Terms of Service

Last updated: 2026-04-16

1. Service Description

PatchOps Guard (the "Service") is an AI-powered supply chain security platform operated by BITMAX CO., LTD ("Company," "we," "us"). The Service provides automated CVE detection, AI code repair, sandbox testing, and compliance reporting (EU CRA, NIS2, SOC 2, ISO 27001). By accessing or using the Service, you agree to these Terms.

2. Eligibility

You must be at least 18 years old and have the legal authority to bind yourself or the organization you represent to these Terms. If you are using the Service on behalf of an organization, you represent that you have the authority to accept these Terms on its behalf.

3. User Obligations

• You will not attempt to access permissions beyond those granted by the GitHub App OAuth scope (read:user, user:email, repository contents/PR write).
• Final merge authority for AI-generated PRs rests with your engineering team and policies.
• You will not use stolen sessions or credentials to access other organizations.
• You will not reverse-engineer, scrape, or redistribute the Service's proprietary scanning rules or AI models.

4. Intellectual Property

All code, algorithms, scanning rules, and UI of the Service are the intellectual property of BITMAX CO., LTD. AI-generated patches delivered through the Service are owned by you (the customer) once they are committed to your repository.

5. Billing and Payments

Paid subscriptions are billed through Paddle.com Market Limited, which acts as our Merchant of Record for all payment processing. Paddle handles invoicing, sales tax/VAT collection, and payment disputes. By subscribing, you also agree to Paddle's Terms of Service and Privacy Policy. You may cancel at any time; cancellation takes effect at the end of the current billing period.

6. AI-Generated Patch Responsibility

Patches generated by the Service are tested in a Dockerized sandbox (--network none, --read-only, --cap-drop ALL) before delivery as a PR. However, all AI output is subject to human review. You are responsible for reviewing, testing, and approving any AI-generated code before deploying it to production.

7. Disclaimer of Warranties

THE SERVICE IS PROVIDED "AS IS" AND "AS AVAILABLE" WITHOUT WARRANTIES OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT. We do not warrant that the Service will be uninterrupted, error-free, or that all vulnerabilities will be detected.

8. Limitation of Liability

TO THE MAXIMUM EXTENT PERMITTED BY LAW, THE COMPANY'S TOTAL LIABILITY ARISING FROM OR RELATED TO THESE TERMS SHALL NOT EXCEED THE TOTAL FEES PAID BY YOU DURING THE 12 MONTHS PRECEDING THE CLAIM. IN NO EVENT SHALL THE COMPANY BE LIABLE FOR INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, OR PUNITIVE DAMAGES.

9. Service Modifications

We may modify, suspend, or discontinue any part of the Service with 30 days' prior notice via email or in-app notification. Material changes to pricing will be communicated at least 30 days before taking effect.

10. API Usage Limits

API rate limits are enforced per organization. Exceeding the rate limit will result in HTTP 429 responses. Abuse of the API (e.g., automated scraping, excessive polling) may result in temporary or permanent suspension of access.

11. Termination

You may disconnect repositories and request account deletion at any time via Settings. All organization data (except audit logs retained for compliance) will be permanently deleted within 30 days of the request.

12. Governing Law

These Terms are governed by the laws of the Republic of Korea. Any disputes shall be subject to the exclusive jurisdiction of the Seoul Central District Court.

13. Contact

For questions about these Terms, contact us at help@bitmax.im.