PricingDocsContacts
Sign Up
PricingDocsContacts
Sign Up

Complete contract bundle · Version 15 July 2026

Data Processing Addendum Approved Subprocessors Security Measures Acceptable Use Policy

GuardHouse Terms of Service

Effective date: 15 July 2026 for new Customers; for existing Customers, the effective date stated in LegioSoft’s notice.
Version: 15 July 2026

These Terms of Service (“Terms”) govern access to and use of GuardHouse Cloud, GuardHouse trials, the LegioSoft Customer Portal and related services identified in an Order (the “Services”).

The Services are provided by:

LEGIOSOFT SOLUTIONS, SOCIEDAD LIMITADA
CIF/NIF B56957038 · VAT ESB56957038
Calle de les Garrigues, núm. 1, Planta 5, Puerta 11
46001 València (Valencia), Spain
Registered in the Valencia Mercantile Registry: Tomo 11497, Libro 8775, Folio 51, Sección 8, Hoja V-215477, Inscripción 1
(“LegioSoft”, “we”, “us”)

By accepting these Terms or an Order that incorporates them, the entity identified in the Order (“Customer”, “you”) agrees to them. The individual accepting represents that they are at least 18 and authorised to bind Customer.

Business service only. The Services are offered to businesses and professionals acting for business purposes, not to consumers. If mandatory consumer law nevertheless applies, nothing in these Terms removes a right that cannot lawfully be waived.

1. Use of the Services

1.1 Contract documents. The agreement consists of the applicable Order, these Terms and the contract schedules displayed directly below them on this /terms page: the Data Processing Addendum (“DPA”), including its processing-details, approved-subprocessor and security-measures schedules, and the Acceptable Use Policy (“AUP”). Service documentation forms part of the agreement only where an Order or these Terms expressly incorporates it (together, the “Agreement”). By accepting these Terms or an Order that links to this version, Customer accepts all of those schedules as one electronic agreement.

1.2 Orders. An “Order” is a signed ordering document or the electronic plan/region/billing selection accepted through the Customer Portal. It identifies the purchased plan, term, fees and any specific commitments. If an Order conflicts with these Terms, the Order controls for that subject. The DPA controls for Customer Personal Data; mandatory transfer clauses control over all documents.

1.3 Licence to use. During the paid or trial term, LegioSoft grants Customer a limited, non-exclusive, non-transferable, non-sublicensable right for Customer and its authorised personnel to access/use the Services for Customer’s internal business and its lawful application end users, subject to the Agreement.

1.4 Acceptable use. Customer must comply with the AUP and applicable law. Customer must not circumvent technical, security, licence, tenant, plan or billing restrictions or use the Services to build/provide a materially competing authentication service except where an Order expressly permits it.

1.5 Service evolution. LegioSoft may improve, update, replace or discontinue features. During a paid current term, LegioSoft will not intentionally remove core paid functionality in a way that materially defeats the Order without reasonable advance notice and, where no reasonable substitute exists, a right to terminate the materially affected Service. This does not restrict urgent security/legal changes, third-party discontinuation or beta/preview changes.

1.6 No exclusivity. The Agreement does not prevent either party from developing, acquiring or offering products/services that compete with the other, provided it does not misuse the other party’s Confidential Information or intellectual property.

2. Accounts and Access

2.1 Customer must provide accurate account, company, tax, contact and payment information and keep it current.

2.2 Customer controls its account administrators, authorised users, tenant end users, roles, permissions, applications, identity providers, authentication flows and integrations. Customer is responsible for actions taken through its accounts and credentials, except to the extent caused by LegioSoft’s breach.

2.3 Customer must:

  • use individual accounts where available and restrict administrator privileges;
  • protect passwords, API keys, client secrets, tokens and recovery credentials;
  • enable available MFA for privileged accounts;
  • promptly remove access no longer required; and
  • notify info@legiosoft.net without undue delay of suspected unauthorised access or credential compromise.

2.4 LegioSoft may rely on instructions from a Customer administrator as authorised Customer instructions unless LegioSoft knows the person lacks authority. Customer is responsible for internal approvals and disputes between its representatives.

2.5 Accounts may not be sold, shared outside Customer’s authorised organisation or transferred to another legal entity without LegioSoft’s written approval, except in a permitted assignment under Section 13.

3. Subscriptions and Billing

3.1 Fees. Customer will pay the fees, currencies and billing frequency in the Order. Fees are based on the purchased Service/plan, not actual use, except for stated overage or usage charges.

3.2 Recurring subscriptions. Unless the Order states otherwise, monthly or annual subscriptions renew automatically for successive periods of the same length until Customer cancels through the Customer Portal or gives notice before renewal. Cancellation takes effect at the end of the paid period.

3.3 Payment authorisation. Customer authorises LegioSoft and Stripe to charge the selected payment method for fees, overages, applicable taxes and amounts due. Customer must maintain a valid payment method. Payment services are also subject to Stripe’s applicable terms/privacy practices.

3.4 Taxes. Fees exclude VAT and other taxes unless expressly stated. Customer is responsible for applicable transaction taxes except taxes on LegioSoft’s net income. Customer must provide a valid VAT/tax identifier and legally sufficient exemption evidence. LegioSoft may use VIES or another lawful source to validate it.

3.5 Disputes. Customer must raise a good-faith invoice dispute with sufficient detail within 30 days after the invoice. Undisputed amounts remain payable. Customer must not initiate an improper chargeback instead of using the dispute process.

3.6 Late payment. LegioSoft may retry payment, restrict purchasing or suspend the affected Service after reasonable notice where an amount remains overdue. LegioSoft may charge lawful late interest and reasonable recovery costs to the maximum permitted by applicable law.

3.7 Refunds. Fees are non-cancellable and non-refundable after the applicable paid period begins, except where the Agreement expressly provides a refund or mandatory law requires one. A cancellation stops future renewal; it does not refund the current period.

3.8 Price changes. LegioSoft may change standard prices for a future renewal by giving at least 30 days’ notice. A price change does not apply retroactively to a prepaid current term. Customer may cancel before the renewal at the new price.

3.9 The website’s general pricing does not override an Order. “Unlimited” or similar marketing language, if used, remains subject to the documented plan limits, AUP, reasonable technical safeguards and prohibition on abusive use.

4. Free Trials and Previews

4.1 LegioSoft may offer a trial for the period and limits shown when Customer registers. A trial may be changed or ended at any time to the extent permitted by law, including for inactivity, abuse, security risk or capacity.

4.2 A trial does not include an availability commitment, service level, bespoke support, data-preservation guarantee or production-suitability warranty. Customer must not use a trial for critical/production data unless it accepts the risk and maintains its own export/backup.

4.3 Customer will not be charged after a trial unless it affirmatively orders a paid subscription or the trial registration clearly disclosed and Customer authorised an automatic paid conversion.

4.4 Preview, alpha and beta features may be incomplete, changed or discontinued and must not be used for regulated/high-risk processing. Additional preview terms may apply.

5. Customer Data, Privacy and Shared Responsibility

5.1 Customer ownership. As between the parties, Customer retains its rights in Customer Data. Customer grants LegioSoft and its approved Subprocessors a limited right to host, copy, transmit, display and otherwise process Customer Data only as necessary to provide, secure and support the Services, follow lawful Customer instructions and comply with law.

5.2 Roles. Customer controls the purposes/legal basis for tenant end-user data; LegioSoft acts as Processor under the DPA for tenant authentication, activity, session and tenant-security records used to operate/protect that tenant. LegioSoft acts as Controller for its own website, business-account, billing, licence, legal, administrative-account and infrastructure-account security processing as explained in the Privacy Policy. No independent platform-wide or cross-tenant use of Customer Data is authorised unless separately documented and lawfully agreed.

