Terms of Service

Chapter 1. General provisions

Article 1 Applicability Guideways Terms

1.1 These Guideways Terms apply to the use of the Guideways SaaS service provided by Guideways B.V. (“Supplier”) to the customer (“Client”).

1.2 The agreement (the “Agreement”) is formed at the moment the Client completes the online registration or subscription process on the Guideways website and accepts these Terms. The Agreement consists of (i) the specific subscription plan, term, and pricing selected by Client during the checkout process (the “Order”), and (ii) these Guideways Terms.

1.3 By clicking “Sign Up,” “Subscribe”, “Accept”, or similar buttons, or by using the Service, Client explicitly agrees to be bound by this Agreement. The individual accepting these terms represents that they have the authority to bind the legal entity they represent.

1.4 Client’s purchase or other terms do not apply and are explicitly excluded.

1.5 If a part of these Guideways Terms is null and void or is annulled, the remainder of these Guideways Terms remain fully applicable and effective.

Article 2 Use of the Service

2.1 Supplier grants Client a non-exclusive, non-transferable right to use the Guideways SaaS service for its internal business purposes during the term of the Agreement.

2.2 Client is responsible for the correctness and completeness of the information provided during the account creation and subscription process.

Article 3 Price and payment

3.1 All prices are in the currency specified in the Order (typically EUR or USD) and are exclusive of turnover tax (VAT or sales tax) where applicable.

3.2 Fees for the subscription are due and payable in advance at the start of each billing cycle (monthly), unless otherwise agreed in the Order.

3.3 Payment shall be made via the automated payment methods supported by the Guideways platform (e.g., Credit Card or SEPA Direct Debit). By providing payment details, Client authorizes Supplier to automatically charge the applicable fees.

3.4 If an automated payment fails, Client is in default by operation of law. In addition to the interest and collection costs mentioned in Article 3.7, Supplier is entitled to suspend access to the Service immediately and without prior notice of default until all outstanding sums are paid in full.

3.5 Price Adjustments: (a) During Fixed Paid Term (as defined in 4.1. below): Prices agreed upon in the Order remain fixed during the Fixed Paid Term. However, Supplier is entitled to adjust these prices once per year for indexation purposes based on the Consumer Price Index (CPI) as published by Statistics Netherlands (CBS) to reflect inflation. (b) During Rolling Term: For subscriptions of indefinite duration (as referred to in Article 4.2), Supplier may adjust the applicable prices and rates at any time. Such adjustments will be communicated at least one (1) month in advance. If Client does not accept the adjustment, Client may chose to terminate the paid subscription or terminate the Agreement effective from the date the new price would take effect.

3.6 Client may not suspend any payments or set off any of the sums due.

3.7 If Client fails to pay on time, Client must pay the statutory interest for commercial agreements. Supplier can pass on the claim for collection and Client is obliged to pay all judicial and extrajudicial costs.

Article 4 Duration and Termination

4.1 Supplier may offer multiple subscription tiers with different capabilities and subscription periods under this agreement, including both paid and free tiers. The Client may choose to enter into a paid subscription period under this agreement by triggering the online order process and selecting a commitment period (e.g., 1 month, 3 months, or 12 months) (the “Fixed Paid Term”).

4.2 After the Fixed Paid Term, the paid subscription automatically converts into an indefinite duration (monthly rolling subscription), unless the Client has selected a new fixed commitment period, thereby starting a new Fixed Paid Term.

4.3 During the Fixed Paid Term, neither party may terminate the Agreement for convenience. Outside of the Fixed Paid Term the Client may terminate the Agreement at any time via the platform’s settings or in writing. Termination of the Agreement will take effect at the end of the then-current monthly billing cycle.

4.4 During the monthly rolling period following the Fixed Paid Term, the Client may terminate the paid subscription at any time via the platform’s settings or in writing. Termination of the paid subscription will take effect at the end of the then-current monthly billing cycle. After termination of the paid subscription, one of the following will occur:

i) the Client will be reverted to a free tier if such free tier is part of the subscriptions made available by Supplier at that time.

ii) the Agreement will be terminated if no free tier is part of the subscriptions made available by Supplier at that time.

