Legal

Terms of Service

These terms provide a practical overview of UmamiMind service terms for pilots and enterprise evaluation. Binding terms for enterprise customers are typically governed by a Master Subscription Agreement (MSA), Order Form, and supporting schedules (including the DPA).

Trust Center Compliance Privacy Request Trust Pack

Key concepts

Customer: the organization that provisions the tenant and administers access.
Authorized Users: individuals granted access by the Customer (e.g. via SSO/RBAC).
Customer Content: data or content that Customer submits to the service.
Trust Materials: NDA-only documentation, evidence, and exports provided for diligence.

Service use

Customer is responsible for account governance, user onboarding/offboarding, and access scopes.
Customer must ensure use complies with applicable laws, including export controls and sector rules.
Prohibited use includes abuse, unauthorized access attempts, reverse engineering beyond permitted limits, and using the service to develop malware or conduct harmful activity.
High-risk production workloads should use enterprise-grade controls and contractual protections.

Security and compliance

UmamiMind implements security controls aligned with enterprise expectations (access controls, audit logging, encryption, monitoring, and incident response). Details and evidence are shared through the Trust Center and Trust Pack workflow under NDA where applicable.

Trust Center Security Overview DPA

Customer content and data rights

Customer retains rights to Customer Content.
Customer controls configuration, retention settings, and access policies within the tenant.
Where UmamiMind acts as a processor, processing is performed per Customer instructions and the applicable DPA.

Availability and pilot-stage disclaimers

Unless otherwise agreed in an Order Form or SLA schedule, the service may be provided in pilot/preview form. Pilot features may change, be deprecated, or have limited support coverage. For enterprise production use, formal SLAs, support tiers, and change-management expectations should be documented contractually.

Fees and procurement

Fees (if any) are defined in an Order Form or subscription plan. Customers are responsible for taxes, payment of invoices, and ensuring procurement requirements are met. Usage-based billing, if enabled, should be reviewed by finance and security stakeholders.

Confidentiality

Non-public technical and security documentation, Trust Materials, and any Customer data are treated as confidential. Disclosure and sharing requirements are governed by applicable agreements and NDA terms.

Acceptable use and safety

No use for unlawful, harmful, or infringing activities.
No attempts to bypass access controls, rate limits, or security protections.
No submission of data you do not have rights to process (especially regulated data) unless agreed.
Security researchers should use coordinated disclosure processes.

Vulnerability Disclosure System Status

Limitation of liability

Limitation of liability provisions vary based on contract structure and jurisdiction. For enterprise engagements, liability, indemnities, and warranties are typically negotiated in the MSA and related schedules.

Termination

Either party may terminate per contract terms. Upon termination, access may be removed and data handling follows the agreed retention/deletion process. Customers should export required audit artifacts prior to tenant closure.

Contact

Questions about terms should be directed to procurement or legal channels. For diligence workflows, include the Trust Pack tracking ID in communications.