Account Registration

To use the Service, you must create an account by providing accurate and complete information. You agree to:

• Provide truthful, accurate, and complete registration information
• Update your information to keep it current
• Be at least 18 years old or have parental/guardian consent
• Have authority to bind your organization (if applicable)

Account Security

You are responsible for:

• Maintaining the confidentiality of your account credentials
• All activities that occur under your account
• Notifying us immediately of any unauthorized access
• Ensuring your team members comply with these Terms
• Using strong passwords and enabling two-factor authentication where available

Important: You may not share account credentials or allow unauthorized access to your account.

Organization Accounts

For organization accounts:

• Account owner has full control over team members and billing
• You can invite multiple users to your organization
• Each user must accept these Terms individually
• You are responsible for all activity by your team members
• Removing a team member immediately revokes their access

Cloud-Hosted Service Pricing

Agent Seat Pricing

• 20 agents per subscribed user: FREE with any paid plan
• 21-99 agents: $5/agent/month ($4.25 annual)
• 100-999 agents: $4/agent/month ($3.40 annual)
• 1,000-9,999 agents: $3/agent/month ($2.55 annual)
• 10,000+ agents: $2/agent/month ($1.70 annual)

Infrastructure Fees (Optional Dedicated Tiers)

• Shared (0-99 agents): $0 - Shared multi-tenant infrastructure
• Tier 1 (100-999): +$87/month - Dedicated instance + subdomain
• Tier 2 (1,000-9,999): +$194/month - Load balanced + Redis caching
• Tier 3 (10,000+): +$666/month - High availability + 24/7 support

Billing Terms

• Billed monthly or annually (15% discount on annual)
• Billed in advance at start of billing period
• Agent count based on highest count during billing period
• Subscriptions renew automatically unless cancelled

Self-Hosted Licensing

Annual License

Perpetual License

Payment Terms

• All payments processed through Stripe
• We accept major credit cards
• Enterprise customers may request invoice billing
• Failed payments may result in service suspension
• Past due accounts subject to late fees and collection

Price Changes

We reserve the right to modify pricing with 30 days' advance notice via email and dashboard notification. Continued use after price changes constitutes acceptance.

Cancellation and Refunds

Cloud Service

• Cancel anytime through your account dashboard
• Access continues until end of current billing period
• No refunds for partial months or unused queries
• Annual subscriptions: Prorated refund if cancelled within 30 days

Self-Hosted Licenses

• Annual: No refunds. License valid through paid period.
• Perpetual: No refunds after delivery of software and license key.
• Trial Period: 30-day evaluation licenses available upon request.

Prohibited Activities

You agree NOT to:

Illegal or Unauthorized Use

• Use the Service for any illegal purpose or to violate any laws
• Monitor systems without proper authorization
• Access systems or data you don't have permission to monitor
• Violate privacy laws or regulations (GDPR, CCPA, etc.)

Technical Restrictions

• Reverse engineer, decompile, or disassemble the software
• Attempt to bypass license validation or usage limits
• Exceed licensed agent limits (self-hosted deployments)
• Share account credentials or licenses with unauthorized parties
• Interfere with or disrupt the Service or servers
• Attempt to gain unauthorized access to systems or data

Commercial Restrictions

• Use the Service to develop competing products or services
• Resell, sublicense, or transfer your license without written consent
• Provide service bureau or time-sharing services to third parties
• Use the Service on behalf of others without authorization

Abusive Behavior

• Upload malicious code, viruses, or harmful content
• Use the Service to spam, harass, or harm others
• Generate excessive load or abuse system resources
• Attempt to exploit security vulnerabilities

Authorized Monitoring

You represent and warrant that:

• You own or control all systems where agents are deployed
• You have obtained necessary permissions to monitor systems
• You have notified users if required by applicable law
• Your monitoring complies with all applicable laws and regulations
• You will not monitor personal devices without explicit consent

Consequences of Violations

Violations may result in:

• Immediate suspension or termination of your account
• Removal of content or data
• Legal action and reporting to authorities
• Liability for damages
• Permanent ban from the Service

Shell, Remote Access & Command Execution

ET Ducky provides approved script execution, file transfer, and remote desktop capabilities as tools for authorized system administration. All scripts must be reviewed and approved by an ET Ducky administrator before execution. You are solely and exclusively responsible for all actions taken through these features.

