Icite Terms of Service
Last updated May 5th 2025
These Terms of Service ("Terms") govern your access to and use of the identity investigation services provided by Icite, Inc. ("Icite," "we," "us," or "our") available at app.icite.io and any related websites or services (collectively, the "Service"). These Terms form a binding legal agreement between Icite, Inc., a Delaware corporation with offices at 1980 Post Oak Boulevard, Suite 100, Houston, TX 77056, and the business entity you represent ("Customer," "you," "your").
By accessing or using the Service, creating an account, or clicking a button indicating your acceptance, you agree on behalf of the Customer to be bound by these Terms and our Privacy Policy (https://www.iubenda.com/privacy-policy/51043536). If you do not agree to these Terms, do not use the Service. If you are accessing the Service on behalf of an organization, you represent and warrant that you have the authority to bind that organization to these Terms.
Simply put: These are the rules for using Icite's service. By using it, your company agrees to these rules. You also need the authority to agree on behalf of your company. Make sure to also read our Privacy Policy.
1. The Service
1.1. Description: The Service is a B2B SaaS identity investigation tool designed for Security Operations Center (SOC) responders and similar roles. It assists in quickly isolating individual user identities during investigations by processing log data and configuration information provided by the Customer. The goal is to speed up investigations, improve incident response, and remove roadblocks associated with identity correlation.
1.2. Access: Subject to your compliance with these Terms and payment of applicable fees, Icite grants Customer a limited, non-exclusive, non-transferable, non-sublicensable, revocable right during the Subscription Term (defined below) for its authorized employees and contractors ("Authorized Users") to access and use the Service solely for Customer's internal security operations.
1.3. Roles: The Service allows for different user roles, such as Owner, Admin, Integration User, and User, which may have different permissions and capabilities as defined within the Service documentation.
Simply put: Section 1 explains what Icite does (helps investigate user identities for security teams) and grants your company permission (a license) to use it for your internal security work, as long as you follow these rules and pay any fees. There are different types of user accounts with different permissions.
2. Customer Accounts
2.1. Registration: To access the Service, Authorized Users must register for an account, typically via supported Social Logins (e.g., Google, Microsoft) or email-based magic links. Customer is responsible for ensuring its Authorized Users provide accurate and complete registration information and keep it up to date.
2.2. Responsibility: Customer is responsible for all activities that occur under its accounts and its Authorized Users' accounts. Customer must maintain the confidentiality of account credentials and promptly notify Icite of any unauthorized access or use. While the Service does not have specific age restrictions, Customer represents that all Authorized Users are of legal age to enter into binding contracts, typically adults acting in a professional capacity.
2.3. Administration: Customer designates one or more administrators (e.g., "Owner," "Admin") who have control over the Customer's Service account, including managing Authorized Users and roles.
Simply put: Your company is responsible for the accounts used by your employees. Keep login details safe, provide accurate info, and tell us if something seems wrong. Your company controls who gets access and what they can do within your Icite account.
3. Fees and Payment
3.1. Trial: Icite may offer a free trial period (e.g., 14 days). Use of the Service beyond the trial period requires a paid subscription.
3.2. Subscription Fees: Customer agrees to pay all fees associated with its chosen subscription plan, as detailed on the Icite website or in a separate Order Form. Fees are typically based on the number of active users, service accounts and API keys in use in the environment and are payable in advance for the subscription period of 1, 2 or 3 years.
3.3. Payment Terms: Fees are due within 30 days of invoicing. Payments will be made via bank to bank or credit card through our third-party payment processor. The customer authorizes Icite (or its processor) to charge the applicable fees using the selected payment method.
3.4. Taxes: Fees are exclusive of taxes. Customers are responsible for all applicable taxes (sales, use, VAT, etc.), excluding taxes based on Icite's net income.
3.5. Late Payments: Late payments may incur interest at 3% per month or the maximum rate permitted by law, whichever is lower. Icite may suspend access to the Service for non-payment.
3.6. Price Changes: Icite reserves the right to change fees upon 30 days notice via email. Price changes will take effect at the start of the next billing cycle.
Simply put: There's a free trial. After that, you pay based on your subscription plan. We'll outline the specifics (how much, when due, how to pay) elsewhere. You're responsible for taxes. Pay on time to avoid interest or suspension. We might change prices, but we'll give you notice.
