Terms of Service

Effective Date: March 1, 2026 · Last Updated: March 3, 2026

These Terms of Service (“Terms”) constitute a legally binding agreement between you (“Customer,” “you,” or “your”) and Detailed In Design LLC, an Indiana Limited Liability Company (“Company,” “we,” “us,” or “our”), governing your access to and use of the Serenity Security platform, including the Serenity-Nano endpoint agent.

Acceptance of Terms
Account Registration
Service Description
Important Disclaimers
Service Tiers and Pricing
Serenity-Nano Endpoint Agent
Device Traffic Monitoring
Designated Officer Obligations
API Usage and Access
Acceptable Use Policy
Billing and Payment
Intellectual Property
Data Processing and Privacy
Confidentiality
Warranty Disclaimer
Limitation of Liability
Indemnification
Service Availability
Termination
Modifications to Terms
Governing Law and Jurisdiction
Dispute Resolution
Force Majeure
General Provisions
Contact Information

1. Acceptance of Terms

By accessing or using the Service, you acknowledge that you have read, understood, and agree to be bound by these Terms. You represent that you are at least 18 years of age and have the legal capacity to enter into this agreement. Your use of the Service must comply with all applicable federal, state, and local laws.

2. Account Registration

You must provide accurate, current, and complete registration information and keep it updated. You are responsible for maintaining the confidentiality of your account credentials, including API keys and session tokens. You agree to immediately notify us at support@clothingcorn.com of any unauthorized use of your account.

3. Service Description

Serenity Security is an AI-powered cyber defense platform providing real-time threat detection, investigation, and response capabilities. The Service includes:

Command Center Dashboard: Real-time security operations overview with live metrics, alert volume tracking, and threat distribution visualization.
Threat Detection Engine: Multi-layer AI analysis classifying events across 6 severity tiers (Tier 0 Baseline through Tier 5 Emergency).
Case Management: Full investigation lifecycle from detection through resolution with automated response actions.
Decision Artifacts: Audit-ready, structured documentation of every security decision with explainable reasoning.
MITRE ATT&CK Integration: Detection coverage mapping, technique tracking, and attack chain visualization.
Forensic Investigation: Attack source attribution, penetration depth analysis, and authority report generation.
Adversarial Arena: Red Team vs. White Team AI simulation for continuous zero-day discovery (Enterprise tier).
Serenity-Nano Desktop Agent: Native endpoint protection with system tray monitoring, CLI interface, and continuous device telemetry (all tiers).
REST API: Programmatic access to all platform capabilities.

4. Important Disclaimers Regarding Service Use

Serenity Security is a decision-support system, not a decision maker. All threat classifications, severity assessments, and recommended actions are algorithmic recommendations - not directives, mandates, or orders.

The Service does not constitute professional security consulting, legal advice, or compliance certification.
The Service does not guarantee zero false negatives or zero false positives. AI-based threat detection is probabilistic by nature.
Customers retain full responsibility for all response decisions made using information provided by the Service.
Decision Artifacts document the platform’s reasoning but do not constitute legal evidence unless independently validated.

5. Service Tiers and Pricing

Tier	Monthly Price	Annual Price	Setup Fee
Basic	$799.99	$9,599.88	$399.99
Professional	$1,199.99	$14,399.88	$799.99
Enterprise	$2,079.20	$24,950.40	$3,199.20

All tiers include the Serenity-Nano desktop agent, full dashboard access, dedicated single-tenant deployment, and deployment support. SOC 2 Type II certification is available at a 20% premium on any tier. Pricing may be modified with 30 days’ written notice.

6. Serenity-Nano Endpoint Agent

The Serenity-Nano desktop agent is included with all service tiers and may be deployed on Windows, macOS, and Linux endpoints. By deploying Serenity-Nano, you agree to the following:

The agent will run as a background service with system-level permissions necessary for security monitoring.
The agent will communicate exclusively with your dedicated Serenity instance over encrypted channels (TLS 1.3 with certificate pinning).
You are responsible for ensuring that deployment of the agent on any device complies with applicable laws, internal policies, and employee agreements.
The agent may be updated automatically to address security vulnerabilities or improve detection capabilities, with a minimum 48-hour notice for non-critical updates.

7. Device Traffic Monitoring

Serenity-Nano monitors device activity as described in Section 4 of our Privacy Policy. The following terms govern this monitoring:

7.1 Scope of Monitoring

The agent monitors network connection metadata, process activity, file-integrity changes, peripheral events, and authentication events for the sole purpose of cyber defense and threat detection.

