Service & Acceptable Use Agreement
1. Definitions
| 1.1 “Service” | The VeriLink passwordless authentication platform, including all APIs, SDKs, dashboard interfaces, documentation, and associated infrastructure provided by VeriLink Inc. |
| 1.2 “Customer” | Any developer, organization, business entity, or individual that registers for and uses the Service under a VeriLink account. |
| 1.3 “End User” | Any individual who authenticates through the Service as a result of a Customer's integration. End Users do not have a direct contractual relationship with VeriLink. |
| 1.4 “Active User” | A unique End User who completes at least one VeriLink authentication event within a given 30-day billing cycle. |
| 1.5 “Integration” | The technical embedding or connection of the Service into a Customer's own application, platform, or product. |
| 1.6 “Resell” | Any act of charging, invoicing, billing, or otherwise transferring the cost of VeriLink services as a discrete, identifiable fee to any third party, including End Users. |
2. License Grant
Subject to the terms of this Agreement and payment of applicable fees, VeriLink grants the Customer a limited, non-exclusive, non-transferable, non-sublicensable license to access and use the Service solely for the purpose of integrating passwordless authentication into Customer's own products or services for the benefit of Customer's End Users. This license does not permit resale, sublicensing, or any use of the Service as a standalone offering made available to third parties.
3. Prohibited Uses and Acceptable Use Policy
3.1 Prohibition on End-User Billing
For the avoidance of doubt, this prohibition applies to but is not limited to: (a) line-item charges on invoices or receipts referencing VeriLink, authentication, or login services; (b) per-user or per-authentication fees passed directly to End Users; (c) add-on pricing tiers marketed to End Users that are funded by or derived from VeriLink usage costs; and (d) any resale, white-labeling, or repackaging of the Service as a standalone authentication product.
Nothing in this section prohibits a Customer from adjusting their own product pricing generally, provided that such pricing is not explicitly tied to or derived from VeriLink authentication usage as a discrete billable unit.
3.2 Additional Prohibited Activities
- Attempting to reverse engineer, decompile, or extract source code from the Service.
- Using the Service to authenticate users on behalf of a competitor to VeriLink without prior written consent.
- Sharing API keys, credentials, or account access with unauthorized third parties.
- Using the Service in any manner that violates applicable law, regulation, or third-party rights.
- Submitting fraudulent, synthetic, or bot-generated authentication events to manipulate billing.
- Removing, obscuring, or altering any VeriLink branding, attribution, or notices where required.
- Using the Service to facilitate unauthorized access to systems, data exfiltration, or any malicious activity.
4. Billing and Payment Terms
VeriLink charges Customers based on Monthly Active Users (MAU) as defined in Section 1.4. Billing is processed through Stripe using metered usage records submitted by VeriLink at the close of each 30-day billing cycle. Dormant accounts that do not complete an authentication event within a billing cycle are not counted as Active Users and incur no charge.
Current pricing tiers are published at veri-link.com/pricing.html and may be updated by VeriLink with thirty (30) days written notice to the Customer. Continued use of the Service following a pricing change constitutes acceptance of the revised rates. All fees are non-refundable except where required by applicable law or expressly stated otherwise in writing by VeriLink.
5. Enforcement and Remedies
5.1 Violation Detection
VeriLink reserves the right to monitor account activity, review Customer integrations, and investigate reports of potential violations of this Agreement. Monitoring may include review of API usage patterns, authentication event logs, and any publicly available information about Customer's product or pricing structure.
5.2 Enforcement Process
Upon identification of a suspected violation, VeriLink will follow the escalation process below:
5.3 Immediate Termination
Notwithstanding Section 5.2, VeriLink reserves the right to immediately suspend or terminate any account without prior notice in cases involving: (a) repeated violations following a prior warning; (b) deliberate or bad-faith non-compliance; (c) use of the Service in connection with illegal activity; or (d) any action that poses a material risk to VeriLink's infrastructure, reputation, or other customers.
6. Data and Privacy
VeriLink processes authentication event data solely to provide the Service and does not sell, license, or share End User data with third parties except as required by law. Customers are responsible for ensuring their use of the Service complies with all applicable privacy laws, including but not limited to GDPR, CCPA, and HIPAA where applicable. Customers must maintain their own privacy policy disclosing the use of third-party authentication infrastructure to their End Users. VeriLink's Privacy Policy, available at veri-link.com, is incorporated into this Agreement by reference.
7. Intellectual Property
VeriLink retains all right, title, and interest in and to the Service, including all underlying technology, algorithms, APIs, trademarks, and documentation. This Agreement does not convey any ownership interest in the Service to the Customer. Customer retains all right, title, and interest in their own applications and products into which the Service is integrated.
8. Disclaimers and Limitation of Liability
TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, VERILINK'S TOTAL CUMULATIVE LIABILITY TO CUSTOMER FOR ANY CLAIMS ARISING UNDER OR RELATED TO THIS AGREEMENT SHALL NOT EXCEED THE TOTAL FEES PAID BY CUSTOMER TO VERILINK IN THE THREE (3) MONTHS PRECEDING THE CLAIM. IN NO EVENT SHALL VERILINK BE LIABLE FOR INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, OR PUNITIVE DAMAGES.
9. Governing Law and Dispute Resolution
This Agreement shall be governed by and construed in accordance with the laws of the State of North Carolina, without regard to its conflict of law principles. Any dispute arising out of or relating to this Agreement shall first be submitted to good-faith negotiation between the parties. If unresolved within thirty (30) days, disputes shall be submitted to binding arbitration administered in Wake County, North Carolina under the rules of the American Arbitration Association. Notwithstanding the foregoing, either party may seek injunctive or equitable relief in any court of competent jurisdiction to prevent irreparable harm.
10. Modifications to this Agreement
VeriLink reserves the right to modify this Agreement at any time. Customers will be notified of material changes via the registered account email address at least thirty (30) days prior to the effective date of the change. Continued use of the Service following the effective date constitutes acceptance of the modified Agreement. If Customer does not agree to the modified terms, Customer must discontinue use of the Service and notify VeriLink in writing.
11. General Provisions
- Entire Agreement
- This Agreement constitutes the entire agreement between the parties with respect to the Service and supersedes all prior agreements, representations, and understandings.
- Severability
- If any provision of this Agreement is found to be unenforceable, the remaining provisions shall continue in full force and effect.
- Waiver
- Failure by VeriLink to enforce any provision of this Agreement shall not constitute a waiver of VeriLink's right to enforce such provision in the future.
- Assignment
- Customer may not assign or transfer this Agreement or any rights hereunder without VeriLink's prior written consent. VeriLink may assign this Agreement in connection with a merger, acquisition, or sale of substantially all assets.
- Notices
- All notices under this Agreement shall be sent to the Customer's registered account email and to support@veri-link.com for notices to VeriLink.
- Independent Contractors
- The parties are independent contractors. Nothing in this Agreement creates a partnership, joint venture, agency, or employment relationship between the parties.