Terms of Service

1. Agreement to Terms

By installing, accessing, or using Xail (the "Service"), you agree to be bound by these Terms of Service ("Terms"). If you do not agree, do not use the Service. These Terms constitute a legally binding agreement between you and Xail ("we," "us," or "our").

If you are using the Service on behalf of an organization, you represent that you have authority to bind that organization to these Terms, and "you" refers to that organization.

2. Description of the Service

Xail is a lightweight email client that connects to your existing email accounts (Gmail, Outlook, Yahoo, and other providers) via OAuth 2.0. Xail provides:

• A unified inbox for reading, composing, and replying to regular email
• Split-channel secure messaging using XorIDA threshold secret sharing, where messages are cryptographically split into shares and sent across multiple independent email providers
• A visual security border system indicating the security level of each conversation
• On-device AI features including summarization, entity extraction, and natural language search
• An invitation-based contact exchange for establishing secure communication channels
• AI assistants — Ren (sales) and Kaia (in-app support) — available via text chat and voice, powered by third-party AI services. These assistants help with product questions, onboarding, and account guidance. They do not access your email content.

3. Eligibility

You must be at least 13 years old (or the minimum age in your jurisdiction) to use Xail. If you are under 18, you must have your parent's or guardian's consent. By using Xail, you represent that you meet these requirements.

4. Account and Security

4.1 Email Account Connection

Xail requires you to connect at least one email account via OAuth 2.0. You are responsible for maintaining the security of your email accounts. Xail does not store your email passwords — authentication is handled entirely by your email provider.

4.2 Split-Channel Security

Xail's split-channel security depends on you maintaining separate, independent email accounts with different email providers. The security guarantees of Xail's threshold sharing system are based on the assumption that these accounts are not controlled by the same party (other than you). Using multiple accounts at the same provider (e.g., two Gmail accounts) reduces the independence guarantee.

4.3 Your Responsibility

You are responsible for all activity that occurs through your connected email accounts within Xail, keeping your devices and email accounts secure, ensuring your connected email accounts remain active and accessible, and understanding that disconnecting email accounts may affect your ability to reconstruct previously received secure messages.

5. Service Tiers and Pricing

Current status: Xail is in early access. During this period, all features are available at no cost. Paid tiers and pricing will be announced in the future. We will provide at least 30 days' notice before any paid features are activated.

5.1 Security Tiers

Xail's security level depends on the number of independent email addresses you connect:

Tier	Addresses	Security Level
Gray	1	Unsecured — regular email only, no security tier
Blue	2	Secured — 2-of-2 threshold, no single provider can read your messages
Green	3	Secured + fault tolerant — 2-of-3 threshold, messages survive one provider outage

5.2 User Accounts and Cross-Device Sync

Your first connected email address serves as your Xail identity. Your account data — including connected account metadata, settings, contacts, and preferences — is synced across devices so that connecting the same email on a new device restores your profile. Only metadata is synced. Message content, shares, and plaintext are never stored on or transmitted through Xail servers.

5.3 Enterprise Agreements

Enterprise usage is governed by a separate Enterprise Agreement that supplements these Terms. Enterprise Agreements may include custom terms for compliance, SLA, data handling, and support. In the event of a conflict between these Terms and an Enterprise Agreement, the Enterprise Agreement controls.

6. Acceptable Use

You agree not to:

• Use Xail to send spam, phishing, or unsolicited bulk messages
• Attempt to circumvent the split-channel security mechanism for malicious purposes
• Reverse-engineer, decompile, or disassemble any part of the Service (except any open-source components, which are provided under their own licenses)
• Use the Service to violate any applicable law or regulation
• Impersonate another person or entity through the Service
• Interfere with or disrupt the Service or servers connected to the Service
• Use automated systems to access the Service in a manner that exceeds reasonable use
• Use the Service to transmit malware, viruses, or other harmful code

We reserve the right to suspend or terminate accounts that violate these terms.

7. Intellectual Property

7.1 Xail's Intellectual Property

The Service, including its design, interface, code, and documentation, is owned by Xail and protected by intellectual property laws. The split-channel secure messaging method is the subject of a pending patent application. The Xail name, logo, and brand elements are trademarks of Xail.

7.2 Open-Source Components

Xail's cryptographic library implements the XorIDA threshold sharing algorithm over GF(2). The cryptographic implementation is tested with known-answer test vectors and 100% line coverage. When published, open-source components will be provided under their respective licenses.

