Terms of Service

Last Updated: January 11, 2026
Effective Date: January 11, 2026

1. Definitions and Interpretation

1.1 Definitions

In these Terms of Service (“Terms”), the following terms shall have the meanings set out below:
  • “Service” or “Platform” means the cloud-based data governance platform, including all features, functionality, documentation, and support services provided by Company.
  • “Company” means Aylesbury Technologies UAB, a limited liability company incorporated under the laws of the Republic of Lithuania, with registered office in Kaunas, Lithuania.
  • “Customer” means the entity that has agreed to these Terms and is using the Service.
  • “Customer Data” means any personal data, business data, metadata, lineage information, or any other data submitted, processed, stored, or accessed by Customer through the Service.
  • “Confidential Information” means non-public information disclosed by one party to the other that is clearly marked as confidential or that would reasonably be understood as confidential given its nature and the circumstances of disclosure.
  • “Documentation” means the technical documentation, user guides, and API specifications provided by Company for the Service.
  • “Authorized Users” means Customer’s employees, contractors, and agents who are authorized to use the Service under this Agreement.
  • “Incident” means any security breach, unauthorized access, corruption, loss, or unavailability affecting Customer Data or the availability of the Service.
  • “Processing” has the meaning given to it under the GDPR and includes collection, use, modification, analysis, combination, deletion, and any other operation performed on data.
  • “Processor” and “Controller” have the meanings given to them under the GDPR.

2. Agreement and Access

2.1 Agreement to Terms

By accessing or using the Service, Customer agrees to be bound by these Terms. If Customer does not agree to these Terms, Customer may not use the Service.

2.2 Eligibility

Customer represents and warrants that:
  • Customer has the legal authority to enter into this Agreement.
  • Customer is at least 18 years old or meets the minimum age of majority in their jurisdiction.
  • Customer will use the Service in compliance with all applicable laws and regulations.
  • Customer has obtained all necessary consents from individuals whose data is processed through the Service.

2.3 Account Responsibility

Customer is responsible for:
  • Maintaining the confidentiality of login credentials and access keys.
  • Ensuring that all use of the Service by Authorized Users complies with these Terms.
  • Notifying Company immediately of any unauthorized access or breach of security.
  • Ensuring that Customer Data does not violate any third-party rights.
Customer shall ensure Authorized Users are bound by equivalent confidentiality and usage obligations.

3. Description of Service

3.1 Service Overview

The Service provides data governance capabilities including, but not limited to:
  • Data lineage and metadata management.
  • Data classification and tagging.
  • Access control and permission management.
  • Data quality monitoring and validation.
  • Compliance reporting and audit trails.
  • Integration with customer data infrastructure.

3.2 Scope of Service

The Service is provided on an “as-is” basis. Company makes no warranty regarding the Service’s ability to meet Customer’s specific requirements or needs beyond those expressly stated in the applicable Service Level Agreement (SLA).

3.3 Service Modifications

Company may modify, enhance, or discontinue features of the Service upon 30 days’ written notice. Such modifications shall not materially diminish the core functionality described in the Service documentation unless required by law or security considerations, in which case shorter notice may be provided.

3.4 Beta Features

Company may offer certain features as beta, trial, or experimental. Such features may be unstable, incomplete, or subject to change without notice. Beta features are provided “as-is” without warranty and are not subject to SLA obligations.

4. Fees and Payment

4.1 Fees

Customer agrees to pay the fees specified in the applicable Order Form or purchase agreement (“Fees”). Fees are exclusive of applicable taxes unless otherwise stated.

4.2 Payment Terms

Unless otherwise specified in an Order Form:
  • Fees are due within 30 days of invoice.
  • Invoices are issued monthly or as per the subscription term selected.
  • All payments shall be made without set-off, deduction, or counterclaim.

4.3 Taxes

Customer is responsible for any sales tax, value-added tax (VAT), goods and services tax (GST), or similar taxes applicable to the Fees. Company will add applicable taxes where required by law.

