Terms of Service

Summary: This is a draft tailored to DiveGuard SaaS (multi-tenant orgs, Stripe subscriptions in USD, Supabase-hosted data). It is not legal advice — have qualified counsel in your jurisdiction review and replace placeholders (governing law, refunds, legal notices) before relying on it commercially.

Last updated: April 18, 2026 · Marine Compliance Systems

1. Agreement

By accessing or using DiveGuard (the "Service"), you agree to these Terms of Service ("Terms"). If you use the Service on behalf of an organization, you represent that you have authority to bind that organization. If you do not agree, do not use the Service.

2. The Service

2.1 Description

The Service provides cloud-based software to help commercial diving and related operations plan, track, and document equipment planned maintenance, including asset registers, maintenance templates and tasks, work orders, audit-related workflows, file attachments (e.g. PDFs, images), team collaboration, and subscription-gated usage limits as shown in the product or on our marketing site.

2.2 No professional services

The Service does not include legal, regulatory, diving, engineering, or compliance advice. You remain solely responsible for meeting applicable laws, client requirements, industry standards you adopt (e.g. IMCA, AS/NZS where referenced in your operations), and contractual obligations.

2.3 Industry standards

References to IMCA, AS/NZS, or similar in the product or materials are informational only. The Service is not certified or endorsed by IMCA or any regulator unless we state otherwise in writing.

2.4 Changes to the Service

We may modify or discontinue features. Where practicable, we will give reasonable notice of material adverse changes. Continued use after changes become effective constitutes acceptance, except where applicable law requires separate consent.

3. Eligibility; Accounts; Organizations

3.1 Organizations

The Service is structured around organizations ("Orgs"). Data is isolated per Org, including database row-level security. Each Org has roles (e.g. Owner, members) as implemented in the product.

3.2 Account security

You must provide accurate registration information and safeguard passwords and sessions. You are responsible for activity under your credentials. Notify your Org Owner or us promptly if you suspect unauthorized access (use the support channel we publish).

3.3 Invitations

Org Owners (or permitted admins) may invite users by email. Invited users complete authentication flows (e.g. Supabase Auth). Invite and transactional email are sent using our infrastructure partners described in the Privacy Policy.

4. Subscription, Fees, Free Plan, and Trials

4.1 Free plan (not a trial)

We may offer a Free plan with no subscription fee while your Org remains within the Free plan limits published in the product or on our website. Free is not a time-limited trial of a paid plan.

To help prevent abuse and enable upgrades, we may require you to add a payment method on file through Stripe (for example via a Checkout session in setup mode). Within the stated Free limits, we do not charge a plan fee for the Free plan. Charges apply only when you start a paid subscription or another paid offering, as disclosed at checkout.

The Free plan has reduced features compared to paid plans, including without limitation: no knowledge-base / manuals library; no full-workspace business data export (e.g. bundled JSON/CSV/Excel backup) as implemented in the product; and one generated PMS certificate PDF download per Org per recurring period. The recurring period is a monthly cycle anchored to your Org's creation date (UTC); if that calendar day does not exist in a given month, the cycle resets on the last day of that month (UTC). Limits may change with notice where practicable.

4.2 Paid plans

Paid access is on a subscription basis for catalog plans such as Solo, Professional, and Enterprise. Fees, currency, and entitlements (e.g. asset limits, file storage, user seats) are those shown at Stripe Checkout or in your Org billing screen. List prices for self-serve catalog plans are in United States dollars (USD) unless we specify otherwise in writing.

4.2.1 Self-serve catalog at launch

At launch, self-serve checkout includes Free (including Stripe payment-method setup where required) and paid subscriptions for Solo, Professional, and Enterprise at the USD list prices we publish. Separate optional purchases such as add-on asset packs, storage bundles, or additional seat packs may not be offered as additional self-serve Stripe line items until we announce them. If you need capacity beyond a tier's published included limits, you may need to move to a higher tier or a Custom arrangement.

4.3 Stripe

Payments, trials, invoices, and payment-method handling are processed by Stripe under Stripe's terms and, where applicable, your agreement with Stripe. You may manage some billing actions via the Stripe Customer Billing Portal when enabled.

