Terms of Service

Effective date: July 11, 2026. These terms govern access to and use of SnitchOS by managed service providers and their teams.

This document is a template intended for review by the Customer's and by Shield's own legal counsel before it is relied on. It is not legal advice and does not create an attorney–client relationship. Employee-monitoring law varies by jurisdiction; adapt these terms to your circumstances before signing.

These Terms of Service (the “Terms”) are entered into between Shield Management Inc (“Shield,” “we,” “us”), the provider of the SnitchOS platform (“SnitchOS” or the “Service”), and the managed service provider that licenses the Service (the “Customer,” “you”). A Customer's downstream client organizations are “Client Tenants,” and the employees whose company-owned devices are monitored are “Monitored Users.”

1. Agreement to these terms

By creating an account, deploying the SnitchOS agent, or otherwise accessing the Service, you agree to these Terms on behalf of your organization. If you are accepting on behalf of a company, you represent that you are authorized to bind it. If you do not agree, do not use the Service.

Where you and Shield have signed a separate master services agreement or order form covering SnitchOS, that document controls to the extent it conflicts with these Terms. The Data Processing Addendum at /dpa.html is incorporated into and forms part of this agreement.

2. The Service

SnitchOS is a multi-tenant employee-monitoring and workforce-analytics platform for managed service providers. It consists of a signed Windows endpoint agent and a hosted management dashboard. Shield hosts the Service on Shield-controlled infrastructure; the Service is not delivered as on-premises software.

2.1 What the agent collects

On a company-owned, Customer-managed endpoint, the agent samples: active window (process name and window title), idle and active state, application usage, website host and path (never query strings or fragments), input counts only (keystroke, mouse-click, and mouse-distance totals — never the keys or content typed), one screenshot per minute, and basic device and operating-system metadata. Administrator identity is established through Microsoft Entra. Where the Customer chooses to connect it, the Service also ingests Microsoft 365 Graph usage signals such as Entra sign-ins and Teams and Outlook activity.

2.2 What the Service never collects

SnitchOS does not capture keystroke content, clipboard contents, file contents, message bodies, audio, webcam imagery, saved passwords, or URL query strings and fragments. The endpoint agent counts input and discards it; it is not a keylogger. The agent runs as a visible Windows service that a local administrator can uninstall; it is not a rootkit.

2.3 Changes to the Service

We improve the Service over time and may add, modify, or retire features. Descriptions on our marketing pages reflect capabilities that are shipped today; planned work appears on the roadmap and is not a commitment. We will not materially reduce the core functionality of a paid subscription during its then-current term without notice.

3. Accounts and authentication

Administrator access to the dashboard is through Microsoft Entra single sign-on only. There are no local passwords. Admins are provisioned by Shield or by an existing Customer administrator and sign in with their Microsoft 365 account, bound to an immutable Entra object identifier.

3.1 Account security

You are responsible for maintaining the security of your Entra tenant, for the enrollment keys you generate, and for all activity that occurs under your administrators' accounts. You must promptly deactivate administrators who leave your organization and notify us of any suspected unauthorized access at support@snitchos.com.

3.2 Enrollment keys

Fleet enrollment keys embedded in your install scripts authorize devices to enroll into a specific tenant. Treat them as credentials. You are responsible for rotating or revoking keys that may have been exposed.

4. Acceptable use

Your use of the Service is subject to our Acceptable Use Policy at /acceptable-use.html, which is incorporated by reference. In summary, you may not use SnitchOS to monitor devices you are not authorized to monitor, to surveil individuals covertly where the law requires notice, to circumvent the input-count and content-exclusion limits described above, or to interfere with the security or integrity of the Service. We may suspend access that presents a security risk or that violates the Acceptable Use Policy.

5. Customer responsibilities

You are the party closest to the workforce being measured, and several obligations rest with you.

5.1 Lawful monitoring and employee notice

You — together with your Client Tenant where applicable — are responsible for determining that your use of employee monitoring is lawful in each jurisdiction where a Monitored User works, and for providing any notice or obtaining any consent that the law requires. Several U.S. states, including New York, Connecticut, and Delaware, require advance written notice to employees before electronic monitoring; other jurisdictions impose their own conditions. You are responsible for issuing that notice and for maintaining records of it. SnitchOS is designed for company-owned, managed endpoints with appropriate disclosure; it is not to be installed on personal devices or used to monitor people without a lawful basis.

5.2 Authority over devices and data

You represent that you have the authority to deploy the agent on each endpoint you enroll and to process the resulting data on behalf of the relevant Client Tenant. As between the parties, you and your Client Tenant are the data controller for monitored endpoint data, and Shield acts as the data processor on your documented instructions, as set out in the Data Processing Addendum.

5.3 Configuration

You are responsible for configuring tenants, productivity classifications, alarm rules, retention within the ranges we offer, and administrator scoping so that the Service operates as you intend for each Client Tenant.

6. Fees and billing

SnitchOS is priced at US $100 per active administrator seat, per month. An active administrator is one who can sign in to the dashboard during the billing period. Monitored endpoints, Monitored Users, and Client Tenants are unlimited and are never billed. Your cost tracks the people who log in to read the data, not the size of the workforce you monitor.

6.1 Invoicing and autopay

Subscriptions bill automatically each month in arrears based on the number of active administrator seats during that period. Payments are processed by our payment processor, Stripe, using the card or other payment method you keep on file. By providing a payment method you authorize recurring monthly charges. Stripe processes and stores your payment details; Shield does not store full card numbers.

6.2 Seat changes

You may add or deactivate administrator seats at any time from the dashboard. Added seats are reflected in the next invoice; deactivating a seat stops it counting toward future periods. We do not prorate or refund partial months unless required by law.

6.3 Failed payments, dunning, and suspension

If a charge fails, Stripe will retry it on a standard dunning schedule and we will notify your billing contact. If an invoice remains unpaid after the retry window, we may suspend access to the dashboard. Suspension disables administrator sign-in only; the endpoint agents continue to run and buffer data, and no data is deleted solely because of suspension. Access is restored promptly once the outstanding balance is paid.

6.4 Taxes

Fees are exclusive of taxes. You are responsible for any sales, use, value-added, or similar taxes arising from your subscription, except for taxes on Shield's net income. Where we are required to collect tax, it will be added to your invoice.

7. Term, termination, and data deletion

These Terms apply for as long as you have an active subscription or account. Either party may terminate for convenience on written notice effective at the end of the then-current monthly period. Either party may terminate for a material breach that remains uncured 30 days after written notice.

7.1 Effect of termination

On termination, your administrators lose access to the dashboard and you must stop deploying the agent and uninstall it from enrolled endpoints. Fees accrued before termination remain payable.

7.2 Data deletion and retention

Endpoint data is purged when a tenant is offboarded. In normal operation, screenshots are retained hot for 30 days and cold through day 365, then hard-deleted; the administrative audit log is retained for three years. On account closure we delete or return endpoint data in line with the Data Processing Addendum, subject to any retention we are required by law to maintain. Backups age out on their own cycle.

8. Intellectual property

Shield and its licensors own all right, title, and interest in the Service, including the agent software, the dashboard, and all related documentation, and in the SnitchOS name and marks. Subject to these Terms and to payment of fees, we grant you a non-exclusive, non-transferable, revocable license to access and use the Service and to deploy the agent to endpoints you are authorized to manage during the term.

8.1 Your data

As between the parties, you and your Client Tenants retain all rights in the monitored endpoint data. You grant Shield the limited rights needed to host, process, secure, and display that data in order to provide the Service and to meet our obligations under the Data Processing Addendum.

8.2 Feedback

If you send us suggestions or feedback about the Service, we may use them without restriction or obligation to you.

9. Confidentiality

Each party may receive non-public information of the other that is marked or reasonably understood to be confidential, including pricing, security documentation, and monitored data. The receiving party will use the other's confidential information only to perform under these Terms, will protect it with at least reasonable care, and will not disclose it except to personnel and sub-processors bound by comparable obligations. These duties do not apply to information that is public through no fault of the receiving party, was already known to it, or is independently developed, and do not prevent a disclosure required by law provided reasonable notice is given where permitted.

