Terms of Service

Effective Date: March 7, 2026 Last Updated: March 7, 2026

These Terms of Service ("Terms") constitute a legally binding agreement between you or the entity you represent ("Customer," "you," or "your") and Comedia Technologies Private Limited, a company incorporated under the Companies Act, 2013, with its registered office at #1207/343 & 1207/1/343/1, 9TH Main, 7th Sector, HSR Layout, Bangalore, Karnataka, India, 560102, India ("Company," "we," "us," or "our").

By accessing or using the Kyra platform at kyratech.io, its APIs, SDKs, dashboard, documentation, or any related services (collectively, the "Service"), you agree to be bound by these Terms. If you are accepting on behalf of an organization, you represent that you have full authority to bind that organization to these Terms.

IF YOU DO NOT AGREE TO THESE TERMS IN THEIR ENTIRETY, DO NOT ACCESS OR USE THE SERVICE.

---

1. Definitions

1.1 "Agent" means an autonomous or semi-autonomous software process, AI model, or language model-based system registered by Customer within the Service.

1.2 "Agent Data" means tool call parameters, execution context, session metadata, audit events, and any other data generated by or associated with Customer's Agents as they interact with the Service.

1.3 "Authorized User" means an individual employee, contractor, or agent of Customer who is authorized by Customer to access the Service under Customer's account.

1.4 "Documentation" means the technical documentation, integration guides, and API references made available by Company at kyratech.io/docs or any successor URL.

1.5 "Evaluation" means a single governance assessment performed by the Service's gate pipeline on one tool call intercepted from a Customer Agent, regardless of how many internal gates are evaluated or how many policies are checked.

1.6 "Intellectual Property Rights" means all patents, copyrights, trademarks, trade secrets, moral rights, and any other intellectual property or proprietary rights recognized in any jurisdiction.

1.7 "Order Form" means a written or electronic ordering document or online subscription form specifying the Subscription Plan, fees, and other commercial terms agreed between the parties.

1.8 "Policy Data" means policy documents, compliance configurations, explicit policy records, and related governance materials uploaded or configured by Customer within the Service.

1.9 "Service Data" means collectively Agent Data, Policy Data, and any other data Customer submits to or generates through the Service.

1.10 "Subscription Plan" means the pricing tier (Free, Startup, Growth, or Enterprise) selected by Customer, as described at kyratech.io/pricing or in an Order Form.

---

2. Access and Use

2.1 Grant of Access

Subject to these Terms and timely payment of applicable Fees, Company grants Customer a limited, non-exclusive, non-transferable, non-sublicensable right during the Subscription Term to: (a) access and use the Service for Customer's internal business purposes; (b) install and use the SDKs in Customer's applications; and (c) allow Authorized Users to access the Service under Customer's account. This grant confers no ownership rights whatsoever.

2.2 Account Registration

Customer must register for an account to access the Service. Customer is solely responsible for: (a) providing accurate and complete registration information; (b) maintaining the confidentiality of account credentials; (c) all activities that occur under Customer's account regardless of whether authorized by Customer; and (d) promptly notifying Company of any unauthorized account access. Company is not liable for any loss or damage arising from Customer's failure to comply with this section.

2.3 Authorized Users

Customer may provision Authorized Users up to the limits of its Subscription Plan. Customer is entirely responsible for Authorized Users' compliance with these Terms. Customer must promptly revoke access for any individual who is no longer authorized. Any breach of these Terms by an Authorized User will be treated as a breach by Customer.

2.4 Acceptable Use

Customer agrees not to, and will not permit Authorized Users to:

(a) use the Service to process data in violation of any applicable law;

(b) reverse engineer, decompile, disassemble, or attempt to derive the source code, architecture, or trade secrets of the Service or any underlying technology;

(c) copy, modify, distribute, sell, resell, sublicense, or create derivative works based on the Service or Documentation, except as expressly permitted in writing by Company;

(d) use the Service to develop a competing product or service, or provide access to a competitor of Company for benchmarking, competitive intelligence, or any analogous purpose;

(e) attempt to probe, scan, test the vulnerability of, or breach any security or authentication measure of the Service without Company's prior written consent;

(f) introduce malicious code, viruses, ransomware, or any harmful data into the Service;

(g) circumvent any rate limits, usage caps, metering mechanisms, or access controls implemented by Company;

(h) use the Service in any safety-critical application where failure could result in death, personal injury, or severe property or environmental damage;

(i) use the Service to process data relating to minors without appropriate legal authorization; or

(j) use the Service in any manner that disrupts, degrades, or impairs the Service or other customers' use thereof.

