Terms of Service

Overview

These Terms form a binding legal agreement between you (the “Customer”, “Partner”, “you” or “your”) and GZ Systems Limited (the “Company”, “GZ Systems” “we,” “us” or “our”).

These Terms of Service (“Terms”, “Agreement”) govern your access to and use of GZ Systems Limited’s Password Manager Services, including any associated SDKs and related software (collectively, the “Services”).

Your use of the Services is expressly conditioned on your acceptance of and compliance with these Terms. By accessing or using the Services, you confirm that you have read, understood and agree to be bound by these Terms. If you do not agree with any provision of these Terms, you must immediately cease all use of the Services. If you are accepting these Terms on behalf of a company or other legal entity, you represent and warrant that you have authority to bind that entity.
Please note that these terms should be read in conjunction with our Privacy Policy provided at the following link: https://www.purewl.com/legal/password-manager-privacy-policy/
We may revise or modify these Terms and our Privacy Policy from time to time to comply with applicable laws, regulatory requirements, or our internal company policies, or to enhance the efficiency and quality of the Services.
For material changes that affect your rights or the provision of the Services, we will notify you at least 30 days before the effective date by sending an email to your registered address or by posting a prominent notice on our website. Non-material updates will become effective upon posting.
Your continued use of the Services after the effective date of any updated Terms or Privacy Policy constitutes your acceptance of those changes. If you do not agree with a material update, you may terminate your use of the Services prior to its effective date by following the termination procedures set out in these Terms.

Eligibility

You represent that you are at least the age of majority in your jurisdiction and have the legal capacity to enter into these Terms. If you are using the Services for or on behalf of an entity, “you/Customer” refers to that entity and its Authorized Users.

Important Notice

MASTER PASSWORD: WHEN YOU REGISTER FOR OUR PASSWORD MANAGER, YOU CREATE A MASTER PASSWORD KNOWN ONLY TO YOU. WE DO NOT STORE, HAVE ACCESS TO, OR WILL EVER REQUEST YOUR MASTER PASSWORD.

CONFIDENTIALITY: YOU AGREE NOT TO DISCLOSE YOUR MASTER PASSWORD TO ANY THIRD PARTY—INCLUDING ANY SUPPORT REPRESENTATIVE OF THE COMPANY. WE ARE NOT RESPONSIBLE FOR ANY UNAUTHORIZED ACCESS, MISUSE OR LOSS OF YOUR ACCOUNT INFORMATION OR VAULT CONTENTS RESULTING FROM YOUR FAILURE TO KEEP YOUR MASTER PASSWORD CONFIDENTIAL.

NO DATA RECOVERY: DUE TO END-TO-END ENCRYPTION, WE HAVE NO TECHNICAL ABILITY OR OBLIGATION TO RECOVER YOUR MASTER PASSWORD OR VAULT CONTENTS. IF YOU LOSE YOUR MASTER PASSWORD, YOUR VAULT AND ITS CONTENTS BECOME PERMANENTLY INACCESSIBLE.

Definitions

“Account” means the account registered by or for a Customer to access the Services.
“Affiliate” means any entity that directly or indirectly controls, is controlled by, or is under common control with a party.
“Authorized User” means an individual who Customer authorizes to access and use the Services under Customer’s Account.
“Confidential Information” means all non-public information disclosed by a party to the other party that is designated as confidential or that reasonably should be understood to be confidential given the nature of the information and the circumstances of disclosure.
“Customer Data” means data, content, and information submitted to or stored in the Services by or for Customer or Authorized Users, including any Personal Data, excluding Feedback and Company Materials.

“Data Protection Laws” means all applicable data protection, privacy, and security laws and regulations, including the GDPR, CCPA, UK GDPR, and any local equivalents.

“Documentation” means the user guides, FAQs, and technical documentation provided by the Company for the Services.
“End User Data” means Customer Data relating to an Authorized User.

“Export Controls” means all applicable export control, import, and economic sanctions laws and regulations, including those administered by the UK, EU, United States, and other relevant jurisdictions.

