Terms of Service | ProofBase

Important Notice: Please read these Terms of Service carefully before using ProofBase. By using the Service, you agree to be bound by these terms.

1. Agreement to Terms

By accessing or using ProofBase ("Service", "Platform", "we", "us", or "our"), you agree to be bound by these Terms of Service ("Terms"). If you disagree with any part of these terms, you may not access the Service.

ProofBase is operated by [YOUR LEGAL ENTITY NAME] ("Company", "we", "us", or "our").

2. Description of Service

2.1 What ProofBase Is

ProofBase is a documentation tool designed to help early-stage companies organize and document their SOC 2 Type I readiness. The Service provides:

A framework of 17 essential security controls organized into 5 audit pillars
Guidance on what auditors typically look for during SOC 2 Type I assessments
Templates for common security policies
A workspace to reference and organize evidence
Export functionality to generate documentation packages

2.2 What ProofBase Is NOT

ProofBase is NOT and does NOT provide:

Compliance certification or audit services - We do not certify, audit, or guarantee SOC 2 compliance
Legal or professional advice - Content is educational only, not legal or professional guidance
Guarantee of audit passage - Using ProofBase does not guarantee you will pass a SOC 2 audit
Implementation services - We provide documentation frameworks; you are responsible for implementing actual security controls
Substitute for independent auditors - You must still engage a licensed CPA firm for official SOC 2 certification
Continuous monitoring or Type II support - ProofBase focuses on Type I readiness documentation, not ongoing Type II monitoring or automated technical evidence collection (API-based monitoring)

2.3 Your Responsibilities

You are solely responsible for:

Implementing actual security controls documented in ProofBase
Ensuring accuracy of all information you enter into the Service
Engaging qualified professionals including independent auditors and legal counsel
Complying with applicable laws and regulations in your jurisdiction
Maintaining your account security and password confidentiality
Operating your business in accordance with documented policies

3. Subscription and Payment Terms

3.1 Pricing

Early Access Pricing:

$249/year for the first 50 founders who join the waitlist
Regular pricing: $399/year after early access period
All prices in USD

Rate Lock Guarantee: If you subscribe during the early access period at $249/year, this rate is locked in for the lifetime of your continuous subscription, subject to Section 3.5.

3.5 Price Changes and Rate Lock

For Early Access Subscribers ($249/year):

Your rate is locked in for life as long as you maintain continuous subscription.

Important: Any lapse in payment, cancellation of subscription, or failure to renew immediately voids the Early Access rate. Re-subscription will be charged at the then-current market rate ($399/year or higher). There are no exceptions to this policy.

For Regular Subscribers ($399/year and future rates): We may change subscription fees with 30 days' advance notice. Price changes will take effect at your next renewal. If you disagree with a price change, you may cancel before renewal.

3.6 Refund Policy

No Refunds for Annual Subscriptions: Annual subscriptions are non-refundable. You may cancel at any time, but you will not receive a prorated refund for unused time.

Exception - 14-Day Money-Back Guarantee:

If you are unsatisfied for any reason, you may request a full refund within 14 days of your initial purchase by emailing support@proofbaseapp.com. This applies to first-time subscribers only.

Fair Use Condition: This guarantee is void if you have:

Utilized the "Structured Export" functionality to generate documentation packages
Downloaded more than 2 policy templates
Documented more than 10 of the 17 readiness items

This condition prevents misuse of the Service as a "one-time export tool" and ensures the guarantee is used by genuinely unsatisfied users evaluating the platform.

Refunds for Service Issues: If we fail to provide the Service as described due to technical issues on our end lasting more than 7 consecutive days, you may request a prorated refund for the affected period.

4. Evidence File Storage

4.1 File Uploads

ProofBase allows you to upload evidence files (screenshots, documents, policies) to support your SOC 2 readiness documentation. By uploading files, you represent and warrant that:

You own the files or have the right to upload them
The files do not contain malware, viruses, or malicious code
The files do not violate any laws or third-party rights
The files do not contain credentials, passwords, API keys, or secrets

4.2 File Restrictions

The following restrictions apply to uploaded files:

Maximum file size: 10MB per file
Allowed file types: PNG, JPG, PDF, TXT, XLSX, CSV
Prohibited content: Executable files, scripts, credentials, illegal content
Storage quota: Reasonable use (we may limit if excessive)

4.3 Data Security

Uploaded files are:

Stored on SOC 2 Type II certified infrastructure (Supabase)
Encrypted at rest using AES-256 encryption
Encrypted in transit using TLS 1.2+
Isolated per organization (you cannot access other users' files)
Backed up daily with 30-day retention

4.4 Your Responsibilities

You are solely responsible for:

The content of files you upload
Ensuring files do not contain sensitive credentials or secrets
Compliance with applicable data protection laws (GDPR, CCPA, etc.)
Maintaining backups of your files (we provide storage, not permanent archival)

4.5 File Retention and Deletion

Files are retained as follows:

Active accounts: Files retained while account is active
Cancelled accounts: Files retained for 90 days after cancellation
After 90 days: All files permanently deleted and unrecoverable
Export before cancellation: Download all files before cancelling

4.6 Prohibited Uses

You may NOT use file storage to:

Store files unrelated to SOC 2 documentation
Share files publicly or with unauthorized third parties
Upload copyrighted content you don't own
Upload illegal, harmful, or offensive content
Circumvent file size or type restrictions

⚠️ Security Warning

NEVER upload credentials, API keys, passwords, private keys, or secrets.Upload only screenshots and documents safe to share with auditors. We are not responsible for exposure of credentials you upload against this guidance.

5. Data Retention

5.1 Cancelled Accounts

After you cancel your subscription:

90-day grace period: Your data is retained to allow for reactivation
After 90 days: All your workspace data is permanently deleted
Account information: Retained for 1 year for billing/legal purposes, then deleted

Note: During the 90-day retention period, you may receive reminder emails about reactivating your account to preserve your readiness documentation. You can opt out of these reminders at any time.

6. Disclaimers and Limitations of Liability

6.1 No Warranties

THE SERVICE IS PROVIDED "AS IS" AND "AS AVAILABLE" WITHOUT WARRANTIES OF ANY KIND, EXPRESS OR IMPLIED.

SPECIFICALLY, WE DO NOT WARRANT THAT:

Using ProofBase will result in SOC 2 certification
The guidance provided is suitable for your specific situation
Auditors will accept documentation created using ProofBase
The Service meets all requirements of the SOC 2 framework
Your use of the Service complies with applicable laws and regulations

6.4 Basis of the Bargain

You acknowledge that we have set our prices ($249-$399/year) and entered into these Terms in reliance on the disclaimers and limitations of liability in this Section 6, and that they form an essential basis of the bargain between us. We can only afford to offer ProofBase at this price point because we are not assuming the liability of a $5,000+ readiness consultant or guaranteeing audit outcomes.

7. Contact Information

For questions about these Terms, please contact us at:

Email: support@proofbasehq.com

Last Updated: February 1, 2026 • Version 1.0