Terms & conditions
Download in PDF : KeeeX-Terms-of-Service-kx-lh-2019-11-25-xizer-ratav.pdf
Document date: 2019/11/25
Thank you for using KeeeX!
KeeeX provides users (the ‘Users’) of the Web pages (the ‘Site’) with Web Service APIs and infrastructures (the ‘Web Service’) that may altogether be accessed for instance but with no limitation at https://keeex.me, https://keeex.io, https://keeex.com, https://keeex.net, with a platform for downloading applications (the ‘Software’) used for instrumenting documents according to the KeeeX specifications (i.e. embedding authorship, digital signatures, proofs of integrity, copyright, references inside files…) as well as searching them, online or locally, viewing them, chaining versions, and sharing them in encrypted form or not, maintaining a set of contacts, or any other service provided by KeeeX (collectively the ‘Service’). The Service is reserved exclusively for users using this Service for the purposes of their professional activity, whether acting on their behalf or on behalf of a third party. It can not be subscribed by a person acting as a consumer within the meaning of the law.
This Agreement sets out the legally binding terms between you and KeeeX. By using the Service in any way, You agree to be bound by all of the terms and conditions (the ‘Terms’) of this Terms and Conditions of Use agreement (the ‘Agreement’). ‘You’ refers to any individual or any third party or entity you are using the Service on behalf of. Therefore, You represent and warrant that You are fully able and competent to enter into the terms set forth in this Agreement. KeeeX may, in its sole discretion, change, add or remove portions of this agreement at any time.
KeeeX may change, suspend or discontinue any aspect of the Service at any time. KeeeX may also impose limits on certain features or restrict your access to parts or all of the Service without notice or liability.
KeeeX continuously improves all parts of the Service and Software, so if you have any question or feedback on these Terms, please drop an email to email@example.com.
Description of the Service and Software
KeeeX provides a technology (the « Technology ») allowing for embedding trust, authentication, and organization metadata (the « KeeeX Metadata ») within files. This technology is universal: it indifferently applies to any file format, without perceivable usage impact, and allows for verifying files using an universal tool or web page. This approach reverses the standard perspective whereby files are placed under control of trusted tiers, document management systems and organizations (including system folders or databases). This technology takes an original file (the ‘Original File’) to produce a ‘keeexed’ file (the ‘Keeexed File’).
A Keeexed File may :
- contain a cryptographic checksum (or several) in the form of a list of pronounceable artificial words (its « IDX ») allowing to verify that the Keeexed File is bitwise unmodified,
- contain a reference to the user’s profile ID
- contain a « name » that keeps it immune to renaming by tiers or operators,
- contain a « description » used to attach unforgeable copyright, confidentiality terms, instructions to recipients or readers, or any other text,
- possibly contain one or several public keys of a PKI digital signing scheme, and the corresponding digital signatures of the IDX by the corresponding private keys or a derivation of these keys,
- possibly contain one or several X.509 certificates allowing for the verification of an embedded signature of the file IDX by the matching private keys
- possibly contain a reference to a Bitcoin blockchain anchoring certificate as can be seen on https://services.keeex.me/timestamps
- possibly contain a reference to a timestamp certificate RFC3161 as generated by a trusted timestamp authority (TSA) also visible here: https://services.keeex.me/timestamps, or in ChainPoint format.
- contain references to other keeexed files, including but not limited to the author profile, the keeexer program, possible previous versions and more user or application defined files.
- contain according to user’s needs technical data related to the context of use and the processes in which the files are useful.
The whole scheme is protected by several active or pending international patents. KeeeX develops this technology through a set of software elements (the « Software ») and Web and online accessible server infrastructures (collectively the « Online Services »). Collectively, the Software and online Services are denoted as the « Services ».
The Online Services are accessible notably through accesses to the domains « keeex.me », « keeex.com », « keeex.io », « keeex.net », « keeex.be » and their subdomains, the list not being exhaustive. A portion of the Services is made available on these domains via Applications Programming Interfaces (API).
The Software offered by KeeeX today comprises
- KeeeX ChatOps: an ultra-secure probative instant messenger and file sharing app. The KeeeX ChatOps Software valorizes the KeeeX Technology into a unique collaboration software (available on the Unix, Windows and OSX platforms), that allows users to process and share probative documents and files without exposing a single byte of their original content, even by using the transport layer of their choice (shared disk, private cloud…), to send end to end ciphered files. Neither the KeeeX engineers nor anybody may access this data or the secrets needed to decipher them. KeeeX ChatOps ciphers and deciphers files on user’s side, by using state of the art symmetric cryptography in a peer-to-peer scheme.
