Terms of Service

1. Service Description

AI Threat Intelligence ("the Service") is operated by AI Threat Intelligence ("we," "us," or "our").

The Service is an AI threat intelligence platform that provides:

• CVE tracking and enrichment for AI/ML systems and frameworks
• Real-time alerts for critical vulnerabilities and security incidents
• Compliance reports mapped to ISO 42001 and the EU AI Act
• MITRE ATLAS technique mappings and risk assessments
• A curated threat feed with CISO-oriented analysis
• A weekly digest newsletter with editorial commentary

Threat intelligence content is generated through a combination of automated data ingestion, AI-assisted analysis, and human editorial review by a practicing CISO. We are transparent about our use of AI in content production. For details on how AI-generated content is produced and reviewed, see Section 7 below.

2. Account Terms

To access paid features of the Service, you must create an account. Authentication is managed through a third-party identity provider (currently Clerk).

• You must provide accurate, complete, and current information during registration.
• You are responsible for maintaining the security of your account credentials.
• One account per individual. Shared or generic accounts are not permitted for paid subscriptions.
• You must be at least 18 years old or the age of legal majority in your jurisdiction.
• You are responsible for all activity that occurs under your account.
• You must notify us immediately of any unauthorized use of your account.

We reserve the right to suspend or terminate accounts that violate these terms, provide false information, or engage in activity that compromises the Service or other users.

3. Subscription and Billing

The Service offers a 14-day free trial that does not require a credit card. After the trial period, continued access to paid features requires an active subscription.

• Subscriptions are billed on a monthly recurring basis.
• Payment processing is handled by Stripe. By subscribing, you also agree to Stripe's Terms of Service.
• Subscriptions auto-renew at the end of each billing period unless cancelled.
• Prices are listed in USD. Applicable taxes may apply depending on your jurisdiction.
• We reserve the right to change pricing with at least 30 days' advance notice via email.

Some features of the Service, including the public threat feed and the free weekly newsletter, are available without a paid subscription.

4. Cancellation and Refunds

• You may cancel your subscription at any time through the Stripe customer portal accessible from your account settings.
• Upon cancellation, you retain access to paid features until the end of your current billing period.
• No partial refunds are issued for unused time within a billing period.
• If you cancel during a free trial, no charge is incurred.
• We may offer refunds on a case-by-case basis at our sole discretion.

5. Acceptable Use

You agree not to:

• Scrape, crawl, or systematically extract data from the Service using automated tools, bots, or scripts.
• Redistribute, resell, or sublicense our enriched content, analysis, compliance mappings, or threat assessments to third parties.
• Access the Service via automated means without an authorized API key (API access is a planned future feature for Enterprise subscribers).
• Use the Service to build a competing product or service.
• Attempt to bypass access controls, rate limits, or authentication mechanisms.
• Interfere with or disrupt the integrity or performance of the Service.
• Use the Service for any unlawful purpose or in violation of applicable laws.

Violation of these terms may result in immediate suspension or termination of your account without refund.

6. Intellectual Property

6.1. Our Content

The following content is our original intellectual property and is protected by applicable copyright law:

• Enrichment analysis, CISO-oriented impact summaries, and risk assessments
• Cross-source correlation mappings (CVE-to-ATLAS, CVE-to-compliance, etc.)
• Compliance framework mappings (ISO 42001, EU AI Act)
• Proprietary severity prioritization and scoring
• Newsletter content, weekly digests, and editorial commentary ("CISO Takes")
• Platform design, branding, and user interface

6.2. Third-Party Data Sources

The Service incorporates data from third-party sources, each subject to its own license. These include:

• NVD / CVE API (NIST) — Public Domain. This product uses the NVD API but is not endorsed or certified by the NVD.
• GitHub Advisory Database — Licensed under CC-BY 4.0.
• MITRE ATLAS — Licensed under Apache License 2.0. © The MITRE Corporation.
• CISA KEV Catalog — CC0 1.0 (Public Domain Dedication).
• arxiv — Metadata under CC0 1.0. Individual paper licenses set by authors.

