Terms of service.
Plain English. Built to hold.
Written to be read. Ask us before you assume — we would rather talk than litigate.
- 01Agreement and parties
- 02Plans, access and billing
- 03Accounts and authorised users
- 04Your data and ownership
- 05Acceptable use, including API and automation
- 06AI: how it works and who decides
- 07Intellectual property
- 08Security and data residency
- 09Sub-processors and third-party services
- 10Confidentiality
- 11Disclaimers
- 12Limitation of liability
- 13Termination and data return
- 14Governing law
- 15Changes to these Terms
- 16Contact
Agreement and parties
These Terms govern your use of the eAviora marketing site, the eAviora platform, and our machine interfaces — the public API, the connector, and the assistant integration server (together, the "Service"). "eAviora", "we", and "our" refer to eAviora Inc., incorporated in Quebec, Canada.
By accessing the site, signing in to the platform, or receiving an API key, you accept these Terms on behalf of your organisation. If you do not agree, do not use the Service.
Plans, access and billing
eAviora is a paid subscription. Plans are seat-based and billed through our payment processor; your subscription price is stated in your order or master services agreement. Access to modules and packages is an entitlement of your plan and is enforced at every layer — the menu you see, the pages you can open, and the API you can call.
AI usage is metered in credits. Each organisation and seat can carry a budget cap; when a cap is reached, AI features pause rather than billing past your limit. Credits are a consumption unit only — real-money charges (subscription and any overage) appear on your invoice in your billing currency.
Trials and design-partner engagements may be offered on separate written terms. Where you have configured a two-person sign-off for go-live, both approvers must consent before the relevant workflow is released. Fees are non-refundable except where required by law or stated in your agreement.
Accounts and authorised users
To use the platform your organisation must have an active subscription with eAviora. Your organisation's accountable manager is responsible for provisioning and deprovisioning users, and we support single sign-on and automated provisioning so that joiners and leavers reflect your directory of record.
You are responsible for safeguarding credentials, including any passkey or multi-factor method, and for the actions taken under your accounts. Report any suspected compromise to contact@eaviora.com without delay.
Your data and ownership
The operational data you enter into the platform is yours. We claim no ownership over your records, documents, or the linked records you build between them. We do not access your tenant without written authorisation — typically to investigate a support incident you have reported.
You grant us a limited license to process your data only as necessary to operate the Service: store it, back it up, run the AI you configure, and surface the outputs inside your tenant. That license ends when you terminate the agreement.
Portability is a product feature, not a favour. You can run a self-serve export of your data — including JSON, CSV, Parquet, and PDF outputs — from within the platform at any time.
Acceptable use, including API and automation
You will not, and will not allow anyone to:
- Use the Service to violate any law or regulation.
- Reverse-engineer, decompile, or attempt to extract the source code, except to the extent permitted by applicable law.
- Access the Service to build a competing product.
- Upload data you do not have the right to process, or send us malicious code.
When you use our machine interfaces — the public API, outbound webhooks, the connector, or the assistant integration server (an MCP server, a standard way for AI assistants to call our API on your behalf) — the following also apply:
- API keys are credentials. Keep them secret, rotate them, and never embed them in client-side code or shared logs.
- Respect published rate limits and the scope bound to each key. A key may only do what its scope permits.
- Automated agents act under the role and audit identity of the issuing user. Anything an agent does is attributed to that user and logged.
- Workflow and governance state cannot be set through the API. A workflow that can't skip a step stays that way, and the human-in-the-loop approval gates are reserved — machines can read and propose, people advance the record.
Responsible disclosure. If you discover a security issue, we welcome a good-faith report to contact@eaviora.com. We will not pursue action against research that stays within your own tenant, avoids privacy violations and service degradation, and gives us a reasonable window to remediate before public disclosure. Outside that carve-out, do not load-test or probe the Service without prior written consent.
AI: how it works and who decides
AI proposes; a person decides. The platform runs an AI assistant and a fleet of analysis agents that classify records, assess risk, and surface precursors — but every write the assistant suggests pauses for one-click human approval, and every agent suggestion is logged as accepted, modified, or rejected so the decision trail is auditable.
