Skip to content
proc2proof
Request scan

Legal

Terms of Use

Pelican-Tech Ltd.

Last updated 2026-05-06

1. Introduction

These Terms of Use ('Terms') govern access to and use of the Proc2Proof marketing website at proc2proof.com, the free scan offering, and the Proc2Proof platform ('Service'), all operated by Pelican-Tech Ltd. ('Company', 'we', 'us').

By accessing or using the website, the free scan, or the Service, you ('User') agree to these Terms. They are provided in English; translations are for convenience and the English text controls in case of conflict.

Where a separate written agreement between the Company and a Customer (such as a Master Service Agreement, Order Form, or Data Processing Agreement) covers the same subject matter, that agreement prevails over these Terms in case of conflict.

2. Scope

These Terms cover:

  • -Visitor use of the marketing website
  • -Use of the free scan
  • -Authenticated use of the Service under a Customer agreement

3. Marketing site usage

Browsing proc2proof.com is permitted for any lawful purpose. You may not use automated tools to scrape, attack, overload, or otherwise interfere with the site, and you may not attempt to gain unauthorized access to any non-public area.

4. Free scan

The free scan is an optional offering that allows you to run a limited set of procedure-execution checks against systems you are authorized to connect, such as a Microsoft Entra ID tenant.

By initiating the free scan, you represent and warrant that:

  • -You are authorized by the relevant organization to connect the systems and identity providers used in the scan
  • -You have obtained any internal approvals required by your organization's policies
  • -You will not use the free scan against systems, tenants, or environments you are not authorized to access
  • -You understand that the free scan grants the Service read-only access to specific endpoints required to execute the included checks
  • -Records related to the scan, including scan metadata, security logs, raw evidence, check results, findings, cases, and aggregate results, may be processed and retained as described in the Privacy Policy, subject to the applicable plan, deployment model, tenant configuration, and retention settings
  • -The free scan is provided 'as is' for evaluation purposes and may be modified, limited, or discontinued at the Company's discretion

5. Relationship with your organization

When you access the Service on behalf of an organization ('Customer'), your use is subject to the agreements between the Company and the Customer.

In case of conflict between these Terms and a Customer agreement, the Customer agreement prevails for matters covered by that agreement.

6. Authorization to connect systems

When you connect organizational systems, identity providers, cloud accounts, productivity suites, or other data sources to the Service or the free scan, you represent and warrant that:

  • -You are duly authorized by the relevant organization to grant the Service the access requested
  • -Granting that access does not violate any applicable law, contract, internal policy, or third-party rights
  • -You will revoke the Service's access promptly when authorization is withdrawn or you no longer have the right to grant it
  • -The Company may rely on your representations and is not responsible for verifying the scope of your internal authority

7. Permitted and prohibited use

You agree to use the marketing site, the free scan, and the Service only for lawful business purposes and in accordance with these Terms. You will not:

  • -Use the Service in violation of applicable law or your organization's policies
  • -Use the Service, Free Scan, website, APIs, connectors, or any Company systems to conduct phishing, credential harvesting, impersonation, social engineering, deceptive login flows, or any activity intended to obtain credentials, MFA factors, authentication codes, tokens, secrets, or unauthorized access
  • -Use the Service to scan, test, attack, or otherwise probe systems, environments, or tenants you are not authorized to access
  • -Reverse engineer, decompile, or attempt to derive the source code of the Service, except to the extent expressly permitted by law
  • -Interfere with, disrupt, overload, or impair the Service, the marketing site, or any underlying infrastructure
  • -Bypass or attempt to bypass authentication, authorization, access controls, rate limits, security controls, or usage restrictions
  • -Resell, sublicense, or provide the Service to third parties without the Company's prior written consent
  • -Use the Service to develop a competing product, or to extract data, models, or know-how for that purpose
  • -Upload or process content that is unlawful, infringing, or that you do not have the right to process
  • -Use the Service to make automated decisions with significant legal or similar effects on individuals without appropriate human oversight

8. AI-assisted features

The core Service is deterministic and does not require LLM processing. AI-assisted features are optional features that may support tasks such as procedure parsing, role extraction, chat/Q&A, contextual assistance, agent-based workflows, evidence classification, and suggested remediation.

Where an external AI provider such as Azure OpenAI is used, AI-assisted features require tenant-level consent. If such consent is not granted or is withdrawn, the AI-assisted features are disabled, but the core Service remains available.

For Free and Pro plans, AI-assisted features, where enabled, use an external AI provider. For Business and Enterprise Customers using a Customer-controlled Runner, AI-assisted processing may be configured to use a local model within the Customer environment, or the Customer may choose to enable an external AI provider.

AI-generated or AI-assisted outputs may be inaccurate, incomplete, or unsuitable for a particular purpose. Customer is responsible for reviewing and validating such outputs before relying on them for compliance, security, audit, legal, regulatory, or operational decisions.

Customer Data is not used to train shared third-party foundation models without the Customer's consent.

9. Accounts and access

For the Service, access is provisioned and controlled by the Customer. You are responsible for safeguarding your credentials and for activity carried out under your account.

The Company may suspend or restrict access for security, legal, regulatory, or operational reasons, including suspected misuse or material breach of these Terms.

