These Aurisk Supplemental Terms (“Supplemental Terms”) are a legally binding agreement between EdgeFox & Co, doing business as Koda (“Koda,” “we,” “us,” or “our”) and any individual or entity (“you,” “your,” or “Customer”) that implements, calls, or otherwise uses the Aurisk risk and user-tracking APIs, SDKs, dashboards, documentation, and related services (collectively, “Aurisk” or the “Service”).
These Supplemental Terms are incorporated by reference into our primary Terms of Service and Privacy Policy (together, the “Main Terms”). In the event of a conflict between these Supplemental Terms and the Main Terms, these Supplemental Terms control solely for your use of Aurisk.
By generating an API key, installing an SDK, or sending or receiving data with Aurisk, you agree to these Supplemental Terms.
I. DEFINITIONS
1.1 “Customer Data” means data you or your agents submit to Aurisk (e.g., event payloads, identifiers, device or network signals) and outputs generated specifically for you from that data.
1.2 “Service Data” means operational data we generate or collect to provide Aurisk (e.g., logs, metrics, usage/telemetry, security signals).
1.3 “Derived Data” means risk scores, insights, aggregates, models, heuristics, or threat intelligence produced by Aurisk from Customer Data and/or other inputs that do not reasonably identify you or an End User.
1.4 “End User” means a natural person whose data you submit to Aurisk via your sites, apps, or integrations.
1.5 “Integrated Platforms” means third-party services you connect to Aurisk (e.g., websites, mobile/desktop apps, game platforms, Discord or other messaging platforms).
1.6 “Subprocessor” means a third party engaged by us to process data in support of the Service.
II. SCOPE; RELATIONSHIP TO OTHER TERMS
2.1 Platform-Agnostic Coverage. Aurisk is platform-agnostic and may operate with various Integrated Platforms. Your use of any Integrated Platform remains subject to that platform’s terms, policies, and technical limits.
2.2 No Affiliation or Endorsement. Unless we state otherwise in writing, we are not affiliated with, endorsed by, or sponsored by any Integrated Platform. Those platforms are not responsible for Aurisk’s operation, outputs, or availability.
2.3 Order of Precedence. These Supplemental Terms prevail over the Main Terms to the extent of a direct conflict with respect to Aurisk. All other provisions of the Main Terms continue to apply.
III. ACCOUNTS, AUTHENTICATION, AND KEYS
3.1 Registration. Access may require an account and credentials (e.g., API keys, client IDs, signing secrets). You must provide accurate information and keep it current.
3.2 Credentials. You are responsible for safeguarding credentials and all activity under them. Notify us promptly of any suspected compromise. Do not share credentials outside your organization except with bound processors under written confidentiality obligations.
3.3 Authentication Methods. Aurisk may support Authorization: Bearer <API_KEY>, request signing, and/or IP allowlisting. We may rotate or revoke credentials to protect the Service or comply with legal or platform requirements.
3.4 Keys Bound to Use Case. We may limit credentials to specific use cases, environments, or rate tiers. You must not bypass rate limits, quotas, or feature gates.
IV. DATA SUBMISSION; YOUR RESPONSIBILITIES
4.1 Legal Basis and Notices. You represent and warrant that you have a lawful basis to submit Customer Data to Aurisk and that you have provided all required notices and obtained all required consents, permissions, and authorizations from End Users.
4.2 Prohibited Sensitive Data. Unless expressly permitted by a separately executed written addendum with us, you must not submit: (a) protected health information (PHI) regulated by HIPAA; (b) payment card data subject to PCI DSS; (c) government-issued ID numbers; (d) precise geolocation; (e) biometric identifiers; (f) children’s data subject to COPPA; or (g) other special categories of personal data requiring heightened safeguards under applicable law.
4.3 Accuracy; No Malicious Content. You are responsible for the accuracy and legality of Customer Data. You will not submit malware, malicious code, or content that infringes third-party rights or violates law.
4.4 Export Compliance and Sanctions. You will not use Aurisk in or for the benefit of embargoed countries or prohibited parties under applicable trade laws.
V. OUR DATA USE; RETENTION; DELETION
5.1 Use of Customer Data. We process Customer Data to provide, secure, maintain, and improve Aurisk; to develop new features; to prevent fraud and abuse; and to comply with law.
5.2 Service and Derived Data. We may generate Service Data and Derived Data from your use of Aurisk. We own Service Data and Derived Data, but we will not use Derived Data to identify you or End Users except as required by law or to provide the Service to you.
5.3 Retention. We retain Customer Data only as long as necessary to provide the Service, comply with law, resolve disputes, and enforce agreements. User-related telemetry is automatically purged after ninety-one (91) consecutive days of inactivity unless longer retention is required for security, abuse prevention, or legal reasons.
5.4 Deletion Requests. Upon verified request by you (or as required by law), we will delete Customer Data from active systems, subject to lawful exceptions and backup/archival limitations. Additional procedures may be described in the Privacy Policy or a Data Processing Addendum (“DPA”), if applicable.
VI. SECURITY; PRIVACY; SUBPROCESSORS
6.1 Security. We implement reasonable technical and organizational measures designed to protect Customer Data. You remain responsible for securing your systems and credentials.