2.5 Free Plan

The Free plan is provided without charge and without warranty beyond what is required by applicable law. Company reserves the right to modify, limit, or discontinue the Free plan at any time at Company's sole discretion. Free plan access does not create any contractual entitlement to continued service.

2.6 Beta and Preview Features

Company may make beta, preview, or experimental features available. Such features are provided "as is," may be discontinued at any time without notice, and are expressly excluded from any service level commitments or warranties.

---

3. Subscription, Fees, and Payment

3.1 Subscription Plans

The Service is offered under tiered Subscription Plans as published at kyratech.io/pricing. Plan limits — including the number of registered Agents, monthly included Evaluations, policy document count, and feature access — are specified per plan. Customer must select a plan at or above the level required for its intended use.

3.2 Fees

Customer agrees to pay all fees applicable to its Subscription Plan ("Fees"). Unless otherwise stated in an Order Form:

(a) Startup and Growth plans are billed monthly in advance via the payment method on file;

(b) Enterprise plans are billed per the terms in the applicable Order Form;

(c) all Fees are stated in United States Dollars (USD) unless an Order Form specifies otherwise; and

(d) all Fees are non-refundable in all circumstances, as set out in Section 3.6.

3.3 Evaluations and Top-Ups

Each Subscription Plan includes a fixed number of Evaluations per billing period. Once Customer's included Evaluation count is reached in a billing period, the Service will block Agent tool calls until Customer purchases additional Evaluations ("top-up") via the billing dashboard. Company does not automatically purchase top-ups on Customer's behalf. Customer is solely responsible for monitoring its Evaluation usage through the dashboard and purchasing top-ups as needed. Company accepts no liability for any disruption to Customer's operations arising from Evaluation limit exhaustion.

Additional Evaluations are available for purchase at the rates published at kyratech.io/pricing. Top-up purchases are processed via Customer's payment method on file and are non-refundable once processed.

3.4 Payment Method

Customer must provide and maintain a valid payment method. By providing payment information, Customer irrevocably authorizes Company and its payment processor to charge all applicable Fees. Failed, declined, or reversed payments may result in immediate suspension of the Service at Company's sole discretion, without prior notice. Company is not liable for any loss arising from service suspension following payment failure.

3.5 Taxes

All Fees are exclusive of applicable taxes, levies, duties, or similar governmental assessments, including Goods and Services Tax (GST), value-added tax (VAT), sales tax, withholding tax, or any other tax ("Taxes"). Customer is solely responsible for all Taxes associated with its purchases, excluding taxes on Company's net income. Where Company is required by law to collect Taxes, Company will invoice Customer and Customer must pay such Taxes in addition to the Fees.

3.6 No Refunds

ALL FEES ARE NON-REFUNDABLE IN ALL CIRCUMSTANCES. Customer agrees that no refunds, credits, or pro-rata adjustments will be issued for: (a) unused portions of a billing period; (b) unused Evaluations; (c) unused top-up credits; (d) subscription cancellations; (e) downgrades; (f) service interruptions; or (g) any other reason whatsoever. To the maximum extent permitted by applicable law, Customer waives all rights to seek a chargeback, reversal, or refund of any Fees paid.

3.7 Fee Changes

Company may change Fees for any Subscription Plan at any time, including without prior notice, by posting updated pricing at kyratech.io/pricing. Fee changes apply to the next billing period following the date the updated pricing is posted. Customer's continued use of the Service after a fee change constitutes unconditional acceptance of the new Fees. It is Customer's responsibility to review pricing at kyratech.io/pricing periodically.

---

4. Subscription Term and Termination

4.1 Subscription Term

The Subscription Term begins on the date Customer creates an account or executes an Order Form. For monthly plans, the term renews automatically each month unless cancelled.

4.2 Cancellation by Customer

Customer may cancel its subscription at any time through the dashboard or by written notice to Company. Cancellation takes effect at the end of the then-current billing period. No refund is provided for the remainder of the current billing period under any circumstances.

4.3 Termination for Cause

Either party may terminate this agreement immediately upon written notice if the other party: (a) materially breaches these Terms and, where the breach is curable, fails to cure it within thirty (30) days of written notice; or (b) becomes insolvent, ceases business operations, or is subject to bankruptcy, liquidation, or winding-up proceedings.