4.5 Either party may terminate the Agreement in writing with immediate effect if the other party is granted a suspension of payments, is declared bankrupt, or is liquidated.

4.6 Upon termination of the agreement , Client’s right to access the SaaS service ends immediately. Supplier will handle data in accordance with the provisions in Chapter 4 (GDPR) and Chapter 5 (Data Act).

Article 5 Confidentiality

5.1 Client and Supplier ensure that secrecy is observed with respect to all data received from each other and of which they know or should reasonably know these are confidential.

5.2 Supplier makes sure that the persons processing personal data for Client under their responsibility have a duty of confidentiality.

5.3 Client acknowledges that the content of the products and services, including the underlying software and AI agents, is always confidential in nature and contains trade secrets of Supplier.

Article 6 Suspension and Risk

6.1 Supplier may suspend its service provision if Client fails to fulfill any of its obligations under the Agreement.

6.2 The risk of loss or damage of data passes to Client as soon as these are under the actual control of Client or its users.

Article 7 Intellectual property

7.1 All intellectual property rights to the SaaS platform, AI agents, software, designs, and algorithms remain fully in the possession of Supplier or its licensors.

7.2 Ownership of Data and Output: (a) Client Data: Client retains all intellectual property rights, title, and interest in and to all data, documents, and information uploaded or submitted to the Service by Client (“Client Data”). (b) Output: Notwithstanding Article 7.1, the Client owns the specific documents, text, and reports generated by the Client through the use of the Guideways AI agents (“Output”). Supplier hereby transfers and assigns to Client all intellectual property rights in and to the Output. (c) Responsibility: Client is solely responsible for the use and submission of such Output to regulatory authorities.

7.3 AI Model Improvement and Data Usage:

(a) No Training on Customer Content: Supplier will not use Client Data nor Output Data to train or fine-tune its AI models for the benefit of other customers.

(b) Service-Generated Data: Supplier retains all right, title, and interest in and to all technical data, metadata, logs, and intermediate processing information generated by the Service’s infrastructure and AI agents in the course of processing Client Data (“Service-Generated Data”). Client acknowledges that Service-Generated Data constitutes Supplier’s Trade Secrets and is not part of the “Output” or “Client Data.”

(c) Aggregated Insights: Supplier may collect and analyse anonymized and aggregated data derived from the use of the Service (“Aggregated Data”), such as feature usage patterns, performance metrics, and document structure statistics. Supplier owns all rights in such Aggregated Data and may use it to improve the Service.

(d) Feedback Loop: If Client provides feedback, rates outputs (e.g., thumbs up/down), or manually corrects the specific Output generated by the AI (“Feedback”), Client grants Supplier a non-exclusive, perpetual, worldwide license to use such Feedback to refine and improve the AI agents. Supplier guarantees that Feedback will be anonymized before being incorporated into any training set.

7.4 Client is not allowed to modify the software, use the service for AI training purposes to develop competing models, or to apply scraping or mining techniques.

7.5 Supplier indemnifies Client against third-party claims of intellectual property infringement regarding the platform, provided Client promptly informs Supplier and allows Supplier to handle the defense.

7.6 Publicity: Client grants Supplier a limited, revocable right to use Client’s name and logo on Supplier’s website and marketing materials for the sole purpose of identifying Client as a user of the Service. Client may revoke this right at any time by sending a written request to Supplier.

Article 8 Performance of services

8.1 Supplier performs its services with care as a “best-efforts” obligation.

8.2 Supplier is not liable for consequences arising from Client’s deviation from Supplier’s instructions.

Article 9 Service Level Agreement

9.1 Any specific arrangements about a service level must be agreed in writing. For standard tiers, Supplier endeavors to maintain high availability but does not guarantee uninterrupted access.

9.2 Downtime for maintenance announced in advance is excluded from availability measurements.

Article 10 Obligation to provide information

10.1 Client undertakes to provide all information reasonably necessary for the performance of the service on time.

10.2 Client is responsible for the management, checks of the settings, and the use of the results of the products and services.