- KeeeX ChatOps Mobile (Android): Non-maintained application ; distribution and use are interrupted.
- KeeeX Drop, a simplified desktop app allowing for producing keeexed files by a simple drag and drop.
- Photo Proof by KeeeX: Non-maintained application ; distribution and use are interrupted.
- KeeeX Photo Proof Pro: a probative mobile photo app on the Bitcoin blockchain. The Photo Proof Pro application is intended for professionals and can be adapted to their needs. KeeeX Photo Proof pro leverages the KeeeX technology in a mobile app (Android and IOS) by producing digitally signed photos using the mobile camera. In one operation, the app takes a picture, seals it (“keeexes it”) with proofs of integrity, identity, date and geotracking (if activated) and a proof of existence on the blockchain (Bitcoin transaction by default). The entire proof record is accessible to the user in the form of self-probative files (image files and timpstamp certificates files), and can be shared by any means.
- KeeeX Core: Non-maintained application ; distribution and use are interrupted.
- KeeeX Fusion: a Linux / Windows / OSX app allowing for the creation and verificarion of keeexed documents and electronic signatures creation, as well as the obtention of timestamps and proofs of existence on a blockchain, plus a wealth of new services including parallel muti signature, iterated muti signature, two level keeexing, the use of Fido keys, delayed signing, and a wider range of blockchains including Ethereum and our dedicated sidechain services.
- KeeeX Chains: a cloud-based SaaS solution allowing for the unforgeable statement of keeexed file sequences. Chains builds upon Fusion and allows users for the full control of their data, as well as the transactional processing of chain entries. Functionally, given a file or simply its IDX, Chains allows for the instant retrieval of the first and latest entries on the chain, and to navigate in both directions. Chains is delivered on line as a SaaS solution or may be deployed « on premises ».
- KeeeX VPT (Virtual Property transfer): a Chains based SaaS framework allowing for the statement of property or control transfer of unique documents.
- KeeeX Core for Xamarin: a library allowing for the creation of custom mobile apps that keeex user files and/or create digital signatures, timestamps and blockchain anchors by connecting to our server apis.
- KeeeX as an (amazing) service (KaaaS): an online integrated service for the authentication of corporate documents, financial communication, diplomas or otherwise any document provably originating from a moral person identified by digital identity, brand and or logo. This service is operated at https://kaaas.keeex.me/.
- KeeeX MultiSig: a framework allowing for batch document signing in corporate settings.
- KeeeX Proof: a blockchain anchoring service for sh256 file hashes. This service is available at url https://s.keeex.me/proof. KeeeX Proof does not transfer a byte of your data to our servers. Only their non-invertible hash is sent. An api is available for back office processing.
- KeeeX Verify Page: a web page working offline for the verification of keeexed files by a simple drag and drop. This page can be deployed on our customer’s premises or on partner sites, including in customized form. Besides their hashes, the KeeeX Verify Page does not transfer a single byte of your data to our servers. This service is freely available at url https://s.keeex.me/verify and requires no login. Verification operates locally but still requires a connection to the internet in order to retrieve detailed account information and/or timestamp certificates if they exist.
- KeeeX Blockchain Explorer: KeeeX offers at url https://s.keeex.me/timestamps a free service allowing for the real time exploration of timestamp and Bitcoin anchor requests made by our users, as well as accessing linked Bitcoin transactions.
- KeeeX Stories: KeeeX Stories provides a common platform for exchanging proofs among the parties in a complex process of an exact sequence of events, data, documents and consents. KeeeX Stories operates in front of KeeeX Chains.
- KeeeX Logisteeex: a mobile application that allows the connexion according to a role into the supply chain, to find a booking from its reference, using a container OCR or a QRcode. The app also allows to add data and documents into the chain (photos…), and to read from chains.
The Web services offered by KeeeX (like KaaaS for instance) are available either on premises, hosted, or in SaaS (on demand) mode. These services usually require a working instance of KeeeX Fusion.
In the case of “on demand” online services, user data that transit to our servers in Europe are transported encrypted in TLS/SSL, and kept only for the extremely small duration allowing for operating the service (today max 48 hours).
Other web services may in the future be made available under the same model as KaaaS (planned today are multi signature, blockchain tracking, billing…).
All KeeeX software may be customized and adapted to our customers needs upon demand, including for commercial use, under specific written agreement by KeeeX or contract.
We may integrate or help integrate KeeeX Fusion within any back-office app or service, connected with any blockchain (Bitcoin, Ethereum, HyperLedger, Corda…). We also integrate KeeeX Fusion for Xamarin in mobile apps for our customers.
