Terms of Service

1.1 Agreement to Terms

• By accessing, installing, or using Mesrai's AI-powered code review service ("Service"), you ("User," "you," or "your") agree to be legally bound by these Terms and Conditions ("Terms"), our Privacy Policy, and all applicable laws and regulations. If you do not agree to these Terms, you must immediately cease using the Service.

1.2 Authority to Bind

• Individual Users: You represent that you are at least 18 years old and have the legal capacity to enter into binding contracts.
• Corporate Users: You represent and warrant that (a) you have the authority to bind your organization to these Terms, (b) your organization will comply with these Terms, and (c) you will be jointly and severally liable with your organization for any violations.

1.3 Modifications to Terms

• We reserve the right to modify these Terms at any time. Changes become effective upon posting to our website or notification to your registered email. Material changes will be notified at least 30 days in advance. Continued use after changes constitutes acceptance. You may terminate your account if you disagree with changes.

1.4 Early Stage Disclosure

• IMPORTANT NOTICE: Mesrai is an early-stage, bootstrapped startup. While we implement industry best practices, we currently do not hold enterprise certifications such as SOC2, ISO 27001, HIPAA, or PCI-DSS. Our Service is provided on an "AS IS" and "AS AVAILABLE" basis without enterprise-level Service Level Agreements (SLAs). We are committed to continuous improvement and plan to pursue certifications as we scale.

2.1 Core Features

• Automated analysis of GitHub pull requests using Large Language Models (LLMs)
• Detection of potential bugs, security vulnerabilities, performance issues, and code quality concerns
• Automated generation of review comments posted directly to GitHub pull requests
• Integration with GitHub repositories via OAuth authentication
• Dashboard analytics for code quality trends and review history

2.2 AI Technology Disclosure

• Our Service utilizes third-party AI/LLM providers including: Anthropic (Claude models), OpenAI (GPT models), DeepSeek, Google (Gemini models), and other AI service providers as we evolve.
• AI-generated reviews are probabilistic and may: Contain false positives (flagging correct code as problematic), contain false negatives (missing actual issues), provide incorrect or misleading suggestions, vary in quality and accuracy, hallucinate or generate nonsensical output.

2.3 Service Availability

• We strive for high availability but do not guarantee uninterrupted access
• Scheduled maintenance will be announced when possible
• Emergency maintenance may occur without notice
• Service features, performance, and availability may vary by subscription tier
• We do not currently provide uptime SLAs or availability guarantees

2.4 Beta and Experimental Features

• Some features may be labeled "Beta," "Alpha," "Experimental," or "Preview." These features:
• Are provided for testing and feedback purposes
• May not work as intended or may be incomplete
• May be modified or discontinued without notice
• Are excluded from any warranties or guarantees
• Should not be used for production-critical workflows

3.1 Account Registration

• Create an account with accurate, current, and complete information
• Maintain and update your information to keep it accurate
• Authenticate via GitHub OAuth or other supported methods
• Comply with GitHub's Terms and Conditions and Acceptable Use Policies

3.2 Account Security

• Maintaining the confidentiality of your account credentials
• All activities that occur under your account
• Immediately notifying us of any unauthorized access or security breach
• Using strong, unique passwords and enabling two-factor authentication when available

3.3 Account Types

• Personal Accounts: For individual developers
• Organization Accounts: For teams and companies, with administrative controls
• Service Accounts: For API and automation use (requires separate agreement)

3.4 Age Requirement

• You must be at least 18 years old to use the Service. By using the Service, you represent that you meet this age requirement. We do not knowingly collect information from or market to children under 18.

