Terms and Conditions

Last Updated: March 2026

‍

These Terms of Use (the “Terms”) constitute a legally binding agreement between you (“Customer”, “User”, “you”) and Platformstack Technologies OÜ, registry code 16757366, a company incorporated under the laws of Estonia, with registered address at Estonia, Harju maakond, Tallinn, Kesklinna linnaosa, Sakala tn 7-2, 10141 (“Company”, “Govplane”, “we”, “us”, or “our”).

‍

By accessing, registering for, or using the Govplane platform (the “Service”), you acknowledge that you have read, understood, and agree to be bound by these Terms. If you do not agree, you must not use the Service.

‍

1. Company Information

‍

Govplane is operated by:

Platformstack Technologies OÜ
Registry Code: 16757366
Address: Estonia, Harju maakond, Tallinn, Kesklinna linnaosa, Sakala tn 7-2, 10141
Support: support@govplane.com
Administrative and Privacy matters: management@platformstack.org

‍

2. Nature of the Service

‍

Govplane is a governance and policy management platform that enables customers to define, manage, evaluate and enforce runtime policies within their own applications and environments.

The Service provides infrastructure for policy evaluation and governance control. Govplane does not make business decisions on behalf of customers and does not assume responsibility for the correctness, consequences, or operational outcomes of any policy created, activated, evaluated, or enforced by the Customer.

Policy evaluation is executed within the Customer’s runtime environment. The Customer is solely responsible for proper integration, configuration, testing, and validation of all policies before deploying them in production environments.

Govplane does not guarantee that policies will behave as intended by the Customer.

‍

3. Eligibility and Authority

‍

By using the Service, you represent and warrant that:
‍

- You are at least 18 years of age;

- You have full legal capacity and authority to enter into this agreement;

- If acting on behalf of an entity, you have authority to bind such entity to these Terms.

‍

4. Account Responsibility and Security

‍

The Customer is solely responsible for maintaining the confidentiality of account credentials, API keys, runtime keys, and access tokens.

‍

All activities performed under an account are deemed to be performed by the Customer. Govplane shall not be liable for unauthorized access resulting from Customer negligence, credential exposure, or failure to implement security best practices.

‍

The Customer is fully responsible for the security of its own infrastructure, networks, runtime environments, and application code.

‍

5. Subscription Plans

‍

Govplane offers subscription-based plans: Basic, Pro, and Enterprise.

‍

Under the Basic plan, the Customer is limited to one (1) user, one (1) project, and up to ten (10) policies.

‍

Under the Pro plan, the Customer may have up to five (5) users, five (5) projects, and up to twenty-five (25) policies per project.

‍

Under the Enterprise plan, the Customer may have up to twenty (20) users, fifteen (15) projects, and up to fifty (50) policies per project.

‍

Enterprise plans include enhanced security capabilities, including IP restrictions, project-level permissions, organization-managed users, selection of data region, detailed event and usage logs, custom runtime domain with premium SSL certificate, and daily backups.

‍

Enterprise plans require onboarding and configuration by a Govplane representative. Upon activation of an Enterprise trial or subscription, Govplane may contact the Customer to complete required configuration steps. Govplane reserves the right to withhold or suspend Enterprise features until configuration is completed.

‍

Govplane reserves the right to modify plan limits prospectively.

‍

6. Billing, Payments and Plan Changes

‍

Payments are processed through Stripe. By subscribing, the Customer agrees to Stripe’s terms and conditions. Govplane does not store complete payment information.

‍

Plan upgrades take effect immediately. The price difference for the remaining billing cycle shall be prorated and charged immediately.

‍

Plan downgrades take effect at the end of the current billing cycle. The Customer remains responsible for adjusting its usage to comply with the new plan limits prior to the end of that cycle.

‍

If the Customer fails to reduce usage to meet downgraded limits, Govplane reserves the right, at its sole discretion and without liability, to disable, suspend, or remove excess users, projects, policies, or other resources to enforce compliance. Such enforcement actions may be taken without further notice.

‍

Refund requests may be submitted within three (3) business days of the charge. Refund approval is at Govplane’s sole discretion. Repeated or abusive refund behavior may result in denial.

‍

7. Support

‍

Support hours are 09:00 to 22:00 CET, Monday through Friday, excluding public holidays.

‍

Basic plan response time is between one (1) and forty-eight (48) hours.

‍
Pro plan response time is between one (1) and eight (8) hours.

‍
Enterprise plan response time target is under one (1) hour.

‍

Response time refers solely to first response and does not guarantee resolution within any timeframe.

‍

Support does not include custom development, architectural consulting, or legal advice.

‍

8. Acceptable Use

‍

The Customer shall not misuse the Service. Prohibited activities include, without limitation:

‍
- Reverse engineering or attempting to extract source code;
- Circumventing plan limitations;
- Conducting penetration testing without written authorization;
- Introducing malicious code;
- Using the Service in violation of applicable laws.

