Conduit

Terms of Service

Last updated: March 20, 2026

1. Introduction & Acceptance of Terms

These Terms of Service ("Terms") constitute a legally binding agreement between you ("you" or "User") and the operator of Conduit ("we," "us," or "our"), an individual based in Ontario, Canada, operating under the trade name Conduit. These Terms govern your access to and use of the Conduit desktop application, website, cloud services, API, and any related services (collectively, the "Service").

By creating an account, downloading the application, or using any Conduit services, you agree to be bound by these Terms and our Privacy Policy. If you do not agree to these Terms, do not use the Service.

We may assign these Terms to a successor entity (such as upon incorporation or acquisition) without your prior consent, provided the assignee assumes all obligations under these Terms. Your rights under these Terms will not be diminished by such assignment.

2. Eligibility

You must be at least 16 years of age to create an account or use the Service. By using the Service, you represent and warrant that you meet this age requirement. If you are between 16 and the age of majority in your jurisdiction, you represent that your parent or legal guardian has reviewed and agrees to these Terms on your behalf.

If you are using the Service on behalf of an organization, you represent and warrant that you have authority to bind that organization to these Terms, and references to "you" shall include the organization.

3. Service Description

Conduit is a cross-platform desktop application for managing remote connections including SSH, RDP, VNC, web sessions, and command execution. The Service includes:

  • An encrypted credential vault using zero-knowledge architecture for storing connection configurations, credentials, SSH keys, TOTP secrets, and documents.
  • AI-powered chat capabilities that route requests through our backend to third-party AI model providers (Anthropic and OpenAI).
  • A Model Context Protocol (MCP) server that enables AI agents to interact with your connections and vault data at your direction.
  • Team collaboration features including shared vaults with zero-knowledge encryption, folder-level permissions, and audit logging.
  • Cloud synchronization of encrypted vault data and chat history.
  • Local and cloud backup with tier-gated retention periods.

The Service is available through free and paid subscription tiers with varying feature access, connection limits, and usage quotas.

4. License Grant

Subject to your compliance with these Terms, we grant you a limited, non-exclusive, non-transferable, non-sublicensable, revocable license to download, install, and use the Conduit desktop application on devices you own or control, solely for your personal or internal business purposes.

The software is licensed, not sold. This license does not convey any ownership interest in the software. All rights not expressly granted in these Terms are reserved by us.

5. User Accounts & Security

You must provide accurate and complete information when creating an account and keep this information up to date. You are responsible for maintaining the confidentiality and security of your account credentials, vault master password, recovery passphrase, and any devices on which Conduit is installed.

You must not share your account with others, create multiple accounts, or transfer your account to another person without our prior written consent.

Conduit employs a zero-knowledge encryption architecture. Your master password derives the encryption key locally on your device and is never transmitted to or stored on our servers. As a result, we cannot recover your master password, recovery passphrase, or decrypt your vault data. If you lose both your master password and recovery passphrase, your encrypted data will be permanently inaccessible. It is your sole responsibility to securely store these credentials.

You must notify us immediately at support@conduitdesktop.com if you believe your account has been compromised.

6. Subscriptions, Billing & Refunds

6.1 Subscription Tiers

Conduit offers Free, Pro, and Team subscription tiers. Current pricing, feature details, and usage limits for each tier are displayed on our Pricing page. Feature availability, limits, and pricing are subject to change with prior notice.

6.2 Billing & Auto-Renewal

Paid subscriptions are billed through Stripe on a recurring monthly or annual basis, beginning on the date you subscribe. Subscriptions automatically renew at the end of each billing period at the then-current price unless you cancel before the renewal date.

6.3 Free Trial

We may offer a free trial for the Pro tier. Trial eligibility is limited to one trial per user account. A valid payment method is required to start a trial. If you do not cancel before the trial period ends, your subscription will automatically convert to a paid subscription at the listed price.

6.4 Cancellation

You may cancel your subscription at any time through the Stripe Customer Portal accessible from your account dashboard. Cancellations take effect at the end of the current billing period. You will retain access to paid features until the period expires, at which point your account will revert to the Free tier.

6.5 Refund Policy

All sales are final. We do not offer refunds for subscription payments, partial billing periods, unused portions of a subscription term, or seat reductions. By subscribing, you acknowledge and agree to this no-refund policy. This does not affect any statutory rights that may be available to you under applicable consumer protection laws.

6.6 Price Changes

We may change subscription prices with at least 30 days' prior notice via email or in-app notification. Price changes take effect at the start of your next billing period following the notice. Your continued subscription after a price change constitutes acceptance of the new price. If you do not agree to the new price, you should cancel your subscription before the next billing period.

