Enterprise AuthHub — Terms of Service
Version 1.0 — Effective 1 June 2026
1. Definitions
"Service" means the Enterprise AuthHub Relationship-Based Access Control platform operated by the Service Provider. "Tenant" means a healthcare organisation registered to use the Service. "Authorised User" means any individual granted access to the Service by a Tenant administrator.
2. Service Description
The Service provides fine-grained, relationship-based access control (ReBAC) for healthcare applications. It enables Tenants to define permission schemas, manage relationship tuples, and evaluate access decisions in real time via an API.
3. Acceptable Use
Tenants agree to use the Service solely for the purpose of managing authorization decisions within their healthcare applications. Tenants shall not: (a) attempt to access another Tenant's namespace; (b) store patient-identifiable data within permission schemas or tuple values; (c) exceed allocated quota limits without prior approval; (d) use the Service for purposes unrelated to healthcare delivery.
4. Availability & SLA
The Service targets 99.9% monthly uptime for Standard tier and 99.95% for Enterprise tier. Scheduled maintenance windows will be communicated at least 48 hours in advance. The Service Provider shall not be liable for downtime caused by force majeure events or third-party infrastructure failures.
5. Data Retention
Audit logs are retained for 7 years in accordance with records management requirements. Relationship tuples and schemas are retained for the duration of the Tenant's subscription. Upon termination, Tenant data will be deleted within 90 days unless legal retention obligations apply.
6. Termination
Either party may terminate this agreement with 30 days written notice. The Service Provider may suspend access immediately if a Tenant breaches these terms or poses a security risk to other Tenants or the wider platform ecosystem.
7. Limitation of Liability
The Service is provided "as is" for the trial period. The Service Provider's total liability shall not exceed the fees paid by the Tenant in the 12 months preceding the claim. Neither party shall be liable for indirect, consequential, or incidental damages.
8. Governing Law
These terms are governed by the laws of England and Wales. Disputes shall be subject to the exclusive jurisdiction of the courts of England and Wales.