Software License Agreement

SaaS — Software License Agreement
Version 2026-03-26

This Software License Agreement (“Agreement”) is entered into between DEW Diligence, LLC (“Licensor,” “we,” “us,” or “our”) and the individual or legal entity accepting this Agreement (“Customer,” “you,” or “your”). By clicking “Accept,” accessing the Service, or completing registration, you agree to be bound by this Agreement. If you are accepting on behalf of a company or other legal entity, you represent that you have the authority to bind that entity.

1. Definitions

“Service” means the Software-as-a-Service platform, including all modules, APIs, AI-Assistant and agent workflow features, documentation, and updates made available by Licensor under this Agreement.

“Customer Data” means all data, content, and materials Customer submits to or generates through the Service, including AI system profiles, risk registers, evidence packs, governance records, and incident documentation.

“Authorized Users”means Customer’s employees, contractors, and agents who are assigned user accounts under Customer’s subscription up to the applicable seat cap.

“Subscription Tier” means one of: JOURNEY, PRO, BUSINESS, or ENTERPRISE, each with distinct feature access, seat limits, and operating scope as described at nythora.ai/pricing.

2. Grant of License

Subject to the terms of this Agreement and timely payment of applicable fees, Licensor grants Customer a limited, non-exclusive, non-transferable, non-sublicensable right during the subscription term to access and use the Service solely for Customer’s internal AI governance operations. This license does not include any right to resell, redistribute, or provide the Service to third parties.

3. Permitted Use

Customer may:

• Access the Service via Authorized User accounts up to the purchased seat cap;
• Use outputs (reports, registers, evidence packs, audit records) for internal compliance, governance, and audit purposes;
• Integrate with the Service via documented public APIs for Customer’s internal tooling;
• Export Customer Data for Customer’s own records and regulatory submissions.

4. Restrictions

Customer may not:

• Sublicense, resell, rent, or provide the Service as a managed service or bureau service to third parties;
• Reverse engineer, decompile, disassemble, or otherwise attempt to derive source code, model weights, system prompts, embedding structures, or proprietary data architectures from the Service;
• Use Customer Data, Service outputs, or model interactions to train, fine-tune, or benchmark any competing AI system or product;
• Circumvent, disable, or interfere with authentication controls, authorization boundaries, session management, or security monitoring;
• Remove, obscure, or alter any proprietary notices, watermarks, or attributions within the Service;
• Use the Service in any manner that violates the Acceptable Use Policy or applicable law.

5. Subscription Tiers and Access

Access scope is determined by the Customer’s active Subscription Tier. The JOURNEY tier provides sandbox-only access for guided learning and does not permit writes to the operational governance workspace. PRO, BUSINESS, and ENTERPRISE tiers provide live workspace access with progressively expanded collaboration, integration, and support capabilities. Feature access is enforced server-side. Licensor may modify tier features with thirty (30) days’ notice; material reductions to paid tier features may entitle Customer to a pro-rated credit.

Tier downgrades elected by Customer take effect at the end of the current billing period. Licensor may downgrade or suspend tiers for non-payment or material breach per Section 12.

6. Data Ownership and Processing

Customer retains all ownership of Customer Data. Licensor claims no ownership over Customer’s governance records, risk registers, AI system profiles, evidence packs, incident records, or other Customer Data. Customer grants Licensor a limited, non-exclusive right to access, process, store, and transmit Customer Data solely to provide, maintain, and improve the Service and as otherwise described in the Privacy Policy.

Licensor will process Customer Data in accordance with the Privacy Policy incorporated herein. Licensor will not sell Customer Data or use it to train general-purpose models without Customer’s explicit consent. Licensor will maintain appropriate technical and organizational safeguards for Customer Data consistent with the security obligations in Section 9.

7. Confidentiality

Each party (“Receiving Party”) agrees to protect the other party’s (“Disclosing Party”) Confidential Information with at least the same degree of care it uses for its own Confidential Information, and in no event less than reasonable care. “Confidential Information” means any non-public information disclosed by one party to the other that is designated as confidential or that reasonably should be understood to be confidential given the nature of the information and circumstances of disclosure.

Confidential Information does not include information that: (i) is or becomes publicly available through no fault of the Receiving Party; (ii) was known to the Receiving Party before disclosure without restriction; (iii) is independently developed by the Receiving Party without use of the Disclosing Party’s Confidential Information; or (iv) is disclosed pursuant to a legal requirement, provided the Receiving Party gives the Disclosing Party prompt written notice and cooperates to limit the disclosure.

Licensor’s Confidential Information includes: the Service architecture, internal system prompts, model configurations, pricing structures, roadmap, and security design. Customer’s Confidential Information includes Customer Data.

8. Intellectual Property

Licensor retains all right, title, and interest in and to the Service, including all underlying software, models, interfaces, workflows, documentation, trademarks, and any improvements or derivatives thereof. No rights are granted to Customer except as expressly set forth in this Agreement. Customer acknowledges that the Service is licensed, not sold.

Customer grants Licensor a limited license to use Customer Data as described in Section 6. Licensor may use aggregated, anonymized, de-identified insights derived from usage patterns to improve the Service; such data will not identify Customer or its Authorized Users.

