Terms of service.
These terms cover use of the Sigilbase service and this website. They are written to be read, and the commitments the product markets itself on are commitments here too.
Company information
The service is operated by Sigilbase Ltd, a company registered in England and Wales under company number 17332548. Registered office: 66 Paul Street, London, England, EC2A 4NA, United Kingdom. Contact: hello@sigilbase.io.
The parties
"Sigilbase", "we" and "us" mean Sigilbase Ltd, identified above. "You" means the person or organisation using the service.
The service
Sigilbase records events you send it, hashes and chains them, seals them into signed checkpoints, and exports them as evidence bundles that can be verified offline with the standalone verifier. What we promise about the mechanism is stated as testable claims on the security page and in the documentation; those statements describe the service you are buying.
Your data and your responsibilities
- Events you send remain yours. We obtain only the rights needed to operate the service: to store, hash, seal, verify and export them at your direction.
- You choose what goes into an event payload. Do not send data you have no right to record, and note that accepted events cannot be edited or deleted by design; that is the product.
- You are responsible for keeping your API keys and account credentials secret and for what is sent under them until a key is revoked.
- You may not use the service to break the law, to store material you may not lawfully store, or to attack the service itself.
Fees and billing states
Prices are as published on the pricing page at the time of billing. Two commitments hold regardless of billing state: your recorded history is retained on every plan, and ingestion never stops because of billing. If payment fails, the account enters a grace period during which nothing changes; if it stays unpaid, the account becomes restricted, meaning the dashboard is read-only and no new streams or API keys can be created, while ingestion, sealing, verification and export continue to work. You can export a full evidence bundle at any time, including while restricted.
Leaving
You can export everything and go. Evidence bundles you have exported verify with the standalone verifier indefinitely and independently of us. Termination by either side does not remove that.
Immutability, stated as a term
The service is append-only by design. You accept that accepted events cannot be updated or deleted, by you or by us, and that this is a feature and not a defect. Where a legal obligation requires personal data within an event to be made unavailable, the parties will cooperate on the mechanism (such as payload redaction at the read layer or key destruction for encrypted payloads) that satisfies the obligation without falsifying the sealed history.
Service changes and availability
We may improve or change the service, and will not remove the properties it is sold on: tamper-evidence, offline verifiability of exported bundles, retention, and continuous ingestion. No uptime figure is promised in these terms; if a service level agreement exists for your plan it is a separate document.
Liability
Nothing in these terms excludes liability that cannot lawfully be excluded. Beyond that, our liability is limited: the service records and proves the integrity of what you send it, and is not liable for the truth of the events themselves, for what third parties conclude from your records, or for indirect or consequential loss. [Liability cap to be set on legal advice before launch.]
Governing law
These terms are governed by the law of England and Wales, and disputes belong to the courts of England and Wales.
Changes to these terms
If these terms change materially we will notify account holders by email before the change takes effect, and the "Last updated" date below will change. Continued use after notice is acceptance.