“Personal Data” has the meaning set out in applicable Data Protection Laws.
“Services” has the meaning given above and includes the Software.
“Software” means Company’s client software, extensions, mobile and desktop applications, SDKs, and any updates made available by Company.
“Sub-processor” means a third party engaged by the Company to process Customer Data in connection with the Services.
“Vault” means the encrypted data container(s) associated with an Account or Authorized User that stores login credentials and other secrets.

Services

License Grant. Subject to these Terms and timely payment of applicable fees, Company grants Customer a limited, non-exclusive, non-transferable, non-licensable, revocable license to access and use the Services and Software for Customer’s internal business purposes, in accordance with the Documentation.
Reservation of Rights. Except for the limited rights expressly granted, Company and its licensors own and retain all rights, title, and interest in and to the Services, Software, Documentation, and all related intellectual property. No other rights are granted by implication or otherwise.
Open Source. The Software may include open-source components governed by their own licenses. To the extent of any conflict, those licenses will govern the open-source components.

Account Security

User’s Responsibility. You are solely responsible for all activities that occur under your Account, whether or not authorized by you. You agree to accept full responsibility for safeguarding your Account credentials, including your password, and for restricting access to your computer and devices.
Password Security. To protect your Account, you must keep your password confidential. You are strongly advised not to reuse your Account password for any other service. 
Unauthorized Use. You must notify us immediately at [email protected] if you know or suspect any unauthorized use of your Account or any other breach of security. The Company is not liable for any loss you may incur as a result of someone else using your password or Account, either with or without your knowledge. The Company may suspend access if it suspects compromise or misuse.
The Customer acknowledges that loss of the Master Password will render Vault contents inaccessible and that Company cannot recover Customer’s Master Password or decrypt Vault contents.

Prohibited Uses

You will not, and will not permit any third party to: 
(a) reverse engineer, decompile, disassemble, or otherwise attempt to derive source code or underlying ideas or algorithms of the Services, except to the extent such restriction is prohibited by applicable law; 
(b) copy, modify, translate, or create derivative works of the Services or Documentation; 
(c) rent, lease, sell, resell, sublicense, assign, distribute, or otherwise commercially exploit the Services to or for the benefit of any third party (except for Authorized Users under your Account); 
(d) use the Services to store or transmit malicious code, or in a manner that interferes with or disrupts the integrity or performance of the Services; 
(e) access the Services for competitive benchmarking or to build a competitive product or service; 
(f) remove or obscure proprietary notices; 
(g) use the Services in violation of applicable laws, including privacy, intellectual property, and Export Controls; 
(h) attempt to circumvent any usage limits or security features; or 
(i) use the Services in high-risk activities where failure could lead to death or personal injury.
The Company reserves the right immediately to terminate your account for suspected violations.

SERVICE LEVELS AND SUPPORT

Availability. Unless otherwise agreed in a separate, signed service level agreement, the Services are provided uptime guarantees, credits, or service levels stated below. The Company may suspend or limit the Services for maintenance, security, legal compliance, or technical reasons at any time.

Support. The Company will provide standard technical support via [email protected] during 24 hours a day, 7 days a week (including weekends and public holidays), including for Customers accessing the Services through a whitelabel partner.

Security; Data Protection and Privacy

Security Measures. The Company uses appropriate technical and organizational measures designed to protect Customer Data, including end-to-end encryption for Vault contents and encryption in transit. The Company operates a “zero-knowledge” architecture for Vault contents and does not have access to Customer’s Master Password or Vault contents.  
The Company maintains an information security program aligned to applicable industry standards and legal requirements (including Article 32 GDPR/UK GDPR) and ISO/IEC 27001; SOC 2 Type II attestations/certifications (as applicable). Controls include access management, encryption (Vault contents are encrypted end-to-end; network transport uses modern TLS), secure development and change management, vulnerability management, logging/monitoring, incident response, business continuity/disaster recovery, and vendor risk management. The Company engages independent third parties for security testing at least annually. 
Data Processing. To the extent that the Company processes Personal Data on behalf of Customer, the parties agree to the data processing terms incorporated in our Data Processing Addendum (“DPA”), which are incorporated by reference. Where applicable, the DPA includes the UK and EU Standard Contractual Clauses for international transfers.
Subprocessors. The Company may use Subprocessors to provide the Services. A current list of Subprocessors is mentioned in our Privacy Policy. The  Company may update Subprocessors at any time. Any Sub-processor employed or added by the Company shall be subject to confidentiality obligations and data protection commitments no less protective than those set forth under these Terms under a binding written agreement with the Company.
The Company will provide prior reasonable notice of any material changes with regard to the addition or removal of any Subprocessors to the Partner (e.g., by email or posting publicly). The Customer’s sole remedy for objection to a Sub-processor shall be to cease use of the affected Services.
No Sub-processor will be given access to Master Passwords or to decrypted vault contents.
Data Residency/Transfers. Customer Data may be processed in any jurisdiction where Company or its Subprocessors operate, subject to the DPA and applicable Data Protection Laws. Please refer to our Privacy Policy regarding International transfers on https://www.purewl.com/legal/password-manager-privacy-policy/

Payment Terms

Our Payment terms are stated in our Master Services Agreement with our Partner and governed by the terms and conditions stated in the Master Services Agreement.

Term

These Terms will become effective upon the date the Terms are accepted by the Partner and will remain valid until the end of the term as per the terms and conditions stated in our Agreement. 

Suspension and Termination

Suspension and Termination by Us. We may suspend or terminate your Account and access to the Services under the following circumstances:

(a) Payment Failure. We are unable to successfully charge the payment method.
(b) Prohibited Uses. You breach any provision of the “Prohibited Uses” section of these Terms.
(c) Legal Violations. You violate any applicable laws or regulations.
(d) Legal Requirement. We are required to do so by a law, court order, or other competent authority. This includes situations where providing the Services becomes unlawful in your country of residence.
(e) Risk or Harm. We reasonably determine that your use creates a security risk, reputational risk, or may cause harm to the Services, us, or any third party.
Immediate Suspension or Termination. We may suspend or terminate your Account and Services without prior notice if:
(a) Material Breach. You commit a material breach of these Terms, particularly the “Prohibited Uses” section.
(b) Invalid Contact Information. We are unable to send you a notice because you have not provided valid or updated contact details.
(c) Legal Prohibition. We are prohibited from notifying you by law or at the direction of a competent authority.
Effect of Termination:
(a) Loss of Access. Upon suspension or termination, The Customer will not be entitled to access to the Services and will be disabled, and your license to use the Software will immediately end. You must cease all use of the Services and delete all copies of the Software from your devices.
(b) Data Export. Prior to termination (where feasible), you may export certain Customer Data using available export features. Company has no obligation to maintain or provide Customer Data after termination, subject to law and the DPA. The Company may permanently delete data after termination or as required by law or our data retention policies. The The Company has no liability for deletion of data following termination.
Survival. The following sections survive termination or expiration: Proprietary Rights; Feedback; Confidentiality; Security; Data Protection and Privacy; Limited Warranty; Disclaimer; Limitation of Liability; Indemnification; Export Controls; Audit Rights/Compliance; Governing Law, Dispute Resolution and Arbitration; Notices; Survival; and any payment obligations accrued prior to termination.

Proprietary Rights

Ownership: The Company and its licensors retain all rights, title, and interest in and to the Services, the Software, the Documentation, and all related intellectual property, including all modifications, enhancements, updates, configurations, and derivative works. The Customer acquires no ownership rights in the Services, the Software, or the Documentation, and no rights or licenses are granted to the Customer except as expressly stated in these Terms. By accessing and using the Services, the Customer acknowledges that all intellectual property rights in the Services, the Software, and the Documentation are owned by the Company or its licensors.
License to Use Services: Subject to these Terms, the Customer is granted a limited, non-exclusive, non-transferable, non-sublicensable, revocable license to use the Services, the Software, and the Documentation during the Subscription Term for the Customer’s internal business purposes only. The Customer may make a reasonable number of copies of the Documentation for internal use. The Company may modify, disable, or remove features, including features determined by the Company to be deprecated, insecure, or non-compliant with applicable law or Company policies.
Feedback: The Customer agrees that any suggestions, ideas, or other feedback regarding the Services or the Software (“Feedback”) are provided voluntarily and without compensation, and that the Company has no obligation to use or keep Feedback confidential. The Customer hereby assigns to the Company all right, title, and interest in and to Feedback and waives any moral rights therein, and the Company may use, disclose, reproduce, license, distribute, and otherwise exploit Feedback without restriction or obligation.

Confidentiality

Each Party undertakes that it will not any time during this Term, and for a period of five (5) years after termination of these Terms disclose to any person any confidential information concerning the business, affairs, customers, clients or suppliers of the other Party, except as permitted by the clause stated below:
Each Party may disclose the other Party’s confidential information:

(a)to its employees, officers, representatives, contractors, subcontractors or advisers who need to know such information for the purposes of exercising the Party’s rights or carrying out its obligations under or in connection with this Agreement. Each Party will ensure that its employees, officers, representatives, contractors, subcontractors or advisers to whom it discloses the other Party’s confidential information comply with this clause; and
(b) as may be required by law, a court of competent jurisdiction or any governmental or regulatory authority.

No Party will use any other Party’s confidential information for any purpose other than to exercise its rights and perform its obligations under or in connection with these Terms. If compelled to disclose, the receiving party will (where lawful) give prompt notice to allow the disclosing party to seek a protective order.

Limited Warranty

The Company warrants that: (i) the Services, as provided and controlled by the Company, will materially conform to the Documentation; and (ii) the Software made available by the Company at the time of delivery will not contain intentionally harmful code

Remedies: Customer’s exclusive remedy for a breach of the foregoing warranties will be, at the Company’s option, repair or replacement of the non‑conforming Services, or if the Company does not cure within a reasonable time after written notice, a prorated refund of prepaid fees for the affected Services from the date the Customer provides notice of non‑conformity through the end of the then‑current Subscription Term.

Exclusions: The warranties above do not apply to: (i) misuse, negligence, or use not in accordance with the Documentation; (ii) configurations, code, branding, integrations, or content provided by or implemented at the direction of any Partner or the Customer (including white‑label themes, SDKs, APIs, or third‑party plug‑ins); (iii) unauthorized modifications; (iv) third‑party systems, non‑Company services, or internet connectivity; (v) beta, trial, evaluation, or preview features; or (vi) factors outside the Company’s reasonable control.

DISCLAIMER

EXCEPT FOR THE LIMITED WARRANTIES EXPRESSLY SET OUT ABOVE, THE SERVICES (INCLUDING ANY WHITE‑LABEL, CO‑BRANDED, OR PARTNER‑BRANDED IMPLEMENTATIONS) ARE PROVIDED TO THE CUSTOMER “AS IS” AND “AS AVAILABLE,” WITH ALL FAULTS AND DEFECTS, WITHOUT WARRANTY OF ANY KIND. TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, THE COMPANY, ON ITS OWN BEHALF AND ON BEHALF OF ITS AFFILIATES AND THEIR RESPECTIVE LICENSORS AND SERVICE PROVIDERS, DISCLAIMS ALL WARRANTIES, WHETHER EXPRESS, IMPLIED, STATUTORY, OR OTHERWISE, REGARDING THE SERVICES, INCLUDING IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE, AND NON‑INFRINGEMENT, AND ANY WARRANTIES ARISING OUT OF COURSE OF DEALING, COURSE OF PERFORMANCE, USAGE, OR TRADE PRACTICE.

WITHOUT LIMITING THE FOREGOING, THE COMPANY DOES NOT MAKE ANY REPRESENTATION OR WARRANTY THAT: (I) THE OPERATION OR AVAILABILITY OF THE SERVICES, OR THE INFORMATION, CONTENT, MATERIALS, OR PRODUCTS INCLUDED IN THE SERVICES WILL BE UNINTERRUPTED OR ERROR‑FREE; (II) ANY INFORMATION OR CONTENT PROVIDED THROUGH THE SERVICES WILL BE ACCURATE, RELIABLE, OR CURRENT; OR (III) THE SERVICES, THEIR SERVERS, THE CONTENT, OR E‑MAILS SENT FROM OR ON BEHALF OF THE COMPANY ARE FREE OF VIRUSES, SCRIPTS, TROJAN HORSES, WORMS, MALWARE, TIME BOMBS, OR OTHER HARMFUL COMPONENTS. SOME JURISDICTIONS DO NOT ALLOW CERTAIN DISCLAIMERS; TO THE EXTENT REQUIRED BY LAW, THIS SECTION APPLIES ONLY TO THE MAXIMUM EXTENT PERMITTED.

Limitation Of Liability

TO THE FULLEST EXTENT PERMITTED BY LAW GZ SYSTEMS AND ITS AFFILIATES, SUPPLIERS, RESELLERS AND DISTRIBUTORS WILL NOT BE LIABLE UNDER THESE TERMS FOR (A) INDIRECT, SPECIAL, INCIDENTAL, CONSEQUENTIAL, EXEMPLARY, OR PUNITIVE DAMAGES, WHETHER ARISING IN CONTRACT OR IN TORT (INCLUDING BUT NOT LIMITED TO NEGLIGENCE); OR (B) LOSS OF USE, DATA, BUSINESS, REVENUES, OR PROFITS (IN EACH CASE WHETHER DIRECT OR INDIRECT), EVEN IF THE PARTY KNEW OR SHOULD HAVE KNOWN THAT SUCH DAMAGES WERE POSSIBLE AND EVEN IF A REMEDY FAILS OF ITS ESSENTIAL PURPOSE. THE AGGREGATE AND CUMULATIVE LIABILITY FOR DAMAGES HEREUNDER WILL IN NO EVENT EXCEED THE AMOUNT OF FEES PAID BY CUSTOMER TO GZ SYSTEMS UNDER THESE TERMS DURING THE PRECEDING THREE MONTH PERIOD.

Indemnification

By Customer. Customer will indemnify, defend, and hold GZ Systems harmless from and against all liabilities, damages, and costs (including settlement costs and reasonable attorneys’ fees) arising out of any claim, judgment or proceeding against GZ Systems and its affiliates resulting from or related to Customer’s or Customer’s end users’ use of Services in violation of these Terms or applicable law, or including Customer Data that infringes or misappropriates third-party rights, Customer’s breach of Export Controls, or Customer’s use of the Services in high-risk activities.

By GZ Systems. GZ Systems will indemnify and hold Customer harmless from and against all liabilities, damages and costs arising out of any claim, judgment or proceeding against Customer and its affiliates resulting from or related to an allegation that GZ Systems’ technology used to provide Services to Customer infringes or misappropriates any copyright, trade secret, patent, or trademark right of a third party. In no event will GZ Systems have any obligations or liability under this section arising from the use of any Services in a modified form or in combination with materials or services not furnished by GZ Systems. GZ Systems liabilities, damages and costs under this provision are limited to the same amount as set forth in the section “Limitation of liability”. 

THE INDEMNITIES ABOVE ARE THE CUSTOMER’S ONLY REMEDY UNDER THESE TERMS FOR VIOLATION BY GZ SYSTEMS OF A THIRD PARTY’S INTELLECTUAL PROPERTY RIGHTS.

Audit Rights / Compliance

The Company will maintain an information security program appropriate to the nature and sensitivity of Customer Data and the Services, including at least annual internal assessments, independent third-party audits or certifications/attestations aligned with recognized standards (e.g., ISO/IEC 27001, SOC 2 Type II), and periodic penetration testing by qualified providers.

Consistent with Company’s zero-knowledge design, no audit or test will access or decrypt Master Passwords, Vault contents, or other decrypted Customer Data and Customer (and any auditor acting on its behalf) will not request or require such access.

Upon reasonable notice and no more than once per year, the Customer may request documentation demonstrating Company’s compliance with the security measures described in these Terms. Such documentation will be provided in summary form and will not include access to Company’s systems or detailed security procedures, and will be provided subject to reasonable confidentiality obligations.

For the avoidance of doubt, this section creates no warranty beyond those expressly set out in these Terms.

General Terms

Force Majeure: Neither Party will be in breach of this Agreement nor liable for delay in performing, or failure to perform, any of its obligations under this Agreement if such delay or failure results from events, circumstances or causes beyond its reasonable control. In such circumstances the affected Party will be entitled to a reasonable extension of the time for performing such obligations. If the period of delay or non-performance continues for 30 days, the Party not affected may terminate this Agreement by giving  15 days’ written notice to the affected Party. The Company may suspend the Services during a force majeure event.

Assignment: Neither party will assign these Terms or any right or interest under these Terms, nor delegate any obligation to be performed under these Terms, without the other party’s prior written consent. GZ Systems may assign its rights and obligations under these Terms to a selected third party without Customer’s consent in case of corporate reorganization, merger, acquisitions, sale or transfer of all, substantially all or part of its assets any Affiliate or in connection with a merger, reorganization, sale of stock or assets, financing, or similar transaction without Customer’s consent. Any change of control of Customer will be deemed an assignment requiring Company’s prior written consent. Any prohibited assignment is void.

Export Control: The Customer represents that it is not located in, organized under the laws of, or ordinarily resident in any country or territory subject to comprehensive sanctions, and is not a denied/blocked party. The Customer will not use, export, re-export, or transfer the Services in violation of Export Controls or to prohibited destinations or parties. The Company may suspend or terminate access if required by Export Controls or sanctions and has no liability arising from such actions.

Notices: Any notice given to a Party under or in connection with this Agreement will be in writing and will be served by personal delivery, by e-mail or by world-recognized courier delivery on the addresses mentioned above. Notices to Customer may also be sent to the applicable account email address and are deemed given when sent. Notices to GZ Systems in any case must also be sent to [email protected] and are deemed given the next business day from such notification. The customer’s notice address is the contact information in its Account. Either party may update its notice details by written notice.

Dispute Resolution and Arbitration: The Parties will endeavor in good faith to resolve any dispute, claim, controversy, or disagreement relating to or arising out of these Terms, or the subject matter of these Terms (” Dispute”). By accepting these Terms and/or using the Services you irrevocably agree that all disputes arising out of or relating to this Agreement or the use of the Services will be referred to and finally resolved by arbitration under the LCIA Rules, which Rules are deemed to be incorporated by reference into this clause. The number of arbitrators will be one (1). The seat, or legal place, of arbitration will be London, England. The language to be used in the arbitral proceedings will  be English. The governing law of the contract will be the substantive laws of England and Wales.

Class Action Waiver: The Parties agree to the fullest extent allowed by law, that no claims under any circumstances will be initiated or be pursued in the form of class action.

Courts and Jurisdiction: Subject to the arbitration clause above, this Agreement and any non‑contractual obligations arising out of or in connection with it are governed by the laws of England and Wales. For the limited purposes of (a) seeking interim, conservatory, or injunctive relief in support of arbitration, or (b) enforcing or challenging an arbitral award to the extent permitted by the law of the seat, the parties submit to the exclusive jurisdiction of the courts of England and Wales.

Waiver: The failure by either party to exercise or the delay in exercising any right or remedy provided by these Terms or by applicable law will not constitute or be construed as a waiver of that right or remedy, a waiver of any other right or remedy or in any way affect the validity of these Terms.

Severability: If any provision of these Terms is found to be unenforceable or invalid, that provision will be limited or eliminated to the minimum extent necessary so that the Terms will otherwise remain in full force and effect and enforceable.

Entire Agreement: These Terms constitute the entire Agreement between the Parties and supersedes and extinguishes all previous Agreements, promises, assurances, warranties, representations and understandings between them, whether written or oral, relating to its subject matter.

Changes: Company may modify the Services and these Terms as described above. Continued use after the effective date of a change constitutes acceptance.