Locktera.com
Locktera.com

LOCKTERA CORE API TERMS OF SERVICE

Last Updated: March 8, 2026

PLEASE READ THESE TERMS OF SERVICE CAREFULLY. THESE TERMS OF SERVICE CONSTITUTE A LEGALLY BINDING AGREEMENT BETWEEN YOU AND LOCKTERA, INC. GOVERNING YOUR ACCESS TO AND USE OF THE SERVICES.

BY ACCESSING OR USING THE SERVICES, CREATING AN ACCOUNT, USING AN API KEY, OR OTHERWISE ACCESSING OR USING ANY PART OF THE SERVICES, YOU AGREE TO BE LEGALLY BOUND BY THIS AGREEMENT. IF YOU DO NOT AGREE TO THESE TERMS, YOU MAY NOT ACCESS OR USE THE SERVICES.

IF YOU ARE ENTERING INTO THIS AGREEMENT ON BEHALF OF A COMPANY, ORGANIZATION, OR OTHER LEGAL ENTITY, YOU REPRESENT AND WARRANT THAT YOU HAVE FULL LEGAL AUTHORITY TO BIND SUCH ENTITY TO THIS AGREEMENT. IN SUCH CASE, “CUSTOMER,” “YOU,” AND “YOUR” SHALL REFER TO SUCH ENTITY.

These Terms of Service (this “Agreement”) are entered into between Locktera, Inc., a Texas corporation with its principal place of business in Dallas, Texas, USA (“Locktera,” “Company,” “we,” “us,” or “our”), and the individual or legal entity accessing or using the Services (“Customer,” “you,” or “your”).

This Agreement is effective as of the earliest date on which Customer:

(a) accepts this Agreement;
(b) creates an account;
(c) accesses or uses the Services; or
(d) uses an API key or other authentication credential issued by Locktera
(the “Effective Date”).

This Agreement governs Customer’s access to and use of Locktera’s application programming interfaces, cryptographic container services, encryption services, software development kits, and related hosted services, including all updates, enhancements, and associated infrastructure (collectively, the “Services”).

Customer’s use of the Services is subject to:

(a) this Agreement;

(b) the Locktera Acceptable Use Policy;

(c) the Locktera Privacy Policy;

(d) where applicable, the Locktera Data Processing Addendum;

(e) any applicable Order Form or Subscription Agreement governing Fees and commercial terms; and

(f) where Customer embeds or distributes the Services within Customer applications, an executed OEM / Embedded Use Addendum.

Each of the foregoing is incorporated herein by reference, as applicable.

1. DEFINITIONS

For purposes of this Agreement, the following capitalized terms shall have the meanings set forth below:

“Account” means the account registered by Customer or on Customer’s behalf to access and use the Services.

“Affiliate” means any entity that directly or indirectly controls, is controlled by, or is under common control with a party, where “control” means ownership of more than fifty percent (50%) of the voting interests of such entity.

“Agreement” means these Locktera CORE API Terms of Service, together with any applicable Order Form or Subscription Agreement, OEM / Embedded Use Addendum, Data Processing Addendum, and incorporated policies, each as applicable to Customer’s use of the Services.

“API” means Locktera’s application programming interface made available as part of the Services.

“API Key” means credentials, tokens, certificates, or other authentication mechanisms issued by Locktera used to authenticate and authorize access to the Services.

“Acceptable Use Policy” or “AUP” means the Locktera Acceptable Use Policy, as updated from time to time and available at https://locktera.com/legal/locktera-acceptable-use-policy.

“Confidential Information” means any non-public information disclosed by one party (“Disclosing Party”) to the other party (“Receiving Party”) that is designated as confidential or that reasonably should be understood to be confidential given the nature of the information and the circumstances of disclosure, including without limitation:

  • technical information,
  • source code,
  • APIs and SDK internals,
  • cryptographic architecture and security designs,
  • audit reports,
  • pricing and commercial terms,
  • product roadmaps,
  • business plans,
  • and any non-public Customer Data.

Confidential Information does not include information that the Receiving Party can demonstrate:

(a) is or becomes publicly available without breach;
(b) was lawfully known prior to disclosure;
(c) is independently developed without use of Confidential Information; or
(d) is lawfully received from a third party without restriction.

“Container” means a cryptographically secured file or data structure generated using the Services that encapsulates Customer Data and enforces access control through encryption, authorization validation, and policy-bound cryptographic enforcement mechanisms, such that the encapsulated data cannot be accessed, decrypted, or used without proper authorization.

“Customer Data” means any data, files, content, software, metadata, information, or materials that Customer or its End Users submit to, encrypt using, transmit through, store using, or otherwise process via the Services, including any data contained within cryptographic containers generated using the Services.

Customer Data does not include:

(a) Locktera Confidential Information;
(b) Locktera system metadata; or
(c) anonymized or aggregated operational data that does not identify Customer or Customer Data.

“Documentation” means Locktera’s technical, operational, and user documentation describing the Services, as updated from time to time.

“Effective Date” means the date on which Customer first accepts this Agreement, creates an Account, accesses or uses the Services, or uses an API Key.

“End User” means any individual or entity authorized by Customer to access or use Customer applications, Customer Data, or the Services.

“Fees” means any charges, subscription fees, usage fees, or other amounts payable by Customer for access to or use of the Services.

“Force Majeure Event” means an event beyond a party’s reasonable control, including events defined in Section 15.

“OEM / Embedded Use Addendum” means a written addendum executed by the parties that authorizes Customer to embed and distribute the Services within Customer applications.

“Order Form” means any written or electronic ordering document, statement of work, online subscription form, marketplace order, or other ordering instrument executed or accepted by the parties that references this Agreement and specifies:

(a) the Services purchased;
(b) subscription scope, usage limits, API call metrics, or capacity;
(c) pricing and payment terms; and
(d) the applicable subscription term.

Each Order Form is incorporated into and governed by this Agreement.

“Personal Data” means any information relating to an identified or identifiable natural person, as defined under applicable Data Protection Laws.

“Security Incident” means any confirmed unauthorized access to or acquisition of Customer Data processed by Locktera that materially compromises the security, confidentiality, or integrity of such Customer Data.

