Terms of Service

Last Updated: April 3, 2026

1. Acceptance of Terms

By accessing or using NotAI's services ("Services"), you agree to be bound by these Terms of Service ("Terms"). If you do not agree to these Terms, you may not use our Services.

These Terms apply to website operators, institutions, and other organisations that register an account with NotAI or integrate our products ("Customers"). Terms that relate to account registration, billing, service commitments, or acceptable use apply to Customers. End users who interact with Customer integrations (for example, students in a Customer's learning management system, or visitors to a Customer's website) are governed by the Customer's own terms of service and by the NotAI Privacy Policy, not by the Customer-facing obligations in these Terms.

1.1 Definitions

The following terms have the meanings set out below when used as capitalised defined terms in these Terms:

  • "Services" means the NotAI human-verification and AI-detection services described in Section 2, including the NotAI Pixel, Text Monitor, Dashboard, and any related software, APIs, and documentation made available by NotAI.
  • "Terms" means these Terms of Service, as amended from time to time in accordance with Section 15.
  • "Customer" means an individual or entity that has (i) created an account with NotAI, (ii) purchased or subscribed to a paid Plan, or (iii) otherwise expressly accepted these Terms at checkout, during signup, or through a signed order form.
  • "End User" means a natural person who encounters the Services solely because a school, employer, testing provider, or other institution has deployed NotAI. End Users are governed by their relationship with the deploying institution and by the institution's own terms of service, privacy notice, and dispute-resolution processes; they are not parties to these Terms.
  • "Personal Data" has the meaning set out in the Data Processing Agreement.
  • "Subscription" means a paid subscription to the Services as described in Section 7.
  • "Plan" means a tier of Subscription (for example, Starter, Pro, or Enterprise) as described in Section 7.1.

2. Description of Services

NotAI provides human verification and AI detection services:

  • NotAI Pixel: Detects automated or AI-driven browsing patterns on any website
  • Text Monitor: Analyses typing behavior in forms and rich-text editors to verify human authorship
  • Dashboard: Analytics and management interface for customers

2.1 Service Availability

NotAI targets high availability for all production Services. Formal uptime commitments, scheduled maintenance windows, incident response procedures, and any remedies for downtime are defined in a separate Service Level Agreement that forms part of an executed Enterprise agreement.

3. Account Registration

3.1 Eligibility

To register an account with NotAI you must be at least 18 years old and capable of entering into a binding contract, or you must be registering on behalf of an institution or organisation with authority to do so. This eligibility requirement applies to account registrants only and does not apply to end users of a Customer's integration, including students in a K-12 learning environment covered by the COPPA school-official exception and FERPA, as described in Section 13 of the Privacy Policy.

3.2 Account Security

You are responsible for:

  • Maintaining the confidentiality of your account credentials
  • All activities that occur under your account
  • Notifying us immediately of any unauthorised use

3.3 Region Selection

Default. During registration, you must select a data region (US or EU). Under these Terms, your region selection is the default for the life of your account, and primary service data (the behavioral and session data we collect to verify human authorship) is stored and processed exclusively in your selected region.

Subprocessor exceptions. Limited categories of data necessary for ancillary services, including billing records held by our payment processor and transactional email metadata held by our email-delivery provider, are processed by subprocessors in the United States regardless of your region selection, as further described in Section 5 of the Privacy Policy.

Limited migration availability. Migration of primary service data between regions is not a standard feature of the Services. NotAI may, at its sole discretion and by separate written agreement, accommodate a region change only where (i) the change is required by a legally binding change of control or corporate reorganisation, (ii) the change is required by a subsequent mandatory law applicable to you or to NotAI, or (iii) migration is necessitated by the long-term unavailability of the region originally selected. Migration may require data export and re-import, is subject to a service-interruption window, and may be subject to a reasonable engineering fee.

No right to region change. Nothing in this Section 3.3 creates a right or expectation of migration outside the scenarios expressly set out above.

4. Acceptable Use

4.1 General Prohibitions

You agree NOT to use our Services to:

  • Violate any applicable laws or regulations;
  • Infringe on the intellectual property rights of others;
  • Collect data from end users without a lawful basis and, where required, informed consent;
  • Transmit malicious code or interfere with our systems or the integrity, availability, or security of the Services;
  • Attempt to reverse engineer our detection algorithms, except to the extent that reverse engineering is expressly permitted by applicable law notwithstanding this restriction (including, in the United States, good-faith security research, interoperability testing, and encryption research under 17 U.S.C. § 1201(j), § 1201(f), and § 1201(g)) and subject to any advance-notice or responsible-disclosure requirements in our Vulnerability Disclosure Policy;
  • Resell or redistribute our Services without authorisation;
  • Use our Services to engage in unlawful discrimination or in "algorithmic discrimination" as defined in the Colorado Artificial Intelligence Act (C.R.S. § 6-1-1701(1)), including any use that results in unlawful differential treatment or impact disfavoring an individual or group on the basis of a classification protected under U.S. federal, state, or local law or under the law of the European Union or a member state;
  • Circumvent usage limits, rate limiting, or technical protection measures.

4.2 Prohibited Use Cases

Regardless of any other provision of these Terms, the following uses of the Services are strictly prohibited and are not authorised under any customer instruction, order form, or configuration:

  • Article 5 of the EU AI Act. Any use that constitutes a prohibited artificial intelligence practice under Article 5 of Regulation (EU) 2024/1689, including (without limitation) subliminal or purposefully manipulative techniques causing significant harm, exploitation of vulnerabilities of specific groups, social scoring by public authorities or on their behalf, predictive policing based solely on profiling or personality traits, untargeted scraping of facial images to build facial-recognition databases, inference of emotions in workplaces or educational institutions (except for strictly medical or safety reasons), biometric categorisation to infer sensitive attributes, and real-time remote biometric identification in publicly accessible spaces for law-enforcement purposes.
  • Medical, clinical, and life-critical decisions. Any use to make, or to materially inform, a medical diagnosis, treatment decision, mental-health assessment, suicide-risk determination, triage, medication-management decision, or any other decision where error could reasonably be expected to cause physical injury, death, or serious deterioration of health. The Services are not a medical device and are not validated for clinical use.
  • Critical infrastructure. Any use in the operation, control, safety, or security of critical infrastructure within the meaning of Annex III point 2 of the EU AI Act or of 42 U.S.C. § 5195c(e), including road traffic, the supply of water, gas, heating, or electricity, or any industrial-control or safety-of-life system.
  • Law-enforcement remote biometric identification. Any use to perform or support real-time or post remote biometric identification of natural persons in publicly accessible spaces for law-enforcement purposes, or to profile individuals or assess risk of criminal offending or re-offending.
  • Export controls and sanctions. Any use that would violate U.S. export controls (including 15 CFR Parts 730–774 and the Export Administration Regulations administered by the U.S. Department of Commerce), U.S. sanctions administered by the Office of Foreign Assets Control (31 CFR Chapter V), EU Council Regulation (EU) 2021/821, or comparable export-control or sanctions regimes; access to or use of the Services is prohibited from any jurisdiction subject to comprehensive U.S. or EU sanctions and by any person listed on the U.S. Specially Designated Nationals List, the U.S. Entity List, the EU Consolidated List of Sanctions, or comparable lists.
  • Special-category data without a lawful basis. Any submission to, or processing through, the Services of "special categories of personal data" within the meaning of Article 9 of the GDPR, data revealing criminal convictions or offences within the meaning of Article 10 of the GDPR, "sensitive personal information" within the meaning of the CCPA/CPRA, protected health information subject to HIPAA, or children's personal information subject to COPPA, except where the customer has an independently established lawful basis and has configured the Services in accordance with Section 5 and, where applicable, Section 4.4.
  • Security research without responsible disclosure. Any security testing, fuzzing, vulnerability scanning, or adversarial probing of the Services conducted outside of, and without compliance with, NotAI's Vulnerability Disclosure Policy.

