Last Updated: December 8, 2024
These Terms of Service ("Terms" or "Agreement") govern access to and use of the DeRisk Hub software-as-a-service platform, including all related websites, APIs, documentation, and related services (collectively, the "Services") provided by Shavee Enterprises ("DeRisk Hub", "we", "us", or "our").
By creating an account, accessing, or using the Services, or by executing an order form or similar agreement that references these Terms (an "Order Form"), the entity you represent ("Customer", "you" or "your") agrees to be bound by these Terms. If you do not agree, you must not use the Services.
If you are accepting these Terms on behalf of an organization, you represent that you have the authority to bind that organization.
In addition to terms defined elsewhere in this Agreement, the following definitions apply:
Capitalized terms used but not defined in this section have the meanings given in the DeRisk Hub Privacy Policy and Data Processing Framework (the "Privacy & DPA"), which is incorporated by reference into this Agreement.
Subject to timely payment of applicable fees and compliance with these Terms, DeRisk Hub will make the Services available to Customer during the Subscription Term for Customer's internal business purposes in accordance with this Agreement and any applicable Order Form.
Customer's use of the Services must conform to any user guides, API documentation, and other technical documentation provided or made available by DeRisk Hub (collectively, the "Documentation"). DeRisk Hub may update the Documentation from time to time to reflect improvements, changes, or clarifications.
Unless expressly agreed in a separate written service level agreement (SLA) executed between DeRisk Hub and Customer, DeRisk Hub does not guarantee any particular uptime, response time, or performance metrics. The Services may be unavailable from time to time, including for scheduled or unscheduled maintenance, upgrades, or emergency interventions.
DeRisk Hub may modify the Services from time to time, including adding, enhancing, or removing features, provided that such changes do not materially deprive Customer of core sanctions-screening and case-management functionality under Customer's then-current Subscription Plan. For material changes, DeRisk Hub will use reasonable efforts to provide prior notice via email or in-app notification.
Customer must create an Account to access the Services. Customer agrees to provide accurate and complete information during account registration and to keep such information up to date.
Customer may permit Authorized Users to access the Services under its Account, subject to the Usage Limits and the roles/permissions assigned (e.g., Analyst, Manager, Admin, Auditor). Customer is responsible for all actions taken under its Account by Authorized Users.
Customer must maintain the confidentiality and security of all login credentials and API keys associated with its Account. Credentials are intended for use by individual, named users and may not be shared. Customer is responsible for promptly notifying DeRisk Hub of any suspected or actual unauthorized access to its Account.
If Customer authorizes a third party (e.g., a consultant or service provider) to access the Account, Customer remains fully responsible for that third party's use of the Services and compliance with this Agreement.
Subject to these Terms and payment of applicable fees, DeRisk Hub grants Customer a limited, revocable, non-exclusive, non-transferable (except as expressly permitted), and non-sublicensable license during the Subscription Term to:
As between the parties, DeRisk Hub (and its licensors, where applicable) retains all rights, title, and interest in and to:
No rights are granted to Customer other than as expressly stated in this Agreement.
As between the parties, Customer retains all rights, title, and interest in and to Customer Data. Customer grants DeRisk Hub a worldwide, non-exclusive, royalty-free license for the Subscription Term (and any applicable retention period) to:
Customer and its Authorized Users may provide suggestions, comments, or other feedback regarding the Services ("Feedback"). DeRisk Hub may use Feedback without restriction and without obligation of confidentiality, attribution, or compensation. Feedback will not be considered Customer's confidential information.
Customer must not, and must not permit any third party to:
Customer is solely responsible for:
Where DeRisk Hub makes AI-Assisted Features available, Customer acknowledges that such features are tools to augment, not replace, professional judgment. Customer must ensure that qualified personnel review and take responsibility for all compliance decisions, and must not implement workflows that result in automated disposition of match alerts without human review.
DeRisk Hub does not provide legal, compliance, financial, or other professional advice and does not assume responsibility for Customer's compliance with Regulatory Compliance Laws.
Customer must not use the Services:
Customer is responsible for:
Customer represents and warrants that:
With respect to Customer Data that constitutes Personal Data:
With respect to Operational Data, DeRisk Hub acts as an independent data controller.
The DeRisk Hub Privacy Policy and Data Processing Framework (the "Privacy & DPA") is incorporated into this Agreement by reference. The Privacy & DPA sets out:
In the event of any conflict between these Terms and the Privacy & DPA with respect to data protection, privacy, or security matters, the Privacy & DPA will prevail.
Where DeRisk Hub uses Customer Data (in anonymized or pseudonymized form) as Model Training Data pursuant to Section 4.3, DeRisk Hub acts as an independent data controller for Model Training Data processing. DeRisk Hub will identify and document an appropriate lawful basis under Applicable Data Protection Laws for such processing. Where legitimate interests is relied upon, DeRisk Hub will conduct and maintain a Legitimate Interests Assessment. Where required by applicable law, DeRisk Hub will conduct a Data Protection Impact Assessment prior to commencing AI model training. Summary details of the applicable lawful basis are disclosed in the Privacy & DPA; the full LIA and any DPIA are maintained as internal compliance records and made available to Customers or competent authorities upon written request.
Customer will pay the fees for the Subscription Plan and any additional usage as described in the applicable Order Form or billing interface. DeRisk Hub may update Subscription Plans, features, or pricing from time to time; such changes will apply prospectively, typically at renewal or on a Customer-initiated plan change.
Fees will be billed in the currency and at the intervals (e.g., monthly or annual) specified in the Order Form or billing interface. Payments are processed by a third-party payment provider acting as merchant-of-record. Customer authorizes DeRisk Hub and its payment provider to charge the payment method on file for all amounts due.
All fees are exclusive of taxes, duties, levies, and other governmental assessments ("Taxes"). Customer is responsible for all Taxes arising from the Subscription, except taxes based on DeRisk Hub's net income. If Customer is required by law to withhold Taxes, Customer will increase payments so that the net amount DeRisk Hub receives equals the amount invoiced.
If Customer exceeds its Usage Limits (for example, number of Monitored Entities), Services will continue to operate and additional usage may be billed at the then-current per-unit rate for the applicable Subscription Plan or as otherwise set out in the Order Form. Overages are billed at a consistent rate—no punitive penalty fees.
If Customer fails to pay fees when due, DeRisk Hub may:
(a) charge interest on overdue amounts at the lesser of 1.5% per month or the maximum rate permitted by law; and/or
(b) suspend access to the Services after providing reasonable notice, until all overdue amounts are paid.
Customer remains responsible for fees during any suspension.
If Customer is an individual consumer buying in a personal capacity (not in the course of business), then, unless an exception below applies, the consumer has the right to cancel the purchase of a Paid Subscription or other product within fourteen (14) days from the day after the transaction completes ("Consumer Cancellation Period"). To exercise this right, the consumer must inform DeRisk Hub of the decision to cancel within the Consumer Cancellation Period by sending a clear, unambiguous statement to support@mail.deriskhub.com. For avoidance of doubt, a cancellation notice is effective if sent before the end of the Consumer Cancellation Period.
The consumer may also use a standard model cancellation form or any other clear statement through available communication channels, provided it clearly expresses the decision to cancel. Acknowledgment of receipt of a cancellation request will be communicated without undue delay.
Effect of Consumer Cancellation
If a valid cancellation is made within the Consumer Cancellation Period:
Exception to the Right to Cancel
A consumer's right to cancel under this section does not apply to digital services or digital content that has already been supplied and accessed (for example, where the consumer has already begun downloading, streaming, or otherwise using the digital content or services, including upon login and use of the SaaS features).
Refunds are provided at the sole discretion of DeRisk Hub and assessed on a case-by-case basis, and may be refused. DeRisk Hub will refuse a refund request where there is evidence of fraud, refund abuse, or other manipulative behaviour that entitles DeRisk Hub to counterclaim the refund.
This does not affect any statutory consumer rights that apply under local law, including rights related to Products that are not as described, faulty, or not fit for purpose.
For business customers, refunds (including subscription payments) are discretionary and will be granted only where DeRisk Hub determines, in its sole discretion, that a refund is appropriate.
All refund requests must be submitted to support@mail.deriskhub.com.
Refund requests received more than 60 days after the transaction date will not be processed.
