Terms of Service

By accessing or using Kodex-Compliance (“Kodex”, “the Service”, “we”, “us”), you agree to be bound by these Terms of Service (“Terms”). If you do not agree to all of these Terms, do not use the Service. These Terms constitute a legally binding agreement between you and Kodex-Compliance.

If you are accepting these Terms on behalf of an organisation, you represent and warrant that you have authority to bind that organisation to these Terms.

Kodex is an AI-powered compliance assistance platform that helps organisations navigate EU regulatory frameworks including GDPR, the EU AI Act, NIS2, DORA, ISO 27001, SOC 2, and the Cyber Resilience Act (CRA).

• ✓Automated scanning of evidence and documentation against regulatory control frameworks
• ✓AI-generated compliance assessments, gap analyses, and compliance scores
• ✓Remediation roadmaps and prioritised action plans
• ✓Policy generation templates and evidence vault management
• ✓Exportable compliance reports suitable for internal review

To access the Service you must register for an account. You agree to provide accurate, current, and complete information during registration and to keep that information up to date.

• ✓You are responsible for maintaining the confidentiality of your login credentials and for all activity that occurs under your account.
• ✓Each account is associated with one organisation. Creating multiple accounts to circumvent plan limits is prohibited.
• ✓You must be at least 18 years of age or the age of majority in your jurisdiction to create an account.
• ✓You must notify us immediately at contact@kodex-compliance.eu if you suspect any unauthorised use of your account.

You agree to use the Service only for lawful purposes and in accordance with these Terms. You must not:

• ✕Upload, transmit, or store malicious code, viruses, or any content that is unlawful, harmful, defamatory, or infringes third-party rights.
• ✕Attempt to reverse-engineer, decompile, or extract the underlying AI models, prompts, or algorithmic logic used by the Service.
• ✕Abuse or circumvent API rate limits, or attempt to overwhelm platform infrastructure through automated requests.
• ✕Use the Service to develop a competing product or service without prior written consent.
• ✕Impersonate any person or entity, or misrepresent your affiliation with any organisation.

Our platform is ours. The Service, including its software, algorithms, design, branding, and all associated intellectual property, is and remains the exclusive property of Kodex-Compliance and its licensors. Nothing in these Terms grants you any ownership interest in the Service.

Your data is yours.You retain full ownership of all documents, evidence files, and data you upload to the Service (“Customer Content”). By using the Service, you grant Kodex-Compliance a limited, non-exclusive, worldwide licence to process, store, and analyse your Customer Content solely to provide the Service to you. We will not sell or share your Customer Content with third parties except as required to operate the Service or as required by law.

Kodex uses third-party AI services, including Anthropic Claude, to analyse the evidence you upload and generate compliance assessments, scores, and remediation suggestions. By using the Service, you acknowledge and agree that:

• ✓Your Customer Content may be transmitted to and processed by third-party AI providers subject to their data processing terms. We select providers with appropriate data protection commitments.
• ✓AI assessments are probabilistic and carry inherent uncertainty. Each assessment includes a confidence indicator; lower-confidence results require closer human review.
• ✓AI systems may produce errors, omissions, or outdated analysis. You are responsible for validating all AI output before acting on it.
• ✓You may request human review of any AI determination by contacting our support team. We will use reasonable efforts to accommodate such requests within commercially reasonable timeframes.

Paid plans are billed in EUR via Stripe, our third-party payment processor, on a monthly or annual basis depending on your chosen billing cycle.

• ✓Monthly plans renew automatically each month. You may cancel at any time; cancellation takes effect at the end of the current billing period.
• ✓Annual plans are billed upfront. If you cancel an annual plan mid-term, we will issue a pro-rata refund for unused complete months remaining.
• ✓EU VAT will be applied where required by applicable law. You are responsible for any additional taxes applicable in your jurisdiction.
• ✓Plan limits (evidence items, AI requests, team members, frameworks) are enforced per the plan you subscribe to. Exceeding limits may result in temporary suspension of the relevant feature until the next billing cycle or a plan upgrade.
• ✓We reserve the right to change pricing with 30 days’ advance notice. Price changes take effect at your next renewal.

