Terms of Use for platform services

Publisher

DUALE AI, a French Simplified Joint Stock Company (SAS) with capital of €10,000

• Paris Trade Register: 994 521 128
• Registered office: 60 rue François 1er, 75008 Paris, France
• Publication Director: Clémence Lesné
• Email: contact+info@mail.duale.ai

Hosting:

• Website: Cloudflare, Inc.
• Application data: Hetzner Online GmbH, Germany

Definitions

• Platform: all services accessible via our website
• Customer: legal entity or individual acting in a professional capacity, holding a contract with Duale AI
• User: individual authorized by a Customer to access the Platform
• Services: Platform functionalities, including submission, orchestration, and management of agentic tasks
• AI Agents: artificial intelligence systems configured via the Platform
• Content: data, text, files submitted by the User
• Outputs: results generated by AI Agents

Purpose

These Terms of Use define the conditions for using the Platform. See also the Terms and conditions for SaaS service for commercial terms.

Acceptance

Use of the Platform implies acceptance of these Terms.

Acceptance through explicit checkbox (unchecked by default) during account creation. Mere browsing does not constitute acceptance. Duale AI retains proof of acceptance (timestamp, version of Terms accepted, IP address, user action).

Platform Access

Access is reserved for Users authorized by a Customer with an active contract. Users must be at least 18 years old.

Your credentials are personal and confidential. You are responsible for all activity on your account.

Multi-factor authentication is recommended where available.

Artificial Intelligence Services

Service Description

The Platform enables the submission, orchestration, and management of AI Agent tasks based on language models. Models generate responses from User queries.

Data Processing and Enrichment

The Platform may:

• Store and index your documents to make them accessible to AI Agents
• Perform internet searches (public data only) to enrich responses

Internal models: Duale AI uses open-source models hosted on its European infrastructure for document indexing and search result ranking. These processes remain on Duale AI infrastructure.

Web-search features are intended for public data. Do not include personal data in web-search prompts unless the Customer has a lawful basis and the applicable order covers the processing.

Limitations

AI Agents may:

• Make mistakes or “hallucinate” (invent information)
• Reproduce biases
• Vary in quality depending on complexity

Responsibility Allocation

Output Verification Obligation

Especially for:

• Legal, financial, or medical decisions
• External communications
• Production code

Prohibited Uses

In accordance with Regulation (EU) 2024/1689 (AI Act), effective February 2, 2025, the following are prohibited:

• Automated decisions affecting individuals without human oversight
• Illegal content (hate speech, disinformation, CSAM)
• Hacking or malicious acts
• Identity theft
• Emotion recognition in workplace or educational settings (except for medical or safety reasons)
• Biometric categorization to deduce race, political opinions, trade union membership, religious beliefs, sexual orientation, or sex life
• Social scoring based on social behavior or personal characteristics leading to detrimental treatment in unrelated contexts
• Subliminal manipulation exploiting vulnerabilities (age, disability, social or economic situation)
• Building facial databases through untargeted scraping of images from the internet or CCTV
• Predictive policing based solely on individual profiling

Non-compliance may result in fines up to 7% of worldwide annual turnover.

Required Competence

You must understand how AI works to use it properly. Training users remains the Customer’s responsibility.

Health Data

Processing of personal health data requires certified hosting (HDS in France, HIPAA-compliant in the US).

The standard Duale AI offering does not include health data certifications. Health data processing requires a separate written review and agreement before use: contact+hds@mail.duale.ai

Your Obligations

• Use the Platform in accordance with its documentation and these Terms
• Keep your credentials secret and do not share them
• Do not hack, bypass, or test security without authorization
• Respect intellectual property rights of Duale AI and third parties
• Report any unauthorized access within 24 hours
• Do not resell, sublicense, or make the Platform available to third parties

Content and Outputs

Your content remains yours. You grant Duale AI a non-exclusive, worldwide license for the duration of the contract, solely for the purpose of providing the Services.

AI outputs belong to you, subject to: (i) third-party rights in training data or source content, and (ii) applicable copyright law requirements for originality. Under EU law, copyright protection requires works to be the author’s own intellectual creation; purely AI-generated content without significant human creative input may not qualify for copyright protection.

Prohibited content: illegal, hateful, discriminatory, spam, disinformation, infringement of third-party rights.

Moderation (in accordance with the Digital Services Act): Duale AI may remove illegal content or suspend an account. Any moderation decision is justified and notified.

• Report content: contact+abuse@mail.duale.ai (response within 48h)
• Appeal a decision: contact+appeals@mail.duale.ai (response within 15 days)
• Out-of-court dispute resolution: DSA-certified body of your choice

Intellectual Property

The Platform belongs to Duale AI. You have the right to use it while the contract is active, not to copy or resell it.

Personal Data

Controller: DUALE AI SAS — DPO: contact+dpo@mail.duale.ai

Data collected: name, email, connection logs, platform usage.

Legal bases (GDPR Art. 6):

• Contract performance (Art. 6.1.b): account management, Service provision
• Legal obligation (Art. 6.1.c): invoices, security logs
• Legitimate interest (Art. 6.1.f): Service improvement, fraud prevention

Retention periods:

• Account: contract duration + 5 years
• Connection logs: 12 months (security)
• Invoices: 10 years

Your rights (GDPR Art. 15-22): access, rectification, erasure, restriction, portability, objection → contact+privacy@mail.duale.ai (response within 1 month)

International transfers: see List of subprocessors handling personal data. Transfers outside the European Economic Area rely on the Data Privacy Framework where it applies, or on the 2021 standard contractual clauses with supplementary measures where required.

