Terms and Conditions

Welcome to Guardline Systems. These Terms and Conditions (the “Terms”) govern your access to and use of our security scanning, AI-driven code analysis, and repository monitoring services (collectively, the “Services”). By choosing to access or use our Services, you acknowledge that you have carefully read, understood, and agreed to be bound by these Terms, as well as any policies, guidelines, or additional conditions referenced herein.

These Terms form a legally binding agreement between you (the “User”) and Guardline Systems (“we,” “our,” or “us”). If you do not agree to these Terms, you must immediately discontinue use of the Services. Your continued access to or use of the platform constitutes your acceptance of the Terms in their entirety, including any modifications or updates that may be introduced from time to time.

By using Guardline Systems, you expressly consent to the automated scanning and analysis of your codebases, repositories, and related project materials. This may include integrations with third-party platforms such as GitHub, GitLab, Bitbucket, or CI/CD pipelines, as well as vulnerability detection, code quality checks, and the generation of comprehensive security reports. Reports may contain actionable recommendations, compliance assessments, and remediation guidance intended to improve software security and maintain regulatory compliance.

In order to provide advanced analysis and reporting capabilities, Guardline Systems may employ both proprietary technologies and selected third-party providers. Where external services are used, any User data transmitted is encrypted, anonymized where feasible, and strictly limited to the scope required for delivering the Services. Guardline Systems does not share, sell, or repurpose submitted content for any purpose beyond providing the agreed Services, unless explicit User consent has been obtained.

Your use of the Services also signifies your agreement to comply with all applicable local, state, national, and international laws, including but not limited to those governing intellectual property rights, data protection, and cybersecurity. Users are expressly prohibited from submitting unauthorized, malicious, or harmful code, attempting to circumvent platform security, or otherwise disrupting the stability or integrity of the Services.

Please note that all AI-generated outputs, including but not limited to vulnerability alerts, remediation suggestions, and best practice recommendations, are advisory in nature. Guardline Systems does not warrant or guarantee the accuracy, completeness, or suitability of these outputs for any specific use case. It remains the sole responsibility of the User to evaluate, validate, and implement such recommendations appropriately and to seek professional expertise where necessary.

To protect the integrity of the Services and ensure compliance with these Terms, Guardline Systems may monitor and audit activity within the platform. This monitoring includes the review of scan processes, report generation, and account activity, and is conducted in accordance with strict security, privacy, and ethical standards. The objective of such oversight is to prevent misuse, maintain high levels of operational reliability, and safeguard User trust.

Finally, you acknowledge and agree that Guardline Systems is a continuously evolving platform. As security threats, technologies, and industry practices develop, we may introduce new features, integrations, and enhancements to the Services. Your continued use of Guardline Systems after the introduction of such updates constitutes your acceptance of any additional terms or conditions associated with them.

For purposes of these Terms and Conditions, the following definitions apply:

Guardline Systems provides a robust, enterprise-grade security scanning and code analysis platform designed to help organizations, developers, and security engineers proactively identify, classify, and remediate security vulnerabilities and code quality issues across their software projects.

Our Services leverage advanced AI and Large Language Models (LLMs), both internal and trusted external providers, to generate intelligent, context-aware insights from user-submitted code, repositories, and configuration files. These insights are delivered through detailed reports, dashboards, and actionable recommendations, supporting continuous improvement of software security and compliance.

Through real-time integration with version control systems such as GitHub, GitLab, Bitbucket, and CI/CD pipelines, Guardline ensures that scanning and analysis occur automatically as code changes, enabling continuous monitoring and early detection of potential risks before they reach production environments.

