Terms of service
These terms govern your use of ServerGuard ("SGuard", "the service"). They are written in plain language; a lawyer is reviewing the final text before launch. By using the service you agree to these terms.
Last updated: TBD — set on publish
Acceptance of these terms
By creating an account, connecting a server, or otherwise using SGuard, you agree to these terms on behalf of yourself and any organisation you represent. If you do not agree, do not use the service. If you are using the service on behalf of an organisation, you confirm you have the authority to bind that organisation.
What SGuard does — and does not do
SGuard provides autonomous monitoring and remediation tooling for cPanel/WHM Linux servers. The service detects incidents (e.g. MySQL crash, disk full, brute force), runs SSH diagnostics, uses Claude (Anthropic) to propose remediation, executes safe actions automatically per a published risk-classification framework, and routes destructive actions through a human approval flow. The service does not replace human oversight of your infrastructure. It does not guarantee uptime, prevent every possible incident, or take over responsibility for your servers. You remain the operator of record for the systems you connect.
Eligibility
You must be at least 18 years old to use SGuard. You must have the authority to authorise the actions the service will take on the servers you connect (including SSH access and command execution). You must comply with all applicable laws in the jurisdictions where you operate.
Your account
Keep the information you give us during signup accurate and up to date. You are responsible for the security of your account credentials. Notify us immediately at security@sguard.ai if you suspect unauthorised access to your account or to the servers you have connected. We may suspend an account that we reasonably believe has been compromised, until the matter is investigated.
Acceptable use
Do not use SGuard to monitor or take actions on servers that you do not own or do not have written authority to operate. Do not attempt to reverse-engineer, decompile, or extract source code of the service. Do not use SGuard to facilitate illegal activity, to attack third parties, or to circumvent the security of systems you have not been authorised to test. Do not use the SSH access we hold on your behalf to harm third parties — doing so terminates the agreement immediately and may be reported to the relevant authorities. Maintain reasonable security on your end: keep SSH keys for accounts unrelated to SGuard out of the servers you give us access to, maintain an admin IP allowlist where the platform offers one, and respond to approval requests within a reasonable time so that incident response is not delayed.
SSH access and the remediation framework
When you connect a server, you grant SGuard authority to execute commands on that server through the SSH credentials you provide. The commands fall into three classes per the risk-classification framework: safe (executed automatically, fully logged), reversible (executed automatically with a documented rollback path), and destructive (never executed without a human approval). SGuard's commitments to you: we never auto-execute destructive actions; we log every command we run to an INSERT-only audit log with secrets redacted before write; we expose the audit log to you in the dashboard; we apply a structured-output redaction layer before any data leaves our backend; we use create_process semantics so that timeouts kill the remote process. Your commitments to us: provide accurate server information, maintain the admin IP allowlist where one is configured, respond to approval requests in a reasonable time, and do not point SGuard at servers you are not authorised to operate.
Plans, billing, and refunds
Billing is not yet active. This section will be expanded when paid plans launch (Starter, Pro, Agency tiers). Plan limits — including incident-history retention — are described in the spec and on the pricing page. Once billing is live, payment will be handled by Stripe; we never see your card number. Refund policy and pro-rated cancellation terms will be set out here before paid plans go live.
Service availability
The Service is provided on a best-efforts basis. We do not guarantee uninterrupted or error-free operation. Scheduled maintenance will be announced in advance where possible.
Disclaimers and liability cap
The service is provided on an "as is" and "as available" basis. To the maximum extent permitted by applicable law, we disclaim all warranties, express or implied, including warranties of merchantability, fitness for a particular purpose, and non-infringement. We do not warrant that the service will be uninterrupted, error-free, or that every incident will be detected or remediated. Our aggregate liability for any claim arising out of or relating to these terms or the service is capped at [TBD — counsel to set the cap number]. We are not liable for indirect, incidental, consequential, special, or punitive damages, including lost profits, lost revenue, or loss of data beyond what is directly caused by our breach. Where the AI diagnosis or auto-remediation makes a wrong call: the risk-classification framework is designed to limit blast radius (destructive actions need approval, safe and reversible actions are logged and bounded), and final responsibility for the servers stays with you. Nothing in this clause limits liability that cannot be limited under applicable law (e.g. gross negligence, wilful misconduct, death or personal injury caused by negligence).
Indemnification
You will indemnify and hold us harmless from third-party claims arising out of (a) your misuse of the service, (b) your breach of these terms, or (c) your violation of applicable law. We will indemnify you against third-party claims that the service itself, used as permitted by these terms, infringes that third party's intellectual property rights. Each side will give the other prompt notice of any claim and cooperate in the defence.
Termination
You may terminate at any time by closing your account. We may terminate or suspend the account for material breach of these terms, including the acceptable-use clause, with notice where the breach is curable. After termination, customer data is retained for 30 days to allow export, then deleted (except where we are required to retain it for legal reasons). Encrypted SSH keys are deleted within 24 hours of account closure or of the relevant server being removed.
Changes to these terms
We will give at least 30 days' notice of material changes to these terms, by email to the account contact. Continuing to use the service after the change takes effect constitutes acceptance. Non-material changes will be reflected by updating the "last updated" date above.
Governing law and jurisdiction
These terms are governed by the laws of [TBD — founder to specify based on the entity's place of incorporation]. The courts of that jurisdiction have exclusive jurisdiction over disputes arising out of or in connection with these terms, subject to any mandatory consumer-protection rules in your country of residence. Lawyer will finalise this clause.
Contact
Questions about these terms: legal@sguard.ai. General contact: hello@sguard.ai.