If Customer has been charged sales tax (including VAT, GST, Consumption Tax, or similar indirect tax) and is registered for sales tax in the country of purchase, Customer may be entitled to a refund of the tax amount if permitted under the laws of that country. To be eligible, Customer must contact DeRisk Hub within 60 days after the purchase and provide a valid sales tax registration code.
Refunds of indirect tax may be subject to the operational rules of the payment processor.
For wire transfers, the Wire Transfer terms below apply.
Customer is solely responsible for providing accurate payment details (including unique bank transfer references, order information, and any applicable VAT/sales tax registration codes). DeRisk Hub may be unable to reconcile or refund transactions where such details are incorrect or incomplete.
Orders paid via wire transfer are not protected under consumer refund regimes (such as the Consumer Credit Act) and are therefore not eligible for refund, except where:
(a) the total transaction amount (including sales tax) exceeds $ / £ / €100, and
(b) DeRisk Hub, in its sole discretion, determines that a refund (including any eligible tax portion) is appropriate.
Refunds for wire transfers, where permitted, will be processed only after Customer provides accurate bank details and any required documentation. Customer is responsible for bank or intermediary fees and any foreign-exchange losses associated with wire-transfer refunds.
Except as required by applicable law or expressly stated otherwise in these Terms, there are no refunds for unused portions of a subscription, including when Customer cancels before the end of the billing cycle.
The Services may allow Customer to purchase access to functionality on a subscription basis ("Paid Subscriptions"). Paid Subscriptions renew automatically until cancelled. If the price of a Paid Subscription increases, DeRisk Hub will notify Customer and, where required, seek consent to continue. Customer will be billed on the day each Paid Subscription period renews.
If Customer wishes to cancel a Paid Subscription, Customer must do so from the billing page in the DeRisk Hub platform at least 48 hours before the end of the current billing period. Cancellation takes effect at the next renewal date.
There are no refunds on unused subscription periods, as described in Section 7.6.
DeRisk Hub may offer free trials or promotional access to certain features or Subscription Plans. The specific terms (duration, usage limits, and included features) will be presented at sign-up and may be modified or discontinued at any time. Access during a free trial is provided on an "as is" basis with no service guarantees or support commitments unless otherwise stated.
Unless expressly stated otherwise, a free trial will automatically end at its stated expiration date. Customer may convert a trial to a Paid Subscription at any time during the trial period. Customer's data, configurations, and cases from the trial will be preserved upon upgrading.
If Customer does not convert before the trial ends, access may be limited, suspended, or restricted until a Paid Subscription is purchased. DeRisk Hub may retain Customer Data after trial expiration for a limited period and may delete or anonymize it thereafter in accordance with the Privacy & DPA.
Customer may upgrade or downgrade its Subscription Plan through the billing dashboard or by following instructions provided in the Services. Cancellation of a Paid Subscription must be completed in accordance with the renewal and cancellation requirements set out in Section 7.7, including the required notice period for cancellation to take effect at the next renewal date.
Unless otherwise specified at the time of a plan change, upgrades or downgrades will typically take effect immediately. Feature availability, usage limits, and support levels may be adjusted upon the effective date of the plan change.
A Paid Subscription will remain active until the end of the then-current billing period, even if Customer submits a cancellation request beforehand, subject to the requirements of Section 7.7. Upon the effective date of cancellation:
No refunds are provided for unused portions of a subscription, as described in Section 7.6.
DeRisk Hub does not guarantee continuous availability of the Services or any specific uptime. The Services may experience interruptions, delays, or failures from time to time, including as a result of maintenance, upgrades, network or infrastructure issues, or factors outside DeRisk Hub's reasonable control.
DeRisk Hub may perform scheduled or unscheduled maintenance on the Services. DeRisk Hub will use reasonable efforts to schedule planned maintenance outside of peak business hours and, where practicable, to provide prior notice to Customer.
DeRisk Hub will provide support through channels (e.g., email, ticketing, in-app chat) and with response practices that correspond to Customer's Subscription Plan, as described in the applicable plan documentation or Order Form. Unless expressly stated in a separate SLA, DeRisk Hub does not commit to specific response or resolution times.
