Terms of Service

These Terms of Service (the “Terms”) are entered into between PennyLens, Inc. (“PennyLens”, “we”, “us”) and the entity or individual accepting them (“Customer”, “you”). By creating a PennyLens account, deploying the PennyLens SDK on a property you operate, or paying for the Service, you accept these Terms.

If you accept on behalf of an organization, you represent that you have authority to bind that organization, and “you” refers to that organization.

• Service — the PennyLens web analytics product, including the dashboard at app.pennylens.com, the JavaScript SDK, and any related APIs.
• Customer Data — all data submitted by Customer or by End Users through the SDK or APIs, including events, recordings, and traits.
• End User — a visitor to Customer’s website whose interactions are captured by the SDK.
• Documentation — the user-facing docs at pennylens.com/docs.
• DPA — the Data Processing Agreement referenced in the Privacy Policy.
• Beta Features — features marked “beta”, “preview”, “early access”, or similar in the dashboard or Documentation.

We provide web analytics tooling — heatmaps, session recordings, behavioral analysis, AI-generated recommendations, and e-commerce auto-detect — through the dashboard, the SDK, and supporting APIs.

We may improve, modify, or discontinue features. Material reductions in functionality to a paid plan are announced at least 30 days in advance to active customers, with a pro-rata refund option for any unused prepaid time.

Beta Features are provided “as is” for evaluation. They may be unstable, incomplete, or removed without notice. The warranties, service levels, and indemnities in these Terms do not apply to Beta Features.

Beta Features are clearly labeled in the dashboard. Use of a Beta Feature is voluntary; you can avoid Beta Features by not enabling them or by using the explicit opt-out where provided.

• You must be at least 16 to create an account.
• You are responsible for safeguarding credentials and for activity under them.
• One account per organization is recommended. Sharing logins across people violates these Terms.
• You will use SSO + MFA where available, and you will provision and de-provision team members promptly when their role changes.

We may suspend or terminate accounts engaged in fraud, abuse, or attempts to compromise the Service or other accounts.

You agree not to use the Service to:

• Track End Users without a lawful basis or in violation of GDPR, UK GDPR, CCPA/CPRA, COPPA, the UK Age Appropriate Design Code, or equivalent law.
• Capture sensitive personal data — full government IDs, payment instruments, health data, biometric identifiers, precise geolocation, or any “sensitive personal information” under CPRA — outside the Service’s designed-in masking and redaction layers.
• Disable, bypass, or circumvent default privacy controls (input masking, IP anonymization, redaction rules).
• Reverse-engineer, scrape, train competing models on, or attempt to extract proprietary models, weights, or insight prompts from the Service.
• Resell the Service or sub-license access without our prior written permission.
• Send malware, conduct denial-of-service attacks, or interfere with infrastructure.
• Use the Service in or for the benefit of sanctioned jurisdictions or persons.

You are responsible for posting an appropriate privacy notice on every property where you deploy PennyLens, and for obtaining any consent required by applicable law.

You own all Customer Data. We are a Processor for that data and process it only under your instructions. The technical instructions are encoded in your dashboard configuration; the legal instructions are the Privacy Policy and DPA.

You grant PennyLens a limited, worldwide, non-exclusive license to host, process, transmit, and display Customer Data solely to provide the Service, derive aggregate non-identifiable insights, and meet legal obligations.

We will not sell Customer Data, share it for cross-context behavioral advertising, or use it to train third-party AI models. We will not use it to train our own models in a way that could identify an End User.

PennyLens uses third-party AI providers to generate recommendations and insights. We send only redacted, aggregated summaries — never raw recordings, and never End-User personally identifiable information.

AI outputs are advisory and probabilistic. They may be inaccurate, incomplete, or stale. You are solely responsible for evaluating any recommendation before acting on it. We are not liable for decisions made on the basis of AI-generated content. The Beta Features clause may apply where the AI feature is so labeled.

Target uptime

• Business plan — 99.5% monthly uptime, measured against the public dashboard and the event-ingest endpoint. Service credits available for sustained breaches; see the Business order form.
• Pro plan — best-effort uptime. No service credits.
• Free plan — best-effort. No SLA, no service credits.