Access to the Services
KeeeX provides Services only to professionals (according to the meaning of the French Law), having subscribed a contract according to the conditions of these terms of service.
The Services are not accessible to consumers. Any natural person wishing to subscribe to a Service on an individual basis, for strictly private use, outside any professional position, permanently or occasionally, directly or indirectly, is considered as such.
Professionals must subscribe business Services and the Services used for any business purpose are deemed to be professional services and are available to professional only at a price set out for the said Services.
Every professional user must engage into a negotiation with KeeeX.
In order to enable the proper operation of the service, and according to any contractual or legal obligations that may apply, You agree to provide true, accurate, current and complete information about yourself as prompted by the Site or Software registration form (such information being the “Registration Data”) and commit yourself to preserve and promptly update the Registration Data so that they obey all above conditions when feasible, or to inform KeeeX, firstname.lastname@example.org of any change.
You are responsible for maintaining the confidentiality and difficulty of any password, account, or any other identification and are fully responsible for all activities that occur under your password or account.
Your membership is solely for your personal use, and you shall not authorize others to use your account. You may not use the Service under your personal account for batch enterprise processing, even when owning a paid license. Such a use requires obtaining a specific license, that allows for operating virtual and/or robotized accounts.
In order to use our Service and Software, You need to complete a registration process. KeeeX will use part or all of the Registration Data to generate your unique and public KeeeX identifier. This identity will represent you when acting upon documents, or entering into collaboration with other KeeeX users. To date, the KeeeX standards registration process only requests your first and last name and email address. Future possibilities will include registering using a login from another service. Fully anonymous connections may be offered for some services as long as your identification is not required to operate the service, in accordance with the GDPR and within contractual and legal constraints.
Your registration application is evaluated by KeeeX, and if we discover that Your Registration Data is not true, not current, incomplete or inaccurate, KeeeX, at its sole discretion and without prior notice, is entitled to immediately terminate Your rights to continue to use the Service and to terminate the license to use the related Software.
Your Business Administrator
You may register your account as a business account, part of an organization (the « Organization »), which is administered by it’s own administrators. Administrators may have the right to view, suspend or delete your account, view your account’s statistics, view and edit your editable profile data (e.g. Your business email address), and any content accessible to them.
An administrator should also have a KeeeX account, and multiple accounts might be promoted as Administrator in one Organization. The Administrator, and not KeeeX, is responsible for the internal management or administration of the Service, up to password, authentication passphrase and shared secret storage if the Organization policy states so.
Payments and pricing
The prices and payment conditions for services provided by KeeeX shall be those shown by KeeeX in quotes, commercial proposals or signed contracts between You and KeeeX for the subscribed service(s).
KeeeX is the owner of all intellectual property rights, including all copyrights, patents, trademarks associated with the Service, all associated software, logos, text, and graphics, but excluding User Content (defined below). You agree not to display or use any KeeeX intellectual property without KeeeX’s prior permission.
KeeeX grants you a limited license to access and make personal use of the Service according to the conditions and limitations set out by KeeeX for such Service. KeeeX may take appropriate legal action for any illegal or unauthorized use of the Service. The Site, or any portion of the Service may not be reproduced, duplicated, copied, sold, resold, or otherwise exploited for any commercial purpose without express written consent of KeeeX. Any unauthorized use terminates the permission or license granted by KeeeX.
You retain all of your ownership rights in your User Content.
We may use any feedback, ideas, comments, enhancement requests, recommendations or suggestions (‘Suggestions’) You send us or post in our forums without any obligation to You, and You hereby grant to KeeeX a world-wide, royalty free, irrevocable, perpetual license to use and otherwise incorporate any Suggestions.
Software and user license
KeeeX grants You a non-exclusive, revocable and, except as expressly provided for in these Terms, non-transferable right and license to use the Software related to the Service (‘Licensed Software’), solely in accordance with these Terms.
On the basis of these Terms, You may download, install, and benefit from using the functionality of the Licensed Software solely in accordance with these Terms and the technical documentation (‘Documentation’).
Your license to use the Licensed Software is automatically revoked if You violate these Terms.
The Licensed Software requires You to register prior to its first use. KeeeX does not generally implement any storage of your data within a cloud-based back office, unless specific request or specific solution accepted by KeeeX. Synchronizing your data between multiple devices is usually not possible.
You may not:
- Remove or modify any Service Content, disclaimer or warning notice included or embedded in any part of the Service or in any part of the Licensed Software or any copy thereof.