Carve-out for behavioral signals processed by the Services. The prohibition above on the submission or processing of special-category personal data does not apply to NotAI's processing, in the ordinary operation of the Services, of behavioral telemetry inherent to authorship verification and AI-agent detection, including keystroke-timing signals, cursor-movement traces, scroll telemetry, and related session signals. To the extent that any such signal would, on a particular factual record and in the view of a competent supervisory authority, qualify as "biometric data" within the meaning of Article 4(14) of the GDPR or "sensitive personal information" within the meaning of the CCPA/CPRA, the Parties acknowledge that (a) NotAI processes such signals solely for the purposes of providing the Services to the customer and not for any incompatible secondary purpose; (b) the lawful basis for processing is the basis identified by the customer-controller in its instructions to NotAI under Section 5 and the DPA, which may include Article 9(2)(g) substantial public interest (academic-integrity safeguarding) or another applicable Article 9 ground; and (c) NotAI applies the technical and organisational measures set out in Annex 2 of the DPA to such signals. The customer is responsible for ensuring that its own lawful basis under Article 6 and, where applicable, Article 9 of the GDPR (or the equivalent under other applicable law) is established and documented before deploying the Services.

4.3 Mandatory Human Review for Consequential Decisions

Where a customer uses the output of the Services as a factor in a decision that produces legal effects concerning a natural person or similarly significantly affects a natural person (a "consequential decision"), including a "consequential decision" within the meaning of the Colorado Artificial Intelligence Act (C.R.S. § 6-1-1701(3)), the customer must:

  • Ensure that a qualified human reviewer competent to understand and override the output of the Services reviews and bears accountability for the final decision, consistent with Article 14 of the EU AI Act and Article 22 of the GDPR;
  • Not use the output of the Services as the sole basis for the decision;
  • Provide the affected individual with the notices, explanations, and appeal rights required by applicable law, including Article 22 of the GDPR, Article 26 and Article 86 of the EU AI Act, and C.R.S. § 6-1-1704; and
  • Retain records sufficient to demonstrate compliance with this Section 4.3 for at least the period required by applicable law.

4.4 Restricted Use Cases

The following uses of the Services are permitted only if the customer satisfies the conditions set out below. NotAI reserves the right to require written attestation of compliance and to suspend or terminate use that does not meet these conditions.

  • Employment decisions, including employment-related examinations and assessments. Any use of the Services as a factor in a hiring, promotion, demotion, discipline, termination, or similar employment decision, or in the scoring or review of an employment-related examination, essay, or work sample, is permitted only where the customer (i) complies with all applicable federal, state, and local employment-discrimination laws, including Title VII of the Civil Rights Act of 1964, the Age Discrimination in Employment Act, the Americans with Disabilities Act, and comparable state laws; (ii) has completed any required independent bias audit (including any audit required by New York City Local Law 144 for automated employment decision tools) and has provided the notices required by that law or by Illinois 820 ILCS 42/1 et seq. and HB 3773 where applicable; (iii) satisfies the requirements of Section 4.3 (mandatory human review) for every such decision; and (iv) does not use the Services as the sole basis for the decision.
  • Primary and secondary education and under-13 contexts. The Services may be used in a K–12 educational context and with users under 13 only where the customer is an educational institution or a provider acting on behalf of an educational institution and operates the Services within the COPPA school-authorisation framework, consistent with FERPA (20 U.S.C. § 1232g and 34 CFR Part 99), and, where applicable, the Illinois Student Online Personal Protection Act (105 ILCS 85) and New York Education Law § 2-d and 8 NYCRR 121, as further described in Section 13 of the Privacy Policy and in the Parents' Bill of Rights.
  • Credit, insurance, and housing. Any use of the Services as a factor in a decision regarding the extension, modification, denial, or pricing of consumer credit, insurance underwriting, or housing is permitted only where the customer complies with all applicable federal, state, and local laws governing such decisions, including the Fair Credit Reporting Act (15 U.S.C. § 1681 et seq.), the Equal Credit Opportunity Act (15 U.S.C. § 1691 et seq. and Regulation B, 12 CFR Part 1002), the Fair Housing Act (42 U.S.C. § 3601 et seq.), and comparable state laws, and satisfies the requirements of Section 4.3 (mandatory human review) for every such decision. In no case may the Services be used as the sole or a substantial factor in a consumer-credit, insurance-underwriting, or housing decision that is adverse to a consumer, even where the compliance obligations in this paragraph are satisfied.

4.5 Assistive Technology

NotAI's behavioral analysis is designed to detect automated patterns and does not target or penalise users of assistive technologies. If you believe a user has been incorrectly flagged due to assistive technology use, please contact [email protected] so we can investigate and adjust. Where the Services are used in a consequential decision (Section 4.3), the human reviewer is responsible for taking account of assistive-technology use and other accommodations in the final decision.

4.6 Reporting Suspected Misuse

To report a suspected violation of this Section 4, including any suspected use of the Services for a prohibited purpose under Section 4.2, contact [email protected]. NotAI investigates reports in good faith and, where appropriate, will suspend or terminate access under Section 12.

5. Customer Responsibilities

As a customer integrating NotAI, you are responsible for:

  • Obtaining proper consent from your end users for data collection
  • Displaying appropriate privacy notices disclosing behavioral data collection
  • Ensuring your use complies with applicable privacy laws (GDPR, CCPA, etc.)
  • Providing opt-out mechanisms for end users who request them
  • Responding to data subject access requests from your users

6. Data Processing

6.1 Roles and Data Processing Agreement

NotAI's role under data protection law depends on the activity. For the core authorship-verification Services, NotAI processes personal data on behalf of its customers (data controllers) as a data processor under Article 28 of Regulation (EU) 2016/679 (the "GDPR"), and the parallel provisions of the UK GDPR, the revised Swiss nFADP, and applicable U.S. laws. The customer is the controller (or the "business" under the CCPA/CPRA), and NotAI is the processor (or "service provider" under the CCPA/CPRA), for personal data processed by NotAI in the course of providing the core Services. For the limited ancillary activities described in the Privacy Policy Section 4 (including account administration, billing, security monitoring of NotAI's own infrastructure, and fraud and abuse prevention on NotAI's own platform), NotAI acts as a data controller. The applicable role governs the lawful basis for processing and NotAI's Article 28 and other obligations with respect to that activity.

At signup, each customer executes NotAI's standard Data Processing Agreement by clicking to accept the Terms of Service, the Privacy Policy, and the Data Processing Agreement in the account registration flow at dash.isnotai.com/signup. The click-through acceptance satisfies Article 28(9) of the GDPR (writing, including electronic form) and the corresponding provisions of the UK GDPR and the Swiss nFADP. The full text of the Data Processing Agreement is available at isnotai.com/dpa and is incorporated into these Terms by reference.

