Terms of Service

1. Service Description

Keygent ("Service," "we," "us," or "our") is a credential management platform designed for agencies, businesses, and AI agents. The Service provides:

• Credential Storage: Secure, encrypted storage of API keys, OAuth tokens, and authentication credentials for third-party services
• Access Management: Granular access control policies allowing agencies to manage which team members and AI agents can access specific credentials
• MCP Integration: Model Context Protocol (MCP) server capabilities enabling AI agents to securely retrieve and use credentials within defined policy boundaries
• Audit Logging: Comprehensive audit trails of all credential access, modifications, and usage
• Multi-tenant Architecture: Isolated credential storage with tenant-bound encryption for each organization

By using Keygent, you agree to these Terms of Service. If you do not agree, you may not access or use the Service.

2. Account Terms

2.1 Eligibility

To use Keygent, you must:

• Be at least 18 years of age
• Have the legal authority to enter into this agreement on behalf of yourself or your organization
• Provide accurate, complete, and current registration information
• Not have been previously suspended or removed from the Service

2.2 Account Registration

When creating an account, you agree to:

• Provide a valid email address and maintain accurate contact information
• Choose a strong, unique password and keep it confidential
• Notify us immediately of any unauthorized access to your account
• Accept responsibility for all activities that occur under your account

2.3 Account Security

You are responsible for maintaining the security of your account and all credentials stored within it. Keygent is not liable for any loss or damage arising from your failure to protect your account credentials.

3. Credential Storage & Security

Keygent employs industry-leading security measures to protect your stored credentials:

3.1 Encryption Architecture

All credentials are encrypted using AES-256-GCM (Advanced Encryption Standard with Galois/Counter Mode), providing both confidentiality and integrity verification. This is the same encryption standard used by governments and financial institutions worldwide.

3.2 Additional Authenticated Data (AAD)

Each credential is encrypted with tenant-bound Additional Authenticated Data (AAD). This cryptographic binding ensures that:

• Credentials can only be decrypted within the context of your specific organization
• Any attempt to transfer encrypted data between tenants will fail cryptographic verification
• Database-level compromises cannot expose credentials without tenant-specific keys

3.3 Key Versioning

Keygent implements key versioning for encryption keys:

• Encryption keys are rotated periodically and on demand
• Previous key versions are retained to decrypt historical data during migration
• Key rotation is transparent and does not require action from users
• Each credential record stores its key version for proper decryption

3.4 Storage Limitations

While we implement robust security measures, you acknowledge that:

• No system can guarantee absolute security
• You retain responsibility for the credentials you store and their associated permissions on third-party services
• We recommend using scoped, limited-permission API keys where possible

4. Acceptable Use Policy

4.1 Permitted Use

You may use Keygent for lawful business purposes including:

• Storing API keys and authentication credentials for legitimate integrations
• Managing team access to shared credentials
• Enabling AI agents to access third-party services within defined policies
• Auditing credential usage within your organization

4.2 Prohibited Activities

You agree NOT to use Keygent to:

• Illegal Activities: Store credentials for or facilitate any illegal activities, fraud, money laundering, or circumvention of laws
• Unauthorized Access: Store stolen credentials or use the Service to gain unauthorized access to any system
• Credential Sharing: Share your Keygent account or stored credentials with unauthorized third parties outside your organization
• Malicious Software: Use the Service to distribute malware, viruses, or conduct attacks against other systems
• Service Abuse: Attempt to bypass security controls, reverse engineer the Service, or interfere with its operation
• Reselling: Resell access to the Service without written authorization

4.3 Rate Limits

To ensure fair usage and service stability, Keygent enforces rate limits:

Exceeding rate limits may result in temporary throttling. Persistent abuse may result in account suspension.

5. Limitation of Liability

5.1 Liability Cap

TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, KEYGENT'S TOTAL LIABILITY TO YOU FOR ALL CLAIMS ARISING OUT OF OR RELATED TO THESE TERMS OR THE SERVICE SHALL NOT EXCEED THE TOTAL FEES PAID BY YOU DURING THE TWELVE (12) MONTHS IMMEDIATELY PRECEDING THE EVENT GIVING RISE TO THE CLAIM.

5.2 Exclusion of Consequential Damages

IN NO EVENT SHALL KEYGENT BE LIABLE FOR ANY:

• Indirect, incidental, special, consequential, or punitive damages
• Loss of profits, revenue, data, or business opportunities
• Cost of procurement of substitute services
• Business interruption or loss of goodwill

These limitations apply regardless of the legal theory of liability, whether in contract, tort (including negligence), strict liability, or otherwise, and even if Keygent has been advised of the possibility of such damages.

5.3 Exceptions

Nothing in these Terms shall limit or exclude liability for:

• Death or personal injury caused by negligence
• Fraud or fraudulent misrepresentation
• Any liability that cannot be excluded by applicable law

6. Security Breach Notification

6.1 Notification Timeline

In the event of a security breach that affects your data, Keygent will notify you within 72 hours of becoming aware of the breach. This timeline aligns with GDPR requirements and industry best practices.

