1. Acceptance of Terms

These Terms and Conditions ("Terms") constitute a legally binding agreement between you ("Customer", "you", or "your") and VisionTwice ("VISION AI", "we", "us", or "our") governing your use of the VISION AI platform and all related services (collectively, the "Service").

By registering for an account, clicking "Start free," or otherwise accessing the Service, you confirm that you have the legal authority to enter this agreement on behalf of yourself or your organisation.

2. Description of Service

VISION AI provides an AI-powered customer support automation platform that enables businesses to:

• Upload documents to train a custom AI knowledge base
• Deploy an AI chat widget on their website for automated customer responses
• Enable AI-powered email auto-reply for customer support inboxes
• Access analytics dashboards to monitor performance and customer satisfaction

We reserve the right to modify, suspend, or discontinue any part of the Service at any time with reasonable notice.

3. Account Registration & Eligibility

• You must be at least 18 years old and have legal capacity to enter contracts
• You must provide accurate, complete, and current registration information
• You are responsible for maintaining the security of your account credentials
• You must notify us immediately of any unauthorised account access
• One person or legal entity may not maintain more than one free account
• Accounts registered by bots or automated methods are prohibited

4. Acceptable Use

4.1 Permitted Use

You may use VISION AI solely for legitimate business purposes — to automate and improve your customer support operations in accordance with these Terms.

4.2 Prohibited Activities

You must not use VISION AI to:

• Violate any applicable laws, regulations, or third-party rights
• Upload content that is illegal, defamatory, fraudulent, or infringes intellectual property rights
• Generate deceptive, misleading, or harmful content to end-users
• Attempt to reverse-engineer, decompile, or extract the underlying AI models
• Resell, sublicense, or white-label the Service without written authorisation
• Conduct automated attacks, scraping, or any activity that disrupts the platform
• Collect personal data from end-users without appropriate consent and disclosure
• Use the Service for spam, phishing, or any form of unsolicited communication

5. Plans, Pricing & Billing

5.1 Plans

Plan	Price	Responses	Seats
Free Trial	$0 / month	100 / day	1
Basic	$199 / month	1,00,000 / month	5
Pro / Enterprise	Custom	Unlimited	Unlimited

5.2 Billing

• Paid plans are billed monthly or annually in advance
• All fees are non-refundable except as required by applicable law or our Refund Policy
• We reserve the right to change pricing with 30 days' advance notice
• Failure to pay may result in service suspension after a 7-day grace period
• Taxes (including GST where applicable) are the responsibility of the Customer

5.3 Usage Limits

Exceeding plan limits may result in throttling or temporary service degradation. We will notify you when you approach your limits and offer upgrade options.

6. Intellectual Property

6.1 Your Content

You retain full ownership of all documents, knowledge base content, and data you upload to VISION AI ("Your Content"). By uploading content, you grant us a limited, non-exclusive licence to process and store Your Content solely to provide the Service.

6.2 Our Platform

VISION AI, its software, algorithms, AI models, brand, trademarks, and all associated intellectual property remain exclusively owned by VisionTwice. Nothing in these Terms grants you any rights in our platform beyond the limited right to use the Service.

6.3 Feedback

If you provide feedback, suggestions, or feature requests, we may use them freely without obligation to you.

7. Data Processing

As a business using VISION AI, you act as the data controller for your customers' data. VISION AI acts as your data processor. You are responsible for ensuring your use of our Service complies with applicable data protection laws, including obtaining necessary consents from your end-users.

A Data Processing Addendum (DPA) is available on request for Enterprise customers.

8. Confidentiality

Each party agrees to keep the other's confidential information (including pricing, technical specifications, and business data) strictly confidential and not to disclose it to third parties without prior written consent, except as required by law.

9. Warranties & Disclaimers

VISION AI is provided "as is" and "as available" without warranties of any kind, express or implied. We do not warrant that:

• The Service will be uninterrupted, error-free, or completely secure
• AI responses will be 100% accurate or appropriate for every situation
• The Service will meet all of your specific business requirements

You acknowledge that AI-generated responses may occasionally be inaccurate and that human oversight of customer communications is recommended for high-stakes use cases.

10. Limitation of Liability

To the maximum extent permitted by applicable law, VisionTwice's total aggregate liability to you for any claims arising out of or related to these Terms or the Service shall not exceed the fees paid by you in the three (3) months preceding the claim.