6.2 Scope of the DPA

The Data Processing Agreement sets out, at a minimum:

  • The subject matter, duration, nature and purpose of processing, the types of personal data, and the categories of data subjects (Art. 28(3) chapeau);
  • NotAI's obligation to process personal data only on the controller's documented instructions (Art. 28(3)(a));
  • Confidentiality obligations on authorised personnel (Art. 28(3)(b));
  • Technical and organisational security measures (Art. 28(3)(c) and Art. 32);
  • Conditions for engaging sub-processors, including the flow-down of the same data protection obligations by written contract, and NotAI's continuing full liability to the controller for the performance of sub-processor obligations (Art. 28(3)(d), Art. 28(2), and Art. 28(4));
  • Assistance with data subject rights requests (Art. 28(3)(e));
  • Assistance with Articles 32 through 36, including security, breach notification, data protection impact assessments, and prior consultation (Art. 28(3)(f));
  • Return or deletion of personal data on termination, at the controller's choice (Art. 28(3)(g));
  • The controller's right to the information necessary to demonstrate compliance and to conduct audits (Art. 28(3)(h));
  • NotAI's obligation to inform the controller immediately if, in its opinion, an instruction infringes the GDPR or other applicable data protection law (Art. 28(3), final sentence); and
  • International transfer safeguards, including the EU Standard Contractual Clauses (Modules Two and Three), the UK International Data Transfer Addendum, and Swiss transfer rules.

6.3 Breach Notification

NotAI notification to the customer (processor-to-controller). In the event of a personal data breach affecting customer data, NotAI will notify the affected customer without undue delay and in any event no later than seventy-two (72) hours after becoming aware of the breach, in accordance with Article 33 of the GDPR. For deployments at Illinois K–12 educational institutions, the 72-hour notice under this paragraph is also intended to satisfy the operator's obligation to notify the affected school within thirty (30) calendar days of determining that a breach of covered information has occurred under the Illinois Student Online Personal Protection Act, 105 ILCS 85/20(b). The notification will include the nature of the breach, the categories and approximate number of data subjects affected, the likely consequences, and the measures taken or proposed to address the breach.

Customer notification obligations (controller-to-individual, regulator, and credit bureaus). As the controller, the customer is responsible for any notification required to affected individuals, state attorneys general, state police, consumer reporting agencies, and other regulators under applicable law. Those notification deadlines are statute-specific and may be shorter than the GDPR's 72-hour supervisory-authority clock. The customer remains responsible for determining its own obligations under and complying with, among others, Article 34 of the GDPR, the UK GDPR, Article 24 of the revised Swiss Federal Act on Data Protection, California Civil Code § 1798.82, New York General Business Law § 899-aa and the SHIELD Act (§ 899-bb), Florida Statutes § 501.171 (30 days), Texas Business & Commerce Code § 521.053 (60 days), Colorado Revised Statutes § 6-1-716 (30 days), Illinois 815 ILCS 530/10, Massachusetts General Laws ch. 93H § 3, Washington Revised Code § 19.255.010 (30 days), Maine Revised Statutes tit. 10 § 1348 (30 days), and comparable statutes in other jurisdictions.

NotAI assistance. NotAI will provide reasonable assistance to the customer in meeting those obligations, consistent with Article 28(3)(f) of the GDPR and the Data Processing Agreement.

6.4 Personnel Security

All NotAI employees and direct contractors with direct access to customer Personal Data on or via the production Services have undergone a fingerprint-based criminal-history check, which includes a search of the U.S. Federal Bureau of Investigation Next Generation Identification ("NGI") database conducted through Arizona's fingerprint clearance card program under A.R.S. § 41-1758.01 et seq. (for personnel resident in Arizona) or a comparable state-authorised program (for personnel resident elsewhere), prior to being granted such access. This requirement does not apply to professional service providers (such as outside accountants, attorneys, auditors, and similar advisers) who are bound by applicable professional-conduct confidentiality obligations and whose limited access to Personal Data, if any, is incidental to the provision of their professional services to NotAI rather than processing of customer Personal Data on NotAI's behalf in the provision of the Services; such providers are not Sub-processors and are subject to written confidentiality agreements appropriate to the engagement. All such personnel are bound by written confidentiality obligations that survive the termination of their employment or engagement. Sub-processor personnel are subject to the background-screening requirements set out in the applicable sub-processor agreement, as further described in the Data Processing Agreement.

6.5 Copies

The Data Processing Agreement is published at isnotai.com/dpa. Audit artefacts (NotAI's SOC 2 Type II report, the Microsoft Azure SOC 2 Type II report covering the underlying hosting layer, penetration-test summaries, and architecture diagrams) are available under NDA on request to [email protected]. The same address handles questions about the DPA or related trust documentation.

7. Subscription Plans & Billing

7.1 Plans

  • Starter: Core features, 1 user, email support
  • Pro: Full features, 3 team members included, priority email support
  • Enterprise: Unlimited users, priority support, custom integrations

7.2 Payment Terms and Automatic Renewal

Subscription term and renewal. Paid subscriptions are billed monthly or annually in advance and automatically renew for successive terms equal to the then-current term (each a "Renewal Term") unless cancelled before the renewal date. By subscribing, you expressly authorise NotAI (or our payment processor) to charge the payment method on file for each Renewal Term at the then-current price.

How to cancel. You may cancel the automatic renewal at any time, without charge, through your account dashboard at dash.isnotai.com or by emailing [email protected]. Cancellation takes effect at the end of the current billing period; no partial-period refunds are issued except as required by law or by Section 7.3 (EU withdrawal). Cancellation is available online for any subscription that was purchased online, without phone calls, mail, or other friction.

Post-enrolment acknowledgement. Within one business day after you subscribe, NotAI will send the email address on file a confirmation setting out the plan name, price, billing cadence, renewal date, and step-by-step cancellation instructions.

Pre-renewal notices. For any subscription with an initial term of one year or more, NotAI will send a renewal reminder to the email address on file between 3 and 21 days before each Renewal Term begins. The reminder will state the renewal date, the amount to be charged, the payment method to be used, and the cancellation link. Where the applicable state or country requires notice on a different cadence (including California Business and Professions Code § 17602, as amended by AB 2863, and New York General Business Law § 527-a), NotAI will follow the cadence that is most favourable to you.

Price changes. NotAI may change pricing with at least 30 days' notice; if you do not agree to a price change, you may cancel before the new pricing takes effect at no additional cost. No price change will apply retroactively.

Non-refundability. All fees are non-refundable after any applicable statutory cooling-off or withdrawal period, except as required by law. Past-due accounts may have Services suspended after a grace period.

7.3 EU, EEA, UK, and Swiss Right of Withdrawal

Statutory right. If you are a consumer resident in the European Union, the European Economic Area, or the United Kingdom, you have the right to withdraw from the contract for your subscription within fourteen (14) days after the day on which the contract is concluded, without giving any reason, in accordance with Article 9 of Directive 2011/83/EU on consumer rights and its implementing measures (including the UK Consumer Contracts (Information, Cancellation and Additional Charges) Regulations 2013).

Swiss residents (voluntary contractual extension). Swiss law does not provide a general statutory cooling-off right for online digital services equivalent to Article 9 of Directive 2011/83/EU (the Swiss Code of Obligations Articles 40a–40f apply only to door-to-door and certain off-premises contracts, and the Federal Act on Consumer Credit applies only to consumer credit and not to the Services). As a voluntary contractual benefit, NotAI extends the same fourteen (14) day withdrawal right described in the preceding paragraph to consumers resident in Switzerland on the same terms, and subject to the same exceptions for digital content and services that the consumer has expressly requested be performed during the withdrawal period, set out below.

How to withdraw. To exercise this right, you must inform us by an unequivocal statement (for example, by email to [email protected]) within the 14-day period. You may use the model withdrawal form set out in Annex I(B) of Directive 2011/83/EU but are not required to. We will refund all payments received from you, other than amounts chargeable under the following paragraph, within fourteen (14) days of receiving your withdrawal notice, using the same payment method you used for the original transaction.

Express consent to begin performance and acknowledgement of loss of withdrawal right (Art. 16(m) and Art. 16(a)). The Services are a digital service supplied otherwise than on a tangible medium, and performance begins immediately on signup. By expressly requesting performance to begin during the 14-day withdrawal period (which you do by checking the "begin service immediately" acknowledgement presented at signup on dash.isnotai.com/signup, or by otherwise actively using the Services before the 14-day period has expired) and by acknowledging at signup that you will lose the right of withdrawal once performance has fully commenced, you consent to the application of Article 16(m) of Directive 2011/83/EU (for digital content not supplied on a tangible medium) or Article 16(a) (for services fully performed during the withdrawal period at the consumer's express prior request), and the right of withdrawal is extinguished as soon as performance has fully commenced. If you have not given that express consent or have not actively used the Services before the 14-day period expires, the right of withdrawal set out above applies in full. Where only part of the Services has been supplied before you exercise the right of withdrawal, you remain liable for an amount proportionate to the Services supplied until that time.

Non-waiver of statutory rights. Nothing in this Section 7.3 limits or excludes any non-waivable statutory right you have as a consumer under applicable law.

7.4 Upgrades & Downgrades

Plan changes take effect at the next billing cycle. Downgrading may result in loss of features and team member access.

8. Intellectual Property

8.1 Our Rights

NotAI retains all right, title, and interest in and to the Services, including the underlying software, algorithms, models, documentation, know-how, trademarks, trade dress, and all related copyrights, patents, patent applications, trade secrets, and other intellectual property rights. These Terms do not grant you any ownership of or rights in the Services except for the limited licence expressly granted herein.

Subject to your compliance with these Terms and timely payment of applicable fees, NotAI grants you, during the term of your subscription, a worldwide, non-exclusive, non-transferable, non-sublicensable, revocable licence:

  • (a) under NotAI's copyrights in the Services, to access and use the Services for your internal business or institutional purposes; and
  • (b) a limited, personal licence under those claims of NotAI's patents that are necessarily infringed by your use of the Services strictly as delivered and documented by NotAI and within the scope of your subscription ("Necessary Claims"), solely to the extent required to so use the Services.

No other rights granted. No rights, licences, or immunities are granted under any NotAI patent other than the Necessary Claims, and no rights are granted under any NotAI copyright, trademark, trade secret, or other intellectual property right except as expressly set out above. No licence is granted by implication, estoppel, exhaustion, or otherwise, and NotAI's provision of the Services does not exhaust any NotAI patent right with respect to any product, component, service, or activity other than the authorised use of the Services under this Section 8.1. Rights not expressly granted are reserved.

8.2 Your Rights

You retain ownership of your data. By using our Services, you grant us a limited, worldwide, non-exclusive, royalty-free licence to host, store, transmit, display, and otherwise process your data (a) to the extent necessary to provide, maintain, secure, and support the Services for you, and (b) using only aggregated and de-identified data that meets the Standard for Anonymization and De-identification set out in Section 3 of the Privacy Policy, to improve the accuracy of our detection algorithms as further described in the Privacy Policy. The licence granted in clause (a) ends when we delete the corresponding data in accordance with our retention schedule or your deletion request, whichever occurs first; the licence granted in clause (b) is perpetual with respect to data that has been irreversibly aggregated and de-identified in accordance with that Standard.

8.3 Feedback

If you are a Customer (as defined in Section 13.3) and you voluntarily provide feedback, suggestions, enhancement requests, or ideas about the Services to NotAI ("Feedback"), you grant NotAI a non-exclusive, royalty-free, worldwide, perpetual, irrevocable, sublicensable licence under your copyrights and any patents you own or control that are necessarily infringed by NotAI's use of the Feedback, to use, reproduce, modify, and incorporate the Feedback into any NotAI product or service. This licence does not affect your ownership of the Feedback itself and does not grant NotAI ownership of any underlying intellectual property you hold. This Section 8.3 does not apply to, and NotAI claims no licence over, any communication from an End User (as defined in Section 13.3) or from any natural person who interacts with the Services only through a deploying institution; feedback from those individuals, if any, is governed by the deploying institution's own terms. To the extent Feedback incorporates, attaches, quotes, or otherwise includes End User content or personal data of End Users (for example, screenshots, session excerpts, transcripts, or bug-report attachments), the licence granted in this Section 8.3 extends only to the abstract idea, technical suggestion, or product observation contained in the Feedback, and not to the End User content or personal data itself; that content and data remain governed by the Privacy Policy and the Data Processing Agreement, and NotAI will use it only as a processor for the purposes and under the instructions set out in those instruments.

8.4 Patent Defensive Termination

If you, any of your affiliates, or any entity controlled by, controlling, or under common control with you, initiates or voluntarily participates in a claim, action, suit, counterclaim, cross-claim, inter partes review, post-grant review, opposition, or other legal, administrative, or quasi-judicial proceeding (a "Patent Assertion") against NotAI, any affiliate of NotAI, any sub-processor engaged by NotAI, or any customer or end user of the Services, alleging that the Services, any component of the Services, or any activity of NotAI in providing the Services directly or indirectly infringes, induces infringement of, or contributes to infringement of any patent, then:

  • the patent licence granted to you in Section 8.1(b) (Necessary Claims) terminates automatically on the date the Patent Assertion is filed or otherwise commenced;
  • the copyright licence granted to you in Section 8.1(a) terminates thirty (30) days after the date the Patent Assertion is filed unless the Patent Assertion is withdrawn with prejudice within that thirty-day period; and
  • NotAI may terminate your access to the Services, with or without further notice, under Section 12, in addition to any other remedy available to NotAI under these Terms or at law.

This Section 8.4 does not apply to:

  • a declaratory-judgment action or other defensive action initiated by you solely in response to a patent-infringement claim first asserted against you by NotAI or a NotAI affiliate;
  • a claim by you against a sub-processor engaged by NotAI that is unrelated to the sub-processor's provision of services to NotAI;
  • a compulsory counterclaim that you must assert in a proceeding first initiated by NotAI or a NotAI affiliate in order to preserve the counterclaim under applicable rules of civil procedure; or
  • a proceeding to enforce a standard-essential patent on fair, reasonable, and non-discriminatory terms, where the proceeding has no reasonable nexus to the Services.

Fees paid for the then-current subscription term are not refundable upon termination under this Section 8.4. Sections 8.2 (Your Rights), 8.3 (Feedback), 10 (Limitation of Liability), 11 (Indemnification), 13 (Dispute Resolution), and any other provision that by its nature should survive, continue in effect after termination under this Section 8.4.

9. EU AI Act Compliance (Regulation (EU) 2024/1689)

When the Services are used by an educational or vocational-training deployer for any of the high-risk uses set out in Annex III, point 3 of the EU AI Act (in particular, to evaluate learning outcomes (point 3(b)), to assess the appropriate level of education that an individual will receive or will be able to access (point 3(c)), or to monitor and detect prohibited behaviour of students during tests (point 3(d)), for example in connection with authorship-verification of coursework or examinations), the Services are treated by NotAI as a high-risk AI system. When used solely for use cases outside Annex III, the high-risk obligations set out in this Section 9 do not apply; the general-purpose transparency duties under Article 50 of the EU AI Act, set out in our AI Transparency Notice, still do. This Section 9 sets out the respective obligations of NotAI as the provider and you as the deployer when the Services are used as a high-risk AI system within the meaning of Annex III, point 3.

