BrinPage Legal Terms — Cloud, SDK & API

These Terms govern your access to and use of BrinPage’s products and services, including the BrinPage Cloud (account, billing, and API access layer), the BrinPage SDK (CPM) (local-first developer tooling), and any BrinPage APIs. By creating an account, using an API key, installing the SDK, or accessing our sites, you agree to these Terms and to our Privacy & Cookies terms below.

Table of Contents

1. Definitions

BrinPage,” “we,” “our,” or “us” means BrinPage and its affiliates, successors, and permitted assigns. “Cloud” means the BrinPage Cloud account, billing, usage tracking and API key issuance layer that routes requests to supported third-party AI providers. “SDK” means BrinPage’s developer tooling (including CPM) delivered as local-first software and its local dashboard. “APIs” means any programmatic interfaces, endpoints, libraries, and related documentation made available by BrinPage. “Customer” or “you” means the individual or entity using the Services. “Content” means prompts, inputs, files, data, metadata, and outputs processed via the Cloud, SDK, or APIs. “Subprocessors” are third parties engaged by BrinPage to process data on our behalf.

2. Scope of Services (Cloud, SDK & APIs)

  • Cloud. You obtain and manage your BrinPage API keys through Cloud. BrinPage is not BYOK: all requests must be routed through BrinPage Cloud using a BrinPage-issued key. Cloud handles authentication, metering, and billing and may proxy requests to supported AI providers (currently including, but not limited to, OpenAI and Google).
  • SDK (CPM). The local-first SDK and dashboard help you compose and govern prompt context, preview results locally, and control model parameters. The SDK communicates with BrinPage Cloud (and through it, with providers) when networked operations are required.
  • APIs. BrinPage provides endpoints and libraries for programmatic integration, subject to rate limits, quotas, and these Terms.
  • No model training by BrinPage using your data. BrinPage does not train proprietary AI models using your Content. When we proxy to third-party providers, your Content may be processed by those providers under their terms; we contractually and technically aim to disable training by providers where such controls exist, but you acknowledge provider settings and policies may change.

3. Accounts & Eligibility

  • You must be at least 18 years old (or the age of majority in your jurisdiction) to create an account.
  • You are responsible for safeguarding credentials and for all activities under your account.
  • If you register on behalf of an entity, you represent that you have authority to bind that entity.
  • We may refuse, suspend, or terminate accounts at our discretion (e.g., risk, abuse, non-payment).

4. License & Use Restrictions (SDK & APIs)

Subject to these Terms and timely payment, BrinPage grants you a limited, non-exclusive, non-transferable, non-sublicensable license to install and use the SDK and to access the APIs solely to build and run your applications. Unless a component is expressly labeled as open-source with its own license, the SDK/APIs are proprietary.

  • No reverse engineering, decompilation, or attempt to bypass Cloud or usage metering.
  • No reselling, sublicensing, or offering our APIs/SDK as a stand-alone competing service.
  • No benchmarking publication without prior written consent.
  • No interference with security features, rate limits, or access controls.
  • Respect all third-party provider terms surfaced via Cloud integrations.
  • We may throttle or limit requests to preserve system stability.

5. Acceptable Use Policy (AUP)

You will not use the Services to violate law or others’ rights, or to create/assist content or activities that are illegal, harmful, or high-risk. Prohibited categories include:

  • Illegal content, CSAM, human trafficking, exploitation, doxxing, or targeted harassment.
  • Malware, exploits, credential-stuffing, botnets, or attempts to gain unauthorized access.
  • Generating deceptive deepfakes of private individuals, or synthetic media to defraud.
  • Incitement to violence, terrorism, or extremist propaganda.
  • Biometric identification or surveillance without clear legal basis and consent.
  • Medical, legal, or financial advice presented as professional without qualified human oversight.
  • Automated high-risk use (e.g., critical infrastructure, life support) without written approval.
  • Infringement of IP, privacy rights, or violation of third-party terms (including scraping where disallowed).
  • Unsolicited bulk messaging/spam; mass account creation; fraud or scams.