"Confidential Information" means non-public information disclosed by one party ("Disclosing Party") to the other party ("Receiving Party") that is designated as confidential or that a reasonable person would understand to be confidential given the nature of the information and circumstances of disclosure. Confidential Information includes Customer Data, non-public technical or business information, product roadmaps, security information, and the terms of this Agreement.
Confidential Information does not include information that:
The Receiving Party must:
The Receiving Party may disclose Confidential Information to its employees, contractors, advisors, and service providers who need to know the information for purposes of this Agreement and who are bound by obligations of confidentiality no less protective than those in this Agreement.
The Receiving Party may disclose Confidential Information when required by law, regulation, or court order, provided that (to the extent legally permissible) it gives the Disclosing Party prompt notice and cooperates with the Disclosing Party's reasonable efforts to seek protective measures.
Confidentiality obligations survive for five (5) years after termination of this Agreement, or in perpetuity for trade secrets, as long as they remain trade secrets under applicable law.
DeRisk Hub will implement and maintain technical and organizational security measures designed to protect Customer Data against unauthorized or unlawful processing and against accidental loss, destruction, or damage, taking into account the nature of the processing and industry-standard practices.
If DeRisk Hub becomes aware of a security incident that leads to accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to Customer Personal Data processed by DeRisk Hub ("Security Incident"), DeRisk Hub will:
DeRisk Hub's obligations do not apply to incidents caused by Customer or its Authorized Users.
Customer is responsible for determining whether to notify regulators, impacted individuals, or others of a Security Incident and for fulfilling such obligations. DeRisk Hub will provide reasonable cooperation and assistance in connection with such notifications, to the extent required by Applicable Data Protection Laws and as described in the Privacy & DPA.
The Services and Screening Content are provided as technical tools to assist Customer in its own sanctions screening, AML, and risk management workflows. DeRisk Hub does not provide legal, compliance, financial, tax, or other professional advice. Customer must obtain its own professional advice and is solely responsible for decisions made using or based on outputs from the Services.
While DeRisk Hub uses reasonable efforts to maintain up-to-date Screening Content and reliable matching algorithms, the Services and Screening Content may contain errors, omissions, or inaccuracies and may not capture every relevant person or entity. Customer acknowledges that:
To the maximum extent permitted by law, the Services, Screening Content, and Documentation are provided "as is" and "as available", without warranties of any kind, whether express, implied, statutory, or otherwise, including any implied warranties of merchantability, fitness for a particular purpose, non-infringement, or that the Services will be uninterrupted, error-free, or meet Customer's requirements.
Customer will defend, indemnify, and hold harmless DeRisk Hub, its Affiliates, and their respective officers, directors, employees, and agents from and against any third-party claims, damages, losses, liabilities, costs, and expenses (including reasonable legal fees) arising out of or related to:
DeRisk Hub will defend Customer against any third-party claim alleging that Customer's authorized use of the core Services (excluding Screening Content sourced directly from public authorities) infringes any copyright, trademark, or patent of such third party, and will indemnify Customer from any damages and reasonable legal fees finally awarded against Customer as a result of such claim, or agreed in a settlement approved by DeRisk Hub.
This obligation does not apply to claims arising from:
If the Services are, or in DeRisk Hub's reasonable opinion are likely to be, the subject of an infringement claim, DeRisk Hub may, at its option:
The indemnified party must:
DeRisk Hub may develop and make available features that use machine learning models to assist Customers in reviewing screening results, including suggestions regarding whether a potential match constitutes a true match or a false positive ("AI-Assisted Features"). Where AI-Assisted Features are made available:
AI-Assisted Features may not be available as yet; this section describes our intended future practice and is disclosed now for transparency.
To the maximum extent permitted by law, neither party will be liable to the other party for any:
arising out of or related to this Agreement, even if advised of the possibility of such damages and even if a remedy fails of its essential purpose.
To the maximum extent permitted by law, each party's total aggregate liability arising out of or relating to this Agreement will not exceed the total amount of fees actually paid by Customer to DeRisk Hub under this Agreement during the twelve (12) months preceding the event giving rise to the claim.
The limitations in this Section 14 do not apply to:
Customer represents and warrants that:
DeRisk Hub may suspend or terminate access to the Services immediately if it reasonably believes that providing the Services would violate applicable export control or sanctions laws.