For full details on data source licenses, attributions, and usage terms, see our LICENSES.md file.

7. AI-Generated Content Disclaimer

8. Disclaimer of Warranties

The Service is provided on an "as is" and "as available" basis. To the fullest extent permitted by applicable law, we disclaim all warranties, express or implied, including but not limited to:

• Implied warranties of merchantability, fitness for a particular purpose, and non-infringement.
• That the Service will be uninterrupted, timely, secure, or error-free.
• That the threat intelligence data will be complete, accurate, or current at all times.
• That the Service will meet your specific security or compliance requirements.

Threat intelligence is inherently dynamic. New vulnerabilities are disclosed continuously, and there may be delays between public disclosure and our coverage. We do not guarantee complete coverage of all AI/ML CVEs or security incidents.

The Service does not constitute professional security advice, legal advice, or compliance certification. You should consult qualified professionals for decisions regarding your organization's security posture and regulatory compliance.

9. Limitation of Liability

To the maximum extent permitted by applicable law, in no event shall AI Threat Intelligence, its officers, directors, employees, or agents be liable for any:

• Indirect, incidental, special, consequential, or punitive damages.
• Loss of profits, data, business opportunities, or goodwill.
• Damages arising from your reliance on threat intelligence data or analysis provided through the Service.
• Damages resulting from unauthorized access to or alteration of your data.
• Security incidents or breaches that occur despite the use of our threat intelligence.

Our total aggregate liability for all claims arising out of or relating to the Service shall not exceed the amount you paid us in the twelve (12) months preceding the claim.

Some jurisdictions do not allow the exclusion or limitation of certain damages. In such jurisdictions, our liability shall be limited to the greatest extent permitted by law.

10. Data Protection

We are committed to protecting your personal data in accordance with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

Our collection, use, and processing of personal data is governed by our Privacy Policy, which forms part of these Terms. By using the Service, you acknowledge that you have read and understood our Privacy Policy.

For Enterprise subscribers who require a Data Processing Agreement (DPA), please contact us at the email address listed in Section 13.

11. Service Availability

We strive to maintain high availability of the Service but do not guarantee uninterrupted access. The Service is provided on a best-effort basis without a formal Service Level Agreement (SLA).

• We may perform scheduled maintenance that temporarily affects availability. We will endeavor to provide advance notice for planned maintenance.
• We are not liable for downtime caused by factors beyond our reasonable control, including but not limited to third-party service outages, network failures, or force majeure events.
• We reserve the right to modify, suspend, or discontinue any part of the Service with reasonable notice.

12. Termination

We may suspend or terminate your access to the Service at any time, with or without cause, and with or without notice. Reasons for termination may include, but are not limited to:

• Violation of these Terms of Service or the Acceptable Use policy.
• Non-payment of subscription fees.
• Fraudulent or abusive behavior.
• Request by law enforcement or government agencies.

Upon termination, your right to access paid features ceases immediately. Sections of these Terms that by their nature should survive termination (including Intellectual Property, Limitation of Liability, and Governing Law) shall survive.

13. Modifications to These Terms

We reserve the right to update or modify these Terms at any time. When we make material changes:

• We will notify you via the email address associated with your account at least 30 days before the changes take effect.
• We will update the "Last updated" date at the top of this page.
• Continued use of the Service after the effective date of updated Terms constitutes acceptance of the revised Terms.

If you do not agree with the revised Terms, you may cancel your subscription before the changes take effect.

14. Governing Law and Dispute Resolution

These Terms shall be governed by and construed in accordance with the laws of Spain, without regard to conflict of law principles.

For users within the European Union, nothing in these Terms affects your rights under mandatory consumer protection laws in your country of residence.

Any disputes arising out of or relating to these Terms or the Service shall be resolved through good-faith negotiation. If negotiation fails, disputes shall be submitted to the competent courts of Spain.

15. Contact

If you have questions about these Terms of Service, please contact us at:

legal@aithreatalert.com

AI Threat Intelligence
Madrid, Spain