Terms of Service

Last updated: January 26, 2026

Important: These Terms of Service constitute a legally binding agreement. By accessing or using H33 services, you agree to be bound by these terms. Please read them carefully before using our services.

These Terms of Service ("Terms" or "Agreement") govern your access to and use of the website, APIs, software, and services (collectively, the "Services") provided by H33, Inc., a Delaware corporation ("H33," "we," "us," or "our"). By accessing or using our Services, you ("Customer," "you," or "your") agree to be bound by these Terms.

1. Acceptance of Terms

By creating an account, accessing, or using our Services, you acknowledge that you have read, understood, and agree to be bound by these Terms, our Privacy Policy, and our Cookie Policy. If you do not agree, you may not use our Services.

If you are using the Services on behalf of an organization, you represent and warrant that you have the authority to bind that organization to these Terms, and "you" and "your" shall refer to both you individually and such organization.

2. Description of Services

H33 provides advanced cryptographic authentication and privacy-preserving computation services through our API platform. Our Services include, but are not limited to:

2.1 Post-Quantum Cryptography Services

Quantum-Resistant Digital Signatures: CRYSTALS-Dilithium (FIPS 204), FALCON, and SPHINCS+ signature schemes
Key Encapsulation: CRYSTALS-Kyber (FIPS 203) for quantum-safe key exchange
Hybrid Cryptography: Combined classical and post-quantum algorithms for transition security
Certificate Management: Quantum-resistant PKI and certificate issuance

2.2 Fully Homomorphic Encryption (FHE) Services

BFV Encryption: Integer arithmetic on encrypted data
CKKS Encryption: Approximate arithmetic for floating-point encrypted computation
TFHE: Boolean circuit evaluation on encrypted data
Encrypted Computation: Addition, multiplication, comparison, and Euclidean distance operations on ciphertext
Privacy-Preserving Analytics: Statistical computations without data exposure

2.3 Zero-Knowledge Proof Services

Groth16 (KZG): Succinct proofs with trusted setup
PLONK (IPA): Universal proofs without trusted setup
STARKs (FRI): Post-quantum secure, transparent proofs
Proof Generation and Verification: Age verification, credential attestation, location proofs, and custom circuits
Recursive Proofs: Proof composition and aggregation

2.4 Biometric Authentication Services

Face Recognition: Privacy-preserving facial verification using FHE-encrypted templates
Fingerprint Verification: Encrypted minutiae matching
Voice Authentication: Voiceprint verification with encrypted processing
Liveness Detection: Anti-spoofing measures including 3D depth analysis, motion detection, and challenge-response
Multimodal Fusion: Combined biometric factors for enhanced security

2.5 Identity and Compliance Services

KYC Verification: Know Your Customer identity verification with privacy preservation
AML Screening: Anti-Money Laundering watchlist and sanctions screening
Document Verification: ID document authentication and data extraction
Age Verification: Zero-knowledge age proofs without revealing birth date
Credential Attestation: Verifiable credentials and attestations

2.6 Blockchain Identity Services

Decentralized Identifiers (DIDs): W3C-compliant DID creation and resolution
Soulbound Tokens: Non-transferable identity tokens on Solana
On-Chain Attestations: Immutable identity records with ZK-compressed logging
Verifiable Credentials: W3C Verifiable Credentials issuance and verification
Cross-Chain Identity: Identity portability across blockchain networks

3. Account Registration and Security

3.1 Eligibility

To use our Services, you must:

Be at least 18 years old or the age of legal majority in your jurisdiction
Have the legal capacity to enter into binding contracts
Not be prohibited from using the Services under applicable laws
Not be located in, or a national or resident of, any country subject to U.S. trade sanctions

3.2 Account Responsibilities

You agree to:

Provide accurate, current, and complete registration information
Maintain and promptly update your account information
Maintain the confidentiality and security of your account credentials
Immediately notify us of any unauthorized access or security breach
Accept responsibility for all activities that occur under your account
Not share account access with unauthorized third parties

3.3 API Key Security

Your API keys are confidential credentials. You must:

Keep API keys secure and treat them as sensitive secrets
Never embed API keys in client-side code, mobile applications, or public repositories
Use environment variables or secure secret management systems
Implement key rotation policies and rotate keys immediately if compromise is suspected
Use separate API keys for development, staging, and production environments
Monitor API key usage for anomalies

4. Acceptable Use Policy

4.1 Permitted Uses

You may use our Services for lawful purposes in accordance with these Terms, including:

Integrating authentication into your applications
Implementing privacy-preserving identity verification
Processing encrypted data for legitimate business purposes
Building compliant identity and authentication systems

4.2 Prohibited Uses

You agree NOT to use our Services to:

Violate any applicable laws, regulations, or third-party rights
Process biometric data without appropriate consent and legal basis
Conduct mass surveillance or tracking without proper authorization
Discriminate against individuals based on biometric or identity characteristics
Circumvent security measures or access controls
Reverse engineer, decompile, or attempt to extract source code
Interfere with or disrupt the Services or related infrastructure
Transmit malware, viruses, or harmful code
Use the Services for any illegal, fraudulent, or deceptive purposes
Resell, sublicense, or redistribute the Services without authorization
Use automated means to access the Services beyond normal API usage
Attempt to circumvent rate limits or usage restrictions
Store or process data in violation of data protection laws

4.3 Biometric Data Requirements

When using our biometric authentication services, you must:

Obtain explicit, informed consent from individuals before collecting biometric data
Comply with all applicable biometric privacy laws (including BIPA, GDPR, CCPA)
Provide clear notice about how biometric data will be used
Implement appropriate data retention and deletion policies
Not use biometric data for purposes beyond those consented to
Maintain records of consent as required by law

Important: H33's zero-knowledge architecture means we do not receive or store raw biometric templates. However, you remain responsible for your own collection, processing, and storage of biometric data before it is processed through our APIs.

5. Credit System and Pricing

5.1 Credit-Based Pricing

Our Services operate on a credit-based system. Each API operation consumes credits based on:

The type of operation (authentication, encryption, proof generation, etc.)
The security level or mode selected (Turbo, Standard, Precision)
Computational complexity of the request

5.2 Credit Purchases and Usage

Credits may be purchased through our platform or via enterprise agreements
Free tier credits are provided for evaluation purposes and are non-transferable
Purchased credits do not expire unless otherwise specified
Credits are non-refundable except as required by law
Usage is metered and tracked in real-time through your dashboard

5.3 Pricing Changes

We may modify our pricing with 30 days' advance notice to your registered email address. Price changes will not affect previously purchased credits.

5.4 Payment Terms

All fees are stated and payable in U.S. dollars unless otherwise agreed
Pay-as-you-go customers are billed monthly based on credit usage
Enterprise customers are billed according to their contract terms
Payment processing is handled by Stripe; their terms apply to payment transactions
Past-due amounts may accrue interest at 1.5% per month or the maximum legal rate

5.5 Taxes

All fees are exclusive of taxes. You are responsible for paying all applicable taxes, including sales tax, VAT, GST, and withholding taxes. If we are required to collect taxes, they will be added to your invoice.

6. Service Levels and Support

6.1 Availability

We target 99.9% uptime for our API services, measured monthly. This excludes:

Scheduled maintenance (announced 72 hours in advance when possible)
Emergency maintenance for security issues
Force majeure events
Issues caused by your systems or third parties

6.2 Support

Community Tier: Documentation and community forum access
Developer Tier: Email support with 48-hour response time
Enterprise Tier: Dedicated support, custom SLAs, and priority response

6.3 Maintenance

We may perform maintenance that temporarily affects service availability. We will provide reasonable advance notice for scheduled maintenance and endeavor to minimize disruption.

7. Intellectual Property

7.1 H33's Intellectual Property

H33 retains all rights, title, and interest in and to:

The Services, including all software, APIs, algorithms, and infrastructure
All patents, patent applications, and patent-pending technologies
Trademarks, service marks, logos, and trade dress
Copyrights in documentation, content, and materials
Trade secrets and proprietary information
All improvements, modifications, and derivative works

These Terms do not grant you any rights to use H33's trademarks, logos, or branding without prior written consent.

7.2 Patent Notice

Certain aspects of our Services may be covered by patents or patent-pending applications. The grant of a license to use our Services does not include any license to our patents for uses outside the Services.

