Skip to main content

Legal · Last updated 2026-04-24 · Effective 2026-05-01

Terms of Service

These Terms of Service (“Terms”) govern your access to and use of the ShieldAgent software, platform, and related services. By accessing or using ShieldAgent you agree to these Terms. If you are accepting on behalf of an organisation, you represent that you have authority to bind that organisation.

1. Acceptance

Acceptance of Terms

By creating an account, installing the proxy, or accessing the ShieldAgent dashboard, you (“Customer”) agree to these Terms and our Privacy Policy. If you do not agree, do not use the service. We may update these Terms with 30 days' advance notice for material changes; continued use after the effective date constitutes acceptance.

2. Definitions

Key definitions

"Service"

The ShieldAgent MCP security proxy, management API, dashboard, CLI, SDKs, and documentation, whether delivered as managed SaaS, BYOC, or on-premises software.

"Customer" / "you"

The individual or legal entity that has subscribed to the Service.

"User"

Any individual authorised by Customer to access the Service under Customer's account.

"Agent"

An AI software agent registered with the Service whose tool calls are intercepted and evaluated by the proxy.

"Customer Data"

Data processed by the Service on Customer's behalf, including MCP tool-call payloads, audit events, and policy configurations.

"ShieldAgent"

ShieldAgent, S.L., a company registered in Andorra.

3. Service description

What we provide

ShieldAgent provides an MCP security proxy that intercepts, evaluates, and enforces security policies on tool calls between AI agents and MCP servers. The service includes: an inline proxy with policy evaluation pipeline; a management dashboard; a risk-scoring and anomaly-detection engine; an audit trail with cryptographic integrity; compliance reporting tooling (Annex IV, ISO 42001 alignment); and an SDK for agent integration.

We target 99.9% monthly uptime for the managed SaaS proxy path, measured excluding scheduled maintenance. SLA credits for breach of the uptime target are set out in the applicable Order Form or subscription plan. On-premises and BYOC deployments are not subject to ShieldAgent uptime commitments as they run in Customer-controlled infrastructure.

4. Accounts & access

Account registration and access

  • You must provide accurate registration information and keep it current.
  • You are responsible for maintaining the confidentiality of your credentials and API keys.
  • You must notify us immediately of any suspected unauthorised access at security@shieldagent.io.
  • Accounts may not be shared across organisations. Each tenant is a separate isolated environment.
  • We reserve the right to suspend accounts that violate these Terms or pose a security risk to the platform.
  • Minimum age: you must be at least 18 years old, or of legal age to enter contracts in your jurisdiction, to use the service.

5. Acceptable use

What you may and may not do

Permitted use

  • Deploy and configure the ShieldAgent proxy for your own AI agent workloads.
  • Create, manage, and enforce security policies for agents under your control.
  • Integrate the SDK into your own applications in accordance with the licence.
  • Use the compliance reporting tooling to produce your own regulatory evidence.

Prohibited use

  • Reverse-engineer, decompile, or attempt to extract the source code of proprietary components.
  • Resell, sublicence, or provide the service as a white-label offering without a written reseller agreement.
  • Use the service to circumvent or stress-test third-party MCP servers you do not own or have permission to test.
  • Introduce malicious code, attempt to compromise other tenants, or exploit the multi-tenant isolation layer.
  • Violate applicable laws or regulations, including export control laws.
  • Attempt to exceed resource quotas in a way that degrades service for other tenants.

6. Fees & payment

Billing terms

Fees are as set out in your Order Form or the self-serve pricing page at the time of subscription. Prices are in EUR unless otherwise stated and exclude applicable taxes (VAT / withholding).

Subscriptions are billed monthly or annually in advance. All fees are non-refundable except where required by law or expressly stated in an Order Form. If payment fails, we will notify you and may suspend access after a 14-day grace period.

We may increase prices with 60 days' notice; the increase takes effect at your next renewal. Mid-term price increases do not apply to annual subscriptions already paid.

