path: root/contrib/tos/tos.rst
diff options
Diffstat (limited to 'contrib/tos/tos.rst')
1 files changed, 265 insertions, 0 deletions
diff --git a/contrib/tos/tos.rst b/contrib/tos/tos.rst
new file mode 100644
index 0000000..4445601
--- /dev/null
+++ b/contrib/tos/tos.rst
@@ -0,0 +1,265 @@
+Terms Of Service
+Last Updated: 07.09.2021
+Welcome! Anastasis SARL (“we,” “our,” or “us”) provides a distributed
+privacy-preserving backup and recovery service for key material
+through our Internet presence (collectively the “Services”). Before
+using our Services, please read the Terms of Service (the “Terms” or
+the “Agreement”) carefully.
+This section provides a brief summary of the highlights of this
+Agreement. Please note that when you accept this Agreement, you are
+accepting all of the terms and conditions and not just this
+section. We and possibly other third parties provide Internet services
+which interact with the Anastasis key backup and recovery
+application. When using an application to interact with our Services,
+you are agreeing to our Terms, so please read carefully.
+ • You are responsible for selecting authentication methods and
+ policies that are adequate to protect your key material.
+ Any losses arising from you not being able to satisfy the
+ selected authentication challenges or third parties being able
+ successfully pass the challenges are your problem.
+ • We will store your encrypted key shares and disclose them upon
+ successful authentication to the best of our ability within the
+ limitations of the law and our implementation. Our liability will
+ be limited to the liability limit exposed in the protocol.
+ • For our Services, we may charge various fees. The specific fee structure
+ is provided based on the Anastasis protocol and should be shown to you when you
+ use an application to interact with our services. You agree and understand
+ that the Anastasis protocol allows for the fee structure to change.
+ • You agree to not intentionally overwhelm our systems with requests and
+ follow responsible disclosure if you find security issues in our services.
+ • We cannot be held accountable for our Services not being available due to
+ circumstances beyond our control. If we modify or terminate our services,
+ we will announce this and ensure that you can recover your key material
+ for at least one year before we completely terminate the Service.
+These terms outline approved uses of our Services. If you have any
+questions or comments related to this Agreement, please send us a
+message to If you do not agree to this Agreement,
+you must not use our Services.
+How you accept this policy
+By using our API (typically via an Anastasis-enabled application), you
+acknowledge that you have read, understood, and agreed to these
+Terms. We reserve the right to change these Terms at any time. If you
+disagree with the change, you must simply stop using our APIs. Your
+continued use of our Services following any such change will signify
+your acceptance to be bound by the then current Terms. Please check
+the effective date above to determine if there have been any changes
+since you have last reviewed these Terms.
+We will store your encrypted key shares (and the associated encrypted
+recovery policy document) to the best of our ability and within the
+limitations of the implementation. We will disclose the key shares only
+after the specific authentication challenge has been passed. We will
+rate-limit the use of the authentication APIs to limit brute-force
+We are not guaranteeing that the authentication procedures are effective.
+Other parties may be able to intercept authentication messages, or you
+may not be able to receive these messages anymore. You are responsible
+for choosing safe authentication methods with sufficient security.
+When using our Services, you agree to not take any action that
+intentionally imposes an unreasonable load on our infrastructure. If
+you find security problems in our Services, you agree to first report
+them to and grant us the right to publish your
+report. We warrant that we will ourselves publicly disclose any issues
+reported within 1 month, and that we will not prosecute anyone
+reporting security issues if they did not exploit the issue beyond a
+proof-of-concept, and followed the above responsible disclosure
+You agree to pay the fees for backup and recovery operations ("Fees")
+as defined by us, which we may change from time to time. Your
+Anastasis client should obtain and display applicable fees during
+backup and recovery.
+To be eligible to use our Services, you must be able to form legally binding
+contracts or have the permission of your legal guardian. By using our
+Services, you represent and warrant that you meet all eligibility requirements
+that we outline in these Terms.
+Copyrights and trademarks
+The Anastasis software is released under the terms of the GNU Affero
+General Public License (GNU AGPLv3+). You have the right to access,
+use, and share the Anastasis application, in modified or unmodified
+form. However, the Affero GPL is a strong copyleft license, which
+means that any derivative works must be distributed under the same
+license terms as the original software. If you have any questions, you
+should review the GNU AGPL’s full terms and conditions at
+ “Anastasis” itself is
+a trademark of Anastasis SARL. You are welcome to use the name in
+relation to implementations of the Anastasis protocol, assuming your
+use is compatible with an official release from the GNU Project that
+is not older than two years.
+Limitation of liability & disclaimer of warranties
+You understand and agree that we have no control over, and no duty to
+take any action regarding: Failures, disruptions, errors, or delays in
+processing that you may experience while using our Services; The risk
+of failure of hardware, software, and Internet connections; The risk
+of malicious software being introduced or found in the software
+underlying the Anastasis implementation. You release us from all
+liability related to any losses, damages, or claims arising from:
+(a) user error such as forgotten security answers or loss of
+ control over accounts used for authentication;
+(b) server failure or data loss;
+(d) bugs or other errors in the Anastasis client software; and
+(e) any unauthorized third party activities, including, but not limited to,
+ the use of viruses, phishing, brute forcing, or other means of attack
+ against the Anastasis client. We make no representations concerning any
+ Third Party Content contained in or accessed through our Services.