4.4 Late Payment

If payment is not received by the due date, Company may:
  • Charge interest on overdue amounts at 1.5% per month or the maximum legal rate, whichever is lower.
  • Suspend access to the Service until payment is made.
  • Terminate this Agreement if payment remains overdue for 15 days.

4.5 Fee Increases

Company may increase Fees upon 60 days’ written notice. Such increases shall apply to renewal periods or new subscriptions. Customer may terminate the Agreement within 30 days of notice to avoid the increase.

5. Use Rights and Restrictions

5.1 Limited License

Company grants Customer a limited, non-exclusive, non-transferable license to use the Service solely for Customer’s internal business purposes, in accordance with these Terms.

5.2 Authorized Use

Customer may:
  • Access and use the Service through authorized accounts.
  • Integrate the Service with Customer’s own systems via documented APIs.
  • Use the Service to process and manage Customer Data in accordance with applicable law.

5.3 Prohibited Use

Customer shall not, and shall ensure Authorized Users do not:

5.3.1 Reverse Engineering and Circumvention

  • Reverse engineer, decompile, disassemble, or attempt to derive the source code of the Service.
  • Circumvent or disable any security features, license keys, or access controls.
  • Bypass usage limitations or access restrictions.
  • Probe, scan, or penetrate the Service security without prior written authorization.

5.3.2 Competitive and Derivative Use

  • Use the Service to develop, market, or provide a competing data governance product or service.
  • Extract or analyze the Service’s infrastructure, algorithms, or methodologies for competitive purposes.
  • Create derivative works based on the Service architecture.
  • Use the Service as a basis for offering similar services to third parties.

5.3.3 Illegal and Harmful Activities

  • Use the Service for any unlawful purpose or in violation of any applicable laws.
  • Process personal data without lawful basis or without proper consent.
  • Transmit malware, viruses, or other harmful code.
  • Engage in unauthorized access, hacking, or intrusion attempts.
  • Use the Service to harass, threaten, defame, or abuse any individual or entity.
  • Attempt to gain unauthorized access to the Service or other users’ data.

5.3.4 System Abuse

  • Interfere with or disrupt the integrity or performance of the Service or third-party systems.
  • Generate excessive traffic, queries, or processing that degrades Service performance.
  • Engage in denial-of-service (DoS) or distributed denial-of-service (DDoS) attacks.
  • Scrape or automatically extract data from the Service except as permitted by the API.
  • Attempt to cover tracks or hide malicious activities.

5.3.5 Volume and Resource Restrictions

  • Exceed the usage limits specified in the applicable Order Form or pricing tier.
  • Use the Service for any high-volume or production workload beyond the scope authorized.
  • Share credentials or accounts across multiple organizations or entities.

5.4 Violations

Violations of Section 5.3 may result in:
  • Immediate suspension of access to the Service.
  • Termination of the Agreement without notice.
  • Legal action to recover damages.
  • Cooperation with law enforcement if illegal activity is involved.
  • Customer liability for any costs incurred by Company due to such violations.

6. Customer Data and Responsibilities

6.1 Customer Data Ownership

Customer retains all ownership rights in Customer Data. Company does not claim ownership of Customer Data provided that Customer has the right to process and share such data.

6.2 Customer Representations

Customer represents and warrants that:
  • Customer has obtained all necessary consents and authorizations to process Customer Data.
  • Customer Data does not infringe or violate any third-party intellectual property rights.
  • Processing of Customer Data through the Service complies with all applicable data protection laws.
  • Customer Data is accurate and not unlawfully obtained.
  • Customer has the legal right to process and transmit Customer Data to Company.

6.3 Customer Responsibilities

Customer is solely responsible for:
  • The accuracy, quality, and legality of Customer Data.
  • Obtaining and maintaining necessary consents from data subjects.
  • Ensuring that Customer Data processing complies with GDPR, CCPA, PIPEDA, and other applicable regulations.
  • Classifying and managing the sensitivity level of Customer Data.
  • Implementing appropriate access controls and restrictions.
  • Regular backup and recovery of Customer Data outside the Service.
  • Notifying Company of any data incidents affecting Customer Data.

