// legal

Terms of Service

Effective: March 10, 2026 · Last updated: March 23, 2026

01. Acceptance of Terms

These Terms of Service (“Terms”) constitute a legally binding agreement between you (“User”) and Envpilot (“we,” “us”) governing your use of the Envpilot platform, including the web application, CLI, VS Code extension, and all associated services (collectively, the “Service”).

By creating an account or using the Service, you agree to be bound by these Terms. If you are using the Service on behalf of an organization, you represent that you have authority to bind that organization. If you do not agree, do not use the Service.

02. Definitions

“Organization” — a workspace containing projects, team members, and configuration data.
“Project” — a logical grouping of environment variables within an Organization.
“Variables” / “Secrets” — the environment variable key-value pairs you store through the Service.
“Admin,” “Team Lead,” “Member” — role-based access tiers within an Organization.
“Content” — any data, text, or materials you upload, submit, or store through the Service.

03. Eligibility

You must be at least 16 years old (or the minimum age in your jurisdiction) to use the Service. By using the Service, you represent that you meet this requirement and that your registration information is accurate and complete.

04. Accounts and Access

4.1 Account Registration

Authentication is managed through WorkOS AuthKit. You are responsible for maintaining the confidentiality of your credentials and for all activity under your account.

4.2 CLI and Extension Access

Access tokens are stored locally on your device. You are responsible for the security of any device on which tokens are stored. If you believe a token has been compromised, revoke it immediately through the web application.

4.3 Roles and Permissions

Three-tier role-based access control:

Admin: full access including rollback, permission management, billing, and org settings.
Team Lead: manage projects and variables, grant/revoke per-variable access.
Member: read-only projects; requires explicit per-variable permission grants.

Organization Admins are responsible for managing roles and ensuring appropriate access levels.

05. Acceptable Use

You agree to use the Service only for lawful purposes. You shall not:

Store, transmit, or distribute unlawful, harmful, or abusive content.
Attempt unauthorized access to any part of the Service or other accounts.
Interfere with the Service through denial-of-service attacks, scraping, or excessive API usage.
Reverse engineer, decompile, or disassemble the Service, except where permitted by law.
Process content that infringes any third party's intellectual property rights.
Resell or redistribute access to the Service without our written consent.
Use the Service in any manner that could damage, disable, or impair it for other users.

06. Your Content and Data

6.1 Ownership

You retain all rights, title, and interest in your Content. We do not claim ownership of your environment variables, project configurations, or data.

6.2 License to Us

You grant us a limited, non-exclusive, worldwide license to host, store, transmit, encrypt, and display your Content solely to provide the Service. This license terminates when you delete your Content or close your account, subject to backup retention periods.

6.3 Data Security

Environment variable values are encrypted at rest using end-to-end encryption in WorkOS Vault. Each organization's secrets are encrypted with unique cryptographic keys. Our database stores only encrypted vault references, never plaintext values. You acknowledge that no system is completely secure and should maintain your own backups of critical data.

6.4 Data Export

You may export your environment variables at any time through the web application, CLI, or VS Code extension. We support standard .env file format for portability.

07. Billing and Subscriptions

7.1 Plans

The Service offers Free and Pro tiers. Features and limits for each tier are displayed on the Usage & Plan page in your dashboard and may change. We will provide reasonable notice before materially reducing features for paying subscribers.

7.2 Payment

Pro subscriptions are billed monthly in advance through Polar.sh, our payment processor. By subscribing, you authorize us to charge your payment method at the start of each billing cycle. The first charge occurs immediately upon subscription. Subsequent charges occur on the same calendar date each month. Fees are in U.S. dollars unless otherwise stated.

