Last updated: 01/01/26

These Terms of Service ("Terms") govern your access to and use of the websites, products, applications and services (together, the "Services") provided by Artifact AI Ltd, a company registered in England and Wales (company number 15744501) ("Artifact AI", "we", "us", "our").

By accessing the Services, signing an Order Form referencing these Terms, or clicking "I accept", you agree to these Terms. If you accept on behalf of a company or other legal entity, you represent that you have authority to bind that entity, and "you" and "your" will refer to that entity. If you do not agree, you must not use the Services.

1. Definitions

• "Affiliate" means an entity that controls, is controlled by, or is under common control with a party.

• "Authorised User" means an individual you authorise to use the Services on your behalf, including your employees, contractors and agents.

• "Customer Data" means any data, content or information that you or your Authorised Users submit to, or generate through use of, the Services, including client records, financial records, documents, and the contents of any Customer Knowledge Files (such as ".md" files or equivalent) created in or for your account.

• "Documentation" means the technical and user documentation we make available for the Services.

• "Order Form" means an ordering document or online order specifying the Services, fees and term, executed between you and us.

• "Subprocessor" means a third party engaged by us to process Customer Data on our behalf.

• "Usage Data" means anonymised, aggregated or de-identified data and metrics derived from operation of the Services that does not identify you, your Authorised Users, or any natural person.

2. The Services

2.1 Provision. Subject to your compliance with these Terms and timely payment of Fees, we grant you a non-exclusive, non-transferable, non-sublicensable right during the Term to access and use the Services for your internal business purposes, in accordance with the Documentation and any limits set out in your Order Form.

2.2 Authorised Users. You are responsible for the acts and omissions of your Authorised Users, for the security of their credentials, and for ensuring their use of the Services complies with these Terms.

2.3 Service Availability. We will use commercially reasonable efforts to make the Services available 24/7, excluding scheduled maintenance, emergency maintenance, and downtime caused by factors outside our reasonable control. Specific service level commitments, if any, are set out in the applicable Order Form or service level agreement.

3. Acceptable Use

You may only use the Services for lawful business purposes. You must not, and must not allow any third party to:

• reverse engineer, decompile, disassemble or otherwise attempt to derive the source code or underlying ideas, algorithms, structure or organisation of the Services, except to the extent permitted by applicable law;

• use the Services to build a competing product, train a competing machine-learning model, or benchmark the Services for publication without our prior written consent;

• interfere with or disrupt the integrity or performance of the Services, or attempt to gain unauthorised access to the Services or related systems;

• upload or transmit any material that is unlawful, infringing, defamatory, malicious, or contains viruses or other harmful code;

• use the Services in violation of applicable law, including export control, sanctions, anti-money-laundering, data protection or privacy laws;

• use any robot, scraper or automated means to access the Services other than through documented APIs;

• access another user's account without permission, or share, sell or transfer access credentials.

4. Customer Data, Ownership and Portability

4.1 Ownership. As between the parties, you retain all right, title and interest in and to Customer Data, including any Customer Knowledge Files (such as client-specific ".md" files, instructions, prompt libraries, or workflow definitions you create or upload). We claim no ownership over Customer Data.

4.2 Licence to Us. You grant us a worldwide, non-exclusive, royalty-free licence to host, copy, transmit, display and process Customer Data solely as necessary to (a) provide and maintain the Services for you, (b) prevent or address technical or security issues, (c) comply with law, and (d) generate Usage Data as defined in Section 4.4.

4.3 No Training of Generalised Models on Customer Data. We will not use Customer Data to train, fine-tune or improve any generalised or non-personalised AI/ML model that is made available outside your account.

4.4 Usage Data. We may collect and use Usage Data to operate, secure, support, analyse and improve the Services, provided such Usage Data is anonymised, aggregated or de-identified and cannot reasonably be used to identify you, your Authorised Users, or any natural person.

4.5 Data Portability and Exit. You may export Customer Data, including Customer Knowledge Files, at any time during the Term using export functionality made available within the Services or, where such functionality is not available, by written request to us. On termination or expiry, we will, on your written request made within thirty (30) days of termination, make Customer Data available to you in a commonly used machine-readable format. After that thirty (30) day period, we will delete or anonymise Customer Data in accordance with Section 9, unless we are required by law to retain it.

