These terms govern your access to the Roder AI security platform. EU law. EU venue. Reasonable defaults.
These Service Terms form a binding agreement between Roder Oy (“Roder”) and the entity subscribing to the Roder platform (“Customer”). They apply to all subscriptions, trials, and proofs of value unless overridden by a signed Master Services Agreement.
Roder provides an EU-hosted AI security platform comprising an AI gateway, policy engine, MCP supply-chain protection and cost engine. Specific capabilities depend on the selected feature package and consumption tier. Roder may evolve the service and will not materially reduce functionality during a paid term.
Subscriptions are sold on annual or monthly terms. Trials run 14 days unless extended in writing. Paid subscriptions auto-renew for like terms unless either party gives 30 days’ written notice before renewal. Pricing in renewal terms may be adjusted with 60 days’ notice.
Fees are invoiced in EUR. Annual subscriptions are invoiced up front; monthly subscriptions are invoiced in advance each month. Payment terms are net 14 days. Overdue amounts accrue statutory interest. Roder may suspend the service after 30 days of payment delinquency with written notice. All fees are exclusive of VAT and other applicable taxes.
Customer agrees not to (a) reverse engineer, decompile or attempt to derive source code from the platform, (b) use the platform to violate law, generate malware, attack third parties or process unlawful content, (c) resell the platform without a signed partner agreement, (d) circumvent published rate limits or burst ceilings, (e) use the service to develop a competing product. Roder may take immediate action to mitigate active abuse.
Customer remains the controller of Customer Data. Roder acts as processor and processes Customer Data only on documented instructions in the subscription, these Service Terms and the Data Processing Agreement (DPA). All production processing occurs in the EU. Roder will support Customer in responding to data subject requests and regulatory enquiries.
Roder maintains a documented information security programme aligned to ISO 27001, ISO 42001 and SOC 2 Type II principles. Roder will notify Customer without undue delay and within 72 hours of confirming a material security incident affecting Customer Data, and cooperate in good faith with investigation and reporting obligations.
Production uptime target: 99.9% measured monthly, excluding scheduled maintenance and force majeure. Support response targets depend on the feature package: Core 1 business day, Plus 4 business hours, Advanced 1 business hour, Premium 30 minutes. Service credits, if any, are documented in the order form.
Roder owns all rights in the platform, including improvements derived from aggregated, de-identified usage. Customer owns all rights in Customer Data and content. Customer grants Roder a limited licence to process Customer Data solely to provide the service.
Each party will protect the other party’s confidential information with at least the same care it uses for its own, and not for less than reasonable care. Confidentiality obligations survive termination for three years; trade secrets are protected indefinitely.
Roder warrants that the platform will materially conform to its documentation during the subscription term. Except as expressly stated, the service is provided “as is”. Roder disclaims all implied warranties, including merchantability and fitness for a particular purpose, to the maximum extent permitted by law.
Except for breach of confidentiality, infringement of intellectual property, indemnification obligations, or wilful misconduct, each party’s aggregate liability under the agreement will not exceed the fees paid or payable by Customer in the 12 months preceding the event giving rise to the claim. Neither party is liable for indirect, special, incidental, consequential or punitive damages, or loss of profits, revenue, data or goodwill.
Roder will defend Customer against third-party claims that the unmodified platform infringes EU/EEA intellectual property rights, and indemnify Customer against damages finally awarded, subject to Customer providing prompt notice and reasonable cooperation.
Either party may terminate for uncured material breach after 30 days’ written notice. Upon termination, Customer’s right to use the service ends; Roder will delete or return Customer Data within 30 days subject to legal retention obligations.
These Service Terms are governed by the laws of Finland, excluding conflict-of-law principles. Exclusive venue is the District Court of Helsinki, except either party may seek injunctive relief in any competent court to protect its intellectual property or confidentiality.
Roder may update these Service Terms by posting a revised version with a new “Last updated” date. Material changes will be communicated to active customers at least 30 days before they take effect.
Roder Oy · Helsinki, Finland · sales@roder.ai · compliance@roder.ai