Privagent Terms of Service

1. Acceptance of Terms; Electronic Agreement

1.1 Acceptance

These Terms of Service (the “Terms”) govern access to and use of the Privagent platform, products, and services (collectively, the “Service”) provided by Privagent, Inc. (“Privagent,” “we,” “us,” or “our”). By creating an account, accessing, or using the Service, you (“Customer”) agree to be bound by these Terms. If you do not agree, you may not access or use the Service.

1.2 Authority

If you are accepting these Terms on behalf of an entity, you represent and warrant that you have the authority to bind that entity, and “Customer” refers to that entity.

1.3 Electronic Acceptance

Customer agrees that acceptance of these Terms by clicking an “I agree,” “Sign up,” or similar button, or by accessing or using the Service, constitutes a legally binding electronic signature.

1.4 Incorporated Documents

These Terms incorporate by reference any additional policies or documents referenced herein, including the Data Processing Addendum (DPA) and any applicable service descriptions or policies made available by Privagent. In the event of a conflict, the order of precedence is as set forth herein or in the applicable document.

2. Description of the Service

2.1 The Service

The Service is an AI-powered organizational discovery platform that enables organizations to identify operational friction, communication bottlenecks, and process inefficiencies through structured employee interviews conducted by an automated voice agent (“Dave”). The Service includes interview scheduling and execution, data analysis and pattern recognition, automated report generation, and a client portal for accessing deliverables. All reports generated by the Service are anonymized and do not identify individual employees by name.

2.2 No Guaranteed Outcomes

The Service is intended to support Customer’s internal organizational improvement efforts. Use of the Service does not guarantee any specific outcome, nor does it prevent regulatory action, enforcement, or liability.

2.3 Changes to the Service

Privagent may modify, enhance, or update the Service from time to time, including adding or removing features. Privagent will not materially reduce core functionality without reasonable notice where practicable.

3. Account Registration and Responsibilities

3.1 Account Registration

To access the Service, Customer must create an account and provide accurate, complete, and current information. Customer is responsible for maintaining the accuracy of account information.

3.2 Account Security

Customer is responsible for safeguarding account credentials and for all activities that occur under its account. Customer shall promptly notify Privagent of any unauthorized use or suspected security incident relating to its account.

3.3 Authorized Users

Customer may permit its employees, contractors, or agents (“Authorized Users”) to access the Service solely for Customer’s internal business purposes. Customer is responsible for ensuring that Authorized Users comply with these Terms.

3.4 Compliance with Law

Customer is solely responsible for its use of the Service and for ensuring that such use complies with applicable laws and regulations, including data protection and privacy laws.

4. Customer Content and Data

4.1 Customer Content

“Customer Content” means any data, information, materials, or content submitted, uploaded, transmitted, or otherwise made available by or on behalf of Customer through the Service, including personal data. Customer retains all right, title, and interest in and to Customer Content.

4.2 License to Privagent

Customer grants Privagent a limited, non-exclusive, worldwide license to host, process, transmit, analyze, and otherwise use Customer Content solely to provide, maintain, improve, and support the Service and any Professional Services, and as otherwise permitted under these Terms and the DPA.

4.3 Customer Responsibilities

Customer represents and warrants that it has all rights, permissions, and lawful bases necessary to provide Customer Content to Privagent and to permit the processing of such data under these Terms. Customer is solely responsible for the legality, accuracy, quality, and content of Customer Content.

Customer represents and warrants that it has provided appropriate notice to, and obtained any required consent from, its employees and other individuals who will participate in interviews conducted through the Service, in compliance with applicable employment and privacy laws. Customer acknowledges that it is responsible for communicating with its employees about the nature and purpose of the organizational discovery process prior to interviews being conducted.

4.4 Aggregated and Anonymized Data

Privagent may generate and use aggregated and anonymized data derived from Customer Content or use of the Service for analytics, benchmarking, service improvement, and similar purposes, provided such data does not identify Customer or any individual.

4.5 Anonymous and Aggregated Data

Privagent may create, derive, collect, and use data that is aggregated, anonymized, or de-identified such that it does not identify Customer, any Authorized User, or any individual (“Anonymous Data”). Anonymous Data is not Customer Content or Confidential Information. Privagent may use Anonymous Data for any lawful business purpose, including without limitation analytics, benchmarking, research, service improvement, product development, security, statistical analysis, and industry reporting, and may share such Anonymous Data with third parties, provided that such data remains aggregated, anonymized, or de-identified and cannot reasonably be used to identify Customer or any individual.

