The agreement behind the product.

These Terms apply from the moment you place an order, sign an order form, or begin using the WebWall platform in a capacity other than the public marketing site. The commercial specifics — the subscription tier, the term, the service-level schedule, the annual commitment — live in the order form that we sign separately. Where this document and the order form differ on a point that both address, the order form prevails.

WebWall applies a semantic security policy to traffic you route through it, including WebSocket frames, event-bus messages, RPC/MCP invocations, server-sent events, and the DOM mutations surfaced by the MAJA isolation substrate. The platform issues verdicts (allow · rewrite · block · quarantine) against a rule set you author and an optional ML classifier we maintain, and produces a signed PROV-O audit trail of those verdicts.

The platform is delivered as a Rust library linked into your deployment of MAJA or as a packaged container image. The commercial tier you select in the order form determines which of these delivery modes is available, along with any managed-service or SOC-hours component.

You are responsible for the confidentiality of the credentials and signing keys issued to you. You will configure MFA for every human operator and you will not share an account between individuals. You will notify us without undue delay if you suspect an operator credential has been compromised.

You will not, and will not permit a third party to:

• Use WebWall to process traffic that you are not authorised to inspect under the law of the jurisdiction of the data subject
• Reverse-engineer, decompile, or extract model weights from the classifier artefacts, except to the extent that mandatory law expressly preserves that right
• Benchmark the platform for public comparison without first sharing the methodology with us and allowing 30 days for written comment
• Use the platform to target, filter, or block lawful expression in a manner inconsistent with Art. 10 of the European Convention on Human Rights
• Use the platform or its output for the development or refinement of a directly competing WAF, policy-engine, or browser-isolation product

We retain all right, title, and interest in the WebWall platform, the AKIRA reasoner, the kyl language, the classifier artefacts, the MAJA substrate, and this website — including all improvements, regardless of whether they were inspired by your feedback. You retain all right, title, and interest in the rules, sitemaps, and traffic data you author or route through the platform.

We grant you a non-exclusive, non-transferable, non-sublicensable licence to use the platform during the term of the subscription, for your internal business purposes, up to the limits in the order form. You grant us a non-exclusive licence to use aggregated, de-identified statistics derived from your use for product-improvement purposes. We will never train ML models on identifiable customer payloads without a separate, signed agreement.

Fees are set out in the order form. Unless stated otherwise, subscription fees are payable annually in advance, in Swiss francs, net 30 from invoice. Taxes are additional and paid by the party legally obliged to pay them. We may increase fees on renewal with at least 60 days' notice; you may decline renewal on that basis without penalty.

Each party will protect the other's non-public information with at least the care it applies to its own, and in no event less than reasonable care. The obligation survives termination for five years, except for trade secrets, which are protected for as long as they remain trade secrets. Aggregate learnings, feedback, and ideas you share are not confidential unless we agree in writing.

We warrant that the platform will substantially perform as described in the documentation in effect at the time of the order, during the subscription term. Your sole remedy for a breach of this warranty is, at our option, a fix, a replacement, or a pro-rated refund of the unused portion of the subscription.

Except for the warranty above, the platform is provided AS IS. We disclaim all other warranties to the maximum extent permitted by law, including merchantability, fitness for a particular purpose, and non-infringement. Security software is a risk-mitigation control, not a guarantee; no platform can promise the absence of a zero-day.

To the maximum extent permitted by law, neither party will be liable for lost profits, lost revenue, lost data, loss of goodwill, or any indirect, consequential, or punitive damages. Each party's aggregate liability arising out of or related to this agreement is capped at the fees paid and payable by you in the twelve months preceding the first event giving rise to the claim.

The caps in this section do not apply to liability for wilful misconduct, fraud, infringement of the other party's intellectual property, breach of confidentiality, or to any liability that cannot be limited under applicable law.

We will defend you against a third-party claim that your authorised use of the unmodified platform infringes that third party's intellectual property rights, and we will pay damages finally awarded or agreed in settlement. You will defend us against a third-party claim arising from your use of the platform in breach of these Terms or in breach of your obligations as a controller of personal data.

The agreement runs for the subscription term in the order form and renews automatically for successive terms of equal length unless either party gives notice at least 60 days before renewal. Either party may terminate immediately for the other's material, uncured breach after 30 days' written notice; for insolvency events; or for an unauthorised use that creates a credible risk to other customers of the platform.

On termination, you will stop using the platform and we will provide a one-time export of your audit-log and ruleset in machine-readable form. Clauses that by their nature survive — confidentiality, indemnification, limitation of liability, intellectual property, governing law — survive termination.

For personal data you process through the platform, we act as your processor and the Data Processing Addendum at webwall.ai/dpa is incorporated by reference. For personal data we process about you directly, the Privacy Policy at webwall.ai/privacy applies.

The platform is subject to Swiss export-control law and, where applicable, EU and US export regulations. You will not use or re-export the platform in violation of those controls or to a sanctioned party, and you will not permit an end-user listed on a public denied-parties list to access it.

This agreement is governed by the substantive laws of Switzerland, without reference to conflict-of-laws principles. The UN Convention on Contracts for the International Sale of Goods does not apply. Exclusive venue for disputes is Zurich, Switzerland; each party irrevocably submits to that venue. The prevailing party in a dispute is entitled to reasonable attorneys' fees.

These Terms, the order form, the DPA, and the Privacy Policy are the entire agreement and supersede any prior writings on the same subject. If a provision is unenforceable, the remainder survives. A failure to enforce a provision is not a waiver. Neither party may assign the agreement without the other's written consent, except that either party may assign it in connection with a merger, acquisition, or sale of substantially all its assets. Notices must be in writing; email to the address in the order form is sufficient for non-legal notices.