4. Customer Data and Privacy
4.1. Customer Data: Customer retains all ownership rights in and to the log data, configuration information, and other content or data provided by Customer or its Authorized Users to the Service ("Customer Data"). Customer Data is isolated per tenant.
4.2. Icite License: Customer grants Icite a worldwide, non-exclusive, royalty-free license during the Subscription Term to use, process, store, display, and transmit Customer Data solely as necessary to provide, maintain, and improve the Service for the Customer.
4.3. Privacy Policy: Icite's collection and use of personal information associated with the use of the Service (e.g., Authorized User account information) is governed by our Privacy Policy (https://www.iubenda.com/privacy-policy/51043536), which is incorporated into these Terms.
4.4. Data Processing (GDPR/CCPA): Customer acknowledges that Customer Data may include personal data of its employees or other individuals, subject to data protection laws like GDPR or CCPA. In this context:
(a) Customer is typically the "Data Controller" (or equivalent term) responsible for the lawfulness of processing Customer Data, including providing necessary notices and obtaining consents.
(b) Icite acts as a "Data Processor" (or equivalent term), processing Customer Data on behalf of and according to the instructions of the Customer (as outlined in these Terms and the Privacy Policy).
(c) If required by law, the parties may need to enter into a separate Data Processing Addendum (DPA).
4.5. Security: Icite will implement reasonable technical and organizational measures designed to protect Customer Data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access.
Simply put: The data you upload (logs, config) is yours. You give us permission to use it only to provide and improve the Icite service for you. Your data is kept separate from other customers. Our Privacy Policy explains how we handle personal info like user account details. If GDPR/CCPA applies, your company is generally responsible for the data you put in (like employee logs), and we process it for you according to these terms. We take reasonable steps to keep your data secure.
5. Icite Intellectual Property
5.1. Ownership: Icite and its licensors retain all right, title, and interest in and to the Service, including the underlying software, platform, algorithms, user interface, documentation, trademarks, service marks, logos, and all related intellectual property rights ("Icite IP"). No ownership rights are transferred to the Customer.
5.2. Feedback: If Customer or Authorized Users provide suggestions, ideas, or feedback regarding the Service ("Feedback"), Icite may use such Feedback for any purpose without obligation or compensation to Customer.
5.3. Publicity: Customer hereby grants Icite, during the Subscription Term, a revocable, worldwide, non-exclusive, royalty-free license to reproduce Customer's trademarks, service marks, and logos in Icite's publicity or marketing materials (whether in printed or electronic form) solely for the purpose of identifying Customer as a customer of Icite.
Simply put: We own the Icite software and service itself. Using the service doesn't give your company ownership of our product. If you give us ideas on how to improve, we can use them freely. You also grant us permission, while you are a customer, to use your company's name and logo in our marketing materials (like on our website) to show that you are an Icite customer.
6. Acceptable Use and Restrictions
6.1. Prohibited Content and Conduct: Customer agrees not to, and not to permit Authorized Users to, process, access, store, distribute, or transmit any viruses, or any data or material during the course of its use of the Service that: (a) is illegal, unlawful, harmful, threatening, defamatory, obscene, abusive, infringing, harassing, or otherwise offensive; (b) invades another person’s privacy or is in breach of applicable privacy laws; (c) facilitates illegal activity; or (d) causes distress, damage, or injury to any person or property. Icite reserves the right, without liability to Customer, to disable Customer's access to any material that breaches the provisions of this section.
6.2. Usage Restrictions: Customer shall not, except as may be allowed by applicable law which is incapable of exclusion by agreement, and except to the extent expressly permitted under these Terms: (a) attempt to copy, modify, duplicate, create derivative works from, frame, mirror, republish, download, display, transmit, or distribute all or any portion of the Service in any form or media or by any means; (b) attempt to reverse compile, disassemble, reverse engineer, or otherwise reduce to human-perceivable form all or any part of the Service; (c) access all or any part of the Service in order to build a product or service which competes with the Service; (d) license, sell, rent, lease, transfer, assign, distribute, display, disclose, or otherwise commercially exploit, or otherwise make the Service available to any third party except the Authorized Users; or (e) attempt to obtain, or assist third parties in obtaining, unauthorized access to the Service.