7.2 Encryption Requirement

All Device Traffic Data collected by Serenity-Nano is encrypted using:

TLS 1.3 with certificate pinning in transit
AES-256-GCM at rest on server infrastructure
Per-officer asymmetric envelope encryption (RSA-4096 or ECDSA P-384) ensuring only the Designated Officer can decrypt

7.3 Exclusive Officer Access

Device Traffic Data is accessible only to the Designated Officer assigned to those devices. This restriction is cryptographically enforced - not merely policy-based. Detailed In Design LLC does not maintain any master key, escrow key, or backdoor mechanism to access this data.

7.4 Employee Notification

You must provide clear written notice to all individuals whose devices are monitored by Serenity-Nano. This notice must describe the categories of data collected, the identity of the Designated Officer, the purpose of monitoring, and how individuals may request a summary of data collected from their device. Failure to provide adequate notice constitutes a breach of these Terms.

8. Designated Officer Obligations

The Designated Officer is the individual assigned by your organization as the sole authorized party with access to Device Traffic Data. The following obligations apply:

The Designated Officer must safeguard their private decryption key. Loss of this key renders associated Device Traffic Data permanently irrecoverable.
The Designated Officer may not share their decryption key or grant delegated access to Device Traffic Data without formal reassignment through the platform’s administrator controls.
When a Designated Officer is reassigned or leaves the organization, the customer administrator must promptly designate a replacement. Data collected under the previous officer’s key remains accessible only with that key unless explicitly transferred.
The Designated Officer must use Device Traffic Data exclusively for legitimate cyber defense, security investigation, and compliance purposes. Using this data for employee surveillance unrelated to security, personal purposes, or any unlawful purpose constitutes a breach of these Terms.

9. API Usage and Access

API keys are issued in production, testing, and development types and must be treated as confidential credentials. Rate limits apply per tier and are enforced at the tenant level. API versions will receive a minimum of 6 months’ notice before deprecation.

10. Acceptable Use Policy

You agree not to use the Service for any of the following:

Any activity that violates applicable laws or regulations
Reverse engineering, decompiling, or disassembling any part of the Service
Competitive analysis or benchmarking without prior written consent
Stress testing or load testing without prior written authorization
Circumventing security controls, rate limits, or access restrictions
Processing data for which you lack lawful basis or authorization
Sublicensing, reselling, or redistributing the Service or any component thereof
Transmitting malware, viruses, or any code designed to disrupt or damage
Using Serenity-Nano’s monitoring capabilities for purposes unrelated to cyber defense (including unauthorized employee surveillance, stalking, or harassment)
Impersonation of any person or entity
Any activity that disrupts or degrades the Service for other customers

11. Billing and Payment

Payment is processed through Stripe. Usage-based components are metered and billed monthly in arrears. Base subscription fees are billed monthly in advance and are non-refundable except within a 30-day initial evaluation period. Setup fees are one-time and non-refundable after deployment provisioning begins.

Late payment results in service suspension after 15 days’ notice. Outstanding balances accrue interest at 1.5% per month or the maximum rate permitted by law, whichever is lower.

12. Intellectual Property

The Company retains all right, title, and interest in the Service, including all software, algorithms, detection models, user interface designs, and documentation. You retain all right, title, and interest in the data you submit to the Service, including Security Event Data and Device Traffic Data. We grant you a limited, non-exclusive, non-transferable license to access and use the Service during the term of your subscription.

13. Data Processing and Privacy

Customer data is processed solely for Service delivery as described in our Privacy Policy. You must ensure you have a lawful basis for all data submitted to the Service.

We will not access, review, or use Customer data - including Security Event Data and Device Traffic Data - for the purpose of training AI models, improving services for other customers, or any purpose beyond delivering your contracted service, without your explicit, affirmative, written consent.

Customers processing Protected Health Information must subscribe to the Enterprise tier and execute a Business Associate Agreement (BAA).

14. Confidentiality

“Confidential Information” includes all non-public information disclosed by either party, including but not limited to: technical data, security configurations, API keys, pricing terms, business strategies, and Device Traffic Data. Confidentiality obligations survive for three years following termination of these Terms.

Exceptions apply for information that is publicly available, independently developed, or required to be disclosed by law (with prompt notice to the disclosing party).