5.3 Customer responsibilities. Customer is solely responsible for:

  • its application, purposes, lawful basis, notices, consent/authorisation and Data Subject responses;
  • the lawfulness, accuracy, quality and content of Customer Data and Customer instructions;
  • end-user eligibility, account administration and age controls;
  • service configuration, roles/permissions, authentication settings and customer-selected integrations;
  • ensuring the Services meet Customer’s regulatory, security and risk requirements; and
  • exporting and separately backing up data Customer needs, particularly before termination.

5.4 Restricted data/use. Customer must comply with the AUP prohibition on minors, special-category/criminal data, biometric-identification templates, health/HIPAA data, cardholder data and high-risk uses unless LegioSoft expressly approves the use in a signed Order/DPA after separate review.

5.5 No AI training or advertising. LegioSoft will not sell Customer Data, use it for behavioural advertising or use it to train AI models. LegioSoft may use data that has been anonymised so it is no longer Personal Data for service capacity, reliability, security and business statistics and will not attempt to re-identify it.

5.6 Customer-selected providers. If Customer configures its own storage, email, identity, webhook or other provider, Customer instructs GuardHouse to transmit data to it. Customer is responsible for provider selection, credentials, contract/DPA, transfer mechanism, availability and conduct. LegioSoft is responsible for secure operation of its integration but not the provider’s independent service.

5.7 Webhooks and external destinations. Customer is responsible for destination security, TLS, authentication, payload minimisation and responses returned by its endpoints. Customer must not cause secrets or unrelated Personal Data to be stored in webhook responses/logs.

5.8 Self-hosted Enterprise. Customer is responsible for hosting, infrastructure, access, backups, security, providers, locations, retention and tenant data in self-hosted Enterprise. As of this version, Enterprise does not make a routine licence-validation callback or send tenant telemetry to LegioSoft. LegioSoft does not routinely access the deployment; support access occurs only on Customer request/authorisation. Before activating a future licence-validation callback, LegioSoft will document the strictly necessary non-user fields, update the Privacy Policy and applicable Order, and provide required notice.

5.9 Data return/deletion. The DPA governs Customer Personal Data return and deletion. Unless Customer sends a verified explicit deletion instruction, a suspended/cancelled/payment-disabled Cloud instance is recoverable for 180 days and then deleted. A verified explicit deletion instruction triggers primary deletion within 30 days; restricted backups expire within 60 days afterwards.

6. Intellectual Property

6.1 LegioSoft and its licensors own the Services, software, documentation, designs, APIs/SDK materials, trademarks, know-how and all related intellectual-property rights, excluding Customer Data and Customer materials.

6.2 No rights are granted except the limited access/use rights expressly stated. Customer must not remove notices, copy or distribute non-public software/documentation, derive source code, create derivative works, resell the Services or use LegioSoft marks without permission, except where mandatory law expressly permits an act despite these restrictions.

6.3 Customer owns its trademarks, applications, content and other materials supplied to LegioSoft. Customer grants the limited rights needed to display/configure them for Customer’s use of the Services.

6.4 Self-hosted Enterprise licence. If an Order identifies GuardHouse Enterprise, LegioSoft grants Customer, during the paid licence term, a limited, non-exclusive, non-transferable and non-sublicensable object-code licence to install and run the supplied, unmodified container images and related components on Customer-controlled infrastructure, solely for the licensed number of environments/instances and Customer’s own business/application users. Customer may make only reasonable backup copies. Customer may not publish the images, provide them as a stand-alone or competing hosted service, remove licence controls/notices, or permit third-party use except as the Order expressly allows. A future Order may require a documented licence-validation mechanism after the notice described in Section 5.8. No source-code right is granted.

6.5 If Customer voluntarily provides feedback, Customer grants LegioSoft a perpetual, worldwide, irrevocable, royalty-free right to use it without identifying Customer or disclosing Customer Confidential Information. Customer is not required to provide feedback.

6.6 Third-party/open-source components remain subject to their applicable licences. The Agreement does not expand or restrict a right granted directly under an open-source licence.

7. Confidentiality

7.1 Confidential Information means non-public information disclosed by a party that is marked confidential or should reasonably be understood as confidential, including Customer Data, security information, non-public product/technical information, pricing in a non-public Order and business plans.

7.2 The receiving party will:

  • use Confidential Information only to perform/exercise the Agreement;
  • protect it using at least reasonable care and no less than it uses for similar information;
  • disclose it only to personnel, advisers and service providers with a need to know and confidentiality obligations; and
  • remain responsible for its representatives’ compliance.

7.3 Confidential Information does not include information the recipient can document: is lawfully public without breach; was already lawfully known without restriction; is received lawfully from a third party without duty; or is independently developed without use of the discloser’s information.

7.4 If law requires disclosure, the recipient may disclose the required minimum and, where legally permitted, will give prior notice and reasonable assistance at the discloser’s expense to seek protection.

7.5 On request/termination, the recipient will return or destroy Confidential Information where reasonably practicable, subject to legal retention, standard backups and the DPA. Retained information remains protected.

7.6 A breach can cause irreparable harm; either party may seek appropriate injunctive relief in addition to other remedies, subject to applicable law.

8. Availability, Changes and Support

8.1 No default SLA. Standard Cloud fees do not include a service-level agreement, uptime credit, guaranteed recovery objective, dedicated account manager or guaranteed support response time. Any SLA or bespoke support applies only if written in an Order.

8.2 LegioSoft will use commercially reasonable efforts to operate the Services, but maintenance, emergency work, internet/cloud/provider failures, Customer configuration, abuse and force-majeure events can interrupt them.

8.3 Published support times are targets, not guarantees, unless an Order expressly states otherwise. Support is limited to the Services; it does not include legal advice, Customer application debugging, customer-selected provider support, migration or custom development unless agreed.

8.4 LegioSoft may impose emergency changes, rate limits, credential revocation or traffic restrictions necessary to protect security, integrity or availability.

8.5 The Services depend on third-party infrastructure and providers. LegioSoft is responsible for its selection/management duties and for approved Subprocessors to the extent required by GDPR Article 28(4) and the DPA. Subject to those duties and mandatory law, LegioSoft is not responsible for an outage or act outside its reasonable control.

8.6 Customer is responsible for business continuity appropriate to its risk, including fallback access design and exports/backups where needed. GuardHouse must not be the sole unmitigated control for a prohibited high-risk use.

9. Suspension, Term and Termination

9.1 The Agreement starts on acceptance/Order date and continues for the trial or subscription term. Paid subscriptions renew under Section 3 unless cancelled.

9.2 Either party may terminate for a material breach that remains uncured 30 days after written notice. A non-payment breach may have a shorter cure period stated in the payment notice, not less than legally required.

9.3 LegioSoft may suspend all or part of the Services immediately where reasonably necessary to:

  • stop an active security incident, unlawful use or AUP violation;
  • protect Customer Data, another customer, the Services or third parties;
  • comply with law or a binding authority request;
  • address use that materially threatens shared availability; or
  • respond to overdue payment after applicable notice.

Where practicable, LegioSoft will limit suspension to the affected scope, notify Customer and restore access after the issue is remedied. Suspension does not create a duty to monitor all Customer activity.

9.4 Either party may terminate immediately if the other becomes insolvent, ceases business or enters an analogous proceeding, subject to mandatory insolvency law.

9.5 On termination/expiry:

  • Customer’s access/use rights end;
  • accrued fees and obligations remain due;
  • Customer must stop using non-public software/materials and return Confidential Information as required;
  • Customer Data is returned/deleted under the DPA and Section 5.9; and
  • provisions intended by nature to survive do so, including payment, IP, confidentiality, disclaimers, liability, indemnity, dispute and data-deletion obligations.