4.4 Suspension and Termination by Company

Company may, at its sole discretion, suspend or terminate Customer's access to the Service immediately and without prior notice if: (a) Customer or any Authorized User violates any provision of Section 2.4; (b) Company is required to do so by applicable law, regulation, or court order; (c) Customer fails to pay any Fees when due; (d) Customer's account is subject to a chargeback or payment dispute; (e) Company determines that Customer's use poses a security or reputational risk to Company or other customers; or (f) Company elects to discontinue the Service. Company will not be liable to Customer or any third party for any suspension or termination under this section.

4.5 Effect of Termination

Upon expiration or termination for any reason: (a) all rights and access granted to Customer cease immediately; (b) Customer must cease all use of the Service and SDKs; (c) all unpaid Fees become immediately due and payable; (d) each party will, upon request, return or destroy the other party's confidential information; and (e) Sections 1, 3.6, 5, 6, 7, 8, 9, 10, and 11 survive termination indefinitely.

4.6 Data Following Termination

Following termination or expiration for any reason, Company may delete Customer's Service Data at any time in Company's sole discretion, including immediately upon termination. Company is under no obligation to retain, export, or make available Service Data after termination. Company is not liable for any loss of data following termination. Customers wishing to retain data must export it before termination using available dashboard tools during the active Subscription Term.

---

5. Intellectual Property

5.1 Company IP

As between the parties, Company exclusively owns all right, title, and interest in and to the Service, Documentation, underlying technology, gate pipeline architecture, models, algorithms, and all Intellectual Property Rights therein. These Terms do not transfer any ownership interest in Company IP to Customer. The open-source SDKs are licensed under their respective open-source licenses as published on Company's GitHub repositories — that license applies only to the SDKs and not to any server-side component of the Service.

5.2 Customer IP and Service Data

Customer owns its Service Data. Customer grants Company a perpetual, irrevocable, worldwide, royalty-free license to store, process, analyze, and use Service Data to: (a) provide the Service; (b) improve the Service; (c) generate anonymized, aggregated analytics; and (d) comply with legal obligations. This license survives termination.

5.3 Feedback

If Customer provides any feedback, suggestions, or ideas regarding the Service, Customer grants Company a perpetual, irrevocable, royalty-free, worldwide license to use, copy, modify, and incorporate such feedback into the Service and any other products without any obligation of compensation, attribution, or notice to Customer.

5.4 Usage Data

Company may collect, use, and commercially exploit anonymized, aggregated usage data derived from Customer's use of the Service — including evaluation volumes, gate performance metrics, and policy patterns — without restriction, provided such data does not identify Customer or any individual.

---

6. Confidentiality

6.1 Confidential Information

"Confidential Information" means any non-public information disclosed by one party ("Disclosing Party") to the other ("Receiving Party") that is designated as confidential or that reasonably should be understood to be confidential. Customer's Confidential Information includes Service Data. Company's Confidential Information includes the Service's architecture, source code, pricing terms, roadmap, and security documentation.

6.2 Obligations

The Receiving Party will: (a) hold Confidential Information in strict confidence using at least reasonable care; (b) not disclose Confidential Information to any third party without the Disclosing Party's prior written consent; and (c) use Confidential Information only as necessary to exercise rights or fulfill obligations under these Terms.

6.3 Exceptions

Confidentiality obligations do not apply to information that: (a) is or becomes publicly known through no breach of these Terms; (b) was rightfully known to the Receiving Party before disclosure; (c) is rightfully obtained from a third party without restriction; or (d) is independently developed by the Receiving Party without use of Confidential Information.

6.4 Compelled Disclosure

If required by law or governmental authority to disclose Confidential Information, the Receiving Party will, to the extent permitted by law, provide prompt prior written notice to the Disclosing Party and reasonably cooperate to seek a protective order before disclosure.

---

7. Data Processing and Privacy

7.1 Data Controller and Processor

Company acts as a data processor with respect to any personal data within Service Data; Customer acts as the data controller. Customer is solely responsible for ensuring it has a lawful basis to transfer personal data to Company for processing, and for all obligations of a data controller under applicable law.

7.2 Data Processing Agreement

For customers subject to the GDPR, UK GDPR, or India's Digital Personal Data Protection Act, 2023 (DPDPA), a Data Processing Agreement ("DPA") is available upon request at hello@kyratech.io.

7.3 Security

Company implements technical and organizational security measures designed to protect Service Data. However, no system is completely secure. Company does not guarantee that Service Data will be free from unauthorized access, disclosure, or destruction, and Company's liability for any such event is subject to the limitations in Section 9.