6.4 Permitted Use of Customer Data

Company may use Customer Data solely to:
  • Provide and maintain the Service.
  • Improve Service performance, reliability, and features.
  • Conduct aggregate analytics and benchmarking (with personally identifiable information removed).
  • Enforce these Terms and protect legal rights.
  • Comply with applicable laws and legal obligations.
Company will not:
  • Share Customer Data with third parties without explicit written consent, except as required by law or to Service subcontractors under data processing agreements.
  • Use Customer Data for marketing or commercial purposes.
  • Combine Customer Data with data from other customers.
  • Retain Customer Data longer than necessary to provide the Service.

7. Data Protection and Privacy

7.1 GDPR Compliance

To the extent that Customer Data includes personal data of EU residents, the parties shall enter into a Data Processing Agreement (DPA) addendum that complies with GDPR requirements. The DPA shall specify:
  • The subject matter and duration of Processing.
  • The nature and purpose of Processing.
  • The types of personal data and categories of data subjects.
  • Data subject rights and Company’s obligations as a Processor.

7.2 CCPA and CPRA Compliance

For Customer Data subject to the California Consumer Privacy Act (CCPA) or California Privacy Rights Act (CPRA), Company shall:
  • Comply with Service Provider obligations under CCPA and CPRA.
  • Not use or disclose customer personal information except for the stated purposes.
  • Conduct data minimization in accordance with CPRA requirements.
  • Provide reasonable assistance for Consumer Right requests (access, deletion, correction, opt-out).
  • Not combine personal information with other sources except as permitted.

7.3 Other Data Protection Regulations

Company shall comply with applicable data protection laws including PIPEDA (Canada), LGPD (Brazil), UK GDPR, and other regional privacy regulations. Customer is responsible for informing Company of applicable regulations.

7.4 Data Breach Notification

If Company becomes aware of a confirmed Incident involving Customer Data, Company shall:
  • Notify Customer without undue delay, typically within 24 hours.
  • Provide details of the Incident, affected data, and remediation steps.
  • Cooperate fully with Customer’s incident response and regulatory notifications.
  • Preserve forensic evidence for investigation.
Customer remains responsible for notifying affected individuals as required by law.

7.5 Audit and Compliance

Company shall:
  • Maintain security certifications (SOC 2 Type II, ISO 27001) and provide evidence upon request.
  • Conduct annual security assessments and penetration testing.
  • Provide audit reports and compliance documentation reasonably requested by Customer.
  • Grant reasonable access for audits subject to confidentiality and security protocols.

8. Intellectual Property Rights

8.1 Company IP

Company and its licensors retain all rights, title, and interest in:
  • The Service, including software, architecture, algorithms, and documentation.
  • Any pre-existing materials, tools, and technologies.
  • Improvements, modifications, or enhancements made by Company.
  • Feedback and suggestions provided by Customer.

8.2 Customer IP

Customer retains all rights to Customer Data and any customizations created using the Service’s configuration features (not including the underlying Service architecture).

8.3 Feedback

Customer grants Company a non-exclusive, royalty-free, worldwide license to use any feedback, suggestions, or feature requests provided regarding the Service.

8.4 License from Third Parties

The Service may include open-source software and third-party components. Company will provide a list of such components upon request. Use is governed by applicable open-source licenses (e.g., Apache, MIT, GPL).

9. Confidentiality

9.1 Confidential Information

Each party agrees to maintain the confidentiality of the other party’s Confidential Information and use it solely for purposes of performing obligations under this Agreement.

9.2 Permitted Disclosures

Confidential Information may be disclosed:
  • To employees and contractors who have a legitimate need to know.
  • As required by law, court order, or regulatory authority (with reasonable notice to the disclosing party when permitted).
  • To professional advisors (attorneys, accountants, auditors) under confidentiality obligations.
  • As necessary to enforce these Terms or protect legal rights.

