Terms of Service

The rules and conditions for using Kasbah.

Terms of Service — Kasbah Labs, LLC

Effective date: January 1st, 2026

These Terms of Service (“Terms”) govern access to and use of kasbahlabs.com and the software platform and services offered by Kasbah Labs, LLC (“Kasbah Labs,” “we,” “us,” “our”). By accessing or using the website, platform, or any services (collectively, the “Services”), you agree to these Terms.

If you are using the Services on behalf of a company or other entity, you represent you have authority to bind that entity. In that case, “you” and “Customer” refer to that entity.

1) What we provide

Kasbah Labs provides:

  • a software platform that supports governance, risk, and compliance workflows; and
  • professional consulting services to help customers prepare for audits, assessments, and similar reviews.

Specific deliverables, timelines, fees, and scope are typically described in an order form, statement of work (“SOW”), proposal, or similar written document (each, an “Order”). If an Order conflicts with these Terms, the Order controls for that engagement.

2) Eligibility and accounts

You must be at least 18 years old and able to form a binding contract to use the Services.

If you create an account:

  • you are responsible for all activity under your account;
  • you will keep credentials confidential; and
  • you will promptly notify us of unauthorized access.

We may require multi-factor authentication for certain features.

3) Acceptable use

You will not (and will not allow anyone else to):

  • use the Services to violate any law or third-party rights;
  • upload, transmit, or store malware or other harmful code;
  • attempt to gain unauthorized access to the Services or related systems;
  • interfere with or disrupt the Services;
  • probe, scan, or test the vulnerability of the Services except as expressly authorized in writing;
  • reverse engineer, decompile, or attempt to extract source code from the software (except to the extent prohibited by law);
  • use the Services to build or benchmark a competing product; or
  • resell, rent, or sublicense the Services unless we agree in writing.

We may suspend or terminate access for violations or suspected misuse.

4) Customer content and data

A. Customer Content

“Customer Content” means information, files, text, and materials you or your users submit to the Services (including evidence, policies, screenshots, logs, and other artifacts).

You retain your rights in Customer Content. You grant us a limited, non-exclusive right to host, process, transmit, and display Customer Content only as necessary to provide, maintain, and improve the Services and to perform consulting services.

You represent you have the rights to provide Customer Content and that doing so does not violate law or third-party rights.

B. Data handling

Our collection and use of personal information is described in our Privacy Policy. If a Data Processing Addendum (“DPA”) is executed between the parties, it will apply to the extent relevant.

C. Sensitive information

Unless agreed in writing, you should avoid uploading highly sensitive data (for example, full payment card numbers, medical data, or government-issued identification numbers). If you choose to provide such data, you do so at your own risk, subject to applicable law.

5) Consulting services terms

A. Advisory nature; no guarantee

Consulting services are advisory and based on information you provide. You are responsible for your final decisions and implementation.

We do not guarantee that you will pass any audit, assessment, certification, or review, or that any third party will accept or approve your materials.

B. Your responsibilities

You agree to:

  • provide timely access to relevant personnel and information;
  • ensure the accuracy and completeness of information you provide;
  • perform implementation work unless the Order states we will; and
  • maintain appropriate internal controls and security practices.

Delays caused by you may adjust timelines.

C. Deliverables and reuse

Unless an Order states otherwise:

  • deliverables may include templates, written guidance, summaries, and recommendations;
  • we may reuse generalized know-how, ideas, and non-identifying learnings gained during the engagement; and
  • we will not disclose your confidential information when doing so.

D. Reliance

Deliverables are for your internal business purposes. You may share them with your auditors, assessors, and advisors. You may not publish them publicly without our written consent.

6) Fees, payment, and taxes

Fees are as stated in the applicable Order.

Unless an Order states otherwise:

  • invoices are due within 30 days of invoice date;
  • you are responsible for applicable taxes (excluding our income taxes). If you claim a tax exemption, you must provide valid documentation.

7) Trials, betas, and free features

If we offer trial, beta, or free features, they are provided “as is,” may be changed or discontinued at any time, and may have limits (including data retention limits). We are not liable for trial/beta/free features to the maximum extent allowed by law.

8) Intellectual property

A. Our IP

We (and our licensors) own the Services, software, documentation, templates, and all related intellectual property, including improvements and updates. These Terms do not grant you ownership rights.

B. Feedback

If you provide suggestions or feedback, you grant us the right to use it without restriction or obligation.

C. Limited license to you

Subject to these Terms and payment of applicable fees, we grant you a limited, non-exclusive, non-transferable, revocable license to access and use the Services during the applicable subscription term for your internal business purposes.

9) Confidentiality

“Confidential Information” means non-public information disclosed by either party that is marked confidential or should reasonably be understood as confidential, including Customer Content and business, technical, or product information.

