Terms of Service.

Acceptance of terms.

These terms form a binding agreement between you (or the entity you represent) and Perigeon Software Pvt. Ltd., the company that owns and operates Certopact ("Certopact," "we," "us," or "our"). By creating a Certopact account, signing a Master Services Agreement (MSA) with us, or using any Certopact service, you confirm that you have read, understood, and agreed to be bound by these terms.

If you are accepting these terms on behalf of an organisation, you confirm that you have the authority to bind that organisation. References to "you" in these terms then mean both you personally and your organisation.

If a separate written agreement, MSA, or order form has been signed between Certopact and your organisation, the terms of that agreement take precedence over these terms wherever they conflict.

Key definitions.

Service

The Certopact Entry application, the admin console, kiosk software, hardware integrations, APIs, and any other product Certopact provides.

Customer

The enterprise that has purchased a Certopact subscription or signed up for a pilot.

Authorised User

An employee, contractor, or admin of the Customer who has been granted access to the Service.

Visitor

A natural person checking in at a Customer's premises through the Service.

Customer Data

All data submitted to or processed by the Service on behalf of the Customer, including visitor records and admin user accounts.

Your account.

To use Certopact as an admin or operator, you need an account. When you create one, you agree to:

• Provide accurate, current, complete information
• Keep your login credentials confidential and not share them with anyone
• Use a strong password and enable multi-factor authentication when available
• Notify us immediately at [email protected] if you believe your account has been compromised
• Be responsible for all activity that happens under your account

You must be at least 18 years old to create an account. We may suspend or terminate accounts that violate these terms, our Acceptable Use Policy, or applicable law.

Acceptable use.

You may use Certopact only for lawful purposes and in line with these terms. You agree not to:

• Use the Service to verify the identity of any person without their informed consent
• Attempt to reverse-engineer, decompile, or extract source code from the Service
• Bypass, disable, or interfere with security or access-control features
• Use the Service to send spam, phish, or transmit malware
• Submit false, misleading, or fraudulent visitor information
• Probe, scan, or test the vulnerability of the Service except under our Responsible Disclosure programme
• Use Certopact data for any unauthorised commercial purpose, including selling visitor lists or building competing products
• Violate any law, including the Aadhaar Act 2016, the Information Technology Act 2000, the DPDP Act 2023, or UIDAI regulations

Violations may result in immediate suspension, termination, and — where applicable — referral to law-enforcement authorities.

Customer data and ownership.

You own your Customer Data. By using the Service, you grant Certopact a limited, non-exclusive, worldwide licence to host, store, process, transmit, and display Customer Data only as necessary to provide the Service to you, comply with the law, or enforce these terms.

You are responsible for:

• Obtaining all consents from your visitors and authorised users that are required for us to process their data
• Ensuring your processing of Customer Data complies with applicable law, including the Aadhaar Act, DPDP Act, IT Act, and any sector-specific regulations (RBI, IRDAI, SEBI, CDSCO, etc.)
• Posting clear notices at your premises informing visitors that visitor management is in effect and how their data will be processed
• Configuring retention periods, access controls, and roles in line with your own legal obligations

Your use of personal data is governed additionally by our Privacy Policy and a Data Processing Agreement (DPA), which we will execute with every paying customer.

Aadhaar verification responsibilities.

Aadhaar verification carries specific obligations under Indian law that go beyond general data protection requirements. By using the Service to verify Aadhaar identities, you and Certopact each take on the following responsibilities:

Certopact's responsibilities

• Operate as a Sub-AUA / KUA under a licensed AUA / KUA and within UIDAI's regulatory framework
• Never store the full Aadhaar number, biometric data, or OTPs
• Encrypt all Aadhaar-linked data at rest and in transit
• Host all Aadhaar-linked data within India
• Maintain audit logs of every authentication transaction
• Notify the Customer promptly of any incident affecting Aadhaar data

Customer's responsibilities

• Display the Aadhaar consent disclosure to every visitor before requesting verification
• Honour visitor refusals — do not deny entry solely because a visitor refuses Aadhaar verification, unless you have an alternative compliance basis
• Restrict access to verification reports to authorised users with a legitimate business need
• Use Aadhaar verification only for the lawful purpose of visitor identification at your premises, not for marketing or profiling
• Cooperate with any UIDAI audit or regulatory inquiry that touches on your use of the Service

Fees and payment.

Subscription fees, pilot fees, hardware costs, and any usage-based charges are set out in your order form, MSA, or pilot agreement. By subscribing, you agree to pay all fees on the dates and in the amounts stated.

• All fees are quoted in Indian Rupees (INR) unless otherwise stated
• Indian taxes (GST, TDS, etc.) are additional and will be charged at the prevailing rate
• Invoices are due within 30 days of issue, unless your order form says otherwise
• Late payments accrue interest at 1.5% per month or the maximum rate permitted by law, whichever is lower
• We may suspend service for accounts more than 60 days overdue, after written notice
• Fees are non-refundable except as expressly stated in your order form or required by law

We may revise our pricing on renewal with at least 60 days' notice. Pilot customers in the Founding 10 cohort have preferential pricing locked in for the term stated in their pilot agreement.

Intellectual property.

The Certopact name, logo, brand, product, code, designs, documentation, APIs, and all related intellectual property are owned by Perigeon Software Pvt. Ltd. and are protected by copyright, trademark, and other Indian and international laws. We grant you a limited, non-exclusive, non-transferable licence to use the Service only as described in these terms.

