Terms of Service

1. The Service

VibeQA provides automated security analysis and quality assurance scanning for web applications ("the Service"). You submit URLs; we perform non-invasive security checks, quality analysis, and AI-powered vulnerability detection, then return a detailed report.

1.1 What VibeQA Scans

VibeQA performs read-only, non-destructive analysis including:

• HTTP security header analysis (HSTS, CSP, X-Frame-Options, Referrer-Policy, Permissions-Policy)
• Cookie security flag inspection (HttpOnly, Secure, SameSite)
• Server technology disclosure detection (Server, X-Powered-By headers)
• Mixed content and transport security checks
• Client-side source code analysis for exposed credentials, API keys, and sensitive data
• Form security evaluation (CSRF tokens, autocomplete, insecure form actions)
• Open redirect and URL parameter vulnerability detection
• JavaScript library version and known vulnerability detection
• UX, accessibility, performance, and SEO analysis
• AI-powered security and quality assessment (paid plans)

The Service is provided as-is and as-available. While we work hard to keep it reliable, we don't guarantee 100% uptime or that every scan will catch every vulnerability. VibeQA is one layer of a security and quality process, not a substitute for a full penetration test or security audit.

2. Your Account

2.1 Eligibility

You must be at least 13 years old to use VibeQA. If you are using the Service on behalf of an organization, you represent that you have authority to bind that organization to these Terms.

2.2 Account Security

You are responsible for maintaining the security of your account credentials. Do not share your password or API keys. Notify us immediately at security@vibeqa.io if you suspect unauthorized access. We are not liable for losses resulting from unauthorized use of your account.

2.3 Accurate Information

You agree to provide accurate registration information and keep it current. Accounts created with false information, disposable email addresses, or for the purpose of abusing free-tier limits may be terminated without notice.

3. Authorized Scanning and Acceptable Use

Unauthorized scanning of websites may violate the Computer Fraud and Abuse Act (CFAA) in the United States, the Computer Misuse Act in the United Kingdom, or equivalent laws in your jurisdiction. VibeQA is not responsible for any legal consequences arising from unauthorized use of our scanning service. You assume all liability for scans you initiate.

You agree NOT to use VibeQA to:

• Scan websites you do not own or lack explicit authorization to scan
• Use scan results to harm, extort, blackmail, or threaten website owners
• Conduct denial-of-service attacks or intentionally overload target servers via scan abuse
• Circumvent rate limits, scan quotas, or free-tier restrictions through technical means (VPNs, rotating IPs, disposable email automation, etc.)
• Reverse engineer, decompile, or attempt to extract the source code of VibeQA
• Resell or sublicense VibeQA's scanning infrastructure without a written agreement
• Use the Service to store, transmit, or process data that violates applicable law
• Attempt to gain unauthorized access to VibeQA's systems, databases, or other users' data
• Automate account creation to gain additional free-tier scans

Violation of acceptable use may result in immediate account suspension and potential legal action.

4. Subscription Plans and Payment

4.1 Free Plan

The Free plan provides one trial scan to evaluate the service. Additional scans require a paid subscription. We reserve the right to modify free plan limits at any time.

4.2 Paid Plans

Pro ($49/month, 1,000 scans/month with AI security analysis), Team ($149/month, 5,000 scans/month with premium AI analysis), and Enterprise (custom pricing) plans are billed monthly or annually in advance. By subscribing, you authorize us to charge your payment method on a recurring basis until you cancel. All prices are in USD.

4.3 14-Day Free Trial

Paid plans include a 14-day free trial. No credit card is required to start a trial. If you add a payment method and do not cancel before the trial ends, you will be charged the plan rate. You can cancel at any time during the trial with no charge.

4.4 Refunds

We offer a 14-day money-back guarantee from the date of your first paid charge. To request a refund, email billing@vibeqa.io within 14 days. Refunds are issued to the original payment method and processed within 5–10 business days. We do not offer prorated refunds for partial months beyond the 14-day window.

4.5 Cancellation

You may cancel your subscription at any time from your account settings. Cancellation takes effect at the end of your current billing period. You retain access to paid features until that date. We do not delete your scan history immediately on cancellation — it remains accessible until the retention period for your prior plan expires.

