Terms of Service

By accessing or using the RANKIGI platform, APIs, SDKs, dashboard, or website (collectively, the “Service”), you agree to be bound by these Terms of Service (“Terms”). If you are using the Service on behalf of an organization, you represent that you have authority to bind that organization to these Terms. If you do not agree, do not use the Service.

RANKIGI provides AI agent compliance infrastructure, including: tamper-evident cryptographic event audit trails using SHA-256 hash chains; event-time policy evaluation against declared canons; behavioral drift detection and profiling; monthly audit reports mapped to compliance frameworks; Agent Passport identity and verification system; tamper-evident, append-only daily snapshots; and associated SDKs (Node.js, Python) and REST APIs.

Reports summarize tamper-evident records that RANKIGI received and chained. They are not audits, audit opinions, or compliance certifications. Customers and their auditors remain solely responsible for evidentiary review and regulatory determinations.

RANKIGI evaluates configured policy rules against each ingested event at the time of ingest and records the verdict in the chain. The sidecar is passive: it does not block, modify, or interrupt agent execution. Customers are responsible for acting on verdicts in their own runtime.

RANKIGI is a passive attestation layer. The Service receives event metadata submitted by your AI agents, computes SHA-256 hash chains over that metadata, stores the resulting chain records in an append-only ledger, and periodically submits Merkle roots of those chains to the Sigstore Rekor public transparency log. The Service produces cryptographic records and verification tooling for those records.

RANKIGI does not provide legal advice. RANKIGI does not provide compliance certification. RANKIGI does not provide regulatory approval. RANKIGI does not provide evidentiary authentication of agent behavior. RANKIGI does not guarantee any AI agent's behavior, decisions, or outputs. The Service is not a SOC 2, ISO 27001, ISO 42001, PCI-DSS, EU AI Act, HIPAA, or 21 CFR Part 11 certification, attestation, or audit. Compliance report templates produced by the Service are operational artifacts only. They are not, and shall not be represented as, third-party attestations or certifications.

The Service produces cryptographic records of event metadata submitted to it. The Service attests to two things only: (a) that the chain of records received by RANKIGI is internally consistent under SHA-256, and (b) that periodic Merkle roots of those chains were submitted to the Sigstore Rekor public transparency log at the timestamps shown. The Service does not attest, and you shall not represent to any third party that the Service attests, that (i) any AI agent operated lawfully, safely, or correctly; (ii) all actions taken by any AI agent were submitted to RANKIGI; (iii) records submitted to RANKIGI accurately reflect the underlying agent behavior; (iv) the Service constitutes a SOC 2, ISO 27001, ISO 42001, PCI-DSS, EU AI Act, HIPAA, or 21 CFR Part 11 certification, attestation, or audit; or (v) outputs of the Service are admissible as evidence in any legal or regulatory proceeding.

You are the data controller for any metadata you submit to the Service. RANKIGI is the data processor and processes that metadata solely to provide the Service. The Service is designed to receive minimal metadata and cryptographic hashes, not raw sensitive content. You agree not to submit personally identifiable information, protected health information, payment card data, or other regulated content in raw (unhashed) form. You are responsible for ensuring your submissions comply with applicable data protection laws including GDPR, CCPA, and HIPAA where applicable. RANKIGI processes data on infrastructure operated by Supabase (database), Railway (hosting), Stripe (payments), Resend (email delivery), Upstash (rate limiting), Sigstore Rekor (anchor notarization), and FreeTSA (RFC 3161 timestamps). A separate Data Processing Addendum is available on request at legal@rankigi.com.

You must provide accurate and complete information when creating an account. You are responsible for maintaining the confidentiality of your account credentials, API keys, and session tokens. You must notify us immediately at security@rankigi.com if you suspect unauthorized access. API keys are peppered and hashed before storage - we cannot retrieve your raw API key after creation. You are responsible for rotating keys if they are compromised.

You agree not to: ingest personally identifiable information (PII) in raw form into the Service; attempt to circumvent security controls, hash chain integrity, or immutability triggers; reverse-engineer the cryptographic mechanisms of the platform; use the Service to facilitate illegal activity or to harm others; exceed documented API rate limits or attempt to overwhelm the Service; share API keys or account credentials with unauthorized parties; or use the Service in violation of applicable law. Violation of these terms may result in immediate account suspension.

The RANKIGI API is subject to the following rate limits: 200 requests per minute per IP address (pre-authentication) and 120 requests per minute per API key (post-authentication). Enterprise customers may negotiate higher limits. Exceeding rate limits will result in HTTP 429 responses. Sustained abuse may result in temporary or permanent key revocation.

Subscription fees are billed monthly or annually in advance through Stripe. Available tiers are Free, Pro, and Enterprise. See the pricing page for current rates. All fees are in US dollars. Prices may change with 30 days written notice. Failed payments trigger a 7-day grace period; after which, access may be suspended. You can manage your subscription, update payment methods, and access invoices through the Stripe customer portal.