You may not:

• Copy, modify, or create derivative works of the Service
• Use Certopact's name, logo, or branding without our prior written permission, except for factual references in your own communications
• Resell, sublicence, or rent access to the Service to a third party without a written reseller agreement with us
• Remove or obscure copyright, trademark, or other proprietary notices on the Service

If you give us feedback, suggestions, or ideas about the Service, you agree we may use them without restriction or compensation. We will not claim feedback constitutes your Customer Data or trade secret unless you explicitly mark it as confidential before sharing.

Confidentiality.

Each party agrees to keep the other's Confidential Information confidential, use it only as needed to perform under these terms, and protect it with at least the same care it uses for its own confidential information (and no less than reasonable care). Confidential Information includes business, technical, or financial information disclosed by either party that a reasonable person would understand to be confidential.

This obligation does not apply to information that: (a) is or becomes public without breach of these terms, (b) was already in the recipient's possession without confidentiality obligation, (c) is independently developed without reference to the disclosed information, or (d) must be disclosed under a court order or legal obligation, provided the recipient gives prompt notice where legally permitted.

Warranties and disclaimers.

We warrant that the Service will perform materially as described in our published documentation and that we will provide it with reasonable care and skill. If the Service materially breaches this warranty, your sole remedy is for us to repair, re-perform, or — at our discretion — refund the affected fees.

Beyond this, the Service is provided "as is" and "as available". To the maximum extent permitted by law, Certopact disclaims all other warranties, express or implied, including merchantability, fitness for a particular purpose, non-infringement, and any warranty arising from course of dealing or usage of trade.

We do not warrant that the Service will be uninterrupted, error-free, or that all defects will be corrected, or that the Service is secure against every form of attack. We do not warrant that UIDAI, DigiLocker, or any third-party identity service will be available at all times.

Limitation of liability.

To the maximum extent permitted by law, neither party will be liable to the other for any indirect, incidental, special, consequential, or exemplary damages, including loss of profits, revenue, data, business, or goodwill — even if advised of the possibility of such damages.

Each party's total aggregate liability under or in connection with these terms is limited to the fees paid or payable by the Customer to Certopact in the 12 months preceding the event giving rise to the claim. This cap does not apply to: (a) breaches of confidentiality, (b) infringement of the other party's intellectual property, (c) gross negligence or wilful misconduct, or (d) liabilities that cannot be limited under applicable law.

Indemnification.

The Customer will indemnify and hold Certopact harmless from any third-party claim arising out of: (a) the Customer's use of the Service in violation of these terms or applicable law, (b) the Customer's failure to obtain visitor or user consent as required, or (c) any Customer Data that infringes a third party's rights.

Certopact will indemnify and hold the Customer harmless from any third-party claim that the Service, as provided by us and used in accordance with these terms, infringes the intellectual property rights of that third party. Our remedy options include modifying the Service, procuring a licence, or — if neither is commercially reasonable — terminating the affected portion of the Service and refunding pre-paid fees pro rata.

The indemnifying party's obligations are conditional on the other party giving prompt written notice, allowing sole control of the defence and settlement, and providing reasonable cooperation.

Term and termination.

These terms are effective from the date you first accept them and continue until terminated. Either party may terminate for material breach if the breach is not cured within 30 days of written notice. Either party may terminate immediately if the other becomes insolvent, files for bankruptcy, or undergoes an assignment for the benefit of creditors.

Either party may terminate for convenience at the end of the then-current subscription term, with at least 60 days' written notice.

On termination:

• Your right to access the Service ends
• You must stop using the Service and delete any Certopact materials in your possession
• We will make Customer Data available for export in a standard format for 30 days, after which we will delete it (subject to legal retention obligations)
• Sections that by their nature should survive (definitions, IP, confidentiality, liability, indemnity, governing law) will survive

Changes to terms.

We may update these terms from time to time. When we make material changes, we will:

• Update the "Effective" date at the top of this page
• Email account holders at least 30 days before the change takes effect
• Post a notice on the Certopact website

If you continue to use the Service after the change takes effect, you accept the updated terms. If you do not agree, you may terminate your account before the new terms take effect.

Governing law and disputes.

These terms are governed by the laws of India, without regard to conflict-of-laws principles. The parties submit to the exclusive jurisdiction of the courts of Ahmedabad, Gujarat, for any dispute arising out of or relating to these terms.

Before filing any legal action, the parties will first attempt to resolve the dispute through good-faith negotiation between senior representatives, for at least 30 days. If unresolved, the dispute will be referred to arbitration under the Arbitration and Conciliation Act, 1996, by a sole arbitrator mutually appointed by the parties. The seat of arbitration will be Ahmedabad. The language will be English.

General provisions.

• Force majeure — Neither party is liable for delays or failures caused by events beyond reasonable control, including natural disasters, war, terrorism, labour strikes, internet outages, or government action
• Assignment — You may not assign these terms without our prior written consent. We may assign to an affiliate or in connection with a merger, acquisition, or sale of all or substantially all of our assets
• Severability — If any provision is held unenforceable, the rest remains in effect, and the unenforceable provision will be modified to the minimum extent needed to make it enforceable
• Entire agreement — These terms, together with any signed MSA, order form, DPA, and our published policies, are the complete agreement between us regarding the Service
• No waiver — Failure to enforce any provision is not a waiver of our right to enforce it later
• Notices — Notices to Certopact must be sent to [email protected] with a copy to our registered office. Notices to you will be sent to the email on file or posted in the admin console

Contact us.

For questions about these terms:

Legal team

[email protected]

Postal address

Perigeon Software Pvt. Ltd.
Ahmedabad, Gujarat, India