Legal
These Terms of Service ("Terms") govern your access to and use of the websites, products, APIs, and services provided by ComplyRim LLC ("ComplyRim," "we," "us," or "our"), including CRS, TraceRoot, CMDA, Vendor Triage, AgentSpendrix, Issue Manager, Evidence Vault, Shield, Instant ISO, and CaaS (collectively, the "Services"). By accessing or using the Services, you agree to these Terms. If you do not agree, do not use the Services.
You must be at least 18 years old and able to form a binding contract. If you use the Services on behalf of an organization, you represent that you have authority to bind that organization. You are responsible for maintaining the confidentiality of your credentials and all activity under your account.
Fees are listed on complyrim.com or in AWS Marketplace. Subscriptions renew automatically on a monthly or annual cycle unless cancelled before the renewal date. Fees are non-refundable except where required by law.
If you purchase through AWS Marketplace, billing, invoicing, and taxes are governed by AWS Marketplace terms. ComplyRim receives subscription confirmations from AWS and grants access accordingly.
We may change prices on renewal with at least 30 days' notice.
Free tiers may have usage limits, feature restrictions, or time limits. We may modify or discontinue free tiers at any time.
Subject to these Terms and your payment of applicable fees, ComplyRim grants you a limited, non-exclusive, non-transferable, revocable license to access and use the Services for your internal business purposes.
You retain all rights to the data you submit or generate in the Services ("Customer Data"). You grant ComplyRim a worldwide, non-exclusive license to host, process, and transmit Customer Data solely to provide the Services.
When you deploy ComplyRim scanners into your AWS account, you authorize ComplyRim to read configuration metadata via the IAM role you create. You are responsible for the IAM role's permissions. ComplyRim does not modify your AWS resources unless you use a feature that explicitly states it does so.
ComplyRim maintains operational backups of platform data. You remain responsible for exporting and preserving Customer Data for your own compliance and audit needs.
You must not:
Reports, scores, recommendations, and other outputs of the Services ("Outputs") are provided for informational purposes only. ComplyRim is not a law firm, CPA firm, or certified audit firm. Outputs do not constitute legal, accounting, or audit advice and do not guarantee any compliance or certification outcome. You are solely responsible for decisions made in reliance on Outputs, for engagement of qualified auditors, and for the accuracy of information you provide.
If you purchase Compliance-as-a-Service or other professional services, separate statements of work govern scope, fees, and deliverables. Where these Terms conflict with an executed SOW, the SOW controls for that engagement.
Each party will protect the other's confidential information using at least the same degree of care it uses for its own confidential information (and no less than reasonable care). Customer Data is deemed Customer's Confidential Information.
ComplyRim and its licensors own all rights in the Services, including software, models, scoring methodologies, templates, and documentation. Feedback you provide is licensed to ComplyRim on a royalty-free, perpetual basis.
The Services integrate with third-party services (AWS, GitHub, Slack, Jira, etc.). Your use of those services is governed by their terms. ComplyRim is not responsible for third-party service availability or changes.
ComplyRim warrants that the Services will materially conform to published documentation. EXCEPT AS EXPRESSLY STATED, THE SERVICES AND OUTPUTS ARE PROVIDED "AS IS" AND "AS AVAILABLE," WITHOUT WARRANTIES OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT, OR ANY WARRANTY THAT USE WILL RESULT IN COMPLIANCE WITH ANY LAW OR STANDARD.
TO THE MAXIMUM EXTENT PERMITTED BY LAW, IN NO EVENT WILL EITHER PARTY BE LIABLE FOR INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, OR PUNITIVE DAMAGES, OR FOR LOST PROFITS, REVENUE, OR DATA. EACH PARTY'S TOTAL LIABILITY ARISING OUT OF OR RELATING TO THESE TERMS WILL NOT EXCEED THE FEES PAID OR PAYABLE BY YOU TO COMPLYRIM IN THE 12 MONTHS PRECEDING THE EVENT GIVING RISE TO THE CLAIM.
You will defend, indemnify, and hold harmless ComplyRim from any third-party claims arising from (a) your Customer Data, (b) your violation of these Terms or law, or (c) your misuse of the Services.
These Terms apply while you use the Services. Either party may terminate for material breach uncured after 30 days' notice. We may suspend or terminate immediately for security, legal, or non-payment reasons. On termination, your right to use the Services ends and we will delete Customer Data within 60 days, except where retention is required by law.
We may update the Services and these Terms. Material changes to these Terms will be notified by email or in-product notice at least 30 days in advance. Continued use after the effective date constitutes acceptance.
These Terms are governed by the laws of the State of Idaho, without regard to conflict-of-laws principles. Disputes will be resolved exclusively in the state or federal courts located in Bonneville County, Idaho, unless otherwise required by law. You and ComplyRim waive any right to a jury trial.
You represent that you are not located in a country subject to U.S. embargo and are not a restricted party. You will not export the Services in violation of U.S. or other applicable export laws.
With your consent (which may be included in an order form or SOW), ComplyRim may use your name and logo to identify you as a customer.
These Terms, together with the Privacy Policy and any order form or SOW, constitute the entire agreement between you and ComplyRim and supersede prior agreements on the same subject.
ComplyRim LLC
Email: legal@complyrim.com
Support: support@complyrim.com
Address: Idaho Falls, ID, USA