9.6 Termination does not entitle Customer to a refund except where expressly stated in the Agreement or required by law.

10. Disclaimer of Warranties

10.1 To the maximum extent permitted by law, and except for an express warranty in an Order, the Services, trials, previews, documentation and support are provided “as is” and “as available.”

10.2 LegioSoft does not warrant that the Services will be uninterrupted, error-free, invulnerable, compatible with every system, preserve every item of data, detect/prevent every attack, meet Customer’s particular requirements or produce a particular business/security result.

10.3 LegioSoft does not warrant that using GuardHouse alone makes Customer compliant with GDPR, LOPDGDD, NIS2, DORA, HIPAA, PCI DSS, ISO 27001, SOC 2 or any sector rule. Customer remains responsible for its application, legal assessment, configuration and controls.

10.4 LegioSoft disclaims responsibility for Customer Data, Customer instructions, customer-selected providers, third-party identity services/webhooks, Customer’s application and systems outside LegioSoft’s control.

10.5 Marketing, roadmap, estimates, support targets and capacity descriptions are not warranties or SLAs unless expressly incorporated into an Order. Customer must evaluate the Services and not rely on future functionality.

10.6 Nothing excludes an express non-waivable statutory warranty. Some jurisdictions do not allow particular disclaimers, in which case the disclaimer applies to the maximum lawful extent.

11. Limitation of Liability

11.1 Excluded loss. To the maximum extent permitted by law, LegioSoft will not be liable under or relating to the Agreement for indirect, incidental, special, exemplary, punitive or consequential loss, or for loss of profit, revenue, business, opportunity, anticipated savings, goodwill, reputation or data, even if advised that such loss was possible. This exclusion applies regardless of legal theory.

11.2 Aggregate cap. To the maximum extent permitted by law, LegioSoft’s total aggregate contractual and non-contractual liability arising from or relating to an affected Service will not exceed the fees paid or payable by Customer for that affected Service during the 12 months immediately preceding the first event giving rise to the claim. All related events/claims count as one for the cap.

11.3 Trial/free cap. If the claim relates only to a free trial/preview or arises before Customer paid any fee for the affected Service, LegioSoft’s aggregate liability will not exceed EUR 100 (or equivalent), to the maximum extent permitted by law.

11.4 Essential allocation. The fees reflect this allocation of risk. Each limitation applies independently and survives failure of an exclusive remedy.

11.5 Mandatory carve-outs. Nothing excludes or limits:

  • fraud or wilful misconduct (dolo);
  • death or personal injury to the extent liability cannot be limited;
  • a liability that mandatory law prohibits the parties from limiting;
  • Data Subject rights or Supervisory Authority powers; or
  • rights and liabilities that the SCCs prohibit the parties from limiting.

11.6 The cap is an inter-party contractual allocation. It does not bind regulators or Data Subjects and does not remove either party’s statutory GDPR obligations. A party’s right of contribution will be determined under applicable law and the Agreement.

11.7 Customer’s obligation to pay fees and its liability for unlawful Customer Data/instructions, infringement/misappropriation of LegioSoft rights, or indemnity obligations are not limited by Sections 11.1–11.3 to the extent such exclusion is permitted by law.

12. Customer Indemnity

12.1 To the maximum extent permitted by law, Customer will defend, indemnify and hold harmless LegioSoft and its directors, officers and personnel from third-party claims and reasonably incurred losses, damages, judgments and legal costs to the extent arising from:

  • Customer Data or Customer’s application infringing another person’s rights;
  • Customer’s unlawful purpose, missing lawful basis/notice/authority or unlawful instruction;
  • Customer’s breach of the AUP or prohibited-data/use restrictions;
  • Customer’s customer-selected provider, webhook destination or integration; or
  • Customer’s material breach of the Agreement.

12.2 Customer has no obligation to the extent a claim was caused by LegioSoft’s own breach, fraud or wilful misconduct.

12.3 LegioSoft will give reasonably prompt notice, allow Customer to control defence/settlement with competent counsel and provide reasonable cooperation at Customer’s expense. Failure to give prompt notice reduces the obligation only to the extent materially prejudiced. Customer may not settle in a way that admits LegioSoft fault, imposes non-monetary obligations or fails to fully release LegioSoft without LegioSoft’s written consent, not unreasonably withheld.

12.4 This indemnity does not automatically transfer an administrative fine or penalty where law prohibits that result. Any final fine allocation must be reviewed under applicable law and the parties’ respective responsibility.

13. Governing Law and General Terms

13.1 Law and courts. The Agreement is governed by Spanish law, excluding conflict-of-law rules and the UN Convention on Contracts for the International Sale of Goods. The parties submit to the exclusive jurisdiction of the courts of València, Spain, except where mandatory law requires another forum or a party seeks urgent protective relief.

13.2 Good-faith escalation. Before filing an ordinary commercial claim, each party will give written notice and allow authorised representatives 30 days to try in good faith to resolve it. This does not delay urgent injunctive relief, a regulatory deadline or a claim nearing limitation.

13.3 Notices. Legal notices to LegioSoft must be sent to info@legiosoft.net and the registered address. Notices to Customer may be sent to the account/Order email or through the Customer Portal. Email notice is effective when delivered without a bounce; portal notice is effective when made available and accompanied by an account email for a material legal notice.

13.4 Force majeure. Neither party is liable for delay/failure caused by events beyond reasonable control, including internet/cloud/utility failures, natural disaster, war, terrorism, civil disturbance, epidemic, labour dispute not limited to its workforce, government action or widespread cyberattack, provided it uses reasonable efforts to mitigate. Payment obligations for Services already supplied are not excused.

13.5 Assignment. Customer may not assign the Agreement without LegioSoft’s written consent, not unreasonably withheld for a bona fide reorganisation or sale of substantially all relevant business if the assignee is not a competitor, accepts the Agreement and has adequate payment/compliance capacity. LegioSoft may assign to an affiliate or in connection with merger, reorganisation or sale of substantially all relevant business, with notice and continued protection of Customer Data.

13.6 Subcontracting. LegioSoft may use subcontractors subject to its obligations; Subprocessors are governed by the DPA.

13.7 Independent contractors. The parties are independent contractors. The Agreement creates no partnership, fiduciary, employment, franchise or agency relationship. Neither may bind the other.

13.8 No third-party beneficiaries. Except for rights expressly granted by the SCCs/Applicable Data Protection Law and indemnified persons under Section 12, no third party has rights under the Agreement.

13.9 Entire agreement and reliance. The Agreement is the entire agreement on its subject and replaces prior proposals/communications. Customer acknowledges it did not rely on a statement not expressly included, without limiting liability for fraud.

13.10 Severability. If a provision is unenforceable, it will be modified to the minimum extent needed to make it enforceable while preserving intent, or severed if modification is impossible. The remainder continues.

13.11 No waiver. Delay/failure to enforce is not a waiver. A waiver must be written and specific.

13.12 Order of precedence. Mandatory SCCs; the DPA (including its schedules) for data-protection subjects; the Order; these Terms; the AUP; then other expressly incorporated documentation.

13.13 Language. The Agreement is concluded in English, which controls between the parties. Any translation is provided for convenience only. This clause does not override a mandatory language right that applicable law gives Customer.

14. Changes to These Terms

14.1 LegioSoft may update the Agreement for legal, security, provider, operational or service changes.

14.2 For a material change to standard paid terms, LegioSoft will normally give at least 30 days’ advance notice by Customer Portal/email. The change takes effect on the stated date or next renewal as stated in the notice. If a current-term change materially and adversely reduces Customer’s rights, Customer may terminate the affected Service before it takes effect and receive a pro-rata refund of prepaid unused fees, unless the change is required by law/security and no refund is legally/contractually appropriate.