4.1 Permitted Uses

• Legitimate code review of software you own or have permission to analyze
• Internal development and quality assurance purposes
• Compliance with your organization's software development policies

4.2 Prohibited Uses — Code-Related

• Submit code you do not own or have authorization to analyze
• Submit code containing malware, viruses, exploits, or malicious payloads
• Submit code that violates export control laws or sanctions
• Submit code containing others' trade secrets or confidential information without authorization
• Use the Service to analyze code for competitive intelligence or reverse engineering purposes

4.2 Prohibited Uses — Security & Abuse

• Attempt to gain unauthorized access to our systems, other users' accounts, or data
• Interfere with or disrupt the integrity or performance of the Service
• Circumvent any access controls, rate limits, or security measures
• Probe, scan, or test the vulnerability of our systems
• Use automated tools (bots, scrapers) except via our official API (if available)
• Attempt to reverse engineer, decompile, or extract our AI models or algorithms
• Overload our systems with excessive requests (rate limits apply per plan tier)

4.2 Prohibited Uses — Content

• Submit code or content that is illegal, defamatory, harassing, or violates others' rights
• Submit personally identifiable information (PII), passwords, API keys, or secrets
• Submit regulated data (HIPAA, PCI-DSS, GDPR-protected) unless you have an appropriate enterprise agreement
• Submit code that infringes intellectual property rights or violates open-source licenses

4.2 Prohibited Uses — Commercial

• Resell, sublicense, rent, or redistribute the Service without written authorization
• Use the Service to build a competing product or service
• Use the Service for benchmarking competitors without our consent
• Scrape or harvest data from the Service for commercial purposes

4.3 Enforcement

• Warning and request to cease the prohibited activity
• Temporary suspension of your account
• Permanent termination of your account without refund
• Legal action if the violation causes harm or liability
• Reporting to law enforcement if criminal activity is suspected

5.1 Your Code Ownership

• You retain all ownership rights to your code. By using the Service, you grant us a limited, non-exclusive, worldwide license to: Access and process your code solely to provide the Service, temporarily store your code in memory during AI analysis, and post review comments to your GitHub repositories as authorized.
• We do NOT: Claim ownership of your code, use your code to train AI models (unless you explicitly opt-in), share your code with third parties except as necessary to provide the Service, or retain your code after review completion.

5.2 AI-Generated Content Ownership

• Review comments, suggestions, and analysis generated by our AI are licensed to you under MIT License (or CC0 if you prefer public domain).
• May be used, modified, or incorporated into your code without restriction.
• Come with NO WARRANTY of correctness, fitness, or non-infringement.
• May occasionally resemble suggestions given to other users (AI models can generate similar outputs).
• YOU ARE SOLELY RESPONSIBLE for evaluating and validating all AI-generated suggestions before implementing them.

5.3 Mesrai Intellectual Property

• All rights, title, and interest in the Service, including: The Mesrai platform, software, and algorithms; our proprietary AI prompt engineering and review workflows; our branding, trademarks, and logos; our documentation, UI/UX design, and features — are owned by Mesrai and protected by copyright, trademark, and other intellectual property laws.
• You may not copy, modify, reverse engineer, or create derivative works without written permission.

5.4 Feedback and Suggestions

• If you provide feedback, suggestions, or ideas about the Service: You grant us a perpetual, irrevocable, worldwide, royalty-free license to use them. We may implement your suggestions without compensation or attribution. You waive any moral rights or attribution claims.

6.1 Subscription Plans

• Free Tier: Limited features and usage quotas (details on pricing page)
• Pro Tier: Enhanced features for individual developers
• Team Tier: Multi-user collaboration features
• Enterprise Tier: Custom features, support, and SLAs (contact sales)
• Full pricing details are available at mesrai.com/pricing and incorporated by reference.

6.2 Payment Processing

• All payments are processed by Stripe, Inc., a third-party payment processor
• By subscribing, you authorize Stripe to charge your payment method
• We do NOT store your credit card information on our servers
• You are subject to Stripe's Privacy Policy and Terms and Conditions regarding payment data
• Payment processing fees (if any) will be disclosed before purchase

6.3 Billing Cycle

• Monthly Plans: Billed on the date you subscribe, then monthly on the same date
• Annual Plans: Billed annually on the date you subscribe (discounted rate)
• Billing dates may shift slightly due to month lengths (e.g., subscribing on Jan 31 → billed on Feb 28)

6.4 Auto-Renewal

• Subscriptions automatically renew at the end of each billing period unless you cancel before renewal. You authorize us (via Stripe) to charge your payment method for renewal fees.

