Terms of Service

1. Acceptance of Terms

By accessing or using the NOπI service (the "Service") provided by Enigma Vault ("Company," "we," "our," or "us"), you ("Customer," "you," or "your") agree to be bound by these Terms of Service (the "Terms"). If you are accepting these Terms on behalf of an organization, you represent that you have the authority to bind that organization. If you do not agree to these Terms, you may not use the Service.

2. Definitions

• "Personal Data" or "PII" means any information relating to an identified or identifiable natural person, as defined under applicable data protection laws (including GDPR, CCPA/CPRA, and similar laws). The scope of PII is defined by law, not by the technical capabilities of the Service.
• "Detected PII" means the subset of Personal Data that the Service identifies through its natural language processing and pattern matching pipeline. Detected PII may be a proper subset of PII present in a given request; see Section 12 (No Guarantee of Complete Detection).
• "Tokenization" means the process of replacing Detected PII with deterministic, non-reversible tokens that preserve referential consistency across conversations.
• "Protected Tokens" means LLM tokens (input and output) that pass through the Service's detection pipeline, calculated as prompt tokens plus completion tokens minus overhead tokens injected by the Service.
• "Tenant" means a configured integration identified by a unique identifier derived from your LLM API key.
• "Organization" means the billing entity under which one or more Tenants are grouped.

3. Description of Service

NOπI is a PII-tokenizing reverse proxy for LLM APIs. The Service sits between your application and supported LLM providers, intercepts API requests, detects PII using natural language processing and pattern matching, replaces Detected PII with deterministic vault tokens, and forwards sanitized requests to the LLM provider. Responses are detokenized before being returned to your application. The Service currently supports OpenAI, Anthropic, xAI, DeepSeek, Mistral, Google Gemini, Groq, Together AI, and Fireworks AI.

4. Account Registration and Access

4.1 Account Creation

You must create an account through the NOπI admin console to configure the Service. You are responsible for maintaining the security of your login credentials.

4.2 Drop-In Authentication

The Service identifies your Tenant by deriving a unique identifier from the LLM API key you include in each request. Your LLM API key is passed through to the LLM provider and is never stored by NOπI.

4.3 Team Access

You may invite additional users to your Organization. You are responsible for all activity that occurs under your Organization, including activity by team members you have authorized.

5. Pricing and Billing

5.1 Plans

The Service is offered under the following plans:

• Free: $0/month. Includes 1,000,000 Protected Tokens per calendar month (UTC). When the limit is reached, subsequent requests are blocked until the next calendar month or until you upgrade. Upgrading mid-month immediately restores service; previously blocked requests are not retroactively processed.
• Pro: $50/month base fee. Includes 50,000,000 Protected Tokens per calendar month. Usage beyond the included amount is billed at $1.00 per 1,000,000 Protected Tokens. Downgrading from Pro to Free takes effect at the end of the current billing period.
• Enterprise: Custom pricing, including optional Business Associate Agreements (BAAs), uptime commitments, and custom data retention terms. Contact sales for details.

5.2 Billing Aggregation

Usage is aggregated at the Organization level across all Tenants and API keys belonging to that Organization.

5.3 Metering

Protected Tokens are counted for every request that passes through the Service, regardless of whether PII is detected. The Service subtracts its own processing overhead (system prompt tokens) from your billable count. You are not charged for tokens the Service injects.

5.4 Payment

Pro plan billing is managed through Stripe. You authorize recurring charges when you subscribe. Failed payments are subject to Stripe's retry schedule. Continued non-payment may result in downgrade to the Free plan.

5.5 Refunds

Except where required by applicable law, subscription fees and usage-based charges are non-refundable.

5.6 Taxes

All fees are exclusive of applicable taxes, levies, or duties imposed by taxing authorities (including sales, use, value-added, goods and services, and withholding taxes), and you are responsible for payment of all such taxes, excluding only taxes based on Enigma Vault's net income. If we are required to collect or pay any such taxes on your behalf, they will be invoiced to you unless you provide a valid tax exemption certificate.