6.7 Failed Payments

If a payment fails, we may retry the charge as permitted by Stripe. If payment remains unsuccessful, your subscription may be suspended or downgraded to the Free tier. We are not responsible for any fees or charges incurred from your payment provider as a result of failed payment attempts.

7. Team Plans

Team plan subscriptions are billed per seat. The team owner (or designated administrators) is responsible for managing team members, invitations, shared vaults, seat allocation, and folder-level permissions.

7.1 Seat Management

Seat additions are prorated for the current billing period. Seat reductions take effect at the next billing cycle. You cannot reduce seats below the number of active team members plus pending invitations.

7.2 Team Invitations

Team invitations expire after 7 days. Inviting a member grants them access to the Team tier features and any shared vaults they are assigned to. The team administrator is responsible for managing member access appropriately.

7.3 Team Subscription Cancellation

If a team subscription is cancelled or lapses, all team members are downgraded to the Free tier, team memberships are dissolved, and access to shared team vaults is revoked. Encrypted team vault data is retained in accordance with our data retention schedule but cannot be accessed without an active team subscription and the appropriate encryption keys.

7.4 Audit Logging

All mutations to team vaults (entry and folder operations, member changes, permission updates, vault access events) are logged with the actor, action type, target, and timestamp. Audit logs are retained for 2 years and are accessible to team administrators. By participating in a team plan, all members acknowledge and consent to this audit logging.

8. Data Ownership & Zero-Knowledge Architecture

You retain full ownership of all data you create and store in Conduit, including connection entries, credentials, folder structures, documents, and chat conversations.

Conduit uses a zero-knowledge encryption model. Vault data is encrypted locally on your device before any cloud synchronization occurs. Vault Encryption Keys (VEKs) for team vaults are individually wrapped per authorized user using elliptic curve cryptography and are never stored in plaintext on our servers. We cannot access, read, decrypt, or recover your vault contents under any circumstances.

You may export your vault data at any time using the encrypted .conduit-export format for portability and personal backup purposes.

While we do not access your encrypted vault data, we may access and use aggregated, non-identifying metadata (such as total number of entries, feature usage patterns, and connection type distributions) for the purpose of improving the Service. This metadata does not include any vault contents, credentials, or personally identifiable information.

9. Data Retention

Cloud backup retention varies by subscription tier:

  • Free: 1 day
  • Pro: 14 days
  • Team: 6 months

Backups exceeding your tier's retention period are automatically and permanently deleted. If you downgrade from a paid tier to Free, backups exceeding the Free tier's retention period will be deleted automatically.

Team vault audit logs are retained for 2 years from the date of the logged event, after which they are automatically and permanently purged. By using team vaults, you acknowledge and agree to this retention schedule.

For complete information on data retention across all data types, please see Section 7 of our Privacy Policy.

10. AI Features & MCP Server

10.1 AI Chat & Third-Party Processing

AI chat features route requests through our backend to third-party AI model providers (currently Anthropic and OpenAI) for processing. Conversations, prompts, and tool invocation data submitted through AI features are processed by these providers in accordance with their respective terms of service and privacy policies.

We do not use your conversations or vault data to train AI models. Token usage is tracked to enforce subscription tier limits. AI features require an active internet connection and are available only on paid subscription tiers.

10.2 MCP Server & AI Agent Integration

The MCP server enables external AI agents (such as Claude Code, OpenAI Codex, and similar tools) to interact with your connections and vault data. When enabled, AI agents may: view connection metadata, execute terminal commands, interact with remote desktop and web sessions, read documents, and access credentials with your explicit per-request approval.

By enabling the MCP server, you acknowledge that:

  • You are granting AI agents access to connection metadata and, upon per-request approval, credential data.
  • AI agents may execute commands and take actions on remote systems on your behalf.
  • You are solely responsible for reviewing, approving, and validating all AI agent actions before and after execution.
  • We are not liable for any consequences of actions taken by AI agents through the MCP server, including but not limited to data loss, unauthorized access, system damage, or unintended operations.

10.3 AI Output Disclaimer

AI-generated content, suggestions, commands, and actions may be inaccurate, incomplete, inappropriate, or harmful. You are solely responsible for reviewing, validating, and determining the appropriateness of any AI output before acting on it. We provide AI features on an "as is" basis without any warranty of accuracy, reliability, or fitness for any particular purpose.

11. Automatic Updates

The Conduit application may automatically check for and download updates. Updates may include security patches, bug fixes, new features, and changes to existing functionality. By using the Service, you consent to the automatic download and installation of updates.

Continued use of the application after an update constitutes your acceptance of any changes included in the update. We reserve the right to push critical security updates that may be installed without prior notice.

