Klairr — Terms of Service

1. Acceptance of Terms

By creating an account, accessing, or using the Klairr platform ("Klairr" or "Service"), you ("Customer," "you," or "your") agree to be bound by these Terms of Service ("Terms"). The Service is operated by [Company Name] ([Company Number]), a company registered in the State of Israel, with its registered office at [Registered Address] ("Klairr," "we," "us," or "our").

If you are using the Service on behalf of an organization, you represent and warrant that you have the authority to bind that organization to these Terms, and "you" refers to that organization.

If you do not agree to these Terms, you may not access or use the Service. Your continued use of the Service after any modification to these Terms constitutes acceptance of those modifications.

2. Eligibility

By accessing or using the Service, you represent and warrant that:

• Age: You are at least eighteen (18) years of age, or the age of legal majority in your jurisdiction, whichever is higher.
• Authority: If using the Service on behalf of an organization, you have full legal authority to bind that organization to these Terms.
• Solvency: Neither you nor the organization you represent is insolvent, in receivership, in liquidation, or subject to any bankruptcy or insolvency proceedings.
• No Sanctioned Jurisdiction: You and your organization are not located in, incorporated in, or operating from any country or territory subject to comprehensive sanctions by the United States, the European Union, the United Nations, or the State of Israel.
• Compliance with Laws: You will use the Service in compliance with all applicable local, national, and international laws and regulations.

3. Service Description

Klairr is an AI-powered business intelligence platform that enables employees to ask questions about their company's data in plain language and receive immediate, grounded answers.

The Service includes, but is not limited to:

• Natural Language Q&A — Users ask business questions in plain English. The platform generates database queries (SQL for BigQuery, JQL for Mixpanel), executes them against the Customer's connected data sources, and returns answers grounded in real query results.
• Vibe Reporting — On-demand generation of reports, dashboards, and lightweight internal applications tailored to the user's question and role. Generated reports and applications run within the Service and are subject to the same data access, storage, and security provisions as all other Service functionality. The intellectual property provisions in Section 11 apply to generated application code.
• AI Memory — An organizational knowledge layer where administrators define entity aliases, metric definitions, data hints, and response directives that guide the AI's query generation and answer formatting.
• Conversation Continuity — Threaded conversations where follow-up questions retain full context from prior exchanges.
• Multi-Source Intelligence — Automatic routing and cross-source synthesis across multiple connected data sources.
• Confidence Scoring — Every answer includes a confidence level (High, Check, Low, or Failed) with an explanation of the assessment.
• Governance, Risk & Compliance (GRC) — Full audit trail of all questions, answers, and administrative actions across the organization.

The Service operates by connecting to Customer-authorized data sources using credentials provided by the Customer, executing read-only queries, and synthesizing answers using large language model (LLM) technology provided by Anthropic (Claude API).

4. AI-Powered Service and Third-Party AI Models

4.1 Use of Anthropic's Claude AI

The Service uses Anthropic's Claude large language models ("AI Models") to interpret natural-language questions, generate database queries (SQL, JQL), and synthesize answers. The AI Models are developed and operated by Anthropic, PBC, a third party. Klairr does not develop, train, or control the AI Models themselves.

4.2 Scope of AI Processing

When you submit a question, the following data is sent to Anthropic's Claude API for processing:

• Question text and conversation history
• AI Memory content (entity aliases, metric definitions, data hints, response directives)
• Schema metadata of your connected data sources (table names, column names, column types, sample enum values)

The following data is NOT sent to Anthropic: query result data (your actual business data rows), data source credentials, user passwords, or payment information.

4.3 AI Limitations and Disclaimer

You acknowledge and agree that:

• AI-generated answers may contain errors. The AI Models may produce incorrect SQL queries, inaccurate calculations, misinterpretations of your data schema, or references to tables, columns, or values that do not exist ("hallucinations").
• Klairr does not control AI model outputs. While we design prompts, guardrails, and validation layers to maximize accuracy, we do not control the underlying behavior of the AI Models.
• Answers are decision-support tools, not decisions. AI-generated answers should be verified by the user before being used as the basis for material business decisions.
• You should not rely on any AI-generated output without independently confirming its accuracy against your source data.
• Confidence scores are not guarantees. A "High" confidence rating does not guarantee correctness. A "Low" rating does not necessarily mean the answer is wrong.

4.4 Anthropic's Data Policies

As of the date of these Terms, Anthropic's commercial API terms state that Anthropic does not use API inputs or outputs for training its AI models. Klairr relies on this policy when processing your data through the Anthropic API. Klairr reviews Anthropic's API terms on at least a quarterly basis. A "material change" that triggers notification includes any change to Anthropic's data retention, training data usage, or sub-processor policies. If Anthropic materially changes its data usage policies, we will notify you within thirty (30) days of becoming aware of such change.

4.5 Anthropic Usage Policy Compliance

Klairr has reviewed and complies with Anthropic's acceptable use policy for commercial API users. The Service is designed to operate within Anthropic's terms for reselling and distributing products built on the Claude API, including required disclosures that outputs are AI-generated.

4.6 Data Residency and AI Processing

Application data (user accounts, conversation history, AI Memory, reports, audit logs) is stored in the EU (Frankfurt, eu-central-1) region on AWS. However, question text and conversational context are processed by Anthropic's API, which may involve transfer to and processing in the United States. For details on international transfer safeguards, see Section 9 and the Data Processing Agreement.

4.7 No Warranty on AI Outputs

THE SERVICE AND ALL AI-GENERATED OUTPUTS ARE PROVIDED 'AS IS' AND 'AS AVAILABLE' WITHOUT WARRANTIES OF ANY KIND, WHETHER EXPRESS, IMPLIED, OR STATUTORY. KLAIRR EXPRESSLY DISCLAIMS ALL WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, ACCURACY, RELIABILITY, AVAILABILITY, SECURITY, TITLE, AND NON-INFRINGEMENT. KLAIRR DOES NOT WARRANT THAT THE SERVICE WILL BE UNINTERRUPTED, ERROR-FREE, OR THAT AI-GENERATED CONTENT WILL BE ACCURATE, COMPLETE, OR CURRENT. KLAIRR WOULD NOT OFFER THE SERVICE UNDER THESE TERMS WITHOUT THESE LIMITATIONS. You assume full responsibility for any actions taken based on answers provided by the Service.

5. Account Registration

5.1 Accurate Information

You agree to provide accurate, current, and complete information during the registration process and to update such information as necessary.

5.2 One Organization Per Subscription

Each subscription is tied to a single organization. All users within that subscription must belong to the same organization.

5.3 Administrator Responsibility

The individual who creates the organization account is designated as the initial Administrator. The Administrator is responsible for managing user accounts, roles (as described in the Service documentation), and permissions; configuring data source connections and access controls; maintaining AI Memory content; and ensuring all users within the organization comply with these Terms.

5.4 Account Security

You are responsible for maintaining the confidentiality of your login credentials. You must notify us immediately of any unauthorized use of your account.

6. Subscription & Billing

6.1 Plans

The Service is offered on a subscription basis. Available plans, features, and pricing are published on our website and may be updated from time to time. We will notify you of any pricing changes that affect your current subscription at least thirty (30) days before they take effect.

6.2 Free Tier

The Service offers a free plan ("Free Tier") that includes up to one hundred (100) questions per calendar month per organization. The Free Tier is provided "as is" with no service level agreement (SLA) or uptime guarantee. Features may be limited. We reserve the right to modify, suspend, or discontinue the Free Tier at any time with thirty (30) days' notice.

6.3 Billing Cycle

Subscriptions are billed either monthly or annually, depending on the plan selected at the time of purchase.

6.4 Auto-Renewal

Subscriptions automatically renew at the end of each billing period unless cancelled before the renewal date.

6.5 Cancellation and Refunds

You may cancel your subscription at any time. Cancellation takes effect at the end of the current billing period. No prorated refunds are issued for partial billing periods, except where required by applicable law.

Israeli Consumer Protection: Where applicable, consumers (as defined under the Israeli Consumer Protection Law, 5741-1981) are entitled to cancel a transaction within fourteen (14) days, subject to the conditions set forth in the law.

