End-User License Agreement

1.1 License Grant. Subject to the terms of this Agreement and your payment of applicable subscription fees, Sentrivec grants you a limited, non-exclusive, non-transferable, non-sublicensable license to install and use the Software solely for your internal business security monitoring purposes on computers you own, lease, or manage.

1.2 Subscription Tiers. Your license is limited to the tier purchased: Starter (up to 25 mailboxes, 1 tenant); Growth (up to 100 mailboxes, 3 tenants); Professional (up to 250 mailboxes, 10 tenants); Enterprise (up to 500 mailboxes, 25 tenants); Custom (as specified in your order).

1.3 MSP Use. If you are a Managed Service Provider ("MSP"), you may deploy the Software to monitor your clients' Microsoft 365 environments provided that: (a) each client deployment counts toward your licensed tenant and mailbox limits; (b) you do not sublicense, resell, or transfer the Software to clients as a standalone product; and (c) client deployments are managed solely from your licensed installation.

1.4 License Key. The Software requires a valid license key issued by Sentrivec through a third-party license validation service. You may not share, transfer, or use your license key on more machines or tenants than your tier permits. Sentrivec reserves the right to remotely validate your license key at intervals consistent with the check-in policy associated with your tier.

You may not:

• (a) Copy, modify, adapt, translate, or create derivative works of the Software;
• (b) Reverse engineer, disassemble, decompile, or attempt to derive the source code of the Software;
• (c) Remove, alter, or obscure any proprietary notices, labels, or marks on the Software;
• (d) Sublicense, sell, rent, lease, lend, transfer, or otherwise dispose of the Software or any license rights to any third party except as expressly permitted under Section 1.3;
• (e) Use the Software to develop a competing product or service;
• (f) Circumvent or disable any license enforcement or technical protection measures;
• (g) Use the Software in any manner that violates applicable law or regulation.

3.1 No Data Retention by Sentrivec. The Software connects directly to your Microsoft 365 tenant using credentials and certificates you provision. Sentrivec does not receive, store, transmit, process, or have access to your Microsoft 365 tenant data, email content, inbox rules, user credentials, or authentication tokens at any time.

3.2 Local Data. All monitoring data, logs, snapshots, certificates, and configuration files generated by the Software are stored exclusively on the machine where the Software is installed, under C:\ProgramData\IRM\ or the path you designate. You are solely responsible for securing, backing up, and managing this data.

3.3 License Validation Data. The Software transmits your license key and basic validation metadata (check-in timestamp, machine identifier) to a third-party license validation service for license validation purposes. This transmission does not include any Microsoft 365 data, user data, or monitoring results.

3.4 No Telemetry. The Software does not collect or transmit telemetry, usage analytics, error reports, or any other data to Sentrivec.

3.5 Microsoft API Dependency. The Software depends on Microsoft 365 APIs, Exchange Online, and related Microsoft services that are outside Sentrivec's control. Sentrivec is not responsible for, and expressly disclaims all liability arising from: (a) changes, deprecations, or modifications to Microsoft APIs or services that affect Software functionality; (b) Microsoft service outages, throttling, or availability issues; (c) changes to Microsoft licensing, authentication requirements, or permission models; or (d) any discontinuation of Microsoft services on which the Software relies.

3.6 Your Responsibilities. You are solely responsible for: (a) ensuring your use of the Software complies with your agreements with Microsoft and applicable data protection laws; (b) obtaining any necessary consents from your organization or clients before monitoring their mailboxes; (c) securing access to the machine running the Software and the data it generates.

4.1 Subscription. The Software is licensed on an annual subscription basis. Your license is valid for the subscription period paid.

4.2 Lapse of Subscription. Upon expiration or termination of your subscription: (a) your license to use the Software automatically terminates; (b) the Software will cease to function after a thirty (30) day grace period following the subscription expiration date; (c) your locally stored data under C:\ProgramData\IRM\ will not be deleted by the Software and remains accessible to you. You are responsible for exporting or deleting your data as needed.

4.3 Renewal. Subscriptions do not automatically renew unless you have agreed to auto-renewal terms separately. You are responsible for renewing your subscription before expiration to avoid service interruption.

5.1 Ownership. The Software is licensed, not sold. Sentrivec and its licensors retain all right, title, and interest in and to the Software, including all intellectual property rights. This Agreement does not grant you any rights to trademarks, service marks, trade names, or logos of Sentrivec.

5.2 Feedback. If you provide Sentrivec with feedback, suggestions, or ideas regarding the Software, you grant Sentrivec a perpetual, irrevocable, royalty-free license to use such feedback for any purpose without obligation to you.

THE SOFTWARE IS PROVIDED "AS IS" AND "AS AVAILABLE" WITHOUT WARRANTY OF ANY KIND. TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, SENTRIVEC EXPRESSLY DISCLAIMS ALL WARRANTIES, WHETHER EXPRESS, IMPLIED, STATUTORY, OR OTHERWISE, INCLUDING WITHOUT LIMITATION:

• (a) Any implied warranty of merchantability, fitness for a particular purpose, title, or non-infringement;
• (b) Any warranty that the Software will be uninterrupted, error-free, or free of harmful components;
• (c) Any warranty that the Software will detect all inbox rule changes, authentication anomalies, or security threats, or that it will prevent any security incident, data breach, or unauthorized access;
• (d) Any warranty regarding the accuracy, completeness, or timeliness of alerts or reports generated by the Software.