9. Security

Licensor maintains a security program consistent with industry standards, including: hardened authentication with passkey options and MFA enforcement; encrypted secrets management; server-enforced access boundaries and server-side session cookies; WAF perimeter controls; and TLS encryption for data in transit. Licensor conducts periodic security reviews, tests, and will notify Customer of material security incidents affecting Customer Data without undue delay.

Customer is responsible for: maintaining the confidentiality of Authorized User credentials; configuring appropriate role-based access controls within the Service; and promptly reporting suspected unauthorized access or security incidents to Licensor at [email protected].

10. Acceptable Use

Use of the Service is subject to Licensor’s Acceptable Use Policy, incorporated herein by reference. Licensor may suspend or terminate access immediately for material violations of the Acceptable Use Policy without prior notice. Customer is responsible for ensuring all Authorized Users comply with the Acceptable Use Policy.

11. Fees and Payment

Fees for paid Subscription Tiers are set forth in the applicable order form or subscription confirmation. Fees are due in advance and are non-refundable except as expressly set forth herein or required by applicable law. Licensor may update pricing for renewal terms with thirty (30) days’ prior notice. Unpaid invoices more than fifteen (15) days past due may result in service suspension.

12. Term and Termination

This Agreement commences on the date Customer first accepts it and continues for the subscription term. It automatically renews for successive periods of equal length unless either party provides written notice of non-renewal at least thirty (30) days before the end of the then-current term.

Either party may terminate this Agreement for material breach with thirty (30) days’ written notice if the breach is not cured within that period. Licensor may suspend or terminate immediately for: (i) non-payment; (ii) material Acceptable Use Policy violations; (iii) conduct that poses a security or legal risk to Licensor or other customers.

Upon termination, Customer’s license to access the Service ceases. Customer may export Customer Data for thirty (30) days following the termination date, after which Licensor may delete Customer Data in accordance with its data retention policies. Sections 6, 7, 8, 13, 14, and 15 survive termination.

13. Disclaimer of Warranties

THE SERVICE IS PROVIDED “AS IS” AND “AS AVAILABLE.” LICENSOR DISCLAIMS ALL WARRANTIES, EXPRESS, IMPLIED, OR STATUTORY, INCLUDING WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE, AND NON-INFRINGEMENT. LICENSOR DOES NOT WARRANT THAT THE SERVICE WILL BE UNINTERRUPTED, ERROR-FREE, OR FREE OF HARMFUL COMPONENTS. LICENSOR DOES NOT WARRANT THAT THE SERVICE CONSTITUTES LEGAL ADVICE OR ENSURES REGULATORY COMPLIANCE.

14. Limitation of Liability

IN NO EVENT WILL LICENSOR BE LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, CONSEQUENTIAL, OR PUNITIVE DAMAGES, INCLUDING LOST PROFITS, LOSS OF DATA, BUSINESS INTERRUPTION, OR COST OF SUBSTITUTE SERVICES, ARISING OUT OF OR IN CONNECTION WITH THIS AGREEMENT, WHETHER BASED ON CONTRACT, TORT, STRICT LIABILITY, OR OTHERWISE, EVEN IF LICENSOR HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

LICENSOR’S AGGREGATE LIABILITY ARISING OUT OF OR RELATED TO THIS AGREEMENT WILL NOT EXCEED THE TOTAL FEES PAID BY CUSTOMER TO LICENSOR IN THE TWELVE (12) MONTHS PRECEDING THE EVENT GIVING RISE TO THE CLAIM.

SOME JURISDICTIONS DO NOT ALLOW THE EXCLUSION OR LIMITATION OF CERTAIN DAMAGES. IN SUCH JURISDICTIONS, LICENSOR’S LIABILITY IS LIMITED TO THE FULLEST EXTENT PERMITTED BY APPLICABLE LAW.

15. Governing Law and Dispute Resolution

This Agreement is governed by the laws of the State of Pennsylvania, United States, without regard to its conflict of law principles. Any dispute arising out of or relating to this Agreement that cannot be resolved informally within thirty (30) days of written notice shall be submitted to binding arbitration administered by JAMS under its Streamlined Arbitration Rules and Procedures, with proceedings conducted in Pennsylvania. Judgment on the arbitration award may be entered in any court of competent jurisdiction. Either party may seek injunctive relief in any court of competent jurisdiction for actual or threatened breach of confidentiality obligations or intellectual property rights.

16. General Provisions

Entire Agreement.This Agreement, together with the Terms of Service, Privacy Policy, and Acceptable Use Policy (collectively, the “Legal Bundle”), constitutes the entire agreement between the parties regarding the Service and supersedes all prior and contemporaneous agreements, understandings, negotiations, and representations.

Amendments.Licensor may amend the Legal Bundle by providing thirty (30) days’ prior written notice. Customer’s continued use of the Service after the effective date constitutes acceptance. Customer will be required to re-acknowledge when the bundle version changes.

Severability. If any provision of this Agreement is held to be invalid or unenforceable, the remaining provisions will continue in full force and effect.

Waiver. Failure to enforce any provision of this Agreement will not constitute a waiver of that provision.

Assignment.Customer may not assign this Agreement without Licensor’s prior written consent. Licensor may assign this Agreement in connection with a merger, acquisition, or sale of substantially all assets without Customer’s consent.

Force Majeure.Neither party will be liable for delays or failures in performance caused by circumstances beyond that party’s reasonable control.

Contact. Questions about this Agreement may be directed to [email protected].