User Terms of Service

    Last Updated: May 9, 2026

    1. Introduction

    1.1 Agreement to Terms

    These Terms of Service ("Terms") govern access to and use of BITSTRIC's website, digital content, public materials, enquiry forms, restricted resources, service portals, managed services, and other service-related interfaces. By accessing the website, submitting an enquiry, using the services, or otherwise engaging BITSTRIC, you agree to be bound by these Terms. If you use the website or services on behalf of an organization, you represent that you have authority to do so. Additional contracts, proposals, statements of work, service agreements, or data processing terms may also apply to paid engagements, and those documents will govern to the extent of any conflict for the relevant engagement.

    1.2 About BITSTRIC

    BITSTRIC provides AI engineering, sovereign AI integration, private RAG, agentic AI, AI audit-readiness, managed AI governance, and executive advisory services. BITSTRIC's work may involve legal, finance, security, regulated operations, and enterprise AI governance contexts. Depending on commercial phase and contractual requirements, BITSTRIC may operate through a founder-led or incorporated structure.

    1.3 Definitions

    In these Terms, "BITSTRIC", "we", "us", and "our" mean XFT Bitstric Solution, trading under the name BITSTRIC, together with any permitted affiliates or service entities acting on its behalf. "User" means any individual or entity accessing or using the website or services. "Client" means the organization subscribing to or purchasing paid services. "Authorized User" means a person the Client permits to access the services. "Website", "Services", "Materials", "Deliverables", "Client Data", "AI System", "RAG", "Agentic Workflow", "Managed Service", and "Output" have the meanings given by the context in which they are used and by the applicable engagement documents.

    2. Scope of Terms

    2.1 Website Use

    These Terms apply when you browse public pages, submit contact forms, enquiry forms, assessment forms, or newsletter requests, or access articles, templates, frameworks, whitepapers, diagrams, or other public service descriptions.

    2.2 Service Engagements

    These Terms also apply, to the extent not replaced by a separate written agreement, to AI risk discovery, AI audit-readiness and governance advisory, private RAG and agent deployment, managed AI governance services, and executive AI risk advisory.

    2.3 Separate Written Agreements

    Paid services require a proposal, quotation, statement of work, service agreement, or equivalent written acceptance. If a separate written agreement conflicts with these Terms, the separate agreement controls for that engagement. Client procurement terms do not apply unless BITSTRIC expressly accepts them in writing.

    3. Eligibility and User Responsibilities

    3.1 Business Use

    The website and services are intended primarily for business, professional, and organizational use. You must have the authority to submit information or make commitments on behalf of your organization, and you must ensure that all information you submit is accurate, lawful, and not misleading.

    3.2 Account or Portal Access

    Where accounts or portals are required for restricted resources, dashboards, or managed services, you are responsible for maintaining the confidentiality of your credentials and for promptly notifying BITSTRIC of any unauthorized access or suspected compromise. You are responsible for activity that occurs through your account unless BITSTRIC has failed to implement reasonable access controls within its own systems.

    3.3 Prohibited Conduct

    You must not engage in unauthorized access, probing, scanning, scraping, reverse engineering, decompiling, disassembling, or interference with the website, services, prompts, outputs, dashboards, APIs, or related systems. You must not upload malware, unlawful material, infringing content, or unauthorized confidential data. You must not misuse AI tools, prompts, outputs, APIs, dashboards, or reports, and you must not attempt to bypass security, access controls, rate limits, audit logging, or usage restrictions.

    4. Public Materials and Website Content

    4.1 Informational Nature

    Public materials are provided for general informational purposes only. Website content is not legal, tax, financial, cybersecurity, certification, or regulatory advice. You should obtain appropriate professional advice before relying on public materials for regulated or high-impact decisions.

    4.2 No Guarantee of Completeness

    BITSTRIC may update, remove, or revise content without notice. Public materials may not reflect the latest legal, regulatory, technical, or market developments. BITSTRIC does not guarantee that website content is complete, accurate, current, or suitable for a specific purpose.

    4.3 Third-Party Links

    The website may link to third-party websites, tools, documentation, or services. BITSTRIC does not control third-party content or practices, and you access third-party resources at your own risk.

    5. Service Descriptions

    5.1 AI Risk Discovery

    AI risk discovery may include AI use-case inventory, data sensitivity mapping, risk register preparation, control gap review, build-vs-buy recommendation, and remediation planning. It is intended to help clients understand risk before deploying AI systems, and it does not constitute formal certification, regulatory approval, or legal opinion.