6.5 Cancellation

• You may cancel your subscription at any time via account settings or by contacting support
• Cancellation takes effect at the end of your current billing period
• You will retain access until the end of the paid period
• No refunds or prorated credits for partial months (except as required by law)

6.6 Refund Policy

• REFUNDS ARE GENERALLY NOT PROVIDED due to the resource costs of AI processing.
• We may issue refunds on a case-by-case basis for exceptional circumstances
• Refunds for technical failures will be evaluated based on severity and impact
• Refund requests must be submitted within 14 days of the charge
• We reserve the right to deny refund requests or offer credits instead
• Chargebacks will result in immediate account suspension and potential legal action

6.7 Price Changes

• We will provide at least 30 days' notice of price increases
• Price changes apply at your next renewal (not mid-cycle)
• You may cancel before renewal to avoid the new price
• If you cancel and later re-subscribe, new pricing applies

6.8 Taxes

• Prices are exclusive of applicable taxes (VAT, GST, sales tax, etc.)
• You are responsible for all taxes associated with your subscription
• We will collect taxes where legally required and remit to authorities
• You must provide valid tax identification numbers if requested

6.9 Usage-Based Overages (if applicable)

• Overage charges may apply if you exceed your plan's quotas
• Overage rates are disclosed on the pricing page
• We will notify you before charging overages when possible
• You may set spending limits to prevent unexpected charges (if available)

6.10 Payment Failures

• We will attempt to process payment multiple times
• You will receive email notifications of payment failures
• Your account may be suspended after multiple failures
• You are responsible for updating payment information
• Past-due amounts may be sent to collections

7.1 Privacy Policy Incorporation

• Our Privacy Policy (available at mesrai.com/privacy-policy) is incorporated into these Terms by reference. By using the Service, you consent to our privacy practices as described therein.

7.2 Data Processing Summary

• Account Data: Email, GitHub username, organization details
• Code Data: Pull request content, diffs, file paths, commit messages (temporarily processed, not stored long-term)
• Usage Data: Features used, review frequency, API calls
• Analytics Data: Aggregated, anonymized usage statistics
• Code Processing: Your code is processed in-memory by our AI providers and is NOT permanently stored or used to train AI models without your explicit consent.

7.3 GDPR Compliance (EU Users)

• We process personal data on the legal basis of contract performance and legitimate interest
• You have rights to access, rectify, erase, restrict, port, and object to processing
• You may withdraw consent at any time (where consent is the legal basis)
• You have the right to lodge a complaint with your supervisory authority
• Data Protection Contact: contact@mesrai.com

7.4 CCPA Compliance (California Users)

• You have the right to know what personal information we collect
• You have the right to request deletion of your personal information
• You have the right to opt-out of "sale" of personal information (we do not sell data)
• We will not discriminate against you for exercising your CCPA rights
• Submit requests to: contact@mesrai.com

7.5 Data Retention

• Code: Deleted immediately after review processing (not retained)
• Account Data: Retained while account is active, deleted within 90 days of account closure
• Usage Logs: Retained for 12 months for analytics and debugging
• Backup Data: May persist up to 90 days in backups after deletion
• Legal Holds: Data may be retained longer if required by law or litigation

7.6 Data Breach Notification

• We will notify you within 72 hours of discovering the breach (GDPR requirement)
• Notification will include the nature of the breach, affected data, and remediation steps
• We will cooperate with regulatory authorities as required

8.1 GitHub Integration

• You authorize us to access your repositories and post comments as configured
• GitHub's Terms and Conditions and Privacy Policy apply to GitHub's services
• We are not responsible for GitHub's actions, downtime, or data practices
• You may revoke our access at any time via GitHub settings (service will cease functioning)

8.2 AI Service Providers

• Anthropic: Subject to Anthropic's Commercial Terms and Usage Policy
• OpenAI: Subject to OpenAI's Terms of Use and Business Terms
• DeepSeek: Subject to DeepSeek's Terms and Conditions
• Others: May change as we optimize for quality and cost
• We use enterprise API tiers where available, which typically offer: No training on customer data, data retention limits (e.g., 30 days or less), SOC2 Type II and other certifications (provider-specific).

