seekrit

Terms of Service

Effective date: July 18, 2026

These Terms of Service ("Terms") govern your access to and use of seekrit, the end-to-end encrypted secrets management service ("Service") provided by Seekrit ("Seekrit," "we," "us," or "our"). By creating an account, accessing, or using the Service, you agree to these Terms on behalf of yourself and, if applicable, the organization you represent. If you don't agree, don't use the Service.

Contents

Who we are

Seekrit operates the seekrit secrets management service described in our documentation. References to "Seekrit" in these Terms mean the team operating the Service, regardless of corporate form at any given time.

Accounts and eligibility

You must be at least 18 years old (or the age of legal majority where you live) and able to form a binding contract to use the Service. You're responsible for maintaining the security of your account credentials and for all activity under your account, whether by you or anyone you allow to access it.

Accounts belong to organizations. An organization's owners and admins control who belongs to it and what roles they hold — see access & key grants. If you create an organization on behalf of a company or other entity, you represent that you have authority to bind that entity to these Terms.

You agree to provide accurate registration information and to keep it current, and to notify us promptly at legal@seekrit.dev of any unauthorized use of your account.

The service

seekrit is built around a zero-knowledge guarantee: encryption and decryption happen entirely in your browser or CLI, and the server never holds the information needed to read your secret values. Our security model describes exactly what the server stores (ciphertext and metadata) and what it never sees (plaintext secrets, unwrapped keys, passphrases). That design is a core feature of the Service, not an incidental detail, and these Terms should be read with it in mind — in particular, it means we cannot recover your data for you in ways that would require us to see it in the clear.

Your content and your keys

You retain ownership of everything you store in seekrit — secret values, names, and any other data you submit ("Your Content"). You grant us only the limited rights needed to store, transmit, and process Your Content (as ciphertext, where applicable) in order to provide the Service.

Because of the zero-knowledge design:

  • If you lose a passphrase that protects a private key, we cannot recover it. No one at Seekrit can decrypt your secrets on your behalf. Losing every principal capable of unwrapping an environment's key means that environment's secrets become permanently unrecoverable.
  • You're responsible for managing access — who holds keys to which environments, and for revoking and rotating access when someone leaves or a credential may be compromised.
  • You represent that you have the right to store whatever you put into the Service, and that doing so doesn't violate any law or a third party's rights.

Acceptable use

You agree not to, and not to permit others to:

  • use the Service to store, transmit, or facilitate anything unlawful, infringing, or that violates a third party's rights;
  • attempt to circumvent, probe, or undermine the Service's authentication, key-wrapping, or encryption mechanisms other than through good-faith security research reported per our responsible disclosure process;
  • access or attempt to access another organization's data without authorization;
  • interfere with or disrupt the integrity or performance of the Service (including through excessive automated requests outside normal usage patterns);
  • reverse engineer, resell, sublicense, or white-label the Service except as we expressly permit; or
  • use the Service to build a directly competing product using information gained from your access.

We may investigate and take appropriate action — including suspending access — if we reasonably believe these Terms have been violated.

Temporary access and integrations

Some features let seekrit or a customer-hosted component act on your behalf with credentials you control: temporary-access leases and the self-hosted provisioner, the CLI and seekrit-run, the agent egress proxy, service tokens, and the External Secrets Operator integration. You're responsible for how you configure these — which targets and allowlists you grant, which principals hold which keys, and for revoking access promptly when it's no longer needed. Seekrit is not responsible for actions taken by credentials or leases you've granted to a principal, agent, or workload under your control.

Service changes and availability

We're continually improving seekrit and may add, change, or remove features, including beta or preview functionality that may change or be discontinued without notice. We aim for high availability but don't guarantee the Service will be uninterrupted or error-free, except to the extent a separate written service-level agreement says otherwise for your account.

Suspension and termination

You may stop using the Service and close your account at any time. We may suspend or terminate your access if: you materially breach these Terms and don't cure the breach after notice where practicable; we're required to do so by law; or continued access would pose a security or legal risk to Seekrit or other customers.