• Static Application Security Testing (SAST): Conducts automated, AI-assisted analysis of source code to identify vulnerabilities, insecure coding patterns, and potential logic errors, providing detailed explanations and remediation guidance.
• Dependency and Third-Party Library Vulnerability Scanning: Detects known vulnerabilities, outdated dependencies, and licensing risks in external modules or libraries, and recommends secure updates or replacements.
• Automated Code Quality Checks: Evaluates adherence to best practices, coding standards, and maintainability metrics, helping teams maintain high-quality, secure code over time.
• Regulatory Compliance Verification: Assesses code and project configurations against OWASP Top 10, GDPR, SOC 2, PCI-DSS, and other relevant regulatory frameworks, generating reports that highlight gaps and necessary actions.
• AI-Assisted Security Reports: Produces actionable reports that include vulnerability classifications, severity levels, remediation steps, code snippets, and explanatory context generated by both internal and external LLMs for clarity and usability.
• Continuous Repository Monitoring: Automatically scans connected repositories on an ongoing basis to detect new security risks, configuration issues, or changes that may introduce vulnerabilities, providing proactive alerts to users.
• Educational Guidance and Insights: Offers AI-powered explanations of detected vulnerabilities, best practice recommendations, and remediation guidance aimed at developers, security engineers, and project managers to improve skills and decision-making.
• Integration with CI/CD Workflows: Enables seamless automated scanning during build, test, and deployment processes, ensuring security checks are enforced before code reaches production.
• Customizable Scanning Policies: Allows users to define risk thresholds, compliance rules, and reporting formats, tailoring the platform to organizational security policies and regulatory requirements.
• Secure Handling of User Data: All analysis, AI model processing, and report generation occur under strict privacy and security protocols, with anonymization of data when using external LLM services, end-to-end encryption, and adherence to GDPR, SOC 2, and ISO standards.

Users of Guardline Systems are expected to exercise responsible, lawful, and ethical use of the platform at all times. By accessing the Services, you agree to comply with these responsibilities in order to ensure the security, integrity, and reliability of both your own projects and the Guardline ecosystem as a whole.

Because Guardline utilizes advanced AI and Large Language Models (LLMs), including both internal and third-party providers, it is essential that Users handle submitted content with care and maintain control over what code or materials are uploaded, shared, or connected via repositories. Improper use of the Services may compromise data security, infringe upon the rights of others, or disrupt platform operations, and is therefore strictly prohibited.

Failure to adhere to these responsibilities may result in temporary suspension, permanent termination of access, or legal action where applicable. Guardline Systems reserves the right to audit, monitor, and investigate suspected misuse of the platform to protect its infrastructure and the data of other Users.

• Ensure that you have the legal right and authority to submit any code, repository, or content for scanning. This includes verifying that you are the rightful owner or have obtained the necessary permissions from project owners, employers, or other stakeholders.
• Maintain the confidentiality of your account login credentials, API tokens, SSH keys, and other authentication mechanisms. You must promptly notify Guardline Systems of any unauthorized access, compromised credentials, or suspected security breaches.
• Use the platform only in compliance with all applicable laws and regulations, including but not limited to data protection laws (e.g., GDPR), intellectual property rights, software licensing obligations, and relevant cybersecurity frameworks.
• Do not submit malicious, unauthorized, or harmful content. Prohibited materials include, but are not limited to, malware, ransomware, viruses, exploits, or any code designed to harm, disrupt, or gain unauthorized access to Guardline Systems’ infrastructure or other Users’ environments.
• Respect the intellectual property rights of third parties. You must not submit code or content that infringes on patents, copyrights, trade secrets, or proprietary information unless you have explicit permission or legal rights to do so.
• Actively review, interpret, and address the findings presented in reports generated by Guardline Systems. While AI-driven analysis provides valuable insights, it is your responsibility to implement appropriate fixes, validate recommendations, and ensure that remediation aligns with your project’s security and compliance requirements.
• Refrain from attempting to bypass, disable, or interfere with Guardline Systems’ security features, monitoring mechanisms, or access controls. Any form of reverse engineering, unauthorized probing, or exploitation of the platform is strictly forbidden.
• If sharing reports or insights with third parties (e.g., within your organization), ensure that such sharing complies with your own organizational policies, data protection laws, and Guardline’s data privacy terms.

Guardline Systems places the highest priority on protecting user data and ensuring the confidentiality, integrity, and availability of submitted content. We recognize that our users entrust us with sensitive information, including proprietary source code, repositories, and configuration files, and we are committed to handling that data responsibly and securely at every stage of its lifecycle.

To achieve this, Guardline implements industry-leading security controls, privacy frameworks, and data handling procedures designed to prevent unauthorized access, misuse, or disclosure of user content. These measures extend across all layers of our platform, including data storage, transmission, authentication, and operational monitoring.

Guardline Systems also adheres to strict compliance standards and undergoes regular independent audits to ensure our infrastructure and policies meet or exceed regulatory and industry requirements. Users can trust that their data is managed with the same care and diligence we apply to our own internal systems.

