Terms of Service — PyLocket

1. Effective Date

These Terms of Service (“Terms”) were last updated on March 2, 2026, and are effective as of that date for all new users. For existing users, these Terms become effective thirty (30) days after notice of the update was provided, unless you terminate your account before the end of the notice period.

These Terms constitute a legally binding agreement between you, the developer (“you,” “your,” or “Developer”), and PyLocket (“we,” “us,” or “our”), governing your access to and use of the PyLocket platform and all related services. By creating an account, accessing the Service, or using any component of the Service, you acknowledge that you have read, understood, and agree to be bound by these Terms in their entirety.

If you do not agree to these Terms, you must not access or use the Service. Your continued use of the Service following any modifications to these Terms constitutes your acceptance of the modified Terms.

2. Definitions

The following terms, when capitalized in these Terms, shall have the meanings set forth below. These definitions apply regardless of whether the defined term is used in singular or plural form.

“Service” means the PyLocket platform in its entirety, including but not limited to the command-line interface (CLI), application programming interface (API), Developer Portal (web application), PyCharm/IntelliJ IDE plugin, native Runtime, build pipeline, licensing infrastructure, documentation, and all related tools, updates, and support resources provided by PyLocket.
“Developer” or “you” means the individual person or legal entity that creates an account with PyLocket and uses the Service. If you are using the Service on behalf of a company, organization, or other legal entity, “Developer” refers to that entity, and you represent and warrant that you have the authority to bind that entity to these Terms.
“End User” means any individual or entity who uses, accesses, or interacts with a Protected Application distributed by a Developer. End Users are the Developer’s customers or authorized recipients of the Protected Application.
“Application” means the Developer’s original Python software code, including all source files, assets, configurations, and dependencies, that is submitted to the Service for Build processing.
“Protected Application” or “Protected Artifact” means the encrypted output produced by PyLocket’s build pipeline after processing a Developer’s Application. A Protected Application consists of the Developer’s encrypted code bundled with the PyLocket Runtime and is the distributable artifact intended for End Users.
“License Key” means a unique alphanumeric string generated through the Service that is used to enforce end-user license validation and activation controls on Protected Applications.
“Runtime” means the native compiled component developed by PyLocket that is embedded within Protected Applications. The Runtime is responsible for decrypting Application code at execution time, enforcing License Key validation, performing anti-tamper checks, and collecting Telemetry Data when enabled.
“Device Fingerprint” means a one-way cryptographic hash derived from a combination of hardware and software attributes of an End User’s device. Device Fingerprints are used to uniquely identify a device for the purpose of License Key activation enforcement without storing or transmitting the underlying hardware attributes.
“Telemetry Data” means security-related event data collected by the Runtime during execution of a Protected Application, including but not limited to anti-tamper events (such as debugger detection, code integrity verification failures, and unauthorized modification attempts), along with associated metadata such as timestamps, Device Fingerprints, and IP addresses.
“Build” means a single processing operation initiated by a Developer through the Service that transforms an Application into a Protected Application. Each Build consumes server resources and produces a unique Protected Artifact.
“Platform” means a specific combination of operating system and processor architecture for which the Runtime is compiled and supported. As of the effective date of these Terms, supported Platforms include Windows x64, Linux x64, Linux ARM64, macOS x64, and macOS ARM64.

3. Description of Services

PyLocket provides a cloud-based platform designed to help software developers protect their Python applications through code encryption and license enforcement. The Service enables Developers to safeguard their intellectual property, control the distribution of their software, and monitor the security posture of their deployed applications.

The Service comprises the following components:

Build Pipeline: A cloud-based system that accepts a Developer’s Application source code, encrypts the Python code using industry-standard cryptographic algorithms, and packages the encrypted code with a native Runtime to produce a Protected Application. The build pipeline supports multiple target Platforms and produces self-contained distributable artifacts.
Licensing System: An infrastructure for generating, managing, and validating License Keys. The licensing system supports device-bound activation, configurable activation limits per License Key, expiration dates, and offline grace periods. License validation is performed by the Runtime at application startup and may be checked periodically during execution.
Command-Line Interface (CLI): A developer tool installable via standard Python package managers that provides command-line access to the Service for local development workflows, including application configuration, Build submission, License Key management, and status monitoring.
REST API: A programmatic interface providing authenticated access to all Service functionality, enabling integration with continuous integration/continuous deployment (CI/CD) pipelines, custom tooling, and automation workflows.
Developer Portal: A web-based application accessible at pylocket.com that provides a graphical interface for managing applications, builds, License Keys, billing, telemetry dashboards, and account settings.
PyCharm/IntelliJ IDE Plugin: An integrated development environment plugin distributed through the JetBrains Marketplace that allows Developers to configure, build, and manage Protected Applications directly from within the PyCharm or IntelliJ IDEA development environment.
Documentation and Support Resources: Comprehensive guides, API references, tutorials, frequently asked questions, and support channels provided to assist Developers in using the Service effectively.

PyLocket reserves the right to modify, enhance, or discontinue any component of the Service at any time. We will provide reasonable notice of material changes that may affect your use of the Service.

4. Eligibility

To access and use the Service, you must meet all of the following eligibility requirements:

You must be at least eighteen (18) years of age, or the age of legal majority in your jurisdiction, whichever is greater.
You must have the legal capacity to enter into a binding contract under the laws of your jurisdiction.
If you are registering for the Service on behalf of a company, organization, government agency, or other legal entity, you represent and warrant that you have full authority to bind that entity to these Terms. In such case, the terms “you” and “Developer” refer to that entity, and you personally represent that you are authorized to accept these Terms on the entity’s behalf.
You must not have been previously suspended or terminated from using the Service for violation of these Terms.
You must not be located in, or a national or resident of, any country subject to comprehensive trade sanctions imposed by the United States, the European Union, or other applicable jurisdictions.

By creating an account, you represent and warrant that you meet all of the above eligibility requirements. If we discover or have reasonable grounds to believe that you do not meet these requirements, we reserve the right to suspend or terminate your account immediately without notice.

5. Account Registration & Security

To use the Service, you must create an account through the Developer Portal. You agree to the following obligations regarding your account:

One Account Per Entity: Each individual or legal entity may maintain only one (1) account with PyLocket. Creating multiple accounts to circumvent usage limits, billing obligations, or enforcement actions is a violation of these Terms and grounds for immediate termination of all associated accounts.
Accurate Information: You agree to provide accurate, current, and complete information during the registration process and to update such information as necessary to keep it accurate, current, and complete. Providing false or misleading registration information is grounds for account suspension or termination.
Credential Security: You are solely responsible for maintaining the confidentiality of your account credentials, including your password, API keys, and any authentication tokens. You agree not to share your credentials with any third party. You acknowledge that any activity conducted through your account, whether authorized by you or not, is your responsibility.
Unauthorized Access Notification: You must notify PyLocket immediately at security@pylocket.com upon becoming aware of any unauthorized access to or use of your account, any security breach involving your credentials, or any other compromise of your account security. Failure to promptly notify us may result in your liability for any losses incurred.
Suspicious Activity: We reserve the right to suspend, lock, or terminate any account if we detect or reasonably suspect unauthorized access, fraudulent activity, abnormal usage patterns, or any other activity that may threaten the security or integrity of the Service or other users’ accounts.

PyLocket shall not be liable for any loss or damage arising from your failure to comply with the account security obligations set forth in this section.

6. Grant of License

Subject to your compliance with these Terms and payment of all applicable fees, PyLocket grants you a limited, non-exclusive, non-transferable, non-sublicensable, revocable license during the term of your subscription to:

Use the Service Tools: Access and use the CLI, API, Developer Portal, and PyCharm/IntelliJ plugin solely for the purpose of protecting your own Applications through the Service.
Submit Applications: Upload your Application source code to the Service for Build processing in accordance with Section 12 (Source Code Handling) of these Terms.
Distribute Protected Applications: Distribute the Protected Applications produced by the Service to your End Users in accordance with your own end-user license agreements, provided that such distribution complies with all applicable laws and these Terms.
Use the Embedded Runtime: Use the Runtime solely as embedded within Protected Applications created through the Service. This license to the Runtime extends to your End Users solely for the purpose of executing the Protected Application on their devices.

This license is personal to you and may not be assigned, transferred, or sublicensed without PyLocket’s prior written consent. Any attempt to assign, transfer, or sublicense this license without such consent shall be null and void.

This license does not grant you any rights to PyLocket’s source code, proprietary algorithms, or underlying technology beyond what is necessary to use the Service as described in these Terms.

7. Permitted Uses

You may use the Service solely for the following lawful purposes:

Protecting Python applications that you have developed and for which you own or hold all necessary intellectual property rights, including copyright, or for which you have obtained all necessary licenses, permissions, and authorizations from the rights holders to submit for Build processing and distribute as Protected Applications.
Generating and managing License Keys for the purpose of controlling authorized access to your Protected Applications by your End Users.
Monitoring security telemetry and anti-tamper events related to your own Protected Applications through the Developer Portal or API.
Integrating the Service into your development and deployment workflows using the CLI, API, or PyCharm plugin.
Evaluating the Service during development and testing without publishing or distributing Protected Applications to End Users.

All use of the Service must comply with applicable local, state, national, and international laws and regulations, including but not limited to export control laws, data protection laws, and intellectual property laws. You are solely responsible for ensuring that your use of the Service and your distribution of Protected Applications comply with all laws applicable to you and your End Users.

8. Prohibited Uses / Acceptable Use

You expressly agree that you shall NOT, and shall not permit or enable any third party to:

Reverse Engineer the Service: Reverse engineer, decompile, disassemble, decrypt, or otherwise attempt to derive the source code, algorithms, data structures, or underlying ideas of the Runtime, build pipeline, or any other component of the Service, except to the limited extent that such activity is expressly permitted by applicable law notwithstanding this restriction.
Tamper with Licensing: Remove, modify, disable, circumvent, or bypass the licensing system, License Key validation, device activation limits, or any other access control or digital rights management mechanism implemented by the Service or the Runtime.
Protect Malicious Software: Use the Service to protect, encrypt, obfuscate, or distribute malicious software of any kind, including but not limited to malware, ransomware, spyware, adware, cryptominers, keyloggers, trojans, viruses, worms, botnets, or any software designed to cause harm, gain unauthorized access, or engage in illegal activity.
Protect Unauthorized Code: Submit for Build processing any source code, software, or application that you do not own or for which you do not have proper written authorization from the rights holder to protect and distribute.
Redistribute the Service: Sub-license, resell, lease, rent, loan, redistribute, or otherwise make available the Service, CLI, API, Runtime, or any component thereof to any third party, except as expressly permitted by the distribution rights granted in Section 6.
Circumvent Security Measures: Circumvent, disable, or interfere with rate limits, usage quotas, authentication mechanisms, authorization controls, security measures, or any other protective measures implemented in the Service.
Access Others’ Data: Attempt to access, view, download, modify, or delete any other Developer’s account data, source code, Builds, Protected Applications, License Keys, or any other data or resources that do not belong to you.
Unlawful Purposes: Use the Service for any purpose that violates any applicable local, state, national, or international law or regulation, or in furtherance of any illegal activity.
Exploit Vulnerabilities: Submit code or inputs specifically designed to exploit, test for, or demonstrate vulnerabilities in the Service, build pipeline, Runtime, or supporting infrastructure without prior written authorization from PyLocket’s security team.

Enforcement: Violation of any provision in this section may result in immediate suspension or termination of your account, forfeiture of any prepaid fees, and referral to law enforcement authorities where appropriate. PyLocket reserves the right to take any and all actions it deems necessary to protect the Service, its users, and the public.

9. Pricing & Billing

The Service is offered under the following pricing structure, which reflects the costs of providing cloud-based build processing, license validation infrastructure, and artifact storage:

Free Development Tier

You may create and manage an unlimited number of Applications during development and testing at no charge. No credit card is required to create an account or to use the Service for development purposes. The free development tier includes full access to the CLI, API, Developer Portal, and PyCharm plugin. Builds for unpublished Applications are free.

Published Application Pricing

Charges apply when you enable publishing for an Application, which allows distribution to End Users with license enforcement. The following fees apply to each Published Application:

Annual Base Fee

$9.00 per Published Application per year. This fee covers the ongoing license validation infrastructure, build pipeline access, and Developer Portal management tools for the Published Application.

