Book a demo Get started

Legal

Terms of Service

The agreement between you and the operator of Chainsaw when you use the Service.

Last updated: 15 April 2026

Quick summary (not a substitute for the full text): Chainsaw is operated as a sole proprietorship. Paid plans are sold through Paddle, who is our merchant of record. You can cancel at any time. A 14-day money-back guarantee applies to first-time paid upgrades — see the Refund Policy.

1. About these terms

These Terms of Service (the "Terms") govern your access to and use of the Chainsaw service, website at chain305.com, and any related software, documentation, and APIs (collectively, the "Service").

The Service is operated by the sole proprietor of Chainsaw ("we", "us", or "Chainsaw"), registered in a United Arab Emirates free zone, with operations in the UAE and the United States. By creating an account, installing a client, or otherwise using the Service, you agree to these Terms. If you do not agree, do not use the Service.

2. Description of Service

Chainsaw is a software-as-a-service platform that sits between package managers (such as npm, pip, Maven, Docker, NuGet, Go modules, Cargo, RubyGems, Yarn, Bun, APT, and Packagist) and their upstream registries. It evaluates every package install against policies you configure and either allows, monitors, or blocks the install at request time. The Service also provides:

  • A web-based dashboard for configuring policies, inviting users, and reviewing audit trails;
  • Structured audit logs and CycloneDX Software Bill of Materials (SBOM) export;
  • Webhook delivery of enforcement events for integration with your systems;
  • SSO (SAML and OIDC) and SCIM provisioning on the Unlimited plan;
  • Third-party integrations (SIEM, ticketing) and on-premises deployment eligibility on the Unlimited plan.

Chainsaw is delivered as a hosted service by default. On-premises and air-gapped deployments are available under a separate order form on the Unlimited plan.

3. Who may use the Service

You must be at least 18 years old and legally able to enter into a contract in your jurisdiction. If you are using the Service on behalf of an organisation, you represent that you have authority to bind that organisation to these Terms, and "you" will refer to that organisation.

4. Accounts and eligibility

You must provide accurate registration information and keep it up to date. You are responsible for everything that happens under your account, including activity by users you invite, and for keeping your credentials confidential. Notify us at security@chain305.com immediately if you suspect unauthorised access.

We enforce a business-email gate at signup to reduce abuse. Invited users accept an organisation's existing policy — see our Privacy Policy for details on the data we process about accepted invitations.

5. Plans, billing, and Paddle as merchant of record

The Service is offered under the plans listed on the Pricing page. A free tier is available without payment; paid tiers (Pro and Unlimited) are billed monthly in advance.

Paddle is the merchant of record. When you purchase a paid plan, Paddle.com Market Limited (and its affiliates, collectively "Paddle") sells the subscription to you, collects payment, and handles tax. Paddle's Buyer Terms are available at paddle.com/legal/checkout-buyer-terms and apply to the purchase transaction. We remain responsible for providing the Service itself.

Prices are displayed in US dollars and are exclusive of taxes unless otherwise stated. Paddle calculates and collects any applicable sales tax, VAT, or GST at checkout based on your billing location.

Overage on the Pro plan is billed at $1.50 per additional GB of combined bandwidth or storage beyond the included allowance. Overage is invoiced at the end of the billing period. You can view current usage at any time in the in-app billing dashboard.

Subscriptions renew automatically at the end of each billing period at the then-current price. You can cancel at any time from the billing dashboard; cancellation takes effect at the end of the current period and retains access until then.

6. Refunds

Our Refund Policy is incorporated into these Terms by reference. In summary: first-time upgrades to a paid plan are refundable within 14 days; subsequent cancellations are prorated for unused time in the current billing period. All refunds are issued by Paddle to the original payment method.

7. Acceptable use

You agree not to, and not to allow anyone to:

  • Use the Service to violate law or infringe any third party's rights, including intellectual property and privacy rights;
  • Reverse-engineer, decompile, or attempt to extract source code from the Service except where permitted by mandatory law;
  • Probe, scan, or test the vulnerability of the Service or circumvent any authentication or rate limit, except under a coordinated disclosure arrangement with us;
  • Upload malware, phishing payloads, or content that could harm the Service, its users, or the hosts that it proxies to;
  • Resell, sublicense, or otherwise commercialise the Service except as expressly permitted in your plan;
  • Use the Service to build a competing product, or to benchmark it without our prior written consent;
  • Exceed plan limits in a way designed to impose a denial-of-service-like load.