Your documents, evidence files, scan results, compliance scores, and generated reports belong to you. Kodex-Compliance asserts no ownership over your Customer Content.

• ✓Export: You may export your data (evidence, scan reports, policy documents) in standard formats at any time from within the Service.
• ✓Deletion: You may permanently delete your account at any time from Settings > Danger Zone. Deletion is immediate and irreversible — it removes your organisation, projects, documents, evidence, scan results, frameworks, integration connections, policies, and all other Customer Content from active systems. Backup systems are purged within 90 days. Billing records are retained for 7 years as required by EU accounting law.
• ✓We process your personal data in accordance with our Privacy Policy, which forms part of these Terms.

We aim to keep Kodex available and performant, but we do not guarantee uninterrupted access.

• ✓Free tier: Provided on a best-effort basis with no uptime service-level agreement (SLA).
• ✓Paid plans: We target high availability for paid tiers. Any SLA commitments are specified in your plan documentation or a separate agreement.
• ✓We perform scheduled maintenance and may temporarily suspend access with advance notice where possible. Emergency maintenance may occur without notice.
• ✓We are not liable for outages caused by third-party infrastructure providers, internet connectivity issues, or events outside our reasonable control.

To the maximum extent permitted by applicable law, Kodex-Compliance and its directors, employees, and licensors shall not be liable for any indirect, incidental, special, consequential, or punitive damages, including but not limited to loss of profits, data, goodwill, or regulatory fines, arising out of or in connection with your use of the Service.

We are not responsible for compliance outcomes. Kodex provides tools to assist with compliance management. The ultimate responsibility for regulatory compliance rests with you and your organisation. We expressly disclaim any liability for regulatory penalties, enforcement actions, audit failures, or legal proceedings arising from your reliance on Kodex assessments, scores, or recommendations.

Where limitation of liability is not permitted by law, our total aggregate liability to you for any claim shall not exceed the amount you paid to us in the three months preceding the event giving rise to the claim.

You agree to indemnify, defend, and hold harmless Kodex-Compliance and its officers, directors, employees, and agents from and against any claims, damages, losses, liabilities, costs, and expenses (including reasonable legal fees) arising out of or related to:

• ✓Your use of the Service in violation of these Terms;
• ✓Any Customer Content you upload, including any claim that such content infringes third-party rights or violates applicable law;
• ✓Your violation of any applicable law or regulation; or
• ✓Any misrepresentation made by you in connection with the Service.

Either party may terminate the agreement at any time.

• ✓You may terminate by cancelling your subscription and deleting your account via the Settings page.
• ✓We may terminate or suspend your access immediately and without notice if we reasonably believe you have materially breached these Terms, if required by law, or if your account has been inactive for more than 12 months on a Free plan.
• ✓Upon termination, your right to access the Service ceases immediately. We will retain your Customer Content for 30 days to allow you to export it, after which it will be permanently deleted in accordance with our data retention schedule.
• ✓Provisions that by their nature should survive termination — including Sections 6, 11, 12, and 14 — shall survive.

These Terms shall be governed by and construed in accordance with the laws of the European Union and the laws of Germany, without regard to conflict-of-law provisions. Any disputes arising under these Terms shall be subject to the exclusive jurisdiction of the courts of Germany.

If you are a consumer located in the EU, you may also have the right to use the EU Online Dispute Resolution platform at ec.europa.eu/consumers/odr.

Pursuant to § 36 of the German Consumer Dispute Resolution Act (VSBG), we hereby inform you that we are neither obligated nor willing to participate in dispute resolution proceedings before a consumer arbitration board.

We may update these Terms from time to time. For material changes, we will provide at least 30 days’ advance notice via email to your registered address and via an in-app notification before the changes take effect.

Your continued use of the Service after the effective date of any changes constitutes your acceptance of the revised Terms. If you do not agree to the revised Terms, you must stop using the Service and may terminate your account before the changes take effect to receive a pro-rata refund for any prepaid annual subscription.

If you have any questions, concerns, or requests relating to these Terms, please contact us: