Terms of Service

Last updated: February 25, 2026

1. Acceptance of Terms

These Terms of Service ("Terms") constitute a legally binding agreement between you and Fedna Research LLP ("Fedna AI," "Company," "we," "us," or "our") governing your access to and use of our multi-channel AI customer operations platform, website, and related services (collectively, the "Service").

By accessing or using the Service, you agree to be bound by these Terms and our Privacy Policy. If you do not agree to these Terms, you may not access or use the Service.

2. Eligibility

You must be at least 18 years old and have the legal capacity to enter into contracts to use the Service. By using the Service, you represent and warrant that you meet these requirements.

If you are using the Service on behalf of an organization, you represent and warrant that you have the authority to bind that organization to these Terms.

3. Account Registration

3.1 Account Creation

To use the Service, you must create an account by providing accurate and complete information. You are responsible for maintaining the confidentiality of your account credentials and for all activities that occur under your account.

3.2 Account Security

You agree to notify us immediately of any unauthorized access to or use of your account. We are not liable for any loss or damage arising from your failure to protect your account credentials.

3.3 Account Accuracy

You agree to provide accurate, current, and complete information during registration and to update such information to keep it accurate, current, and complete. We reserve the right to suspend or terminate accounts that contain false or misleading information.

4. Acceptable Use Policy

4.1 General Obligations

You may use the Service only for lawful purposes and in accordance with these Terms. You agree to use the Service in a manner that complies with all applicable laws, regulations, and industry standards. You are responsible for all activity conducted through your account and for ensuring that all users under your account comply with this Acceptable Use Policy.

4.2 Prohibited Content

You may not use the Service to create, upload, transmit, distribute, or store content that:

  • Is illegal, harmful, threatening, abusive, harassing, defamatory, vulgar, obscene, or otherwise objectionable
  • Infringes any patent, trademark, trade secret, copyright, or other intellectual property or proprietary rights
  • Contains viruses, malware, ransomware, trojan horses, or other harmful computer code
  • Violates the privacy or publicity rights of any third party
  • Contains child sexual abuse material (CSAM) or content that exploits or harms minors
  • Promotes discrimination, bigotry, racism, hatred, harassment, or harm against any individual or group
  • Contains false or misleading information intended to deceive or defraud
  • Violates export control or sanctions regulations

4.3 Prohibited Activities

You agree not to:

  • Use the Service to transmit spam, bulk unsolicited messages, or chain letters
  • Engage in any fraudulent, deceptive, or manipulative practices
  • Violate any applicable laws, regulations, or third-party rights
  • Interfere with or disrupt the Service, servers, or networks connected to the Service
  • Attempt to gain unauthorized access to any portion of the Service or any other systems or networks
  • Use the Service to impersonate any person or entity or misrepresent your affiliation with any person or entity
  • Reverse engineer, decompile, disassemble, or otherwise attempt to discover the source code of the Service
  • Remove, alter, or obscure any proprietary notices (copyright, trademark, etc.) on the Service
  • Use automated systems (bots, scrapers, crawlers) to access the Service without our prior written permission
  • Resell, sublicense, rent, lease, or redistribute the Service without our prior written consent
  • Use the Service in any manner that could damage, disable, overburden, or impair our infrastructure
  • Monitor data or traffic on any network or system without authorization
  • Conduct security testing (penetration testing, vulnerability scanning) without prior written approval
  • Use the Service to mine cryptocurrency or perform excessive computational tasks unrelated to legitimate business use

4.4 Spam and Unsolicited Communications

You may not use the Service to send unsolicited communications ("spam"). This includes but is not limited to:

  • Sending messages to individuals who have not opted in to receive communications from you
  • Continuing to send messages after recipients have opted out or unsubscribed
  • Purchasing or using third-party contact lists without proper consent verification
  • Using deceptive subject lines, headers, or sender information
  • Failing to include clear opt-out mechanisms in commercial messages
  • Violating anti-spam laws such as CAN-SPAM (US), CASL (Canada), or GDPR (EU)

4.5 Messaging Platform Compliance

When using the Service to communicate via WhatsApp, Instagram, or other third-party messaging platforms, you must comply with the respective platform's policies, including:

  • WhatsApp Business API Policy and Commerce Policy
  • Meta Business Terms and Community Standards
  • Platform-specific messaging limits and quality rating requirements
  • Opt-in requirements for marketing messages (24-hour window rules)
  • Prohibition on sending messages that could result in account bans or restrictions

4.6 Network Abuse and Security

You may not:

  • Launch denial-of-service (DoS) or distributed denial-of-service (DDoS) attacks
  • Conduct port scanning, network sniffing, or packet injection without authorization
  • Exploit security vulnerabilities to gain unauthorized access
  • Share account credentials or access tokens with unauthorized parties
  • Use the Service to distribute malware, ransomware, or engage in phishing
  • Attempt to bypass or circumvent security measures, rate limits, or access controls
  • Use the Service to launch attacks on third-party systems

4.7 AI Model and API Abuse

You may not:

  • Use the Service to generate content prohibited by AI provider policies (OpenAI, Anthropic, etc.)
  • Attempt to extract or reverse-engineer underlying AI models
  • Use AI-generated outputs to train competing models without authorization
  • Submit inputs designed to manipulate, confuse, or "jailbreak" AI models
  • Generate content for illegal activities or harmful purposes
  • Exceed reasonable API usage limits or engage in API abuse

4.8 Data Privacy and Protection

You agree to:

  • Comply with applicable data protection laws (GDPR, CCPA, DPDPA, etc.)
  • Obtain necessary consents before collecting or processing personal data through the Service
  • Not upload or process sensitive personal data (health, financial, biometric) without proper safeguards
  • Not use the Service to process data in violation of individuals' privacy rights
  • Implement appropriate security measures for data you upload to the Service
  • Not access or use other customers' data or accounts

4.9 Monitoring and Enforcement

We reserve the right (but have no obligation) to monitor use of the Service to ensure compliance with this Acceptable Use Policy. We may investigate suspected violations and take appropriate action, including:

  • Issuing warnings or requiring corrective actions
  • Temporarily suspending accounts pending investigation
  • Removing or disabling access to violating content
  • Permanently terminating accounts for serious or repeated violations
  • Reporting violations to law enforcement or regulatory authorities
  • Disclosing information to authorities as required by law or court order

4.10 Reporting Violations

If you become aware of any violation of this Acceptable Use Policy, please report it to support@fedna.ai. We will investigate all reports and take appropriate action.

5. AI Services and Limitations

5.1 AI-Generated Content

The Service uses artificial intelligence to generate responses, summaries, and other content. While we strive for accuracy, AI-generated content may contain errors, inaccuracies, or inappropriate responses. You are responsible for reviewing and verifying all AI-generated content before using it in customer interactions.

5.2 No Guarantee of Accuracy

We do not warrant that AI-generated content will be accurate, complete, reliable, or suitable for your specific use case. You use AI-generated content at your own risk and should implement appropriate review processes.

5.3 Human Oversight

You acknowledge that AI agents should be used with appropriate human oversight and that you are responsible for the content sent to your customers through the Service, whether generated by AI or humans.

6. Your Data and Content

6.1 Ownership

You retain all ownership rights to the data and content you upload to or create through the Service ("Your Content"). By using the Service, you grant us a limited, non-exclusive, royalty-free license to use, store, process, and display Your Content solely to provide and improve the Service.

6.2 Responsibility for Content

You are solely responsible for Your Content and the consequences of uploading, posting, or sharing it. You represent and warrant that you have all necessary rights to Your Content and that Your Content does not violate any third-party rights or applicable laws.

6.3 Content Monitoring

We reserve the right (but have no obligation) to monitor, review, or remove Your Content if we believe it violates these Terms or applicable laws. We are not responsible for monitoring or moderating user-generated content.

7. Fees and Payment

7.1 Subscription Fees

Access to certain features of the Service requires payment of subscription fees. Fees are billed in advance on a recurring basis (monthly or annually) as specified in your plan.

7.2 Usage-Based Fees

Certain features may incur additional usage-based fees, including AI model usage, telephony services, messaging platform fees, and storage costs. You will be notified of applicable usage rates before they are charged.

7.3 Payment Terms

You agree to pay all fees associated with your account. Fees are non-refundable except as required by law or as expressly stated in these Terms. We reserve the right to change our fees upon 30 days' notice.

7.4 Late Payment

If payment is not received by the due date, we may suspend or terminate your access to the Service. You remain responsible for all outstanding fees and any collection costs we incur.

8. Term and Termination

8.1 Term

These Terms begin on the date you first access the Service and continue until terminated by either party.

8.2 Termination by You

You may terminate your account at any time through the account settings or by contacting us. Termination will be effective at the end of your current billing period. No refunds will be provided for partial periods.

8.3 Termination by Us

We may suspend or terminate your access to the Service immediately if you violate these Terms, fail to pay fees when due, or for any other reason at our sole discretion. We will provide notice when reasonably possible.

8.4 Effect of Termination

Upon termination, your right to access and use the Service will immediately cease. We will retain Your Content for 30 days after termination, after which it may be permanently deleted. You are responsible for exporting Your Content before termination.

