Terms of Service

These Terms of Service ("Terms") govern your access to and use of the RiskReady platform and services operated by RiskReady ("we", "us", "our") at riskready.cloud. By accessing or using our services, you agree to be bound by these Terms.

1. Acceptance of Terms

By creating an account, joining our waitlist, or using any part of the RiskReady platform, you acknowledge that you have read, understood, and agree to be bound by these Terms and our Privacy Policy. If you are using RiskReady on behalf of an organisation, you represent that you have the authority to bind that organisation to these Terms.

If you do not agree to these Terms, you must not use our services.

2. Service Description

RiskReady is an AI-powered Governance, Risk, and Compliance (GRC) platform that helps organisations achieve and maintain compliance with frameworks such as ISO 27001, SOC 2, DORA, and NIS2. The platform provides risk management, control mapping, policy generation, evidence collection, and audit preparation capabilities.

RiskReady follows an open-core model:

3. Account Terms

To use the RiskReady platform, you must:

• Provide accurate and complete registration information
• Maintain the security of your account credentials
• Be at least 18 years of age
• Promptly notify us of any unauthorised use of your account

You are responsible for all activity that occurs under your account. We reserve the right to suspend or terminate accounts that violate these Terms or are used for fraudulent purposes.

4. Community Edition (AGPL License)

The RiskReady Community Edition is licensed under the GNU Affero General Public License version 3 (AGPL-3.0). Under this license:

• You are free to use, modify, and distribute the Community Edition
• If you modify the software and make it available over a network, you must make your modified source code available under the same AGPL-3.0 license
• The Community Edition is provided "as-is" without warranty, as described in the AGPL-3.0 license
• You may self-host the Community Edition on your own infrastructure at no cost

The full text of the AGPL-3.0 license is included with the Community Edition source code. In the event of any conflict between these Terms and the AGPL-3.0 license regarding the Community Edition, the AGPL-3.0 license prevails.

5. Paid Editions (SaaS Terms)

The paid editions (Startup, Growth, Business, Enterprise) are proprietary SaaS offerings. By subscribing:

• You receive a non-exclusive, non-transferable, revocable license to access and use the platform for the duration of your subscription
• Fees are billed in accordance with your subscription plan and are non-refundable except as required by law
• All paid customers receive dedicated, isolated instances — your data is logically and physically separated from other customers
• All data processing occurs within the European Union
• Service availability targets and support terms are defined in your service level agreement (SLA)

6. Acceptable Use

You agree not to use RiskReady to:

• Violate any applicable law or regulation
• Infringe on the intellectual property rights of others
• Transmit malware, viruses, or any code designed to disrupt or damage the platform
• Attempt to gain unauthorised access to other users' accounts, data, or systems
• Use the platform to store or process data that is unrelated to governance, risk, and compliance purposes
• Reverse-engineer, decompile, or disassemble the proprietary components of the paid editions
• Resell, sublicense, or redistribute access to the paid editions without our written consent

7. Intellectual Property

The RiskReady name, logo, branding, and proprietary platform components (including AI methodology, statistical models, and paid-tier features) are owned by RiskReady and protected by intellectual property laws. The Community Edition source code is licensed under the AGPL-3.0 as described in Section 4.

You may not use our trademarks, trade names, or branding without our prior written consent, except as required for reasonable and customary use in describing the origin of the Community Edition software.

8. Data Ownership

You grant us a limited, non-exclusive license to process your data solely for the purpose of providing and improving the RiskReady service. We will not use your data for any purpose other than operating the platform on your behalf, except in aggregate and anonymised form for the purpose of improving our AI models and benchmarking data.

Upon termination of your subscription, you may export your data in a standard format. After a reasonable data retention period, your data will be permanently deleted from our systems in accordance with our Privacy Policy.

9. Limitation of Liability

To the maximum extent permitted by applicable law, RiskReady and its directors, employees, and agents shall not be liable for any indirect, incidental, special, consequential, or punitive damages, including but not limited to loss of profits, data, business opportunities, or goodwill, arising out of or in connection with your use of the platform.

Our total aggregate liability for any claims arising under these Terms shall not exceed the amount you paid to us in the twelve (12) months preceding the claim.

RiskReady provides compliance tooling and AI-generated recommendations, but does not guarantee compliance with any regulatory framework. You remain solely responsible for your organisation's compliance obligations. AI-generated outputs are recommendations and should be reviewed by qualified personnel before implementation.

10. Indemnification

You agree to indemnify, defend, and hold harmless RiskReady and its officers, directors, employees, and agents from and against any claims, liabilities, damages, losses, and expenses (including reasonable legal fees) arising out of or in connection with:

• Your use of the platform in violation of these Terms
• Your violation of any applicable law or regulation
• Your infringement of any third-party rights
• Any data you enter into the platform that is inaccurate, misleading, or unlawful

11. Termination

You may terminate your account at any time by contacting us or using the account management features within the platform.

We may suspend or terminate your access to the platform at any time if:

• You breach these Terms
• Your use of the platform poses a security risk to us or other users
• We are required to do so by law or regulatory authority
• Your subscription payment is overdue

Upon termination, your right to access the paid platform ceases immediately. You will have a reasonable period to export your data before it is deleted. Provisions that by their nature should survive termination (including data ownership, limitation of liability, and indemnification) will remain in effect.

12. Governing Law

These Terms shall be governed by and construed in accordance with the laws of England and Wales, without regard to its conflict of law principles. Any disputes arising under or in connection with these Terms shall be subject to the exclusive jurisdiction of the courts of England and Wales.

13. Changes to These Terms

We reserve the right to modify these Terms at any time. We will notify you of material changes by posting the updated Terms on this page and updating the "Last updated" date. For significant changes, we may also notify you via email.

Your continued use of the platform after changes are posted constitutes your acceptance of the updated Terms. If you do not agree to the revised Terms, you must stop using the platform and terminate your account.

14. Contact Us

If you have any questions about these Terms of Service, please contact us: