Terms of Service
Effective Date: December 3, 2024 · Last Updated: March 16, 2026
1. Introduction
These Terms of Service ("Terms") constitute a legally binding agreement between you ("Customer," "you," or "your") and Veri-Tech ("Veri-Tech," "Company," "we," "us," or "our"), governing your access to and use of the Veri-Docs platform, including the web portal at veri-tech.net, associated APIs, worker services, and all related documentation (collectively, the "Service").
By creating an account, subscribing to a plan, or otherwise accessing the Service, you agree to be bound by these Terms. If you are accepting these Terms on behalf of a company or other legal entity, you represent that you have the authority to bind that entity. If you do not agree to these Terms, do not use the Service.
2. Definitions
- "Authorized User" means an individual granted access to the Service under Customer's account.
- "Customer Data" means any data, configuration information, or content that Customer submits to, or that the Service retrieves from Customer's Microsoft 365 tenant on Customer's behalf.
- "Microsoft 365 Tenant" means the Customer's Microsoft Entra ID (Azure Active Directory) tenant and associated Microsoft 365 services.
- "SOP" means a Standard Operating Procedure document generated by the Service.
- "Compliance Assessment" means an automated scan and evaluation of Customer's tenant configuration against industry security frameworks.
- "Remediation" means automated configuration changes applied to Customer's Microsoft 365 Tenant through the Service.
- "Subscription Plan" means the tier of service selected by Customer (Starter, Pro, or Enterprise).
3. Account Registration and Security
3.1 Eligibility. You must be at least 18 years old and have the legal authority to manage the Microsoft 365 Tenant you connect to the Service.
3.2 Account Creation. You authenticate via Microsoft Entra ID. You are responsible for maintaining the security of your Microsoft account credentials.
3.3 Accuracy. You agree to provide accurate, current, and complete information and to keep your account information updated.
3.4 Responsibility. You are responsible for all activities that occur under your account, including actions taken by Authorized Users you invite.
4. Service Description
4.1 SOP Generation. The Service generates Standard Operating Procedure documents from your Microsoft 365 tenant configuration data, including but not limited to Intune policies, Conditional Access policies, and compliance policies.
4.2 Compliance Assessment. The Service scans your Microsoft 365 Tenant configuration against security frameworks (including but not limited to CIS, CISA, NIST, ISO 27001, and SOC 2) and produces gap analysis reports.
4.3 Automated Remediation. For eligible Subscription Plans, the Service can apply configuration changes to your Microsoft 365 Tenant to address identified compliance gaps. Remediation is subject to the additional terms in Section 8.
4.4 Output Formats. Generated documents may be provided in Markdown, HTML, PDF, and/or DOCX formats depending on your Subscription Plan.
5. Subscription Plans and Pricing
5.1 Plans. The Service is offered under the following Subscription Plans:
| Plan | Billing | Features |
|---|---|---|
| Starter | Monthly or Annual | Unlimited SOP generations, all 18 policy types, all formats (MD/HTML/PDF/DOCX), automatic SOP versioning, company branding |
| Pro | Monthly or Annual | Everything in Starter, compliance dashboard, auto-generated runbooks, framework mapping (NIST/ISO/CIS/CISA/SOC 2), scan comparison, AI-generated compliance insights, AI remediation planning |
| Enterprise | Annual only | Everything in Pro, 923-control assessment engine across 12 frameworks (Veri-Guard + Veri-Tune), automated remediation (330 controls across 6 workloads), compliance evidence packages, multi-tenant hub, RBAC, 3-year data retention, Compliance Copilot |
5.2 Pricing. Current pricing is published at veri-tech.net. Veri-Tech reserves the right to modify pricing with thirty (30) days' advance notice. Price changes do not apply to the current billing period.
5.3 MSP/Multi-Tenant. Managed Service Provider ("MSP") customers are billed per managed tenant on their existing Subscription Plan. Volume discounts may apply per published pricing schedules.
6. Billing and Payment
6.1 Payment Processing. All payments are processed through Stripe, Inc. You agree to Stripe's terms of service as applicable to payment processing.
6.2 Billing Cycle. Subscriptions are billed in advance on a monthly or annual basis, depending on the plan selected.
6.3 Automatic Renewal. Subscriptions automatically renew at the end of each billing period unless cancelled before the renewal date.
6.4 Cancellation. You may cancel your subscription at any time through the billing portal. Cancellation takes effect at the end of the current billing period. No prorated refunds are provided for partial billing periods.
6.5 Failed Payments. If payment fails, we may suspend access to the Service after providing reasonable notice and opportunity to update payment information.
6.6 Taxes. All fees are exclusive of applicable taxes. You are responsible for any sales, use, VAT, or similar taxes imposed by any jurisdiction.