Per-License Fee

$4.00 per License Key issued. The first ten (10) License Keys per Published Application per year are included at no additional charge. This fee applies to each License Key generated after the free allocation.

Storage Fees

Usage-based charges for build artifact storage, calculated based on the total size of retained Protected Artifacts. Storage fees are typically on the order of pennies per month for most applications and are billed at prevailing rates published on the Developer Portal.

Billing Terms

Billing Cycle: All fees are billed monthly in arrears. At the end of each calendar month, PyLocket will calculate the total charges incurred during that month and issue an invoice.
Payment Processing: All payments are processed through Stripe, Inc. By using the Service and providing payment information, you authorize PyLocket to charge the payment method on file for all applicable fees.
Currency: All prices are denominated in United States Dollars (USD). If your payment method is denominated in a different currency, your financial institution may apply exchange rate fees, which are your responsibility.
Taxes: All fees are exclusive of taxes. You are solely responsible for all applicable sales, use, value-added, goods and services, withholding, and any other taxes, levies, or duties imposed by any governmental authority with respect to your use of the Service, except for taxes on PyLocket’s net income.
Price Changes: PyLocket reserves the right to modify pricing at any time. We will provide at least thirty (30) days’ advance notice of any price increase via email to the address associated with your account. Price changes will not apply retroactively to fees already incurred.

10. Late Payment & Suspension

Timely payment of all invoiced amounts is a material obligation under these Terms. The following provisions apply to late or non-payment:

Interest on Overdue Amounts: Any invoiced amount not paid when due shall bear interest at the rate of one and one-half percent (1.5%) per month (or the maximum rate permitted by applicable law, whichever is lower), calculated from the due date until the date of actual payment.
15-Day Notice: If an invoice remains unpaid for fifteen (15) days past its due date, PyLocket will send a written notice to the email address associated with your account, advising you of the overdue balance and requesting prompt payment.
30-Day Suspension: If an invoice remains unpaid for thirty (30) days past its due date, PyLocket may, at its sole discretion, suspend your access to the Service. During suspension, you will be unable to create new Builds, issue new License Keys, or access the Developer Portal. PyLocket will provide written notice of any suspension.
60-Day Termination: If an invoice remains unpaid for sixty (60) days past its due date, PyLocket may terminate your account in accordance with Section 27 (Term & Termination). All outstanding amounts, including accrued interest, shall become immediately due and payable upon termination.
Continued Functionality: During any suspension period, existing Protected Applications that have already been distributed to End Users and previously activated License Keys shall continue to function normally. The suspension affects only your ability to create new resources through the Service, not the operation of previously deployed applications.
Collection Costs: In the event that PyLocket engages a collection agency or legal counsel to collect overdue amounts, you agree to reimburse PyLocket for all reasonable collection costs, including attorneys’ fees and court costs.

11. Refund Policy

PyLocket offers a limited refund policy under the following conditions:

30-Day Satisfaction Guarantee: You may request a full refund of your first payment within thirty (30) days of the date that payment was charged, provided that no Builds have been processed on your account during that period. This guarantee is available only once per Developer and applies solely to the first invoiced payment.
Post-Build Non-Refundable: Once a Build has been processed on your account, all fees incurred are non-refundable. This reflects the fact that server resources have been consumed and a Protected Artifact has been produced and delivered to you.
Storage and License Fees: Storage fees and per-License Key fees are non-refundable under all circumstances, as they represent consumed resources and services already rendered.
Requesting a Refund: To request a refund under the 30-day satisfaction guarantee, you must send an email to billing@pylocket.com from the email address associated with your account, stating your request and the reason for the refund. Refund requests will be processed within ten (10) business days.
Refund Method: Approved refunds will be credited to the original payment method used for the transaction.

This refund policy does not affect any rights you may have under applicable consumer protection laws, which shall apply to the extent they cannot be waived or limited by contract.

12. Source Code Handling

This section describes how PyLocket handles your source code. We understand that your source code is among your most valuable assets, and we have designed our systems to protect it accordingly.

PyLocket is committed to the highest standards of source code security and confidentiality. The following provisions govern how your Application source code is handled throughout the Build process:

Purpose-Limited Processing: Your Application source code is uploaded to PyLocket’s servers solely and exclusively for the purpose of performing the Build operation you have requested. Your source code is not used for any other purpose whatsoever.
Encryption in Transit: All source code uploads are transmitted over encrypted connections using Transport Layer Security (TLS) version 1.2 or higher. No unencrypted transmission of source code is permitted by the Service.
Encryption at Rest: While stored on PyLocket’s servers during Build processing, your source code is encrypted at rest using cloud-managed encryption keys provided by our infrastructure provider. Access to encryption keys is restricted to authorized Service components only.
Automated Processing Only: Your source code is processed entirely by automated systems within the build pipeline. No PyLocket employee, contractor, agent, or representative accesses, reads, reviews, copies, or otherwise interacts with your source code. Human access to source code is architecturally prohibited by system design.
Post-Build Deletion: After Build processing is complete and the Protected Artifact has been successfully produced, your original unencrypted source code is permanently deleted from PyLocket’s servers. Only the encrypted Protected Artifact is retained for your subsequent download and distribution. Deletion is performed automatically by the build pipeline and is not dependent on manual intervention.
No Third-Party Sharing: We never share, disclose, sell, license, or otherwise make your source code available to any third party, under any circumstances, except as required by a valid court order or legal process, in which case we will provide you with prompt notice to the extent permitted by law.
No Secondary Use: We never use your source code for training machine learning models, performing analytics, benchmarking, competitive analysis, or any purpose other than providing the Build service you have requested.
Ownership: You retain full and complete ownership of your source code at all times. Nothing in these Terms or in the operation of the Service transfers, assigns, or licenses any of your intellectual property rights in your source code to PyLocket.

13. Intellectual Property

Your Intellectual Property

You retain all right, title, and interest in and to your Application source code, including all copyrights, trade secrets, patent rights, and other intellectual property rights therein. PyLocket claims no ownership, license, or interest in your source code or your Protected Applications, except for the limited processing rights necessary to perform the Build service as described in Section 12. Nothing in these Terms shall be construed as a transfer or assignment of any of your intellectual property rights to PyLocket.

PyLocket’s Intellectual Property

PyLocket retains all right, title, and interest in and to the Service and all of its components, including but not limited to the build pipeline, Runtime, CLI, API, Developer Portal, PyCharm/IntelliJ plugin, documentation, user interface designs, algorithms, data structures, software architecture, and all underlying technology, trade secrets, trademarks, service marks, logos, and copyrightable works. The Service is protected by copyright, trade secret, patent, and other intellectual property laws of the United States and international jurisdictions.

Protected Applications

Protected Applications are composite works containing your encrypted Application code and the PyLocket Runtime. You are granted a license to distribute Protected Applications to your End Users as described in Section 6. You may not extract, separate, distribute, or sublicense the Runtime independently from a Protected Application. The Runtime remains the intellectual property of PyLocket at all times, even when embedded within your Protected Applications.

Feedback

If you provide PyLocket with any suggestions, ideas, feature requests, bug reports, enhancements, or other feedback regarding the Service (“Feedback”), you hereby grant PyLocket a perpetual, irrevocable, worldwide, royalty-free, fully paid-up, non-exclusive license to use, reproduce, modify, create derivative works from, distribute, publicly display, publicly perform, and otherwise exploit such Feedback for any purpose, without any obligation of attribution, compensation, or accounting to you. You acknowledge that PyLocket is not obligated to implement any Feedback.

14. Device Fingerprinting

The Runtime embedded in Protected Applications collects certain hardware and software attributes from End User devices to support license enforcement. The following provisions govern Device Fingerprinting:

Data Collection: When an End User activates a License Key or when periodic license validation occurs, the Runtime collects a set of hardware and software attributes from the End User’s device. These attributes may include, but are not limited to, processor identifiers, motherboard serial numbers, disk identifiers, operating system version, and machine hostname.
One-Way Hashing: The collected attributes are combined and processed through a one-way cryptographic hash function to produce a Device Fingerprint. The Device Fingerprint is a fixed-length string from which the original hardware and software attributes cannot be recovered, reconstructed, or reverse-engineered. Only the resulting hash is transmitted to PyLocket’s servers; the raw hardware attributes are never transmitted.
Purpose Limitation: Device Fingerprints are used solely for the purpose of enforcing per-device License Key activation limits. Device Fingerprints are not used for tracking, advertising, profiling, or any purpose other than license enforcement.
Data Controller Responsibility: You, as the Developer distributing the Protected Application, are the data controller for your End Users’ Device Fingerprint data under applicable data protection laws (including the GDPR, CCPA, and similar regulations). PyLocket acts as a data processor, processing Device Fingerprint data on your behalf and in accordance with your instructions as expressed through your use of the Service.
End User Disclosure: You are responsible for informing your End Users about the collection and use of Device Fingerprints in your own privacy policy, end-user license agreement, or other appropriate disclosure document. Your disclosure should explain what data is collected, how it is processed, for what purpose, and with whom it is shared.

15. Telemetry & Anti-Tamper Data

The Runtime includes anti-tamper and security monitoring capabilities that may collect and transmit Telemetry Data. The following provisions govern Telemetry Data collection and use:

Data Collected: When Telemetry is enabled in a Protected Application’s configuration, the Runtime collects security-related event data including, but not limited to: debugger attachment detection events, code integrity verification failures, unauthorized modification attempts, runtime environment anomalies, and other anti-tamper signals. Each telemetry event includes a timestamp, the associated Device Fingerprint, the originating IP address, the event type, and relevant contextual metadata.
Transmission and Access: Telemetry Data is transmitted from the End User’s device to PyLocket’s servers over encrypted connections (TLS 1.2 or higher). The collected data is made available to you, the Developer, through the Developer Portal dashboard and the API, enabling you to monitor the security posture of your deployed applications and identify potential piracy or tampering attempts.
Retention Period: Telemetry Data is retained on PyLocket’s servers for a period of ninety (90) days from the date of collection. After the retention period expires, Telemetry Data is automatically and permanently deleted. Aggregated, anonymized statistics derived from Telemetry Data may be retained indefinitely for service improvement purposes.
Scope of Personal Data: Telemetry Data does not contain End User personal information beyond the Device Fingerprint (a one-way hash, as described in Section 14) and the IP address associated with the telemetry event. No names, email addresses, user accounts, or other directly identifying personal information is collected through Telemetry.
Developer Control: You may enable or disable Telemetry Data collection for each of your Protected Applications through the application’s configuration settings in the Developer Portal, CLI, or API. Disabling Telemetry does not affect the anti-tamper protection or license enforcement functionality of the Runtime; it only disables the reporting of security events to PyLocket’s servers.

16. Developer Responsibility for End-User Consent

As the Developer distributing Protected Applications to End Users, you bear primary responsibility for compliance with data protection laws in connection with the personal data of your End Users. The following provisions define the allocation of responsibilities between you and PyLocket:

Data Controller / Data Processor Relationship: Under applicable data protection laws, including the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and similar legislation in other jurisdictions, you are the data controller with respect to any personal data of your End Users that is processed through the Service, including Device Fingerprints, IP addresses, and Telemetry Data. PyLocket acts as a data processor, processing such data on your behalf and according to your documented instructions as expressed through your configuration of the Service.
Privacy Policy Obligations: You are responsible for maintaining a privacy policy or similar disclosure document that accurately describes the collection, use, storage, and sharing of your End Users’ personal data in connection with your Protected Applications. Your privacy policy must include appropriate disclosures regarding Device Fingerprint collection for license enforcement and Telemetry Data collection for security monitoring, if enabled.
Consent Requirements: You are responsible for obtaining any legally required consent from your End Users prior to the collection and processing of their personal data through the Runtime. The specific consent requirements will depend on the applicable laws in the jurisdictions where your End Users are located, and you are responsible for determining and complying with those requirements.
Data Subject Requests: You are responsible for receiving and responding to any data subject access requests, deletion requests, portability requests, or other rights exercises submitted by your End Users under applicable data protection laws. PyLocket will provide reasonable technical assistance to help you fulfill such requests, including providing access to or deletion of Device Fingerprint and Telemetry Data associated with your applications, upon your written request.
Compliance Responsibility: You are solely responsible for complying with all applicable data protection laws in the jurisdictions where your End Users are located. PyLocket provides tools and infrastructure but does not provide legal advice, and nothing in these Terms should be construed as legal guidance regarding your data protection obligations.
Runtime EULA Disclosure: You must include in your own end-user license agreement (EULA) either the full text of, or a prominent link to, the PyLocket Runtime End User License Agreement. This ensures that your End Users are informed of and bound by the terms governing the PyLocket Runtime component embedded in your Protected Application. A customizable Developer EULA Template with the required disclosures is available to assist you.