12. Remote Connections & Third-Party Systems

Conduit is a tool for managing remote connections. We do not operate, control, monitor, or have any responsibility for the remote systems you connect to through the Service.

You are solely responsible for:

  • Ensuring you have proper authorization to access any remote system whose credentials you store or connect to through Conduit.
  • Complying with all applicable laws, regulations, and the acceptable use policies of the remote system operators.
  • The security configuration of your connections, including choosing strong credentials, appropriate protocols, and secure connection settings.
  • Any actions taken through connections managed by the software, whether by you directly or by AI agents acting at your direction.

We are not responsible for any data loss, unauthorized access, service interruption, or damage arising from your use of remote connections managed through the software. We do not guarantee the availability, security, performance, or compatibility of any third-party system, protocol, or service.

13. Acceptable Use

You agree not to:

  • Use Conduit for any illegal activity, including unauthorized access to computer systems, networks, or data.
  • Store credentials for systems you are not authorized to access.
  • Attempt to circumvent subscription tier limits, rate limiting, usage restrictions, or security features.
  • Bypass or disable the MCP tool approval mechanism or rate limiters.
  • Abuse AI features, including generating malicious, harmful, deceptive, or illegal content, or using AI agents to exfiltrate data without authorization.
  • Reverse engineer, decompile, disassemble, or attempt to extract the source code of the Conduit application or its components.
  • Copy, modify, distribute, sublicense, lease, sell, or create derivative works of the application or any part thereof.
  • Share, redistribute, or transfer your account access or subscription to another person.
  • Use the Service in any way that could damage, disable, overburden, or impair our infrastructure or interfere with other users' use of the Service.
  • Use automated tools (bots, scrapers, etc.) to interact with the Service in a manner not expressly authorized.
  • Introduce malware, viruses, or other harmful code through the Service.

We reserve the right to suspend or terminate accounts that violate these terms, at our sole discretion, with or without prior notice depending on the severity of the violation.

14. Intellectual Property

The Conduit application, its source code, branding, logos, documentation, website content, and all related intellectual property are owned by us and are protected by copyright, trademark, and other intellectual property laws. You are granted only the limited license described in Section 4.

You retain full ownership of all data you create and store within Conduit. We claim no intellectual property rights over your vault data, credentials, documents, or chat conversations.

Feedback, suggestions, and ideas you provide about the Service may be used by us without any obligation of compensation, attribution, or confidentiality.

15. Warranty Disclaimer

The software and service are provided "as is" and "as available" without warranty of any kind, express or implied, including but not limited to the implied warranties of merchantability, fitness for a particular purpose, title, and non-infringement.

Without limiting the foregoing, we do not warrant that: (a) the service will be uninterrupted, timely, secure, or error-free; (b) the results obtained from the service will be accurate or reliable; (c) connections made through the software will be secure, stable, or compatible with all systems; (d) any stored credentials or vault data will be free from loss or unauthorized access; (e) AI-generated content, commands, or actions will be accurate, appropriate, safe, or free from error; (f) cloud backups will always be available or recoverable; or (g) any defects will be corrected.

Some jurisdictions do not allow the exclusion of implied warranties, so some or all of the above exclusions may not apply to you. In such jurisdictions, our liability is limited to the maximum extent permitted by applicable law.

16. Limitation of Liability

To the maximum extent permitted by applicable law, we shall not be liable for any indirect, incidental, special, consequential, or punitive damages, including but not limited to:

  • Loss of data, credentials, vault contents, or encryption keys.
  • Loss of profits, revenue, or business opportunities.
  • Connection failures, interruptions, or latency to remote systems.
  • Credential exposure resulting from user negligence, weak passwords, device compromise, or operating system vulnerabilities.
  • Damage to remote systems accessed or actions taken through Conduit, whether by the user directly or by AI agents.
  • Third-party service outages affecting AI processing, cloud sync, authentication, or payment processing.
  • Inability to access encrypted data due to lost master password, recovery passphrase, or encryption keys.
  • Consequences of AI-generated content, commands, or actions taken through the MCP server or AI chat features.
  • Unauthorized access to systems resulting from stored credentials being used through the MCP server at the user's direction.

Our total aggregate liability arising from or related to these terms, the service, or any related cause of action shall not exceed the greater of: (a) the total amount you paid to us in the twelve (12) months preceding the event giving rise to the claim, or (b) one hundred Canadian dollars ($100 CAD).

Some jurisdictions do not allow the limitation or exclusion of liability for certain damages. In such jurisdictions, our liability is limited to the maximum extent permitted by applicable law. Nothing in these Terms excludes or limits our liability for fraud, gross negligence, or any other liability that cannot be excluded or limited by applicable law.