9. Intellectual Property

9.1 Our Property

The Service, including all software, designs, text, graphics, logos, and other content (excluding Your Content), is owned by Fedna AI and protected by copyright, trademark, and other intellectual property laws. You may not copy, modify, distribute, or create derivative works based on the Service without our prior written consent.

9.2 Limited License

Subject to these Terms, we grant you a limited, non-exclusive, non-transferable, revocable license to access and use the Service for your internal business purposes.

9.3 Feedback

If you provide us with feedback, suggestions, or ideas about the Service, you grant us a perpetual, irrevocable, worldwide, royalty-free license to use, modify, and incorporate such feedback without any obligation to you.

10. Third-Party Services

The Service may integrate with third-party services (WhatsApp, Instagram, telephony providers, AI model providers, etc.). Your use of these third-party services is subject to their respective terms and conditions. We are not responsible for the availability, accuracy, or content of third-party services.

Some third-party services may charge additional fees. You are responsible for any fees charged by third-party providers.

11. Disclaimers

THE SERVICE IS PROVIDED "AS IS" AND "AS AVAILABLE" WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT.

WE DO NOT WARRANT THAT THE SERVICE WILL BE UNINTERRUPTED, ERROR-FREE, OR SECURE, OR THAT DEFECTS WILL BE CORRECTED. WE DO NOT WARRANT THE ACCURACY, COMPLETENESS, OR RELIABILITY OF ANY CONTENT OR AI-GENERATED RESPONSES.

12. Limitation of Liability

TO THE MAXIMUM EXTENT PERMITTED BY LAW, FEDNA AI SHALL NOT BE LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, OR PUNITIVE DAMAGES, OR ANY LOSS OF PROFITS, REVENUE, DATA, OR USE, WHETHER IN AN ACTION IN CONTRACT, TORT, OR OTHERWISE, ARISING FROM YOUR USE OF OR INABILITY TO USE THE SERVICE.

OUR TOTAL LIABILITY TO YOU FOR ALL CLAIMS ARISING FROM OR RELATED TO THE SERVICE SHALL NOT EXCEED THE AMOUNT YOU PAID US IN THE 12 MONTHS PRECEDING THE CLAIM.

13. Indemnification

You agree to indemnify, defend, and hold harmless Fedna AI, its affiliates, officers, directors, employees, and agents from and against any claims, liabilities, damages, losses, costs, or expenses (including reasonable attorneys' fees) arising from:

  • Your use of the Service
  • Your violation of these Terms
  • Your violation of any third-party rights
  • Your Content or any content transmitted through your account

14. Governing Law and Dispute Resolution

14.1 Governing Law

These Terms shall be governed by and construed in accordance with the laws of India, without regard to its conflict of law provisions.

14.2 Dispute Resolution

Any dispute arising from or relating to these Terms or the Service shall be resolved through good faith negotiation. If negotiation fails, disputes shall be subject to the exclusive jurisdiction of the courts in Bangalore, India.

15. Changes to Terms

We reserve the right to modify these Terms at any time. We will notify you of material changes by posting the updated Terms on our website and updating the "Last updated" date. For significant changes, we may also provide additional notice through email or in-app notifications.

Your continued use of the Service after changes become effective constitutes your acceptance of the revised Terms. If you do not agree to the modified Terms, you must stop using the Service.

16. General Provisions

16.1 Entire Agreement

These Terms, together with our Privacy Policy, constitute the entire agreement between you and Fedna AI regarding the Service and supersede all prior agreements and understandings.

16.2 Severability

If any provision of these Terms is found to be invalid or unenforceable, the remaining provisions will remain in full force and effect.

16.3 Waiver

Our failure to enforce any right or provision of these Terms will not constitute a waiver of such right or provision.

16.4 Assignment

You may not assign or transfer these Terms or your rights under these Terms without our prior written consent. We may assign these Terms without restriction.

17. Service Level Agreement

17.1 Service Availability

We commit to maintaining the following uptime targets for the Service:

  • Core Platform (Dashboard, API): 99.9% monthly uptime
  • Messaging Services (WhatsApp, Instagram, Widget): 99.5% monthly uptime
  • Voice Services (PSTN Calling): 99.5% monthly uptime
  • AI Agents: 99.0% monthly uptime (excludes third-party AI provider outages)

Uptime is calculated as the percentage of time the Service is operational and accessible during a calendar month, excluding Scheduled Maintenance.

17.2 Scheduled Maintenance

We may perform scheduled maintenance during low-usage periods (typically 00:00-04:00 UTC on weekends). We will provide at least 48 hours advance notice for scheduled maintenance via email and in-app notifications. Scheduled maintenance windows are excluded from uptime calculations and are limited to 4 hours per month.

