Terms of Service

1. Introduction

Welcome to el2FA. These Terms of Service (“Terms”) govern your access to and use of the el2FA platform, including our website, applications, APIs, and any related services (collectively, the “Service”). By creating an account or using the Service, you agree to be bound by these Terms.

If you are using the Service on behalf of an organisation, you represent and warrant that you have the authority to bind that organisation to these Terms. In that case, “you” and “your” refer to that organisation.

If you do not agree to these Terms, do not use the Service. We encourage you to read this document carefully before getting started.

2. Definitions

• “Service” means the el2FA platform, including all web applications, browser extensions, mobile applications, APIs, and documentation provided by el2FA.
• “User” means any individual who creates an account or is granted access to the Service.
• “Team” means a group of Users who share access to one or more Workspaces under a single billing account.
• “Workspace” means a logical container within the Service where 2FA codes, vaults, and team configurations are stored and managed.
• “Admin” means a User with administrative privileges over a Team or Workspace, including the ability to invite or remove members and manage permissions.
• “Vault” means a collection of 2FA codes that can be shared with specific Users or groups within a Team.
• “Content” means any data, 2FA secrets, configuration, or other information you store within the Service.

3. Account Registration

To use el2FA, you must create an account. When registering, you agree to the following:

• Accurate information. You must provide truthful, current, and complete information during registration and keep it up to date.
• One account per person. Each individual may maintain only one personal account. Creating multiple accounts to circumvent limits or restrictions is not permitted.
• Account security. You are responsible for maintaining the confidentiality of your login credentials. You must notify us immediately at legal@el2fa.com if you suspect unauthorised access to your account.
• Admin responsibility. If you are the Admin of a Team, you are responsible for the activity of all Users within that Team. This includes ensuring that members comply with these Terms and managing access permissions appropriately.
• Age requirement. You must be at least 16 years of age to use the Service. If you are under 18, you must have the consent of a parent or legal guardian.

4. Acceptable Use

You agree to use el2FA responsibly and in compliance with all applicable laws. The following activities are strictly prohibited:

• Abuse of the Service. Do not attempt to disrupt, degrade, or interfere with the operation of the Service, including through denial-of-service attacks, excessive API calls, or automated scraping.
• Reverse engineering. You may not decompile, disassemble, reverse engineer, or attempt to derive the source code of any part of the Service, except where expressly permitted by applicable law.
• Illegal use. The Service may not be used for any unlawful purpose, including storing credentials for accounts you do not have authorised access to.
• Circumventing controls. You may not bypass or attempt to bypass any security measures, rate limits, access controls, or authentication mechanisms within the Service.
• Resale without authorisation. You may not resell, sublicense, or redistribute access to the Service without prior written consent from el2FA.

We reserve the right to suspend or terminate accounts that violate these terms, with or without prior notice depending on the severity of the violation.

5. Service Description

el2FA is a team-based two-factor authentication management platform. The Service enables teams to:

• Generate and manage TOTP (Time-Based One-Time Password) codes in shared vaults.
• Grant and revoke access to 2FA codes based on roles and permissions.
• Sync codes securely across multiple devices within a team.
• Store 2FA secrets using end-to-end encryption so that only authorised Users can access them.
• Maintain audit logs of code access and team activity.

We continuously improve the Service and may add, modify, or remove features over time. We will make reasonable efforts to communicate significant changes in advance, but the availability of specific features is not guaranteed.

6. Subscription and Billing

el2FA offers both free and paid subscription plans. By subscribing to a paid plan, you agree to the following billing terms:

• Per-user pricing. Paid plans are billed on a per-user basis. You will be charged for each active User in your Team during each billing period.
• Billing cycles. Subscriptions are available on a monthly or annual billing cycle. Annual plans are billed upfront for the full year.
• Auto-renewal. Subscriptions renew automatically at the end of each billing period unless you cancel before the renewal date.
• Cancellation. You may cancel your subscription at any time through your account settings. Cancellations take effect at the end of the current billing period. No partial refunds are issued for unused time within a billing period.
• Price changes. We may adjust pricing from time to time. We will provide at least 30 days' notice before any price increase takes effect. Continued use of the Service after a price change constitutes acceptance of the new pricing.
• Payment failure. If a payment fails, we will attempt to notify you and retry the charge. If payment remains unsuccessful after a reasonable period, we may downgrade or suspend your account.

7. Free Plan

el2FA offers a free plan with limited functionality. The free plan is provided as-is and is subject to the following conditions:

• The free plan includes restrictions on the number of Users, Vaults, and stored 2FA codes. Current limits are detailed on our pricing page.
• Free plan features, limits, and availability may change at any time. We will make reasonable efforts to notify existing free-plan users of material changes.
• The free plan does not include access to premium features such as advanced audit logs, priority support, or custom integrations.
• el2FA reserves the right to discontinue the free plan entirely, with 30 days' prior notice to affected users.