17. Protection Efficacy Disclaimer

PyLocket employs industry-standard encryption algorithms, multiple layers of anti-analysis and anti-tamper protection, and device-bound license enforcement to safeguard your Protected Applications. We make commercially reasonable efforts to continuously maintain, update, and improve the protection strength of the Service in response to evolving threats and attack techniques.

However, you acknowledge and agree that:

No Absolute Guarantee: No software protection system, regardless of its sophistication, can provide an absolute guarantee of security against all possible attacks, reverse-engineering techniques, or circumvention methods. Software protection is inherently a defense-in-depth strategy that raises the cost and difficulty of unauthorized access but cannot make it impossible.
No Warranty Against Circumvention: PyLocket does not warrant, represent, or guarantee that Protected Applications cannot be reverse-engineered, decompiled, decrypted, cracked, or otherwise circumvented by a sufficiently motivated and resourceful attacker.
Limitation of Liability: PyLocket is not liable for any direct, indirect, incidental, special, consequential, or punitive damages, including but not limited to lost revenue, lost profits, lost business opportunities, or loss of competitive advantage, resulting from the circumvention, bypass, or compromise of protection measures applied to your Protected Applications.
Shared Responsibility: The overall security of your software depends on multiple factors beyond the scope of the Service, including your application architecture, key management practices, distribution channels, and operational security. PyLocket is responsible for the quality of its protection technology; you are responsible for the overall security posture of your software distribution.

18. Multi-Platform Runtime

The Runtime is delivered as pre-compiled native binary executables optimized for each supported Platform. The following provisions govern the use and distribution of the Runtime:

Supported Platforms: As of the effective date of these Terms, the Runtime is provided for the following Platforms: Windows x64, Linux x64, Linux ARM64, macOS x64 (Intel), and macOS ARM64 (Apple Silicon). The specific Platforms available for a given Build are determined by your configuration and may be subject to availability.
License Scope: The Runtime is licensed solely for use within Protected Applications created through the Service. You may distribute the Runtime only as an embedded component of a Protected Application. You may not extract, isolate, redistribute, reverse engineer, or use the Runtime independently or in conjunction with any software or system not produced by the Service.
No Standalone Distribution: The Runtime is proprietary software owned by PyLocket. Any distribution of the Runtime outside of a Protected Application, or any attempt to use the Runtime with code not processed through the Service’s build pipeline, is a violation of these Terms and an infringement of PyLocket’s intellectual property rights.
Platform Support Changes: PyLocket reserves the right to add or discontinue support for any Platform at any time. In the event that support for a Platform is discontinued, PyLocket will provide at least ninety (90) days’ advance notice via email and the Developer Portal. Previously built Protected Artifacts for a discontinued Platform will remain functional; however, new Builds targeting that Platform will not be available after the discontinuation date.
Platform-Specific Behavior: Due to differences in operating system APIs, security models, and hardware capabilities, the specific anti-tamper protections and performance characteristics of the Runtime may vary across Platforms. PyLocket makes commercially reasonable efforts to maintain consistent protection strength across all supported Platforms.

19. PyCharm Plugin

PyLocket provides a plugin for the JetBrains PyCharm and IntelliJ IDEA integrated development environments that enables Developers to access Service functionality directly from within their IDE. The following provisions apply to the use of the plugin:

Distribution: The PyLocket plugin is distributed through the JetBrains Marketplace. Installation and use of the plugin is subject to the JetBrains Marketplace Developer Agreement and applicable JetBrains terms of service, in addition to these Terms. In the event of a conflict between these Terms and the JetBrains Marketplace terms, the more restrictive provision shall apply with respect to the plugin.
Functionality: The plugin provides an integrated interface for authenticating with your PyLocket account, configuring application settings, initiating Builds, managing License Keys, and viewing build status and telemetry data. The plugin communicates with PyLocket’s servers over encrypted connections to perform these operations.
Authentication: The plugin requires you to authenticate with your PyLocket account credentials. Your credentials are stored securely using the IDE’s built-in credential storage mechanisms. You are responsible for the security of your IDE environment and stored credentials.
Compatibility: Plugin availability and functionality depend on the version of PyCharm or IntelliJ IDEA you are using and on JetBrains’ platform compatibility requirements. PyLocket makes commercially reasonable efforts to maintain compatibility with current and recent versions of supported JetBrains IDEs but does not guarantee compatibility with all versions or configurations.
Marketplace Policies: The availability of the plugin on the JetBrains Marketplace is subject to JetBrains’ review, approval, and continued listing policies. PyLocket is not responsible for any removal, suspension, or modification of the plugin listing by JetBrains.
Plugin EULA: Use of the PyLocket PyCharm Plugin is also subject to the PyLocket Plugin End User License Agreement, which governs your rights and obligations specifically with respect to the plugin software.

20. Third-Party Services

The Service relies on and integrates with certain third-party services to provide its functionality. Your use of the Service may be subject to the terms, conditions, and privacy policies of these third-party providers:

Stripe, Inc.: All payment processing for the Service is handled by Stripe, Inc. When you provide payment information through the Developer Portal, that information is transmitted directly to and stored by Stripe in accordance with Stripe’s Terms of Service and Privacy Policy. PyLocket does not store your full credit card numbers or bank account details on its own servers. Your use of the payment features of the Service constitutes your agreement to be bound by Stripe’s terms, available at stripe.com/legal.
Amazon Web Services (AWS): The Service infrastructure, including build processing, data storage, and license validation, runs on Amazon Web Services. PyLocket is responsible for the configuration, security, and operation of its AWS infrastructure. AWS’s own customer terms of service do not apply directly to you as a user of PyLocket; however, data stored within the Service is subject to the physical infrastructure and data residency characteristics of the AWS regions in which PyLocket operates.
JetBrains: The PyCharm/IntelliJ plugin is distributed through the JetBrains Marketplace. Your installation and use of the plugin is subject to JetBrains’ Marketplace terms, as described in Section 19.