14.3 LegioSoft may make non-material clarifications, provider/list updates and urgent changes required by law or necessary to address a security threat sooner, with notice as reasonably practicable.

14.4 Changes do not apply retroactively to create a breach for conduct that was permitted when it occurred.

15. Contact Information

Questions and legal notices:

LEGIOSOFT SOLUTIONS, SOCIEDAD LIMITADA
Calle de les Garrigues, núm. 1, Planta 5, Puerta 11
46001 València (Valencia), Spain
info@legiosoft.net


GuardHouse Data Processing Addendum

Contract schedule incorporated into the GuardHouse Terms of Service; effective when Customer accepts the Terms or an Order that links to this version.

Version: 15 July 2026

This Data Processing Addendum (the “DPA”) forms part of the agreement governing Customer’s use of GuardHouse Cloud (the “Agreement”) between the customer identified in an Order (“Customer”) and:

LEGIOSOFT SOLUTIONS, SOCIEDAD LIMITADA
CIF/NIF B56957038 · VAT ESB56957038
Calle de les Garrigues, núm. 1, Planta 5, Puerta 11
46001 València (Valencia), Spain
(“LegioSoft”)

The DPA takes effect when Customer accepts or signs an Agreement or Order that incorporates it. If a person accepts for Customer, that person represents that they are authorised to bind Customer.

1. Definitions and scope

1.1 Applicable Data Protection Law means the GDPR, the LOPDGDD, and other data-protection/privacy law applicable to LegioSoft’s processing of Customer Personal Data under the Agreement.

1.2 Customer Data means data submitted to, stored in, sent through or generated for Customer’s tenant through the Services. Customer Personal Data means the Personal Data within Customer Data.

1.3 Controller, Data Subject, Personal Data, Personal Data Breach, Process/Processing, Processor and Supervisory Authority have the meanings given by Applicable Data Protection Law. GDPR means Regulation (EU) 2016/679. LOPDGDD means Spain’s Organic Law 3/2018.

1.4 Order means the ordering document, plan selection or other written/electronic record identifying the Services purchased by Customer. Services means GuardHouse Cloud and related support under an Order. Subprocessor means a third party appointed by LegioSoft to process Customer Personal Data on Customer’s behalf.

1.5 This DPA applies only where LegioSoft processes Customer Personal Data as a Processor. Tenant authentication, activity, session and tenant-security records used to operate and protect that tenant—including tenant-directed IP/ASN enrichment—are Customer Personal Data under this DPA. It does not govern Personal Data for which LegioSoft acts as a Controller, including Customer Portal administration, billing, LegioSoft’s business contacts, legal compliance, and security records for LegioSoft’s own administrative, billing or infrastructure accounts. LegioSoft will separately document any independent platform-wide or cross-tenant security use as Controller; no such independent use is authorised by this DPA. Controller activities are described in the GuardHouse Privacy Policy.

1.6 Self-hosted GuardHouse Enterprise is outside this DPA unless an Order expressly states otherwise. In a self-hosted deployment, Customer controls its infrastructure and tenant data. The current Enterprise build does not send routine telemetry or make a licence-validation callback to LegioSoft. Customer-submitted support data is handled as described in the Privacy Policy and applicable Order. Any future licence-validation processing must first be documented in the Privacy Policy and applicable Order.

2. Roles and authority

2.1 Customer is the Controller of Customer Personal Data. If Customer processes the data on behalf of another Controller, Customer is a Processor and appoints LegioSoft as its Subprocessor.

2.2 LegioSoft is Customer’s Processor for the processing described in Schedule 1.

2.3 If Customer is a Processor, Customer represents and warrants that:

  • the relevant Controller authorised Customer to appoint LegioSoft and the listed Subprocessors;
  • Customer’s instructions, including international-transfer instructions, are authorised by that Controller; and
  • Customer will act as LegioSoft’s sole point of contact for that Controller, without limiting rights that mandatory law gives the Controller or Data Subjects.

2.4 Each party will comply with the obligations that Applicable Data Protection Law assigns to it. Nothing in this DPA reassigns a statutory role where the factual purposes and means require a different result.

3. Customer instructions

3.1 LegioSoft will process Customer Personal Data only:

  • to provide, operate, secure and support the Services in accordance with the Agreement, Order and Customer’s product configuration;
  • on additional documented instructions agreed by the parties; or
  • where Union or Member State law requires processing, in which case LegioSoft will inform Customer before processing unless the law prohibits that notice for important public-interest reasons.

3.2 The Agreement, this DPA, the Order, Customer’s authorised use/configuration of the Services and support requests constitute Customer’s complete documented instructions. Additional instructions must be consistent with the Services and Applicable Data Protection Law. If an instruction requires material work outside standard functionality, the parties will agree scope, timing and reasonable fees before work begins.

3.3 LegioSoft will promptly inform Customer if, in LegioSoft’s reasonable opinion, an instruction infringes Applicable Data Protection Law. LegioSoft may suspend the affected instruction while the parties assess it, without being required to provide legal advice to Customer.

3.4 LegioSoft will not sell Customer Personal Data, use it for behavioural advertising or use it to train LegioSoft or third-party AI models. This does not prevent creation/use of statistics that have been anonymised so that they are no longer Personal Data, provided LegioSoft does not attempt re-identification.

4. Customer responsibilities

4.1 Customer is responsible for:

  • determining and documenting its purposes and lawful basis;
  • providing required privacy notices and obtaining required consents/authorisations;
  • responding to Data Subjects and Supervisory Authorities;
  • ensuring its instructions and use of the Services are lawful;
  • the accuracy, quality and lawfulness of Customer Data and how Customer obtained it;
  • configuring users, roles, permissions, authentication, retention, email, storage, identity providers, webhooks and other integrations appropriately;
  • protecting Customer credentials and systems outside LegioSoft’s control; and
  • making any export or independent backup Customer needs before termination.

4.2 Unless LegioSoft expressly approves the use in a signed Order after a separate legal/security review, Customer will not use standard GuardHouse Cloud to process:

  • data concerning persons under 18 or for a child-directed/educational service;
  • GDPR Article 9 special-category data;
  • GDPR Article 10 criminal-conviction or offence data;
  • biometric templates used for unique identification, health records or identity-document images;
  • full payment-card numbers, CVCs or other cardholder data;
  • protected health information requiring HIPAA compliance; or
  • data used in high-risk, life-safety, critical-infrastructure or similarly regulated decision systems.

4.3 Customer will not circumvent product restrictions or use custom fields, claims, files, webhooks or integrations to submit prohibited data. Customer will notify LegioSoft without undue delay if it discovers prohibited data and will cooperate in secure remediation.

4.4 These Customer obligations allocate responsibility between the parties but do not remove LegioSoft’s own obligations under Applicable Data Protection Law.

5. Confidentiality and personnel

5.1 LegioSoft will limit access to Customer Personal Data to personnel who need it to perform the Agreement and will ensure that authorised personnel are subject to appropriate contractual or statutory confidentiality obligations.

5.2 LegioSoft is responsible for ensuring that personnel process Customer Personal Data only as permitted by this DPA, except where applicable law requires otherwise.

6. Security

6.1 Taking into account the state of the art, implementation costs and the nature, scope, context, purposes and risk of processing, LegioSoft will implement and maintain appropriate technical and organisational measures designed to protect Customer Personal Data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure of or access.

6.2 The baseline measures are described in Schedule 3. LegioSoft may update the measures to reflect technical progress, provided the update does not materially reduce the overall protection of Customer Personal Data during the Order term.

6.3 Customer acknowledges that security is shared. Without limiting LegioSoft’s obligations, Customer is responsible for evaluating whether the Services and available settings are appropriate for Customer’s processing risk and for securely configuring and using them.