6. Acceptable Use

You agree not to:

• Use the Service for any unlawful purpose or to process data you do not have the right to process
• Transmit Protected Health Information (PHI) subject to HIPAA, cardholder data subject to PCI-DSS, or other data subject to heightened regulatory requirements through the Service unless you have entered into an appropriate written agreement with us (such as a Business Associate Agreement) covering that data
• Attempt to circumvent the Service's PII detection, tokenization, billing, rate limiting, or other security or operational mechanisms
• Interfere with or disrupt the integrity or performance of the Service
• Reverse engineer, decompile, or disassemble any part of the Service, except to the extent such restriction is prohibited by applicable law
• Use the Service to develop, train, or benchmark a competing product or service, or to copy any features, functions, or user interface elements of the Service
• Use the Service to transmit malicious code or content, or content that infringes or misappropriates any third party's intellectual property, privacy, publicity, or other rights
• Use the Service in a manner that would cause Enigma Vault to violate its own legal, regulatory, or contractual obligations, including obligations to its sub-processors
• Resell or sublicense access to the Service without written permission

7. Customer Responsibilities and Data Processing

7.1 Your Data

You retain all ownership rights to data you transmit through the Service. We process your data solely to provide the Service. With respect to content you transmit through the proxy, you act as the data controller and Enigma Vault acts as a data processor.

7.2 Customer Representations

You represent and warrant that (a) you have all rights, consents, and legal bases necessary to transmit the data you send through the Service, (b) your use of the Service complies with all laws and regulations applicable to you, and (c) you have provided all required notices to, and obtained all required consents from, the individuals whose data you transmit.

7.3 How Data Flows

When a request passes through the Service: (a) PII is detected in your request content, (b) Detected PII is sent to the Enigma Vault Data Vault for tokenization, (c) Detected PII in your request is replaced with vault tokens, (d) the sanitized request is forwarded to your chosen LLM provider, (e) the LLM response is detokenized before being returned to you.

7.4 What We Store

The Service stores: audit log entries (entity type, vault token, confidence score, and masked value - never plaintext PII), request logs (token counts, provider, model, latency, and HTTP status for billing and analytics), and Organization/Tenant configuration. If debug mode is enabled by you, sanitized (not plaintext) request and response bodies may be stored temporarily, truncated to 64KB.

Vault tokens generated from Detected PII are persisted by the Enigma Vault Data Vault to enable detokenization of LLM responses within and across conversations. Vault tokens are retained for a minimum of one day, with longer or indefinite retention available by configuring the token time-to-live (TTL) in the admin console. Retention defaults and maximums vary by plan as described in the technical documentation. You may delete vault tokens at any time using the Token Purge feature.

7.5 What We Do Not Store

The Service does not store: your plaintext PII, your LLM API keys (passed through on each request, never persisted), or LLM request/response content (unless debug mode is enabled).

7.6 Session Data

In-memory session caches map plaintext to tokens for the duration of a conversation session. Session data is held in volatile memory only, is not persisted to disk, is discarded within one hour of last access, and is lost on Service restart.

7.7 Fail-Safe Design

If the tokenization service is unavailable, the Service blocks your request (HTTP 503) rather than forwarding unprotected PII to the LLM provider. PII is never sent to an LLM provider in plaintext.

8. Sub-Processors

The Service uses third-party sub-processors to deliver functionality, including a cloud infrastructure provider (hosting, databases, secrets storage, authentication, email delivery, monitoring) located in the United States, the Enigma Vault Data Vault (tokenization and detokenization), Stripe (billing and payment processing), supported LLM providers (which receive sanitized requests only, never plaintext PII), and Langfuse (optional LLM observability, enabled only if you turn it on, and receives only tokenized content).

A current list of sub-processors is maintained at www.nopii.co/sub-processors. We will provide at least 30 days' advance notice of material changes by email to account administrators. If you object to a new sub-processor, you may terminate your subscription without penalty prior to the sub-processor taking effect, and we will refund any prepaid, unused fees covering the period after the termination date.

9. Security

9.1 Encryption

All data in transit is encrypted via TLS. Data at rest in our database and secrets storage is encrypted using industry-standard encryption.

9.2 Access Controls

LLM API keys are never stored. Vault credentials are stored in a managed secrets service accessible only via scoped service roles. Admin console access supports SSO and multi-factor authentication.

9.3 Rate Limiting

The Service enforces rate limits to protect against abuse. Current thresholds are published in the technical documentation and may be adjusted over time with reasonable notice.