Paid subscriptions renew automatically at the end of each billing period at the then-current rate unless cancelled before the renewal date. You will receive an email reminder approximately 3 to 7 days before each renewal, matching the upstream billing provider’s upcoming-invoice notification window.

To cancel: log in to your account, go to Settings, select Billing, and click Cancel Plan. You may also cancel through the Stripe billing portal. Cancellation takes effect at the end of the current billing period. No cancellation fees apply.

For California residents: You may cancel at any time as described above. Cancellation does not entitle you to a refund for the current billing period. Pursuant to California Business and Professions Code Section 17602, you have the right to cancel your automatically renewing subscription at any time.

For EU residents: You may have the right to withdraw from your subscription within 14 days of purchase under applicable consumer protection law. Contact wes@rankigi.com to exercise this right.

You may cancel your subscription at any time through the dashboard or by contacting legal@rankigi.com. Upon cancellation: your subscription remains active until the end of the current billing period; you retain read-only access to your data for 14 days after the billing period ends. Refunds are available for the current billing period only if requested within 7 days of the charge. Prorated refunds are not offered for mid-cycle cancellations.

Customer data is deleted within 90 days of subscription termination. Cryptographic hash records are retained for the period specified in the customer's subscription tier (7 to 730 days) and cannot be deleted as they form the integrity of the audit chain.

You retain full ownership of all event data, audit trails, audit reports, and other content you create through the Service. By using the Service, you grant RANKIGI a limited, non-exclusive license to process, store, and display your data solely to provide the Service. We do not use your event data to train machine learning models, share it with third parties, or use it for any purpose other than providing the Service. Upon termination, you may export your data before it is deleted.

The RANKIGI platform, including its software, algorithms, documentation, design, and branding, is owned by RANKIGI Inc. and protected by applicable intellectual property laws. These Terms do not grant you any right to use RANKIGI's trademarks, logos, or brand elements without prior written consent. Open-source components used in the platform are subject to their respective licenses.

The Service is provided “as is” and “as available” without warranties of any kind, express or implied, including but not limited to warranties of merchantability, fitness for a particular purpose, and non-infringement. RANKIGI does not warrant that the Service will be uninterrupted, error-free, or completely secure. The Service does not constitute legal, compliance, or regulatory advice. You are responsible for determining whether the Service meets your specific compliance requirements.

To the maximum extent permitted by applicable law, RANKIGI Inc.'s total aggregate liability for any claims arising from or related to the Service is limited to the fees paid by you in the three (3) months immediately preceding the event giving rise to the claim. In no event shall RANKIGI be liable for indirect, incidental, special, consequential, or punitive damages, including but not limited to loss of profits, data, or business opportunity, regardless of the theory of liability.

Notwithstanding the foregoing, the liability cap does not apply to: (a) either party's indemnification obligations; (b) damages arising from gross negligence or willful misconduct; (c) breaches of confidentiality obligations; (d) violations of applicable data protection law; or (e) damages that cannot be limited under applicable law.

You agree to indemnify, defend, and hold harmless RANKIGI Inc., its officers, directors, employees, and agents from and against any claims, liabilities, damages, losses, and expenses (including reasonable attorney fees) arising from: your use of the Service; your violation of these Terms; your violation of any applicable law or regulation; or any data you ingest into the Service.

RANKIGI will defend and indemnify Customer against third-party claims arising from RANKIGI's gross negligence or willful misconduct, subject to the liability cap in Section 11.

These Terms are governed by and construed in accordance with the laws of the State of Delaware, United States, without regard to conflict of law principles. Any disputes arising under these Terms shall be resolved by binding arbitration administered by the American Arbitration Association under its Commercial Arbitration Rules, seated in Delaware. Each party bears its own costs. Judgment on the arbitration award may be entered in any court of competent jurisdiction.

YOU AND RANKIGI AGREE THAT EACH MAY BRING CLAIMS AGAINST THE OTHER ONLY IN YOUR OR ITS INDIVIDUAL CAPACITY AND NOT AS A PLAINTIFF OR CLASS MEMBER IN ANY PURPORTED CLASS OR REPRESENTATIVE PROCEEDING. If this provision is found unenforceable, the unenforceable portion shall be severed and the remaining arbitration terms enforced.

Neither party shall be liable for any failure or delay in performance under these Terms to the extent caused by circumstances beyond that party's reasonable control, including but not limited to acts of God, natural disasters, pandemic, war, terrorism, government action, internet or network outages, or third-party service failures including Supabase, Railway, Sigstore Rekor, FreeTSA, Stripe, Resend, or Upstash. The affected party shall provide prompt written notice and use reasonable efforts to resume performance.

We may modify these Terms at any time. We will provide at least 14 days notice of material changes via email to the address associated with your account. Continued use of the Service after the effective date of any changes constitutes your acceptance of the modified Terms. If you do not agree with the modified Terms, you must discontinue use of the Service before the effective date.

For questions about these Terms:

Email: legal@rankigi.com
Company: RANKIGI Inc., a Delaware C-Corp
Address: United States