In no event shall we be liable for indirect, incidental, special, consequential, or punitive damages, including loss of profits, data, or goodwill, even if advised of the possibility of such damages.

11. Indemnification

You agree to indemnify, defend, and hold harmless VisionTwice and its officers, employees, and agents from any claims, damages, or expenses (including legal fees) arising from: (a) your use of the Service, (b) Your Content, (c) your violation of these Terms, or (d) your violation of any applicable law or third-party rights.

12. Termination

• By you: You may cancel your account at any time via account settings
• By us: We may suspend or terminate your account for breach of these Terms, non-payment, or if we reasonably believe your use poses a risk to other users or our platform
• Effect of termination: Upon termination, your access ceases immediately. We will retain your data for 30 days for potential export before deletion

13. Governing Law & Disputes

These Terms are governed by the laws of India. Any disputes arising under these Terms shall be subject to the exclusive jurisdiction of the courts in Bhopal, Madhya Pradesh, India.

We encourage you to contact us first at legal@visiontwice.com before initiating any formal proceedings — most issues can be resolved quickly and amicably.

14. Changes to Terms

We may update these Terms periodically. We will provide at least 14 days' notice of material changes via email or an in-platform notification. Your continued use of the Service after the effective date constitutes acceptance of the revised Terms.

15. Contact

1. What Are Cookies?

Cookies are small text files placed on your device when you visit a website. They help websites remember your preferences, keep you logged in, and understand how you navigate. Cookies are not programs and cannot carry viruses or install software.

We also use similar technologies such as local storage, session storage, and pixel tags. This policy covers all of these collectively as "cookies."

2. Cookies We Use

2.1 Strictly Necessary Cookies

These cookies are essential for the platform to function. You cannot opt out of these without breaking core functionality.

Cookie	Purpose	Duration
vision_session	Maintains your authenticated session	Session
vision_csrf	Protects against cross-site request forgery	Session
vision_prefs	Stores your dashboard preferences	1 year
vision_plan	Remembers your current plan for UI rendering	30 days

2.2 Analytics Cookies

Help us understand how you use VISION AI so we can improve the product. All data is aggregated and anonymised where possible.

Cookie / Tool	Purpose	Duration
_ga, _gid (Google Analytics)	Page views, sessions, traffic sources	Up to 2 years
vision_analytics	In-app feature usage events	90 days
vision_perf	Page load times and error tracking	Session

2.3 Functional Cookies

Enable enhanced functionality and personalisation.

Cookie	Purpose	Duration
vision_lang	Remembers your language preference	1 year
vision_onboard	Tracks onboarding completion state	90 days
vision_tour	Remembers if you've seen product tours	1 year

2.4 Marketing Cookies

Used to show relevant ads and measure campaign performance. These are only set with your consent.

Cookie / Tool	Purpose	Duration
_fbp (Meta Pixel)	Conversion tracking for ads	90 days
vision_ref	Attribution of sign-up source	30 days

2.5 Third-Party Cookies

Some features embed third-party services that may set their own cookies:

• Stripe — payment processing (Airwallex Privacy Policy)
• Google Analytics — usage analytics (Google Privacy Policy)
• YouTube — embedded demo video on the marketing page

3. The VISION AI Chat Widget (for your customers)

If you embed the VISION AI chat widget on your website, the widget may set cookies on your visitors' browsers to maintain conversation context and remember returning visitors. As the website owner, you are responsible for disclosing this in your own cookie/privacy policy.

4. Your Cookie Choices

4.1 Cookie Consent Banner

When you first visit VISION AI, a consent banner allows you to accept all cookies or manage your preferences by category. Your choice is saved for 12 months.

4.2 Browser Controls

You can control or delete cookies via your browser settings:

• Chrome
• Firefox
• Safari
• Edge

Note: Disabling cookies may affect platform functionality, particularly authentication and dashboard features.

4.3 Opt-out of Analytics

You can opt out of Google Analytics across all sites using the Google Analytics Opt-out Browser Add-on.

5. Do Not Track

Some browsers send a "Do Not Track" (DNT) signal. Currently, there is no industry-standard response to DNT signals. We do not respond to DNT signals at this time but honour your explicit cookie preferences set in our consent manager.

6. Updates to This Policy

We may update this Cookie Policy as we add new features or third-party integrations. We'll notify you of significant changes via email or platform notice.

7. Contact

Questions about our use of cookies? Contact us at legal@visiontwice.com.

