Terms and Conditions

1.1 The Service is provided "as-is" and "as-available." The Provider makes no representations or warranties regarding the suitability, availability, or accuracy of the Service for User's purposes.

1.2 User is solely responsible for compliance with all applicable laws, regulations, and standards in connection with their use of the Service.

2.1 The Service is a tool designed to assist CPAs with reviewing financial statements drafted on behalf of their clients for accuracy and quality [briefly describe purpose, e.g., “reviewing financial statements”]. It does not provide professional advice or services. The User must determine the applicability of the Service to individual financial statements, and accept responsibility, and full liability, for the client deliverable signed by the CPA firm.

2.2 User acknowledges that:

• The Service is not a substitute for professional judgment, auditing, or consulting services.
• Any reliance on the Service is at User's own risk.

2.3 The Provider is not liable for any errors, omissions, or misinterpretations resulting from User's use of the Service.

3.1 The Provider implements reasonable measures to secure User data; however, the Provider does not guarantee the security of data transmitted to or stored on the Service.

3.2 User acknowledges that:

• Cybersecurity incidents may occur despite preventive measures.
• Provider is not liable for any loss, theft, unauthorized access, or misuse of User data.

4.1 To the fullest extent permitted by law:

• The Provider's total liability for all claims related to this Agreement is limited to the amount paid by User for the Service in the twelve (12) months preceding the claim.
• The Provider is not liable for indirect, consequential, incidental, special, or punitive damages, including loss of revenue, profits, or data.

4.2 The Provider disclaims all liability arising from:

• User's failure to maintain the security of their accounts.
• Misuse of the Service by User or third parties.

User agrees to indemnify, defend, and hold harmless the Provider, its affiliates, and employees from any claims, damages, or liabilities arising from:

• User's use or misuse of the Service.
• User's violation of this Agreement.
• Allegations that User's data infringes upon third-party rights.

The Provider reserves the right to suspend or terminate User's access to the Service for any violation of this Agreement or misuse of the Service.

This Agreement is governed by the laws of the Commonwealth of Kentucky, without regard to conflict-of-law principles.

This Agreement constitutes the entire agreement between the Provider and User regarding the Service and supersedes all prior agreements or understandings.

9.1 Confidentiality
The Provider agrees to maintain the confidentiality of all User data uploaded to the Service and shall not access, use, or disclose such data except as required to operate the Service or as required by law.

9.2 Data Ownership and Deletion
User retains all ownership rights in any data uploaded to the Service. Upon written request or termination of Service, Provider will delete all stored data within 14 business days, unless otherwise required by law.

9.3 Data Breach Notification
In the event of a confirmed security incident resulting in unauthorized access to User data, Provider will notify affected Users within seventy-two (72) hours of confirmation, including a summary of known facts and planned remediation steps.

9.4 Subprocessors
The Provider uses reputable third-party vendors to deliver the Service, including OpenAI (document analysis), Supabase (backend infrastructure), and Stripe (payment processing). The Provider ensures all subprocessors are subject to data protection obligations no less protective than those set out herein.

9.5 Audit & Assurance
While the Provider does not currently possess a SOC 2 report, it is actively engaged in SOC 2 readiness with its security advisor (Delve). Upon completion, a copy of the Provider's SOC 2 report (Type II) will be made available under NDA. Prior to that, Users may request a summary of internal security controls and penetration testing results.

By accessing or using the Service, User acknowledges that they have read, understood, and agreed to this Agreement, including the disclaimers of professional and cybersecurity liability.