“Services” means the Locktera CORE API platform and related developer services provided by Locktera, including associated APIs, SDKs, cryptographic container technologies, encryption systems, access control enforcement mechanisms, authorization systems, audit logging systems, integrations, and supporting infrastructure, whether delivered as hosted (SaaS), customer-managed storage (BYOS), hybrid, or on-premises deployments.

The Services provide cryptographic container protection, policy-bound encryption enforcement, and authorization-controlled access mechanisms designed to protect Customer Data independently of storage systems, infrastructure, or transmission environments

“Subprocessor” means any third party engaged by Locktera to process Customer Data in connection with providing the Services.

“Subscription Agreement” means a written agreement executed by the parties that governs Customer’s subscription to the Services, including applicable Fees, subscription term, and related commercial terms.

2. SERVICES

2.1 Provision of Services

Locktera shall provide the Services in accordance with this Agreement and applicable Documentation. Locktera shall use commercially reasonable efforts to maintain the availability, integrity, and security of the Services.

Customer acknowledges that the Services are provided over internet and cloud-based infrastructure and are subject to limitations, delays, and other problems inherent in such systems. Except as expressly provided in a separate Service Level Agreement, Locktera does not guarantee uninterrupted availability of the Services.

Locktera may modify, update, enhance, or discontinue the Services at any time in accordance with Section 2.4 (Infrastructure and Service Modification Rights).

2.2 License Grant

Subject to Customer’s compliance with this Agreement and payment of all applicable Fees, Locktera grants Customer a limited, non-exclusive, non-transferable (except as permitted herein), non-sublicensable (except as expressly authorized in an OEM / Embedded Use Addendum), revocable license during the Term to:

(a) access and use the Services;

(b) integrate the API into Customer’s proprietary applications;

(c) use Locktera SDKs, libraries, and Documentation solely in connection with Customer’s authorized use of the Services;

(d) enable End Users to access the functionality of the Services solely through Customer applications in accordance with an applicable OEM / Embedded Use Addendum.

Except as expressly permitted under an OEM / Embedded Use Addendum, Customer shall not distribute, resell, sublicense, or commercially exploit the Services.

All rights not expressly granted are reserved by Locktera.

The license granted under this Section terminates immediately upon suspension or termination of this Agreement.

Customer shall not, and shall not permit any third party to:

(i) reverse engineer, decompile, disassemble, or otherwise attempt to derive the source code, cryptographic architecture, encryption models, authorization mechanisms, or underlying structure of the Services;

(ii) copy, modify, adapt, translate, or create derivative works of the Services;

(iii) distribute, sell, resell, sublicense, lease, rent, assign, or otherwise provide the Services on a standalone basis or outside the scope expressly permitted under this Agreement or an applicable OEM / Embedded Use Addendum;

(iv) expose the Services as an independent API, encryption service, or developer platform to third parties;

(v) use the Services to build, develop, or operate any product or service that competes with the Services or Locktera’s cryptographic container, encryption, policy enforcement, or authorization technologies;

(vi) circumvent, disable, interfere with, proxy, cache, or otherwise manipulate API call reporting, licensing controls, authentication, authorization validation, cryptographic enforcement, or security mechanisms;

(vii) access or use the Services except as expressly permitted under this Agreement.

All rights not expressly granted to Customer are reserved by Locktera and its licensors.

The license granted under this Section shall immediately terminate upon suspension or termination of this Agreement.

2.3 Suspension of Services

Locktera may suspend, restrict, or disable access to all or any portion of the Services, without liability and without prior notice where reasonably practicable, if Locktera determines in good faith that:

(a) Customer or any End User has materially breached this Agreement, including any incorporated Acceptable Use Policy or applicable Documentation;

(b) Customer’s or any End User’s use of the Services violates applicable law or regulation;

(c) Customer’s or any End User’s use of the Services poses a security risk to the Services, Locktera’s systems, other customers, or third parties, including but not limited to attempted circumvention of cryptographic controls, unauthorized access attempts, abnormal traffic patterns, or exploitation of vulnerabilities;

(d) Customer’s or any End User’s use of the Services materially interferes with or degrades the integrity, availability, or performance of the Services or related infrastructure;

(e) Locktera reasonably suspects fraudulent activity, unlawful activity, or misuse of API credentials;

(f) required by law, regulation, court order, governmental authority, telecommunications provider, cloud provider, or infrastructure provider;

(g) Customer has failed to pay undisputed Fees when due and such failure remains uncured after any applicable notice period; or

(h) information provided by Customer in connection with the Account is materially inaccurate, incomplete, or misleading.

(i) suspension is necessary to protect the security, integrity, or availability of the Services or Locktera infrastructure.

Where reasonably practicable and legally permitted, Locktera will provide notice of any suspension and use commercially reasonable efforts to limit the suspension to the affected portion of the Services.

Customer remains responsible for all Fees incurred prior to and during any period of suspension.

Locktera shall have no liability to Customer or any third party for any suspension of the Services in accordance with this Section.

2.4 Infrastructure and Service Modification Rights

Customer acknowledges and agrees that the Services operate on proprietary infrastructure, cryptographic systems, and cloud-based environments that may evolve over time.

Accordingly, Locktera reserves the right, in its sole discretion, to modify, update, enhance, replace, or discontinue any aspect of the Services or underlying infrastructure, including but not limited to:

(a) APIs, SDKs, protocols, or integration interfaces;

(b) encryption algorithms, cryptographic mechanisms, key management systems, or authorization systems;

(c) infrastructure architecture, hosting environments, cloud providers, or deployment configurations;

(d) system configurations, access controls, security controls, or authentication mechanisms;

(e) features, functionality, or operational components of the Services; and Locktera documentation.

Locktera shall use commercially reasonable efforts to avoid material degradation of the core functionality of the Services.

Where commercially practicable and where such changes materially affect Customer integrations, Locktera may provide reasonable advance notice through documentation updates, service notifications, or other communication channels.

Notwithstanding the foregoing, Locktera may implement modifications immediately and without prior notice where necessary to:

(i) maintain or improve security of the Services;

(ii) comply with applicable laws, regulations, or governmental requirements;

(iii) prevent abuse, fraud, or unauthorized access;

(iv) respond to security vulnerabilities or threats; or

(v) maintain operational stability or integrity of the Services.