9.3 Data Processing Information

Notwithstanding Section 9.1, Company may:
  • Publicly disclose that Customer is using the Service (unless Customer opts out).
  • Use case studies or testimonials featuring Customer’s industry or use case (with anonymization).
  • Reference Customer in sales or marketing materials with prior written consent.

9.4 Confidentiality Period

Confidentiality obligations shall survive termination for a period of three (3) years, except for Customer Data which shall be maintained in confidence indefinitely or as required by law.

10. Security and Infrastructure

10.1 Security Measures

Company implements reasonable security measures to protect Customer Data, including:
  • Encryption in transit (TLS 1.3+) and at rest (AES-256).
  • Role-based access control and identity management.
  • Network segmentation and firewalls.
  • Regular security patches and updates.
  • Intrusion detection and anomaly monitoring.
  • Background checks for personnel with data access.
  • Disaster recovery and business continuity plans.

10.2 Incident Response

In the event of a confirmed Incident, Company shall:
  • Investigate the cause and impact.
  • Take immediate remediation steps.
  • Document findings and provide incident reports.
  • Cooperate with law enforcement if criminal activity is involved.

10.3 Vulnerability Disclosure

Security researchers may report vulnerabilities to security@aylesbury.io with reasonable details. Company commits to:
  • Responding within 48 hours.
  • Investigating and patching confirmed vulnerabilities.
  • Not pursuing legal action for responsible disclosure.

11. Availability and Support

11.1 Service Availability

Company shall use commercially reasonable efforts to maintain Service availability. Availability targets are specified in the applicable SLA, typically:
  • 99.0% uptime for standard tier.
  • 99.5% uptime for enterprise tier.
  • Excluding planned maintenance and events outside Company’s control.

11.2 Planned Maintenance

Company may conduct scheduled maintenance with 14 days’ advance notice. Maintenance windows are typically scheduled during off-peak hours.

11.3 Customer Support

Company provides support as specified in the applicable support plan:
  • Base: Email support during business hours (Monday–Friday, 9 AM – 5 PM CET), plus knowledge base and community access.
  • Advanced: Phone and chat support during business hours with faster reaction time and proactive monitoring.
  • Enterprise: Dedicated Technical Account Manager with rapid reaction time, proactive monitoring, and shared metrics.
Support portal and documentation are available at https://starless.io/support.

11.4 Support Escalation

Critical incidents affecting data integrity or security will be escalated to senior engineers with 30-minute initial response target for enterprise customers.

12. Warranties and Disclaimer

12.1 Limited Warranty

Company warrants that:
  • The Service will substantially conform to the Documentation.
  • The Service will be provided in a professional and workmanlike manner.
  • Company has the right to provide the Service and it does not infringe third-party IP rights.

12.2 Warranty Period

Warranties apply for a period of 30 days from Service activation. Customer must report any non-conformity within this period to receive remedy.

12.3 Warranty Remedy

If the Service fails to meet the limited warranty, Company’s sole obligation shall be to:
  • Attempt to repair or re-provide the non-conforming component.
  • If unable to cure, provide a pro-rata refund of Fees for the affected period.

12.4 Disclaimer

EXCEPT AS EXPRESSLY STATED IN SECTION 12.1, COMPANY DISCLAIMS ALL OTHER WARRANTIES, EXPRESS OR IMPLIED, INCLUDING:
  • MERCHANTABILITY: No warranty that the Service is fit for any particular purpose.
  • FITNESS FOR A PARTICULAR PURPOSE: Service is provided as-is for internal governance use.
  • NON-INFRINGEMENT: Company does not warrant that Customer’s use will not infringe third-party rights.
  • ACCURACY: No warranty regarding accuracy of Customer Data processing results.
  • UNINTERRUPTED SERVICE: Service may be unavailable due to factors beyond Company’s control.
  • DATA LOSS PREVENTION: No warranty against loss or corruption of Customer Data.

