Terms of Service

"Sernixa" means the approval, audit, delegation, and control-plane software made available by Sernixa.ai. "Customer" means the organization or person using the services. "Agents" means software systems, scripts, or automation runtimes connected through Sernixa SDKs or APIs.

"Governed Action" means an action submitted to Sernixa for deterministic validation, approval routing, policy evaluation, delegation verification, audit capture, or related evidence generation.

Sernixa provides governance software for agentic and automation workflows, including approval review, Approval Memory, Counterfactual Twin evidence, Blast Radius Preview, delegation chains, FinOps controls, DLP controls, shadow-agent discovery, audit export, and framework adapters.

• -Sernixa is a control plane for review and enforcement decisions.
• -The backend does not execute customer business logic; customer runtimes and SDKs remain responsible for side effects.
• -High and critical risk actions are designed to require human review and are not eligible for auto-approval.

Customer Data may include submitted action metadata, approval context, policy settings, audit events, delegation metadata, security reason codes, and evidence payloads generated for review.

Sernixa uses Customer Data to provide governance, render review surfaces, enforce customer-configured policies, generate audit evidence, support debugging, and improve reliability of the services.

• -Keep API keys, signing secrets, and SDK credentials secure.
• -Configure agent identities, approval policies, and delegation scopes accurately.
• -Review high-impact policy changes before enabling them in production environments.
• -Use Sernixa only with systems and data that the customer is authorized to govern.

Sernixa may inspect or display outputs from models, tools, or agent runtimes. These outputs are treated as untrusted proposals until they pass deterministic validation, policy checks, approval flow, and any required delegation verification.

Sernixa decisions and evidence are intended to help reviewers understand what was proposed, what was enforced, what changed, and what remains pending for human judgment.

The services include controls such as signed request envelopes, nonce/replay checks, append-only audit events, hash-chain verification, role-gated policy surfaces, and scoped delegation tokens. Customers are responsible for deploying and operating these controls in accordance with their own security requirements.

Sernixa may integrate with third-party products such as identity providers, collaboration tools, model providers, databases, or observability systems. Customer use of those products is governed by the applicable third-party terms.

Each party may receive confidential information from the other. Confidential information should be used only to provide, secure, support, or evaluate the services, and should be protected using reasonable safeguards.

Paid plans, usage limits, and billing terms will be specified in an order form or other written agreement. Local development, demos, or preview materials may be subject to separate terms or limitations.

Sernixa may suspend access where needed to protect the services, comply with law, prevent abuse, or address security risk. Customers may stop using local SDKs and services at any time, subject to any written agreement.

Except as expressly stated in a written agreement, the services are provided without warranties of uninterrupted operation, error-free behavior, or fitness for a particular purpose. Sernixa is a governance aid and does not replace customer security, legal, compliance, or operational review.

These terms may be updated from time to time. Continued use of the services after an update means the customer accepts the updated terms unless a separate written agreement states otherwise.

Questions about these terms can be directed to the Sernixa team through the contact channel listed in the relevant order form, workspace, or customer support process.