AgentGrant Terms of Service

These Terms of Service govern the conditions, procedures, rights, obligations, and responsibilities related to the AgentGrant service, an AI agent credential delegation platform operated through https://agentgrant.click.

"Service" means the full set of credential management and delegation features provided through the AgentGrant platform.

"User" means any person or entity that registers for and uses the Service under these Terms.

"Credential" means authentication information such as OAuth tokens, API keys, passwords, and PINs.

"Grant" means a user-authorized delegation of credential access to a specific AI agent, user, or team.

"AI Agent" means software that performs automated tasks on behalf of a user.

"Policy" means the access-control rules applied to a Grant, including amount limits, time limits, category restrictions, and approval requirements.

These Terms become effective once they are posted within the Service or otherwise made available to users.

AgentGrant may revise these Terms when reasonably necessary, as long as the revisions do not violate applicable law.

For ordinary changes, we will provide notice within the Service at least 7 days before the effective date.

For changes that are materially adverse to users, we will provide at least 30 days' prior notice by email or a comparable direct method.

Users may sign up through supported OAuth providers such as Google, LinkedIn, GitHub, Facebook, and other providers made available by AgentGrant.

By registering or signing in, the user is deemed to have agreed to these Terms and the Privacy Policy.

Only individuals age 14 or older, or legal entities with proper authority, may use the Service.

If a user registers by impersonating another person or using unauthorized information, access may be restricted and the user may be held legally responsible.

All credentials are stored in encrypted form using AES-256-GCM.

OAuth access tokens and refresh tokens collected through supported sign-in or connection flows are automatically encrypted and stored in the Credential Vault.

AgentGrant does not intentionally access the plaintext contents of user credentials, and decryption keys are isolated through environment-based operational controls.

Users are responsible for safely managing their own credentials and for reviewing whether they should remain active.

AgentGrant is not responsible for credential leakage caused by a user's negligence or by actions outside AgentGrant's reasonable control.

Users may deactivate or delete credentials at any time. When a credential is deactivated, all related Grants may be revoked immediately.

Users may create Grants that delegate credential access to a specific AI agent, another user, or a team.

When creating a Grant, users may set an expiration date, maximum usage count, approval requirements, and an attached Policy.

Users may apply Policies to limit delegated access by amount, category, time window, usage count, or other configured conditions.

If automatic approval is disabled, credential usage requests from an AI agent may require the user's explicit approval before completion.

Users may revoke any active Grant at any time. If the linked credential is deactivated, associated Grants may also be revoked automatically.

The Service automatically records audit logs for credential access, Grant creation and revocation, approval requests and outcomes, and other important agent actions.

Users can review their audit logs in real time through the dashboard.

Audit logs may include the action performed, whether it succeeded or failed, the requesting agent, the time of access, and requests that were blocked by Policy rules.

AgentGrant relies on third-party OAuth providers and related services for authentication and credential collection.

Some features may become limited if a third-party provider changes its terms, APIs, security requirements, or availability.

Users may revoke AgentGrant's access from the relevant third-party provider at any time.

Requested OAuth scopes are limited to the minimum reasonably necessary to operate the Service features the user chooses to enable.

Users must not use the Service for unlawful purposes.

Users must not register or delegate another person's credentials without authorization.

Users must not use AI agents through the Service to violate the terms or policies of third-party platforms.

Users must not bypass, interfere with, or attack the Service's security controls.

Users must not distribute malware or intentionally overload the Service infrastructure.

AgentGrant aims to provide the Service 24/7, but may suspend or limit access temporarily for maintenance, infrastructure replacement, security work, or other reasonable operational needs.

We will provide advance notice of planned interruptions when reasonably possible. If advance notice is impracticable, notice may be given afterward.

AgentGrant may change, suspend, or discontinue all or part of any free offering under its service policy, without separate compensation unless required by law.

AgentGrant protects personal data in accordance with applicable privacy and data-protection laws.

Details regarding the collection, use, storage, and disclosure of personal data are described in the Privacy Policy.

AgentGrant stores credentials in encrypted form and does not present itself as a service for routine human review of plaintext user secrets.

AgentGrant is not liable for service disruptions caused by force majeure events, war, natural disasters, third-party telecommunications failures, or comparable causes outside its reasonable control.

AgentGrant is not liable for losses caused by a user's own fault or misuse of the Service.

The user who creates a Grant remains ultimately responsible for the consequences of actions performed by an AI agent through that Grant.

AgentGrant is not liable for losses arising from AI agent malfunctions, unexpected behavior, or incompatibilities with third-party services, except where liability cannot be excluded by law.

Users are responsible for configuring appropriate Policies to limit what their AI agents can do.

AgentGrant is not liable for outages, policy changes, or security incidents affecting third-party OAuth providers or other external service providers.

AgentGrant may restrict access or suspend accounts that violate these Terms.

Where feasible, we will notify the user of the reason and duration of a restriction by email or another appropriate channel.

Users may request account deletion or termination at any time through the Service or by contacting support.

Upon account closure, credentials, Grants, Policies, and related data may be deactivated immediately and then deleted after any retention period required by law.

AgentGrant is not liable for damages arising from free features of the Service, except where caused by intentional misconduct or gross negligence, or where liability cannot be excluded by law.

If a user causes damage to AgentGrant by violating these Terms, the user must compensate AgentGrant for that damage to the extent permitted by law.

These Terms are governed by the laws of the Republic of Korea.

Disputes arising out of or relating to the Service shall be submitted to the court of competent jurisdiction under applicable Korean civil procedure law.