9.1 NotAI Obligations (Provider)

As the provider of a high-risk AI system, NotAI commits to:

  • Maintaining a quality management system and risk management process for the AI system (Art. 9, 17)
  • Applying data governance practices to the training, validation, and testing data sets used in the Services, including measures directed at the identification and mitigation of possible biases (Art. 10)
  • Drawing up, maintaining, and keeping up to date the technical documentation for the Services (Art. 11)
  • Maintaining event logs for traceability and auditability (Art. 12)
  • Providing deployers with clear instructions for use, including the system's intended purpose, accuracy levels, known limitations, and human oversight requirements (Art. 13)
  • Ensuring an appropriate level of accuracy, robustness, and cybersecurity throughout the lifecycle of the Services (Art. 15)
  • Cooperating with market surveillance authorities and national competent authorities upon request (Art. 21)
  • Operating a post-market monitoring system for the Services, analysing data collected from deployers, and updating the risk-management system accordingly (Art. 72)
  • Reporting serious incidents to the market surveillance authority of the relevant Member State within the timelines required by Article 73 (Art. 73)
  • Disclosing accuracy and limitations information in our Privacy Policy and at isnotai.com/ai-transparency

9.2 Customer Obligations (Deployer)

As a deployer of a high-risk AI system under Article 26, you are responsible for:

  • Taking appropriate technical and organisational measures to ensure that you use the Services in accordance with the instructions for use provided by NotAI (Art. 26(1))
  • Assigning human oversight to natural persons who have the necessary competence, training, and authority, as well as the necessary support (Art. 26(2))
  • Where you exercise control over the input data, ensuring that input data is relevant and sufficiently representative in view of the intended purpose of the Services (Art. 26(3))
  • Monitoring the operation of the Services on the basis of the instructions for use and, where relevant, informing NotAI and the relevant market surveillance authority of risks identified (Art. 26(4)); where you have reasons to consider that use may present a risk within the meaning of Article 79(1), suspending use and informing NotAI and the market surveillance authority without undue delay
  • Retaining the automatically generated logs of the Services to the extent they are under your control for at least six months, unless otherwise provided by Union or national law (Art. 26(5))
  • Where you are a body governed by public law or a private entity providing public services (including most K–12 and publicly funded higher-education institutions), completing a Fundamental Rights Impact Assessment before the first deployment of the Services and notifying the result to the relevant market surveillance authority (Art. 27)
  • Conducting a data protection impact assessment (DPIA) where required under GDPR Article 35, using the information provided by NotAI under Article 13 (Art. 26(9))
  • Informing affected individuals that they are subject to a high-risk AI system, including the information specified in Article 26(11)

NotAI's consolidated AI-transparency disclosures covering the EU AI Act, the Colorado Artificial Intelligence Act, and other jurisdiction-specific AI regulation are published at isnotai.com/ai-transparency.

9.3 Detection Accuracy and Limitations

This Section 9.3 is the Services' accuracy-and-limitations disclosure under Article 13 of the EU AI Act, and is incorporated by reference into the warranty and liability provisions in Section 10.

  • Probabilistic output. The Services return a confidence score and associated indicators, not a deterministic binary classification. A score is a probabilistic estimate of the likelihood that a given submission reflects human authorship based on the behavioral signals observed; it is not a determination of academic misconduct, employment suitability, identity, intent, or any other individual characteristic.
  • Both error classes exist; no threshold eliminates either. The Services can produce false positives (human-authored work flagged as machine-authored or machine-assisted) and false negatives (machine-authored or machine-assisted work not flagged). No confidence-score threshold, configuration, or combination of techniques eliminates either error class.
  • Variance. Accuracy varies by detection technique, the characteristics of the input and the input-capture environment, the deployment context, and the characteristics of the user population. Accuracy may be materially lower for populations or input modalities that are under-represented in NotAI's training data, for users of assistive technologies, and for deployments conducted outside NotAI's documented instructions for use. Per-technique accuracy levels and the known limitations of each technique are published at isnotai.com/ai-transparency.
  • Customer validation duty. Consistent with Article 26(1) and 26(2) of the EU AI Act and the post-market monitoring obligations in C.R.S. § 6-1-1704, deployers are responsible for validating the accuracy of the Services in their own deployment context before placing material reliance on the output, for monitoring the operation of the Services on an ongoing basis, and for using the Services only in accordance with the instructions for use provided by NotAI.
  • Not a sole basis for consequential decisions. Consistent with Section 4.3 (Mandatory Human Review for Consequential Decisions), the output of the Services must not be used as the sole basis for any decision that produces legal effects concerning a natural person or that similarly significantly affects a natural person, and the customer must provide the notices, explanations, and appeal rights required by applicable law.

10. Limitation of Liability

10.1 Warranty Disclaimer

EXCEPT FOR THE SERVICE AVAILABILITY COMMITMENTS DEFINED IN ANY APPLICABLE SLA, OUR SERVICES ARE PROVIDED "AS IS" WITHOUT WARRANTIES OF ANY KIND, WHETHER EXPRESS OR IMPLIED, INCLUDING IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT.

10.2 Limitation

The accuracy-and-limitations disclosures in Section 9.3 are incorporated into this Section 10 by reference. NotAI does not warrant that the Services are error-free or that they are free of false positives or false negatives, and makes no representation or warranty as to the suitability of the Services for any particular consequential decision or for any use that is subject to Section 4.3 or Section 4.4.

TO THE MAXIMUM EXTENT PERMITTED BY LAW:

  • NotAI is not liable for any decision or action taken by Customer, Customer's personnel, a deployer, or any third party based on or informed by NotAI's outputs, including any disciplinary, academic, employment, credit, insurance, housing, or access-restriction decision, and including any decision made in breach of Section 4.3 (Mandatory Human Review for Consequential Decisions); provided that this exclusion does not apply to the extent the decision was caused by NotAI's gross negligence, willful misconduct, or fraud in providing the Services;
  • Our total liability for all claims arising under or related to these Terms is limited to the fees paid by you to NotAI in the 12 months preceding the event giving rise to the claim (the "General Cap");
  • Neither party is liable to the other for indirect, incidental, special, or consequential damages, including loss of revenue, data, or profits.

10.3 Enhanced Cap for Data Protection Claims

Notwithstanding the General Cap, each party's aggregate liability for claims arising from a breach of its data protection or information-security obligations under these Terms or the Data Processing Agreement (including, for NotAI, claims arising from a personal data breach affecting customer data for which NotAI is responsible) is limited to two (2) times the fees paid by you to NotAI in the 12 months preceding the event giving rise to the claim (the "Data Protection Cap"). The Data Protection Cap replaces, and does not stack on top of, the General Cap with respect to those claims.

10.4 Carve-Outs

Neither the General Cap nor the Data Protection Cap applies to, and liability is not limited with respect to:

  • Either party's indemnification obligations under Section 11
  • Either party's breach of confidentiality obligations that are not also data protection obligations within the meaning of Section 10.3
  • Your obligation to pay fees owed for the Services
  • Either party's infringement or misappropriation of the other party's intellectual property rights
  • Liability arising from a party's gross negligence, willful misconduct, or fraud
  • Liability that cannot be excluded or limited under applicable law (including, where applicable, statutory liability for personal injury, death, or damages caused intentionally or by gross negligence under the laws of any EU Member State)

11. Indemnification

11.1 By You

You agree to indemnify and hold harmless NotAI from claims, damages, or expenses arising from:

  • Your violation of these Terms
  • Your violation of applicable law
  • Claims by your end users arising from (i) your failure to obtain the consents or provide the notices required by Section 5, (ii) your use of the Services in breach of these Terms or applicable law, or (iii) your content or instructions to NotAI, but excluding any claim to the extent caused by NotAI's breach of these Terms, the DPA, or applicable law

11.2 By NotAI

NotAI agrees to indemnify and hold harmless you from claims that our Services infringe a third party's intellectual property rights, provided you promptly notify us in writing and allow us reasonable control of the defence. This obligation does not apply if the alleged infringement results from your modification of the Services, combination with non-NotAI products, or use in violation of these Terms.

12. Termination

12.1 By You

You may cancel your account at any time through the dashboard or by contacting support. Cancellation takes effect at the end of your billing period.