7. Microsoft 365 Tenant Access
7.1 Consent. To use the Service, you must grant Veri-Tech's application registration access to your Microsoft 365 Tenant via Microsoft Entra ID admin consent. By granting consent, you authorize the Service to read configuration data from your tenant as described in our Privacy Policy.
7.2 Read Permissions. The Service requires read-only access to your tenant's configuration data (device management policies, Conditional Access policies, compliance settings, and related Microsoft Graph API endpoints) to provide SOP generation and compliance assessment features.
7.3 Write Permissions (Remediation). If you elect to use automated remediation features, you will be prompted to grant additional write permissions on a just-in-time ("JIT") basis. These elevated permissions are:
- Granted only when you explicitly initiate a remediation workflow;
- Scoped to the specific Microsoft Graph API permissions required for remediation;
- Automatically revoked after the remediation workflow completes.
7.4 Permission Revocation. You may revoke the Service's access to your Microsoft 365 Tenant at any time through the Microsoft Entra admin center. Revoking access will prevent the Service from functioning for that tenant.
7.5 No Credential Storage. The Service authenticates using X.509 certificate-based authentication. Veri-Tech does not store, access, or have visibility into your users' passwords or multi-factor authentication credentials.
8. Automated Remediation — Additional Terms
This section applies only to customers using the automated remediation feature (Enterprise plan).
8.1 Customer Authorization. Each remediation action requires your explicit authorization. The Service will not apply changes to your tenant without your affirmative selection and confirmation.
8.2 Break-Glass Verification. Before any remediation is executed, the Service verifies the existence of a designated break-glass (emergency access) account in your tenant to prevent lockout scenarios. Remediation will not proceed without this verification.
8.3 Report-Only Mode. Where applicable (e.g., Conditional Access policies), the Service supports deploying policies in report-only mode first, allowing you to evaluate impact before enforcement.
8.4 Phased Deployment. Remediation follows a phased deployment model with observation periods between phases to allow Customer to verify the impact of changes.
8.5 Customer Responsibility. YOU ARE SOLELY RESPONSIBLE FOR:
- Reviewing and selecting which controls to remediate;
- Validating that remediation actions are appropriate for your environment;
- Testing changes in a non-production environment where feasible;
- Maintaining break-glass accounts and emergency access procedures;
- Monitoring the impact of applied changes on your users and systems.
8.6 No Guarantee. Veri-Tech does not guarantee that automated remediation will achieve full compliance with any specific security framework or regulatory requirement. Compliance is a shared responsibility between Customer and Veri-Tech.
8.7 Rollback. While the Service provides documentation of all changes made, automated rollback is not guaranteed for all configuration types. Customer should maintain records of pre-remediation configuration states.
9. Intellectual Property
9.1 Veri-Tech IP. The Service, including all software, algorithms, templates, compliance mappings, remediation logic, user interfaces, and documentation, is the exclusive property of Veri-Tech and is protected by intellectual property laws. Nothing in these Terms grants Customer any ownership rights in the Service.
9.2 Customer Data. Customer retains all rights in Customer Data. Veri-Tech claims no ownership of your Microsoft 365 configuration data or any data retrieved from your tenant.
9.3 Generated Documents. SOPs, compliance reports, gap analyses, and other documents generated by the Service from your Customer Data are owned by you. You may use, distribute, and modify generated documents without restriction.
9.4 Feedback. If you provide suggestions, ideas, or feedback about the Service, Veri-Tech may use that feedback without restriction or obligation to you.
10. Data Handling and Privacy
10.1 Privacy Policy. Our collection and use of Customer Data is governed by the Veri-Docs Privacy Policy, which is incorporated into these Terms by reference.
10.2 Data Processing. If you require a Data Processing Agreement ("DPA") for regulatory compliance, contact us at legal@veri-tech.net or refer to our standard DPA.
10.3 Data Location. Customer Data is processed and stored in Microsoft Azure data centers located in the United States (East US 2 region).
10.4 Data Retention. Scan results and generated documents are retained in accordance with our data retention policy. You may request deletion of your data at any time.
11. Warranties and Disclaimers
11.1 Service Warranty. Veri-Tech warrants that the Service will perform materially in accordance with its published documentation.
11.2 Disclaimer. Except as expressly provided in Section 11.1, the Service is provided "as is" and "as available." Veri-Tech disclaims all warranties, express or implied, including but not limited to implied warranties of merchantability, fitness for a particular purpose, and non-infringement.
11.3 No Compliance Guarantee. The Service is a tool to assist with compliance efforts. Veri-Tech does not warrant that use of the Service will result in compliance with any particular regulatory framework, industry standard, or legal requirement. Compliance is a shared responsibility.