7.3 Your Content

You retain all rights to your email content. Xail does not claim ownership of any messages, attachments, or data you create, send, or receive through the Service. Because Xail processes content only on your device, we never have access to your content on our servers.

8. Anti-Competitive Use Restrictions

IMPORTANT — THIS IS NOT A NON-COMPETE CLAUSE

California law (Business and Professions Code § 16600) prohibits employment non-compete agreements. This section does NOT restrict employment. It restricts how business customers may use private.me technology.

Prohibited Use

You may NOT use private.me ACIs to build, train, improve, or operate competing products in any of the following categories:

1. Managed credential platforms (DID-based identity, verifiable credentials, agent authentication)
2. Threshold secret sharing libraries (XorIDA, Shamir's, SSSS, MPC)
3. Agent-to-agent messaging protocols (bilateral authentication, envelope signing, trust registries)
4. Payment orchestration ACIs (xchange, xopenbank, payment initiation)
5. Document processing ACIs (xformat, xparse, xrender)
6. Email security platforms (split-channel messaging, share reconstruction)
7. No-code/low-code agent frameworks (equivalent to flowise, autogen, @private.me/sdk)
8. Ephemeral algorithm execution systems (xGhost pattern, memory-safe IP protection)
9. Trust registry services (DID verification, scope graphs, policy enforcement)
10. Full Control IP protection systems (split-algorithm distribution, payment-gated shares)

Permitted Use

You MAY:

• Build products that consume ACIs as infrastructure (e.g., SaaS app using xBind for auth)
• Integrate ACIs into unrelated products (e.g., CRM using xformat for document export)
• Use ACIs internally for operations (e.g., DevOps using @private.me/flowise)

Enterprise Carve-Out

Enterprise customers with written permission may use ACIs for competitive products under custom licensing terms.

California Enforceability Note

This section restricts B2B customer product use, not individual employment. California courts have consistently upheld B2B use restrictions in software licensing agreements.

8. Privacy

Your use of the Service is also governed by our Privacy Policy, which is incorporated into these Terms by reference. The Privacy Policy describes our zero-knowledge architecture and explains how your data is handled.

9. No Guarantee of Delivery

Xail relies on third-party email providers (Gmail, Outlook, Yahoo, etc.) to deliver messages. We do not guarantee message delivery, delivery timing, or delivery order. Delivery depends on the uptime and performance of your email providers, your internet connectivity, and the recipient having an active Xail installation with sufficient shares available for reconstruction.

For secure messages using a 2-of-3 threshold (Green tier), the message can be reconstructed even if one email provider experiences downtime.

Deferred delivery: When you send a secure message to a recipient who does not yet use Xail, one share is delivered to their existing email with an invitation to join. The remaining share is held on your device indefinitely until the recipient joins Xail. There is no expiry on held shares — they remain available for delivery as long as your Xail client retains them.

10. Disclaimer of Warranties and Limitation of Liability

11. Refund Policy

11.1 Pro Tier

All fees for Pro Tier usage are non-refundable except as required by applicable law. Pro Tier overage charges are calculated at the end of each billing cycle based on actual usage. You may terminate your account at any time to stop future charges.

11.2 Enterprise Tier

Pro-rata refunds are available within 30 days of contract start if:

• Usage is less than 10% of contracted capacity, AND
• No Enterprise-exclusive features have been accessed

After 30 days, all Enterprise Tier fees are non-refundable except as required by applicable law.

12. Price Changes

12.1 Pro Tier Price Changes

We may change Pro Tier pricing (free tier threshold or per-100k interaction rate) with 60 days' written notice. Notice will be delivered via:

• Email to the account owner
• Dashboard banner notification
• Announcement on private.me/changelog

Grandfathering: Current Pro customers retain existing pricing for 6 months after notice. After 6 months, new pricing applies automatically.

Objection: You may terminate your account before the change effective date with no penalty.

12.2 Enterprise Tier Price Changes

Enterprise pricing is locked for the contract term (typically 12 months). Pricing cannot be changed mid-contract unless you request additional capacity or features. New pricing may apply at renewal.

