0) Definitions

“Services” means our websites, mobile apps, software, and related offerings. “You” or “User” means the individual or entity using the Services. Capitalized terms not defined here have the meanings given elsewhere in these Terms.

1) Acceptance of Terms

By accessing or using the Services, you agree to be bound by these Terms of Service (the “Terms”) and any policies referenced herein. If you do not agree, do not use the Services. You must be at least 13 years old; if you are under 18, you must have parental or guardian consent. You represent that you have legal capacity under applicable law.

2) Privacy

Our Privacy Policy explains how we collect, use, and disclose personal data and is incorporated by reference into these Terms. By using the Services, you consent to our processing of personal data as described in the Privacy Policy.

3) Accounts and Access

You agree to provide accurate, current, and complete information; keep your credentials secure; and be responsible for all activity under your account. If you use the Services on behalf of an organization, you represent that you are authorized to bind that organization, and the organization accepts these Terms.

4) License and Use Rights

Subject to these Terms, we grant you a limited, non-exclusive, non-transferable, non-sublicensable, revocable license to use the Services for your lawful personal or internal business purposes. We reserve all rights not expressly granted. The Services may automatically install or download updates to maintain security and functionality; you consent to such updates.

5) Service-Specific Terms (Filtering, Ad-Blocking, Local VPN)

Pandefy may provide features such as network filtering, ad-blocking, DNS or HTTPS proxying, or a local VPN tunnel. You are responsible for configuring and using these features lawfully in your jurisdiction and in line with relevant third-party terms (for example, ISPs, app stores, websites, apps). The Services are not designed to intercept or decrypt legally protected communications, circumvent transport-layer security, or bypass DRM. Filtering may affect the availability, presentation, billing, or functionality of third-party content or services; you may allowlist trusted domains or apps. Enabling VPN or proxy features or rules may impact connectivity, speed, fees, and device battery.

6) Acceptable Use Policy (AUP)

You will not, and will not allow others to: (a) violate laws, regulations, orders, or rights of others (including privacy, IP, publicity, reputation); (b) engage in fraudulent, deceptive, harmful, harassing, or abusive conduct; (c) interfere with, disrupt, or probe networks, systems, or data without authorization (including DDoS, scanning, injection, phishing, malware); (d) reverse engineer, decompile, or attempt to extract source code or circumvent security (to the extent not permitted by law); (e) collect, sell, or reuse others’ data without proper authorization; (f) bypass geographic restrictions, paywalls, or access controls; (g) scrape, repackage, resell, or otherwise misuse the Services at scale or contrary to their intended purpose; (h) misrepresent your affiliation with Pandefy. We may suspend or terminate the Services (in whole or in part) if we reasonably believe you violated the AUP or there is a material risk of harm.

7) Content and Intellectual Property

Your Content. You retain ownership of content you upload, configure, or submit through the Services. You grant us a worldwide, non-exclusive, royalty-free license to host, store, transmit, transcode, back up, display, and otherwise process your content solely to operate, maintain, improve, and support the Services.

Our Content. The Services (including software, documentation, logos, and interfaces) are protected by copyright, trademark, and other laws. Except as expressly permitted, you may not copy, modify, distribute, or create derivative works.

Open Source. If the Services include open-source components, those components are licensed under their respective licenses. If there is a conflict between such licenses and these Terms, the open-source licenses control for those components.

8) Third-Party Services and Links

The Services may integrate or link to third-party content, SDKs, rule subscriptions, websites, or stores (for example, Google Play). Those third parties are responsible for their offerings. We do not control and are not responsible for their availability, accuracy, or legality. Your dealings with third parties (including payments and data processing) are solely between you and the third party and are governed by their terms and privacy policies.

9) Subscriptions, Fees, and Taxes

If you subscribe via an app store, the store’s pricing, billing, tax, and refund rules apply and may control the refund process. Trials may auto-renew unless cancelled before renewal. We may change prices with reasonable prior notice where required; if you do not accept the changes, cancel before they take effect. Prices are exclusive of applicable taxes unless stated otherwise; you are responsible for such taxes. Store listing.

