01
Acceptance of the Agreement
These Terms constitute a binding contract between TestML, Inc. and the customer entity identified in the relevant Order Form, Master Services Agreement, or pilot engagement letter (the "Customer"). By accessing the platform, executing an Order Form, or instructing TestML personnel to commence work, Customer accepts these Terms in full.
Where a separately negotiated Master Services Agreement exists, it controls in the event of conflict. In the absence of such an agreement, these Terms govern the engagement, including any pilot, proof-of-concept, or trial-tier access granted by TestML at its discretion.
02
Scope of the Service
The TestML platform provides evaluation suites, red-team and jailbreak testing, drift and regression monitoring, and compliance audit lineage for production AI systems. The exact deliverables, environments, and acceptance criteria are defined per engagement in the corresponding Statement of Work.
TestML is not a model vendor and does not warrant the underlying behaviour of third-party language models. Our obligation is the rigour of the evaluation, the completeness of the audit trail, and the timeliness of the alerts — not the answers a model produces between them.
03
Acceptable Use
Customer may use the platform solely to evaluate, test, and monitor AI systems Customer owns or is authorised to assess. Customer shall not use the platform to attack systems outside the scope agreed in writing, to circumvent the safety controls of unrelated providers, or to generate or distribute material prohibited under applicable law.
Red-team payloads, jailbreak corpora, and adversarial prompts produced or surfaced through the platform are licensed to Customer for internal defensive use only. Republishing such content outside Customer's organisation requires prior written consent from TestML.
04
Customer Data and Confidentiality
Customer retains all rights, title, and interest in the prompts, completions, retrieval contexts, telemetry, and evaluation artefacts ingested into the platform (collectively, "Customer Data"). TestML processes Customer Data solely to deliver the contracted services and to maintain audit lineage required by Customer's regulators.
TestML does not train foundation models on Customer Data, does not sell or share Customer Data with third parties for advertising or model improvement, and does not retain Customer Data beyond the retention windows agreed in the Order Form. Sub-processors are listed and version-controlled at /docs/.
05
Security and Compliance Posture
TestML operates under SOC 2 Type 2 controls, ISO 27001 certification, GDPR-aligned data-processing terms, and a HIPAA-compatible reference architecture available on request. Encryption is mandatory in transit and at rest; production access is gated by hardware-backed multi-factor authentication and time-bounded reviewer roles.
Customer is responsible for configuring its own access policies inside the platform, for the lawful basis of any personal data submitted for evaluation, and for redacting fields whose presence in test corpora is restricted by Customer's regulator.
06
Fees, Invoicing, and Term
Fees, billing cadence, and the contract term are defined per engagement. Pilot evaluations are typically scoped as a fixed-fee, fixed-duration body of work; production monitoring is invoiced on a usage-aligned subscription with a stated commitment floor.
Invoices are payable net thirty days from receipt unless an alternate term is recorded on the Order Form. Disputed line items must be raised in writing within fifteen business days of the invoice date; undisputed amounts continue to fall due on the original schedule.
07
Intellectual Property
TestML retains ownership of the platform, the proprietary evaluation suites, the red-team corpora, and any methodology, models, or tooling not specifically commissioned as Customer-owned deliverables under the Statement of Work.
Customer is granted a non-exclusive, non-transferable, worldwide licence to use the platform and its outputs for the duration of the engagement and for the lawful internal compliance, audit, and operational purposes of Customer's enterprise.
08
Warranty Disclaimers
TestML warrants that the platform will be operated with the care, skill, and rigour expected of a specialist enterprise vendor and in conformity with the Statement of Work. Beyond that, the platform is provided on an as-is basis to the maximum extent permitted by applicable law.
TestML does not warrant that any model under evaluation will pass any specific benchmark, achieve any particular accuracy threshold, or remain free from drift, jailbreak, or regression after the engagement window closes. Continuous monitoring services are sold for that exact reason.
09
Limitation of Liability
Each party's aggregate liability arising out of or in connection with the engagement shall not exceed the fees paid or payable by Customer in the twelve months preceding the event giving rise to the claim. Neither party shall be liable for indirect, incidental, consequential, or punitive damages, or for loss of profit, revenue, goodwill, or business opportunity.
Nothing in this clause limits liability that cannot lawfully be limited, including liability for fraud, wilful misconduct, or breach of confidentiality obligations relating to Customer Data.
10
Termination and Survival
Either party may terminate the engagement for material breach not cured within thirty days of written notice, or immediately on the other party's insolvency. Customer may terminate a monitoring subscription for convenience at the end of the contracted commitment term with sixty days' notice.
On termination, TestML will deliver outstanding audit artefacts, return or destroy Customer Data on instruction, and revoke production access. Confidentiality, intellectual-property, payment, and limitation-of-liability clauses survive termination.