Terms of Service

These Terms of Service ("Terms") govern the use of the Scrubbe Incident Management System ("Service") and all accompanying software and policies as outlined in the Order Form. These Terms constitute a legally binding agreement between Scrubbe and you (“Customer," "you").

▲ 1.1 Scope of Agreement

By creating an account, accessing, or using the Service, you agree to be bound by these Terms. If you are accepting these Terms on behalf of a company, organization, or other legal entity, you represent and warrant that you have the authority to bind that entity to these Terms.

▲ 1.2 Modifications

Scrubbe reserves the right to modify these Terms as outlined in Section 19. Your continued use of the Service after any changes indicates your acceptance of the updated Terms.

• Customer Data: All data, content, and information submitted, uploaded, or generated in connection with your Service, including but not limited to incidents, logs, reports, and integrations.
• User: An individual authorized by the Customer to access and use the Service under the Customer's account.
• Order Form: A written or electronic document, including proposals or online checkout forms, specifying the subscription plan, fees, and additional terms applicable to the Customer's use of the Service.
• Subprocessors: Third-party vendors or service providers engaged by Scrubbe to process Customer Data or support the Service.
• SLA: Service Level Agreement, detailing uptime and support commitments, available exclusively to Enterprise plan subscribers.

Scrubbe IMS is a Software-as-a-Service (SaaS) platform designed to enhance incident management and operational excellence. The Service includes, but is not limited to:

• Real-time incident detection, logging, and response workflows;
• Seamless integrations with third-party systems, including GitHub, GitLab, AWS, Azure, and Slack;
• Comprehensive SLA tracking, advanced analytics, and postmortem reporting;
• API access, subject to fair use policies as outlined in the Order Form.

▲ 3.1 Service Availability

The Service is accessible via the Internet at incidents.scrubbe.com. Availability is subject to planned maintenance windows and force majeure events.

▲ 3.2 Modifications

Service descriptions, usage limits, and restrictions are detailed on our Pricing Page and in applicable Order Forms. Exceeding these limits may incur additional fees.

Customers are responsible for managing access to the Service and ensuring compliance with these Terms by all Users.

• Customer is responsible for all actions taken by its Users and must ensure only authorized individuals access the Service.
• Customer must configure role-based access controls (e.g., admin, analyst, engineer) to align with organizational needs.
• User sessions expire after an idle timeout period (default: 5 minutes, configurable in account settings).
• Customer is responsible for securing account credentials, Single Sign-On (SSO), and Multi-Factor Authentication (MFA).

▲ 4.1 Account Security

Customers must implement strong passwords and enable MFA where available. Scrubbe is not liable for damages or losses resulting from Customer's failure to secure credentials.

Fees for the Service are based on the Customer's selected subscription plan (Starter, Growth, Pro, or Enterprise).

• Payments are processed securely via Stripe or other approved payment processors.
• Fees are payable monthly or annually in advance and are non-refundable except as required by applicable law.
• Overages (e.g., exceeding user limits, data storage, or API call thresholds) will be billed in arrears as per the Order Form.
• Late payments (past 30 days) may result in Service suspension until payment is received.

▲ 5.1 Billing Disputes

Customer must notify Scrubbe of any billing disputes within 30 days of receiving an invoice. Disputes should be sent to support@scrubbe.com.

Fees for the Service are based on the Customer's selected subscription plan (Starter, Growth, Pro, or Enterprise).

• Ownership: Customer retains all rights, title, and interest in Customer Data, including intellectual property rights.
• Licence to Scrubbe: Customer grants Scrubbe a worldwide, non-exclusive, limited license to host, process, transmit, and display Customer Data solely to provide and maintain the Service.
• Responsibility: Customer warrants that it has the lawful right to submit Customer Data and will not upload regulated data (e.g., PCI, HIPAA, PHI) unless explicitly agreed in writing with Scrubbe.
• Return & Deletion: Upon termination, Customer may export Customer Data within 30 days via provided tools. Thereafter, Scrubbe will delete Customer Data, except as required for legal retention purposes.

▲ 6.1 Data Backup

Scrubbe maintains regular backups of Customer Data to ensure continuity. Customers are encouraged to maintain their own backups for additional redundancy.

Scrubbe is committed to protecting Customer Data in accordance with its Privacy Policy and Data Processing Agreement (DPA).

• Where applicable, the parties agree to the GDPR Standard Contractual Clauses for international data transfers.
• Subprocessors are listed at incidents.scrubbe.com/subprocessors. Scrubbe will notify Customers of new critical subprocessors at least 14 days in advance.
• Customer is responsible for configuring data retention policies, access controls, and ensuring compliance with applicable data protection laws (e.g., GDPR, NDPR, PSPA, CCPA).

▲ 7.1 Data Subject Requests

Customers must handle data subject requests (e.g., access, deletion) directly. Scrubbe will assist as required under the DPA, subject to reasonable fees for excessive requests.

Scrubbe maintains industry-standard security measures to protect Customer Data, including:

• TLS 1.2+ encryption for data in transit and AES-256 encryption for data at rest;
• Role-based access control (RBAC) for granular permissions;
• Multi-factor authentication (MFA) support for enhanced account security;
• Comprehensive logging and audit trails for monitoring;
• Regular penetration testing and vulnerability scans by third-party auditors.

In the event of a data breach, Scrubbe will notify affected Customers without undue delay, in compliance with applicable laws.

▲ 8.1 Security Certifications

Scrubbe pursues certifications such as SOC 2 Type II and ISO 27001 to demonstrate its commitment to security. Reports are available to Enterprise customers upon request.

For Enterprise plan subscribers, Scrubbe provides the following Service Level Agreement (SLA) commitments:

• Uptime: 99.9% monthly availability, excluding scheduled maintenance windows announced at least 48 hours in advance.
• Response Times: Priority 1 (P1) = 1 hour, P2 = 4 hours, P3 = 1 business day, P4 = 2 business days.
• Remedies for SLA Breaches: Service credits as outlined in the SLA, proportional to the severity and duration of the breach.
• Support Channels: Available via email (support@scrubbe.com), live chat, and ticketing during business hours (24/7 for Enterprise plans).

▲ 9.1 Support Escalation

Customers may escalate urgent issues to a dedicated account manager for Enterprise plans. Contact details are provided in the Order Form.

Customers and their Users agree not to engage in any of the following prohibited activities:

• Using the Service in violation of applicable laws or regulations;
• Attempting to reverse-engineer, decompile, or derive the source code of the Service;
• Reselling, sublicensing, or sharing access to the Service outside the Customer's organization;
• Introducing malware, viruses, or other harmful code that could disrupt Service operations;
• Abusing API limits or integrations beyond fair use thresholds.

▲ 10.1 Enforcement

Scrubbe reserves the right to investigate and suspend accounts for violations of this Acceptable Use policy. Customers will be notified of any enforcement actions.

Integrations with third-party services (e.g., Slack, GitHub, AWS) are optional and configured at the Customer's discretion.

• Use of third-party services is governed by their respective terms and policies, which Customers must review and accept.
• Scrubbe is not responsible for the performance, availability, or security of third-party services.

▲ 11.1 Integration Support

Scrubbe provides documentation and support for enabling integrations. Additional fees may apply for custom integration development.

Scrubbe warrants that the Service will be provided in a professional and workmanlike manner, consistent with industry standards.

**"EXCEPT AS EXPRESSLY PROVIDED HEREIN, THE SERVICE IS PROVIDED "AS IS" AND "AS AVAILABLE." SCRUBBE DISCLAIMS ALL OTHER WARRANTIES, WHETHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT."**

▲ 12.1 Disclaimer Scope

Scrubbe does not guarantee that the Service will meet all Customer requirements or that it will be uninterrupted or error-free.

Customer agrees to indemnify, defend, and hold harmless Scrubbe, its affiliates, and their respective officers, directors, and employees against any claims, damages, or liabilities arising from:

• Customer Data, including any intellectual property disputes;
• Customer's misuse of the Service or violation of these Terms;
• Customer's violation of applicable laws or third-party rights.

▲ 13.1 Indemnification Process

Scrubbe will notify Customer promptly of any claim requiring indemnification. Customer shall assume control of the defense, subject to Scrubbe's right to participate at its own expense.

**SCRUBBE'S TOTAL AGGREGATE LIABILITY ARISING OUT OF OR RELATED TO THE SERVICE, WHETHER IN CONTRACT, TORT, OR OTHERWISE, IS LIMITED TO THE FEES PAID BY CUSTOMER IN THE 12 MONTHS PRECEDING THE CLAIM.**

SCRUBBE SHALL NOT BE LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, OR PUNITIVE DAMAGES, INCLUDING BUT NOT LIMITED TO LOST PROFITS, LOST DATA, OR BUSINESS INTERRUPTION, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

The above limitations apply except for:

• Customer's payment obligations, indemnification obligations, or breaches of confidentiality.

▲ 14.1 Exceptions

The above limitations do not apply to Customer's payment obligations, indemnification obligations, or breaches of confidentiality.

• Term: These Terms remain in effect until terminated by either party.
• Termination for Convenience: Either party may terminate the Service with 30 days' written notice.
• Termination for Cause: Either party may terminate if the other materially breaches these Terms and fails to cure the breach within 30 days of notice.
• Data Retention Post-Termination: Upon termination, Customer may export Customer Data within 30- days. Thereafter, Scrubbe will delete Customer Data, except as required by law.

▲ 15.1 Suspension

Scrubbe may suspend the Service for non-payment, violation of Acceptable Use policies, or suspected security threats, with prior notice where feasible.

• Customer represents that it is not located in a country subject to OFAC or EU sanctions and will not use the Service in violation of export controls.
• Customer is responsible for ensuring its use of the Service complies with all applicable local, national, and international laws.

▲ 16.1 Export Compliance

Scrubbe may restrict access to the Service in certain jurisdictions to comply with export control regulations.

• Enterprise customers may request audit reports (e.g., SOC 2 Type II, ISO 27001) once available, subject to confidentiality agreements.
• Customers may request information on Scrubbe's security controls and subprocessors via contact@scrubbe.com.

▲ 17.1 Audit Process

Audit requests must be submitted in writing and may be subject to reasonable fees for extensive reviews.

• Governing Law: These Terms are governed by the laws of Delaware, USA, unless otherwise agreed in writing for UK or Nigeria-based contracts.
• Dispute Resolution: Parties will first attempt informal resolution for 30 days. If unresolved, disputes will be settled by binding arbitration under AAA rules in Delaware, USA.
• Injunctive Relief: Either party may seek injunctive relief in court for intellectual property violations or data misuse.

▲ 18.1 Arbitration Process

Arbitration will be conducted by a single arbitrator, and the decision will be final and binding. Costs will be borne as determined by the arbitrator.

Scrubbe may update these Terms with 30 day's prior notice for material changes. Notices will be sent via email or posted on incidents.scrubbe.com. Continued use of the Service after changes constitutes acceptance.

▲ 19.1 Notification Process

Customers are responsible for maintaining accurate contact information to receive notifications of changes to these Terms.

This document is versioned to ensure transparency and track changes over time. The current version is v1.0, effective September 26, 2025. Previous versions are archived and available upon request to Enterprise customers.

▲ 20.1 Version History

Version history and change logs can be requested by contacting contact@scrubbe.com.