17.3 Emergency Maintenance

In the event of critical security issues, severe bugs, or infrastructure failures, we may perform emergency maintenance without advance notice. We will notify you as soon as reasonably possible and work to restore Service as quickly as possible.

17.4 Support Response Times

Support response times vary by plan tier:

  • Starter Plan: Email support with 24-48 hour response time (business days)
  • Professional Plan: Email support with 12-24 hour response time (business days), live chat during business hours (9 AM - 6 PM IST, Monday-Friday)
  • Enterprise Plan: Priority support with 2-4 hour response time (24/7), dedicated account manager, phone support

Response times are measured from when a support ticket is submitted to when our team provides an initial response. Resolution times vary based on issue complexity.

17.5 Issue Severity Levels

Support issues are categorized by severity:

  • Critical (P1): Service completely unavailable or major functionality broken for all users. Target resolution: 4 hours (Enterprise), 8 hours (Professional), 24 hours (Starter)
  • High (P2): Significant functionality impaired or affecting multiple users. Target resolution: 24 hours (Enterprise), 48 hours (Professional), 72 hours (Starter)
  • Medium (P3): Minor functionality issues or affecting single user. Target resolution: 72 hours (Enterprise), 5 business days (Professional/Starter)
  • Low (P4): General questions, feature requests, cosmetic issues. Target resolution: 5-7 business days (all plans)

17.6 Service Credits

If we fail to meet the uptime commitments in Section 17.1, you may be eligible for service credits:

  • 99.0% - 99.9% uptime: 10% credit of monthly subscription fee
  • 95.0% - 98.9% uptime: 25% credit of monthly subscription fee
  • Below 95.0% uptime: 50% credit of monthly subscription fee

Service credits must be requested within 30 days of the incident by emailing support@fedna.ai with details of the outage. Credits are applied to future invoices and cannot be redeemed for cash. Maximum total credits in any month will not exceed 50% of the monthly subscription fee.

17.7 Exclusions

Service Level commitments do not apply to:

  • Outages caused by third-party service failures (AI providers, telephony carriers, messaging platforms, cloud infrastructure providers)
  • Issues resulting from your actions or content, including violations of this Agreement
  • Force majeure events (natural disasters, war, terrorism, riots, government actions, pandemics)
  • Internet connectivity issues or ISP problems outside our control
  • Scheduled maintenance windows (with proper notice)
  • Free trial accounts or accounts with outstanding payment obligations
  • Beta features or services explicitly marked as experimental
  • Issues caused by your use of unsupported browsers, devices, or configurations

17.8 Performance Monitoring

We continuously monitor Service performance and availability using third-party monitoring tools. Status updates are available at status.fedna.ai (if applicable). We will post incident reports and post-mortems for significant outages within 72 hours of resolution.

17.9 Data Backup and Recovery

We perform automated backups of all customer data daily. Backups are retained for 30 days. In the event of data loss due to our fault, we will restore data from the most recent backup. However, some data created between the last backup and the incident may be unrecoverable. We are not responsible for data loss caused by your actions or third-party service failures.

17.10 API Rate Limits

To ensure fair usage and Service stability, we implement the following API rate limits:

  • Starter Plan: 1,000 requests per hour, 10,000 requests per day
  • Professional Plan: 5,000 requests per hour, 50,000 requests per day
  • Enterprise Plan: Custom limits negotiated in your agreement

Rate limit headers are included in API responses. Exceeding rate limits will result in HTTP 429 errors. Sustained abuse of rate limits may result in account suspension.

18. Security Policy

18.1 Overview

We implement comprehensive security measures to protect the Service and your data. This Security Policy outlines our security practices, your security responsibilities, and incident response procedures.

18.2 Data Encryption

We protect data in transit and at rest:

  • In Transit: All data transmitted to and from the Service is encrypted using TLS 1.2 or higher with strong cipher suites
  • At Rest: All data stored in our databases is encrypted using AES-256 encryption
  • Backups: All database backups are encrypted before storage
  • API Keys and Credentials: Sensitive credentials are encrypted using Fernet symmetric encryption with organization-specific keys
  • File Uploads: Files uploaded to the Service are stored in encrypted object storage

18.3 Access Controls

We implement strict access controls:

  • Authentication: Multi-factor authentication (MFA) required for all admin accounts, optional for team members
  • Authorization: Role-based access control (RBAC) with principle of least privilege
  • Database: Row-Level Security (RLS) policies enforce multi-tenant data isolation
  • API Access: JWT-based authentication with short-lived tokens, refresh token rotation
  • Session Management: Automatic session expiry after inactivity, secure session storage
  • Employee Access: Fedna employees have access only on a need-to-know basis, all access is logged and audited