4.4 Trial (paid plans only)

When you subscribe to an eligible paid catalog plan, we may offer a time-limited trial (e.g. 7 days) as shown at Stripe Checkout. A valid payment method may be required before or when the trial starts. You are generally not charged the subscription fee until the trial converts to a paid period as shown at checkout, unless a different schedule is clearly disclosed. The Free plan is not covered by this trial section. If any disclosure conflicts, checkout and Stripe records control amounts and timing.

4.5 Upgrades and downgrades

Plan changes follow product behavior (e.g. immediate upgrade with Stripe proration where applied; downgrades may apply at the next billing period). Quota enforcement may block new assets, uploads, or seats when limits are reached.

4.6 Payment failure; delinquency; access restrictions

If payment fails or a paid subscription is not in good standing, we apply the following delinquency schedule in addition to Stripe's own retry and invoice behavior. Day counts are inclusive calendar days in UTC as implemented in the Service.

Grace: for the first seven (7) inclusive UTC calendar days from the Payment Failure Anchor (first recorded failure milestone for the current failed-invoice cycle), the Service may allow normal editing with in-product notices to update billing.

Restricted access: after grace, we may block business mutations (read-only style) while remediation is possible. Full-workspace exports may remain available for eligible paid plans where the product enables them during certain stages.

Escalation: we may present a frozen or similarly limited experience after prolonged non-payment, as implemented.

Deletion target (delinquency path): subject to notices, backups, and rollout, operational Customer Data may be deleted or anonymized after approximately one hundred eighty (180) inclusive UTC calendar days from the Payment Failure Anchor.

If these Terms disagree with Stripe Checkout, the Billing Portal, or Stripe invoices on amounts or whether a charge succeeded, Stripe records control for billing facts.

4.7 Taxes

Fees may be shown inclusive or exclusive of taxes depending on Stripe and your location. You are responsible for taxes applicable to your purchase, other than our income taxes.

4.8 Custom plans

Custom or non-catalog pricing may be governed by a separate order or agreement that, if signed, supersedes conflicting parts of these Terms for that customer.

5. Customer Data and License

5.1 Your data

"Customer Data" means content and metadata your Org submits (equipment records, maintenance history, uploads, settings). As between you and Marine Compliance Systems ("MCS"), you retain ownership of Customer Data. You grant MCS a non-exclusive license to host, process, back up, and display Customer Data only to provide and secure the Service and as stated in our Privacy Policy.

5.2 Lawful basis; third-party data

You represent that you have rights and, where required, consents to upload personal data of personnel, contractors, or third parties. For much of that data your Org is the controller; we act as a processor on instructions expressed through use of the Service.

5.3 Exports and deletion

Export or deletion is subject to product capabilities, backup latency, and legal hold. Deletion may not be immediate across all systems. Plan-based exports (for example a full-workspace business backup in the formats we provide) are only available where the product and your plan allow. This does not limit privacy or data-protection rights that apply to personal data in your jurisdiction, which may require a different process or format — contact us as described in the Privacy Policy.

5.4 Data retention; post-cancellation schedule; inactive Free orgs

Operational Customer Data is stored to run your Org and is not kept indefinitely by default. Calendar-day periods are UTC unless the product shows otherwise for a specific Org.

Definitions. The Billing End Date is when we record that your Org's paid Stripe subscription for the Service has terminated in our billing integration. The Payment Failure Anchor is defined in Section 4.6.

Schedule A — After the paid subscription ends. When the Billing End Date is recorded: we may move your Org to read-only Free-tier-style access; for ninety (90) inclusive UTC calendar days from the Billing End Date (or as shown in-product), full-workspace exports may remain available where enabled; you are responsible for backups during that window. After the window, we may delete or anonymize operational Customer Data subject to backup latency and batch scheduling (for example processing on or shortly after the day following the export deadline).

Schedule B — Payment delinquency. Section 4.6 applies while charges fail before the subscription has fully ended under Schedule A.

Priority. If both schedules could apply, Schedule A controls the operational export window and scheduled operational purge once the Billing End Date is recorded; Section 4.6 delinquency deletion targets do not extend operational retention beyond Schedule A once Schedule A applies.