13. Data Retention

13.1 Active Accounts

Data Type	Pro Tier	Enterprise Tier
Account metadata	Indefinite	Indefinite
Usage logs	90 days	7 years
Interaction metadata	90 days	7 years
Vault Store shares	Until termination	Until termination

13.2 Terminated Accounts

Tier	Grace Period	Deletion Timeline
Pro	30 days	All data deleted 90 days post-termination
Enterprise	30 days	Usage logs retained 7 years (compliance), other data deleted

Grace Period: You have 30 days post-termination to export data via the dashboard before deletion begins.

13.3 Data We Never Retain

Regardless of tier, we NEVER retain:

• Plaintext message content (Xail ACIs)
• Decrypted customer data (any ACI)
• Reconstructed secrets (XorIDA algorithm output)

13.4 Enterprise Compliance Retention

Extended retention is available for Enterprise customers (up to 10 years for audit logs, 7 years for compliance copies) per Enterprise Agreement with additional fees. Required for HIPAA, SOC 2, GDPR, and similar regulatory frameworks.

11.1 Disclaimer of Warranties

THE PRIVATE.ME SDK IS PROVIDED "AS IS," WITHOUT WARRANTIES OF ANY KIND, AND PRIVATE.ME EXPRESSLY DISCLAIMS ANY AND ALL REPRESENTATIONS OR WARRANTIES, EXPRESS, IMPLIED, STATUTORY, OR OTHERWISE, WITH RESPECT TO THE PRIVATE.ME SDK AND ALL ACIS, INCLUDING WITHOUT LIMITATION:

• Merchantability — private.me does not warrant ACIs are fit for any particular purpose
• Fitness for a Particular Purpose — Subscriber assumes all risk of suitability for Subscriber's use case
• Non-Infringement — private.me does not warrant ACIs do not infringe third-party IP rights (though private.me indemnifies Enterprise customers per custom agreements)
• Accuracy or Reliability — private.me does not warrant ACI outputs are error-free, accurate, or reliable
• Availability — private.me does not warrant uninterrupted or error-free operation

Some jurisdictions do not allow disclaimer of implied warranties, so the above may not apply to Subscriber.

11.2 Limitation of Liability

PRIVATE.ME'S TOTAL LIABILITY TO SUBSCRIBER FOR ALL CLAIMS ARISING FROM OR RELATING TO THIS AGREEMENT OR SUBSCRIBER'S USE OF ACIS SHALL NOT EXCEED:

Tier	Liability Cap
Pro Tier	The lesser of (a) fees paid in the 1 month immediately preceding the claim, or (b) $100
Enterprise Tier	As specified in Enterprise Agreement (default: 12 months of fees)

IN NO EVENT SHALL PRIVATE.ME BE LIABLE FOR:

• Indirect, incidental, special, consequential, or punitive damages
• Loss of profits, revenue, data, use, goodwill, or other intangible losses
• Damages arising from third-party claims against Subscriber
• Damages arising from unauthorized access to or alteration of Subscriber's data

THESE LIMITATIONS APPLY EVEN IF:

• private.me has been advised of the possibility of such damages
• A remedy fails of its essential purpose
• The damages were foreseeable

California Enforceability. This section complies with California Civil Code § 1668 (no exculpation for gross negligence) by NOT disclaiming liability for willful misconduct or gross negligence.

10.3 Conspicuousness Acknowledgment

By accepting this Agreement, Subscriber acknowledges that:

• Subscriber has read and understood this section (Disclaimer of Warranties and Limitation of Liability)
• Subscriber understands these provisions limit private.me's liability and disclaim warranties
• Subscriber had a reasonable opportunity to review this Agreement before accepting

14. Indemnification

You agree to indemnify, defend, and hold harmless Xail and its officers, directors, employees, and agents from any claims, liabilities, damages, losses, and expenses (including reasonable attorneys' fees) arising from your use of the Service, your violation of these Terms, or your violation of any applicable law or the rights of any third party.

16. Modifications to the Service

We reserve the right to modify, suspend, or discontinue any part of the Service at any time. We will provide reasonable notice for material changes. If we discontinue the Service entirely, we will provide at least 90 days' notice and guidance for exporting your local data.

17. Modifications to These Terms

We may update these Terms from time to time. Material changes will be communicated through in-app notification and by updating the "Last Updated" date. Your continued use of the Service after changes are posted constitutes acceptance. If you disagree with changes, your remedy is to stop using the Service.

15. Termination

Term

This Agreement commences upon the Effective Date and continues until terminated as set forth herein (the "Term").