4.6 Customer Knowledge Files. Knowledge files, prompt libraries, workflow definitions, learned heuristics and any equivalent artefacts that you create within the Services (collectively, "Customer Knowledge Files") are Customer Data. You may export, port, or delete Customer Knowledge Files in accordance with Section 4.5. We will not transfer Customer Knowledge Files to any third party except as a Subprocessor under Section 7 or as required to perform the Services.

5. Fees and Payment

5.1 Trials and Promotions. We may offer trials or promotional offers for certain features. Unless stated otherwise in the Order Form, on expiration of any trial period a paid subscription will automatically begin in accordance with the applicable Order Form, and you may cancel before the trial ends to avoid being charged.

5.2 Fees. Fees are set out in the Order Form. Unless otherwise stated, Fees are non-refundable and may be invoiced in pounds sterling (GBP), euros (EUR) or US dollars (USD).

5.3 Payment Terms. You will pay Fees in accordance with the Order Form. Late amounts accrue interest at the lower of one and one-half percent (1.5%) per month or the maximum rate permitted by applicable law, from the due date until paid. We may suspend the Services for any account with amounts past due, on prior notice where reasonably practicable.

5.4 Subscription Auto-Renewal. Subscriptions automatically renew for successive periods equal to the initial term unless either party gives written notice of non-renewal at least thirty (30) days before the end of the then-current term. We may change Fees on renewal by giving at least thirty (30) days' prior written notice.

5.5 Taxes. Fees exclude all applicable taxes, duties and similar charges. You are responsible for all such amounts (other than taxes based on our net income).

6. Confidentiality

6.1 Definition. "Confidential Information" means non-public information disclosed by one party to the other that is identified as confidential or that should reasonably be understood to be confidential given its nature and circumstances of disclosure. Customer Data is your Confidential Information. Our software, source code, security architecture, pricing and product roadmap are our Confidential Information.

6.2 Obligations. Each party will (a) use the other party's Confidential Information only as necessary to perform under these Terms, (b) protect it using at least the same degree of care it uses for its own confidential information, and not less than reasonable care, and (c) limit disclosure to its personnel and advisers who have a need to know and are bound by confidentiality obligations no less protective.

6.3 Exclusions and Compelled Disclosure. Confidential Information does not include information that is or becomes generally known without breach, was known to the receiving party without confidentiality obligations before disclosure, was independently developed without reference to the disclosing party's Confidential Information, or is rightfully received from a third party without confidentiality obligations. If compelled by law to disclose Confidential Information, the receiving party will, where legally permitted, give the disclosing party prior notice and reasonable cooperation to seek a protective order.

7. Security and Subprocessors

7.1 Security Programme. We maintain a written information security programme that includes administrative, technical and physical safeguards appropriate to the nature of the Services and the Customer Data we process. Our programme is independently audited and we hold:

• SOC 2 Type II (Trust Services Criteria: Security, Availability, Confidentiality)

Our most recent attestation reports, security overview, and details of penetration testing and vulnerability management are available at https://www.getartifact.com/security or on request under NDA.

7.2 Subprocessors. We engage Subprocessors to help provide the Services (for example, cloud hosting, email delivery, customer support tooling, and AI/ML inference).

7.3 Subprocessor Obligations. We remain responsible for the acts and omissions of our Subprocessors as if they were our own. We require each Subprocessor by written contract to (a) process Customer Data only as instructed by us, (b) implement security measures appropriate to the risk, and (c) accept obligations equivalent to those in our Data Processing Addendum where it processes personal data.

7.4 Security Incident Notification. We will notify you without undue delay, and in any event within seventy-two (72) hours, after becoming aware of a confirmed security incident affecting Customer Data, and will provide updates as our investigation progresses.

8. Data Protection

8.1 Roles. When we process personal data contained in Customer Data on your behalf, you are the controller and we are the processor (or, where applicable, sub-processor). Our Privacy Policy describes the personal data we process as a controller (for example, account and contact data).

