Terms of Service

1. Acceptance of Terms

By accessing or using NotAI's services ("Services"), you agree to be bound by these Terms of Service ("Terms"). If you do not agree to these Terms, you may not use our Services.

These Terms apply to all users of the Services, including website operators who integrate our products and end users who interact with those integrations.

2. Description of Services

NotAI provides human verification and AI detection services:

• Text Input Monitor (SDK): Analyzes typing behavior to verify human authorship
• Behavior Tracker Pixel: Detects automated or AI-driven browsing patterns
• Dashboard: Analytics and management interface for customers

2.2 Service Availability

NotAI targets high availability for all production Services. Formal uptime commitments vary by plan: Pro plans include a 99.5% uptime SLA, and Enterprise customers receive a 99.9% SLA with defined remedies for downtime. Service availability details, including scheduled maintenance windows and incident response procedures, are documented in the applicable SLA.

3. Account Registration

3.1 Eligibility

You must be at least 18 years old and capable of entering into a binding contract to use our Services.

3.2 Account Security

You are responsible for:

• Maintaining the confidentiality of your account credentials
• All activities that occur under your account
• Notifying us immediately of any unauthorized use

3.3 Region Selection

During registration, you must select a data region (US or EU). This selection is permanent and cannot be changed. All your data will be stored and processed exclusively in your selected region.

4. Acceptable Use

You agree NOT to use our Services to:

• Violate any applicable laws or regulations
• Infringe on the intellectual property rights of others
• Collect data from end users without proper consent
• Transmit malicious code or interfere with our systems
• Attempt to reverse engineer our detection algorithms
• Resell or redistribute our Services without authorization
• Use our Services to discriminate against individuals or groups
• Circumvent usage limits or rate limiting

NotAI's behavioral analysis is designed to detect automated patterns and does not target or penalize users of assistive technologies. If you believe a user has been incorrectly flagged due to assistive technology use, please contact [email protected] so we can investigate and adjust.

5. Customer Responsibilities

As a customer integrating NotAI, you are responsible for:

• Obtaining proper consent from your end users for data collection
• Displaying appropriate privacy notices disclosing behavioral data collection
• Ensuring your use complies with applicable privacy laws (GDPR, CCPA, etc.)
• Providing opt-out mechanisms for end users who request them
• Responding to data subject access requests from your users

6. Data Processing

NotAI processes personal data on behalf of its customers (data controllers) in the role of data processor, as defined under GDPR Article 28.

All customers are governed by our standard Data Processing Agreement (DPA), which is incorporated into these Terms by reference. The DPA is available at trust.isnotai.com and details:

• Subject matter and duration of processing
• Nature and purpose of processing
• Types of personal data and categories of data subjects
• Obligations and rights of the controller
• NotAI's obligation to process personal data only on documented instructions from the controller (GDPR Art. 28(3)(a))
• Confidentiality obligations for authorized personnel (GDPR Art. 28(3)(b))
• Technical and organizational security measures (GDPR Art. 28(3)(c) and Art. 32)
• Sub-processor management, prior authorization, and notification (GDPR Art. 28(2) and (4))
• Assistance with data subject rights requests (GDPR Art. 28(3)(e))
• Controller's right to conduct audits and inspections (GDPR Art. 28(3)(h))
• Data deletion or return upon termination of processing (GDPR Art. 28(3)(g))
• NotAI's obligation to inform the controller if, in its opinion, an instruction infringes GDPR or other applicable data protection law (GDPR Art. 28(3)(h))

6.2 Breach Notification

In the event of a personal data breach affecting customer data, NotAI will notify the affected customer without undue delay and no later than 72 hours after becoming aware of the breach, in accordance with GDPR Article 33. The notification will include the nature of the breach, the categories and approximate number of data subjects affected, the likely consequences, and the measures taken or proposed to address the breach. NotAI will assist customers in meeting their own supervisory authority and data subject notification obligations.

6.3 Personnel Security

All NotAI personnel who may access customer data are subject to FBI fingerprint-based background checks and security clearance card verification prior to being granted access, and are bound by written confidentiality obligations that survive the termination of their employment or engagement.

To request a copy of the DPA or related trust documentation, contact [email protected] or visit trust.isnotai.com.

