Terms of Service
Please read these terms carefully before using ShieldFlow. By accessing our platform, you agree to be bound by these terms.
Last updated: March 2026
These Terms of Service ("Terms") govern your access to and use of the services provided by ShieldFlow Ltd. ("ShieldFlow", "we", "us", or "our"), including the ShieldFlow platform at app.shieldflow.io, our website at shieldflow.io, our SDKs, middleware, APIs, and all related services (collectively, the "Service").
1. Acceptance of Terms
By creating an account, accessing, or using our Service, you agree to be bound by these Terms. If you are using the Service on behalf of an organization, you represent and warrant that you have the authority to bind that organization to these Terms, and "you" refers to both you individually and the organization.
If you do not agree to these Terms, you must not access or use the Service. We recommend that you print or save a copy of these Terms for your records.
2. Description of Service
ShieldFlow is a client-side web security platform that provides:
- Real-time monitoring and analysis of Content Security Policy (CSP) violations and other client-side security events
- Automated security header management and policy generation
- AI-powered security recommendations and threat classification
- Resource scanning and third-party script analysis (Resource X-Ray)
- Compliance scoring and reporting
- SDKs and middleware for browser, Node.js, and .NET environments
- Shield Sentinel AI security assistant
- Security education and training resources
We reserve the right to modify, suspend, or discontinue any part of the Service at any time, with reasonable notice for material changes.
3. Account Registration and Responsibilities
To use the Service, you must create an account. You agree to:
- Provide accurate, current, and complete registration information
- Maintain and promptly update your account information
- Keep your password secure and confidential
- Accept responsibility for all activities that occur under your account
- Notify us immediately of any unauthorized use of your account
You must be at least 16 years of age to create an account. Accounts registered by automated methods (bots) are not permitted.
4. Subscription Plans and Billing
ShieldFlow offers the following subscription tiers:
| Plan | Price | Events / Month | Apps | Users |
|---|---|---|---|---|
| Free | $0 | 5,000 | 1 | 1 |
| Starter | $29/mo | 50,000 | 3 | 3 |
| Pro | $79/mo | 500,000 | 10 | 10 |
| Business | $199/mo | 5,000,000 | Unlimited | 25 |
| Enterprise | Custom | Custom | Unlimited | Unlimited |
Regarding billing:
- All paid subscriptions are billed monthly in advance via Stripe
- Prices are in US Dollars and exclude applicable taxes
- You authorize us to charge your payment method on a recurring basis
- Upgrades take effect immediately; downgrades take effect at the end of the current billing cycle
- Refunds are provided at our discretion; contact hello@shieldflow.io for billing disputes
- If payment fails, we will attempt to charge your payment method again. After repeated failures, your account may be downgraded to the Free tier
5. Free Tier and Trial
ShieldFlow offers a free tier that provides limited access to the platform indefinitely (5,000 events per month, 1 application, 1 user, 7-day data retention).
New accounts also receive a 14-day free trial of the Pro tier. No credit card is required to start the trial. At the end of the trial period, your account will automatically revert to the Free tier unless you subscribe to a paid plan.
We reserve the right to modify the terms of the free tier and trial at any time.
6. Acceptable Use Policy
You agree not to use the Service to:
- Violate any applicable law, regulation, or third-party rights
- Transmit malware, viruses, or other malicious code
- Attempt to gain unauthorized access to any part of the Service or its infrastructure
- Interfere with or disrupt the integrity or performance of the Service
- Use the Service to conduct denial-of-service attacks or other abusive activity
- Reverse-engineer, decompile, or disassemble the Service
- Use automated means to scrape, crawl, or extract data from the Service beyond authorized API usage
- Resell, sublicense, or redistribute the Service without our written consent
- Use the Service to monitor websites you do not own or have authorization to monitor
- Submit falsified security telemetry or manipulate violation reports
We reserve the right to suspend or terminate accounts that violate this Acceptable Use Policy, with or without notice.
7. Intellectual Property
The Service, including its original content, features, functionality, design, source code, and documentation, is owned by ShieldFlow Ltd. and is protected by international copyright, trademark, patent, trade secret, and other intellectual property laws.
"ShieldFlow", the ShieldFlow logo, "Shield Sentinel", "Resource X-Ray", and "Shield Level" are trademarks of ShieldFlow Ltd. You may not use these marks without our prior written consent.