12.5 Customer Due Diligence

Customer acknowledges that Customer has:
  • Conducted independent evaluation of the Service.
  • Not relied solely on Company representations or oral statements.
  • Access to all relevant documentation and technical information.
  • Opportunity to conduct security assessments and testing.

13. Limitation of Liability

13.1 Limitation on Indirect Damages

EXCEPT AS PROVIDED IN SECTION 13.2, IN NO EVENT SHALL EITHER PARTY BE LIABLE FOR:
  • Indirect damages including lost profits, lost revenue, lost opportunity, or economic loss.
  • Consequential damages including business interruption or loss of use.
  • Incidental damages including system failures or network disruptions.
  • Punitive damages, even if advised of the possibility of such damages.
  • Damages arising from data loss, corruption, or unavailability of Customer Data.
  • Third-party claims arising from Customer’s use of the Service.
This limitation applies regardless of the legal theory (contract, tort, strict liability, etc.).

13.2 Exceptions to Liability Limitation

The limitation in Section 13.1 does not apply to:
  • Indemnification obligations (Section 15).
  • Confidentiality breaches (Section 9).
  • Data protection violations (Section 7).
  • Gross negligence or willful misconduct by either party.
  • Fraud or deliberate misrepresentation.
  • Infringement of intellectual property rights.
  • Violations of law causing direct harm.
  • Liability that cannot be excluded under applicable law (e.g., death or personal injury).

13.3 Aggregate Liability Cap

EXCEPT FOR EXCEPTIONS IN SECTION 13.2, EACH PARTY’S TOTAL CUMULATIVE LIABILITY ARISING FROM THIS AGREEMENT SHALL NOT EXCEED:
  • 100% of Fees paid in the 12 months preceding the claim for Company’s liability.
  • The greater of €10,000 or 100% of Fees paid in the 12 months preceding the claim for Customer’s liability.
If a claim arises in the first contract year before 12 months of Fees have been paid, liability shall be capped at 100% of estimated annual Fees.

13.4 Multiple Claims

The liability cap in Section 13.3 applies to all claims in aggregate, not per claim. Multiple claims cannot exceed the aggregate cap.

14. Term and Termination

14.1 Agreement Term

This Agreement is effective on the date of acceptance and continues for the initial subscription term specified in the Order Form (“Initial Term”). Unless earlier terminated, it renews automatically for successive one-year periods at the then-current renewal Fees, subject to Section 4.5.

14.2 Termination by Customer

Customer may terminate this Agreement:
  • For convenience with 30 days’ written notice (no refund of Fees unless Customer is terminating due to material breach).
  • For material breach if Company fails to cure within 30 days of written notice.
  • At the end of the Initial Term by providing 30 days’ notice before renewal.

14.3 Termination by Company

Company may terminate this Agreement:
  • For material breach if Customer fails to cure within 30 days of written notice.
  • For non-payment if Fees remain unpaid for 15 days after notice.
  • For violation of use restrictions (Section 5.3), effective immediately.
  • For convenience with 60 days’ written notice.
  • If Customer becomes insolvent or enters bankruptcy proceedings.

14.4 Effect of Termination

Upon termination or expiration:
  • Customer’s license to use the Service ceases immediately.
  • Customer must discontinue all use and certify compliance.
  • Company shall delete Customer Data within 30 days unless legally required to retain it.

14.5 Survival

The following provisions survive termination:
  • Section 8 (Intellectual Property Rights).
  • Section 9 (Confidentiality).
  • Section 12 (Warranties and Disclaimer).
  • Section 13 (Limitation of Liability).
  • Section 15 (Indemnification).
  • Section 17 (Governing Law and Dispute Resolution).
  • Any other provisions stated to survive by their terms.

14.6 Data Retention and Deletion

Upon termination, Customer may export Customer Data for 30 days. Company shall delete or anonymize Customer Data within 60 days unless:
  • Required by law to retain (Company shall notify Customer).
  • Archived for compliance or audit purposes.
  • Stored in backup systems (deleted within 90 days).

15. Indemnification

15.1 Company Indemnity

Company shall defend, indemnify, and hold harmless Customer from any third-party claims that:
  • The Service infringes or misappropriates a third-party patent, copyright, trademark, or trade secret.
  • Use of the Service in accordance with the Documentation infringes third-party IP rights.
Company’s obligation is conditioned on Customer:
  • Promptly notifying Company of the claim.
  • Granting Company sole control of defense and settlement.
  • Providing reasonable cooperation at Company’s expense.

15.2 Company’s Remedies

If the Service becomes infringing, Company may:
  • Obtain rights for continued use.
  • Replace or modify the Service to make it non-infringing.
  • Terminate the Agreement and provide pro-rata refund.

15.3 Company Indemnity Exclusions

Company has no obligation for infringement claims arising from:
  • Customer’s modifications to the Service.
  • Use of the Service contrary to Documentation.
  • Customer Data or third-party components.
  • Compliance with Customer’s specifications.
  • Combination with non-Company products or services.

15.4 Customer Indemnity

Customer shall defend, indemnify, and hold harmless Company from any third-party claims that:
  • Customer Data infringes or misappropriates third-party IP rights.
  • Customer’s use of the Service violates applicable laws.
  • Customer’s processing of personal data violates data protection regulations.
  • Company’s use of Customer Data as permitted by this Agreement infringes IP rights.
Customer’s obligations apply under the same conditions as Section 15.1.

16. Representations and Warranties Regarding Processing

16.1 Legal Basis

Customer represents that for all personal data in Customer Data:
  • A lawful basis for Processing exists (consent, contract, legal obligation, vital interests, public task, or legitimate interests).
  • Data subjects have been notified as required by applicable law.
  • Customer has documented the lawful basis and can provide evidence upon request.

16.2 Data Subject Rights

Company shall assist Customer in fulfilling data subject rights requests, including:
  • Right of access (copies of personal data).
  • Right to rectification (correction of inaccurate data).
  • Right to erasure (deletion of data).
  • Right to restrict processing (freezing of data operations).
  • Right to data portability (export in standard format).
  • Right to object (cessation of processing for certain purposes).
Company shall respond to documented requests within 10 business days.

16.3 Legitimate Interests Assessment

Where processing is based on Company’s legitimate interests, Customer shall have received or been able to review the Legitimate Interests Assessment (LIA) documenting Company’s basis.

17. Governing Law and Dispute Resolution

17.1 Governing Law

This Agreement shall be governed by and construed in accordance with the laws of the Republic of Lithuania, without regard to its conflict of law rules. The parties waive any objection to venue or inconvenient forum in Lithuania.

17.2 Dispute Resolution Process

Informal Resolution: Before initiating formal proceedings, the parties commit to:
  • Good faith negotiation between senior representatives within 15 days of notice.
  • Mediation if negotiation fails to resolve the dispute within 30 days.
Litigation: If disputes cannot be resolved, either party may pursue litigation in the courts of Kaunas, Lithuania.

17.3 Escalation

If disputes involve data protection or security:
  • Customer shall escalate to Company’s Chief Security Officer or General Counsel.
  • Company shall escalate to Customer’s data protection officer or legal department.
  • Resolution shall be attempted within 30 days.

17.4 Injunctive Relief

Notwithstanding Section 17.2, either party may seek immediate injunctive or equitable relief for:
  • Violations of intellectual property rights.
  • Breaches of confidentiality obligations.
  • Threats to data security or privacy.
  • Other irreparable harms.