7.4 Sub-processors

Company may engage third-party sub-processors to assist in delivering the Service, including but not limited to Anthropic (AI inference), MongoDB (database), and cloud infrastructure providers. A current list is available upon request. Each sub-processor is subject to contractual data protection obligations consistent with applicable law. Company's liability for any sub-processor's acts or omissions is limited to the same extent that Company's own liability is limited under these Terms. Company does not accept responsibility for sub-processor failures beyond what is required by applicable law.

7.5 Third-Party Integrations

Company is not liable in any manner whatsoever for data processed by, transmitted to, or received from any third-party product, service, or system that Customer integrates or uses in conjunction with the Service. Customer assumes all risk and responsibility for third-party integrations.

7.6 Customer Obligations

Customer represents and warrants that: (a) it has obtained all necessary consents and a lawful basis to submit Service Data to Company; (b) it will not submit special categories of sensitive personal data to the Service without an executed DPA; and (c) it will comply with all applicable data protection laws in its use of the Service. Customer indemnifies Company in full for any regulatory fine, penalty, or third-party claim arising from Customer's breach of this section.

---

8. Warranties and Disclaimers

8.1 Mutual Warranties

Each party represents and warrants that: (a) it has the legal power and authority to enter into these Terms; and (b) its performance will not conflict with any obligation it owes to a third party.

8.2 No Uptime Warranty

COMPANY DOES NOT WARRANT ANY SPECIFIC UPTIME, AVAILABILITY, OR RESPONSE TIME FOR THE SERVICE. Any service level information published at kyratech.io is for informational purposes only and does not constitute a binding commitment.

8.3 Disclaimer of Warranties

EXCEPT AS EXPRESSLY SET OUT IN SECTION 8.1, THE SERVICE IS PROVIDED "AS IS" AND "AS AVAILABLE." TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, COMPANY EXPRESSLY DISCLAIMS ALL WARRANTIES, CONDITIONS, AND REPRESENTATIONS OF ANY KIND, WHETHER EXPRESS, IMPLIED, STATUTORY, OR OTHERWISE, INCLUDING WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE, AND NON-INFRINGEMENT. CUSTOMER ASSUMES THE ENTIRE RISK AS TO THE RESULTS AND PERFORMANCE OF THE SERVICE.

8.4 No Legal or Compliance Advice

The Service provides technical enforcement of policies configured by Customer. The Service does not constitute legal advice, compliance consulting, or a guarantee of regulatory compliance. Customer is solely responsible for determining the adequacy of its compliance program.

8.5 AI Output Disclaimer

The Service uses large language model inference as part of its gate pipeline. Company does not warrant the accuracy, completeness, or correctness of any AI-generated output, including policy proposals, escalation reasoning, or compliance assessments. Customer must independently review and validate all AI-generated outputs before relying on them.

---

9. Limitation of Liability

9.1 Exclusion of Consequential Damages

TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, IN NO EVENT WILL COMPANY, ITS DIRECTORS, OFFICERS, EMPLOYEES, AGENTS, SUPPLIERS, OR LICENSORS BE LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, PUNITIVE, OR EXEMPLARY DAMAGES OF ANY KIND, INCLUDING LOSS OF PROFITS, REVENUE, DATA, GOODWILL, BUSINESS OPPORTUNITIES, OR ANTICIPATED SAVINGS, ARISING OUT OF OR RELATED TO THESE TERMS OR THE SERVICE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

9.2 Cap on Liability

TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, COMPANY'S TOTAL CUMULATIVE LIABILITY ARISING OUT OF OR RELATED TO THESE TERMS OR THE SERVICE WILL NOT EXCEED THE FEES ACTUALLY PAID BY CUSTOMER TO COMPANY IN THE CALENDAR MONTH IN WHICH THE EVENT GIVING RISE TO THE CLAIM FIRST OCCURRED. For Enterprise customers on annual or multi-year contracts, the cap shall not exceed the Fees paid in the single most recent monthly invoice period.

9.3 Exceptions

The limitations in Sections 9.1 and 9.2 do not apply to: (a) Customer's payment obligations; (b) Customer's indemnification obligations; (c) either party's breach of confidentiality; or (d) liability that cannot be excluded under mandatory applicable law.

9.4 Essential Basis of Bargain

Customer acknowledges that the limitations of liability in this Section 9 reflect a reasonable allocation of risk and are an essential element of the basis of the bargain between the parties. Company would not have entered into these Terms without these limitations.