8.3 Payment Processing

• Stripe handles all payment processing. Stripe's Privacy Policy and Terms apply to payment data.

8.4 Analytics and Monitoring

• We may use third-party analytics tools (e.g., PostHog, Sentry) to monitor Service performance and usage. These tools are configured to respect user privacy.

8.5 No Endorsement

• References to third-party services do not constitute endorsements. We are not responsible for third-party content, policies, or practices.

9.1 Service Provided "AS IS"

• THE SERVICE IS PROVIDED "AS IS" AND "AS AVAILABLE" WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO:
• Warranties of merchantability, fitness for a particular purpose, or non-infringement
• Warranties that the Service will be uninterrupted, error-free, or secure
• Warranties regarding the accuracy, reliability, or completeness of AI-generated reviews
• Warranties that the Service will meet your requirements or expectations

9.2 AI Accuracy Disclaimer

• Reviews may contain false positives (flagging correct code)
• Reviews may miss critical vulnerabilities (false negatives)
• Suggestions may be incorrect, incomplete, or misleading
• AI may hallucinate issues that don't exist
• Performance varies by language, framework, and code complexity

9.3 No Security Guarantee

• While we identify potential security issues, we do not guarantee detection of all vulnerabilities. The Service is not a replacement for: Professional security audits, penetration testing, static application security testing (SAST) tools, or manual security review by qualified experts.

9.4 Beta Features Disclaimer

• Beta, experimental, or preview features are provided for testing only and may: Malfunction or produce unreliable results, be discontinued at any time without notice, lack documentation or support, not be covered by SLAs or warranties (if any).

9.5 Third-Party Disclaimer

• We disclaim all liability for third-party services (GitHub, AI providers, Stripe, etc.). Issues with third-party services are between you and that provider.

9.6 Jurisdiction-Specific Disclaimers

• Some jurisdictions do not allow disclaimers of implied warranties. To the extent such disclaimers are prohibited, the above limitations may not apply, and you may have additional rights.

10.1 Exclusion of Damages

• TO THE MAXIMUM EXTENT PERMITTED BY LAW, MESRAI, ITS FOUNDERS, EMPLOYEES, CONTRACTORS, INVESTORS, AND AFFILIATES SHALL NOT BE LIABLE FOR:
• Indirect Damages: Loss of profits, revenue, business, or business opportunities; loss of data, reputation, or goodwill; business interruption or downtime; cost of procuring substitute services.
• Consequential Damages: Damages resulting from AI review errors or omissions; damages from security vulnerabilities missed by our analysis; damages from implementing AI-generated suggestions; damages from Service outages, delays, or unavailability.
• Special or Punitive Damages: Exemplary damages, punitive damages, statutory damages (except where prohibited by law).

10.2 Cap on Liability

• OUR TOTAL AGGREGATE LIABILITY TO YOU FOR ALL CLAIMS ARISING FROM OR RELATED TO THE SERVICE SHALL NOT EXCEED THE GREATER OF:
• (A) The total amount you paid to Mesrai in the 12 months preceding the claim
• (B) $100 USD
• This cap applies regardless of the theory of liability (contract, tort, negligence, strict liability, or otherwise).

10.3 Specific Scenarios

• Code Issues: Bugs, vulnerabilities, or design flaws introduced or missed by our AI
• Implementation: Damages from implementing AI suggestions without proper testing
• Downtime: Lost productivity or revenue due to Service unavailability
• Data Loss: Loss of review history or analytics data
• Third-Party Failures: Issues caused by GitHub, AI providers, or other third parties
• User Error: Misconfiguration, improper use, or ignoring AI warnings

10.4 Essential Purpose

• You acknowledge that this limitation of liability is an essential element of the agreement between you and Mesrai. We would not provide the Service without these limitations.

10.5 Jurisdiction-Specific Limitations

• Some jurisdictions do not allow limitations on liability for certain damages. In such jurisdictions, our liability is limited to the maximum extent permitted by law. Nothing in these Terms excludes liability for: Death or personal injury caused by negligence, fraud or fraudulent misrepresentation, any liability that cannot be excluded by law.