4.6 Price Changes

We may change subscription prices with 30 days' notice by email. Price changes take effect on your next renewal date after the notice period.

5. API Access

Pro and Team plans include API access subject to the request limits in your plan. API keys are personal and non-transferable. Sharing API keys with third parties to circumvent per-seat or per-scan limits is prohibited. We may rate-limit or suspend API access for accounts that exceed reasonable usage patterns, regardless of plan tier, and will notify you before taking action where possible.

6. Intellectual Property

6.1 VibeQA IP

VibeQA, including its scanning engine, brand, design, documentation, and all related materials, is our intellectual property. These Terms do not transfer any ownership rights to you. You receive a limited, non-exclusive, non-transferable license to use the Service for its intended purpose.

6.2 Your Content

You own the websites you scan and any data you submit. You grant us a limited license to access, crawl, and process the URLs you submit solely to provide scan results to you. We do not claim ownership of your websites or scan results. We do not use your scan results to train AI models or share them with third parties without your consent.

6.3 Feedback

If you submit feedback, suggestions, or feature requests, you grant us the right to use that feedback without restriction or compensation. We appreciate the input.

7. Third-Party Websites

When VibeQA scans a URL, it accesses third-party websites on your behalf. We are not responsible for the content, availability, or practices of those websites. Some websites may block automated scanners — we cannot guarantee scan completion for all URLs. Scan failures due to third-party blocking or rate limiting are not grounds for refund.

8. Disclaimers and Limitation of Liability

THE SERVICE IS PROVIDED "AS IS" WITHOUT WARRANTIES OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT.

We do not warrant that the Service will be uninterrupted, error-free, or that every vulnerability or issue in a scanned application will be detected. VibeQA's scan results are informational and should not be considered a comprehensive penetration test, security audit, or compliance certification. For critical applications, we recommend engaging a qualified security professional for a thorough assessment in addition to using VibeQA.

TO THE MAXIMUM EXTENT PERMITTED BY LAW, VIBEQA'S TOTAL LIABILITY TO YOU FOR ANY CLAIM ARISING FROM THESE TERMS OR YOUR USE OF THE SERVICE SHALL NOT EXCEED THE AMOUNT YOU PAID TO US IN THE 12 MONTHS PRECEDING THE CLAIM. WE ARE NOT LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, OR PUNITIVE DAMAGES.

9. Indemnification

You agree to indemnify and hold harmless VibeQA and its officers, employees, and agents from any claims, damages, or expenses (including reasonable legal fees) arising from: (a) your use of the Service in violation of these Terms, (b) your scanning of websites without proper authorization — including any third-party claims from website owners whose sites you scanned, (c) your violation of any applicable law including computer fraud statutes, or (d) any content you submit through the Service.

10. Termination

You may delete your account at any time from account settings. We may suspend or terminate your account immediately if you violate these Terms, attempt to abuse the Service, or if required by law. We will provide notice where practicable.

On termination: your access to the Service ends immediately; paid plan scan history is retained for 30 days to allow data export before deletion; free plan data is deleted immediately.

11. Modifications to the Service

We may modify, add, or remove features at any time. For material changes that reduce functionality of a paid plan, we will provide 30 days' notice and the option to cancel with a prorated refund. Minor changes, bug fixes, and additions don't require advance notice.

12. Governing Law and Disputes

These Terms are governed by the laws of the State of Delaware, United States, without regard to conflict of law principles. Any dispute arising from these Terms shall be resolved by binding arbitration under AAA rules, except that either party may seek injunctive relief in a court of competent jurisdiction for IP infringement or unauthorized access to systems. Class action waiver: you agree to resolve disputes individually, not as part of a class action.

13. Miscellaneous

Entire agreement: These Terms, together with our Privacy Policy, constitute the entire agreement between you and VibeQA regarding the Service.

Severability: If any provision is found unenforceable, the remaining provisions remain in effect.

No waiver: Failure to enforce any provision does not constitute a waiver of our right to do so later.

Assignment: You may not assign your account or rights under these Terms. We may assign our rights in connection with a merger, acquisition, or sale of substantially all assets, with notice to you.

14. Contact

Questions about these Terms: legal@vibeqa.io
General support: hello@vibeqa.io
Security issues: security@vibeqa.io