These Terms of Service (“Terms”) define your rights and our rights in relation to the use of the services provided by Ennote Security Inc. (“Ennote Security”, “we”, “us”, “the Company”) through our website (e.g., ennote.io, the “Website”), through any applications (the "Applications"), and any Client Software (including Agents, Operators, SDKs, APIs, and CLIs) we may offer. The Website, Applications, Client Software, and the services provided by or through them are collectively known in these Terms as the “Services.”

By accessing or using the Services or any part of them, you, the user or the entity you represent (“you”, “User”, “Customer”, "Account Holder"), agree to be bound by these Terms, our Privacy Policy, any service-specific terms or Order Forms (if applicable), and all terms, guidelines, and policies incorporated by reference (collectively, the “Agreement”). If you are entering into this Agreement on behalf of a company or other legal entity, you represent that you have the authority to bind such entity to this Agreement.

1. The Services

Ennote Security is constantly modifying and improving its Services. We reserve the right to introduce new products and/or features, change existing products and/or features, or discontinue products and/or features from the Services at any time, at our sole discretion.

Ennote Security is a corporate secret manager platform designed for securely storing, managing, and sharing sensitive information ("Secrets"). Key features include:

Secure storage and sharing of Secrets.
Machine Identity Management via Kubernetes Operators and Agents.
Secret versioning and Audit logs.
Granular RBAC at Organization and Workspace levels.

Client Software: To use certain features (e.g., Kubernetes Sync), you may need to download and install software ("Client Software") on your infrastructure. This Client Software communicates with our SaaS platform to facilitate secret delivery.

2. Creating an Account

2.1 Eligibility

To use the Services, you must be at least sixteen (16) years of age. If you are agreeing to these Terms on behalf of an organization, you represent that you are authorized to bind that organization.

2.2 Authentication

Account registration and login are facilitated exclusively through supported Third-Party Auth Providers (Google, Microsoft, GitHub). Ennote Security does not store native passwords. You are responsible for maintaining the security of your third-party accounts.

2.3 Account Responsibility

You are responsible for all activities that occur under your account(s) and within your Organization, including the actions of any Users or Machine Identities (Agents) you authorize.

3. Security and Zero Persistence

3.1 Security Measures

Ennote Security implements robust physical, technical, and administrative security measures, including Post-Quantum Encryption (Kyber) and Transient Isolation, to protect your information. For details, visit ennote.io/security.

3.2 Zero Persistence & Recovery

You acknowledge that Ennote Security utilizes a "Zero Persistence" architecture for handling plaintext keys. We do not store the credentials required to decrypt your Secrets on disk. Consequently:

NO RECOVERY: IF YOU LOSE ACCESS TO YOUR IDENTITY PROVIDER (SSO) OR DELETE YOUR MASTER KEYS (IN A BYOK CONFIGURATION), ENNOTE SECURITY CANNOT RECOVER YOUR DATA. YOU ARE SOLELY RESPONSIBLE FOR MAINTAINING ACCESS TO YOUR CREDENTIALS.

3.3 Privacy

We collect and use data in accordance with our Privacy Policy.

4. Fees, Charges, and Payments

4.1 Subscription Plans

You agree to pay all fees applicable to your chosen plan. Fees are due in advance. We offer Free, Team, and Enterprise plans with varying capabilities.

4.2 Payment Processing

We use Stripe, Inc. for payments. You authorize us (through Stripe) to charge you for all Subscription Fees. You are responsible for all applicable taxes.

4.3 Unpaid Fees

We reserve the right to suspend access if fees remain unpaid.

5. Third-Party Services

"Third-Party Service" means any software or service not provided by Ennote (e.g., AWS, Kubernetes clusters, Identity Providers).

YOU AGREE THAT ENNOTE SECURITY HAS NO RESPONSIBILITY FOR ANY THIRD-PARTY SERVICES, OR FOR ANY USER CONTENT EXPORTED TO OR SYNCHRONIZED WITH THEM AT YOUR DIRECTION.

6. License & Client Software

6.1 SaaS License

Ennote Security grants you a limited, non-exclusive, non-transferable license to access and use the SaaS Services during your Subscription Term.

6.2 Client Software License

Any Client Software (e.g., Ennote Agent/Operator, CLI) provided by us is licensed to you solely for the purpose of accessing the Services. While some components may be Open Source, your use of them in conjunction with the SaaS Platform is governed by these Terms.

6.3 Restrictions

You may not:

Reverse engineer, decompile, or disassemble the Services or Client Software.
Use the Services to build a competitive product.
Probe, scan, or test the vulnerability of any system without authorization.
Bypass or breach any security device or protection used by the Services.

7. User Content & Secrets

7.1 Ownership

User Content submitted to the Services is owned and controlled by the Customer. You grant Ennote Security a limited license to access User Content solely to maintain and provide the Services.

7.2 Blind Host Status

You acknowledge that due to Ennote's encryption architecture, Ennote Security acts as a Blind Host. We store encrypted blobs (Ciphertext) and typically do not have the technical ability to access the plaintext of your Secrets. As such, you bear full responsibility for the content of your Secrets.

7.3 Feedback

You grant Ennote Security a perpetual, irrevocable license to use any Feedback you provide.

8. Our Proprietary Rights

The Services are owned by Ennote Security Inc. and are protected by Canadian and international copyright laws.

9. Early Access Features

Features identified as "Alpha", "Beta", or "Early Access" are provided "AS IS" without warranty. Any data used with these features may be non-recoverable.

10. Disclaimer of Warranties

TO THE FULLEST EXTENT PERMITTED BY LAW, THE SERVICES ARE PROVIDED “AS IS” AND “AS AVAILABLE”. WE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED.

WE DO NOT WARRANT THAT THE SERVICES WILL BE UNINTERRUPTED OR ERROR-FREE. DUE TO OUR ZERO-PERSISTENCE ARCHITECTURE, WE DO NOT WARRANT THAT DATA CAN BE RECOVERED IF YOU LOSE YOUR CREDENTIALS.

Enterprise SLA Exception: For Enterprise customers, Service Level Agreements (SLAs) regarding uptime are defined in the applicable Order Form and supersede this disclaimer.

11. Limitations of Liability

11.1 Indirect Damages

ENNOTE SECURITY WILL NOT BE LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL, OR CONSEQUENTIAL DAMAGES, INCLUDING LOST PROFITS OR DATA LOSS.

11.2 Cap on Liability

OUR TOTAL LIABILITY SHALL NOT EXCEED THE AMOUNTS YOU HAVE PAID TO ENNOTE SECURITY IN THE TWELVE (12) MONTHS PRECEDING THE CLAIM. FOR FREE PLANS, LIABILITY IS LIMITED TO CAD $100.00.

12. Indemnity

You agree to indemnify and hold harmless Ennote Security from claims resulting from: (a) your use of the Services; (b) your breach of this Agreement; or (c) your User Content.

13. Termination

You may terminate at any time. We may terminate for cause immediately, or without cause with reasonable notice. Upon termination, your right to access the Services ceases.

14. Governing Law

This Agreement is governed by the laws of the Province of British Columbia and the federal laws of Canada.

15. General Terms

Force Majeure: We are not liable for events beyond our control.
Logo Usage: We may use your logo for marketing unless you opt-out via support.
Assignment: You may not assign this Agreement without consent; we may assign it without restriction.

16. Questions

Ennote Security Inc.

Support & Legal Inquiries

[email protected]

Visit Support Portal