7. Subprocessors

7.1 Customer grants LegioSoft general written authorisation to use the Subprocessors listed in Schedule 2 for the processing described in Schedule 1.

7.2 LegioSoft will:

  • conduct proportionate diligence before a Subprocessor processes Customer Personal Data;
  • enter into a written contract imposing data-protection obligations that provide at least the protection required by Article 28 GDPR for the delegated processing; and
  • remain responsible to Customer for the Subprocessor’s performance of those obligations to the extent required by Applicable Data Protection Law.

7.3 LegioSoft will actively notify Customer at least 30 days before a new or replacement Subprocessor begins processing Customer Personal Data. Notice will be sent to the account or Order email in accordance with the Agreement and may additionally be displayed in the Customer Portal. Merely updating Schedule 2 without sending that notice does not constitute notice. If an unexpected provider cessation or genuine security/availability emergency makes 30 days impracticable, LegioSoft will give as much prior notice as reasonably possible and preserve a meaningful opportunity to object before the replacement receives Customer Personal Data. LegioSoft will not use the replacement for Customer Personal Data during the objection process unless Customer expressly authorises the shorter timetable or mandatory law requires the processing; where neither is possible, LegioSoft will suspend the affected operation or use a lawful alternative.

7.4 Customer may object within 15 days after notice, solely on reasonable and documented data-protection grounds. If Customer does not object within that period, Customer will be treated as having authorised the change under its general written authorisation. The parties will work in good faith on a commercially reasonable alternative. If LegioSoft cannot provide one and chooses to retain the Subprocessor, Customer may terminate only the affected Service before the appointment takes effect. Unless the Agreement states otherwise, LegioSoft will refund prepaid fees for the terminated period after termination takes effect. This is Customer’s sole contractual remedy for the objection, without limiting mandatory rights.

7.5 A provider selected and contracted directly by Customer—such as Customer’s own object storage, email, identity provider or webhook recipient—is not a LegioSoft Subprocessor merely because the Services integrate with it. Customer instructs that transfer and is responsible for the provider relationship and transfer lawfulness.

8. Data Subject requests

8.1 Taking into account the nature of processing, LegioSoft will provide appropriate technical and organisational assistance, insofar as possible, for Customer to respond to Data Subject requests under Applicable Data Protection Law.

8.2 Customer is responsible for deciding and communicating the response. If LegioSoft receives a request relating to Customer Personal Data directly from a Data Subject, LegioSoft will not independently respond on the merits (unless legally required). LegioSoft will redirect or forward the request to Customer where reasonably identifiable and await Customer’s instructions.

8.3 Where product functionality does not enable Customer to complete the request, LegioSoft will provide reasonable assistance on request. LegioSoft may charge reasonable fees for assistance that is unusually burdensome or outside standard functionality, except to the extent the assistance is required because LegioSoft breached this DPA.

9. Personal Data Breaches

9.1 LegioSoft will notify Customer without undue delay after becoming aware of a Personal Data Breach affecting Customer Personal Data processed by LegioSoft or an approved Subprocessor.

9.2 To the extent available, notice will describe:

  • the nature of the breach, including categories and approximate numbers of affected Data Subjects and records;
  • the likely consequences;
  • measures taken or proposed to address and mitigate it; and
  • a contact for follow-up.

Information may be supplied in phases as the investigation progresses. LegioSoft will take reasonable steps to contain, investigate and remediate the breach and will preserve the internal record required by law.

9.3 Customer is responsible for determining whether to notify a Supervisory Authority, Data Subjects or other third parties and for the content/timing of its notices. LegioSoft will provide reasonable assistance required by Applicable Data Protection Law, taking account of the information available to LegioSoft.

9.4 LegioSoft’s notice or response does not constitute an admission of fault or liability. Unsuccessful attacks, scans, failed login attempts and events that do not compromise Customer Personal Data are not Personal Data Breaches.

10. Compliance assistance

10.1 Taking into account the nature of processing and information available, LegioSoft will provide reasonable assistance with Customer’s obligations under GDPR Articles 32–36, including security, breach assessment, data-protection impact assessments and prior consultation.

10.2 Customer remains responsible for determining whether a DPIA or consultation is required and for completing it. Assistance outside standard documentation/functionality may be chargeable at reasonable rates unless caused by LegioSoft’s breach.

11. International transfers

11.1 Customer instructs LegioSoft to process Customer Personal Data in the region selected in the Order and to make transfers necessary for the approved Subprocessors and customer-selected integrations. The selected primary GuardHouse region does not guarantee that email, object storage, diagnostics, support or other provider processing remains in that region.

11.2 LegioSoft may rely on an applicable adequacy decision, including the EU–US Data Privacy Framework for a participating certified US recipient. Where no adequacy decision applies, LegioSoft will use a lawful safeguard such as the European Commission Standard Contractual Clauses (“SCCs”) or approved Binding Corporate Rules, together with supplementary measures where appropriate.

11.3 Where the SCCs are required between Customer and LegioSoft, the SCCs adopted by European Commission Implementing Decision (EU) 2021/914 are incorporated by reference as follows:

  • Module 2 (Controller to Processor) applies where Customer is Controller;
  • Module 3 (Processor to Processor) applies where Customer is Processor;
  • Clause 7 (docking) applies;
  • Clause 9 uses Option 2, general written authorisation, with the notice period in Section 7;
  • the optional language in Clause 11 does not apply;
  • for Clause 17, the governing law is the law of Spain;
  • for Clause 18, the courts are the competent courts of Spain;
  • the competent Supervisory Authority is determined under Clause 13 and will ordinarily be the AEPD where that clause permits;
  • Schedule 1 supplies Annex I, Schedule 3 supplies Annex II, and Schedule 2 supplies Annex III.

11.4 If this DPA conflicts with the SCCs, the SCCs prevail for the transfer. The parties will cooperate in good faith on a required UK, Swiss or other jurisdiction-specific transfer addendum.

12. Return and deletion

12.1 During the Agreement, Customer may use available functionality to export or delete Customer Personal Data. An irreversible in-product deletion or verified written deletion request is a documented instruction to delete.

12.2 Customer should use the available self-service export before the applicable Service ends where practicable. This does not limit Customer’s return-or-deletion choice under Section 12.6. On a verified explicit deletion request, LegioSoft will delete the instance’s primary Customer Personal Data within 30 days, unless law requires retention.

12.3 Unless Customer gives a verified explicit deletion instruction, Customer instructs LegioSoft to retain a suspended, cancelled or payment-disabled Cloud instance in a recoverable state for 180 days to protect against accidental/unauthorised destruction and permit restoration. If it is not restored, LegioSoft will permanently delete the primary Customer Data after that period.

12.4 Deleted Customer Personal Data may remain in encrypted, access-restricted disaster-recovery backups until expiry, no later than 60 days after deletion from the primary environment. Backups are not used for ordinary processing. If restored, applicable deletion instructions will be re-applied.

12.5 Where Union or Member State law requires LegioSoft to retain Customer Personal Data after the Services end, LegioSoft will isolate and protect it, process it only for that legal requirement, inform Customer unless prohibited, and delete it when the required period ends. If LegioSoft independently determines that a strictly minimised record must be retained to protect its own infrastructure security or establish, exercise or defend its own legal claims, LegioSoft acts as Controller for that separate processing. It will document the purpose, legal basis, categories and period, provide the applicable notice, restrict access and delete or anonymise the record when the purpose ends.

12.6 At the end of the Services, Customer may choose return or deletion of Customer Personal Data. If Customer chooses return, LegioSoft will provide the standard export in a commonly used, machine-readable format or, where the standard export cannot reasonably cover the relevant data, a reasonable secure alternative or assistance, and will then delete remaining copies under this Section. Customer may instead give a verified instruction for deletion without return.