We grant you a limited, non-exclusive, non-transferable, revocable license to use the Service in accordance with these Terms. This license does not include the right to modify, distribute, or create derivative works of the Service.
8. API Usage and Rate Limits
Access to our APIs is subject to rate limits that vary by subscription tier. Current rate limits are documented in our developer documentation. Key limits include:
- Ingest API: Per-customer rate limiting (500 requests/minute), per-IP limiting (1,000 requests/minute), and global limiting (5,000 requests/minute)
- Dashboard API: Rate limits based on your subscription tier
- SDK telemetry: Subject to your plan's monthly event quota
Exceeding rate limits will result in temporary request throttling (HTTP 429 responses). Persistent abuse may result in account suspension. If you require higher limits, please contact us about our Enterprise plan.
9. Data Ownership
You own your data. All security telemetry, configuration data, policies, and reports generated from your applications remain your property. We do not claim ownership over your data.
You grant ShieldFlow a limited license to process, store, and analyze your data solely for the purpose of providing the Service. This license terminates when you delete your account.
You may export your data at any time through the Service dashboard or API. Upon account deletion, we will delete your data within 30 days, except where required by law to retain it.
We may use aggregated, anonymized data (that cannot identify you or your users) to improve the Service, develop new features, and generate industry insights. This data will never be sold to third parties.
10. Service Availability
We strive to maintain high availability of the Service. Our target uptime commitments are:
- Free, Starter, and Pro tiers: Commercially reasonable efforts to maintain availability (no formal SLA)
- Business tier: 99.9% monthly uptime SLA
- Enterprise tier: 99.9% monthly uptime SLA with dedicated support and custom terms
Scheduled maintenance windows will be communicated at least 48 hours in advance. Emergency maintenance for security or stability reasons may be performed without advance notice.
Service credits for SLA breaches are available for Business and Enterprise customers. Please refer to your specific service agreement for details.
11. Limitation of Liability
To the maximum extent permitted by applicable law:
- The Service is provided "AS IS" and "AS AVAILABLE" without warranties of any kind, either express or implied
- ShieldFlow does not warrant that the Service will be uninterrupted, error-free, or completely secure
- ShieldFlow shall not be liable for any indirect, incidental, special, consequential, or punitive damages, including but not limited to loss of profits, data, use, goodwill, or other intangible losses
- ShieldFlow's total aggregate liability shall not exceed the amount you paid to ShieldFlow in the twelve (12) months preceding the claim
- ShieldFlow is not responsible for security breaches that occur despite correct implementation of recommended security policies
Important: ShieldFlow provides security monitoring and recommendations. We are a tool to enhance your security posture, not a guarantee against all security threats. You remain responsible for the overall security of your applications.
12. Termination
By you: You may terminate your account at any time through the account settings in the dashboard or by contacting us at hello@shieldflow.io. If you are on a paid plan, you will not receive a refund for the remainder of the current billing period.
By us: We may suspend or terminate your access to the Service at any time if:
- You violate these Terms or the Acceptable Use Policy
- Your payment is overdue for more than 30 days
- We are required to do so by law
- We discontinue the Service (with at least 90 days' notice)
Upon termination, your right to use the Service ceases immediately. We will retain your data for 30 days after termination to allow for data export, after which it will be permanently deleted.
13. Governing Law
These Terms shall be governed by and construed in accordance with the laws of the State of Israel, without regard to its conflict of law provisions.
Any disputes arising out of or relating to these Terms or the Service shall be subject to the exclusive jurisdiction of the courts located in Tel Aviv, Israel. Both parties consent to the personal jurisdiction of such courts.
Notwithstanding the above, ShieldFlow may seek injunctive or other equitable relief in any court of competent jurisdiction to protect its intellectual property rights.
14. Changes to These Terms
We reserve the right to modify these Terms at any time. We will provide notice of material changes by:
- Posting the updated Terms on this page with a new "Last updated" date
- Sending an email notification to the address associated with your account
- Displaying a prominent notice in the Service dashboard
Your continued use of the Service after the effective date of any changes constitutes your acceptance of the modified Terms. If you do not agree to the modified Terms, you must stop using the Service and terminate your account.
15. Contact Us
If you have any questions about these Terms of Service, please contact us:
- General inquiries: hello@shieldflow.io
- Privacy inquiries: privacy@shieldflow.io
- Website: shieldflow.io
- Mailing address: ShieldFlow Ltd., Israel