Our approach to data privacy is built upon three principles: minimal data retention, strict access controls, and transparency in how data is used. Unless otherwise requested, user-submitted content is never retained longer than necessary, and all actions related to stored or processed data are logged and monitored for accountability.

• All data is encrypted in transit using Transport Layer Security (TLS) and at rest using Advanced Encryption Standard (AES-256) to ensure confidentiality and prevent unauthorized interception or exposure.
• Scan data, reports, and repository metadata are automatically deleted after 90 days unless the User explicitly requests extended retention or regulatory obligations require longer storage.
• No Guardline employee or third party has access to user code, repositories, or generated reports without the User’s explicit written consent, except when required for authorized support, troubleshooting, or compliance purposes.
• Our infrastructure is designed and maintained in alignment with recognized standards, including GDPR, SOC 2, ISO 27001, and other relevant data privacy and security frameworks applicable to the jurisdictions in which we operate.
• Independent penetration testing, internal security audits, and regular vulnerability assessments are conducted to validate and improve the platform’s defenses against emerging threats.
• Role-based access control (RBAC) ensures that only authorized individuals within a User’s organization can view or share reports. Permissions can be customized to reflect team hierarchies, project ownership, and organizational policies.
• Operational monitoring and anomaly detection are continuously employed to identify unusual activity, unauthorized access attempts, or suspicious behaviors, enabling Guardline to respond quickly and effectively to potential incidents.
• Where external services are involved in delivering certain features (such as report exports, notification systems, or optional integrations), Guardline ensures that only the minimum necessary data is shared and that such services are contractually bound to uphold equivalent security and privacy obligations.

Guardline Systems leverages both internal Large Language Models (LLMs) developed in-house and external AI/LLM services provided by third-party partners to deliver advanced security scanning, vulnerability detection, and AI-driven code analysis. Users acknowledge and consent to the use of such models to process, analyze, and generate insights based on submitted code and repository content.

Internal LLMs are used exclusively within Guardline Systems' controlled environment. These models process code and generate actionable recommendations, detailed reports, and explanations while maintaining strict privacy and security standards. Access to the internal models is limited to the platform’s automated systems, and user code is never shared outside Guardline Systems unless explicitly authorized.

External LLMs, provided by trusted third-party vendors, may be employed to enhance AI capabilities, provide natural language explanations, or generate additional insights. These external services operate under their respective terms of service and privacy policies. Users consent to the transmission of code metadata, anonymized analysis information, or derived insights to these external LLM providers solely for the purpose of delivering enhanced security services.

Users retain all intellectual property rights to their submitted content. Granting access to internal or external LLMs does not transfer ownership; it only provides a limited, non-exclusive license for processing and analysis.

By using Guardline Systems, users acknowledge that AI-generated recommendations are advisory and should be verified by qualified personnel before implementation. Guardline Systems is not responsible for decisions made solely based on LLM outputs.

Additionally, Guardline Systems monitors and audits all LLM interactions to ensure compliance with security, privacy, and ethical AI usage standards. Any detected anomalies, potential data leakage, or misuse of models trigger immediate security review and mitigation procedures.

User data handled by both internal and external LLMs is subject to the following protections:

• End-to-end encryption ensures that code, reports, and metadata are secured during transmission and storage.
• Strict access controls prevent unauthorized personnel from accessing user-submitted content or derived insights.
• Data sent to external LLMs is anonymized and stripped of personally identifiable information to the maximum extent possible.
• Retention of scan data and AI-generated insights follows the standard policy of automatic deletion after 90 days, unless otherwise specified by the user or required for legal compliance.

Guardline Systems recognizes and respects the intellectual property rights of its Users. All source code, repositories, configuration files, documentation, or other materials that you submit to the platform for scanning or analysis remain your exclusive property. Guardline Systems does not claim ownership of, or rights to, any User-submitted content, and your intellectual property rights remain fully intact at all times.

Users retain full ownership and control over their projects, and any findings, reports, or insights generated by the platform are intended solely to assist in improving the quality, security, and compliance of those projects. Guardline does not use submitted content for training purposes, product development, or any other commercial activities without explicit, prior, written consent from the User.

Guardline Systems, in turn, retains ownership and intellectual property rights over all aspects of its proprietary technology and platform. This includes but is not limited to: the web application, user interface, dashboards, algorithms, machine learning and analytical models, report formats, design elements, and all associated trademarks, service marks, and branding. Users are not granted any rights or licenses to use these proprietary assets outside of their intended purpose of accessing the Service.