12.7 The 180-day recovery period in Section 12.3 is Customer’s standing default instruction for suspension, cancellation or payment disablement; Customer may override it with a verified return-and-delete or immediate-delete instruction. LegioSoft will not condition the return/deletion required by Article 28(3)(g) GDPR on technical availability. Reasonable fees may apply only to a Customer-requested bespoke format or additional work beyond the standard return process, not to avoid the required return or deletion.

13. Information and audits

13.1 LegioSoft will make available information reasonably necessary to demonstrate compliance with Article 28 GDPR, ordinarily through this DPA and its schedules, subprocessor information, written questionnaire responses and available independent/provider assurance reports.

13.2 Customer may request such information no more than once in any 12-month period, unless a Personal Data Breach affecting Customer, a documented reasonable concern of material noncompliance, a Supervisory Authority or mandatory law reasonably requires more frequent review.

13.3 If that information is not reasonably sufficient, Customer may request an audit by an independent, qualified auditor that is not LegioSoft’s competitor. The parties will agree scope, timing, duration, confidentiality and security controls in advance. Audits must:

  • relate only to Customer Personal Data and LegioSoft’s obligations under this DPA;
  • occur during normal business hours with at least 30 days’ notice unless a regulator, breach, documented reasonable concern of material noncompliance or mandatory law reasonably requires less;
  • avoid access to other customers’ data and avoid source code, vulnerability details or other security-sensitive information unless reasonably necessary to demonstrate compliance and no less intrusive evidence is sufficient; any necessary access must be tightly scoped, supervised and protected by enhanced confidentiality/security controls;
  • minimise disruption; and
  • comply with reasonable confidentiality and site/system security requirements.

13.4 Customer pays its and LegioSoft’s reasonable audit costs unless the audit establishes LegioSoft’s material breach of this DPA, in which case LegioSoft will bear its own reasonable costs. Nothing limits a Supervisory Authority’s statutory powers.

13.5 LegioSoft will inform Customer if it believes an audit instruction infringes Applicable Data Protection Law or exceeds Customer’s lawful authority.

14. Liability

14.1 The limitations and exclusions of liability in the Agreement apply to this DPA to the maximum extent permitted by law and are aggregated with, not additional to, liability under the Agreement.

14.2 Nothing in the Agreement or this DPA restricts a Data Subject’s rights, a Supervisory Authority’s powers, liability that cannot lawfully be excluded/limited, or rights/obligations under the SCCs.

14.3 The parties acknowledge that contractual allocation between them does not bind a regulator or prevent a Data Subject from seeking the compensation available under Applicable Data Protection Law. Any right of contribution between the parties will be determined by Applicable Data Protection Law and the Agreement.

15. Priority, changes and termination

15.1 For Personal Data processing, conflicts are resolved in this order: mandatory SCC terms; this DPA; the Order; the Agreement; then other service documentation. An Order may increase protection. No Order, amendment or other document may reduce protection required by mandatory Applicable Data Protection Law or the SCCs.

15.2 If Applicable Data Protection Law changes, the parties will cooperate to make reasonably necessary amendments. LegioSoft may update non-material operational details, provider links and equivalent/improved measures by notice. A material reduction requires Customer’s agreement or a lawful termination right.

15.3 This DPA continues while LegioSoft processes Customer Personal Data and terminates after deletion/return is complete, except provisions that by nature survive.


Schedule 1 — Processing details

A. Parties

Data exporter / Customer: the entity identified in the Order. Contact details and activities are those in the Customer Portal/Order. Customer is Controller or Processor as stated in Section 2.
Data importer / Processor: LEGIOSOFT SOLUTIONS, SOCIEDAD LIMITADA, address above, privacy contact info@legiosoft.net. Activities: provision, security and support of GuardHouse Cloud.

B. Subject matter and duration

LegioSoft processes Customer Personal Data to provide identity, authentication, authorisation, session, user/organisation administration, security/audit visibility, email, file, webhook and related support functions under the Agreement. Processing is continuous or event-driven during the Order term and continues only for the return/deletion, backup and lawful-exception periods in Section 12.

C. Nature and purposes

  • collection and receipt from Customer, Data Subjects, configured identity providers and Customer integrations;
  • organisation, structuring, storage and retrieval;
  • identity/account creation and administration;
  • password, MFA, passkey and external-provider authentication;
  • token, authorisation, role, permission, claim, organisation and session management;
  • security logging, IP/network enrichment, abuse prevention, troubleshooting and incident investigation;
  • customer-configured transactional email, object storage and webhook delivery;
  • support, export, correction, restriction and deletion; and
  • backup and disaster recovery.

LegioSoft does not determine Customer’s application purposes and does not use Customer Personal Data for advertising or AI-model training.

D. Data Subjects

  • Customer tenant end users and applicants/invitees;
  • Customer tenant administrators and staff;
  • users of Customer’s applications who authenticate or attempt to authenticate;
  • individuals identified in customer-configured claims, emails, files or webhook events; and
  • Customer personnel whose activity appears in tenant security/audit records.

Machine clients are not Data Subjects, but their credentials/events may include Personal Data of administrators or operators.

E. Personal Data categories

  • identifiers and contact/profile data: user ID, username, email, phone, first/last name, avatar, status;
  • authentication/security data: password hash/security stamps, MFA/recovery configuration, passkey credential/public-key data, external provider identifiers/tokens, access failures and lockout;
  • authorisation data: roles, permissions, claims, organisations, applications, scopes, consents, authorisations and token/session metadata;
  • network/device/activity data: IP address, ASN/provider, approximate country/city, user agent, language, device/session IDs, timestamps, event/action and status;
  • customer-configured email/template content, files, branding and webhook request/response data; and
  • support information submitted by Customer.

F. Sensitive data and minors

Not intended or permitted on standard GuardHouse Cloud. The restrictions in Section 4.2 apply. A passkey public key is not a biometric template; device biometrics are not received by GuardHouse.

G. Frequency

Continuous for hosted accounts/sessions and event-driven for authentication, administration, email, file, webhook, logging, support, backup and deletion operations.

H. Retention

As set out in Section 12, the applicable Order/plan and the public Privacy Policy, subject to shorter customer instructions and lawful exceptions.

I. Competent Supervisory Authority

Determined under Applicable Data Protection Law and SCC Clause 13. For LegioSoft’s Spanish establishment, ordinarily the Spanish Data Protection Agency (AEPD).


Schedule 2 — Approved Subprocessors

Version: 15 July 2026

Customer grants LegioSoft general written authorisation to engage the Subprocessors listed below for the processing described in Schedule 1. A Subprocessor applies only where the relevant GuardHouse Cloud functionality is enabled. Processing continues for the applicable Service term and the deletion or return period stated in Section 12.

Principal locations describe the expected operational locations and are not an assurance that support, security, failover or a provider’s own subprocessors will operate exclusively from those locations. A Restricted Transfer may occur only in accordance with Section 11 and a transfer mechanism binding under LegioSoft’s applicable agreement with the provider. This Schedule does not represent that a particular certification, adequacy mechanism, Standard Contractual Clause or Binding Corporate Rule applies unless it is effective for that recipient and transfer.