8. Data Ownership

Your data belongs to you. el2FA does not claim ownership of any Content you store within the Service. Specifically:

• Your Content. You retain all rights, title, and interest in the data, 2FA secrets, and other Content you upload or create within the Service.
• Limited licence. By using the Service, you grant el2FA a limited, non-exclusive licence to store, process, and transmit your Content solely for the purpose of providing and improving the Service. This licence terminates when you delete your Content or close your account.
• No sale of data. We do not sell, rent, or share your Content with third parties for advertising or marketing purposes.
• Aggregated data. We may collect and use anonymised, aggregated data (which cannot identify you or your team) for analytics, service improvement, and reporting purposes.

9. Security Responsibilities

Security is a shared responsibility between el2FA and our users. We each have a role to play in keeping your data safe.

Our responsibilities

• Encrypt your Content at rest and in transit using industry-standard encryption protocols.
• Maintain secure infrastructure with regular security audits, vulnerability scanning, and penetration testing.
• Implement access controls that ensure only authorised personnel can access production systems, and only in limited, audited capacities.
• Respond promptly to security incidents and notify affected users in accordance with applicable law.

Your responsibilities

• Use strong, unique passwords for your el2FA account and enable any additional authentication mechanisms we offer.
• Keep your devices secure and up to date with the latest operating system and browser patches.
• Manage your team's access permissions carefully. Remove users promptly when they leave your organisation or no longer require access.
• Report any suspected security vulnerabilities or unauthorised access to legal@el2fa.com immediately.

10. Intellectual Property

The Service, including its design, code, features, documentation, branding, and all related intellectual property, is owned by el2FA and protected by applicable copyright, trademark, and other intellectual property laws.

• Trademarks. “el2FA”, the el2FA logo, and related marks are trademarks of el2FA. You may not use these marks without prior written permission, except as reasonably necessary to refer to the Service.
• Licence to use. Subject to these Terms, we grant you a limited, non-exclusive, non-transferable, revocable licence to access and use the Service for its intended purpose.
• Feedback. If you provide suggestions, ideas, or feedback about the Service, you grant el2FA a perpetual, irrevocable, royalty-free licence to use and incorporate that feedback without obligation to you.

11. Limitation of Liability

To the maximum extent permitted by applicable law:

• No indirect damages. el2FA shall not be liable for any indirect, incidental, special, consequential, or punitive damages, including loss of profits, data, business opportunities, or goodwill, arising out of or related to your use of the Service.
• Liability cap. el2FA's total aggregate liability for any claims arising from or related to these Terms or the Service shall not exceed the greater of (a) the amount you paid to el2FA in the 12 months preceding the claim, or (b) one hundred US dollars (USD $100).
• As-is provision. The Service is provided on an “as is” and “as available” basis. el2FA makes no warranties, express or implied, including but not limited to warranties of merchantability, fitness for a particular purpose, and non-infringement.
• No guarantee of uptime. While we strive for high availability, we do not guarantee uninterrupted or error-free operation of the Service. Scheduled maintenance and unforeseen outages may occur.

Some jurisdictions do not allow the exclusion or limitation of certain damages. In such jurisdictions, the limitations above shall apply to the fullest extent permitted by law.

12. Termination

Either party may terminate this agreement under the following conditions:

• Termination by you. You may close your account at any time through your account settings or by contacting us at legal@el2fa.com.
• Termination by el2FA. We may suspend or terminate your account if you breach these Terms, if your account remains inactive for an extended period, or if we discontinue the Service. We will provide reasonable notice where practicable.
• Data export. Upon termination, you will have a 30-day grace period to export your data. During this period, your Content will remain accessible in a read-only state. After the grace period, we will permanently delete your Content from our systems in accordance with our data retention policies.
• Survival. Sections relating to intellectual property, limitation of liability, dispute resolution, and any other provisions that by their nature should survive termination will remain in effect after termination.

13. Dispute Resolution

We hope disputes are rare, but if one arises, we prefer to resolve it quickly and fairly.

• Informal resolution. Before initiating any formal proceedings, you agree to contact us at legal@el2fa.com and attempt to resolve the dispute informally for at least 30 days.
• Arbitration preference. If informal resolution is unsuccessful, both parties agree to attempt to resolve the dispute through binding arbitration, rather than in court. Arbitration shall be conducted by a mutually agreed-upon arbitrator under rules consistent with commercial arbitration standards.
• Governing law. These Terms are governed by the laws of England and Wales, without regard to conflict of law principles. If arbitration is not available or enforceable, the courts of England and Wales shall have exclusive jurisdiction.
• Class action waiver. You agree that any dispute resolution proceedings will be conducted on an individual basis and not as part of a class, consolidated, or representative action.

14. Changes to Terms

We may update these Terms from time to time to reflect changes in our Service, legal requirements, or business practices. When we do:

• We will provide at least 30 days' notice before material changes take effect. Notice may be given via email, an in-app notification, or a prominent notice on our website.
• The updated effective date will be displayed at the top of this page.
• Continued use of the Service after the effective date of updated Terms constitutes your acceptance of those changes.
• If you do not agree with the updated Terms, you must stop using the Service and close your account before the changes take effect.

15. Contact

If you have questions about these Terms, your account, or anything else related to el2FA, you can reach us at:

• Email: legal@el2fa.com

We aim to respond to all enquiries within two business days.