Culpritv0 · 2026

Document — Culprit Terms of Service

Culprit — Terms of Service

Effective Date: 2026-04-26 Last Updated: 2026-05-10

These Terms of Service ("Terms") are entered into between Feida Management Consulting Co. Ltd, a limited company organized under the laws of Taiwan with its principal place of business at 7F., No. 51, Ln. 128, Jingye 1st Rd., Taipei 104051, Taiwan (the operator of the Culprit platform; "Culprit," "we," "us," or "our"), and the customer identified in the applicable order form or online sign-up ("Customer," "you," or "your"). These Terms govern your access to and use of the Culprit platform, websites located at or under theculprit.ai, and related services (collectively, the "Services").

By creating an account, accessing, or using the Services, you agree to these Terms. If you do not agree, do not use the Services.

Contact:

1. Definitions

1.1 "Customer Data" means any data, content, or information that Customer or its Authorized Users submit to, generate through, or store within the Services, including alert payloads, telemetry, event metadata, and user-submitted configuration.

1.2 "Authorized User" means an employee, contractor, or agent of Customer whom Customer authorizes to use the Services under Customer's account.

1.3 "Documentation" means the user documentation, help materials, and policies made available by Culprit at theculprit.ai or within the Services.

1.4 "Order Form" means any written or electronic ordering document (including online checkout and any negotiated Enterprise order) that references these Terms.

1.5 "Services" has the meaning in the preamble above.

1.6 "Subprocessor" means a third-party service provider engaged by Culprit to process Customer Data in connection with the Services, as identified in the Data Processing Agreement and Privacy Policy.

2. The Services

2.1 What Culprit does. Culprit is a Software-as-a-Service platform that ingests alert and telemetry data from Customer's IT systems (including paging tools, monitoring tools, and log streams), automatically clusters related events into incidents, and generates AI-assisted Root Cause Analysis ("RCA") summaries.

2.2 Architectural safeguards. The Services are designed with the following controls:

2.3 General availability. The Services are generally available. Features, pricing, and availability may change as described in Section 16 (Changes to These Terms).

3. Account Creation and Authorized Users

3.1 Customer is responsible for creating an account, keeping credentials secure, and all activity under its account.

3.2 Customer must provide accurate registration information and keep it current. Customer must promptly notify Culprit of any unauthorized access at support@theculprit.ai.

3.3 Customer is responsible for its Authorized Users' compliance with these Terms.

3.4 Customer must be at least 18 years old and legally capable of entering into these Terms on behalf of itself or the entity it represents.

4. Acceptable Use

4.1 Customer will not, and will not permit any Authorized User or third party to:

(a) use the Services in violation of applicable law, including laws relating to privacy, intellectual property, and export control and economic sanctions (including the U.S. Export Administration Regulations, the EU Dual-Use Regulation, and the sanctions programs administered by the U.S. Office of Foreign Assets Control, the UK Office of Financial Sanctions Implementation, the EU, and the United Nations); Customer represents that neither it nor any Authorized User is located in, organized under the laws of, or ordinarily resident in a country or region subject to comprehensive sanctions, and that neither it nor any Authorized User is identified on any applicable restricted-party list; (b) upload or transmit malicious code, or interfere with the integrity or performance of the Services; (c) attempt to probe, scan, or test the vulnerability of the Services or bypass any access or authentication measure (except as authorized in writing by Culprit); (d) reverse engineer, decompile, or disassemble the Services, except to the extent such restriction is prohibited by law; (e) resell, sublicense, or provide the Services to a third party other than Authorized Users; (f) use the Services to build a competing product; (g) submit data subject to regulatory regimes that Culprit has not agreed in writing to support, including but not limited to: classified or controlled-unclassified information; cardholder data governed by PCI-DSS; non-public personal information of consumers governed by the Gramm-Leach-Bliley Act ("GLBA") or its Safeguards Rule; education records governed by the Family Educational Rights and Privacy Act ("FERPA"); material non-public information of public companies subject to U.S. Securities and Exchange Commission disclosure rules; biometric identifiers or genetic information governed by Illinois BIPA, Texas CUBI, Washington biometric law, or analogous state laws; and items controlled by the U.S. International Traffic in Arms Regulations ("ITAR") or by the U.S. Export Administration Regulations ("EAR") at a classification level above EAR99 or 5D002 Mass Market; (h) intentionally bypass, disable, or attempt to circumvent the Services' tokenization architecture, or submit PII or ePHI through channels other than those supported by the Services' tokenization safeguards.