By using the Service, Users grant Guardline Systems a limited, non-exclusive, non-transferable, royalty-free license to temporarily process and analyze the submitted content. This license exists only for the duration necessary to provide scanning, reporting, and recommendations as requested by the User. Once analysis is complete and retention periods expire, Guardline Systems automatically deletes the submitted content, unless extended retention has been explicitly requested by the User or is required by law.

Users are prohibited from reproducing, reverse-engineering, reselling, or redistributing any part of Guardline Systems’ proprietary platform, scanning algorithms, or generated reports outside of their intended use. Reports may be shared internally within an organization or with authorized stakeholders, provided that such sharing respects applicable intellectual property laws, confidentiality obligations, and Guardline’s Terms of Service.

Guardline Systems respects the rights of third parties and expects Users to do the same. Users must ensure that they have the necessary rights, permissions, and licenses before submitting any third-party code, libraries, or assets to the platform. Guardline disclaims any liability for disputes arising from the unauthorized use of third-party intellectual property by Users.

Guardline Systems is committed to providing a secure, stable, and highly available platform for all Users. While we aim to maintain industry-standard uptime targets and minimize disruptions, Users acknowledge that uninterrupted or error-free service cannot be guaranteed. Like all technology services, availability may be affected by scheduled maintenance, infrastructure upgrades, third-party service dependencies, or unforeseen technical issues.

Guardline relies on cloud infrastructure providers, integrations with external systems such as GitHub and CI/CD pipelines, and internal security mechanisms. As such, certain factors beyond Guardline’s direct control may impact availability. While we take reasonable steps to mitigate such risks, Users understand and accept that downtime may occasionally occur.

Guardline Systems prioritizes transparency regarding service availability. Users will be notified of planned maintenance windows, significant service disruptions, or widespread outages whenever reasonably possible. In the event of extended downtime or critical incidents, Guardline will provide timely updates, mitigation measures, and post-incident reports to maintain trust and accountability.

It remains the User’s responsibility to plan for possible downtime and ensure continuity of their own development or deployment workflows. This includes maintaining backups of repositories, implementing fallback processes, and ensuring business-critical functions are not solely dependent on Guardline’s real-time availability.

• Scheduled maintenance windows will be communicated in advance through the Guardline dashboard, email notifications, or official status pages. We make every effort to schedule maintenance during off-peak hours to minimize user impact.
• Emergency outages may occur as a result of urgent security patches, infrastructure failures, or other unforeseen technical issues. In such cases, Guardline will take immediate steps to restore service and notify Users through available communication channels.
• Users are strongly encouraged to maintain local or alternative backups of their repositories and configuration files. While Guardline provides continuous monitoring and reporting, reliance solely on the platform without appropriate safeguards may expose Users to unnecessary risk during downtime.
• Guardline may temporarily suspend services, without prior notice, where necessary to protect the integrity of the platform, prevent security breaches, or comply with applicable legal or regulatory requirements.
• For enterprise Users with service-level agreements (SLAs), specific uptime commitments, priority support, and compensation models (if applicable) will be defined separately in their contractual agreements with Guardline Systems.

Guardline Systems provides its Services on an 'as-is' and 'as-available' basis. While we employ industry-leading technologies, security practices, and continuous monitoring to deliver accurate and reliable results, we do not warrant that the Services will be free of errors, uninterrupted, or capable of detecting every possible vulnerability or issue. Users acknowledge that no security tool or analysis service can guarantee complete protection against all risks.

To the fullest extent permitted by applicable law, Guardline Systems disclaims all warranties, whether express, implied, statutory, or otherwise. This includes, but is not limited to, any implied warranties of merchantability, fitness for a particular purpose, or non-infringement. The accuracy and applicability of scan results, vulnerability findings, and recommendations are not guaranteed and should always be reviewed and validated by the User before implementation.

Guardline Systems shall not be held liable for any indirect, incidental, special, consequential, or punitive damages arising out of or related to the use of, or inability to use, the Services. This includes, without limitation, damages for loss of profits, revenue, business opportunities, goodwill, or data, as well as any reputational harm caused by reliance on scan results or reports.

Users remain solely responsible for the decisions they make based on the reports, insights, or recommendations provided by the platform. Guardline Systems is not responsible for security breaches, incidents, or damages resulting from a User’s failure to apply fixes, maintain secure coding practices, or follow compliance requirements.

