Terms of Service

By creating a Complair account, clicking "I agree", or using the service, you agree to these Terms of Service (the "Terms") and our Privacy Policy. If you are accepting on behalf of a company or other legal entity ("Customer"), you represent that you have the authority to bind that entity, and "you" refers to that entity.

If you do not agree, you must not use Complair.

Complair is a software-as-a-service workspace that helps organisations inventory their AI systems, classify risk under the EU AI Act, manage compliance checklists for GDPR and the European Accessibility Act, send vendor questionnaires, and auto-generate compliance documentation ("Service").

Features and plan limits are described on our pricing page and may change. We will not materially reduce functionality of a paid plan during a prepaid term without notice.

Each Customer has one workspace. Users belong to exactly one workspace and have one of the following roles: owner, admin, or member. Owners and admins can invite, promote, demote and remove users; members can operate within their assigned boards.

• You are responsible for all activity under your account and for keeping credentials confidential.
• You must notify us promptly at security@complair.eu of any unauthorised access.
• One person per seat. Seats are not transferable except in the case of a permanent personnel change.
• You must provide accurate registration information and keep it up to date.

Paid plans are billed monthly or annually in advance via Stripe. Prices on our pricing page are exclusive of applicable VAT. You authorise us (through Stripe) to charge the payment method on file at the start of each billing cycle.

• Renewal. Subscriptions renew automatically until cancelled. You can cancel in-app at any time; cancellation takes effect at the end of the current billing period.
• Upgrades take effect immediately with a prorated charge. Downgrades take effect at the end of the billing period.
• Refunds. Fees are non-refundable except where required by law. Annual plans cancelled mid-term are not refunded on a prorated basis unless we cause a material, unresolved service failure.
• Taxes. You are responsible for all taxes associated with your subscription other than taxes based on our net income.
• Failed payments. We may suspend the Service after repeated payment failures with reasonable notice.

You agree not to, and not to permit anyone else to:

• Use the Service in a way that violates any law, regulation, or third-party right;
• Upload content that is unlawful, infringing, defamatory, or otherwise harmful;
• Upload special categories of personal data (Article 9 GDPR) unless a valid legal basis exists and you have notified us in advance so we can agree appropriate safeguards;
• Attempt to probe, scan, or test the vulnerability of the Service without prior written authorisation;
• Interfere with the integrity, performance, or availability of the Service (including denial-of-service or excessive automated traffic);
• Reverse engineer, decompile, or copy the Service except to the extent expressly permitted by law;
• Use the Service to build a competing product, or to train machine-learning models using outputs from our AI-assisted features;
• Resell, sublicense, or otherwise commercially redistribute the Service without our written permission.

As between you and us, you own all data you submit to the Service ("Customer Data"). You grant us a worldwide, non-exclusive licence to host, copy, transmit and display Customer Data solely as necessary to operate and improve the Service for you, to provide support, and to meet our legal obligations.

We do not use Customer Data to train AI models. Aggregated, de-identified usage statistics (with no personal data or Customer identifiers) may be used to analyse and improve the Service.

Our handling of personal data is described in our Privacy Policy. Our Data Processing Agreement incorporates the EU Standard Contractual Clauses where applicable.

Parts of the Service use large language models (currently Anthropic Claude) to classify AI systems, answer compliance questions, and generate policy templates. These outputs are probabilistic and may be inaccurate, incomplete, or out of date. You must review every AI output before relying on it and are solely responsible for doing so.

As between you and us, and to the extent permitted by applicable law, outputs generated at your direction are yours to use within your organisation for compliance purposes. Similar outputs may be generated for other customers; you do not have exclusivity in outputs.

To deliver the Service we rely on a small set of subprocessors, each bound by a written data-processing agreement under Article 28 GDPR. Our current list — kept up to date — is available in the Privacy Policy. By using the Service you consent to their engagement, subject to the safeguards described there.

The Service may contain links to third-party sites and integrate with third-party tools (e.g. Stripe for payments). Those services are governed by their own terms and privacy policies; we are not responsible for their content or practices.

We and our licensors own all right, title and interest in and to the Service, including all software, design, trademarks, and content we provide (excluding Customer Data and outputs as described above). No rights are granted other than those expressly set out in these Terms.

Feedback you provide about the Service is given to us on a non-confidential basis; we may use it without restriction or compensation.

Each party will protect the other party's non-public information ("Confidential Information") using at least the same standard of care it uses for its own confidential information and not less than reasonable care. Confidential Information may be used only to perform obligations under these Terms and disclosed only to personnel with a need to know who are bound by confidentiality obligations.

We maintain administrative, technical and organisational measures designed to protect Customer Data, including encryption in transit (TLS 1.2+), encryption at rest, role-based access controls, least-privilege access for our personnel, centralised logging, and routine backups. We will notify you without undue delay of any confirmed security incident affecting your Customer Data.

These Terms start when you first accept them and continue while you use the Service. Either party may terminate a subscription for convenience in accordance with section 5. We may suspend or terminate your access immediately if you materially breach these Terms (including section 6 — acceptable use) or if required by law.

On termination, we will provide 30 days to export Customer Data, after which we may permanently delete it. Sections that by their nature should survive termination (IP, confidentiality, liability, governing law) will survive.

Except as expressly set out in these Terms and to the maximum extent permitted by applicable law, the Service is provided "as is" and "as available". We disclaim all other warranties, express or implied, including merchantability, fitness for a particular purpose, non-infringement, and any warranty arising from course of dealing or usage of trade.

Nothing in these Terms excludes liability that cannot be excluded under mandatory consumer law.

To the maximum extent permitted by applicable law, neither party will be liable for any indirect, incidental, special, consequential, or punitive damages, or for any loss of profits, revenue, data, or goodwill arising out of or related to these Terms, even if advised of the possibility of such damages.

Our total aggregate liability arising out of or related to these Terms will not exceed the fees paid by you to us for the Service in the twelve (12) months preceding the event giving rise to the claim.

These limits do not apply to liability for gross negligence, wilful misconduct, fraud, or any liability that cannot be limited under applicable law.

You will defend and indemnify us against third-party claims arising from (a) Customer Data, (b) your breach of section 6 (acceptable use), or (c) your use of Service outputs in violation of applicable law. We will defend and indemnify you against third-party claims that the Service, as provided by us, infringes a third party's intellectual property rights, subject to the liability cap in section 15.

These Terms are governed by the laws of Romania, without regard to conflict-of-laws rules. The courts of Iași, Romania have exclusive jurisdiction over any dispute arising out of or related to these Terms, except that either party may seek injunctive relief in any court of competent jurisdiction.

Nothing in this section deprives consumers of mandatory protections available under the law of their country of habitual residence.

We may update these Terms from time to time. If a change is material, we will give reasonable advance notice by email or in-app banner before the change takes effect. Continued use after the effective date constitutes acceptance of the updated Terms.

Questions about these Terms? Write to legal@complair.eu.