5. Confidentiality (Embedded NDA)

5.1 Definition of Confidential Information

“Confidential Information” means any non-public, confidential, or proprietary information disclosed by one party (“Disclosing Party”) to the other party (“Receiving Party”), whether orally, visually, in writing, electronically, or otherwise, that reasonably should be understood to be confidential given the nature of the information or the circumstances of disclosure.

Confidential Information includes, without limitation: (a) Customer Content and personal data; (b) information disclosed in connection with use of the Service or any Professional Services, including interviews, assessments, workshops, communications, drafts, findings, and reports (including reports generated by Dave); (c) business, technical, operational, security, product, roadmap, pricing, and financial information; and (d) the Service, documentation, methodologies, frameworks, and non-public features.

5.2 Confidentiality Obligations

The Receiving Party shall: (a) use Confidential Information solely to perform its obligations or exercise its rights under this Agreement; (b) not disclose Confidential Information to any third party except as expressly permitted under this Agreement; and (c) protect Confidential Information using at least the same degree of care it uses to protect its own confidential information of a similar nature, and in no event less than reasonable care.

5.3 Permitted Disclosures

The Receiving Party may disclose Confidential Information to its employees, contractors, affiliates, and service providers who have a legitimate need to know such information for purposes of this Agreement and who are bound by confidentiality obligations no less protective than those set forth herein. Disclosure may also be made if required by law, regulation, or court order, provided that the Receiving Party (to the extent legally permitted) gives prompt notice to the Disclosing Party and cooperates in seeking confidential treatment.

5.4 Exclusions

Confidential Information does not include information that: (a) is or becomes publicly available without breach of this Agreement; (b) was lawfully known to the Receiving Party prior to disclosure; (c) is independently developed without use of the Confidential Information; or (d) is lawfully received from a third party without confidentiality restrictions.

5.5 Survival and Remedies

Confidentiality obligations under this Section shall survive termination of this Agreement. The parties acknowledge that unauthorized disclosure may cause irreparable harm for which monetary damages may be insufficient, and that injunctive or equitable relief may be available.

6. Data Protection & Privacy

6.1 Roles of the Parties

To the extent Privagent processes personal data on behalf of Customer in connection with the Service or any Professional Services, Customer acts as the data controller (or “business,” as applicable), and Privagent acts as the data processor (or “service provider,” as applicable). Each party shall comply with its respective obligations under applicable data protection and privacy laws.

6.2 Data Processing Addendum

Privagent’s Data Processing Addendum (“DPA”) is incorporated into this Agreement by reference and forms part of this Agreement where applicable. The DPA is available upon request at Ron@privagent.com. The DPA describes, among other things: (a) the subject matter and duration of processing; (b) the nature and purpose of processing; (c) the types of personal data processed and categories of data subjects; and (d) the technical and organizational measures implemented to protect personal data. In the event of any conflict between this Agreement and the DPA with respect to personal data processing, the DPA shall control.

6.3 Use of Customer Data

Privagent shall process Customer Content and personal data solely to: (a) provide, maintain, and improve the Service and Professional Services; (b) generate reports and outputs requested by Customer; (c) comply with applicable law; and (d) otherwise as permitted under this Agreement and the DPA. Privagent shall not sell Customer personal data or use it for advertising or marketing purposes unrelated to the Service.

6.4 Security Measures

Privagent maintains reasonable administrative, technical, and physical safeguards designed to protect Customer Content and personal data against unauthorized access, disclosure, alteration, or destruction. Additional information regarding Privagent’s security practices may be made available upon request or as described in Privagent’s security documentation.

6.5 Subprocessors and Transfers

Customer authorizes Privagent to engage subprocessors to process personal data in accordance with the DPA. Privagent shall ensure that any subprocessors are subject to written obligations no less protective than those set forth in the DPA. Where required by applicable law, appropriate safeguards shall be implemented for cross-border transfers of personal data, as further described in the DPA.

6.6 Data Subject Rights

To the extent required by applicable law, Privagent shall provide reasonable assistance to Customer in responding to data subject requests and fulfilling Customer’s obligations under applicable data protection laws, as set forth in the DPA.

6.7 Privacy Policy

Privagent’s Privacy Policy, available at privagent.cloud/privacy, describes how Privagent processes personal data collected directly from users in its role as a controller. The Privacy Policy does not apply to Customer Content processed on behalf of Customer, which is governed by this Agreement and the DPA.

7. Security

Privagent maintains reasonable administrative, technical, and physical safeguards designed to protect the confidentiality, integrity, and availability of the Service and Customer Content against unauthorized access, disclosure, alteration, or destruction. Customer acknowledges that no security measures are infallible and that Privagent does not guarantee absolute security. Customer is responsible for configuring the Service appropriately and for maintaining the security of its own systems, networks, and credentials. Additional information regarding Privagent’s security practices may be made available upon request or through published security documentation.

8. Professional Services

8.1 Professional Services

Privagent may provide consulting, assessment, advisory, reporting, or other professional services (“Professional Services”), which may include interviews, reviews of Customer-provided materials, and preparation of reports.

8.2 Advisory Nature; No Regulated Advice

Customer acknowledges that Professional Services and any outputs or reports are provided for informational and planning purposes only. Privagent does not provide legal, regulatory, accounting, audit, or other regulated professional advice, and no information provided by Privagent should be construed as such. Customer remains solely responsible for determining compliance with applicable laws and regulations and for implementing any recommendations.

8.3 Reliance on Customer Information

Professional Services are based on information and materials provided by Customer. Privagent is not responsible for the accuracy, completeness, or timeliness of such information, and shall have no liability arising from inaccurate or incomplete inputs.

8.4 No Guarantee of Outcomes

Privagent does not guarantee any specific outcome, regulatory approval, compliance status, risk mitigation, or avoidance of enforcement actions as a result of the Service or Professional Services.

9. Intellectual Property Rights

9.1 Ownership

As between the parties: (a) Customer retains all right, title, and interest in and to Customer Content and Customer-owned materials; and (b) Privagent retains all right, title, and interest in and to the Service, Professional Services, methodologies, frameworks, templates, software, models, scoring logic, report structures, documentation, and any improvements or derivative works thereof.

9.2 Reports and Outputs

Reports may incorporate Customer Content but are based on Privagent’s proprietary methodologies and frameworks. Customer is granted a non-exclusive, non-transferable license to use reports internally for its business purposes. Customer may not resell, publish, sublicense, or otherwise distribute reports to third parties without Privagent’s prior written consent, except as required by law.

9.3 Aggregated and Anonymized Data

Privagent may create and use aggregated and anonymized data derived from use of the Service or Professional Services for analytics, benchmarking, and service improvement, provided such data does not identify Customer or any individual.

10. Fees, Subscriptions, and Payment

10.1 Fees and Subscriptions

Customer agrees to pay all fees associated with its subscription to the Service and any Professional Services in accordance with the pricing and terms presented at signup, in an applicable order form, or as otherwise agreed in writing. Unless otherwise stated, subscriptions automatically renew for successive subscription periods of equal length unless Customer provides timely notice of non-renewal.

10.2 Payment

Customer authorizes Privagent to charge Customer’s designated payment method for all applicable fees. Fees are non-refundable except as expressly stated in these Terms. Late payments may accrue interest at the maximum rate permitted by law, and Privagent may suspend access to the Service for overdue accounts after reasonable notice.

10.3 Taxes

Fees are exclusive of all taxes, levies, or duties imposed by taxing authorities. Customer is responsible for payment of all such taxes, except for taxes based on Privagent’s net income.

11. Acceptable Use and Restrictions

Customer shall not, and shall not permit any Authorized User to: Use the Service in violation of applicable law or regulation; Reverse engineer, decompile, or attempt to extract the source code or underlying ideas of the Service; Circumvent or interfere with security-related features; Use the Service to infringe, misappropriate, or violate the rights of any third party; Resell, sublicense, or make the Service available to third parties except as expressly permitted; or Use the Service in a manner that materially interferes with or disrupts the integrity or performance of the Service. Privagent may suspend or terminate access to the Service for material violations of this Section.

12. Third-Party Services

The Service may interoperate with or include links to third-party products, services, or integrations (“Third-Party Services”). Customer’s use of Third-Party Services is governed solely by the terms and policies of the applicable third party. Privagent does not control and is not responsible for Third-Party Services and makes no warranties regarding them. Use of Third-Party Services is at Customer’s own risk.

13. Term and Termination

13.1 Term

These Terms commence on the date Customer first accepts them and continue until terminated in accordance with this Section.

13.2 Termination for Convenience

Either party may terminate the Agreement upon written notice if the other party materially breaches these Terms and fails to cure such breach within a reasonable period after notice.

13.3 Suspension or Termination by Privagent

Privagent may suspend or terminate access to the Service immediately if Customer’s use poses a security risk, violates applicable law, or materially harms the Service or other customers.

13.4 Effect of Termination

Upon termination, Customer’s right to access the Service will cease. Sections that by their nature should survive termination, including confidentiality, intellectual property, limitation of liability, indemnification, and governing law, shall survive.

14. Warranties and Disclaimers

Each party represents that it has the authority to enter into these Terms. Except as expressly stated, the Service and Professional Services are provided “as is” and “as available.” To the maximum extent permitted by law, Privagent disclaims all warranties, whether express, implied, or statutory, including warranties of merchantability, fitness for a particular purpose, non-infringement, and uninterrupted or error-free operation. Privagent does not warrant that the Service, reports, or Professional Services will ensure compliance with any law or regulation or prevent any enforcement action.

