Terms, Privacy
& Refund Policy

Terms of Service

1.1 Acceptance

By accessing or using LayerLint AI ("the Service"), operated by LayerLint AI ("we", "us", "our"), you agree to be bound by these Terms of Service. If you do not agree, do not use the Service.

1.2 Nature of the Transaction — Software License Grant

LayerLint AI is software created by its author and protected as an author's work (autorské dílo) under Czech Act No. 121/2000 Coll. (the Copyright Act / autorský zákon) and Directive 2009/24/EC on the legal protection of computer programs.

When you purchase a paid plan, you are acquiring a non-exclusive, non-transferable, revocable license to use the LayerLint AI software for the duration of your paid license period. You are not purchasing a service, support contract, or any form of ongoing professional engagement. The recurring fee is a license fee (licenční poplatek) paid in exchange for a time-limited license to use the software. The author retains all copyright and intellectual property rights in the software at all times.

1.3 Description of the Software

LayerLint AI is a software tool that performs AI-powered Dockerfile analysis, linting, and automated fix generation. It operates via a command-line interface (CLI), web API, IDE plugins, and CI/CD integrations. The software identifies security vulnerabilities, performance issues, and best practice violations in Dockerfiles, and generates suggested fixes.

1.4 Eligibility

You must be at least 18 years old and capable of entering into a binding contract to use the Service. If you use the Service on behalf of a company or organisation, you represent that you have authority to bind that entity.

1.5 Accounts

You are responsible for:

• Maintaining the confidentiality of your account credentials and API keys
• All activity that occurs under your account
• Notifying us immediately at security@layerlint.com of any unauthorised use

1.6 Acceptable Use

You agree not to:

• Use the Service to process Dockerfiles or content you do not have the right to share
• Reverse-engineer, decompile, or attempt to extract the source code of the Service
• Circumvent rate limits, quotas, or access controls
• Use the Service for any unlawful purpose or in violation of any applicable law
• Resell, sublicense, or commercially exploit the Service without our written consent
• Transmit malicious code, malware, or any content designed to disrupt the Service

1.7 Intellectual Property and License Restrictions

The LayerLint AI software, including its source code, algorithms, rule engine, AI prompts, and documentation, is the exclusive intellectual property of its author and is protected by Czech copyright law (autorský zákon) and international copyright treaties. All rights not expressly granted in section 1.2 are reserved.

You may not: copy, reproduce, or distribute the software; reverse-engineer or decompile it; create derivative works; transfer or sublicense your license to any third party; or remove any copyright or proprietary notices.

You retain all ownership of the Dockerfiles and content you submit for analysis. You grant the author a limited, non-exclusive licence to process your content solely to execute the licensed software functions on your behalf. Dockerfile content is never stored — only a SHA-256 hash is retained for caching purposes.

1.8 License Fee and Payment

Access to paid license tiers requires payment of a recurring license fee (licenční poplatek), billed monthly or annually via Paddle, who acts as Merchant of Record. By purchasing a license, you authorise Paddle to charge your payment method on a recurring basis for successive license periods. Your license renews automatically unless cancelled before the renewal date.

The license fee covers the right to use the software during the paid period only. It does not constitute payment for a service, for professional advice, or for any deliverable other than the software license itself. Prices are displayed inclusive of applicable taxes. Paddle handles VAT collection and remittance on behalf of the author.

1.9 Modifications to the Software

We reserve the right to modify, suspend, or discontinue any part of the Service at any time with reasonable notice. We will notify users of significant changes by email or via an in-product notice.

1.10 Disclaimer of Warranties

THE SOFTWARE IS PROVIDED "AS IS" AND "AS AVAILABLE" WITHOUT WARRANTIES OF ANY KIND, EXPRESS OR IMPLIED. THE AUTHOR DOES NOT WARRANT THAT THE SOFTWARE WILL BE UNINTERRUPTED, ERROR-FREE, OR THAT AI-GENERATED FIXES ARE CORRECT OR COMPLETE. YOU USE THE SOFTWARE AT YOUR OWN RISK.

1.11 Limitation of Liability

TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, THE AUTHOR SHALL NOT BE LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, OR PUNITIVE DAMAGES, OR ANY LOSS OF PROFITS OR REVENUE, WHETHER INCURRED DIRECTLY OR INDIRECTLY, ARISING FROM YOUR USE OF THE SOFTWARE.

THE AUTHOR'S TOTAL LIABILITY TO YOU FOR ANY CLAIMS ARISING FROM THESE TERMS OR YOUR USE OF THE SOFTWARE SHALL NOT EXCEED THE LICENSE FEES YOU PAID IN THE TWELVE MONTHS PRECEDING THE CLAIM.

1.12 Termination of License

The author may terminate your license for material breach of these Terms, with immediate effect if necessary to protect the software or other licensees. Upon termination, your right to use the software ceases immediately and you must delete all copies of any locally installed components (CLI binary, plugins).

1.13 Governing Law

These Terms are governed by the laws of the Czech Republic, without regard to conflict of law principles. Disputes shall be subject to the exclusive jurisdiction of the courts of the Czech Republic. If you are a consumer in the European Union, you retain the benefit of any mandatory consumer protection provisions of your country of residence.

