Terms and Conditions
Last updated: 14 June 2026
These Terms and Conditions govern access to and use of the SUNURA website, platform, dashboards, APIs, widgets, integrations, disclosure workflows, evidence records, public verification pages, export tools, trials, subscriptions, documentation, and related services.
SUNURA provides operational software for AI transparency workflows, disclosure management, deployment support, proof capture, evidence records, public verification pages, export packages, API automation, agency workspaces, and related compliance-operation features.
SUNURA is not a law firm. SUNURA does not provide legal advice, regulatory advice, legal representation, certification services, conformity assessment, or a guarantee that any customer is compliant with the EU AI Act, GDPR, ePrivacy law, consumer-protection law, advertising law, intellectual-property law, platform rules, sector-specific regulation, or any other applicable law.
By creating an account, accessing the Services, starting a trial, placing an order, accepting an order form, using the website, using the APIs, installing a SUNURA widget, or otherwise using the Services, you agree to these Terms on behalf of yourself and, where applicable, the organization you represent.
If you use the Services on behalf of an organization, you represent that you have authority to bind that organization to these Terms.
1. Definitions
Agreement means these Terms, the applicable order form, checkout page, plan description, Data Processing Addendum, Acceptable Use Policy, Privacy Notice, and any document expressly incorporated by reference.
Customer means the person or organization that creates an account, starts a trial, subscribes to a plan, signs an order form, or otherwise uses the Services.
Customer Data means data, content, records, configurations, files, screenshots, DOM captures, notices, URLs, metadata, exports, API payloads, and other information submitted to, generated through, or configured in the Services by or on behalf of the Customer.
Services means the SUNURA website, platform, dashboards, APIs, widgets, integrations, disclosure workflows, evidence records, public verification pages, export tools, trials, subscriptions, support, documentation, and related services.
SUNURA means SUNURA, trading under the SUNURA name, or the registered operating entity identified in the applicable order form, invoice, checkout page, or updated public terms.
2. Business use only
The Services are intended for business, professional, organizational, developer, agency, and compliance-operation use.
The Services are not intended for personal, household, or consumer use. A person using the Services on behalf of a business, employer, agency, client, or organization confirms that the Services are being used for business or professional purposes.
3. Nature of the Services
SUNURA helps customers operationalize AI transparency workflows and document operational evidence that certain notices, configurations, deployments, or actions occurred.
The Services may include Article 50 workflow tools, disclosure planning, disclosure notice generation, deployment support, proof capture, evidence records, public verification pages, export packages, API automation, agency workspaces, dashboard controls, and related documentation.
SUNURA outputs, including classifications, control matrices, suggested disclosure text, workflow labels, evidence records, public verification pages, reports, exports, and dashboard statuses, are operational aids only.
The Customer remains responsible for legal interpretation, implementation choices, deployment decisions, customer-facing disclosures, legal review, and compliance with applicable law.
4. Account registration and security
The Customer must provide accurate, complete, and current account information and keep that information up to date.
The Customer is responsible for all activity under its account, including activity by administrators, users, contractors, clients, API keys, integrations, and authorized representatives.
The Customer must protect login credentials, API keys, tokens, and administrative access.
The Customer must promptly notify SUNURA of any suspected unauthorized access, credential compromise, API-key exposure, security incident, or misuse involving the Customer’s account.
SUNURA may require additional verification, security steps, or account restrictions where reasonably necessary to protect the Services.
5. Customer workspaces, users, and agency use
The Services may allow Customers to create workspaces, client workspaces, user roles, API configurations, disclosure records, evidence archives, exports, and public verification pages.
If the Customer uses the Services for third-party clients, including as an agency, consultant, reseller, system integrator, developer, or managed-service provider, the Customer is responsible for:
- obtaining all necessary authority from those clients;
- ensuring that use of the Services is lawful;
- providing appropriate notices and contractual terms to those clients;
- ensuring that client data is configured and accessed only by authorized persons;
- ensuring that public verification pages and exports do not expose confidential or personal data unlawfully;
- not misrepresenting SUNURA outputs as legal advice, legal certification, regulatory approval, or a legal opinion.
- Agency, white-label, reseller, managed-service, and client-workspace features may be subject to plan limits or additional written terms.
6. Plans, trials, subscriptions, and orders
Access to the Services may be provided through free tools, trials, paid subscriptions, order forms, custom agreements, or other commercial arrangements.