We may suspend or terminate Services for AUP violations and will cooperate with lawful requests.

6. Pricing, Billing & Taxes

  • Plans & Usage. Pricing may include subscriptions, usage-based fees, or credits. Cloud metering is authoritative for billing. You are responsible for charges incurred under your keys.
  • Payment. You authorize BrinPage (and its payment processors) to charge your payment method for fees, taxes, and, if applicable, currency conversion. Late or failed payments may lead to suspension.
  • Taxes. Fees exclude taxes; you are responsible for VAT/GST and other taxes where applicable.
  • Refunds. Except where required by law, fees are non-refundable. Promotional credits may expire.
  • Disputes. Billing questions must be raised within 30 days of invoice. We will review in good faith.

7. Privacy, GDPR & Data Processing Addendum (DPA)

BrinPage is committed to GDPR-aligned practices. The roles under data protection law depend on context:

  • Controller role. For your account, billing, support communications, and service analytics, BrinPage is the controller.
  • Processor role. For Customer Content you submit to the Cloud/APIs for processing (e.g., prompts/inputs/outputs), BrinPage acts as processor on your instructions.

Data Processing Addendum (DPA). The DPA (incorporated by reference) applies where BrinPage acts as processor. It includes SCCs for international transfers, confidentiality, subprocessor controls, and data subject rights.

  • Categories of data. Account data (name, email, billing), telemetry/usage (timestamps, request counts, model IDs, latency, cost), and Customer Content (prompts, outputs, metadata as required to provide the Services).
  • Retention. Account/billing per legal requirements; usage logs typically short-term for billing, abuse prevention, and debugging; we aim to minimize storage of raw prompts/outputs and provide deletion upon request unless retention is required by law or for dispute resolution.
  • Training. BrinPage does not train AI models on your Content. When proxying to third-party AI providers, your Content is sent to them for processing; we endeavor to disable provider data retention/training where controls exist.
  • Subprocessors. BrinPage uses infrastructure, analytics, payments, logging, and communication vendors. We maintain a current list of Subprocessors and will provide notice of material changes as required by the DPA.
  • International transfers. Where data leaves the EEA/UK, we rely on SCCs/IDTA or other transfer mechanisms.
  • Data subject rights. Contact us to access, rectify, export, or delete Personal Data. We will assist you in fulfilling end-user requests where we act as your processor.
  • Security. See Section 8. We implement encryption in transit, access controls, and least-privilege.

8. Security, Availability & Incident Response

  • We use reasonable technical and organizational measures to protect data (encryption in transit, key management, network isolation where applicable).
  • You are responsible for endpoint security, credential hygiene, and safe integration of our SDK/APIs in your apps.
  • We monitor availability and may perform maintenance with notice where feasible. Unplanned outages may occur.
  • In the event of a Personal Data Breach, we will notify you without undue delay per applicable law and cooperate on remediation.
  • Responsible disclosure: report vulnerabilities to team@brinpage.com.

9. Intellectual Property & Feedback

  • BrinPage owns all rights in the Services, SDK, APIs, documentation, designs, and trademarks.
  • You own your applications and your Content. Between the parties, you grant BrinPage a limited license to process Content to provide the Services, troubleshoot, ensure security/compliance, and meet legal obligations.
  • Feedback is voluntary; you grant BrinPage a perpetual, irrevocable, worldwide, royalty-free license to use feedback without restriction.
  • Do not use BrinPage marks without written permission.

10. AI Output Disclaimers

AI outputs may be inaccurate, incomplete, or inappropriate. You are responsible for reviewing outputs and for implementing human oversight where required (e.g., medical, legal, financial, safety-critical). Do not rely on outputs as a sole source of truth. You are responsible for any decisions or actions based on outputs.