PyLocket is not responsible for the availability, reliability, accuracy, security, or privacy practices of any third-party service. We do not endorse and are not liable for any acts, omissions, or policies of third-party service providers. In the event that a third-party service experiences an outage, policy change, or discontinuation that materially affects the Service, PyLocket will use commercially reasonable efforts to mitigate the impact but shall not be liable for resulting disruptions.

21. Support

Standard Support

All Developers with active accounts are entitled to standard technical support, provided via email at support@pylocket.com. Standard support operates under the following terms:

Response Time: PyLocket targets an initial response time of twenty-four (24) hours during business days (Monday through Friday, excluding United States federal holidays). Response times are measured from the receipt of a properly submitted support request and represent targets, not guaranteed service levels.
Scope of Support: Standard support covers assistance with installation and configuration of the CLI, API, and PyCharm plugin; guidance on using Service features and workflows; diagnosis and resolution of Build processing failures attributable to the Service; License Key management and activation issues; billing inquiries and account management.
Exclusions: Standard support does not cover debugging, troubleshooting, or fixing bugs in your Application code; issues arising from third-party packaging tools, libraries, or frameworks; custom integration development or consulting; support for your End Users (you are responsible for providing support to your own customers); training or onboarding beyond the documentation provided.

Enterprise Support

Enterprise-grade support with enhanced service levels is available by contacting sales@pylocket.com. Enterprise support may include:

A four (4) hour response time service-level agreement (SLA) during extended business hours.
A dedicated support engineer assigned to your account.
Priority Build processing queue with reduced wait times.
Custom pricing tailored to your organization’s needs and usage volume.
Quarterly business reviews and proactive security advisories.

Enterprise support terms and pricing are established through a separate written agreement.

22. Service Availability & SLA

PyLocket uses commercially reasonable efforts to maintain the availability and reliability of the Service. The following provisions describe our availability commitments and limitations:

General Availability: We endeavor to maintain the Service in an operational state at all times. However, the Service is provided on an “as available” basis, and we do not guarantee uninterrupted or error-free operation.
Offline Grace Periods: The license validation infrastructure is designed with resilience in mind. Protected Applications include a configurable offline grace period (default: seventy-two (72) hours) during which they continue to function normally even if they cannot reach PyLocket’s license validation servers. This ensures that temporary network outages, server maintenance, or connectivity issues do not immediately disrupt your End Users’ ability to use your software.
Scheduled Maintenance: Planned maintenance windows will be announced at least forty-eight (48) hours in advance via the Developer Portal and the PyLocket status page. We will make commercially reasonable efforts to schedule maintenance during off-peak hours to minimize disruption.
Force Majeure: PyLocket is not liable for any Service downtime, data loss, or performance degradation caused by events beyond our reasonable control, including but not limited to natural disasters, acts of war or terrorism, pandemics, government orders, internet backbone outages, distributed denial-of-service attacks, or failures of third-party infrastructure providers.
Third-Party Outages: The Service depends on third-party infrastructure providers, including AWS and Stripe. PyLocket is not liable for downtime or disruptions caused by outages or failures of these third-party services.
Enterprise SLA: Developers requiring guaranteed uptime percentages, defined response times for incidents, and financial remedies for SLA breaches may request an enterprise-grade Service Level Agreement by contacting sales@pylocket.com. Enterprise SLA terms are established through a separate written agreement.

23. Confidentiality

Each party acknowledges that, in the course of the relationship established by these Terms, it may receive or have access to information that is confidential and proprietary to the other party (“Confidential Information”). Both parties agree to the following obligations:

Definition of Confidential Information: “Confidential Information” means any non-public information disclosed by one party (the “Disclosing Party”) to the other party (the “Receiving Party”) that is designated as confidential or that, given the nature of the information or the circumstances of disclosure, should reasonably be understood to be confidential.
Your Confidential Information: Your Confidential Information includes, without limitation, your Application source code, application architecture, business plans, customer lists, financial data, and any other non-public information you provide to or through the Service.
Our Confidential Information: PyLocket’s Confidential Information includes, without limitation, non-public pricing terms, technical documentation marked as confidential, proprietary algorithms, security architectures, non-public product roadmaps, and non-public features or capabilities of the Service.
Protection Obligations: The Receiving Party agrees to (a) hold the Disclosing Party’s Confidential Information in strict confidence; (b) not disclose Confidential Information to any third party without the Disclosing Party’s prior written consent; (c) use Confidential Information solely for the purposes contemplated by these Terms; and (d) protect Confidential Information with at least the same degree of care it uses to protect its own confidential information of similar nature and importance, but in no event less than reasonable care.
Exceptions: Confidentiality obligations do not apply to information that: (a) is or becomes publicly available through no fault of the Receiving Party; (b) was rightfully known to the Receiving Party before receipt from the Disclosing Party, without restriction on disclosure; (c) is rightfully received from a third party without restriction on disclosure and without breach of any obligation of confidentiality; (d) is independently developed by the Receiving Party without use of or reference to the Disclosing Party’s Confidential Information; or (e) is required to be disclosed by law, regulation, or court order, provided that the Receiving Party gives the Disclosing Party prompt notice (to the extent permitted by law) and cooperates in seeking a protective order.

24. Disclaimer of Warranties

THE SERVICE, INCLUDING THE BUILD PIPELINE, RUNTIME, CLI, API, DEVELOPER PORTAL, PYCHARM PLUGIN, DOCUMENTATION, AND ALL OTHER COMPONENTS, IS PROVIDED ON AN “AS IS” AND “AS AVAILABLE” BASIS WITHOUT WARRANTIES OF ANY KIND, WHETHER EXPRESS, IMPLIED, STATUTORY, OR OTHERWISE.

TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, PYLOCKET EXPRESSLY DISCLAIMS ALL WARRANTIES, INCLUDING BUT NOT LIMITED TO: (A) IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE, AND NON-INFRINGEMENT; (B) WARRANTIES ARISING FROM COURSE OF DEALING, COURSE OF PERFORMANCE, OR TRADE USAGE; (C) WARRANTIES THAT THE SERVICE WILL BE UNINTERRUPTED, TIMELY, SECURE, OR ERROR-FREE; (D) WARRANTIES THAT THE RESULTS OBTAINED FROM THE USE OF THE SERVICE WILL BE ACCURATE OR RELIABLE; (E) WARRANTIES THAT DEFECTS IN THE SERVICE WILL BE CORRECTED; AND (F) WARRANTIES THAT PROTECTED APPLICATIONS CANNOT BE REVERSE-ENGINEERED, DECOMPILED, DECRYPTED, CRACKED, OR OTHERWISE CIRCUMVENTED.