Plan limits may include limits on websites, applications, AI use cases, workspaces, users, proof captures, evidence records, exports, API calls, client workspaces, storage, integrations, support, or other usage metrics.
SUNURA may enforce plan limits technically, require upgrades, restrict excessive use, suspend abusive use, or bill agreed overages.
Trials and free tools are provided for evaluation purposes and may be limited, modified, or discontinued. Trial outputs should not be relied on for production use unless SUNURA expressly states otherwise in writing.
Enterprise features, including dedicated hosting, SSO/SAML, custom DPA, custom SLA, advanced security review, C2PA signing workflows, KMS/HSM integration, dedicated support, and custom integrations, are available only where expressly agreed in an order form or written agreement.
7. Fees and payment
The Customer shall pay all fees specified in the applicable plan, checkout page, order form, invoice, or written agreement.
Unless stated otherwise, fees are exclusive of taxes, duties, levies, withholding, bank charges, currency-conversion charges, and similar amounts. The Customer is responsible for all applicable taxes except taxes based on SUNURA’s net income.
Subscription fees are billed in advance unless otherwise stated. Usage-based fees, overages, and add-ons may be billed in arrears or as otherwise specified.
The Customer authorizes SUNURA and its payment processor to charge the selected payment method for fees, renewals, upgrades, add-ons, taxes, and other amounts due.
If payment is overdue, SUNURA may notify the Customer, restrict access, suspend Services, downgrade features, withhold exports, or terminate the account, subject to applicable law and the Agreement.
Fees are non-refundable except where required by law or expressly stated in the applicable plan, checkout page, order form, or written agreement.
8. Cancellation, downgrades, and renewal
Subscriptions renew automatically for the applicable billing period unless cancelled before renewal.
The Customer may cancel or downgrade through the dashboard or by contacting support where dashboard cancellation is unavailable.
Cancellation or downgrade may result in loss of access to paid features, plan limits, workspaces, evidence records, exports, verification pages, API access, support, or integrations.
The Customer is responsible for exporting Customer Data before cancellation, downgrade, or termination where continued access is required.
Cancellation does not relieve the Customer from paying fees already incurred, unless otherwise required by law or expressly agreed in writing.
9. Customer Data
The Customer retains all rights in Customer Data.
The Customer grants SUNURA a non-exclusive, worldwide, limited license to host, process, transmit, display, reproduce, modify, and use Customer Data only as necessary to provide, secure, maintain, support, improve, and operate the Services; comply with law; prevent misuse; and exercise SUNURA’s rights under the Agreement.
The Customer is solely responsible for Customer Data, including its accuracy, legality, reliability, quality, appropriateness, and suitability for use in disclosure workflows, evidence records, public verification pages, and exports.
The Customer must not submit Customer Data that it has no right to submit or that would cause SUNURA or the Customer to violate applicable law.
The Customer is responsible for reviewing all disclosure notices, evidence records, public verification pages, exports, APIs, and deployment configurations before relying on or sharing them.
10. Personal data and data processing
SUNURA’s processing of personal data for its own purposes is described in the Privacy Notice.
Where SUNURA processes Customer Personal Data as processor on behalf of the Customer, the SUNURA Data Processing Addendum applies.
The Customer is responsible for determining whether it is a controller, processor, joint controller, provider, deployer, agency, reseller, employer, publisher, platform operator, or other regulated actor in connection with the Customer’s use of the Services.
The Customer shall not intentionally submit special categories of personal data, criminal-offence data, children’s data, biometric templates, health data, government identifiers, payment-card numbers, passwords, secrets, or other highly sensitive data to the Services unless expressly agreed in writing and supported by appropriate safeguards.
11. Evidence records and public verification pages
The Services may create evidence records containing timestamps, disclosure text, notice versions, URLs, metadata, screenshots, DOM snapshots, hashes, public verification identifiers, export logs, API events, and other proof-related information.
Evidence records document operational events. They do not certify legal compliance, validate legal sufficiency, prove regulatory approval, replace legal review, or guarantee acceptance by a regulator, court, auditor, customer, platform, or third party.
Public verification pages may be visible to third parties if enabled, shared, indexed, linked, or otherwise made accessible by the Customer.
