stillvault

This is a placeholder. The executed agreement will be published before general availability.

Terms of service

Last updated: 2026-06-14. Draft pending legal review. This document describes the intended terms during the pre-general-availability period and is provided for transparency. The executed agreement governing your use of Stillvault will be published before general availability. Nothing here is legal advice.

1. Agreement

These Terms of Service (“Terms”) are a contract between you (the “Customer”) and Wolstapp Ltd, a company registered in England and Wales (company number 14963179), trading as “Stillvault” (“we”, “us”), and govern your access to and use of the Stillvault service. By creating an account, enrolling a device, or otherwise using the service, you agree to these Terms. If you are agreeing on behalf of an organisation, you confirm you have authority to bind that organisation.

2. Definitions

  • Service — the Stillvault control plane, the managed-broker tier, the mobile approval application, the web console, the command-line tooling, and associated APIs.
  • Org — a customer tenant. Each Org has its own members, devices, policies, and stored ciphertext.
  • Approver — a human member of an Org who decides whether a secret is released.
  • Agent / consumer — a process or workload that requests a secret via the service.
  • Org Identity key — the key pair generated on the customer side at onboarding. The private half never leaves customer custody.

3. The service

Stillvault is human-in-the-loop secret management for software systems and AI agents. No secret is released without a named human approving the request. The service is vendor-blind by design: we relay sealed material and coordinate approvals, and we do not hold keys that can decrypt your secrets.

During the pre-GA period the service is provided “as-is”. Features, pricing, limits, and these Terms may change. We will give reasonable notice of material changes.

4. Accounts and enrolment

You are responsible for the accuracy of account information, for the security of your login credentials, and for all activity under your account. Device enrolment binds an approver’s phone to your Org. You must promptly revoke enrolments for lost devices and for members who leave your organisation.

5. Acceptable use

You may use Stillvault to manage secrets for legitimate software systems. You may not:

  • Use the service to store, relay, or approve access to unlawful material.
  • Attempt to reverse-engineer, intercept, degrade, or tamper with the relay mechanism or another tenant’s data.
  • Circumvent tenant isolation, share credentials in violation of it, or probe the service for vulnerabilities outside a sanctioned disclosure programme.
  • Use the service in a way that materially degrades availability or security for other tenants.
  • Resell or provide the service to third parties except as expressly permitted in writing.

We may suspend access to address an active security threat, a violation of this section, or non-payment, and will tell you why where lawfully able to.

6. Customer responsibilities and key custody

The vendor-blind architecture means we cannot recover or reproduce your secrets if the key material that protects them is lost. You are solely responsible for the custody, backup, and recovery of your Org Identity key and enrolled credentials. Loss of that material may make your stored secrets permanently unrecoverable. This is a deliberate property of the service, not a defect.

7. Fees and billing

Paid plans are billed in advance on the cycle shown at checkout, in GBP, exclusive of any applicable taxes. Fees are non-refundable except where required by law. We may change pricing on notice effective at your next renewal. Failure to pay may result in suspension or termination.

8. Availability

We aim for high availability but do not commit to a service level during the pre-GA period. Any service-level commitment will be set out in a separate agreement at GA. We may perform maintenance and will seek to minimise disruption.

9. Intellectual property

We retain all rights in the service, its software, and its documentation. You retain all rights in your data and your secrets. You grant us only the limited rights needed to operate the service for you. Feedback you provide may be used to improve the service without obligation to you.

10. Confidentiality

Each party will protect the other’s confidential information with reasonable care and use it only to perform under these Terms. By design we do not have access to the plaintext of your secrets; this clause covers other non-public information exchanged between the parties.

11. Warranties and disclaimer

Except as expressly stated, the service is provided “as-is” and “as-available” without warranties of any kind, whether express, implied, or statutory, including implied warranties of merchantability, fitness for a particular purpose, and non-infringement, to the maximum extent permitted by law.

12. Limitation of liability

To the maximum extent permitted by applicable law, neither party is liable for indirect, incidental, special, consequential, or punitive damages, or for loss of profits, revenue, data, or goodwill. Our aggregate liability arising out of or relating to the service will not exceed the fees you paid in the twelve months before the event giving rise to the claim. Nothing in these Terms excludes liability that cannot lawfully be excluded.

13. Indemnification

You will defend and indemnify us against third-party claims arising from your unlawful use of the service or your breach of these Terms, subject to our prompt notice to you and your control of the defence.

14. Term and termination

These Terms apply for as long as you use the service. Either party may terminate on written notice. On termination we will delete tenant data — including ciphertext stores, audit logs, and enrolment records — within 30 days, subject to legal retention obligations. Sections that by their nature should survive termination (including 9–13) will survive.

15. Changes

We may update these Terms. Material changes will be notified by email or in-product with reasonable notice. Continued use after changes take effect constitutes acceptance.

16. Governing law

These Terms are governed by the laws of England and Wales, and the courts of England and Wales have exclusive jurisdiction, unless a mandatory consumer or local law provides otherwise.

17. Contact

Questions about these Terms: hello@stillvault.ai.

Draft — pending legal review before general availability.