‍

Govplane may suspend or terminate accounts for violations at its sole discretion.

‍

9. Data Processing and GDPR

‍

To the extent that Govplane processes personal data on behalf of the Customer, Govplane acts as a data processor and the Customer acts as the data controller within the meaning of Regulation (EU) 2016/679 (GDPR).

‍

The Customer warrants that it has a lawful basis for processing all personal data submitted to the Service and that it has provided all necessary notices and obtained all required consents.

‍

Govplane shall implement commercially reasonable technical and organizational measures to protect personal data against unauthorized access, alteration, disclosure, or destruction.

‍

The Customer acknowledges that:

‍
• Govplane does not control the type of personal data uploaded;
• Govplane does not verify the legality of Customer data;
• The Customer remains solely responsible for compliance with GDPR and any other applicable data protection laws.

‍

If Enterprise data region selection is used, Govplane will make reasonable efforts to store data within the selected region, but does not guarantee that ancillary services or backups will never involve cross-border processing.

‍

A separate Data Processing Agreement (DPA) may be executed upon request.

‍

10. Service Availability and Backups

‍

Govplane is provided on an “as available” basis. No guarantee of uninterrupted or error-free operation is provided.

Daily backups are available only under Enterprise plans and are provided on a best-effort basis. Govplane does not guarantee full restoration or zero data loss.

‍

The Customer is responsible for maintaining independent backups of critical configurations.

‍

11. DISCLAIMER OF WARRANTIES

‍

THE SERVICE, INCLUDING ANY POLICY ENGINE, RUNTIME EVALUATION MECHANISM, AUTOMATED DECISION COMPONENT, SECURITY FEATURE, BACKUP SYSTEM, LOGGING SYSTEM, OR ENTERPRISE FUNCTIONALITY, IS PROVIDED STRICTLY ON AN “AS IS,” “AS AVAILABLE,” AND “WITH ALL FAULTS” BASIS.

TO THE MAXIMUM EXTENT PERMITTED BY LAW, GOVPLANE EXPRESSLY DISCLAIMS ALL WARRANTIES, WHETHER EXPRESS, IMPLIED, STATUTORY OR OTHERWISE, INCLUDING BUT NOT LIMITED TO ANY IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE, NON-INFRINGEMENT, OR THAT THE SERVICE WILL MEET CUSTOMER REQUIREMENTS.

‍

GOVPLANE DOES NOT WARRANT THAT:

‍

- THE SERVICE WILL BE UNINTERRUPTED OR ERROR-FREE;
- POLICY EVALUATIONS WILL BE ACCURATE, COMPLETE, OR FIT FOR ANY PARTICULAR BUSINESS OBJECTIVE;
- SECURITY MEASURES WILL PREVENT ALL UNAUTHORIZED ACCESS;
- BACKUPS WILL BE COMPLETE OR RECOVERABLE;
- THE SERVICE WILL PREVENT FINANCIAL LOSS, OPERATIONAL DAMAGE, OR REGULATORY EXPOSURE.

- CUSTOMER EXPRESSLY ACKNOWLEDGES THAT IT USES THE SERVICE AT ITS OWN RISK.

‍

12. LIMITATION OF LIABILITY

‍

12.1 Exclusion of Damages

‍

TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, IN NO EVENT SHALL GOVPLANE, PLATFORMSTACK TECHNOLOGIES OÜ, ITS AFFILIATES, DIRECTORS, EMPLOYEES, SHAREHOLDERS, CONTRACTORS, OR AGENTS BE LIABLE FOR ANY: INDIRECT, INCIDENTAL, CONSEQUENTIAL, SPECIAL, EXEMPLARY, PUNITIVE, MULTIPLE, OR ENHANCED DAMAGES, INCLUDING WITHOUT LIMITATION LOSS OF PROFITS, LOSS OF REVENUE, LOSS OF DATA, LOSS OF GOODWILL, BUSINESS INTERRUPTION, REGULATORY FINES, OR REPUTATIONAL DAMAGE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. THIS EXCLUSION APPLIES REGARDLESS OF THE THEORY OF LIABILITY (CONTRACT, TORT, NEGLIGENCE, STRICT LIABILITY, OR OTHERWISE).

12.2 Aggregate Liability Cap

‍

IN NO EVENT SHALL GOVPLANE’S TOTAL AGGREGATE LIABILITY ARISING OUT OF OR RELATED TO THE SERVICE EXCEED THE TOTAL AMOUNT ACTUALLY PAID BY THE CUSTOMER TO GOVPLANE DURING THE THREE (3) MONTHS PRECEDING THE EVENT GIVING RISE TO THE CLAIM. IF NO FEES WERE PAID, LIABILITY SHALL NOT EXCEED FIVE HUNDRED (500) EUR. THE PARTIES ACKNOWLEDGE THAT THE SERVICE FEES REFLECT THIS ALLOCATION OF RISK AND LIMITATION OF LIABILITY.