    5.2 Private RAG and Agent Deployment

    Private RAG and agent deployment may include a private RAG stack, secure ingestion pipeline, role-based access, prompt and tool control, evaluation baseline, audit logs, and deployment documentation. The actual scope depends on the agreed environment, data, infrastructure, and client requirements. The Client remains responsible for internal approval, production use, governance, and operational risk acceptance.

    5.3 Managed AI Governance Service

    Managed AI governance services may include monthly control review, drift or retrieval quality checks, risk reports, incident logs, access review, provider change review, and executive summaries. Managed services are subject to agreed service levels, exclusions, support windows, and client dependencies. Unless expressly agreed otherwise, managed services do not guarantee uninterrupted operation, breach prevention, or regulatory compliance.

    5.4 Executive AI Risk Advisory

    Executive AI risk advisory may include board-level AI risk briefings, governance operating models, vendor risk assessments, AI investment prioritization, and ISO 42001-readiness support. Such advisory services are intended to support decision-making, not replace management accountability. BITSTRIC does not act as a regulator, certification body, statutory auditor, law firm, or insurance provider.

    6. AI-Specific Terms

    6.1 Nature of AI Outputs

    AI systems may generate inaccurate, incomplete, biased, outdated, non-deterministic, or unsuitable outputs. You must apply human review before relying on AI outputs for business, legal, financial, employment, safety, regulatory, or other high-impact decisions. BITSTRIC does not guarantee model accuracy, output correctness, or fitness for a specific decision.

    6.2 Client-Controlled Data and Systems

    The Client remains responsible for the legality, quality, accuracy, permissions, and completeness of any data supplied to BITSTRIC. The Client also remains responsible for its own infrastructure, access control, vendors, policies, users, backups, and production decisions. BITSTRIC's findings depend on the evidence, access, assumptions, and representations provided by the Client.

    6.3 Agentic Workflows and Tool Use

    Agentic systems may call tools, retrieve content, trigger workflows, or produce recommendations based on configuration. High-risk actions should use approval gates, logging, role-based access, and operational controls. The Client must not configure or use AI agents for unlawful, unsafe, deceptive, infringing, or unauthorized purposes.

    6.4 No Public Model Training by Default

    BITSTRIC does not intentionally use Client confidential data to train public AI models by default. Any fine-tuning, benchmarking, evaluation, synthetic data generation, or model improvement that uses Client data must be expressly scoped in writing. Third-party AI model providers may have separate terms and data handling rules that also apply.

    7. Client Data and Confidentiality

    7.1 Client Data Ownership

    The Client retains ownership of its pre-existing data, documents, systems, and confidential information. BITSTRIC receives only the limited rights necessary to provide the agreed services. The Client must ensure it has the right to provide any data or materials to BITSTRIC.

    7.2 Confidentiality Obligations

    Each party must protect non-public information received from the other party and may use it only for the agreed purpose. Confidentiality exclusions may apply to information that is public, independently developed, lawfully received from a third party, or required to be disclosed by law, regulation, or court order.

    7.3 Sensitive Data Handling

    The Client must not submit unnecessary personal data, sensitive data, credentials, production secrets, or regulated records. High-sensitivity data requires explicit scope, safeguards, and, where applicable, a data processing agreement. BITSTRIC may refuse, delete, or restrict handling of data that creates unacceptable legal, security, or operational risk.

    8. Intellectual Property

    8.1 BITSTRIC Materials

    BITSTRIC retains ownership of its methodologies, frameworks, templates, checklists, prompts, scripts, tools, libraries, know-how, and reusable materials. Public website materials may not be copied, resold, republished, or used to create competing services without permission. BITSTRIC trademarks, logos, names, and branding may not be used without written consent.

    8.2 Client Materials

    The Client retains ownership of client-provided documents, data, policies, diagrams, systems, and confidential materials. The Client grants BITSTRIC a limited right to use client materials solely for the agreed engagement. The Client warrants that any materials it supplies do not infringe third-party rights.

    8.3 Deliverables

    Deliverable ownership and usage rights should be defined in the applicable statement of work. Unless otherwise agreed, the Client receives a non-exclusive internal-use licence after full payment. BITSTRIC may reuse generalized knowledge, methodologies, and non-client-specific learnings.