15. Limitation of Liability

15.1 Exclusion of Certain Damages

To the maximum extent permitted by law, neither party shall be liable for any indirect, incidental, special, consequential, or punitive damages, or for loss of profits, revenue, business, goodwill, or data, even if advised of the possibility of such damages.

15.2 Liability Cap

Except for Excluded Claims (defined below), each party’s total aggregate liability arising out of or relating to this Agreement shall not exceed the total fees paid or payable by Customer to Privagent in the twelve (12) months preceding the event giving rise to the claim.

15.3 Excluded Claims

The limitations in this Section do not apply to: (a) a party’s breach of confidentiality obligations; (b) Customer’s misuse of the Service or violation of applicable law; or (c) indemnification obligations expressly set forth in this Agreement.

15.4 Basis of the Bargain

The parties acknowledge that the limitations of liability reflect an allocation of risk and form an essential basis of the bargain between the parties.

16. Indemnification

16.1 Indemnification by Privagent

Privagent shall defend, indemnify, and hold harmless Customer and its officers, directors, employees, and agents from and against any third-party claims, damages, losses, liabilities, costs, and expenses (including reasonable attorneys’ fees) arising out of or relating to any claim that the Service, when used in accordance with this Agreement, infringes or misappropriates a third party’s valid intellectual property rights.

Privagent shall have no obligation under this Section to the extent a claim arises from: (a) Customer Content or materials provided by Customer; (b) use of the Service or reports in violation of this Agreement or applicable law; (c) modifications to the Service or reports not made by or on behalf of Privagent; (d) combination of the Service or reports with products, services, or data not provided by Privagent; or (e) use of any version of the Service other than the most current version made available by Privagent.

If the Service becomes, or in Privagent’s reasonable opinion is likely to become, the subject of an infringement claim, Privagent may, at its option and expense: (i) procure the right for Customer to continue using the Service; (ii) modify or replace the Service so that it becomes non-infringing; or (iii) terminate the affected portion of the Service and refund any prepaid, unused fees.

16.2 Indemnification by Customer

Customer shall defend, indemnify, and hold harmless Privagent and its officers, directors, employees, and agents from and against any third-party claims, damages, losses, liabilities, costs, and expenses (including reasonable attorneys’ fees) arising out of or relating to: (a) Customer Content or data provided by Customer; (b) Customer’s use of the Service, Professional Services, or reports in violation of this Agreement or applicable law; (c) Customer’s breach of its representations or obligations under this Agreement; or (d) any allegation that Customer Content infringes, misappropriates, or otherwise violates the rights of a third party.

16.3 Indemnification Procedures

The indemnified party shall: (a) promptly notify the indemnifying party of any claim for which indemnification is sought (provided that failure to provide prompt notice shall not relieve the indemnifying party of its obligations except to the extent materially prejudiced); (b) permit the indemnifying party to assume sole control of the defense and settlement of the claim; and (c) provide reasonable cooperation, at the indemnifying party’s expense, in connection with the defense. The indemnifying party shall not settle any claim in a manner that imposes liability or obligations on the indemnified party without the indemnified party’s prior written consent, which shall not be unreasonably withheld.

16.4 Exclusive Remedy

This Section 16 states the indemnifying party’s sole and exclusive liability, and the indemnified party’s sole and exclusive remedy, for third-party claims of intellectual property infringement or misappropriation arising from the Service.

17. Governing Law and Venue

These Terms shall be governed by and construed in accordance with the laws of the State of Delaware, without regard to conflict-of-laws principles. Any legal action or proceeding arising out of or relating to these Terms shall be brought exclusively in the state or federal courts located in Delaware, and the parties consent to the personal jurisdiction of such courts.

18. Changes to the Terms

Privagent may modify these Terms from time to time. Material changes will be communicated through the Service or by other reasonable means. Continued use of the Service after the effective date of any changes constitutes acceptance of the updated Terms.

19. General Provisions

Assignment: Customer may not assign these Terms without Privagent’s prior written consent, except in connection with a merger or sale of substantially all assets.

Severability: If any provision is held unenforceable, the remaining provisions shall remain in full force and effect.

Waiver: Failure to enforce any provision shall not constitute a waiver.

Force Majeure: Neither party shall be liable for delays or failures due to causes beyond its reasonable control.

Entire Agreement: These Terms, together with all incorporated documents, constitute the entire agreement between the parties regarding the Service.

Contact: Legal notices may be sent to Ron@privagent.com or such other address as provided by Privagent.