YOU ACKNOWLEDGE THAT YOU USE THE SERVICE AT YOUR OWN RISK AND THAT YOU ARE SOLELY RESPONSIBLE FOR ANY DAMAGE TO YOUR COMPUTER SYSTEMS, LOSS OF DATA, OR OTHER HARM THAT RESULTS FROM YOUR USE OF THE SERVICE.

SOME JURISDICTIONS DO NOT ALLOW THE EXCLUSION OF CERTAIN WARRANTIES. IN SUCH JURISDICTIONS, THE ABOVE EXCLUSIONS APPLY TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW.

25. Limitation of Liability

TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, THE TOTAL AGGREGATE LIABILITY OF PYLOCKET AND ITS OFFICERS, DIRECTORS, EMPLOYEES, AGENTS, AFFILIATES, SUCCESSORS, AND ASSIGNS, ARISING OUT OF OR RELATING TO THESE TERMS, THE SERVICE, OR YOUR USE OF OR INABILITY TO USE THE SERVICE, SHALL NOT EXCEED THE TOTAL AMOUNT OF FEES ACTUALLY PAID BY YOU TO PYLOCKET DURING THE TWELVE (12) MONTH PERIOD IMMEDIATELY PRECEDING THE EVENT, ACT, OR OMISSION GIVING RISE TO THE CLAIM.

IN NO EVENT SHALL PYLOCKET OR ITS OFFICERS, DIRECTORS, EMPLOYEES, AGENTS, AFFILIATES, SUCCESSORS, OR ASSIGNS BE LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, EXEMPLARY, OR PUNITIVE DAMAGES OF ANY KIND, INCLUDING BUT NOT LIMITED TO: LOSS OF PROFITS; LOSS OF REVENUE; LOSS OF DATA; LOSS OF BUSINESS OPPORTUNITIES; LOSS OF GOODWILL; COST OF PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; BUSINESS INTERRUPTION; OR ANY OTHER PECUNIARY LOSS, WHETHER ARISING IN CONTRACT, TORT (INCLUDING NEGLIGENCE), STRICT LIABILITY, OR ANY OTHER LEGAL THEORY, AND REGARDLESS OF WHETHER PYLOCKET HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

THESE LIMITATIONS OF LIABILITY APPLY REGARDLESS OF THE THEORY OF LIABILITY, WHETHER BASED ON CONTRACT, TORT (INCLUDING NEGLIGENCE AND STRICT LIABILITY), STATUTE, OR ANY OTHER LEGAL OR EQUITABLE THEORY, AND REGARDLESS OF WHETHER THE CLAIMED DAMAGES WERE FORESEEABLE.

SOME JURISDICTIONS DO NOT ALLOW THE LIMITATION OR EXCLUSION OF LIABILITY FOR INCIDENTAL OR CONSEQUENTIAL DAMAGES. IN SUCH JURISDICTIONS, THE ABOVE LIMITATIONS APPLY TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW.

26. Indemnification

Indemnification by You

You agree to indemnify, defend, and hold harmless PyLocket and its officers, directors, employees, agents, affiliates, successors, and assigns from and against any and all claims, demands, actions, liabilities, losses, damages, judgments, settlements, penalties, fines, costs, and expenses (including reasonable attorneys’ fees and court costs) arising out of or relating to:

Your use of the Service, including any activity under your account;
Your violation or breach of any provision of these Terms;
Your Application or Protected Application, including any claims that your Application infringes the intellectual property rights of any third party;
Your End Users’ use of your Protected Applications, including any claims of harm, damage, or injury arising from such use;
Your violation of any applicable law, regulation, or third-party right, including data protection laws, export control laws, and intellectual property laws.

Indemnification by PyLocket

PyLocket agrees to indemnify, defend, and hold harmless you and your officers, directors, employees, and agents from and against any third-party claims, demands, actions, liabilities, losses, damages, judgments, settlements, costs, and expenses (including reasonable attorneys’ fees) to the extent arising from a claim that the Runtime or the Service, as provided by PyLocket and used in accordance with these Terms, directly infringes a valid patent, copyright, or trademark of a third party in the United States. This indemnification obligation is subject to the following conditions:

You must provide PyLocket with prompt written notice of the claim (failure to provide prompt notice shall relieve PyLocket of its indemnification obligation only to the extent that PyLocket is materially prejudiced by the delay);
You must grant PyLocket sole control of the defense and settlement of the claim (PyLocket shall not settle any claim in a manner that imposes obligations on you without your prior written consent);
You must provide reasonable cooperation and assistance to PyLocket in the defense of the claim, at PyLocket’s expense.

PyLocket’s indemnification obligation does not apply to claims arising from: (a) modifications to the Service made by you or a third party; (b) combination of the Service with products, services, or technology not provided by PyLocket; (c) your use of the Service in violation of these Terms; or (d) your continued use of a version of the Service after being notified of an available update that would have avoided the infringement.

27. Term & Termination

Term

These Terms are effective as of the date you create an account with PyLocket and shall remain in full force and effect until terminated by either party in accordance with this section.

Termination by You

You may terminate your account and these Terms at any time by completing the following steps:

Download any Protected Artifacts you wish to retain from the Developer Portal;
Delete your Applications via the Developer Portal or API;
Cancel your subscription through the billing section of the Developer Portal.

You remain responsible for all fees incurred prior to the effective date of termination. Termination does not entitle you to a refund of any previously paid fees, except as provided in Section 11 (Refund Policy).

Termination by PyLocket

PyLocket may terminate your account and these Terms under the following circumstances:

Terms Violation: If you materially breach any provision of these Terms and fail to cure the breach within thirty (30) days of receiving written notice from PyLocket specifying the breach.
Malicious Use: If you use the Service to protect malicious software (as described in Section 8), PyLocket may terminate your account immediately without prior notice. Malicious use constitutes a non-curable breach.
Non-Payment: If your account remains in default for sixty (60) or more days as described in Section 10 (Late Payment & Suspension).
Fraudulent Activity: If PyLocket determines, in its reasonable judgment, that your account is involved in fraudulent activity, identity theft, or other dishonest conduct.