7. Subscription Plans & Billing

7.1 Plans

• Starter: Core features, 1 user, email support
• Pro: Full features, 3 team members included, priority email support
• Enterprise: Unlimited users, priority support, custom integrations

7.2 Payment Terms

• Subscriptions are billed monthly or annually in advance and automatically renew at the end of each billing period unless cancelled before the renewal date
• All fees are non-refundable after any applicable statutory cooling-off or withdrawal period, except as required by applicable law
• We may change pricing with 30 days notice; if you do not agree to a pricing change, you may cancel your subscription before the new pricing takes effect at no additional cost
• Past-due accounts may have Services suspended

7.3 EU Right of Withdrawal

If you are a consumer in the EU/EEA, you have the right to withdraw from your subscription within 14 days of purchase without giving any reason, in accordance with EU Directive 2011/83/EU. To exercise this right, contact us at [email protected]. Refunds will be processed within 14 days using the same payment method.

7.4 Upgrades & Downgrades

Plan changes take effect at the next billing cycle. Downgrading may result in loss of features and team member access.

8. Intellectual Property

8.1 Our Rights

NotAI retains all rights to our Services, including algorithms, software, documentation, and trademarks (U.S. Patent Application No. 18/412,917, patent pending). These Terms do not grant you any rights except the limited license to use our Services.

8.2 Your Rights

You retain ownership of your data. By using our Services, you grant us a limited license to process your data to provide the Services and, using only aggregated and de-identified data that is not attributable to you, any individual, or your institution, to improve the accuracy of our detection algorithms as described in our Privacy Policy.

8.3 Feedback

If you provide feedback, suggestions, or ideas about our Services, you grant NotAI a non-exclusive, royalty-free, worldwide, perpetual license to use, modify, and incorporate such feedback into our Services. This license does not affect your ownership of the feedback itself, and does not grant NotAI ownership of any underlying intellectual property you may hold.

9. EU AI Act Compliance (Regulation (EU) 2024/1689)

NotAI's authorship-verification service is classified as a high-risk AI system under the EU AI Act, Annex III, Category 3 (education and vocational training). This section sets out the respective obligations of NotAI as the provider and you as the deployer.

9.1 NotAI Obligations (Provider)

As the provider of a high-risk AI system, NotAI commits to:

• Maintaining a quality management system and risk management process for the AI system (Art. 9, 17)
• Providing deployers with clear instructions for use, including the system's intended purpose, accuracy levels, known limitations, and human oversight requirements (Art. 13)
• Maintaining event logs for traceability and auditability (Art. 12)
• Cooperating with market surveillance authorities and national competent authorities upon request (Art. 21)
• Disclosing accuracy and limitations information in our Privacy Policy

9.2 Customer Obligations (Deployer)

As a deployer of a high-risk AI system under Article 26, you are responsible for:

• Using the system in accordance with the instructions of use provided by NotAI
• Ensuring that human oversight is exercised by natural persons who have the necessary competence, training, and authority (Art. 26(2))
• Monitoring the operation of the AI system and reporting any serious incidents to NotAI and, where required, to the relevant authorities (Art. 26(5))
• Conducting a data protection impact assessment (DPIA) where required under GDPR Article 35, prior to deploying the system (Art. 26(9))
• Informing affected individuals that they are subject to a high-risk AI system, including the information specified in Article 26(11)

10. Limitation of Liability

10.1 Warranty Disclaimer

EXCEPT FOR THE SERVICE AVAILABILITY COMMITMENTS IN SECTION 2.2 AND ANY APPLICABLE SLA, OUR SERVICES ARE PROVIDED "AS IS" WITHOUT WARRANTIES OF ANY KIND, WHETHER EXPRESS OR IMPLIED, INCLUDING IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT.