Subprocessors: List of subprocessors handling personal data. A data processing agreement compliant with GDPR Article 28 is available upon request: contact+dpa@mail.duale.ai

Full details: Privacy policy and data protection details

Data Portability and Export

In accordance with Regulation (EU) 2023/2854 (Data Act), applicable from September 12, 2025, you may export all your data (prompts, outputs, configurations) in structured, machine-readable formats (JSON, CSV).

Methods:

• Via interface: export from your Customer portal where available
• Via API: documented endpoints where available
• Upon request: contact+support@mail.duale.ai

Timelines and fees:

• Change notice: 2 months maximum
• Transition period: 30 days maximum
• Export fees: none (switching charges eliminated from January 12, 2027)
• Migration support: 2 months upon request

Security

Security measures:

• Encryption in transit and at rest where supported by the relevant component
• Multi-factor authentication recommended for all accounts and required for administrators where configured
• Customer data separation in the managed service
• Regular security testing

When an incident requires notification under applicable law or the applicable order:

• Early warning: within 24h of becoming aware of the incident
• Incident notification: within 72h (initial assessment, severity, indicators of compromise)
• Final report: within 1 month (detailed description, root cause analysis, corrective measures)

Report a vulnerability: contact+security@mail.duale.ai (responsible disclosure program)

Availability

No guaranteed uptime applies unless agreed in the applicable order form or commercial terms. Any service target or compensation applies only when written in those terms.

Scheduled maintenance: 48h email notification. Emergency maintenance (security) may be performed without notice.

Liability

AI OUTPUTS ARE PROVIDED “AS IS” — they may contain errors or biases. Human verification is mandatory before any use.

Cap: Duale AI’s liability is limited to amounts paid by Customer in the preceding 12 months, per incident.

Exclusions: indirect damages (lost revenue, reputational harm, data loss, etc.)

The cap does not apply in cases of:

• Gross negligence (faute lourde) or willful misconduct (dol) by Duale AI
• Breach of GDPR obligations
• Failure to provide essential Services (Article 1170 French Civil Code)
• Personal injury

Suspension and Termination

Suspension by Duale AI: in case of serious Terms violation, fraud, security risk, or authority request. User is notified by email with reasons.

Termination by Customer: 30 days notice before end of current contract period.

Termination by Duale AI without fault: 3 months notice.

Termination for cause: immediate effect, no notice.

Consequences of termination:

• 30 days to export your data (see Data Portability and Export)
• Unused prepaid amounts handled according to the applicable commercial terms and law
• Data deletion after export period, except where legally required

Modifications

Any modification is notified by email 30 days before taking effect. In case of disagreement, Customer may terminate without penalty.

Disputes

Governing Law: These Terms are governed by French law.

Jurisdiction: Courts of Paris, France.

Statute of limitations: 5 years from the date the claimant knew or should have known of the facts giving rise to the claim (Article 2224 French Civil Code).

Claims: contact+support@mail.duale.ai

For US Users: You agree that any dispute arising from these Terms or your use of the Platform shall be resolved in the courts of Paris, France, and you consent to the personal jurisdiction of such courts. You waive any objection based on inconvenient forum.

Class Action Waiver: To the fullest extent permitted by applicable law, you agree to resolve any disputes on an individual basis and waive any right to participate in class actions, class arbitrations, or representative actions. This waiver does not apply to claims of sexual assault or sexual harassment pursuant to the Ending Forced Arbitration of Sexual Assault and Sexual Harassment Act of 2022.

Miscellaneous

Terms + Commercial Terms + Privacy Policy = entire agreement. Invalidity of one clause does not affect others. Non-exercise of a right ≠ waiver.

Force Majeure

Neither party shall be liable for failure to perform obligations due to force majeure as defined by Article 1218 of the French Civil Code: an event beyond the debtor’s control, which could not reasonably have been foreseen at the time of contract formation, and whose effects cannot be avoided by appropriate measures.

Examples: natural disaster, war, pandemic, widespread cyberattack, major internet infrastructure failure, government action. Economic hardship or financial difficulties alone do not constitute force majeure.

If impediment is temporary, performance is suspended. If impediment is permanent or exceeds 90 days, either party may terminate without compensation, with 15 days notice.

Assignment

Customer may not assign the contract without prior written consent from Duale AI, except to a company it controls or that controls it, subject to prior written notice.

Duale AI may assign the contract to any successor or acquirer of all or part of its business, subject to 30 days notice to Customer.

Accessibility

Duale AI aims to improve Platform accessibility. Any formal accessibility compliance statement is published separately when available.

• Report an accessibility issue: contact+accessibilite@mail.duale.ai

Contact

• General inquiries: contact+info@mail.duale.ai
• Technical support: contact+support@mail.duale.ai
• Legal questions: contact+legal@mail.duale.ai
• Data protection (DPO): contact+dpo@mail.duale.ai
• GDPR rights exercise: contact+privacy@mail.duale.ai
• Data processing agreement request: contact+dpa@mail.duale.ai
• Health data: contact+hds@mail.duale.ai
• Security: contact+security@mail.duale.ai
• Accessibility: contact+accessibilite@mail.duale.ai
• Content reporting: contact+abuse@mail.duale.ai
• Appeal moderation: contact+appeals@mail.duale.ai