These terms explain what you can expect from SupplyGuard, what we expect from users, and where the product’s boundaries are.
You may use SupplyGuard only for lawful business purposes and only for repositories, accounts, and workspaces you are authorized to connect.
You are responsible for the people who use your workspace and for the actions taken through your integrations.
You keep ownership of your data. You are responsible for making sure you have the right to connect the repos, organizations, and Slack destinations you add.
You are also responsible for reviewing findings and deciding what action to take. SupplyGuard helps with visibility and routing. It does not make remediation decisions for you.
Do not use the service to abuse integrations, interfere with the platform, probe for unauthorized access, or send spam through connected systems.
We may suspend access if use of the service creates legal, security, or operational risk.
SupplyGuard is a monitoring product, not a guarantee. It may miss issues, receive incomplete upstream data, or surface findings later than you want.
Use it as one layer in your security process, not as the only layer.
We may update, improve, or retire parts of the product over time. We may also change these terms as the product matures.
If a change materially affects your use, we should communicate it in a reasonable way.
To the maximum extent allowed by law, the service is provided as-is and as-available.
We are not liable for indirect, incidental, special, consequential, or punitive damages, or for loss of profit, revenue, data, or goodwill arising from use of the service.
For terms questions, contact tasavour@beneathatree.com.