    9. Fees, Payment, and Taxes

    9.1 Fees

    Fees are stated in the applicable proposal, quotation, invoice, statement of work, or service agreement. Fees may be fixed, milestone-based, time-and-materials, subscription-based, or retainer-based. Out-of-scope work may require additional fees.

    9.2 Payment Terms

    Payment timelines are stated in the applicable invoice or agreement. BITSTRIC may require deposits, upfront payment, or monthly advance payment. Late payment may result in suspension of services, withholding of deliverables, or termination.

    9.3 Taxes and Expenses

    Fees are exclusive of taxes unless expressly stated otherwise. The Client is responsible for applicable taxes, duties, withholding, bank charges, and transfer fees. Travel, lodging, third-party software, cloud, infrastructure, and other out-of-pocket expenses may be billed separately when reasonably incurred for the engagement.

    10. Change Control and Client Dependencies

    10.1 Scope Changes

    Changes to systems, data, deliverables, timelines, integrations, or assumptions require written agreement. BITSTRIC may charge additional fees for expanded scope, urgent work, rework, or additional stakeholders. Timeline extensions may apply if Client dependencies are delayed.

    10.2 Client Cooperation

    The Client must provide timely access, documentation, approvals, interviews, and technical support. The Client must identify all relevant systems, vendors, risks, policies, and stakeholders. The Client must maintain backups and internal controls over its own systems.

    10.3 Delay and Non-Performance

    BITSTRIC is not responsible for delays caused by Client-side dependencies. BITSTRIC may pause work if required information, access, payment, or approval is not provided. Additional fees may apply for remobilization or project restart.

    11. Disclaimers

    11.1 No Professional Substitution

    BITSTRIC does not replace legal counsel, tax advisers, statutory auditors, regulators, certification bodies, insurers, internal audit, data protection officers, chief information security officers, or management. Clients should obtain independent professional advice where required. BITSTRIC's advisory work supports decision-making but does not transfer Client accountability.

    11.2 No Certification or Regulatory Guarantee

    BITSTRIC does not issue accredited ISO certification unless expressly authorized under a separate lawful arrangement. BITSTRIC does not guarantee audit passing, regulatory approval, procurement acceptance, security immunity, or compliance status. Readiness assessments are based on scoped evidence, not exhaustive assurance.

    11.3 No Warranty of Results

    BITSTRIC does not guarantee revenue increase, cost reduction, risk elimination, model performance, uptime, business continuity, or operational outcome. AI systems and third-party platforms may change over time. Client implementation decisions remain the Client's responsibility.

    12. Limitation of Liability

    12.1 Excluded Losses

    To the fullest extent permitted by law, BITSTRIC is not liable for indirect, incidental, special, punitive, exemplary, consequential, or economic loss. Excluded losses may include loss of profit, revenue, goodwill, opportunity, anticipated savings, business interruption, data loss, or reputational damage. Excluded losses may also include regulatory fines, third-party claims, Client implementation decisions, AI output errors, or Client-controlled system failures.

    12.2 Liability Cap

    BITSTRIC's aggregate liability should be limited to the fees paid under the relevant engagement unless another cap is agreed in writing. For managed services, liability may be limited to fees paid within a defined lookback period. Certain liabilities may not be excluded where prohibited by law.

    12.3 Client Indemnity

    The Client indemnifies BITSTRIC for claims arising from Client data, Client instructions, unauthorized use, unlawful materials, or breach of these Terms. The Client also indemnifies BITSTRIC for third-party claims arising from Client systems, users, vendors, models, data, or business decisions. Any indemnity obligations may be further detailed in a service agreement or statement of work.

    13. Suspension and Termination

    13.1 Suspension Rights

    BITSTRIC may suspend access or services for non-payment. BITSTRIC may also suspend work for security risk, unlawful requests, unsafe activity, or breach of these Terms. BITSTRIC may suspend access to protect its systems, clients, users, or third parties.

    13.2 Termination Rights

    Either party may terminate according to the applicable agreement. BITSTRIC may terminate if continued service creates unacceptable legal, compliance, security, operational, or reputational risk. Termination does not affect accrued fees, confidentiality, intellectual property rights, liability limits, or dispute provisions.

    13.3 Effect of Termination

    Upon termination, access may be revoked, work-in-progress may be invoiced, and Client data return or deletion may follow the applicable agreement and legal retention requirements.

