Clear rules for a narrow service.

These Terms govern your use of the Shutapp website, API, SDK, dashboard, receipts, documentation, and related services.

By using Shutapp, creating or generating an API key, sending traffic to the API, or buying a paid plan, you agree to these Terms.

If you use Shutapp for a company, you represent that you have authority to bind that company. In that case, 'you' means the company.

If you sign an order form, data-processing agreement, enterprise agreement, or similar written agreement with Shutapp, that signed agreement controls where it conflicts with these Terms.

You are responsible for your account, API keys, access tokens, and anything done with them.

Keep keys secret. Do not publish them in client-side code, public repos, logs, screenshots, support tickets, or prompts sent to an LLM.

Tell us quickly if you believe a key was exposed or used without permission. We may rotate, suspend, or limit keys to protect the service, you, or other customers.

You must provide accurate account, billing, and contact information and keep it reasonably up to date.

Shutapp provides scanning, rescanning, policy decisions, receipts, usage limits, and related controls around LLM calls.

You remain responsible for your application, your model provider, your user experience, your policy choices, and any action you choose to take after a Shutapp decision.

Shutapp is not your model provider, law firm, compliance department, insurer, payment processor, or incident-response team.

The service can reduce risk and create proof. It cannot make every system safe, stop traffic that bypasses Shutapp, or fix controls you disable.

Do not use Shutapp to attack third-party systems, evade law enforcement, send spam, distribute malware, abuse credentials, or process data you do not have the right to process.

Do not try to bypass rate limits, interfere with the service, reverse engineer private systems, or use the product in a way that creates risk for other customers.

Do not use Shutapp to build or improve systems that generate phishing, malware, credential theft, fraud, unlawful surveillance, harassment, or other harmful activity.

Do not submit live secrets, payment card data, health data, government IDs, or other regulated data unless your plan, configuration, and legal basis allow it.

We may suspend or limit access if we believe your use creates security, legal, operational, or abuse risk.

You keep ownership of the prompts, model outputs, receipt records, configuration, and other data you send to or receive from Shutapp.

You give Shutapp the limited rights needed to provide the service: process text, apply policies, return decisions, generate receipts, enforce limits, debug issues, protect the platform, and meet legal obligations.

You are responsible for having the rights, notices, permissions, and legal basis needed to send data to Shutapp.

Our handling of personal information is described in the Privacy Policy and, for enterprise customers, any signed data-processing agreement.

Shutapp can work with model providers and tools you choose, but those services are not controlled by Shutapp.

You are responsible for your relationship with OpenAI, Anthropic, Gemini, self-hosted models, cloud providers, logging tools, payment tools, or any other third-party system you connect.

Shutapp does not need your model-provider key. If you choose to send data to a third-party provider, their terms and privacy rules apply to that provider.

Paid plans may include a platform fee, onboarding fee, per-token usage, overage terms, support terms, and a damage guarantee cap.

You agree to pay the fees for the plan you choose. Fees are due according to the checkout flow, invoice, order form, or signed agreement.

Unless a signed agreement says otherwise, fees are non-refundable except where required by law or where Shutapp chooses to issue a credit.

We may change pricing for future billing periods with reasonable notice. Existing enterprise terms are governed by the signed order form.

Paid plans may include a damage guarantee. The cap, covered categories, exclusions, evidence requirements, and claim process depend on the plan and any signed agreement.

Receipts matter. They are the proof record that connects a scan or rescan to the guarantee process.

The guarantee does not cover traffic that bypassed Shutapp, disabled controls, misuse, test traffic presented as production loss, unsupported categories, unavailable evidence, fraud, unlawful use, or losses outside the written guarantee terms.

A guarantee claim must include the relevant receipt, account details, incident description, affected category, timing, and reasonable proof of loss.

The guarantee is a contractual backstop. It is not insurance and does not replace your own security, compliance, review, logging, or incident-response duties.

Receipts are signed records that help prove what Shutapp saw and decided at a point in time.

Receipts may include decision metadata, timestamps, policy version, safe proof fields, usage information, and signatures.

You are responsible for storing receipts if your compliance program, audit trail, support process, or guarantee claim depends on them.

A receipt is strong evidence of a Shutapp decision, but it does not prove facts outside the receipt, such as what happened in systems that did not send traffic through Shutapp.

We work to keep Shutapp fast and available, but no service is available every second. Maintenance, outages, attacks, provider failures, bugs, and network issues can happen.

We may change, add, or remove features as the product improves. We try to avoid breaking changes, and we will use reasonable notice when a material change affects paid customers.

Beta, preview, experimental, or free features may change or end at any time and may not include the same support, uptime, or guarantee terms as paid production features.

Shutapp owns the service, website, SDKs, designs, documentation, models, policies, marks, and related technology, except for rights owned by customers or third parties.

You may use Shutapp only as allowed by these Terms and any plan or agreement that applies to you.

If you send feedback, ideas, bug reports, or suggestions, we may use them without obligation to you. We appreciate feedback, but we need freedom to improve the product.

Shutapp is provided as a security and privacy control layer, but it is not perfect. Detection systems can miss, false positive, or behave differently as threats change.

Except for written commitments that apply to your paid plan, the service is provided 'as is' and 'as available' to the fullest extent allowed by law.

We disclaim implied warranties, including merchantability, fitness for a particular purpose, non-infringement, and any warranty that the service will be uninterrupted, error-free, or catch every threat.

To the fullest extent allowed by law, Shutapp is not liable for indirect, incidental, special, consequential, exemplary, or punitive damages, or for lost profits, lost revenue, lost data, loss of goodwill, or business interruption.

Except for amounts payable under an express written damage guarantee, Shutapp's total liability is limited to the amount you paid to Shutapp for the service in the 12 months before the event giving rise to the claim, or 100 USD if you used only a free plan.

Some laws do not allow certain limits. If those laws apply, the limits apply only as far as the law allows.

You may stop using Shutapp at any time. Paid plan cancellation, refund, and data-export rights depend on your plan and any signed agreement.

We may suspend or terminate access if you violate these Terms, create security or abuse risk, fail to pay, use the service unlawfully, or cause harm to Shutapp or other customers.

After termination, provisions that by nature should survive will survive, including fees owed, data rights needed for records, disclaimers, liability limits, IP terms, and dispute terms.

The governing law and dispute forum may be set in your signed agreement or order form.

If there is no signed agreement that says otherwise, disputes will be handled under the laws and courts chosen by Shutapp in the agreement presented at purchase or in the applicable checkout terms.

Before filing a claim, both sides should try to resolve the issue in good faith. Most product and billing problems should be solvable without a courtroom.

We may update these Terms as the product, pricing, law, or risk changes. The updated date on this page tells you when this version changed.

If a change materially affects paid customers, we will use a reasonable channel to make it visible before it matters.

If you keep using Shutapp after updated Terms take effect, you accept the updated Terms.

Questions about these Terms can be sent to hi@shutapp.world.

If your question is about an enterprise agreement, include your company name and the order form or contract reference if you have one.