1. Infrastructure Security

Network & Hosting

• VISION AI is hosted on enterprise-grade cloud infrastructure (AWS / GCP) with ISO 27001 certification
• All services run in private Virtual Private Clouds (VPCs) with strict network segmentation
• Web Application Firewall (WAF) protects against OWASP Top 10 attacks
• DDoS protection with automatic traffic scrubbing at the network edge
• All data transfers use TLS 1.2 or higher; TLS 1.0 and 1.1 are disabled
• HTTP Strict Transport Security (HSTS) enforced across all endpoints

Data Storage

• All data at rest is encrypted using AES-256
• Database encryption keys are managed via cloud KMS (Key Management Service)
• Encryption keys are rotated regularly and stored separately from data
• Uploaded documents are stored in isolated, encrypted object storage buckets

2. Application Security

Secure Development

• Security is integrated into our software development lifecycle (SDLC)
• All code changes undergo peer review before deployment
• Automated static application security testing (SAST) runs on every commit
• Third-party dependencies are continuously monitored for known vulnerabilities
• Production deployments require multi-party authorisation

Input & Output Security

• All user inputs are validated and sanitised server-side
• Content Security Policy (CSP) headers prevent cross-site scripting (XSS)
• AI-generated responses are filtered to prevent prompt injection attacks
• SQL parameterisation prevents injection attacks at the database layer
• API endpoints are protected by rate limiting and authentication tokens

3. Authentication & Access Control

• Passwords: Stored using bcrypt hashing with salt — never in plaintext
• Multi-factor Authentication (MFA): Available and strongly recommended for all accounts
• Session Management: Secure, HTTP-only cookies with automatic expiry and rotation
• OAuth / SSO: Supported for Enterprise plans (Google Workspace, Microsoft Azure AD)
• Role-Based Access Control (RBAC): Team members can be assigned specific permission levels
• Principle of Least Privilege: Internal staff access is granted on a need-to-know basis only
• API Keys: Can be generated, scoped, and revoked from the dashboard at any time

4. AI & Data Isolation

Your knowledge base and AI agent are completely isolated from other customers. Specifically:

• Each customer's knowledge base is stored and indexed in isolated data stores
• Your AI agent will never draw on another customer's uploaded documents
• End-user conversation data is scoped strictly to your account
• We do not use your uploaded content or customer conversations to train shared AI models
• AI inference requests are processed with your data only — no cross-contamination

5. Operational Security

Monitoring & Detection

• 24/7 automated monitoring of all production systems and APIs
• Anomalous access patterns trigger automatic alerts and investigation
• Centralised security information and event management (SIEM) system
• Intrusion detection systems (IDS) on all network segments

Incident Response

• Documented incident response plan with defined roles and escalation paths
• Critical security incidents trigger immediate containment procedures
• Affected customers notified within 72 hours of a confirmed data breach
• Post-incident reviews conducted to prevent recurrence

Backups & Recovery

• Automated daily backups of all customer data with 30-day retention
• Point-in-time recovery (PITR) supported for databases
• Disaster recovery procedures tested quarterly
• Recovery Time Objective (RTO): 4 hours; Recovery Point Objective (RPO): 24 hours

6. Employee & Vendor Security

• All employees undergo background verification before access to production systems
• Security awareness training conducted regularly for all staff
• Production access is logged, time-limited, and requires justification
• All third-party vendors and sub-processors are vetted for security practices
• Data Processing Agreements (DPAs) are in place with all sub-processors

7. Responsible Disclosure Policy

We welcome security researchers who help us improve our platform. If you discover a vulnerability:

• Email security@visiontwice.com with a detailed description
• Include steps to reproduce, potential impact, and any PoC (proof of concept)
• Please do not publicly disclose before we've had a chance to investigate and patch
• We commit to: acknowledging your report within 48 hours, providing a resolution timeline within 7 days, and crediting researchers who report valid issues (if desired)

8. Compliance

VISION AI is built to support customers operating under various regulatory frameworks:

Framework / Regulation	Our Position
Indian IT Act 2000 & DPDP Act 2023	Compliant — data processed per Indian law
GDPR (EU)	Supported — DPA available, SCCs for transfers
CCPA (California)	Supported — data deletion and access requests honoured
SOC 2 Type II	In progress — audit scheduled for 2025
ISO 27001	Aligning practices — certification roadmap underway

9. Security Contact