Customer acknowledges that it is responsible for maintaining compatibility of Customer applications and integrations with the Services.

Locktera shall have no liability arising from modifications made in accordance with this Section, provided such modifications are made in good faith and consistent with this Agreement.

Locktera reserves the right to revoke, disable, or rotate API Keys or authentication credentials at any time where necessary to protect the Services or enforce this Agreement.

2.5 Acceptable Use Policy

Customer shall comply with the Locktera Acceptable Use Policy (“AUP”), which is incorporated by reference and available at https://locktera.com/legal/locktera-acceptable-use-policy.

Customer’s use of the Services must comply with this Agreement, the AUP, applicable Documentation, and all applicable laws and regulations.

A violation of the AUP by Customer or its End Users constitutes a material breach of this Agreement.

Locktera may investigate suspected violations and suspend or terminate access to the Services where Locktera reasonably determines a violation has occurred.

Locktera may update the AUP from time to time. Continued use of the Services following an update constitutes acceptance of the updated AUP.

2.6 Benchmarking Restriction

Customer shall not publicly disclose the results of any performance, benchmarking, or comparative testing of the Services without Locktera’s prior written consent.

2.7 No Implied Licenses

Except for the limited license expressly granted herein, no license or rights are granted by implication, estoppel, or otherwise. Customer acquires no ownership interest in the Services or Locktera intellectual property.

2.8 SDK and Software

Any SDKs, client software, or cryptographic libraries provided by Locktera are licensed, not sold, and may be used solely in connection with the Services. Customer shall not distribute or sublicense such software except as expressly permitted under this Agreement or an applicable OEM / Embedded Use Addendum.

3. CUSTOMER RESPONSIBILITIES

Customer is responsible for all activities conducted under its Account and by its End Users, whether authorized or unauthorized, except to the extent caused by Locktera’s breach of this Agreement.

Customer shall:

  • maintain the confidentiality of API Keys and credentials;
  • promptly notify Locktera of unauthorized access;
  • secure its own systems and environments;
  • ensure End Users comply with this Agreement and the AUP;
  • configure and enforce access policies governing Customer Data;
  • obtain all necessary rights to process Customer Data;
  • maintain compatibility of Customer applications with the Services.

Customer shall not attempt to circumvent or interfere with the security, authorization, metering, or cryptographic enforcement mechanisms of the Services.

3.1 Identity and Authorization Responsibility

Customer is solely responsible for identifying, authenticating, and authorizing End Users who may request access to Customer Data or encrypted Containers through Customer applications or integrations with the Services.

Customer is responsible for implementing and maintaining appropriate identity management and authentication mechanisms within Customer’s systems, applications, or infrastructure, including any integrations with third-party identity providers such as OpenID Connect (OIDC), Identity and Access Management (IAM) systems, Single Sign-On (SSO) systems, or similar authentication frameworks.

Locktera does not operate as an identity provider, authentication service, or user directory and does not independently verify the identity of End Users requesting access to encrypted Containers.

Customer acknowledges that Locktera relies on the identity context, authorization information, and request parameters provided by Customer systems when evaluating container access policies and enforcing cryptographic authorization controls.

Customer is solely responsible for ensuring that any identity attributes, recipient identifiers, authorization context, or user credentials supplied to the Services accurately represent the authenticated user requesting access.

Locktera shall have no liability for unauthorized access resulting from Customer identity management systems, authentication mechanisms, authorization policies, or misidentification of End Users.

4. SECURITY AND CRYPTOGRAPHIC ENFORCEMENT

The Services utilize cryptographic mechanisms designed to enforce access control and authorization policies at the container level. Containers cryptographically enforce access restrictions such that Customer Data cannot be accessed, decrypted, or used without valid authorization credentials.

Customer acknowledges and agrees that:

(a) access to Customer Data is controlled through cryptographic enforcement mechanisms configured by Customer;

(b) Locktera does not control, determine, or manage Customer’s authorization policies, access permissions, or credential distribution;

(c) Customer is solely responsible for configuring and enforcing access policies, authorization controls, and credential management governing Customer Data;

(d) access to Customer Data requires valid authorization credentials provided or authorized by Customer;

(e) Locktera cannot decrypt or access Customer Data absent valid authorization credentials or Customer authorization;

(f) Locktera shall have no liability for unauthorized access resulting from Customer’s credential compromise, misconfiguration, improper authorization policies, or Customer system vulnerabilities.

The Services may include audit logging, authorization enforcement, and security monitoring mechanisms designed to support access control enforcement and security visibility.

Locktera shall implement and maintain commercially reasonable administrative, physical, and technical safeguards designed to protect Customer Data and the integrity of the Services.

Customer acknowledges that no security system is completely secure and Locktera does not guarantee that the Services will be immune from unauthorized access, cyberattacks, or security incidents.

Customer shall be responsible for securing its own systems, credentials, authorization policies, and integrations used in connection with the Services.

5. FEES AND PAYMENT TERMS

Customer agrees to pay all fees, charges, and other amounts applicable to Customer’s access to or use of the Services (“Fees”) in accordance with Locktera’s pricing terms, subscription agreement, Order Form, or applicable ordering documentation.

5.1 API Call-Based Billing

Fees may be based on subscription plans, usage, consumption, storage, API call volume, or other applicable billing metrics as specified in Locktera’s pricing documentation or Order Form.

Where Fees are based on API call volume:

(a) each API request initiated by Customer applications or Embedded Applications constitutes a billable event unless otherwise specified;

(b) Customer shall not interfere with, manipulate, cache, proxy, batch, or otherwise attempt to reduce measurable API call volume in a manner inconsistent with documented usage practices;

(c) Customer shall ensure accurate generation and reporting of API calls.

Locktera’s records of API usage shall be presumed accurate absent manifest error.

5.2 Payment Terms

Unless otherwise specified in writing, all Fees are due and payable within thirty (30) days from invoice date.

All payment obligations are non-cancelable and non-refundable except as required by law or expressly agreed in writing.

5.3 Taxes

Customer is responsible for all applicable taxes, duties, levies, or governmental assessments associated with Customer’s use of the Services, excluding taxes based solely on Locktera’s net income.

5.4 Fee Modifications

Locktera may modify Fees or introduce new Fees upon reasonable prior notice, provided that Fee changes shall not apply retroactively to a prepaid subscription term.

(This protects you but also prevents enterprise pushback.)

5.5 Late Payments

Amounts not paid when due may accrue interest at 1.5% per month or the maximum rate permitted by law, whichever is less.

Customer shall reimburse reasonable collection costs, including attorneys’ fees.

5.6 Suspension for Nonpayment

Locktera may suspend access to the Services for failure to pay Fees when due.

Customer remains responsible for all Fees incurred prior to and during any suspension period.

5.7 Audit Rights

Locktera may audit Customer’s API usage and billing compliance upon reasonable notice no more than once per twelve (12) month period.

If underpayment exceeds five percent (5%) for the audited period, Customer shall promptly pay the deficiency plus reasonable audit costs.

6. OWNERSHIP AND CUSTOMER DATA

6.1 Locktera Ownership

Locktera and its licensors retain all right, title, and interest in and to the Services, including all intellectual property rights therein.

The Services include, without limitation, Locktera’s software, APIs, SDKs, cryptographic container architecture, encryption methods, authorization systems, audit logging systems, security mechanisms, documentation, and all related technology.

Except for the limited rights expressly granted under this Agreement, no rights are granted to Customer.

Locktera retains ownership of all improvements, enhancements, modifications, derivative works, and updates to the Services.

6.2 Customer Ownership of Customer Data

Customer retains all right, title, and interest in and to Customer Data.

Locktera does not claim ownership of Customer Data.

Customer is solely responsible for the legality, accuracy, and authorization of Customer Data.

6.3 License to Process Customer Data

Customer grants Locktera a limited, non-exclusive, worldwide, royalty-free license to process Customer Data solely as necessary to:

(a) provide, operate, and maintain the Services;

(b) enforce security and access controls;

(c) provide audit logging and authorization enforcement;

(d) prevent fraud, abuse, or security threats; and

(e) comply with applicable law.

Locktera shall not use Customer Data to train, fine-tune, validate, or improve any machine learning or artificial intelligence models unless explicitly authorized in writing by Customer.

6.4 Service Metadata and Operational Data

Locktera may collect, use, and retain metadata, operational data, telemetry, and system usage information generated in connection with Customer’s use of the Services for purposes of:

(a) providing and improving the Services;

(b) maintaining security;

(c) monitoring performance; and

(d) operating the Services.

Such data shall not include decrypted Customer Data content.

6.5 Aggregated and Anonymized Data

Locktera may collect, use, and retain aggregated and anonymized data derived from use of the Services for purposes of improving, securing, and operating the Services.

Such data shall not identify Customer or any individual.

6.6 Feedback

If Customer provides feedback, suggestions, or recommendations regarding the Services (“Feedback”), Customer grants Locktera a perpetual, irrevocable, worldwide, royalty-free license to use, modify, and incorporate such Feedback into the Services without restriction.

7. CONFIDENTIALITY

Each party (“Receiving Party”) agrees to maintain the confidentiality of all Confidential Information disclosed by the other party (“Disclosing Party”) and to use such Confidential Information solely for purposes of performing its obligations or exercising its rights under this Agreement.

The Receiving Party shall protect Confidential Information using at least the same degree of care it uses to protect its own confidential information of a similar nature, and in no event less than reasonable care.

The Receiving Party shall not disclose Confidential Information to any third party except to its employees, contractors, Affiliates, or agents who:

(a) have a legitimate need to know such Confidential Information; and
(b) are bound by confidentiality obligations no less protective than those set forth in this Agreement.

The Receiving Party shall not use Confidential Information for any purpose other than as permitted under this Agreement.

Confidential Information includes, without limitation:

  • technical information;
  • software, APIs, and SDKs;
  • cryptographic container architecture and encryption methods;
  • security mechanisms and authorization systems;
  • business and technical documentation; and
  • non-public business, financial, and operational information.

Confidential Information shall not include information that:

(a) is or becomes publicly available without breach of this Agreement;

(b) was lawfully known to the Receiving Party prior to disclosure;

(c) is independently developed by the Receiving Party without use of Confidential Information; or

(d) is required to be disclosed pursuant to applicable law, regulation, or court order, provided that the Receiving Party gives prompt notice to the Disclosing Party, unless legally prohibited from doing so.

The Receiving Party shall promptly notify the Disclosing Party upon becoming aware of any unauthorized use or disclosure of Confidential Information.

Upon termination of this Agreement or upon written request, the Receiving Party shall promptly return or securely destroy all Confidential Information of the Disclosing Party, except where retention is required by law or for legitimate archival purposes.

The obligations set forth in this Section shall survive termination or expiration of this Agreement.

8. WARRANTIES AND DISCLAIMER

8.1 Mutual Authority

Each party represents and warrants that it has the full legal right, power, and authority to enter into this Agreement and to perform its obligations hereunder.

8.2 Disclaimer of Warranties

EXCEPT AS EXPRESSLY PROVIDED IN THIS AGREEMENT, THE SERVICES AND ALL RELATED COMPONENTS ARE PROVIDED “AS IS” AND “AS AVAILABLE.”

TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, LOCKTERA DISCLAIMS ALL WARRANTIES, WHETHER EXPRESS, IMPLIED, STATUTORY, OR OTHERWISE, INCLUDING, WITHOUT LIMITATION:

(a) WARRANTIES OF MERCHANTABILITY;

(b) WARRANTIES OF FITNESS FOR A PARTICULAR PURPOSE;

(c) WARRANTIES OF NON-INFRINGEMENT;

(d) WARRANTIES ARISING FROM COURSE OF DEALING OR USAGE OF TRADE;

(e) WARRANTIES THAT THE SERVICES WILL BE UNINTERRUPTED, ERROR-FREE, OR FREE OF HARMFUL COMPONENTS;

(f) WARRANTIES THAT THE SERVICES WILL MEET CUSTOMER’S REQUIREMENTS OR EXPECTATIONS; AND

(g) WARRANTIES THAT THE SERVICES WILL BE COMPLETELY SECURE OR IMMUNE FROM UNAUTHORIZED ACCESS, CYBERATTACKS, OR SECURITY INCIDENTS.

Customer acknowledges that no system can be guaranteed to be completely secure and that Customer is responsible for implementing appropriate security measures within its own systems and environments.

Locktera shall not be responsible for:

(i) failures or disruptions caused by third-party services, infrastructure providers, telecommunications providers, or cloud service providers;

(ii) security incidents arising from Customer’s systems, credentials, misconfiguration, or misuse of the Services; or

(iii) Customer’s failure to follow Documentation or security best practices.

Nothing in this Section limits any warranty that cannot be excluded under applicable law.

8.3 Service Availability Disclaimer

Customer acknowledges that the Services are provided over the internet and cloud-based infrastructure and may be subject to limitations, delays, interruptions, degradation, and other problems inherent in the use of such systems.

Locktera does not guarantee that the Services will be uninterrupted, error-free, secure, or continuously available at all times.

Customer acknowledges that access to the Services may be unavailable from time to time, including due to:

(a) scheduled or emergency maintenance;
(b) security updates or patches;
(c) infrastructure modifications or upgrades;
(d) failures of third-party infrastructure, cloud providers, or telecommunications providers;
(e) Force Majeure Events; or
(f) circumstances beyond Locktera’s reasonable control.

Locktera shall use commercially reasonable efforts to maintain the availability and reliability of the Services but shall have no liability for any failure, delay, interruption, degradation, or unavailability of the Services.

Except as expressly provided in a separate written Service Level Agreement (“SLA”) executed by Locktera, the Services are provided without any guaranteed uptime or availability commitment.

9. MUTUAL INDEMNIFICATION

9.1 Indemnification by Locktera

Locktera shall defend Customer against any third-party claim alleging that Customer’s authorized use of the Services infringes a United States patent, copyright, trademark, or trade secret of such third party, and shall indemnify Customer against damages finally awarded by a court of competent jurisdiction or agreed in settlement by Locktera.

Locktera shall have no obligation under this Section to the extent a claim arises from:

(a) Customer Data;
(b) Customer applications, platforms, or integrations;
(c) modifications to the Services not made by Locktera;
(d) use of the Services in violation of this Agreement or applicable Documentation;
(e) use of the Services in combination with products or services not provided by Locktera;
(f) Customer’s failure to implement updates provided by Locktera;
(g) third-party or open-source software not created by Locktera.

If the Services become, or in Locktera’s reasonable opinion are likely to become, the subject of an infringement claim, Locktera may, at its option and expense:

(i) obtain the right for Customer to continue using the affected Services;
(ii) modify or replace the affected Services to make them non-infringing without materially reducing core functionality; or
(iii) terminate Customer’s access to the affected Services and refund prepaid unused Fees for such affected Services.

This Section states Customer’s sole and exclusive remedy, and Locktera’s entire liability, for intellectual property infringement claims, subject to the limitations set forth in Section 10.

9.2 Indemnification by Customer

Customer shall defend, indemnify, and hold harmless Locktera and its officers, directors, employees, and agents from and against any claims, damages, losses, liabilities, costs, and expenses (including reasonable attorneys’ fees) arising out of or related to:

(a) Customer’s or its End Users’ use of the Services;
(b) Customer’s violation of this Agreement or the Acceptable Use Policy;
(c) Customer Data;
(d) Customer applications, platforms, or integrations;
(e) Customer’s commercialization or distribution of applications embedding the Services;
(f) Customer’s authorization policies, access controls, or credential management;
(g) Customer’s violation of applicable laws or third-party rights; or
(h) unauthorized access resulting from Customer systems, credentials, misconfiguration, or failure to secure its environment.

9.3 Indemnification Procedures

The indemnified party shall:

(a) promptly notify the indemnifying party of any claim;
(b) allow the indemnifying party to control the defense and settlement of the claim; and
(c) provide reasonable cooperation at the indemnifying party’s expense.

The indemnifying party shall not settle any claim in a manner that imposes liability, admission of fault, or ongoing obligations on the indemnified party without prior written consent, not to be unreasonably withheld.

10. LIMITATION OF LIABILITY

10.1 Exclusion of Indirect Damages

TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, IN NO EVENT SHALL EITHER PARTY BE LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, EXEMPLARY, OR PUNITIVE DAMAGES, INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOSS OF PROFITS, LOSS OF REVENUE, LOSS OF BUSINESS, LOSS OF DATA, LOSS OF GOODWILL, OR BUSINESS INTERRUPTION, ARISING OUT OF OR RELATED TO THIS AGREEMENT OR THE SERVICES, REGARDLESS OF THE THEORY OF LIABILITY (WHETHER IN CONTRACT, TORT, NEGLIGENCE, STRICT LIABILITY, OR OTHERWISE), EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

10.2 Limitation of Liability Cap

TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, LOCKTERA’S TOTAL AGGREGATE LIABILITY ARISING OUT OF OR RELATED TO THIS AGREEMENT OR THE SERVICES SHALL NOT EXCEED THE TOTAL AMOUNT OF FEES PAID BY CUSTOMER TO LOCKTERA DURING THE TWELVE (12) MONTHS IMMEDIATELY PRECEDING THE EVENT GIVING RISE TO THE CLAIM.

THE LIMITATIONS SET FORTH IN THIS SECTION SHALL APPLY IN THE AGGREGATE AND NOT PER CLAIM.

10.3 Exceptions to Limitation of Liability (Liability Carve-Outs)

Notwithstanding the foregoing, the limitations and exclusions of liability set forth in Sections 10.1 and 10.2 shall not apply to:

(a) Customer’s breach of Section 3, including unauthorized use, circumvention of security controls, or misuse of credentials;

(b) Customer’s breach of Section 5;

(c) Customer’s violation of applicable laws or third-party rights arising from Customer Data or Customer applications;

(d) Customer’s indemnification obligations;

(e) either party’s breach of Section 7;

(f) Customer’s infringement or misappropriation of Locktera intellectual property;

(g) Customer’s gross negligence, willful misconduct, or fraud;

(h) Customer’s failure to implement reasonable security controls over its systems, credentials, or integrations;

(i) amounts owed by Customer under this Agreement; and

(j) Locktera’s indemnification obligations under Section 9, solely to the extent of such indemnification obligations.

10.4 Allocation of Risk

The parties acknowledge that the fees charged for the Services reflect the allocation of risk set forth in this Agreement and that the limitations of liability herein are an essential basis of the bargain between the parties.

11. TERM AND TERMINATION

11.1 Term

This Agreement shall commence on the Effective Date and shall remain in effect until terminated in accordance with this Section.

11.2 Termination for Cause

Either party may terminate this Agreement upon written notice if the other party materially breaches this Agreement and fails to cure such breach within thirty (30) days after receiving written notice of the breach.

11.3 Termination for Convenience

Locktera may terminate this Agreement for convenience upon thirty (30) days’ prior written notice to Customer.

Customer may terminate this Agreement at any time by ceasing all use of the Services and providing written notice to Locktera. Termination shall not relieve Customer of any payment obligations incurred prior to termination.

11.4 Immediate Termination

Locktera may suspend or terminate access to the Services immediately and without prior notice if Locktera determines, in its reasonable discretion, that:

(a) Customer has violated this Agreement or the Acceptable Use Policy;

(b) Customer has failed to pay Fees when due;

(c) Customer’s use of the Services poses a security risk to Locktera, other customers, or third parties;

(d) Customer has engaged in fraudulent, unlawful, or unauthorized activities;

(e) Customer has attempted to circumvent or compromise security or cryptographic enforcement mechanisms; or

(f) termination is required by law, regulation, or governmental authority.

11.5 Effect of Termination

Upon termination or expiration of this Agreement:

(a) all rights granted to Customer shall immediately terminate;

(b) Customer shall immediately cease all access to and use of the Services;

(c) Customer shall remain responsible for all Fees incurred prior to termination;

(d) Locktera may disable Customer’s access credentials and Account;

(e) Locktera shall have no obligation to maintain or provide Customer Data following termination except as required by law, the Data Processing Addendum, or expressly agreed in writing.

11.6 Suspension

Locktera may suspend Customer’s access to the Services without terminating this Agreement if Locktera determines suspension is necessary to protect the Services, Locktera systems, or other customers.

11.7 Survival

Termination or expiration of this Agreement shall not affect provisions that by their nature are intended to survive, including but not limited to:

  • Ownership and Intellectual Property
  • Confidentiality
  • Limitation of Liability
  • Indemnification
  • Fees and Payment Obligations

12. BETA SERVICES

Locktera may, from time to time, make available certain features, functionality, services, or products designated as “beta,” “preview,” “early access,” or similar (collectively, “Beta Services”).

Beta Services are provided for evaluation and testing purposes only and may be subject to additional terms communicated by Locktera.

Beta Services:

(a) are provided “as is” and “as available” without any warranties of any kind;

(b) may be incomplete, unstable, or contain errors or security vulnerabilities;

(c) may not be suitable for production use;

(d) may be modified, suspended, or discontinued at any time, with or without notice;

(e) are not subject to any service level commitments, uptime guarantees, support obligations, or performance standards unless expressly agreed in writing; and

(f) are excluded from Locktera’s indemnification obligations under this Agreement.

Customer acknowledges that use of Beta Services is at Customer’s sole risk.

Any information regarding Beta Services, including performance, features, and technical details, shall be considered Locktera Confidential Information.

Locktera shall have no liability arising out of or related to Customer’s use of Beta Services.

13. GOVERNING LAW AND DISPUTE RESOLUTION

This Agreement shall be governed by and construed in accordance with the laws of the State of Texas, without regard to its conflict of laws principles.

The parties agree that the state and federal courts located in Dallas County, Texas shall have exclusive jurisdiction and venue over any disputes arising out of or relating to this Agreement or the Services.

Each party irrevocably submits to the personal jurisdiction of such courts and waives any objection to venue, including objections based on forum non conveniens.

Nothing in this Agreement shall prevent Locktera from seeking injunctive or equitable relief in any court of competent jurisdiction to protect its intellectual property, Confidential Information, or security systems.

TO THE MAXIMUM EXTENT PERMITTED BY LAW, EACH PARTY WAIVES ANY RIGHT TO A TRIAL BY JURY IN ANY LEGAL PROCEEDING ARISING OUT OF OR RELATING TO THIS AGREEMENT OR THE SERVICES.

14. GENERAL

14.1 Entire Agreement

This Agreement constitutes the entire agreement between the parties regarding the Services and supersedes all prior or contemporaneous agreements, communications, and understandings, whether written or oral.

14.2 Severability

If any provision of this Agreement is held to be invalid or unenforceable, such provision shall be enforced to the maximum extent permitted, and the remaining provisions shall remain in full force and effect.

14.3 Updates to Agreement

Locktera may modify this Agreement from time to time. Updated versions will be posted on Locktera’s website. Customer’s continued use of the Services after such updates constitutes acceptance of the modified Agreement.

14.4 Assignment; Change of Control

Customer may not assign or transfer this Agreement, by operation of law or otherwise, without Locktera’s prior written consent, except in connection with a merger, acquisition, or sale of substantially all of Customer’s assets, provided that the assignee agrees in writing to be bound by this Agreement.

Locktera may assign or transfer this Agreement, without Customer’s consent, in connection with a merger, acquisition, corporate reorganization, or sale of all or substantially all of Locktera’s assets.

Any purported assignment in violation of this Section is void.

This Agreement shall bind and inure to the benefit of the parties and their permitted successors and assigns.

14.5 Independent Contractors

The parties are independent contractors, and this Agreement does not create any partnership, joint venture, agency, or employment relationship as described in Section 20.

14.6 No Waiver

Failure of either party to enforce any provision of this Agreement shall not constitute a waiver of future enforcement of that or any other provision.

14.7 No Third-Party Beneficiaries

This Agreement is entered into solely between Locktera and Customer and is for the exclusive benefit of the parties and their respective permitted successors and assigns.

Nothing in this Agreement, express or implied, is intended to or shall confer upon any third party, including any End User, Customer client, contractor, affiliate, or other person or entity, any legal or equitable right, benefit, or remedy of any nature whatsoever under or by reason of this Agreement.

Without limiting the foregoing, End Users shall have no direct contractual relationship with Locktera and shall have no right to assert any claims against Locktera arising from Customer’s use of the Services.

14.8 Order of Precedence

In the event of any conflict, inconsistency, or ambiguity between the documents governing Customer’s use of the Services, the following order of precedence shall apply:

  1. Any applicable Order Form;
  2. Any applicable Subscription Agreement;
  3. Any executed OEM / Embedded Use Addendum;
  4. The Locktera Data Processing Addendum (with respect to data protection matters only);
  5. These Locktera CORE API Terms of Service;
  6. The Locktera Acceptable Use Policy;
  7. The Locktera Privacy Policy.

For customers purchasing through an online marketplace or Locktera’s self-service portal without an executed Subscription Agreement or Order Form, this Agreement and the applicable marketplace terms (to the extent required by such marketplace) shall govern.

Each document shall control solely with respect to the subject matter it governs.

Except as expressly provided herein, no terms in a purchase order, vendor onboarding portal, or other Customer-issued document shall modify or supersede this Agreement unless expressly agreed in writing by Locktera.

14.9 Force Majeure

Neither party shall be liable for failures or delays caused by events beyond its reasonable control, as described in Section 15.

14.10 Notices

All notices under this Agreement shall be provided in writing and shall be deemed given when delivered via email, certified mail, or recognized courier service. Notices to Locktera shall be sent to legal@locktera.com or such other address designated by Locktera.

15. FORCE MAJEURE

Neither party shall be liable for any failure or delay in performing its obligations under this Agreement (other than payment obligations) to the extent such failure or delay is caused by circumstances beyond such party’s reasonable control and without such party’s fault or negligence (each, a “Force Majeure Event”).

Force Majeure Events include, without limitation:

(a) acts of God, natural disasters, earthquakes, floods, fires, or severe weather conditions;

(b) acts of war, terrorism, civil unrest, riots, or sabotage;

(c) labor disputes, strikes, lockouts, or work stoppages;

(d) failures, interruptions, or degradation of internet service providers, telecommunications providers, cloud service providers, hosting providers, or utility providers;

(e) denial-of-service attacks, cyberattacks, or other malicious acts by third parties;

(f) failures of power, electrical systems, or critical infrastructure;

(g) governmental orders, laws, regulations, embargoes, sanctions, or actions;

(h) failures or interruptions of third-party software, hardware, or infrastructure not under the affected party’s control; or

(i) any other event beyond the reasonable control of the affected party.

A Force Majeure Event shall not constitute a breach of this Agreement.

The affected party shall use commercially reasonable efforts to:

(i) promptly notify the other party of the Force Majeure Event; and
(ii) resume performance as soon as reasonably practicable.

Locktera may suspend access to the Services during a Force Majeure Event without liability.

If a Force Majeure Event continues for more than thirty (30) days, Locktera may terminate this Agreement upon written notice.

A Force Majeure Event shall not excuse Customer’s obligation to pay Fees accrued prior to the Force Majeure Event.

Locktera shall have no liability for any failure, degradation, interruption, or loss of Services resulting from a Force Majeure Event.

16. AUDIT RIGHTS AND AUDIT PROTECTION

16.1 Locktera Audit Protection and Security Assurance

Customer acknowledges that the Services operate on secure, multi-tenant infrastructure utilizing proprietary cryptographic enforcement mechanisms, security controls, and confidential infrastructure.

Customer shall not conduct or attempt to conduct security audits, penetration tests, vulnerability scans, or other security assessments of the Services, Locktera systems, or Locktera infrastructure without Locktera’s prior express written consent.

Any unauthorized testing shall constitute a material breach of this Agreement and may result in immediate suspension or termination of Customer’s access to the Services.

Locktera may grant or deny audit or testing consent in its sole discretion.

16.2 Security Documentation and Third-Party Reports

In lieu of direct audit access, Locktera may, upon Customer’s written request and subject to confidentiality obligations, provide available security documentation, which may include:

(a) Security overview documentation;
(b) Independent third-party audit reports, if available;
(c) Security policies and procedures summaries; or
(d) Other relevant security assurance materials.

Such materials constitute Locktera Confidential Information.

16.3 Restrictions on Testing and Scanning

Customer shall not, and shall not permit any third party to:

(a) Perform penetration testing of the Services;
(b) Perform vulnerability scanning of the Services;
(c) Attempt to bypass security controls;
(d) Attempt to defeat cryptographic protections;
(e) Attempt to access Locktera infrastructure, systems, or environments without authorization.

Any authorized testing must:

(i) Be approved in writing by Locktera in advance;
(ii) Be conducted in accordance with Locktera’s approved testing procedures; and
(iii) Be conducted in a manner that does not disrupt the Services.

16.4 Protection of Multi-Tenant Infrastructure

Customer acknowledges that Locktera operates a multi-tenant environment.

Accordingly, Locktera shall have no obligation to provide Customer with access to:

  • Locktera production systems;
  • Locktera infrastructure environments;
  • Other customers’ systems or data;
  • Locktera source code;
  • Cryptographic implementation details;
  • Security keys or key management systems.

16.5 Compliance Verification Alternative

Locktera’s provision of independent third-party security audits, certifications, or security documentation shall satisfy any contractual audit or security verification requirements, unless otherwise expressly agreed in writing.

16.6 Audit Costs

If Locktera agrees to a Customer audit in writing, Customer shall bear all costs associated with such audit, including Locktera personnel time at Locktera’s standard professional services rates.

16.7 No Obligation to Disclose Sensitive Security Information

Nothing in this Agreement shall require Locktera to disclose information that would:

(a) Compromise the security of the Services;
(b) Compromise Locktera systems or infrastructure;
(c) Compromise other customers; or
(d) Reveal Locktera confidential security architecture or cryptographic implementation.

17. EXPORT COMPLIANCE AND TRADE RESTRICTIONS

Customer acknowledges that the Services, including software, encryption technology, cryptographic containers, APIs, and related technical data (collectively, the “Controlled Technology”), may be subject to export control and economic sanctions laws and regulations of the United States and other applicable jurisdictions, including, without limitation:

  • The U.S. Export Administration Regulations (“EAR”);
  • Regulations administered by the U.S. Department of the Treasury’s Office of Foreign Assets Control (“OFAC”);
  • U.S. anti-boycott regulations; and
  • Applicable export control and sanctions laws of other jurisdictions.

