Terms of Service

By accessing or using the Beyond IT Partner Society Platform ("the Platform"), you agree to be bound by these Terms of Service.

The Platform is a super-adaptive business tool that combines: employee management and automated onboarding (org chart import, rights delegation, AI-assisted onboarding), partner management with sealed agreements and a full negotiation table, multi-tier commission networks (up to 5+ levels), a Knowledge Vault with AI-powered document intelligence (intelligent search, anomaly detection), Observables for real-time monitoring of regulatory and pricing changes, auto-adaptation to detected changes with a complete ticketing system, AI-powered voice communications, and a BYOE philosophy (Bring Your Own Storage, AI, Telephony). The Platform acts as a Digital Witness for all sealed agreements.

To use the Platform, you must:

• Provide accurate and complete registration information
• Be at least 18 years of age for an administrator role
• Complete identity verification including phone number verification (SIM and/or SMS)
• Register your device and maintain the security of your encryption keys
• Accept these Terms and the Privacy Policy via electronic signature
• Not share your account credentials or device access with unauthorized individuals
• Complete mandatory 4-layer device attestation (SIM, SMS, Device ID, Encrypted Key) before accessing AI features
• on-premises deployment option — install the entire platform on your own infrastructure with full data sovereignty
• SaaS cloud mode — fully managed hosting, updates, security patches, and scaling
• Multi-platform availability — Android (SIM verification), iPhone (Apple attestation), desktop web application
• Connections Hub — unified integration layer for storage (14 providers including on-premises and FTP/SFTP), identity (SSO, SAML, SCIM), messaging (Slack, Teams, Discord), data targets (CRM, HR, accounting, project management), and code repositories (GitHub, GitLab, Bitbucket)
• Observable monitoring — automated change detection on connected resources with 6 alert channels
• Two-factor authentication via authenticator apps (Google Authenticator, Microsoft Authenticator, Authy — TOTP standard), SMS codes, or both
• Configurable re-verification intervals (never, daily, weekly, monthly, every login) per user or group
• Optional dual-person authorization for high-security operations

You may sign in with Google, Microsoft, GitHub, or Apple. Regardless of method, phone verification and device attestation are mandatory. You are responsible for all activity under your account.

The Platform uses device-level security measures including:

• SIM Card Verification (Android only): Validates the physical SIM card directly with your carrier — 7 carriers in the US (AT&T, T-Mobile, Verizon, US Cellular, Dish, Cricket, Mint), 5 in Canada (Bell, Rogers, Telus, Vidéotron, Freedom Mobile)
• SMS Verification: Confirms phone number ownership via one-time codes
• Device Registration: Creates a unique cryptographic fingerprint bound to your device
• Encrypted Key Storage: Stores a secure key pair on your device — private key never leaves the device

These measures ensure only authorized personnel with physical possession of a registered device can access the Platform. AI functionality is dynamically disabled if any attestation layer fails. For iPhone, Apple device attestation and App Store account verification are used. Administrators can require Android only, iPhone only, or both. After SIM or Apple verification, the next step is email or enterprise SSO, then SMS confirmation if not already triggered. Every account is tied to a phone number. The verified identity of each user through real phone number validation significantly reduces fraudulent and unwanted calls. Administrators can also restrict platform access to Android only, iPhone only, or both, providing additional control over device-level security. The Guard Phone model provides secure QR-based authentication for shared devices.

By using the Platform's AI calling features (via supported telephony API providers: Twilio, Telnyx, Plivo, Vonage, Sinch), you agree to comply with:

• Telephone Consumer Protection Act (TCPA, 47 U.S.C. § 227)
• FCC Regulations on Robocalling
• FTC Telemarketing Sales Rule (TSR)
• CAN-SPAM Act (15 U.S.C. §§ 7701–7713)

Specifically, you must NOT:

• Use AI calling outside permitted hours (8:00 AM – 9:00 PM local time)
• Contact individuals without prior express written consent
• Contact numbers on the National DNC Registry without prior consent
• Fail to synchronize with the DNC Registry every 31 days
• Use the Platform for fraudulent or illegal purposes

Violation may result in immediate suspension and legal action, including TCPA penalties up to $1,500 per violation.

Before any outbound AI call is initiated, the Platform validates three pre-conditions:

• Express consent: A valid record of the recipient's express prior consent
• DNC/DNCL Status: Verification that the number is not on the National Do Not Call List/Registry (verified within the last 31 days)
• Internal Exclusion: Verification against the organization's internal exclusion list (maintained for 3 years + 14 days)

These checks are enforced at the platform level and cannot be bypassed by users or administrators.

The Platform follows a Bring Your Own Storage (BYOS) philosophy. Users can connect their own cloud storage from 14 supported providers: Google Drive, OneDrive, Dropbox, Amazon S3, GCP Cloud Storage, Azure Blob, Custom URL, Platform Storage, FTP, SFTP, WebDAV, SMB, Local/On-Prem, MinIO. When BYOS mode is configured, data can be routed directly to your authorized providers and storage spaces.