11.1 Your Indemnification Obligations

• You agree to indemnify, defend, and hold harmless Mesrai, its founders, employees, contractors, investors, affiliates, and agents ("Indemnified Parties") from and against any and all claims, liabilities, damages, losses, costs, and expenses (including reasonable attorneys' fees) arising out of or related to:
• Your violation of these Terms or our policies
• Your violation of applicable laws or regulations
• Your violation of third-party rights (intellectual property, privacy, publicity, etc.)
• Claims that your code infringes intellectual property rights or violates confidentiality obligations
• Claims arising from security vulnerabilities in your code (whether detected by us or not)
• Damages resulting from implementing our AI-generated suggestions without proper review

11.2 Indemnification Process

• We will promptly notify you of any indemnifiable claim
• You will assume control and cost of defense with counsel reasonably acceptable to us
• We reserve the right to participate in defense at our own expense
• You may not settle any claim that imposes liability on us or requires us to admit fault without our prior written consent

11.3 Our Indemnification (Limited)

• We will indemnify you against third-party claims that our Service infringes a third party's intellectual property rights, provided: You promptly notify us of the claim, we control the defense and settlement, you cooperate with our defense, and our liability is capped at the amount you paid us in the preceding 12 months.
• Exclusions: We have no obligation to indemnify if infringement arises from: Your modification of the Service, your combination of the Service with other products, or your continued use after we notify you to stop due to infringement.

12.1 Termination by You

• Canceling your subscription via account settings
• Emailing contact@mesrai.com with a termination request
• Ceasing to use the Service and revoking GitHub access
• Access to the Service will cease at the end of your current billing period (if paid). No refunds for unused time (except as required by law).

12.2 Termination by Us

• You breach these Terms or our Acceptable Use Policy
• Your account is involved in fraudulent, abusive, or illegal activity
• You fail to pay fees when due
• We are required to do so by law or court order
• Continuing the relationship would cause us legal liability or reputational harm

12.3 Effect of Termination

• Your right to use the Service ceases immediately
• All licenses granted to you are revoked
• You must cease using any Mesrai materials or branding
• Provisions that by their nature should survive (warranties, indemnification, limitation of liability, etc.) will continue to apply

12.4 Data After Termination

• Account data will be deleted within 90 days (see Privacy Policy for details)
• Code is not retained (deleted immediately after review processing)
• You may request a data export before terminating (allow 30 days for processing)
• Backup data may persist for up to 90 additional days in disaster recovery systems

12.5 No Refunds on Termination

• Termination does not entitle you to refunds, except: Where legally required (e.g., consumer protection laws), where we terminate for convenience (not for cause), or as explicitly stated in Section 6 (Payment and Billing).

13.1 Export Compliance

• The Service and underlying technology may be subject to U.S. export control laws, including the Export Administration Regulations (EAR) and sanctions programs administered by OFAC.
• You are not located in, under the control of, or a national or resident of any country subject to U.S. embargo (e.g., Cuba, Iran, North Korea, Syria, Crimea region)
• You are not listed on any U.S. government list of prohibited or restricted parties (e.g., SDN List, Entity List)
• You will not use the Service for any purpose prohibited by U.S. export laws
• You will not submit code or data subject to export restrictions (e.g., encryption algorithms, military technology)

13.2 Our Rights

• We may suspend or terminate your account without liability if we believe you are in violation of export laws or sanctions.

14.1 Governing Law

• These Terms are governed by the laws of the State of Delaware, United States, without regard to conflict of law principles. The United Nations Convention on Contracts for the International Sale of Goods does not apply.

14.2 Informal Resolution

• Before initiating formal proceedings, you agree to contact us at contact@mesrai.com to attempt informal resolution. We will make good-faith efforts to resolve disputes amicably within 30 days.