1.14 Changes to Terms

We may update these Terms from time to time. We will notify you of material changes by email at least 14 days in advance. Continued use of the Service after the effective date constitutes acceptance of the updated Terms.

Privacy Notice

This Privacy Notice explains what data we collect, why we collect it, how we use it, and your rights under the General Data Protection Regulation (GDPR) and applicable privacy laws.

2.1 Data Controller

LayerLint AI is the data controller for personal data processed through the Service. Contact: privacy@layerlint.com.

2.2 Data We Collect

Account data:

• Email address (required for authentication)
• Name (optional, only if provided)
• Authentication provider details (GitHub OAuth, if used)

Usage data:

• Number of analyses performed and timestamps
• SHA-256 hash of analysed Dockerfiles (not the content itself)
• Finding counts per analysis (e.g. "3 errors, 2 warnings")
• Whether AI-suggested fixes were accepted or rejected (anonymised rule IDs only)
• Subscription tier and billing status

Technical data:

• IP address (used for rate limiting and security; not stored long-term)
• Browser/client type and version
• API request logs (retained for 30 days)

2.3 How We Use Your Data

• Providing the Service — authentication, analysis, billing, support
• Improving the Service — aggregated, anonymised usage patterns to improve rule accuracy and AI fix quality
• Security — detecting abuse, rate limiting, fraud prevention
• Legal compliance — fulfilling obligations under applicable law
• Communications — service announcements, security notices, and (with your consent) product updates

2.4 Legal Basis for Processing (GDPR)

• Contract performance — processing necessary to provide the Service you have subscribed to
• Legitimate interests — security monitoring, fraud prevention, service improvement
• Legal obligation — compliance with applicable laws
• Consent — marketing communications (you may withdraw at any time)

2.5 Data Sharing

We share data only with:

• Paddle — our payment processor and Merchant of Record. Handles billing data under their own privacy policy
• Supabase — database and authentication infrastructure (EU region)
• Anthropic — AI model provider. Only anonymised Dockerfile AST (structure, not content) is sent. Governed by Anthropic's API data processing agreement
• Cloudflare — CDN, DNS, and edge infrastructure
• Fly.io — application hosting

We do not sell your personal data to any third party.

2.6 Data Retention

• Account data: retained for the duration of your account plus 30 days after deletion
• Usage/analysis logs: retained for 12 months in aggregated form
• API request logs: 30 days
• Billing records: 7 years (legal requirement)

2.7 International Transfers

Our infrastructure primarily operates within the EU and USA. Where data is transferred outside the European Economic Area, we ensure appropriate safeguards are in place (Standard Contractual Clauses or adequacy decisions).

2.8 Your Rights (GDPR)

You have the right to:

• Access — request a copy of your personal data via GET /v1/user/export
• Rectification — correct inaccurate data
• Erasure — delete your account and all associated personal data via DELETE /v1/user/account
• Portability — receive your data in a machine-readable format
• Restriction — restrict processing in certain circumstances
• Objection — object to processing based on legitimate interests
• Withdraw consent — for any processing based on consent

To exercise any right, contact privacy@layerlint.com. We will respond within 30 days. You also have the right to lodge a complaint with your national data protection authority.

2.9 Cookies

We use only essential cookies required for authentication (session token) and security (CSRF protection). We do not use advertising or tracking cookies. No third-party analytics scripts are loaded on our pages.

2.10 Security

We implement appropriate technical and organisational measures including TLS 1.3 encryption in transit, AES-256 encryption at rest, access controls, and regular security reviews. In the event of a personal data breach, we will notify affected users and relevant authorities as required by law.

Refund Policy

3.1 EU / EEA Statutory Right of Withdrawal

If you are a consumer located in the European Union or European Economic Area, you have the right to withdraw from a digital service contract within 14 days of purchase without giving any reason, provided you have not yet started using the Service.

By activating your subscription and accessing the Service, you expressly consent to the immediate provision of the digital content and acknowledge that you lose your statutory right of withdrawal once the Service has begun.

3.2 Satisfaction Guarantee

We offer a 7-day money-back guarantee on your first license fee payment for any paid tier. If you are not satisfied for any reason, contact us within 7 days of your first charge and we will issue a full refund — no questions asked.

3.3 License Renewals

We do not offer refunds for license fee renewals unless the renewal was made in error (e.g. you cancelled but were charged anyway). In such cases, contact us within 7 days of the erroneous charge and we will refund in full.

3.4 Annual Licenses

For annual licenses cancelled after the 7-day satisfaction guarantee period, we will provide a pro-rata refund for the unused months remaining in the license period, at our discretion.

3.5 Cancellation

You may cancel your license renewal at any time via the self-service billing portal accessible from your account settings. Cancellation takes effect at the end of the current license period — you retain access to licensed features until that date. No partial-period refunds are issued for monthly licenses upon cancellation.

3.6 Refund Method

All refunds are returned to the original payment method used at the time of the license fee payment. Refunds are processed by Paddle and may take 5–10 business days to appear on your statement depending on your bank or card issuer.

3.7 Exceptional Circumstances

In cases of extended service outages (exceeding 24 hours of cumulative downtime in a single month), we may at our discretion provide account credits or pro-rata refunds. We will proactively reach out to affected customers in such situations.

Contact

For any questions about these documents or your rights, please contact us: