Terms of Service

Last updated: 2025-08-20

Welcome to Rafter, a simple security service for code operated by Rafter ("we," "us," or "our"). Please read these Terms of Service ("Terms") carefully. By creating an account, connecting a repository, or otherwise using the Rafter website, APIs, applications, or related services (collectively, the "Service"), you agree to be bound by these Terms and by our Privacy Policy. If you do not accept all Terms, do not access or use the Service.

1 Definitions

| Term | Meaning | |------|---------| | "User," "you," "your" | Any individual or entity that creates an account or uses the Service. | | "Scan" | An automated process that analyzes a repository for vulnerabilities or other issues. | | "Content" | Code, data, text, images, or other material stored in, or generated by, the Service. | | "Subscription" | A paid or free plan that sets usage limits and features. | | "Analytics" | Vercel Web Analytics and other usage monitoring tools used to improve the Service. |

2 Eligibility & Account Registration

You must be at least 18 years old and able to form a legally binding contract.

Registration requires a valid GitHub account and granting Rafter the OAuth scopes we request (repo, read:user, user:email).

You are responsible for all activity under your account. Keep credentials and access-tokens confidential. Notify us immediately of any unauthorized use.

3 License & Acceptable Use

3.1 Grant of Limited License

We grant you a revocable, non-exclusive, non-transferable license to access and use the Service solely to scan repositories that you own or are lawfully authorized to access.

3.2 Prohibited Conduct

You must not:

• Violate any applicable law or regulation.
• Scan or attempt to scan code you do not have rights to analyze.
• Interfere with, disrupt, or circumvent the Service's security measures.
• Upload malicious code, reverse-engineer, or overload our infrastructure.
• Misuse scan results for unlawful exploitation or disclosure.
• Use any automated system (crawler, bot, scraper) that materially degrades Service performance.

We may suspend or terminate your account if you breach these Terms or create risk for other users.

4 Plans, Billing & Cancellation

4.1 Subscription Plans

Free and paid plans differ by monthly scan quota, features, and support levels. Plan details and current pricing appear on the Pricing page and are incorporated by reference. Plans are not transferable. Plans are not refundable. Plan details and pricing are subject to change.

4.2 Payment Processing

All paid Subscriptions are billed in advance via Stripe. You authorize us to charge the payment method on file at each renewal unless you cancel before the end of the current billing period.

4.3 Upgrades, Downgrades & Refunds

• Upgrades take effect immediately; the card on file is charged a prorated amount.
• Downgrades become effective on the next renewal date.
• Except where required by law, fees are non-refundable.

4.4 Cancellation

You may cancel at any time from the account portal. Your plan remains active until the current billing cycle ends, after which your account reverts to the Free tier (with its lower limits) unless deleted.

5 Repository Access & Data Handling

We clone repositories only for the duration of a Scan, then delete local copies. Generated reports are stored in encrypted object storage and linked to your account.

We never share your private source code with third parties.

You grant us the limited rights necessary to perform each Scan and generate reports.

6 Analytics & Usage Data

6.1 Vercel Web Analytics

We use Vercel Web Analytics to understand how visitors interact with our website and improve the Service. Vercel Web Analytics:

• Collects only aggregated, anonymous data that cannot identify individual users
• Does not use cookies for tracking (uses request-based identification instead)
• Automatically discards session data after 24 hours
• Does not track users across different websites
• Qualifies as a "service provider" under applicable privacy laws

6.2 Analytics Data Usage

We use analytics data solely to:

• Improve website performance and user experience
• Identify and fix technical issues
• Understand usage patterns to enhance our services
• Ensure security and prevent abuse

Analytics data is not sold, shared for advertising purposes, or used to identify individual users.

7 Intellectual Property

The Service, including all software, visual interfaces, trademarks, logos, and documentation, is owned or licensed by us and protected by copyright and other laws. Except for the limited license in § 3.1, no rights are granted to you.

8 Confidentiality & Feedback

We treat private repositories and proprietary information as confidential.

You may voluntarily submit suggestions or feedback. You grant us a perpetual, royalty-free right to use such feedback without restriction.

9 Beta Features

We may label certain features "beta," "preview," or "experimental." These are provided as-is and may change or be discontinued at any time.

10 Disclaimers

No Warranty – The Service and all results are provided "AS IS" and "AS AVAILABLE." We disclaim all warranties, express or implied, including merchantability, fitness for a particular purpose, accuracy, and non-infringement.

No Security Guarantee – A "clean" scan does not guarantee that a repository is free of vulnerabilities, nor does a "vulnerable" finding guarantee exploitability. You remain solely responsible for reviewing results and securing your software.

Some jurisdictions do not allow the exclusion of certain warranties, so the above exclusions may not fully apply to you.

11 Limitation of Liability

To the maximum extent permitted by law:

• Indirect Damages – We are not liable for any indirect, incidental, special, consequential, or punitive damages (loss of profits, data, business interruption, etc.).
• Aggregate Cap – Our total liability for any claim arising out of or relating to the Service will not exceed the greater of (a) USD 100 or (b) the amount you paid to us in the 12 months preceding the claim.

These limits apply even if we have been advised of the possibility of such damages.

12 Indemnification

You agree to defend, indemnify, and hold harmless us and our affiliates, officers, directors, employees, and agents from any claims, damages, liabilities, and expenses (including reasonable attorneys' fees) arising out of your Content, your breach of these Terms, or your violation of any law or third-party rights.

13 Termination

You may stop using the Service and/or delete your account at any time.

We may suspend or terminate the Service or your account if you violate these Terms or if we discontinue the Service (with reasonable notice where feasible).

Upon termination, Sections 7 (Intellectual Property), 8 (Confidentiality), 10 (Disclaimers), 11 (Limitation of Liability), 12 (Indemnification), and 14–16 survive.

14 Governing Law & Dispute Resolution

Governing Law – These Terms are governed by the laws of Jurisdiction, excluding its conflict-of-law principles.

Venue – Any dispute not subject to arbitration will be resolved exclusively in the state or federal courts located in County,State. You and we consent to personal jurisdiction there.

Arbitration – If you reside in the United States, any claim under USD 10 000 may, at either party's election, be resolved through binding arbitration administered by the American Arbitration Association under its Consumer Arbitration Rules. You may opt out of arbitration by emailing our legal team within 30 days of accepting these Terms.

15 Export Compliance

You must comply with all applicable export-control and sanctions laws. You warrant that you are not located in, or a resident of, any country subject to U.S. Government embargoes or on the U.S. Treasury Department's list of Specially Designated Nationals.

16 Severability & Entire Agreement

If any provision of these Terms is held unenforceable, the remaining provisions will remain in full force. These Terms, together with the Privacy Policy and any plan-specific terms, constitute the entire agreement between you and us regarding the Service and supersede all prior agreements.

Contact Information

If you have any questions about these Terms of Service, please contact us.