10. Sub-processors and hosting

We host the Service on Shield-controlled infrastructure and engage a limited set of sub-processors to operate it: Stripe for payment processing; Microsoft for Entra ID authentication and, only where you connect it, Microsoft 365 Graph usage data; NotifyBell for operational alerting; and our underlying data-center and hosting provider. The current list, and how we notify you of changes, is maintained in the Data Processing Addendum and sub-processor list. Data in transit is protected with TLS 1.3, tenants are isolated at the database row, object-store key, and API layers, the agent is code-signed, and administrative actions are written to an append-only audit log. Off-site backups are encrypted in transit; they are not encrypted at rest.

11. Compliance with data-protection law

Where the General Data Protection Regulation applies, Shield acts as a processor under Article 28 and the Data Processing Addendum sets out the required processor terms, including the use of Standard Contractual Clauses for any transfer that needs them. Where U.S. state privacy laws such as the California Consumer Privacy Act, as amended by the CPRA, apply, Shield acts as a service provider and processes personal information only to provide the Service and not for its own purposes. Determining the legal basis for monitoring, and providing notice to and honoring the rights of Monitored Users, remains the Customer's responsibility as described in Section 5.

12. Warranties and disclaimers

Each party warrants that it has the authority to enter into these Terms. We will provide the Service with reasonable skill and care.

Except as expressly stated, the Service is provided “as is” and “as available.” To the fullest extent permitted by law, Shield disclaims all other warranties, whether express, implied, or statutory, including implied warranties of merchantability, fitness for a particular purpose, and non-infringement. We do not warrant that the Service will be uninterrupted or error-free, that sampling will capture every event, or that the Service is suitable for any particular legal or compliance outcome. The Service is a monitoring and analytics tool; it is not legal advice and does not by itself make your monitoring program lawful.

13. Limitation of liability

To the fullest extent permitted by law, neither party will be liable for any indirect, incidental, special, consequential, or exemplary damages, or for lost profits, revenue, goodwill, or data, arising out of or relating to these Terms, even if advised of the possibility.

Each party's total aggregate liability arising out of or relating to these Terms will not exceed the total fees paid or payable by the Customer to Shield for the Service in the twelve months before the event giving rise to the claim. These limits do not apply to your payment obligations, to either party's indemnification obligations, or to liability that cannot be limited under applicable law.

14. Indemnification

You will defend, indemnify, and hold harmless Shield and its officers, employees, and agents from and against third-party claims, and resulting losses, damages, and reasonable legal costs, arising out of: (a) your or your Client Tenants' monitoring of Monitored Users, including any failure to provide legally required notice or to obtain any required consent; (b) your deployment of the agent to devices you were not authorized to monitor; (c) your violation of the Acceptable Use Policy; or (d) your breach of these Terms or of applicable law. Shield will defend, indemnify, and hold you harmless against third-party claims that the Service as provided by Shield infringes that third party's intellectual property rights. The indemnified party will give prompt notice of the claim, reasonable cooperation, and control of the defense to the indemnifying party.

15. Governing law and disputes

These Terms are governed by the laws of the State of [State/Commonwealth — to be completed by counsel], United States, without regard to its conflict-of-laws rules. The parties submit to the exclusive jurisdiction of the state and federal courts located in [venue — to be completed by counsel] for any dispute that is not otherwise resolved, except that either party may seek injunctive relief in any court of competent jurisdiction to protect its intellectual property or confidential information.

16. Changes to these terms

We may update these Terms as the Service and the law evolve. When we make a material change, we will update the effective date above and give reasonable notice through the dashboard or to your billing or administrative contact before the change takes effect. Your continued use of the Service after a change becomes effective constitutes acceptance of the updated Terms.

17. General

If any provision of these Terms is held unenforceable, the remainder stays in effect. Our failure to enforce a provision is not a waiver of it. You may not assign these Terms without our consent, except to a successor in a merger or sale of substantially all assets; we may assign them to an affiliate or successor. Neither party is liable for delay or failure caused by events beyond its reasonable control. These Terms, together with the Acceptable Use Policy, the Data Processing Addendum, the Privacy Policy, and any signed order form, are the entire agreement between the parties regarding the Service.

18. Contact

Questions about these Terms, or about SnitchOS generally, can be directed to the right team:

SnitchOS is a product of Shield Management Inc. See also our Privacy Policy, Data Processing Addendum, and Acceptable Use Policy.

Ready when you are

See SnitchOS on your own fleet.

One endpoint, one hour. We'll cut you a per-tenant installer with a 30-day pilot key and walk you through it.