7. Intellectual property

Who owns what

ShieldAgent IP. All rights in the ShieldAgent software, platform, documentation, models, and marks remain with ShieldAgent, S.L. We grant you a limited, non-exclusive, non-transferable licence to use the service during the term solely for your internal business purposes in accordance with these Terms.

Customer Data. You retain all rights in Customer Data. You grant ShieldAgent a limited licence to process Customer Data solely to provide and improve the service, as described in the Privacy Policy and DPA.

Feedback. If you provide suggestions or feedback about the service, you grant ShieldAgent a royalty-free, irrevocable, worldwide right to use that feedback without restriction or compensation.

8. Confidentiality

Mutual confidentiality

Each party agrees to protect the other's confidential information with at least the same care it uses for its own (and no less than reasonable care), and to use it only to exercise rights or fulfil obligations under these Terms. Confidential information excludes information that is publicly known without breach of this clause, independently developed, or rightfully received from a third party. These obligations survive termination for 3 years, except for trade secrets which are protected indefinitely. Disclosure to legal advisers, regulators, or pursuant to a court order is permitted provided the disclosing party gives prompt notice (where legally permitted) and cooperates to minimise the scope of disclosure.

9. Warranties & disclaimer

Warranties and disclaimer

ShieldAgent warrants that: (a) it has the right to grant the licences in these Terms; (b) the service will perform materially as described in the documentation during the term; and (c) it will implement and maintain appropriate technical and organisational security measures as described in the Trust Center.

Disclaimer. Except as expressly stated, the service is provided “as is”. To the maximum extent permitted by law, ShieldAgent disclaims all implied warranties, including merchantability, fitness for a particular purpose, and non-infringement. We do not warrant that the service will detect every security threat, prevent every policy violation, or be free from errors or interruptions. Security is a shared responsibility.

10. Limitation of liability

Liability cap and exclusions

To the maximum extent permitted by law, neither party is liable for indirect, incidental, special, consequential, or punitive damages, or for loss of profits, revenue, data, or goodwill, even if advised of the possibility of such damages.

Each party's aggregate liability arising out of or related to these Terms is limited to the greater of (a) the total fees paid by Customer in the 12 months preceding the claim, or (b) €500.

These limitations do not apply to: (i) death or personal injury caused by negligence; (ii) fraud or fraudulent misrepresentation; (iii) wilful misconduct; or (iv) any liability that cannot be excluded by law.

11. Termination

How the agreement ends

Either party may terminate a monthly subscription at any time; the termination takes effect at the end of the current billing period. Annual subscriptions may be terminated for cause (material breach uncured after 30 days' written notice, or insolvency).

We may suspend or terminate access immediately if we reasonably believe you are: violating the Acceptable Use policy; compromising the security of the platform; or engaged in fraud.

On termination, your right to access the service ceases. We will make Customer Data available for export for 30 days after termination, after which it will be deleted in accordance with our retention schedule, unless a legal hold requires longer retention.

Sections 7 (IP), 8 (Confidentiality), 9 (Warranties/Disclaimer), 10 (Liability), 12 (Governing Law), and 13 (General) survive termination.

12. Governing law

Applicable law and disputes

These Terms are governed by the laws of the Principality of Andorra. Disputes shall first be addressed through good-faith negotiation between the parties. If unresolved within 30 days, disputes shall be submitted to the competent courts of Andorra. For customers established in the EU, mandatory consumer protection provisions of your country of residence continue to apply regardless of this clause.

13. General

General provisions

Entire agreement. These Terms, together with any Order Form, the Privacy Policy, DPA, and any applicable Data Security Addendum, constitute the entire agreement between the parties and supersede all prior discussions.

Waiver. Failure to enforce any provision does not constitute a waiver.

Severability. If any provision is held unenforceable, the remaining provisions continue in full force.

Assignment. You may not assign these Terms without our prior written consent. We may assign to an affiliate or in connection with a merger or acquisition.

Notices. Legal notices to ShieldAgent should be sent to privacy@shieldagent.io.

Last updated 2026-04-24. Effective 2026-05-01. ShieldAgent, S.L. — Andorra.