11.4 Third-Party Services. The Service interacts with Microsoft 365 services via the Microsoft Graph API. Veri-Tech is not responsible for the availability, accuracy, or performance of Microsoft services or APIs.
12. Limitation of Liability
12.1 Cap. To the maximum extent permitted by law, Veri-Tech's total aggregate liability arising out of or related to these Terms shall not exceed the amounts paid by Customer to Veri-Tech in the twelve (12) months preceding the claim.
12.2 Exclusions. In no event shall Veri-Tech be liable for any indirect, incidental, special, consequential, or punitive damages, including but not limited to loss of profits, data, business opportunities, or goodwill, even if advised of the possibility of such damages.
12.3 Remediation Liability. Without limiting the foregoing, Veri-Tech shall not be liable for damages arising from automated remediation actions that were authorized by Customer, including but not limited to user lockouts, service disruptions, or policy conflicts resulting from configuration changes applied at Customer's direction.
12.4 Essential Basis. The limitations in this section reflect the allocation of risk between the Parties and are an essential basis of the bargain between them.
13. Indemnification
13.1 By Customer. Customer agrees to indemnify, defend, and hold harmless Veri-Tech and its officers, directors, employees, and agents from and against any claims, damages, losses, liabilities, and expenses (including reasonable attorneys' fees) arising from: (a) Customer's use of the Service; (b) Customer's violation of these Terms; (c) Customer's violation of any third-party rights; or (d) changes applied to Customer's Microsoft 365 Tenant through the remediation feature.
13.2 By Veri-Tech. Veri-Tech agrees to indemnify, defend, and hold harmless Customer from and against claims alleging that the Service infringes a third party's intellectual property rights, provided Customer gives Veri-Tech prompt notice, cooperates in the defense, and allows Veri-Tech to control the defense and settlement.
14. Termination
14.1 By Customer. You may cancel your subscription and terminate these Terms at any time by cancelling through the billing portal or contacting support.
14.2 By Veri-Tech. Veri-Tech may suspend or terminate your access to the Service immediately upon written notice if you: (a) breach these Terms; (b) fail to pay fees when due; (c) use the Service in a manner that threatens the security or integrity of the Service or other customers; or (d) engage in activity prohibited by the Acceptable Use Policy.
14.3 Effect of Termination. Upon termination: (a) your right to access the Service ceases; (b) Veri-Tech will retain your data for thirty (30) days to allow you to export it, after which it may be deleted; (c) you remain liable for any unpaid fees; (d) Sections 9, 11, 12, 13, 15, and 16 survive termination.
15. Dispute Resolution
15.1 Governing Law. These Terms are governed by and construed in accordance with the laws of the State of Indiana, without regard to conflict of law principles.
15.2 Informal Resolution. Before initiating formal proceedings, the Parties agree to attempt to resolve disputes informally by contacting legal@veri-tech.net. The Parties will negotiate in good faith for at least thirty (30) days.
15.3 Arbitration. Any dispute not resolved informally shall be settled by binding arbitration administered by the American Arbitration Association ("AAA") under its Commercial Arbitration Rules. The arbitration shall be conducted in Indianapolis, Indiana. Judgment on the award may be entered in any court of competent jurisdiction.
15.4 Class Action Waiver. You agree that any dispute resolution proceedings will be conducted only on an individual basis and not in a class, consolidated, or representative action.
16. General Provisions
16.1 Entire Agreement. These Terms, together with the Privacy Policy, Acceptable Use Policy, Data Processing Agreement (if applicable), and any executed order forms, constitute the entire agreement between the Parties regarding the subject matter hereof.
16.2 Amendments. Veri-Tech may modify these Terms by posting updated Terms on the Service. Material changes will be communicated via email or in-app notification at least thirty (30) days in advance. Continued use of the Service after the effective date of changes constitutes acceptance.
16.3 Severability. If any provision of these Terms is found unenforceable, the remaining provisions remain in full force and effect.
16.4 Waiver. Failure to enforce any provision of these Terms shall not constitute a waiver of that provision.
16.5 Assignment. Customer may not assign these Terms without Veri-Tech's prior written consent. Veri-Tech may assign these Terms in connection with a merger, acquisition, or sale of assets.
16.6 Force Majeure. Neither Party shall be liable for delays or failures in performance resulting from causes beyond its reasonable control, including but not limited to acts of God, natural disasters, pandemics, government actions, or failures of third-party services (including Microsoft 365 or Azure).
16.7 Notices. Notices to Veri-Tech should be sent to legal@veri-tech.net. Notices to Customer will be sent to the email address associated with Customer's account.
Contact Information
Veri-Tech
Website: veri-tech.net
Product: veri-tech.net
Legal Inquiries: legal@veri-tech.net
Support: support@veri-tech.net