The Customer is responsible for configuring public verification pages appropriately and ensuring that they do not disclose confidential, personal, unlawful, misleading, or excessive information.
SUNURA may remove, restrict, disable, or suspend public verification pages that appear to be unlawful, misleading, abusive, insecure, or in breach of the Agreement.
12. AI Act and compliance boundaries
SUNURA may provide Article 50 control matrices, classifications, templates, notices, prompts, reports, recommendations, workflow labels, and evidence workflows.
Those materials are general operational tools and do not constitute legal advice.
The Customer remains solely responsible for:
- identifying applicable law;
- determining whether the EU AI Act applies;
- determining whether the Customer is a provider, deployer, importer, distributor, product manufacturer, agency, publisher, employer, or other actor;
- determining whether AI interaction, synthetic-content, deepfake, public-interest text, biometric categorization, emotion-recognition, or other transparency obligations apply;
- ensuring that notices are sufficiently prominent, timely, accessible, accurate, and legally appropriate;
- determining whether exceptions apply;
- ensuring that the Customer’s AI systems, content, data practices, websites, applications, and workflows are lawful;
- obtaining legal advice where appropriate.
- The Customer must not market, describe, or use SUNURA outputs as a legal certificate, regulatory approval, conformity assessment, audit opinion, legal opinion, or guarantee of compliance.
13. Acceptable use
The Customer shall not use the Services unlawfully or in violation of the Agreement.
The Customer shall not:
- submit unlawful, infringing, harmful, deceptive, fraudulent, defamatory, discriminatory, abusive, or malicious content;
- mislead regulators, clients, users, consumers, auditors, or the public;
- create false, manipulated, backdated, or misleading evidence records;
- interfere with, disrupt, overload, scan, probe, or attack the Services;
- bypass authentication, authorization, rate limits, billing controls, or technical restrictions;
- reverse engineer the Services except to the extent permitted by mandatory law;
- process highly sensitive personal data without appropriate agreement and safeguards;
- use public verification pages to expose confidential or personal information unlawfully;
- upload malware or malicious code;
- use the Services for surveillance, biometric, emotion-recognition, or synthetic-media workflows in violation of applicable law;
- resell or provide managed services through SUNURA unless permitted by the applicable plan or written agreement.
- Additional acceptable-use rules may be set out in SUNURA’s Acceptable Use Policy.
14. Security
SUNURA shall implement reasonable technical and organizational measures designed to protect the Services and Customer Data.
The Customer is responsible for secure configuration, password hygiene, API-key management, user permissions, client access, lawful proof-capture settings, and review of exports and public verification pages.
SUNURA may suspend access where it reasonably believes that the Customer’s account, API key, integration, configuration, public verification page, or activity threatens the security, integrity, availability, reputation, or legal compliance of the Services.
15. Third-party services and integrations
The Services may interoperate with third-party platforms, payment processors, hosting providers, email services, analytics tools, content-management systems, AI systems, customer websites, APIs, or other services.
SUNURA is not responsible for third-party services, third-party content, third-party outages, third-party legal compliance, or the Customer’s configuration of third-party services.
The Customer’s use of third-party services may be subject to separate terms, privacy notices, data processing terms, fees, and security obligations.
16. Beta, preview, and experimental features
SUNURA may offer beta, preview, experimental, trial, or early-access features.
Those features may be incomplete, unstable, changed, suspended, or discontinued at any time.
Beta, preview, experimental, trial, or early-access features are provided as-is and should not be used for production reliance unless SUNURA expressly states otherwise in writing.
17. Intellectual property
SUNURA and its licensors retain all rights, title, and interest in and to the Services, software, platform, website, APIs, documentation, templates, designs, workflows, know-how, trademarks, and other intellectual property.
The Customer may use the Services only as permitted by the Agreement and the applicable plan.
The Customer may provide feedback, suggestions, or ideas. SUNURA may use that feedback without restriction or obligation, provided that SUNURA does not disclose the Customer’s confidential information.
The Customer shall not copy, modify, distribute, sell, lease, sublicense, or create derivative works from the Services except as expressly permitted by the Agreement.
18. Confidentiality
Each party may receive non-public information from the other party that is marked confidential or should reasonably be understood to be confidential.
The receiving party shall use confidential information only to perform obligations or exercise rights under the Agreement and shall protect it using reasonable care.