- Analyze, decompile, disassemble, reverse engineer, or otherwise attempt to derive all or any part, particularly the source code of the Licensed Software.
- Distribute, rent, lease, sell, sublicense or otherwise transfer all or part of the Licensed Software or the Service to any person.
- Permit the Licensed Software to be accessed through ‘shareware’ distribution process.
The Licensed Software may contain third party, open-source, well-analyzed software components (‘Third Party Component’), and each of them are chosen with reasonable care. KeeeX acknowledges the efforts of the open-source developers, and what they have done for the community so far. You find the list of their names and their copyright notice here: https://keeex.me/third-party-code/.
You can uninstall the Licensed Software any time, either manually or when available using Your mobile or desktop operating system’s standard uninstall method. You can find a detailed description of the uninstall process here: https://keeex.me/uninstall. If You need further assistance for uninstalling the Licensed Software, please message ‘Contact KeeeX’ using KeeeX ChatOps or write us at mailto:email@example.com.
Updates and changes to the Service
The KeeeX Service will be optimized, improved, maintained under the commitment to honour contractual terms with our customers.
You are responsible for any information or any other materials you make available to KeeeX or any third party when using the Service (collectively, “User Content”). You represent and warrant that you have the full authority to act on your behalf and on behalf of any and all owners of any right, title and interest in and to any User Content you make available in using the Service.
KeeeX takes no responsibility and assumes no liability for any User Content.
Restrictions of use of the Service
You agree to abide by the terms of this Agreement, and to not use the Service to: (i) interfere with, manipulate, or take any actions that may undermine the integrity of the Service; (ii) interfere with or disrupt the Service or servers or networks connected to the Service; (iii) reverse engineer or decompile any elements of the Service.
You represent and warrant that you will not use the Service to upload, post, link to, or otherwise make available any material that contains software viruses or any other computer code, files or programs designed to interrupt, destroy, or limit the functionality of any computer software or hardware or any telecommunications equipment.
Use of Data by KeeeX
The KeeeX technology allows, unless requested or specifically agreed in writing by KeeeX, that the data of users remain exclusively on their Devices and under their total control. KeeeX has no possibility to remotely exploit these data using AI or Data Mining tools, or to infer user profiles that could be traded.
KeeeX thus obeys the highest “best in class” privacy by design and privacy by default standards as required by the GDPR.
KeeeX offers in all possible cases collaboration services that warrant ultimate sharing confidentiality, notably by :
- The use of TLS/SSL encrypted connections between the Software and KeeeX servers using Extended Verification (EV) certificates
- “Zero knowledge” end to end encryption of all data (KeeeX engineers have no possibility to access the ciphered content unless explicitly shared to them
- The obfuscation of encrypted data (no information may help one to guess the nature, emitter or destinations of a message)
- The free choice by users to transfer encrypted data over self controlled clouds, channels or disks
- Digital signature under exclusive user control (private keys and/por Fido keys or others)
In order to provide the proper operation of the Services, KeeeX will potentially use the following metadata : idx (hash of the faile, sent for timestamping purposes only) and idr (user profile hash, sent for notification purposes). These metadata are non invertible cryptographic signatures and hashes that do not give a hint as to what content is implied.
As a means of proper operation of the Services, KeeeX never transfers clear text or invertible data unless absolute technical necessity. Precisely, KeeeX never transfers information of this nature to enable the KeeeX ChatOps notification system (like e.g. file sharing, receipt, approval, start / end version, signature, timestamp…).
Unless required by the law, KeeeX never keeps user related data beyond the scope of their technical use to provide a good quality user experience. As of today, the notifications and ciphered data are not preserved for more than three months.
You understand and accept that using the identity services (validation, publication and revocation), as well as blockchain timestamping services that create certificates meant to be publicly auditable or available to programs entail the public availabity of the following non invertible data : file hashes, public keys and matching signatures, as well as any data that you would have chosen to provide.
You also understand and accept that any data written to a public blockchain cannot be erased or modified.
The personal data collected by KeeeX are required to operate your account and the associated rights. As of today, KeeeX only stores the names, emails and password derivations of our users. Passwords are never received by our servers other than after derivations aimed at making so called dictionary attacks very difficult. Furthermore, the derivations sent and stored on our servers cannot help deciphering user content on their own machine or device using the ChatOps application.
In order to improve the service and to allow for per use billing, You accept the collection and processing of usage statistics without limitation in time, notably the count of files that you process, share, sign, verify, timestamp. Such statistics are never bound to anything but your personal user or company profile.