Except in cases of malicious use or fraud, PyLocket will provide at least thirty (30) days’ advance written notice of termination.

Effect of Termination

Upon termination of your account, the following provisions apply:

You will no longer be able to create new Builds, issue new License Keys, or access the Developer Portal, CLI, API, or PyCharm plugin with your account credentials.
Existing License Keys that have already been activated by End Users shall continue to validate and function until they reach their configured expiration date. No new License Key activations will be possible.
Protected Applications that have already been distributed to and activated by End Users shall continue to function on those End Users’ devices. The offline grace period will apply as configured.

Data Deletion

PyLocket will delete your account data, including application configurations, build logs, telemetry data, and stored Protected Artifacts, within thirty (30) days of account termination. The following exceptions apply: (a) billing records and transaction history will be retained for seven (7) years as required by applicable tax and accounting laws; (b) data that PyLocket is required to retain by law, regulation, or valid legal process; (c) aggregated, anonymized data that cannot be used to identify you or your applications.

Survival

The following sections shall survive termination of these Terms and remain in full force and effect: Section 2 (Definitions), Section 12 (Source Code Handling), Section 13 (Intellectual Property), Section 23 (Confidentiality), Section 24 (Disclaimer of Warranties), Section 25 (Limitation of Liability), Section 26 (Indemnification), Section 28 (Governing Law), Section 29 (General Provisions), and Section 30 (Contact Information).

28. Governing Law

These Terms and any dispute, claim, or controversy arising out of or relating to these Terms, the Service, or your use of the Service, whether based on contract, tort, statute, fraud, misrepresentation, or any other legal theory, shall be governed by and construed in accordance with the laws of the State of Washington, United States of America, without regard to its conflict of law provisions or principles that would require the application of the laws of any other jurisdiction.

Any legal action, suit, or proceeding arising out of or relating to these Terms or the Service shall be instituted exclusively in the state courts of King County, Washington, or in the United States District Court for the Western District of Washington, and each party irrevocably submits to the exclusive jurisdiction of such courts in any such action, suit, or proceeding.

Each party hereby irrevocably waives any objection that it may now or hereafter have to the laying of venue of any action, suit, or proceeding in the courts referred to above, and further irrevocably waives and agrees not to plead or claim in any such court that any such action, suit, or proceeding brought in any such court has been brought in an inconvenient forum.

The United Nations Convention on Contracts for the International Sale of Goods (CISG) shall not apply to these Terms.

29. General Provisions

Severability

If any provision of these Terms is held by a court of competent jurisdiction to be invalid, illegal, or unenforceable for any reason, such provision shall be modified to the minimum extent necessary to make it valid, legal, and enforceable while preserving the original intent of the provision, or if such modification is not possible, the provision shall be severed from these Terms. The invalidity, illegality, or unenforceability of any single provision shall not affect the validity, legality, or enforceability of the remaining provisions, which shall continue in full force and effect.

Entire Agreement

These Terms, together with the Privacy Policy, the Runtime End User License Agreement, the Plugin End User License Agreement, any applicable enterprise agreement, and any other documents expressly incorporated by reference herein, constitute the entire agreement between you and PyLocket with respect to the subject matter hereof and supersede all prior and contemporaneous understandings, agreements, representations, and warranties, both written and oral, with respect to such subject matter.

Assignment

You may not assign, transfer, or delegate these Terms or any rights or obligations hereunder, in whole or in part, whether voluntarily, by operation of law, or otherwise, without the prior written consent of PyLocket. Any attempted assignment without such consent shall be null and void. PyLocket may freely assign these Terms, in whole or in part, in connection with a merger, acquisition, corporate reorganization, sale of all or substantially all of its assets, or any similar transaction, without your consent and without notice.

Force Majeure

Neither party shall be liable for any failure or delay in performing its obligations under these Terms (other than payment obligations) to the extent that such failure or delay results from causes beyond the party’s reasonable control, including but not limited to: natural disasters (earthquakes, floods, hurricanes, wildfires); acts of war, armed conflict, or terrorism; epidemics or pandemics; government orders, sanctions, or embargoes; labor disputes or strikes; power outages; internet or telecommunications infrastructure failures; distributed denial-of-service attacks; or failures of third-party service providers. The affected party shall provide prompt notice to the other party and shall use commercially reasonable efforts to mitigate the effects of the force majeure event.

Waiver

The failure of either party to enforce any right or provision of these Terms shall not constitute a waiver of such right or provision. No waiver of any provision of these Terms shall be effective unless made in writing and signed by the waiving party. A waiver of any provision on one occasion shall not be construed as a waiver of such provision on any subsequent occasion.

Notices

All notices, requests, demands, and other communications under these Terms shall be in writing (which includes email) and shall be deemed to have been duly given when:

From PyLocket to You: Sent by email to the email address associated with your account, or posted as a notification in the Developer Portal. Email notices are deemed received one (1) business day after sending.
From You to PyLocket: Sent by email to legal@pylocket.com. Legal notices sent to any other email address may not be deemed effective.

You are responsible for keeping the email address on your account current and accurate.

Modifications to These Terms

PyLocket reserves the right to modify, amend, or update these Terms at any time. We will provide at least thirty (30) days’ advance notice of any modifications via email to the address associated with your account and through a prominent notice in the Developer Portal. Material changes will be clearly highlighted in the notification. Your continued use of the Service after the expiration of the thirty (30) day notice period constitutes your acceptance of the modified Terms. If you do not agree to the modified Terms, you must discontinue your use of the Service and terminate your account before the end of the notice period.

30. Contact Information

If you have questions, concerns, or requests regarding these Terms of Service, you may contact PyLocket using the following channels:

Department	Email Address
General Support	support@pylocket.com
Sales & Enterprise	sales@pylocket.com
Billing	billing@pylocket.com
Security Issues	security@pylocket.com
Legal & Compliance	legal@pylocket.com
Privacy	privacy@pylocket.com

Physical Address

PyLocket
Sammamish, WA
United States of America

We aim to respond to all inquiries within two (2) business days. For urgent security issues, please include “URGENT” in the subject line of your email to security@pylocket.com.