Terms of Use

These Terms of Use (the Terms) govern access to and use of the Arcliance software-as-a-service platform, APIs, and documentation (collectively, the Services). By creating an account, executing an order, or otherwise using the Services, you agree to these Terms on behalf of the legal entity you represent. If you do not agree, you may not access the Services.

Orders, statements of work, and any data processing addenda entered into by the parties are incorporated by reference. In the event of a conflict, the order of precedence is: (1) a mutually executed master services agreement, (2) a signed order form, (3) these Terms, and (4) online policies referenced herein.

Customers must maintain an active DDTC registration or BIS record where required and designate an administrator to control provisioning of individual user accounts. Customer is responsible for all actions taken through its accounts, including actions by employees, contractors, or third parties granted access to the Services. Accounts are limited to Authorized Users who have been screened pursuant to applicable export laws.

• Provide accurate registration information and keep contact details up to date.
• Configure multi-factor authentication and enforce strong credential hygiene.
• Immediately revoke access for users who change roles, depart the organization, or fail to maintain authorization under export control laws.

Arcliance grants Customer a non-exclusive, non-transferable license to use the Services during the subscription term solely for the internal administration of export compliance and controlled data programs. Arcliance retains all right, title, and interest in and to the Services, including any derivatives, enhancements, or usage metrics.

Feedback, suggestions, or improvements provided by Customer may be used by Arcliance without restriction, provided no Customer Confidential Information is disclosed.

The Services are designed to help manage obligations under the International Traffic in Arms Regulations (22 CFR 120-130), the Export Administration Regulations (15 CFR 730-774), OFAC sanctions, and analogous regimes. However, Customer remains the exporter of record and is solely responsible for:

• Classifying commodities, software, technology, and technical data.
• Determining licensing requirements and obtaining government approvals.
• Setting retention schedules that satisfy ITAR 122/123 and EAR 762 audit standards.
• Restricting access to U.S. Persons when required by law.

Arcliance may suspend access if it reasonably suspects a breach of export control laws or the Acceptable Use Policy.

Customer retains ownership of Customer Data uploaded to the Services. Arcliance processes Customer Data only to deliver the Services, prevent security incidents, and fulfill legal obligations. Each party agrees to protect the other's Confidential Information using safeguards at least as protective as those applied to its own confidential data.

Customer consents to Arcliance's use of audited cloud sub-processors that provide hosting, log retention, secure email, and monitoring services. A current list is available upon request and subject to contractual flow-down obligations required by ITAR 124.8(5) and GDPR Article 28.

Arcliance targets 99.5% monthly uptime measured at the service edge. Scheduled maintenance windows are announced at least 48 hours in advance whenever practicable. Platform support is available 24x5 with emergency coverage for high-priority export control blocking issues. Credits are Customer's exclusive remedy for missed service levels.

Customer must ensure that data ingested into the Services is lawfully obtained and that users follow the security controls documented in the Security & Trust Overview. Misuse that degrades service, attempts to bypass controls, or violates sanctions lists will result in immediate suspension and possible termination.

Arcliance warrants that it will provide the Services in accordance with applicable documentation and industry security practices. EXCEPT AS EXPRESSLY STATED, THE SERVICES ARE PROVIDED "AS IS" WITHOUT WARRANTIES OF ANY KIND, INCLUDING IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NON-INFRINGEMENT.

TO THE MAXIMUM EXTENT PERMITTED BY LAW, NEITHER PARTY WILL BE LIABLE FOR LOST PROFITS, INDIRECT, INCIDENTAL, OR CONSEQUENTIAL DAMAGES, EVEN IF ADVISED OF THE POSSIBILITY. EACH PARTY'S AGGREGATE LIABILITY IS LIMITED TO THE FEES PAID OR PAYABLE IN THE TWELVE (12) MONTHS PRECEDING THE CLAIM. THESE LIMITATIONS DO NOT APPLY TO AMOUNTS OWED FOR PAYMENT, INDEMNIFICATION OBLIGATIONS, OR VIOLATIONS OF A PARTY'S INTELLECTUAL PROPERTY RIGHTS.

Subscriptions renew automatically unless either party provides 30 days' notice prior to expiration. Either party may terminate immediately for material breach that remains uncured for 30 days. Upon termination, Customer may export its data for 30 days. Arcliance may retain backups for up to 90 days to satisfy legal obligations.

These Terms are governed by the laws of the State of Delaware and the United States, without regard to conflict of law principles. The parties consent to the exclusive jurisdiction of state and federal courts located in Wilmington, Delaware. Each party waives the right to a jury trial and agrees that claims may only be brought in an individual capacity.

Arcliance may update these Terms to reflect regulatory changes, new functionality, or evolving security practices. Material changes will be communicated via email or in-product notice at least 30 days before taking effect. Continued use after the effective date constitutes acceptance.