Subprocessor and contactProcessing purpose and Customer Personal DataPrincipal processing locationsTransfer position
Oracle Ibérica, S.R.L. (Oracle Cloud Infrastructure); Paseo de la Castellana 81, 28046 Madrid, Spain; attention: Legal DepartmentManaged compute, Kubernetes infrastructure, tenant databases, Redis/cache, operational logs and backups. This may include all Customer Personal Data hosted in the applicable GuardHouse Cloud instance.Customer-selected primary region: Madrid, Spain, or Chicago, Illinois, United States. Oracle support and documented subprocessors may operate from other locations.Primary hosting in Madrid is within the EEA. Section 11 applies where Customer selects Chicago or Customer Personal Data is accessed or processed outside an adequate jurisdiction.
Cloudflare, Inc.; 101 Townsend Street, San Francisco, CA 94107, United States; legal@cloudflare.comLegioSoft-managed R2 object storage for tenant avatars, branding and other stored objects, where enabled.Cloudflare’s EU jurisdictional restriction is enabled for the LegioSoft-managed R2 bucket used by the EU cluster. Support and documented subprocessors may operate elsewhere.The EU R2 restriction does not necessarily prevent international support or account processing. Section 11 applies to any Restricted Transfer.
AC PM, LLC (Postmark); 1 N Dearborn Street, Suite 500, Chicago, IL 60602, United StatesDefault transactional-email delivery, where selected. Data may include recipient email address and name, message or template content, delivery status and related technical metadata.United States, including infrastructure identified in Postmark’s current subprocessor documentation, and any other documented locations used to provide the service.This service may involve a Restricted Transfer to the United States. Section 11 and the transfer provisions binding under the applicable Postmark agreement apply.
Functional Software, Inc. d/b/a Sentry; 45 Fremont Street, 8th Floor, San Francisco, CA 94105, United States; legal@sentry.ioError and performance diagnostics. LegioSoft configures production monitoring to exclude request bodies, authentication headers and cookies, names, email addresses and deliberate user content. Limited technical event metadata may nevertheless constitute Personal Data.Primary diagnostic event storage is configured for Sentry’s EU region. Limited account, organisation, audit, project and usage metadata, support and documented subprocessors may involve the United States or other locations.EU event storage does not exclude all international processing. Section 11 applies to any Restricted Transfer involving account metadata, support or subprocessors.

LegioSoft will keep this Schedule current and will actively notify Customer of an intended addition or replacement as required by Section 7. Merely changing this page is not the required notice.

Customer-selected providers are governed by Section 7.5.

Self-hosted GuardHouse Enterprise is outside this Schedule unless an Order expressly provides otherwise.


Schedule 3 — Technical and Organisational Measures

Version: 15 July 2026

1. Scope and security standard

These measures apply to Customer Personal Data processed by LegioSoft in GuardHouse Cloud. They do not apply to Customer-controlled systems, Customer-selected providers or self-hosted GuardHouse Enterprise infrastructure, except where an Order expressly assigns a control to LegioSoft.

Taking into account the state of the art, implementation costs and the nature, scope, context, purposes and risks of the processing, LegioSoft will maintain technical and organisational measures designed to provide a level of security appropriate to the risk and to protect Customer Personal Data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure of or access.

LegioSoft may replace a measure with an equivalent or stronger measure, provided the change does not materially reduce the overall protection of Customer Personal Data during the Order term. This Schedule does not represent that LegioSoft holds ISO 27001, SOC 2, HIPAA, PCI DSS or any other certification.

2. Governance, confidentiality and access management

  • Responsibility for production operations, security coordination and privacy requests is assigned to an internal function.
  • Access to production systems and Customer Personal Data is limited to authorised personnel who require it to perform the Agreement.
  • Authorised personnel are subject to contractual or statutory confidentiality obligations.
  • Privileged access is assigned individually, limited according to role and service need, and removed when no longer required.
  • Security-relevant production changes and access changes are recorded through LegioSoft’s operational or repository workflow.

3. Tenant isolation and logical access controls

  • Hosted customers are separated through tenant-scoped logical controls, and application and administrative access is restricted by tenant and role.
  • Customer administrators control their tenant users, roles, permissions, applications, identity providers and integrations within the available product functionality.
  • Production administration is separated from ordinary tenant-user access and does not use shared default credentials.
  • Administrative connections and Customer access to public service endpoints use encrypted transport. Strong authentication, including multi-factor authentication where supported by the relevant system, is used for privileged access.
  • Repeated failed end-user sign-in attempts are subject to temporary lockout controls.

4. Authentication and credential protection

  • Passwords are stored using salted, adaptive one-way hashing through the configured ASP.NET Core Identity mechanism; GuardHouse does not store plaintext passwords.
  • For passkeys, GuardHouse stores credential identifiers and public-key material. Any biometric used to unlock a passkey remains under the user’s device or authenticator and is not received by GuardHouse.
  • Authentication tokens and sessions have defined expiry and revocation states, and relevant account-security changes can invalidate active access.
  • Authentication secrets, recovery data, API/client secrets and provider credentials are protected against unauthorised access and are not intentionally included in application logs or diagnostic telemetry.

5. Encryption and communications security

  • Public and administrative service traffic is protected in transit using TLS.
  • LegioSoft-managed database, infrastructure storage and object storage use the applicable cloud provider’s encryption at rest.
  • Application and infrastructure secrets are kept outside public source code and deployment images using the configured secret-management facilities.
  • Administrative infrastructure endpoints are limited to those required to operate the Services and are not offered as public tenant endpoints.

6. Availability, backup and deletion safeguards

  • GuardHouse Cloud uses restricted-access backups for disaster recovery and protection against accidental or malicious deletion. Backups are not used for ordinary product processing.
  • Restoration of a backup does not cancel a valid deletion instruction; the deletion instruction is re-applied after restoration where the restored copy contains affected data.
  • LegioSoft applies the instance-recovery, permanent-deletion and backup-expiry commitments in Section 12 of this DPA. Any lawful preservation exception is handled as stated there.
  • Capacity, availability and recovery objectives are not a service-level commitment unless an Order expressly states otherwise.

7. Logging, monitoring and data minimisation

  • GuardHouse records authentication, session, administrative and other operational or security events needed to provide, protect and troubleshoot the Services and to provide Customer visibility.
  • Access to tenant logs is restricted by role and tenant scope. Retention follows the applicable plan, Order, DPA and Privacy Policy.
  • Diagnostic telemetry is configured to minimise Personal Data and not intentionally include passwords, authentication secrets, request bodies, Customer files or Customer-provided content.
  • Security logs are retained only for their documented operational, contractual, security or legal purpose and are not intended to become an indefinite duplicate store of Customer Data.

8. Secure development and vulnerability handling

  • Source changes are version controlled and pass through LegioSoft’s applicable review and release workflow before production deployment.
  • Secrets and production Personal Data are not placed in source control. Production Personal Data is not copied into development or test environments unless documented necessity and appropriate safeguards require it.
  • Security-relevant changes, authentication changes, data-model changes, new providers and material logging changes are subject to proportionate privacy or security review.
  • Dependencies, container images and reported vulnerabilities are assessed and remediated proportionately to severity, exploitability and risk.

9. Retention and secure disposal

  • Processing and product fields are limited to the identity, authentication, authorisation, security, support and integration functions described in the Agreement and Customer’s permitted configuration.
  • Retention is category-specific. Verified deletion instructions are authenticated and recorded, and deletion is performed under Section 12 of the DPA.
  • Disposal of LegioSoft-managed cloud storage relies on the contracted cloud providers’ secure media controls and deletion of the applicable logical resources.

10. Incident management

  • Suspected security incidents are triaged, contained, investigated, documented and remediated according to their nature and risk.
  • Relevant evidence is preserved proportionately, and affected credentials or keys are revoked or replaced where required.
  • Where LegioSoft acts as Processor, it notifies the affected Customer of a Personal Data Breach without undue delay and provides the information and cooperation described in Section 9 of the DPA.
  • LegioSoft maintains an internal incident record as required by Applicable Data Protection Law.