7.3 Your Intellectual Property

You retain all rights to your data, content, and applications. By using our Services, you grant H33 a limited, non-exclusive license to process your data solely as necessary to provide the Services.

7.4 Feedback

If you provide feedback, suggestions, or ideas about our Services, you grant us a perpetual, irrevocable, royalty-free license to use such feedback without obligation to you.

8. Data Protection and Processing

8.1 Data Processing

When you use our Services to process personal data, you act as the data controller and H33 acts as the data processor. Our data handling practices are described in our Privacy Policy.

8.2 Data Processing Agreement

For customers subject to GDPR or similar regulations, we offer Data Processing Agreements (DPAs) upon request. Enterprise customers may negotiate custom data processing terms.

8.3 Data Location

Unless otherwise specified, data is processed in the United States. Enterprise customers may request specific data residency options where available.

8.4 Security Measures

We implement appropriate technical and organizational security measures, including:

Post-quantum encryption for data in transit (TLS 1.3 with Kyber)
AES-256 encryption for data at rest
Zero-knowledge architecture for sensitive data processing
Regular security audits and penetration testing
SOC 2 Type II certified infrastructure
Access controls and audit logging

9. Confidentiality

9.1 Confidential Information

Both parties agree to maintain the confidentiality of non-public information disclosed during the use of Services, including:

API keys, credentials, and authentication tokens
Technical documentation marked as confidential
Pricing arrangements and commercial terms
Business strategies and roadmaps
Security configurations and audit results

9.2 Exceptions

Confidentiality obligations do not apply to information that:

Is or becomes publicly available through no fault of the receiving party
Was known to the receiving party prior to disclosure
Is independently developed without use of confidential information
Is disclosed pursuant to legal requirement (with notice where permitted)

10. Export Controls and Compliance

10.1 Export Restrictions

The Services include cryptographic technology subject to U.S. export control laws, including the Export Administration Regulations (EAR). You agree to:

Comply with all applicable export and import laws
Not export or re-export the Services to prohibited countries, entities, or individuals
Not use the Services for prohibited end-uses (nuclear, chemical, biological weapons, etc.)
Provide information and assistance for export compliance as reasonably requested

10.2 Sanctions Compliance

You represent that you are not located in, under the control of, or a national or resident of any country subject to U.S. sanctions, and are not on any U.S. government restricted party list.

11. Warranties and Disclaimers

11.1 Our Warranties

H33 warrants that:

The Services will perform substantially as described in our documentation
We have the right to provide the Services
We will use commercially reasonable security measures
The Services will comply with applicable laws in material respects

11.2 Disclaimer of Warranties

EXCEPT AS EXPRESSLY PROVIDED IN THESE TERMS, THE SERVICES ARE PROVIDED "AS IS" AND "AS AVAILABLE" WITHOUT WARRANTIES OF ANY KIND, WHETHER EXPRESS, IMPLIED, STATUTORY, OR OTHERWISE. TO THE MAXIMUM EXTENT PERMITTED BY LAW, H33 DISCLAIMS ALL IMPLIED WARRANTIES, INCLUDING WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT, AND ANY WARRANTIES ARISING FROM COURSE OF DEALING OR USAGE OF TRADE.

11.3 No Guarantee of Results

We do not guarantee that the Services will meet your specific requirements, achieve particular results, or be error-free. Cryptographic security depends on proper implementation and usage.

12. Limitation of Liability

12.1 Exclusion of Damages

TO THE MAXIMUM EXTENT PERMITTED BY LAW, NEITHER PARTY SHALL BE LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, PUNITIVE, OR EXEMPLARY DAMAGES, INCLUDING DAMAGES FOR LOSS OF PROFITS, GOODWILL, DATA, OR OTHER INTANGIBLE LOSSES, REGARDLESS OF WHETHER SUCH DAMAGES WERE FORESEEABLE OR WHETHER A PARTY WAS ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

12.2 Liability Cap

TO THE MAXIMUM EXTENT PERMITTED BY LAW, H33'S TOTAL AGGREGATE LIABILITY ARISING OUT OF OR RELATED TO THESE TERMS SHALL NOT EXCEED THE GREATER OF: (A) THE AMOUNTS PAID BY YOU TO H33 IN THE TWELVE (12) MONTHS PRECEDING THE CLAIM, OR (B) ONE HUNDRED U.S. DOLLARS ($100).

12.3 Exceptions

The limitations in this section do not apply to: (a) breaches of confidentiality obligations; (b) indemnification obligations; (c) gross negligence or willful misconduct; or (d) liability that cannot be limited by law.

13. Indemnification

13.1 Your Indemnification

You agree to indemnify, defend, and hold harmless H33 and its officers, directors, employees, agents, and successors from and against any claims, damages, losses, liabilities, costs, and expenses (including reasonable attorneys' fees) arising from:

Your use of the Services
Your violation of these Terms
Your violation of any applicable law or third-party rights
Your collection, processing, or storage of data (including biometric data)
Your applications, products, or services that use the Services
Any claims by your end users

13.2 Indemnification Procedure

H33 will provide prompt notice of any claim and reasonable cooperation. You shall have control of the defense, provided that you may not settle any claim that admits liability or imposes obligations on H33 without our prior written consent.

14. Term and Termination

14.1 Term

These Terms become effective when you first access or use the Services and continue until terminated.

14.2 Termination by You

You may terminate your account at any time by:

Using the account closure feature in your dashboard
Contacting support at support@h33.ai

14.3 Termination by H33

We may suspend or terminate your access immediately if you:

Breach these Terms
Fail to pay fees when due
Engage in activity that poses a security risk or legal liability
Become subject to sanctions or export restrictions
Become insolvent or enter bankruptcy proceedings

We may also terminate for convenience with 30 days' written notice.

14.4 Effect of Termination

Upon termination:

Your right to access and use the Services immediately ceases
All API keys and credentials are invalidated
Unused credits are forfeited (except where prohibited by law)
You may request data export within 30 days of termination
We may delete your data after 30 days
All provisions that should survive termination will survive (including confidentiality, IP, limitation of liability, indemnification, and dispute resolution)

15. Modifications to Terms

We may modify these Terms from time to time. We will provide notice of material changes by:

Posting the updated Terms on our website
Updating the "Last updated" date
Sending email notice to your registered address for material changes

Material changes will take effect 30 days after notice. Your continued use of the Services after changes take effect constitutes acceptance of the modified Terms. If you do not agree to the changes, you must stop using the Services.

16. Dispute Resolution

16.1 Governing Law

These Terms are governed by the laws of the State of Delaware, USA, without regard to conflict of law principles.

16.2 Arbitration

Any dispute arising out of or relating to these Terms shall be resolved by binding arbitration administered by the American Arbitration Association under its Commercial Arbitration Rules. The arbitration shall be conducted in Wilmington, Delaware, by a single arbitrator. The arbitrator's decision shall be final and binding.

16.3 Exceptions

Either party may seek injunctive or other equitable relief in any court of competent jurisdiction to protect its intellectual property rights or confidential information.

16.4 Class Action Waiver

You agree to resolve disputes with H33 on an individual basis and waive any right to participate in class actions, class arbitrations, or representative actions.

17. General Provisions

Entire Agreement: These Terms, together with the Privacy Policy and any order forms, constitute the entire agreement between you and H33 regarding the Services and supersede all prior agreements.
Waiver: Failure to enforce any provision is not a waiver of that provision or any other provision.
Severability: If any provision is found unenforceable, the remaining provisions remain in full force and effect.
Assignment: You may not assign these Terms without our prior written consent. We may assign freely in connection with a merger, acquisition, or sale of assets.
Force Majeure: Neither party is liable for delays or failures due to circumstances beyond reasonable control, including natural disasters, war, terrorism, strikes, or government actions.
Notices: Notices to H33 must be sent to legal@h33.ai. Notices to you will be sent to your registered email address.
Independent Contractors: The parties are independent contractors. Nothing creates a partnership, joint venture, or agency relationship.
Third-Party Beneficiaries: There are no third-party beneficiaries to these Terms.

18. Contact Information

For questions about these Terms, please contact us:

H33, Inc.
Legal Department
Email: legal@h33.ai
Website: https://h33.ai

For support inquiries: support@h33.ai