Master Service Agreement

EvalGuard provides an AI evaluation, security testing, observability, and governance platform (“Services”) as described at evalguard.ai. The Services include:

• LLM evaluation with 87+ automated scorers
• Security scanning with 232+ attack plugins
• Real-time observability and trace monitoring
• AI gateway with firewall and guardrails
• Compliance mapping (NIST AI RMF, EU AI Act, SOC 2)
• API, SDK, and CLI access

Fees are as stated in the applicable Order Form or pricing page. All fees are non-refundable unless otherwise stated. EvalGuard may adjust pricing with 30 days written notice before the next renewal period.

Enterprise customers are billed annually. Payment is due within 30 days of invoice date (Net-30).

EvalGuard commits to the following service levels for paid plans:

Service credits are issued for downtime exceeding the SLA commitment. See full SLA details.

Customer retains all rights to Customer Data. EvalGuard processes Customer Data solely to provide the Services. Data processing is governed by the Data Processing Agreement.

Customer Data includes: evaluation inputs/outputs, trace data, prompt content, security scan results, and configuration data. EvalGuard does not use Customer Data to train models or for any purpose other than service delivery.

EvalGuard maintains industry-standard security practices including:

• AES-256-GCM encryption at rest with BYOK (Bring Your Own Key) support
• TLS 1.2+ encryption in transit
• Row-level security with role-based access control
• Automated vulnerability scanning and dependency auditing
• Comprehensive audit logging with tamper detection
• Regular security assessments and penetration testing

See our responsible disclosure policy and trust center for details.

EvalGuard retains all rights to the platform, including software, documentation, and methodologies. Customer retains all rights to Customer Data and any custom configurations created using the Services.

Neither party acquires any rights in the other party's intellectual property except as expressly stated in this Agreement.

Each party agrees to protect the other's Confidential Information with at least the same degree of care used for its own confidential information, but no less than reasonable care. Confidential Information excludes information that is publicly available, independently developed, or rightfully received from a third party.

EvalGuard warrants that the Services will perform materially in accordance with the documentation. If the Services fail to meet this warranty, EvalGuard will use commercially reasonable efforts to correct the non-conformity or provide a pro-rata refund.

EXCEPT AS EXPRESSLY STATED, THE SERVICES ARE PROVIDED “AS IS” WITHOUT WARRANTY OF ANY KIND.

NEITHER PARTY'S AGGREGATE LIABILITY UNDER THIS AGREEMENT SHALL EXCEED THE TOTAL FEES PAID BY CUSTOMER IN THE 12 MONTHS PRECEDING THE CLAIM.

NEITHER PARTY SHALL BE LIABLE FOR INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, OR PUNITIVE DAMAGES.

These limitations do not apply to: (a) breaches of confidentiality, (b) indemnification obligations, or (c) willful misconduct.

EvalGuard will indemnify Customer against third-party claims alleging that the Services infringe any intellectual property right, provided Customer gives prompt notice and reasonable cooperation.

This Agreement begins on the Effective Date and continues for the subscription term. Either party may terminate for material breach with 30 days written notice and opportunity to cure.

Upon termination, Customer may export their data within 30 days. After 90 days, all Customer Data will be permanently deleted.

This Agreement is governed by the laws of India. Any disputes shall be resolved through binding arbitration in accordance with the rules of the Indian Council of Arbitration, with proceedings held in Chennai, Tamil Nadu.

• Legal: [email protected]
• Support: [email protected]
• Sales: [email protected]