12.2 By Us

We may suspend or terminate your account if you:

  • Violate these Terms
  • Fail to pay fees when due
  • Engage in fraudulent or illegal activity
  • Create liability risk for NotAI

12.3 Effect of Termination

Upon termination, your access to the Services will cease. Behavioral data subject to plan-specific retention periods (see our Privacy Policy, Section 6) will continue to be automatically deleted according to those schedules. All remaining customer data, including account information, aggregated statistics, and any institution-provided identity data, will be deleted within 30 days of termination, except for billing records retained as required by law (typically 7 years). Upon written request, NotAI will provide confirmation of deletion.

Educational-institution customers (FERPA-governed data). Educational institutions subject to FERPA, the NY Parents' Bill of Rights, or any other student-data-protection law that requires a shorter deletion window, or that requires deletion or return on the institution's direction rather than according to NotAI's default retention schedule, may instruct NotAI in writing at any time (including at or after termination) to (i) delete all personally identifiable information from education records within a specified period, or (ii) return such information to the institution in a readable electronic format and then delete it. NotAI will comply with any such instruction without charge and will provide written confirmation of deletion. This obligation overrides the 30-day default in the preceding paragraph where the two conflict.

13. Dispute Resolution

13.1 Governing Law

These Terms are governed by the laws of the State of Delaware, USA, without regard to conflict of law principles. Nothing in these Terms limits any mandatory consumer protections under the laws of your country of residence.

13.2 Informal Resolution

Before initiating formal proceedings, both parties agree to attempt to resolve disputes through good-faith negotiation for at least 30 days after written notice of the dispute.

13.3 Arbitration (Non-EU/EEA/UK Users)

This Section 13.3 applies only to users located outside the EU, EEA, United Kingdom, and Switzerland. For users located in those regions, Section 13.4 applies instead.

Who is bound by this arbitration agreement. This arbitration agreement applies only to a Customer (as defined in Section 1.1). It does not apply to End Users (as defined in Section 1.1). Nothing in this Section binds an End User to arbitrate with NotAI, and nothing in this Section waives any right an End User has under applicable law. NotAI reserves the right to invoke this Section defensively where a non-signatory affirmatively asserts a claim against NotAI that arises out of or relies on these Terms or the Services (equitable estoppel).

Agreement to arbitrate. Except as expressly carved out below, any dispute, claim, or controversy arising out of or relating to these Terms, the Services, or the relationship between you (as a Customer within the meaning of the preceding paragraph) and NotAI (a "Dispute") that is not resolved through the informal resolution process in Section 13.2 shall be resolved through final, binding, individual arbitration administered by the American Arbitration Association ("AAA") under its Consumer Arbitration Rules (for individual consumers) or its Commercial Arbitration Rules (for all other claimants), in each case as modified by this Section. The arbitration will be seated in Wilmington, Delaware, but hearings will be conducted by telephone or videoconference by default, and the arbitrator may order in-person hearings only on a showing of good cause.

Arbitration fees. For individual-consumer claims seeking $75,000 or less in total relief, NotAI will pay all AAA filing, administration, and arbitrator fees that exceed the filing fee you would have paid to file the same claim in a Delaware state court. For all other claims, AAA fees will be allocated under the applicable AAA rules. In no event will fee allocation under this paragraph be used to deter a good-faith claim.

Small-claims carve-out. Either party may, in lieu of arbitration and individually (not as part of a class), bring a qualifying claim in a small-claims court of competent jurisdiction, provided the claim remains in that court (is not removed or appealed to a court of general jurisdiction) and seeks only individual relief.

IP and injunctive-relief carve-out. Either party may bring an action in a court of competent jurisdiction solely for (i) injunctive or other equitable relief to prevent the actual or threatened infringement, misappropriation, or violation of that party's intellectual property rights or confidentiality obligations, or (ii) to enforce an arbitration award.

30-day opt-out. You may opt out of this arbitration agreement by sending a written notice to [email protected] within 30 days after you first accept these Terms (or, for existing users, within 30 days after the effective date of the version that first introduced this arbitration provision). The notice must include your name, the email address on your account, and an unambiguous statement that you are opting out of arbitration. Opting out of arbitration will not affect any other provision of these Terms, and will not affect any prior, separate agreement to arbitrate between you and NotAI.

Mass arbitrations. If 25 or more substantially similar arbitration demands are filed by or with the assistance of the same law firm or coordinated group against NotAI, the parties agree that the demands will be administered under the AAA Mass Arbitration Supplementary Rules (effective 15 January 2024, as amended from time to time) in addition to the Consumer or Commercial Rules identified above. The AAA's Process Arbitrator and the fee schedule in those Supplementary Rules will govern threshold administrative issues, including batching, fee allocation, and any challenge to the mass-filing designation itself. The statute of limitations for each demand in the mass-filing group is tolled from the date the first demand in the group is filed through the conclusion of the Supplementary Rules' initial administrative phase. Nothing in this paragraph limits either party's right to raise any objection available under the Supplementary Rules.

CLASS-ACTION, COLLECTIVE-ACTION, AND REPRESENTATIVE-ACTION WAIVER. YOU AND NOTAI AGREE THAT EACH PARTY MAY BRING CLAIMS AGAINST THE OTHER ONLY IN AN INDIVIDUAL CAPACITY AND NOT AS A PLAINTIFF OR CLASS MEMBER IN ANY PURPORTED CLASS, COLLECTIVE, CONSOLIDATED, OR REPRESENTATIVE PROCEEDING. UNLESS BOTH PARTIES AGREE OTHERWISE IN WRITING, THE ARBITRATOR MAY NOT CONSOLIDATE MORE THAN ONE PERSON'S CLAIMS AND MAY NOT PRESIDE OVER ANY FORM OF A REPRESENTATIVE OR CLASS PROCEEDING.

Severability of the class-action waiver. If a court or arbitrator determines that the class-action, collective-action, and representative-action waiver in the preceding paragraph is unenforceable with respect to a particular claim or request for relief, that claim or request for relief must be severed from any arbitration and litigated in the courts of the State of Delaware (or, where required by law, in the courts of your state of residence), while all other claims remain in arbitration. The remainder of this Section 13.3 (including the agreement to arbitrate individual claims) will remain in full force and effect.

California public-injunctive-relief savings clause. Notwithstanding anything in this Section 13.3 to the contrary, if you are a California resident and you bring a claim seeking relief that enjoins ongoing or future harmful conduct on behalf of the general public as opposed to solely on your own behalf (a "public injunctive relief" claim under California law), that claim may be brought in a court of competent jurisdiction in the California county of your residence (or, if none, in the San Francisco Superior Court), and the class-action, collective-action, and representative-action waiver above does not apply to that claim. All other claims, including individual claims for damages, restitution, or private injunctive relief, remain in arbitration under this Section. This savings clause is essential to the bargain and shall not itself be severed.

Severability of other provisions. If any other provision of this Section 13.3 is found to be unenforceable, that provision will be severed and the remainder of this Section will remain in full force and effect.

13.4 EU/EEA/UK Users

If you are a consumer in the EU, EEA, or UK, you may bring proceedings in the courts of your country of residence. Nothing in these Terms requires you to arbitrate or waive your right to bring claims before your local courts or a competent supervisory authority. You may also use the European Commission's Online Dispute Resolution platform at https://ec.europa.eu/consumers/odr.

End Users (natural persons encountering NotAI through a deploying institution). If you are an End User as described in Section 13.3 (a student, employee, test-taker, or other individual who encounters the Services only because a school, employer, testing provider, or other institution has deployed NotAI), your relationship is with that institution, not with NotAI. You are not bound by the arbitration agreement in Section 13.3, and any complaint about how the Services are used in your case should be directed in the first instance to the deploying institution under its own terms, privacy notice, and dispute-resolution processes. Nothing in these Terms limits rights or remedies you may have against the deploying institution or under applicable law.

13.5 Exceptions

Either party may seek injunctive relief in court for intellectual property violations or to prevent imminent harm.

14. Force Majeure

Neither party shall be liable for any failure or delay in performance due to causes beyond its reasonable control, including but not limited to acts of God, natural disasters, pandemics, war, terrorism, government actions, power or internet outages, or third-party service provider failures. The affected party must notify the other party promptly and use reasonable efforts to mitigate the impact. If a force majeure event continues for more than 30 consecutive days, either party may terminate the affected Services upon written notice. In such event, NotAI will refund a prorated portion of any prepaid fees for the unused period following termination.

15. Changes to Terms

We may modify these Terms at any time. We will provide at least 30 days' advance notice of material changes via email to the address associated with your account. Changes that are required by law or that do not materially affect your rights may take effect immediately. Continued use of the Services after the notice period constitutes acceptance of the modified Terms.

EU, EEA, UK, and Swiss consumers. If you are a consumer resident in the European Union, the European Economic Area, the United Kingdom, or Switzerland, the following applies to any modification of these Terms in place of the paragraph above, and is intended to comply with Article 3 and Annex 1(j) of Council Directive 93/13/EEC on unfair terms in consumer contracts and its implementing measures (including the UK Consumer Rights Act 2015 and the revised Swiss Federal Act Against Unfair Competition):

  • Valid reasons. NotAI will modify these Terms with respect to you only for one or more of the following valid reasons, which NotAI will state in the notice of change: (i) a change in applicable law, regulation, or binding guidance from a competent authority, or a final judgment or settlement; (ii) a genuine security, fraud-prevention, or data-protection need; (iii) the addition, removal, or material improvement of features of the Services; (iv) the correction of errors, ambiguities, or internal inconsistencies in the Terms; (v) a change in NotAI's Sub-processors, infrastructure, or service-delivery model that cannot reasonably be accommodated without a corresponding change to the Terms; or (vi) a documented change in the economic or operational conditions under which the Services are provided, including changes in taxes, duties, levies, or wholesale input costs outside NotAI's reasonable control.
  • Notice period. NotAI will give you at least thirty (30) days' prior written notice of the change by email to the address associated with your account, stating the change, its effective date, and the valid reason(s) on which NotAI relies.
  • Right to terminate without penalty. You may reject the change by terminating your account at any time before the effective date, without penalty and without further obligation, and NotAI will refund any prepaid fees on a pro-rata basis for the unused portion of the current subscription term.
  • Material and adverse changes. If the change is material and adversely affects you, the change will not apply to you unless you expressly accept it (for example, by clicking to accept the revised Terms at next sign-in); if you do not expressly accept the change by the effective date, you will be deemed to have elected to terminate under the preceding bullet and NotAI will refund any prepaid fees on a pro-rata basis. Continued use of the Services after the effective date without express acceptance does not constitute acceptance of a material and adverse change.
  • No effect on consumer statutory rights. Nothing in this Section 15 limits or excludes any non-waivable statutory right you have as a consumer under applicable law.

Statutory conversion or change of entity form of NotAI. If NotAI undergoes a merger, acquisition, reorganisation, statutory conversion (including under 6 Del. C. § 18-214), change of entity form, change of control, or sale of all or substantially all of its assets or equity, the converted or successor entity will, by operation of 6 Del. C. § 18-214(f) (and the equivalent provisions of the law of any other jurisdiction to or from which the conversion occurs), be deemed to be the same entity as NotAI for all purposes of the laws of the State of Delaware (and equivalent purposes under the law of any such other jurisdiction) and will succeed to all of NotAI's rights and obligations under these Terms. NotAI will notify you of any such change of contracting-party identity by email to the address associated with your account and by updating these Terms; the change does not, in itself, give you a right to terminate under Section 15 above unless the change is otherwise material and adverse within the meaning of that Section 15.

16. Export Controls, Sanctions, and Anti-Corruption

16.1 Customer Representations

You represent and warrant, as of the date you first access the Services and on each date thereafter on which you continue to use the Services, that:

  • You are not listed on any applicable restricted-party list, including the U.S. Department of the Treasury Office of Foreign Assets Control ("OFAC") Specially Designated Nationals and Blocked Persons List, the OFAC Sectoral Sanctions Identifications List, the U.S. Department of Commerce Bureau of Industry and Security Entity List, Unverified List, or Denied Persons List, the U.S. Department of State Debarred List, the EU Consolidated List of Sanctions, the UK Consolidated List of Financial Sanctions Targets, or any equivalent list maintained under applicable export-control or sanctions law;
  • You are not 50 % or more owned, individually or in the aggregate, directly or indirectly, by any person or persons listed on a list described in the preceding bullet, and you are not otherwise controlled by such person or persons;
  • You are not located, organised, or ordinarily resident in any country or territory that is the subject of comprehensive U.S., EU, or UK sanctions (at the date of these Terms, Cuba, Iran, North Korea, Syria, and the Crimea, Donetsk, Luhansk, Kherson, and Zaporizhzhia regions of Ukraine); and
  • You have not been convicted of, and are not subject to any pending proceeding for, a violation of any export-control, sanctions, anti-money-laundering, or anti-corruption law.

16.2 Export, Re-export, and End-use Restrictions

The Services (including related technology and any software made available as part of the Services) are subject to the export-control and sanctions laws of the United States, the European Union, the United Kingdom, and other jurisdictions. You will comply with all such laws, including the U.S. Export Administration Regulations (15 CFR Parts 730–774), the International Traffic in Arms Regulations where applicable, OFAC sanctions (31 CFR Chapter V), Council Regulation (EU) 2021/821 and related EU sanctions regulations, and the UK Export Control Order 2008, and will not, directly or indirectly:

  • Export, re-export, release, transfer, or otherwise make available the Services to any destination, person, or end use prohibited by those laws without first obtaining any required licence or other authorisation;
  • Use the Services in, or in connection with, the design, development, production, stockpiling, or use of nuclear, chemical, or biological weapons, missile technology, or other weapons of mass destruction, or for any military end-use in a destination subject to a U.S. arms embargo (including those identified in 15 CFR § 744.21) or in any comparable EU or UK embargoed destination; or
  • Provide the Services to, or permit their use by, any person or entity listed on a restricted-party list described in Section 16.1 or located in, organised under the laws of, or ordinarily resident in a comprehensively sanctioned country or territory described in Section 16.1.

16.3 Anti-Bribery and Anti-Corruption

You will comply with all applicable anti-bribery and anti-corruption laws, including the U.S. Foreign Corrupt Practices Act (15 U.S.C. § 78dd-1 et seq.), the UK Bribery Act 2010, and comparable laws in other jurisdictions in which you operate. You will not, directly or indirectly, offer, promise, give, authorise, solicit, or accept any improper financial or other advantage, or engage in any other act constituting bribery, corruption, or a facilitation payment, in connection with your use of the Services or in connection with any relationship with NotAI.

16.4 Cooperation and Notification

You will promptly notify NotAI at [email protected] if any representation in Section 16.1 ceases to be accurate, and will provide reasonable cooperation with any investigation or audit that NotAI reasonably believes is necessary to verify compliance with this Section 16.

16.5 Suspension and Termination

A breach or threatened breach of this Section 16, or NotAI's reasonable belief that your continued use of the Services may cause NotAI to violate an export-control, sanctions, or anti-corruption law, entitles NotAI to suspend or terminate your access under Section 12 without liability, in addition to any other remedy available to NotAI under these Terms or at law.