Your Responsibilities

• You are solely responsible for every command executed, file transferred, and remote desktop session initiated through the Service, regardless of which user in your organization performs the action
• Actions taken via the ET Ducky platform are legally equivalent to actions taken directly on the endpoint — ET Ducky is a conduit and bears no responsibility for the outcomes
• You must ensure all approved scripts and file transfers comply with applicable laws, your organization's policies, and the terms of any software being installed or executed
• You are responsible for ensuring that only authorized personnel have access to script execution, file transfer, and remote desktop features within your organization
• You must not use these features to install unauthorized software, exfiltrate data, circumvent security controls, or perform any action you would not be permitted to perform with direct physical or administrative access to the endpoint

No Review or Filtering

• ET Ducky does not review, inspect, filter, or pre-approve commands, scripts, or files executed or transferred through the platform
• ET Ducky is not a party to actions performed on endpoints via the Service and assumes no liability for the results of those actions
• The availability of a capability within the platform does not constitute authorization or endorsement of any particular use of that capability

Audit Logging

• All script executions, file transfers, and remote sessions are logged and associated with the authenticated user who initiated them
• These logs may be provided to law enforcement or other authorities in response to lawful requests, or in connection with investigation of violations of these Terms
• You acknowledge that these logs constitute an accurate record of actions taken through your account

Important: If you suspect unauthorized use of your account or that commands have been executed without your authorization, you must immediately revoke agent tokens, rotate credentials, and contact [email protected]. You remain responsible for all activity occurring under your account until such steps are taken.

Cloud-Hosted Service

Data Collection

Agents collect and transmit:

• System health metrics (CPU, memory, disk, network)
• Hardware health metrics (thermal, battery, optional SMART data)
• Curated kernel-level evidence: inflection-bracketed events around metric anomalies and the events that triggered any behavioral-security rule firing. Kernel events are captured via Event Tracing for Windows (ETW) on Windows or eBPF tracepoints on Linux.
• Diagnostic information during live query sessions and when an explicit collection command is active
• Agent version, system information, distribution and kernel identity (Linux), and connectivity status
• Audit metadata for any operator-driven privilege elevation: command summary, operator identity, source IP, exit code (passwords are never stored or logged)

By default, raw kernel events are not continuously transmitted. They remain on the endpoint and age out under a configurable retention policy. Raw events transmit only while a live query session is open or a collection command is active, and only for the duration of that work.

Data Storage and Processing

• Data stored in our cloud infrastructure (DigitalOcean)
• Encrypted in transit (TLS 1.3) and at rest
• Retention: 14 days by default, extendable to 90, 365, or 730 days via per-agent retention add-ons
• Processed using AI services (Anthropic Claude, OpenAI)
• AI analysis performed on-demand, not continuously

Data Usage

• We use your data only to provide the Service
• We do NOT use your data to train AI models
• We do NOT sell or share your data with third parties
• AI providers process queries per their terms (not for training)

Data Ownership

You retain all rights to your data. We claim no ownership over data you collect and store through the Service.

Self-Hosted Deployments

• Your Infrastructure: All data remains on infrastructure you control
• No Access: We do not have access to your collected data
• Your AI Keys: You provide your own AI API keys and accept their terms
• License Validation: Software validates license key with our servers (requires internet)
• No Data Transmission: Only license validation data sent to our servers, not monitoring data

Your Responsibilities

• Comply with all applicable privacy laws (GDPR, CCPA, HIPAA, etc.)
• Obtain necessary consents for monitoring
• Provide appropriate privacy notices to monitored users
• Implement appropriate security measures
• Do not collect or process sensitive data without proper safeguards

Privacy Policy

See our separate Privacy Policy for complete details on how we collect, use, and protect your information.

Ownership

The Service, including all software, documentation, trademarks, logos, and content, is owned by ET Ducky and protected by copyright, trademark, patent, and other intellectual property laws.

License Grant

Your license to use the Service does NOT transfer any ownership rights. You receive only a limited license to use the Service as described in these Terms and the EULA.

Restrictions

• You may not copy, modify, or create derivative works
• You may not remove or alter any proprietary notices
• You may not use our trademarks without written permission
• Source code remains confidential and proprietary
• You may not register confusingly similar trademarks or domains

Feedback

If you provide feedback, suggestions, or ideas about the Service, you grant us a perpetual, irrevocable, worldwide, royalty-free license to use, modify, and incorporate such feedback without compensation or attribution.

Service Availability

Cloud Service SLAs

• Shared/Tier 1/Tier 2: Best effort availability, no SLA guarantee
• Tier 3: 99.9% uptime SLA with automatic failover
• Maintenance: Scheduled maintenance announced 48 hours in advance
• Downtime Credits: Available for Tier 3 customers per SLA terms

Self-Hosted

For self-hosted deployments, you are responsible for availability and uptime of your infrastructure.

Warranty Disclaimer

THE SERVICE IS PROVIDED "AS IS" AND "AS AVAILABLE" WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR IMPLIED.