10. Service status, plan changes, and early access

The Service is currently provided as an evolving product, including early-access and beta features. Features, interfaces, content, defaults, and pricing may change.

Plan names, limits, features, deployment options, and availability may change from time to time. The applicable order form, customer agreement, DPA, or written commercial terms prevail over general website descriptions.

The Service may be unavailable from time to time due to maintenance, incidents, or other operational reasons. The Company does not guarantee uninterrupted availability or error-free operation, except as may be expressly stated in a separate Customer agreement.

11. Deployment models

The Service can be provided in different deployment configurations, which may include:

  • -Multi-tenant cloud, operated by the Company on Microsoft Azure (currently in the West Europe region)
  • -Customer-controlled Runner - an optional component, available on Business and Enterprise plans, that runs in the Customer's own infrastructure (on-premises or in the Customer's cloud account); when used, checks execute inside the Customer environment and only run metadata, summary results, scores, statuses, and integrity hashes are returned to the cloud control plane, while raw evidence values remain in the Customer environment. Evidence drill-down is performed through signed proxy requests back to the Customer-controlled Runner
  • -Dedicated or hybrid configurations agreed in writing with specific Customers
  • -Responsibilities for infrastructure, networking, data storage, identity, and security may vary depending on the deployment model and the applicable Customer agreement

12. Customer Data, outputs, and feedback

'Customer Data' means data and content the Customer or its Users upload to the Service, or that the Service collects from systems the Customer authorizes for processing.

As between the Customer and the Company, the Customer retains all rights in Customer Data. The Customer grants the Company a limited, non-exclusive license to host, process, and transmit Customer Data solely to provide and operate the Service, secure the Service, and meet legal obligations, and as further described in the Privacy Policy and applicable agreements.

Outputs generated by the Service from Customer Data, such as findings, reports, and risk register entries, are made available to the Customer for its internal use under these Terms and any applicable Customer agreement.

If you provide feedback, suggestions, or ideas about the Service, you grant the Company a perpetual, irrevocable, worldwide, royalty-free license to use that feedback to operate, maintain, and improve the Service, without obligation to you. You are not required to provide feedback.

13. Data processing

The Company processes personal data on behalf of the Customer as a data processor (or equivalent role under applicable law).

The Customer determines what Customer Data is uploaded and processed and is responsible for the lawful basis of processing personal data through the Service.

Further details are described in the Privacy Policy, the Trust page, and any applicable Data Processing Agreement.

14. Intellectual property

All rights in the Service - including software, content, designs, documentation, trademarks, the Pack Library, and any AI prompts, models, or templates developed or used by the Company - remain the exclusive property of the Company or its licensors.

Subject to these Terms and any applicable Customer agreement, the Customer is granted a limited, non-exclusive, non-transferable right to access and use the Service for its internal business purposes during the agreed term.

No other rights are granted except as expressly stated in these Terms or the applicable Customer agreement.

15. No professional advice or compliance guarantee

The Service, the marketing site, the free scan, and any reports or outputs generated by them do not constitute legal, regulatory, audit, accounting, financial, medical, or other professional advice.

The Service is a technical platform that helps organizations check operational evidence against procedures, controls, and requirements they choose to configure. It does not certify compliance with any law, regulation, framework, or standard. It does not replace the judgment of an auditor, lawyer, security professional, or other qualified advisor.

Customers and Users remain solely responsible for their own compliance, security, risk, audit, and regulatory obligations, and for the decisions they make based on output from the Service.

16. Disclaimer

The marketing site, the free scan, and the Service are provided 'as is' and 'as available', without warranties of any kind, whether express, implied, or statutory, to the maximum extent permitted by law, including without limitation warranties of merchantability, fitness for a particular purpose, non-infringement, accuracy, or uninterrupted availability.

17. Limitation of liability

To the maximum extent permitted by law, the Company shall not be liable for any indirect, incidental, special, consequential, exemplary, or punitive damages, or for loss of profits, revenue, data, goodwill, or business opportunities, arising from or related to use of the marketing site, the free scan, or the Service, even if advised of the possibility of such damages.

Liability limits agreed in a separate Customer agreement prevail over this clause for matters covered by that agreement.

18. Termination

Access to the marketing site, the free scan, or the Service may be suspended or terminated by the Company at any time for security, legal, regulatory, or operational reasons, or for material breach of these Terms.

Customer access to the Service may also be terminated in accordance with the applicable Customer agreement.

Provisions that by their nature should survive termination (including intellectual property, disclaimers, limitation of liability, governing law, and dispute resolution) will survive.

19. Changes

We may update these Terms from time to time. The 'Last updated' date at the top of this page reflects the most recent revision. Continued use of the marketing site, the free scan, or the Service after that date constitutes acceptance of the updated Terms.

20. Governing law and jurisdiction

These Terms are governed by the laws of the State of Israel, without regard to its conflict of laws principles. The competent courts of Tel Aviv-Yafo, Israel, shall have exclusive jurisdiction over any dispute arising out of or in connection with these Terms, except where mandatory law provides otherwise.

21. Contact

For questions about these Terms: legal@proc2proof.com.