Where external services or third-party integrations (such as cloud providers, repository platforms, or compliance frameworks) are used in conjunction with Guardline Systems, Guardline shall not be liable for outages, disruptions, or damages caused by those external services. The User accepts that such third-party services operate under their own terms of service and policies, outside the control of Guardline Systems.

In all cases, Guardline Systems’ total cumulative liability for any claims, damages, or losses arising from the Services, whether in contract, tort, or otherwise, shall be strictly limited to the total amount of fees paid by the User to Guardline Systems in the twelve (12) months immediately preceding the event giving rise to the claim.

Some jurisdictions do not allow certain disclaimers or limitations of liability. In such cases, the above exclusions and limitations shall apply to the maximum extent permitted by law.

This Agreement will remain in effect until terminated by either party in accordance with the provisions outlined herein. Users may discontinue use of the Services at any time; however, formal termination requires written notice to Guardline Systems.

Either party may terminate this Agreement for convenience with thirty (30) days’ prior written notice. Users acknowledge that discontinuing the Service does not automatically relieve them of any outstanding payment obligations or responsibilities incurred prior to the effective date of termination.

Guardline Systems reserves the right to immediately suspend or terminate a User’s account, without prior notice, in the event of any violation of these Terms, suspected fraudulent or illegal activity, security breaches, or activity that threatens the integrity of the platform or the rights of other Users. Such termination may include disabling access to reports, dashboards, and integrations until the matter is resolved.

Upon termination, all access rights granted to the User under this Agreement shall cease immediately. Guardline Systems will securely delete all User data, including scan results, reports, and repository metadata, within thirty (30) days of termination unless (a) extended retention is explicitly requested by the User, (b) retention is required to comply with applicable legal, regulatory, or contractual obligations, or (c) data must be preserved in connection with an ongoing dispute, investigation, or enforcement action.

Users are solely responsible for exporting or downloading any reports, documentation, or data they wish to retain prior to termination. Guardline Systems is not liable for the loss of access to such materials once the retention period has expired.

Termination of this Agreement does not affect any provisions which, by their nature, are intended to survive termination. This includes, but is not limited to, confidentiality obligations, intellectual property protections, warranty disclaimers, limitations of liability, indemnification, and governing law provisions.

Guardline Systems reserves the right to amend, modify, or update these Terms and Conditions at any time in order to reflect changes in our Services, technology, security practices, legal obligations, or business operations. Users acknowledge that the software, security landscape, and applicable regulations evolve over time, and these Terms may require adjustments to remain accurate and enforceable.

In the event of any material change, Guardline Systems will provide reasonable notice to Users, typically through email communications, platform notifications, or updates posted within the Guardline dashboard. The nature of the change, its effective date, and any impacts on User rights or responsibilities will be clearly communicated.

Minor updates or clarifications that do not materially affect User rights or obligations may be made without prior notice; however, the most current version of the Terms will always be accessible through the Guardline Systems website or platform. Users are encouraged to review the Terms periodically to stay informed of any changes.

Continued use of the Services after the effective date of revised Terms constitutes acceptance of those changes. If a User does not agree with the updated Terms, they must discontinue use of the Services and may request termination of their account in accordance with the Termination provisions.

Significant changes that directly affect User privacy, data handling, intellectual property rights, or service fees will be explicitly highlighted and, where legally required, may prompt Users to re-affirm their acceptance before continuing to use the platform. Guardline Systems will not reduce or limit previously granted rights without providing notice and, where necessary, obtaining renewed consent.

Any changes made to these Terms shall not be applied retroactively to disputes or claims that arose prior to the effective date of the updated Terms, unless required by applicable law or regulation.

Guardline Systems values transparency and open communication with its Users. If you have any questions, concerns, requests, or formal notices related to these Terms and Conditions, your account, or the use of our Services, you may contact us using the details provided below.

Official communications regarding legal, compliance, or contractual matters should be directed to our Legal Department. For technical support, product-related inquiries, or general assistance, Users may also reach out through the Guardline Systems support portal or customer success team, as indicated within the platform.

Please note that all legal notices must be submitted in writing and will be deemed effective upon confirmed receipt by Guardline Systems. We recommend that Users retain proof of delivery (e.g., certified mail, courier receipt, or confirmation email) when submitting critical or time-sensitive correspondence.