Terms & Conditions

1. About the Company and the Service

UID Studio LLC is a technology company focused on optimizing the operational infrastructure of cybersecurity teams. UID Studio is a "Vulnerability Management Operating System" (SaaS) designed to standardize the full vulnerability lifecycle, integrating data ingestion, collaborative management under international standards (CVSS, OWASP, CWE), and automated report generation.

2. Service Use and Technical Responsibility

2.1. Authorization: The User warrants that they have legal authority to manage, scan, or upload data from the assets registered in the platform.

2.2. No Security Guarantee: UID Studio is a management and optimization tool. Use of the platform does not guarantee that the User's infrastructure is invulnerable or cannot be subject to security breaches.

2.3. Human Validation: The User acknowledges that the technical and compliance recommendations generated by the platform are support tools and must be validated by competent security professionals before implementation.

3. Artificial Intelligence (AI) Integration

UID Studio offers assistance features through third-party language models. Use of these features is governed by the following rules:

3.1. Optional Use: AI-based data processing is entirely optional. The User decides which data to send to the AI engines.

3.2. Integrated Models: UID Studio provides integrated access to models (currently DeepSeek and Gemini). This use is subject to consumption quotas defined by the User's subscription plan (Personal, Professional, Business, or Enterprise). Once the quota is exhausted, the service may be limited until the next billing cycle.

3.3. Use of Your Own API Keys (BYOK): The User may choose to configure their own API keys (OpenAI/ChatGPT, Gemini, DeepSeek, Anthropic). In this case:

• Consumption and associated costs are the User's sole responsibility under their own contracts with those providers.
• UID Studio is not responsible for failures, rate limiting, or the privacy of data managed under the User's personal API keys.

3.4. AI Disclaimer: AI-generated impact and mitigation suggestions are probabilistic. UID Studio is not responsible for errors, hallucinations, or inaccuracies in automatically generated security recommendations.

4. Plans and Subscriptions

4.1. Service Levels (Tiers): UID Studio offers four subscription levels: Personal, Professional, Business, and Enterprise. Each plan has different storage capacities, operational modules, and AI usage quotas, detailed in our public Pricing section.

4.2. Payment Gateway and Security: To ensure maximum security in transactions, UID Studio uses Stripe as a trusted payment gateway. The User accepts Stripe's terms and conditions when completing a transaction. UID Studio does not directly store complete credit or debit card data on its servers.

4.3. Payment Methods:

• Personal, Professional, and Business plans: Payment will be made exclusively by credit or debit card through the platform.
• Enterprise plan: The costs for this plan are not public and are determined by mutual agreement based on the customer's specific needs. For this service level, direct bank transfer is optionally accepted as a payment method, in addition to cards.

4.4. Pricing and Modifications: Current prices for public plans are available at https://uid-studio.com/#pricing. UID Studio reserves the right to adjust prices. Any changes will be notified to the User at least thirty (30) days in advance.

4.5. Data Ownership: The User retains full ownership of the vulnerability data and reports uploaded or generated. UID Studio retains ownership of the platform's structure, algorithms, and source code.

5. Our Commitment to Security

5.1. UID Studio Security Practices: The Company recognizes the sensitivity of the data managed by the User. We commit to maintaining an appropriate security standard through encryption in transit (TLS) and at rest (AES-256), as well as strict access controls based on the principle of least privilege.

5.2. Ethical Hacking Exercises: As part of our continuous improvement promise, UID Studio commits to conducting periodic cybersecurity exercises, including vulnerability analyses and penetration testing (pentesting) on our own infrastructure. These exercises are carried out by internal experts or independent third parties to identify and mitigate risks proactively.

5.3. Responsible Disclosure (Vulnerability Disclosure): We maintain an open-door policy for the security researcher community. Any finding reported in good faith will be analyzed and remediated following industry standards, ensuring UID Studio evolves against emerging threats.

5.4. Limitation of the Commitment: The User understands that absolute security on the internet does not exist. UID Studio commits to using its "best commercial efforts" (Best Efforts) to protect the platform, always within the possible technological and operational limits.

6. Limitation of Liability

To the maximum extent permitted by law, UID Studio LLC shall not be liable for any indirect, incidental, special, or consequential damages, including, among others, loss of profits, data, or use, arising from a security breach in the User's systems. Our total liability will be limited to the amount paid by the User in the last twelve (12) months.

7. Governing Law and Jurisdiction

These Terms are governed by and interpreted in accordance with the laws of the State of Delaware, United States, without giving effect to its conflict of laws principles. Any dispute will be resolved exclusively in the competent courts of that jurisdiction.

8. Notices and Contact

All legal communications, support requests, or inquiries regarding the processing of personal data must be addressed to [email protected]. UID Studio LLC and UID Studio SPA (Chile) will process these requests within a timeframe consistent with applicable law in Delaware (USA) and Chile, as applicable.

Support Phone (USA): +1 775 242 7009