GovernAPI

Terms of Service

Last updated: April 15, 2026

1. Acceptance of Terms

By accessing or using GovernAPI ("Service"), you agree to be bound by these Terms of Service ("Terms"). If you disagree with any part of these terms, you may not access the Service. These Terms apply to all visitors, users, and others who access or use the Service.

2. Description of Service

GovernAPI provides API security, governance, and monitoring services including:

  • Automated security scanning and vulnerability detection
  • API traffic monitoring and threat intelligence
  • Compliance reporting and governance tools
  • Performance analytics and observability

3. Account Registration

  • You must provide accurate, complete, and current information
  • You are responsible for maintaining account security
  • You must be 18 years or older to use the Service
  • One account per organization unless otherwise agreed
  • You must notify us immediately of any unauthorized access

4. Acceptable Use Policy

You agree NOT to:

  • Use the Service for illegal purposes or to violate any laws
  • Attempt to gain unauthorized access to any part of the Service
  • Interfere with or disrupt the Service or servers
  • Transmit malware, viruses, or malicious code
  • Reverse engineer, decompile, or disassemble the Service
  • Resell or redistribute the Service without authorization
  • Exceed rate limits or abuse API quotas
  • Use the Service to attack or scan third-party systems without permission

5. Scanning Authorization

By entering a URL for scanning, you represent and warrant that you have authorization to scan that target. You are solely responsible for ensuring you have permission from the target system's owner. GovernAPI acts on your behalf and at your direction. GovernAPI assumes no liability for unauthorized scanning of systems you do not own or have permission to test.

Unauthorized scanning may violate the Computer Fraud and Abuse Act (CFAA), the Computer Misuse Act, and equivalent laws in other jurisdictions. You agree to defend, indemnify, and hold GovernAPI harmless from any claim, investigation, or liability arising from targets you direct us to scan without proper authorization.

6. No Guarantee of Security

A passing score or clean scan result does NOT mean your API is secure. GovernAPI's external scanner checks a limited set of indicators and cannot detect all vulnerability classes. You must not rely solely on GovernAPI results for security decisions. GovernAPI is not a substitute for penetration testing, code review, or professional security assessment.

7. Point-in-Time Results

All scan results reflect the state of the target at the moment of scanning. Security posture can change at any time. Historical scores do not predict future security. GovernAPI makes no representation about the security of any target between scans.

8. Third-Party API Scanning

When you scan third-party APIs, GovernAPI makes HTTP requests to those endpoints on your behalf. GovernAPI does not perform destructive testing, inject payloads, or attempt to exploit vulnerabilities. All scans are read-only. However, some target systems may log, rate-limit, or block requests from GovernAPI's infrastructure. GovernAPI is not responsible for any consequences of scanning third-party systems.

9. No Legal or Compliance Advice

GovernAPI is not a law firm and does not provide legal, regulatory, or compliance advice. Compliance readiness reports are informational only and do not constitute an audit, certification, or attestation. Always consult a qualified professional for compliance decisions.

10. API Keys and Security

  • API keys are confidential and must not be shared publicly
  • You are responsible for all activity under your API keys
  • Rotate API keys regularly (recommended every 90 days)
  • Report compromised keys immediately
  • We may revoke keys if suspicious activity is detected

11. Billing and Payment

Pricing

Pricing is based on your selected plan (Developer, Professional, or Enterprise). Current pricing is available at governapi.com/pricing.

Payment Terms

  • Paid plans are billed monthly or annually in advance
  • All fees are non-refundable except as required by law
  • You authorize us to charge your payment method automatically
  • Failed payments may result in service suspension
  • Prices may change with 30 days notice

Overage Charges

Exceeding plan limits may result in additional charges or throttling. We will notify you before applying overage charges.

12. Free Trial

  • Free trials are 14 days unless otherwise stated
  • No credit card required for free tier
  • Trial converts to paid plan unless cancelled
  • One free trial per organization

13. Cancellation and Termination

By You

You may cancel at any time from your dashboard. Access continues until the end of your billing period. No refunds for partial months.

By Us

We may suspend or terminate your account for:

  • Violation of these Terms
  • Non-payment
  • Illegal activity or security threats
  • Extended inactivity (180+ days on free plan)

14. Service Level Agreement (SLA)

  • Target Uptime: 99.9% (Professional and Enterprise plans)
  • Scheduled Maintenance: Announced 48 hours in advance
  • SLA Credits: Available for paid plans with uptime below 99.9%
  • Support: Email support (24-48hr response), Priority support for Enterprise

15. Data and Privacy

Your use of the Service is also governed by our Privacy Policy. Key points:

  • We do not sell your data
  • You retain ownership of your data
  • We may use aggregated, anonymized data for service improvement
  • Data is encrypted in transit and at rest
  • You can export your data at any time

16. Intellectual Property

Our IP

The Service, including all software, algorithms, designs, and content, is owned by GovernAPI and protected by copyright, trademark, and other laws.

Your IP

You retain ownership of your APIs, code, and data. You grant us a limited license to process your data to provide the Service.

17. Warranties and Disclaimers

THE SERVICE IS PROVIDED "AS IS" WITHOUT WARRANTIES OF ANY KIND. WE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING:

  • MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
  • UNINTERRUPTED OR ERROR-FREE OPERATION
  • COMPLETE SECURITY (no system is 100% secure)
  • DETECTION OF ALL VULNERABILITIES
  • ACCURACY OR COMPLETENESS OF SCAN RESULTS (findings may contain false positives or false negatives)
  • COMPLIANCE CERTIFICATION (compliance mapping is for readiness only, not formal certification)

GovernAPI does not guarantee detection of any specific vulnerability, misconfiguration, or security issue. False positives and false negatives are inherent limitations of automated scanning. Users must independently verify all findings before taking action.

GovernAPI provides automated security insights based on external analysis. Results do not guarantee the absence of vulnerabilities and are not a substitute for professional security audits, penetration testing, or compliance certification. Users are solely responsible for validating findings before acting on them and for decisions made based on scan results.

18. Limitation of Liability

TO THE MAXIMUM EXTENT PERMITTED BY LAW:

  • Our liability is limited to the amount you paid in the 12 months prior
  • We are not liable for indirect, incidental, or consequential damages
  • We are not liable for data breaches resulting from your negligence
  • We are not liable for third-party actions or services

19. Indemnification

You agree to indemnify and hold harmless GovernAPI from claims arising from your use of the Service, violation of these Terms, or infringement of third-party rights.

20. Compliance

  • You are responsible for compliance with applicable laws (GDPR, CCPA, HIPAA, etc.)
  • The Service helps with compliance but does not guarantee it
  • You must obtain appropriate consent for data processing

21. Modifications to Terms

We may update these Terms at any time. Material changes will be notified via email 30 days in advance. Continued use after changes constitutes acceptance.

22. Governing Law and Disputes

These Terms are governed by the laws of Delaware, USA, excluding conflict of law provisions.

Disputes will be resolved through binding arbitration (JAMS rules) in Delaware. You waive the right to class action lawsuits.

23. Contact Information

Email: legal@governapi.com

Support: support@governapi.com

Privacy PolicyBack to Home