7.3 Cancellation

You may cancel your Pro subscription at any time through Account Settings → Billing in the dashboard. Upon cancellation:

Your Pro access continues until the end of your current billing period. You have already paid for this period and will retain full access throughout.
No further charges will be made after cancellation. You will not be billed for the next billing period.
After your billing period ends, a 7-day grace period begins during which Pro features remain active. This gives you time to export data or resubscribe.
After the grace period, your account reverts to the Free tier. A 30-day cooldown prevents repeated abuse of grace periods.

7.4 Refund Policy

We do not provide prorated refunds for the current billing period. When you cancel, you keep Pro access for the remainder of the period you have already paid for — no money is lost. Refunds may be issued where required by applicable consumer protection law (see Section 16).

7.5 Data After Downgrade

Your data is never deleted upon downgrade. If your resource usage exceeds Free tier limits, existing resources remain fully accessible but you will not be able to create new ones until you are within limits. For example, if you have 10 projects and the Free limit is 3, all 10 remain accessible but you cannot create an 11th project.

7.6 Usage-Based Features

Certain features — including Secret Sharing (secure link generation with email delivery) and Secret Rotation (automated rotation with email alerts) — consume operational resources and are subject to numeric limits based on your plan tier. Current limits are displayed in real time on the Usage & Plan page.

7.7 Taxes

Fees are exclusive of taxes. You are responsible for applicable sales, use, VAT, GST, or similar taxes, except where we are legally required to collect them.

08. Intellectual Property

The Service, including its content (excluding your Content), features, functionality, design, code, and documentation, is and remains the exclusive property of Envpilot and its licensors. Protected by copyright, trademark, and other IP laws. Nothing in these Terms grants you any right to use the Envpilot name, logo, or trademarks without prior written consent.

09. Privacy

Your use of the Service is also governed by our Privacy Policy, which describes how we collect, use, store, and protect your personal data. By using the Service, you consent to the practices described therein.

10. Audit Logging and Monitoring

All actions are recorded in audit logs, including action type, user identity, timestamp, IP address, and user-agent. Audit logs are retained for 2 years and accessible to Organization Admins. This monitoring is essential for security, compliance, and incident investigation.

11. Service Availability

11.1 Availability

We use commercially reasonable efforts to maintain availability but do not guarantee uninterrupted or error-free operation. The Service may be temporarily unavailable for maintenance, updates, or circumstances beyond our control.

11.2 Modifications

We may modify, suspend, or discontinue any part of the Service at any time. For material changes affecting paying subscribers, we will provide at least 30 days' notice.

12. Disclaimer of Warranties

THE SERVICE IS PROVIDED “AS IS” AND “AS AVAILABLE” WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE, AND NON-INFRINGEMENT. WE DO NOT WARRANT THAT THE SERVICE WILL BE UNINTERRUPTED, SECURE, OR ERROR-FREE.

SOME JURISDICTIONS DO NOT ALLOW THE EXCLUSION OF IMPLIED WARRANTIES. IN SUCH JURISDICTIONS, THE ABOVE EXCLUSIONS APPLY TO THE FULLEST EXTENT PERMITTED BY APPLICABLE LAW.

13. Limitation of Liability

TO THE MAXIMUM EXTENT PERMITTED BY LAW, ENVPILOT SHALL NOT BE LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, OR PUNITIVE DAMAGES, INCLUDING LOSS OF PROFITS, DATA, USE, GOODWILL, OR OTHER INTANGIBLE LOSSES, RESULTING FROM YOUR USE OF THE SERVICE, UNAUTHORIZED ACCESS TO YOUR DATA, THIRD-PARTY CONDUCT, LOSS OF VARIABLES OR SECRETS, OR ANY OTHER MATTER RELATING TO THE SERVICE.

OUR TOTAL AGGREGATE LIABILITY SHALL NOT EXCEED THE GREATER OF (A) AMOUNTS YOU PAID IN THE 12 MONTHS PRECEDING THE CLAIM, OR (B) USD $100.

