Last updated: April 2026
By accessing or using VaultBytes services ("Services"), you agree to be bound by these Terms of Service ("Terms"). If you do not agree to these Terms, do not use our Services.
VaultBytes provides secure AI explainability and FHE validation services, including:
Access to the CipherExplain API requires an API key ("Key") issued by VaultBytes. You agree to:
POST /keys/rotate if you suspect unauthorised useAPI keys are stored as SHA-256 hashes. We cannot retrieve the raw value of your Key. If lost, you must rotate to obtain a new one.
The CipherExplain API is offered in four tiers. Quotas below are the published baselines; Business and Enterprise contracts may carry per-customer overrides agreed at signing.
Quotas reset on the first day of each calendar month (UTC). Unused quota does not roll over. Calls that exceed your monthly quota will be rejected with HTTP 429. We do not automatically upgrade your tier or charge overage fees.
Paid tiers are billed in advance via Stripe. By subscribing, you authorise VaultBytes to charge your payment method on a recurring basis. All prices are exclusive of VAT or applicable taxes, which will be added at checkout where required by law.
You may cancel your subscription at any time via the self-serve Stripe Customer Portal, accessible from the pricing section at vaultbytes.com/cipherexplain using your API key. There are no cancellation fees. Upon cancellation:
Monthly subscriptions are non-refundable once a billing period has started. Annual subscriptions may be refunded on a pro-rata basis within 14 days of purchase if no API calls have been made in the new period. Contact b@vaultbytes.com to request a refund.
You agree not to:
When registering a model via POST /models/register, you transmit only model weight coefficients and intercept values — no training data, no raw personal data. You represent that you have the right to transmit these weights.
We store your model weights in memory and in an encrypted database solely to serve your explain requests. We do not use your model weights to train our own models or share them with third parties.
Feature vectors submitted to /explain or /explain_raw are processed in memory and are not persistently stored. Usage metadata (call count, model ID, feature count, timestamp) is retained for quota tracking and billing.
PDF audit reports generated via the /report endpoint family are produced solely from the benchmark JSON you supply. VaultBytes makes no representation that these reports satisfy any particular regulatory, legal, or compliance requirement.
The GET /models/{model_id}/annex_iv endpoint auto-populates a starting technical-documentation dossier whose structure mirrors Annex IV of the EU AI Act (Regulation (EU) 2024/1689, Article 11(1)). The output is a deployer-assist document, not a final regulatory filing, conformity assessment, certification, or legal advice. Sections of the dossier marked [customer-fill: ...] must be completed by the deployer's own compliance team before submission to any regulator, supervisory authority, or notified body. VaultBytes is not a notified body within the meaning of Article 43 of the EU AI Act and provides no representation that any AI system is compliant with the EU AI Act, ISO 31000, ISO/IEC 23894, ISO/IEC 42001, or any other harmonised standard.
You are responsible for determining whether any document generated by the Services is suitable for your intended purpose, including any regulatory filing or conformity assessment. The cryptographic guarantees the Services provide (FreiKZG-SHAP soundness, vFHE binding, Cluster-A composition, CKKS confidentiality) are technical attestations about computation correctness and confidentiality — they are not legal attestations of regulatory compliance.
All content, trademarks, and intellectual property related to VaultBytes and our Services remain our exclusive property. You may not copy, modify, or distribute our proprietary materials without permission.
The FHE Differential Testing Oracle is covered by a pending patent application filed under the Patent Cooperation Treaty: PCT/IB2026/053378 (Differential Testing Oracle). Use of the Services under these Terms does not grant any patent licence, express or implied. For patent licensing enquiries, contact b@vaultbytes.com.
THE SERVICES ARE PROVIDED "AS IS" WITHOUT WARRANTIES OF ANY KIND, EXPRESS OR IMPLIED. WE DO NOT WARRANT THAT THE SERVICES WILL BE UNINTERRUPTED, ERROR-FREE, OR COMPLETELY SECURE. THE CIPHEREXPLAIN API IS NOT A SUBSTITUTE FOR PROFESSIONAL LEGAL, REGULATORY, OR COMPLIANCE ADVICE.
TO THE MAXIMUM EXTENT PERMITTED BY LAW, VAULTBYTES SHALL NOT BE LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, OR PUNITIVE DAMAGES ARISING FROM YOUR USE OF THE SERVICES. OUR TOTAL AGGREGATE LIABILITY SHALL NOT EXCEED THE FEES PAID BY YOU IN THE THREE MONTHS PRECEDING THE CLAIM.
You agree to indemnify and hold harmless VaultBytes from any claims, damages, or expenses (including reasonable legal fees) arising from your use of the Services, your model data, or your violation of these Terms.
We may suspend or terminate your API key and access to the Services at any time for violation of these Terms, non-payment, or abuse. Upon termination, your registered models will be deleted within 30 days. Provisions that by their nature should survive termination (including sections 8, 9, 10, 11, 12) shall survive.
We may modify these Terms at any time. We will notify paid-tier customers by email at least 14 days before material changes take effect. Continued use of the Services after changes constitutes acceptance of the modified Terms.
These Terms are governed by the laws of England and Wales. Any disputes arising out of or in connection with these Terms shall be subject to the exclusive jurisdiction of the courts of England and Wales.
For questions about these Terms, contact us at:
b@vaultbytes.com