SECURITY LIMITATION: THE SOFTWARE IS A MONITORING TOOL DESIGNED TO ALERT ON SUSPICIOUS ACTIVITY. IT IS NOT A SUBSTITUTE FOR COMPREHENSIVE SECURITY PRACTICES, PROFESSIONAL SECURITY SERVICES, ENDPOINT PROTECTION, IDENTITY MANAGEMENT, OR INCIDENT RESPONSE CAPABILITIES. SENTRIVEC MAKES NO REPRESENTATION THAT USE OF THE SOFTWARE WILL PREVENT ANY SECURITY BREACH OR COMPLY WITH ANY REGULATORY REQUIREMENT.

TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, IN NO EVENT SHALL SENTRIVEC, ITS OFFICERS, DIRECTORS, EMPLOYEES, AGENTS, OR LICENSORS BE LIABLE FOR ANY:

• (a) Indirect, incidental, special, consequential, punitive, or exemplary damages;
• (b) Loss of profits, revenue, data, business, goodwill, or anticipated savings;
• (c) Damages arising from missed, delayed, or incorrect alerts;
• (d) Damages arising from a security incident, data breach, or unauthorized access that the Software failed to detect or prevent;
• (e) Damages arising from your reliance on the Software as your sole or primary security measure;
• (f) Damages arising from changes to or unavailability of Microsoft 365 APIs, Exchange Online, or any other third-party service on which the Software depends.

EVEN IF SENTRIVEC HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES AND EVEN IF ANY REMEDY FAILS OF ITS ESSENTIAL PURPOSE.

Cap on Liability. Sentrivec's total cumulative liability for all claims arising out of or related to this Agreement or the Software shall not exceed the amount you paid to Sentrivec for the Software in the twelve (12) months immediately preceding the event giving rise to the claim.

Essential Basis. You acknowledge that the limitations of liability in this section reflect a reasonable allocation of risk and are an essential element of the basis of the bargain between the parties. Sentrivec would not provide the Software without these limitations.

You agree to indemnify, defend, and hold harmless Sentrivec and its officers, directors, employees, and agents from and against any claims, liabilities, damages, losses, costs, and expenses (including reasonable attorneys' fees) arising out of or related to: (a) your use of the Software in violation of this Agreement; (b) your violation of any applicable law or regulation; (c) your monitoring of any Microsoft 365 tenant without proper authorization; or (d) any claims by your clients arising from your MSP use of the Software.

9.1 Term. This Agreement is effective upon your installation of the Software and continues until terminated.

9.2 Termination by You. You may terminate this Agreement at any time by uninstalling the Software and destroying all copies in your possession.

9.3 Termination by Sentrivec. Sentrivec may terminate this Agreement immediately upon written notice if you breach any provision of this Agreement and fail to cure such breach within ten (10) days of notice.

9.4 Effect of Termination. Upon termination: (a) all license rights granted herein immediately cease; (b) you must uninstall the Software and destroy all copies; (c) Sections 2, 3, 5, 6, 7, 8, 10, and 11 survive termination.

Neither party shall be liable to the other for any delay or failure to perform its obligations under this Agreement to the extent such delay or failure is caused by circumstances beyond that party's reasonable control, including without limitation: acts of God, natural disasters, pandemics, war, terrorism, civil unrest, governmental action, internet or power outages, third-party service failures (including Microsoft 365 or cloud infrastructure outages), or other events of force majeure.

11.1 Governing Law. This Agreement shall be governed by the laws of the state in which Sentrivec is incorporated, without regard to its conflict of law provisions.

11.2 Waiver of Jury Trial. TO THE FULLEST EXTENT PERMITTED BY LAW, EACH PARTY WAIVES ITS RIGHT TO A JURY TRIAL IN ANY DISPUTE ARISING OUT OF OR RELATED TO THIS AGREEMENT.

11.3 Class Action Waiver. TO THE FULLEST EXTENT PERMITTED BY APPLICABLE LAW, ALL DISPUTES MUST BE BROUGHT IN AN INDIVIDUAL CAPACITY. YOU WAIVE ANY RIGHT TO BRING OR PARTICIPATE IN ANY CLASS ACTION, COLLECTIVE ACTION, OR REPRESENTATIVE PROCEEDING ARISING OUT OF OR RELATED TO THIS AGREEMENT OR THE SOFTWARE.

11.4 Attorney's Fees. In any action to enforce this Agreement, the prevailing party shall be entitled to recover its reasonable attorneys' fees and costs.

12.1 Entire Agreement. This Agreement constitutes the entire agreement between you and Sentrivec regarding the Software and supersedes all prior agreements, understandings, negotiations, and discussions, whether oral or written.

12.2 Amendment. Sentrivec may update this Agreement from time to time; the current version is always available at inboxrulemonitor.com/eula. Continued use of the Software after notice of an update constitutes acceptance of the revised terms.

12.3 Severability. If any provision of this Agreement is held invalid, illegal, or unenforceable, the remaining provisions shall continue in full force and effect.

12.4 Waiver. Failure by Sentrivec to enforce any provision of this Agreement shall not constitute a waiver of future enforcement of that provision.

12.5 Assignment. You may not assign or transfer this Agreement or any rights hereunder without Sentrivec's prior written consent. Sentrivec may assign this Agreement without restriction.

12.6 Export Compliance. You agree to comply with all applicable export control laws and regulations in connection with your use of the Software.

12.7 U.S. Government Rights. The Software is "commercial computer software" as defined in FAR 12.212 and DFARS 227.7202. Use by U.S. Government entities is subject to the rights and restrictions set forth in this Agreement.