Dual storage: Data can be stored in multiple locations simultaneously for maximum resilience. Overflow strategies (failover, round-robin, cascade, replicate, archive) ensure data automatically routes to backup storage when primary storage is full or unreachable.

On-Premises: The entire platform can be installed on your own infrastructure for full data sovereignty. No data ever leaves your network.

Event Streaming: Platform events (logins, document changes, agreement seals, storage operations) can be exported to Google Pub/Sub, Apache Kafka, webhooks, Datadog, or custom event APIs for real-time observability.

The Platform never stores copies of your data without explicit consent.

The Platform collects the following data, as outlined in our Privacy Policy:

• Device information (type, browser, screen resolution, timezone)
• Location data (GPS coordinates during login, with consent)
• Login activity (times, IP addresses, authentication methods)
• Electronic signatures for legal consent records
• Phone numbers and SIM identifiers for verification

The Platform, including its design, code, AI models, and content, is the intellectual property of Beyond IT Inc. You may not copy, modify, reverse engineer, or redistribute any part without written permission.

To the maximum extent permitted by applicable law, Beyond IT Inc. shall not be liable for any indirect, incidental, special, consequential, or punitive damages.

These Terms are governed by applicable U.S. federal laws and the laws of the state in which the user resides.

We reserve the right to modify these Terms at any time. The platform tracks which version you accepted and will require mandatory re-consent when Terms change.

When agreements are sealed, a military-grade cryptographic hash of the agreement snapshot is computed. This hash serves as proof that the agreement existed in exactly that state at the recorded timestamp. All sealed documents maintain an immutable audit log. The Platform acts as a Digital Witness.

• Target uptime — 99.9% availability for production services, monitored 24/7.
• Scheduled maintenance — Planned maintenance windows communicated at least 48 hours in advance via email notification.
• Support response times — Critical issues (P1): response within 4 hours. High (P2): within 8 hours. Standard (P3/P4): within 2 business days.
• Service credits — If monthly uptime falls below 99.5%, affected customers may be eligible for service credits proportional to the downtime experienced.

Warranty Disclaimer

The Platform is provided "AS IS" and "AS AVAILABLE." While we strive for excellence in security, reliability, and performance, we do not warrant that the service will be uninterrupted, error-free, or meet every specific requirement. We make commercially reasonable efforts to ensure the highest quality of service.

Indemnification

You agree to indemnify and hold harmless Beyond IT, its affiliates, officers, and employees from any claims, damages, or expenses arising from: (a) your violation of these Terms, (b) your misuse of the Platform, (c) content you upload or share through the Platform, or (d) your violation of any applicable law or regulation. Beyond IT will indemnify you against claims arising directly from platform vulnerabilities or negligence on our part.

Limitation of Liability

To the maximum extent permitted by law, Beyond IT's total liability for any claim arising from these Terms or your use of the Platform shall not exceed the amount paid by you to Beyond IT during the twelve (12) months preceding the claim. This limitation applies regardless of the theory of liability.

• Billing cycle — Subscriptions are billed monthly or annually, depending on the plan selected.
• Payment methods — Credit card, bank transfer, or other methods as available in your region.
• Auto-renewal — Subscriptions automatically renew at the end of each billing period. You will receive a reminder at least 14 days before renewal.
• Cancellation — You may cancel your subscription at any time through your account settings. Cancellation takes effect at the end of the current billing period. No partial refunds for unused time within the current period.
• Data after cancellation — Upon cancellation, your data remains available for export for 30 days. After 30 days, data is permanently deleted unless a longer retention period is required by law.
• Data portability — You may export all your data in standard formats (JSON, CSV) at any time, both during your subscription and during the 30-day post-cancellation window.
• Price changes — We will provide at least 30 days' notice before any price increase. Existing subscribers are grandfathered at their current rate until the end of their current billing period.

Force Majeure

Neither party shall be liable for delays or failures in performance resulting from circumstances beyond its reasonable control, including but not limited to: natural disasters, pandemics, acts of government, war, terrorism, power failures, internet outages, or third-party service provider failures. The affected party will make commercially reasonable efforts to minimize the impact and resume performance as soon as practicable.

Acceptable Use Policy

In addition to telecommunications compliance (CRTC, TCPA, CASL), you agree NOT to:

• Use the Platform to send unsolicited bulk communications or spam
• Attempt to gain unauthorized access to other users' accounts or data
• Upload malicious code, viruses, or harmful content
• Use the Platform for any activity that violates applicable law
• Exceed rate limits or abuse API endpoints
• Resell or sublicense Platform access without written authorization
• Use AI features to generate misleading, fraudulent, or harmful content

legal@beyondit.co · Beyond IT Inc. · Montréal & Alberta, Canada