8.2 Privacy Policy. Our Privacy Policy, available at https://www.getartifact.com/privacy, describes how we collect, use, store, share and protect personal data in connection with the Services and is incorporated by reference into these Terms.

8.3 Applicable Laws. We operate the Services in compliance with applicable data protection laws, including the UK GDPR and Data Protection Act 2018, the EU GDPR, and, where applicable, US state privacy laws including the California Consumer Privacy Act as amended by the California Privacy Rights Act ("CCPA/CPRA"), the Virginia Consumer Data Protection Act, the Colorado Privacy Act, and other comparable US state laws.

9. Term, Termination, and Data Retention

9.1 Term. These Terms apply from your first acceptance and continue for the term specified in your Order Form, automatically renewing as set out in Section 5.4 unless terminated.

9.2 Termination for Cause. Either party may terminate these Terms or any Order Form on written notice if the other party (a) materially breaches these Terms and fails to cure within thirty (30) days of notice, or (b) becomes insolvent, files for bankruptcy or its equivalent, or ceases business operations.

9.3 Effect of Termination. On termination, your right to access the Services ends. Sections 1, 4 (insofar as relating to ownership and portability), 5 (for amounts accrued), 6, 9, 10, 11, 12, 13 and 14 survive termination.

9.4 Data Retention Schedule. Unless a longer period is required by law (including financial, tax, accounting and regulatory record-keeping obligations) or by your written instruction, we will retain data as follows:

• Customer Data (active account): retained for the duration of the Term and as necessary to provide the Services.

• Customer Data (post-termination): available for export for thirty (30) days after termination, then deleted or anonymised within ninety (90) days unless we are legally required to retain it.

• Backups: rolling encrypted backups retained for up to thirty-five (35) days; expired backups are overwritten in the ordinary course.

• Audit logs and security telemetry: retained for a minimum of twelve (12) months in line with SOC 2 and ISO 27001 requirements.

• Billing and tax records: retained for a minimum of seven (7) years to satisfy applicable tax and accounting obligations (or longer where local law requires).

• Marketing records: retained until you withdraw consent or object, then deleted within thirty (30) days.

Specific retention periods may be adjusted in writing in your Order Form or Data Privacy Policy.

10. Intellectual Property

We and our licensors own all right, title and interest in and to the Services, including all software, models, algorithms, user interfaces, Documentation, and any improvements or derivatives thereof. No rights are granted to you other than those expressly set out in these Terms. You grant us a non-exclusive, royalty-free, worldwide licence to use feedback you voluntarily provide for any purpose without obligation, provided we do not identify you as the source.

11. Warranties and Disclaimers

11.1 Mutual Warranties. Each party warrants that it has the legal authority to enter into these Terms and that its performance will not violate any other agreement or applicable law.

11.2 Service Warranty. We warrant that during the Term we will provide the Services in a professional and workmanlike manner and substantially in accordance with the Documentation. Your sole and exclusive remedy, and our entire liability, for breach of this warranty is, at our option, to re-perform the affected Services or to terminate the affected Order Form and refund pre-paid, unused Fees attributable to the affected Services.

11.3 Disclaimer. Except as expressly set out in these Terms, and to the maximum extent permitted by applicable law, the Services are provided "as is" and "as available", and we disclaim all other warranties, express, implied or statutory, including implied warranties of merchantability, fitness for a particular purpose, and non-infringement. We do not warrant that the Services will be uninterrupted or error-free, or that AI-generated outputs will be accurate, complete or fit for any particular purpose; you are responsible for human review of AI outputs used in regulated or client-facing work.

12. Indemnification

12.1 By Us. We will defend you against any third-party claim alleging that the Services, when used in accordance with these Terms and the Documentation, infringe such third party's intellectual property rights, and we will pay damages finally awarded by a court of competent jurisdiction or amounts agreed in settlement, provided you (a) promptly notify us in writing, (b) give us sole control of defence and settlement, and (c) reasonably cooperate. If the Services are or, in our opinion, may be the subject of a claim, we may at our option (i) procure the right for you to continue use, (ii) modify the Services to be non-infringing while preserving substantially equivalent functionality, or (iii) terminate the affected Services and refund pre-paid, unused Fees.