9.4 Breach Notification

We will notify you without undue delay after confirming a personal data breach affecting your data, consistent with the commitments in our Privacy Policy. This notice is intended to support your own regulatory notification obligations where you act as a data controller.

10. Intellectual Property

The Service and its original content, features, and functionality are and will remain the exclusive property of Enigma Vault. The Service is protected by copyright, trademark, and other applicable laws. These Terms do not grant you any rights to our trademarks or branding.

11. Service Availability

We strive to maintain high availability of the Service but do not guarantee uninterrupted access. No uptime service level agreement (SLA) is offered for the Free or Pro plans. We may perform maintenance with reasonable advance notice and reserve the right to modify, suspend, or discontinue features with reasonable notice. For Enterprise customers, service level commitments are defined in your separate Enterprise agreement.

12. No Guarantee of Complete Detection; Disclaimer of Warranties

12.1 No Guarantee of Complete Detection

PII DETECTION IS PERFORMED ON A BEST-EFFORT BASIS USING NATURAL LANGUAGE PROCESSING AND PATTERN MATCHING. WE DO NOT WARRANT THAT THE SERVICE WILL DETECT OR TOKENIZE ALL PII IN ALL CIRCUMSTANCES. THE SERVICE MAY PRODUCE FALSE NEGATIVES (PII THAT IS NOT DETECTED) AND FALSE POSITIVES (NON-PII TOKENIZED AS PII). YOU REMAIN RESPONSIBLE FOR EVALUATING WHETHER THE SERVICE IS APPROPRIATE FOR YOUR USE CASE AND FOR IMPLEMENTING ADDITIONAL CONTROLS AS REQUIRED BY YOUR LEGAL, REGULATORY, AND CONTRACTUAL OBLIGATIONS.

12.2 General Disclaimer

EXCEPT AS EXPRESSLY PROVIDED IN THESE TERMS, THE SERVICE IS PROVIDED "AS IS" AND "AS AVAILABLE" WITHOUT WARRANTIES OF ANY KIND, WHETHER EXPRESS, IMPLIED, OR STATUTORY, INCLUDING BUT NOT LIMITED TO IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT.

13. Limitation of Liability

13.1 Exclusion of Indirect Damages

TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, AND EXCEPT FOR THE EXCLUSIONS IN SECTION 13.3, ENIGMA VAULT SHALL NOT BE LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, OR PUNITIVE DAMAGES, OR ANY LOSS OF PROFITS, REVENUES, DATA, OR BUSINESS OPPORTUNITIES, WHETHER INCURRED DIRECTLY OR INDIRECTLY, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

13.2 Aggregate Cap

SUBJECT TO SECTION 13.3, OUR TOTAL AGGREGATE LIABILITY UNDER THESE TERMS SHALL NOT EXCEED THE GREATER OF (A) THE AMOUNTS PAID BY YOU TO US IN THE TWELVE (12) MONTHS PRECEDING THE CLAIM, OR (B) ONE HUNDRED U.S. DOLLARS ($100). Enterprise customers may negotiate a separate liability cap in their Enterprise agreement.

13.3 Exclusions from Limitation

The limitations in Sections 13.1 and 13.2 do not apply to: (a) either party's indemnification obligations under Section 14, (b) either party's breach of confidentiality obligations, (c) liability arising from a party's gross negligence, willful misconduct, or fraud, (d) either party's infringement of the other party's intellectual property rights, (e) your obligation to pay fees owed under these Terms, or (f) any liability that cannot be excluded or limited under applicable law.

14. Indemnification

14.1 Indemnification by You

You agree to indemnify, defend, and hold harmless Enigma Vault and its officers, directors, employees, and agents from and against any third-party claims, liabilities, damages, losses, and expenses (including reasonable attorneys' fees) arising out of or in connection with: (a) your use of the Service, (b) your violation of these Terms, (c) your violation of any applicable law or regulation, (d) your violation of any third party's rights, or (e) your transmission of data through the Service without the necessary rights or consents.

14.2 Indemnification by Enigma Vault

Enigma Vault will defend you against any third-party claim alleging that the Service, as provided by Enigma Vault and used in accordance with these Terms, infringes that third party's patent, copyright, trademark, or trade secret rights, and will pay any damages and costs finally awarded against you by a court of competent jurisdiction or agreed to in settlement by Enigma Vault in connection with such claim.

