End User License Agreement (EULA)

End User License Agreement (EULA) and Privacy Policy

Last Updated: July 16, 2025

Version: 2.0

1. Definitions

"Agreement" means this End User License Agreement and Privacy Policy together with any exhibits or addenda.

"Company" means Eracent, Inc., owner of the CyberMsuite and SBOM-HQ platforms.

"Service" means the CyberMsuite and SBOM-HQ platforms, including its user interface, APIs, and associated documentation.

"User" means any individual or legal entity that accesses or uses the Service under a valid license.

"User Data" means all data uploaded by User to the Service.

"Enriched Data" means the output produced by the Service's processes.

"Catalog" means the proprietary taxonomy, algorithms, and curated content accessible via the Service.

"SLA" means any Service Level Agreement or Master Services Agreement in effect between Company and User.

"Personal Data" means information that identifies or can be used to identify an individual, as defined under applicable privacy laws.

"API" means the application programming interface endpoints, SDKs, and related documentation that expose IT-Pedia functionality programmatically.

"API Key" means the unique credential issued to User to authenticate API calls.

2. License to Use the Service

Company grants User a non-exclusive, non-transferable license to access and use the Service solely for internal business purposes in accordance with this Agreement and any applicable SLA.

3. Ownership and Data Rights

  • User retains all ownership rights in its User Data.
  • User is licensed to use the Service. Redistribution or external use requires Company's prior written consent.
  • Company retains all rights, title, and interest in the Service, Catalog, algorithms, software, and documentation.

4. Use Restrictions

User shall not:

  • Modify, reverse engineer, decompile, or disassemble the Service.
  • Extract source code, data models, or proprietary content.
  • Use the Service or its outputs to offer data enrichment to third parties.
  • Share login credentials or permit unauthorized access.
  • Incorporate the Catalog into third-party tools or derivative products without approval.

5. Use of Enriched Data

Enriched Data may be integrated into internal systems, CMDBs, reporting tools, and dashboards for internal use only. Public or commercial redistribution is prohibited without Company's express permission.

6. Access to Proprietary Catalog

Permitted Use:

  • View and query the Catalog via the Service UI for internal reference.

Prohibited Use:

  • Downloading, exporting, scraping, or mining the Catalog in part or whole.
  • Training external AI or data models on Catalog content.
  • Sharing Catalog content with competitors or third parties without approval.

7. API Access and Use

Authentication & Keys

  • User must secure and not share their API Key.
  • Compromised keys must be revoked and rotated immediately.

Rate Limits & Quotas

  • API calls are subject to the rate limits and quotas defined in the applicable SLA or API documentation. Exceeding limits may result in throttling or suspension.

Permitted Uses

  • Calls may only access User Data and Enriched Data belonging to the calling account.
  • API results can be integrated into internal systems consistent with Section 5 (Use of Enriched Output).

Prohibited Uses

  • No bulk scraping, harvesting, or redistribution of Catalog content via the API.
  • No reverse engineering of API responses or underlying models.
  • No embedding in publicly facing applications without written permission.

Security & Monitoring

  • Company may log API usage for security, auditing, and performance monitoring.
  • Company reserves the right to suspend keys for abuse or security incidents.

8. Anti-Scraping and Competitor Restrictions

Automated access (bots, scripts) is prohibited. Abuse or scraping behavior may result in immediate suspension or legal action. Competitors require explicit written authorization to use the Service.

9. Service Levels and Support

Company aims to provide 99% monthly uptime, excluding scheduled maintenance and force-majeure events. Support channels and response times are defined in the applicable SLA or MSA.

10. Indemnification

User agrees to indemnify, defend, and hold Company harmless from any third-party claims arising out of User's breach of this Agreement, unauthorized use of the Service, or violation of law.

11. Limitation of Liability

To the maximum extent permitted by law, Company's aggregate liability under this Agreement shall not exceed the fees paid by User in the twelve (12) months preceding the claim. Company is not liable for indirect, incidental, or consequential damages.

12. Force Majeure

Neither party is liable for delays or failures caused by acts beyond its reasonable control, including natural disasters, war, strikes, or government actions.

13. Suspension and Termination

Company may suspend or terminate User's access upon breach of this Agreement, misuse of the Service, or non-payment. Sections 3, 5, 6, 9, 10, 11, 13, 15, 16, and 19 survive termination.

14. Changes to Terms

Company may modify this Agreement with at least thirty (30) days' advance notice for material changes. Continued use after the effective date constitutes acceptance. Non-material changes may be posted without notice.

15. Partner and Reseller Use

Authorized partners and resellers operate under separate MSAs. This Agreement does not authorize third-party commercial offerings of the Service.

16. Governing Law

This Agreement is governed by the laws of the State of Delaware, without regard to conflict-of-law rules.

17. Dispute Resolution

Disputes shall be resolved by binding arbitration under the American Arbitration Association rules, with arbitration held in Delaware. Each party bears its own costs.

18. Web Site Terms of Use

These terms govern www.eracent.com and related sites. They cover general browsing, forms, blog interactions, and technical restrictions. Cookie, privacy, and intellectual property provisions below apply to web-site use.

19. Privacy Policy

19.1 Data Collection

We collect:

  • Contact details (name, email, phone) when you submit forms.
  • Login credentials, IP addresses, and usage logs to operate and secure the Service.

19.2 Use of Information

We use your data to:

  • Provide and maintain the Service.
  • Respond to support requests.
  • Monitor security and usage patterns.

19.3 Data Retention

User Data and Personal Data are retained only as long as necessary to fulfill service obligations, comply with law, or resolve disputes. Upon account termination or deletion request, data is erased within 60 days unless legal requirements dictate otherwise.

19.4 User Rights

Depending on jurisdiction, you may:

  • Access or receive a copy of your Personal Data.
  • Correct or update inaccurate information.
  • Request deletion or data portability.
  • Object to processing or withdraw consent.

Submit requests to sbomhq@eracent.com.

19.5 Cookies

This website uses only essential cookies required for its secure operation and proper functionality.

We do not use cookies for advertising, tracking, or analytics. These cookies do not identify you personally and are not shared with third parties.

19.6 Third-Party Disclosure & Links

We do not sell, trade, or rent Personal Data. We may share data to comply with laws or protect Company rights. External links are provided for convenience; we are not responsible for their policies.

19.7 Security Measures

We employ industry-standard safeguards, including SSL/TLS encryption, regular vulnerability scans, and access controls. You are responsible for securing your credentials.

19.8 Do Not Track Signals

We honor Do Not Track (DNT) signals and do not track or profile users when a DNT header is present.

19.9 Children's Privacy

We do not market to or knowingly collect Personal Data from children under 13.

19.10 Data Breach Response

In the event of a breach, we will notify affected users within seven (7) business days and cooperate with authorities.

19.11 Jurisdictional Privacy Rights

  • California residents: rights under CCPA/CPRA are honored, including "right to know" and "right to delete."
  • EU/UK residents: GDPR rights apply; a Data Processing Agreement is available on request.

20. Contact Information

For questions or concerns about this Agreement or Privacy Policy, contact:

sbomhq@eracent.com

Back to Home