Excluded from uptime calculations

• Scheduled maintenance announced at least 48 hours in advance to active customers (Business: capped at four hours per month, performed in low-traffic windows).
• Force-majeure events as defined below.
• Customer-caused outages (e.g. misconfiguration, exhausting plan limits).
• Issues caused by third-party services Customer integrates with the Service.

• Paid plans are billed monthly in advance via Stripe. Annual billing, where offered, is billed up-front for twelve months with a 2-month discount.
• Plan limits (events, projects, retention) are enforced softly. Usage above 110% of the plan triggers a warning and an upgrade prompt. Sustained overage may pause new ingestion until the next cycle or until you upgrade — historical data is never deleted because of overage.
• Subscription fees are non-refundable except as required by law. We refund unused, prepaid time on a pro-rata basis if we terminate without cause.
• Taxes are exclusive of stated prices and added at checkout where required. You are responsible for any withholding obligations under your jurisdiction.
• We may change prices on 60 days’ written notice; the new price applies at the start of your next billing cycle.

The Free tier is provided as-is. We may impose reasonable rate limits, queueing, and feature constraints to protect the Service. The Free tier is not eligible for service-level commitments, DPAs negotiated bespoke, or priority support. You may upgrade at any time.

Each party (the Receiving Party) will protect the non-public information shared by the other (the Disclosing Party) with the same degree of care it uses to protect its own confidential information — no less than reasonable care. The Receiving Party will use that information only to perform under these Terms.

Confidential information does not include information that: (a) is or becomes generally available to the public without breach; (b) was known to the Receiving Party without confidentiality obligation before disclosure; (c) is received from a third party without breach of obligation; or (d) is independently developed without reference to the Disclosing Party’s information.

If legally compelled to disclose confidential information, the Receiving Party will give the Disclosing Party prompt notice (where lawful) so it can seek protective measures. Confidentiality obligations survive termination for three years; obligations on trade secrets survive for as long as the information remains a trade secret.

PennyLens (including the Service, the Documentation, the SDK source, and all related software, content, and trademarks) is and remains our exclusive property. These Terms grant you a non-exclusive, non-transferable, revocable license to use the Service for the duration of your subscription. We grant no right to the PennyLens trademarks or trade dress. Feedback you provide may be used by us without restriction or compensation.

We will not display Customer’s name, logo, or marks publicly without prior written consent (email is sufficient). Where consent is granted, use is limited to: the pennylens.com customer-logo wall, case studies (with separate approval of quotes and metrics), and pitch materials to investors and partners. Consent can be revoked on 30 days’ notice; we will remove the asset on the next reasonable refresh.

We warrant that the Service will perform materially in accordance with the Documentation. For breach of this warranty, our sole obligation (and your sole remedy) is to repair the defect or, if we cannot do so within a reasonable time, refund the prepaid fees for the affected period.

Beyond that, the Service is provided “as is”, without warranties of any kind, whether express, implied, or statutory, including warranties of merchantability, fitness for a particular purpose, or non-infringement. We do not warrant that the Service will be uninterrupted or error-free, or that AI outputs will be accurate.

To the maximum extent permitted by law, neither party will be liable for indirect, incidental, consequential, special, exemplary, or punitive damages arising out of or related to these Terms, including lost profits, lost revenue, or lost data — even if advised of the possibility of such damages.

Each party’s total aggregate liability arising under or in connection with these Terms is capped at the greater of:

• the fees paid by Customer to PennyLens in the twelve months preceding the claim, or
• USD 500.

Nothing in these Terms limits liability that cannot be limited by law — including, where applicable, liability for gross negligence, willful misconduct, fraud, death or personal injury, or breach of confidentiality. The caps and disclaimers do not apply to Customer’s payment obligations or to either party’s indemnity obligations set out below.

PennyLens will defend Customer from any third-party claim alleging that the Service, used in accordance with these Terms, infringes that third party’s registered patent, copyright, or trademark, and will pay damages finally awarded by a court or agreed in settlement.

This indemnity does not apply to claims arising from:

• Customer Data or the content of Customer’s website.
• Modifications to the Service or SDK not made by PennyLens.
• Use of the Service in combination with software or services not provided by us.
• Use of a superseded version of the SDK where the current version would have avoided the claim.
• Beta Features.