Enigma Vault has no obligation under this Section 14.2 for claims arising from: (a) your modification of the Service, (b) combination of the Service with products, services, or data not provided or authorized by Enigma Vault, where the claim would not have arisen but for the combination, (c) your continued use of an allegedly infringing version of the Service after Enigma Vault has provided a non-infringing alternative or direction to cease use, (d) your use of the Service in violation of these Terms or applicable law, or (e) content supplied by you or a third party (including LLM prompts and outputs).

If the Service is, or in Enigma Vault's opinion is likely to become, the subject of an infringement claim, Enigma Vault may, at its option and expense: (i) procure for you the right to continue using the Service, (ii) modify the Service to make it non-infringing, or (iii) terminate your access to the Service and refund any prepaid, unused fees covering the period after the termination date. This Section 14.2 states Enigma Vault's entire liability, and your sole and exclusive remedy, for third-party infringement claims relating to the Service.

14.3 Indemnification Procedure

The party seeking indemnification shall: (a) promptly notify the indemnifying party in writing of the claim, (b) give the indemnifying party sole control over the defense and settlement of the claim (provided that no settlement requiring an admission of liability or payment by the indemnified party may be entered into without the indemnified party's prior written consent, not to be unreasonably withheld), and (c) provide reasonable cooperation in the defense at the indemnifying party's expense.

15. Termination

15.1 Termination by You

You may stop using the Service at any time. You may cancel your subscription through the Stripe customer portal or by contacting us. Cancellation takes effect at the end of the current billing period.

15.2 Termination by Us

We may terminate these Terms for your material breach if you fail to cure the breach within thirty (30) days after written notice from us describing the breach. Notwithstanding the foregoing, we may terminate or suspend your access to the Service immediately and without prior notice for: (a) failure to pay fees when due that remain unpaid after reasonable collection efforts, (b) your violation of Section 6 (Acceptable Use) or Section 19 (Export Controls and Sanctions), (c) conduct that poses a security risk to the Service or other customers, (d) conduct that may subject Enigma Vault to legal liability, or (e) as required by law or order of a court or governmental authority.

Suspension. In addition to our termination rights, we may suspend your access to the Service on reasonable notice (or without notice in the case of suspected abuse, security threats, or legal compulsion) pending investigation of a suspected breach or security incident. We will restore access promptly upon resolution of the issue.

Discontinuation. We may discontinue the Service in its entirety on at least 30 days' written notice. If we discontinue the Service, we will refund any prepaid, unused fees covering the period after the discontinuation date.

15.3 Effect of Termination

Upon termination: your right to use the Service ceases immediately, your in-memory session data is discarded, and your audit and request logs are retained for the period described in our Privacy Policy. For a period of 30 days following termination, you may request an export of your audit logs and configuration data in a machine-readable format by contacting support@enigmavault.io. After this window, you may request deletion of your data in accordance with our Privacy Policy.

16. Dispute Resolution

Any dispute arising out of or relating to these Terms shall first be attempted to be resolved through good-faith negotiation for a period of thirty (30) days. If unresolved, the dispute shall be submitted to binding arbitration administered by the American Arbitration Association under its Commercial Arbitration Rules. The arbitration shall take place in New York, New York. Each party shall bear its own costs, with arbitration fees shared equally.

Small claims carve-out: Notwithstanding the foregoing, either party may bring an individual action in small claims court for disputes within the jurisdiction of that court.

Class action waiver: You and Enigma Vault agree that each may bring claims against the other only in an individual capacity, and not as a plaintiff or class member in any purported class or representative proceeding. If the class action waiver is found unenforceable as to any claim or remedy, that claim or remedy shall be severed from arbitration and litigated in a court of competent jurisdiction; the remainder of this arbitration agreement shall remain in full force and effect.

Injunctive relief carve-out: Notwithstanding the foregoing, either party may seek injunctive or other equitable relief in a court of competent jurisdiction to protect its intellectual property or confidential information.

Confidentiality: The parties agree that any arbitration proceedings, including the existence of the dispute, all submissions, evidence, and the arbitrator's award, shall be kept confidential except as necessary to enforce the award or as required by law.

Time limitation: Except for claims arising from non-payment of fees, any claim arising out of or relating to these Terms must be brought within one (1) year after the claim arose; otherwise, the claim is permanently barred.