11. Subprocessors and Customer-selected providers

  • Before a Subprocessor processes Customer Personal Data, LegioSoft conducts proportionate privacy and security diligence and enters into the written data-protection terms required by Section 7 of the DPA.
  • LegioSoft remains responsible for the security of its product integration with an approved Subprocessor.
  • A provider selected and contracted directly by Customer remains under Customer’s control and responsibility as described in Section 7.5 of the DPA.

12. Customer responsibilities and assurance

Security is shared. Customer remains responsible for determining whether the Services and available settings are appropriate for its processing risk and for securely configuring users, permissions, authentication, retention, email, storage, identity providers, webhooks and other integrations.

LegioSoft provides compliance information and permits proportionate review or audit in accordance with Section 13 of the DPA. Information that would expose another customer’s data, source code, exploitable vulnerability details or other security-sensitive material remains subject to the safeguards and limits in that Section.


GuardHouse Acceptable Use Policy

Contract schedule incorporated into the GuardHouse Terms of Service; effective when Customer accepts the Terms or an Order that links to this version.

Version: 15 July 2026

This Acceptable Use Policy (“AUP”) applies to GuardHouse Cloud, trials, APIs, SDKs, hosted login/admin pages and related LegioSoft services. It forms part of the GuardHouse Terms of Service when incorporated there. Capitalised terms have the meaning in the Terms.

Customer is responsible for its users, Customer Data, applications, configuration and anyone using credentials or access Customer provides. Customer must promptly act if it discovers a violation.

1. Lawful use and authority

Customer must not use the Services to:

  • violate applicable law, a court/regulator order or another person’s rights;
  • process Personal Data without a valid lawful basis, required notice and authority;
  • impersonate another person or misrepresent identity/authority in a harmful or unlawful way;
  • facilitate fraud, theft, harassment, stalking, discrimination, exploitation or deceptive activity;
  • infringe intellectual-property, confidentiality, privacy, publicity or contractual rights; or
  • avoid sanctions, export controls or legal restrictions applicable to Customer.

2. Prohibited data and regulated uses

Unless LegioSoft expressly approves the use in a signed Order and DPA after a separate legal/security review, Customer must not use standard GuardHouse Cloud to process:

  • Personal Data of a person under 18 or data for a child-directed/educational service;
  • GDPR Article 9 special-category or Article 10 criminal-offence data;
  • biometric templates used for unique identification, genetic data, health records or identity-document images;
  • full payment-card numbers, CVCs or other PCI cardholder data;
  • protected health information or data requiring HIPAA compliance;
  • data used to operate weapons, emergency/life-support systems, critical infrastructure or other systems where failure could reasonably cause death, personal injury or major physical/environmental damage; or
  • data used for legally significant decisions in employment, credit, insurance, housing, education, healthcare, policing or access to essential services where GuardHouse has not been expressly approved for that regulated use.

Customer must not use custom claims, profile settings, files, webhooks, email templates or other customisation to bypass these restrictions.

GuardHouse is an identity/access component, not a compliance certification. Customer must independently determine whether the Services are suitable for its sector and risk.

3. Security and service integrity

Customer must not, and must not enable another person to:

  • probe, scan or test a vulnerability without LegioSoft’s prior written permission under an agreed security-testing scope;
  • bypass authentication, authorisation, rate limits, plan limits, tenant boundaries, licence validation or security controls;
  • access another customer’s account, tenant, data or systems;
  • introduce malware, destructive code, credential-stealing code or deliberately harmful payloads;
  • use the Services to conduct denial-of-service activity, credential stuffing, password spraying, automated account abuse or attacks against third parties;
  • interfere with service availability, integrity, monitoring or logging;
  • expose keys, tokens, secrets or credentials, or use shared credentials where personal accounts are required;
  • reverse engineer, decompile or attempt to derive non-public source, algorithms or security mechanisms except to the limited extent mandatory law expressly permits despite this restriction; or
  • use the Services to benchmark or publish security/performance test results in a misleading manner or without protecting confidential/security information.

Good-faith vulnerability reports should be sent privately to info@legiosoft.net. Do not access, copy, alter or retain data beyond what is strictly necessary to demonstrate the issue.

4. Messaging, integrations and content

Customer must not use GuardHouse email, webhooks, identity providers, storage or APIs to:

  • send unsolicited bulk or commercial messages, phishing, malware or deceptive content;
  • use addresses or contact data without required authority;
  • transmit illegal, abusive, exploitative or infringing content;
  • cause an unreasonable number of bounces, complaints or provider-policy violations;
  • send secrets or prohibited data to logs, webhook destinations or other integrations; or
  • configure a third-party integration in breach of that provider’s terms or Applicable Data Protection Law.

Customer is responsible for customer-selected storage, email, social-login, webhook and other providers, including its provider contract/DPA, security and transfer mechanism.

5. Plan limits and fair use

Customer must remain within the quantitative and technical limits in its Order and product documentation. A description such as “unlimited” does not permit abusive, unlawful or technically unreasonable consumption and should not be used in final marketing without defined fair-use terms.

LegioSoft may apply reasonable safeguards where use:

  • creates a material security or availability risk;
  • disproportionately consumes shared resources;
  • degrades service for other customers;
  • exceeds documented API, token, introspection, storage, email or other plan limits; or
  • appears designed to avoid billing or technical limits.

Where practicable for non-urgent issues, LegioSoft will contact Customer and allow a reasonable opportunity to reduce use or move to an appropriate Order. Emergency protection may be immediate.

6. No general monitoring duty

LegioSoft does not assume a general duty to monitor Customer Data or determine whether Customer’s purposes are lawful. LegioSoft may use service/security metadata, investigate credible reports, review data reasonably necessary to resolve a security/support issue, and take proportionate action where it knows or reasonably suspects a violation.

This section does not permit LegioSoft to ignore an unlawful processing instruction or other duty imposed directly on a Processor by Applicable Data Protection Law.

7. Enforcement

If LegioSoft reasonably believes use violates this AUP or creates an urgent security/legal risk, LegioSoft may proportionately:

  • request information or remediation;
  • limit a feature, traffic or integration;
  • quarantine or remove harmful content where technically feasible;
  • suspend affected credentials, users, tenant or Service;
  • preserve evidence and make a legally required report; or
  • terminate under the Terms for a material or repeated violation.

LegioSoft will provide notice and an opportunity to cure where reasonably practicable, but may act immediately to protect people, data, the Services or third parties. Customer remains responsible for fees incurred and obligations arising before suspension/termination. Enforcement does not create a duty to detect every violation.

8. Reporting and cooperation

Report suspected abuse or security issues to info@legiosoft.net with enough detail to investigate. Customer must cooperate reasonably with an investigation and must not retaliate against a good-faith reporter.

LegioSoft may disclose information to authorities or affected providers/persons only where required by law or reasonably necessary to protect rights, safety or service integrity, subject to the Privacy Policy and DPA.

9. Changes

LegioSoft may update this AUP to address new threats, law or service functionality. Material changes will be notified as described in the Terms. Changes do not retroactively convert previously permitted conduct into a breach.

Authentication & Authorization, White Label. Deployed in Minutes.

Product

Pricing

Company

Contact Us

Legal

Privacy Policy Terms of Service

Docs

Getting Started Configuration Developer Integrations (SDKs) AI Agents & M2M API Reference

© 2026 Guardhouse. All rights reserved. LEGIOSOFT SOLUTIONS S.L.

Start your free trial

1

Main Info

2

Choose Plan

3

Tenant Info

Format depends on your country and entity type
This defines where your data and infrastructure will be deployed and hosted
    Success

    Your workspace is being set up!

    Your instance will be ready in a few minutes. All the required information will be sent to your email.

    Payment failed

    Payment failed.

    We couldn’t process your payment. Please go to the Customer Portal to update your payment method or contact support.

    Contact Support Go to Customer Portal