6.3. Unauthorized Access: Customer shall use all reasonable endeavors to prevent any unauthorized access to, or use of, the Service and, in the event of any such unauthorized access or use, promptly notify Icite.
Simply put: This section outlines rules for using the service properly. Don't use our service to handle illegal, harmful, offensive, or privacy-invading data or viruses. We can block access to any material that violates these rules. Don't copy, modify, resell, or reverse engineer our service. Don't use it to build a competing product or try to access it in unauthorized ways. Do your best to prevent anyone unauthorized from accessing the service through your account, and tell us immediately if it happens.
7. Confidentiality
7.1. Definition: "Confidential Information" means any non-public information disclosed by one party ("Discloser") to the other ("Recipient"), whether orally or in writing, designated as confidential or that reasonably should be understood to be confidential given the nature of the information and circumstances of disclosure. Icite's confidential Information includes the Service, its components, pricing, and performance information. Customer confidential Information includes Customer Data.
7.2. Obligations: The Recipient agrees to: (a) use confidential Information only to exercise its rights and perform its obligations under these Terms; (b) not disclose Confidential Information to third parties except as permitted herein; and (c) protect confidential Information using at least the same degree of care it uses for its own similar information, but not less than reasonable care.
7.3. Exceptions: Confidential Information does not include information that: (a) is or becomes publicly known without breach of these Terms; (b) was known to the Recipient prior to disclosure; (c) is received from a third party without breach of any confidentiality obligation; or (d) was independently developed by the Recipient. The Recipient may disclose confidential Information if required by law, provided reasonable prior notice is given to the Discloser (if legally permitted).
Simply put: We both agree to keep each other's sensitive information secret (like your data for us, and our tech/pricing details for you). We'll only use it for purposes related to this agreement and will protect it. This doesn't apply to info that's already public, known beforehand, received legally from others, or developed independently. If the law forces disclosure, we'll try to give notice first.
8. Uptime and Support
8.1. Service Level Agreement (SLA): Icite intends to offer specific uptime commitments for the Service. These commitments, including any service credits for downtime, will be outlined in a separate Service Level Agreement ("SLA") which, when available and agreed upon (e.g., via an Order Form), will become part of these Terms.
8.2. Support: Icite will provide technical support for the Service as described in our Support Policy, the subscription plan details.
Simply put: We plan to guarantee a certain level of service uptime. The specifics will be in a separate SLA document when finalized. We'll also provide technical support as outlined elsewhere.
9. Warranties and Disclaimers
9.1. Icite Warranty: Icite warrants that it will provide the Service in a professional manner consistent with general industry standards.
9.2. Customer Warranty: Customer warrants that it has the necessary rights and consents to provide Customer Data to the Service and that its use of the Service and Customer Data complies with all applicable laws and regulations.
9.3. DISCLAIMER: EXCEPT FOR THE EXPRESS WARRANTIES IN SECTION 8.1, THE SERVICE IS PROVIDED "AS IS" AND "AS AVAILABLE." ICITE AND ITS SUPPLIERS EXPRESSLY DISCLAIM ALL OTHER WARRANTIES, WHETHER EXPRESS, IMPLIED, STATUTORY, OR OTHERWISE, INCLUDING BUT NOT LIMITED TO WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE, AND NON-INFRINGEMENT. ICITE DOES NOT WARRANT THAT THE SERVICE WILL BE UNINTERRUPTED, ERROR-FREE, OR COMPLETELY SECURE.
Simply put: We promise to run the service professionally. You promise you have the right to upload your data and use the service legally. Apart from our specific promise, the service is provided as-is, without guarantees it will be perfect, always available, or suitable for every specific need you might have.
10. Indemnification
10.1. Indemnification by Customer: Customer will defend, indemnify, and hold harmless Icite, its officers, directors, employees, and agents from and against any claims, liabilities, damages, losses, and expenses (including reasonable attorneys' fees) arising out of or in connection with: (a) Customer's or its Authorized Users' use of the Service in violation of these Terms or applicable law; (b) Customer Data, including any claim that Customer Data infringes or misappropriates third-party intellectual property or privacy rights; or (c) Customer's breach of its warranties or obligations under these Terms.