10) Beta or Preview Features

Beta or preview features are provided “as is” and may be unstable or change or exit at any time. All warranties and indemnities are disclaimed for beta features to the extent permitted by law.

11) Compliance, Export, and Sanctions

You will comply with applicable export, re-export, and sanctions laws (for example, U.S. EAR and OFAC sanctions). You represent that you are not located in, organized under the laws of, or ordinarily resident in a comprehensively sanctioned jurisdiction and are not a restricted party.

12) Feedback

If you submit suggestions or ideas, you grant us the right to use them without obligation to you.

13) Disclaimers

To the maximum extent permitted by law, the Services are provided “as is” and “as available,” and we disclaim all warranties, whether express, implied, or statutory, including merchantability, fitness for a particular purpose, non-infringement, and error-free or uninterrupted operation. Filtering rules, third-party lists, or community subscriptions are not guaranteed to be complete, accurate, or continuously effective.

14) Limitation of Liability

To the maximum extent permitted by law: (a) we are not liable for any indirect, incidental, punitive, special, or consequential damages; and (b) our aggregate liability for claims relating to the Services is limited to the fees you paid to us for the Services in the twelve (12) months preceding the event giving rise to liability, or US$100 if no such fees were paid. These limitations do not apply to liability that cannot be excluded under applicable law.

15) Indemnification

You will defend, indemnify, and hold harmless us and our affiliates, officers, employees, and partners from and against any claims, damages, liabilities, costs, and expenses (including reasonable attorneys’ fees) arising out of or related to your use of the Services, your content, or violation of these Terms or rights of a third party.

16) Dispute Resolution and Arbitration; Class Waiver

Except where prohibited by law, you and we agree to resolve any dispute arising out of or relating to these Terms or the Services through binding individual arbitration and to waive class actions and class arbitration.

17) Governing Law and Jurisdiction

These Terms are governed by the laws of the State of Delaware and applicable U.S. federal law, without regard to conflicts of law principles. Subject to the arbitration provision, the courts located in Delaware, USA will have exclusive jurisdiction, and you consent to their personal jurisdiction and venue.

18) Notices

We may provide notices via in-app messages, our website, email, or other reasonable means. You are responsible for keeping your contact information current. Contact us at legal@entromoonic.com.

19) Changes to the Terms

We may modify these Terms from time to time. Where required, we will provide reasonable prior notice before changes take effect. Your continued use of the Services after the effective date constitutes acceptance of the changes.

20) Termination

You may stop using the Services and uninstall the software at any time. We may suspend or terminate all or part of the Services and/or your account if you violate these Terms or if we reasonably believe there is a compliance or security risk. Provisions that by their nature should survive termination (including ownership, confidentiality, disclaimers, limitations of liability, indemnification, and dispute resolution) will survive.

21) Assignment

You may not assign these Terms (or any rights or obligations) without our prior written consent. We may assign these Terms to an affiliate, successor, or acquirer (including by merger, sale of assets, or equity) without your consent.

22) Entire Agreement; Severability

These Terms, together with policies incorporated by reference (including the Privacy Policy and AUP), constitute the entire agreement between you and us regarding the Services and supersede all prior understandings. If any provision is held invalid, illegal, or unenforceable, the remaining provisions will continue in full force and effect.

23) No Waiver; Force Majeure

Our failure to enforce any provision is not a waiver. We are not liable for delays or failures to perform due to events beyond our reasonable control, including natural disasters, war, terrorism, civil unrest, labor disputes, internet or power outages, supplier failures, or changes in law.

24) Regional Terms

EU Consumers. Your mandatory consumer rights remain unaffected. Right of withdrawal (14 days): For distance contracts, you may withdraw within 14 days without giving any reason unless you explicitly consent to the provision of digital content during the withdrawal period and acknowledge that you lose the right to withdraw once provision begins. If a refund is due under mandatory law, we will process it within a reasonable time to your original payment method, less any incremental charges you selected for expedited or non-standard delivery, where permitted by law.

UK Consumers. Your statutory rights under the Consumer Rights Act 2015 are unaffected, including rights that digital content be of satisfactory quality, fit for purpose, and as described. Remedies may include repair, replacement, or price reduction, as applicable. Cooling-off rules under the UK Consumer Contracts Regulations apply and may be waived where you explicitly consent to the provision of digital content during the cooling-off period.