18.4 Infrastructure Security

Our infrastructure is secured through:

  • Cloud Hosting: Service hosted on enterprise-grade cloud infrastructure (Railway, Supabase) with SOC 2 compliance
  • Network Segmentation: Production, staging, and development environments are isolated
  • Firewalls: Web application firewall (WAF) and network firewalls protect against attacks
  • DDoS Protection: Distributed denial-of-service mitigation at the network edge
  • Intrusion Detection: Real-time monitoring for suspicious activity and potential breaches
  • Logging: Comprehensive logging of all API requests, authentication attempts, and security events

18.5 Application Security

We follow secure development practices:

  • Secure SDLC: Security is integrated into every phase of our development lifecycle
  • Code Reviews: All code changes undergo peer review before deployment
  • Vulnerability Scanning: Automated scanning for known vulnerabilities in dependencies
  • Input Validation: All user inputs are validated and sanitized to prevent injection attacks
  • CSRF Protection: Cross-site request forgery tokens on all state-changing operations
  • XSS Prevention: Output encoding to prevent cross-site scripting attacks
  • SQL Injection Prevention: Parameterized queries and ORM usage
  • Dependency Management: Regular updates and patching of all software dependencies

18.6 Security Monitoring and Incident Response

We maintain 24/7 security monitoring:

  • Real-Time Monitoring: Automated alerts for anomalous behavior, failed login attempts, and potential security incidents
  • Incident Response Plan: Documented procedures for detecting, responding to, and recovering from security incidents
  • Breach Notification: In the event of a data breach affecting personal data, we will notify affected users within 72 hours as required by GDPR and applicable laws
  • Forensic Analysis: Comprehensive investigation of security incidents to determine root cause and prevent recurrence
  • Security Team: Dedicated security personnel responsible for monitoring, incident response, and security improvements

18.7 Third-Party Security

We carefully vet third-party service providers:

  • Vendor Assessment: All sub-processors undergo security assessment before integration
  • Data Processing Agreements: Written agreements with all sub-processors handling personal data
  • SOC 2 Compliance: Priority given to vendors with SOC 2 Type II certification
  • Regular Audits: Ongoing monitoring and periodic re-assessment of third-party security posture

18.8 Your Security Responsibilities

You are responsible for:

  • Maintaining the security and confidentiality of your account credentials
  • Enabling multi-factor authentication (MFA) for your account
  • Using strong, unique passwords that are not reused across services
  • Promptly notifying us of any suspected unauthorized access or security incidents
  • Ensuring your team members follow security best practices
  • Not sharing account credentials or API keys with unauthorized parties
  • Securing any custom integrations or API implementations you build on top of the Service
  • Complying with this Acceptable Use Policy and Security Policy

18.9 Security Audits and Compliance

We undergo regular security assessments:

  • Internal Audits: Quarterly internal security reviews and penetration testing
  • External Audits: Annual third-party security audits (penetration testing, vulnerability assessments)
  • Compliance: Ongoing compliance monitoring for GDPR, ISO 27001, and SOC 2 frameworks (certifications in progress)
  • Bug Bounty: Responsible disclosure program for security researchers (details at fedna.ai/security)

18.10 Vulnerability Disclosure

If you discover a security vulnerability in the Service, please report it responsibly to legal@fednaresearch.com. Please do not publicly disclose the vulnerability until we have had a reasonable opportunity to address it. We commit to:

  • Acknowledging receipt of your report within 48 hours
  • Providing an initial assessment within 7 days
  • Keeping you informed of remediation progress
  • Crediting you for responsible disclosure (if desired) upon resolution

18.11 Data Retention and Deletion

We retain customer data in accordance with our Privacy Policy and Data Processing Agreement:

  • Active Accounts: Data retained for the duration of your subscription
  • Post-Termination: Data retained for 30 days after account termination, then securely deleted
  • Backups: Deleted data purged from backups within 90 days
  • Legal Holds: Data subject to legal or regulatory requirements may be retained longer as required by law
  • Secure Deletion: All data deletion uses cryptographic erasure or secure multi-pass overwrite methods

18.12 Security Contact

For security-related inquiries, vulnerability reports, or incident notifications, contact our security team at legal@fednaresearch.com. For general security information, visit https://fedna.ai/security.

19. Contact Information

If you have any questions about these Terms, please contact us at:

Fedna Research LLP

Email: legal@fednaresearch.com

Website: https://fedna.ai