Legal

Terms of Service

These terms govern your use of the CAIBots platform, APIs, and professional services. Please read them carefully before entering into a commercial relationship with CAIBots.

Effective Date: April 1, 2026

Last Updated: April 15, 2026

Version: 1.2

Jurisdiction: New Jersey, United States

Enterprise clients: Your commercial relationship with CAIBots is governed by your executed Master Services Agreement (MSA) and applicable Order Forms, which take precedence over these general terms. Contact contact@caibots.com to request your enterprise agreement documentation, Data Processing Agreement (DPA), or Business Associate Agreement (BAA).

Contents

01Acceptance of Terms 02Services Description 03Accounts & Access 04Data & Privacy 05Intellectual Property 06Permitted Use & Restrictions 07Payment & Pricing 08Service Levels 09Limitation of Liability 10Regulatory Compliance 11Term & Termination 12Governing Law & Contact

01 Acceptance of Terms

By accessing or using CAIBots services — including the CAIBots execution platform, APIs, demo environments, documentation, and any associated professional services — you ("Customer," "you," or "your") agree to be bound by these Terms of Service ("Terms"). If you are accessing the Services on behalf of an organization, you represent and warrant that you have authority to bind that organization to these Terms.

If you do not agree to these Terms, you may not use the CAIBots platform or services. These Terms constitute a binding legal agreement between you and CAIBots Inc., a New Jersey corporation.

02 Services Description

CAIBots provides an autonomous enterprise AI execution system designed for regulated industries. The platform executes business-critical workflows — including KYC/AML screening, fraud detection, credit underwriting, and investment research — directly within customer systems of record, with governance controls, human-in-the-loop authorization gates, and immutable audit trails.

2.1 Platform Components

The CAIBots execution engine and multi-agent orchestration system
Pre-built vertical execution agents (KYC/AML, Fraud Detection, Credit Underwriting, Investment Research)
Governance matrix and policy configuration tools
Integration connectors for supported systems of record
Audit log infrastructure and compliance reporting tools
ROI calculators, demo environments, and implementation documentation

2.2 Professional Services

CAIBots may provide implementation services, pilot engagements, training, and ongoing support under separately executed statements of work or order forms.

03 Accounts & Access

Access to the CAIBots platform requires an authorized account established through a commercial agreement. You are responsible for maintaining the confidentiality of all credentials and for all activities that occur under your account. You must notify CAIBots immediately of any unauthorized access or security breach at contact@caibots.com.

Enterprise deployments include role-based access control (RBAC) configuration as part of the implementation process. Access rights, approval authorities, and HITL gate configurations are established during the governance matrix setup phase.

04 Data & Privacy

CAIBots processes customer data solely to deliver the agreed services. Our data handling practices are governed by our Privacy Policy, available at caibots.com/privacy, and, for enterprise clients, by the applicable Data Processing Agreement (DPA).

4.1 Regulated Data

Customers deploying CAIBots in regulated contexts (financial services, healthcare) are responsible for ensuring appropriate data processing agreements are in place. CAIBots offers HIPAA Business Associate Agreements (BAAs) for healthcare deployments and GDPR-compliant DPAs for EU data processing. Contact your account representative to request these documents.

4.2 Audit Log Retention

Immutable audit logs generated by the CAIBots platform are retained for a minimum of 7 years to support regulatory examination requirements. Specific retention schedules may be configured per applicable regulation (e.g., BSA 5-year minimum, MiFID II 7-year minimum).

4.3 Data Residency

Data residency options, including US-only processing and EU data localization, are available for enterprise deployments. Contact your account representative for configuration options.

05 Intellectual Property

CAIBots and its licensors retain all intellectual property rights in the platform, software, architecture, documentation, and execution models. These Terms do not grant you any intellectual property license except the limited right to use the Services as described herein.

Customer data and configurations submitted to the platform remain the property of the Customer. CAIBots does not use Customer data to train or improve its models without explicit written consent.

Outputs generated by the CAIBots execution system (compliance memos, research briefs, audit logs, decisioning documents) are work product owned by the Customer, subject to any applicable regulatory requirements governing such documents.