6.2 Privacy. Our collection and use of personal data are described in our Privacy Policy. If a DPA applies, its terms govern processing of personal data on your behalf.
6.3 Subprocessors. We may engage Subprocessors to support the Service. We remain responsible for their performance to the extent required by law and our agreements.
6.4 International Transfers. Where applicable, we use lawful transfer mechanisms (e.g., standard contractual clauses) for cross-border personal-data transfers.
VII. ACCEPTABLE USE; FAIR USE
7.1 Acceptable Use. You will not: (a) use Aurisk for unlawful surveillance, stalking, or discriminatory profiling; (b) attempt to re-identify individuals from Derived Data; (c) overload or stress-test the Service except through an approved program; or (d) interfere with platform integrity or security.
7.2 Fair Use and Rate Limits. You agree to comply with published or communicated rate limits, quotas, and usage policies. We may throttle or suspend requests that degrade Service performance or security.
VIII. INTELLECTUAL PROPERTY; FEEDBACK
8.1 Ownership. As between the parties, you retain all rights to Customer Data. We and our licensors retain all rights to Aurisk, Service Data, and Derived Data.
8.2 License to Operate. You grant us a non-exclusive, worldwide, royalty-free license to process Customer Data solely to provide and improve the Service and as otherwise permitted under these Supplemental Terms and the Main Terms.
8.3 Feedback. If you provide feedback or suggestions, you grant us a perpetual, irrevocable, worldwide, royalty-free license to use them without restriction or attribution.
IX. AVAILABILITY; MODIFICATIONS; BETA FEATURES
9.1 Availability. We do not guarantee that Aurisk will be uninterrupted, timely, secure, or error-free. Platform or third-party changes may affect availability.
9.2 Modifications. We may modify or discontinue features at any time. Material changes to these Supplemental Terms will be posted, and continued use after the effective date constitutes acceptance.
9.3 Beta/Preview. Beta or experimental features are provided “as is,” may be subject to additional terms, and may be withdrawn at any time.
X. PAYMENTS (IF APPLICABLE)
10.1 Billing Provider. If Aurisk features are offered via a platform billing system or other processor, payments, renewals, and refunds are handled by that provider under its terms. We do not store your payment credentials unless expressly stated.
10.2 Comped Access. We may grant complimentary or promotional access at our discretion, which may be modified or revoked at any time without liability.
XI. DISCLAIMERS; LIMITATIONS
11.1 No High-Risk Use. Aurisk is not designed for mission-critical or life-support systems. You are solely responsible for appropriate human oversight and fail-safes.
11.2 Disclaimer of Warranties. THE SERVICE IS PROVIDED “AS IS” AND “AS AVAILABLE.” TO THE MAXIMUM EXTENT PERMITTED BY LAW, WE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE, ACCURACY, AND NON-INFRINGEMENT.
11.3 Limitation of Liability. TO THE FULLEST EXTENT PERMITTED BY LAW, KODA AND ITS OWNERS, DIRECTORS, EMPLOYEES, CONTRACTORS, AND AFFILIATES WILL NOT BE LIABLE FOR INDIRECT, INCIDENTAL, CONSEQUENTIAL, SPECIAL, EXEMPLARY, OR PUNITIVE DAMAGES, OR ANY LOSS OF DATA, PROFITS, BUSINESS, OR GOODWILL.
11.4 Aggregate Cap. OUR AGGREGATE LIABILITY FOR ALL CLAIMS WILL NOT EXCEED THE GREATER OF (A) FIFTY U.S. DOLLARS (USD $50) OR (B) THE AMOUNTS YOU PAID US FOR AURISK IN THE TWELVE (12) MONTHS PRECEDING THE EVENT GIVING RISE TO LIABILITY.
XII. SUSPENSION; TERMINATION
12.1 Suspension. We may suspend or throttle access if you violate these terms, exceed fair-use limits, create security risks, or if required by law or a platform provider.
12.2 Termination. Either party may terminate for convenience upon notice, or for cause if the other party materially breaches and fails to cure within a reasonable period where cure is possible.
12.3 Effect. Upon termination, your rights to use Aurisk end and we may delete Customer Data from active systems in accordance with Section 5 and our Privacy Policy.
XIII. GOVERNING LAW; VENUE
13.1 Law. These Supplemental Terms are governed by the laws of the State of Wyoming, excluding its conflict-of-laws rules.
13.2 Venue. You agree to the exclusive jurisdiction and venue of the state or federal courts located in Wyoming, and you waive objections based on inconvenient forum.
XIV. MISCELLANEOUS
14.1 Severability. If any provision is held invalid or unenforceable, the remainder will remain in full force.
14.2 Assignment. You may not assign these terms without our prior written consent; we may assign to an affiliate or in connection with a merger, acquisition, or asset transfer.
14.3 Notices. We may provide notices via email, dashboard, or posting on our site. You will send legal notices to the contact below.
14.4 Entire Agreement. These Supplemental Terms and the Main Terms constitute the entire agreement for your use of Aurisk and supersede prior or contemporaneous understandings on that subject.
14.5 No Waiver. Failure to enforce a provision is not a waiver of the right to do so later.
XV. CONTACT
EdgeFox & Co (d/b/a Koda)
Email: legal@edgefox.net