+Any other terms, conditions, warranties, or representations associated with
+such content, are solely between you and such organizations and/or
+To the fullest extent permitted by applicable law, in no event will we
+or any of our officers, directors, representatives, agents, servants,
+counsel, employees, consultants, lawyers, and other personnel
+authorized to act, acting, or purporting to act on our behalf
+(collectively the “Anastasis Parties”) be liable to you under
+contract, tort, strict liability, negligence, or any other legal or
+equitable theory, for:
+(a) any lost profits, data loss, cost of procurement of substitute goods or
+ services, or direct, indirect, incidental, special, punitive, compensatory,
+ or consequential damages of any kind whatsoever resulting from:
+ (i) your use of, or conduct in connection with, our services;
+ (ii) any unauthorized use of your wallet and/or private key due to your
+ failure to maintain the confidentiality of your wallet;
+ (iii) any interruption or cessation of transmission to or from the services; or
+ (iv) any bugs, viruses, trojan horses, or the like that are found in the Taler
+ Wallet software or that may be transmitted to or through our services by
+ any third party (regardless of the source of origination), or
+(b) any direct damages.
+These limitations apply regardless of legal theory, whether based on tort,
+strict liability, breach of contract, breach of warranty, or any other legal
+theory, and whether or not we were advised of the possibility of such
+damages. Some jurisdictions do not allow the exclusion or limitation of
+liability for consequential or incidental damages, so the above limitation may
+not apply to you.
+Our services are provided "as is" and without warranty of any kind. To the
+maximum extent permitted by law, we disclaim all representations and
+warranties, express or implied, relating to the services and underlying
+software or any content on the services, whether provided or owned by us or by
+any third party, including without limitation, warranties of merchantability,
+fitness for a particular purpose, title, non-infringement, freedom from
+computer virus, and any implied warranties arising from course of dealing,
+course of performance, or usage in trade, all of which are expressly
+disclaimed. In addition, we do not represent or warrant that the content
+accessible via the services is accurate, complete, available, current, free of
+viruses or other harmful components, or that the results of using the services
+will meet your requirements. Some states do not allow the disclaimer of
+implied warranties, so the foregoing disclaimers may not apply to you. This
+paragraph gives you specific legal rights and you may also have other legal
+rights that vary from state to state.
+Indemnity and Time limitation on claims and Termination
+To the extent permitted by applicable law, you agree to defend,
+indemnify, and hold harmless the Anastasis Parties from and against
+any and all claims, damages, obligations, losses, liabilities, costs
+or debt, and expenses (including, but not limited to, attorney’s fees)
+arising from: (a) your use of and access to the Services; (b) any
+feedback or submissions you provide to us concerning the Anastasis
+software; (c) your violation of any term of this Agreement; or (d)
+your violation of any law, rule, or regulation, or the rights of any
+third party.
+You agree that any claim you may have arising out of or related to your
+relationship with us must be filed within one year after such claim arises,
+otherwise, your claim in permanently barred.
+In the event of termination concerning your use of our Services, your
+obligations under this Agreement will still continue.
+Discontinuance of services and Force majeure
+We shall not be held liable for any delays, failure in performance, or
+interruptions of service which result directly or indirectly from any cause or
+condition beyond our reasonable control, including but not limited to: any
+delay or failure due to any act of God, act of civil or military authorities,
+act of terrorism, civil disturbance, war, strike or other labor dispute, fire,
+interruption in telecommunications or Internet services or network provider
+services, failure of equipment and/or software, other catastrophe, or any
+other occurrence which is beyond our reasonable control and shall not affect
+the validity and enforceability of any remaining provisions.
+Governing law, Waivers, Severability and Assignment
+No matter where you’re located, the laws of Luxembourg will govern these
+Terms. If any provisions of these Terms are inconsistent with any applicable
+law, those provisions will be superseded or modified only to the extent such
+provisions are inconsistent. The parties agree to submit to the ordinary
+courts in Luxembourg for exclusive jurisdiction of any dispute
+arising out of or related to your use of the Services or your breach of these
+Our failure to exercise or delay in exercising any right, power, or privilege
+under this Agreement shall not operate as a waiver; nor shall any single or
+partial exercise of any right, power, or privilege preclude any other or
+further exercise thereof.
+You agree that we may assign any of our rights and/or transfer, sub-contract,
+or delegate any of our obligations under these Terms.
+If it turns out that any part of this Agreement is invalid, void, or for any
+reason unenforceable, that term will be deemed severable and limited or
+eliminated to the minimum extent necessary.
+This Agreement sets forth the entire understanding and agreement as to the
+subject matter hereof and supersedes any and all prior discussions,
+agreements, and understandings of any kind (including, without limitation, any
+prior versions of this Agreement) and every nature between us. Except as
+provided for above, any modification to this Agreement must be in writing and
+must be signed by both parties.
+Questions or comments
+We welcome comments, questions, concerns, or suggestions. Please send us a
+message on our contact page at