reasonable control of that party, including but not limited to natural disasters, war, terrorism, pandemics, government actions, power failures, internet or telecommunications failures, or third-party service provider outages. The affected party shall notify the other party in writing within seven (7) days of becoming aware of the force majeure event and shall use reasonable efforts to mitigate its effects. If the force majeure event continues for more than sixty (60) days, either party may terminate this Agreement upon written notice.

20. Dispute Resolution & Arbitration

20.1. Informal Resolution: Before initiating any formal dispute resolution, the parties agree to attempt to resolve any dispute informally by contacting the other party in writing and negotiating in good faith for a period of thirty (30) days.

20.2. Binding Arbitration: If informal resolution fails, any dispute, controversy, or claim arising out of or relating to these Terms shall be settled by binding arbitration administered by the Court of Arbitration at the Polish Chamber of Commerce (Sąd Arbitrażowy przy Krajowej Izbie Gospodarczej) in accordance with its rules. The arbitration shall be conducted in English and the seat of arbitration shall be Warsaw, Poland. The arbitrator's decision shall be final and binding, and judgment on the award may be entered in any court of competent jurisdiction. This arbitration clause applies only to Business Products (as defined in Section 1.2). Consumers retain the right to bring proceedings before the competent courts of their habitual residence.

20.3. Waiver of Class Actions: The Client agrees that any dispute resolution proceedings will be conducted only on an individual basis and not in a class, consolidated, or representative action.

20.4. Small Claims Exception: Notwithstanding the above, either party may bring an individual action in small claims court for disputes within the court's jurisdictional limits.

21. Governing Law

21.1. This Agreement shall be governed by and construed in accordance with the laws of the Republic of Poland, without regard to its conflict of law provisions. To the extent arbitration does not apply, any disputes shall be submitted to the exclusive jurisdiction of the courts competent for the Provider's registered seat.

21.2. Mandatory Local Law: Nothing in these Terms shall limit or exclude the application of mandatory consumer protection or data protection laws of the Client's jurisdiction that cannot be waived by contract, including but not limited to applicable US state consumer protection statutes and the GDPR.

22. Miscellaneous

22.1. Entire Agreement: These Terms, together with any DPA and Order Form, constitute the entire agreement between the parties and supersede all prior agreements, understandings, and representations.

22.2. Severability: If any provision of these Terms is held to be unenforceable, the remaining provisions shall continue in full force and effect.

22.3. Assignment: The Client may not assign or transfer these Terms without the Provider's prior written consent. The Provider may assign these Terms in connection with a merger, acquisition, or sale of all or substantially all of its assets.

22.4. No Waiver: The failure of either party to enforce any right or provision of these Terms shall not constitute a waiver of such right or provision.

22.5. Modifications: The Provider reserves the right to modify these Terms at any time. Material changes will be communicated via email or notice within the Service at least thirty (30) days before taking effect. Continued use of the Service after the effective date of changes constitutes acceptance of the modified Terms. If the Client does not agree to the modified Terms, the Client must cease using the Service before the effective date.