11. Warranties, Indemnities & Limitation of Liability

  • As-is. The Services are provided “as is” and “as available,” without warranties of any kind unless required by law.
  • Your indemnity. You will indemnify BrinPage against claims arising from your Content, your apps, or your breach of these Terms/AUP.
  • Our liability cap. To the maximum extent permitted by law, BrinPage’s aggregate liability is limited to amounts paid by you to BrinPage in the 12 months preceding the event giving rise to liability.
  • In no event will either party be liable for indirect, incidental, special, consequential, exemplary, or punitive damages.

12. Term, Suspension & Termination

  • These Terms start when you first use the Services and continue until terminated.
  • We may suspend keys or access immediately for suspected abuse, security risk, legal risk, or non-payment.
  • Either party may terminate for any reason with notice; your obligations for fees due, confidentiality, IP, and limitations survive termination.
  • Upon termination, cease use of the Services and delete the SDK; we may retain minimal records as required by law or for legitimate business purposes (e.g., billing, security).

13. Compliance, Export & Sanctions

  • You represent you are not located in or a resident of any embargoed jurisdiction and are not a denied or restricted party.
  • You will comply with applicable export control and sanctions laws (EU, UK, U.S., and others) and will not use the Services for prohibited end uses.
  • You are responsible for compliance with sector-specific rules applicable to your deployment (e.g., consumer protection, privacy, accessibility).

14. Changes to Services & Terms

We improve Services over time and may modify or discontinue features. We may update these Terms by posting a revised version with an updated “last updated” date. Material changes will be notified via email or in-app where feasible. Continued use after the effective date constitutes acceptance.

15. Governing Law, Venue & Disputes

These Terms are governed by the laws of Spain. The exclusive venue for disputes is the courts of Barcelona, Spain, and the parties consent to personal jurisdiction there, except that either party may seek injunctive relief in any court with jurisdiction. Consumers may have mandatory rights under local law that prevail over the foregoing.

16. Cookie Policy

We use strictly necessary cookies (security, session management) and optional analytics cookies (aggregated usage). Necessary cookies are always on. You can manage analytics preferences via our cookie banner or your browser. Analytics data is aggregated; we avoid storing direct identifiers in analytics.

17. Contact

Questions about these Terms, Privacy, or Security: team@brinpage.com.

Privacy Annex & DPA (Summary)

This Annex summarizes our data practices. A full DPA is available upon request and is incorporated by reference into these Terms when applicable.

A. Data Categories

  • Account Data: name, email, organization, billing details.
  • Service Data: usage metrics (e.g., request counts, model/provider, latency, cost), IP addresses, device/browser metadata.
  • Customer Content: prompts, inputs, files, outputs, and related metadata as necessary to provide the Services.

B. Purposes & Lawful Bases

  • Provide and improve Services (performance of contract / legitimate interests).
  • Billing, fraud prevention, and security (legal obligations / legitimate interests).
  • Support communications and incident response (performance of contract / legitimate interests).
  • Marketing with consent where required (consent / legitimate interests).

C. International Transfers & Subprocessors

We may transfer data internationally and engage Subprocessors (e.g., hosting, analytics, email, payments). We use SCCs or equivalent mechanisms for transfers from the EEA/UK and require Subprocessors to meet appropriate security standards. A current list of Subprocessors is maintained by BrinPage and will be provided upon request.

D. Retention & Deletion

We retain Account and billing records as required by law. Usage logs are retained for a limited period for billing, abuse prevention, and debugging. On termination or upon your request, we will delete or anonymize Personal Data where feasible and not legally required to retain it.

E. Data Subject Rights

You (or your end users, via you) may exercise rights of access, rectification, erasure, restriction, portability, and objection by contacting team@brinpage.com. Where we act as processor, we will assist you in responding to requests.

If you have any questions about these Terms or related policies, please use our contact form.

Last updated on 02/11/2025.