15. Warranty Disclaimer

THE SERVICE IS PROVIDED “AS IS” AND “AS AVAILABLE.” TO THE MAXIMUM EXTENT PERMITTED BY LAW, THE COMPANY DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, ACCURACY, RELIABILITY, AND NON-INFRINGEMENT. THE COMPANY DOES NOT GUARANTEE UNINTERRUPTED OR ERROR-FREE SERVICE.

16. Limitation of Liability

TO THE MAXIMUM EXTENT PERMITTED BY LAW, THE COMPANY’S TOTAL LIABILITY SHALL NOT EXCEED THE AMOUNTS PAID BY CUSTOMER IN THE TWELVE (12) MONTHS PRECEDING THE EVENT GIVING RISE TO LIABILITY. IN NO EVENT SHALL THE COMPANY BE LIABLE FOR CONSEQUENTIAL, INCIDENTAL, INDIRECT, SPECIAL, OR PUNITIVE DAMAGES.

Exceptions apply for fraud, willful misconduct, data breaches caused by Company negligence, and indemnification obligations under Section 17.

17. Indemnification

Customer Indemnification: You agree to indemnify and hold harmless the Company from claims arising from your use of the Service, data submitted in violation of applicable law, decisions made based on Service output, and failure to provide adequate employee notification of Serenity-Nano monitoring.

Company Indemnification: The Company will indemnify you against claims of intellectual property infringement by the Service.

Mutual: Each party will indemnify the other for data breaches caused by that party’s negligence.

18. Service Availability

The Company strives for high availability as defined in the applicable Service Level Agreement (SLA). We will provide 48 hours’ notice for scheduled maintenance windows. Emergency maintenance necessary to address security vulnerabilities may be performed without advance notice. We do not guarantee absolute, uninterrupted availability.

19. Termination

By Customer: You may terminate at any time. Termination takes effect at the end of the current billing cycle.
By Company for Breach: We may terminate for material breach with 30 days’ written notice and opportunity to cure.
By Company for Illegal Activity: We may terminate immediately for use of the Service in connection with illegal activity.
By Company for Non-Payment: We may suspend and terminate after 15 days’ written notice of non-payment.

Upon termination, Customer data is retained for 30 days to allow export, then permanently deleted. Device Traffic Data encryption keys are destroyed immediately upon termination unless the Designated Officer requests a data export during the 30-day window.

20. Modifications to Terms

The Company may modify these Terms with 30 days’ written notice of material changes via email and platform notification. Continued use after the effective date constitutes acceptance. Non-material changes (formatting, clarifications) may be made without notice by updating the “Last Updated” date.

21. Governing Law and Jurisdiction

These Terms are governed by the laws of the State of Indiana, without regard to conflict-of-law principles. Any disputes shall be subject to the exclusive jurisdiction of the state and federal courts located in Marion County, Indiana.

22. Dispute Resolution

Negotiation: The parties shall first attempt to resolve disputes through good-faith negotiation for 30 days.
Mediation: If unresolved, disputes shall be submitted to mediation in Indianapolis, Indiana.
Arbitration: If unresolved within 60 days, disputes shall be submitted to binding arbitration before the American Arbitration Association (AAA) under its Commercial Arbitration Rules.

Class Action Waiver: You agree to resolve disputes on an individual basis and waive any right to participate in a class action lawsuit or class-wide arbitration.

Claims eligible for small claims court may be filed directly without mediation or arbitration.

23. Force Majeure

Neither party shall be liable for failures or delays resulting from events beyond reasonable control, including natural disasters, acts of war, cyberattacks on infrastructure, government orders, pandemics, or widespread internet outages. If a force majeure event continues for more than 90 days, either party may terminate without liability.

24. General Provisions

Severability: If any provision is found invalid or unenforceable, the remaining provisions continue in full force.
Entire Agreement: These Terms, together with the Privacy Policy, SLA, and BAA (if applicable), constitute the entire agreement and supersede all prior communications.
Assignment: You may not assign these Terms without prior written consent. The Company may assign in connection with a merger, acquisition, or sale of substantially all assets with 30 days’ notice.
Waiver: Failure to enforce any provision does not constitute a waiver. Waivers require a written signature.
Notices: To the Company: support@clothingcorn.com. To Customer: the email address on file. Legal notices via certified mail or overnight delivery.

25. Contact Information

Detailed In Design LLC
An Indiana Limited Liability Company

Email: support@clothingcorn.com
Website: clothingcorn.com
Parent Company: detailedindesign.com