6.6 Overage Charges

Each paid subscription plan includes a specified number of questions per billing period. Questions exceeding the included allocation are billed at the per-question overage rate published on our website at the time of usage. Overage charges are invoiced at the end of each billing period and are due within fifteen (15) days.

6.7 Taxes

All fees are exclusive of applicable taxes. You are responsible for all taxes, levies, and duties imposed by taxing authorities, excluding taxes based on our net income.

6.8 Late Payment

If payment is not received within fifteen (15) days of the due date, we reserve the right to suspend access to the Service until the outstanding balance is paid.

7. Acceptable Use

You agree to use the Service only for its intended purpose: asking business questions against your own authorized data sources and generating reports for internal business use.

7.1 No Malicious Use

You shall not use the Service for any purpose that is malicious, harmful, or intended to cause damage to us, our infrastructure, our other customers, or any third party.

7.2 Prohibited Activities

• Use the Service for any illegal, fraudulent, or unauthorized purpose
• Attempt to reverse engineer, decompile, or disassemble the Service
• Attempt to extract model weights, training data, or proprietary components
• Share login credentials between individuals
• Circumvent or disable any security, access control, or rate-limiting features
• Use the Service to process data you do not have lawful authority to access
• Interfere with or disrupt the integrity or performance of the Service
• Use automated tools, bots, or scripts exceeding reasonable human usage patterns
• Resell, sublicense, or provide the Service to third parties without prior written consent
• Attempt to access data belonging to other customers or organizations
• Submit queries designed to manipulate, jailbreak, or subvert the AI system
• Use the Service as a substitute for professional financial, legal, medical, or accounting advice
• Use the Service to process data subject to HIPAA, PCI DSS, or other industry-specific compliance requirements, unless separately agreed in writing
• Use the Service to develop, train, or improve a competing product or service, or to reverse-engineer the Service's AI orchestration, prompts, or answer-generation methodology through systematic querying or output analysis

7.3 Special Category Data (GDPR Article 9)

The Service is not designed to process special category data as defined in GDPR Article 9, including data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data for identification purposes, data concerning health, or data concerning a person's sex life or sexual orientation. The Customer is responsible for ensuring that special category data is not made queryable through connected data sources, or that the Customer has obtained an appropriate legal basis under GDPR Article 9(2) if such data may appear in query results.

7.4 Enforcement

We reserve the right to investigate any suspected violation of these Terms. If a violation is confirmed, we may issue a warning, suspend the offending user account, or terminate the Customer's subscription.

8. Data Processing

8.1 Data Source Connections

The Service connects to your data sources using credentials that you provide and configure. You are responsible for ensuring that you have the legal right to grant the Service access to these data sources.

8.2 Read-Only Access

The Service executes only read-only queries against your data sources. Write operations (INSERT, UPDATE, DELETE, DROP, and other DML/DDL statements) are blocked at the application layer. The Service includes guardrails such as automatic LIMIT injection and byte-scan budgets to prevent runaway queries. We strongly recommend that Customers provide read-only database credentials (e.g., a BigQuery service account with only the BigQuery Data Viewer role). Application-layer read-only enforcement is a defense-in-depth measure; the actual database permissions depend on the credentials the Customer provides.

8.3 Data We Store

For each question asked through the Service, we store:

• Question text — The natural-language question submitted by the user
• Answer text — The AI-generated answer returned to the user
• Generated queries — The SQL or JQL queries generated and executed
• Result samples — Up to twenty (20) rows of query results per question, stored for display within the answer card
• Metadata — Timestamps, query latency, bytes scanned, row counts, confidence levels, and user feedback ratings
• AI Memory content — Entity aliases, metric definitions, data hints, and response directives

8.4 Audit Log Retention

Governance and compliance audit logs — including records of questions asked, confidence levels, user feedback, and administrative actions — are retained for twelve (12) months from the date of the logged event, after which they are automatically purged.

8.5 Data We Do NOT Store

We do not bulk-copy, replicate, or warehouse your underlying databases. The Service queries your data sources on demand and retains only the limited result samples described above.

8.6 Credential Handling

Data source credentials are encrypted at rest using industry-standard encryption. Credentials are never logged, displayed after initial configuration, or accessible to our support staff in plaintext.