14.3 Arbitration (U.S. Users)

• For U.S. users, you agree that disputes will be resolved by binding arbitration, except: Small claims court actions (under $10,000 or jurisdictional limit), intellectual property disputes, and injunctive relief requests.
• Administered by JAMS or AAA under their commercial arbitration rules
• Single arbitrator mutually agreed or appointed per rules
• Location: Wilmington, Delaware or virtual if both parties agree
• Each party bears their own attorneys' fees unless arbitrator awards them
• Arbitration may not be joined with other cases or proceed as a class action
• Opt-Out: You may opt out of arbitration by emailing contact@mesrai.com within 30 days of accepting these Terms.

14.4 Venue and Jurisdiction (If No Arbitration)

• If arbitration does not apply, you consent to the exclusive jurisdiction of the state and federal courts located in New Castle County, Delaware for all disputes.

14.5 Class Action Waiver

• YOU AGREE TO BRING CLAIMS ONLY IN YOUR INDIVIDUAL CAPACITY, NOT AS A CLASS MEMBER OR REPRESENTATIVE. Class actions, class arbitrations, and representative actions are prohibited.

14.6 Jury Trial Waiver

• TO THE EXTENT PERMITTED BY LAW, YOU WAIVE YOUR RIGHT TO A JURY TRIAL for any disputes related to these Terms or the Service.

14.7 Time Limit on Claims

• You must bring any claim within one (1) year of the date the claim arose, or it is permanently barred.

• 15.1 Entire Agreement: These Terms, together with our Privacy Policy and any Order Form or Enterprise Agreement, constitute the entire agreement between you and Mesrai regarding the Service and supersede all prior agreements, representations, or understandings (written or oral).
• 15.2 Amendments: We may modify these Terms at any time. Material changes will be notified via email or prominent website notice at least 30 days before taking effect. Your continued use constitutes acceptance.
• 15.3 Severability: If any provision of these Terms is found invalid or unenforceable by a court, the remaining provisions remain in full force.
• 15.4 No Waiver: Our failure to enforce any right or provision does not constitute a waiver of that right. Waivers must be in writing and signed by an authorized representative.
• 15.5 Assignment: You may not assign or transfer these Terms or your rights without our prior written consent. We may assign our rights and obligations without restriction (e.g., in connection with a merger, acquisition, or sale of assets). Any prohibited assignment is void.
• 15.6 Force Majeure: We are not liable for delays or failures in performance caused by events beyond our reasonable control, including: Natural disasters, war, terrorism, civil unrest, government actions, internet or telecommunications failures, third-party service outages.
• 15.7 Independent Contractors: You and Mesrai are independent contractors. These Terms do not create a partnership, joint venture, employment, or agency relationship.
• 15.8 Notices — To You: We may provide notices via email to your registered address, in-app notifications, or prominent website posting. To Us: Email contact@mesrai.com. Notices to us are effective when received.
• 15.9 Language: These Terms are drafted in English. Any translations are for convenience only. In case of conflict, the English version governs.
• 15.10 Survival: Provisions that by their nature should survive termination (including warranties, indemnification, limitation of liability, intellectual property, and dispute resolution) will survive termination.
• 15.11 Third-Party Beneficiaries: These Terms do not create any third-party beneficiary rights, except for the Indemnified Parties under Section 11.
• 15.12 Headings: Section headings are for convenience only and do not affect interpretation.
• 15.13 Government End Users (U.S.): If you are a U.S. federal, state, or local government entity, the Service is a "Commercial Item" as defined in FAR 2.101.
• 15.14 Feedback: If you provide feedback, suggestions, or ideas about the Service, you grant us a perpetual, irrevocable, worldwide, royalty-free, fully sublicensable license to use, modify, and commercialize the Feedback without compensation or attribution.

For questions, concerns, or legal notices:

• For all inquiries (general, legal, privacy, security, billing): contact@mesrai.com

BY USING THE SERVICE, YOU ACKNOWLEDGE THAT:

• You have read, understood, and agree to be bound by these Terms
• You understand the Service is AI-powered and may produce errors
• You will use human judgment and not rely solely on AI output
• You are responsible for validating all AI-generated suggestions
• We are an early-stage startup without enterprise certifications
• The Service is provided "AS IS" with limitations on warranties and liability