On termination, your right to use the Service ends. We'll retain Your Content for a reasonable transition period (see data retention in our Privacy Policy) to allow export, after which it may be deleted. Sections of these Terms that by their nature should survive termination — including ownership, disclaimers, limitation of liability, and dispute resolution — do survive.

Intellectual property

Seekrit and its licensors own all right, title, and interest in the Service, including its software, design, and documentation, other than Your Content. We grant you a limited, non-exclusive, non-transferable license to access and use the Service during your subscription, solely for your own internal business purposes and subject to these Terms.

If you send us feedback or suggestions about the Service, you grant us a perpetual, irrevocable, royalty-free license to use them without restriction or obligation to you.

Confidentiality

Each party may receive non-public information from the other in connection with the Service (for example, security reports, account configuration, or business terms). Each party agrees to use the other's confidential information only to fulfill its obligations under these Terms and to protect it with the same degree of care it uses for its own confidential information, and no less than reasonable care.

Disclaimer of warranties

THE SERVICE IS PROVIDED "AS IS" AND "AS AVAILABLE," WITHOUT WARRANTIES OF ANY KIND, WHETHER EXPRESS, IMPLIED, OR STATUTORY, INCLUDING WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE, AND NON-INFRINGEMENT. WE DON'T WARRANT THAT THE SERVICE WILL BE UNINTERRUPTED, ERROR-FREE, OR SECURE AGAINST ALL POSSIBLE THREATS, OR THAT ANY DATA LOSS WILL NOT OCCUR, INCLUDING DATA THAT BECOMES UNRECOVERABLE BECAUSE A PASSPHRASE OR PRIVATE KEY IS LOST — SEE YOUR CONTENT AND YOUR KEYS.

Limitation of liability

TO THE MAXIMUM EXTENT PERMITTED BY LAW, SEEKRIT AND ITS OFFICERS, EMPLOYEES, AND AGENTS WILL NOT BE LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, OR PUNITIVE DAMAGES, OR ANY LOSS OF PROFITS, REVENUE, DATA, OR GOODWILL, ARISING FROM OR RELATED TO YOUR USE OF THE SERVICE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. OUR TOTAL LIABILITY FOR ANY CLAIM ARISING OUT OF OR RELATED TO THESE TERMS OR THE SERVICE WILL NOT EXCEED THE AMOUNT YOU PAID US IN THE 12 MONTHS BEFORE THE CLAIM AROSE.

Some jurisdictions don't allow the exclusion or limitation of certain damages, so some of the above limitations may not apply to you.

Indemnification

You agree to defend, indemnify, and hold Seekrit harmless from any claims, damages, and expenses (including reasonable attorneys' fees) arising from your use of the Service in violation of these Terms, Your Content, or your violation of any law or third-party right.

Governing law and dispute resolution

These Terms are governed by the laws of the State of Delaware, USA, without regard to its conflict-of-laws principles.

Before filing a claim, you agree to try to resolve the dispute informally by contacting legal@seekrit.dev — most concerns can be resolved this way. If a dispute isn't resolved within 60 days, it will be settled by binding arbitration administered by the American Arbitration Association under its rules, conducted in Delaware or remotely, rather than in court, except that either party may bring an individual action in small claims court and may seek injunctive relief in court to protect its intellectual property or confidential information. Any arbitration or proceeding will be conducted only on an individual basis and not as a class, consolidated, or representative action.

Changes to these terms

We may update these Terms from time to time. If a change is material, we'll provide reasonable notice (for example, by email or an in-app notice) before it takes effect. Continued use of the Service after a change takes effect constitutes acceptance of the updated Terms.

Miscellaneous

These Terms, together with any order form, service-level agreement, or other document they reference, are the entire agreement between you and Seekrit regarding the Service and supersede any prior agreements on the subject. If any provision is found unenforceable, the rest remain in full effect. Our failure to enforce a provision isn't a waiver of it. You may not assign these Terms without our consent; we may assign them in connection with a merger, acquisition, or sale of assets. Neither party is liable for delays caused by events beyond its reasonable control. Notices to you may be sent to the email address on your account. seekrit is encryption software; you're responsible for complying with any export control or sanctions laws that apply to your use of it.

Contact

Questions about these Terms: legal@seekrit.dev.