12.2 Exclusions. We have no obligation under Section 12.1 for claims arising from (a) Customer Data, (b) modifications not made by us, (c) combination of the Services with materials not provided by us where the combination causes the infringement, or (d) use after we have asked you to stop.

12.3 By You. You will defend us against any third-party claim arising from (a) Customer Data, including claims that Customer Data infringes intellectual property rights or violates applicable law, or (b) your or your Authorised Users' breach of Section 3 (Acceptable Use) or applicable law, and will pay damages finally awarded or amounts agreed in settlement.

13. Limitation of Liability

To the maximum extent permitted by applicable law, except for (a) breach of Section 6 (Confidentiality) or Section 8 (Data Protection), (b) a party's indemnification obligations, (c) amounts owed under an Order Form, or (d) gross negligence, wilful misconduct or fraud:

• Neither party will be liable for any indirect, incidental, special, consequential, exemplary or punitive damages, or for loss of profits, revenue, goodwill, or data, even if advised of the possibility; and

• Each party's total cumulative liability arising out of or relating to these terms will not exceed the total amount of fees paid by you to us under the applicable Order Form in the twelve (12) months immediately preceding the event giving rise to liability.

Nothing in these terms limits liability for death or personal injury caused by negligence, or any other liability that cannot be limited or excluded under applicable law.

14. Governing Law and Dispute Resolution

14.1 If you are based in the United Kingdom, EEA, Switzerland, Middle East, Africa, or Asia (excluding the Americas): These Terms are governed by the laws of England and Wales, and the parties submit to the exclusive jurisdiction of the courts of England and Wales.

14.2 If you are based in the Americas (including the United States and Canada): These Terms are governed by the laws of the State of Delaware, USA, excluding its conflict-of-laws principles. The parties submit to the exclusive jurisdiction of the state and federal courts located in Dover, Delaware. The UN Convention on Contracts for the International Sale of Goods does not apply.

In each case, either party may seek injunctive or equitable relief in any court of competent jurisdiction to protect its intellectual property or Confidential Information.

15. Open Banking

Artifact AI Ltd is an agent of Plaid Financial Ltd, an authorised payment institution regulated by the Financial Conduct Authority under the Payment Services Regulations 2017 (Firm Reference Number: 804718). Plaid provides regulated account information services through Artifact AI Ltd as its agent.

16. Notices

Notices to us must be sent to support@artifactai.uk and to our registered office. Notices to you may be given via the email address on your account or as set out in the Order Form. Notices are deemed received on the next business day for email, on receipt for hand delivery, and three (3) business days after posting for first-class mail.

17. General

17.1 Entire Agreement. These Terms, together with any Order Form, Data Privacy Policy, and policies referenced herein, constitute the entire agreement between the parties and supersede all prior agreements regarding the subject matter.

17.2 Order of Precedence. In conflict: (1) Order Form, (2) Data Privacy Policy, (3) these Terms, (4) Documentation.

17.3 Amendments. We may update these Terms. For material changes we will give at least thirty (30) days' notice via email or in-product notice. If you do not agree, you may terminate the affected Services on written notice within that period and receive a pro-rated refund of pre-paid, unused Fees.

17.4 Assignment. You may not assign without our prior written consent (not unreasonably withheld), except to an Affiliate or in a merger, acquisition or sale of substantially all assets, where the assignee agrees in writing to be bound. We may assign in connection with a corporate transaction.

17.5 Severability. If any provision is held unenforceable, the remaining provisions remain in effect.

17.6 Waiver. A failure to enforce any right is not a waiver.

17.7 Force Majeure. Neither party is liable for delay or failure caused by events beyond reasonable control.

17.8 Independent Contractors. The parties are independent contractors.

17.9 Third-Party Beneficiaries. Except for an Affiliate of either party, there are no third-party beneficiaries.

18. Contact

Email: support@artifactai.uk