Terms of Service

1. Agreement

By creating an account at app.shroudfox.io, paying for a subscription, or otherwise accessing the ShroudFox service, you ("Customer") agree to these Terms of Service ("Terms") with ShroudFox ("we", "us", "ShroudFox"). If you are agreeing on behalf of a school district, school, college, or other organization, you represent that you are authorized to bind that organization to these Terms, and references to "you" mean both you personally and the organization.

2. What ShroudFox does

ShroudFox is a privacy gateway between your users and third- party AI providers (such as OpenAI, Anthropic, or Google). Detection of personally identifying information ("PII") runs in the user's browser. PII is replaced with reversible placeholder tokens before any text leaves the user's device; the tokens are restored locally when the AI's reply returns. The full architecture is described on our Security page.

3. Accounts and access

You are responsible for maintaining the confidentiality of your account credentials and for all activity that occurs under your account. Tell us at security@shroudfox.io immediately if you believe your account has been compromised. Each individual user must have their own account; sharing credentials is prohibited.

4. Acceptable use

You agree not to:

• Use the service to violate any applicable law, including FERPA, COPPA, HIPAA, or your state's student-data-privacy statute
• Reverse-engineer, copy, or attempt to extract the source of any non-public component of the service
• Attempt to bypass the privacy gateway to send raw PII to upstream AI providers from within the product
• Use the service to generate content that is illegal, defamatory, harassing, sexually explicit involving minors, or otherwise abusive
• Resell, sublicense, or provide the service to a third party without our written permission
• Use automated scraping, crawling, or excessive parallel requests beyond reasonable use; we reserve the right to rate-limit accounts that materially exceed normal patterns

5. Trial period

New accounts get a 14-day free trial. We require a valid payment method to start the trial — your card is never charged during the trial period. You may cancel at any time before the end of day 14 and you will owe nothing. On day 15, your card is charged for the first billing period of the plan you selected at signup.

During the trial, if you have not added your own AI vendor API key, ShroudFox covers upstream AI costs up to a per-account credit (currently $10). Once the credit is consumed, you must add your own AI vendor key to continue using the AI features. The marketing and product pages describe this in detail.

6. Subscriptions, billing, and cancellation

Subscriptions are billed annually in advance through Stripe. By providing a payment method you authorize us to charge the recurring subscription fee for the plan and user count you select.

Cancellation. You may cancel your subscription at any time from the Settings page in the product. Cancellation takes effect at the end of the current billing period; ShroudFox does not provide prorated refunds for unused time, except where required by applicable law or by an agreement we have signed with you separately.

Renewals. Subscriptions auto-renew at the then-current published rate for your tier. We email you at least 30 days before any renewal that involves a price change.

Failed payment. If a renewal payment fails, your account enters a 14-day grace period during which you keep access. After 14 days without resolution, the subscription is canceled and the account is deactivated. You will be able to export your tokenized data for an additional 14 days via the procedure described in Section 8.

Taxes. Listed prices are in US dollars and do not include tax. You are responsible for any sales, use, value-added, or similar tax that applies to your purchase.

7. Your data and privacy

The architectural premise of ShroudFox is that we do not want to see your users' raw PII. PII is tokenized in the user's browser before any request reaches our servers. The tokenized chat history we store can only be reassembled into readable form with the per-user vault that lives on the user's device.

When you sign up for a paid subscription on behalf of a school district or other educational organization, we execute a Data Processing Agreement ("DPA") that governs our handling of student data and incorporates FERPA's school-official exception, your state's SDPC/NDPA addendum, and any other addenda required by your jurisdiction. The DPA controls in the event of a conflict with these Terms on data-handling matters.

We do not train any AI model on your data, and we do not permit the upstream AI providers we forward tokenized text to (OpenAI, Anthropic, Google) to train on submitted content — they receive only tokenized text, and our enterprise API agreements with them prohibit training on customer input.

The full data-handling story is in our Security & Privacy page; questions go to compliance@shroudfox.io.

8. Data export and deletion

You can request export or deletion of your account data at any time by emailing compliance@shroudfox.io. On cancellation we will, within 14 days of the cancellation taking effect, provide a JSON archive of your tokenized chat history and project data. Deletion completes within 30 days of the export download, subject to legal-hold obligations.