10.2 Limitation

TO THE MAXIMUM EXTENT PERMITTED BY LAW:

• We do not guarantee 100% accuracy of human/AI detection
• We are not liable for decisions made based on our Services
• Our total liability for all claims arising under or related to these Terms is limited to the fees paid by you to NotAI in the 12 months preceding the event giving rise to the claim
• Neither party is liable to the other for indirect, incidental, special, or consequential damages, including loss of revenue, data, or profits

10.3 Carve-Outs

The limitations in Section 10.2 do not apply to:

• Either party's indemnification obligations under Section 11
• Either party's breach of confidentiality obligations or data protection obligations
• NotAI's breach notification obligations under Section 6.2
• Liability arising from a party's gross negligence, willful misconduct, or fraud
• Liability that cannot be excluded or limited under applicable law

11. Indemnification

11.1 By You

You agree to indemnify and hold harmless NotAI from claims, damages, or expenses arising from:

• Your violation of these Terms
• Your violation of applicable law
• Claims by your end users related to your data collection practices

11.2 By NotAI

NotAI agrees to indemnify and hold harmless you from claims that our Services infringe a third party's intellectual property rights, provided you promptly notify us in writing and allow us reasonable control of the defense. This obligation does not apply if the alleged infringement results from your modification of the Services, combination with non-NotAI products, or use in violation of these Terms.

12. Termination

12.1 By You

You may cancel your account at any time through the dashboard or by contacting support. Cancellation takes effect at the end of your billing period.

12.2 By Us

We may suspend or terminate your account if you:

• Violate these Terms
• Fail to pay fees when due
• Engage in fraudulent or illegal activity
• Create liability risk for NotAI

12.3 Effect of Termination

Upon termination, your access to the Services will cease. Behavioral data subject to plan-specific retention periods (see our Privacy Policy, Section 6) will continue to be automatically deleted according to those schedules. All remaining customer data, including account information, aggregated statistics, and any institution-provided identity data, will be deleted within 30 days of termination, except for billing records retained as required by law (typically 7 years). Upon written request, NotAI will provide confirmation of deletion.

13. Dispute Resolution

13.1 Governing Law

These Terms are governed by the laws of the State of Delaware, USA, without regard to conflict of law principles. Nothing in these Terms limits any mandatory consumer protections under the laws of your country of residence.

13.2 Informal Resolution

Before initiating formal proceedings, both parties agree to attempt to resolve disputes through good-faith negotiation for at least 30 days after written notice of the dispute.

13.3 Arbitration (Non-EU Users)

For users outside the EU/EEA/UK, any disputes not resolved informally shall be resolved through binding arbitration under the rules of the American Arbitration Association. You waive the right to participate in class action lawsuits.

13.4 EU/EEA/UK Users

If you are a consumer in the EU, EEA, or UK, you may bring proceedings in the courts of your country of residence. Nothing in these Terms requires you to arbitrate or waive your right to bring claims before your local courts or a competent supervisory authority. You may also use the European Commission's Online Dispute Resolution platform at https://ec.europa.eu/consumers/odr.

13.5 Exceptions

Either party may seek injunctive relief in court for intellectual property violations or to prevent imminent harm.

14. Force Majeure

Neither party shall be liable for any failure or delay in performance due to causes beyond its reasonable control, including but not limited to acts of God, natural disasters, pandemics, war, terrorism, government actions, power or internet outages, or third-party service provider failures. The affected party must notify the other party promptly and use reasonable efforts to mitigate the impact. If a force majeure event continues for more than 30 consecutive days, either party may terminate the affected Services upon written notice. In such event, NotAI will refund a prorated portion of any prepaid fees for the unused period following termination.

15. Changes to Terms

We may modify these Terms at any time. We will provide at least 30 days' advance notice of material changes via email to the address associated with your account. Changes that are required by law or that do not materially affect your rights may take effect immediately. Continued use of the Services after the notice period constitutes acceptance of the modified Terms.

16. Miscellaneous

• Entire Agreement: These Terms, together with the Privacy Policy and any applicable DPA or SLA, constitute the complete agreement between you and NotAI
• Severability: If any provision is unenforceable, the remainder remains in effect
• Waiver: Failure to enforce a provision does not waive future enforcement
• Assignment: You may not assign these Terms; we may assign them in connection with a merger or acquisition. In the event of assignment, the assignee will be bound by these Terms and our Privacy Policy with respect to your data

17. Contact Us

For questions about these Terms, please contact us:

• Email: [email protected]
• Mail: IsNotAI LLC, 7340 E Main St, Suite 203, Scottsdale, AZ 85251
• EU Representative (GDPR Art. 27): Proctorio GmbH, Lindleystraße 8A, 60314 Frankfurt am Main, Germany. Email: [email protected]
• Support: Contact Support