Termination For Cause

Either Party may terminate this Agreement in the event that the other Party fails to cure a material breach hereof within seven (7) calendar days of receiving written notice thereof from the non-breaching Party (or immediately if the breach is not capable of being cured).

Termination For Insolvency

If either Party (i) files for bankruptcy; (ii) becomes or is declared insolvent, or is the subject of any bona fide proceedings related to its liquidation, administration, provisional liquidation, insolvency, or the appointment of a receiver or similar officer for it; (iii) passes a resolution for its voluntary liquidation; (iv) has a receiver or manager appointed over all or substantially all of its assets; (v) makes an assignment for the benefit of all or substantially all of its creditors; (vi) enters into an agreement or arrangement for the composition, extension, or readjustment of substantially all of its obligations or any class of such obligations; or (vii) experiences an event analogous to any of the foregoing in any jurisdiction in which any of its assets are situated, then the other Party may terminate this Agreement as of a date specified in a termination notice.

Termination For Convenience

Either Party may terminate this Agreement:

• Subscriber: At any time via account dashboard (effective immediately for Pro Tier, 90 days' notice for Enterprise Tier)
• private.me: With 90 days' written notice for any reason or no reason

Effect of Termination

Upon termination of this Agreement for any reason, the licenses granted herein shall automatically and immediately terminate, and Subscriber shall promptly (i) uninstall and permanently delete all copies (full and partial) of the private.me SDK (including the Software Components) from any and all computers, systems, and servers in Subscriber's possession or control; (ii) disable and remove the Permitted Functionality from the Authorized Applications; (iii) return to private.me or destroy all private.me Confidential Information, together with all copies, extracts, summaries, and portions thereof, that are in Subscriber's possession or control; and (iv) provide private.me with written certification regarding the foregoing requirements specified in (i) - (iii) hereof.

Data Retention Upon Termination

After termination:

Tier	Grace Period	Data Retention
Pro	30 days	All data deleted 90 days post-termination
Enterprise	30 days	Usage logs retained 7 years (compliance), other data deleted

Grace Period: Subscriber has 30 days to export data via dashboard before deletion begins.

Survival

The rights, obligations, and provisions set forth in the Restrictions, Compliance with Laws, Usage Audit, Commercial Use Boundary, Proprietary Rights, Confidentiality, Effect of Termination, Subscription and Fees, Disclaimer of Warranties, Indemnification, Limitation of Liability, Non-Compete, Governing Law, Dispute Resolution, and General Provisions sections will survive the termination of this Agreement to the maximum extent allowed by law.

18. Third-Party Services

Xail integrates with third-party services through their APIs:

• Email providers (Gmail, Outlook, Yahoo): Your email content is accessed directly from your device to these providers. Your use of those providers is governed by their own terms and privacy policies.
• AI service providers: Text chat and voice conversations with Ren and Kaia AI assistants are processed by third-party AI providers. Chat messages (not email content) are sent to these providers. Voice audio is streamed directly from your browser to the voice provider via WebRTC. Your use of these features is subject to the respective provider's terms and privacy policies.

Xail is not responsible for the practices, availability, or data handling of third-party services. By using AI assistant features, you acknowledge that your interactions are also subject to the respective provider's terms and policies.

19. Governing Law and Disputes

These Terms are governed by the laws of the State of California, United States, without regard to conflict of law principles. Any disputes arising from these Terms or the Service shall be resolved in the state or federal courts located in Los Angeles County, California. You consent to the personal jurisdiction of these courts.

For Enterprise customers, alternative dispute resolution mechanisms may be specified in the Enterprise Agreement.

20. General Provisions

• Entire Agreement: These Terms (together with the Privacy Policy and, if applicable, your Enterprise Agreement) constitute the entire agreement between you and Xail.
• Severability: If any provision of these Terms is found unenforceable, the remaining provisions remain in effect.
• Waiver: Failure to enforce any provision does not constitute a waiver of that provision.
• Assignment: You may not assign these Terms without our consent. We may assign these Terms in connection with a merger, acquisition, or sale of assets.
• Force Majeure: Xail is not liable for failure to perform due to causes beyond our reasonable control, including natural disasters, war, government actions, or internet outages.

21. Contact

For questions about these Terms, contact us at:

Xail
Email: contact@xail.io
Web: https://xail.io
Los Angeles, California, United States

These Terms of Service were last reviewed on March 2, 2026.