6.2 Notification Contents

Our breach notification will include:

• Description of the nature of the breach
• Categories and approximate number of affected records
• Likely consequences of the breach
• Measures taken or proposed to address the breach
• Contact information for our data protection team
• Recommendations for steps you can take to protect yourself

6.3 Notification Methods

We will notify you via:

• Email to the primary account email address
• In-app notification within the Keygent dashboard
• Phone call for critical breaches (if contact number is on file)

6.4 Your Obligations

Upon receiving breach notification, you should:

• Review and rotate any potentially affected credentials immediately
• Monitor your third-party services for unauthorized activity
• Report any suspicious activity to both Keygent and affected services

7. Data Retention & Deletion

7.1 Active Accounts

While your account is active, Keygent retains:

• Your stored credentials (encrypted)
• Account and organization information
• Audit logs for 90 days
• Usage analytics in anonymized form

7.2 Post-Termination Retention

Upon account termination or cancellation:

• All stored credentials are permanently deleted within 30 days
• Account data is retained for 30 days to allow for reactivation
• After 30 days, all data is permanently and irreversibly deleted
• Certain anonymized analytics may be retained for service improvement

7.3 Immediate Deletion Request

You may request immediate deletion of your data at any time by:

• Contacting privacy@keygent.one
• Using the "Delete My Data" option in account settings

Upon receiving a valid deletion request, we will delete your data within 5 business days and provide confirmation.

7.4 Legal Retention Requirements

We may retain certain data longer if required by law, legal proceedings, or regulatory requirements. In such cases, we will notify you of the extended retention period when legally permissible.

8. Termination

8.1 Termination by You

You may terminate your account at any time by:

• Providing 30 days written notice via email to support@keygent.one
• Using the cancellation option in your account settings

Prepaid fees are non-refundable except as required by law. You will retain access until the end of your current billing period.

8.2 Termination by Keygent

Keygent may terminate or suspend your account:

• With 30 days notice: For any reason, including discontinuation of the Service
• Immediately: If you breach these Terms, engage in prohibited activities, or pose a security risk

8.3 Effect of Termination

Upon termination:

• Your access to the Service will be revoked
• All stored credentials will be permanently deleted per Section 7
• Outstanding fees become immediately due
• Provisions that by their nature should survive will remain in effect (including Sections 5, 9, and 10)

8.4 Data Export

Prior to termination, you may export your data using the export tools in your account settings. We recommend exporting any necessary information before cancellation.

9. Governing Law

These Terms shall be governed by and construed in accordance with the laws of the State of Delaware, United States of America, without regard to its conflict of law provisions.

Any legal action or proceeding arising under these Terms shall be brought exclusively in the federal or state courts located in Delaware, and the parties hereby consent to personal jurisdiction and venue therein.

10. Dispute Resolution

10.1 Informal Resolution

Before initiating formal dispute resolution, you agree to first contact us at legal@keygent.one to attempt informal resolution. We will endeavor to resolve disputes within 30 days of receipt.

10.2 Binding Arbitration

If informal resolution fails, any dispute, controversy, or claim arising out of or relating to these Terms, including the breach, termination, enforcement, interpretation, or validity thereof, shall be determined by binding arbitration administered by the American Arbitration Association (AAA) in accordance with its Commercial Arbitration Rules.

10.3 Arbitration Terms

• Arbitration shall be conducted by a single arbitrator
• The place of arbitration shall be Wilmington, Delaware
• The language of arbitration shall be English
• The arbitrator's decision shall be final and binding
• Judgment may be entered in any court of competent jurisdiction

10.4 Class Action Waiver

YOU AGREE THAT ANY CLAIMS WILL BE BROUGHT IN YOUR INDIVIDUAL CAPACITY AND NOT AS A PLAINTIFF OR CLASS MEMBER IN ANY PURPORTED CLASS, COLLECTIVE, OR REPRESENTATIVE PROCEEDING.

10.5 Exceptions

Nothing in this section shall prevent either party from seeking injunctive or other equitable relief in any court of competent jurisdiction for matters relating to intellectual property, confidentiality, or unauthorized access.

11. Modifications to Terms

11.1 Right to Modify

Keygent reserves the right to modify these Terms at any time. We will provide notice of material changes as described below.

11.2 Notice of Material Changes

For material changes to these Terms, we will provide at least 30 days advance notice via:

• Email notification to your registered email address
• Prominent notice within the Keygent dashboard
• Updated "Effective Date" on this page

11.3 Non-Material Changes

Non-material changes (such as typographical corrections or clarifications) may be made without advance notice. All changes will be reflected on this page with an updated effective date.

11.4 Acceptance of Changes

Your continued use of the Service after the effective date of any changes constitutes your acceptance of the modified Terms. If you do not agree to the changes, you must stop using the Service and may terminate your account per Section 8.

11.5 Version History

Previous versions of these Terms are available upon request at legal@keygent.one.

12. Contact Information

For questions about these Terms of Service, please contact us: