Skip to main content

InfraMind — SaaS Product

Terms of Service

The agreement between your organisation and SolidStack for use of the InfraMind service.

Last updated: April 22, 2026

1. Acceptance

These Terms of Service ("Terms") form a binding agreement between SolidStack FZ-LLC ("SolidStack", "we", "us") and the organisation that signs up for or uses InfraMind ("Customer", "you"). By creating an account, connecting an AWS account, or using the service in any other way, you accept these Terms on behalf of your organisation and confirm you have authority to do so.

If you access InfraMind through AWS Marketplace, your purchase is also subject to the AWS Customer Agreement and the applicable Marketplace listing terms; where those conflict with these Terms, the AWS Marketplace terms control for billing matters and these Terms control for use of the service itself.

2. The service

InfraMind is a cloud-hosted service that, once you grant it read-only access to an AWS account, crawls AWS resources across supported services, stores a snapshot of the resulting metadata, and produces:

  • architecture diagrams (networking, compute, data, IAM, security, governance);
  • Terraform HCL files and import blocks for adopting existing resources under IaC;
  • AI-generated analysis reports (security, cost, architecture, general);
  • automated compliance reports against CIS, PCI DSS, HIPAA, SOC 2, ISO 27001, GDPR technical controls, NIST SP 800-53, and FedRAMP;
  • change-detection diffs between consecutive crawls;
  • tag-coverage analysis, cost estimates, and inventory exports.

3. Accounts and eligibility

  • You must be at least 18 years old and legally capable of entering into a contract.
  • One individual per email address. You are responsible for the confidentiality of your credentials and for all activity under your account.
  • The account owner controls organisation settings, billing, and the membership roster. Invited members act on behalf of the organisation.
  • You agree to provide accurate information and to keep it current.
  • We may refuse service, suspend, or terminate accounts that violate these Terms or applicable law.

4. AWS account access

To use the service you grant InfraMind read-only access to one or more AWS accounts, via either (a) a cross-account IAM role whose trust policy names our service principal and the external ID we supply, or (b) AWS IAM Identity Center SSO.

  • You are solely responsible for the scope of the access you grant. We recommend the AWS-managed ReadOnlyAccess policy or a narrower equivalent.
  • InfraMind will not call write, create, update, or delete AWS APIs on the credentials you grant, and is not contractually permitted to do so under these Terms even if the granted policy would allow it.
  • You may revoke access at any time by detaching the role, deleting the role, removing the trust relationship, or revoking the SSO token. Revocation takes immediate effect on new jobs.
  • You confirm that you are authorised to connect the AWS accounts you add, and that doing so does not violate contracts with third parties (for example, if you are an MSP acting for a client, you must have written authority from that client).

5. Acceptable use

You agree not to:

  • connect AWS accounts you are not authorised to scan;
  • use the service to violate any law, infringe intellectual-property rights, or target third parties without their consent;
  • attempt to reverse engineer, decompile, or derive source code from the service, except where such restriction is prohibited by law;
  • probe, scan, penetration-test, or attempt to bypass the service's security or rate limits;
  • resell, rent, sublicense, or white-label the service without a written agreement from us;
  • use the service to build a directly competing product;
  • interfere with other customers' use of the service.

6. Plans, billing, and cancellation

InfraMind is offered in Free, Pro, Business, and Enterprise plans. Plan limits, features, and prices are described on the pricing page and take effect when your subscription is activated. Prices are stated in USD unless otherwise noted, exclusive of VAT and other applicable taxes.

  • Direct billing (Stripe): subscriptions renew automatically at the end of each billing period unless you cancel beforehand. Cancellation takes effect at the end of the current period; the service remains available until then.
  • AWS Marketplace billing: purchases made through AWS Marketplace are billed by AWS on your AWS invoice. Marketplace terms govern renewal, cancellation, and refunds for those charges.
  • Overages and fair use: Free-tier rate limits (e.g. crawls per day, connected accounts) are enforced in the service. Paid tiers with "unlimited" usage are subject to reasonable fair-use limits intended to prevent abuse; we will contact you before taking action if usage is materially out of line with typical customers.
  • Refunds: fees are non-refundable except where required by law. We may, at our discretion, provide a pro-rata refund if we materially fail to deliver the service.
  • Price changes: we may change prices with at least 30 days' notice, taking effect at your next renewal. You may cancel before the new price applies.
  • Taxes: you are responsible for applicable taxes on your purchase, other than taxes on our net income.
  • Late payment: unpaid invoices may result in suspension or termination of the service after reasonable notice.

7. Customer data and licence

"Customer Data" means AWS metadata collected from accounts you connect, together with any configuration, content, or artefacts you upload (for example, custom compliance frameworks). Customer Data remains yours.

You grant SolidStack a worldwide, non-exclusive, royalty-free licence to store, process, transmit, and display Customer Data solely as needed to provide the service and support you. We may generate de-identified aggregate statistics from usage (never Customer Data content) to improve the service.

You are responsible for ensuring you have the right to send Customer Data to us, including any required notices to and consents from end users whose personal data may appear in resource metadata (e.g. IAM usernames).

8. AI outputs and compliance reports

AI analysis and compliance reports are generated by large language models (Claude on AWS Bedrock by default, or Anthropic's API if you opt in). Outputs are produced from your crawl snapshot and a task-specific prompt at a point in time.

  • Outputs are informational. They are not legal advice, audit attestations, regulatory certifications, or a guarantee of security or compliance.
  • Compliance reports compare your infrastructure against published rules (e.g. CIS Benchmark, PCI DSS, HIPAA, SOC 2, ISO 27001, GDPR technical controls, NIST SP 800-53, FedRAMP). Passing a check in InfraMind does not certify your organisation is compliant; obtaining certification requires an independent auditor.
  • AI systems can make mistakes, hallucinate, or miss context. You are responsible for reviewing recommendations before acting on them and for any changes you make to your AWS environment.
  • Terraform exports are provided as-is. Applying them to a live AWS account without review can cause outages or data loss. Always run terraform plan and import resources carefully.

9. Intellectual property

The InfraMind service, including all software, user interfaces, documentation, templates, prompt engineering, compliance rule transformations, and trade marks, is owned by SolidStack or its licensors and is protected by applicable IP laws. These Terms grant you a limited, non-exclusive, non-transferable right to use the service during your subscription. All rights not expressly granted are reserved. Feedback you voluntarily provide may be used by us without restriction, and you assign us the right to do so.

10. Third-party services

The service integrates with third-party platforms including Amazon Web Services (hosting, Bedrock, AWS Marketplace), Anthropic (AI API, optional), Stripe (billing), and Slack/SMTP (notifications). Your use of those platforms is subject to their own terms, and we are not responsible for their availability or conduct. If a third-party service becomes unavailable or changes its terms, we may adapt or discontinue the corresponding feature.

11. Confidentiality

Each party will protect the other's non-public information disclosed in connection with these Terms using at least the same care it uses for its own confidential information (and never less than reasonable care), and will use it only to perform under these Terms. Customer Data is treated as your confidential information. These obligations do not apply to information that is or becomes public without breach, was already known, is independently developed, or must be disclosed by law (with notice where permitted).

12. Warranties and disclaimer

We will provide the service with reasonable skill and care. Apart from that, the service is provided "as is" and "as available". To the maximum extent permitted by law, SolidStack disclaims all other warranties, express or implied, including merchantability, fitness for a particular purpose, non-infringement, uninterrupted or error-free operation, and the accuracy or completeness of AI outputs, compliance reports, cost estimates, or Terraform exports.

You acknowledge that the service depends on AWS and other third-party providers and cannot be more reliable than they are.

13. Limitation of liability

To the maximum extent permitted by law, neither party will be liable for indirect, incidental, special, consequential, or punitive damages, or for loss of profits, revenue, goodwill, data, or business opportunity, even if advised of the possibility.

Each party's total aggregate liability arising out of or relating to the service and these Terms will not exceed the fees actually paid by Customer to SolidStack for the service in the 12 months preceding the event giving rise to the liability. For Free-tier accounts, that cap is USD 100.

These limits do not apply to: (a) either party's indemnification obligations, (b) breach of confidentiality, (c) infringement of the other party's intellectual-property rights, or (d) liability that cannot be limited under applicable law.

14. Indemnification

You will defend and indemnify SolidStack against third-party claims arising from (a) your unauthorised connection of an AWS account, (b) your violation of these Terms or applicable law, or (c) your content or instructions provided to the service. We will defend and indemnify you against third-party claims that the service as provided infringes a third party's registered intellectual-property rights, subject to customary exclusions (modified versions, combinations with your materials, continued use after we provide a replacement). The indemnified party must promptly notify the indemnifier, give reasonable cooperation, and not settle without consent.

15. Suspension and termination

  • You may cancel at any time from the dashboard or by emailing us. Paid service continues until the end of the billing period in effect when you cancel.
  • We may suspend or terminate the service for non-payment, breach of these Terms, risk to the service or other customers, or legal requirement, with reasonable notice where practicable.
  • On termination, your right to use the service ends. You can export Customer Data from the dashboard, and we will make it available for a reasonable period (at least 30 days) after termination unless we are required by law to delete it sooner.
  • Sections that by their nature should survive termination (ownership, confidentiality, disclaimers, limitation of liability, indemnification, governing law) will survive.

16. Beta features

Features labelled "beta", "preview", or "early access" are offered for evaluation. They are provided with no warranty of any kind, may be changed or withdrawn at any time, and are excluded from any service-level commitment.

17. Changes to these Terms

We may update these Terms from time to time. Material changes will be announced by email to account owners and surfaced in the dashboard at least 14 days before they take effect. If you do not agree to a change, you may terminate your subscription before the effective date and receive a pro-rata refund of pre-paid fees for the remaining term.

18. Governing law and disputes

These Terms are governed by the laws of the United Arab Emirates applicable in the Emirate of Dubai, without regard to conflict-of-laws rules. The Dubai courts have exclusive jurisdiction over any dispute, except that either party may seek injunctive relief in any court of competent jurisdiction to protect its intellectual property or confidential information. The UN Convention on Contracts for the International Sale of Goods does not apply.

19. General

  • Entire agreement. These Terms (together with any order form, AWS Marketplace listing, and the Privacy Policy) form the entire agreement and supersede prior discussions.
  • Assignment. You may not assign these Terms without our written consent, except to an affiliate or in a merger/acquisition. We may assign freely.
  • No waiver. A failure to enforce a right is not a waiver of that right.
  • Severability. If any provision is unenforceable, the rest remain in effect.
  • Force majeure. Neither party is liable for delays or failures caused by events outside its reasonable control.
  • Notices. We may send notices to the email address on file; you may send notices to legal@solidstack.ae.
  • Independent contractors. The parties are independent contractors; nothing creates an agency, partnership, or employment relationship.

Contact

Questions about these Terms:

Email: legal@solidstack.ae

SolidStack FZ-LLC · Dubai Silicon Oasis, Dubai, United Arab Emirates

See also the InfraMind Privacy Policy.