Chapter 2. Acceptable Use and Compliance

Article 11 Acceptable Use and Fair Use Policy

11.1 Acceptable Use: Client agrees to use the Service in compliance with all applicable laws and regulations. Client shall not use the Service to: (a) Send unsolicited communications (spam) or store infringing, obscene, threatening, or unlawful material; (b) Upload viruses, worms, or malicious code; (c) Attempt to override, bypass, or test the vulnerability of the system security or authentication measures (including “jailbreaking” AI guardrails or engaging in prompt injection attacks); (d) Interfere with or disrupt the integrity or performance of the Service or the data contained therein (e.g., “noisy neighbor” behavior).

11.2 Fair Use: The Service is intended for human interaction. Automated queries, bots, scrapers, or scripts not explicitly authorised by Supplier, or usage that significantly exceeds the average usage patterns of similar customers (“Excessive Use”) is prohibited.

11.3 Enforcement: Supplier reserves the right to monitor usage metrics. If Supplier detects Excessive Use or a breach of Article 11.1 or 11.2, Supplier may (i) limit or “throttle” Client’s access speeds, (ii) charge for overages at standard rates, or (iii) suspend the account immediately to protect the Service stability.

11.4 Intended Purpose: Before starting use, Client must check whether their use complies with the legislation applicable to them in their specific jurisdiction.

Article 12 Data processing responsibility

12.1 Client is responsible for the data processed when using the service. Client guarantees that the content and processing of the data is not illegal and does not infringe third-party rights.

Article 13 Notice and action

13.1 Supplier is entitled to take measures (such as erasing data or suspending accounts) to comply with laws or prevent liability towards third parties.

Chapter 3. Cyber security

Article 14 Security level

14.1 The cyber security of the service complies with a level that is not unreasonable, taking into account the state of the art and implementation costs. Supplier does not guarantee that the cyber security is effective under all circumstances.

14.2 Access credentials provided to Client are confidential. Supplier implements a basic password policy. Client is responsible for the final passwords used.

Article 15 Data access

15.1 Data in the platform is encrypted according to ISO 27001. Access controls are implemented to restrict access according to account authorizations.

15.2 Supplier implements mandatory multi-factor authentication.

Chapter 4. Processing of personal data (GDPR)

Article 16 Data Processing Agreement

16.1 Roles: To the extent Supplier processes Personal Data on behalf of Client, Client acts as the Controller and Supplier acts as the Processor (as defined in the General Data Protection Regulation (EU) 2016/679 – “GDPR”).

16.2 Processing: Supplier shall process Personal Data only for the purpose of providing the Services and in accordance with Client’s documented instructions, which are hereby given as part of this Agreement.

16.3 Confidentiality: Supplier ensures that persons authorized to process the Personal Data have committed themselves to confidentiality or are under an appropriate statutory obligation of confidentiality.

16.4 Security: Supplier shall implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, as required by Article 32 GDPR.

16.5 Sub-processors: Client grants Supplier a general written authorization to engage sub-processors to perform the Service. A current list of these sub-processors and their functions is available at guideways.ai/subprocessors. Supplier shall ensure that sub-processors are bound by data protection obligations compatible with this Article 16. Supplier will inform Client of intended changes concerning the addition or replacement of sub-processors (e.g. via email or in-application notification) at least 14 days in advance, thereby giving Client the opportunity to object to such changes.

If Client objects to a new sub-processor on reasonable grounds related to data protection and the parties cannot agree on a solution within fourteen (14) days of the objection, Client has the right to terminate the Agreement with immediate effect and receive a pro-rata refund of any prepaid fees covering the remainder of the term.

16.6 Assistance: Supplier shall, taking into account the nature of the processing, assist Client by appropriate technical and organizational measures, insofar as this is possible, for the fulfillment of Client’s obligation to respond to requests for exercising the data subject’s rights. Supplier shall also assist Client in ensuring compliance with obligations regarding security, breach notification, and data protection impact assessments.

16.7 Audit: To demonstrate compliance with this Article, Supplier shall make available to Client all necessary information. Given the multi-tenant SaaS nature of the Service, Client agrees that its audit rights are satisfied by Supplier providing, upon request, a valid independent audit report (such as SOC2, ISO 27001, or equivalent) or a completed security questionnaire.

16.8 Data Breach: Supplier will inform Client without undue delay after becoming aware of a personal data breach.

16.9 Deletion/Return: Upon termination of the Agreement, Supplier shall handle data in accordance with the retention policy set out in Article 17.3, unless Union or Member State law requires storage of the personal data.

Chapter 5. Data sharing (Data Act)

Article 17 Exportable Data

17.1 Upon request, Supplier will supply the exportable Customer Data in a commonly used machine-readable format (such as JSON, XML, or CSV).

17.2 Scope: “Exportable Data” includes data provided by Client and the specific reports or documents generated by Client using the Service. It explicitly excludes Supplier’s proprietary software, source code, AI models, weights, algorithms, internal logs, and any data protected by Supplier’s trade secrets or intellectual property rights.

17.3 Retention Policy: Unless otherwise agreed or required by law, Supplier will retain Client Data for ninety (90) days following termination of the Agreement to allow for data export or account reactivation. After this period, Supplier will permanently delete all Client Data. Client is solely responsible for exporting all necessary Data for their own regulatory archiving purposes prior to the expiration of this 90-day period.

Article 18 Switching and Transition

18.1 Transition Period: If Client intends to switch to a different service provider, Client may request a transition period. This period commences upon request and lasts for a maximum of 30 days.

18.2 Continuity: During the transition period, Supplier will continue to provide the Services under the terms of this Agreement to ensure business continuity, provided Client continues to pay the applicable fees.

18.3 Assistance: Supplier shall provide reasonable assistance to facilitate the switching process. If Client requests complex technical assistance beyond standard data export, Supplier may charge reasonable costs for such additional services.

Chapter 6. Artificial Intelligence (AI)

Article 19 AI & Medtech Disclaimer

19.1 Productivity Tool only: Client acknowledges that Guideways is an AI-powered productivity tool designed to assist in regulatory processes. Supplier is not a regulatory advisor, a Notified Body, or a legal consultancy.

19.2 Human in the Loop: Client is solely responsible for the final review, validation, and verification of all Output generated by the AI agents. Client must ensure that any documents submitted to regulatory authorities are accurate and compliant with applicable laws (such as MDR or FDA regulations). Supplier is not liable for errors in regulatory submissions.

19.3 Accuracy: AI technology is probabilistic in nature. Client acknowledges that Output may contain ‘hallucinations’ or factual errors and must be verified against primary sources.

Chapter 7. Warranties and Liability

Article 20 Warranties and Disclaimers

20.1 For users on a “Free Tier” or trial basis, the Service is provided “AS IS” and “AS AVAILABLE”, without any warranties of any kind. Supplier excludes all liability for damages arising from the use of the Free Tier.

20.2 TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, THE SERVICE IS PROVIDED “AS IS” AND “AS AVAILABLE.” SUPPLIER DISCLAIMS ALL WARRANTIES, WHETHER EXPRESS, IMPLIED, STATUTORY OR OTHERWISE, INCLUDING WITHOUT LIMITATION ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE, OR NON-INFRINGEMENT. SUPPLIER DOES NOT WARRANT THAT THE SERVICE WILL BE UNINTERRUPTED, ERROR-FREE, OR FREE OF HARMFUL COMPONENTS, OR THAT ANY CONTENT OR OUTPUT WILL BE SECURE OR NOT OTHERWISE LOST OR ALTERED.

Article 21 Supplier’s liability

21.1 Supplier’s total liability for an imputable failure is limited to the amount actually paid by Client in the 12 months preceding the event, or EUR 250,000 (or the equivalent in USD), whichever is lower.

21.2 Liability for indirect damage, consequential loss, loss of profits, and loss as a result of claims from Client’s own clients is explicitly excluded.

21.3 The exclusions of liability cease to apply only in the case of intent or deliberate recklessness by Supplier’s management.

Chapter 8. Applicable law and Disputes

Article 22 Law and Disputes

22.1 The Agreement is governed by the laws of the Netherlands.

22.2 Any disputes shall be resolved by the competent court in the Netherlands or via the arbitration/mediation procedures described in the Guideways General Provisions.

22.3 Class Action Waiver: To the fullest extent permitted by applicable law, Client agrees that any proceeding to resolve a dispute will be conducted solely on an individual basis. Client waives the right to litigate any dispute as a class action, representative action, or class arbitration.

Version: February 2^nd, 2026

Guideways.ai
Email: info@guideways.ai