Each party represents that it has not received or been offered any illegal or improper bribe, kickback, payment, gift, or thing of value from the other party or its employees or agents in connection with this Agreement. Either party will promptly notify the other upon becoming aware of any circumstances that are contrary to this requirement.
This Agreement enters into force on the earlier of (i) the date Customer first accepts these Terms or (ii) the Effective Date of the first Order Form, and continues until all Subscription Terms have expired or this Agreement is otherwise terminated in accordance with this Section.
Unless otherwise stated in the Order Form, either party may terminate this Agreement for convenience at the end of the then-current Subscription Term by providing the other party with any notice required in the applicable ordering or billing interface. Cancellation will be effective at the end of the current billing period, and fees paid are non-refundable except as expressly stated.
Either party may terminate this Agreement immediately upon written notice if:
DeRisk Hub may additionally suspend or terminate access to the Services immediately upon notice if it reasonably determines that:
Upon termination or expiration of this Agreement:
During the Subscription Term and for a commercially reasonable period after termination (as described in the Privacy & DPA), Customer may export certain Customer Data via available product features or by requesting assistance from DeRisk Hub. After this period, DeRisk Hub may delete or anonymize Customer Data, subject to any longer retention required by Regulatory Compliance Laws or other applicable laws.
The following provisions survive termination or expiration of this Agreement: Sections 1, 4.2–4.5, 5, 6, 7 (for unpaid amounts), 9.1, 10, 11, 12, 13, 14, 15, 16.4–16.6, 17, and 18, as well as any other provisions which by their nature are intended to survive.
This Agreement and any dispute arising out of or relating to it will be governed by and construed in accordance with the laws of India, without regard to conflict-of-laws principles.
Except for claims seeking injunctive or other equitable relief, any dispute, controversy, or claim arising out of or relating to this Agreement will be finally resolved by binding arbitration in accordance with the Arbitration and Conciliation Act, 1996 (India), as amended.
Nothing in this Agreement prevents either party from seeking urgent injunctive or equitable relief from a court of competent jurisdiction to protect its confidential information, intellectual property, or data security. Subject to the foregoing arbitration provision, the courts located in Pune, Maharashtra, India, will have exclusive jurisdiction.
Neither party will be liable for any delay or failure to perform its obligations (other than payment obligations) due to events beyond its reasonable control, such as natural disasters, acts of government, war, terrorism, riots, labor disputes, or internet or infrastructure failures.
Customer may not assign or transfer this Agreement, in whole or in part, without DeRisk Hub's prior written consent, except to a successor entity in connection with a merger, acquisition, or sale of substantially all of Customer's assets, provided that the successor is not a direct competitor of DeRisk Hub. DeRisk Hub may assign this Agreement without Customer's consent to an Affiliate or in connection with a corporate transaction.
The parties are independent contractors. This Agreement does not create any partnership, joint venture, agency, or employment relationship.
There are no third-party beneficiaries to this Agreement.
If any provision of this Agreement is held to be invalid or unenforceable, that provision will be enforced to the maximum extent permissible and the remaining provisions will remain in full force and effect.
No waiver of any provision of this Agreement will be effective unless in writing and signed by the waiving party. A party's failure to enforce any provision will not be deemed a waiver of future enforcement.
Formal legal notices under this Agreement must be in writing and sent to:
For DeRisk Hub:
Shavee Enterprises
601 Suyog Crystal, 50 Lulla Nagar
Pune 411040, India
Email: info@mail.deriskhub.com
For Customer:
The address and/or email specified in the Order Form or associated with the Account.
Notices will be deemed received when delivered by hand, sent by courier with confirmation, or sent by email with no bounce-back or error message.
This Agreement, together with the Privacy & DPA and any applicable Order Forms, constitutes the entire agreement between the parties regarding the Services and supersedes all prior or contemporaneous agreements and understandings, whether written or oral, relating to its subject matter.
DeRisk Hub may update these Terms from time to time. For material changes, DeRisk Hub will provide notice via email and/or in-app notification. Changes will take effect on the date specified in the notice, and Customer's continued use of the Services after that date constitutes acceptance of the updated Terms.
If you have any questions about these Terms of Service, please contact us at info@mail.deriskhub.com