Terms of Service

1.1 Acceptance

By creating an account, ticking the acceptance checkbox at signup, or using the Service, you agree to these Terms of Service (“Terms”) and to the Certn Privacy Policy, which is incorporated by reference. These Terms form a binding legal agreement between you and Andrew Ingram, operating as Certn(“Certn”, “we”, “us”), a sole proprietorship based in Colorado, United States.

1.2 Who may use the Service

You may use the Service only if all of the following are true:

• You are at least 18 years old and have the legal capacity to enter into this agreement.
• You are using the Service on behalf of a company that is legally incorporated in the United States. Entities formed outside the United States are not eligible.
• You have the authority to bind that company to these Terms.
• You are not barred from using software services under applicable US law.

If we discover that an account has been created in breach of this section, we will close the account and delete the associated data without notice. No refund will be issued.

1.3 Other agreements

If you have signed a separate written agreement with Certn (for example, a Beta Tester Agreement), that agreement controls in the event of a conflict with these Terms, but only as to the specific matters it addresses.

Certn provides a software tool to help small SaaS companies prepare for a SOC 2 audit. The Service includes evidence storage, policy templates, scoping questionnaires, audit-package exports, and related features.

The Service does not include:

• An audit, opinion, attestation, or certification by Certn. Certn is not a CPA firm and does not issue SOC 2 reports.
• Legal, accounting, or compliance advice. The templates and guidance provided are starting points, not professional advice.
• A guarantee that you will pass a SOC 2 audit. Whether you pass depends on your operating practices, your evidence, and your auditor’s judgment.

3.1 Account creation

You must provide accurate information at signup and keep it current. Each account is for one company. You may not share account credentials with anyone outside the company you signed up for.

3.2 Account security

You are responsible for keeping your password secure and for all activity that occurs under your account, whether authorized by you or not. If you suspect unauthorized access, tell us immediately at info@certn.app. Two-factor authentication is not yet available; we strongly recommend enabling it when it becomes available.

3.3 One account per company

You may not create multiple accounts to circumvent any limitation of the Service.

4.1 Free tier and beta

During the current beta period and on the free tier, the Service is provided at no charge. Free tier features and limits may change at any time.

4.2 Paid plans (when available)

When paid plans are available, prices, billing terms, and refund policies will be presented at checkout and incorporated into these Terms by reference. Where you have an active subscription, we will give you at least thirty (30) days notice by email before any price increase takes effect.

4.3 Payment processor

All payments are processed by Stripe, Inc. By providing payment information, you also agree to Stripe’s terms. Certn does not store full card numbers.

4.4 Taxes

All fees are exclusive of taxes. You are responsible for any sales, use, or value-added taxes applicable to your purchase.

5.1 Ownership

You retain all right, title, and interest in and to the content you upload or create through the Service (“Your Content”), including evidence files, policy text, notes, scoping answers, organization names, and logos. We claim no ownership of Your Content.

5.2 License to us

You grant Certn a limited, non-exclusive, worldwide, royalty-free license to host, store, copy, display, transmit, and process Your Content solely for the purpose of providing the Service to you and to maintain backups and audit-package exports. This license ends when you delete Your Content or your account, except as needed to retain backups for the retention period stated in the Privacy Policy.

5.3 Your warranties

You represent and warrant that:

• You have all rights necessary to upload Your Content and to grant the license in Section 5.2.
• Your Content does not infringe any third party’s intellectual property, privacy, or other rights.
• Your Content does not contain malware, viruses, or other harmful code.
• You will not upload content that you are legally prohibited from sharing with a third-party service provider.

5.4 What we don’t do with Your Content

Certn does not sell Your Content, use it to train AI models, share it with advertisers, or use it for any purpose other than operating the Service as described in the Privacy Policy.

You will not, and will not permit anyone using your account to:

• Use the Service for any illegal purpose or in violation of any applicable law.
• Attempt to gain unauthorized access to any part of the Service or any other user’s account, data, or computer systems.
• Probe, scan, or test the vulnerability of the Service except as expressly authorized by us in writing.
• Reverse engineer, decompile, or attempt to extract the source code of the Service.
• Upload malware, viruses, worms, or any other malicious code.
• Use the Service to send spam, conduct phishing, or engage in any deceptive practice.
• Resell, sublicense, or commercially exploit the Service without our written permission.
• Use automated means (scrapers, bots) to access the Service except for standard search engine indexing of public marketing pages.
• Interfere with or disrupt the Service or the servers and networks connected to it.
• Use the Service to compete directly with Certn.

Violations of this Section 6 are grounds for immediate suspension or termination of your account without notice.

7.1 No uptime SLA

Certn does not provide a guaranteed uptime service level agreement at the free tier or during the beta period. The Service may be unavailable from time to time for maintenance, updates, or reasons outside our control.

7.2 Changes to the Service

We may add, modify, or remove features at any time. We will try to give reasonable notice of material changes by email, an in-app notice, or a posting on certn.app.

7.3 Discontinuation

We may discontinue the Service or any part of it at any time. If we discontinue the Service in its entirety, we will give you at least thirty (30) days notice by email and a reasonable opportunity to export Your Content.

7.4 Beta period and beta features

From time to time, Certn may offer features, services, or the entire Service in a beta, alpha, preview, or other pre-release state (“Beta Features”). When the in-app interface, marketing materials, or these Terms identify a feature or the Service as being in beta, the following rules apply:

(a) Sample data only. You agree to use sample, synthetic, or heavily redacted data when interacting with Beta Features. You will not upload real production data, including without limitation: customer personally identifiable information, employee personally identifiable information, passwords, API keys, access tokens, certificates, other credentials, or any confidential third-party information. You acknowledge that uploading real production data to a Beta Feature is at your sole risk and that you remain fully responsible for any consequences.

(b) Heightened risks. Beta Features are provided as a courtesy. You acknowledge and accept that Beta Features may contain bugs, may lose or corrupt data, may experience downtime, may be modified materially or removed entirely, and may otherwise behave unpredictably. We will use reasonable efforts to avoid these outcomes but make no commitment to do so.

(c) No warranty during beta. The disclaimers in Section 11 apply with particular force to Beta Features. Certn makes no representation that Beta Features will become generally available, will continue to function, or will preserve your data.

(d) Right to end the beta. Certn may end any beta or transition any Beta Feature out of beta at any time, with or without notice. At the end of the beta period, Certn may delete data associated with Beta Features and may require you to migrate to the generally available version of the Service or terminate your account.

(e) Notice. Notice that a feature or the Service is in beta may be given via an in-app banner, a posting on certn.app, an email, or these Terms. The in-app beta banner shown at the top of the authenticated application constitutes sufficient notice that the rules in this Section 7.4 are in effect.

8.1 Our IP

Certn, the certn.app domain, the logo, the underlying software, the policy templates, the control library, and all related materials are owned by Andrew Ingram and protected by US and international intellectual property law. Nothing in these Terms transfers any of that IP to you.

8.2 Limited license to you

We grant you a limited, non-exclusive, non-transferable, revocable license to access and use the Service for the internal SOC 2 readiness purposes of your eligible company, for the duration of your account, subject to these Terms.

8.3 Feedback

If you give us feedback, suggestions, or ideas about the Service (“Feedback”), you grant us a perpetual, worldwide, royalty-free, irrevocable license to use that Feedback for any purpose, including building it into the Service. You will not be entitled to any compensation for Feedback used in this way.

Our handling of personal information is governed by the Privacy Policy, which is incorporated into these Terms by reference. By accepting these Terms, you also accept the Privacy Policy.

10.1 By you

You may stop using the Service and request account deletion at any time by emailing info@certn.app. Deletion will be processed within thirty (30) days.

10.2 By us

We may suspend or terminate your access to the Service immediately, with or without notice, if you violate these Terms or the Acceptable Use rules in Section 6, breach the eligibility requirements in Section 1.2, we are required to do so by law, or we discontinue the Service.

10.3 Effect of termination

On termination, your right to access the Service ends. Sections that by their nature should survive termination will survive, including Sections 5.1, 5.3, 8, 11, 12, 13, 14, and 15.

The Service is provided “as is” and “as available” without warranties of any kind, whether express, implied, statutory, or otherwise. To the maximum extent permitted by applicable law, Certn disclaims all warranties, including the implied warranties of merchantability, fitness for a particular purpose, non-infringement, and any warranty arising out of course of dealing or usage of trade.

Certn does not warrant that the Service will be uninterrupted, error-free, secure, or free of viruses or other harmful components. Certn does not warrant that the Service will meet your requirements, that any data will be preserved, or that the Service will help you pass a SOC 2 audit.

During any beta or pre-release period (see Section 7.4), these disclaimers apply with particular force. You acknowledge that beta software is by its nature less reliable than production software and that uploading any data to a beta service carries elevated risk of loss, exposure, or corruption.

Your use of the Service is at your own risk.

12.1 Cap on damages

To the maximum extent permitted by applicable law, in no event will Certn’s total aggregate liability to you for all claims arising out of or related to these Terms or the Service exceed the greater of:

(a) One hundred US dollars ($100); or

(b) The total fees you have paid to Certn in the twelve (12) months immediately preceding the event giving rise to the claim.

12.2 Excluded damages

In no event will Certn be liable for any indirect, incidental, special, consequential, exemplary, or punitive damages, including damages for lost profits, lost data, loss of goodwill, service interruption, or cost of substitute services, even if Certn has been advised of the possibility of such damages.

12.3 Exceptions

The limitations in this Section 12 do not apply to (i) Certn’s gross negligence or willful misconduct, (ii) Certn’s indemnification obligations under Section 13, or (iii) any liability that cannot be excluded or limited under applicable law.

12.4 Basis of the bargain

You acknowledge that the fees charged for the Service (including a $0 free tier) reflect the allocation of risk in these Terms, and that the limitations in this Section 12 are an essential basis of the bargain between you and Certn.

You agree to defend, indemnify, and hold harmless Certn (and Andrew Ingram personally), from and against any and all claims, damages, losses, liabilities, costs, and expenses (including reasonable attorneys’ fees) arising out of or related to:

• Your use of the Service in violation of these Terms;
• Your Content, including any claim that Your Content infringes a third party’s rights;
• Your violation of the eligibility requirements in Section 1.2;
• Your violation of any applicable law; or
• Your gross negligence or willful misconduct.

14.1 Informal resolution first

Before filing a formal claim, you agree to try to resolve any dispute with us informally. Send a written description of the dispute to info@certn.app. We will work in good faith to resolve the dispute within thirty (30) days.

14.2 Binding arbitration

If informal resolution fails, any dispute, claim, or controversy arising out of or related to these Terms or the Service will be resolved by binding individual arbitrationadministered by JAMS under its Streamlined Arbitration Rules and Procedures, and not in court. The arbitration will be conducted in Denver, Colorado, or by video conference at the arbitrator’s discretion.

14.3 Class action waiver

You and Certn agree that each may bring claims against the other only in an individual capacity and not as a plaintiff or class member in any purported class, collective, or representative proceeding.

14.4 Jury trial waiver

To the maximum extent permitted by applicable law, you and Certn each waive the right to a trial by jury in any proceeding arising out of or related to these Terms.

14.5 Exceptions

The agreement to arbitrate in this Section 14 does not apply to:

• Small claims court actions, which either party may bring instead of arbitration if the claim qualifies.
• Claims for injunctive or equitable relief to protect intellectual property or to enforce confidentiality.

14.6 Governing law

These Terms are governed by the laws of the State of Colorado, United States, without regard to its conflict-of-laws principles. For any matter not subject to arbitration, the parties consent to the exclusive jurisdiction of the state and federal courts located in Denver, Colorado.

14.7 Time to bring claims

Any claim must be brought within one (1) year of the date the claim arose, or it is permanently barred.

15.1 Entire agreement

These Terms, together with the Privacy Policy and any signed separate agreements (such as a Beta Tester Agreement), are the entire agreement between you and Certn regarding the Service.

15.2 Changes to these Terms

We may update these Terms from time to time. When we do, we will change the “Last updated” date and bump the version. For material changes, we will notify account holders by email at least thirty (30) days before the changes take effect and re-prompt for acceptance at next sign-in.

15.3 Assignment

You may not assign or transfer these Terms without our prior written consent. We may assign these Terms in connection with a merger, acquisition, reorganization, or sale of all or substantially all of our assets.

15.4 Severability

If any provision of these Terms is held to be unenforceable, the remaining provisions will remain in full effect, and the unenforceable provision will be modified to the minimum extent necessary to make it enforceable while preserving its intent.

15.5 Waiver

Our failure to enforce any provision of these Terms will not be a waiver of that provision. Any waiver must be in writing and signed by us.

15.6 Force majeure

We are not liable for any failure or delay in performance due to causes beyond our reasonable control, including acts of God, war, civil unrest, government action, internet failures, third-party service outages (including Supabase, Resend, Vercel, or Stripe), or natural disasters.

15.7 Notices

Notices to you will be sent to the email address associated with your account. Notices to Certn must be sent to info@certn.app.

15.8 Independent contractors

Nothing in these Terms creates a partnership, joint venture, employment, or agency relationship between you and Certn.

15.9 No third-party beneficiaries

These Terms are for the benefit of you and Certn only.

Andrew Ingram, operating as Certn
Email: info@certn.app