We disclaim all warranties including but not limited to:

• MERCHANTABILITY
• FITNESS FOR A PARTICULAR PURPOSE
• NON-INFRINGEMENT
• ACCURACY OR RELIABILITY
• UNINTERRUPTED OR ERROR-FREE OPERATION

We do not warrant that:

• The Service will meet your requirements
• Results will be accurate or reliable
• AI analysis will detect all issues
• AI recommendations will be correct
• Errors will be corrected

Important: You are responsible for validating all AI-generated recommendations before implementing them on production systems.

Limitation of Liability

TO THE MAXIMUM EXTENT PERMITTED BY LAW, ET DUCKY SHALL NOT BE LIABLE FOR:

• INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, OR PUNITIVE DAMAGES
• LOSS OF PROFITS, DATA, USE, GOODWILL, OR OTHER INTANGIBLE LOSSES
• SERVICE INTERRUPTIONS OR PERFORMANCE ISSUES
• DAMAGES RESULTING FROM AI ANALYSIS ERRORS
• SYSTEM FAILURES OR DATA LOSS ON MONITORED SYSTEMS
• UNAUTHORIZED ACCESS OR DATA BREACHES
• THIRD-PARTY ACTIONS OR CONTENT

TOTAL LIABILITY: Our total liability shall not exceed the greater of:

• Amounts paid by you in the 12 months preceding the claim, OR
• $100

Indemnification

You agree to indemnify, defend, and hold harmless ET Ducky from any claims, damages, losses, liabilities, or expenses (including legal fees) arising from:

• Your use or misuse of the Service
• Your violation of these Terms
• Your violation of any rights of others
• Unauthorized monitoring or data collection
• Your breach of applicable laws or regulations
• Content or data you submit or collect

Termination by You

You may terminate your account at any time by:

• Cancelling your subscription through the dashboard, OR
• Contacting support at [email protected]

Your access will continue through the end of your current billing period.

Termination by Us

We may suspend or terminate your access immediately, without prior notice, if:

• You violate these Terms or the EULA
• Your payment fails or account is past due (>30 days)
• You exceed licensed agent limits (self-hosted)
• We detect fraudulent, abusive, or illegal activity
• Required by law or court order
• Necessary to protect our rights or prevent harm

Effect of Termination

Cloud Service

• All access to the Service immediately terminates
• All agents stop reporting to the platform
• Data retained for 30 days, then permanently deleted
• You may export data before termination through the dashboard
• No refunds for unused time or queries

Self-Hosted Annual License

• License expires at end of paid term
• CloudAPI stops accepting new agent connections
• Existing agents continue health metrics only (no diagnostics)
• No updates or support after expiration
• Contact sales to renew

Self-Hosted Perpetual License

• Software continues to function (you own it)
• No updates or support without active maintenance
• License key remains valid
• Must resume maintenance to receive updates

Survival

The following sections survive termination:

• Data & Privacy (your obligations)
• Intellectual Property
• Warranties & Liability
• Indemnification
• Governing Law and Disputes

Governing Law

These Terms are governed by the laws of the State of Washington, United States, without regard to conflict of law principles.

Dispute Resolution

Informal Resolution

Before filing a claim, you agree to contact us at [email protected] to attempt informal resolution. We commit to working in good faith to resolve disputes.

Binding Arbitration

If informal resolution fails, disputes shall be resolved through binding arbitration administered by the American Arbitration Association (AAA) in accordance with its Commercial Arbitration Rules.

• Location: Washington State
• Rules: AAA Commercial Arbitration Rules
• Decision: Arbitrator's decision is final and binding
• Costs: Each party pays own legal fees unless arbitrator decides otherwise

Class Action Waiver

YOU AGREE TO RESOLVE DISPUTES INDIVIDUALLY. You waive any right to participate in class action lawsuits or class-wide arbitration.

Exceptions

Either party may seek injunctive relief in court for:

• Intellectual property infringement
• Unauthorized access or use
• Violations requiring immediate action

Export Compliance

The Service and software may be subject to U.S. export control laws. You agree to:

• Comply with all applicable export and import laws
• Not export or re-export to prohibited countries or entities
• Not use the Service for prohibited purposes (e.g., weapons development)
• Comply with sanctions and embargoes

Miscellaneous

Entire Agreement

These Terms, together with the EULA and Privacy Policy, constitute the entire agreement between you and ET Ducky and supersede all prior agreements.

Severability

If any provision is found invalid or unenforceable, the remaining provisions remain in full force and effect.

No Waiver

Failure to enforce any provision does not waive our right to enforce it later.

Assignment

You may not assign these Terms without our written consent. We may assign our rights and obligations without restriction.

Force Majeure

We are not liable for delays or failures due to circumstances beyond our reasonable control, including natural disasters, war, terrorism, pandemics, internet outages, or government actions.

Notice

Notices to you will be sent to your registered email address. Notices to us should be sent to [email protected].

Contact Information

For questions about these Terms:

Legal: [email protected]
Support: [email protected]
Sales: [email protected]