Notices. We will use reasonable efforts to provide email and/or in-product notices before scheduled deletion, using contact details and features we have on file. Notice timing and channels depend on implementation and may change as the product evolves.

Billing and tax records. We and Stripe may retain certain billing, invoice, refund, and subscription metadata for periods required for accounting, tax, payment network rules, or law — often up to seven (7) years where applicable — even after operational Customer Data in the Service is deleted.

Free plans and inactivity. If your Org remains on a Free plan and is not in Schedule A, we may treat your Org as inactive based on the Org Owner's last successful sign-in and/or organization activity timestamps we maintain. After notice where required, we may delete or anonymize operational Customer Data after approximately 60 calendar days of inactivity as implemented in the product, unless a different period is shown in-product or required by law. Where both this policy and Schedule A could apply, Schedule A takes precedence for Orgs with a recorded Billing End Date.

Exceptions. We may delay or extend deletion for compliance, court orders, credible security or abuse investigations, disputes, or a documented legal hold / support arrangement in our systems.

This subsection describes current product intent and may be refined as automated jobs and notice templates ship. If anything conflicts with a signed Custom order form, the order form controls for that customer.

6. Acceptable Use

You will not, and will not permit others to:

• probe, scan, or test vulnerabilities without our written consent;
• misuse APIs, scrape at scale, or bypass quotas or security;
• upload unlawful, infringing, or malicious content;
• attempt to circumvent Org isolation (e.g. RLS);
• reverse engineer except where law permits;
• use the Service in violation of sanctions or export controls.

We may suspend access for violations.

7. Confidentiality

We use reasonable measures to protect Customer Data. You will treat non-public information about the Service similarly, except where disclosure is required by law.

8. Disclaimer of Warranties

TO THE MAXIMUM EXTENT PERMITTED BY LAW, THE SERVICE IS PROVIDED "AS IS" AND "AS AVAILABLE". WE DISCLAIM ALL IMPLIED WARRANTIES INCLUDING MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT. We do not warrant uninterrupted or error-free operation.

9. Limitation of Liability

TO THE MAXIMUM EXTENT PERMITTED BY LAW: (a) NEITHER MCS NOR ITS SUPPLIERS WILL BE LIABLE FOR INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, EXEMPLARY, OR PUNITIVE DAMAGES, OR LOSS OF PROFITS, DATA, GOODWILL, OR BUSINESS INTERRUPTION; (b) OUR AGGREGATE LIABILITY ARISING OUT OF THESE TERMS OR THE SERVICE IN ANY TWELVE (12) MONTH PERIOD WILL NOT EXCEED THE GREATER OF (i) THE AMOUNTS ACTUALLY PAID BY YOU TO MCS FOR THE SERVICE IN THAT PERIOD, OR (ii) USD 100. Some jurisdictions do not allow certain limitations; our liability is limited to the fullest extent permitted.

10. Indemnity

You will defend and indemnify MCS and its affiliates against third-party claims arising from (a) Customer Data, (b) your violation of law or these Terms, or (c) your misuse of the Service, except to the extent caused by MCS's gross negligence or willful misconduct (as finally determined).

11. Termination

11.1 Your termination

You may stop using the Service and, where available, cancel via Billing or the Customer Portal.

11.2 Our termination

We may suspend or terminate for material breach, non-payment after any cure period we implement, security risk, or legal requirement.

11.3 Survival

Sections intended by their nature to survive termination (e.g. liability, indemnity) survive.

12. Governing Law; Disputes

These Terms are governed by the laws of Australia, excluding conflict-of-law rules that would apply another law. Courts in Australia have non-exclusive jurisdiction, unless mandatory consumer or local law requires otherwise. Your counsel should confirm venue and governing law for your entity.

13. Data Processing (DPA / SCCs)

Where GDPR, UK GDPR, or similar requires it, we will provide a Data Processing Agreement or standard contractual clauses on request from your Org Owner.

14. Contact

Marine Compliance Systems
For product support, use the channel published in the Service or contact your Org Owner. For legal notices, use the contact details your counsel provides after J9 — placeholder until published: the same channel as your public privacy contact on dive-guard.com.