17.5 Arbitration Option

For Enterprise Customers: The parties may elect binding arbitration administered by the International Court of Arbitration instead of litigation. Arbitration shall be:
  • Conducted by a single arbitrator (or panel of three for claims exceeding €500,000).
  • Held in Kaunas, Lithuania.
  • Governed by the Rules of Arbitration of the International Court of Arbitration.
  • Subject to confidentiality (results not published).

18. General Provisions

18.1 Entire Agreement

These Terms, including any attachments and referenced documents (Order Form, DPA, SLA, Documentation), constitute the entire agreement between the parties. Any prior negotiations, understandings, or agreements are superseded.

18.2 Amendments

Company may amend these Terms by providing 30 days’ written notice. Continued use of the Service constitutes acceptance of amendments. Material changes require affirmative acceptance. Customer may terminate if unwilling to accept amendments.

18.3 Severability

If any provision is found unenforceable, that provision shall be modified to the minimum extent necessary to make it enforceable, or severed. The remaining provisions remain in full effect.

18.4 Waiver

Failure to enforce any provision does not constitute a waiver of that provision or any other provision. A waiver is only effective if in writing and signed by both parties.

18.5 Notices

Legal notices shall be delivered:
  • By personal delivery.
  • By certified or registered mail, return receipt requested.
  • By reputable overnight courier service (FedEx, DHL).
  • By email with read receipt (for non-legal notices).
Notices to Company: legal@aylesbury.io
Company Address: Aylesbury Technologies UAB, Kaunas, Lithuania
Notices to Customer: to the email address associated with the account or address on file.

18.6 Assignment

Customer may not assign this Agreement without Company’s prior written consent. Company may assign this Agreement to:
  • An affiliate or subsidiary.
  • A successor in merger, acquisition, or sale of assets.
  • A financing partner in a debt restructuring.
Assignments without consent are void. Assignments with consent do not relieve the assigning party of obligations.

18.7 Independent Contractors

The parties are independent contractors. Nothing in this Agreement creates a partnership, joint venture, agency, or employment relationship.

18.8 Force Majeure

Neither party is liable for failure to perform due to events beyond reasonable control (“Force Majeure”):
  • Natural disasters (earthquakes, hurricanes, floods).
  • Acts of war, terrorism, or civil unrest.
  • Pandemics or epidemics.
  • Government actions or sanctions.
  • Utility failures or infrastructure damage.
  • Cyber attacks by state-sponsored actors.
The affected party must notify the other promptly. Force Majeure excuses performance but not payment obligations. If Force Majeure continues for 90 days, either party may terminate.

18.9 Counterparts

This Agreement may be executed in counterparts (including electronic signatures and PDF). All counterparts together constitute one agreement.

18.10 Third-Party Beneficiaries

Except as expressly stated, this Agreement does not create rights for any third party. The parties may not assign rights to third parties.

18.11 Subcontractors

Company may engage subcontractors to perform Service obligations. Company remains liable for subcontractor performance. Customer may request a list of subcontractors; Company shall not unreasonably withhold subcontractor information for significant processors.

18.12 Prevailing Party

If either party prevails in litigation or arbitration, the prevailing party shall not recover attorney’s fees or costs unless expressly stated in applicable law.

19. Data Governance Specific Terms

19.1 Data Lineage and Metadata

Customer acknowledges that:
  • The Service analyzes data flows and relationships within Customer’s infrastructure.
  • Lineage information may include references to external systems and data sources.
  • Company may aggregate anonymized lineage patterns for Service improvement.

19.2 Classification and Tagging

  • Customer is solely responsible for data classification decisions.
  • Company provides classification tools but makes no representation regarding adequacy for Customer’s compliance requirements.
  • Classification decisions must comply with Customer’s data governance policies and applicable regulations.

19.3 Integration with Data Infrastructure

  • Customer grants Company access to metadata and system information necessary to provide lineage and governance services.
  • Company shall not directly process source data except as necessary for monitoring Service health.
  • Customer is responsible for network security, authentication, and authorization for Company’s access.
  • Customer shall maintain audit logs of Company’s access and integration activities.