4.2 Culprit may suspend access in response to a material breach of Section 4, a security incident, or a legal obligation, with reasonable notice where practicable.

4.3 Permitted Volume. Customer may submit unlimited Events to the Services for normal operational use during the term of its subscription. "Normal operational use" means the routine ingestion of alert and notification events from Customer's monitoring infrastructure for the purpose of incident detection, correlation, and root-cause analysis. An Event is a single alert or notification posted to Culprit's ingest webhook by an external monitoring system; it is not a log line, a metric data point, or a trace span.

4.4 Abnormal Volume. Culprit reserves the right to require migration to the Enterprise plan, custom pricing, or dedicated capacity for Customer accounts that sustain abnormally high Event volume relative to comparable Customers, as determined in good faith by Culprit. Culprit will provide Customer at least thirty (30) days written notice before requiring such migration. During the notice period, Customer may either (a) accept the Enterprise migration terms, (b) reduce volume to within normal operational use, or (c) terminate the subscription per Section 14 (Termination).

4.5 No Throttling of Accounts in Good Standing. Culprit will not artificially throttle, drop, or reject Events from Customer accounts in good standing. The Storm Protocol described in the Documentation is a technical safety measure that activates only at extreme per-service rates (greater than 100 Events per minute) and does not affect normal operational use.

5. Subscriptions, Fees, and Taxes

5.1 Subscription pricing. Culprit's commercial model is a flat subscription fee per monitored service. The published price as of the Last Updated date of these Terms is USD $49.00 per monitored service per month, with volume discounts at 10 services (5%) and 25 services (10%). Current pricing is published at theculprit.ai/pricing. Culprit may change prices on at least thirty (30) days' advance written notice (email to the account administrator is sufficient); price changes take effect at the start of the next billing cycle following the notice period.

5.2 Order; payment processor. Subscriptions are ordered through Culprit's online checkout. Payments are processed by Paddle (Paddle.com Market Limited and Paddle, Inc.) acting as Merchant of Record. By purchasing a subscription, Customer also agrees to Paddle's terms and privacy notices presented at checkout. Subscriptions are billed monthly in advance unless a separate Order Form states otherwise.

5.3 No usage caps; no overage. Culprit's pricing model is designed so that Customer can send more telemetry, not less. Culprit does not charge overage fees or meter per-event pricing at the tier level. Culprit reserves the right to apply reasonable platform-level rate limits (for example, Storm Protocol per-service rate limits) to protect the stability of the Services.

5.4 Taxes. Fees are exclusive of taxes. Customer is responsible for all applicable sales, use, value-added, and similar taxes, excluding taxes based on Culprit's net income.

5.5 Payment terms. Once paid subscriptions begin, invoices are payable net 30 unless otherwise stated on the Order Form. Overdue amounts accrue interest at the lesser of 1.0% per month or the maximum rate permitted by law.

6. Customer Data

6.1 Ownership. As between the parties, Customer retains all right, title, and interest in and to Customer Data.

6.2 License to Culprit. Customer grants Culprit a non-exclusive, worldwide, royalty-free license to host, transmit, process, display, and otherwise use Customer Data solely as necessary to provide, secure, and improve the Services for Customer and to comply with applicable law. Culprit will not use Customer Data to train any AI model.

6.3 Customer responsibilities. Customer represents and warrants that it has all rights, consents, and authority necessary to submit Customer Data to the Services and that Customer Data complies with applicable law, including privacy and data-protection laws.

6.4 Aggregated and de-identified data. Culprit may generate aggregated and de-identified data from its operation of the Services (for example, platform performance metrics, usage statistics, and de-identified model-quality measurements) and may use such data for any lawful purpose, provided that it does not identify Customer or any individual.