KeeeX will only provide personal information to third parties: (1) with your consent; (2) where it is necessary to carry out your instructions; (3) as reasonably necessary in order to provide KEEEX services to you; (4) as KeeeX reasonably believes is permitted by law or regulation; or (5) as necessary to enforce our User Agreement or protect the rights, property, or safety of KeeeX or third parties.
KeeeX complies with the French legislation ACT N°78-17 – “LOI INFORMATIQUE ET LIBERTES”OF 6 JANUARY 1978 ON INFORMATION TECHNOLOGY, DATA FILES AND CIVIL LIBERTIES amended by the act of 6 august 2004 relating to the protection of individuals with regard to the processing of personal data.
KeeeX complies with the UE Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (OJ L 119, 4.5.2016, p. 1).
The new EU General Data Protection Regulation (GDPR) applies since May 2018 the 25th. KeeeX fully respects their terms. Notably :
- KeeeX does not commercially exploit your data, metadata or any trace of your activity, nor uses them to train automated learning or AI systems.
- In the vast majority of cases, KeeeX web services do not see your data or metadata, and cannot trace your activity because everything occurs on your own devices (apps, on premises services or mobile apps)
- KeeeX gathers the strict minimum of data required for your usage of the software and services : name, first name and email, and offers whenever possible anonymous or pseudonymous usage through freely chosen and under full control digital identities
- KeeeX cyphers end to end all user to user discussions and shares using shared secrets under full user control, and cyphers all connexions between software and to web services using TLS/SSL encrypted connections.
- KeeeX does not store user activity traces beyond what is strictly necessary to operate the services and unless legally enforced delete every encrypted data or notification in a maximum three month delay.
In case you need further details, feel free to email firstname.lastname@example.org. We keep up to date a synthesis document that combines a personal data registry, an impact analysis and a description of our risk management processes.
According to these legislations, You are entitled to a right to access, correct, delete any data that pertains to you. You may exercise those rights by contacting KeeeX, 37 rue Guibal, 13003 Marseille France, or by email to email@example.com.
Therefore, You can change your KeeeX information at any time by editing your profile, deleting content that you have posted, or by closing your account.
You have a right to (1) access, modify, correct, or delete your personal information controlled by KEEEX regarding your account, (2) change or remove your content, and (3) close your account.
Without limiting other remedies, KeeeX may immediately issue a warning, temporarily suspend, indefinitely suspend or terminate your membership and refuse to provide the Service to you if: (i) KeeeX is unable to verify or authenticate any information you provide to us; or (ii) you breach this Agreement; (iii) KeeeX believes that your actions may cause financial loss or legal liability for you, KeeeX or any other third party or users.
Disclaimers and exclusive Remedies
YOUR USE OF THE SERVICE IS AT YOUR SOLE RISK. THE SERVICE IS PROVIDED ON AN “AS IS” AND “AS AVAILABLE” BASIS. KeeeX EXPRESSLY DISCLAIMS ALL WARRANTIES OF ANY KIND, WHETHER EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT. KeeeX MAKES NO WARRANTY THAT (i) THE SERVICE WILL BE UNINTERRUPTED, TIMELY, SECURE, OR ERROR-FREE, (ii) THE RESULTS THAT MAY BE OBTAINED FROM THE USE OF THE SERVICE WILL BE ACCURATE OR RELIABLE, (iii) THE QUALITY OF ANY SERVICES, INFORMATION, OR OTHER MATERIAL OBTAINED BY YOU THROUGH THE SERVICE WILL MEET YOUR EXPECTATIONS.
KeeeX is solely responsible for the warranties set forth in the agreement, to the exclusion of all other warranties, express or implied, including any warranties of merchantability, fitness for a particular purpose, or infringement.
Any service consumed for free is provided “as is” and according to availability.
Notwithstanding anything to the contrary contained herein, KeeeX shall not, under any circumstances, be liable to you or any third parties for consequential, incidental, indirect, exemplary, special, or other damages whether in an action based on contract, tort (including negligence) or any other legal theory, arising out of or related to the Agreement, including but not limited to lost profits or loss of business.
Under no circumstances shall KeeeX’s total liability of all kinds arising out of or related to the Agreement, regardless of whether any action or claim is based on contract, tort or otherwise, exceed the total amount paid by you to KeeeX hereunder for the services actually giving rise to such liability (determined as of the date of any final judgment in such action). This limitation is cumulative, with all payments to you for claims or damages being aggregated to determine satisfaction of the limit. The existence of one or more claims will not enlarge the limit.
This Agreement and the relationship between you and KeeeX shall be governed by the laws of France. You and KeeeX agree to submit to the personal and exclusive competent jurisdiction of France.