8.7 Data Residency

Application data is stored in the EU (Frankfurt, eu-central-1) region on AWS infrastructure. Question text and conversational context are processed by Anthropic's API, which may involve transfer outside the EU.

9. Third-Party Services

The Service relies on the following third-party providers:

• Anthropic (Claude API) — Question text and conversational context are sent to the Anthropic Claude API for query generation and answer synthesis. Anthropic does not use API inputs or outputs for model training. No query result data is sent to Anthropic.
• Amazon Web Services (AWS) — Infrastructure hosted in the EU (Frankfurt, eu-central-1) region.
• MongoDB Atlas — Application data stored in the EU region with encryption at rest and in transit.
• Stripe — Payment processing. We do not directly collect, store, or process payment card information.

10. Sub-Processors

10.1 Authorized Sub-Processors

10.2 Sub-Processor Changes

We will notify you at least thirty (30) days before adding or replacing a sub-processor. If you object on reasonable data protection grounds, you may terminate your subscription and receive a refund for the unused portion.

11. Intellectual Property

11.1 Platform Ownership

The Service, including its software, algorithms, user interface, and design, is and remains the exclusive property of Klairr and its licensors.

11.2 Customer Data Ownership

You retain all rights, title, and interest in your data, including the data stored in your connected data sources and the questions you submit to the Service.

11.3 Generated Content License

Subject to your compliance with these Terms, we grant you a worldwide, non-exclusive, royalty-free license to use, copy, modify, and create derivative works from the AI-generated outputs (answers, reports, generated queries, and generated application code from Vibe Reporting) produced by the Service in response to your inputs, for your internal business purposes. You acknowledge that due to the nature of AI, other users may receive similar or identical outputs. We make no claim of exclusivity in any output. You may not resell, publicly distribute, or commercially exploit generated content as a standalone product or service.

11.4 Feedback

If you provide suggestions, feature requests, or other feedback about the Service, we may use that feedback to improve the Service without any obligation or compensation to you.

12. Confidentiality

We treat all Customer data — including questions, answers, AI Memory content, connected data source schemas, and result samples — as confidential information. Customer data is strictly isolated at the organizational level. Your data is never visible to, accessible by, or shared with other customers. Your data is not used to train, fine-tune, or improve any AI or machine learning models.

13. Security and Breach Notification

We implement and maintain appropriate technical and organizational security measures to protect Customer data, including encryption at rest and in transit, access controls, audit logging, and regular security assessments.

In the event of a confirmed personal data breach affecting your data, we will notify you without undue delay and in any event within seventy-two (72) hours of becoming aware of the breach, consistent with GDPR Article 33.

14. Limitation of Liability

14.1 Exclusion of Consequential Damages

TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, NEITHER PARTY SHALL BE LIABLE TO THE OTHER FOR ANY INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, OR PUNITIVE DAMAGES, INCLUDING BUT NOT LIMITED TO LOSS OF PROFITS, REVENUE, DATA, BUSINESS OPPORTUNITIES, OR GOODWILL.

14.2 Cap on Liability

EACH PARTY'S TOTAL AGGREGATE LIABILITY SHALL NOT EXCEED THE TOTAL AMOUNT OF FEES PAID BY THE CUSTOMER DURING THE SIX (6) MONTHS IMMEDIATELY PRECEDING THE EVENT. FOR FREE TIER CUSTOMERS, KLAIRR'S TOTAL AGGREGATE LIABILITY SHALL NOT EXCEED ONE HUNDRED US DOLLARS (US $100).

14.3 AI-Specific Liability Exclusion

WITHOUT LIMITING THE GENERALITY OF SECTIONS 14.1 AND 14.2, KLAIRR SHALL NOT BE LIABLE FOR DAMAGES ARISING FROM THE INHERENT LIMITATIONS OF AI TECHNOLOGY, INCLUDING: (A) INACCURACIES, ERRORS, OR OMISSIONS IN AI-GENERATED ANSWERS THAT COULD NOT REASONABLY HAVE BEEN PREVENTED BY INTELLIGENCE HUB'S GUARDRAILS AND PROMPT DESIGN; (B) CHANGES TO THIRD-PARTY AI MODEL BEHAVIOR, CAPABILITIES, OR AVAILABILITY. THIS EXCLUSION DOES NOT APPLY TO DAMAGES CAUSED BY KLAIRR'S NEGLIGENCE IN IMPLEMENTING OR MAINTAINING ITS AI SAFETY GUARDRAILS, PROMPT ENGINEERING, OR VALIDATION LAYERS.

14.4 Exceptions

The limitations in this Section 14 do not apply to: (a) either party's indemnification obligations under Section 15; (b) liability arising from a party's gross negligence or willful misconduct; (c) Customer's payment obligations; (d) breaches of Section 12 (Confidentiality); or (e) data breaches caused by Klairr's negligence in securing Customer data.

15. Indemnification

By Klairr: We shall indemnify, defend, and hold harmless the Customer from third-party claims arising from: (a) our breach of these Terms; (b) our gross negligence or willful misconduct; or (c) allegations that the Service infringes a third party's intellectual property rights.

By Customer: The Customer shall indemnify, defend, and hold harmless Klairr from third-party claims arising from: (a) Customer's breach of these Terms; (b) Customer's violation of applicable law; (c) Customer's data or use of the Service; or (d) unauthorized access resulting from Customer's failure to maintain account credential security.

16. Termination

16.1 Termination for Convenience

Either party may terminate these Terms for any reason by providing thirty (30) days' prior written notice.

16.2 Termination for Breach

Either party may terminate immediately upon written notice if the other party materially breaches these Terms and fails to cure within fifteen (15) days.

16.3 Data Export After Termination

Upon termination, we will make your data available for export for thirty (30) days, in JSON and/or CSV format, including question history, answers, generated queries, reports, and AI Memory content. The Service's built-in export functionality will remain available during this period. After the 30-day period, we will delete your data from our active systems, subject to our standard backup retention schedule of 30 days.

16.4 Survival

Sections 4, 11, 12, 13, 14, 15, and 18 shall survive termination of these Terms.

17. Changes to Terms

We may update these Terms from time to time. For material changes, we will provide at least thirty (30) days' prior notice via email. Amendments to data protection provisions in the Data Processing Agreement require bilateral written agreement and are not subject to this unilateral modification mechanism. If you do not agree to the revised Terms, you may terminate your subscription before the changes take effect.

18. Governing Law and Dispute Resolution

18.1 Governing Law

These Terms shall be governed by the laws of the State of Israel, without regard to its conflict of law provisions.

18.2 Dispute Resolution

Any dispute arising out of or relating to these Terms shall be settled by arbitration administered by the International Chamber of Commerce (ICC). The seat of arbitration shall be Tel Aviv, Israel. The language shall be English.

18.3 Small Claims Exception

Notwithstanding Section 18.2, either party may bring a claim in the competent courts of the Tel Aviv district for disputes where the amount in controversy is less than US $10,000. Either party may also seek injunctive or equitable relief in any court to protect its intellectual property rights or confidential information without first submitting to arbitration.

18.4 Class Action Waiver

To the maximum extent permitted by applicable law, each party waives any right to bring or participate in a class action, collective action, or representative proceeding against the other party.

19. Merger, Acquisition, or Transfer of Ownership

In the event of a merger, acquisition, or other change of control, your data and these Terms may be transferred to the successor entity. We will notify you at least thirty (30) days before any such transfer takes effect, and you will have the opportunity to terminate your subscription and export your data.

20. General Provisions

• Entire Agreement: These Terms, together with any applicable order forms, Data Processing Agreement, and our Privacy Policy, constitute the entire agreement between the parties.
• Severability: If any provision is found unenforceable, the remaining provisions remain in full force and effect.
• Waiver: The failure of either party to enforce any right shall not constitute a waiver of that right.
• Assignment: You may not assign these Terms without our prior written consent.
• Force Majeure: Neither party shall be liable for failure or delay due to circumstances beyond its reasonable control.

21. Contact

For questions about these Terms of Service, please contact us at:
Company: [Company Name — configure before launch]
Email: [email protected] [configure before launch]
Privacy Inquiries: [email protected] [configure before launch]