6.5 Mutual confidentiality. Each party (the "Receiving Party") will hold in confidence the Confidential Information of the other party (the "Disclosing Party"), will use it only for purposes of this Agreement, and will not disclose it to any third party except to its employees, contractors, and professional advisors who have a need to know and who are bound by confidentiality obligations at least as protective as this Section. "Confidential Information" means non-public information disclosed by a party in connection with this Agreement that is marked or identified as confidential at the time of disclosure or that, given the nature of the information and circumstances of disclosure, a reasonable person would understand to be confidential. Confidential Information does not include information that (a) is or becomes publicly available without breach of this Section, (b) was rightfully known to the Receiving Party without confidentiality obligation prior to disclosure, (c) is independently developed by the Receiving Party without use of or reference to the Disclosing Party's Confidential Information, or (d) is rightfully received from a third party without confidentiality obligation. The Receiving Party may disclose Confidential Information as required by law or legal process, provided that, where legally permitted, it gives the Disclosing Party prompt notice and reasonable cooperation to seek a protective order. On termination of this Agreement, each party will, at the Disclosing Party's election, return or destroy the other's Confidential Information, except for routine archival copies that are inaccessible in the ordinary course. The obligations of this Section 6.5 survive for three (3) years after termination of this Agreement, except that obligations regarding information qualifying as a trade secret under applicable law continue for as long as the information so qualifies.

7. Intellectual Property

7.1 Culprit IP. Culprit and its licensors retain all right, title, and interest in and to the Services, including all software, models, algorithms, user interfaces, documentation, and improvements, and all related intellectual-property rights. No rights are granted by implication.

7.2 Customer IP. Customer retains all rights in Customer Data and any Customer-owned materials submitted to Culprit. Nothing in these Terms transfers those rights to Culprit.

7.3 Feedback. If Customer provides suggestions, feedback, or ideas about the Services ("Feedback"), Customer grants Culprit a perpetual, irrevocable, royalty-free license to use and incorporate the Feedback without restriction, without any obligation of attribution or compensation.

8. Third-Party Services and Subprocessors

8.1 The Services rely on Subprocessors including Supabase (managed Postgres and authentication), Cloudflare (Workers compute, queues, durable objects, DNS), Anthropic (LLM inference for RCA), OpenAI (embeddings for event correlation), Resend (transactional email), and Paddle (Merchant-of-record billing, payment processing, sales-tax remittance). A current list is maintained in the Privacy Policy and Data Processing Agreement.

8.2 Culprit remains responsible for Subprocessors' performance of the obligations Culprit has delegated to them, subject to the limitations of liability in Section 12.

9. Security, Privacy, and Compliance

9.1 Security program. Culprit maintains administrative, physical, and technical safeguards designed to protect Customer Data, as further described in the Data Processing Agreement.

9.2 Privacy. Culprit's processing of personal data is governed by the Culprit Privacy Policy and, where applicable, the Data Processing Agreement, which is incorporated by reference.

9.3 HIPAA. If Customer is a HIPAA Covered Entity or Business Associate and will transmit ePHI to the Services, Customer and Culprit must execute Culprit's Business Associate Agreement before any ePHI is submitted. The BAA is available for HIPAA-covered entities on request — contact legal@theculprit.ai. Absent an executed BAA, Customer agrees not to submit ePHI.

9.4 SOC 2. The Services are architected for SOC 2 Type II compliance. As of the Effective Date, Culprit has not completed a formal SOC 2 audit; a Type II report is on the roadmap. Culprit does not represent that it is SOC 2 certified.

10. Service Availability

10.1 Commercially reasonable efforts. Culprit will use commercially reasonable efforts to make the Services available. Scheduled maintenance and emergency maintenance may occur; Culprit will use reasonable efforts to provide advance notice of scheduled maintenance via in-product notice or status page.

10.2 Service-level agreement. Culprit may publish a service-level agreement ("SLA") for one or more subscription tiers. If and when published, the SLA will be made available at theculprit.ai/sla and will apply only to the tiers and as of the effective date stated in that SLA. Absent a published SLA, no specific availability or service-credit commitment applies.

11. Warranty Disclaimer

11.1 AS IS. EXCEPT AS EXPRESSLY STATED IN THESE TERMS, THE SERVICES AND ALL RELATED MATERIALS ARE PROVIDED "AS IS" AND "AS AVAILABLE," WITHOUT WARRANTY OF ANY KIND. CULPRIT DISCLAIMS ALL WARRANTIES, EXPRESS, IMPLIED, AND STATUTORY, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT, AND ANY WARRANTY ARISING FROM COURSE OF DEALING OR USAGE OF TRADE.

11.2 AI outputs are not advice. Culprit's AI-generated outputs (including RCA summaries, clustering suggestions, and recommendations) are probabilistic, may contain errors, and must not be relied upon as the sole basis for operational, clinical, legal, or financial decisions. Customer is responsible for human review of AI outputs before acting on them. Customer will not use Culprit's AI outputs as the sole or primary basis for any decision producing legal or similarly significant effects on an individual, including decisions affecting employment, hiring, promotion, termination, credit, housing, education, immigration, public benefits, insurance underwriting, or access to health care. Use of AI outputs in those contexts is a violation of Section 4 (Acceptable Use).

11.3 No warranty of uninterrupted service. Culprit does not warrant that the Services will be uninterrupted, timely, secure, or error-free.

12. Limitation of Liability

12.1 No indirect damages. TO THE MAXIMUM EXTENT PERMITTED BY LAW, NEITHER PARTY WILL BE LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, EXEMPLARY, OR PUNITIVE DAMAGES, INCLUDING LOSS OF PROFITS, REVENUE, DATA, OR BUSINESS OPPORTUNITY, ARISING OUT OF OR RELATED TO THESE TERMS, EVEN IF ADVISED OF THE POSSIBILITY.

12.2 Cap. TO THE MAXIMUM EXTENT PERMITTED BY LAW, EACH PARTY'S TOTAL AGGREGATE LIABILITY ARISING OUT OF OR RELATED TO THESE TERMS WILL NOT EXCEED THE GREATER OF (A) THE FEES PAID OR PAYABLE BY CUSTOMER TO CULPRIT IN THE TWELVE (12) MONTHS PRECEDING THE EVENT GIVING RISE TO LIABILITY, OR (B) ONE HUNDRED U.S. DOLLARS (USD $100). FOR FREE OR TRIAL USE OF THE SERVICES, THE CAP IS USD $100.

12.3 Exclusions. The limitations in Section 12.2 do not apply to (a) a party's indemnification obligations under Section 13, (b) Customer's breach of Section 4 (Acceptable Use) or Section 7 (Intellectual Property), or (c) liabilities that cannot be limited under applicable law.

13. Indemnification

13.1 By Culprit. Culprit will defend Customer against any third-party claim alleging that the Services, as provided by Culprit and used in accordance with these Terms, infringe a valid U.S. patent, copyright, or trademark, and will pay amounts finally awarded by a court or agreed in settlement. Culprit's obligations do not apply to claims arising from (a) Customer Data, (b) Customer's combination of the Services with non-Culprit products, (c) modifications not made by Culprit, or (d) use of the Services in violation of these Terms.

13.2 By Customer. Customer will defend Culprit against any third-party claim arising from (a) Customer Data, including claims that Customer Data violates applicable law or infringes third-party rights; (b) Customer's breach of Section 4 (Acceptable Use); or (c) Customer's use of the Services in violation of these Terms, and will pay amounts finally awarded by a court or agreed in settlement.

13.3 Procedure. The indemnified party must (a) promptly notify the indemnifying party of the claim, (b) give the indemnifying party sole control of the defense and settlement (provided that any settlement requiring the indemnified party's admission of liability or payment requires its consent, not to be unreasonably withheld), and (c) reasonably cooperate with the defense.

14. Term and Termination

14.1 Term. These Terms begin on the Effective Date and continue until terminated as described below.

14.2 Termination for convenience by Customer. Customer may terminate at any time as described in Sections 14.5 (30-day money-back guarantee) and 14.6 (Cancellation outside the refund window). Culprit may terminate any free or trial Services for convenience on at least thirty (30) days' written notice.

14.3 Termination for cause. Either party may terminate for material breach not cured within thirty (30) days of written notice, except that Culprit may terminate immediately for a material breach of Section 4 (Acceptable Use) or Section 7 (Intellectual Property).

14.4 Effect of termination. On termination: (a) Customer's access ends; (b) Customer may export its data during a reasonable window before closure (the window will be communicated by Culprit, and is at least thirty (30) days absent a compelling security reason); (c) Culprit will delete active-account Customer Data within thirty (30) days of account closure, with backups purged within ninety (90) days per Subprocessor backup schedules; and (d) accrued payment obligations survive.

14.5 30-day money-back guarantee. Self-serve subscription Customers may obtain a full refund of their initial subscription purchase within thirty (30) days of that initial purchase by clicking "Cancel & refund" in their billing settings; the cancellation and refund issue automatically through Culprit's payment processor (Paddle, acting as Merchant of Record), with no email or support ticket required. Customers who prefer email may instead contact hello@theculprit.ai. Refunds are processed through the original payment method and typically appear on the Customer's statement within 5–10 business days. This refund window applies to the initial subscription purchase only.

14.6 Cancellation outside the refund window. Self-serve subscription Customers may cancel at any time through their account dashboard or by emailing hello@theculprit.ai. Cancellation takes effect at the end of the then-current paid month, and the Services remain available through that date. Annual or multi-year commitments negotiated under the Enterprise plan are governed by their separate order form, including any committed-term refund or credit terms stated there.

14.7 Survival. Sections 6.1, 6.4, 7, 11, 12, 13, 14.4, 14.5, 14.6, 15, 16, and 17, and any other provision that by its nature should survive, survive termination.

15. Governing Law, Venue, Dispute Resolution

15.1 Governing law. These Terms are governed by the laws of Taiwan, without regard to its conflict-of-laws rules. The United Nations Convention on Contracts for the International Sale of Goods does not apply.

15.2 Venue. The parties submit to the exclusive jurisdiction and venue of the Taipei District Court of Taiwan (台灣台北地方法院), and waive any objection to personal jurisdiction or venue in that court. The parties may, by mutual written agreement on a per-customer basis, elect Singapore International Arbitration Centre (SIAC) arbitration in Singapore as an alternative forum, in which case venue under this Section is superseded for that customer's disputes.

15.3 Informal resolution. Before filing a claim, each party agrees to attempt informal resolution by written notice to the other's legal contact (Culprit: legal@theculprit.ai). If not resolved within thirty (30) days, either party may file suit.

15.4 Class action waiver. TO THE FULLEST EXTENT PERMITTED BY LAW, EACH PARTY WAIVES ANY RIGHT TO PARTICIPATE IN A CLASS, COLLECTIVE, OR REPRESENTATIVE ACTION AGAINST THE OTHER. Claims must be brought in an individual capacity.

15.5 Jury trial waiver. Where the parties have elected SIAC arbitration under Section 15.2 or where a court of competent jurisdiction outside Taiwan would otherwise hear a dispute relating to these Terms, each party waives, to the fullest extent permitted by the law of that forum, any right to a jury trial. (Civil disputes under Taiwanese law are tried by judges, so this waiver is operative only in respect of forums that recognize a right to civil jury trial.)

16. Changes to These Terms

16.1 Culprit may update these Terms from time to time. Material changes will be announced by email to the account administrator or via in-product notice at least thirty (30) days before the effective date of the change. Non-material changes (clarifications, typos, updated contact info) may take effect on posting.

16.2 Continued use of the Services after the effective date of a change constitutes acceptance. If Customer does not agree to a material change, Customer's remedy is to terminate the account before the change takes effect.

17. Miscellaneous

17.1 Notices. Notices to Culprit must be sent to legal@theculprit.ai and to 7F., No. 51, Ln. 128, Jingye 1st Rd., Taipei 104051, Taiwan. Notices to Customer will be sent to the account administrator's email on file.

17.2 Assignment. Neither party may assign these Terms without the other's prior written consent, except in connection with a merger, acquisition, or sale of substantially all assets, on written notice.

17.3 Force majeure. Neither party is liable for delay or failure to perform caused by events beyond its reasonable control, including acts of God, war, terrorism, civil unrest, epidemic, third-party labor dispute (excluding any labor dispute involving the affected party's own workforce), network or telecommunications failure not caused by the affected party, or government action.

17.4 Independent contractors. The parties are independent contractors. These Terms do not create a partnership, joint venture, agency, or employment relationship.

17.5 No third-party beneficiaries. There are no third-party beneficiaries to these Terms.

17.6 Severability. If any provision is held unenforceable, the remaining provisions remain in effect, and the unenforceable provision will be modified to the minimum extent necessary.

17.7 Waiver. Failure to enforce any right is not a waiver of that right.

17.8 Entire agreement. These Terms, together with the Privacy Policy, Data Processing Agreement (if applicable), Business Associate Agreement (if applicable), and any Order Form, constitute the entire agreement between the parties and supersede all prior agreements on the subject matter.

17.9 Order of precedence. In the event of conflict, the following order applies: (1) the Business Associate Agreement, but only for matters involving Protected Health Information; (2) the Data Processing Agreement, but only for matters involving the protection of Personal Data (including international data transfers); (3) a fully-executed Order Form, on all other matters; (4) these Terms; (5) the Privacy Policy. Within the scope of the SCCs incorporated by the DPA, the SCCs prevail over this order of precedence as required by Article 28 GDPR and the SCCs themselves.