The browser-side vault containing the mapping between tokens and the original PII lives only on your users' devices and is destroyed on sign-out per device.

9. Intellectual property

ShroudFox retains all rights, title, and interest in the service, including the website, software, brand, and design. We grant you a non-exclusive, non-transferable license to use the service during the term of your subscription, subject to these Terms. Nothing here grants you ownership of any ShroudFox intellectual property.

You retain all rights to the content you submit to the service. You grant us a limited license to process that content as necessary to provide the service to you.

10. Third-party AI providers

ShroudFox forwards tokenized text to AI providers you select (OpenAI, Anthropic, Google). Your use of those providers' outputs is also subject to their respective terms. We are not responsible for the accuracy, lawfulness, or appropriateness of content the AI providers generate in response to your requests.

On the Standard plan you use your own API key with the upstream provider, and the relationship between you and that provider is governed by that provider's terms. On the Bundled plan ShroudFox maintains the upstream account and bills you a unified per-user fee that includes AI usage.

11. Warranty disclaimer

THE SERVICE IS PROVIDED "AS IS." TO THE MAXIMUM EXTENT PERMITTED BY LAW, SHROUDFOX DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT. We do not warrant that the privacy detection model will identify 100% of PII in every input; our published recall figures are based on internal testing on K-12-relevant entities and are best-effort estimates. Users should review the in-product "Inspect" view before sending sensitive content. The Security page enumerates additional limitations.

12. Limitation of liability

TO THE MAXIMUM EXTENT PERMITTED BY LAW, SHROUDFOX'S TOTAL AGGREGATE LIABILITY FOR ANY CLAIM ARISING OUT OF OR RELATING TO THESE TERMS OR THE SERVICE IS LIMITED TO THE AMOUNT YOU HAVE PAID TO SHROUDFOX IN THE 12 MONTHS PRECEDING THE CLAIM. NEITHER PARTY IS LIABLE FOR INDIRECT, INCIDENTAL, CONSEQUENTIAL, OR PUNITIVE DAMAGES, INCLUDING LOST PROFITS OR LOST DATA. This section does not limit either party's liability for fraud, gross negligence, willful misconduct, or any liability that cannot be excluded under applicable law.

13. Indemnification

You will defend, indemnify, and hold harmless ShroudFox against any third-party claim arising out of (a) your use of the service in violation of these Terms, (b) your or your users' submission of content that infringes a third party's rights, or (c) your breach of any law in connection with the service. ShroudFox will defend, indemnify, and hold you harmless against any third-party claim that the service itself infringes a US patent, copyright, or trademark, subject to your prompt notice to us and our control of the defense.

14. Termination

Either party may terminate this agreement at any time. If ShroudFox terminates without cause during a paid period, we will refund the prorated unused portion of the current billing period. If we terminate for material breach (including violation of Section 4), no refund is owed.

Sections that by their nature should survive termination will do so, including Sections 9 (IP), 11 (warranty disclaimer), 12 (liability limit), 13 (indemnification), and 15 (governing law).

15. Governing law and dispute resolution

These Terms are governed by the laws of the State of Delaware, without regard to its conflict-of-laws rules. The parties agree to resolve any dispute first through good-faith discussion. If that does not resolve the dispute within 60 days, the dispute will be brought in the state or federal courts located in Wilmington, Delaware, and the parties consent to personal jurisdiction there.

If you are a US public school district or public university and your governing-law clause is mandated by state statute (for example, your state's procurement law requires jurisdiction in your home county), let us know and we will execute an addendum that overrides this section for your contract.

16. Changes to these Terms

We will update these Terms from time to time. We post the revised Terms here with a new effective date at the top of the page. For material changes that affect customer rights or pricing, we email all active customers at least 30 days before the change takes effect.

17. Contact

ShroudFox is operated by a sole proprietor in the United States. Reach us at:

• General: hello@shroudfox.io
• Compliance, DPA, legal: compliance@shroudfox.io
• Security disclosures: security@shroudfox.io