---

10. Indemnification

10.1 By Customer

Customer will defend, indemnify, and hold harmless Company and its officers, directors, employees, and agents from and against any claim, demand, suit, or proceeding ("Claim") and all resulting damages, losses, liabilities, costs, and expenses (including reasonable legal fees) arising out of or relating to: (a) Customer's use of the Service; (b) Service Data; (c) Customer's violation of these Terms; (d) Customer's violation of applicable law; (e) any third-party integration Customer uses in conjunction with the Service; or (f) Customer's gross negligence or wilful misconduct.

10.2 By Company

Company will defend Customer from any Claim that the Service, as provided by Company and used strictly in accordance with these Terms, infringes any registered patent, copyright, or trademark of a third party in India. This obligation does not apply if the alleged infringement arises from: (a) Customer's modification of the Service; (b) combination of the Service with third-party products; (c) Customer's use of the Service outside permitted scope; or (d) open-source components of the SDKs.

10.3 Procedure

The indemnified party must: (a) promptly notify the indemnifying party in writing of any Claim; (b) give the indemnifying party sole control over defense and settlement; and (c) provide reasonable cooperation. The indemnifying party may not settle any Claim that imposes obligation on the indemnified party without its prior written consent.

---

11. General

11.1 Governing Law

These Terms are governed by and construed in accordance with the laws of India. The parties submit to the exclusive jurisdiction of the courts of Bengaluru, Karnataka, India, provided that Company may seek injunctive or other equitable relief in any court of competent jurisdiction.

11.2 Dispute Resolution

Prior to initiating formal proceedings, the parties will attempt to resolve disputes through good-faith negotiation for thirty (30) days following written notice. If unresolved, disputes shall be referred to binding arbitration under the Arbitration and Conciliation Act, 1996 (India), conducted by a sole arbitrator, seated in Bengaluru, in the English language. The arbitral award shall be final and binding. Nothing in this section prevents Company from seeking urgent injunctive relief.

11.3 Entire Agreement

These Terms, together with any Order Form and executed DPA, constitute the entire agreement between the parties with respect to the Service and supersede all prior or contemporaneous agreements.

11.4 Order of Precedence

In the event of conflict: an Order Form prevails over these Terms; a DPA prevails over these Terms with respect to data processing matters.

11.5 Amendments

Company may amend these Terms at any time by posting updated Terms at kyratech.io/terms. Updated Terms are effective upon posting. Customer's continued use of the Service after updated Terms are posted constitutes acceptance.

11.6 Assignment

Customer may not assign these Terms without Company's prior written consent. Company may assign these Terms without consent in connection with a merger, acquisition, or sale of all or substantially all of its assets. Any purported assignment in violation of this section is void.

11.7 Severability

If any provision of these Terms is held invalid or unenforceable, that provision will be modified to the minimum extent necessary, and the remaining provisions will continue in full force.

11.8 Waiver

Failure to enforce any provision of these Terms does not constitute a waiver of that provision or the right to enforce it in the future.

11.9 Force Majeure

Company will not be liable for any delay or failure to perform resulting from causes beyond its reasonable control, including acts of God, natural disasters, cyberattacks, war, terrorism, government actions, pandemics, or failures of third-party infrastructure providers.

11.10 Notices

Notices to Company must be sent to: legal@kyratech.io and to Comedia Technologies Private Limited, #1207/343 & 1207/1/343/1, 9TH Main, 7th Sector, HSR Layout, Bangalore, Karnataka, India, 560102, India. Notices to Customer will be sent to the email address on Customer's account. Notices are effective upon confirmed delivery.

11.11 Relationship of the Parties

The parties are independent contractors. Nothing in these Terms creates a partnership, joint venture, agency, franchise, or employment relationship.

11.12 Export Compliance

Customer will comply with all applicable export control laws and regulations, including those of India and the United States, in connection with its use of the Service and SDKs.

11.13 No Third-Party Beneficiaries

These Terms are solely for the benefit of the parties. No third party has any right to enforce any provision of these Terms.

11.14 Publicity

Company may identify Customer as a customer and use Customer's name and logo in marketing materials and on Company's website. Customer may opt out by emailing hello@kyratech.io.

11.15 Survival

Sections 1, 3.6, 5, 6, 7, 8, 9, 10, and 11 survive any termination or expiration of these Terms.

---

12. Contact

For questions about these Terms, contact:

Comedia Technologies Private Limited Legal Department #1207/343 & 1207/1/343/1, 9TH Main, 7th Sector, HSR Layout, Bangalore, Karnataka, India, 560102 legal@kyratech.io

---

These Terms were last updated on March 7, 2026.