If a claim is asserted or appears likely, we may (at our option) procure the right for Customer to continue using the Service, modify the Service to avoid infringement, or terminate the affected portion and refund the prepaid fees for the unused term. This paragraph states our entire liability and your exclusive remedy for IP infringement.

Customer will defend, indemnify, and hold harmless PennyLens from claims arising out of Customer Data, Customer’s use of the Service in violation of these Terms, or Customer’s breach of any third-party right (including the privacy and intellectual-property rights of End Users).

Neither party is liable for delay or failure to perform (other than payment obligations) caused by events beyond its reasonable control — including acts of God, war, terrorism, riot, embargo, government action, fire, flood, earthquake, pandemic, internet-backbone outage, denial-of-service attack against the public internet, or material failure of upstream cloud-infrastructure providers. The affected party will use reasonable efforts to mitigate and resume performance.

You represent that you are not located in, organized under the laws of, or ordinarily resident in a country or region subject to comprehensive US, UK, or EU sanctions, and you are not on the US Specially Designated Nationals list, the UK HM Treasury consolidated list, the EU consolidated list, or any equivalent restricted-party list. You will not export, re-export, or transfer the Service to any such jurisdiction or person.

• You may cancel any time from dashboard settings; cancellation takes effect at the end of the current billing cycle.
• We may suspend immediately for material breach, security risk, or non-payment after a 7-day cure period (no cure period for security risk).
• On termination we retain Customer Data for 30 days for export, then permanently delete within 60 days. Backups purge on rolling 90-day cycles.
• Individual GDPR Article 17 deletion requests are honored end-to-end: events, recordings, derived aggregates, and downstream analytics tied to the identifier are scrubbed within 30 days, with backup rotation completing within 90 days.

The following survive termination or expiry of these Terms: Definitions; Customer Data and ownership (with respect to data delivered during the term); Intellectual property; Confidentiality (for the period stated in that section); Warranties and disclaimers (as to events before termination); Limitation of liability; the indemnity sections; Survival; Notices; Governing law and disputes; and General.

Legal notices to PennyLens must be sent to legal@pennylens.com with copy by certified mail to: PennyLens, Inc., Attn: Legal, 522 W Riverside Ave, Ste N, Spokane, WA 99201, USA. Notice is effective on receipt.

Legal notices to Customer are sent to the email address associated with the account’s administrative owner. It is Customer’s responsibility to keep this current.

These Terms are governed by the laws of the State of Delaware, USA, without regard to its conflict-of-laws rules. The exclusive jurisdiction for disputes is the state and federal courts of New Castle County, Delaware. Each party waives any right to a jury trial.

Before initiating litigation, the parties will attempt good-faith resolution through executive escalation for 30 days. This does not prevent either party from seeking injunctive relief for breaches of IP, confidentiality, or acceptable use.

For Customers established in the EU, EEA, UK, or Switzerland, mandatory consumer-protection and data-protection rights under your local law continue to apply notwithstanding this section.

Neither party may assign these Terms without the other’s prior written consent, except that either party may assign without consent in connection with a merger, acquisition, sale of substantially all assets, or corporate reorganization — provided the assignee agrees in writing to be bound by these Terms. Any assignment in breach is void.

• Entire agreement. These Terms, the Privacy Policy, the DPA, and any order form executed between the parties constitute the entire agreement on the subject matter, superseding prior or contemporaneous agreements.
• Severability. If any provision is found unenforceable, the remainder of these Terms remains in effect; the unenforceable provision is to be interpreted to achieve, as nearly as possible, the original intent.
• No waiver. Failure to enforce any provision is not a waiver of the right to enforce it later.
• Relationship. The parties are independent contractors. Nothing in these Terms creates a partnership, agency, joint venture, or employment relationship.
• No third-party beneficiaries. Except as expressly stated, these Terms do not create rights in any person not a party to them.
• Headings. Section headings are for convenience only and do not affect interpretation.

We may update these Terms from time to time. Material changes take effect 30 days after we email the account administrators. Continued use after that date is acceptance. Prior versions remain accessible at /terms/<date> for one year.

Questions, notices, or service of process: legal@pennylens.com.