Terms and Conditions

1. Introduction

These Terms & Conditions ("Terms") are between you ("Customer", "you", "your") and Agent Mantis Pty Ltd, an Australian company registered in New South Wales ("we", "us", "our").

By signing up for or using our testing software platform ("Service"), you agree to these Terms.

2. Our Service and Your Licence

We give you a non-exclusive, non-transferable licence to use the Service for your internal business purposes.

You don't own our software - you're subscribing to use it.

You must follow any documentation or usage rules we provide.

We may update or improve the Service from time to time.

3. Your Responsibilities

You agree to:

  • Keep your login details private and secure.
  • Use the Service lawfully and not upload anything illegal, infringing, or harmful.
  • Ensure your users follow these Terms.
  • Maintain internet and hardware access needed for use.

4. Fees and Payment

  • Subscription fees are due as shown in your order or account plan.
  • All prices exclude applicable taxes (GST, VAT, etc.).
  • We may suspend access if payment is overdue.
  • Subscriptions renew automatically unless cancelled before renewal.
  • We may adjust renewal pricing with 30 days' notice.

5. Service Level Agreement (SLA)

5.1 Service Uptime

We aim for 99.9% uptime per calendar month, excluding scheduled maintenance.

Downtime is measured by our monitoring systems.

5.2 Scheduled Maintenance

We'll give at least 48 hours' notice for planned maintenance that might cause downtime.

Emergency maintenance may occur without notice, but we'll inform you promptly.

5.3 Support and Response Times

Severity Example Target Response Target Resolution
Critical (P1) Complete outage, no workaround 1 hour 4 hours
High (P2) Major function broken 4 hours 1 business day
Medium (P3) Partial impairment 1 business day 3 business days
Low (P4) Minor issue or question 2 business days Best effort

Support hours: 9 am – 6 pm AEST, Monday–Friday (excluding NSW public holidays).

5.4 Service Credits

If monthly uptime falls below:

  • 99.0% → 5% credit
  • 98.0% → 10% credit
  • 95.0% or below → 20% credit

Credits apply only if you notify us within 15 days after the month ends. Credits can't be exchanged for cash.

6. Data, Privacy & Security

We handle Customer Data as outlined in our Data Processing Addendum (DPA) below.

  • You keep ownership of your data.
  • We use it only to provide and maintain the Service.
  • We apply industry-standard encryption and security measures (AES-256 at rest, TLS 1.2+ in transit, access controls, daily backups).

7. Intellectual Property

All software, code, and documentation remain our property.

You may not reverse engineer or copy any part of the Service.

8. Confidentiality

Each party must protect confidential information and use it only as needed to deliver or use the Service.

9. Termination

You or we may terminate:

  • For breach (after 30 days' written notice and failure to fix it), or
  • At the end of any subscription period (with notice before renewal).

After termination:

  • Your access ends.
  • We'll return or delete your data within 30 days unless you ask otherwise.
  • Clauses on confidentiality, IP, and liability stay in effect.

10. Warranties and Liability

We promise to provide the Service with reasonable skill and care. Otherwise, it's offered "as-is".

Our total liability is capped at the amount you paid us in the last 12 months. We're not responsible for lost profits, data loss, or indirect damages.

These limits don't apply to liabilities that can't be excluded by law (e.g. Australian Consumer Law, personal injury, gross negligence).

11. Governing Law

These Terms are governed by the laws of New South Wales, Australia.

Disputes will be handled in the courts of NSW unless otherwise agreed.

12. Changes to Terms

We may update these Terms with 30 days' notice.

If you don't agree, you may cancel before the new Terms apply.

Data Processing Addendum (DPA)

This DPA forms part of the Terms & Conditions between the Customer and Agent Mantis Pty Ltd.

1. Purpose

This DPA explains how we process personal data when you use our Service, to comply with:

  • EU General Data Protection Regulation (GDPR)
  • UK Data Protection Act 2018
  • California Consumer Privacy Act (CCPA)
  • Canada's PIPEDA
  • Australian Privacy Act 1988 (Cth)

2. Roles

  • You are the Data Controller (or "business" under CCPA).
  • We are the Data Processor (or "service provider").

3. Processing Instructions

We will only process personal data:

  • To provide and maintain the Service.
  • According to your documented instructions.
  • In compliance with applicable data-protection laws.

We will not sell, rent or use personal data for advertising or unrelated purposes.

4. Data Types and Subjects

We process personal data that you or your users upload or generate in the Service - typically names, emails, job titles, logs, or test-data references.

5. Security Measures

We use:

  • Encryption at rest and in transit.
  • Role-based access controls and MFA.
  • Regular security testing and patching.
  • Annual data-protection audits.
  • Employee confidentiality and privacy training.

6. Sub-Processors

We may use third-party providers (e.g., Azure, Cloudflare, analytics tools) to host or process data. Each is bound by written agreements ensuring GDPR-level protection.

We'll provide a current list on request and give 30 days' notice before adding a new sub-processor.

7. Data Transfers

If we transfer personal data outside your region (e.g. to the US), we will:

  • Use EU Standard Contractual Clauses (SCCs) for EU/EEA customers.
  • Follow the UK International Data Transfer Addendum (IDTA) where relevant.
  • Comply with PIPEDA and Australian cross-border rules.

8. Data Breach

We will notify you within 48 hours of becoming aware of any unauthorised access, loss, or disclosure of personal data.

We will cooperate fully with your investigation and regulatory reporting.

9. Data Subject Rights

We will help you respond to individual rights requests (access, correction, deletion, portability, etc.) where applicable.

Requests from individuals should be directed to you as the Controller.

10. Return or Deletion of Data

When the Subscription ends, we will delete or return all Customer Data (including backups) within 30 days, unless law requires longer retention.

11. Audits

Upon reasonable written notice, you may audit our compliance once per year, either remotely or on-site, subject to confidentiality and cost-sharing.

12. Liability and Survival

Each party's liability under this DPA is governed by the limits in the main Terms.

This DPA remains effective as long as we process your data.

Appendix – Service Level Metrics Summary

Metric Target Measurement
Availability ≥ 99.9% monthly uptime Monitored continuously
Maintenance Notification ≥ 48 hours' notice Email or dashboard
Data Backup Retention Daily, 30-day retention Verified monthly
Incident Notification ≤ 48 hours from detection Email
Support Response (P1) ≤ 1 hour Ticket timestamp