Confidentiality obligations do not apply to information that is publicly available without breach, already known without confidentiality obligation, independently developed, lawfully received from a third party, or required to be disclosed by law.
Where disclosure is required by law, the receiving party shall, where legally permitted, provide reasonable notice and cooperate in limiting disclosure.
Except as required by law or pursuant to prior written consent, each party agrees to keep confidential and not disclose any confidential information or document of the other party, or information that the other party has categorized as confidential. Each party shall take all reasonable steps to ensure its employees, contractors, agents, and advisers comply with this clause. This clause shall survive termination of the Agreement.
19. Publicity
SUNURA shall not use the Customer’s name, logo, or trademarks in public marketing without the Customer’s prior consent, unless permitted in an order form or written agreement.
The Customer shall not use SUNURA’s name, logo, or trademarks in a manner that implies endorsement, certification, partnership, legal approval, or regulatory approval without SUNURA’s prior written consent.
20. Suspension and termination
SUNURA may suspend or terminate access if:
- the Customer breaches the Agreement;
- fees are overdue;
- the Customer’s use creates security, legal, operational, reputational, or service-stability risk;
- the Customer uses the Services unlawfully or abusively;
- suspension is required by law, court order, regulator, or third-party platform;
- continued provision of the Services becomes commercially or technically impracticable.
- Where reasonably practicable and legally permitted, SUNURA will provide notice before suspension or termination.
- Upon termination, the Customer must stop using the Services and pay all outstanding fees.
Sections intended to survive termination shall survive, including provisions relating to fees, Customer Data, personal data, AI Act and compliance boundaries, acceptable use, intellectual property, confidentiality, disclaimers, liability, indemnity, governing law, and dispute resolution.
21. Data export and deletion
During the active subscription, the Customer may export Customer Data using available export tools, subject to plan limits and technical availability.
After termination, SUNURA may retain Customer Data for a limited period to permit export, comply with law, resolve disputes, enforce agreements, prevent fraud, maintain security, or complete backup-deletion cycles.
SUNURA may delete Customer Data after termination according to its retention practices, unless otherwise required by law or agreed in writing.
The Customer is responsible for exporting Customer Data before termination, cancellation, downgrade, or expiry where continued access is required.
22. Disclaimers
The Services are provided on an as-is and as-available basis to the maximum extent permitted by law.
SUNURA disclaims all warranties, whether express, implied, statutory, or otherwise, including warranties of merchantability, fitness for a particular purpose, non-infringement, accuracy, availability, uninterrupted operation, error-free operation, legal compliance, regulatory acceptance, or suitability for the Customer’s specific use case.
SUNURA does not warrant that:
- the Services will make the Customer compliant with any law;
- any disclosure notice will be legally sufficient;
- any evidence record will be accepted by a regulator, court, auditor, client, platform, or third party;
- any classification, dashboard status, recommendation, or template is legally correct;
- any AI Act, GDPR, ePrivacy, consumer-law, advertising-law, or other legal analysis is complete or up to date;
- the Services will be uninterrupted, secure, or error-free.
- Nothing in these Terms limits rights that cannot be excluded under mandatory law.
23. Limitation of liability
To the maximum extent permitted by law, SUNURA shall not be liable for indirect, incidental, special, consequential, exemplary, punitive, or similar damages, including loss of profits, revenue, goodwill, anticipated savings, business opportunity, data, reputation, regulatory standing, or loss arising from the Customer’s legal interpretation, deployment decisions, public verification pages, exports, disclosure notices, AI systems, or third-party services.
To the maximum extent permitted by law, SUNURA’s aggregate liability arising out of or relating to the Services, Agreement, or these Terms shall not exceed the fees paid by the Customer to
SUNURA for the affected Services during the twelve months preceding the event giving rise to the claim.
The limitations in this section do not apply to liability that cannot be limited under applicable law, including liability for fraud, intentional misconduct, deliberate recklessness, or other liability that may not be excluded or limited by law.
24. Indemnity
The Customer shall indemnify and hold harmless SUNURA, its affiliates, officers, directors, employees, contractors, and representatives from and against third-party claims, damages, liabilities, costs, and expenses arising out of or relating to Customer Data, the Customer's use of the Services, the Customer's AI systems, content, websites, applications, products, services, or clients, the Customer's disclosure notices, public verification pages, evidence records, or evidence exports, the Customer's legal interpretations or compliance decisions, the Customer's breach of the Agreement, the Customer's violation of applicable law, or the Customer's misuse of SUNURA outputs as legal advice, legal certification, regulatory approval, conformity assessment, or legal opinion.