17. Governing Law

These Terms shall be governed by and construed in accordance with the laws of the State of New York, without regard to its conflict-of-law provisions. Subject to Section 16 (Dispute Resolution), the state and federal courts located in New York County, New York shall have exclusive jurisdiction over any dispute not subject to arbitration, and each party consents to the personal jurisdiction and venue of those courts.

18. Assignment

You may not assign or transfer these Terms, by operation of law or otherwise, without our prior written consent. We may assign these Terms without your consent to an affiliate or in connection with a merger, acquisition, corporate reorganization, or sale of all or substantially all of our assets. Any attempted assignment in violation of this section is void.

19. Export Controls and Sanctions

You represent and warrant that you are not located in, under the control of, or a national or resident of any country subject to U.S. government embargoes or designated by the U.S. government as a "terrorist supporting" country, and that you are not listed on any U.S. government list of prohibited or restricted parties. You agree to comply with all applicable export control and sanctions laws in your use of the Service.

20. Publicity

You grant Enigma Vault a non-exclusive, worldwide, royalty-free right to use your name and logo on the NOπI website, in customer lists, and in marketing, sales, and investor materials to identify you as a customer of the Service. Enigma Vault will use the logo in accordance with any reasonable brand guidelines you provide in writing. You may revoke this right at any time by written notice to support@enigmavault.io, and Enigma Vault will cease new use of your name and logo within 30 days of receipt (existing printed materials and archived versions excepted). Neither party will otherwise use the other's name, logo, or trademarks in publicity materials without prior written consent.

21. Severability

If any provision of these Terms is held to be unenforceable, that provision shall be modified to the minimum extent necessary to make it enforceable, and the remaining provisions shall continue in full force and effect.

22. Force Majeure

Neither party shall be liable for delays or failures in performance resulting from causes beyond its reasonable control, including but not limited to acts of God, natural disasters, war, terrorism, labor disputes, government actions, epidemics or pandemics, internet or infrastructure failures, cybersecurity incidents (including denial-of-service attacks, ransomware, and compromises of upstream sub-processors or service providers), and third-party service outages.

23. Feedback

If you provide Enigma Vault with suggestions, comments, bug reports, feature requests, or other feedback regarding the Service ("Feedback"), you grant Enigma Vault a perpetual, irrevocable, worldwide, royalty-free, sublicensable license to use, reproduce, modify, and incorporate the Feedback into the Service or any other Enigma Vault product or service, without restriction or compensation to you. Feedback is provided on a non-confidential basis.

24. Survival

The following provisions survive termination or expiration of these Terms: Section 2 (Definitions), Section 5.5 (Refunds) and Section 5.6 (Taxes) with respect to fees incurred prior to termination, Section 7.1 (Your Data), Section 10 (Intellectual Property), Section 12 (No Guarantee of Complete Detection; Disclaimer of Warranties), Section 13 (Limitation of Liability), Section 14 (Indemnification), Section 15.3 (Effect of Termination), Section 16 (Dispute Resolution), Section 17 (Governing Law), Section 18 (Assignment), Section 23 (Feedback), this Section 24, and any other provision that by its nature is intended to survive termination.

25. Notices

All formal legal notices under these Terms shall be in writing and delivered by email, with notices to Enigma Vault sent to support@enigmavault.io and notices to you sent to the email address associated with your Organization's primary administrator account. Notices are effective upon confirmed delivery (for email, on the date sent absent a bounce or delivery failure). You are responsible for keeping your administrator contact information current. Routine operational communications (billing notifications, product updates, security advisories) may be sent through in-product messaging or to any administrator on your account.

26. Entire Agreement

These Terms, together with our Privacy Policy and any applicable Enterprise agreement or Data Processing Addendum, constitute the entire agreement between you and Enigma Vault regarding the Service and supersede all prior agreements and understandings.

27. Changes to Terms

We reserve the right to modify these Terms at any time. We will provide notice of material changes by posting the updated Terms on this page, updating the "Last updated" date, and, for material changes, notifying you via email. Your continued use of the Service after changes are posted constitutes acceptance of the modified Terms. If you do not agree with the changes, you must stop using the Service.

28. Contact Us

If you have questions about these Terms of Service, please contact us at support@enigmavault.io, or by mail at:

Enigma Vault

30 Broad St., Suite 14114

New York, NY 10004

Phone: (877) 977-2083