Australia Consumers. Nothing in these Terms excludes, restricts, or modifies the non-excludable guarantees under the Australian Consumer Law (ACL). Where permitted, our liability is limited to re-supplying the Services or paying the cost of re-supplying the Services (at our election), unless the ACL requires a greater remedy.

25) DMCA and IP Notices

If you believe content hosted or transmitted by the Services infringes your copyright, send a notice consistent with the DMCA to our designated agent. We may remove or disable access to the content and, where appropriate, terminate repeat infringers. Contact: ip@entromoonic.com.

26) Data Processing Agreement (DPA) / Processor Terms

Scope. When we process Personal Data subject to the GDPR or similar laws as a Processor on behalf of a business customer acting as Controller (or, where applicable, as another processor), this Section applies and forms part of the parties’ data processing agreement. In case of conflict with other parts of these Terms, this Section prevails to the extent of the conflict.

(a) Roles and Instructions. We act as Processor and will process Personal Data only on documented written instructions from the Controller, including to provide, maintain, and improve the Services; ensure security and fraud prevention; provide support; comply with billing and legal obligations; and as otherwise required by law.

(b) Nature and Categories of Data; Data Subjects. Personal Data may include end-user account and device metadata, network connection or domain rule-matching logs, diagnostics and crash reports (if enabled), subscription and billing metadata. Data subjects may include the Controller’s end users, administrators, and representatives.

(c) Confidentiality and Personnel. Access to Personal Data is restricted to authorized personnel under appropriate confidentiality obligations and privacy or security training.

(d) Security Measures (TOMs). We implement technical and organizational measures appropriate to the risk, which may include encryption in transit or at rest (as applicable), least-privilege access controls, logging and monitoring, vulnerability management, and business continuity and disaster recovery. Upon written request, we can provide a high-level description of these measures.

(e) Sub-processors. We may engage sub-processors for hosting, analytics, crash reporting, billing, and related services under data protection obligations no less protective than this DPA. We will maintain a sub-processor list (available upon request) and provide reasonable notice of additions or replacements. The Controller may object on reasonable privacy or security grounds within a reasonable period; the parties will in good faith discuss commercially feasible alternatives.

(f) International Transfers. Where Personal Data is transferred to a country lacking an adequate level of protection, the parties will rely on valid transfer mechanisms such as the EU Standard Contractual Clauses (Module 2 or 3 as applicable) and supplementary measures as needed. The parties will execute any additional documents reasonably required to effect such transfers.

(g) Data Subject Requests. If we receive a request from a data subject concerning Personal Data processed for the Controller, we will, to the extent legally permitted, forward the request to the Controller and provide reasonable assistance for the Controller to respond to rights of access, rectification, erasure, restriction, portability, and objection.

(h) Security Incidents. Upon becoming aware of a Personal Data Breach affecting Personal Data processed for the Controller, we will notify the Controller without undue delay and provide information reasonably available to us, including mitigation steps. The Controller is responsible for regulatory notifications and communications with data subjects unless applicable law requires us to do so directly.

(i) Audit and Assurance. On reasonable notice and subject to confidentiality, we will make available information necessary to demonstrate compliance with our obligations under this DPA, which may include responses to security questionnaires or third-party compliance reports or summaries. Where further on-site or enhanced audits are reasonably required, the parties will agree in advance on scope, frequency, and cost allocation, ensuring minimal disruption and protection of trade secrets.

(j) Return and Deletion. Upon termination of the Services or upon the Controller’s written instruction, we will delete or return Personal Data and delete existing copies unless retention is required by law.

(k) Cooperation and Records. We will maintain records of processing as required by Article 30 GDPR and provide reasonable assistance with DPIAs and consultations with supervisory authorities.

(l) Liability. Except to the extent prohibited by mandatory law, the parties’ liability under this DPA is subject to and limited by the limitations and exclusions set forth in Section 14 (Limitation of Liability) of these Terms.

(m) Order of Precedence. In case of conflict between this DPA and other parts of these Terms, this DPA prevails; in case of conflict with mandatory law, mandatory law prevails.