SUNURA shall promptly notify the Customer of indemnified claims and reasonably cooperate with the Customer, at the Customer's expense, in the defense of those claims. SUNURA may participate in the defense of any claim with counsel of its own choosing.
25. Changes to the Services and Terms
SUNURA may modify, improve, suspend, or discontinue features from time to time. SUNURA may update these Terms. Material changes shall be notified through the website, dashboard, email, or other reasonable means. Unless a shorter period is required for legal, security, or operational reasons, material changes will take effect no earlier than the effective date stated in the notice. Continued use of the Services after changes become effective constitutes acceptance of the updated Terms.
26. Force majeure
Neither party shall be liable for delay or failure to perform due to events beyond its reasonable control, including natural disasters, war, terrorism, civil unrest, labour disputes, internet or hosting failures, power outages, third-party service failures, government actions, legal restrictions, cyberattacks, or other events beyond reasonable control, provided that the affected party takes reasonable steps to mitigate the impact.
27. Assignment
The Customer may not assign or transfer the Agreement without SUNURA's prior written consent, except to a successor in connection with a merger, acquisition, corporate reorganisation, or sale of substantially all assets, provided that the successor assumes the Customer's obligations. SUNURA may assign the Agreement to an affiliate or successor in connection with a merger, acquisition, reorganisation, financing, sale of assets, or transfer of the SUNURA business.
28. Notices
SUNURA may provide notices by email, dashboard message, website notice, invoice, order-form communication, or other reasonable means. The Customer shall keep contact details current. Legal notices to SUNURA must be sent to SUNURA Legal at [email protected].
29. Governing law and jurisdiction
These Terms and the Agreement are governed, construed, and enforced in accordance with the laws of the Netherlands and applicable European Union laws, rules, and regulations. The courts of the Netherlands have exclusive jurisdiction over disputes arising out of or relating to these Terms, the Agreement, or the Services, unless mandatory law provides otherwise.
30. Dispute Resolution and Venue of Action
The Parties shall use their best efforts to amicably resolve and settle in good faith any dispute arising out of or relating to this Agreement through negotiations. If an amicable settlement cannot be reached within sixty (60) days from the date on which either Party has served written notice of the dispute on the other Party, the Parties agree to settle the matter with finality by submitting it to arbitration in accordance with applicable Dutch and European Union rules and regulations.
The arbitration proceedings, including all records, documents, pleadings, orders, and judgments filed or rendered in connection with them, shall be kept confidential and shall be conducted in the Dutch language. Nothing in this Agreement prevents either Party from applying to a Dutch court of competent jurisdiction for provisional or interim measures, including injunctive relief, where necessary to safeguard rights or property that are the subject of the dispute. The seat and venue of arbitration and court proceedings shall be The Hague, the Netherlands, to the exclusion of other venues.
31. Entire agreement
These Terms, the applicable order form, DPA, Privacy Notice, Acceptable Use Policy, plan description, and any documents incorporated by reference constitute the entire agreement between the Parties concerning the Services and supersede all prior or contemporaneous understandings, communications, agreements, or contracts, whether oral or written, between the Parties relating to the same subject matter.
If there is a conflict between these Terms and an order form signed by both Parties, the signed order form controls for that specific order. If there is a conflict between these Terms and the DPA regarding the processing of Customer Personal Data, the DPA controls for that processing.
32. Severability
If any provision of these Terms or any Annex is held invalid, unenforceable, or contrary to law, the remaining provisions remain valid, binding, and in full force. The invalid or unenforceable provision shall be replaced or amended, to the extent legally permitted, by a valid and enforceable provision that most closely reflects the subject, objective, and original intent of the provision.
33. No waiver
A failure, omission, or delay by either Party in exercising or enforcing any right, privilege, remedy, or provision under the Agreement does not constitute a waiver of that right, privilege, remedy, or provision. No waiver or departure from the terms of the Agreement shall be valid unless made in writing and signed by the authorised representative of the Party granting the waiver. Any waiver is effective only in the specific instance and for the specific purpose for which it is given.
34. Contact
Questions about these Terms should be sent to SUNURA Legal at [email protected].