Customer represents and warrants that:

(a) Customer is not located in, organized under the laws of, or ordinarily resident in any country or territory subject to comprehensive U.S. export sanctions, including, without limitation, Cuba, Iran, North Korea, Syria, or the Crimea, Donetsk, or Luhansk regions of Ukraine, or any other restricted jurisdiction;

(b) Customer is not listed on, and is not owned or controlled by any entity or individual listed on, any U.S. government restricted party list, including but not limited to the U.S. Department of Commerce Denied Persons List, Entity List, or Unverified List, or the U.S. Department of the Treasury Specially Designated Nationals (“SDN”) List;

(c) Customer shall not export, re-export, transfer, or otherwise provide access to the Services or Controlled Technology, directly or indirectly, to any prohibited country, entity, or individual, or for any prohibited end use, including but not limited to nuclear, chemical, biological weapons proliferation, or military end uses prohibited by applicable law;

(d) Customer shall comply with all applicable export control and economic sanctions laws in connection with its use of the Services.

Customer shall be solely responsible for obtaining any required export licenses or authorizations required for its use of the Services.

Locktera reserves the right to suspend or terminate Customer’s access to the Services immediately, without liability, if Locktera determines, in its sole discretion, that Customer’s use of the Services may violate applicable export control or sanctions laws.

Customer agrees to promptly notify Locktera if Customer becomes subject to any export restriction or sanction.

Locktera shall have no liability for any failure or delay in performance resulting from compliance with export control laws, sanctions laws, or governmental orders relating thereto.

18. DATA PROTECTION AND PRIVACY

18.1 Data Protection Compliance

Each party shall comply with all applicable data protection, privacy, and data security laws in connection with its performance under this Agreement.

Customer is solely responsible for ensuring that its use of the Services complies with applicable Data Protection Laws.

18.2 Roles of the Parties

As between the parties, Customer acts as the data controller and Locktera acts as a data processor solely to the extent necessary to provide the Services.

18.3 Data Processing Addendum

To the extent Customer Data includes Personal Data, the Locktera Data Processing Addendum (“DPA”), available at:

https://locktera.com/legal/locktera-data-processing-addendum

is hereby incorporated into this Agreement by reference.

In the event of conflict between this Agreement and the DPA, the DPA shall control with respect to Personal Data.

18.4 Security Measures

Locktera shall implement commercially reasonable administrative, technical, and organizational safeguards designed to protect Customer Data.

18.5 Subprocessors

Customer authorizes Locktera to engage subprocessors to provide the Services, subject to appropriate data protection safeguards.

18.6 Anonymized and Aggregated Data

Locktera may use anonymized and aggregated data derived from use of the Services for purposes of improving, securing, and operating the Services.

18.7 Termination

Upon termination of the Services, Locktera shall delete or return Customer Data in accordance with the terms of the Data Processing Addendum.

19. SURVIVAL

Termination or expiration of this Agreement shall not relieve either party of any obligations, rights, or liabilities that, by their nature, are intended to survive termination or expiration.

Without limiting the foregoing, the following Sections shall survive termination or expiration of this Agreement:

(a) Definitions;

(b) Fees and Payment Terms, including all outstanding payment obligations;

(c) Ownership and Intellectual Property Rights;

(d) Customer Data ownership and license provisions;

(e) Confidentiality, which shall survive for so long as the information remains Confidential Information;

(f) Security and Cryptographic Enforcement;

(g) Indemnification;

(h) Limitation of Liability, including all liability limitations, exclusions, and carve-outs, regardless of when claims are asserted;

(i) Audit Rights and Audit Protection;

(j) Export Compliance and Trade Restrictions;

(k) Data Protection and Privacy;

(l) Disclaimer of Warranties;

(m) Governing Law and Dispute Resolution; and

(n) Any other provisions that by their nature are intended to survive termination or expiration of this Agreement.

All rights, remedies, obligations, and protections of Locktera under this Agreement shall survive termination or expiration to the extent necessary to enforce such rights and protections.

Termination or expiration shall not limit either party’s liability for acts or omissions occurring prior to termination.

20. INDEPENDENT CONTRACTORS

The parties are independent contractors, and nothing in this Agreement shall be deemed to create any partnership, joint venture, agency, fiduciary, employment, or other similar relationship between the parties.

Neither party shall have the authority to bind, obligate, or commit the other party in any manner whatsoever, nor represent to any third party, including any End User, that it has such authority.

Each party shall be solely responsible for its own employees, contractors, and agents, including payment of compensation, benefits, taxes, and compliance with applicable employment, labor, and tax laws.

Neither party shall be considered an agent, representative, or legal partner of the other for any purpose, and neither party shall have any right, power, or authority to create any obligation or responsibility on behalf of the other party.

Nothing in this Agreement shall be deemed to create any fiduciary, trust, or custodial relationship between Locktera and Customer with respect to Customer Data or the Services.

This Agreement does not create any exclusive relationship between the parties, and each party shall remain free to conduct business with third parties, including competitors of the other party.

This Section shall survive termination or expiration of this Agreement.

21. ACCEPTANCE AND EXECUTION

By accessing or using the Services, creating an account, generating or using an API key, or otherwise indicating assent electronically, Customer acknowledges that it has read, understands, and agrees to be bound by this Agreement.

If Customer is entering into this Agreement on behalf of an organization, Customer represents and warrants that it has full legal authority to bind such organization to this Agreement. In such case, the term “Customer” shall refer to the organization.

This Agreement constitutes a legally binding agreement between Customer and Locktera as of the Effective Date.

Locktera may update this Agreement from time to time in accordance with Section 14 (General). Customer’s continued use of the Services following any such update constitutes acceptance of the updated Agreement.

If Customer does not agree to this Agreement, Customer must immediately cease all access to and use of the Services.

22. ELECTRONIC COMMUNICATIONS AND SIGNATURES

Customer agrees that use of the Services constitutes electronic acceptance of this Agreement and that such electronic acceptance shall have the same legal effect as a handwritten signature.

Customer agrees that electronic communications, including notices, agreements, disclosures, and other communications provided by Locktera electronically, satisfy any legal requirement that such communications be in writing.

23. CONTACT INFORMATION

If Customer has any questions regarding this Agreement, Customer may contact Locktera at:

Locktera, Inc.
Dallas, Texas, United States
Email: legal@locktera.com
Website: https://locktera.com