10.2. Indemnification by Icite: Icite will defend, indemnify, and hold harmless Customer from and against any claims brought by a third party alleging that the Service itself (excluding Customer Data) infringes or misappropriates such third party's valid intellectual property rights. This obligation does not apply if the alleged infringement arises from: (a) use of the Service in combination with other products or services not provided by Icite; (b) modifications to the Service not made by Icite; or (c) Customer Data.
10.3. Procedure: The indemnified party must promptly notify the indemnifying party of the claim and cooperate reasonably in the defense. The indemnifying party has sole control over the defense and settlement of the claim (but may not settle in a way that admits liability for the indemnified party without written consent).
Simply put: If your company's use of Icite (or the data you upload) causes legal trouble for us (like violating the terms, infringing someone's rights), your company has to cover our costs and defend us. Similarly, if our core Icite service itself is found to infringe someone's IP rights, we'll cover your costs and defend you (with some exceptions). The party being sued needs to notify the other quickly and cooperate.
11. Limitation of Liability
11.1. EXCLUSION OF DAMAGES: TO THE MAXIMUM EXTENT PERMITTED BY LAW, NEITHER PARTY (NOR ITS SUPPLIERS) WILL BE LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, OR PUNITIVE DAMAGES, OR ANY LOSS OF PROFITS, REVENUE, DATA, BUSINESS, OR GOODWILL, ARISING OUT OF OR IN CONNECTION WITH THESE TERMS OR THE USE OF THE SERVICE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
11.2. LIABILITY CAP: TO THE MAXIMUM EXTENT PERMITTED BY LAW, EACH PARTY'S TOTAL CUMULATIVE LIABILITY ARISING OUT OF OR IN CONNECTION WITH THESE TERMS OR THE USE OF THE SERVICE WILL NOT EXCEED THE TOTAL FEES PAID OR PAYABLE BY CUSTOMER TO ICITE DURING THE TWELVE (12) MONTHS PRECEDING THE EVENT GIVING RISE TO THE LIABILITY. THIS LIMITATION APPLIES REGARDLESS OF THE FORM OF ACTION (CONTRACT, TORT, OR OTHERWISE) AND EVEN IF A REMEDY FAILS ITS ESSENTIAL PURPOSE.
11.3. Exceptions: The limitations in Sections 11.1 and 11.2 do not apply to: (a) a party's indemnification obligations under Section 10; (b) liability arising from a party's gross negligence, willful misconduct, or fraud; or (c) Customer's payment obligations under Section 3.
Simply put: Neither your company nor ours will be responsible for indirect damages (like lost profits or business) related to this agreement. Our total financial responsibility to each other for any direct damages is capped at the amount your company paid us in the 12 months before the problem occurred. These limits don't apply to certain things like our promises to cover legal costs for specific issues (indemnification), really bad behavior (gross negligence/fraud), or your obligation to pay fees.
12. Term and Termination
12.1. Term: These Terms commence when Customer first accepts them or uses the Service and continue until the Customer's subscription expires or is terminated (the "Subscription Term").
12.2. Termination by Customer: Customer may terminate its subscription by providing written notice effective at the end of the current billing cycle. No refunds are provided for partial periods unless stated otherwise in Section 3 or an applicable SLA.
12.3. Termination by Icite: Icite may terminate or suspend Customer's access to the Service: (a) for non-payment, if fees remain unpaid 10 days after notice; (b) if Customer breaches any material term of these Terms and fails to cure within 30 days of written notice; (c) immediately upon notice if Customer's use poses a security risk, violates the law, or infringes third-party rights; or (d) for convenience with 60 days prior written notice (potentially with a pro-rata refund of prepaid fees).
12.4. Effect of Termination: Upon termination or expiration: (a) Customer's right to access and use the Service ceases immediately; (b) Customer must pay any outstanding fees; (c) Each party will return or destroy the other's confidential information upon request.
12.5. Data Deletion: Following termination or expiration, Icite will destroy Customer Data remaining on the Service within a commercially reasonable period 30 days, unless legally prohibited. Icite has no obligation to export Customer Data, and Customer is solely responsible for retrieving its data before termination/expiration if needed.