19.4 Compliance Monitoring and Reporting

  • Company provides monitoring tools but makes no warranty that monitoring is sufficient for Customer’s compliance obligations.
  • Compliance findings require Customer verification.
  • Customer remains solely responsible for regulatory compliance.
  • Audit reports are for Customer’s internal use only unless required by law.

19.5 Data Quality and Validation

Results from data quality checks are provided for informational purposes. 

Company:
  • Makes no warranty regarding accuracy of quality assessments.
  • Recommends Customer verify findings with their own data quality processes.
  • Does not perform remediation without explicit Customer authorization.

20. Contact Information and Support

20.1 Support Channels

20.2 Response Time Expectations

  • Tier 1 (Critical): 1 hour initial response, 24/7.
  • Tier 2 (High): 4 hours initial response, business hours.
  • Tier 3 (Medium): 1 business day, business hours.
  • Tier 4 (Low): 2 business days, best effort.

20.3 Escalation Path

For unresolved issues, Customer may escalate to:
  1. Support Manager (second response, 24 hours).
  2. Engineering Lead (third response, 2 business days).
  3. Director of Operations (final escalation, executive review).

21. Frequently Asked Questions and Clarifications

21.1 Trial Accounts

  • Trial accounts are provided for 30-day evaluation periods.
  • Data entered during trial will be permanently deleted after 30 days unless upgraded to paid plan.
  • Company makes no warranty regarding trial Service stability.
  • Trial accounts are non-renewable.

21.2 Data Migration

  • Company may provide migration assistance as part of onboarding.
  • Customer is responsible for verifying accuracy of migrated data.
  • Company makes no warranty regarding migration completeness or data integrity during migration.

21.3 Export and Portability

  • Customer may export Customer Data in standard formats (CSV, JSON, Parquet) at any time.
  • Export functionality is available through the Platform UI and API.
  • Large exports may require advance notice for performance reasons.

21.4 Custom Development

  • Company may offer custom development services for an additional fee.
  • Custom work shall be governed by a separate Statement of Work.
  • Custom code ownership shall be specified in the SOW.

21.5 Service Limitations

Customer accepts that the Service has inherent limitations:
  • Accuracy of lineage discovery depends on data source accessibility.
  • Performance with extremely large data volumes may require optimization.
  • Some legacy systems may require custom connectors.
  • Compliance coverage is for the features implemented in the Service.

Appendix A: Definitions Summary Table

Term                                         Definition
Service                                 Cloud-based data governance platform.
Customer Data                    Any data submitted or processed through the Service.
Confidential Information     Non-public information marked or understood as confidential.
Incident                               Security breach, unauthorized access, or data unavailability.
Processing                          Collection, use, analysis, or any operation on data.
Authorized Users               Customer’s employees and contractors using the Service.
Force Majeure                    Events beyond reasonable control.
DPA                                    Data Processing Agreement (GDPR compliance).

Appendix B: Compliance Regulations Reference

Applicable Data Protection Laws (Non-Exhaustive):
  • GDPR (EU General Data Protection Regulation).
  • CCPA/CPRA (California Consumer Privacy Act / Rights Act).
  • PIPEDA (Personal Information Protection and Electronic Documents Act, Canada).
  • LGPD (Lei Geral de Proteção de Dados, Brazil).
  • UK GDPR (United Kingdom).
  • State privacy laws (Virginia, Colorado, Utah, Connecticut, Montana, Delaware, etc.).
  • Industry-specific (HIPAA for health data, PCI DSS for payment data, etc.).
  • Lithuanian Law on Legal Protection of Personal Data.
Version: 1.0 Final
Last Updated: January 11, 2026
Effective Date: January 11, 2026
Jurisdiction: Lithuania
Company: MB Griaustinis Media, Kaunas, Lithuania
Domain: aylesbury.io
Status: Ready for Implementation

We use cookies

We use cookies to enhance your experience. By continuing to visit this site you agree to our use of cookies. Learn more