12.3 No Liability for Policy Outcomes

‍

GOVPLANE SHALL HAVE NO LIABILITY WHATSOEVER FOR ANY DECISION, ACTION, OR OMISSION RESULTING FROM:
CUSTOMER-DEFINED POLICIES, AUTOMATED ENFORCEMENT ACTIONS, RUNTIME EVALUATIONS, ACCESS DENIALS, FEATURE DISABLEMENTS, OR OTHER POLICY-DRIVEN CONSEQUENCES. CUSTOMER ACCEPTS FULL RESPONSIBILITY FOR TESTING AND VALIDATING ALL POLICIES PRIOR TO PRODUCTION USE.

12.4 Waiver of Class Actions

‍

TO THE FULLEST EXTENT PERMITTED BY LAW, CUSTOMER AGREES THAT ANY DISPUTE ARISING OUT OF OR RELATED TO THE SERVICE SHALL BE RESOLVED SOLELY ON AN INDIVIDUAL BASIS. CUSTOMER WAIVES ANY RIGHT TO PARTICIPATE IN A CLASS ACTION, CLASS ARBITRATION, REPRESENTATIVE ACTION, OR COLLECTIVE PROCEEDING AGAINST GOVPLANE. NO CLAIM MAY BE BROUGHT ON BEHALF OF OTHER USERS OR THIRD PARTIES.

12.5 Waiver of Jury Trial

‍

WHERE PERMITTED BY LAW, EACH PARTY IRREVOCABLY WAIVES ANY RIGHT TO A TRIAL BY JURY IN ANY LEGAL PROCEEDING ARISING OUT OF OR RELATING TO THESE TERMS OR THE SERVICE.

‍

13. SECURITY BREACH DISCLAIMER

‍

Govplane implements commercially reasonable security measures; however, Customer acknowledges and agrees that:

1. No system can be guaranteed to be completely secure.
2. Security is a shared responsibility model.
3. Customer configuration errors, exposed runtime keys, weak access controls, or improper integration may materially increase risk.

‍

Govplane shall not be liable for:

‍

- Security incidents resulting from Customer misconfiguration;
- Compromised credentials not caused by Govplane gross negligence;
- Third-party infrastructure failures;
- Attacks targeting Customer’s own environment;
- Data exposure caused by Customer API misuse.

‍

In the event of a security incident affecting Govplane infrastructure, Govplane will take commercially reasonable steps to contain and mitigate the issue. However, Govplane does not guarantee prevention of all breaches and disclaims liability to the maximum extent permitted by law. Customer is solely responsible for implementing additional safeguards appropriate to its risk profile.

‍

14. AUTOMATED DECISION AND AI RISK DISCLOSURE

‍

Govplane enables automated policy evaluation and decision enforcement. Certain features may involve rule-based automation, algorithmic evaluation, or system-driven execution of predefined logic.

‍

Customer acknowledges that:

‍

- Policy outcomes are determined by logic defined by the Customer;
- Automated enforcement may result in denial of access, feature restriction, transaction blocking, or other operational consequences;
- Misconfigured policies may result in unintended outcomes;
- Automated systems may behave unpredictably under unforeseen input conditions.

Govplane does not provide legal, financial, compliance, or risk advisory services. The Service is not a substitute for human oversight.

‍

Customer agrees that:

‍

- All automated decisions remain under Customer’s responsibility;
- Customer shall implement appropriate monitoring, override mechanisms, and manual review procedures where necessary;
- Govplane is not liable for losses arising from automated policy execution.

‍

If Customer uses Govplane in regulated environments (including but not limited to financial services, healthcare, critical infrastructure, or AI-regulated sectors), Customer is solely responsible for ensuring compliance with applicable laws, including any requirements relating to automated decision-making transparency, explainability, or human oversight.

‍

15. Indemnification

‍

The Customer agrees to indemnify, defend and hold harmless Platformstack Technologies OÜ from any claims, liabilities, damages, losses, or expenses arising from:

‍
- The Customer’s policies and their effects;
- Misuse of the Service;
- Violation of these Terms;
- Data protection violations caused by the Customer.

‍

16. Termination

‍

Govplane may suspend or terminate access immediately for:

‍

- Non-payment;

- Violation of these Terms;

- Security risks;
- Legal requirements.

‍

Upon termination, access may be revoked without prior notice.

‍

17. Governing Law and Jurisdiction

‍

These Terms are governed by the laws of Estonia. Any dispute arising from these Terms shall be subject to the exclusive jurisdiction of the courts of Estonia.

‍

18. Amendments

‍

Govplane reserves the right to modify these Terms at any time. Continued use of the Service constitutes acceptance of the updated Terms.

‍

19. Contact

‍

Support: support@govplane.com
Privacy & administrative matters: management@platformstack.org

‍