17. Miscellaneous

  • Entire Agreement: These Terms, together with the Privacy Policy and any applicable DPA or SLA, constitute the complete agreement between you and NotAI
  • Severability: If any provision is unenforceable, the remainder remains in effect
  • Waiver: Failure to enforce a provision does not waive future enforcement
  • Assignment: You may not assign these Terms; we may assign them, or the rights and obligations hereunder, in connection with a merger, acquisition, reorganisation, statutory conversion (including under 6 Del. C. § 18-214), change of entity form, change of control, or sale of all or substantially all of the assets or equity of NotAI. In any such event, the successor entity shall be bound by these Terms and our Privacy Policy with respect to your data as the same entity or a successor in interest

18. Copyright Infringement (DMCA)

NotAI respects the intellectual property rights of others and expects users of its Services to do the same. In accordance with the Digital Millennium Copyright Act, 17 U.S.C. § 512 ("DMCA"), NotAI will respond to notices of alleged copyright infringement that comply with applicable law and are properly provided to our designated agent (the "DMCA Agent").

18.1 Notices of Alleged Infringement

If you believe that material available through the Services infringes your copyright, you may submit a written notice to our DMCA Agent that includes, under 17 U.S.C. § 512(c)(3), all of the following:

  • A physical or electronic signature of a person authorised to act on behalf of the owner of the exclusive right that is allegedly infringed;
  • Identification of the copyrighted work claimed to have been infringed (or, if multiple works at a single site are covered by a single notification, a representative list of those works);
  • Identification of the material that is claimed to be infringing or to be the subject of infringing activity and information reasonably sufficient to permit NotAI to locate the material;
  • Information reasonably sufficient to permit NotAI to contact you, such as an address, telephone number, and, if available, an email address;
  • A statement that you have a good-faith belief that use of the material in the manner complained of is not authorised by the copyright owner, its agent, or the law; and
  • A statement that the information in the notification is accurate, and under penalty of perjury, that you are authorised to act on behalf of the owner of the exclusive right that is allegedly infringed.

Notices that do not substantially comply with these requirements may not be effective.

18.2 Counter-Notices

If material you posted has been removed or disabled in response to a DMCA notice and you believe it was removed or disabled by mistake or misidentification, you may submit a counter-notice to our DMCA Agent that includes, under 17 U.S.C. § 512(g)(3):

  • Your physical or electronic signature;
  • Identification of the material that has been removed or to which access has been disabled, and the location at which the material appeared before it was removed or disabled;
  • A statement under penalty of perjury that you have a good-faith belief that the material was removed or disabled as a result of mistake or misidentification; and
  • Your name, address, and telephone number, and a statement that you consent to the jurisdiction of the federal court for the judicial district in which your address is located (or, if your address is outside the United States, for any judicial district in which NotAI may be found), and that you will accept service of process from the party that submitted the original notification or an agent of that party.

Restoration of material. Upon receipt of a counter-notice that substantially complies with 17 U.S.C. § 512(g)(3), NotAI will promptly provide the person who submitted the original takedown notice with a copy of the counter-notice and inform that person that NotAI will replace the removed material or cease disabling access to it not less than ten (10) and not more than fourteen (14) business days after receipt of the counter-notice, in accordance with 17 U.S.C. § 512(g)(2)(C), unless the DMCA Agent receives notice from the original notifier that an action has been filed seeking a court order to restrain the subscriber from engaging in infringing activity relating to the material on NotAI's system.

18.3 Repeat-Infringer Policy

NotAI has adopted and reasonably implements a policy of terminating, in appropriate circumstances, the accounts of users who are repeat infringers of copyright, as required by 17 U.S.C. § 512(i)(1)(A).

Tracking. NotAI records each valid takedown notice received under Section 18.1 and each counter-notice received under Section 18.2, and associates each with the account that posted or uploaded the material identified.

Repeat-infringer assessment. Consistent with 17 U.S.C. § 512(i)(1)(A), an account that is the subject of multiple unresolved takedown notices (that is, takedown notices to which no valid counter-notice has been filed, or for which the counter-notice was withdrawn or adjudicated against the account holder) in a rolling twelve-month period will be assessed for termination on the totality of the circumstances. Factors considered include the number and cadence of notices, the pattern and seriousness of the alleged infringement, whether counter-notices were filed and their outcome, any evidence of willful or coordinated infringement, and any remediation the account holder has undertaken. NotAI may act on fewer notices where the circumstances warrant (for example, in cases of egregious, coordinated, or large-scale infringement), and may decline to terminate where the circumstances do not warrant termination.

Decisionmaker and notice. Termination decisions under this policy are made by NotAI's General Counsel or the General Counsel's designee. Before terminating an account under this policy, NotAI will provide the account holder with written notice summarising the basis for termination and a reasonable opportunity to respond, except where immediate termination is required by law or to prevent imminent harm.

Reinstatement. A terminated account may apply for reinstatement by writing to the DMCA Agent with evidence that each underlying notice was invalid, withdrawn, or resolved in the account holder's favour. Reinstatement is at NotAI's sole discretion.

Records. NotAI retains takedown and counter-notice records, and records of termination decisions, for the period required by applicable law and in any event for not less than three years.

18.4 Designated DMCA Agent

Notifications of alleged infringement and counter-notices must be sent to our designated DMCA Agent, who is registered with the United States Copyright Office under 17 U.S.C. § 512(c)(2) and 37 C.F.R. § 201.38. The current designation is published in the Copyright Office's DMCA Designated Agent Directory at dmca.copyright.gov and is searchable under the service provider name "IS NOT AI LLC". That directory is the authoritative record in the event of any discrepancy with the addresses below:

  • Name: DMCA Agent, IS NOT AI LLC
  • Mail: IS NOT AI LLC, Attn: DMCA Agent, 7014 E Camelback Rd B100A, Scottsdale, AZ 85251, USA
  • Email: [email protected]

Only DMCA-related inquiries should be sent to the DMCA Agent. Other inquiries should be directed to the appropriate address in Section 19.

Registration maintenance. NotAI maintains the designated-agent registration on file with the United States Copyright Office on an active basis, including renewing the registration every three years (or such shorter period as the Copyright Office requires by rule) as required by 17 U.S.C. § 512(c)(2) and 37 C.F.R. § 201.38, and updating the registration promptly on any change of agent, mailing address, or contact details.

19. Contact Us

For questions about these Terms, please contact us:

  • Email: [email protected]
  • Mail: IS NOT AI LLC, 7014 E Camelback Rd B100A, Scottsdale, AZ 85251
  • EU Representative (GDPR Art. 27): Proctorio GmbH, Lindleystraße 8A, 60314 Frankfurt am Main, Germany. Email: [email protected]
  • EU Data Protection Officer: UBG mbH, Im Breitspiel 210, 69126 Heidelberg, Germany. Tel: 069/6530006-23. Email: [email protected]
  • UK Representative (UK GDPR Art. 27): Garfield Smith Solicitors Limited, The Exchange Building, 132 Commercial Street, London E1 6NG, United Kingdom. Email: [email protected]
  • UK Data Protection Officer: Garfield Smith Solicitors Limited, The Exchange Building, 132 Commercial Street, London E1 6NG, United Kingdom. Email: [email protected]
  • Support: Contact Support

Mandate of the EU and UK Representatives. Each Representative identified above has been mandated in writing by NotAI under Article 27(3) of the GDPR and Article 27(3) of the UK GDPR (as applicable) and may be addressed, in addition to or instead of NotAI, by supervisory authorities and by data subjects on all issues related to the processing of personal data for the purposes of ensuring compliance with the GDPR or the UK GDPR.