17. Indemnification

You agree to indemnify, defend, and hold harmless Conduit and its operator, employees, contractors, and affiliates from any claims, damages, losses, liabilities, and expenses (including reasonable legal fees) arising from or related to:

  • Your use of the Service or any connections made through it.
  • Your violation of these Terms or any applicable law.
  • Your access to third-party systems through the Service, including any claims by the operators of those systems.
  • Actions taken by AI agents at your direction through the MCP server or AI chat features.
  • Your infringement of any third-party rights.
  • Content you store, transmit, or make accessible through the Service.

18. Termination

18.1 Termination by You

You may delete your account at any time through your account settings or by contacting support@conduitdesktop.com. If you have an active paid subscription, you should cancel it through the Stripe Customer Portal before deleting your account to avoid further charges.

18.2 Termination by Us

We may suspend or terminate your account immediately and without prior notice for material violations of these Terms, including but not limited to: illegal activity, unauthorized system access, circumvention of security features, or abuse that threatens the Service's integrity. For other violations, we will make reasonable efforts to provide notice before taking action.

18.3 Effect of Termination

Upon termination:

  • Your right to use the Service and the license granted in Section 4 will immediately cease.
  • Cloud-stored data will be deleted in accordance with our Privacy Policy retention schedule (within 30 days for account data).
  • Local vault data on your device remains accessible with your master password, regardless of account status.
  • Team vault access will be revoked if you are removed from a team or the team subscription is cancelled.

18.4 Survival

Sections relating to intellectual property, warranty disclaimer, limitation of liability, indemnification, governing law, and any provisions that by their nature should survive, will survive the termination of these Terms.

19. Service Availability & Modifications

We may modify, update, suspend, or discontinue any part of the Service at any time. We will make reasonable efforts to provide advance notice for material changes that affect your use of paid features. We do not guarantee uninterrupted service availability and do not offer a service level agreement (SLA) for any subscription tier.

We may add, remove, or modify features at our discretion. If we remove a material feature included in your paid subscription, we will provide reasonable notice and, where feasible, offer an alternative or adjustment.

20. Privacy

Your use of the Service is subject to our Privacy Policy, which describes how we collect, use, disclose, and protect your personal information. By using the Service, you consent to the data practices described in the Privacy Policy.

21. Governing Law & Dispute Resolution

These Terms shall be governed by and construed in accordance with the laws of the Province of Ontario and the federal laws of Canada applicable therein, without regard to conflict of law provisions.

Before initiating formal proceedings, both parties agree to attempt in good faith to resolve any dispute through informal negotiation for a period of at least 30 days. Written notice of the dispute must be sent to the other party describing the nature of the dispute and the relief sought.

If the dispute cannot be resolved through negotiation, any legal proceedings shall be brought exclusively in the courts located in the Province of Ontario, Canada, and you consent to the personal jurisdiction of such courts.

Nothing in this section limits either party's right to seek injunctive or equitable relief in any court of competent jurisdiction to protect intellectual property rights or prevent irreparable harm.

22. General Provisions

22.1 Severability

If any provision of these Terms is found to be unenforceable or invalid by a court of competent jurisdiction, that provision will be limited or eliminated to the minimum extent necessary, and the remaining provisions will remain in full force and effect.

22.2 Entire Agreement

These Terms, together with the Privacy Policy, constitute the entire agreement between you and us regarding the Service and supersede any prior agreements, communications, or understandings, whether written or oral.

22.3 Waiver

Our failure to enforce any right or provision of these Terms shall not constitute a waiver of that right or provision. Any waiver must be in writing and signed by us.

22.4 Assignment

You may not assign or transfer your rights or obligations under these Terms without our prior written consent. We may assign these Terms to a successor entity (including upon incorporation, merger, or sale of substantially all assets) without your consent, provided the assignee assumes all obligations hereunder.

22.5 Force Majeure

We shall not be liable for any failure or delay in performing our obligations under these Terms to the extent caused by events beyond our reasonable control, including but not limited to: natural disasters, acts of war or terrorism, pandemics, government actions, power failures, internet outages, or third-party service disruptions.

22.6 Notices

We may provide notices to you through the application, via email to the address associated with your account, or by posting on our website. Notices to us should be sent to support@conduitdesktop.com.

23. Changes to These Terms

We may update these Terms from time to time. Material changes will be communicated through the application or via email at least 30 days before taking effect. The "Last updated" date at the top of these Terms indicates when they were most recently revised.

Your continued use of the Service after changes take effect constitutes your acceptance of the revised Terms. If you do not agree with the changes, you should discontinue use of the Service and cancel your subscription before the effective date.

24. Contact

For questions about these Terms, contact us at:

support@conduitdesktop.com