We may suspend or terminate access for a violation of this section, with or without notice depending on severity. We will try to warn you first for non-severe issues.

8. Your content and your data

You retain all rights in the content and metadata you submit to the Service — including policies you configure, repositories you register, and audit evidence you generate. You grant us a limited, worldwide, royalty-free licence to host, process, and display your content solely to operate the Service on your behalf.

We process data about packages that pass through the Service (name, version, source registry, verdict) to enforce the policies you configure. We do not sell this data. See the Privacy Policy for details.

9. Our intellectual property

The Service, including all software, designs, text, and trademarks ("Chainsaw", the Chainsaw logo), is owned by us or our licensors. Except for the limited rights granted to use the Service, no rights are transferred to you. Open-source components included in the Service are governed by their respective licences, which we disclose on request.

10. Feedback

If you send us suggestions, ideas, bug reports, or other feedback about the Service, you grant us a non-exclusive, perpetual, irrevocable, royalty-free, worldwide licence to use, modify, and incorporate that feedback in any way, without obligation to you. You warrant that you own or have the rights to give that feedback. We are not obligated to implement or respond to any feedback you provide.

11. Third-party services

The Service may integrate with third-party services (for example, payment via Paddle, SIEM and ticketing integrations on the Unlimited plan, email delivery via Postmark, and upstream package registries). Your use of those services is subject to their own terms, and we are not responsible for them. We select vendors with reasonable care but make no representation about their availability or data practices beyond what we disclose in the Privacy Policy.

12. Service levels and changes

We aim for high availability but do not guarantee uninterrupted access on the Free or Pro plans. The Unlimited plan includes a 99.9% monthly uptime service level; credits for missed targets are defined in the separate order form for that plan.

We may add, change, or remove features. For material changes that reduce functionality on paid plans, we will provide reasonable advance notice and, where appropriate, an option to downgrade or cancel.

13. Termination

You can close your account at any time from the in-app settings. We may suspend or terminate your account if you breach these Terms, if we're required to by law, or if your account becomes dormant for more than 12 months. On termination, we will delete your data in accordance with the retention windows described in the Privacy Policy, except where law requires us to retain it.

Survival. The following sections survive termination of these Terms: Section 9 (Our intellectual property), Section 10 (Feedback), Section 14 (Disclaimers), Section 15 (Limitation of liability), Section 16 (Indemnity), Section 17 (Governing law and disputes), and any accrued payment obligations to Paddle.

14. Disclaimers

The Service is provided "as is" and "as available". To the fullest extent permitted by law, we disclaim all implied warranties, including merchantability, fitness for a particular purpose, and non-infringement. Chainsaw is a control surface for your package installs; it is not a substitute for independent security review, testing, or incident response. You are responsible for the policies you configure and the consequences of enforcing or monitoring them.

15. Limitation of liability

To the fullest extent permitted by law, neither we nor our suppliers will be liable for any indirect, incidental, special, consequential, or punitive damages, or for lost profits, revenues, goodwill, or data. Our total aggregate liability for any claim arising out of or relating to the Service will not exceed the amount you paid to Paddle for the Service in the 12 months before the event giving rise to the claim.

16. Indemnity

You will defend, indemnify, and hold us harmless from any third-party claim arising out of your content, your use of the Service in violation of these Terms, or your violation of applicable law. We will notify you of any such claim and reasonably cooperate in the defence at your expense.

17. Governing law and disputes

17.1 Governing law

These Terms are governed by the laws of the State of Delaware, United States, without regard to its conflict-of-laws rules, and — where relevant to copyright, patent, trademark, or other federal matters — the laws of the United States. The United Nations Convention on Contracts for the International Sale of Goods does not apply.

17.2 Informal resolution first

Before filing any claim, both parties agree to try to resolve the dispute informally. You send a written notice to legal@chain305.com describing the dispute and the relief you want; we send any notice to the email on your account. We will negotiate in good faith for at least 30 days before either party initiates arbitration or files suit.

17.3 Binding arbitration

If informal resolution does not succeed, any dispute arising out of or relating to these Terms or the Service will be finally resolved by binding arbitration administered by the American Arbitration Association ("AAA") under its Commercial Arbitration Rules (or, for customers who qualify, the Consumer Arbitration Rules). The seat of arbitration is Wilmington, Delaware, the arbitration will be conducted in English, and the award may be entered in any court of competent jurisdiction. The arbitrator, and not any federal, state, or local court, has exclusive authority to resolve disputes about the scope or enforceability of this arbitration clause.

Class-action waiver. Each party may bring claims only in its individual capacity and not as a plaintiff or class member in any purported class, collective, or representative proceeding. The arbitrator may not consolidate more than one person's claims and may not preside over any form of representative proceeding.

17.4 Exception: courts for injunctive relief and IP

Notwithstanding Section 17.3, either party may file suit in the state or federal courts located in Wilmington, Delaware, solely to seek injunctive or equitable relief to protect its intellectual property or confidential information, or to prevent irreparable harm that money damages cannot cure. You and we consent to the personal jurisdiction of those courts for that limited purpose.

17.5 UAE customers — mandatory local rights preserved

If you are a consumer resident in the United Arab Emirates, you continue to have the rights granted by UAE Federal Law No. 15 of 2020 (Consumer Protection Law) and any other UAE mandatory consumer-protection rules. Where those rules conflict with Sections 17.1–17.4, they prevail to the extent necessary to give you those rights, and you may bring consumer claims in the UAE courts of your habitual residence.

17.6 EU / UK / other consumer carve-outs

If you are a consumer resident in the European Union, United Kingdom, or another jurisdiction whose mandatory consumer-protection law grants you a choice of forum or a different governing law, nothing in this Section 17 limits those rights. You may bring consumer claims in the courts of your habitual residence under local consumer law.

18. Force majeure

Neither party is liable for failure or delay in performing obligations under these Terms (other than payment obligations) caused by events beyond its reasonable control, including acts of God, natural disasters, war, terrorism, riots, embargoes, acts of civil or military authorities, fire, floods, accidents, strikes, failure of public utilities, failures of upstream package registries or internet backbone providers, failure of sub-processors (including Paddle), denial-of-service attacks, or pandemics. The affected party will give prompt notice and use reasonable efforts to resume performance.

19. Export controls and sanctions

You represent that you are not located in, under the control of, or a national or resident of any country subject to comprehensive trade sanctions by the United States, the United Nations, the European Union, or the United Kingdom, and that you are not on any restricted-party list maintained by those bodies. You agree not to use the Service for any purpose prohibited by applicable export-control laws.

20. General

Entire agreement. These Terms, together with the Privacy Policy, Refund Policy, and any order form you sign with us, are the entire agreement between you and us concerning the Service and supersede any prior agreements.

Severability. If any provision of these Terms is held unenforceable, the remaining provisions will continue in full force and effect, and the unenforceable provision will be modified to the minimum extent necessary to make it enforceable.

No waiver. Our failure to enforce any right or provision will not be a waiver of that right or provision.

Assignment. You may not assign these Terms without our prior written consent. We may assign these Terms in connection with a merger, acquisition, or sale of all or substantially all of our assets, on notice to you.

No agency. Nothing in these Terms creates a partnership, joint venture, employment, or agency relationship between us.

Notices. Notices to us must be sent to legal@chain305.com. Notices to you will be sent to the email address on your account and are deemed received on the day we send them.

21. Changes to these Terms

We may update these Terms from time to time. When we make material changes we will post the updated version here with a new "Last updated" date and, for subscribers, email a summary of the change at least 14 days before it takes effect. Continued use of the Service after the effective date constitutes acceptance.

22. Contact

Questions about these Terms? Email legal@chain305.com. For support, use support@chain305.com or the in-app help.