12.6. Survival: Sections 4.1, 5, 6, 9.3, 10, 11, 12.4, 12.5, 12.6, 13, and 14 will survive termination or expiration of these Terms.
Simply put: The agreement lasts as long as your subscription is active. You can cancel at the end of your billing period. We can suspend or terminate your access if you don't pay, break the rules, cause security risks, or sometimes just by giving you advance notice. When the agreement ends, your access stops, you pay any remaining bills, and we both handle confidential info properly. We will delete your data after a short period – we won't export it for you, so get it beforehand if you need it. Certain important rules (like ownership, confidentiality, liability limits) continue even after the agreement ends.
13. Governing Law and Dispute Resolution
13.1. Governing Law: These Terms will be governed by and construed in accordance with the laws of the State of Delaware, without regard to its conflict of laws principles.
13.2. Informal Resolution: The parties agree to attempt to resolve any dispute arising out of these Terms through good faith negotiation for at least 30 days before initiating formal proceedings.
13.3. Arbitration: If negotiation fails, any dispute, claim, or controversy arising out of or relating to these Terms or the breach, termination, enforcement, interpretation, or validity thereof, including the determination of the scope or applicability of this agreement to arbitrate, shall be determined by binding arbitration in Houston, Texas before one arbitrator. The arbitration shall be administered by JAMS Houston Mediators & Arbitration Services pursuant to its Comprehensive Arbitration Rules and Procedures. Judgment on the Award may be entered in any court having jurisdiction. This clause shall not preclude parties from seeking provisional remedies in aid of arbitration from a court of appropriate jurisdiction. OR
13.3. Litigation: If negotiation fails, any legal suit, action, or proceeding arising out of or related to these Terms or the Service shall be instituted exclusively in the federal courts of the United States or the courts of the State of Delaware, located in Kent County. Each party irrevocably submits to the exclusive jurisdiction of such courts.
13.4. Class Action Waiver: Both parties agree that any dispute resolution proceedings will be conducted only on an individual basis and not in a class, consolidated, or representative action
Simply put: This agreement is governed by Delaware law. We'll try to sort out disagreements by talking first. If that doesn't work, we agree to settle disputes through binding arbitration in Houston instead of a jury trial. We also agree not to participate in class-action lawsuits against each other.
14. General Provisions
14.1. Entire Agreement: These Terms, together with the Privacy Policy, any applicable SLA, and any Order Forms, constitute the entire agreement between the parties regarding the Service and supersede all prior agreements or understandings
14.2. Modifications: Icite may modify these Terms from time to time. We will provide notice of material changes (e.g., via email to the account owner or an in-app notification). Continued use of the Service after the effective date of the changes constitutes acceptance of the modified Terms.
14.3. Waiver: No failure or delay by either party in exercising any right under these Terms will constitute a waiver of that right.
14.4. Severability:If any provision of these Terms is held by a court of competent jurisdiction to be invalid or unenforceable, that provision will be modified to the minimum extent necessary to make it enforceable, or severed if modification is not possible, and the remaining provisions will remain in full force and effect.
14.5. Assignment: Customer may not assign these Terms without Icite's prior written consent. Icite may assign these Terms without consent in connection with a merger, acquisition, corporate reorganization, or sale of all or substantially all of its assets.
14.6. Notices: Notices to Icite should be sent to Icite, Inc., 1980 Post Oak Boulevard, Suite 100, Houston, TX 77056, Attention: Legal Department, with a copy via email to legal@icite.io. Notices to Customer will be sent to the email address associated with the Customer's account owner.
14.7. Force Majeure: Neither party will be liable for any failure or delay in performance due to circumstances beyond its reasonable control, such as acts of God, war, terrorism, riots, labor conditions, governmental action, or internet disturbances.
Simply put: This document (plus the Privacy Policy, SLA, order forms) is the whole agreement. We can update these terms, but we'll notify you of significant changes. Just because we don't enforce a rule once doesn't mean we waive it forever. If a part of this agreement is found invalid, the rest still applies. Your company can't transfer this agreement to someone else without our permission, but we can (e.g., if we're acquired). This section details how we give official notices to each other. We're not liable for failures caused by major events beyond our control.