    14. Miscellaneous

    14.1 Changes to Terms

    BITSTRIC may modify these Terms from time to time. Material changes will take effect after notice, which may be provided by email, in-service notification, or by posting the updated Terms on the website. Continued use of the website or services after the effective date of the revised Terms constitutes acceptance of the revised Terms.

    14.2 Severability

    If any provision of these Terms is held to be invalid or unenforceable, the remaining provisions will remain in full force and effect.

    14.3 Assignment

    Neither party may assign these Terms without the other party's prior written consent, except to an affiliate or successor entity in connection with a merger, acquisition, or sale of all or substantially all of its assets.

    14.4 Entire Agreement

    These Terms, together with any applicable service order, statement of work, service agreement, and data processing addendum, constitute the entire agreement between you and BITSTRIC concerning the relevant services.

    14.5 No Waiver

    BITSTRIC's failure to enforce any right or provision of these Terms will not be considered a waiver of those rights or provisions.

    14.6 Notices and Contact Information

    Notices under these Terms may be delivered by email, website posting, or any other method specified in the applicable agreement. For privacy or legal inquiries, you may contact BITSTRIC at the contact details published on its website or in the applicable engagement documents.

    15. Governing Law and Dispute Resolution

    15.1 Governing Law

    These Terms are governed by the laws of Singapore, without regard to conflict-of-law principles, unless another governing law is expressly agreed in writing for a particular engagement.

    15.2 Dispute Resolution

    Any dispute arising out of or in connection with these Terms will be resolved exclusively by binding arbitration under the Singapore International Arbitration Centre (SIAC) Rules, which are deemed to be incorporated by reference into this clause. The seat of the arbitration will be Singapore, and the language of the arbitration will be English. Either party may seek urgent injunctive relief in the competent courts of Singapore.

    15.3 Survival

    Any provision that by its nature should survive termination will survive, including provisions relating to confidentiality, intellectual property, payment obligations, liability, indemnity, dispute resolution, and governing law.

    Appendix A. Legacy SaaS / Platform Terms

    The following clauses are preserved from the prior SaaS-oriented user terms as historical fallback language only. They apply only if a separate service order, subscription agreement, or platform-specific written agreement expressly incorporates them.

    A.1 Legacy Platform Scope

    The legacy terms were drafted for an IT consultation service, Software as a Service platform, and AI Integral as a Service environment. They focused on platform access, account use, subscription management, and AI coding assistant usage.

    A.2 License Grant

    Users and Authorized Users were granted a limited, non-exclusive, non-transferable license to access and use the service solely for internal business purposes, subject to the applicable service order and fair use limits.

    A.3 User Obligations

    The legacy platform rules required accurate registration information, secure handling of credentials, lawful and ethical use, and prompt notice of unauthorized access.

    The prohibited conduct set included:

    • reverse engineering, decompiling, disassembling, or otherwise attempting to discover source code or underlying algorithms;
    • automated access, scraping, or other bulk retrieval of service content without permission;
    • spam, unsolicited communications, malicious code, misleading information, or intellectual property infringement;
    • abuse of AI capabilities for harmful, unethical, discriminatory, or illegal content; and
    • attempts to bypass security, rate limits, or usage controls.

    A.4 Service Provider Obligations

    The legacy service language referenced industry-standard security measures, service levels, support windows, and advance notice for material service changes.

    A.5 Payment and Billing

    The legacy platform terms contemplated service orders, recurring subscriptions, auto-renewal, taxes, deposits, and suspension or termination for non-payment or excess usage.

    A.6 Data Privacy and Compliance

    The legacy terms referenced APAC and EU privacy compliance, a data processing addendum, cross-border transfer controls, breach notification, subprocessors, anonymization, and aggregation of usage data.

    A.7 Intellectual Property

    The legacy IP language retained BITSTRIC ownership of the service, internal materials, and reusable know-how, while granting users a limited right to use user content and AI-generated output in connection with their projects.

    The appendix also preserved guidance on open source compliance, including attribution, permissive versus copyleft licensing, and the need to review AI-generated code for license compatibility.

    A.8 Confidentiality, Termination, Liability, and Governing Law

    The legacy terms included confidentiality obligations, suspension and termination rights, limitation of liability, indemnification, Singapore governing law, and SIAC arbitration.

    A.9 Miscellaneous

    The legacy platform terms also addressed changes to terms, severability, assignment, entire agreement, no waiver, and notice mechanics.