06 Permitted Use & Restrictions

You may use CAIBots services solely for lawful business purposes consistent with your organization's regulatory obligations. You agree not to:

Reverse engineer, decompile, or disassemble any portion of the platform
Use the platform in violation of applicable laws or regulations
Transmit data that you are not authorized to process or that would violate third-party rights
Attempt to circumvent governance controls, HITL gates, or audit trail mechanisms
Resell or sublicense access to the platform without written authorization
Use the platform for purposes inconsistent with the vertical use cases for which you are licensed

07 Payment & Pricing

CAIBots operates on outcome-based pricing with a 20% hard cap on the value of outcomes delivered. Specific pricing, invoicing schedules, and payment terms are set forth in the applicable Order Form or commercial agreement.

All fees are exclusive of applicable taxes. Customer is responsible for all taxes, levies, or duties imposed by taxing authorities on the transactions described herein.

Invoices are due within 30 days of receipt unless otherwise specified in the applicable commercial agreement. Late payments accrue interest at 1.5% per month or the maximum rate permitted by law, whichever is lower.

08 Service Levels

CAIBots targets 99.5% platform uptime for production deployments, measured monthly, excluding scheduled maintenance windows communicated with 48 hours advance notice. Enterprise Service Level Agreements (SLAs) with specific uptime guarantees, response time commitments, and remediation procedures are available under enterprise commercial agreements.

For regulated environments where execution latency is material to compliance obligations (e.g., BSA filing deadlines, SWIFT recall windows), specific latency SLAs are negotiated as part of the enterprise agreement.

09 Limitation of Liability

TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, CAIBOTS SHALL NOT BE LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, OR PUNITIVE DAMAGES, INCLUDING LOSS OF PROFITS, DATA, OR BUSINESS OPPORTUNITY, ARISING OUT OF OR RELATED TO THESE TERMS OR THE SERVICES.

CAIBOTS' TOTAL AGGREGATE LIABILITY FOR DIRECT DAMAGES ARISING OUT OF OR RELATED TO THESE TERMS SHALL NOT EXCEED THE TOTAL FEES PAID BY CUSTOMER IN THE 12 MONTHS PRECEDING THE EVENT GIVING RISE TO THE CLAIM.

Nothing in these Terms limits either party's liability for fraud, gross negligence, willful misconduct, death or personal injury caused by negligence, or any liability that cannot be excluded or limited under applicable law.

9.1 Regulatory Actions

Customer remains solely responsible for its regulatory compliance obligations. CAIBots provides an execution platform and governance architecture; CAIBots does not provide legal, compliance, or regulatory advice. The Customer's compliance team is responsible for validating that platform configurations satisfy applicable regulatory requirements before production deployment.

10 Regulatory Compliance

CAIBots' governance architecture is designed to support compliance with SR 11-7, BSA/AML, FFIEC, MiFID II, DORA, HIPAA, EU AI Act, Basel III, Dodd-Frank, Regulation B, and Regulation E. Compliance with these frameworks in your specific deployment context remains the responsibility of the Customer and its designated compliance officers.

CAIBots maintains documentation supporting regulatory examination, including audit log architecture descriptions, model risk management documentation (SR 11-7 aligned), and integration architecture diagrams. This documentation is available to enterprise clients for inclusion in regulatory submissions and vendor risk assessments.

11 Term & Termination

These Terms remain in effect for the duration of your use of CAIBots services. Enterprise agreements specify initial terms and renewal provisions. Either party may terminate for material breach with 30 days written notice and cure period.

Upon termination, Customer retains access to its data for 90 days, after which data may be deleted except where retention is required by applicable law or regulation. Audit logs subject to regulatory retention requirements will be handled per applicable regulations.

12 Governing Law & Contact

These Terms are governed by the laws of the State of New Jersey, United States, without regard to its conflict of law provisions. Any disputes arising under these Terms shall be resolved through binding arbitration under AAA Commercial Arbitration Rules, with proceedings conducted in Princeton, New Jersey.

For questions about these Terms, enterprise agreements, DPAs, BAAs, or security review documentation:

Legal & Compliance Contact

Company: CAIBots Inc.

Address: Princeton, NJ 08540, United States

Email: contact@caibots.com

Phone: +1 (609) 721-2815

For security review: contact@caibots.com (subject: "Security Review Request")

For DPA/BAA requests: contact@caibots.com (subject: "Data Agreement Request")

These Terms were last updated on April 15, 2026. CAIBots reserves the right to update these Terms with reasonable notice. Material changes will be communicated to active customers via email.