← Back to CodeTrust

Terms of Service

Effective Date: February 20, 2026 · Last Updated: February 20, 2026

These Terms of Service ("Terms") govern your access to and use of the CodeTrust platform, including the CLI tool, REST API, VS Code extension, MCP servers, GitHub Action, and website (collectively, the "Service"), operated by Said Borna ("Owner", "we", "us").

By installing, accessing, or using any part of the Service, you agree to be bound by these Terms. If you do not agree, do not use the Service.

1. License Grant

Subject to these Terms, we grant you a limited, non-exclusive, non-transferable, revocable license to use the Service for your internal development purposes.

1.1 Permitted Use

• Install and use the CLI tool (pip install codetrust) in your development environment
• Install and use the VS Code extension from the Visual Studio Marketplace
• Use the MCP servers for AI governance enforcement in your IDE
• Integrate the GitHub Action in your CI/CD pipelines
• Access the REST API within published rate limits

1.2 Restrictions

You may NOT:

• Reverse engineer, decompile, disassemble, or attempt to derive the source code of the Service
• Copy, modify, adapt, or create derivative works based on the Service or its components
• Redistribute, sublicense, rent, lease, or lend the Service to third parties
• Remove, alter, or obscure any copyright notices, proprietary markings, or branding
• Use the Service to build a competing product or service
• Extract rules, patterns, algorithms, or detection logic for use outside the Service
• Circumvent, disable, or interfere with license validation, telemetry, or security features
• Use automated tools to scrape, mirror, or download the Service's rule sets or analysis logic
• Share API keys, license keys, or access credentials with unauthorized parties

2. Intellectual Property

The Service, including all source code, detection rules, algorithms, documentation, branding, trademarks, and trade secrets, is the exclusive property of Said Borna and is protected by copyright law, trade secret law, and international intellectual property treaties.

The CodeTrust name, logo, and all associated branding are trademarks of Said Borna. You may not use these marks without prior written permission.

All rights not expressly granted in these Terms are reserved by the Owner.

3. API and Service Usage

3.1 Rate Limits

API access is subject to rate limiting. Current limits are published at api.codetrust.ai/docs. Exceeding rate limits may result in temporary or permanent access restriction.

3.2 API Keys

API keys are personal and non-transferable. You are responsible for maintaining the confidentiality of your API key. Compromised keys should be reported immediately to [email protected].

3.3 Availability

We aim for high availability but do not guarantee uninterrupted access. The Service may be temporarily unavailable for maintenance, updates, or due to circumstances beyond our control.

4. Data Collection and Privacy

4.1 Telemetry

The Service collects anonymous usage telemetry to improve the product, including:

• Scan counts and timing
• Languages and file types scanned
• Finding categories (not file contents)
• Feature usage statistics

Telemetry does NOT include: source code, file paths, file contents, personal identifiers, or repository names. All telemetry data is aggregated and anonymized.

4.2 GDPR Compliance

The Service provides GDPR-compliant data export (Art. 15) and right to erasure (Art. 17) via API endpoints. Contact [email protected] for data requests.

5. License Validation

The Service may periodically validate your installation against our licensing server. This process transmits only:

• A hashed machine identifier (not hardware details)
• License key (if configured)
• Client version

Installations without a valid license operate in a limited capacity with a reduced rule set. Disabling or circumventing license validation is a violation of these Terms.

6. Contributions

All contributions to the CodeTrust codebase require signing the Contributor License Agreement (CLA), which grants the Owner perpetual, worldwide, non-exclusive rights to the contribution.

7. Disclaimer of Warranties

THE SERVICE IS PROVIDED "AS IS" AND "AS AVAILABLE" WITHOUT WARRANTIES OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NON-INFRINGEMENT.

WE DO NOT WARRANT THAT THE SERVICE WILL DETECT ALL SECURITY VULNERABILITIES, HALLUCINATED PACKAGES, OR UNSAFE CODE PATTERNS. THE SERVICE IS A SUPPLEMENTARY TOOL AND DOES NOT REPLACE PROFESSIONAL SECURITY AUDITS.

8. Limitation of Liability

TO THE MAXIMUM EXTENT PERMITTED BY LAW, THE OWNER SHALL NOT BE LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, OR PUNITIVE DAMAGES, OR ANY LOSS OF PROFITS, DATA, OR USE, ARISING FROM YOUR USE OF THE SERVICE.

THE OWNER'S TOTAL LIABILITY FOR ALL CLAIMS ARISING FROM THESE TERMS SHALL NOT EXCEED THE AMOUNT YOU PAID FOR THE SERVICE IN THE 12 MONTHS PRECEDING THE CLAIM, OR €100, WHICHEVER IS GREATER.

9. Termination

We may suspend or terminate your access to the Service at any time, with or without cause, with or without notice. Upon termination:

• Your license to use the Service immediately ends
• You must uninstall all CodeTrust components
• Provisions that by their nature should survive (including IP, liability, and dispute resolution) shall survive termination

10. Governing Law

These Terms are governed by the laws of Sweden. Any disputes shall be resolved in the courts of Stockholm, Sweden, unless otherwise required by applicable consumer protection law.

11. Changes to These Terms

We may update these Terms from time to time. Material changes will be communicated via the website or release notes. Continued use of the Service after changes constitutes acceptance of the revised Terms.

12. Contact

For questions about these Terms, contact:

Said Borna
[email protected]
www.saidborna.com