Each party will:

  • use the other party’s Confidential Information only to fulfill obligations under these Terms;
  • protect it using reasonable care; and
  • limit access to personnel and contractors who need to know and are bound by confidentiality obligations.

Exceptions: information that is public through no fault of the receiving party, independently developed, rightfully received from a third party, or approved for release.

Required disclosures: a party may disclose Confidential Information if required by law, after giving notice when legally permitted.

10) Third-party services

The Services may integrate with third-party services (e.g., communication, ticketing, identity, storage, or analytics providers). Your use of third-party services is governed by their terms. We are not responsible for third-party services.

11) Suspension and termination

A. Term

These Terms apply while you use the Services. Subscription terms and renewal terms (if any) are described in the Order.

B. Suspension

We may suspend access immediately if:

  • we reasonably believe there is a security risk or illegal activity;
  • you materially breach these Terms; or
  • payment is overdue.

C. Termination

Either party may terminate an Order for material breach if the breach is not cured within 30 days after written notice (or sooner if the breach cannot be cured).

We may terminate access if you violate the Acceptable Use section.

D. Effect of termination

Upon termination:

  • your license ends;
  • you must stop using the Services; and
  • any unpaid fees become immediately due.

If applicable, we will provide a reasonable way to export Customer Content for a limited time after termination, unless legally prohibited or doing so would create a security risk.

12) Disclaimers

TO THE MAXIMUM EXTENT ALLOWED BY LAW, THE SERVICES AND ALL CONSULTING SERVICES AND DELIVERABLES ARE PROVIDED “AS IS” AND “AS AVAILABLE.” WE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT.

We do not warrant that the Services will be uninterrupted, error-free, or that any specific results will be achieved.

13) Limitation of liability

TO THE MAXIMUM EXTENT ALLOWED BY LAW: NO INDIRECT DAMAGES. NEITHER PARTY IS LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, OR PUNITIVE DAMAGES, OR FOR LOSS OF PROFITS, REVENUE, DATA, OR GOODWILL, EVEN IF ADVISED OF THE POSSIBILITY.

CAP. EACH PARTY’S TOTAL LIABILITY ARISING OUT OF OR RELATED TO THE SERVICES, CONSULTING, OR THESE TERMS WILL NOT EXCEED THE AMOUNT PAID OR PAYABLE BY CUSTOMER TO KASBAH LABS UNDER THE APPLICABLE ORDER IN THE 12 MONTHS BEFORE THE EVENT GIVING RISE TO LIABILITY.

Exceptions: the above limits do not apply to (a) Customer’s payment obligations, (b) breaches of confidentiality, or (c) violations of the other party’s intellectual property rights, to the extent not prohibited by law.

14) Indemnification

A. By you

You will indemnify and defend Kasbah Labs from claims arising out of:

  • Customer Content (including allegations it infringes or violates rights);
  • your use of the Services in violation of these Terms or law; or
  • your products, services, or business operations.

B. By us

We will indemnify and defend you from claims that the software (as provided by us) infringes a U.S. patent, copyright, or trademark, and will pay covered damages finally awarded or agreed in settlement.

We have no obligation to the extent a claim arises from:

  • Customer Content or your data;
  • modification of the Services not made by us;
  • combining the Services with non-Kasbah Labs products where the claim would not exist otherwise; or
  • use not in accordance with these Terms.

If infringement is alleged, we may (at our option) (i) modify the Services to be non-infringing, (ii) obtain the right to continue, or (iii) terminate the affected Services and refund prepaid, unused fees for the terminated portion.

15) Compliance with laws; export

You will comply with applicable laws, including anti-corruption, sanctions, and export control laws. You will not use the Services in violation of U.S. export restrictions.

16) Publicity

Unless agreed in writing, neither party may use the other’s name, logo, or trademarks in publicity or marketing materials.

17) Changes to the Services or Terms

We may update the Services over time.

We may update these Terms. If changes are material, we will post the updated Terms on the Site and update the effective date. Continued use after the effective date means you accept the updated Terms.

18) Governing law; disputes

These Terms are governed by the laws of the State of South Carolina, excluding conflict-of-law rules.

Any dispute will be brought exclusively in state or federal courts located in Charleston, South Carolina, and each party consents to personal jurisdiction there.

19) General legal terms

  • Entire agreement. These Terms plus any Orders form the entire agreement for the Services covered.
  • Severability. If any provision is unenforceable, the rest remains in effect.
  • Assignment. You may not assign these Terms without our consent. We may assign as part of a merger, acquisition, or sale of assets.
  • No waiver. Failure to enforce a provision is not a waiver.
  • Independent contractors. The parties are independent contractors.
  • Force majeure. Neither party is liable for delays due to events beyond reasonable control.

20) Contact

Kasbah Labs, LLC

140 West Broad Street

Unit A

Lincolnville, SC 29485

United States

Email: support@kasbahlabs.com