THESE LIMITATIONS APPLY REGARDLESS OF THE THEORY OF LIABILITY AND EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. SOME JURISDICTIONS DO NOT ALLOW LIMITATIONS ON LIABILITY; THESE APPLY TO THE FULLEST EXTENT PERMITTED.

14. Indemnification

You agree to indemnify, defend, and hold harmless Envpilot and its officers, directors, employees, agents, and licensors from claims, liabilities, damages, losses, and expenses (including legal fees) arising from: (a) your use of the Service; (b) violation of these Terms; (c) violation of third-party rights; or (d) your Content.

15. Term and Termination

15.1 Term

These Terms remain in effect while you have an account with the Service.

15.2 Termination by You

You may terminate your account at any time. We will delete your personal data within 30 days, subject to retention obligations described in our Privacy Policy.

15.3 Termination by Us

We may suspend or terminate your access immediately if: (a) you breach these Terms; (b) required by law; (c) your account is inactive for an extended period; or (d) we discontinue the Service. We will make reasonable efforts to provide notice, except where immediate action is required for security or legal reasons.

15.4 Effect of Termination

Upon termination, your right to use the Service ceases immediately. Sections that by nature should survive (including Sections 6.1, 8, 12, 13, 14, 17, and 18) will survive.

16. Consumer Protection

16.1 EU and UK

If you are a consumer in the EU or UK, nothing in these Terms affects your statutory rights under mandatory consumer protection laws, including the Consumer Rights Act 2015 (UK) and the Consumer Rights Directive (EU). Mandatory provisions prevail over conflicting Terms.

16.2 Australia and New Zealand

If you are a consumer under the Australian Consumer Law or NZ Consumer Guarantees Act 1993, you have certain non-excludable rights. Nothing in these Terms is intended to exclude, restrict, or modify those rights.

16.3 Japan

If you are a consumer in Japan, the Consumer Contract Act (Act No. 61 of 2000) applies to the extent that it cannot be excluded by contract.

17. Governing Law and Disputes

17.1 Governing Law

These Terms are governed by the laws of the State of Delaware, United States, without regard to conflict of law provisions. EU/UK consumers retain the protection of mandatory local law.

17.2 Dispute Resolution

Before initiating legal proceedings, you agree to attempt informal resolution by contacting legal@envpilot.dev. If unresolved after 30 days, either party may pursue binding arbitration under the AAA rules, or bring claims in small claims court if eligible.

17.3 Class Action Waiver

TO THE EXTENT PERMITTED BY LAW, YOU AND ENVPILOT EACH WAIVE THE RIGHT TO PARTICIPATE IN A CLASS ACTION, COLLECTIVE ACTION, OR OTHER REPRESENTATIVE PROCEEDING. THIS WAIVER DOES NOT APPLY IF PROHIBITED BY YOUR JURISDICTION'S LAW.

17.4 EU/UK Consumers

EU consumers may bring proceedings before local courts and use the European Commission's Online Dispute Resolution platform. UK consumers may bring proceedings in the courts of England and Wales, Scotland, or Northern Ireland.

18. General Provisions

18.1 Entire Agreement

These Terms, together with our Privacy Policy, constitute the entire agreement between you and Envpilot regarding the Service.

18.2 Severability

If any provision is held invalid or unenforceable, it will be enforced to the maximum extent permissible, and the remaining provisions remain in full force.

18.3 Waiver

Our failure to enforce any right or provision will not constitute a waiver of that right or provision.

18.4 Assignment

You may not assign these Terms without our written consent. We may assign without restriction.

18.5 Force Majeure

Neither party is liable for failure or delay due to causes beyond reasonable control, including natural disasters, war, pandemics, governmental actions, power failures, internet failures, or cyberattacks.

18.6 Changes to These Terms

We may modify these Terms at any time. We will notify you of material changes at least 30 days before they take effect. Continued use after the effective date constitutes acceptance.

19. Contact

For questions about these Terms:

Envpilot Legal

Email: legal@envpilot.dev