Classification runs with deterministic settings and is locked at the time of the audit, so the same record returns the same result on a regulator review years later. Confidentiality tiers for sensitive records are enforced through the AI path as well as the interface.
AI outputs are decision-support, not regulatory decisions. Your organisation's accountable manager owns the final call on any safety-critical action, regardless of what the platform has proposed. AI consumption is billed in credits as described in your plan.
Intellectual property
All rights, title, and interest in the platform — software, design, the architecture of one connected operation, agent prompts, and the taxonomies and knowledge base we ship — remain with eAviora. Your data, your documents, and any derivative records you create inside your tenant remain yours.
If you give us feedback, we may use it to improve the Service without restriction and without attribution.
Security and data residency
Your tenant data is hosted in Canada (ca-central-1), encrypted at rest with AES-256, and isolated per operator by database-enforced tenant isolation. Every change is captured in an audit log under the acting identity.
This is a summary, not the full posture. Our complete security and trust posture — controls, residency, sub-processors, and our SOC 2 programme, which is in preparation — is published at /trust and /security-one-pager.
Sub-processors and third-party services
The platform relies on the following sub-processors. Your use of the Service is subject to these providers' terms in addition to ours. Our Privacy Policy holds the canonical, maintained register and our notice process for changes.
- Supabase — Managed Postgres, authentication, file storage. ca-central-1 (Canada)
- Vercel — Application hosting, edge functions, build pipeline. iad1 (US East), with global edge.
- Cloudflare — Authoritative DNS, DDoS mitigation, web application firewall. Global anycast.
- Anthropic — AI model API for classification, risk and analyst agents. Operator data is NOT used to train models. us-east (US).
- Inngest — Durable background job runtime for notifications, retention and webhook delivery. US-region.
- Resend — Transactional email delivery (notifications, magic-links, digests). US-region.
- Stripe — Subscription billing for paid plans. eAviora never stores card data; Stripe is the cardholder data processor. US + Ireland.
- Sentry — Error tracking and observability. Stack traces + metadata only — operator records are never sent. US-region.
Confidentiality
Each party will protect the other's confidential information with the same care it uses for its own, and at minimum a reasonable standard of care, and will use it only to perform under these Terms. This obligation survives termination.
Disclaimers
THE SERVICE IS PROVIDED ON AN "AS IS" AND "AS AVAILABLE" BASIS. TO THE MAXIMUM EXTENT PERMITTED BY LAW, eAviora DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT. eAviora DOES NOT WARRANT THAT THE SERVICE WILL BE UNINTERRUPTED OR ERROR-FREE.
The platform supports, but does not replace, your organisation's safety management system. Regulatory accountability cannot be outsourced to a vendor.
Limitation of liability
TO THE MAXIMUM EXTENT PERMITTED BY LAW, eAviora'S TOTAL LIABILITY ARISING OUT OF OR RELATING TO THESE TERMS OR THE SERVICE WILL NOT EXCEED THE FEES YOU PAID US IN THE TWELVE MONTHS PRECEDING THE EVENT GIVING RISE TO THE CLAIM. FOR FREE OR DESIGN-PARTNER USE WHERE NO FEES HAVE BEEN PAID, LIABILITY IS LIMITED TO A SMALL FIXED FLOOR STATED IN YOUR AGREEMENT. NEITHER PARTY IS LIABLE FOR INDIRECT, INCIDENTAL, CONSEQUENTIAL, SPECIAL, OR EXEMPLARY DAMAGES.
Termination and data return
Either party may terminate the agreement for material breach if the breach is not cured within 30 days of written notice. Upon termination you may run a self-serve export of your tenant data within 30 days; after that we delete it from our systems, subject to any legal obligation to retain.
Governing law
These Terms are governed by the laws of the Province of Quebec and the applicable laws of Canada, without regard to conflict-of-law principles. The exclusive venue for any dispute is the courts located in Montreal, Quebec.
Changes to these Terms
We may update these Terms. Material changes will be emailed to platform administrators and posted here with a new last-updated date and version. If you object to a material change, you may terminate under 13.
Contact
Questions about these Terms, requests for a master services agreement, or anything else contractual — write to contact@eaviora.com. We answer.